]>
Commit | Line | Data |
---|---|---|
b1322259 | 1 | /* |
3c2bdd7d | 2 | * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. |
d02b48c6 | 3 | * |
365a2d99 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
b1322259 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
d02b48c6 RE |
8 | */ |
9 | ||
10 | #include <stdio.h> | |
b39fc560 | 11 | #include "internal/cryptlib.h" |
c5f28105 | 12 | #include "internal/numbers.h" |
6c5b6cb0 | 13 | #include <limits.h> |
ec577822 | 14 | #include <openssl/asn1.h> |
0f814687 | 15 | #include <openssl/bn.h> |
706457b7 | 16 | #include "asn1_local.h" |
d02b48c6 | 17 | |
6384e46d | 18 | ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x) |
0f113f3e | 19 | { |
f422a514 | 20 | return ASN1_STRING_dup(x); |
0f113f3e | 21 | } |
08e9c1af | 22 | |
6384e46d | 23 | int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y) |
0f113f3e MC |
24 | { |
25 | int neg, ret; | |
26 | /* Compare signs */ | |
27 | neg = x->type & V_ASN1_NEG; | |
28 | if (neg != (y->type & V_ASN1_NEG)) { | |
29 | if (neg) | |
30 | return -1; | |
31 | else | |
32 | return 1; | |
33 | } | |
34 | ||
35 | ret = ASN1_STRING_cmp(x, y); | |
36 | ||
37 | if (neg) | |
38 | return -ret; | |
39 | else | |
40 | return ret; | |
41 | } | |
42 | ||
43 | /*- | |
6c5b6cb0 DSH |
44 | * This converts a big endian buffer and sign into its content encoding. |
45 | * This is used for INTEGER and ENUMERATED types. | |
1ad2ecb6 DSH |
46 | * The internal representation is an ASN1_STRING whose data is a big endian |
47 | * representation of the value, ignoring the sign. The sign is determined by | |
6c5b6cb0 | 48 | * the type: if type & V_ASN1_NEG is true it is negative, otherwise positive. |
1ad2ecb6 DSH |
49 | * |
50 | * Positive integers are no problem: they are almost the same as the DER | |
51 | * encoding, except if the first byte is >= 0x80 we need to add a zero pad. | |
52 | * | |
53 | * Negative integers are a bit trickier... | |
54 | * The DER representation of negative integers is in 2s complement form. | |
0f113f3e | 55 | * The internal form is converted by complementing each octet and finally |
1ad2ecb6 DSH |
56 | * adding one to the result. This can be done less messily with a little trick. |
57 | * If the internal form has trailing zeroes then they will become FF by the | |
0f113f3e | 58 | * complement and 0 by the add one (due to carry) so just copy as many trailing |
1ad2ecb6 DSH |
59 | * zeros to the destination as there are in the source. The carry will add one |
60 | * to the last none zero octet: so complement this octet and add one and finally | |
61 | * complement any left over until you get to the start of the string. | |
62 | * | |
63 | * Padding is a little trickier too. If the first bytes is > 0x80 then we pad | |
64 | * with 0xff. However if the first byte is 0x80 and one of the following bytes | |
65 | * is non-zero we pad with 0xff. The reason for this distinction is that 0x80 | |
66 | * followed by optional zeros isn't padded. | |
67 | */ | |
68 | ||
a3ea6bf0 AP |
69 | /* |
70 | * If |pad| is zero, the operation is effectively reduced to memcpy, | |
71 | * and if |pad| is 0xff, then it performs two's complement, ~dst + 1. | |
72 | * Note that in latter case sequence of zeros yields itself, and so | |
73 | * does 0x80 followed by any number of zeros. These properties are | |
74 | * used elsewhere below... | |
75 | */ | |
76 | static void twos_complement(unsigned char *dst, const unsigned char *src, | |
77 | size_t len, unsigned char pad) | |
78 | { | |
79 | unsigned int carry = pad & 1; | |
80 | ||
81 | /* Begin at the end of the encoding */ | |
a07dc816 MC |
82 | if (len != 0) { |
83 | /* | |
84 | * if len == 0 then src/dst could be NULL, and this would be undefined | |
85 | * behaviour. | |
86 | */ | |
87 | dst += len; | |
88 | src += len; | |
89 | } | |
a3ea6bf0 AP |
90 | /* two's complement value: ~value + 1 */ |
91 | while (len-- != 0) { | |
92 | *(--dst) = (unsigned char)(carry += *(--src) ^ pad); | |
93 | carry >>= 8; | |
94 | } | |
95 | } | |
96 | ||
6c5b6cb0 DSH |
97 | static size_t i2c_ibuf(const unsigned char *b, size_t blen, int neg, |
98 | unsigned char **pp) | |
0f113f3e | 99 | { |
a3ea6bf0 | 100 | unsigned int pad = 0; |
6c5b6cb0 DSH |
101 | size_t ret, i; |
102 | unsigned char *p, pb = 0; | |
0f113f3e | 103 | |
a3ea6bf0 | 104 | if (b != NULL && blen) { |
6c5b6cb0 DSH |
105 | ret = blen; |
106 | i = b[0]; | |
0f113f3e MC |
107 | if (!neg && (i > 127)) { |
108 | pad = 1; | |
109 | pb = 0; | |
110 | } else if (neg) { | |
a3ea6bf0 | 111 | pb = 0xFF; |
0f113f3e MC |
112 | if (i > 128) { |
113 | pad = 1; | |
0f113f3e MC |
114 | } else if (i == 128) { |
115 | /* | |
a3ea6bf0 AP |
116 | * Special case [of minimal negative for given length]: |
117 | * if any other bytes non zero we pad, otherwise we don't. | |
0f113f3e | 118 | */ |
a3ea6bf0 AP |
119 | for (pad = 0, i = 1; i < blen; i++) |
120 | pad |= b[i]; | |
121 | pb = pad != 0 ? 0xffU : 0; | |
122 | pad = pb & 1; | |
0f113f3e MC |
123 | } |
124 | } | |
125 | ret += pad; | |
a3ea6bf0 AP |
126 | } else { |
127 | ret = 1; | |
128 | blen = 0; /* reduce '(b == NULL || blen == 0)' to '(blen == 0)' */ | |
0f113f3e | 129 | } |
a3ea6bf0 AP |
130 | |
131 | if (pp == NULL || (p = *pp) == NULL) | |
6c5b6cb0 | 132 | return ret; |
0f113f3e | 133 | |
a3ea6bf0 AP |
134 | /* |
135 | * This magically handles all corner cases, such as '(b == NULL || | |
136 | * blen == 0)', non-negative value, "negative" zero, 0x80 followed | |
137 | * by any number of zeros... | |
138 | */ | |
139 | *p = pb; | |
140 | p += pad; /* yes, p[0] can be written twice, but it's little | |
141 | * price to pay for eliminated branches */ | |
142 | twos_complement(p, b, blen, pb); | |
0f113f3e MC |
143 | |
144 | *pp += ret; | |
6c5b6cb0 | 145 | return ret; |
0f113f3e | 146 | } |
d02b48c6 | 147 | |
6c5b6cb0 DSH |
148 | /* |
149 | * convert content octets into a big endian buffer. Returns the length | |
0d4fb843 | 150 | * of buffer or 0 on error: for malformed INTEGER. If output buffer is |
6c5b6cb0 DSH |
151 | * NULL just return length. |
152 | */ | |
a338e21b | 153 | |
6c5b6cb0 DSH |
154 | static size_t c2i_ibuf(unsigned char *b, int *pneg, |
155 | const unsigned char *p, size_t plen) | |
0f113f3e | 156 | { |
6c5b6cb0 DSH |
157 | int neg, pad; |
158 | /* Zero content length is illegal */ | |
159 | if (plen == 0) { | |
9311d0c4 | 160 | ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_ZERO_CONTENT); |
6c5b6cb0 DSH |
161 | return 0; |
162 | } | |
163 | neg = p[0] & 0x80; | |
164 | if (pneg) | |
165 | *pneg = neg; | |
166 | /* Handle common case where length is 1 octet separately */ | |
167 | if (plen == 1) { | |
a3ea6bf0 | 168 | if (b != NULL) { |
6c5b6cb0 DSH |
169 | if (neg) |
170 | b[0] = (p[0] ^ 0xFF) + 1; | |
171 | else | |
172 | b[0] = p[0]; | |
173 | } | |
174 | return 1; | |
175 | } | |
1e93d619 AP |
176 | |
177 | pad = 0; | |
178 | if (p[0] == 0) { | |
6c5b6cb0 | 179 | pad = 1; |
1e93d619 AP |
180 | } else if (p[0] == 0xFF) { |
181 | size_t i; | |
182 | ||
183 | /* | |
184 | * Special case [of "one less minimal negative" for given length]: | |
185 | * if any other bytes non zero it was padded, otherwise not. | |
186 | */ | |
187 | for (pad = 0, i = 1; i < plen; i++) | |
188 | pad |= p[i]; | |
189 | pad = pad != 0 ? 1 : 0; | |
190 | } | |
6c5b6cb0 DSH |
191 | /* reject illegal padding: first two octets MSB can't match */ |
192 | if (pad && (neg == (p[1] & 0x80))) { | |
9311d0c4 | 193 | ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_PADDING); |
6c5b6cb0 DSH |
194 | return 0; |
195 | } | |
0f113f3e | 196 | |
a3ea6bf0 AP |
197 | /* skip over pad */ |
198 | p += pad; | |
6c5b6cb0 | 199 | plen -= pad; |
a3ea6bf0 AP |
200 | |
201 | if (b != NULL) | |
202 | twos_complement(b, p, plen, neg ? 0xffU : 0); | |
203 | ||
6c5b6cb0 DSH |
204 | return plen; |
205 | } | |
0f113f3e | 206 | |
adf7e6d1 | 207 | int ossl_i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) |
6c5b6cb0 DSH |
208 | { |
209 | return i2c_ibuf(a->data, a->length, a->type & V_ASN1_NEG, pp); | |
210 | } | |
211 | ||
212 | /* Convert big endian buffer into uint64_t, return 0 on error */ | |
213 | static int asn1_get_uint64(uint64_t *pr, const unsigned char *b, size_t blen) | |
214 | { | |
215 | size_t i; | |
6d4321fc AP |
216 | uint64_t r; |
217 | ||
6c5b6cb0 | 218 | if (blen > sizeof(*pr)) { |
9311d0c4 | 219 | ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LARGE); |
6c5b6cb0 | 220 | return 0; |
0f113f3e | 221 | } |
6c5b6cb0 DSH |
222 | if (b == NULL) |
223 | return 0; | |
6d4321fc AP |
224 | for (r = 0, i = 0; i < blen; i++) { |
225 | r <<= 8; | |
226 | r |= b[i]; | |
6c5b6cb0 | 227 | } |
6d4321fc | 228 | *pr = r; |
6c5b6cb0 DSH |
229 | return 1; |
230 | } | |
231 | ||
6d4321fc AP |
232 | /* |
233 | * Write uint64_t to big endian buffer and return offset to first | |
234 | * written octet. In other words it returns offset in range from 0 | |
235 | * to 7, with 0 denoting 8 written octets and 7 - one. | |
236 | */ | |
237 | static size_t asn1_put_uint64(unsigned char b[sizeof(uint64_t)], uint64_t r) | |
6c5b6cb0 | 238 | { |
6d4321fc | 239 | size_t off = sizeof(uint64_t); |
6c5b6cb0 | 240 | |
6d4321fc AP |
241 | do { |
242 | b[--off] = (unsigned char)r; | |
243 | } while (r >>= 8); | |
6c5b6cb0 | 244 | |
6d4321fc | 245 | return off; |
6c5b6cb0 DSH |
246 | } |
247 | ||
248 | /* | |
786b6a45 | 249 | * Absolute value of INT64_MIN: we can't just use -INT64_MIN as gcc produces |
6c5b6cb0 DSH |
250 | * overflow warnings. |
251 | */ | |
786b6a45 | 252 | #define ABS_INT64_MIN ((uint64_t)INT64_MAX + (-(INT64_MIN + INT64_MAX))) |
6c5b6cb0 DSH |
253 | |
254 | /* signed version of asn1_get_uint64 */ | |
255 | static int asn1_get_int64(int64_t *pr, const unsigned char *b, size_t blen, | |
256 | int neg) | |
257 | { | |
258 | uint64_t r; | |
259 | if (asn1_get_uint64(&r, b, blen) == 0) | |
260 | return 0; | |
261 | if (neg) { | |
786b6a45 AP |
262 | if (r <= INT64_MAX) { |
263 | /* Most significant bit is guaranteed to be clear, negation | |
264 | * is guaranteed to be meaningful in platform-neutral sense. */ | |
265 | *pr = -(int64_t)r; | |
266 | } else if (r == ABS_INT64_MIN) { | |
267 | /* This never happens if INT64_MAX == ABS_INT64_MIN, e.g. | |
268 | * on ones'-complement system. */ | |
269 | *pr = (int64_t)(0 - r); | |
270 | } else { | |
9311d0c4 | 271 | ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_SMALL); |
6c5b6cb0 | 272 | return 0; |
0f113f3e MC |
273 | } |
274 | } else { | |
786b6a45 AP |
275 | if (r <= INT64_MAX) { |
276 | *pr = (int64_t)r; | |
277 | } else { | |
9311d0c4 | 278 | ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LARGE); |
6c5b6cb0 | 279 | return 0; |
0f113f3e | 280 | } |
0f113f3e | 281 | } |
6c5b6cb0 DSH |
282 | return 1; |
283 | } | |
0f113f3e | 284 | |
6c5b6cb0 | 285 | /* Convert ASN1 INTEGER content octets to ASN1_INTEGER structure */ |
adf7e6d1 SL |
286 | ASN1_INTEGER *ossl_c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, |
287 | long len) | |
6c5b6cb0 DSH |
288 | { |
289 | ASN1_INTEGER *ret = NULL; | |
290 | size_t r; | |
291 | int neg; | |
292 | ||
293 | r = c2i_ibuf(NULL, NULL, *pp, len); | |
294 | ||
295 | if (r == 0) | |
296 | return NULL; | |
297 | ||
298 | if ((a == NULL) || ((*a) == NULL)) { | |
299 | ret = ASN1_INTEGER_new(); | |
300 | if (ret == NULL) | |
301 | return NULL; | |
302 | ret->type = V_ASN1_INTEGER; | |
303 | } else | |
304 | ret = *a; | |
305 | ||
e077455e RL |
306 | if (ASN1_STRING_set(ret, NULL, r) == 0) { |
307 | ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); | |
6c5b6cb0 | 308 | goto err; |
e077455e | 309 | } |
6c5b6cb0 DSH |
310 | |
311 | c2i_ibuf(ret->data, &neg, *pp, len); | |
312 | ||
581c4b1d | 313 | if (neg != 0) |
6c5b6cb0 | 314 | ret->type |= V_ASN1_NEG; |
581c4b1d P |
315 | else |
316 | ret->type &= ~V_ASN1_NEG; | |
6c5b6cb0 DSH |
317 | |
318 | *pp += len; | |
0f113f3e MC |
319 | if (a != NULL) |
320 | (*a) = ret; | |
6c5b6cb0 | 321 | return ret; |
0f113f3e | 322 | err: |
581c4b1d | 323 | if (a == NULL || *a != ret) |
f422a514 | 324 | ASN1_INTEGER_free(ret); |
6c5b6cb0 DSH |
325 | return NULL; |
326 | } | |
327 | ||
328 | static int asn1_string_get_int64(int64_t *pr, const ASN1_STRING *a, int itype) | |
329 | { | |
330 | if (a == NULL) { | |
9311d0c4 | 331 | ERR_raise(ERR_LIB_ASN1, ERR_R_PASSED_NULL_PARAMETER); |
6c5b6cb0 DSH |
332 | return 0; |
333 | } | |
334 | if ((a->type & ~V_ASN1_NEG) != itype) { | |
9311d0c4 | 335 | ERR_raise(ERR_LIB_ASN1, ASN1_R_WRONG_INTEGER_TYPE); |
6c5b6cb0 DSH |
336 | return 0; |
337 | } | |
338 | return asn1_get_int64(pr, a->data, a->length, a->type & V_ASN1_NEG); | |
339 | } | |
340 | ||
341 | static int asn1_string_set_int64(ASN1_STRING *a, int64_t r, int itype) | |
342 | { | |
343 | unsigned char tbuf[sizeof(r)]; | |
6d4321fc AP |
344 | size_t off; |
345 | ||
6c5b6cb0 DSH |
346 | a->type = itype; |
347 | if (r < 0) { | |
786b6a45 AP |
348 | /* Most obvious '-r' triggers undefined behaviour for most |
349 | * common INT64_MIN. Even though below '0 - (uint64_t)r' can | |
350 | * appear two's-complement centric, it does produce correct/ | |
351 | * expected result even on one's-complement. This is because | |
352 | * cast to unsigned has to change bit pattern... */ | |
353 | off = asn1_put_uint64(tbuf, 0 - (uint64_t)r); | |
6c5b6cb0 DSH |
354 | a->type |= V_ASN1_NEG; |
355 | } else { | |
6d4321fc | 356 | off = asn1_put_uint64(tbuf, r); |
6c5b6cb0 DSH |
357 | a->type &= ~V_ASN1_NEG; |
358 | } | |
6d4321fc | 359 | return ASN1_STRING_set(a, tbuf + off, sizeof(tbuf) - off); |
0f113f3e MC |
360 | } |
361 | ||
c5f28105 DSH |
362 | static int asn1_string_get_uint64(uint64_t *pr, const ASN1_STRING *a, |
363 | int itype) | |
364 | { | |
365 | if (a == NULL) { | |
9311d0c4 | 366 | ERR_raise(ERR_LIB_ASN1, ERR_R_PASSED_NULL_PARAMETER); |
c5f28105 DSH |
367 | return 0; |
368 | } | |
369 | if ((a->type & ~V_ASN1_NEG) != itype) { | |
9311d0c4 | 370 | ERR_raise(ERR_LIB_ASN1, ASN1_R_WRONG_INTEGER_TYPE); |
c5f28105 DSH |
371 | return 0; |
372 | } | |
373 | if (a->type & V_ASN1_NEG) { | |
9311d0c4 | 374 | ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_NEGATIVE_VALUE); |
c5f28105 DSH |
375 | return 0; |
376 | } | |
377 | return asn1_get_uint64(pr, a->data, a->length); | |
378 | } | |
379 | ||
380 | static int asn1_string_set_uint64(ASN1_STRING *a, uint64_t r, int itype) | |
381 | { | |
382 | unsigned char tbuf[sizeof(r)]; | |
6d4321fc AP |
383 | size_t off; |
384 | ||
c5f28105 | 385 | a->type = itype; |
6d4321fc AP |
386 | off = asn1_put_uint64(tbuf, r); |
387 | return ASN1_STRING_set(a, tbuf + off, sizeof(tbuf) - off); | |
c5f28105 DSH |
388 | } |
389 | ||
0f113f3e MC |
390 | /* |
391 | * This is a version of d2i_ASN1_INTEGER that ignores the sign bit of ASN1 | |
392 | * integers: some broken software can encode a positive INTEGER with its MSB | |
393 | * set as negative (it doesn't add a padding zero). | |
1ad2ecb6 DSH |
394 | */ |
395 | ||
875a644a | 396 | ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, |
0f113f3e MC |
397 | long length) |
398 | { | |
399 | ASN1_INTEGER *ret = NULL; | |
400 | const unsigned char *p; | |
401 | unsigned char *s; | |
42e7d2f1 | 402 | long len = 0; |
0f113f3e | 403 | int inf, tag, xclass; |
e077455e | 404 | int i = 0; |
0f113f3e MC |
405 | |
406 | if ((a == NULL) || ((*a) == NULL)) { | |
f422a514 | 407 | if ((ret = ASN1_INTEGER_new()) == NULL) |
26a7d938 | 408 | return NULL; |
0f113f3e MC |
409 | ret->type = V_ASN1_INTEGER; |
410 | } else | |
411 | ret = (*a); | |
412 | ||
413 | p = *pp; | |
414 | inf = ASN1_get_object(&p, &len, &tag, &xclass, length); | |
415 | if (inf & 0x80) { | |
416 | i = ASN1_R_BAD_OBJECT_HEADER; | |
417 | goto err; | |
418 | } | |
419 | ||
420 | if (tag != V_ASN1_INTEGER) { | |
421 | i = ASN1_R_EXPECTING_AN_INTEGER; | |
422 | goto err; | |
423 | } | |
424 | ||
42e7d2f1 SL |
425 | if (len < 0) { |
426 | i = ASN1_R_ILLEGAL_NEGATIVE_VALUE; | |
427 | goto err; | |
428 | } | |
0f113f3e MC |
429 | /* |
430 | * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies | |
431 | * a missing NULL parameter. | |
432 | */ | |
b196e7d9 | 433 | s = OPENSSL_malloc((int)len + 1); |
e077455e | 434 | if (s == NULL) |
0f113f3e | 435 | goto err; |
0f113f3e MC |
436 | ret->type = V_ASN1_INTEGER; |
437 | if (len) { | |
438 | if ((*p == 0) && (len != 1)) { | |
439 | p++; | |
440 | len--; | |
441 | } | |
442 | memcpy(s, p, (int)len); | |
443 | p += len; | |
444 | } | |
445 | ||
33847508 | 446 | ASN1_STRING_set0(ret, s, (int)len); |
0f113f3e MC |
447 | if (a != NULL) |
448 | (*a) = ret; | |
449 | *pp = p; | |
26a7d938 | 450 | return ret; |
0f113f3e | 451 | err: |
e077455e RL |
452 | if (i != 0) |
453 | ERR_raise(ERR_LIB_ASN1, i); | |
0dfb9398 | 454 | if ((a == NULL) || (*a != ret)) |
f422a514 | 455 | ASN1_INTEGER_free(ret); |
26a7d938 | 456 | return NULL; |
0f113f3e | 457 | } |
d02b48c6 | 458 | |
6c5b6cb0 DSH |
459 | static ASN1_STRING *bn_to_asn1_string(const BIGNUM *bn, ASN1_STRING *ai, |
460 | int atype) | |
0f113f3e | 461 | { |
6c5b6cb0 DSH |
462 | ASN1_INTEGER *ret; |
463 | int len; | |
0f113f3e | 464 | |
6c5b6cb0 DSH |
465 | if (ai == NULL) { |
466 | ret = ASN1_STRING_type_new(atype); | |
467 | } else { | |
468 | ret = ai; | |
469 | ret->type = atype; | |
0f113f3e | 470 | } |
0f113f3e | 471 | |
6c5b6cb0 | 472 | if (ret == NULL) { |
9311d0c4 | 473 | ERR_raise(ERR_LIB_ASN1, ERR_R_NESTED_ASN1_ERROR); |
6c5b6cb0 | 474 | goto err; |
0f113f3e | 475 | } |
0f113f3e | 476 | |
6c5b6cb0 DSH |
477 | if (BN_is_negative(bn) && !BN_is_zero(bn)) |
478 | ret->type |= V_ASN1_NEG_INTEGER; | |
d02b48c6 | 479 | |
6c5b6cb0 | 480 | len = BN_num_bytes(bn); |
0f113f3e | 481 | |
6c5b6cb0 DSH |
482 | if (len == 0) |
483 | len = 1; | |
484 | ||
485 | if (ASN1_STRING_set(ret, NULL, len) == 0) { | |
e077455e | 486 | ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); |
0f113f3e MC |
487 | goto err; |
488 | } | |
6c5b6cb0 | 489 | |
0f113f3e | 490 | /* Correct zero case */ |
6c5b6cb0 | 491 | if (BN_is_zero(bn)) |
0f113f3e | 492 | ret->data[0] = 0; |
6c5b6cb0 DSH |
493 | else |
494 | len = BN_bn2bin(bn, ret->data); | |
495 | ret->length = len; | |
496 | return ret; | |
0f113f3e MC |
497 | err: |
498 | if (ret != ai) | |
f422a514 | 499 | ASN1_INTEGER_free(ret); |
26a7d938 | 500 | return NULL; |
0f113f3e | 501 | } |
d02b48c6 | 502 | |
6c5b6cb0 DSH |
503 | static BIGNUM *asn1_string_to_bn(const ASN1_INTEGER *ai, BIGNUM *bn, |
504 | int itype) | |
0f113f3e MC |
505 | { |
506 | BIGNUM *ret; | |
d02b48c6 | 507 | |
6c5b6cb0 | 508 | if ((ai->type & ~V_ASN1_NEG) != itype) { |
9311d0c4 | 509 | ERR_raise(ERR_LIB_ASN1, ASN1_R_WRONG_INTEGER_TYPE); |
6c5b6cb0 DSH |
510 | return NULL; |
511 | } | |
512 | ||
513 | ret = BN_bin2bn(ai->data, ai->length, bn); | |
a6ac1ed6 | 514 | if (ret == NULL) { |
9311d0c4 | 515 | ERR_raise(ERR_LIB_ASN1, ASN1_R_BN_LIB); |
6c5b6cb0 DSH |
516 | return NULL; |
517 | } | |
518 | if (ai->type & V_ASN1_NEG) | |
0f113f3e | 519 | BN_set_negative(ret, 1); |
6c5b6cb0 DSH |
520 | return ret; |
521 | } | |
522 | ||
523 | int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a) | |
524 | { | |
525 | return asn1_string_get_int64(pr, a, V_ASN1_INTEGER); | |
526 | } | |
527 | ||
528 | int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r) | |
529 | { | |
530 | return asn1_string_set_int64(a, r, V_ASN1_INTEGER); | |
531 | } | |
532 | ||
c5f28105 DSH |
533 | int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a) |
534 | { | |
535 | return asn1_string_get_uint64(pr, a, V_ASN1_INTEGER); | |
536 | } | |
537 | ||
538 | int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r) | |
539 | { | |
540 | return asn1_string_set_uint64(a, r, V_ASN1_INTEGER); | |
541 | } | |
542 | ||
6c5b6cb0 DSH |
543 | int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) |
544 | { | |
545 | return ASN1_INTEGER_set_int64(a, v); | |
546 | } | |
547 | ||
548 | long ASN1_INTEGER_get(const ASN1_INTEGER *a) | |
549 | { | |
550 | int i; | |
551 | int64_t r; | |
552 | if (a == NULL) | |
553 | return 0; | |
554 | i = ASN1_INTEGER_get_int64(&r, a); | |
555 | if (i == 0) | |
556 | return -1; | |
557 | if (r > LONG_MAX || r < LONG_MIN) | |
558 | return -1; | |
559 | return (long)r; | |
560 | } | |
561 | ||
562 | ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) | |
563 | { | |
564 | return bn_to_asn1_string(bn, ai, V_ASN1_INTEGER); | |
565 | } | |
566 | ||
567 | BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn) | |
568 | { | |
569 | return asn1_string_to_bn(ai, bn, V_ASN1_INTEGER); | |
570 | } | |
571 | ||
572 | int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_ENUMERATED *a) | |
573 | { | |
574 | return asn1_string_get_int64(pr, a, V_ASN1_ENUMERATED); | |
575 | } | |
576 | ||
577 | int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *a, int64_t r) | |
578 | { | |
579 | return asn1_string_set_int64(a, r, V_ASN1_ENUMERATED); | |
580 | } | |
581 | ||
582 | int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) | |
583 | { | |
584 | return ASN1_ENUMERATED_set_int64(a, v); | |
585 | } | |
586 | ||
f48ebf9f | 587 | long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a) |
6c5b6cb0 DSH |
588 | { |
589 | int i; | |
590 | int64_t r; | |
591 | if (a == NULL) | |
592 | return 0; | |
593 | if ((a->type & ~V_ASN1_NEG) != V_ASN1_ENUMERATED) | |
594 | return -1; | |
595 | if (a->length > (int)sizeof(long)) | |
596 | return 0xffffffffL; | |
597 | i = ASN1_ENUMERATED_get_int64(&r, a); | |
598 | if (i == 0) | |
599 | return -1; | |
600 | if (r > LONG_MAX || r < LONG_MIN) | |
601 | return -1; | |
602 | return (long)r; | |
603 | } | |
604 | ||
605 | ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai) | |
606 | { | |
607 | return bn_to_asn1_string(bn, ai, V_ASN1_ENUMERATED); | |
608 | } | |
609 | ||
610 | BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn) | |
611 | { | |
612 | return asn1_string_to_bn(ai, bn, V_ASN1_ENUMERATED); | |
0f113f3e | 613 | } |
93f7d6fc RL |
614 | |
615 | /* Internal functions used by x_int64.c */ | |
adf7e6d1 SL |
616 | int ossl_c2i_uint64_int(uint64_t *ret, int *neg, |
617 | const unsigned char **pp, long len) | |
93f7d6fc RL |
618 | { |
619 | unsigned char buf[sizeof(uint64_t)]; | |
620 | size_t buflen; | |
621 | ||
622 | buflen = c2i_ibuf(NULL, NULL, *pp, len); | |
623 | if (buflen == 0) | |
624 | return 0; | |
625 | if (buflen > sizeof(uint64_t)) { | |
9311d0c4 | 626 | ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LARGE); |
93f7d6fc RL |
627 | return 0; |
628 | } | |
629 | (void)c2i_ibuf(buf, neg, *pp, len); | |
630 | return asn1_get_uint64(ret, buf, buflen); | |
631 | } | |
632 | ||
adf7e6d1 | 633 | int ossl_i2c_uint64_int(unsigned char *p, uint64_t r, int neg) |
93f7d6fc RL |
634 | { |
635 | unsigned char buf[sizeof(uint64_t)]; | |
6d4321fc | 636 | size_t off; |
93f7d6fc | 637 | |
6d4321fc AP |
638 | off = asn1_put_uint64(buf, r); |
639 | return i2c_ibuf(buf + off, sizeof(buf) - off, neg, &p); | |
93f7d6fc RL |
640 | } |
641 |