1 /*
2 * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include "internal/cryptlib.h"
11 #include "internal/packet.h"
12 #include <openssl/err.h>
13
14 #define DEFAULT_BUF_SIZE 256
15
WPACKET_allocate_bytes(WPACKET * pkt,size_t len,unsigned char ** allocbytes)16 int WPACKET_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
17 {
18 if (!WPACKET_reserve_bytes(pkt, len, allocbytes))
19 return 0;
20
21 pkt->written += len;
22 pkt->curr += len;
23 return 1;
24 }
25
WPACKET_sub_allocate_bytes__(WPACKET * pkt,size_t len,unsigned char ** allocbytes,size_t lenbytes)26 int WPACKET_sub_allocate_bytes__(WPACKET *pkt, size_t len,
27 unsigned char **allocbytes, size_t lenbytes)
28 {
29 if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
30 || !WPACKET_allocate_bytes(pkt, len, allocbytes)
31 || !WPACKET_close(pkt))
32 return 0;
33
34 return 1;
35 }
36
37 #define GETBUF(p) (((p)->staticbuf != NULL) \
38 ? (p)->staticbuf \
39 : ((p)->buf != NULL \
40 ? (unsigned char *)(p)->buf->data \
41 : NULL))
42
WPACKET_reserve_bytes(WPACKET * pkt,size_t len,unsigned char ** allocbytes)43 int WPACKET_reserve_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
44 {
45 /* Internal API, so should not fail */
46 if (!ossl_assert(pkt->subs != NULL && len != 0))
47 return 0;
48
49 if (pkt->maxsize - pkt->written < len)
50 return 0;
51
52 if (pkt->buf != NULL && (pkt->buf->length - pkt->written < len)) {
53 size_t newlen;
54 size_t reflen;
55
56 reflen = (len > pkt->buf->length) ? len : pkt->buf->length;
57
58 if (reflen > SIZE_MAX / 2) {
59 newlen = SIZE_MAX;
60 } else {
61 newlen = reflen * 2;
62 if (newlen < DEFAULT_BUF_SIZE)
63 newlen = DEFAULT_BUF_SIZE;
64 }
65 if (BUF_MEM_grow(pkt->buf, newlen) == 0)
66 return 0;
67 }
68 if (allocbytes != NULL) {
69 *allocbytes = WPACKET_get_curr(pkt);
70 if (pkt->endfirst && *allocbytes != NULL)
71 *allocbytes -= len;
72 }
73
74 return 1;
75 }
76
WPACKET_sub_reserve_bytes__(WPACKET * pkt,size_t len,unsigned char ** allocbytes,size_t lenbytes)77 int WPACKET_sub_reserve_bytes__(WPACKET *pkt, size_t len,
78 unsigned char **allocbytes, size_t lenbytes)
79 {
80 if (pkt->endfirst && lenbytes > 0)
81 return 0;
82
83 if (!WPACKET_reserve_bytes(pkt, lenbytes + len, allocbytes))
84 return 0;
85
86 if (*allocbytes != NULL)
87 *allocbytes += lenbytes;
88
89 return 1;
90 }
91
maxmaxsize(size_t lenbytes)92 static size_t maxmaxsize(size_t lenbytes)
93 {
94 if (lenbytes >= sizeof(size_t) || lenbytes == 0)
95 return SIZE_MAX;
96
97 return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes;
98 }
99
wpacket_intern_init_len(WPACKET * pkt,size_t lenbytes)100 static int wpacket_intern_init_len(WPACKET *pkt, size_t lenbytes)
101 {
102 unsigned char *lenchars;
103
104 pkt->curr = 0;
105 pkt->written = 0;
106
107 if ((pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs))) == NULL) {
108 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
109 return 0;
110 }
111
112 if (lenbytes == 0)
113 return 1;
114
115 pkt->subs->pwritten = lenbytes;
116 pkt->subs->lenbytes = lenbytes;
117
118 if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars)) {
119 OPENSSL_free(pkt->subs);
120 pkt->subs = NULL;
121 return 0;
122 }
123 pkt->subs->packet_len = 0;
124
125 return 1;
126 }
127
WPACKET_init_static_len(WPACKET * pkt,unsigned char * buf,size_t len,size_t lenbytes)128 int WPACKET_init_static_len(WPACKET *pkt, unsigned char *buf, size_t len,
129 size_t lenbytes)
130 {
131 size_t max = maxmaxsize(lenbytes);
132
133 /* Internal API, so should not fail */
134 if (!ossl_assert(buf != NULL && len > 0))
135 return 0;
136
137 pkt->staticbuf = buf;
138 pkt->buf = NULL;
139 pkt->maxsize = (max < len) ? max : len;
140 pkt->endfirst = 0;
141
142 return wpacket_intern_init_len(pkt, lenbytes);
143 }
144
WPACKET_init_der(WPACKET * pkt,unsigned char * buf,size_t len)145 int WPACKET_init_der(WPACKET *pkt, unsigned char *buf, size_t len)
146 {
147 /* Internal API, so should not fail */
148 if (!ossl_assert(buf != NULL && len > 0))
149 return 0;
150
151 pkt->staticbuf = buf;
152 pkt->buf = NULL;
153 pkt->maxsize = len;
154 pkt->endfirst = 1;
155
156 return wpacket_intern_init_len(pkt, 0);
157 }
158
WPACKET_init_len(WPACKET * pkt,BUF_MEM * buf,size_t lenbytes)159 int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes)
160 {
161 /* Internal API, so should not fail */
162 if (!ossl_assert(buf != NULL))
163 return 0;
164
165 pkt->staticbuf = NULL;
166 pkt->buf = buf;
167 pkt->maxsize = maxmaxsize(lenbytes);
168 pkt->endfirst = 0;
169
170 return wpacket_intern_init_len(pkt, lenbytes);
171 }
172
WPACKET_init(WPACKET * pkt,BUF_MEM * buf)173 int WPACKET_init(WPACKET *pkt, BUF_MEM *buf)
174 {
175 return WPACKET_init_len(pkt, buf, 0);
176 }
177
WPACKET_init_null(WPACKET * pkt,size_t lenbytes)178 int WPACKET_init_null(WPACKET *pkt, size_t lenbytes)
179 {
180 pkt->staticbuf = NULL;
181 pkt->buf = NULL;
182 pkt->maxsize = maxmaxsize(lenbytes);
183 pkt->endfirst = 0;
184
185 return wpacket_intern_init_len(pkt, 0);
186 }
187
WPACKET_init_null_der(WPACKET * pkt)188 int WPACKET_init_null_der(WPACKET *pkt)
189 {
190 pkt->staticbuf = NULL;
191 pkt->buf = NULL;
192 pkt->maxsize = SIZE_MAX;
193 pkt->endfirst = 1;
194
195 return wpacket_intern_init_len(pkt, 0);
196 }
197
WPACKET_set_flags(WPACKET * pkt,unsigned int flags)198 int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
199 {
200 /* Internal API, so should not fail */
201 if (!ossl_assert(pkt->subs != NULL))
202 return 0;
203
204 pkt->subs->flags = flags;
205
206 return 1;
207 }
208
209 /* Store the |value| of length |len| at location |data| */
put_value(unsigned char * data,uint64_t value,size_t len)210 static int put_value(unsigned char *data, uint64_t value, size_t len)
211 {
212 if (data == NULL)
213 return 1;
214
215 for (data += len - 1; len > 0; len--) {
216 *data = (unsigned char)(value & 0xff);
217 data--;
218 value >>= 8;
219 }
220
221 /* Check whether we could fit the value in the assigned number of bytes */
222 if (value > 0)
223 return 0;
224
225 return 1;
226 }
227
228
229 /*
230 * Internal helper function used by WPACKET_close(), WPACKET_finish() and
231 * WPACKET_fill_lengths() to close a sub-packet and write out its length if
232 * necessary. If |doclose| is 0 then it goes through the motions of closing
233 * (i.e. it fills in all the lengths), but doesn't actually close anything.
234 */
wpacket_intern_close(WPACKET * pkt,WPACKET_SUB * sub,int doclose)235 static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose)
236 {
237 size_t packlen = pkt->written - sub->pwritten;
238
239 if (packlen == 0
240 && (sub->flags & WPACKET_FLAGS_NON_ZERO_LENGTH) != 0)
241 return 0;
242
243 if (packlen == 0
244 && sub->flags & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) {
245 /* We can't handle this case. Return an error */
246 if (!doclose)
247 return 0;
248
249 /* Deallocate any bytes allocated for the length of the WPACKET */
250 if ((pkt->curr - sub->lenbytes) == sub->packet_len) {
251 pkt->written -= sub->lenbytes;
252 pkt->curr -= sub->lenbytes;
253 }
254
255 /* Don't write out the packet length */
256 sub->packet_len = 0;
257 sub->lenbytes = 0;
258 }
259
260 /* Write out the WPACKET length if needed */
261 if (sub->lenbytes > 0) {
262 unsigned char *buf = GETBUF(pkt);
263
264 if (buf != NULL
265 && !put_value(&buf[sub->packet_len], packlen,
266 sub->lenbytes))
267 return 0;
268 } else if (pkt->endfirst && sub->parent != NULL
269 && (packlen != 0
270 || (sub->flags
271 & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) == 0)) {
272 size_t tmplen = packlen;
273 size_t numlenbytes = 1;
274
275 while ((tmplen = tmplen >> 8) > 0)
276 numlenbytes++;
277 if (!WPACKET_put_bytes__(pkt, packlen, numlenbytes))
278 return 0;
279 if (packlen > 0x7f) {
280 numlenbytes |= 0x80;
281 if (!WPACKET_put_bytes_u8(pkt, numlenbytes))
282 return 0;
283 }
284 }
285
286 if (doclose) {
287 pkt->subs = sub->parent;
288 OPENSSL_free(sub);
289 }
290
291 return 1;
292 }
293
WPACKET_fill_lengths(WPACKET * pkt)294 int WPACKET_fill_lengths(WPACKET *pkt)
295 {
296 WPACKET_SUB *sub;
297
298 if (!ossl_assert(pkt->subs != NULL))
299 return 0;
300
301 for (sub = pkt->subs; sub != NULL; sub = sub->parent) {
302 if (!wpacket_intern_close(pkt, sub, 0))
303 return 0;
304 }
305
306 return 1;
307 }
308
WPACKET_close(WPACKET * pkt)309 int WPACKET_close(WPACKET *pkt)
310 {
311 /*
312 * Internal API, so should not fail - but we do negative testing of this
313 * so no assert (otherwise the tests fail)
314 */
315 if (pkt->subs == NULL || pkt->subs->parent == NULL)
316 return 0;
317
318 return wpacket_intern_close(pkt, pkt->subs, 1);
319 }
320
WPACKET_finish(WPACKET * pkt)321 int WPACKET_finish(WPACKET *pkt)
322 {
323 int ret;
324
325 /*
326 * Internal API, so should not fail - but we do negative testing of this
327 * so no assert (otherwise the tests fail)
328 */
329 if (pkt->subs == NULL || pkt->subs->parent != NULL)
330 return 0;
331
332 ret = wpacket_intern_close(pkt, pkt->subs, 1);
333 if (ret) {
334 OPENSSL_free(pkt->subs);
335 pkt->subs = NULL;
336 }
337
338 return ret;
339 }
340
WPACKET_start_sub_packet_len__(WPACKET * pkt,size_t lenbytes)341 int WPACKET_start_sub_packet_len__(WPACKET *pkt, size_t lenbytes)
342 {
343 WPACKET_SUB *sub;
344 unsigned char *lenchars;
345
346 /* Internal API, so should not fail */
347 if (!ossl_assert(pkt->subs != NULL))
348 return 0;
349
350 /* We don't support lenbytes greater than 0 when doing endfirst writing */
351 if (lenbytes > 0 && pkt->endfirst)
352 return 0;
353
354 if ((sub = OPENSSL_zalloc(sizeof(*sub))) == NULL) {
355 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
356 return 0;
357 }
358
359 sub->parent = pkt->subs;
360 pkt->subs = sub;
361 sub->pwritten = pkt->written + lenbytes;
362 sub->lenbytes = lenbytes;
363
364 if (lenbytes == 0) {
365 sub->packet_len = 0;
366 return 1;
367 }
368
369 sub->packet_len = pkt->written;
370
371 if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars))
372 return 0;
373
374 return 1;
375 }
376
WPACKET_start_sub_packet(WPACKET * pkt)377 int WPACKET_start_sub_packet(WPACKET *pkt)
378 {
379 return WPACKET_start_sub_packet_len__(pkt, 0);
380 }
381
WPACKET_put_bytes__(WPACKET * pkt,uint64_t val,size_t size)382 int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t size)
383 {
384 unsigned char *data;
385
386 /* Internal API, so should not fail */
387 if (!ossl_assert(size <= sizeof(uint64_t))
388 || !WPACKET_allocate_bytes(pkt, size, &data)
389 || !put_value(data, val, size))
390 return 0;
391
392 return 1;
393 }
394
WPACKET_set_max_size(WPACKET * pkt,size_t maxsize)395 int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize)
396 {
397 WPACKET_SUB *sub;
398 size_t lenbytes;
399
400 /* Internal API, so should not fail */
401 if (!ossl_assert(pkt->subs != NULL))
402 return 0;
403
404 /* Find the WPACKET_SUB for the top level */
405 for (sub = pkt->subs; sub->parent != NULL; sub = sub->parent)
406 continue;
407
408 lenbytes = sub->lenbytes;
409 if (lenbytes == 0)
410 lenbytes = sizeof(pkt->maxsize);
411
412 if (maxmaxsize(lenbytes) < maxsize || maxsize < pkt->written)
413 return 0;
414
415 pkt->maxsize = maxsize;
416
417 return 1;
418 }
419
WPACKET_memset(WPACKET * pkt,int ch,size_t len)420 int WPACKET_memset(WPACKET *pkt, int ch, size_t len)
421 {
422 unsigned char *dest;
423
424 if (len == 0)
425 return 1;
426
427 if (!WPACKET_allocate_bytes(pkt, len, &dest))
428 return 0;
429
430 if (dest != NULL)
431 memset(dest, ch, len);
432
433 return 1;
434 }
435
WPACKET_memcpy(WPACKET * pkt,const void * src,size_t len)436 int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len)
437 {
438 unsigned char *dest;
439
440 if (len == 0)
441 return 1;
442
443 if (!WPACKET_allocate_bytes(pkt, len, &dest))
444 return 0;
445
446 if (dest != NULL)
447 memcpy(dest, src, len);
448
449 return 1;
450 }
451
WPACKET_sub_memcpy__(WPACKET * pkt,const void * src,size_t len,size_t lenbytes)452 int WPACKET_sub_memcpy__(WPACKET *pkt, const void *src, size_t len,
453 size_t lenbytes)
454 {
455 if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
456 || !WPACKET_memcpy(pkt, src, len)
457 || !WPACKET_close(pkt))
458 return 0;
459
460 return 1;
461 }
462
WPACKET_get_total_written(WPACKET * pkt,size_t * written)463 int WPACKET_get_total_written(WPACKET *pkt, size_t *written)
464 {
465 /* Internal API, so should not fail */
466 if (!ossl_assert(written != NULL))
467 return 0;
468
469 *written = pkt->written;
470
471 return 1;
472 }
473
WPACKET_get_length(WPACKET * pkt,size_t * len)474 int WPACKET_get_length(WPACKET *pkt, size_t *len)
475 {
476 /* Internal API, so should not fail */
477 if (!ossl_assert(pkt->subs != NULL && len != NULL))
478 return 0;
479
480 *len = pkt->written - pkt->subs->pwritten;
481
482 return 1;
483 }
484
WPACKET_get_curr(WPACKET * pkt)485 unsigned char *WPACKET_get_curr(WPACKET *pkt)
486 {
487 unsigned char *buf = GETBUF(pkt);
488
489 if (buf == NULL)
490 return NULL;
491
492 if (pkt->endfirst)
493 return buf + pkt->maxsize - pkt->curr;
494
495 return buf + pkt->curr;
496 }
497
WPACKET_is_null_buf(WPACKET * pkt)498 int WPACKET_is_null_buf(WPACKET *pkt)
499 {
500 return pkt->buf == NULL && pkt->staticbuf == NULL;
501 }
502
WPACKET_cleanup(WPACKET * pkt)503 void WPACKET_cleanup(WPACKET *pkt)
504 {
505 WPACKET_SUB *sub, *parent;
506
507 for (sub = pkt->subs; sub != NULL; sub = parent) {
508 parent = sub->parent;
509 OPENSSL_free(sub);
510 }
511 pkt->subs = NULL;
512 }
513