search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge commit 'dfc115332c94a2f62058ac7f2bce7631fbd20b3d'
[unleashed/tickless.git] / lib / libssl / bs_cbb.c
blob1c02eaf0be62791e48322789aa0fed13c05998b2
1 /* $OpenBSD: bs_cbb.c,v 1.17.4.1 2017/12/09 13:43:25 jsing Exp $ */
2 /*
3 * Copyright (c) 2014, Google Inc.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
12 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
14 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
15 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
16
17 #include <assert.h>
18 #include <stdlib.h>
19 #include <string.h>
20
21 #include <openssl/opensslconf.h>
22
23 #include "bytestring.h"
24
25 #define CBB_INITIAL_SIZE 64
26
27 static int
28 cbb_init(CBB *cbb, uint8_t *buf, size_t cap)
29 {
30 struct cbb_buffer_st *base;
31
32 base = malloc(sizeof(struct cbb_buffer_st));
33 if (base == NULL)
34 return 0;
35
36 base->buf = buf;
37 base->len = 0;
38 base->cap = cap;
39 base->can_resize = 1;
40
41 cbb->base = base;
42 cbb->is_top_level = 1;
43
44 return 1;
45 }
46
47 int
48 CBB_init(CBB *cbb, size_t initial_capacity)
49 {
50 uint8_t *buf = NULL;
51
52 memset(cbb, 0, sizeof(*cbb));
53
54 if (initial_capacity == 0)
55 initial_capacity = CBB_INITIAL_SIZE;
56
57 if ((buf = malloc(initial_capacity)) == NULL)
58 return 0;
59
60 if (!cbb_init(cbb, buf, initial_capacity)) {
61 free(buf);
62 return 0;
63 }
64
65 return 1;
66 }
67
68 int
69 CBB_init_fixed(CBB *cbb, uint8_t *buf, size_t len)
70 {
71 memset(cbb, 0, sizeof(*cbb));
72
73 if (!cbb_init(cbb, buf, len))
74 return 0;
75
76 cbb->base->can_resize = 0;
77
78 return 1;
79 }
80
81 void
82 CBB_cleanup(CBB *cbb)
83 {
84 if (cbb->base) {
85 if (cbb->base->can_resize)
86 freezero(cbb->base->buf, cbb->base->cap);
87 free(cbb->base);
88 }
89 cbb->base = NULL;
90 cbb->child = NULL;
91 }
92
93 static int
94 cbb_buffer_add(struct cbb_buffer_st *base, uint8_t **out, size_t len)
95 {
96 size_t newlen;
97
98 if (base == NULL)
99 return 0;
100
101 newlen = base->len + len;
102 if (newlen < base->len)
103 /* Overflow */
104 return 0;
105
106 if (newlen > base->cap) {
107 size_t newcap = base->cap * 2;
108 uint8_t *newbuf;
109
110 if (!base->can_resize)
111 return 0;
112
113 if (newcap < base->cap || newcap < newlen)
114 newcap = newlen;
115
116 newbuf = recallocarray(base->buf, base->cap, newcap, 1);
117 if (newbuf == NULL)
118 return 0;
119
120 base->buf = newbuf;
121 base->cap = newcap;
122 }
123
124 if (out)
125 *out = base->buf + base->len;
126
127 base->len = newlen;
128 return 1;
129 }
130
131 static int
132 cbb_add_u(CBB *cbb, uint32_t v, size_t len_len)
133 {
134 uint8_t *buf;
135 size_t i;
136
137 if (len_len == 0)
138 return 1;
139
140 if (len_len > 4)
141 return 0;
142
143 if (!CBB_flush(cbb) || !cbb_buffer_add(cbb->base, &buf, len_len))
144 return 0;
145
146 for (i = len_len - 1; i < len_len; i--) {
147 buf[i] = v;
148 v >>= 8;
149 }
150 return 1;
151 }
152
153 int
154 CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len)
155 {
156 if (!cbb->is_top_level)
157 return 0;
158
159 if (!CBB_flush(cbb))
160 return 0;
161
162 if (cbb->base->can_resize && (out_data == NULL || out_len == NULL))
163 /*
164 * |out_data| and |out_len| can only be NULL if the CBB is
165 * fixed.
166 */
167 return 0;
168
169 if (out_data != NULL)
170 *out_data = cbb->base->buf;
171
172 if (out_len != NULL)
173 *out_len = cbb->base->len;
174
175 cbb->base->buf = NULL;
176 CBB_cleanup(cbb);
177 return 1;
178 }
179
180 /*
181 * CBB_flush recurses and then writes out any pending length prefix. The current
182 * length of the underlying base is taken to be the length of the
183 * length-prefixed data.
184 */
185 int
186 CBB_flush(CBB *cbb)
187 {
188 size_t child_start, i, len;
189
190 if (cbb->base == NULL)
191 return 0;
192
193 if (cbb->child == NULL || cbb->pending_len_len == 0)
194 return 1;
195
196 child_start = cbb->offset + cbb->pending_len_len;
197
198 if (!CBB_flush(cbb->child) || child_start < cbb->offset ||
199 cbb->base->len < child_start)
200 return 0;
201
202 len = cbb->base->len - child_start;
203
204 if (cbb->pending_is_asn1) {
205 /*
206 * For ASN.1, we assumed that we were using short form which
207 * only requires a single byte for the length octet.
208 *
209 * If it turns out that we need long form, we have to move
210 * the contents along in order to make space for more length
211 * octets.
212 */
213 size_t len_len = 1; /* total number of length octets */
214 uint8_t initial_length_byte;
215
216 /* We already wrote 1 byte for the length. */
217 assert (cbb->pending_len_len == 1);
218
219 /* Check for long form */
220 if (len > 0xfffffffe)
221 return 0; /* 0xffffffff is reserved */
222 else if (len > 0xffffff)
223 len_len = 5;
224 else if (len > 0xffff)
225 len_len = 4;
226 else if (len > 0xff)
227 len_len = 3;
228 else if (len > 0x7f)
229 len_len = 2;
230
231 if (len_len == 1) {
232 /* For short form, the initial byte is the length. */
233 initial_length_byte = len;
234 len = 0;
235
236 } else {
237 /*
238 * For long form, the initial byte is the number of
239 * subsequent length octets (plus bit 8 set).
240 */
241 initial_length_byte = 0x80 | (len_len - 1);
242
243 /*
244 * We need to move the contents along in order to make
245 * space for the long form length octets.
246 */
247 size_t extra_bytes = len_len - 1;
248 if (!cbb_buffer_add(cbb->base, NULL, extra_bytes))
249 return 0;
250
251 memmove(cbb->base->buf + child_start + extra_bytes,
252 cbb->base->buf + child_start, len);
253 }
254 cbb->base->buf[cbb->offset++] = initial_length_byte;
255 cbb->pending_len_len = len_len - 1;
256 }
257
258 for (i = cbb->pending_len_len - 1; i < cbb->pending_len_len; i--) {
259 cbb->base->buf[cbb->offset + i] = len;
260 len >>= 8;
261 }
262 if (len != 0)
263 return 0;
264
265 cbb->child->base = NULL;
266 cbb->child = NULL;
267 cbb->pending_len_len = 0;
268 cbb->pending_is_asn1 = 0;
269 cbb->offset = 0;
270
271 return 1;
272 }
273
274 void
275 CBB_discard_child(CBB *cbb)
276 {
277 if (cbb->child == NULL)
278 return;
279
280 cbb->base->len = cbb->offset;
281
282 cbb->child->base = NULL;
283 cbb->child = NULL;
284 cbb->pending_len_len = 0;
285 cbb->pending_is_asn1 = 0;
286 cbb->offset = 0;
287 }
288
289 static int
290 cbb_add_length_prefixed(CBB *cbb, CBB *out_contents, size_t len_len)
291 {
292 uint8_t *prefix_bytes;
293
294 if (!CBB_flush(cbb))
295 return 0;
296
297 cbb->offset = cbb->base->len;
298 if (!cbb_buffer_add(cbb->base, &prefix_bytes, len_len))
299 return 0;
300
301 memset(prefix_bytes, 0, len_len);
302 memset(out_contents, 0, sizeof(CBB));
303 out_contents->base = cbb->base;
304 cbb->child = out_contents;
305 cbb->pending_len_len = len_len;
306 cbb->pending_is_asn1 = 0;
307
308 return 1;
309 }
310
311 int
312 CBB_add_u8_length_prefixed(CBB *cbb, CBB *out_contents)
313 {
314 return cbb_add_length_prefixed(cbb, out_contents, 1);
315 }
316
317 int
318 CBB_add_u16_length_prefixed(CBB *cbb, CBB *out_contents)
319 {
320 return cbb_add_length_prefixed(cbb, out_contents, 2);
321 }
322
323 int
324 CBB_add_u24_length_prefixed(CBB *cbb, CBB *out_contents)
325 {
326 return cbb_add_length_prefixed(cbb, out_contents, 3);
327 }
328
329 int
330 CBB_add_asn1(CBB *cbb, CBB *out_contents, unsigned int tag)
331 {
332 if (tag > UINT8_MAX)
333 return 0;
334
335 /* Long form identifier octets are not supported. */
336 if ((tag & 0x1f) == 0x1f)
337 return 0;
338
339 /* Short-form identifier octet only needs a single byte */
340 if (!CBB_flush(cbb) || !CBB_add_u8(cbb, tag))
341 return 0;
342
343 /*
344 * Add 1 byte to cover the short-form length octet case. If it turns
345 * out we need long-form, it will be extended later.
346 */
347 cbb->offset = cbb->base->len;
348 if (!CBB_add_u8(cbb, 0))
349 return 0;
350
351 memset(out_contents, 0, sizeof(CBB));
352 out_contents->base = cbb->base;
353 cbb->child = out_contents;
354 cbb->pending_len_len = 1;
355 cbb->pending_is_asn1 = 1;
356
357 return 1;
358 }
359
360 int
361 CBB_add_bytes(CBB *cbb, const uint8_t *data, size_t len)
362 {
363 uint8_t *dest;
364
365 if (!CBB_add_space(cbb, &dest, len))
366 return 0;
367
368 memcpy(dest, data, len);
369 return 1;
370 }
371
372 int
373 CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len)
374 {
375 if (!CBB_flush(cbb) || !cbb_buffer_add(cbb->base, out_data, len))
376 return 0;
377
378 return 1;
379 }
380
381 int
382 CBB_add_u8(CBB *cbb, size_t value)
383 {
384 if (value > UINT8_MAX)
385 return 0;
386
387 return cbb_add_u(cbb, (uint32_t)value, 1);
388 }
389
390 int
391 CBB_add_u16(CBB *cbb, size_t value)
392 {
393 if (value > UINT16_MAX)
394 return 0;
395
396 return cbb_add_u(cbb, (uint32_t)value, 2);
397 }
398
399 int
400 CBB_add_u24(CBB *cbb, size_t value)
401 {
402 if (value > 0xffffffUL)
403 return 0;
404
405 return cbb_add_u(cbb, (uint32_t)value, 3);
406 }
407
408 int
409 CBB_add_asn1_uint64(CBB *cbb, uint64_t value)
410 {
411 CBB child;
412 size_t i;
413 int started = 0;
414
415 if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER))
416 return 0;
417
418 for (i = 0; i < 8; i++) {
419 uint8_t byte = (value >> 8 * (7 - i)) & 0xff;
420
421 /*
422 * ASN.1 restriction: first 9 bits cannot be all zeroes or
423 * all ones. Since this function only encodes unsigned
424 * integers, the only concerns are not encoding leading
425 * zeros and adding a padding byte if necessary.
426 *
427 * In practice, this means:
428 * 1) Skip leading octets of all zero bits in the value
429 * 2) After skipping the leading zero octets, if the next 9
430 * bits are all ones, add an all zero prefix octet (and
431 * set the high bit of the prefix octet if negative).
432 *
433 * Additionally, for an unsigned value, add an all zero
434 * prefix if the high bit of the first octet would be one.
435 */
436 if (!started) {
437 if (byte == 0)
438 /* Don't encode leading zeros. */
439 continue;
440
441 /*
442 * If the high bit is set, add a padding byte to make it
443 * unsigned.
444 */
445 if ((byte & 0x80) && !CBB_add_u8(&child, 0))
446 return 0;
447
448 started = 1;
449 }
450 if (!CBB_add_u8(&child, byte))
451 return 0;
452 }
453
454 /* 0 is encoded as a single 0, not the empty string. */
455 if (!started && !CBB_add_u8(&child, 0))
456 return 0;
457
458 return CBB_flush(cbb);
459 }
unleashed repo fork