VirtualBox

source: vbox/trunk/src/libs/openssl-3.1.7/crypto/packet.c@ 105963

Last change on this file since 105963 was 104078, checked in by vboxsync, 8 months ago

openssl-3.1.5: Applied and adjusted our OpenSSL changes to 3.1.4. bugref:10638

File size: 11.9 KB
Line 
1/*
2 * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include "internal/cryptlib.h"
11#include "internal/packet.h"
12#include <openssl/err.h>
13
14#define DEFAULT_BUF_SIZE 256
15
16int WPACKET_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
17{
18 if (!WPACKET_reserve_bytes(pkt, len, allocbytes))
19 return 0;
20
21 pkt->written += len;
22 pkt->curr += len;
23 return 1;
24}
25
26int WPACKET_sub_allocate_bytes__(WPACKET *pkt, size_t len,
27 unsigned char **allocbytes, size_t lenbytes)
28{
29 if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
30 || !WPACKET_allocate_bytes(pkt, len, allocbytes)
31 || !WPACKET_close(pkt))
32 return 0;
33
34 return 1;
35}
36
37#define GETBUF(p) (((p)->staticbuf != NULL) \
38 ? (p)->staticbuf \
39 : ((p)->buf != NULL \
40 ? (unsigned char *)(p)->buf->data \
41 : NULL))
42
43int WPACKET_reserve_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
44{
45 /* Internal API, so should not fail */
46 if (!ossl_assert(pkt->subs != NULL && len != 0))
47 return 0;
48
49 if (pkt->maxsize - pkt->written < len)
50 return 0;
51
52 if (pkt->buf != NULL && (pkt->buf->length - pkt->written < len)) {
53 size_t newlen;
54 size_t reflen;
55
56 reflen = (len > pkt->buf->length) ? len : pkt->buf->length;
57
58 if (reflen > SIZE_MAX / 2) {
59 newlen = SIZE_MAX;
60 } else {
61 newlen = reflen * 2;
62 if (newlen < DEFAULT_BUF_SIZE)
63 newlen = DEFAULT_BUF_SIZE;
64 }
65 if (BUF_MEM_grow(pkt->buf, newlen) == 0)
66 return 0;
67 }
68 if (allocbytes != NULL) {
69 *allocbytes = WPACKET_get_curr(pkt);
70 if (pkt->endfirst && *allocbytes != NULL)
71 *allocbytes -= len;
72 }
73
74 return 1;
75}
76
77int WPACKET_sub_reserve_bytes__(WPACKET *pkt, size_t len,
78 unsigned char **allocbytes, size_t lenbytes)
79{
80 if (pkt->endfirst && lenbytes > 0)
81 return 0;
82
83 if (!WPACKET_reserve_bytes(pkt, lenbytes + len, allocbytes))
84 return 0;
85
86 if (*allocbytes != NULL)
87 *allocbytes += lenbytes;
88
89 return 1;
90}
91
92static size_t maxmaxsize(size_t lenbytes)
93{
94 if (lenbytes >= sizeof(size_t) || lenbytes == 0)
95 return SIZE_MAX;
96
97 return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes;
98}
99
100static int wpacket_intern_init_len(WPACKET *pkt, size_t lenbytes)
101{
102 unsigned char *lenchars;
103
104 pkt->curr = 0;
105 pkt->written = 0;
106
107 if ((pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs))) == NULL) {
108 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
109 return 0;
110 }
111
112 if (lenbytes == 0)
113 return 1;
114
115 pkt->subs->pwritten = lenbytes;
116 pkt->subs->lenbytes = lenbytes;
117
118 if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars)) {
119 OPENSSL_free(pkt->subs);
120 pkt->subs = NULL;
121 return 0;
122 }
123 pkt->subs->packet_len = 0;
124
125 return 1;
126}
127
128int WPACKET_init_static_len(WPACKET *pkt, unsigned char *buf, size_t len,
129 size_t lenbytes)
130{
131 size_t max = maxmaxsize(lenbytes);
132
133 /* Internal API, so should not fail */
134 if (!ossl_assert(buf != NULL && len > 0))
135 return 0;
136
137 pkt->staticbuf = buf;
138 pkt->buf = NULL;
139 pkt->maxsize = (max < len) ? max : len;
140 pkt->endfirst = 0;
141
142 return wpacket_intern_init_len(pkt, lenbytes);
143}
144
145int WPACKET_init_der(WPACKET *pkt, unsigned char *buf, size_t len)
146{
147 /* Internal API, so should not fail */
148 if (!ossl_assert(buf != NULL && len > 0))
149 return 0;
150
151 pkt->staticbuf = buf;
152 pkt->buf = NULL;
153 pkt->maxsize = len;
154 pkt->endfirst = 1;
155
156 return wpacket_intern_init_len(pkt, 0);
157}
158
159int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes)
160{
161 /* Internal API, so should not fail */
162 if (!ossl_assert(buf != NULL))
163 return 0;
164
165 pkt->staticbuf = NULL;
166 pkt->buf = buf;
167 pkt->maxsize = maxmaxsize(lenbytes);
168 pkt->endfirst = 0;
169
170 return wpacket_intern_init_len(pkt, lenbytes);
171}
172
173int WPACKET_init(WPACKET *pkt, BUF_MEM *buf)
174{
175 return WPACKET_init_len(pkt, buf, 0);
176}
177
178int WPACKET_init_null(WPACKET *pkt, size_t lenbytes)
179{
180 pkt->staticbuf = NULL;
181 pkt->buf = NULL;
182 pkt->maxsize = maxmaxsize(lenbytes);
183 pkt->endfirst = 0;
184
185 return wpacket_intern_init_len(pkt, 0);
186}
187
188int WPACKET_init_null_der(WPACKET *pkt)
189{
190 pkt->staticbuf = NULL;
191 pkt->buf = NULL;
192 pkt->maxsize = SIZE_MAX;
193 pkt->endfirst = 1;
194
195 return wpacket_intern_init_len(pkt, 0);
196}
197
198int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
199{
200 /* Internal API, so should not fail */
201 if (!ossl_assert(pkt->subs != NULL))
202 return 0;
203
204 pkt->subs->flags = flags;
205
206 return 1;
207}
208
209/* Store the |value| of length |len| at location |data| */
210static int put_value(unsigned char *data, uint64_t value, size_t len)
211{
212 if (data == NULL)
213 return 1;
214
215 for (data += len - 1; len > 0; len--) {
216 *data = (unsigned char)(value & 0xff);
217 data--;
218 value >>= 8;
219 }
220
221 /* Check whether we could fit the value in the assigned number of bytes */
222 if (value > 0)
223 return 0;
224
225 return 1;
226}
227
228
229/*
230 * Internal helper function used by WPACKET_close(), WPACKET_finish() and
231 * WPACKET_fill_lengths() to close a sub-packet and write out its length if
232 * necessary. If |doclose| is 0 then it goes through the motions of closing
233 * (i.e. it fills in all the lengths), but doesn't actually close anything.
234 */
235static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose)
236{
237 size_t packlen = pkt->written - sub->pwritten;
238
239 if (packlen == 0
240 && (sub->flags & WPACKET_FLAGS_NON_ZERO_LENGTH) != 0)
241 return 0;
242
243 if (packlen == 0
244 && sub->flags & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) {
245 /* We can't handle this case. Return an error */
246 if (!doclose)
247 return 0;
248
249 /* Deallocate any bytes allocated for the length of the WPACKET */
250 if ((pkt->curr - sub->lenbytes) == sub->packet_len) {
251 pkt->written -= sub->lenbytes;
252 pkt->curr -= sub->lenbytes;
253 }
254
255 /* Don't write out the packet length */
256 sub->packet_len = 0;
257 sub->lenbytes = 0;
258 }
259
260 /* Write out the WPACKET length if needed */
261 if (sub->lenbytes > 0) {
262 unsigned char *buf = GETBUF(pkt);
263
264 if (buf != NULL
265 && !put_value(&buf[sub->packet_len], packlen,
266 sub->lenbytes))
267 return 0;
268 } else if (pkt->endfirst && sub->parent != NULL
269 && (packlen != 0
270 || (sub->flags
271 & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) == 0)) {
272 size_t tmplen = packlen;
273 size_t numlenbytes = 1;
274
275 while ((tmplen = tmplen >> 8) > 0)
276 numlenbytes++;
277 if (!WPACKET_put_bytes__(pkt, packlen, numlenbytes))
278 return 0;
279 if (packlen > 0x7f) {
280 numlenbytes |= 0x80;
281 if (!WPACKET_put_bytes_u8(pkt, numlenbytes))
282 return 0;
283 }
284 }
285
286 if (doclose) {
287 pkt->subs = sub->parent;
288 OPENSSL_free(sub);
289 }
290
291 return 1;
292}
293
294int WPACKET_fill_lengths(WPACKET *pkt)
295{
296 WPACKET_SUB *sub;
297
298 if (!ossl_assert(pkt->subs != NULL))
299 return 0;
300
301 for (sub = pkt->subs; sub != NULL; sub = sub->parent) {
302 if (!wpacket_intern_close(pkt, sub, 0))
303 return 0;
304 }
305
306 return 1;
307}
308
309int WPACKET_close(WPACKET *pkt)
310{
311 /*
312 * Internal API, so should not fail - but we do negative testing of this
313 * so no assert (otherwise the tests fail)
314 */
315 if (pkt->subs == NULL || pkt->subs->parent == NULL)
316 return 0;
317
318 return wpacket_intern_close(pkt, pkt->subs, 1);
319}
320
321int WPACKET_finish(WPACKET *pkt)
322{
323 int ret;
324
325 /*
326 * Internal API, so should not fail - but we do negative testing of this
327 * so no assert (otherwise the tests fail)
328 */
329 if (pkt->subs == NULL || pkt->subs->parent != NULL)
330 return 0;
331
332 ret = wpacket_intern_close(pkt, pkt->subs, 1);
333 if (ret) {
334 OPENSSL_free(pkt->subs);
335 pkt->subs = NULL;
336 }
337
338 return ret;
339}
340
341int WPACKET_start_sub_packet_len__(WPACKET *pkt, size_t lenbytes)
342{
343 WPACKET_SUB *sub;
344 unsigned char *lenchars;
345
346 /* Internal API, so should not fail */
347 if (!ossl_assert(pkt->subs != NULL))
348 return 0;
349
350 /* We don't support lenbytes greater than 0 when doing endfirst writing */
351 if (lenbytes > 0 && pkt->endfirst)
352 return 0;
353
354 if ((sub = OPENSSL_zalloc(sizeof(*sub))) == NULL) {
355 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
356 return 0;
357 }
358
359 sub->parent = pkt->subs;
360 pkt->subs = sub;
361 sub->pwritten = pkt->written + lenbytes;
362 sub->lenbytes = lenbytes;
363
364 if (lenbytes == 0) {
365 sub->packet_len = 0;
366 return 1;
367 }
368
369 sub->packet_len = pkt->written;
370
371 if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars))
372 return 0;
373
374 return 1;
375}
376
377int WPACKET_start_sub_packet(WPACKET *pkt)
378{
379 return WPACKET_start_sub_packet_len__(pkt, 0);
380}
381
382int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t size)
383{
384 unsigned char *data;
385
386 /* Internal API, so should not fail */
387 if (!ossl_assert(size <= sizeof(uint64_t))
388 || !WPACKET_allocate_bytes(pkt, size, &data)
389 || !put_value(data, val, size))
390 return 0;
391
392 return 1;
393}
394
395int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize)
396{
397 WPACKET_SUB *sub;
398 size_t lenbytes;
399
400 /* Internal API, so should not fail */
401 if (!ossl_assert(pkt->subs != NULL))
402 return 0;
403
404 /* Find the WPACKET_SUB for the top level */
405 for (sub = pkt->subs; sub->parent != NULL; sub = sub->parent)
406 continue;
407
408 lenbytes = sub->lenbytes;
409 if (lenbytes == 0)
410 lenbytes = sizeof(pkt->maxsize);
411
412 if (maxmaxsize(lenbytes) < maxsize || maxsize < pkt->written)
413 return 0;
414
415 pkt->maxsize = maxsize;
416
417 return 1;
418}
419
420int WPACKET_memset(WPACKET *pkt, int ch, size_t len)
421{
422 unsigned char *dest;
423
424 if (len == 0)
425 return 1;
426
427 if (!WPACKET_allocate_bytes(pkt, len, &dest))
428 return 0;
429
430 if (dest != NULL)
431 memset(dest, ch, len);
432
433 return 1;
434}
435
436int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len)
437{
438 unsigned char *dest;
439
440 if (len == 0)
441 return 1;
442
443 if (!WPACKET_allocate_bytes(pkt, len, &dest))
444 return 0;
445
446 if (dest != NULL)
447 memcpy(dest, src, len);
448
449 return 1;
450}
451
452int WPACKET_sub_memcpy__(WPACKET *pkt, const void *src, size_t len,
453 size_t lenbytes)
454{
455 if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
456 || !WPACKET_memcpy(pkt, src, len)
457 || !WPACKET_close(pkt))
458 return 0;
459
460 return 1;
461}
462
463int WPACKET_get_total_written(WPACKET *pkt, size_t *written)
464{
465 /* Internal API, so should not fail */
466 if (!ossl_assert(written != NULL))
467 return 0;
468
469 *written = pkt->written;
470
471 return 1;
472}
473
474int WPACKET_get_length(WPACKET *pkt, size_t *len)
475{
476 /* Internal API, so should not fail */
477 if (!ossl_assert(pkt->subs != NULL && len != NULL))
478 return 0;
479
480 *len = pkt->written - pkt->subs->pwritten;
481
482 return 1;
483}
484
485unsigned char *WPACKET_get_curr(WPACKET *pkt)
486{
487 unsigned char *buf = GETBUF(pkt);
488
489 if (buf == NULL)
490 return NULL;
491
492 if (pkt->endfirst)
493 return buf + pkt->maxsize - pkt->curr;
494
495 return buf + pkt->curr;
496}
497
498int WPACKET_is_null_buf(WPACKET *pkt)
499{
500 return pkt->buf == NULL && pkt->staticbuf == NULL;
501}
502
503void WPACKET_cleanup(WPACKET *pkt)
504{
505 WPACKET_SUB *sub, *parent;
506
507 for (sub = pkt->subs; sub != NULL; sub = parent) {
508 parent = sub->parent;
509 OPENSSL_free(sub);
510 }
511 pkt->subs = NULL;
512}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette