kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1973 Commits
12 Branches
38 MiB
Tree: 13e81fc971
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '13e81fc971'
${ noResults }
boringssl/crypto/bytestring/cbb.c

cbb.c 8.8 KiB
Raw Normal View History

Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
10 years ago
bytestring: fix ASN.1 data longer than 127 bytes. When shifting data because extra ASN.1 length bytes were needed, the data was moved from the start of the ASN.1 length, not the start of the ASN.1 data. Change-Id: Ib13d5e4e878774df2af0505c0297eff6cf781728 Reviewed-on: https://boringssl-review.googlesource.com/1430 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
10 years ago
Remove string.h from base.h. Including string.h in base.h causes any file that includes a BoringSSL header to include string.h. Generally this wouldn't be a problem, although string.h might slow down the compile if it wasn't otherwise needed. However, it also causes problems for ipsec-tools in Android because OpenSSL didn't have this behaviour. This change removes string.h from base.h and, instead, adds it to each .c file that requires it. Change-Id: I5968e50b0e230fd3adf9b72dd2836e6f52d6fb37 Reviewed-on: https://boringssl-review.googlesource.com/3200 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
9 years ago
bytestring: fix ASN.1 data longer than 127 bytes. When shifting data because extra ASN.1 length bytes were needed, the data was moved from the start of the ASN.1 length, not the start of the ASN.1 data. Change-Id: Ib13d5e4e878774df2af0505c0297eff6cf781728 Reviewed-on: https://boringssl-review.googlesource.com/1430 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
10 years ago
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
10 years ago
Add CBB_zero to set a CBB to the zero state. One tedious thing about using CBB is that you can't safely CBB_cleanup until CBB_init is successful, which breaks the general 'goto err' style of cleanup. This makes it possible: CBB_zero ~ EVP_MD_CTX_init CBB_init ~ EVP_DigestInit CBB_cleanup ~ EVP_MD_CTX_cleanup Change-Id: I085ecc4405715368886dc4de02285a47e7fc4c52 Reviewed-on: https://boringssl-review.googlesource.com/5267 Reviewed-by: Adam Langley <agl@google.com>
9 years ago
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
10 years ago
Move free from cbb_init() to only CBB_init(). CBB_init_fixed() should not call free because it can lead to use after free or double free bugs. The caller should be responsible for creating and destroying the buffer. In the current code, ssl3_get_v2_client_hello() may free s->init_buf->data via CBB_init_fixed(). It can also be freed via SSL_free(s) since ssl3_get_v2_client_hello() doesn't set it to NULL and CBB_init_fixed() can't set the caller's pointer to NULL. Change-Id: Ia05a67ae25af7eb4fb04f08f20d50d912b41e38b
9 years ago
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
10 years ago
Clarify that only top-level CBBs get CBB_cleanup. Also add an assert to that effect. Change-Id: I1bd0571e3889f1cba968fd99041121ac42ee9e89 Reviewed-on: https://boringssl-review.googlesource.com/5990 Reviewed-by: Adam Langley <agl@google.com>
9 years ago
Remove unnecessary NULL checks, part 1. First batch of the alphabet. Change-Id: If4e60f4fbb69e04eb4b70aa1b2240e329251bfa5 Reviewed-on: https://boringssl-review.googlesource.com/4514 Reviewed-by: Adam Langley <agl@google.com>
9 years ago
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
10 years ago
Clean up s23_srvr.c. ssl23_get_client_hello has lots of remnants of SSLv2 support and remnants of an even older SSL_OP_NON_EXPORT_FIRST option (see upstream's d92f0bb6e9ed94ac0c3aa0c939f2565f2ed95935) which complicates the logic. Split it into three states and move V2ClientHello parsing into its own function. Port it to CBS and CBB to give bounds checks on the V2ClientHello parse. This fixes a minor bug where, if the SSL_accept call in ssl23_get_client_hello failed, cb would not be NULL'd and SSL_CB_ACCEPT_LOOP would get reported an extra time. It also unbreaks the invariant between s->packet, s->packet_length, s->s3->rbuf.buf, and s->s3->rbuf.offset at the point the switch, although this was of no consequence because the first ssl3_read_n call passes extend = 0 which resets s->packet and s->packet_length. It also makes us tolerant to major version bumps in the ClientHello. Add tests for TLS tolerance of both minor and major version bumps as well as the HTTP request error codes. Change-Id: I948337f4dc483f4ebe1742d3eba53b045b260257 Reviewed-on: https://boringssl-review.googlesource.com/1455 Reviewed-by: Adam Langley <agl@google.com>
10 years ago
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
10 years ago
bytestring: fix ASN.1 data longer than 127 bytes. When shifting data because extra ASN.1 length bytes were needed, the data was moved from the start of the ASN.1 length, not the start of the ASN.1 data. Change-Id: Ib13d5e4e878774df2af0505c0297eff6cf781728 Reviewed-on: https://boringssl-review.googlesource.com/1430 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
10 years ago
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
10 years ago
bytestring: fix ASN.1 data longer than 127 bytes. When shifting data because extra ASN.1 length bytes were needed, the data was moved from the start of the ASN.1 length, not the start of the ASN.1 data. Change-Id: Ib13d5e4e878774df2af0505c0297eff6cf781728 Reviewed-on: https://boringssl-review.googlesource.com/1430 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
10 years ago
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
10 years ago
Add infrastructure for better extension handling. Rather than four massive functions that handle every extension, organise the code by extension with four smaller functions for each. Change-Id: I876b31dacb05aca9884ed3ae7c48462e6ffe3b49 Reviewed-on: https://boringssl-review.googlesource.com/5142 Reviewed-by: Adam Langley <agl@google.com>
9 years ago
Make CBB_len return a length, not remaining. It switched from CBB_remaining to CBB_len partway through review, but the semantics are still CBB_remaining. Using CBB_len allows the len_before/len_after logic to continue working even if, in the future, handshake messages are built on a non-fixed CBB. Change-Id: Id466bb341a14dbbafcdb26e4c940a04181f2787d Reviewed-on: https://boringssl-review.googlesource.com/5371 Reviewed-by: Adam Langley <agl@google.com>
9 years ago
Add infrastructure for better extension handling. Rather than four massive functions that handle every extension, organise the code by extension with four smaller functions for each. Change-Id: I876b31dacb05aca9884ed3ae7c48462e6ffe3b49 Reviewed-on: https://boringssl-review.googlesource.com/5142 Reviewed-by: Adam Langley <agl@google.com>
9 years ago
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
10 years ago
Don't accept tag number 31 (long form identifier octets) in CBB_add_asn1. Tag number 31 is a long form tag that requires multiple octets. It cannot be handled by adding a single uint8. Changed CBB_add_asn1() to return 0 when it is passed in the extension for tag 31. Change-Id: Ia33936d4f174d1a7176eb11da0b5c7370efb9416
9 years ago
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
10 years ago
Add PKCS7_bundle_certificates. This function serialises a PKCS#7 structure containing a number of certificates. Change-Id: Iaf15887e1060d5d201d5a3dd3dca8d51105ee6d6 Reviewed-on: https://boringssl-review.googlesource.com/1431 Reviewed-by: Adam Langley <agl@google.com>
10 years ago
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
10 years ago
Add CBB_add_asn1_uint64. Companion to CBS_get_asn1_uint64. Also add tests for both the parsing and the serializing. Change-Id: Ic5e9a0089c88b300f874712d0e9964cb35a8c40b Reviewed-on: https://boringssl-review.googlesource.com/1999 Reviewed-by: Adam Langley <agl@google.com>
10 years ago
Convert ssl3_send_client_hello to CBB. Start converting the ones we can right now. Some of the messier ones resize init_buf rather than assume the initial size is sufficient, so those will probably wait until init_buf is gone and the handshake's undergone some more invasive surgery. The async ones will also require some thought. But some can be incrementally converted now. BUG=468889 Change-Id: I0bc22e4dca37d9d671a488c42eba864c51933638 Reviewed-on: https://boringssl-review.googlesource.com/6190 Reviewed-by: Adam Langley <alangley@gmail.com>
9 years ago
Add CBB_add_asn1_uint64. Companion to CBS_get_asn1_uint64. Also add tests for both the parsing and the serializing. Change-Id: Ic5e9a0089c88b300f874712d0e9964cb35a8c40b Reviewed-on: https://boringssl-review.googlesource.com/1999 Reviewed-by: Adam Langley <agl@google.com>
10 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411 
  1. /* Copyright (c) 2014, Google Inc.

  2.  *

  3.  * Permission to use, copy, modify, and/or distribute this software for any

  4.  * purpose with or without fee is hereby granted, provided that the above

  5.  * copyright notice and this permission notice appear in all copies.

  6.  *

  7.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

  8.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

  9.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY

  10.  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

  11.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

  12.  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN

  13.  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

  14. 

  15. #include <openssl/bytestring.h>

  16. 

  17. #include <assert.h>

  18. #include <string.h>

  19. 

  20. #include <openssl/mem.h>

  21. 

  22. 

  23. void CBB_zero(CBB *cbb) {

  24.   memset(cbb, 0, sizeof(CBB));

  25. }

  26. 

  27. static int cbb_init(CBB *cbb, uint8_t *buf, size_t cap) {

  28.   struct cbb_buffer_st *base;

  29. 

  30.   base = OPENSSL_malloc(sizeof(struct cbb_buffer_st));

  31.   if (base == NULL) {

  32.     return 0;

  33.   }

  34. 

  35.   base->buf = buf;

  36.   base->len = 0;

  37.   base->cap = cap;

  38.   base->can_resize = 1;

  39. 

  40.   memset(cbb, 0, sizeof(CBB));

  41.   cbb->base = base;

  42.   cbb->is_top_level = 1;

  43.   return 1;

  44. }

  45. 

  46. int CBB_init(CBB *cbb, size_t initial_capacity) {

  47.   uint8_t *buf;

  48. 

  49.   buf = OPENSSL_malloc(initial_capacity);

  50.   if (initial_capacity > 0 && buf == NULL) {

  51.     return 0;

  52.   }

  53. 

  54.   if (!cbb_init(cbb, buf, initial_capacity)) {

  55.     OPENSSL_free(buf);

  56.     return 0;

  57.   }

  58. 

  59.   return 1;

  60. }

  61. 

  62. int CBB_init_fixed(CBB *cbb, uint8_t *buf, size_t len) {

  63.   if (!cbb_init(cbb, buf, len)) {

  64.     return 0;

  65.   }

  66. 

  67.   cbb->base->can_resize = 0;

  68.   return 1;

  69. }

  70. 

  71. void CBB_cleanup(CBB *cbb) {

  72.   if (cbb->base) {

  73.     /* Only top-level |CBB|s are cleaned up. Child |CBB|s are non-owning. They

  74.      * are implicitly discarded when the parent is flushed or cleaned up. */

  75.     assert(cbb->is_top_level);

  76. 

  77.     if (cbb->base->can_resize) {

  78.       OPENSSL_free(cbb->base->buf);

  79.     }

  80.     OPENSSL_free(cbb->base);

  81.   }

  82.   cbb->base = NULL;

  83. }

  84. 

  85. static int cbb_buffer_add(struct cbb_buffer_st *base, uint8_t **out,

  86.                           size_t len) {

  87.   size_t newlen;

  88. 

  89.   if (base == NULL) {

  90.     return 0;

  91.   }

  92. 

  93.   newlen = base->len + len;

  94.   if (newlen < base->len) {

  95.     /* Overflow */

  96.     return 0;

  97.   }

  98. 

  99.   if (newlen > base->cap) {

  100.     size_t newcap = base->cap * 2;

  101.     uint8_t *newbuf;

  102. 

  103.     if (!base->can_resize) {

  104.       return 0;

  105.     }

  106. 

  107.     if (newcap < base->cap || newcap < newlen) {

  108.       newcap = newlen;

  109.     }

  110.     newbuf = OPENSSL_realloc(base->buf, newcap);

  111.     if (newbuf == NULL) {

  112.       return 0;

  113.     }

  114. 

  115.     base->buf = newbuf;

  116.     base->cap = newcap;

  117.   }

  118. 

  119.   if (out) {

  120.     *out = base->buf + base->len;

  121.   }

  122.   base->len = newlen;

  123.   return 1;

  124. }

  125. 

  126. static int cbb_buffer_add_u(struct cbb_buffer_st *base, uint32_t v,

  127.                             size_t len_len) {

  128.   uint8_t *buf;

  129.   size_t i;

  130. 

  131.   if (len_len == 0) {

  132.     return 1;

  133.   }

  134.   if (!cbb_buffer_add(base, &buf, len_len)) {

  135.     return 0;

  136.   }

  137. 

  138.   for (i = len_len - 1; i < len_len; i--) {

  139.     buf[i] = v;

  140.     v >>= 8;

  141.   }

  142.   return 1;

  143. }

  144. 

  145. int CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len) {

  146.   if (!cbb->is_top_level) {

  147.     return 0;

  148.   }

  149. 

  150.   if (!CBB_flush(cbb)) {

  151.     return 0;

  152.   }

  153. 

  154.   if (cbb->base->can_resize && (out_data == NULL || out_len == NULL)) {

  155.     /* |out_data| and |out_len| can only be NULL if the CBB is fixed. */

  156.     return 0;

  157.   }

  158. 

  159.   if (out_data != NULL) {

  160.     *out_data = cbb->base->buf;

  161.   }

  162.   if (out_len != NULL) {

  163.     *out_len = cbb->base->len;

  164.   }

  165.   cbb->base->buf = NULL;

  166.   CBB_cleanup(cbb);

  167.   return 1;

  168. }

  169. 

  170. /* CBB_flush recurses and then writes out any pending length prefix. The

  171.  * current length of the underlying base is taken to be the length of the

  172.  * length-prefixed data. */

  173. int CBB_flush(CBB *cbb) {

  174.   size_t child_start, i, len;

  175. 

  176.   if (cbb->base == NULL) {

  177.     return 0;

  178.   }

  179. 

  180.   if (cbb->child == NULL || cbb->pending_len_len == 0) {

  181.     return 1;

  182.   }

  183. 

  184.   child_start = cbb->offset + cbb->pending_len_len;

  185. 

  186.   if (!CBB_flush(cbb->child) ||

  187.       child_start < cbb->offset ||

  188.       cbb->base->len < child_start) {

  189.     return 0;

  190.   }

  191. 

  192.   len = cbb->base->len - child_start;

  193. 

  194.   if (cbb->pending_is_asn1) {

  195.     /* For ASN.1 we assume that we'll only need a single byte for the length.

  196.      * If that turned out to be incorrect, we have to move the contents along

  197.      * in order to make space. */

  198.     size_t len_len;

  199.     uint8_t initial_length_byte;

  200. 

  201.     assert (cbb->pending_len_len == 1);

  202. 

  203.     if (len > 0xfffffffe) {

  204.       /* Too large. */

  205.       return 0;

  206.     } else if (len > 0xffffff) {

  207.       len_len = 5;

  208.       initial_length_byte = 0x80 | 4;

  209.     } else if (len > 0xffff) {

  210.       len_len = 4;

  211.       initial_length_byte = 0x80 | 3;

  212.     } else if (len > 0xff) {

  213.       len_len = 3;

  214.       initial_length_byte = 0x80 | 2;

  215.     } else if (len > 0x7f) {

  216.       len_len = 2;

  217.       initial_length_byte = 0x80 | 1;

  218.     } else {

  219.       len_len = 1;

  220.       initial_length_byte = len;

  221.       len = 0;

  222.     }

  223. 

  224.     if (len_len != 1) {

  225.       /* We need to move the contents along in order to make space. */

  226.       size_t extra_bytes = len_len - 1;

  227.       if (!cbb_buffer_add(cbb->base, NULL, extra_bytes)) {

  228.         return 0;

  229.       }

  230.       memmove(cbb->base->buf + child_start + extra_bytes,

  231.               cbb->base->buf + child_start, len);

  232.     }

  233.     cbb->base->buf[cbb->offset++] = initial_length_byte;

  234.     cbb->pending_len_len = len_len - 1;

  235.   }

  236. 

  237.   for (i = cbb->pending_len_len - 1; i < cbb->pending_len_len; i--) {

  238.     cbb->base->buf[cbb->offset + i] = len;

  239.     len >>= 8;

  240.   }

  241.   if (len != 0) {

  242.     return 0;

  243.   }

  244. 

  245.   cbb->child->base = NULL;

  246.   cbb->child = NULL;

  247.   cbb->pending_len_len = 0;

  248.   cbb->pending_is_asn1 = 0;

  249.   cbb->offset = 0;

  250. 

  251.   return 1;

  252. }

  253. 

  254. size_t CBB_len(const CBB *cbb) {

  255.   assert(cbb->child == NULL);

  256. 

  257.   return cbb->base->len;

  258. }

  259. 

  260. static int cbb_add_length_prefixed(CBB *cbb, CBB *out_contents,

  261.                                    size_t len_len) {

  262.   uint8_t *prefix_bytes;

  263. 

  264.   if (!CBB_flush(cbb)) {

  265.     return 0;

  266.   }

  267. 

  268.   cbb->offset = cbb->base->len;

  269.   if (!cbb_buffer_add(cbb->base, &prefix_bytes, len_len)) {

  270.     return 0;

  271.   }

  272. 

  273.   memset(prefix_bytes, 0, len_len);

  274.   memset(out_contents, 0, sizeof(CBB));

  275.   out_contents->base = cbb->base;

  276.   cbb->child = out_contents;

  277.   cbb->pending_len_len = len_len;

  278.   cbb->pending_is_asn1 = 0;

  279. 

  280.   return 1;

  281. }

  282. 

  283. int CBB_add_u8_length_prefixed(CBB *cbb, CBB *out_contents) {

  284.   return cbb_add_length_prefixed(cbb, out_contents, 1);

  285. }

  286. 

  287. int CBB_add_u16_length_prefixed(CBB *cbb, CBB *out_contents) {

  288.   return cbb_add_length_prefixed(cbb, out_contents, 2);

  289. }

  290. 

  291. int CBB_add_u24_length_prefixed(CBB *cbb, CBB *out_contents) {

  292.   return cbb_add_length_prefixed(cbb, out_contents, 3);

  293. }

  294. 

  295. int CBB_add_asn1(CBB *cbb, CBB *out_contents, uint8_t tag) {

  296.   if ((tag & 0x1f) == 0x1f) {

  297.     /* Long form identifier octets are not supported. */

  298.     return 0;

  299.   }

  300. 

  301.   if (!CBB_flush(cbb) ||

  302.       !CBB_add_u8(cbb, tag)) {

  303.     return 0;

  304.   }

  305. 

  306.   cbb->offset = cbb->base->len;

  307.   if (!CBB_add_u8(cbb, 0)) {

  308.     return 0;

  309.   }

  310. 

  311.   memset(out_contents, 0, sizeof(CBB));

  312.   out_contents->base = cbb->base;

  313.   cbb->child = out_contents;

  314.   cbb->pending_len_len = 1;

  315.   cbb->pending_is_asn1 = 1;

  316. 

  317.   return 1;

  318. }

  319. 

  320. int CBB_add_bytes(CBB *cbb, const uint8_t *data, size_t len) {

  321.   uint8_t *dest;

  322. 

  323.   if (!CBB_flush(cbb) ||

  324.       !cbb_buffer_add(cbb->base, &dest, len)) {

  325.     return 0;

  326.   }

  327.   memcpy(dest, data, len);

  328.   return 1;

  329. }

  330. 

  331. int CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len) {

  332.   if (!CBB_flush(cbb) ||

  333.       !cbb_buffer_add(cbb->base, out_data, len)) {

  334.     return 0;

  335.   }

  336.   return 1;

  337. }

  338. 

  339. int CBB_add_u8(CBB *cbb, uint8_t value) {

  340.   if (!CBB_flush(cbb)) {

  341.     return 0;

  342.   }

  343. 

  344.   return cbb_buffer_add_u(cbb->base, value, 1);

  345. }

  346. 

  347. int CBB_add_u16(CBB *cbb, uint16_t value) {

  348.   if (!CBB_flush(cbb)) {

  349.     return 0;

  350.   }

  351. 

  352.   return cbb_buffer_add_u(cbb->base, value, 2);

  353. }

  354. 

  355. int CBB_add_u24(CBB *cbb, uint32_t value) {

  356.   if (!CBB_flush(cbb)) {

  357.     return 0;

  358.   }

  359. 

  360.   return cbb_buffer_add_u(cbb->base, value, 3);

  361. }

  362. 

  363. void CBB_discard_child(CBB *cbb) {

  364.   if (cbb->child == NULL) {

  365.     return;

  366.   }

  367. 

  368.   cbb->base->len = cbb->offset;

  369. 

  370.   cbb->child->base = NULL;

  371.   cbb->child = NULL;

  372.   cbb->pending_len_len = 0;

  373.   cbb->pending_is_asn1 = 0;

  374.   cbb->offset = 0;

  375. }

  376. 

  377. int CBB_add_asn1_uint64(CBB *cbb, uint64_t value) {

  378.   CBB child;

  379.   size_t i;

  380.   int started = 0;

  381. 

  382.   if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER)) {

  383.     return 0;

  384.   }

  385. 

  386.   for (i = 0; i < 8; i++) {

  387.     uint8_t byte = (value >> 8*(7-i)) & 0xff;

  388.     if (!started) {

  389.       if (byte == 0) {

  390.         /* Don't encode leading zeros. */

  391.         continue;

  392.       }

  393.       /* If the high bit is set, add a padding byte to make it

  394.        * unsigned. */

  395.       if ((byte & 0x80) && !CBB_add_u8(&child, 0)) {

  396.         return 0;

  397.       }

  398.       started = 1;

  399.     }

  400.     if (!CBB_add_u8(&child, byte)) {

  401.       return 0;

  402.     }

  403.   }

  404. 

  405.   /* 0 is encoded as a single 0, not the empty string. */

  406.   if (!started && !CBB_add_u8(&child, 0)) {

  407.     return 0;

  408.   }

  409. 

  410.   return CBB_flush(cbb);

  411. }