xref: /openssl/crypto/asn1/x_int64.c (revision 1555c86e) 
1 /*
2  * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include "internal/numbers.h"
13 #include <openssl/asn1t.h>
14 #include <openssl/bn.h>
15 #include "asn1_local.h"
16 
17 /*
18  * Custom primitive types for handling int32_t, int64_t, uint32_t, uint64_t.
19  * This converts between an ASN1_INTEGER and those types directly.
20  * This is preferred to using the LONG / ZLONG primitives.
21  */
22 
23 /*
24  * We abuse the ASN1_ITEM fields |size| as a flags field
25  */
26 #define INTxx_FLAG_ZERO_DEFAULT (1<<0)
27 #define INTxx_FLAG_SIGNED       (1<<1)
28 
uint64_new(ASN1_VALUE ** pval,const ASN1_ITEM * it)29 static int uint64_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
30 {
31     if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint64_t))) == NULL)
32         return 0;
33     return 1;
34 }
35 
uint64_free(ASN1_VALUE ** pval,const ASN1_ITEM * it)36 static void uint64_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
37 {
38     OPENSSL_free(*pval);
39     *pval = NULL;
40 }
41 
uint64_clear(ASN1_VALUE ** pval,const ASN1_ITEM * it)42 static void uint64_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
43 {
44     **(uint64_t **)pval = 0;
45 }
46 
uint64_i2c(const ASN1_VALUE ** pval,unsigned char * cont,int * putype,const ASN1_ITEM * it)47 static int uint64_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype,
48                       const ASN1_ITEM *it)
49 {
50     uint64_t utmp;
51     int neg = 0;
52     /* this exists to bypass broken gcc optimization */
53     char *cp = (char *)*pval;
54 
55     /* use memcpy, because we may not be uint64_t aligned */
56     memcpy(&utmp, cp, sizeof(utmp));
57 
58     if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT
59         && utmp == 0)
60         return -1;
61     if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
62         && (int64_t)utmp < 0) {
63         /* ossl_i2c_uint64_int() assumes positive values */
64         utmp = 0 - utmp;
65         neg = 1;
66     }
67 
68     return ossl_i2c_uint64_int(cont, utmp, neg);
69 }
70 
uint64_c2i(ASN1_VALUE ** pval,const unsigned char * cont,int len,int utype,char * free_cont,const ASN1_ITEM * it)71 static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
72                       int utype, char *free_cont, const ASN1_ITEM *it)
73 {
74     uint64_t utmp = 0;
75     char *cp;
76     int neg = 0;
77 
78     if (*pval == NULL && !uint64_new(pval, it))
79         return 0;
80 
81     cp = (char *)*pval;
82 
83     /*
84      * Strictly speaking, zero length is malformed.  However, long_c2i
85      * (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course),
86      * so for the sake of backward compatibility, we still decode zero
87      * length INTEGERs as the number zero.
88      */
89     if (len == 0)
90         goto long_compat;
91 
92     if (!ossl_c2i_uint64_int(&utmp, &neg, &cont, len))
93         return 0;
94     if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
95         ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_NEGATIVE_VALUE);
96         return 0;
97     }
98     if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
99             && !neg && utmp > INT64_MAX) {
100         ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LARGE);
101         return 0;
102     }
103     if (neg)
104         /* ossl_c2i_uint64_int() returns positive values */
105         utmp = 0 - utmp;
106 
107  long_compat:
108     memcpy(cp, &utmp, sizeof(utmp));
109     return 1;
110 }
111 
uint64_print(BIO * out,const ASN1_VALUE ** pval,const ASN1_ITEM * it,int indent,const ASN1_PCTX * pctx)112 static int uint64_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it,
113                         int indent, const ASN1_PCTX *pctx)
114 {
115     if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED)
116         return BIO_printf(out, "%jd\n", **(int64_t **)pval);
117     return BIO_printf(out, "%ju\n", **(uint64_t **)pval);
118 }
119 
120 /* 32-bit variants */
121 
uint32_new(ASN1_VALUE ** pval,const ASN1_ITEM * it)122 static int uint32_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
123 {
124     if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint32_t))) == NULL)
125         return 0;
126     return 1;
127 }
128 
uint32_free(ASN1_VALUE ** pval,const ASN1_ITEM * it)129 static void uint32_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
130 {
131     OPENSSL_free(*pval);
132     *pval = NULL;
133 }
134 
uint32_clear(ASN1_VALUE ** pval,const ASN1_ITEM * it)135 static void uint32_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
136 {
137     **(uint32_t **)pval = 0;
138 }
139 
uint32_i2c(const ASN1_VALUE ** pval,unsigned char * cont,int * putype,const ASN1_ITEM * it)140 static int uint32_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype,
141                       const ASN1_ITEM *it)
142 {
143     uint32_t utmp;
144     int neg = 0;
145     /* this exists to bypass broken gcc optimization */
146     char *cp = (char *)*pval;
147 
148     /* use memcpy, because we may not be uint32_t aligned */
149     memcpy(&utmp, cp, sizeof(utmp));
150 
151     if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT
152         && utmp == 0)
153         return -1;
154     if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
155         && (int32_t)utmp < 0) {
156         /* ossl_i2c_uint64_int() assumes positive values */
157         utmp = 0 - utmp;
158         neg = 1;
159     }
160 
161     return ossl_i2c_uint64_int(cont, (uint64_t)utmp, neg);
162 }
163 
164 /*
165  * Absolute value of INT32_MIN: we can't just use -INT32_MIN as it produces
166  * overflow warnings.
167  */
168 
169 #define ABS_INT32_MIN ((uint32_t)INT32_MAX + 1)
170 
uint32_c2i(ASN1_VALUE ** pval,const unsigned char * cont,int len,int utype,char * free_cont,const ASN1_ITEM * it)171 static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
172                       int utype, char *free_cont, const ASN1_ITEM *it)
173 {
174     uint64_t utmp = 0;
175     uint32_t utmp2 = 0;
176     char *cp;
177     int neg = 0;
178 
179     if (*pval == NULL && !uint64_new(pval, it))
180         return 0;
181 
182     cp = (char *)*pval;
183 
184     /*
185      * Strictly speaking, zero length is malformed.  However, long_c2i
186      * (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course),
187      * so for the sake of backward compatibility, we still decode zero
188      * length INTEGERs as the number zero.
189      */
190     if (len == 0)
191         goto long_compat;
192 
193     if (!ossl_c2i_uint64_int(&utmp, &neg, &cont, len))
194         return 0;
195     if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
196         ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_NEGATIVE_VALUE);
197         return 0;
198     }
199     if (neg) {
200         if (utmp > ABS_INT32_MIN) {
201             ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_SMALL);
202             return 0;
203         }
204         utmp = 0 - utmp;
205     } else {
206         if (((it->size & INTxx_FLAG_SIGNED) != 0 && utmp > INT32_MAX)
207             || ((it->size & INTxx_FLAG_SIGNED) == 0 && utmp > UINT32_MAX)) {
208             ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LARGE);
209             return 0;
210         }
211     }
212 
213  long_compat:
214     utmp2 = (uint32_t)utmp;
215     memcpy(cp, &utmp2, sizeof(utmp2));
216     return 1;
217 }
218 
uint32_print(BIO * out,const ASN1_VALUE ** pval,const ASN1_ITEM * it,int indent,const ASN1_PCTX * pctx)219 static int uint32_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it,
220                         int indent, const ASN1_PCTX *pctx)
221 {
222     if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED)
223         return BIO_printf(out, "%d\n", (int)**(int32_t **)pval);
224     return BIO_printf(out, "%u\n", (unsigned int)**(uint32_t **)pval);
225 }
226 
227 
228 /* Define the primitives themselves */
229 
230 static ASN1_PRIMITIVE_FUNCS uint32_pf = {
231     NULL, 0,
232     uint32_new,
233     uint32_free,
234     uint32_clear,
235     uint32_c2i,
236     uint32_i2c,
237     uint32_print
238 };
239 
240 static ASN1_PRIMITIVE_FUNCS uint64_pf = {
241     NULL, 0,
242     uint64_new,
243     uint64_free,
244     uint64_clear,
245     uint64_c2i,
246     uint64_i2c,
247     uint64_print
248 };
249 
250 ASN1_ITEM_start(INT32)
251     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
252     INTxx_FLAG_SIGNED, "INT32"
253 ASN1_ITEM_end(INT32)
254 
255 ASN1_ITEM_start(UINT32)
256     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf, 0, "UINT32"
257 ASN1_ITEM_end(UINT32)
258 
259 ASN1_ITEM_start(INT64)
260     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
261     INTxx_FLAG_SIGNED, "INT64"
262 ASN1_ITEM_end(INT64)
263 
264 ASN1_ITEM_start(UINT64)
265     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf, 0, "UINT64"
266 ASN1_ITEM_end(UINT64)
267 
268 ASN1_ITEM_start(ZINT32)
269     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
270     INTxx_FLAG_ZERO_DEFAULT|INTxx_FLAG_SIGNED, "ZINT32"
271 ASN1_ITEM_end(ZINT32)
272 
273 ASN1_ITEM_start(ZUINT32)
274     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
275     INTxx_FLAG_ZERO_DEFAULT, "ZUINT32"
276 ASN1_ITEM_end(ZUINT32)
277 
278 ASN1_ITEM_start(ZINT64)
279     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
280     INTxx_FLAG_ZERO_DEFAULT|INTxx_FLAG_SIGNED, "ZINT64"
281 ASN1_ITEM_end(ZINT64)
282 
283 ASN1_ITEM_start(ZUINT64)
284     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
285     INTxx_FLAG_ZERO_DEFAULT, "ZUINT64"
286 ASN1_ITEM_end(ZUINT64)
287 
288