kris
/
boringssl
1
0
Derivar 0
Código Questões 0 Pedidos de integração 0 Lançamentos 0 Wiki Trabalho
Não pode escolher mais do que 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
528 Cometimentos
12 Ramos
38 MiB
Árvore: f4b4952719
Ramos Etiquetas
${ item.name }
Criar ramo ${ searchTerm }
de 'f4b4952719'
${ noResults }
boringssl/crypto/bytestring/cbs.c

cbs.c 6.4 KiB
Em bruto Vista normal Histórico

Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Port ServerHello extension parsing to CBS. This gives us systematic bounds-checking on all the parses. Also adds a convenience function, CBS_memdup, for saving the current contents of a CBS. Change-Id: I17dad74575f03121aee3f771037b8806ff99d0c3 Reviewed-on: https://boringssl-review.googlesource.com/1031 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Port ssl3_get_key_exchange to CBS. Also tidy up some variable names and update RSA_verify call for it no longer returning -1. Add CBS helper functions for dealing with C strings. Change-Id: Ibc398d27714744f5d99d4f94ae38210cbc89471a Reviewed-on: https://boringssl-review.googlesource.com/1164 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Rework support for ASN.1 BER. Previously, the ASN.1 functions in bytestring were capable of processing indefinite length elements when the _ber functions were used. That works well enough for PKCS#3, but NSS goes a bit crazy with BER encoding and PKCS#12. Rather than complicate the core bytestring functions further, the BER support is removed from them and moved to a separate function that converts from BER to DER (if needed). Change-Id: I2212b28e99bab9fab8c61f80d2012d3e5a3cc2f0 Reviewed-on: https://boringssl-review.googlesource.com/1591 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Port ServerHello extension parsing to CBS. This gives us systematic bounds-checking on all the parses. Also adds a convenience function, CBS_memdup, for saving the current contents of a CBS. Change-Id: I17dad74575f03121aee3f771037b8806ff99d0c3 Reviewed-on: https://boringssl-review.googlesource.com/1031 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Port ssl3_get_key_exchange to CBS. Also tidy up some variable names and update RSA_verify call for it no longer returning -1. Add CBS helper functions for dealing with C strings. Change-Id: Ibc398d27714744f5d99d4f94ae38210cbc89471a Reviewed-on: https://boringssl-review.googlesource.com/1164 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Port ServerHello extension parsing to CBS. This gives us systematic bounds-checking on all the parses. Also adds a convenience function, CBS_memdup, for saving the current contents of a CBS. Change-Id: I17dad74575f03121aee3f771037b8806ff99d0c3 Reviewed-on: https://boringssl-review.googlesource.com/1031 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Port ssl3_get_client_hello to CBS. Also fix some DTLS cookie bugs. rcvd_cookie is never referenced after being saved (and the length isn't saved, so it couldn't be used anyway), and the cookie verification failed to check the length. For convenience, add a CBS_mem_equal helper function. Saves a bit of repetition. Change-Id: I187137733b069f0ac8d8b1bf151eeb80d388b971 Reviewed-on: https://boringssl-review.googlesource.com/1174 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Rework support for ASN.1 BER. Previously, the ASN.1 functions in bytestring were capable of processing indefinite length elements when the _ber functions were used. That works well enough for PKCS#3, but NSS goes a bit crazy with BER encoding and PKCS#12. Rather than complicate the core bytestring functions further, the BER support is removed from them and moved to a separate function that converts from BER to DER (if needed). Change-Id: I2212b28e99bab9fab8c61f80d2012d3e5a3cc2f0 Reviewed-on: https://boringssl-review.googlesource.com/1591 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Export CBS_get_any_asn1_element. Useful for parsing things when you don't know what tag to expect (e.g. a CHOICE). Also allow its operands to be NULL, so that it can be used to skip arbitrary elements. Delete CBS_ASN1_ANY which wasn't doing anything. Change-Id: I56413e68b4f2e13860ea3e55373d5830713d7e5c Reviewed-on: https://boringssl-review.googlesource.com/1661 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Export CBS_get_any_asn1_element. Useful for parsing things when you don't know what tag to expect (e.g. a CHOICE). Also allow its operands to be NULL, so that it can be used to skip arbitrary elements. Delete CBS_ASN1_ANY which wasn't doing anything. Change-Id: I56413e68b4f2e13860ea3e55373d5830713d7e5c Reviewed-on: https://boringssl-review.googlesource.com/1661 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Export CBS_get_any_asn1_element. Useful for parsing things when you don't know what tag to expect (e.g. a CHOICE). Also allow its operands to be NULL, so that it can be used to skip arbitrary elements. Delete CBS_ASN1_ANY which wasn't doing anything. Change-Id: I56413e68b4f2e13860ea3e55373d5830713d7e5c Reviewed-on: https://boringssl-review.googlesource.com/1661 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Rework support for ASN.1 BER. Previously, the ASN.1 functions in bytestring were capable of processing indefinite length elements when the _ber functions were used. That works well enough for PKCS#3, but NSS goes a bit crazy with BER encoding and PKCS#12. Rather than complicate the core bytestring functions further, the BER support is removed from them and moved to a separate function that converts from BER to DER (if needed). Change-Id: I2212b28e99bab9fab8c61f80d2012d3e5a3cc2f0 Reviewed-on: https://boringssl-review.googlesource.com/1591 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Rework support for ASN.1 BER. Previously, the ASN.1 functions in bytestring were capable of processing indefinite length elements when the _ber functions were used. That works well enough for PKCS#3, but NSS goes a bit crazy with BER encoding and PKCS#12. Rather than complicate the core bytestring functions further, the BER support is removed from them and moved to a separate function that converts from BER to DER (if needed). Change-Id: I2212b28e99bab9fab8c61f80d2012d3e5a3cc2f0 Reviewed-on: https://boringssl-review.googlesource.com/1591 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Export CBS_get_any_asn1_element. Useful for parsing things when you don't know what tag to expect (e.g. a CHOICE). Also allow its operands to be NULL, so that it can be used to skip arbitrary elements. Delete CBS_ASN1_ANY which wasn't doing anything. Change-Id: I56413e68b4f2e13860ea3e55373d5830713d7e5c Reviewed-on: https://boringssl-review.googlesource.com/1661 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Rework support for ASN.1 BER. Previously, the ASN.1 functions in bytestring were capable of processing indefinite length elements when the _ber functions were used. That works well enough for PKCS#3, but NSS goes a bit crazy with BER encoding and PKCS#12. Rather than complicate the core bytestring functions further, the BER support is removed from them and moved to a separate function that converts from BER to DER (if needed). Change-Id: I2212b28e99bab9fab8c61f80d2012d3e5a3cc2f0 Reviewed-on: https://boringssl-review.googlesource.com/1591 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Rework support for ASN.1 BER. Previously, the ASN.1 functions in bytestring were capable of processing indefinite length elements when the _ber functions were used. That works well enough for PKCS#3, but NSS goes a bit crazy with BER encoding and PKCS#12. Rather than complicate the core bytestring functions further, the BER support is removed from them and moved to a separate function that converts from BER to DER (if needed). Change-Id: I2212b28e99bab9fab8c61f80d2012d3e5a3cc2f0 Reviewed-on: https://boringssl-review.googlesource.com/1591 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Rework support for ASN.1 BER. Previously, the ASN.1 functions in bytestring were capable of processing indefinite length elements when the _ber functions were used. That works well enough for PKCS#3, but NSS goes a bit crazy with BER encoding and PKCS#12. Rather than complicate the core bytestring functions further, the BER support is removed from them and moved to a separate function that converts from BER to DER (if needed). Change-Id: I2212b28e99bab9fab8c61f80d2012d3e5a3cc2f0 Reviewed-on: https://boringssl-review.googlesource.com/1591 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Rework support for ASN.1 BER. Previously, the ASN.1 functions in bytestring were capable of processing indefinite length elements when the _ber functions were used. That works well enough for PKCS#3, but NSS goes a bit crazy with BER encoding and PKCS#12. Rather than complicate the core bytestring functions further, the BER support is removed from them and moved to a separate function that converts from BER to DER (if needed). Change-Id: I2212b28e99bab9fab8c61f80d2012d3e5a3cc2f0 Reviewed-on: https://boringssl-review.googlesource.com/1591 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
Rework support for ASN.1 BER. Previously, the ASN.1 functions in bytestring were capable of processing indefinite length elements when the _ber functions were used. That works well enough for PKCS#3, but NSS goes a bit crazy with BER encoding and PKCS#12. Rather than complicate the core bytestring functions further, the BER support is removed from them and moved to a separate function that converts from BER to DER (if needed). Change-Id: I2212b28e99bab9fab8c61f80d2012d3e5a3cc2f0 Reviewed-on: https://boringssl-review.googlesource.com/1591 Reviewed-by: Adam Langley <agl@google.com>
há 10 anos
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
há 10 anos
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295 
  1. /* Copyright (c) 2014, Google Inc.

  2.  *

  3.  * Permission to use, copy, modify, and/or distribute this software for any

  4.  * purpose with or without fee is hereby granted, provided that the above

  5.  * copyright notice and this permission notice appear in all copies.

  6.  *

  7.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

  8.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

  9.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY

  10.  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

  11.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

  12.  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN

  13.  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

  14. 

  15. #include <openssl/buf.h>

  16. #include <openssl/mem.h>

  17. #include <openssl/bytestring.h>

  18. 

  19. #include <assert.h>

  20. #include <string.h>

  21. 

  22. #include "internal.h"

  23. 

  24. 

  25. void CBS_init(CBS *cbs, const uint8_t *data, size_t len) {

  26.   cbs->data = data;

  27.   cbs->len = len;

  28. }

  29. 

  30. static int cbs_get(CBS *cbs, const uint8_t **p, size_t n) {

  31.   if (cbs->len < n) {

  32.     return 0;

  33.   }

  34. 

  35.   *p = cbs->data;

  36.   cbs->data += n;

  37.   cbs->len -= n;

  38.   return 1;

  39. }

  40. 

  41. int CBS_skip(CBS *cbs, size_t len) {

  42.   const uint8_t *dummy;

  43.   return cbs_get(cbs, &dummy, len);

  44. }

  45. 

  46. const uint8_t *CBS_data(const CBS *cbs) {

  47.   return cbs->data;

  48. }

  49. 

  50. size_t CBS_len(const CBS *cbs) {

  51.   return cbs->len;

  52. }

  53. 

  54. int CBS_stow(const CBS *cbs, uint8_t **out_ptr, size_t *out_len) {

  55.   if (*out_ptr != NULL) {

  56.     OPENSSL_free(*out_ptr);

  57.     *out_ptr = NULL;

  58.   }

  59.   *out_len = 0;

  60. 

  61.   if (cbs->len == 0) {

  62.     return 1;

  63.   }

  64.   *out_ptr = BUF_memdup(cbs->data, cbs->len);

  65.   if (*out_ptr == NULL) {

  66.     return 0;

  67.   }

  68.   *out_len = cbs->len;

  69.   return 1;

  70. }

  71. 

  72. int CBS_strdup(const CBS *cbs, char **out_ptr) {

  73.   if (*out_ptr != NULL) {

  74.     OPENSSL_free(*out_ptr);

  75.   }

  76.   *out_ptr = BUF_strndup((const char*)cbs->data, cbs->len);

  77.   return (*out_ptr != NULL);

  78. }

  79. 

  80. int CBS_contains_zero_byte(const CBS *cbs) {

  81.   return memchr(cbs->data, 0, cbs->len) != NULL;

  82. }

  83. 

  84. int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len) {

  85.   if (len != cbs->len)

  86.     return 0;

  87.   return CRYPTO_memcmp(cbs->data, data, len) == 0;

  88. }

  89. 

  90. static int cbs_get_u(CBS *cbs, uint32_t *out, size_t len) {

  91.   uint32_t result = 0;

  92.   size_t i;

  93.   const uint8_t *data;

  94. 

  95.   if (!cbs_get(cbs, &data, len)) {

  96.     return 0;

  97.   }

  98.   for (i = 0; i < len; i++) {

  99.     result <<= 8;

  100.     result |= data[i];

  101.   }

  102.   *out = result;

  103.   return 1;

  104. }

  105. 

  106. int CBS_get_u8(CBS *cbs, uint8_t *out) {

  107.   const uint8_t *v;

  108.   if (!cbs_get(cbs, &v, 1)) {

  109.     return 0;

  110.   }

  111.   *out = *v;

  112.   return 1;

  113. }

  114. 

  115. int CBS_get_u16(CBS *cbs, uint16_t *out) {

  116.   uint32_t v;

  117.   if (!cbs_get_u(cbs, &v, 2)) {

  118.     return 0;

  119.   }

  120.   *out = v;

  121.   return 1;

  122. }

  123. 

  124. int CBS_get_u24(CBS *cbs, uint32_t *out) {

  125.   return cbs_get_u(cbs, out, 3);

  126. }

  127. 

  128. int CBS_get_u32(CBS *cbs, uint32_t *out) {

  129.   return cbs_get_u(cbs, out, 4);

  130. }

  131. 

  132. int CBS_get_bytes(CBS *cbs, CBS *out, size_t len) {

  133.   const uint8_t *v;

  134.   if (!cbs_get(cbs, &v, len)) {

  135.     return 0;

  136.   }

  137.   CBS_init(out, v, len);

  138.   return 1;

  139. }

  140. 

  141. static int cbs_get_length_prefixed(CBS *cbs, CBS *out, size_t len_len) {

  142.   uint32_t len;

  143.   if (!cbs_get_u(cbs, &len, len_len)) {

  144.     return 0;

  145.   }

  146.   return CBS_get_bytes(cbs, out, len);

  147. }

  148. 

  149. int CBS_get_u8_length_prefixed(CBS *cbs, CBS *out) {

  150.   return cbs_get_length_prefixed(cbs, out, 1);

  151. }

  152. 

  153. int CBS_get_u16_length_prefixed(CBS *cbs, CBS *out) {

  154.   return cbs_get_length_prefixed(cbs, out, 2);

  155. }

  156. 

  157. int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out) {

  158.   return cbs_get_length_prefixed(cbs, out, 3);

  159. }

  160. 

  161. int CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag,

  162.                              size_t *out_header_len) {

  163.   uint8_t tag, length_byte;

  164.   CBS header = *cbs;

  165.   CBS throwaway;

  166. 

  167.   if (out == NULL) {

  168.     out = &throwaway;

  169.   }

  170. 

  171.   if (!CBS_get_u8(&header, &tag) ||

  172.       !CBS_get_u8(&header, &length_byte)) {

  173.     return 0;

  174.   }

  175. 

  176.   if ((tag & 0x1f) == 0x1f) {

  177.     /* Long form tags are not supported. */

  178.     return 0;

  179.   }

  180. 

  181.   if (out_tag != NULL) {

  182.     *out_tag = tag;

  183.   }

  184. 

  185.   size_t len;

  186.   if ((length_byte & 0x80) == 0) {

  187.     /* Short form length. */

  188.     len = ((size_t) length_byte) + 2;

  189.     if (out_header_len != NULL) {

  190.       *out_header_len = 2;

  191.     }

  192.   } else {

  193.     /* Long form length. */

  194.     const size_t num_bytes = length_byte & 0x7f;

  195.     uint32_t len32;

  196. 

  197.     if ((tag & CBS_ASN1_CONSTRUCTED) != 0 && num_bytes == 0) {

  198.       /* indefinite length */

  199.       *out_header_len = 2;

  200.       return CBS_get_bytes(cbs, out, 2);

  201.     }

  202. 

  203.     if (num_bytes == 0 || num_bytes > 4) {

  204.       return 0;

  205.     }

  206.     if (!cbs_get_u(&header, &len32, num_bytes)) {

  207.       return 0;

  208.     }

  209.     if (len32 < 128) {

  210.       /* Length should have used short-form encoding. */

  211.       return 0;

  212.     }

  213.     if ((len32 >> ((num_bytes-1)*8)) == 0) {

  214.       /* Length should have been at least one byte shorter. */

  215.       return 0;

  216.     }

  217.     len = len32;

  218.     if (len + 2 + num_bytes < len) {

  219.       /* Overflow. */

  220.       return 0;

  221.     }

  222.     len += 2 + num_bytes;

  223.     if (out_header_len != NULL) {

  224.       *out_header_len = 2 + num_bytes;

  225.     }

  226.   }

  227. 

  228.   return CBS_get_bytes(cbs, out, len);

  229. }

  230. 

  231. static int cbs_get_asn1(CBS *cbs, CBS *out, unsigned tag_value,

  232.                         int skip_header) {

  233.   size_t header_len;

  234.   unsigned tag;

  235.   CBS throwaway;

  236. 

  237.   if (out == NULL) {

  238.     out = &throwaway;

  239.   }

  240. 

  241.   if (!CBS_get_any_asn1_element(cbs, out, &tag, &header_len) ||

  242.       tag != tag_value ||

  243.       (header_len > 0 &&

  244.        /* This ensures that the tag is either zero length or

  245.         * indefinite-length. */

  246.        CBS_len(out) == header_len &&

  247.        CBS_data(out)[header_len - 1] == 0x80)) {

  248.     return 0;

  249.   }

  250. 

  251.   if (skip_header && !CBS_skip(out, header_len)) {

  252.     assert(0);

  253.     return 0;

  254.   }

  255. 

  256.   return 1;

  257. }

  258. 

  259. int CBS_get_asn1(CBS *cbs, CBS *out, unsigned tag_value) {

  260.   return cbs_get_asn1(cbs, out, tag_value, 1 /* skip header */);

  261. }

  262. 

  263. int CBS_get_asn1_element(CBS *cbs, CBS *out, unsigned tag_value) {

  264.   return cbs_get_asn1(cbs, out, tag_value, 0 /* include header */);

  265. }

  266. 

  267. int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out) {

  268.   CBS bytes;

  269.   const uint8_t *data;

  270.   size_t i, len;

  271. 

  272.   if (!CBS_get_asn1(cbs, &bytes, CBS_ASN1_INTEGER)) {

  273.     return 0;

  274.   }

  275. 

  276.   *out = 0;

  277.   data = CBS_data(&bytes);

  278.   len = CBS_len(&bytes);

  279. 

  280.   if (len > 0 && (data[0] & 0x80) != 0) {

  281.     /* negative number */

  282.     return 0;

  283.   }

  284. 

  285.   for (i = 0; i < len; i++) {

  286.     if ((*out >> 56) != 0) {

  287.       /* Too large to represent as a uint64_t. */

  288.       return 0;

  289.     }

  290.     *out <<= 8;

  291.     *out |= data[i];

  292.   }

  293. 

  294.   return 1;

  295. }