diff options
| -rw-r--r-- | crypto/asn1/Makefile | 24 | ||||
| -rw-r--r-- | crypto/asn1/a_enum.c | 179 | ||||
| -rw-r--r-- | crypto/asn1/a_int.c | 540 | ||||
| -rw-r--r-- | crypto/asn1/asn1_err.c | 15 | ||||
| -rw-r--r-- | crypto/asn1/f_enum.c | 193 | ||||
| -rw-r--r-- | crypto/asn1/f_int.c | 13 | ||||
| -rw-r--r-- | doc/crypto/ASN1_INTEGER_get_int64.pod | 112 | ||||
| -rw-r--r-- | include/openssl/asn1.h | 23 |
8 files changed, 521 insertions, 578 deletions
diff --git a/crypto/asn1/Makefile b/crypto/asn1/Makefile index 4283145..20b7948 100644 --- a/crypto/asn1/Makefile +++ b/crypto/asn1/Makefile @@ -17,7 +17,7 @@ GENERAL=Makefile README LIB=$(TOP)/libcrypto.a LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ a_print.c a_type.c a_dup.c a_d2i_fp.c a_i2d_fp.c \ - a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \ + a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \ x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_bignum.c \ x_long.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \ x_nx509.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\ @@ -25,13 +25,13 @@ LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \ tasn_prn.c tasn_scn.c ameth_lib.c \ f_int.c f_string.c n_pkey.c \ - f_enum.c x_pkey.c bio_asn1.c bio_ndef.c asn_mime.c \ + x_pkey.c bio_asn1.c bio_ndef.c asn_mime.c \ asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_strnid.c \ evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c \ asn_mstbl.c LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ a_print.o a_type.o a_dup.o a_d2i_fp.o a_i2d_fp.o \ - a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \ + a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \ x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_bignum.o \ x_long.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \ x_nx509.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \ @@ -39,7 +39,7 @@ LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \ tasn_prn.o tasn_scn.o ameth_lib.o \ f_int.o f_string.o n_pkey.o \ - f_enum.o x_pkey.o bio_asn1.o bio_ndef.o asn_mime.o \ + x_pkey.o bio_asn1.o bio_ndef.o asn_mime.o \ asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_strnid.o \ evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o \ asn_mstbl.o @@ -133,14 +133,6 @@ a_dup.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_dup.o: ../../include/openssl/symhacks.h ../include/internal/cryptlib.h a_dup.o: a_dup.c -a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_enum.o: ../include/internal/cryptlib.h a_enum.c a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h a_gentm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h @@ -441,14 +433,6 @@ evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h evp_asn1.o: ../../include/openssl/symhacks.h ../include/internal/cryptlib.h evp_asn1.o: evp_asn1.c -f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -f_enum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -f_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -f_enum.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -f_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -f_enum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -f_enum.o: ../../include/openssl/symhacks.h ../include/internal/cryptlib.h -f_enum.o: f_enum.c f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h f_int.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h f_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c deleted file mode 100644 index 81c0f3a..0000000 --- a/crypto/asn1/a_enum.c +++ /dev/null @@ -1,179 +0,0 @@ -/* crypto/asn1/a_enum.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "internal/cryptlib.h" -#include <openssl/asn1.h> -#include <openssl/bn.h> - -/* - * Code for ENUMERATED type: identical to INTEGER apart from a different tag. - * for comments on encoding see a_int.c - */ - -int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) -{ - int j, k; - unsigned int i; - unsigned char buf[sizeof(long) + 1]; - long d; - - a->type = V_ASN1_ENUMERATED; - if (a->length < (int)(sizeof(long) + 1)) { - OPENSSL_free(a->data); - if ((a->data = OPENSSL_malloc(sizeof(long) + 1)) != NULL) - memset(a->data, 0, sizeof(long) + 1); - } - if (a->data == NULL) { - ASN1err(ASN1_F_ASN1_ENUMERATED_SET, ERR_R_MALLOC_FAILURE); - return (0); - } - d = v; - if (d < 0) { - d = -d; - a->type = V_ASN1_NEG_ENUMERATED; - } - - for (i = 0; i < sizeof(long); i++) { - if (d == 0) - break; - buf[i] = (int)d & 0xff; - d >>= 8; - } - j = 0; - for (k = i - 1; k >= 0; k--) - a->data[j++] = buf[k]; - a->length = j; - return (1); -} - -long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a) -{ - int neg = 0, i; - long r = 0; - - if (a == NULL) - return (0L); - i = a->type; - if (i == V_ASN1_NEG_ENUMERATED) - neg = 1; - else if (i != V_ASN1_ENUMERATED) - return -1; - - if (a->length > (int)sizeof(long)) { - /* hmm... a bit ugly */ - return (0xffffffffL); - } - if (a->data == NULL) - return 0; - - for (i = 0; i < a->length; i++) { - r <<= 8; - r |= (unsigned char)a->data[i]; - } - if (neg) - r = -r; - return (r); -} - -ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) -{ - ASN1_ENUMERATED *ret; - int len, j; - - if (ai == NULL) - ret = ASN1_ENUMERATED_new(); - else - ret = ai; - if (ret == NULL) { - ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_NESTED_ASN1_ERROR); - goto err; - } - if (BN_is_negative(bn)) - ret->type = V_ASN1_NEG_ENUMERATED; - else - ret->type = V_ASN1_ENUMERATED; - j = BN_num_bits(bn); - len = ((j == 0) ? 0 : ((j / 8) + 1)); - if (ret->length < len + 4) { - unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4); - if (!new_data) { - ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); - goto err; - } - ret->data = new_data; - } - - ret->length = BN_bn2bin(bn, ret->data); - return (ret); - err: - if (ret != ai) - ASN1_ENUMERATED_free(ret); - return (NULL); -} - -BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn) -{ - BIGNUM *ret; - - if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL) - ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN, ASN1_R_BN_LIB); - else if (ai->type == V_ASN1_NEG_ENUMERATED) - BN_set_negative(ret, 1); - return (ret); -} diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index 56a72fb..f3a7e6a 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -58,6 +58,7 @@ #include <stdio.h> #include "internal/cryptlib.h" +#include <limits.h> #include <openssl/asn1.h> #include <openssl/bn.h> #include "asn1_locl.h" @@ -88,10 +89,11 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y) } /*- - * This converts an ASN1 INTEGER into its content encoding. + * This converts a big endian buffer and sign into its content encoding. + * This is used for INTEGER and ENUMERATED types. * The internal representation is an ASN1_STRING whose data is a big endian * representation of the value, ignoring the sign. The sign is determined by - * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative. + * the type: if type & V_ASN1_NEG is true it is negative, otherwise positive. * * Positive integers are no problem: they are almost the same as the DER * encoding, except if the first byte is >= 0x80 we need to add a zero pad. @@ -112,19 +114,19 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y) * followed by optional zeros isn't padded. */ -int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) +static size_t i2c_ibuf(const unsigned char *b, size_t blen, int neg, + unsigned char **pp) { - int pad = 0, ret, i, neg; - unsigned char *p, *n, pb = 0; + int pad = 0; + size_t ret, i; + unsigned char *p, pb = 0; + const unsigned char *n; - if (a == NULL) - return (0); - neg = a->type & V_ASN1_NEG; - if (a->length == 0) + if (b == NULL || blen == 0) ret = 1; else { - ret = a->length; - i = a->data[0]; + ret = blen; + i = b[0]; if (ret == 1 && i == 0) neg = 0; if (!neg && (i > 127)) { @@ -139,8 +141,8 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) * Special case: if any other bytes non zero we pad: * otherwise we don't. */ - for (i = 1; i < a->length; i++) - if (a->data[i]) { + for (i = 1; i < blen; i++) + if (b[i]) { pad = 1; pb = 0xFF; break; @@ -150,20 +152,20 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) ret += pad; } if (pp == NULL) - return (ret); + return ret; p = *pp; if (pad) *(p++) = pb; - if (a->length == 0) + if (blen == 0) *(p++) = 0; else if (!neg) - memcpy(p, a->data, (unsigned int)a->length); + memcpy(p, b, blen); else { /* Begin at the end of the encoding */ - n = a->data + a->length - 1; - p += a->length - 1; - i = a->length; + n = b + blen - 1; + p += blen - 1; + i = blen; /* Copy zeros to destination as long as source is zero */ while (!*n && i > 1) { *(p--) = 0; @@ -179,97 +181,241 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) } *pp += ret; - return (ret); + return ret; } -/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */ +/* + * convert content octets into a big endian buffer. Returns the length + * of buffer or 0 on error: for malformed INTEGER. If output bufer is + * NULL just return length. + */ -ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, - long len) +static size_t c2i_ibuf(unsigned char *b, int *pneg, + const unsigned char *p, size_t plen) { - ASN1_INTEGER *ret = NULL; - const unsigned char *p, *pend; - unsigned char *to, *s; - int i; + size_t i; + int neg, pad; + /* Zero content length is illegal */ + if (plen == 0) { + ASN1err(ASN1_F_C2I_IBUF, ASN1_R_ILLEGAL_ZERO_CONTENT); + return 0; + } + neg = p[0] & 0x80; + if (pneg) + *pneg = neg; + /* Handle common case where length is 1 octet separately */ + if (plen == 1) { + if (b) { + if (neg) + b[0] = (p[0] ^ 0xFF) + 1; + else + b[0] = p[0]; + } + return 1; + } + if (p[0] == 0 || p[0] == 0xFF) + pad = 1; + else + pad = 0; + /* reject illegal padding: first two octets MSB can't match */ + if (pad && (neg == (p[1] & 0x80))) { + ASN1err(ASN1_F_C2I_IBUF, ASN1_R_ILLEGAL_PADDING); + return 0; + } + /* If positive just copy across */ + if (neg == 0) { + if (b) + memcpy(b, p + pad, plen - pad); + return plen - pad; + } - if ((a == NULL) || ((*a) == NULL)) { - if ((ret = ASN1_INTEGER_new()) == NULL) - return (NULL); - ret->type = V_ASN1_INTEGER; - } else - ret = (*a); + if (neg && pad) { + /* check is any following octets are non zero */ + for (i = 1; i < plen; i++) { + if (p[i] != 0) + break; + } + /* if all bytes are zero handle as special case */ + if (i == plen) { + if (b) { + b[0] = 1; + memset(b + 1, 0, plen - 1); + } + return plen; + } + } - p = *pp; - pend = p + len; + plen -= pad; + /* Must be negative: calculate twos complement */ + if (b) { + const unsigned char *from = p + plen - 1 + pad; + unsigned char *to = b + plen - 1; + i = plen; + while (*from == 0 && i) { + *to-- = 0; + i--; + from--; + } + *to-- = (*from-- ^ 0xff) + 1; + OPENSSL_assert(i != 0); + i--; + for (; i > 0; i--) + *to-- = *from-- ^ 0xff; + } + return plen; +} - /* - * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies - * a missing NULL parameter. - */ - s = OPENSSL_malloc((int)len + 1); - if (s == NULL) { - i = ERR_R_MALLOC_FAILURE; - goto err; +int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) +{ + return i2c_ibuf(a->data, a->length, a->type & V_ASN1_NEG, pp); +} + +/* Convert big endian buffer into uint64_t, return 0 on error */ +static int asn1_get_uint64(uint64_t *pr, const unsigned char *b, size_t blen) +{ + size_t i; + if (blen > sizeof(*pr)) { + ASN1err(ASN1_F_ASN1_GET_UINT64, ASN1_R_TOO_LARGE); + return 0; } - to = s; - if (!len) { - /* - * Strictly speaking this is an illegal INTEGER but we tolerate it. - */ - ret->type = V_ASN1_INTEGER; - } else if (*p & 0x80) { /* a negative number */ - ret->type = V_ASN1_NEG_INTEGER; - if ((*p == 0xff) && (len != 1)) { - p++; - len--; - } - i = len; - p += i - 1; - to += i - 1; - while ((!*p) && i) { - *(to--) = 0; - i--; - p--; + *pr = 0; + if (b == NULL) + return 0; + for (i = 0; i < blen; i++) { + *pr <<= 8; + *pr |= b[i]; + } + return 1; +} + +static size_t asn1_put_uint64(unsigned char *b, uint64_t r) +{ + if (r >= 0x100) { + unsigned char *p; + uint64_t rtmp = r; + size_t i = 0; + + /* Work out how many bytes we need */ + while (rtmp) { + rtmp >>= 8; + i++; } - /* - * Special case: if all zeros then the number will be of the form FF - * followed by n zero bytes: this corresponds to 1 followed by n zero - * bytes. We've already written n zeros so we just append an extra - * one and set the first byte to a 1. This is treated separately - * because it is the only case where the number of bytes is larger - * than len. - */ - if (!i) { - *s = 1; - s[len] = 0; - len++; - } else { - *(to--) = (*(p--) ^ 0xff) + 1; - i--; - for (; i > 0; i--) - *(to--) = *(p--) ^ 0xff; + + /* Copy from end to beginning */ + p = b + i - 1; + + do { + *p-- = r & 0xFF; + r >>= 8; + } while (p >= b); + + return i; + } + + b[0] = (unsigned char)r; + return 1; + +} + +/* + * Absolute value of INT64_MIN: we can't just use -INT64_MIN as it produces + * overflow warnings. + */ + +#define ABS_INT64_MIN \ + ((uint64_t)INT64_MAX + (uint64_t)(-(INT64_MIN + INT64_MAX))) + +/* signed version of asn1_get_uint64 */ +static int asn1_get_int64(int64_t *pr, const unsigned char *b, size_t blen, + int neg) +{ + uint64_t r; + if (asn1_get_uint64(&r, b, blen) == 0) + return 0; + if (neg) { + if (r > ABS_INT64_MIN) { + ASN1err(ASN1_F_ASN1_GET_INT64, ASN1_R_TOO_SMALL); + return 0; } + *pr = (int64_t)-r; } else { - ret->type = V_ASN1_INTEGER; - if ((*p == 0) && (len != 1)) { - p++; - len--; + if (r > INT64_MAX) { + ASN1err(ASN1_F_ASN1_GET_INT64, ASN1_R_TOO_LARGE); + return 0; } - memcpy(s, p, (int)len); + *pr = (int64_t)r; } + return 1; +} - OPENSSL_free(ret->data); - ret->data = s; - ret->length = (int)len; +/* Convert ASN1 INTEGER content octets to ASN1_INTEGER structure */ +ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, + long len) +{ + ASN1_INTEGER *ret = NULL; + size_t r; + int neg; + + r = c2i_ibuf(NULL, NULL, *pp, len); + + if (r == 0) + return NULL; + + if ((a == NULL) || ((*a) == NULL)) { + ret = ASN1_INTEGER_new(); + if (ret == NULL) + return NULL; + ret->type = V_ASN1_INTEGER; + } else + ret = *a; + + if (ASN1_STRING_set(ret, NULL, r) == 0) + goto err; + + c2i_ibuf(ret->data, &neg, *pp, len); + + if (neg) + ret->type |= V_ASN1_NEG; + + *pp += len; if (a != NULL) (*a) = ret; - *pp = pend; - return (ret); + return ret; err: - ASN1err(ASN1_F_C2I_ASN1_INTEGER, i); + ASN1err(ASN1_F_C2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); if ((a == NULL) || (*a != ret)) ASN1_INTEGER_free(ret); - return (NULL); + return NULL; +} + +static int asn1_string_get_int64(int64_t *pr, const ASN1_STRING *a, int itype) +{ + if (a == NULL) { + ASN1err(ASN1_F_ASN1_STRING_GET_INT64, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + if ((a->type & ~V_ASN1_NEG) != itype) { + ASN1err(ASN1_F_ASN1_STRING_GET_INT64, ASN1_R_WRONG_INTEGER_TYPE); + return 0; + } + return asn1_get_int64(pr, a->data, a->length, a->type & V_ASN1_NEG); +} + +static int asn1_string_set_int64(ASN1_STRING *a, int64_t r, int itype) +{ + unsigned char tbuf[sizeof(r)]; + size_t l; + a->type = itype; + if (r < 0) { + l = asn1_put_uint64(tbuf, -r); + a->type |= V_ASN1_NEG; + } else { + l = asn1_put_uint64(tbuf, r); + a->type &= ~V_ASN1_NEG; + } + if (l == 0) + return 0; + return ASN1_STRING_set(a, tbuf, l); } /* @@ -340,116 +486,148 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, return (NULL); } -int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) +static ASN1_STRING *bn_to_asn1_string(const BIGNUM *bn, ASN1_STRING *ai, + int atype) { - int j, k; - unsigned int i; - unsigned char buf[sizeof(long) + 1]; - - if (a->length < (int)(sizeof(long) + 1)) { - OPENSSL_free(a->data); - if ((a->data = OPENSSL_malloc(sizeof(long) + 1)) != NULL) - memset(a->data, 0, sizeof(long) + 1); - } - if (a->data == NULL) { - ASN1err(ASN1_F_ASN1_INTEGER_SET, ERR_R_MALLOC_FAILURE); - return (0); - } - if (v < 0) { - v = -v; - a->type = V_ASN1_NEG_INTEGER; - } else - a->type = V_ASN1_INTEGER; + ASN1_INTEGER *ret; + int len; - for (i = 0; i < sizeof(long); i++) { - if (v == 0) - break; - buf[i] = (int)v & 0xff; - v >>= 8; + if (ai == NULL) { + ret = ASN1_STRING_type_new(atype); + } else { + ret = ai; + ret->type = atype; } - j = 0; - for (k = i - 1; k >= 0; k--) - a->data[j++] = buf[k]; - a->length = j; - return (1); -} - -long ASN1_INTEGER_get(const ASN1_INTEGER *a) -{ - int neg = 0, i; - long r = 0; - if (a == NULL) - return (0L); - i = a->type; - if (i == V_ASN1_NEG_INTEGER) - neg = 1; - else if (i != V_ASN1_INTEGER) - return -1; - - if (a->length > (int)sizeof(long)) { - /* hmm... a bit ugly, return all ones */ - return -1; + if (ret == NULL) { + ASN1err(ASN1_F_BN_TO_ASN1_STRING, ERR_R_NESTED_ASN1_ERROR); + goto err; } - if (a->data == NULL) - return 0; - for (i = 0; i < a->length; i++) { - r <<= 8; - r |= (unsigned char)a->data[i]; - } - if (neg) - r = -r; - return (r); -} + if (BN_is_negative(bn) && !BN_is_zero(bn)) + ret->type |= V_ASN1_NEG_INTEGER; -ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) -{ - ASN1_INTEGER *ret; - int len, j; + len = BN_num_bytes(bn); - if (ai == NULL) - ret = ASN1_INTEGER_new(); - else - ret = ai; - if (ret == NULL) { - ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_NESTED_ASN1_ERROR); + if (len == 0) + len = 1; + + if (ASN1_STRING_set(ret, NULL, len) == 0) { + ASN1err(ASN1_F_BN_TO_ASN1_STRING, ERR_R_MALLOC_FAILURE); goto err; } - if (BN_is_negative(bn) && !BN_is_zero(bn)) - ret->type = V_ASN1_NEG_INTEGER; - else - ret->type = V_ASN1_INTEGER; - j = BN_num_bits(bn); - len = ((j == 0) ? 0 : ((j / 8) + 1)); - if (ret->length < len + 4) { - unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4); - if (!new_data) { - ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); - goto err; - } - ret->data = new_data; - } - ret->length = BN_bn2bin(bn, ret->data); + /* Correct zero case */ - if (!ret->length) { + if (BN_is_zero(bn)) ret->data[0] = 0; - ret->length = 1; - } - return (ret); + else + len = BN_bn2bin(bn, ret->data); + ret->length = len; + return ret; err: if (ret != ai) ASN1_INTEGER_free(ret); return (NULL); } -BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn) +static BIGNUM *asn1_string_to_bn(const ASN1_INTEGER *ai, BIGNUM *bn, + int itype) { BIGNUM *ret; - if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL) - ASN1err(ASN1_F_ASN1_INTEGER_TO_BN, ASN1_R_BN_LIB); - else if (ai->type == V_ASN1_NEG_INTEGER) + if ((ai->type & ~V_ASN1_NEG) != itype) { + ASN1err(ASN1_F_ASN1_STRING_TO_BN, ASN1_R_WRONG_INTEGER_TYPE); + return NULL; + } + + ret = BN_bin2bn(ai->data, ai->length, bn); + if (ret == 0) { + ASN1err(ASN1_F_ASN1_STRING_TO_BN, ASN1_R_BN_LIB); + return NULL; + } + if (ai->type & V_ASN1_NEG) BN_set_negative(ret, 1); - return (ret); + return ret; +} + +int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a) +{ + return asn1_string_get_int64(pr, a, V_ASN1_INTEGER); +} + +int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r) +{ + return asn1_string_set_int64(a, r, V_ASN1_INTEGER); +} + +int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) +{ + return ASN1_INTEGER_set_int64(a, v); +} + +long ASN1_INTEGER_get(const ASN1_INTEGER *a) +{ + int i; + int64_t r; + if (a == NULL) + return 0; + i = ASN1_INTEGER_get_int64(&r, a); + if (i == 0) + return -1; + if (r > LONG_MAX || r < LONG_MIN) + return -1; + return (long)r; +} + +ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) +{ + return bn_to_asn1_string(bn, ai, V_ASN1_INTEGER); +} + +BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn) +{ + return asn1_string_to_bn(ai, bn, V_ASN1_INTEGER); +} + +int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_ENUMERATED *a) +{ + return asn1_string_get_int64(pr, a, V_ASN1_ENUMERATED); +} + +int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *a, int64_t r) +{ + return asn1_string_set_int64(a, r, V_ASN1_ENUMERATED); +} + +int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) +{ + return ASN1_ENUMERATED_set_int64(a, v); +} + +long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a) +{ + int i; + int64_t r; + if (a == NULL) + return 0; + if ((a->type & ~V_ASN1_NEG) != V_ASN1_ENUMERATED) + return -1; + if (a->length > (int)sizeof(long)) + return 0xffffffffL; + i = ASN1_ENUMERATED_get_int64(&r, a); + if (i == 0) + return -1; + if (r > LONG_MAX || r < LONG_MIN) + return -1; + return (long)r; +} + +ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai) +{ + return bn_to_asn1_string(bn, ai, V_ASN1_ENUMERATED); +} + +BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn) +{ + return asn1_string_to_bn(ai, bn, V_ASN1_ENUMERATED); } diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c index b70ddb7..4151dc7 100644 --- a/crypto/asn1/asn1_err.c +++ b/crypto/asn1/asn1_err.c @@ -1,6 +1,6 @@ /* crypto/asn1/asn1_err.c */ /* ==================================================================== - * Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -93,7 +93,9 @@ static ERR_STRING_DATA ASN1_str_functs[] = { {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"}, {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"}, {ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"}, + {ERR_FUNC(ASN1_F_ASN1_GET_INT64), "ASN1_GET_INT64"}, {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"}, + {ERR_FUNC(ASN1_F_ASN1_GET_UINT64), "ASN1_GET_UINT64"}, {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"}, {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"}, {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"}, @@ -101,8 +103,8 @@ static ERR_STRING_DATA ASN1_str_functs[] = { {ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_NEW), "ASN1_ITEM_EX_NEW"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_NEW), "ASN1_ITEM_EX_NEW"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"}, @@ -121,8 +123,10 @@ static ERR_STRING_DATA ASN1_str_functs[] = { {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"}, {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"}, {ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "ASN1_STR2TYPE"}, + {ERR_FUNC(ASN1_F_ASN1_STRING_GET_INT64), "ASN1_STRING_GET_INT64"}, {ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"}, {ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"}, + {ERR_FUNC(ASN1_F_ASN1_STRING_TO_BN), "ASN1_STRING_TO_BN"}, {ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"}, {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"}, {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"}, @@ -142,9 +146,11 @@ static ERR_STRING_DATA ASN1_str_functs[] = { {ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"}, {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"}, {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"}, + {ERR_FUNC(ASN1_F_BN_TO_ASN1_STRING), "BN_TO_ASN1_STRING"}, {ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"}, {ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"}, {ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"}, + {ERR_FUNC(ASN1_F_C2I_IBUF), "C2I_IBUF"}, {ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"}, {ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"}, {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"}, @@ -252,8 +258,10 @@ static ERR_STRING_DATA ASN1_str_reasons[] = { {ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY), "illegal optional any"}, {ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE), "illegal options on item template"}, + {ERR_REASON(ASN1_R_ILLEGAL_PADDING), "illegal padding"}, {ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY), "illegal tagged any"}, {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE), "illegal time value"}, + {ERR_REASON(ASN1_R_ILLEGAL_ZERO_CONTENT), "illegal zero content"}, {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT), "integer not ascii format"}, {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG), "integer too large for long"}, @@ -314,7 +322,9 @@ static ERR_STRING_DATA ASN1_str_reasons[] = { {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD), "the asn1 object identifier is not known for this md"}, {ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"}, + {ERR_REASON(ASN1_R_TOO_LARGE), "too large"}, {ERR_REASON(ASN1_R_TOO_LONG), "too long"}, + {ERR_REASON(ASN1_R_TOO_SMALL), "too small"}, {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED), "type not constructed"}, {ERR_REASON(ASN1_R_TYPE_NOT_PRIMITIVE), "type not primitive"}, {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY), "unable to decode rsa key"}, @@ -339,6 +349,7 @@ static ERR_STRING_DATA ASN1_str_reasons[] = { {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE), "unsupported public key type"}, {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE), "unsupported type"}, + {ERR_REASON(ASN1_R_WRONG_INTEGER_TYPE), "wrong integer type"}, {ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"}, {ERR_REASON(ASN1_R_WRONG_TAG), "wrong tag"}, {ERR_REASON(ASN1_R_WRONG_TYPE), "wrong type"}, diff --git a/crypto/asn1/f_enum.c b/crypto/asn1/f_enum.c deleted file mode 100644 index 4b85be9..0000000 --- a/crypto/asn1/f_enum.c +++ /dev/null @@ -1,193 +0,0 @@ -/* crypto/asn1/f_enum.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "internal/cryptlib.h" -#include <openssl/buffer.h> -#include <openssl/asn1.h> - -/* Based on a_int.c: equivalent ENUMERATED functions */ - -int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a) -{ - int i, n = 0; - static const char *h = "0123456789ABCDEF"; - char buf[2]; - - if (a == NULL) - return (0); - - if (a->length == 0) { - if (BIO_write(bp, "00", 2) != 2) - goto err; - n = 2; - } else { - for (i = 0; i < a->length; i++) { - if ((i != 0) && (i % 35 == 0)) { - if (BIO_write(bp, "\\\n", 2) != 2) - goto err; - n += 2; - } - buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f]; - buf[1] = h[((unsigned char)a->data[i]) & 0x0f]; - if (BIO_write(bp, buf, 2) != 2) - goto err; - n += 2; - } - } - return (n); - err: - return (-1); -} - -int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) -{ - int i, j, k, m, n, again, bufsize; - unsigned char *s = NULL, *sp; - unsigned char *bufp; - int num = 0, slen = 0, first = 1; - - bs->type = V_ASN1_ENUMERATED; - - bufsize = BIO_gets(bp, buf, size); - for (;;) { - if (bufsize < 1) - goto err; - i = bufsize; - if (buf[i - 1] == '\n') - buf[--i] = '\0'; - if (i == 0) - goto err; - if (buf[i - 1] == '\r') - buf[--i] = '\0'; - if (i == 0) - goto err; - again = (buf[i - 1] == '\\'); - - for (j = 0; j < i; j++) { - if (!(((buf[j] >= '0') && (buf[j] <= '9')) || - ((buf[j] >= 'a') && (buf[j] <= 'f')) || - ((buf[j] >= 'A') && (buf[j] <= 'F')))) { - i = j; - break; - } - } - buf[i] = '\0'; - /* - * We have now cleared all the crap off the end of the line - */ - if (i < 2) - goto err; - - bufp = (unsigned char *)buf; - if (first) { - first = 0; - if ((bufp[0] == '0') && (buf[1] == '0')) { - bufp += 2; - i -= 2; - } - } - k = 0; - i -= again; - if (i % 2 != 0) { - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_ODD_NUMBER_OF_CHARS); - return 0; - } - i /= 2; - if (num + i > slen) { - sp = OPENSSL_realloc(s, (unsigned int)num + i * 2); - if (sp == NULL) { - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); - OPENSSL_free(s); - return 0; - } - s = sp; - slen = num + i * 2; - } - for (j = 0; j < i; j++, k += 2) { - for (n = 0; n < 2; n++) { - m = bufp[k + n]; - if ((m >= '0') && (m <= '9')) - m -= '0'; - else if ((m >= 'a') && (m <= 'f')) - m = m - 'a' + 10; - else if ((m >= 'A') && (m <= 'F')) - m = m - 'A' + 10; - else { - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, - ASN1_R_NON_HEX_CHARACTERS); - return 0; - } - s[num + j] <<= 4; - s[num + j] |= m; - } - } - num += i; - if (again) - bufsize = BIO_gets(bp, buf, size); - else - break; - } - bs->length = num; - bs->data = s; - return 1; - - err: - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE); - return 0; -} diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c index 61029fa..9a0928e 100644 --- a/crypto/asn1/f_int.c +++ b/crypto/asn1/f_int.c @@ -204,3 +204,16 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE); return 0; } + +int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a) +{ + return i2a_ASN1_INTEGER(bp, a); +} + +int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) +{ + int rv = a2i_ASN1_INTEGER(bp, bs, buf, size); + if (rv == 1) + bs->type = V_ASN1_INTEGER | (bs->type & V_ASN1_NEG); + return rv; +} diff --git a/doc/crypto/ASN1_INTEGER_get_int64.pod b/doc/crypto/ASN1_INTEGER_get_int64.pod new file mode 100644 index 0000000..98944b8 --- /dev/null +++ b/doc/crypto/ASN1_INTEGER_get_int64.pod @@ -0,0 +1,112 @@ +=pod + +=head1 NAME + +ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN, - ASN.1 INTEGER and ENUMERATED utilities + +=head1 SYNOPSIS + + #include <openssl/asn1.h> + + int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a); + int ASN1_INTEGER_get(ASN1_INTEGER *a, long v); + + int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r); + long ASN1_INTEGER_set(const ASN1_INTEGER *a); + + ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai); + BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn); + + int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a); + long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a); + + int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r); + int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v); + + ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai); + BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn); + +=head1 DESCRIPTION + +These functions convert to and from B<ASN1_INTEGER> and B<ASN1_ENUMERATED> +structures. + +ASN1_INTEGER_get_int64() converts an B<ASN1_INTEGER> into an B<int64_t> type +If successful it returns 1 and sets B<*pr> to the value of B<a>. If it fails +(due to invalid type or the value being too big to fit into an B<int64_t> type) +it returns 0. + +ASN1_INTEGER_get() also returns the value of B<a> but it returns 0 if B<a> is +NULL and -1 on error (which is ambiguous because -1 is a legitimate value for +an B<ASN1_INTEGER>). New applications should use ASN1_INTEGER_get_int64() +instead. + +ASN1_INTEGER_set_int64() sets the value of B<ASN1_INTEGER> B<a> to the +B<int64_t> value B<r>. + +ASN1_INTEGER_set() sets the value of B<ASN1_INTEGER> B<a> to the B<long> value +B<v>. + +BN_to_ASN1_INTEGER() converts B<BIGNUM> B<bn> to an B<ASN1_INTEGER>. If B<ai> +is NULL a new B<ASN1_INTEGER> structure is returned. If B<ai> is not NULL then +the existing structure will be used instead. + +ASN1_INTEGER_to_BN() converts ASN1_INTEGER B<ai> into a B<BIGNUM>. If B<bn> is +NULL a new B<BIGNUM> structure is returned. If B<bn> is not NULL then the +existing structure will be used instead. + +ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), +ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() +behave in an identical way to their ASN1_INTEGER counterparts except they +operate on an B<ASN1_ENUMERATED> value. + +ASN1_ENUMERATED_get() returns the value of B<a> in a similar way to +ASN1_INTEGER_get() but it returns B<0xffffffffL> if the value of B<a> will not +fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() +instead. + +=head1 NOTES + +In general an B<ASN1_INTEGER> or B<ASN1_ENUMERATED> type can contain an +integer of almost arbitrary size and so cannot always be represented by a C +B<int64_t> type. However in many cases (for example version numbers) they +represent small integers which can be more easily manipulated if converted to +an appropriate C integer type. + +=head1 BUGS + +The ambigious return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() +mean these functions should be avoided if possible. They are retained for +compatibility. Normally the ambigious return values are not legitimate +values for the fields they represent. + +=head1 RETURN VALUES + +ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and +ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only +fail if a memory allocation error occurs. + +ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success +and 0 for failure. They will fail if the passed type is incorrect (this will +only happen if there is a programming error) or if the value exceeds the range +of an B<int64_t> type. + +BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an B<ASN1_INTEGER> or +B<ASN1_ENUMERATED> structure respectively or NULL if an error occurs. They will +only fail due to a memory allocation error. + +ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a B<BIGNUM> structure +of NULL if an error occurs. They can fail if the pased type is incorrect +(due to programming error) or due to a memory allocation failure. + +=head1 SEE ALSO + +L<ERR_get_error(3)|ERR_get_error(3)> + +=head1 HISTORY + +ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), +ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() +were added to OpenSSL 1.1.0. + +=cut diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h index b1bcef7..26d31b7 100644 --- a/include/openssl/asn1.h +++ b/include/openssl/asn1.h @@ -677,15 +677,21 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num); ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, const char *sn, const char *ln); +int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a); +int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r); int ASN1_INTEGER_set(ASN1_INTEGER *a, long v); long ASN1_INTEGER_get(const ASN1_INTEGER *a); ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai); BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn); +int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_ENUMERATED *a); +int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *a, int64_t r); + + int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v); long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a); -ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai); -BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn); +ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai); +BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn); /* General */ /* given a string, return the correct type, max is the maximum length */ @@ -930,7 +936,9 @@ void ERR_load_ASN1_strings(void); # define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216 # define ASN1_F_ASN1_GENERALIZEDTIME_SET 185 # define ASN1_F_ASN1_GENERATE_V3 178 +# define ASN1_F_ASN1_GET_INT64 224 # define ASN1_F_ASN1_GET_OBJECT 114 +# define ASN1_F_ASN1_GET_UINT64 225 # define ASN1_F_ASN1_HEADER_NEW 115 # define ASN1_F_ASN1_I2D_BIO 116 # define ASN1_F_ASN1_I2D_FP 117 @@ -938,8 +946,8 @@ void ERR_load_ASN1_strings(void); # define ASN1_F_ASN1_INTEGER_TO_BN 119 # define ASN1_F_ASN1_ITEM_D2I_FP 206 # define ASN1_F_ASN1_ITEM_DUP 191 -# define ASN1_F_ASN1_ITEM_EX_NEW 121 # define ASN1_F_ASN1_ITEM_EX_D2I 120 +# define ASN1_F_ASN1_ITEM_EX_NEW 121 # define ASN1_F_ASN1_ITEM_I2D_BIO 192 # define ASN1_F_ASN1_ITEM_I2D_FP 193 # define ASN1_F_ASN1_ITEM_PACK 198 @@ -958,8 +966,10 @@ void ERR_load_ASN1_strings(void); # define ASN1_F_ASN1_SEQ_UNPACK 127 # define ASN1_F_ASN1_SIGN 128 # define ASN1_F_ASN1_STR2TYPE 179 +# define ASN1_F_ASN1_STRING_GET_INT64 227 # define ASN1_F_ASN1_STRING_SET 186 # define ASN1_F_ASN1_STRING_TABLE_ADD 129 +# define ASN1_F_ASN1_STRING_TO_BN 228 # define ASN1_F_ASN1_STRING_TYPE_NEW 130 # define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 # define ASN1_F_ASN1_TEMPLATE_NEW 133 @@ -978,9 +988,11 @@ void ERR_load_ASN1_strings(void); # define ASN1_F_BITSTR_CB 180 # define ASN1_F_BN_TO_ASN1_ENUMERATED 138 # define ASN1_F_BN_TO_ASN1_INTEGER 139 +# define ASN1_F_BN_TO_ASN1_STRING 229 # define ASN1_F_C2I_ASN1_BIT_STRING 189 # define ASN1_F_C2I_ASN1_INTEGER 194 # define ASN1_F_C2I_ASN1_OBJECT 196 +# define ASN1_F_C2I_IBUF 226 # define ASN1_F_COLLECT_DATA 140 # define ASN1_F_D2I_ASN1_BIT_STRING 141 # define ASN1_F_D2I_ASN1_BOOLEAN 142 @@ -1079,8 +1091,10 @@ void ERR_load_ASN1_strings(void); # define ASN1_R_ILLEGAL_OBJECT 183 # define ASN1_R_ILLEGAL_OPTIONAL_ANY 126 # define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170 +# define ASN1_R_ILLEGAL_PADDING 221 # define ASN1_R_ILLEGAL_TAGGED_ANY 127 # define ASN1_R_ILLEGAL_TIME_VALUE 184 +# define ASN1_R_ILLEGAL_ZERO_CONTENT 222 # define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185 # define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128 # define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220 @@ -1133,7 +1147,9 @@ void ERR_load_ASN1_strings(void); # define ASN1_R_TAG_VALUE_TOO_HIGH 153 # define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154 # define ASN1_R_TIME_NOT_ASCII_FORMAT 193 +# define ASN1_R_TOO_LARGE 223 # define ASN1_R_TOO_LONG 155 +# define ASN1_R_TOO_SMALL 224 # define ASN1_R_TYPE_NOT_CONSTRUCTED 156 # define ASN1_R_TYPE_NOT_PRIMITIVE 195 # define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157 @@ -1151,6 +1167,7 @@ void ERR_load_ASN1_strings(void); # define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166 # define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167 # define ASN1_R_UNSUPPORTED_TYPE 196 +# define ASN1_R_WRONG_INTEGER_TYPE 225 # define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200 # define ASN1_R_WRONG_TAG 168 # define ASN1_R_WRONG_TYPE 169 |