1 // Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 #include <openssl/asn1.h>
16
17 #include <limits.h>
18 #include <string.h>
19
20 #include <openssl/bytestring.h>
21 #include <openssl/err.h>
22 #include <openssl/mem.h>
23
24 #include "../internal.h"
25 #include "internal.h"
26
27
ASN1_BIT_STRING_set(ASN1_BIT_STRING * x,const unsigned char * d,ossl_ssize_t len)28 int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, const unsigned char *d,
29 ossl_ssize_t len) {
30 return ASN1_STRING_set(x, d, len);
31 }
32
asn1_bit_string_length(const ASN1_BIT_STRING * str,uint8_t * out_padding_bits)33 int asn1_bit_string_length(const ASN1_BIT_STRING *str,
34 uint8_t *out_padding_bits) {
35 int len = str->length;
36 if (str->flags & ASN1_STRING_FLAG_BITS_LEFT) {
37 // If the string is already empty, it cannot have padding bits.
38 *out_padding_bits = len == 0 ? 0 : str->flags & 0x07;
39 return len;
40 }
41
42 // TODO(https://crbug.com/boringssl/447): If we move this logic to
43 // |ASN1_BIT_STRING_set_bit|, can we remove this representation?
44 while (len > 0 && str->data[len - 1] == 0) {
45 len--;
46 }
47 uint8_t padding_bits = 0;
48 if (len > 0) {
49 uint8_t last = str->data[len - 1];
50 assert(last != 0);
51 for (; padding_bits < 7; padding_bits++) {
52 if (last & (1 << padding_bits)) {
53 break;
54 }
55 }
56 }
57 *out_padding_bits = padding_bits;
58 return len;
59 }
60
ASN1_BIT_STRING_num_bytes(const ASN1_BIT_STRING * str,size_t * out)61 int ASN1_BIT_STRING_num_bytes(const ASN1_BIT_STRING *str, size_t *out) {
62 uint8_t padding_bits;
63 int len = asn1_bit_string_length(str, &padding_bits);
64 if (padding_bits != 0) {
65 return 0;
66 }
67 *out = len;
68 return 1;
69 }
70
i2c_ASN1_BIT_STRING(const ASN1_BIT_STRING * a,unsigned char ** pp)71 int i2c_ASN1_BIT_STRING(const ASN1_BIT_STRING *a, unsigned char **pp) {
72 if (a == NULL) {
73 return 0;
74 }
75
76 uint8_t bits;
77 int len = asn1_bit_string_length(a, &bits);
78 if (len > INT_MAX - 1) {
79 OPENSSL_PUT_ERROR(ASN1, ERR_R_OVERFLOW);
80 return 0;
81 }
82 int ret = 1 + len;
83 if (pp == NULL) {
84 return ret;
85 }
86
87 uint8_t *p = *pp;
88 *(p++) = bits;
89 OPENSSL_memcpy(p, a->data, len);
90 if (len > 0) {
91 p[len - 1] &= (0xff << bits);
92 }
93 p += len;
94 *pp = p;
95 return ret;
96 }
97
asn1_marshal_bit_string(CBB * out,const ASN1_BIT_STRING * in,CBS_ASN1_TAG tag)98 int asn1_marshal_bit_string(CBB *out, const ASN1_BIT_STRING *in,
99 CBS_ASN1_TAG tag) {
100 int len = i2c_ASN1_BIT_STRING(in, nullptr);
101 if (len <= 0) {
102 return 0;
103 }
104 tag = tag == 0 ? CBS_ASN1_BITSTRING : tag;
105 CBB child;
106 uint8_t *ptr;
107 return CBB_add_asn1(out, &child, tag) && //
108 CBB_add_space(&child, &ptr, static_cast<size_t>(len)) && //
109 i2c_ASN1_BIT_STRING(in, &ptr) == len && //
110 CBB_flush(out);
111 }
112
c2i_ASN1_BIT_STRING(ASN1_BIT_STRING ** a,const unsigned char ** pp,long len)113 ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
114 const unsigned char **pp, long len) {
115 ASN1_BIT_STRING *ret = NULL;
116 const unsigned char *p;
117 unsigned char *s;
118 int padding;
119 uint8_t padding_mask;
120
121 if (len < 1) {
122 OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_SHORT);
123 goto err;
124 }
125
126 if (len > INT_MAX) {
127 OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_LONG);
128 goto err;
129 }
130
131 if ((a == NULL) || ((*a) == NULL)) {
132 if ((ret = ASN1_BIT_STRING_new()) == NULL) {
133 return NULL;
134 }
135 } else {
136 ret = (*a);
137 }
138
139 p = *pp;
140 padding = *(p++);
141 len--;
142 if (padding > 7) {
143 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
144 goto err;
145 }
146
147 // Unused bits in a BIT STRING must be zero.
148 padding_mask = (1 << padding) - 1;
149 if (padding != 0 && (len < 1 || (p[len - 1] & padding_mask) != 0)) {
150 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BIT_STRING_PADDING);
151 goto err;
152 }
153
154 // We do this to preserve the settings. If we modify the settings, via
155 // the _set_bit function, we will recalculate on output
156 ret->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); // clear
157 ret->flags |= (ASN1_STRING_FLAG_BITS_LEFT | padding); // set
158
159 if (len > 0) {
160 s = reinterpret_cast<uint8_t *>(OPENSSL_memdup(p, len));
161 if (s == NULL) {
162 goto err;
163 }
164 p += len;
165 } else {
166 s = NULL;
167 }
168
169 ret->length = (int)len;
170 OPENSSL_free(ret->data);
171 ret->data = s;
172 ret->type = V_ASN1_BIT_STRING;
173 if (a != NULL) {
174 (*a) = ret;
175 }
176 *pp = p;
177 return ret;
178 err:
179 if ((ret != NULL) && ((a == NULL) || (*a != ret))) {
180 ASN1_BIT_STRING_free(ret);
181 }
182 return NULL;
183 }
184
185 // These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING * a,int n,int value)186 int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) {
187 int w, v, iv;
188 unsigned char *c;
189
190 w = n / 8;
191 v = 1 << (7 - (n & 0x07));
192 iv = ~v;
193 if (!value) {
194 v = 0;
195 }
196
197 if (a == NULL) {
198 return 0;
199 }
200
201 a->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); // clear, set on write
202
203 if ((a->length < (w + 1)) || (a->data == NULL)) {
204 if (!value) {
205 return 1; // Don't need to set
206 }
207 if (a->data == NULL) {
208 c = (unsigned char *)OPENSSL_malloc(w + 1);
209 } else {
210 c = (unsigned char *)OPENSSL_realloc(a->data, w + 1);
211 }
212 if (c == NULL) {
213 return 0;
214 }
215 if (w + 1 - a->length > 0) {
216 OPENSSL_memset(c + a->length, 0, w + 1 - a->length);
217 }
218 a->data = c;
219 a->length = w + 1;
220 }
221 a->data[w] = ((a->data[w]) & iv) | v;
222 while ((a->length > 0) && (a->data[a->length - 1] == 0)) {
223 a->length--;
224 }
225 return 1;
226 }
227
ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING * a,int n)228 int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n) {
229 int w, v;
230
231 w = n / 8;
232 v = 1 << (7 - (n & 0x07));
233 if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL)) {
234 return 0;
235 }
236 return ((a->data[w] & v) != 0);
237 }
238
239 // Checks if the given bit string contains only bits specified by
240 // the flags vector. Returns 0 if there is at least one bit set in 'a'
241 // which is not specified in 'flags', 1 otherwise.
242 // 'len' is the length of 'flags'.
ASN1_BIT_STRING_check(const ASN1_BIT_STRING * a,const unsigned char * flags,int flags_len)243 int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a, const unsigned char *flags,
244 int flags_len) {
245 int i, ok;
246 // Check if there is one bit set at all.
247 if (!a || !a->data) {
248 return 1;
249 }
250
251 // Check each byte of the internal representation of the bit string.
252 ok = 1;
253 for (i = 0; i < a->length && ok; ++i) {
254 unsigned char mask = i < flags_len ? ~flags[i] : 0xff;
255 // We are done if there is an unneeded bit set.
256 ok = (a->data[i] & mask) == 0;
257 }
258 return ok;
259 }
260