There's many ways to serialize a BIGNUM, so not including asn1 in the name is confusing (and collides with BN_bn2cbb_padded). Since BN_asn12bn looks ridiculous, match the parse/marshal naming scheme of other modules instead. Change-Id: I53d22ae0537a98e223ed943e943c48cb0743cf51 Reviewed-on: https://boringssl-review.googlesource.com/6822 Reviewed-by: Adam Langley <alangley@gmail.com>kris/onging/CECPQ3_patch15
@@ -18,7 +18,7 @@ | |||
#include <openssl/err.h> | |||
int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret) { | |||
int BN_parse_asn1_unsigned(CBS *cbs, BIGNUM *ret) { | |||
CBS child; | |||
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) || | |||
CBS_len(&child) == 0) { | |||
@@ -42,7 +42,7 @@ int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret) { | |||
return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL; | |||
} | |||
int BN_cbs2unsigned_buggy(CBS *cbs, BIGNUM *ret) { | |||
int BN_parse_asn1_unsigned_buggy(CBS *cbs, BIGNUM *ret) { | |||
CBS child; | |||
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) || | |||
CBS_len(&child) == 0) { | |||
@@ -58,7 +58,7 @@ int BN_cbs2unsigned_buggy(CBS *cbs, BIGNUM *ret) { | |||
return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL; | |||
} | |||
int BN_bn2cbb(CBB *cbb, const BIGNUM *bn) { | |||
int BN_marshal_asn1(CBB *cbb, const BIGNUM *bn) { | |||
/* Negative numbers are unsupported. */ | |||
if (BN_is_negative(bn)) { | |||
OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); | |||
@@ -66,28 +66,15 @@ int BN_bn2cbb(CBB *cbb, const BIGNUM *bn) { | |||
} | |||
CBB child; | |||
if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER)) { | |||
if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER) || | |||
/* The number must be padded with a leading zero if the high bit would | |||
* otherwise be set or if |bn| is zero. */ | |||
(BN_num_bits(bn) % 8 == 0 && !CBB_add_u8(&child, 0x00)) || | |||
!BN_bn2cbb_padded(&child, BN_num_bytes(bn), bn) || | |||
!CBB_flush(cbb)) { | |||
OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); | |||
return 0; | |||
} | |||
/* The number must be padded with a leading zero if the high bit would | |||
* otherwise be set (or |bn| is zero). */ | |||
if (BN_num_bits(bn) % 8 == 0 && | |||
!CBB_add_u8(&child, 0x00)) { | |||
OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); | |||
return 0; | |||
} | |||
uint8_t *out; | |||
if (!CBB_add_space(&child, &out, BN_num_bytes(bn))) { | |||
OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); | |||
return 0; | |||
} | |||
BN_bn2bin(bn, out); | |||
if (!CBB_flush(cbb)) { | |||
OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); | |||
return 0; | |||
} | |||
return 1; | |||
} |
@@ -1823,7 +1823,7 @@ static bool test_asn1() { | |||
} | |||
CBS cbs; | |||
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len); | |||
if (!BN_cbs2unsigned(&cbs, bn2.get()) || CBS_len(&cbs) != 0) { | |||
if (!BN_parse_asn1_unsigned(&cbs, bn2.get()) || CBS_len(&cbs) != 0) { | |||
fprintf(stderr, "Parsing ASN.1 INTEGER failed.\n"); | |||
return false; | |||
} | |||
@@ -1838,7 +1838,7 @@ static bool test_asn1() { | |||
size_t der_len; | |||
CBB_zero(&cbb); | |||
if (!CBB_init(&cbb, 0) || | |||
!BN_bn2cbb(&cbb, bn.get()) || | |||
!BN_marshal_asn1(&cbb, bn.get()) || | |||
!CBB_finish(&cbb, &der, &der_len)) { | |||
CBB_cleanup(&cbb); | |||
return false; | |||
@@ -1852,7 +1852,7 @@ static bool test_asn1() { | |||
// |BN_cbs2unsigned_buggy| parses all valid input. | |||
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len); | |||
if (!BN_cbs2unsigned_buggy(&cbs, bn2.get()) || CBS_len(&cbs) != 0) { | |||
if (!BN_parse_asn1_unsigned_buggy(&cbs, bn2.get()) || CBS_len(&cbs) != 0) { | |||
fprintf(stderr, "Parsing ASN.1 INTEGER failed.\n"); | |||
return false; | |||
} | |||
@@ -1869,7 +1869,7 @@ static bool test_asn1() { | |||
} | |||
CBS cbs; | |||
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len); | |||
if (BN_cbs2unsigned(&cbs, bn.get())) { | |||
if (BN_parse_asn1_unsigned(&cbs, bn.get())) { | |||
fprintf(stderr, "Parsed invalid input.\n"); | |||
return false; | |||
} | |||
@@ -1878,7 +1878,7 @@ static bool test_asn1() { | |||
// All tests in kASN1InvalidTests are also rejected by | |||
// |BN_cbs2unsigned_buggy|. | |||
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len); | |||
if (BN_cbs2unsigned_buggy(&cbs, bn.get())) { | |||
if (BN_parse_asn1_unsigned_buggy(&cbs, bn.get())) { | |||
fprintf(stderr, "Parsed invalid input.\n"); | |||
return false; | |||
} | |||
@@ -1894,7 +1894,7 @@ static bool test_asn1() { | |||
CBS cbs; | |||
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len); | |||
if (BN_cbs2unsigned(&cbs, bn.get())) { | |||
if (BN_parse_asn1_unsigned(&cbs, bn.get())) { | |||
fprintf(stderr, "Parsed invalid input.\n"); | |||
return false; | |||
} | |||
@@ -1907,7 +1907,7 @@ static bool test_asn1() { | |||
} | |||
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len); | |||
if (!BN_cbs2unsigned_buggy(&cbs, bn.get()) || CBS_len(&cbs) != 0) { | |||
if (!BN_parse_asn1_unsigned_buggy(&cbs, bn.get()) || CBS_len(&cbs) != 0) { | |||
fprintf(stderr, "Parsing (invalid) ASN.1 INTEGER failed.\n"); | |||
return false; | |||
} | |||
@@ -1926,7 +1926,7 @@ static bool test_asn1() { | |||
CBB cbb; | |||
CBB_zero(&cbb); | |||
if (!CBB_init(&cbb, 0) || | |||
BN_bn2cbb(&cbb, bn.get())) { | |||
BN_marshal_asn1(&cbb, bn.get())) { | |||
fprintf(stderr, "Serialized negative number.\n"); | |||
CBB_cleanup(&cbb); | |||
return false; | |||
@@ -115,8 +115,8 @@ ECDSA_SIG *ECDSA_SIG_parse(CBS *cbs) { | |||
} | |||
CBS child; | |||
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || | |||
!BN_cbs2unsigned(&child, ret->r) || | |||
!BN_cbs2unsigned(&child, ret->s) || | |||
!BN_parse_asn1_unsigned(&child, ret->r) || | |||
!BN_parse_asn1_unsigned(&child, ret->s) || | |||
CBS_len(&child) != 0) { | |||
OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); | |||
ECDSA_SIG_free(ret); | |||
@@ -140,8 +140,8 @@ ECDSA_SIG *ECDSA_SIG_from_bytes(const uint8_t *in, size_t in_len) { | |||
int ECDSA_SIG_marshal(CBB *cbb, const ECDSA_SIG *sig) { | |||
CBB child; | |||
if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) || | |||
!BN_bn2cbb(&child, sig->r) || | |||
!BN_bn2cbb(&child, sig->s) || | |||
!BN_marshal_asn1(&child, sig->r) || | |||
!BN_marshal_asn1(&child, sig->s) || | |||
!CBB_flush(cbb)) { | |||
OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); | |||
return 0; | |||
@@ -76,9 +76,9 @@ static int parse_integer_buggy(CBS *cbs, BIGNUM **out, int buggy) { | |||
return 0; | |||
} | |||
if (buggy) { | |||
return BN_cbs2unsigned_buggy(cbs, *out); | |||
return BN_parse_asn1_unsigned_buggy(cbs, *out); | |||
} | |||
return BN_cbs2unsigned(cbs, *out); | |||
return BN_parse_asn1_unsigned(cbs, *out); | |||
} | |||
static int parse_integer(CBS *cbs, BIGNUM **out) { | |||
@@ -91,7 +91,7 @@ static int marshal_integer(CBB *cbb, BIGNUM *bn) { | |||
OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING); | |||
return 0; | |||
} | |||
return BN_bn2cbb(cbb, bn); | |||
return BN_marshal_asn1(cbb, bn); | |||
} | |||
static RSA *parse_public_key(CBS *cbs, int buggy) { | |||
@@ -303,17 +303,17 @@ OPENSSL_EXPORT BN_ULONG BN_get_word(const BIGNUM *bn); | |||
/* ASN.1 functions. */ | |||
/* BN_cbs2unsigned parses a non-negative DER INTEGER from |cbs| writes the | |||
* result to |ret|. It returns one on success and zero on failure. */ | |||
OPENSSL_EXPORT int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret); | |||
/* BN_parse_asn1_unsigned parses a non-negative DER INTEGER from |cbs| writes | |||
* the result to |ret|. It returns one on success and zero on failure. */ | |||
OPENSSL_EXPORT int BN_parse_asn1_unsigned(CBS *cbs, BIGNUM *ret); | |||
/* BN_cbs2unsigned_buggy acts like |BN_cbs2unsigned| but tolerates some invalid | |||
* encodings. Do not use this function. */ | |||
OPENSSL_EXPORT int BN_cbs2unsigned_buggy(CBS *cbs, BIGNUM *ret); | |||
/* BN_parse_asn1_unsigned_buggy acts like |BN_parse_asn1_unsigned| but tolerates | |||
* some invalid encodings. Do not use this function. */ | |||
OPENSSL_EXPORT int BN_parse_asn1_unsigned_buggy(CBS *cbs, BIGNUM *ret); | |||
/* BN_bn2cbb marshals |bn| as a non-negative DER INTEGER and appends the result | |||
* to |cbb|. It returns one on success and zero on failure. */ | |||
OPENSSL_EXPORT int BN_bn2cbb(CBB *cbb, const BIGNUM *bn); | |||
/* BN_marshal_asn1 marshals |bn| as a non-negative DER INTEGER and appends the | |||
* result to |cbb|. It returns one on success and zero on failure. */ | |||
OPENSSL_EXPORT int BN_marshal_asn1(CBB *cbb, const BIGNUM *bn); | |||
/* Internal functions. | |||