1 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 2 * All rights reserved. 3 * 4 * This package is an SSL implementation written 5 * by Eric Young (eay (at) cryptsoft.com). 6 * The implementation was written so as to conform with Netscapes SSL. 7 * 8 * This library is free for commercial and non-commercial use as long as 9 * the following conditions are aheared to. The following conditions 10 * apply to all code found in this distribution, be it the RC4, RSA, 11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * included with this distribution is covered by the same copyright terms 13 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 14 * 15 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * the code are not to be removed. 17 * If this package is used in a product, Eric Young should be given attribution 18 * as the author of the parts of the library used. 19 * This can be in the form of a textual message at program startup or 20 * in documentation (online or textual) provided with the package. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 1. Redistributions of source code must retain the copyright 26 * notice, this list of conditions and the following disclaimer. 27 * 2. Redistributions in binary form must reproduce the above copyright 28 * notice, this list of conditions and the following disclaimer in the 29 * documentation and/or other materials provided with the distribution. 30 * 3. All advertising materials mentioning features or use of this software 31 * must display the following acknowledgement: 32 * "This product includes cryptographic software written by 33 * Eric Young (eay (at) cryptsoft.com)" 34 * The word 'cryptographic' can be left out if the rouines from the library 35 * being used are not cryptographic related :-). 36 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * the apps directory (application code) you must include an acknowledgement: 38 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 * 52 * The licence and distribution terms for any publically available version or 53 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * copied and put under another distribution licence 55 * [including the GNU Public Licence.] */ 56 57 #include <openssl/asn1.h> 58 59 #include <string.h> 60 61 #include <openssl/err.h> 62 #include <openssl/mem.h> 63 64 65 ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x) 66 { return M_ASN1_INTEGER_dup(x);} 67 68 int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y) 69 { 70 int neg, ret; 71 /* Compare signs */ 72 neg = x->type & V_ASN1_NEG; 73 if (neg != (y->type & V_ASN1_NEG)) 74 { 75 if (neg) 76 return -1; 77 else 78 return 1; 79 } 80 81 ret = ASN1_STRING_cmp(x, y); 82 83 if (neg) 84 return -ret; 85 else 86 return ret; 87 } 88 89 90 /* 91 * This converts an ASN1 INTEGER into its content encoding. 92 * The internal representation is an ASN1_STRING whose data is a big endian 93 * representation of the value, ignoring the sign. The sign is determined by 94 * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative. 95 * 96 * Positive integers are no problem: they are almost the same as the DER 97 * encoding, except if the first byte is >= 0x80 we need to add a zero pad. 98 * 99 * Negative integers are a bit trickier... 100 * The DER representation of negative integers is in 2s complement form. 101 * The internal form is converted by complementing each octet and finally 102 * adding one to the result. This can be done less messily with a little trick. 103 * If the internal form has trailing zeroes then they will become FF by the 104 * complement and 0 by the add one (due to carry) so just copy as many trailing 105 * zeros to the destination as there are in the source. The carry will add one 106 * to the last none zero octet: so complement this octet and add one and finally 107 * complement any left over until you get to the start of the string. 108 * 109 * Padding is a little trickier too. If the first bytes is > 0x80 then we pad 110 * with 0xff. However if the first byte is 0x80 and one of the following bytes 111 * is non-zero we pad with 0xff. The reason for this distinction is that 0x80 112 * followed by optional zeros isn't padded. 113 */ 114 115 int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) 116 { 117 int pad=0,ret,i,neg; 118 unsigned char *p,*n,pb=0; 119 120 if (a == NULL) return(0); 121 neg=a->type & V_ASN1_NEG; 122 if (a->length == 0) 123 ret=1; 124 else 125 { 126 ret=a->length; 127 i=a->data[0]; 128 if (ret == 1 && i == 0) 129 neg=0; 130 if (!neg && (i > 127)) { 131 pad=1; 132 pb=0; 133 } else if(neg) { 134 if(i>128) { 135 pad=1; 136 pb=0xFF; 137 } else if(i == 128) { 138 /* 139 * Special case: if any other bytes non zero we pad: 140 * otherwise we don't. 141 */ 142 for(i = 1; i < a->length; i++) if(a->data[i]) { 143 pad=1; 144 pb=0xFF; 145 break; 146 } 147 } 148 } 149 ret+=pad; 150 } 151 if (pp == NULL) return(ret); 152 p= *pp; 153 154 if (pad) *(p++)=pb; 155 if (a->length == 0) *(p++)=0; 156 else if (!neg) memcpy(p,a->data,(unsigned int)a->length); 157 else { 158 /* Begin at the end of the encoding */ 159 n=a->data + a->length - 1; 160 p += a->length - 1; 161 i = a->length; 162 /* Copy zeros to destination as long as source is zero */ 163 while(!*n && i > 1) { 164 *(p--) = 0; 165 n--; 166 i--; 167 } 168 /* Complement and increment next octet */ 169 *(p--) = ((*(n--)) ^ 0xff) + 1; 170 i--; 171 /* Complement any octets left */ 172 for(;i > 0; i--) *(p--) = *(n--) ^ 0xff; 173 } 174 175 *pp+=ret; 176 return(ret); 177 } 178 179 /* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */ 180 181 ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, 182 long len) 183 { 184 ASN1_INTEGER *ret=NULL; 185 const unsigned char *p, *pend; 186 unsigned char *to,*s; 187 int i; 188 189 if ((a == NULL) || ((*a) == NULL)) 190 { 191 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL); 192 ret->type=V_ASN1_INTEGER; 193 } 194 else 195 ret=(*a); 196 197 p= *pp; 198 pend = p + len; 199 200 /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it 201 * signifies a missing NULL parameter. */ 202 s=(unsigned char *)OPENSSL_malloc((int)len+1); 203 if (s == NULL) 204 { 205 i=ERR_R_MALLOC_FAILURE; 206 goto err; 207 } 208 to=s; 209 if(!len) { 210 /* Strictly speaking this is an illegal INTEGER but we 211 * tolerate it. 212 */ 213 ret->type=V_ASN1_INTEGER; 214 } else if (*p & 0x80) /* a negative number */ 215 { 216 ret->type=V_ASN1_NEG_INTEGER; 217 if ((*p == 0xff) && (len != 1)) { 218 p++; 219 len--; 220 } 221 i = len; 222 p += i - 1; 223 to += i - 1; 224 while((!*p) && i) { 225 *(to--) = 0; 226 i--; 227 p--; 228 } 229 /* Special case: if all zeros then the number will be of 230 * the form FF followed by n zero bytes: this corresponds to 231 * 1 followed by n zero bytes. We've already written n zeros 232 * so we just append an extra one and set the first byte to 233 * a 1. This is treated separately because it is the only case 234 * where the number of bytes is larger than len. 235 */ 236 if(!i) { 237 *s = 1; 238 s[len] = 0; 239 len++; 240 } else { 241 *(to--) = (*(p--) ^ 0xff) + 1; 242 i--; 243 for(;i > 0; i--) *(to--) = *(p--) ^ 0xff; 244 } 245 } else { 246 ret->type=V_ASN1_INTEGER; 247 if ((*p == 0) && (len != 1)) 248 { 249 p++; 250 len--; 251 } 252 memcpy(s,p,(int)len); 253 } 254 255 if (ret->data != NULL) OPENSSL_free(ret->data); 256 ret->data=s; 257 ret->length=(int)len; 258 if (a != NULL) (*a)=ret; 259 *pp=pend; 260 return(ret); 261 err: 262 OPENSSL_PUT_ERROR(ASN1, i); 263 if ((ret != NULL) && ((a == NULL) || (*a != ret))) 264 M_ASN1_INTEGER_free(ret); 265 return(NULL); 266 } 267 268 269 /* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of 270 * ASN1 integers: some broken software can encode a positive INTEGER 271 * with its MSB set as negative (it doesn't add a padding zero). 272 */ 273 274 ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, 275 long length) 276 { 277 ASN1_INTEGER *ret=NULL; 278 const unsigned char *p; 279 unsigned char *s; 280 long len; 281 int inf,tag,xclass; 282 int i; 283 284 if ((a == NULL) || ((*a) == NULL)) 285 { 286 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL); 287 ret->type=V_ASN1_INTEGER; 288 } 289 else 290 ret=(*a); 291 292 p= *pp; 293 inf=ASN1_get_object(&p,&len,&tag,&xclass,length); 294 if (inf & 0x80) 295 { 296 i=ASN1_R_BAD_OBJECT_HEADER; 297 goto err; 298 } 299 300 if (tag != V_ASN1_INTEGER) 301 { 302 i=ASN1_R_EXPECTING_AN_INTEGER; 303 goto err; 304 } 305 306 /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it 307 * signifies a missing NULL parameter. */ 308 s=(unsigned char *)OPENSSL_malloc((int)len+1); 309 if (s == NULL) 310 { 311 i=ERR_R_MALLOC_FAILURE; 312 goto err; 313 } 314 ret->type=V_ASN1_INTEGER; 315 if(len) { 316 if ((*p == 0) && (len != 1)) 317 { 318 p++; 319 len--; 320 } 321 memcpy(s,p,(int)len); 322 p+=len; 323 } 324 325 if (ret->data != NULL) OPENSSL_free(ret->data); 326 ret->data=s; 327 ret->length=(int)len; 328 if (a != NULL) (*a)=ret; 329 *pp=p; 330 return(ret); 331 err: 332 OPENSSL_PUT_ERROR(ASN1, i); 333 if ((ret != NULL) && ((a == NULL) || (*a != ret))) 334 M_ASN1_INTEGER_free(ret); 335 return(NULL); 336 } 337 338 int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) 339 { 340 int j,k; 341 unsigned int i; 342 unsigned char buf[sizeof(long)+1]; 343 long d; 344 345 a->type=V_ASN1_INTEGER; 346 if (a->length < (int)(sizeof(long)+1)) 347 { 348 if (a->data != NULL) 349 OPENSSL_free(a->data); 350 if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL) 351 memset((char *)a->data,0,sizeof(long)+1); 352 } 353 if (a->data == NULL) 354 { 355 OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); 356 return(0); 357 } 358 d=v; 359 if (d < 0) 360 { 361 d= -d; 362 a->type=V_ASN1_NEG_INTEGER; 363 } 364 365 for (i=0; i<sizeof(long); i++) 366 { 367 if (d == 0) break; 368 buf[i]=(int)d&0xff; 369 d>>=8; 370 } 371 j=0; 372 for (k=i-1; k >=0; k--) 373 a->data[j++]=buf[k]; 374 a->length=j; 375 return(1); 376 } 377 378 long ASN1_INTEGER_get(const ASN1_INTEGER *a) 379 { 380 int neg=0,i; 381 long r=0; 382 383 if (a == NULL) return(0L); 384 i=a->type; 385 if (i == V_ASN1_NEG_INTEGER) 386 neg=1; 387 else if (i != V_ASN1_INTEGER) 388 return -1; 389 390 if (a->length > (int)sizeof(long)) 391 { 392 /* hmm... a bit ugly, return all ones */ 393 return -1; 394 } 395 if (a->data == NULL) 396 return 0; 397 398 for (i=0; i<a->length; i++) 399 { 400 r<<=8; 401 r|=(unsigned char)a->data[i]; 402 } 403 if (neg) r= -r; 404 return(r); 405 } 406 407 ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) 408 { 409 ASN1_INTEGER *ret; 410 int len,j; 411 412 if (ai == NULL) 413 ret=M_ASN1_INTEGER_new(); 414 else 415 ret=ai; 416 if (ret == NULL) 417 { 418 OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); 419 goto err; 420 } 421 if (BN_is_negative(bn) && !BN_is_zero(bn)) 422 ret->type = V_ASN1_NEG_INTEGER; 423 else ret->type=V_ASN1_INTEGER; 424 j=BN_num_bits(bn); 425 len=((j == 0)?0:((j/8)+1)); 426 if (ret->length < len+4) 427 { 428 unsigned char *new_data=OPENSSL_realloc(ret->data, len+4); 429 if (!new_data) 430 { 431 OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); 432 goto err; 433 } 434 ret->data=new_data; 435 } 436 ret->length=BN_bn2bin(bn,ret->data); 437 /* Correct zero case */ 438 if(!ret->length) 439 { 440 ret->data[0] = 0; 441 ret->length = 1; 442 } 443 return(ret); 444 err: 445 if (ret != ai) M_ASN1_INTEGER_free(ret); 446 return(NULL); 447 } 448 449 BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn) 450 { 451 BIGNUM *ret; 452 453 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) 454 OPENSSL_PUT_ERROR(ASN1, ASN1_R_BN_LIB); 455 else if(ai->type == V_ASN1_NEG_INTEGER) 456 BN_set_negative(ret, 1); 457 return(ret); 458 } 459