Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / lk / 33c3e8cfe77b4902a419b103fe4802b8c464127d / . / lib / openssl / crypto / asn1 / a_int.c
blob: 3f38b28bed8a657482c924d9546fcc6657bfa7cf [file] [log] [blame]
Kinson Chika8fa74c2011-07-29 11:33:41 -0700[diff] [blame]1/* crypto/asn1/a_int.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/asn1.h>
62#include <openssl/bn.h>
63
64ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
65{ return M_ASN1_INTEGER_dup(x);}
66
67int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
68 {
69 int neg, ret;
70 /* Compare signs */
71 neg = x->type & V_ASN1_NEG;
72 if (neg != (y->type & V_ASN1_NEG))
73 {
74 if (neg)
75 return -1;
76 else
77 return 1;
78 }
79
80 ret = ASN1_STRING_cmp(x, y);
81
82 if (neg)
83 return -ret;
84 else
85 return ret;
86 }
87
88
89/*
90 * This converts an ASN1 INTEGER into its content encoding.
91 * The internal representation is an ASN1_STRING whose data is a big endian
92 * representation of the value, ignoring the sign. The sign is determined by
93 * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.
94 *
95 * Positive integers are no problem: they are almost the same as the DER
96 * encoding, except if the first byte is >= 0x80 we need to add a zero pad.
97 *
98 * Negative integers are a bit trickier...
99 * The DER representation of negative integers is in 2s complement form.
100 * The internal form is converted by complementing each octet and finally
101 * adding one to the result. This can be done less messily with a little trick.
102 * If the internal form has trailing zeroes then they will become FF by the
103 * complement and 0 by the add one (due to carry) so just copy as many trailing
104 * zeros to the destination as there are in the source. The carry will add one
105 * to the last none zero octet: so complement this octet and add one and finally
106 * complement any left over until you get to the start of the string.
107 *
108 * Padding is a little trickier too. If the first bytes is > 0x80 then we pad
109 * with 0xff. However if the first byte is 0x80 and one of the following bytes
110 * is non-zero we pad with 0xff. The reason for this distinction is that 0x80
111 * followed by optional zeros isn't padded.
112 */
113
114int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
115 {
116 int pad=0,ret,i,neg;
117 unsigned char *p,*n,pb=0;
118
119 if ((a == NULL) || (a->data == NULL)) return(0);
120 neg=a->type & V_ASN1_NEG;
121 if (a->length == 0)
122 ret=1;
123 else
124 {
125 ret=a->length;
126 i=a->data[0];
Parth Dixit33c3e8c2016-08-29 11:53:40 +0530[diff] [blame^]127 if (ret == 1 && i == 0)
128 neg = 0;
Kinson Chika8fa74c2011-07-29 11:33:41 -0700[diff] [blame]129 if (!neg && (i > 127)) {
130 pad=1;
131 pb=0;
132 } else if(neg) {
133 if(i>128) {
134 pad=1;
135 pb=0xFF;
136 } else if(i == 128) {
137 /*
138 * Special case: if any other bytes non zero we pad:
139 * otherwise we don't.
140 */
141 for(i = 1; i < a->length; i++) if(a->data[i]) {
142 pad=1;
143 pb=0xFF;
144 break;
145 }
146 }
147 }
148 ret+=pad;
149 }
150 if (pp == NULL) return(ret);
151 p= *pp;
152
153 if (pad) *(p++)=pb;
154 if (a->length == 0) *(p++)=0;
155 else if (!neg) memcpy(p,a->data,(unsigned int)a->length);
156 else {
157 /* Begin at the end of the encoding */
158 n=a->data + a->length - 1;
159 p += a->length - 1;
160 i = a->length;
161 /* Copy zeros to destination as long as source is zero */
Parth Dixit33c3e8c2016-08-29 11:53:40 +0530[diff] [blame^]162 while(!*n && i > 1) {
Kinson Chika8fa74c2011-07-29 11:33:41 -0700[diff] [blame]163 *(p--) = 0;
164 n--;
165 i--;
166 }
167 /* Complement and increment next octet */
168 *(p--) = ((*(n--)) ^ 0xff) + 1;
169 i--;
170 /* Complement any octets left */
171 for(;i > 0; i--) *(p--) = *(n--) ^ 0xff;
172 }
173
174 *pp+=ret;
175 return(ret);
176 }
177
178/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
179
180ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
181 long len)
182 {
183 ASN1_INTEGER *ret=NULL;
184 const unsigned char *p, *pend;
185 unsigned char *to,*s;
186 int i;
187
188 if ((a == NULL) || ((*a) == NULL))
189 {
190 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
191 ret->type=V_ASN1_INTEGER;
192 }
193 else
194 ret=(*a);
195
196 p= *pp;
197 pend = p + len;
198
199 /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
200 * signifies a missing NULL parameter. */
201 s=(unsigned char *)OPENSSL_malloc((int)len+1);
202 if (s == NULL)
203 {
204 i=ERR_R_MALLOC_FAILURE;
205 goto err;
206 }
207 to=s;
208 if(!len) {
209 /* Strictly speaking this is an illegal INTEGER but we
210 * tolerate it.
211 */
212 ret->type=V_ASN1_INTEGER;
213 } else if (*p & 0x80) /* a negative number */
214 {
215 ret->type=V_ASN1_NEG_INTEGER;
216 if ((*p == 0xff) && (len != 1)) {
217 p++;
218 len--;
219 }
220 i = len;
221 p += i - 1;
222 to += i - 1;
223 while((!*p) && i) {
224 *(to--) = 0;
225 i--;
226 p--;
227 }
228 /* Special case: if all zeros then the number will be of
229 * the form FF followed by n zero bytes: this corresponds to
230 * 1 followed by n zero bytes. We've already written n zeros
231 * so we just append an extra one and set the first byte to
232 * a 1. This is treated separately because it is the only case
233 * where the number of bytes is larger than len.
234 */
235 if(!i) {
236 *s = 1;
237 s[len] = 0;
238 len++;
239 } else {
240 *(to--) = (*(p--) ^ 0xff) + 1;
241 i--;
242 for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
243 }
244 } else {
245 ret->type=V_ASN1_INTEGER;
246 if ((*p == 0) && (len != 1))
247 {
248 p++;
249 len--;
250 }
251 memcpy(s,p,(int)len);
252 }
253
254 if (ret->data != NULL) OPENSSL_free(ret->data);
255 ret->data=s;
256 ret->length=(int)len;
257 if (a != NULL) (*a)=ret;
258 *pp=pend;
259 return(ret);
260err:
261 ASN1err(ASN1_F_C2I_ASN1_INTEGER,i);
262 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
263 M_ASN1_INTEGER_free(ret);
264 return(NULL);
265 }
266
267
268/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of
269 * ASN1 integers: some broken software can encode a positive INTEGER
270 * with its MSB set as negative (it doesn't add a padding zero).
271 */
272
273ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
274 long length)
275 {
276 ASN1_INTEGER *ret=NULL;
277 const unsigned char *p;
Unnati Gandhia7e1fe02014-07-17 14:45:43 +0530[diff] [blame]278 unsigned char *s;
Kinson Chika8fa74c2011-07-29 11:33:41 -0700[diff] [blame]279 long len;
280 int inf,tag,xclass;
281 int i;
282
283 if ((a == NULL) || ((*a) == NULL))
284 {
285 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
286 ret->type=V_ASN1_INTEGER;
287 }
288 else
289 ret=(*a);
290
291 p= *pp;
292 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
293 if (inf & 0x80)
294 {
295 i=ASN1_R_BAD_OBJECT_HEADER;
296 goto err;
297 }
298
299 if (tag != V_ASN1_INTEGER)
300 {
301 i=ASN1_R_EXPECTING_AN_INTEGER;
302 goto err;
303 }
304
305 /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
306 * signifies a missing NULL parameter. */
307 s=(unsigned char *)OPENSSL_malloc((int)len+1);
308 if (s == NULL)
309 {
310 i=ERR_R_MALLOC_FAILURE;
311 goto err;
312 }
Kinson Chika8fa74c2011-07-29 11:33:41 -0700[diff] [blame]313 ret->type=V_ASN1_INTEGER;
314 if(len) {
315 if ((*p == 0) && (len != 1))
316 {
317 p++;
318 len--;
319 }
320 memcpy(s,p,(int)len);
321 p+=len;
322 }
323
324 if (ret->data != NULL) OPENSSL_free(ret->data);
325 ret->data=s;
326 ret->length=(int)len;
327 if (a != NULL) (*a)=ret;
328 *pp=p;
329 return(ret);
330err:
331 ASN1err(ASN1_F_D2I_ASN1_UINTEGER,i);
332 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
333 M_ASN1_INTEGER_free(ret);
334 return(NULL);
335 }
336
337int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
338 {
339 int j,k;
340 unsigned int i;
341 unsigned char buf[sizeof(long)+1];
342 long d;
343
344 a->type=V_ASN1_INTEGER;
345 if (a->length < (int)(sizeof(long)+1))
346 {
347 if (a->data != NULL)
348 OPENSSL_free(a->data);
349 if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
350 memset((char *)a->data,0,sizeof(long)+1);
351 }
352 if (a->data == NULL)
353 {
354 ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE);
355 return(0);
356 }
357 d=v;
358 if (d < 0)
359 {
360 d= -d;
361 a->type=V_ASN1_NEG_INTEGER;
362 }
363
364 for (i=0; i<sizeof(long); i++)
365 {
366 if (d == 0) break;
367 buf[i]=(int)d&0xff;
368 d>>=8;
369 }
370 j=0;
371 for (k=i-1; k >=0; k--)
372 a->data[j++]=buf[k];
373 a->length=j;
374 return(1);
375 }
376
377long ASN1_INTEGER_get(const ASN1_INTEGER *a)
378 {
379 int neg=0,i;
380 long r=0;
381
382 if (a == NULL) return(0L);
383 i=a->type;
384 if (i == V_ASN1_NEG_INTEGER)
385 neg=1;
386 else if (i != V_ASN1_INTEGER)
387 return -1;
388
389 if (a->length > (int)sizeof(long))
390 {
391 /* hmm... a bit ugly */
392 return(0xffffffffL);
393 }
394 if (a->data == NULL)
395 return 0;
396
397 for (i=0; i<a->length; i++)
398 {
399 r<<=8;
400 r|=(unsigned char)a->data[i];
401 }
402 if (neg) r= -r;
403 return(r);
404 }
405
406ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
407 {
408 ASN1_INTEGER *ret;
409 int len,j;
410
411 if (ai == NULL)
412 ret=M_ASN1_INTEGER_new();
413 else
414 ret=ai;
415 if (ret == NULL)
416 {
417 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
418 goto err;
419 }
420 if (BN_is_negative(bn))
421 ret->type = V_ASN1_NEG_INTEGER;
422 else ret->type=V_ASN1_INTEGER;
423 j=BN_num_bits(bn);
424 len=((j == 0)?0:((j/8)+1));
425 if (ret->length < len+4)
426 {
427 unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
428 if (!new_data)
429 {
430 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
431 goto err;
432 }
433 ret->data=new_data;
434 }
435 ret->length=BN_bn2bin(bn,ret->data);
436 /* Correct zero case */
437 if(!ret->length)
438 {
439 ret->data[0] = 0;
440 ret->length = 1;
441 }
442 return(ret);
443err:
444 if (ret != ai) M_ASN1_INTEGER_free(ret);
445 return(NULL);
446 }
447
448BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn)
449 {
450 BIGNUM *ret;
451
452 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
453 ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
454 else if(ai->type == V_ASN1_NEG_INTEGER)
455 BN_set_negative(ret, 1);
456 return(ret);
457 }
458
459IMPLEMENT_STACK_OF(ASN1_INTEGER)
460IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER)