From 93f7d6fc10b75814d90d804edb56947cacf8964e Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 30 Mar 2017 13:31:16 +0200 Subject: [PATCH] Implement internal ASN.1 types INT32, UINT32, INT64, UINT64 Also Z varieties. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/3088) --- crypto/asn1/a_int.c | 31 +++++- crypto/asn1/asn1_locl.h | 6 +- crypto/asn1/build.info | 2 +- crypto/asn1/x_int64.c | 213 +++++++++++++++++++++++++++++++++++++++ include/internal/asn1t.h | 19 ++++ util/mkdef.pl | 1 + 6 files changed, 269 insertions(+), 3 deletions(-) create mode 100644 crypto/asn1/x_int64.c create mode 100644 include/internal/asn1t.h diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index c40c7faed2..4981ddbfdb 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -622,3 +622,32 @@ BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn) { return asn1_string_to_bn(ai, bn, V_ASN1_ENUMERATED); } + +/* Internal functions used by x_int64.c */ +int c2i_uint64_int(uint64_t *ret, int *neg, const unsigned char **pp, long len) +{ + unsigned char buf[sizeof(uint64_t)]; + size_t buflen; + + buflen = c2i_ibuf(NULL, NULL, *pp, len); + if (buflen == 0) + return 0; + if (buflen > sizeof(uint64_t)) { + ASN1err(ASN1_F_C2I_UINT64_INT, ASN1_R_TOO_LARGE); + return 0; + } + (void)c2i_ibuf(buf, neg, *pp, len); + return asn1_get_uint64(ret, buf, buflen); +} + +int i2c_uint64_int(unsigned char *p, uint64_t r, int neg) +{ + unsigned char buf[sizeof(uint64_t)]; + size_t buflen; + + buflen = asn1_put_uint64(buf, r); + if (p == NULL) + return i2c_ibuf(buf, buflen, neg, NULL); + return i2c_ibuf(buf, buflen, neg, &p); +} + diff --git a/crypto/asn1/asn1_locl.h b/crypto/asn1/asn1_locl.h index 5f597bd98f..9470c7d0bf 100644 --- a/crypto/asn1/asn1_locl.h +++ b/crypto/asn1/asn1_locl.h @@ -1,5 +1,5 @@ /* - * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -76,3 +76,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp); ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, long length); + +/* Internal functions used by x_int64.c */ +int c2i_uint64_int(uint64_t *ret, int *neg, const unsigned char **pp, long len); +int i2c_uint64_int(unsigned char *p, uint64_t r, int neg); diff --git a/crypto/asn1/build.info b/crypto/asn1/build.info index 242dbb77cb..d3e92c81ac 100644 --- a/crypto/asn1/build.info +++ b/crypto/asn1/build.info @@ -4,7 +4,7 @@ SOURCE[../../libcrypto]=\ a_print.c a_type.c a_dup.c a_d2i_fp.c a_i2d_fp.c \ a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \ x_algor.c x_val.c x_sig.c x_bignum.c \ - x_long.c x_info.c x_spki.c nsseq.c \ + x_long.c x_int64.c x_info.c x_spki.c nsseq.c \ d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\ t_pkey.c t_spki.c t_bitst.c \ tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \ diff --git a/crypto/asn1/x_int64.c b/crypto/asn1/x_int64.c new file mode 100644 index 0000000000..d180a3bb3a --- /dev/null +++ b/crypto/asn1/x_int64.c @@ -0,0 +1,213 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include "internal/cryptlib.h" +#include "internal/asn1t.h" +#include "internal/numbers.h" +#include +#include "asn1_locl.h" + +/* + * Custom primitive types for handling int32_t, int64_t, uint32_t, uint64_t. + * This converts between an ASN1_INTEGER and those types directly. + * This is preferred to using the LONG / ZLONG primitives. + */ + +/* + * We abuse the ASN1_ITEM fields |size| as a flags field + */ +#define INTxx_FLAG_ZERO_DEFAULT (1<<0) +#define INTxx_FLAG_SIGNED (1<<1) + +static int uint64_new(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + *(uint64_t *)pval = 0; + return 1; +} + +static void uint64_free(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + *(uint64_t *)pval = 0; +} + +static int uint64_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, + const ASN1_ITEM *it) +{ + uint64_t utmp; + int neg = 0; + /* this exists to bypass broken gcc optimization */ + char *cp = (char *)pval; + + /* use memcpy, because we may not be uint64_t aligned */ + memcpy(&utmp, cp, sizeof(utmp)); + + if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT + && utmp == 0) + return -1; + if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED + && (int64_t)utmp < 0) + neg = 1; + + return i2c_uint64_int(cont, utmp, neg); +} + +static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, + int utype, char *free_cont, const ASN1_ITEM *it) +{ + uint64_t utmp = 0; + char *cp = (char *)pval; + int neg = 0; + + if (!c2i_uint64_int(&utmp, &neg, &cont, len)) + return 0; + if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) { + ASN1err(ASN1_F_UINT64_C2I, ASN1_R_ILLEGAL_NEGATIVE_VALUE); + return 0; + } + memcpy(cp, &utmp, sizeof(utmp)); + return 1; +} + +static int uint64_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, + int indent, const ASN1_PCTX *pctx) +{ + if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED) + return BIO_printf(out, "%jd\n", *(int64_t *)pval); + return BIO_printf(out, "%ju\n", *(uint64_t *)pval); +} + +/* 32-bit variants */ + +static int uint32_new(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + *(uint32_t *)pval = 0; + return 1; +} + +static void uint32_free(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + *(uint32_t *)pval = 0; +} + +static int uint32_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, + const ASN1_ITEM *it) +{ + uint32_t utmp; + int neg = 0; + /* this exists to bypass broken gcc optimization */ + char *cp = (char *)pval; + + /* use memcpy, because we may not be uint32_t aligned */ + memcpy(&utmp, cp, sizeof(utmp)); + + if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT + && utmp == 0) + return -1; + if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED + && (int32_t)utmp < 0) + neg = 1; + + return i2c_uint64_int(cont, (uint64_t)utmp, neg); +} + +static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, + int utype, char *free_cont, const ASN1_ITEM *it) +{ + uint64_t utmp = 0; + uint32_t utmp2 = 0; + char *cp = (char *)pval; + int neg = 0; + + if (!c2i_uint64_int(&utmp, &neg, &cont, len)) + return 0; + if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) { + ASN1err(ASN1_F_UINT32_C2I, ASN1_R_ILLEGAL_NEGATIVE_VALUE); + return 0; + } + utmp2 = (uint32_t)utmp; + if (utmp != utmp2 + || ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED + && !neg && utmp2 > INT32_MAX)) { + ASN1err(ASN1_F_UINT32_C2I, ASN1_R_TOO_LARGE); + return 0; + } + memcpy(cp, &utmp2, sizeof(utmp2)); + return 1; +} + +static int uint32_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, + int indent, const ASN1_PCTX *pctx) +{ + if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED) + return BIO_printf(out, "%d\n", *(int32_t *)pval); + return BIO_printf(out, "%u\n", *(uint32_t *)pval); +} + + +/* Define the primitives themselves */ + +static ASN1_PRIMITIVE_FUNCS uint32_pf = { + NULL, 0, + uint32_new, + uint32_free, + uint32_free, /* Clear should set to initial value */ + uint32_c2i, + uint32_i2c, + uint32_print +}; + +static ASN1_PRIMITIVE_FUNCS uint64_pf = { + NULL, 0, + uint64_new, + uint64_free, + uint64_free, /* Clear should set to initial value */ + uint64_c2i, + uint64_i2c, + uint64_print +}; + +ASN1_ITEM_start(INT32) + ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf, + INTxx_FLAG_SIGNED, "INT32" +ASN1_ITEM_end(INT32) + +ASN1_ITEM_start(UINT32) + ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf, 0, "UINT32" +ASN1_ITEM_end(UINT32) + +ASN1_ITEM_start(INT64) + ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf, + INTxx_FLAG_SIGNED, "INT64" +ASN1_ITEM_end(INT64) + +ASN1_ITEM_start(UINT64) + ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf, 0, "UINT64" +ASN1_ITEM_end(UINT64) + +ASN1_ITEM_start(ZINT32) + ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf, + INTxx_FLAG_ZERO_DEFAULT|INTxx_FLAG_SIGNED, "ZINT32" +ASN1_ITEM_end(ZINT32) + +ASN1_ITEM_start(ZUINT32) + ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf, + INTxx_FLAG_ZERO_DEFAULT, "ZUINT32" +ASN1_ITEM_end(ZUINT32) + +ASN1_ITEM_start(ZINT64) + ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf, + INTxx_FLAG_ZERO_DEFAULT|INTxx_FLAG_SIGNED, "ZINT64" +ASN1_ITEM_end(ZINT64) + +ASN1_ITEM_start(ZUINT64) + ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf, + INTxx_FLAG_ZERO_DEFAULT, "ZUINT64" +ASN1_ITEM_end(ZUINT64) + diff --git a/include/internal/asn1t.h b/include/internal/asn1t.h new file mode 100644 index 0000000000..32d637df79 --- /dev/null +++ b/include/internal/asn1t.h @@ -0,0 +1,19 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +DECLARE_ASN1_ITEM(INT32) +DECLARE_ASN1_ITEM(ZINT32) +DECLARE_ASN1_ITEM(UINT32) +DECLARE_ASN1_ITEM(ZUINT32) +DECLARE_ASN1_ITEM(INT64) +DECLARE_ASN1_ITEM(ZINT64) +DECLARE_ASN1_ITEM(UINT64) +DECLARE_ASN1_ITEM(ZUINT64) diff --git a/util/mkdef.pl b/util/mkdef.pl index 6bc23b1e8e..36b4efe96f 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -239,6 +239,7 @@ my $crypto ="include/openssl/crypto.h"; $crypto.=" include/internal/o_dir.h"; $crypto.=" include/internal/o_str.h"; $crypto.=" include/internal/err.h"; +$crypto.=" include/internal/asn1t.h"; $crypto.=" include/openssl/des.h" ; # unless $no_des; $crypto.=" include/openssl/idea.h" ; # unless $no_idea; $crypto.=" include/openssl/rc4.h" ; # unless $no_rc4; -- 2.25.1