]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/packet.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Improve chacha20 perfomance on aarch64 by interleaving scalar with SVE/SVE2
[thirdparty/openssl.git] / crypto / packet.c
1 /*
2 * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include "internal/cryptlib.h"
11 #include "internal/packet.h"
12 #include <openssl/err.h>
13
14 #define DEFAULT_BUF_SIZE 256
15
16 int WPACKET_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
17 {
18 if (!WPACKET_reserve_bytes(pkt, len, allocbytes))
19 return 0;
20
21 pkt->written += len;
22 pkt->curr += len;
23 return 1;
24 }
25
26 int WPACKET_sub_allocate_bytes__(WPACKET *pkt, size_t len,
27 unsigned char **allocbytes, size_t lenbytes)
28 {
29 if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
30 || !WPACKET_allocate_bytes(pkt, len, allocbytes)
31 || !WPACKET_close(pkt))
32 return 0;
33
34 return 1;
35 }
36
37 #define GETBUF(p) (((p)->staticbuf != NULL) \
38 ? (p)->staticbuf \
39 : ((p)->buf != NULL \
40 ? (unsigned char *)(p)->buf->data \
41 : NULL))
42
43 int WPACKET_reserve_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
44 {
45 /* Internal API, so should not fail */
46 if (!ossl_assert(pkt->subs != NULL && len != 0))
47 return 0;
48
49 if (pkt->maxsize - pkt->written < len)
50 return 0;
51
52 if (pkt->buf != NULL && (pkt->buf->length - pkt->written < len)) {
53 size_t newlen;
54 size_t reflen;
55
56 reflen = (len > pkt->buf->length) ? len : pkt->buf->length;
57
58 if (reflen > SIZE_MAX / 2) {
59 newlen = SIZE_MAX;
60 } else {
61 newlen = reflen * 2;
62 if (newlen < DEFAULT_BUF_SIZE)
63 newlen = DEFAULT_BUF_SIZE;
64 }
65 if (BUF_MEM_grow(pkt->buf, newlen) == 0)
66 return 0;
67 }
68 if (allocbytes != NULL) {
69 *allocbytes = WPACKET_get_curr(pkt);
70 if (pkt->endfirst && *allocbytes != NULL)
71 *allocbytes -= len;
72 }
73
74 return 1;
75 }
76
77 int WPACKET_sub_reserve_bytes__(WPACKET *pkt, size_t len,
78 unsigned char **allocbytes, size_t lenbytes)
79 {
80 if (pkt->endfirst && lenbytes > 0)
81 return 0;
82
83 if (!WPACKET_reserve_bytes(pkt, lenbytes + len, allocbytes))
84 return 0;
85
86 if (*allocbytes != NULL)
87 *allocbytes += lenbytes;
88
89 return 1;
90 }
91
92 static size_t maxmaxsize(size_t lenbytes)
93 {
94 if (lenbytes >= sizeof(size_t) || lenbytes == 0)
95 return SIZE_MAX;
96
97 return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes;
98 }
99
100 static int wpacket_intern_init_len(WPACKET *pkt, size_t lenbytes)
101 {
102 unsigned char *lenchars;
103
104 pkt->curr = 0;
105 pkt->written = 0;
106
107 if ((pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs))) == NULL) {
108 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
109 return 0;
110 }
111
112 if (lenbytes == 0)
113 return 1;
114
115 pkt->subs->pwritten = lenbytes;
116 pkt->subs->lenbytes = lenbytes;
117
118 if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars)) {
119 OPENSSL_free(pkt->subs);
120 pkt->subs = NULL;
121 return 0;
122 }
123 pkt->subs->packet_len = 0;
124
125 return 1;
126 }
127
128 int WPACKET_init_static_len(WPACKET *pkt, unsigned char *buf, size_t len,
129 size_t lenbytes)
130 {
131 size_t max = maxmaxsize(lenbytes);
132
133 /* Internal API, so should not fail */
134 if (!ossl_assert(buf != NULL && len > 0))
135 return 0;
136
137 pkt->staticbuf = buf;
138 pkt->buf = NULL;
139 pkt->maxsize = (max < len) ? max : len;
140 pkt->endfirst = 0;
141
142 return wpacket_intern_init_len(pkt, lenbytes);
143 }
144
145 int WPACKET_init_der(WPACKET *pkt, unsigned char *buf, size_t len)
146 {
147 /* Internal API, so should not fail */
148 if (!ossl_assert(buf != NULL && len > 0))
149 return 0;
150
151 pkt->staticbuf = buf;
152 pkt->buf = NULL;
153 pkt->maxsize = len;
154 pkt->endfirst = 1;
155
156 return wpacket_intern_init_len(pkt, 0);
157 }
158
159 int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes)
160 {
161 /* Internal API, so should not fail */
162 if (!ossl_assert(buf != NULL))
163 return 0;
164
165 pkt->staticbuf = NULL;
166 pkt->buf = buf;
167 pkt->maxsize = maxmaxsize(lenbytes);
168 pkt->endfirst = 0;
169
170 return wpacket_intern_init_len(pkt, lenbytes);
171 }
172
173 int WPACKET_init(WPACKET *pkt, BUF_MEM *buf)
174 {
175 return WPACKET_init_len(pkt, buf, 0);
176 }
177
178 int WPACKET_init_null(WPACKET *pkt, size_t lenbytes)
179 {
180 pkt->staticbuf = NULL;
181 pkt->buf = NULL;
182 pkt->maxsize = maxmaxsize(lenbytes);
183 pkt->endfirst = 0;
184
185 return wpacket_intern_init_len(pkt, 0);
186 }
187
188 int WPACKET_init_null_der(WPACKET *pkt)
189 {
190 pkt->staticbuf = NULL;
191 pkt->buf = NULL;
192 pkt->maxsize = SIZE_MAX;
193 pkt->endfirst = 1;
194
195 return wpacket_intern_init_len(pkt, 0);
196 }
197
198 int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
199 {
200 /* Internal API, so should not fail */
201 if (!ossl_assert(pkt->subs != NULL))
202 return 0;
203
204 pkt->subs->flags = flags;
205
206 return 1;
207 }
208
209 /* Store the |value| of length |len| at location |data| */
210 static int put_value(unsigned char *data, uint64_t value, size_t len)
211 {
212 if (data == NULL)
213 return 1;
214
215 for (data += len - 1; len > 0; len--) {
216 *data = (unsigned char)(value & 0xff);
217 data--;
218 value >>= 8;
219 }
220
221 /* Check whether we could fit the value in the assigned number of bytes */
222 if (value > 0)
223 return 0;
224
225 return 1;
226 }
227
228 static int put_quic_value(unsigned char *data, size_t value, size_t len)
229 {
230 if (data == NULL)
231 return 1;
232
233 /* Value too large for field. */
234 if (ossl_quic_vlint_encode_len(value) > len)
235 return 0;
236
237 ossl_quic_vlint_encode_n(data, value, len);
238 return 1;
239 }
240
241 /*
242 * Internal helper function used by WPACKET_close(), WPACKET_finish() and
243 * WPACKET_fill_lengths() to close a sub-packet and write out its length if
244 * necessary. If |doclose| is 0 then it goes through the motions of closing
245 * (i.e. it fills in all the lengths), but doesn't actually close anything.
246 */
247 static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose)
248 {
249 size_t packlen = pkt->written - sub->pwritten;
250
251 if (packlen == 0
252 && (sub->flags & WPACKET_FLAGS_NON_ZERO_LENGTH) != 0)
253 return 0;
254
255 if (packlen == 0
256 && sub->flags & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) {
257 /* We can't handle this case. Return an error */
258 if (!doclose)
259 return 0;
260
261 /* Deallocate any bytes allocated for the length of the WPACKET */
262 if ((pkt->curr - sub->lenbytes) == sub->packet_len) {
263 pkt->written -= sub->lenbytes;
264 pkt->curr -= sub->lenbytes;
265 }
266
267 /* Don't write out the packet length */
268 sub->packet_len = 0;
269 sub->lenbytes = 0;
270 }
271
272 /* Write out the WPACKET length if needed */
273 if (sub->lenbytes > 0) {
274 unsigned char *buf = GETBUF(pkt);
275
276 if (buf != NULL) {
277 if ((sub->flags & WPACKET_FLAGS_QUIC_VLINT) == 0) {
278 if (!put_value(&buf[sub->packet_len], packlen, sub->lenbytes))
279 return 0;
280 } else {
281 if (!put_quic_value(&buf[sub->packet_len], packlen, sub->lenbytes))
282 return 0;
283 }
284 }
285 } else if (pkt->endfirst && sub->parent != NULL
286 && (packlen != 0
287 || (sub->flags
288 & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) == 0)) {
289 size_t tmplen = packlen;
290 size_t numlenbytes = 1;
291
292 while ((tmplen = tmplen >> 8) > 0)
293 numlenbytes++;
294 if (!WPACKET_put_bytes__(pkt, packlen, numlenbytes))
295 return 0;
296 if (packlen > 0x7f) {
297 numlenbytes |= 0x80;
298 if (!WPACKET_put_bytes_u8(pkt, numlenbytes))
299 return 0;
300 }
301 }
302
303 if (doclose) {
304 pkt->subs = sub->parent;
305 OPENSSL_free(sub);
306 }
307
308 return 1;
309 }
310
311 int WPACKET_fill_lengths(WPACKET *pkt)
312 {
313 WPACKET_SUB *sub;
314
315 if (!ossl_assert(pkt->subs != NULL))
316 return 0;
317
318 for (sub = pkt->subs; sub != NULL; sub = sub->parent) {
319 if (!wpacket_intern_close(pkt, sub, 0))
320 return 0;
321 }
322
323 return 1;
324 }
325
326 int WPACKET_close(WPACKET *pkt)
327 {
328 /*
329 * Internal API, so should not fail - but we do negative testing of this
330 * so no assert (otherwise the tests fail)
331 */
332 if (pkt->subs == NULL || pkt->subs->parent == NULL)
333 return 0;
334
335 return wpacket_intern_close(pkt, pkt->subs, 1);
336 }
337
338 int WPACKET_finish(WPACKET *pkt)
339 {
340 int ret;
341
342 /*
343 * Internal API, so should not fail - but we do negative testing of this
344 * so no assert (otherwise the tests fail)
345 */
346 if (pkt->subs == NULL || pkt->subs->parent != NULL)
347 return 0;
348
349 ret = wpacket_intern_close(pkt, pkt->subs, 1);
350 if (ret) {
351 OPENSSL_free(pkt->subs);
352 pkt->subs = NULL;
353 }
354
355 return ret;
356 }
357
358 int WPACKET_start_sub_packet_len__(WPACKET *pkt, size_t lenbytes)
359 {
360 WPACKET_SUB *sub;
361 unsigned char *lenchars;
362
363 /* Internal API, so should not fail */
364 if (!ossl_assert(pkt->subs != NULL))
365 return 0;
366
367 /* We don't support lenbytes greater than 0 when doing endfirst writing */
368 if (lenbytes > 0 && pkt->endfirst)
369 return 0;
370
371 if ((sub = OPENSSL_zalloc(sizeof(*sub))) == NULL) {
372 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
373 return 0;
374 }
375
376 sub->parent = pkt->subs;
377 pkt->subs = sub;
378 sub->pwritten = pkt->written + lenbytes;
379 sub->lenbytes = lenbytes;
380
381 if (lenbytes == 0) {
382 sub->packet_len = 0;
383 return 1;
384 }
385
386 sub->packet_len = pkt->written;
387
388 if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars))
389 return 0;
390
391 return 1;
392 }
393
394 int WPACKET_start_sub_packet(WPACKET *pkt)
395 {
396 return WPACKET_start_sub_packet_len__(pkt, 0);
397 }
398
399 int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t size)
400 {
401 unsigned char *data;
402
403 /* Internal API, so should not fail */
404 if (!ossl_assert(size <= sizeof(uint64_t))
405 || !WPACKET_allocate_bytes(pkt, size, &data)
406 || !put_value(data, val, size))
407 return 0;
408
409 return 1;
410 }
411
412 int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize)
413 {
414 WPACKET_SUB *sub;
415 size_t lenbytes;
416
417 /* Internal API, so should not fail */
418 if (!ossl_assert(pkt->subs != NULL))
419 return 0;
420
421 /* Find the WPACKET_SUB for the top level */
422 for (sub = pkt->subs; sub->parent != NULL; sub = sub->parent)
423 continue;
424
425 lenbytes = sub->lenbytes;
426 if (lenbytes == 0)
427 lenbytes = sizeof(pkt->maxsize);
428
429 if (maxmaxsize(lenbytes) < maxsize || maxsize < pkt->written)
430 return 0;
431
432 pkt->maxsize = maxsize;
433
434 return 1;
435 }
436
437 int WPACKET_memset(WPACKET *pkt, int ch, size_t len)
438 {
439 unsigned char *dest;
440
441 if (len == 0)
442 return 1;
443
444 if (!WPACKET_allocate_bytes(pkt, len, &dest))
445 return 0;
446
447 if (dest != NULL)
448 memset(dest, ch, len);
449
450 return 1;
451 }
452
453 int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len)
454 {
455 unsigned char *dest;
456
457 if (len == 0)
458 return 1;
459
460 if (!WPACKET_allocate_bytes(pkt, len, &dest))
461 return 0;
462
463 if (dest != NULL)
464 memcpy(dest, src, len);
465
466 return 1;
467 }
468
469 int WPACKET_sub_memcpy__(WPACKET *pkt, const void *src, size_t len,
470 size_t lenbytes)
471 {
472 if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
473 || !WPACKET_memcpy(pkt, src, len)
474 || !WPACKET_close(pkt))
475 return 0;
476
477 return 1;
478 }
479
480 int WPACKET_get_total_written(WPACKET *pkt, size_t *written)
481 {
482 /* Internal API, so should not fail */
483 if (!ossl_assert(written != NULL))
484 return 0;
485
486 *written = pkt->written;
487
488 return 1;
489 }
490
491 int WPACKET_get_length(WPACKET *pkt, size_t *len)
492 {
493 /* Internal API, so should not fail */
494 if (!ossl_assert(pkt->subs != NULL && len != NULL))
495 return 0;
496
497 *len = pkt->written - pkt->subs->pwritten;
498
499 return 1;
500 }
501
502 unsigned char *WPACKET_get_curr(WPACKET *pkt)
503 {
504 unsigned char *buf = GETBUF(pkt);
505
506 if (buf == NULL)
507 return NULL;
508
509 if (pkt->endfirst)
510 return buf + pkt->maxsize - pkt->curr;
511
512 return buf + pkt->curr;
513 }
514
515 int WPACKET_is_null_buf(WPACKET *pkt)
516 {
517 return pkt->buf == NULL && pkt->staticbuf == NULL;
518 }
519
520 void WPACKET_cleanup(WPACKET *pkt)
521 {
522 WPACKET_SUB *sub, *parent;
523
524 for (sub = pkt->subs; sub != NULL; sub = parent) {
525 parent = sub->parent;
526 OPENSSL_free(sub);
527 }
528 pkt->subs = NULL;
529 }
530
531 int WPACKET_start_quic_sub_packet_bound(WPACKET *pkt, size_t max_len)
532 {
533 size_t enclen = ossl_quic_vlint_encode_len(max_len);
534
535 if (enclen == 0)
536 return 0;
537
538 if (WPACKET_start_sub_packet_len__(pkt, enclen) == 0)
539 return 0;
540
541 pkt->subs->flags |= WPACKET_FLAGS_QUIC_VLINT;
542 return 1;
543 }
544
545 int WPACKET_start_quic_sub_packet(WPACKET *pkt)
546 {
547 /*
548 * Assume no (sub)packet will exceed 4GiB, thus the 8-byte encoding need not
549 * be used.
550 */
551 return WPACKET_start_quic_sub_packet_bound(pkt, OSSL_QUIC_VLINT_4B_MIN);
552 }
553
554 int WPACKET_quic_sub_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
555 {
556 if (!WPACKET_start_quic_sub_packet_bound(pkt, len)
557 || !WPACKET_allocate_bytes(pkt, len, allocbytes)
558 || !WPACKET_close(pkt))
559 return 0;
560
561 return 1;
562 }
563
564 /*
565 * Write a QUIC variable-length integer to the packet.
566 */
567 int WPACKET_quic_write_vlint(WPACKET *pkt, uint64_t v)
568 {
569 unsigned char *b = NULL;
570 size_t enclen = ossl_quic_vlint_encode_len(v);
571
572 if (enclen == 0)
573 return 0;
574
575 if (WPACKET_allocate_bytes(pkt, enclen, &b) == 0)
576 return 0;
577
578 ossl_quic_vlint_encode(b, v);
579 return 1;
580 }
A mirror of the official openssl repository