kris
/
boringssl
1
0
Derivar 0
Código Questões 0 Pedidos de integração 0 Lançamentos 0 Wiki Trabalho
Não pode escolher mais do que 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
3254 Cometimentos
12 Ramos
38 MiB
Árvore: f3fbadeae0
Ramos Etiquetas
${ item.name }
Criar ramo ${ searchTerm }
de 'f3fbadeae0'
${ noResults }
boringssl/crypto/asn1/a_int.c

a_int.c 13 KiB
Em bruto Vista normal Histórico

Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Remove string.h from base.h. Including string.h in base.h causes any file that includes a BoringSSL header to include string.h. Generally this wouldn't be a problem, although string.h might slow down the compile if it wasn't otherwise needed. However, it also causes problems for ipsec-tools in Android because OpenSSL didn't have this behaviour. This change removes string.h from base.h and, instead, adds it to each .c file that requires it. Change-Id: I5968e50b0e230fd3adf9b72dd2836e6f52d6fb37 Reviewed-on: https://boringssl-review.googlesource.com/3200 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 9 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Fix encoding bug in i2c_ASN1_INTEGER (Imported from upstream's 3661bb4e7934668bd99ca777ea8b30eedfafa871.) Fix bug where i2c_ASN1_INTEGER mishandles zero if it is marked as negative. Thanks to Huzaifa Sidhpurwala <huzaifas@redhat.com> and Hanno Böck <hanno@hboeck.de> for reporting this issue. BUG=590615 Change-Id: I8959e8ae01510a5924862a3f353be23130eee554 Reviewed-on: https://boringssl-review.googlesource.com/7199 Reviewed-by: David Benjamin <davidben@google.com>
há 8 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Fix encoding bug in i2c_ASN1_INTEGER (Imported from upstream's 3661bb4e7934668bd99ca777ea8b30eedfafa871.) Fix bug where i2c_ASN1_INTEGER mishandles zero if it is marked as negative. Thanks to Huzaifa Sidhpurwala <huzaifas@redhat.com> and Hanno Böck <hanno@hboeck.de> for reporting this issue. BUG=590615 Change-Id: I8959e8ae01510a5924862a3f353be23130eee554 Reviewed-on: https://boringssl-review.googlesource.com/7199 Reviewed-by: David Benjamin <davidben@google.com>
há 8 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
há 8 anos
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460 
  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/asn1.h>

  58. 

  59. #include <string.h>

  60. 

  61. #include <openssl/err.h>

  62. #include <openssl/mem.h>

  63. 

  64. ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)

  65. {

  66.     return M_ASN1_INTEGER_dup(x);

  67. }

  68. 

  69. int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)

  70. {

  71.     int neg, ret;

  72.     /* Compare signs */

  73.     neg = x->type & V_ASN1_NEG;

  74.     if (neg != (y->type & V_ASN1_NEG)) {

  75.         if (neg)

  76.             return -1;

  77.         else

  78.             return 1;

  79.     }

  80. 

  81.     ret = ASN1_STRING_cmp(x, y);

  82. 

  83.     if (neg)

  84.         return -ret;

  85.     else

  86.         return ret;

  87. }

  88. 

  89. /*

  90.  * This converts an ASN1 INTEGER into its content encoding.

  91.  * The internal representation is an ASN1_STRING whose data is a big endian

  92.  * representation of the value, ignoring the sign. The sign is determined by

  93.  * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.

  94.  *

  95.  * Positive integers are no problem: they are almost the same as the DER

  96.  * encoding, except if the first byte is >= 0x80 we need to add a zero pad.

  97.  *

  98.  * Negative integers are a bit trickier...

  99.  * The DER representation of negative integers is in 2s complement form.

  100.  * The internal form is converted by complementing each octet and finally

  101.  * adding one to the result. This can be done less messily with a little trick.

  102.  * If the internal form has trailing zeroes then they will become FF by the

  103.  * complement and 0 by the add one (due to carry) so just copy as many trailing

  104.  * zeros to the destination as there are in the source. The carry will add one

  105.  * to the last none zero octet: so complement this octet and add one and finally

  106.  * complement any left over until you get to the start of the string.

  107.  *

  108.  * Padding is a little trickier too. If the first bytes is > 0x80 then we pad

  109.  * with 0xff. However if the first byte is 0x80 and one of the following bytes

  110.  * is non-zero we pad with 0xff. The reason for this distinction is that 0x80

  111.  * followed by optional zeros isn't padded.

  112.  */

  113. 

  114. int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)

  115. {

  116.     int pad = 0, ret, i, neg;

  117.     unsigned char *p, *n, pb = 0;

  118. 

  119.     if (a == NULL)

  120.         return (0);

  121.     neg = a->type & V_ASN1_NEG;

  122.     if (a->length == 0)

  123.         ret = 1;

  124.     else {

  125.         ret = a->length;

  126.         i = a->data[0];

  127.         if (ret == 1 && i == 0)

  128.             neg = 0;

  129.         if (!neg && (i > 127)) {

  130.             pad = 1;

  131.             pb = 0;

  132.         } else if (neg) {

  133.             if (i > 128) {

  134.                 pad = 1;

  135.                 pb = 0xFF;

  136.             } else if (i == 128) {

  137.                 /*

  138.                  * Special case: if any other bytes non zero we pad:

  139.                  * otherwise we don't.

  140.                  */

  141.                 for (i = 1; i < a->length; i++)

  142.                     if (a->data[i]) {

  143.                         pad = 1;

  144.                         pb = 0xFF;

  145.                         break;

  146.                     }

  147.             }

  148.         }

  149.         ret += pad;

  150.     }

  151.     if (pp == NULL)

  152.         return (ret);

  153.     p = *pp;

  154. 

  155.     if (pad)

  156.         *(p++) = pb;

  157.     if (a->length == 0)

  158.         *(p++) = 0;

  159.     else if (!neg)

  160.         memcpy(p, a->data, (unsigned int)a->length);

  161.     else {

  162.         /* Begin at the end of the encoding */

  163.         n = a->data + a->length - 1;

  164.         p += a->length - 1;

  165.         i = a->length;

  166.         /* Copy zeros to destination as long as source is zero */

  167.         while (!*n && i > 1) {

  168.             *(p--) = 0;

  169.             n--;

  170.             i--;

  171.         }

  172.         /* Complement and increment next octet */

  173.         *(p--) = ((*(n--)) ^ 0xff) + 1;

  174.         i--;

  175.         /* Complement any octets left */

  176.         for (; i > 0; i--)

  177.             *(p--) = *(n--) ^ 0xff;

  178.     }

  179. 

  180.     *pp += ret;

  181.     return (ret);

  182. }

  183. 

  184. /* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */

  185. 

  186. ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,

  187.                                long len)

  188. {

  189.     ASN1_INTEGER *ret = NULL;

  190.     const unsigned char *p, *pend;

  191.     unsigned char *to, *s;

  192.     int i;

  193. 

  194.     if ((a == NULL) || ((*a) == NULL)) {

  195.         if ((ret = M_ASN1_INTEGER_new()) == NULL)

  196.             return (NULL);

  197.         ret->type = V_ASN1_INTEGER;

  198.     } else

  199.         ret = (*a);

  200. 

  201.     p = *pp;

  202.     pend = p + len;

  203. 

  204.     /*

  205.      * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies

  206.      * a missing NULL parameter.

  207.      */

  208.     s = (unsigned char *)OPENSSL_malloc((int)len + 1);

  209.     if (s == NULL) {

  210.         i = ERR_R_MALLOC_FAILURE;

  211.         goto err;

  212.     }

  213.     to = s;

  214.     if (!len) {

  215.         /*

  216.          * Strictly speaking this is an illegal INTEGER but we tolerate it.

  217.          */

  218.         ret->type = V_ASN1_INTEGER;

  219.     } else if (*p & 0x80) {     /* a negative number */

  220.         ret->type = V_ASN1_NEG_INTEGER;

  221.         if ((*p == 0xff) && (len != 1)) {

  222.             p++;

  223.             len--;

  224.         }

  225.         i = len;

  226.         p += i - 1;

  227.         to += i - 1;

  228.         while ((!*p) && i) {

  229.             *(to--) = 0;

  230.             i--;

  231.             p--;

  232.         }

  233.         /*

  234.          * Special case: if all zeros then the number will be of the form FF

  235.          * followed by n zero bytes: this corresponds to 1 followed by n zero

  236.          * bytes. We've already written n zeros so we just append an extra

  237.          * one and set the first byte to a 1. This is treated separately

  238.          * because it is the only case where the number of bytes is larger

  239.          * than len.

  240.          */

  241.         if (!i) {

  242.             *s = 1;

  243.             s[len] = 0;

  244.             len++;

  245.         } else {

  246.             *(to--) = (*(p--) ^ 0xff) + 1;

  247.             i--;

  248.             for (; i > 0; i--)

  249.                 *(to--) = *(p--) ^ 0xff;

  250.         }

  251.     } else {

  252.         ret->type = V_ASN1_INTEGER;

  253.         if ((*p == 0) && (len != 1)) {

  254.             p++;

  255.             len--;

  256.         }

  257.         memcpy(s, p, (int)len);

  258.     }

  259. 

  260.     if (ret->data != NULL)

  261.         OPENSSL_free(ret->data);

  262.     ret->data = s;

  263.     ret->length = (int)len;

  264.     if (a != NULL)

  265.         (*a) = ret;

  266.     *pp = pend;

  267.     return (ret);

  268.  err:

  269.     OPENSSL_PUT_ERROR(ASN1, i);

  270.     if ((ret != NULL) && ((a == NULL) || (*a != ret)))

  271.         M_ASN1_INTEGER_free(ret);

  272.     return (NULL);

  273. }

  274. 

  275. /*

  276.  * This is a version of d2i_ASN1_INTEGER that ignores the sign bit of ASN1

  277.  * integers: some broken software can encode a positive INTEGER with its MSB

  278.  * set as negative (it doesn't add a padding zero).

  279.  */

  280. 

  281. ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,

  282.                                 long length)

  283. {

  284.     ASN1_INTEGER *ret = NULL;

  285.     const unsigned char *p;

  286.     unsigned char *s;

  287.     long len;

  288.     int inf, tag, xclass;

  289.     int i;

  290. 

  291.     if ((a == NULL) || ((*a) == NULL)) {

  292.         if ((ret = M_ASN1_INTEGER_new()) == NULL)

  293.             return (NULL);

  294.         ret->type = V_ASN1_INTEGER;

  295.     } else

  296.         ret = (*a);

  297. 

  298.     p = *pp;

  299.     inf = ASN1_get_object(&p, &len, &tag, &xclass, length);

  300.     if (inf & 0x80) {

  301.         i = ASN1_R_BAD_OBJECT_HEADER;

  302.         goto err;

  303.     }

  304. 

  305.     if (tag != V_ASN1_INTEGER) {

  306.         i = ASN1_R_EXPECTING_AN_INTEGER;

  307.         goto err;

  308.     }

  309. 

  310.     /*

  311.      * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies

  312.      * a missing NULL parameter.

  313.      */

  314.     s = (unsigned char *)OPENSSL_malloc((int)len + 1);

  315.     if (s == NULL) {

  316.         i = ERR_R_MALLOC_FAILURE;

  317.         goto err;

  318.     }

  319.     ret->type = V_ASN1_INTEGER;

  320.     if (len) {

  321.         if ((*p == 0) && (len != 1)) {

  322.             p++;

  323.             len--;

  324.         }

  325.         memcpy(s, p, (int)len);

  326.         p += len;

  327.     }

  328. 

  329.     if (ret->data != NULL)

  330.         OPENSSL_free(ret->data);

  331.     ret->data = s;

  332.     ret->length = (int)len;

  333.     if (a != NULL)

  334.         (*a) = ret;

  335.     *pp = p;

  336.     return (ret);

  337.  err:

  338.     OPENSSL_PUT_ERROR(ASN1, i);

  339.     if ((ret != NULL) && ((a == NULL) || (*a != ret)))

  340.         M_ASN1_INTEGER_free(ret);

  341.     return (NULL);

  342. }

  343. 

  344. int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)

  345. {

  346.     int j, k;

  347.     unsigned int i;

  348.     unsigned char buf[sizeof(long) + 1];

  349.     long d;

  350. 

  351.     a->type = V_ASN1_INTEGER;

  352.     if (a->length < (int)(sizeof(long) + 1)) {

  353.         if (a->data != NULL)

  354.             OPENSSL_free(a->data);

  355.         if ((a->data =

  356.              (unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)

  357.             memset((char *)a->data, 0, sizeof(long) + 1);

  358.     }

  359.     if (a->data == NULL) {

  360.         OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  361.         return (0);

  362.     }

  363.     d = v;

  364.     if (d < 0) {

  365.         d = -d;

  366.         a->type = V_ASN1_NEG_INTEGER;

  367.     }

  368. 

  369.     for (i = 0; i < sizeof(long); i++) {

  370.         if (d == 0)

  371.             break;

  372.         buf[i] = (int)d & 0xff;

  373.         d >>= 8;

  374.     }

  375.     j = 0;

  376.     for (k = i - 1; k >= 0; k--)

  377.         a->data[j++] = buf[k];

  378.     a->length = j;

  379.     return (1);

  380. }

  381. 

  382. long ASN1_INTEGER_get(const ASN1_INTEGER *a)

  383. {

  384.     int neg = 0, i;

  385.     long r = 0;

  386. 

  387.     if (a == NULL)

  388.         return (0L);

  389.     i = a->type;

  390.     if (i == V_ASN1_NEG_INTEGER)

  391.         neg = 1;

  392.     else if (i != V_ASN1_INTEGER)

  393.         return -1;

  394. 

  395.     if (a->length > (int)sizeof(long)) {

  396.         /* hmm... a bit ugly, return all ones */

  397.         return -1;

  398.     }

  399.     if (a->data == NULL)

  400.         return 0;

  401. 

  402.     for (i = 0; i < a->length; i++) {

  403.         r <<= 8;

  404.         r |= (unsigned char)a->data[i];

  405.     }

  406.     if (neg)

  407.         r = -r;

  408.     return (r);

  409. }

  410. 

  411. ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)

  412. {

  413.     ASN1_INTEGER *ret;

  414.     int len, j;

  415. 

  416.     if (ai == NULL)

  417.         ret = M_ASN1_INTEGER_new();

  418.     else

  419.         ret = ai;

  420.     if (ret == NULL) {

  421.         OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);

  422.         goto err;

  423.     }

  424.     if (BN_is_negative(bn) && !BN_is_zero(bn))

  425.         ret->type = V_ASN1_NEG_INTEGER;

  426.     else

  427.         ret->type = V_ASN1_INTEGER;

  428.     j = BN_num_bits(bn);

  429.     len = ((j == 0) ? 0 : ((j / 8) + 1));

  430.     if (ret->length < len + 4) {

  431.         unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4);

  432.         if (!new_data) {

  433.             OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  434.             goto err;

  435.         }

  436.         ret->data = new_data;

  437.     }

  438.     ret->length = BN_bn2bin(bn, ret->data);

  439.     /* Correct zero case */

  440.     if (!ret->length) {

  441.         ret->data[0] = 0;

  442.         ret->length = 1;

  443.     }

  444.     return (ret);

  445.  err:

  446.     if (ret != ai)

  447.         M_ASN1_INTEGER_free(ret);

  448.     return (NULL);

  449. }

  450. 

  451. BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn)

  452. {

  453.     BIGNUM *ret;

  454. 

  455.     if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)

  456.         OPENSSL_PUT_ERROR(ASN1, ASN1_R_BN_LIB);

  457.     else if (ai->type == V_ASN1_NEG_INTEGER)

  458.         BN_set_negative(ret, 1);

  459.     return (ret);

  460. }