fb790f1673
Reviewed-by: Rich Salz <rsalz@openssl.org>
343 lines
8.4 KiB
C
343 lines
8.4 KiB
C
/*
|
|
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
* in the file LICENSE in the source distribution or at
|
|
* https://www.openssl.org/source/license.html
|
|
*/
|
|
|
|
#include "packet_locl.h"
|
|
|
|
/*
|
|
* Allocate bytes in the WPACKET for the output. This reserves the bytes
|
|
* and count them as "written", but doesn't actually do the writing.
|
|
*/
|
|
int WPACKET_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
|
|
{
|
|
if (pkt->subs == NULL || len == 0)
|
|
return 0;
|
|
|
|
if (SIZE_MAX - pkt->written < len)
|
|
return 0;
|
|
|
|
if (pkt->maxsize > 0 && pkt->written + len > pkt->maxsize)
|
|
return 0;
|
|
|
|
if (pkt->buf->length - pkt->written < len) {
|
|
size_t newlen;
|
|
|
|
if (pkt->buf->length > SIZE_MAX / 2)
|
|
newlen = SIZE_MAX;
|
|
else
|
|
newlen = pkt->buf->length * 2;
|
|
if (BUF_MEM_grow(pkt->buf, newlen) == 0)
|
|
return 0;
|
|
}
|
|
pkt->written += len;
|
|
*allocbytes = pkt->curr;
|
|
pkt->curr += len;
|
|
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* Initialise a WPACKET with the buffer in |buf|. The buffer must exist
|
|
* for the whole time that the WPACKET is being used. Additionally |lenbytes| of
|
|
* data is preallocated at the start of the buffer to store the length of the
|
|
* WPACKET once we know it.
|
|
*/
|
|
int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes)
|
|
{
|
|
/* Sanity check */
|
|
if (buf == NULL)
|
|
return 0;
|
|
|
|
pkt->buf = buf;
|
|
pkt->curr = (unsigned char *)buf->data;
|
|
pkt->written = 0;
|
|
pkt->maxsize = 0;
|
|
|
|
pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs));
|
|
if (pkt->subs == NULL)
|
|
return 0;
|
|
|
|
if (lenbytes == 0)
|
|
return 1;
|
|
|
|
pkt->subs->pwritten = lenbytes;
|
|
pkt->subs->lenbytes = lenbytes;
|
|
|
|
if (!WPACKET_allocate_bytes(pkt, lenbytes, &(pkt->subs->packet_len))) {
|
|
OPENSSL_free(pkt->subs);
|
|
pkt->subs = NULL;
|
|
return 0;
|
|
}
|
|
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* Same as WPACKET_init_len except there is no preallocation of the WPACKET
|
|
* length.
|
|
*/
|
|
int WPACKET_init(WPACKET *pkt, BUF_MEM *buf)
|
|
{
|
|
return WPACKET_init_len(pkt, buf, 0);
|
|
}
|
|
|
|
/*
|
|
* Set the WPACKET length, and the location for where we should write that
|
|
* length. Normally this will be at the start of the WPACKET, and therefore
|
|
* the WPACKET would have been initialised via WPACKET_init_len(). However there
|
|
* is the possibility that the length needs to be written to some other location
|
|
* other than the start of the WPACKET. In that case init via WPACKET_init() and
|
|
* then set the location for the length using this function.
|
|
*/
|
|
int WPACKET_set_packet_len(WPACKET *pkt, unsigned char *packet_len,
|
|
size_t lenbytes)
|
|
{
|
|
/* We only allow this to be set once */
|
|
if (pkt->subs == NULL)
|
|
return 0;
|
|
|
|
pkt->subs->lenbytes = lenbytes;
|
|
pkt->subs->packet_len = packet_len;
|
|
|
|
return 1;
|
|
}
|
|
|
|
int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
|
|
{
|
|
if (pkt->subs == NULL)
|
|
return 0;
|
|
|
|
pkt->subs->flags = flags;
|
|
|
|
return 1;
|
|
}
|
|
|
|
|
|
/*
|
|
* Internal helper function used by WPACKET_close() and WPACKET_finish() to
|
|
* close a sub-packet and write out its length if necessary.
|
|
*/
|
|
static int wpacket_intern_close(WPACKET *pkt)
|
|
{
|
|
size_t packlen;
|
|
WPACKET_SUB *sub = pkt->subs;
|
|
|
|
packlen = pkt->written - sub->pwritten;
|
|
if (packlen == 0
|
|
&& sub->flags & OPENSSL_WPACKET_FLAGS_NON_ZERO_LENGTH)
|
|
return 0;
|
|
|
|
if (packlen == 0
|
|
&& sub->flags & OPENSSL_WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) {
|
|
/* Deallocate any bytes allocated for the length of the WPACKET */
|
|
if ((pkt->curr - sub->lenbytes) == sub->packet_len) {
|
|
pkt->written -= sub->lenbytes;
|
|
pkt->curr -= sub->lenbytes;
|
|
}
|
|
|
|
/* Don't write out the packet length */
|
|
sub->packet_len = NULL;
|
|
}
|
|
|
|
/* Write out the WPACKET length if needed */
|
|
if (sub->packet_len != NULL) {
|
|
size_t lenbytes;
|
|
|
|
lenbytes = sub->lenbytes;
|
|
|
|
for (; lenbytes > 0; lenbytes--) {
|
|
sub->packet_len[lenbytes - 1]
|
|
= (unsigned char)(packlen & 0xff);
|
|
packlen >>= 8;
|
|
}
|
|
if (packlen > 0) {
|
|
/*
|
|
* We've extended beyond the max allowed for the number of len bytes
|
|
*/
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
pkt->subs = sub->parent;
|
|
OPENSSL_free(sub);
|
|
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* Closes the most recent sub-packet. It also writes out the length of the
|
|
* packet to the required location (normally the start of the WPACKET) if
|
|
* appropriate. The top level WPACKET should be closed using WPACKET_finish()
|
|
* instead of this function.
|
|
*/
|
|
int WPACKET_close(WPACKET *pkt)
|
|
{
|
|
if (pkt->subs == NULL || pkt->subs->parent == NULL)
|
|
return 0;
|
|
|
|
return wpacket_intern_close(pkt);
|
|
}
|
|
|
|
/*
|
|
* The same as WPACKET_close() but only for the top most WPACKET. Additionally
|
|
* frees memory resources for this WPACKET.
|
|
*/
|
|
int WPACKET_finish(WPACKET *pkt)
|
|
{
|
|
int ret;
|
|
|
|
if (pkt->subs == NULL || pkt->subs->parent != NULL)
|
|
return 0;
|
|
|
|
ret = wpacket_intern_close(pkt);
|
|
|
|
/* We free up memory no matter whether |ret| is zero or not */
|
|
OPENSSL_free(pkt->subs);
|
|
pkt->subs = NULL;
|
|
return ret;
|
|
}
|
|
|
|
/*
|
|
* Initialise a new sub-packet. Additionally |lenbytes| of data is preallocated
|
|
* at the start of the sub-packet to store its length once we know it.
|
|
*/
|
|
int WPACKET_start_sub_packet_len(WPACKET *pkt, size_t lenbytes)
|
|
{
|
|
WPACKET_SUB *sub;
|
|
|
|
if (pkt->subs == NULL)
|
|
return 0;
|
|
|
|
sub = OPENSSL_zalloc(sizeof(*sub));
|
|
if (sub == NULL)
|
|
return 0;
|
|
|
|
sub->parent = pkt->subs;
|
|
pkt->subs = sub;
|
|
sub->pwritten = pkt->written + lenbytes;
|
|
sub->lenbytes = lenbytes;
|
|
|
|
if (lenbytes == 0) {
|
|
sub->packet_len = NULL;
|
|
return 1;
|
|
}
|
|
|
|
if (!WPACKET_allocate_bytes(pkt, lenbytes, &sub->packet_len)) {
|
|
return 0;
|
|
}
|
|
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* Same as WPACKET_get_sub_packet_len() except no bytes are pre-allocated for
|
|
* the sub-packet length.
|
|
*/
|
|
int WPACKET_start_sub_packet(WPACKET *pkt)
|
|
{
|
|
return WPACKET_start_sub_packet_len(pkt, 0);
|
|
}
|
|
|
|
/*
|
|
* Write the value stored in |val| into the WPACKET. The value will consome
|
|
* |bytes| amount of storage. An error will occur if |val| cannot be accommdated
|
|
* in |bytes| storage, e.g. attempting to write the value 256 into 1 byte will
|
|
* fail.
|
|
*/
|
|
int WPACKET_put_bytes(WPACKET *pkt, unsigned int val, size_t bytes)
|
|
{
|
|
unsigned char *data;
|
|
|
|
if (bytes > sizeof(unsigned int)
|
|
|| !WPACKET_allocate_bytes(pkt, bytes, &data))
|
|
return 0;
|
|
|
|
data += bytes - 1;
|
|
for (; bytes > 0; bytes--) {
|
|
*data = (unsigned char)(val & 0xff);
|
|
data--;
|
|
val >>= 8;
|
|
}
|
|
|
|
/* Check whether we could fit the value in the assigned number of bytes */
|
|
if (val > 0)
|
|
return 0;
|
|
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* Set a maximum size that we will not allow the WPACKET to grow beyond. If not
|
|
* set then there is no maximum.
|
|
*/
|
|
int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize)
|
|
{
|
|
pkt->maxsize = maxsize;
|
|
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* Copy |len| bytes of data from |*src| into the WPACKET.
|
|
*/
|
|
int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len)
|
|
{
|
|
unsigned char *dest;
|
|
|
|
if (len == 0)
|
|
return 1;
|
|
|
|
if (!WPACKET_allocate_bytes(pkt, len, &dest))
|
|
return 0;
|
|
|
|
memcpy(dest, src, len);
|
|
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* Copy |len| bytes of data from |*src| into the WPACKET and prefix with its
|
|
* length (consuming |lenbytes| of data for the length)
|
|
*/
|
|
int WPACKET_sub_memcpy(WPACKET *pkt, const void *src, size_t len, size_t lenbytes)
|
|
{
|
|
if (!WPACKET_start_sub_packet_len(pkt, lenbytes)
|
|
|| !WPACKET_memcpy(pkt, src, len)
|
|
|| !WPACKET_close(pkt))
|
|
return 0;
|
|
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* Return the total number of bytes written so far to the underlying buffer.
|
|
* This might includes bytes written by a parent WPACKET.
|
|
*/
|
|
int WPACKET_get_total_written(WPACKET *pkt, size_t *written)
|
|
{
|
|
if (pkt->subs == NULL || written == NULL)
|
|
return 0;
|
|
|
|
*written = pkt->written;
|
|
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* Returns the length of the last sub-packet. This excludes any bytes allocated
|
|
* for the length itself.
|
|
*/
|
|
int WPACKET_get_length(WPACKET *pkt, size_t *len)
|
|
{
|
|
if (pkt->subs == NULL || len == NULL)
|
|
return 0;
|
|
|
|
*len = pkt->written - pkt->subs->pwritten;
|
|
|
|
return 1;
|
|
}
|