• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* Copyright (c) 2014, Google Inc.
2  *
3  * Permission to use, copy, modify, and/or distribute this software for any
4  * purpose with or without fee is hereby granted, provided that the above
5  * copyright notice and this permission notice appear in all copies.
6  *
7  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14 
15 #include <openssl/buf.h>
16 #include <openssl/mem.h>
17 #include <openssl/bytestring.h>
18 
19 #include <assert.h>
20 #include <inttypes.h>
21 #include <string.h>
22 
23 #include "internal.h"
24 #include "../internal.h"
25 
26 
CBS_init(CBS * cbs,const uint8_t * data,size_t len)27 void CBS_init(CBS *cbs, const uint8_t *data, size_t len) {
28   cbs->data = data;
29   cbs->len = len;
30 }
31 
cbs_get(CBS * cbs,const uint8_t ** p,size_t n)32 static int cbs_get(CBS *cbs, const uint8_t **p, size_t n) {
33   if (cbs->len < n) {
34     return 0;
35   }
36 
37   *p = cbs->data;
38   cbs->data += n;
39   cbs->len -= n;
40   return 1;
41 }
42 
CBS_skip(CBS * cbs,size_t len)43 int CBS_skip(CBS *cbs, size_t len) {
44   const uint8_t *dummy;
45   return cbs_get(cbs, &dummy, len);
46 }
47 
CBS_data(const CBS * cbs)48 const uint8_t *CBS_data(const CBS *cbs) {
49   return cbs->data;
50 }
51 
CBS_len(const CBS * cbs)52 size_t CBS_len(const CBS *cbs) {
53   return cbs->len;
54 }
55 
CBS_stow(const CBS * cbs,uint8_t ** out_ptr,size_t * out_len)56 int CBS_stow(const CBS *cbs, uint8_t **out_ptr, size_t *out_len) {
57   OPENSSL_free(*out_ptr);
58   *out_ptr = NULL;
59   *out_len = 0;
60 
61   if (cbs->len == 0) {
62     return 1;
63   }
64   *out_ptr = BUF_memdup(cbs->data, cbs->len);
65   if (*out_ptr == NULL) {
66     return 0;
67   }
68   *out_len = cbs->len;
69   return 1;
70 }
71 
CBS_strdup(const CBS * cbs,char ** out_ptr)72 int CBS_strdup(const CBS *cbs, char **out_ptr) {
73   if (*out_ptr != NULL) {
74     OPENSSL_free(*out_ptr);
75   }
76   *out_ptr = BUF_strndup((const char*)cbs->data, cbs->len);
77   return (*out_ptr != NULL);
78 }
79 
CBS_contains_zero_byte(const CBS * cbs)80 int CBS_contains_zero_byte(const CBS *cbs) {
81   return OPENSSL_memchr(cbs->data, 0, cbs->len) != NULL;
82 }
83 
CBS_mem_equal(const CBS * cbs,const uint8_t * data,size_t len)84 int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len) {
85   if (len != cbs->len) {
86     return 0;
87   }
88   return CRYPTO_memcmp(cbs->data, data, len) == 0;
89 }
90 
cbs_get_u(CBS * cbs,uint64_t * out,size_t len)91 static int cbs_get_u(CBS *cbs, uint64_t *out, size_t len) {
92   uint64_t result = 0;
93   const uint8_t *data;
94 
95   if (!cbs_get(cbs, &data, len)) {
96     return 0;
97   }
98   for (size_t i = 0; i < len; i++) {
99     result <<= 8;
100     result |= data[i];
101   }
102   *out = result;
103   return 1;
104 }
105 
CBS_get_u8(CBS * cbs,uint8_t * out)106 int CBS_get_u8(CBS *cbs, uint8_t *out) {
107   const uint8_t *v;
108   if (!cbs_get(cbs, &v, 1)) {
109     return 0;
110   }
111   *out = *v;
112   return 1;
113 }
114 
CBS_get_u16(CBS * cbs,uint16_t * out)115 int CBS_get_u16(CBS *cbs, uint16_t *out) {
116   uint64_t v;
117   if (!cbs_get_u(cbs, &v, 2)) {
118     return 0;
119   }
120   *out = v;
121   return 1;
122 }
123 
CBS_get_u24(CBS * cbs,uint32_t * out)124 int CBS_get_u24(CBS *cbs, uint32_t *out) {
125   uint64_t v;
126   if (!cbs_get_u(cbs, &v, 3)) {
127     return 0;
128   }
129   *out = v;
130   return 1;
131 }
132 
CBS_get_u32(CBS * cbs,uint32_t * out)133 int CBS_get_u32(CBS *cbs, uint32_t *out) {
134   uint64_t v;
135   if (!cbs_get_u(cbs, &v, 4)) {
136     return 0;
137   }
138   *out = v;
139   return 1;
140 }
141 
CBS_get_u64(CBS * cbs,uint64_t * out)142 int CBS_get_u64(CBS *cbs, uint64_t *out) {
143   return cbs_get_u(cbs, out, 8);
144 }
145 
CBS_get_last_u8(CBS * cbs,uint8_t * out)146 int CBS_get_last_u8(CBS *cbs, uint8_t *out) {
147   if (cbs->len == 0) {
148     return 0;
149   }
150   *out = cbs->data[cbs->len - 1];
151   cbs->len--;
152   return 1;
153 }
154 
CBS_get_bytes(CBS * cbs,CBS * out,size_t len)155 int CBS_get_bytes(CBS *cbs, CBS *out, size_t len) {
156   const uint8_t *v;
157   if (!cbs_get(cbs, &v, len)) {
158     return 0;
159   }
160   CBS_init(out, v, len);
161   return 1;
162 }
163 
CBS_copy_bytes(CBS * cbs,uint8_t * out,size_t len)164 int CBS_copy_bytes(CBS *cbs, uint8_t *out, size_t len) {
165   const uint8_t *v;
166   if (!cbs_get(cbs, &v, len)) {
167     return 0;
168   }
169   OPENSSL_memcpy(out, v, len);
170   return 1;
171 }
172 
cbs_get_length_prefixed(CBS * cbs,CBS * out,size_t len_len)173 static int cbs_get_length_prefixed(CBS *cbs, CBS *out, size_t len_len) {
174   uint64_t len;
175   if (!cbs_get_u(cbs, &len, len_len)) {
176     return 0;
177   }
178   // If |len_len| <= 3 then we know that |len| will fit into a |size_t|, even on
179   // 32-bit systems.
180   assert(len_len <= 3);
181   return CBS_get_bytes(cbs, out, len);
182 }
183 
CBS_get_u8_length_prefixed(CBS * cbs,CBS * out)184 int CBS_get_u8_length_prefixed(CBS *cbs, CBS *out) {
185   return cbs_get_length_prefixed(cbs, out, 1);
186 }
187 
CBS_get_u16_length_prefixed(CBS * cbs,CBS * out)188 int CBS_get_u16_length_prefixed(CBS *cbs, CBS *out) {
189   return cbs_get_length_prefixed(cbs, out, 2);
190 }
191 
CBS_get_u24_length_prefixed(CBS * cbs,CBS * out)192 int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out) {
193   return cbs_get_length_prefixed(cbs, out, 3);
194 }
195 
196 // parse_base128_integer reads a big-endian base-128 integer from |cbs| and sets
197 // |*out| to the result. This is the encoding used in DER for both high tag
198 // number form and OID components.
parse_base128_integer(CBS * cbs,uint64_t * out)199 static int parse_base128_integer(CBS *cbs, uint64_t *out) {
200   uint64_t v = 0;
201   uint8_t b;
202   do {
203     if (!CBS_get_u8(cbs, &b)) {
204       return 0;
205     }
206     if ((v >> (64 - 7)) != 0) {
207       // The value is too large.
208       return 0;
209     }
210     if (v == 0 && b == 0x80) {
211       // The value must be minimally encoded.
212       return 0;
213     }
214     v = (v << 7) | (b & 0x7f);
215 
216     // Values end at an octet with the high bit cleared.
217   } while (b & 0x80);
218 
219   *out = v;
220   return 1;
221 }
222 
parse_asn1_tag(CBS * cbs,unsigned * out)223 static int parse_asn1_tag(CBS *cbs, unsigned *out) {
224   uint8_t tag_byte;
225   if (!CBS_get_u8(cbs, &tag_byte)) {
226     return 0;
227   }
228 
229   // ITU-T X.690 section 8.1.2.3 specifies the format for identifiers with a tag
230   // number no greater than 30.
231   //
232   // If the number portion is 31 (0x1f, the largest value that fits in the
233   // allotted bits), then the tag is more than one byte long and the
234   // continuation bytes contain the tag number. This parser only supports tag
235   // numbers less than 31 (and thus single-byte tags).
236   unsigned tag = ((unsigned)tag_byte & 0xe0) << CBS_ASN1_TAG_SHIFT;
237   unsigned tag_number = tag_byte & 0x1f;
238   if (tag_number == 0x1f) {
239     uint64_t v;
240     if (!parse_base128_integer(cbs, &v) ||
241         // Check the tag number is within our supported bounds.
242         v > CBS_ASN1_TAG_NUMBER_MASK ||
243         // Small tag numbers should have used low tag number form.
244         v < 0x1f) {
245       return 0;
246     }
247     tag_number = (unsigned)v;
248   }
249 
250   tag |= tag_number;
251 
252   *out = tag;
253   return 1;
254 }
255 
cbs_get_any_asn1_element(CBS * cbs,CBS * out,unsigned * out_tag,size_t * out_header_len,int ber_ok)256 static int cbs_get_any_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag,
257                                     size_t *out_header_len, int ber_ok) {
258   CBS header = *cbs;
259   CBS throwaway;
260 
261   if (out == NULL) {
262     out = &throwaway;
263   }
264 
265   unsigned tag;
266   if (!parse_asn1_tag(&header, &tag)) {
267     return 0;
268   }
269   if (out_tag != NULL) {
270     *out_tag = tag;
271   }
272 
273   uint8_t length_byte;
274   if (!CBS_get_u8(&header, &length_byte)) {
275     return 0;
276   }
277 
278   size_t header_len = CBS_len(cbs) - CBS_len(&header);
279 
280   size_t len;
281   // The format for the length encoding is specified in ITU-T X.690 section
282   // 8.1.3.
283   if ((length_byte & 0x80) == 0) {
284     // Short form length.
285     len = ((size_t) length_byte) + header_len;
286     if (out_header_len != NULL) {
287       *out_header_len = header_len;
288     }
289   } else {
290     // The high bit indicate that this is the long form, while the next 7 bits
291     // encode the number of subsequent octets used to encode the length (ITU-T
292     // X.690 clause 8.1.3.5.b).
293     const size_t num_bytes = length_byte & 0x7f;
294     uint64_t len64;
295 
296     if (ber_ok && (tag & CBS_ASN1_CONSTRUCTED) != 0 && num_bytes == 0) {
297       // indefinite length
298       if (out_header_len != NULL) {
299         *out_header_len = header_len;
300       }
301       return CBS_get_bytes(cbs, out, header_len);
302     }
303 
304     // ITU-T X.690 clause 8.1.3.5.c specifies that the value 0xff shall not be
305     // used as the first byte of the length. If this parser encounters that
306     // value, num_bytes will be parsed as 127, which will fail the check below.
307     if (num_bytes == 0 || num_bytes > 4) {
308       return 0;
309     }
310     if (!cbs_get_u(&header, &len64, num_bytes)) {
311       return 0;
312     }
313     // ITU-T X.690 section 10.1 (DER length forms) requires encoding the length
314     // with the minimum number of octets.
315     if (len64 < 128) {
316       // Length should have used short-form encoding.
317       return 0;
318     }
319     if ((len64 >> ((num_bytes-1)*8)) == 0) {
320       // Length should have been at least one byte shorter.
321       return 0;
322     }
323     len = len64;
324     if (len + header_len + num_bytes < len) {
325       // Overflow.
326       return 0;
327     }
328     len += header_len + num_bytes;
329     if (out_header_len != NULL) {
330       *out_header_len = header_len + num_bytes;
331     }
332   }
333 
334   return CBS_get_bytes(cbs, out, len);
335 }
336 
CBS_get_any_asn1(CBS * cbs,CBS * out,unsigned * out_tag)337 int CBS_get_any_asn1(CBS *cbs, CBS *out, unsigned *out_tag) {
338   size_t header_len;
339   if (!CBS_get_any_asn1_element(cbs, out, out_tag, &header_len)) {
340     return 0;
341   }
342 
343   if (!CBS_skip(out, header_len)) {
344     assert(0);
345     return 0;
346   }
347 
348   return 1;
349 }
350 
CBS_get_any_asn1_element(CBS * cbs,CBS * out,unsigned * out_tag,size_t * out_header_len)351 int CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag,
352                                     size_t *out_header_len) {
353   return cbs_get_any_asn1_element(cbs, out, out_tag, out_header_len,
354                                   0 /* DER only */);
355 }
356 
CBS_get_any_ber_asn1_element(CBS * cbs,CBS * out,unsigned * out_tag,size_t * out_header_len)357 int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag,
358                                  size_t *out_header_len) {
359   return cbs_get_any_asn1_element(cbs, out, out_tag, out_header_len,
360                                   1 /* BER allowed */);
361 }
362 
cbs_get_asn1(CBS * cbs,CBS * out,unsigned tag_value,int skip_header)363 static int cbs_get_asn1(CBS *cbs, CBS *out, unsigned tag_value,
364                         int skip_header) {
365   size_t header_len;
366   unsigned tag;
367   CBS throwaway;
368 
369   if (out == NULL) {
370     out = &throwaway;
371   }
372 
373   if (!CBS_get_any_asn1_element(cbs, out, &tag, &header_len) ||
374       tag != tag_value) {
375     return 0;
376   }
377 
378   if (skip_header && !CBS_skip(out, header_len)) {
379     assert(0);
380     return 0;
381   }
382 
383   return 1;
384 }
385 
CBS_get_asn1(CBS * cbs,CBS * out,unsigned tag_value)386 int CBS_get_asn1(CBS *cbs, CBS *out, unsigned tag_value) {
387   return cbs_get_asn1(cbs, out, tag_value, 1 /* skip header */);
388 }
389 
CBS_get_asn1_element(CBS * cbs,CBS * out,unsigned tag_value)390 int CBS_get_asn1_element(CBS *cbs, CBS *out, unsigned tag_value) {
391   return cbs_get_asn1(cbs, out, tag_value, 0 /* include header */);
392 }
393 
CBS_peek_asn1_tag(const CBS * cbs,unsigned tag_value)394 int CBS_peek_asn1_tag(const CBS *cbs, unsigned tag_value) {
395   if (CBS_len(cbs) < 1) {
396     return 0;
397   }
398 
399   CBS copy = *cbs;
400   unsigned actual_tag;
401   return parse_asn1_tag(&copy, &actual_tag) && tag_value == actual_tag;
402 }
403 
CBS_get_asn1_uint64(CBS * cbs,uint64_t * out)404 int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out) {
405   CBS bytes;
406   if (!CBS_get_asn1(cbs, &bytes, CBS_ASN1_INTEGER)) {
407     return 0;
408   }
409 
410   *out = 0;
411   const uint8_t *data = CBS_data(&bytes);
412   size_t len = CBS_len(&bytes);
413 
414   if (len == 0) {
415     // An INTEGER is encoded with at least one octet.
416     return 0;
417   }
418 
419   if ((data[0] & 0x80) != 0) {
420     // Negative number.
421     return 0;
422   }
423 
424   if (data[0] == 0 && len > 1 && (data[1] & 0x80) == 0) {
425     // Extra leading zeros.
426     return 0;
427   }
428 
429   for (size_t i = 0; i < len; i++) {
430     if ((*out >> 56) != 0) {
431       // Too large to represent as a uint64_t.
432       return 0;
433     }
434     *out <<= 8;
435     *out |= data[i];
436   }
437 
438   return 1;
439 }
440 
CBS_get_asn1_bool(CBS * cbs,int * out)441 int CBS_get_asn1_bool(CBS *cbs, int *out) {
442   CBS bytes;
443   if (!CBS_get_asn1(cbs, &bytes, CBS_ASN1_BOOLEAN) ||
444       CBS_len(&bytes) != 1) {
445     return 0;
446   }
447 
448   const uint8_t value = *CBS_data(&bytes);
449   if (value != 0 && value != 0xff) {
450     return 0;
451   }
452 
453   *out = !!value;
454   return 1;
455 }
456 
CBS_get_optional_asn1(CBS * cbs,CBS * out,int * out_present,unsigned tag)457 int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present, unsigned tag) {
458   int present = 0;
459 
460   if (CBS_peek_asn1_tag(cbs, tag)) {
461     if (!CBS_get_asn1(cbs, out, tag)) {
462       return 0;
463     }
464     present = 1;
465   }
466 
467   if (out_present != NULL) {
468     *out_present = present;
469   }
470 
471   return 1;
472 }
473 
CBS_get_optional_asn1_octet_string(CBS * cbs,CBS * out,int * out_present,unsigned tag)474 int CBS_get_optional_asn1_octet_string(CBS *cbs, CBS *out, int *out_present,
475                                        unsigned tag) {
476   CBS child;
477   int present;
478   if (!CBS_get_optional_asn1(cbs, &child, &present, tag)) {
479     return 0;
480   }
481   if (present) {
482     assert(out);
483     if (!CBS_get_asn1(&child, out, CBS_ASN1_OCTETSTRING) ||
484         CBS_len(&child) != 0) {
485       return 0;
486     }
487   } else {
488     CBS_init(out, NULL, 0);
489   }
490   if (out_present) {
491     *out_present = present;
492   }
493   return 1;
494 }
495 
CBS_get_optional_asn1_uint64(CBS * cbs,uint64_t * out,unsigned tag,uint64_t default_value)496 int CBS_get_optional_asn1_uint64(CBS *cbs, uint64_t *out, unsigned tag,
497                                  uint64_t default_value) {
498   CBS child;
499   int present;
500   if (!CBS_get_optional_asn1(cbs, &child, &present, tag)) {
501     return 0;
502   }
503   if (present) {
504     if (!CBS_get_asn1_uint64(&child, out) ||
505         CBS_len(&child) != 0) {
506       return 0;
507     }
508   } else {
509     *out = default_value;
510   }
511   return 1;
512 }
513 
CBS_get_optional_asn1_bool(CBS * cbs,int * out,unsigned tag,int default_value)514 int CBS_get_optional_asn1_bool(CBS *cbs, int *out, unsigned tag,
515                                int default_value) {
516   CBS child, child2;
517   int present;
518   if (!CBS_get_optional_asn1(cbs, &child, &present, tag)) {
519     return 0;
520   }
521   if (present) {
522     uint8_t boolean;
523 
524     if (!CBS_get_asn1(&child, &child2, CBS_ASN1_BOOLEAN) ||
525         CBS_len(&child2) != 1 ||
526         CBS_len(&child) != 0) {
527       return 0;
528     }
529 
530     boolean = CBS_data(&child2)[0];
531     if (boolean == 0) {
532       *out = 0;
533     } else if (boolean == 0xff) {
534       *out = 1;
535     } else {
536       return 0;
537     }
538   } else {
539     *out = default_value;
540   }
541   return 1;
542 }
543 
CBS_is_valid_asn1_bitstring(const CBS * cbs)544 int CBS_is_valid_asn1_bitstring(const CBS *cbs) {
545   CBS in = *cbs;
546   uint8_t num_unused_bits;
547   if (!CBS_get_u8(&in, &num_unused_bits) ||
548       num_unused_bits > 7) {
549     return 0;
550   }
551 
552   if (num_unused_bits == 0) {
553     return 1;
554   }
555 
556   // All num_unused_bits bits must exist and be zeros.
557   uint8_t last;
558   if (!CBS_get_last_u8(&in, &last) ||
559       (last & ((1 << num_unused_bits) - 1)) != 0) {
560     return 0;
561   }
562 
563   return 1;
564 }
565 
CBS_asn1_bitstring_has_bit(const CBS * cbs,unsigned bit)566 int CBS_asn1_bitstring_has_bit(const CBS *cbs, unsigned bit) {
567   if (!CBS_is_valid_asn1_bitstring(cbs)) {
568     return 0;
569   }
570 
571   const unsigned byte_num = (bit >> 3) + 1;
572   const unsigned bit_num = 7 - (bit & 7);
573 
574   // Unused bits are zero, and this function does not distinguish between
575   // missing and unset bits. Thus it is sufficient to do a byte-level length
576   // check.
577   return byte_num < CBS_len(cbs) &&
578          (CBS_data(cbs)[byte_num] & (1 << bit_num)) != 0;
579 }
580 
add_decimal(CBB * out,uint64_t v)581 static int add_decimal(CBB *out, uint64_t v) {
582   char buf[DECIMAL_SIZE(uint64_t) + 1];
583   BIO_snprintf(buf, sizeof(buf), "%" PRIu64, v);
584   return CBB_add_bytes(out, (const uint8_t *)buf, strlen(buf));
585 }
586 
CBS_asn1_oid_to_text(const CBS * cbs)587 char *CBS_asn1_oid_to_text(const CBS *cbs) {
588   CBB cbb;
589   if (!CBB_init(&cbb, 32)) {
590     goto err;
591   }
592 
593   CBS copy = *cbs;
594   // The first component is 40 * value1 + value2, where value1 is 0, 1, or 2.
595   uint64_t v;
596   if (!parse_base128_integer(&copy, &v)) {
597     goto err;
598   }
599 
600   if (v >= 80) {
601     if (!CBB_add_bytes(&cbb, (const uint8_t *)"2.", 2) ||
602         !add_decimal(&cbb, v - 80)) {
603       goto err;
604     }
605   } else if (!add_decimal(&cbb, v / 40) ||
606              !CBB_add_u8(&cbb, '.') ||
607              !add_decimal(&cbb, v % 40)) {
608     goto err;
609   }
610 
611   while (CBS_len(&copy) != 0) {
612     if (!parse_base128_integer(&copy, &v) ||
613         !CBB_add_u8(&cbb, '.') ||
614         !add_decimal(&cbb, v)) {
615       goto err;
616     }
617   }
618 
619   uint8_t *txt;
620   size_t txt_len;
621   if (!CBB_add_u8(&cbb, '\0') ||
622       !CBB_finish(&cbb, &txt, &txt_len)) {
623     goto err;
624   }
625 
626   return (char *)txt;
627 
628 err:
629   CBB_cleanup(&cbb);
630   return NULL;
631 }
632