| OLD | NEW |
|---|
| (Empty) |
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 4 | |
| 5 #include "secder.h" | |
| 6 #include <limits.h> | |
| 7 #include "secerr.h" | |
| 8 | |
| 9 int | |
| 10 DER_LengthLength(PRUint32 len) | |
| 11 { | |
| 12 if (len > 127) { | |
| 13 if (len > 255) { | |
| 14 if (len > 65535L) { | |
| 15 if (len > 16777215L) { | |
| 16 return 5; | |
| 17 } else { | |
| 18 return 4; | |
| 19 } | |
| 20 } else { | |
| 21 return 3; | |
| 22 } | |
| 23 } else { | |
| 24 return 2; | |
| 25 } | |
| 26 } else { | |
| 27 return 1; | |
| 28 } | |
| 29 } | |
| 30 | |
| 31 unsigned char * | |
| 32 DER_StoreHeader(unsigned char *buf, unsigned int code, PRUint32 len) | |
| 33 { | |
| 34 unsigned char b[4]; | |
| 35 | |
| 36 b[0] = (unsigned char)(len >> 24); | |
| 37 b[1] = (unsigned char)(len >> 16); | |
| 38 b[2] = (unsigned char)(len >> 8); | |
| 39 b[3] = (unsigned char)len; | |
| 40 if ((code & DER_TAGNUM_MASK) == DER_SET | |
| 41 || (code & DER_TAGNUM_MASK) == DER_SEQUENCE) | |
| 42 code |= DER_CONSTRUCTED; | |
| 43 *buf++ = code; | |
| 44 if (len > 127) { | |
| 45 if (len > 255) { | |
| 46 if (len > 65535) { | |
| 47 if (len > 16777215) { | |
| 48 *buf++ = 0x84; | |
| 49 *buf++ = b[0]; | |
| 50 *buf++ = b[1]; | |
| 51 *buf++ = b[2]; | |
| 52 *buf++ = b[3]; | |
| 53 } else { | |
| 54 *buf++ = 0x83; | |
| 55 *buf++ = b[1]; | |
| 56 *buf++ = b[2]; | |
| 57 *buf++ = b[3]; | |
| 58 } | |
| 59 } else { | |
| 60 *buf++ = 0x82; | |
| 61 *buf++ = b[2]; | |
| 62 *buf++ = b[3]; | |
| 63 } | |
| 64 } else { | |
| 65 *buf++ = 0x81; | |
| 66 *buf++ = b[3]; | |
| 67 } | |
| 68 } else { | |
| 69 *buf++ = b[3]; | |
| 70 } | |
| 71 return buf; | |
| 72 } | |
| 73 | |
| 74 /* | |
| 75 * XXX This should be rewritten, generalized, to take a long instead | |
| 76 * of a PRInt32. | |
| 77 */ | |
| 78 SECStatus | |
| 79 DER_SetInteger(PLArenaPool *arena, SECItem *it, PRInt32 i) | |
| 80 { | |
| 81 unsigned char bb[4]; | |
| 82 unsigned len; | |
| 83 | |
| 84 bb[0] = (unsigned char) (i >> 24); | |
| 85 bb[1] = (unsigned char) (i >> 16); | |
| 86 bb[2] = (unsigned char) (i >> 8); | |
| 87 bb[3] = (unsigned char) (i); | |
| 88 | |
| 89 /* | |
| 90 ** Small integers are encoded in a single byte. Larger integers | |
| 91 ** require progressively more space. | |
| 92 */ | |
| 93 if (i < -128) { | |
| 94 if (i < -32768L) { | |
| 95 if (i < -8388608L) { | |
| 96 len = 4; | |
| 97 } else { | |
| 98 len = 3; | |
| 99 } | |
| 100 } else { | |
| 101 len = 2; | |
| 102 } | |
| 103 } else if (i > 127) { | |
| 104 if (i > 32767L) { | |
| 105 if (i > 8388607L) { | |
| 106 len = 4; | |
| 107 } else { | |
| 108 len = 3; | |
| 109 } | |
| 110 } else { | |
| 111 len = 2; | |
| 112 } | |
| 113 } else { | |
| 114 len = 1; | |
| 115 } | |
| 116 it->data = (unsigned char*) PORT_ArenaAlloc(arena, len); | |
| 117 if (!it->data) { | |
| 118 return SECFailure; | |
| 119 } | |
| 120 it->len = len; | |
| 121 PORT_Memcpy(it->data, bb + (4 - len), len); | |
| 122 return SECSuccess; | |
| 123 } | |
| 124 | |
| 125 /* | |
| 126 * XXX This should be rewritten, generalized, to take an unsigned long instead | |
| 127 * of a PRUint32. | |
| 128 */ | |
| 129 SECStatus | |
| 130 DER_SetUInteger(PLArenaPool *arena, SECItem *it, PRUint32 ui) | |
| 131 { | |
| 132 unsigned char bb[5]; | |
| 133 int len; | |
| 134 | |
| 135 bb[0] = 0; | |
| 136 bb[1] = (unsigned char) (ui >> 24); | |
| 137 bb[2] = (unsigned char) (ui >> 16); | |
| 138 bb[3] = (unsigned char) (ui >> 8); | |
| 139 bb[4] = (unsigned char) (ui); | |
| 140 | |
| 141 /* | |
| 142 ** Small integers are encoded in a single byte. Larger integers | |
| 143 ** require progressively more space. | |
| 144 */ | |
| 145 if (ui > 0x7f) { | |
| 146 if (ui > 0x7fff) { | |
| 147 if (ui > 0x7fffffL) { | |
| 148 if (ui >= 0x80000000L) { | |
| 149 len = 5; | |
| 150 } else { | |
| 151 len = 4; | |
| 152 } | |
| 153 } else { | |
| 154 len = 3; | |
| 155 } | |
| 156 } else { | |
| 157 len = 2; | |
| 158 } | |
| 159 } else { | |
| 160 len = 1; | |
| 161 } | |
| 162 | |
| 163 it->data = (unsigned char *)PORT_ArenaAlloc(arena, len); | |
| 164 if (it->data == NULL) { | |
| 165 return SECFailure; | |
| 166 } | |
| 167 | |
| 168 it->len = len; | |
| 169 PORT_Memcpy(it->data, bb + (sizeof(bb) - len), len); | |
| 170 | |
| 171 return SECSuccess; | |
| 172 } | |
| 173 | |
| 174 /* | |
| 175 ** Convert a der encoded *signed* integer into a machine integral value. | |
| 176 ** If an underflow/overflow occurs, sets error code and returns min/max. | |
| 177 */ | |
| 178 long | |
| 179 DER_GetInteger(const SECItem *it) | |
| 180 { | |
| 181 long ival = 0; | |
| 182 PRBool negative = PR_FALSE; | |
| 183 unsigned int len = it->len; | |
| 184 unsigned int originalLength = len; | |
| 185 unsigned char *cp = it->data; | |
| 186 unsigned long overflow = 0x1ffUL << (((sizeof(ival) - 1) * 8) - 1); | |
| 187 unsigned long mask = 1; | |
| 188 | |
| 189 PORT_Assert(len); | |
| 190 if (!len) { | |
| 191 PORT_SetError(SEC_ERROR_INPUT_LEN); | |
| 192 return 0; | |
| 193 } | |
| 194 | |
| 195 if (*cp & 0x80) { | |
| 196 negative = PR_TRUE; | |
| 197 overflow <<= 1; | |
| 198 } | |
| 199 | |
| 200 while (len) { | |
| 201 if ((ival & overflow) != 0) { | |
| 202 PORT_SetError(SEC_ERROR_BAD_DER); | |
| 203 if (negative) { | |
| 204 return LONG_MIN; | |
| 205 } | |
| 206 return LONG_MAX; | |
| 207 } | |
| 208 ival = ival << 8; | |
| 209 ival |= *cp++; | |
| 210 --len; | |
| 211 } | |
| 212 if (negative && ival && (overflow & ival) == 0) { | |
| 213 mask <<= ((originalLength * 8) - 1); | |
| 214 ival &= ~mask; | |
| 215 ival -= mask; | |
| 216 } | |
| 217 return ival; | |
| 218 } | |
| 219 | |
| 220 /* | |
| 221 ** Convert a der encoded *unsigned* integer into a machine integral value. | |
| 222 ** If an overflow occurs, sets error code and returns max. | |
| 223 */ | |
| 224 unsigned long | |
| 225 DER_GetUInteger(SECItem *it) | |
| 226 { | |
| 227 unsigned long ival = 0; | |
| 228 unsigned len = it->len; | |
| 229 unsigned char *cp = it->data; | |
| 230 unsigned long overflow = 0xffUL << ((sizeof(ival) - 1) * 8); | |
| 231 | |
| 232 PORT_Assert(len); | |
| 233 if (!len) { | |
| 234 PORT_SetError(SEC_ERROR_INPUT_LEN); | |
| 235 return 0; | |
| 236 } | |
| 237 | |
| 238 /* Cannot put a negative value into an unsigned container. */ | |
| 239 if (*cp & 0x80) { | |
| 240 PORT_SetError(SEC_ERROR_BAD_DER); | |
| 241 return 0; | |
| 242 } | |
| 243 | |
| 244 while (len) { | |
| 245 if (ival & overflow) { | |
| 246 PORT_SetError(SEC_ERROR_BAD_DER); | |
| 247 return ULONG_MAX; | |
| 248 } | |
| 249 ival = ival << 8; | |
| 250 ival |= *cp++; | |
| 251 --len; | |
| 252 } | |
| 253 return ival; | |
| 254 } | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2078763002:
Delete bundled copy of NSS and replace with README. (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/nss@master