]>
Commit | Line | Data |
---|---|---|
246a1f3d | 1 | /* |
b6461792 | 2 | * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. |
246a1f3d RL |
3 | * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. |
4 | * | |
5 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
6 | * this file except in compliance with the License. You can obtain a copy | |
7 | * in the file LICENSE in the source distribution or at | |
8 | * https://www.openssl.org/source/license.html | |
9 | */ | |
10 | ||
af16097f | 11 | #include "internal/common.h" /* for HAS_PREFIX */ |
eeb09f1b | 12 | #include <openssl/ebcdic.h> |
246a1f3d RL |
13 | #include <openssl/err.h> |
14 | #include <openssl/params.h> | |
15 | ||
16 | /* | |
17 | * When processing text to params, we're trying to be smart with numbers. | |
18 | * Instead of handling each specific separate integer type, we use a bignum | |
19 | * and ensure that it isn't larger than the expected size, and we then make | |
20 | * sure it is the expected size... if there is one given. | |
21 | * (if the size can be arbitrary, then we give whatever we have) | |
22 | */ | |
23 | ||
24 | static int prepare_from_text(const OSSL_PARAM *paramdefs, const char *key, | |
25 | const char *value, size_t value_n, | |
26 | /* Output parameters */ | |
27 | const OSSL_PARAM **paramdef, int *ishex, | |
2ee0dfa6 | 28 | size_t *buf_n, BIGNUM **tmpbn, int *found) |
246a1f3d RL |
29 | { |
30 | const OSSL_PARAM *p; | |
604b86d8 | 31 | size_t buf_bits; |
27f37279 | 32 | int r; |
246a1f3d RL |
33 | |
34 | /* | |
35 | * ishex is used to translate legacy style string controls in hex format | |
36 | * to octet string parameters. | |
37 | */ | |
2ff286c2 | 38 | *ishex = CHECK_AND_SKIP_PREFIX(key, "hex"); |
246a1f3d RL |
39 | |
40 | p = *paramdef = OSSL_PARAM_locate_const(paramdefs, key); | |
2ee0dfa6 P |
41 | if (found != NULL) |
42 | *found = p != NULL; | |
246a1f3d RL |
43 | if (p == NULL) |
44 | return 0; | |
45 | ||
46 | switch (p->data_type) { | |
47 | case OSSL_PARAM_INTEGER: | |
48 | case OSSL_PARAM_UNSIGNED_INTEGER: | |
49 | if (*ishex) | |
27f37279 | 50 | r = BN_hex2bn(tmpbn, value); |
246a1f3d | 51 | else |
27f37279 | 52 | r = BN_asc2bn(tmpbn, value); |
246a1f3d | 53 | |
27f37279 | 54 | if (r == 0 || *tmpbn == NULL) |
246a1f3d RL |
55 | return 0; |
56 | ||
8585b5bc RL |
57 | if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER |
58 | && BN_is_negative(*tmpbn)) { | |
59 | ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_INVALID_NEGATIVE_VALUE); | |
60 | return 0; | |
61 | } | |
62 | ||
246a1f3d | 63 | /* |
946bc0e3 | 64 | * 2's complement negate, part 1 |
246a1f3d RL |
65 | * |
66 | * BN_bn2nativepad puts the absolute value of the number in the | |
67 | * buffer, i.e. if it's negative, we need to deal with it. We do | |
68 | * it by subtracting 1 here and inverting the bytes in | |
69 | * construct_from_text() below. | |
604b86d8 PG |
70 | * To subtract 1 from an absolute value of a negative number we |
71 | * actually have to add 1: -3 - 1 = -4, |-3| = 3 + 1 = 4. | |
246a1f3d RL |
72 | */ |
73 | if (p->data_type == OSSL_PARAM_INTEGER && BN_is_negative(*tmpbn) | |
604b86d8 | 74 | && !BN_add_word(*tmpbn, 1)) { |
246a1f3d RL |
75 | return 0; |
76 | } | |
77 | ||
604b86d8 | 78 | buf_bits = (size_t)BN_num_bits(*tmpbn); |
946bc0e3 RL |
79 | |
80 | /* | |
81 | * Compensate for cases where the most significant bit in | |
82 | * the resulting OSSL_PARAM buffer will be set after the | |
83 | * BN_bn2nativepad() call, as the implied sign may not be | |
84 | * correct after the second part of the 2's complement | |
85 | * negation has been performed. | |
86 | * We fix these cases by extending the buffer by one byte | |
87 | * (8 bits), which will give some padding. The second part | |
88 | * of the 2's complement negation will do the rest. | |
89 | */ | |
90 | if (p->data_type == OSSL_PARAM_INTEGER && buf_bits % 8 == 0) | |
91 | buf_bits += 8; | |
92 | ||
604b86d8 | 93 | *buf_n = (buf_bits + 7) / 8; |
246a1f3d RL |
94 | |
95 | /* | |
7128458b P |
96 | * A zero data size means "arbitrary size", so only do the |
97 | * range checking if a size is specified. | |
246a1f3d RL |
98 | */ |
99 | if (p->data_size > 0) { | |
946bc0e3 | 100 | if (buf_bits > p->data_size * 8) { |
9311d0c4 | 101 | ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER); |
246a1f3d RL |
102 | /* Since this is a different error, we don't break */ |
103 | return 0; | |
104 | } | |
105 | /* Change actual size to become the desired size. */ | |
106 | *buf_n = p->data_size; | |
107 | } | |
108 | break; | |
109 | case OSSL_PARAM_UTF8_STRING: | |
110 | if (*ishex) { | |
9311d0c4 | 111 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_INVALID_ARGUMENT); |
246a1f3d RL |
112 | return 0; |
113 | } | |
114 | *buf_n = strlen(value) + 1; | |
115 | break; | |
116 | case OSSL_PARAM_OCTET_STRING: | |
117 | if (*ishex) { | |
ea6268cf RL |
118 | size_t hexdigits = strlen(value); |
119 | if ((hexdigits % 2) != 0) { | |
120 | /* We don't accept an odd number of hex digits */ | |
121 | ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_ODD_NUMBER_OF_DIGITS); | |
122 | return 0; | |
123 | } | |
124 | *buf_n = hexdigits >> 1; | |
810a1d03 RL |
125 | } else { |
126 | *buf_n = value_n; | |
246a1f3d RL |
127 | } |
128 | break; | |
129 | } | |
130 | ||
131 | return 1; | |
132 | } | |
133 | ||
134 | static int construct_from_text(OSSL_PARAM *to, const OSSL_PARAM *paramdef, | |
135 | const char *value, size_t value_n, int ishex, | |
136 | void *buf, size_t buf_n, BIGNUM *tmpbn) | |
137 | { | |
138 | if (buf == NULL) | |
139 | return 0; | |
140 | ||
9d8e1569 P |
141 | if (buf_n > 0) { |
142 | switch (paramdef->data_type) { | |
143 | case OSSL_PARAM_INTEGER: | |
144 | case OSSL_PARAM_UNSIGNED_INTEGER: | |
145 | /* | |
146 | { | |
147 | if ((new_value = OPENSSL_malloc(new_value_n)) == NULL) { | |
148 | BN_free(a); | |
149 | break; | |
150 | } | |
151 | */ | |
152 | ||
153 | BN_bn2nativepad(tmpbn, buf, buf_n); | |
154 | ||
155 | /* | |
946bc0e3 | 156 | * 2's complement negation, part two. |
9d8e1569 P |
157 | * |
158 | * Because we did the first part on the BIGNUM itself, we can just | |
159 | * invert all the bytes here and be done with it. | |
160 | */ | |
161 | if (paramdef->data_type == OSSL_PARAM_INTEGER | |
162 | && BN_is_negative(tmpbn)) { | |
163 | unsigned char *cp; | |
164 | size_t i = buf_n; | |
165 | ||
166 | for (cp = buf; i-- > 0; cp++) | |
167 | *cp ^= 0xFF; | |
246a1f3d | 168 | } |
9d8e1569 P |
169 | break; |
170 | case OSSL_PARAM_UTF8_STRING: | |
eeb09f1b RL |
171 | #ifdef CHARSET_EBCDIC |
172 | ebcdic2ascii(buf, value, buf_n); | |
173 | #else | |
9d8e1569 | 174 | strncpy(buf, value, buf_n); |
eeb09f1b | 175 | #endif |
af8bd1d8 RL |
176 | /* Don't count the terminating NUL byte as data */ |
177 | buf_n--; | |
9d8e1569 P |
178 | break; |
179 | case OSSL_PARAM_OCTET_STRING: | |
180 | if (ishex) { | |
181 | size_t l = 0; | |
182 | ||
abdd3fa0 | 183 | if (!OPENSSL_hexstr2buf_ex(buf, buf_n, &l, value, ':')) |
9d8e1569 P |
184 | return 0; |
185 | } else { | |
186 | memcpy(buf, value, buf_n); | |
187 | } | |
188 | break; | |
246a1f3d | 189 | } |
246a1f3d RL |
190 | } |
191 | ||
192 | *to = *paramdef; | |
193 | to->data = buf; | |
194 | to->data_size = buf_n; | |
2baf2d81 | 195 | to->return_size = OSSL_PARAM_UNMODIFIED; |
246a1f3d RL |
196 | |
197 | return 1; | |
198 | } | |
199 | ||
246a1f3d RL |
200 | int OSSL_PARAM_allocate_from_text(OSSL_PARAM *to, |
201 | const OSSL_PARAM *paramdefs, | |
202 | const char *key, const char *value, | |
2ee0dfa6 | 203 | size_t value_n, int *found) |
246a1f3d RL |
204 | { |
205 | const OSSL_PARAM *paramdef = NULL; | |
206 | int ishex = 0; | |
207 | void *buf = NULL; | |
208 | size_t buf_n = 0; | |
209 | BIGNUM *tmpbn = NULL; | |
210 | int ok = 0; | |
211 | ||
212 | if (to == NULL || paramdefs == NULL) | |
213 | return 0; | |
214 | ||
215 | if (!prepare_from_text(paramdefs, key, value, value_n, | |
2ee0dfa6 | 216 | ¶mdef, &ishex, &buf_n, &tmpbn, found)) |
604b86d8 | 217 | goto err; |
246a1f3d | 218 | |
e077455e | 219 | if ((buf = OPENSSL_zalloc(buf_n > 0 ? buf_n : 1)) == NULL) |
604b86d8 | 220 | goto err; |
246a1f3d RL |
221 | |
222 | ok = construct_from_text(to, paramdef, value, value_n, ishex, | |
223 | buf, buf_n, tmpbn); | |
224 | BN_free(tmpbn); | |
9d8e1569 P |
225 | if (!ok) |
226 | OPENSSL_free(buf); | |
246a1f3d | 227 | return ok; |
604b86d8 PG |
228 | err: |
229 | BN_free(tmpbn); | |
230 | return 0; | |
246a1f3d | 231 | } |