studio/cli
2
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 4 Wiki Activity

chore: checkpoint before Python removal

Browse Source
This commit is contained in:
Sienna Meridian Satterwhite
2026-03-26 22:33:59 +00:00
parent 683cec9307
commit e568ddf82a
29972 changed files with 11269302 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
vendor/aws-lc-sys/aws-lc/crypto/bytestring/asn1_compat.c vendored Normal file
View File

@@ -0,0 +1,42 @@
// Copyright (c) 2016, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/bytestring.h>
#include <assert.h>
#include <limits.h>
#include <string.h>
#include <openssl/mem.h>
#include "internal.h"
#include "../internal.h"
int CBB_finish_i2d(CBB *cbb, uint8_t **outp) {
assert(!cbb->is_child);
assert(cbb->u.base.can_resize);
uint8_t *der;
size_t der_len;
if (!CBB_finish(cbb, &der, &der_len)) {
CBB_cleanup(cbb);
return -1;
}
if (der_len > INT_MAX) {
OPENSSL_free(der);
return -1;
}
if (outp != NULL) {
if (*outp == NULL) {
*outp = der;
der = NULL;
} else {
OPENSSL_memcpy(*outp, der, der_len);
*outp += der_len;
}
}
OPENSSL_free(der);
return (int)der_len;
}

255
vendor/aws-lc-sys/aws-lc/crypto/bytestring/ber.c vendored Normal file
View File

@@ -0,0 +1,255 @@
// Copyright (c) 2014, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/bytestring.h>
#include <assert.h>
#include <string.h>
#include "internal.h"
// kMaxDepth limits the recursion depth to avoid overflowing the stack.
static const uint32_t kMaxDepth = 128;
// is_string_type returns one if |tag| is a string type and zero otherwise. It
// ignores the constructed bit.
static int is_string_type(CBS_ASN1_TAG tag) {
// While BER supports constructed BIT STRINGS, OpenSSL misparses them. To
// avoid acting on an ambiguous input, we do not support constructed BIT
// STRINGS. See https://github.com/openssl/openssl/issues/12810.
switch (tag & ~CBS_ASN1_CONSTRUCTED) {
case CBS_ASN1_OCTETSTRING:
case CBS_ASN1_UTF8STRING:
case CBS_ASN1_NUMERICSTRING:
case CBS_ASN1_PRINTABLESTRING:
case CBS_ASN1_T61STRING:
case CBS_ASN1_VIDEOTEXSTRING:
case CBS_ASN1_IA5STRING:
case CBS_ASN1_GRAPHICSTRING:
case CBS_ASN1_VISIBLESTRING:
case CBS_ASN1_GENERALSTRING:
case CBS_ASN1_UNIVERSALSTRING:
case CBS_ASN1_BMPSTRING:
return 1;
default:
return 0;
}
}
// cbs_find_ber walks an ASN.1 structure in |orig_in| and sets |*ber_found|
// depending on whether an indefinite length element or constructed string was
// found. The value of |orig_in| is not changed. It returns one on success (i.e.
// |*ber_found| was set) and zero on error.
static int cbs_find_ber(const CBS *orig_in, int *ber_found, uint32_t depth) {
if (depth > kMaxDepth) {
return 0;
}
CBS in = *orig_in;
*ber_found = 0;
while (CBS_len(&in) > 0) {
CBS contents;
CBS_ASN1_TAG tag;
size_t header_len;
int indefinite;
if (!CBS_get_any_ber_asn1_element(&in, &contents, &tag, &header_len,
ber_found, &indefinite)) {
return 0;
}
if (*ber_found) {
return 1;
}
if (tag & CBS_ASN1_CONSTRUCTED) {
if (is_string_type(tag)) {
// Constructed strings are only legal in BER and require conversion.
*ber_found = 1;
return 1;
}
if (!CBS_skip(&contents, header_len) ||
!cbs_find_ber(&contents, ber_found, depth + 1)) {
return 0;
}
if (*ber_found) {
// We already found BER. No need to continue parsing.
return 1;
}
}
}
return 1;
}
// cbs_get_eoc returns one if |cbs| begins with an "end of contents" (EOC) value
// and zero otherwise. If an EOC was found, it advances |cbs| past it.
static int cbs_get_eoc(CBS *cbs) {
if (CBS_len(cbs) >= 2 &&
CBS_data(cbs)[0] == 0 && CBS_data(cbs)[1] == 0) {
return CBS_skip(cbs, 2);
}
return 0;
}
// cbs_convert_ber reads BER data from |in| and writes DER data to |out|. If
// |string_tag| is non-zero, then all elements must match |string_tag| up to the
// constructed bit and primitive element bodies are written to |out| without
// element headers. This is used when concatenating the fragments of a
// constructed string. If |looking_for_eoc| is set then any EOC elements found
// will cause the function to return after consuming it. It returns one on
// success and zero on error.
static int cbs_convert_ber(CBS *in, CBB *out, CBS_ASN1_TAG string_tag,
int looking_for_eoc, uint32_t depth) {
assert(!(string_tag & CBS_ASN1_CONSTRUCTED));
if (depth > kMaxDepth) {
return 0;
}
while (CBS_len(in) > 0) {
if (looking_for_eoc && cbs_get_eoc(in)) {
return 1;
}
CBS contents;
CBS_ASN1_TAG tag, child_string_tag = string_tag;
size_t header_len;
int indefinite;
CBB *out_contents, out_contents_storage;
if (!CBS_get_any_ber_asn1_element(in, &contents, &tag, &header_len,
/*out_ber_found=*/NULL, &indefinite)) {
return 0;
}
if (string_tag != 0) {
// This is part of a constructed string. All elements must match
// |string_tag| up to the constructed bit and get appended to |out|
// without a child element.
if ((tag & ~CBS_ASN1_CONSTRUCTED) != string_tag) {
return 0;
}
out_contents = out;
} else {
CBS_ASN1_TAG out_tag = tag;
if ((tag & CBS_ASN1_CONSTRUCTED) && is_string_type(tag)) {
// If a constructed string, clear the constructed bit and inform
// children to concatenate bodies.
out_tag &= ~CBS_ASN1_CONSTRUCTED;
child_string_tag = out_tag;
}
if (!CBB_add_asn1(out, &out_contents_storage, out_tag)) {
return 0;
}
out_contents = &out_contents_storage;
}
if (indefinite) {
if (!cbs_convert_ber(in, out_contents, child_string_tag,
/*looking_for_eoc=*/1, depth + 1) ||
!CBB_flush(out)) {
return 0;
}
continue;
}
if (!CBS_skip(&contents, header_len)) {
return 0;
}
if (tag & CBS_ASN1_CONSTRUCTED) {
// Recurse into children.
if (!cbs_convert_ber(&contents, out_contents, child_string_tag,
/*looking_for_eoc=*/0, depth + 1)) {
return 0;
}
} else {
// Copy primitive contents as-is.
if (!CBB_add_bytes(out_contents, CBS_data(&contents),
CBS_len(&contents))) {
return 0;
}
}
if (!CBB_flush(out)) {
return 0;
}
}
return looking_for_eoc == 0;
}
int CBS_asn1_ber_to_der(CBS *in, CBS *out, uint8_t **out_storage) {
CBB cbb;
// First, do a quick walk to find any indefinite-length elements. Most of the
// time we hope that there aren't any and thus we can quickly return.
int conversion_needed;
if (!cbs_find_ber(in, &conversion_needed, 0)) {
return 0;
}
if (!conversion_needed) {
if (!CBS_get_any_asn1_element(in, out, NULL, NULL)) {
return 0;
}
*out_storage = NULL;
return 1;
}
size_t len;
if (!CBB_init(&cbb, CBS_len(in)) ||
!cbs_convert_ber(in, &cbb, 0, 0, 0) ||
!CBB_finish(&cbb, out_storage, &len)) {
CBB_cleanup(&cbb);
return 0;
}
CBS_init(out, *out_storage, len);
return 1;
}
int CBS_get_asn1_implicit_string(CBS *in, CBS *out, uint8_t **out_storage,
CBS_ASN1_TAG outer_tag,
CBS_ASN1_TAG inner_tag) {
assert(!(outer_tag & CBS_ASN1_CONSTRUCTED));
assert(!(inner_tag & CBS_ASN1_CONSTRUCTED));
assert(is_string_type(inner_tag));
if (CBS_peek_asn1_tag(in, outer_tag)) {
// Normal implicitly-tagged string.
*out_storage = NULL;
return CBS_get_asn1(in, out, outer_tag);
}
// Otherwise, try to parse an implicitly-tagged constructed string.
// |CBS_asn1_ber_to_der| is assumed to have run, so only allow one level deep
// of nesting.
CBB result;
CBS child;
if (!CBB_init(&result, CBS_len(in)) ||
!CBS_get_asn1(in, &child, outer_tag | CBS_ASN1_CONSTRUCTED)) {
goto err;
}
while (CBS_len(&child) > 0) {
CBS chunk;
if (!CBS_get_asn1(&child, &chunk, inner_tag) ||
!CBB_add_bytes(&result, CBS_data(&chunk), CBS_len(&chunk))) {
goto err;
}
}
uint8_t *data;
size_t len;
if (!CBB_finish(&result, &data, &len)) {
goto err;
}
CBS_init(out, data, len);
*out_storage = data;
return 1;
err:
CBB_cleanup(&result);
return 0;
}

1792
vendor/aws-lc-sys/aws-lc/crypto/bytestring/bytestring_test.cc vendored Normal file
View File

File diff suppressed because it is too large Load Diff

717
vendor/aws-lc-sys/aws-lc/crypto/bytestring/cbb.c vendored Normal file
View File

@@ -0,0 +1,717 @@
// Copyright (c) 2014, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/bytestring.h>
#include <assert.h>
#include <limits.h>
#include <string.h>
#include <openssl/mem.h>
#include <openssl/err.h>
#include "../internal.h"
void CBB_zero(CBB *cbb) {
OPENSSL_memset(cbb, 0, sizeof(CBB));
}
static void cbb_init(CBB *cbb, uint8_t *buf, size_t cap, int can_resize) {
cbb->is_child = 0;
cbb->child = NULL;
cbb->u.base.buf = buf;
cbb->u.base.len = 0;
cbb->u.base.cap = cap;
cbb->u.base.can_resize = can_resize;
cbb->u.base.error = 0;
}
int CBB_init(CBB *cbb, size_t initial_capacity) {
CBB_zero(cbb);
uint8_t *buf = OPENSSL_malloc(initial_capacity);
if (initial_capacity > 0 && buf == NULL) {
return 0;
}
cbb_init(cbb, buf, initial_capacity, /*can_resize=*/1);
return 1;
}
int CBB_init_fixed(CBB *cbb, uint8_t *buf, size_t len) {
CBB_zero(cbb);
cbb_init(cbb, buf, len, /*can_resize=*/0);
return 1;
}
void CBB_cleanup(CBB *cbb) {
// Child |CBB|s are non-owning. They are implicitly discarded and should not
// be used with |CBB_cleanup| or |ScopedCBB|.
assert(!cbb->is_child);
if (cbb->is_child) {
return;
}
if (cbb->u.base.can_resize) {
OPENSSL_free(cbb->u.base.buf);
}
}
static int cbb_buffer_reserve(struct cbb_buffer_st *base, uint8_t **out,
size_t len) {
if (base == NULL) {
return 0;
}
size_t newlen = base->len + len;
if (newlen < base->len) {
// Overflow
OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW);
goto err;
}
if (newlen > base->cap) {
if (!base->can_resize) {
OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW);
goto err;
}
size_t newcap = base->cap * 2;
if (newcap < base->cap || newcap < newlen) {
newcap = newlen;
}
uint8_t *newbuf = OPENSSL_realloc(base->buf, newcap);
if (newbuf == NULL) {
goto err;
}
base->buf = newbuf;
base->cap = newcap;
}
if (out) {
*out = base->buf + base->len;
}
return 1;
err:
base->error = 1;
return 0;
}
static int cbb_buffer_add(struct cbb_buffer_st *base, uint8_t **out,
size_t len) {
if (!cbb_buffer_reserve(base, out, len)) {
return 0;
}
// This will not overflow or |cbb_buffer_reserve| would have failed.
base->len += len;
return 1;
}
int CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len) {
if (cbb->is_child) {
OPENSSL_PUT_ERROR(CRYPTO, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (!CBB_flush(cbb)) {
return 0;
}
if (cbb->u.base.can_resize && (out_data == NULL || out_len == NULL)) {
// |out_data| and |out_len| can only be NULL if the CBB is fixed.
return 0;
}
if (out_data != NULL) {
*out_data = cbb->u.base.buf;
}
if (out_len != NULL) {
*out_len = cbb->u.base.len;
}
cbb->u.base.buf = NULL;
CBB_cleanup(cbb);
return 1;
}
static struct cbb_buffer_st *cbb_get_base(CBB *cbb) {
if (cbb->is_child) {
return cbb->u.child.base;
}
return &cbb->u.base;
}
static void cbb_on_error(CBB *cbb) {
// Due to C's lack of destructors and |CBB|'s auto-flushing API, a failing
// |CBB|-taking function may leave a dangling pointer to a child |CBB|. As a
// result, the convention is callers may not write to |CBB|s that have failed.
// But, as a safety measure, we lock the |CBB| into an error state. Once the
// error bit is set, |cbb->child| will not be read.
//
// TODO(davidben): This still isn't quite ideal. A |CBB| function *outside*
// this file may originate an error while the |CBB| points to a local child.
// In that case we don't set the error bit and are reliant on the error
// convention. Perhaps we allow |CBB_cleanup| on child |CBB|s and make every
// child's |CBB_cleanup| set the error bit if unflushed. That will be
// convenient for C++ callers, but very tedious for C callers. So C callers
// perhaps should get a |CBB_on_error| function that can be, less tediously,
// stuck in a |goto err| block.
cbb_get_base(cbb)->error = 1;
// Clearing the pointer is not strictly necessary, but GCC's dangling pointer
// warning does not know |cbb->child| will not be read once |error| is set
// above.
cbb->child = NULL;
}
// CBB_flush recurses and then writes out any pending length prefix. The
// current length of the underlying base is taken to be the length of the
// length-prefixed data.
int CBB_flush(CBB *cbb) {
// If |base| has hit an error, the buffer is in an undefined state, so
// fail all following calls. In particular, |cbb->child| may point to invalid
// memory.
struct cbb_buffer_st *base = cbb_get_base(cbb);
if (base == NULL || base->error) {
return 0;
}
if (cbb->child == NULL) {
// Nothing to flush.
return 1;
}
assert(cbb->child->is_child);
struct cbb_child_st *child = &cbb->child->u.child;
assert(child->base == base);
size_t child_start = child->offset + child->pending_len_len;
if (!CBB_flush(cbb->child) ||
child_start < child->offset ||
base->len < child_start) {
goto err;
}
size_t len = base->len - child_start;
if (child->pending_is_asn1) {
// For ASN.1 we assume that we'll only need a single byte for the length.
// If that turned out to be incorrect, we have to move the contents along
// in order to make space.
uint8_t len_len;
uint8_t initial_length_byte;
assert (child->pending_len_len == 1);
if (len > 0xfffffffe) {
OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW);
// Too large.
goto err;
} else if (len > 0xffffff) {
len_len = 5;
initial_length_byte = 0x80 | 4;
} else if (len > 0xffff) {
len_len = 4;
initial_length_byte = 0x80 | 3;
} else if (len > 0xff) {
len_len = 3;
initial_length_byte = 0x80 | 2;
} else if (len > 0x7f) {
len_len = 2;
initial_length_byte = 0x80 | 1;
} else {
len_len = 1;
initial_length_byte = (uint8_t)len;
len = 0;
}
if (len_len != 1) {
// We need to move the contents along in order to make space.
size_t extra_bytes = len_len - 1;
if (!cbb_buffer_add(base, NULL, extra_bytes)) {
goto err;
}
OPENSSL_memmove(base->buf + child_start + extra_bytes,
base->buf + child_start, len);
}
base->buf[child->offset++] = initial_length_byte;
child->pending_len_len = len_len - 1;
}
for (size_t i = child->pending_len_len - 1; i < child->pending_len_len; i--) {
base->buf[child->offset + i] = (uint8_t)len;
len >>= 8;
}
if (len != 0) {
OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW);
goto err;
}
child->base = NULL;
cbb->child = NULL;
return 1;
err:
cbb_on_error(cbb);
return 0;
}
const uint8_t *CBB_data(const CBB *cbb) {
assert(cbb->child == NULL);
if (cbb->is_child) {
return cbb->u.child.base->buf + cbb->u.child.offset +
cbb->u.child.pending_len_len;
}
return cbb->u.base.buf;
}
size_t CBB_len(const CBB *cbb) {
assert(cbb->child == NULL);
if (cbb->is_child) {
assert(cbb->u.child.offset + cbb->u.child.pending_len_len <=
cbb->u.child.base->len);
return cbb->u.child.base->len - cbb->u.child.offset -
cbb->u.child.pending_len_len;
}
return cbb->u.base.len;
}
static int cbb_add_child(CBB *cbb, CBB *out_child, uint8_t len_len,
int is_asn1) {
assert(cbb->child == NULL);
assert(!is_asn1 || len_len == 1);
struct cbb_buffer_st *base = cbb_get_base(cbb);
size_t offset = base->len;
// Reserve space for the length prefix.
uint8_t *prefix_bytes;
if (!cbb_buffer_add(base, &prefix_bytes, len_len)) {
return 0;
}
OPENSSL_memset(prefix_bytes, 0, len_len);
CBB_zero(out_child);
out_child->is_child = 1;
out_child->u.child.base = base;
out_child->u.child.offset = offset;
out_child->u.child.pending_len_len = len_len;
out_child->u.child.pending_is_asn1 = is_asn1;
cbb->child = out_child;
return 1;
}
static int cbb_add_length_prefixed(CBB *cbb, CBB *out_contents,
uint8_t len_len) {
if (!CBB_flush(cbb)) {
return 0;
}
return cbb_add_child(cbb, out_contents, len_len, /*is_asn1=*/0);
}
int CBB_add_u8_length_prefixed(CBB *cbb, CBB *out_contents) {
return cbb_add_length_prefixed(cbb, out_contents, 1);
}
int CBB_add_u16_length_prefixed(CBB *cbb, CBB *out_contents) {
return cbb_add_length_prefixed(cbb, out_contents, 2);
}
int CBB_add_u24_length_prefixed(CBB *cbb, CBB *out_contents) {
return cbb_add_length_prefixed(cbb, out_contents, 3);
}
// add_base128_integer encodes |v| as a big-endian base-128 integer where the
// high bit of each byte indicates where there is more data. This is the
// encoding used in DER for both high tag number form and OID components.
static int add_base128_integer(CBB *cbb, uint64_t v) {
unsigned len_len = 0;
uint64_t copy = v;
while (copy > 0) {
len_len++;
copy >>= 7;
}
if (len_len == 0) {
len_len = 1; // Zero is encoded with one byte.
}
for (unsigned i = len_len - 1; i < len_len; i--) {
uint8_t byte = (v >> (7 * i)) & 0x7f;
if (i != 0) {
// The high bit denotes whether there is more data.
byte |= 0x80;
}
if (!CBB_add_u8(cbb, byte)) {
return 0;
}
}
return 1;
}
int CBB_add_asn1(CBB *cbb, CBB *out_contents, CBS_ASN1_TAG tag) {
if (!CBB_flush(cbb)) {
return 0;
}
// Split the tag into leading bits and tag number.
uint8_t tag_bits = (tag >> CBS_ASN1_TAG_SHIFT) & 0xe0;
CBS_ASN1_TAG tag_number = tag & CBS_ASN1_TAG_NUMBER_MASK;
if (tag_number >= 0x1f) {
// Set all the bits in the tag number to signal high tag number form.
if (!CBB_add_u8(cbb, tag_bits | 0x1f) ||
!add_base128_integer(cbb, tag_number)) {
return 0;
}
} else if (!CBB_add_u8(cbb, tag_bits | tag_number)) {
return 0;
}
// Reserve one byte of length prefix. |CBB_flush| will finish it later.
return cbb_add_child(cbb, out_contents, /*len_len=*/1, /*is_asn1=*/1);
}
int CBB_add_bytes(CBB *cbb, const uint8_t *data, size_t len) {
uint8_t *out;
if (!CBB_add_space(cbb, &out, len)) {
return 0;
}
OPENSSL_memcpy(out, data, len);
return 1;
}
int CBB_add_zeros(CBB *cbb, size_t len) {
uint8_t *out;
if (!CBB_add_space(cbb, &out, len)) {
return 0;
}
OPENSSL_memset(out, 0, len);
return 1;
}
int CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len) {
if (!CBB_flush(cbb) ||
!cbb_buffer_add(cbb_get_base(cbb), out_data, len)) {
return 0;
}
return 1;
}
int CBB_reserve(CBB *cbb, uint8_t **out_data, size_t len) {
if (!CBB_flush(cbb) ||
!cbb_buffer_reserve(cbb_get_base(cbb), out_data, len)) {
return 0;
}
return 1;
}
int CBB_did_write(CBB *cbb, size_t len) {
struct cbb_buffer_st *base = cbb_get_base(cbb);
size_t newlen = base->len + len;
if (cbb->child != NULL ||
newlen < base->len ||
newlen > base->cap) {
return 0;
}
base->len = newlen;
return 1;
}
static int cbb_add_u(CBB *cbb, uint64_t v, size_t len_len) {
uint8_t *buf;
if (!CBB_add_space(cbb, &buf, len_len)) {
return 0;
}
for (size_t i = len_len - 1; i < len_len; i--) {
buf[i] = v;
v >>= 8;
}
// |v| must fit in |len_len| bytes.
if (v != 0) {
cbb_on_error(cbb);
return 0;
}
return 1;
}
int CBB_add_u8(CBB *cbb, uint8_t value) {
return cbb_add_u(cbb, value, 1);
}
int CBB_add_u16(CBB *cbb, uint16_t value) {
return cbb_add_u(cbb, value, 2);
}
int CBB_add_u16le(CBB *cbb, uint16_t value) {
return CBB_add_u16(cbb, CRYPTO_bswap2(value));
}
int CBB_add_u24(CBB *cbb, uint32_t value) {
return cbb_add_u(cbb, value, 3);
}
int CBB_add_u32(CBB *cbb, uint32_t value) {
return cbb_add_u(cbb, value, 4);
}
int CBB_add_u32le(CBB *cbb, uint32_t value) {
return CBB_add_u32(cbb, CRYPTO_bswap4(value));
}
int CBB_add_u64(CBB *cbb, uint64_t value) {
return cbb_add_u(cbb, value, 8);
}
int CBB_add_u64le(CBB *cbb, uint64_t value) {
return CBB_add_u64(cbb, CRYPTO_bswap8(value));
}
void CBB_discard_child(CBB *cbb) {
if (cbb->child == NULL) {
return;
}
struct cbb_buffer_st *base = cbb_get_base(cbb);
assert(cbb->child->is_child);
base->len = cbb->child->u.child.offset;
cbb->child->u.child.base = NULL;
cbb->child = NULL;
}
int CBB_add_asn1_uint64(CBB *cbb, uint64_t value) {
return CBB_add_asn1_uint64_with_tag(cbb, value, CBS_ASN1_INTEGER);
}
int CBB_add_asn1_uint64_with_tag(CBB *cbb, uint64_t value, CBS_ASN1_TAG tag) {
CBB child;
if (!CBB_add_asn1(cbb, &child, tag)) {
goto err;
}
int started = 0;
for (size_t i = 0; i < 8; i++) {
uint8_t byte = (value >> 8 * (7 - i)) & 0xff;
if (!started) {
if (byte == 0) {
// Don't encode leading zeros.
continue;
}
// If the high bit is set, add a padding byte to make it
// unsigned.
if ((byte & 0x80) && !CBB_add_u8(&child, 0)) {
goto err;
}
started = 1;
}
if (!CBB_add_u8(&child, byte)) {
goto err;
}
}
// 0 is encoded as a single 0, not the empty string.
if (!started && !CBB_add_u8(&child, 0)) {
goto err;
}
return CBB_flush(cbb);
err:
cbb_on_error(cbb);
return 0;
}
int CBB_add_asn1_int64(CBB *cbb, int64_t value) {
return CBB_add_asn1_int64_with_tag(cbb, value, CBS_ASN1_INTEGER);
}
int CBB_add_asn1_int64_with_tag(CBB *cbb, int64_t value, CBS_ASN1_TAG tag) {
if (value >= 0) {
return CBB_add_asn1_uint64_with_tag(cbb, (uint64_t)value, tag);
}
uint8_t bytes[sizeof(int64_t)];
memcpy(bytes, &value, sizeof(value));
// Skip leading sign-extension bytes unless they are necessary.
#ifdef OPENSSL_BIG_ENDIAN
int start = 0;
while (start < 7 && (bytes[start] == 0xff && (bytes[start + 1] & 0x80))) {
start++;
}
#else
int start = 7;
while (start > 0 && (bytes[start] == 0xff && (bytes[start - 1] & 0x80))) {
start--;
}
#endif
CBB child;
if (!CBB_add_asn1(cbb, &child, tag)) {
goto err;
}
#ifdef OPENSSL_BIG_ENDIAN
for (int i = start; i <= 7; i++) {
#else
for (int i = start; i >= 0; i--) {
#endif
if (!CBB_add_u8(&child, bytes[i])) {
goto err;
}
}
return CBB_flush(cbb);
err:
cbb_on_error(cbb);
return 0;
}
int CBB_add_asn1_octet_string(CBB *cbb, const uint8_t *data, size_t data_len) {
CBB child;
if (!CBB_add_asn1(cbb, &child, CBS_ASN1_OCTETSTRING) ||
!CBB_add_bytes(&child, data, data_len) ||
!CBB_flush(cbb)) {
cbb_on_error(cbb);
return 0;
}
return 1;
}
int CBB_add_asn1_bool(CBB *cbb, int value) {
CBB child;
if (!CBB_add_asn1(cbb, &child, CBS_ASN1_BOOLEAN) ||
!CBB_add_u8(&child, value != 0 ? 0xff : 0) ||
!CBB_flush(cbb)) {
cbb_on_error(cbb);
return 0;
}
return 1;
}
// parse_dotted_decimal parses one decimal component from |cbs|, where |cbs| is
// an OID literal, e.g., "1.2.840.113554.4.1.72585". It consumes both the
// component and the dot, so |cbs| may be passed into the function again for the
// next value.
static int parse_dotted_decimal(CBS *cbs, uint64_t *out) {
if (!CBS_get_u64_decimal(cbs, out)) {
return 0;
}
// The integer must have either ended at the end of the string, or a
// non-terminal dot, which should be consumed. If the string ends with a dot,
// this is not a valid OID string.
uint8_t dot;
return !CBS_get_u8(cbs, &dot) || (dot == '.' && CBS_len(cbs) > 0);
}
int CBB_add_asn1_oid_from_text(CBB *cbb, const char *text, size_t len) {
if (!CBB_flush(cbb)) {
return 0;
}
CBS cbs;
CBS_init(&cbs, (const uint8_t *)text, len);
// OIDs must have at least two components.
uint64_t a, b;
if (!parse_dotted_decimal(&cbs, &a) ||
!parse_dotted_decimal(&cbs, &b)) {
return 0;
}
// The first component is encoded as 40 * |a| + |b|. This assumes that |a| is
// 0, 1, or 2 and that, when it is 0 or 1, |b| is at most 39.
if (a > 2 ||
(a < 2 && b > 39) ||
b > UINT64_MAX - 80 ||
!add_base128_integer(cbb, 40u * a + b)) {
return 0;
}
// The remaining components are encoded unmodified.
while (CBS_len(&cbs) > 0) {
if (!parse_dotted_decimal(&cbs, &a) ||
!add_base128_integer(cbb, a)) {
return 0;
}
}
return 1;
}
static int compare_set_of_element(const void *a_ptr, const void *b_ptr) {
// See X.690, section 11.6 for the ordering. They are sorted in ascending
// order by their DER encoding.
const CBS *a = a_ptr, *b = b_ptr;
size_t a_len = CBS_len(a), b_len = CBS_len(b);
size_t min_len = a_len < b_len ? a_len : b_len;
int ret = OPENSSL_memcmp(CBS_data(a), CBS_data(b), min_len);
if (ret != 0) {
return ret;
}
if (a_len == b_len) {
return 0;
}
// If one is a prefix of the other, the shorter one sorts first. (This is not
// actually reachable. No DER encoding is a prefix of another DER encoding.)
return a_len < b_len ? -1 : 1;
}
int CBB_flush_asn1_set_of(CBB *cbb) {
if (!CBB_flush(cbb)) {
return 0;
}
CBS cbs;
size_t num_children = 0;
CBS_init(&cbs, CBB_data(cbb), CBB_len(cbb));
while (CBS_len(&cbs) != 0) {
if (!CBS_get_any_asn1_element(&cbs, NULL, NULL, NULL)) {
OPENSSL_PUT_ERROR(CRYPTO, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
num_children++;
}
if (num_children < 2) {
return 1; // Nothing to do. This is the common case for X.509.
}
// Parse out the children and sort. We alias them into a copy of so they
// remain valid as we rewrite |cbb|.
int ret = 0;
size_t buf_len = CBB_len(cbb);
uint8_t *buf = OPENSSL_memdup(CBB_data(cbb), buf_len);
CBS *children = OPENSSL_calloc(num_children, sizeof(CBS));
if (buf == NULL || children == NULL) {
goto err;
}
CBS_init(&cbs, buf, buf_len);
for (size_t i = 0; i < num_children; i++) {
if (!CBS_get_any_asn1_element(&cbs, &children[i], NULL, NULL)) {
goto err;
}
}
qsort(children, num_children, sizeof(CBS), compare_set_of_element);
// Write the contents back in the new order.
uint8_t *out = (uint8_t *)CBB_data(cbb);
size_t offset = 0;
for (size_t i = 0; i < num_children; i++) {
OPENSSL_memcpy(out + offset, CBS_data(&children[i]), CBS_len(&children[i]));
offset += CBS_len(&children[i]);
}
assert(offset == buf_len);
ret = 1;
err:
OPENSSL_free(buf);
OPENSSL_free(children);
return ret;
}

936
vendor/aws-lc-sys/aws-lc/crypto/bytestring/cbs.c vendored Normal file
View File

@@ -0,0 +1,936 @@
// Copyright (c) 2014, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/asn1.h>
#include <openssl/bytestring.h>
#include <openssl/mem.h>
#include <assert.h>
#ifndef __STDC_FORMAT_MACROS
#define __STDC_FORMAT_MACROS
#endif
#include <ctype.h>
#include <inttypes.h>
#include <string.h>
#include "../asn1/internal.h"
#include "../internal.h"
#include "internal.h"
void CBS_init(CBS *cbs, const uint8_t *data, size_t len) {
cbs->data = data;
cbs->len = len;
}
static int cbs_get(CBS *cbs, const uint8_t **p, size_t n) {
if (cbs->len < n) {
return 0;
}
*p = cbs->data;
cbs->data += n;
cbs->len -= n;
return 1;
}
int CBS_skip(CBS *cbs, size_t len) {
const uint8_t *dummy;
return cbs_get(cbs, &dummy, len);
}
const uint8_t *CBS_data(const CBS *cbs) { return cbs->data; }
size_t CBS_len(const CBS *cbs) { return cbs->len; }
int CBS_stow(const CBS *cbs, uint8_t **out_ptr, size_t *out_len) {
OPENSSL_free(*out_ptr);
*out_ptr = NULL;
*out_len = 0;
if (cbs->len == 0) {
return 1;
}
*out_ptr = OPENSSL_memdup(cbs->data, cbs->len);
if (*out_ptr == NULL) {
return 0;
}
*out_len = cbs->len;
return 1;
}
int CBS_strdup(const CBS *cbs, char **out_ptr) {
if (*out_ptr != NULL) {
OPENSSL_free(*out_ptr);
}
*out_ptr = OPENSSL_strndup((const char *)cbs->data, cbs->len);
return (*out_ptr != NULL);
}
int CBS_contains_zero_byte(const CBS *cbs) {
return OPENSSL_memchr(cbs->data, 0, cbs->len) != NULL;
}
int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len) {
if (len != cbs->len) {
return 0;
}
return CRYPTO_memcmp(cbs->data, data, len) == 0;
}
static int cbs_get_u(CBS *cbs, uint64_t *out, size_t len) {
uint64_t result = 0;
const uint8_t *data;
if (!cbs_get(cbs, &data, len)) {
return 0;
}
for (size_t i = 0; i < len; i++) {
result <<= 8;
result |= data[i];
}
*out = result;
return 1;
}
int CBS_get_u8(CBS *cbs, uint8_t *out) {
const uint8_t *v;
if (!cbs_get(cbs, &v, 1)) {
return 0;
}
*out = *v;
return 1;
}
int CBS_get_u16(CBS *cbs, uint16_t *out) {
uint64_t v;
if (!cbs_get_u(cbs, &v, 2)) {
return 0;
}
*out = v;
return 1;
}
int CBS_get_u16le(CBS *cbs, uint16_t *out) {
if (!CBS_get_u16(cbs, out)) {
return 0;
}
*out = CRYPTO_bswap2(*out);
return 1;
}
int CBS_get_u24(CBS *cbs, uint32_t *out) {
uint64_t v;
if (!cbs_get_u(cbs, &v, 3)) {
return 0;
}
*out = (uint32_t)v;
return 1;
}
int CBS_get_u32(CBS *cbs, uint32_t *out) {
uint64_t v;
if (!cbs_get_u(cbs, &v, 4)) {
return 0;
}
*out = (uint32_t)v;
return 1;
}
int CBS_get_u32le(CBS *cbs, uint32_t *out) {
if (!CBS_get_u32(cbs, out)) {
return 0;
}
*out = CRYPTO_bswap4(*out);
return 1;
}
int CBS_get_u64(CBS *cbs, uint64_t *out) { return cbs_get_u(cbs, out, 8); }
int CBS_get_u64le(CBS *cbs, uint64_t *out) {
if (!cbs_get_u(cbs, out, 8)) {
return 0;
}
*out = CRYPTO_bswap8(*out);
return 1;
}
int CBS_get_last_u8(CBS *cbs, uint8_t *out) {
if (cbs->len == 0) {
return 0;
}
*out = cbs->data[cbs->len - 1];
cbs->len--;
return 1;
}
int CBS_get_bytes(CBS *cbs, CBS *out, size_t len) {
const uint8_t *v;
if (!cbs_get(cbs, &v, len)) {
return 0;
}
CBS_init(out, v, len);
return 1;
}
int CBS_copy_bytes(CBS *cbs, uint8_t *out, size_t len) {
const uint8_t *v;
if (!cbs_get(cbs, &v, len)) {
return 0;
}
OPENSSL_memcpy(out, v, len);
return 1;
}
static int cbs_get_length_prefixed(CBS *cbs, CBS *out, size_t len_len) {
uint64_t len;
if (!cbs_get_u(cbs, &len, len_len)) {
return 0;
}
// If |len_len| <= 3 then we know that |len| will fit into a |size_t|, even on
// 32-bit systems.
assert(len_len <= 3);
return CBS_get_bytes(cbs, out, len);
}
int CBS_get_u8_length_prefixed(CBS *cbs, CBS *out) {
return cbs_get_length_prefixed(cbs, out, 1);
}
int CBS_get_u16_length_prefixed(CBS *cbs, CBS *out) {
return cbs_get_length_prefixed(cbs, out, 2);
}
int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out) {
return cbs_get_length_prefixed(cbs, out, 3);
}
int CBS_get_until_first(CBS *cbs, CBS *out, uint8_t c) {
const uint8_t *split = OPENSSL_memchr(CBS_data(cbs), c, CBS_len(cbs));
if (split == NULL) {
return 0;
}
return CBS_get_bytes(cbs, out, split - CBS_data(cbs));
}
int CBS_get_u64_decimal(CBS *cbs, uint64_t *out) {
uint64_t v = 0;
int seen_digit = 0;
while (CBS_len(cbs) != 0) {
uint8_t c = CBS_data(cbs)[0];
if (!OPENSSL_isdigit(c)) {
break;
}
CBS_skip(cbs, 1);
if ( // Forbid stray leading zeros.
(v == 0 && seen_digit) ||
// Check for overflow.
v > UINT64_MAX / 10 || //
v * 10 > UINT64_MAX - (c - '0')) {
return 0;
}
v = v * 10 + (c - '0');
seen_digit = 1;
}
*out = v;
return seen_digit;
}
// parse_base128_integer reads a big-endian base-128 integer from |cbs| and sets
// |*out| to the result. This is the encoding used in DER for both high tag
// number form and OID components.
static int parse_base128_integer(CBS *cbs, uint64_t *out) {
uint64_t v = 0;
uint8_t b;
do {
if (!CBS_get_u8(cbs, &b)) {
return 0;
}
if ((v >> (64 - 7)) != 0) {
// The value is too large.
return 0;
}
if (v == 0 && b == 0x80) {
// The value must be minimally encoded.
return 0;
}
v = (v << 7) | (b & 0x7f);
// Values end at an octet with the high bit cleared.
} while (b & 0x80);
*out = v;
return 1;
}
static int parse_asn1_tag(CBS *cbs, CBS_ASN1_TAG *out, int universal_tag_ok) {
uint8_t tag_byte;
if (!CBS_get_u8(cbs, &tag_byte)) {
return 0;
}
// ITU-T X.690 section 8.1.2.3 specifies the format for identifiers with a tag
// number no greater than 30.
//
// If the number portion is 31 (0x1f, the largest value that fits in the
// allotted bits), then the tag is more than one byte long and the
// continuation bytes contain the tag number.
CBS_ASN1_TAG tag = ((CBS_ASN1_TAG)tag_byte & 0xe0) << CBS_ASN1_TAG_SHIFT;
CBS_ASN1_TAG tag_number = tag_byte & 0x1f;
if (tag_number == 0x1f) {
uint64_t v;
if (!parse_base128_integer(cbs, &v) ||
// Check the tag number is within our supported bounds.
v > CBS_ASN1_TAG_NUMBER_MASK ||
// Small tag numbers should have used low tag number form, even in BER.
v < 0x1f) {
return 0;
}
tag_number = (CBS_ASN1_TAG)v;
}
tag |= tag_number;
// Tag [UNIVERSAL 0] is reserved for use by the encoding. Reject it here to
// avoid some ambiguity around ANY values and BER indefinite-length EOCs. See
// https://crbug.com/boringssl/455.
if (!universal_tag_ok && (tag & ~CBS_ASN1_CONSTRUCTED) == 0) {
return 0;
}
*out = tag;
return 1;
}
int cbs_get_any_asn1_element(CBS *cbs, CBS *out, CBS_ASN1_TAG *out_tag,
size_t *out_header_len, int *out_ber_found,
int *out_indefinite, int ber_ok, int universal_tag_ok) {
CBS header = *cbs;
CBS throwaway;
if (out == NULL) {
out = &throwaway;
}
if (ber_ok) {
*out_ber_found = 0;
*out_indefinite = 0;
} else {
assert(out_ber_found == NULL);
assert(out_indefinite == NULL);
}
CBS_ASN1_TAG tag;
if (!parse_asn1_tag(&header, &tag, universal_tag_ok)) {
return 0;
}
if (out_tag != NULL) {
*out_tag = tag;
}
uint8_t length_byte;
if (!CBS_get_u8(&header, &length_byte)) {
return 0;
}
size_t header_len = CBS_len(cbs) - CBS_len(&header);
size_t len;
// The format for the length encoding is specified in ITU-T X.690 section
// 8.1.3.
if ((length_byte & 0x80) == 0) {
// Short form length.
len = ((size_t)length_byte) + header_len;
if (out_header_len != NULL) {
*out_header_len = header_len;
}
} else {
// The high bit indicate that this is the long form, while the next 7 bits
// encode the number of subsequent octets used to encode the length (ITU-T
// X.690 clause 8.1.3.5.b).
const size_t num_bytes = length_byte & 0x7f;
uint64_t len64;
if (ber_ok && (tag & CBS_ASN1_CONSTRUCTED) != 0 && num_bytes == 0) {
// indefinite length
if (out_header_len != NULL) {
*out_header_len = header_len;
}
*out_ber_found = 1;
*out_indefinite = 1;
return CBS_get_bytes(cbs, out, header_len);
}
// ITU-T X.690 clause 8.1.3.5.c specifies that the value 0xff shall not be
// used as the first byte of the length. If this parser encounters that
// value, num_bytes will be parsed as 127, which will fail this check.
if (num_bytes == 0 || num_bytes > 4) {
return 0;
}
if (!cbs_get_u(&header, &len64, num_bytes)) {
return 0;
}
// ITU-T X.690 section 10.1 (DER length forms) requires encoding the
// length with the minimum number of octets. BER could, technically, have
// 125 superfluous zero bytes. We do not attempt to handle that and still
// require that the length fit in a |uint32_t| for BER.
if (len64 < 128) {
// Length should have used short-form encoding.
if (ber_ok) {
*out_ber_found = 1;
} else {
return 0;
}
}
if ((len64 >> ((num_bytes - 1) * 8)) == 0) {
// Length should have been at least one byte shorter.
if (ber_ok) {
*out_ber_found = 1;
} else {
return 0;
}
}
len = len64;
if (len + header_len + num_bytes < len) {
// Overflow.
return 0;
}
len += header_len + num_bytes;
if (out_header_len != NULL) {
*out_header_len = header_len + num_bytes;
}
}
return CBS_get_bytes(cbs, out, len);
}
int CBS_get_any_asn1(CBS *cbs, CBS *out, CBS_ASN1_TAG *out_tag) {
size_t header_len;
if (!CBS_get_any_asn1_element(cbs, out, out_tag, &header_len)) {
return 0;
}
if (!CBS_skip(out, header_len)) {
assert(0);
return 0;
}
return 1;
}
int CBS_get_any_asn1_element(CBS *cbs, CBS *out, CBS_ASN1_TAG *out_tag,
size_t *out_header_len) {
return cbs_get_any_asn1_element(cbs, out, out_tag, out_header_len, NULL, NULL,
/*ber_ok=*/0, /*universal_tag_ok=*/0);
}
int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out, CBS_ASN1_TAG *out_tag,
size_t *out_header_len, int *out_ber_found,
int *out_indefinite) {
int ber_found_temp;
return cbs_get_any_asn1_element(
cbs, out, out_tag, out_header_len,
out_ber_found ? out_ber_found : &ber_found_temp, out_indefinite,
/*ber_ok=*/1, /*universal_tag_ok=*/0);
}
static int cbs_get_asn1(CBS *cbs, CBS *out, CBS_ASN1_TAG tag_value,
int skip_header) {
size_t header_len;
CBS_ASN1_TAG tag;
CBS throwaway;
if (out == NULL) {
out = &throwaway;
}
if (!CBS_get_any_asn1_element(cbs, out, &tag, &header_len) ||
tag != tag_value) {
return 0;
}
if (skip_header && !CBS_skip(out, header_len)) {
assert(0);
return 0;
}
return 1;
}
int CBS_get_asn1(CBS *cbs, CBS *out, CBS_ASN1_TAG tag_value) {
return cbs_get_asn1(cbs, out, tag_value, 1 /* skip header */);
}
int CBS_get_asn1_element(CBS *cbs, CBS *out, CBS_ASN1_TAG tag_value) {
return cbs_get_asn1(cbs, out, tag_value, 0 /* include header */);
}
int CBS_peek_asn1_tag(const CBS *cbs, CBS_ASN1_TAG tag_value) {
CBS copy = *cbs;
CBS_ASN1_TAG actual_tag;
return parse_asn1_tag(&copy, &actual_tag, /*universal_tag_ok=*/0) && tag_value == actual_tag;
}
int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out) {
CBS bytes;
if (!CBS_get_asn1(cbs, &bytes, CBS_ASN1_INTEGER) ||
!CBS_is_unsigned_asn1_integer(&bytes)) {
return 0;
}
*out = 0;
const uint8_t *data = CBS_data(&bytes);
size_t len = CBS_len(&bytes);
for (size_t i = 0; i < len; i++) {
if ((*out >> 56) != 0) {
// Too large to represent as a uint64_t.
return 0;
}
*out <<= 8;
*out |= data[i];
}
return 1;
}
int CBS_get_asn1_int64(CBS *cbs, int64_t *out) {
int is_negative;
CBS bytes;
if (!CBS_get_asn1(cbs, &bytes, CBS_ASN1_INTEGER) ||
!CBS_is_valid_asn1_integer(&bytes, &is_negative)) {
return 0;
}
const uint8_t *data = CBS_data(&bytes);
const size_t len = CBS_len(&bytes);
if (len > sizeof(int64_t)) {
return 0;
}
uint8_t sign_extend[sizeof(int64_t)];
memset(sign_extend, is_negative ? 0xff : 0, sizeof(sign_extend));
// GCC 12/13 report `stringop-overflow` on the following line
// without additional condition: `i < sizeof(int64_t)`
for (size_t i = 0; i < len && i < sizeof(int64_t); i++) {
// `data` is big-endian.
// Values are always shifted toward the "little" end.
#ifdef OPENSSL_BIG_ENDIAN
// Bytes are written starting at the highest index.
sign_extend[sizeof(sign_extend) - i - 1] = data[len - i - 1];
#else
// Bytes are written starting at the lowest index.
sign_extend[i] = data[len - i - 1];
#endif
}
memcpy(out, sign_extend, sizeof(sign_extend));
return 1;
}
int CBS_get_asn1_bool(CBS *cbs, int *out) {
CBS bytes;
if (!CBS_get_asn1(cbs, &bytes, CBS_ASN1_BOOLEAN) || CBS_len(&bytes) != 1) {
return 0;
}
const uint8_t value = *CBS_data(&bytes);
if (value != 0 && value != 0xff) {
return 0;
}
*out = !!value;
return 1;
}
int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present,
CBS_ASN1_TAG tag) {
int present = 0;
if (CBS_peek_asn1_tag(cbs, tag)) {
if (!CBS_get_asn1(cbs, out, tag)) {
return 0;
}
present = 1;
}
if (out_present != NULL) {
*out_present = present;
}
return 1;
}
int CBS_get_optional_asn1_octet_string(CBS *cbs, CBS *out, int *out_present,
CBS_ASN1_TAG tag) {
CBS child;
int present;
if (!CBS_get_optional_asn1(cbs, &child, &present, tag)) {
return 0;
}
if (present) {
assert(out);
if (!CBS_get_asn1(&child, out, CBS_ASN1_OCTETSTRING) ||
CBS_len(&child) != 0) {
return 0;
}
} else {
CBS_init(out, NULL, 0);
}
if (out_present) {
*out_present = present;
}
return 1;
}
int CBS_get_optional_asn1_uint64(CBS *cbs, uint64_t *out, CBS_ASN1_TAG tag,
uint64_t default_value) {
CBS child;
int present;
if (!CBS_get_optional_asn1(cbs, &child, &present, tag)) {
return 0;
}
if (present) {
if (!CBS_get_asn1_uint64(&child, out) || CBS_len(&child) != 0) {
return 0;
}
} else {
*out = default_value;
}
return 1;
}
int CBS_get_optional_asn1_bool(CBS *cbs, int *out, CBS_ASN1_TAG tag,
int default_value) {
CBS child, child2;
int present;
if (!CBS_get_optional_asn1(cbs, &child, &present, tag)) {
return 0;
}
if (present) {
uint8_t boolean;
if (!CBS_get_asn1(&child, &child2, CBS_ASN1_BOOLEAN) ||
CBS_len(&child2) != 1 || CBS_len(&child) != 0) {
return 0;
}
boolean = CBS_data(&child2)[0];
if (boolean == 0) {
*out = 0;
} else if (boolean == 0xff) {
*out = 1;
} else {
return 0;
}
} else {
*out = default_value;
}
return 1;
}
int CBS_is_valid_asn1_bitstring(const CBS *cbs) {
CBS in = *cbs;
uint8_t num_unused_bits;
if (!CBS_get_u8(&in, &num_unused_bits) || num_unused_bits > 7) {
return 0;
}
if (num_unused_bits == 0) {
return 1;
}
// All num_unused_bits bits must exist and be zeros.
uint8_t last;
if (!CBS_get_last_u8(&in, &last) ||
(last & ((1 << num_unused_bits) - 1)) != 0) {
return 0;
}
return 1;
}
int CBS_asn1_bitstring_has_bit(const CBS *cbs, unsigned bit) {
if (!CBS_is_valid_asn1_bitstring(cbs)) {
return 0;
}
const unsigned byte_num = (bit >> 3) + 1;
const unsigned bit_num = 7 - (bit & 7);
// Unused bits are zero, and this function does not distinguish between
// missing and unset bits. Thus it is sufficient to do a byte-level length
// check.
return byte_num < CBS_len(cbs) &&
(CBS_data(cbs)[byte_num] & (1 << bit_num)) != 0;
}
int CBS_is_valid_asn1_integer(const CBS *cbs, int *out_is_negative) {
CBS copy = *cbs;
uint8_t first_byte, second_byte;
if (!CBS_get_u8(&copy, &first_byte)) {
return 0; // INTEGERs may not be empty.
}
if (out_is_negative != NULL) {
*out_is_negative = (first_byte & 0x80) != 0;
}
if (!CBS_get_u8(&copy, &second_byte)) {
return 1; // One byte INTEGERs are always minimal.
}
if ((first_byte == 0x00 && (second_byte & 0x80) == 0) ||
(first_byte == 0xff && (second_byte & 0x80) != 0)) {
return 0; // The value is minimal iff the first 9 bits are not all equal.
}
return 1;
}
int CBS_is_unsigned_asn1_integer(const CBS *cbs) {
int is_negative;
return CBS_is_valid_asn1_integer(cbs, &is_negative) && !is_negative;
}
static int add_decimal(CBB *out, uint64_t v) {
char buf[DECIMAL_SIZE(uint64_t) + 1];
snprintf(buf, sizeof(buf), "%" PRIu64, v);
return CBB_add_bytes(out, (const uint8_t *)buf, strlen(buf));
}
int CBS_is_valid_asn1_oid(const CBS *cbs) {
if (CBS_len(cbs) == 0) {
return 0; // OID encodings cannot be empty.
}
CBS copy = *cbs;
uint8_t v, prev = 0;
while (CBS_get_u8(&copy, &v)) {
// OID encodings are a sequence of minimally-encoded base-128 integers (see
// |parse_base128_integer|). If |prev|'s MSB was clear, it was the last byte
// of an integer (or |v| is the first byte). |v| is then the first byte of
// the next integer. If first byte of an integer is 0x80, it is not
// minimally-encoded.
if ((prev & 0x80) == 0 && v == 0x80) {
return 0;
}
prev = v;
}
// The last byte should must end an integer encoding.
return (prev & 0x80) == 0;
}
char *CBS_asn1_oid_to_text(const CBS *cbs) {
CBB cbb;
if (!CBB_init(&cbb, 32)) {
goto err;
}
CBS copy = *cbs;
// The first component is 40 * value1 + value2, where value1 is 0, 1, or 2.
uint64_t v;
if (!parse_base128_integer(&copy, &v)) {
goto err;
}
if (v >= 80) {
if (!CBB_add_bytes(&cbb, (const uint8_t *)"2.", 2) ||
!add_decimal(&cbb, v - 80)) {
goto err;
}
} else if (!add_decimal(&cbb, v / 40) || !CBB_add_u8(&cbb, '.') ||
!add_decimal(&cbb, v % 40)) {
goto err;
}
while (CBS_len(&copy) != 0) {
if (!parse_base128_integer(&copy, &v) || !CBB_add_u8(&cbb, '.') ||
!add_decimal(&cbb, v)) {
goto err;
}
}
uint8_t *txt;
size_t txt_len;
if (!CBB_add_u8(&cbb, '\0') || !CBB_finish(&cbb, &txt, &txt_len)) {
goto err;
}
return (char *)txt;
err:
CBB_cleanup(&cbb);
return NULL;
}
static int cbs_get_two_digits(CBS *cbs, int *out) {
uint8_t first_digit, second_digit;
if (!CBS_get_u8(cbs, &first_digit)) {
return 0;
}
if (!OPENSSL_isdigit(first_digit)) {
return 0;
}
if (!CBS_get_u8(cbs, &second_digit)) {
return 0;
}
if (!OPENSSL_isdigit(second_digit)) {
return 0;
}
*out = (first_digit - '0') * 10 + (second_digit - '0');
return 1;
}
static int is_valid_day(int year, int month, int day) {
if (day < 1) {
return 0;
}
switch (month) {
case 1:
case 3:
case 5:
case 7:
case 8:
case 10:
case 12:
return day <= 31;
case 4:
case 6:
case 9:
case 11:
return day <= 30;
case 2:
if ((year % 4 == 0 && year % 100 != 0) || year % 400 == 0) {
return day <= 29;
} else {
return day <= 28;
}
default:
return 0;
}
}
static int CBS_parse_rfc5280_time_internal(const CBS *cbs, int is_gentime,
int allow_timezone_offset,
struct tm *out_tm) {
int year, month, day, hour, min, sec, tmp;
CBS copy = *cbs;
uint8_t tz;
if (is_gentime) {
if (!cbs_get_two_digits(&copy, &tmp)) {
return 0;
}
year = tmp * 100;
if (!cbs_get_two_digits(&copy, &tmp)) {
return 0;
}
year += tmp;
} else {
year = 1900;
if (!cbs_get_two_digits(&copy, &tmp)) {
return 0;
}
year += tmp;
if (year < 1950) {
year += 100;
}
if (year >= 2050) {
return 0; // A Generalized time must be used.
}
}
if (!cbs_get_two_digits(&copy, &month) || month < 1 ||
month > 12 || // Reject invalid months.
!cbs_get_two_digits(&copy, &day) ||
!is_valid_day(year, month, day) || // Reject invalid days.
!cbs_get_two_digits(&copy, &hour) ||
hour > 23 || // Reject invalid hours.
!cbs_get_two_digits(&copy, &min) ||
min > 59 || // Reject invalid minutes.
!cbs_get_two_digits(&copy, &sec) || sec > 59 || !CBS_get_u8(&copy, &tz)) {
return 0;
}
int offset_sign = 0;
switch (tz) {
case 'Z':
break; // We correctly have 'Z' on the end as per spec.
case '+':
offset_sign = 1;
break; // Should not be allowed per RFC 5280.
case '-':
offset_sign = -1;
break; // Should not be allowed per RFC 5280.
default:
return 0; // Reject anything else after the time.
}
// If allow_timezone_offset is non-zero, allow for a four digit timezone
// offset to be specified even though this is not allowed by RFC 5280. We are
// permissive of this for UTCTimes due to the unfortunate existence of
// artisinally rolled long lived certificates that were baked into places that
// are now difficult to change. These certificates were generated with the
// 'openssl' command that permissively allowed the creation of certificates
// with notBefore and notAfter times specified as strings for direct
// certificate inclusion on the command line. For context see cl/237068815.
//
// TODO(bbe): This has been expunged from public web-pki as the ecosystem has
// managed to encourage CA compliance with standards. We should find a way to
// get rid of this or make it off by default.
int offset_seconds = 0;
if (offset_sign != 0) {
if (!allow_timezone_offset) {
return 0;
}
int offset_hours, offset_minutes;
if (!cbs_get_two_digits(&copy, &offset_hours) ||
offset_hours > 23 || // Reject invalid hours.
!cbs_get_two_digits(&copy, &offset_minutes) ||
offset_minutes > 59) { // Reject invalid minutes.
return 0;
}
offset_seconds = offset_sign * (offset_hours * 3600 + offset_minutes * 60);
}
if (CBS_len(&copy) != 0) {
return 0; // Reject invalid lengths.
}
if (out_tm != NULL) {
// Fill in the tm fields corresponding to what we validated.
out_tm->tm_year = year - 1900;
out_tm->tm_mon = month - 1;
out_tm->tm_mday = day;
out_tm->tm_hour = hour;
out_tm->tm_min = min;
out_tm->tm_sec = sec;
if (offset_seconds && !OPENSSL_gmtime_adj(out_tm, 0, offset_seconds)) {
return 0;
}
}
return 1;
}
int CBS_parse_generalized_time(const CBS *cbs, struct tm *out_tm,
int allow_timezone_offset) {
return CBS_parse_rfc5280_time_internal(cbs, 1, allow_timezone_offset, out_tm);
}
int CBS_parse_utc_time(const CBS *cbs, struct tm *out_tm,
int allow_timezone_offset) {
return CBS_parse_rfc5280_time_internal(cbs, 0, allow_timezone_offset, out_tm);
}
int CBS_get_optional_asn1_int64(CBS *cbs, int64_t *out, CBS_ASN1_TAG tag,
int64_t default_value) {
CBS child;
int present;
if (!CBS_get_optional_asn1(cbs, &child, &present, tag)) {
return 0;
}
if (present) {
if (!CBS_get_asn1_int64(&child, out) || CBS_len(&child) != 0) {
return 0;
}
} else {
*out = default_value;
}
return 1;
}

105
vendor/aws-lc-sys/aws-lc/crypto/bytestring/internal.h vendored Normal file
View File

@@ -0,0 +1,105 @@
// Copyright (c) 2014, Google Inc.
// SPDX-License-Identifier: ISC
#ifndef OPENSSL_HEADER_BYTESTRING_INTERNAL_H
#define OPENSSL_HEADER_BYTESTRING_INTERNAL_H
#include <openssl/base.h>
#if defined(__cplusplus)
extern "C" {
#endif
// CBS_asn1_ber_to_der reads a BER element from |in|. If it finds
// indefinite-length elements or constructed strings then it converts the BER
// data to DER, sets |out| to the converted contents and |*out_storage| to a
// buffer which the caller must release with |OPENSSL_free|. Otherwise, it sets
// |out| to the original BER element in |in| and |*out_storage| to NULL.
// Additionally, |*in| will be advanced over the BER element.
//
// This function should successfully process any valid BER input, however it
// will not convert all of BER's deviations from DER. BER is ambiguous between
// implicitly-tagged SEQUENCEs of strings and implicitly-tagged constructed
// strings. Implicitly-tagged strings must be parsed with
// |CBS_get_ber_implicitly_tagged_string| instead of |CBS_get_asn1|. The caller
// must also account for BER variations in the contents of a primitive.
//
// It returns one on success and zero otherwise.
OPENSSL_EXPORT int CBS_asn1_ber_to_der(CBS *in, CBS *out,
uint8_t **out_storage);
// CBS_get_asn1_implicit_string parses a BER string of primitive type
// |inner_tag| implicitly-tagged with |outer_tag|. It sets |out| to the
// contents. If concatenation was needed, it sets |*out_storage| to a buffer
// which the caller must release with |OPENSSL_free|. Otherwise, it sets
// |*out_storage| to NULL.
//
// This function does not parse all of BER. It requires the string be
// definite-length. Constructed strings are allowed, but all children of the
// outermost element must be primitive. The caller should use
// |CBS_asn1_ber_to_der| before running this function.
//
// It returns one on success and zero otherwise.
OPENSSL_EXPORT int CBS_get_asn1_implicit_string(CBS *in, CBS *out,
uint8_t **out_storage,
CBS_ASN1_TAG outer_tag,
CBS_ASN1_TAG inner_tag);
// CBB_finish_i2d calls |CBB_finish| on |cbb| which must have been initialized
// with |CBB_init|. If |outp| is not NULL then the result is written to |*outp|
// and |*outp| is advanced just past the output. It returns the number of bytes
// in the result, whether written or not, or a negative value on error. On
// error, it calls |CBB_cleanup| on |cbb|.
//
// This function may be used to help implement legacy i2d ASN.1 functions.
OPENSSL_EXPORT int CBB_finish_i2d(CBB *cbb, uint8_t **outp);
// Unicode utilities.
// The following functions read one Unicode code point from |cbs| with the
// corresponding encoding and store it in |*out|. They return one on success and
// zero on error.
OPENSSL_EXPORT int cbs_get_utf8(CBS *cbs, uint32_t *out);
OPENSSL_EXPORT int cbs_get_latin1(CBS *cbs, uint32_t *out);
OPENSSL_EXPORT int cbs_get_ucs2_be(CBS *cbs, uint32_t *out);
OPENSSL_EXPORT int cbs_get_utf32_be(CBS *cbs, uint32_t *out);
// cbb_get_utf8_len returns the number of bytes needed to represent |u| in
// UTF-8.
OPENSSL_EXPORT size_t cbb_get_utf8_len(uint32_t u);
// The following functions encode |u| to |cbb| with the corresponding
// encoding. They return one on success and zero on error.
OPENSSL_EXPORT int cbb_add_utf8(CBB *cbb, uint32_t u);
OPENSSL_EXPORT int cbb_add_latin1(CBB *cbb, uint32_t u);
OPENSSL_EXPORT int cbb_add_ucs2_be(CBB *cbb, uint32_t u);
OPENSSL_EXPORT int cbb_add_utf32_be(CBB *cbb, uint32_t u);
// cbs_get_any_asn1_element parses an ASN.1 element from |cbs|. |*out_indefinite|
// is set to one if the length was indefinite and zero otherwise. On success,
// if the length is indefinite |out| will only contain the ASN.1 header,
// otherwise is will contain both the header and the content. If |out_tag| is
// not NULL, |*out_tag| is set to the element's tag number. If |out_header_len|
// is not NULL, |*out_header_len| is set to the length of the header.
//
// If |ber_ok| is one, BER encoding is permitted. In this case, if
// |out_ber_found| is not NULL and BER-specific encoding was found,
// |*out_ber_found| is set to one. If |out_indefinite| is not NULL and the
// element has indefinite-length, |*out_indefinite| is set to one.
// If |ber_ok| is zero, both |out_ber_found| and |out_indefinite| must be NULL.
//
// If |universal_tag_ok| is 1, universal tags are permitted. Otherwise, only
// context-specific tags are accepted.
//
// It returns one on success and zero on failure.
int cbs_get_any_asn1_element(CBS *cbs, CBS *out, CBS_ASN1_TAG *out_tag,
size_t *out_header_len, int *out_ber_found,
int *out_indefinite, int ber_ok, int universal_tag_ok);
#if defined(__cplusplus)
} // extern C
#endif
#endif // OPENSSL_HEADER_BYTESTRING_INTERNAL_H

145
vendor/aws-lc-sys/aws-lc/crypto/bytestring/unicode.c vendored Normal file
View File

@@ -0,0 +1,145 @@
// Copyright (c) 2018, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/bytestring.h>
#include "internal.h"
static int is_valid_code_point(uint32_t v) {
// References in the following are to Unicode 15.0.0.
if (// The Unicode space runs from zero to 0x10ffff (3.4 D9).
v > 0x10ffff ||
// Values 0x...fffe, 0x...ffff, and 0xfdd0-0xfdef are permanently reserved
// as noncharacters (3.4 D14). See also 23.7. As our APIs are intended for
// "open interchange", such as ASN.1, we reject them.
(v & 0xfffe) == 0xfffe ||
(v >= 0xfdd0 && v <= 0xfdef) ||
// Surrogate code points are invalid (3.2 C1).
(v >= 0xd800 && v <= 0xdfff)) {
return 0;
}
return 1;
}
// BOTTOM_BITS returns a byte with the bottom |n| bits set.
#define BOTTOM_BITS(n) (uint8_t)((1u << (n)) - 1)
// TOP_BITS returns a byte with the top |n| bits set.
#define TOP_BITS(n) ((uint8_t)~BOTTOM_BITS(8 - (n)))
int cbs_get_utf8(CBS *cbs, uint32_t *out) {
uint8_t c;
if (!CBS_get_u8(cbs, &c)) {
return 0;
}
if (c <= 0x7f) {
*out = c;
return 1;
}
uint32_t v, lower_bound;
size_t len;
if ((c & TOP_BITS(3)) == TOP_BITS(2)) {
v = c & BOTTOM_BITS(5);
len = 1;
lower_bound = 0x80;
} else if ((c & TOP_BITS(4)) == TOP_BITS(3)) {
v = c & BOTTOM_BITS(4);
len = 2;
lower_bound = 0x800;
} else if ((c & TOP_BITS(5)) == TOP_BITS(4)) {
v = c & BOTTOM_BITS(3);
len = 3;
lower_bound = 0x10000;
} else {
return 0;
}
for (size_t i = 0; i < len; i++) {
if (!CBS_get_u8(cbs, &c) ||
(c & TOP_BITS(2)) != TOP_BITS(1)) {
return 0;
}
v <<= 6;
v |= c & BOTTOM_BITS(6);
}
if (!is_valid_code_point(v) ||
v < lower_bound) {
return 0;
}
*out = v;
return 1;
}
int cbs_get_latin1(CBS *cbs, uint32_t *out) {
uint8_t c;
if (!CBS_get_u8(cbs, &c)) {
return 0;
}
*out = c;
return 1;
}
int cbs_get_ucs2_be(CBS *cbs, uint32_t *out) {
// Note UCS-2 (used by BMPString) does not support surrogates.
uint16_t c;
if (!CBS_get_u16(cbs, &c) ||
!is_valid_code_point(c)) {
return 0;
}
*out = c;
return 1;
}
int cbs_get_utf32_be(CBS *cbs, uint32_t *out) {
return CBS_get_u32(cbs, out) && is_valid_code_point(*out);
}
size_t cbb_get_utf8_len(uint32_t u) {
if (u <= 0x7f) {
return 1;
}
if (u <= 0x7ff) {
return 2;
}
if (u <= 0xffff) {
return 3;
}
return 4;
}
int cbb_add_utf8(CBB *cbb, uint32_t u) {
if (!is_valid_code_point(u)) {
return 0;
}
if (u <= 0x7f) {
return CBB_add_u8(cbb, (uint8_t)u);
}
if (u <= 0x7ff) {
return CBB_add_u8(cbb, TOP_BITS(2) | (u >> 6)) &&
CBB_add_u8(cbb, TOP_BITS(1) | (u & BOTTOM_BITS(6)));
}
if (u <= 0xffff) {
return CBB_add_u8(cbb, TOP_BITS(3) | (u >> 12)) &&
CBB_add_u8(cbb, TOP_BITS(1) | ((u >> 6) & BOTTOM_BITS(6))) &&
CBB_add_u8(cbb, TOP_BITS(1) | (u & BOTTOM_BITS(6)));
}
if (u <= 0x10ffff) {
return CBB_add_u8(cbb, TOP_BITS(4) | (u >> 18)) &&
CBB_add_u8(cbb, TOP_BITS(1) | ((u >> 12) & BOTTOM_BITS(6))) &&
CBB_add_u8(cbb, TOP_BITS(1) | ((u >> 6) & BOTTOM_BITS(6))) &&
CBB_add_u8(cbb, TOP_BITS(1) | (u & BOTTOM_BITS(6)));
}
return 0;
}
int cbb_add_latin1(CBB *cbb, uint32_t u) {
return u <= 0xff && CBB_add_u8(cbb, (uint8_t)u);
}
int cbb_add_ucs2_be(CBB *cbb, uint32_t u) {
return u <= 0xffff && is_valid_code_point(u) && CBB_add_u16(cbb, (uint16_t)u);
}
int cbb_add_utf32_be(CBB *cbb, uint32_t u) {
return is_valid_code_point(u) && CBB_add_u32(cbb, u);
}