2
0

packet.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576
  1. /*
  2. * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "internal/cryptlib.h"
  10. #include "internal/packet.h"
  11. #include <openssl/err.h>
  12. #define DEFAULT_BUF_SIZE 256
  13. int WPACKET_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
  14. {
  15. if (!WPACKET_reserve_bytes(pkt, len, allocbytes))
  16. return 0;
  17. pkt->written += len;
  18. pkt->curr += len;
  19. return 1;
  20. }
  21. int WPACKET_sub_allocate_bytes__(WPACKET *pkt, size_t len,
  22. unsigned char **allocbytes, size_t lenbytes)
  23. {
  24. if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
  25. || !WPACKET_allocate_bytes(pkt, len, allocbytes)
  26. || !WPACKET_close(pkt))
  27. return 0;
  28. return 1;
  29. }
  30. #define GETBUF(p) (((p)->staticbuf != NULL) \
  31. ? (p)->staticbuf \
  32. : ((p)->buf != NULL \
  33. ? (unsigned char *)(p)->buf->data \
  34. : NULL))
  35. int WPACKET_reserve_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
  36. {
  37. /* Internal API, so should not fail */
  38. if (!ossl_assert(pkt->subs != NULL && len != 0))
  39. return 0;
  40. if (pkt->maxsize - pkt->written < len)
  41. return 0;
  42. if (pkt->buf != NULL && (pkt->buf->length - pkt->written < len)) {
  43. size_t newlen;
  44. size_t reflen;
  45. reflen = (len > pkt->buf->length) ? len : pkt->buf->length;
  46. if (reflen > SIZE_MAX / 2) {
  47. newlen = SIZE_MAX;
  48. } else {
  49. newlen = reflen * 2;
  50. if (newlen < DEFAULT_BUF_SIZE)
  51. newlen = DEFAULT_BUF_SIZE;
  52. }
  53. if (BUF_MEM_grow(pkt->buf, newlen) == 0)
  54. return 0;
  55. }
  56. if (allocbytes != NULL) {
  57. *allocbytes = WPACKET_get_curr(pkt);
  58. if (pkt->endfirst && *allocbytes != NULL)
  59. *allocbytes -= len;
  60. }
  61. return 1;
  62. }
  63. int WPACKET_sub_reserve_bytes__(WPACKET *pkt, size_t len,
  64. unsigned char **allocbytes, size_t lenbytes)
  65. {
  66. if (pkt->endfirst && lenbytes > 0)
  67. return 0;
  68. if (!WPACKET_reserve_bytes(pkt, lenbytes + len, allocbytes))
  69. return 0;
  70. if (*allocbytes != NULL)
  71. *allocbytes += lenbytes;
  72. return 1;
  73. }
  74. static size_t maxmaxsize(size_t lenbytes)
  75. {
  76. if (lenbytes >= sizeof(size_t) || lenbytes == 0)
  77. return SIZE_MAX;
  78. return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes;
  79. }
  80. static int wpacket_intern_init_len(WPACKET *pkt, size_t lenbytes)
  81. {
  82. unsigned char *lenchars;
  83. pkt->curr = 0;
  84. pkt->written = 0;
  85. if ((pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs))) == NULL)
  86. return 0;
  87. if (lenbytes == 0)
  88. return 1;
  89. pkt->subs->pwritten = lenbytes;
  90. pkt->subs->lenbytes = lenbytes;
  91. if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars)) {
  92. OPENSSL_free(pkt->subs);
  93. pkt->subs = NULL;
  94. return 0;
  95. }
  96. pkt->subs->packet_len = 0;
  97. return 1;
  98. }
  99. int WPACKET_init_static_len(WPACKET *pkt, unsigned char *buf, size_t len,
  100. size_t lenbytes)
  101. {
  102. size_t max = maxmaxsize(lenbytes);
  103. /* Internal API, so should not fail */
  104. if (!ossl_assert(buf != NULL && len > 0))
  105. return 0;
  106. pkt->staticbuf = buf;
  107. pkt->buf = NULL;
  108. pkt->maxsize = (max < len) ? max : len;
  109. pkt->endfirst = 0;
  110. return wpacket_intern_init_len(pkt, lenbytes);
  111. }
  112. int WPACKET_init_der(WPACKET *pkt, unsigned char *buf, size_t len)
  113. {
  114. /* Internal API, so should not fail */
  115. if (!ossl_assert(buf != NULL && len > 0))
  116. return 0;
  117. pkt->staticbuf = buf;
  118. pkt->buf = NULL;
  119. pkt->maxsize = len;
  120. pkt->endfirst = 1;
  121. return wpacket_intern_init_len(pkt, 0);
  122. }
  123. int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes)
  124. {
  125. /* Internal API, so should not fail */
  126. if (!ossl_assert(buf != NULL))
  127. return 0;
  128. pkt->staticbuf = NULL;
  129. pkt->buf = buf;
  130. pkt->maxsize = maxmaxsize(lenbytes);
  131. pkt->endfirst = 0;
  132. return wpacket_intern_init_len(pkt, lenbytes);
  133. }
  134. int WPACKET_init(WPACKET *pkt, BUF_MEM *buf)
  135. {
  136. return WPACKET_init_len(pkt, buf, 0);
  137. }
  138. int WPACKET_init_null(WPACKET *pkt, size_t lenbytes)
  139. {
  140. pkt->staticbuf = NULL;
  141. pkt->buf = NULL;
  142. pkt->maxsize = maxmaxsize(lenbytes);
  143. pkt->endfirst = 0;
  144. return wpacket_intern_init_len(pkt, 0);
  145. }
  146. int WPACKET_init_null_der(WPACKET *pkt)
  147. {
  148. pkt->staticbuf = NULL;
  149. pkt->buf = NULL;
  150. pkt->maxsize = SIZE_MAX;
  151. pkt->endfirst = 1;
  152. return wpacket_intern_init_len(pkt, 0);
  153. }
  154. int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
  155. {
  156. /* Internal API, so should not fail */
  157. if (!ossl_assert(pkt->subs != NULL))
  158. return 0;
  159. pkt->subs->flags = flags;
  160. return 1;
  161. }
  162. /* Store the |value| of length |len| at location |data| */
  163. static int put_value(unsigned char *data, uint64_t value, size_t len)
  164. {
  165. if (data == NULL)
  166. return 1;
  167. for (data += len - 1; len > 0; len--) {
  168. *data = (unsigned char)(value & 0xff);
  169. data--;
  170. value >>= 8;
  171. }
  172. /* Check whether we could fit the value in the assigned number of bytes */
  173. if (value > 0)
  174. return 0;
  175. return 1;
  176. }
  177. static int put_quic_value(unsigned char *data, size_t value, size_t len)
  178. {
  179. if (data == NULL)
  180. return 1;
  181. /* Value too large for field. */
  182. if (ossl_quic_vlint_encode_len(value) > len)
  183. return 0;
  184. ossl_quic_vlint_encode_n(data, value, len);
  185. return 1;
  186. }
  187. /*
  188. * Internal helper function used by WPACKET_close(), WPACKET_finish() and
  189. * WPACKET_fill_lengths() to close a sub-packet and write out its length if
  190. * necessary. If |doclose| is 0 then it goes through the motions of closing
  191. * (i.e. it fills in all the lengths), but doesn't actually close anything.
  192. */
  193. static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose)
  194. {
  195. size_t packlen = pkt->written - sub->pwritten;
  196. if (packlen == 0
  197. && (sub->flags & WPACKET_FLAGS_NON_ZERO_LENGTH) != 0)
  198. return 0;
  199. if (packlen == 0
  200. && sub->flags & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) {
  201. /* We can't handle this case. Return an error */
  202. if (!doclose)
  203. return 0;
  204. /* Deallocate any bytes allocated for the length of the WPACKET */
  205. if ((pkt->curr - sub->lenbytes) == sub->packet_len) {
  206. pkt->written -= sub->lenbytes;
  207. pkt->curr -= sub->lenbytes;
  208. }
  209. /* Don't write out the packet length */
  210. sub->packet_len = 0;
  211. sub->lenbytes = 0;
  212. }
  213. /* Write out the WPACKET length if needed */
  214. if (sub->lenbytes > 0) {
  215. unsigned char *buf = GETBUF(pkt);
  216. if (buf != NULL) {
  217. if ((sub->flags & WPACKET_FLAGS_QUIC_VLINT) == 0) {
  218. if (!put_value(&buf[sub->packet_len], packlen, sub->lenbytes))
  219. return 0;
  220. } else {
  221. if (!put_quic_value(&buf[sub->packet_len], packlen, sub->lenbytes))
  222. return 0;
  223. }
  224. }
  225. } else if (pkt->endfirst && sub->parent != NULL
  226. && (packlen != 0
  227. || (sub->flags
  228. & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) == 0)) {
  229. size_t tmplen = packlen;
  230. size_t numlenbytes = 1;
  231. while ((tmplen = tmplen >> 8) > 0)
  232. numlenbytes++;
  233. if (!WPACKET_put_bytes__(pkt, packlen, numlenbytes))
  234. return 0;
  235. if (packlen > 0x7f) {
  236. numlenbytes |= 0x80;
  237. if (!WPACKET_put_bytes_u8(pkt, numlenbytes))
  238. return 0;
  239. }
  240. }
  241. if (doclose) {
  242. pkt->subs = sub->parent;
  243. OPENSSL_free(sub);
  244. }
  245. return 1;
  246. }
  247. int WPACKET_fill_lengths(WPACKET *pkt)
  248. {
  249. WPACKET_SUB *sub;
  250. if (!ossl_assert(pkt->subs != NULL))
  251. return 0;
  252. for (sub = pkt->subs; sub != NULL; sub = sub->parent) {
  253. if (!wpacket_intern_close(pkt, sub, 0))
  254. return 0;
  255. }
  256. return 1;
  257. }
  258. int WPACKET_close(WPACKET *pkt)
  259. {
  260. /*
  261. * Internal API, so should not fail - but we do negative testing of this
  262. * so no assert (otherwise the tests fail)
  263. */
  264. if (pkt->subs == NULL || pkt->subs->parent == NULL)
  265. return 0;
  266. return wpacket_intern_close(pkt, pkt->subs, 1);
  267. }
  268. int WPACKET_finish(WPACKET *pkt)
  269. {
  270. int ret;
  271. /*
  272. * Internal API, so should not fail - but we do negative testing of this
  273. * so no assert (otherwise the tests fail)
  274. */
  275. if (pkt->subs == NULL || pkt->subs->parent != NULL)
  276. return 0;
  277. ret = wpacket_intern_close(pkt, pkt->subs, 1);
  278. if (ret) {
  279. OPENSSL_free(pkt->subs);
  280. pkt->subs = NULL;
  281. }
  282. return ret;
  283. }
  284. int WPACKET_start_sub_packet_len__(WPACKET *pkt, size_t lenbytes)
  285. {
  286. WPACKET_SUB *sub;
  287. unsigned char *lenchars;
  288. /* Internal API, so should not fail */
  289. if (!ossl_assert(pkt->subs != NULL))
  290. return 0;
  291. /* We don't support lenbytes greater than 0 when doing endfirst writing */
  292. if (lenbytes > 0 && pkt->endfirst)
  293. return 0;
  294. if ((sub = OPENSSL_zalloc(sizeof(*sub))) == NULL)
  295. return 0;
  296. sub->parent = pkt->subs;
  297. pkt->subs = sub;
  298. sub->pwritten = pkt->written + lenbytes;
  299. sub->lenbytes = lenbytes;
  300. if (lenbytes == 0) {
  301. sub->packet_len = 0;
  302. return 1;
  303. }
  304. sub->packet_len = pkt->written;
  305. if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars))
  306. return 0;
  307. return 1;
  308. }
  309. int WPACKET_start_sub_packet(WPACKET *pkt)
  310. {
  311. return WPACKET_start_sub_packet_len__(pkt, 0);
  312. }
  313. int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t size)
  314. {
  315. unsigned char *data;
  316. /* Internal API, so should not fail */
  317. if (!ossl_assert(size <= sizeof(uint64_t))
  318. || !WPACKET_allocate_bytes(pkt, size, &data)
  319. || !put_value(data, val, size))
  320. return 0;
  321. return 1;
  322. }
  323. int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize)
  324. {
  325. WPACKET_SUB *sub;
  326. size_t lenbytes;
  327. /* Internal API, so should not fail */
  328. if (!ossl_assert(pkt->subs != NULL))
  329. return 0;
  330. /* Find the WPACKET_SUB for the top level */
  331. for (sub = pkt->subs; sub->parent != NULL; sub = sub->parent)
  332. continue;
  333. lenbytes = sub->lenbytes;
  334. if (lenbytes == 0)
  335. lenbytes = sizeof(pkt->maxsize);
  336. if (maxmaxsize(lenbytes) < maxsize || maxsize < pkt->written)
  337. return 0;
  338. pkt->maxsize = maxsize;
  339. return 1;
  340. }
  341. int WPACKET_memset(WPACKET *pkt, int ch, size_t len)
  342. {
  343. unsigned char *dest;
  344. if (len == 0)
  345. return 1;
  346. if (!WPACKET_allocate_bytes(pkt, len, &dest))
  347. return 0;
  348. if (dest != NULL)
  349. memset(dest, ch, len);
  350. return 1;
  351. }
  352. int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len)
  353. {
  354. unsigned char *dest;
  355. if (len == 0)
  356. return 1;
  357. if (!WPACKET_allocate_bytes(pkt, len, &dest))
  358. return 0;
  359. if (dest != NULL)
  360. memcpy(dest, src, len);
  361. return 1;
  362. }
  363. int WPACKET_sub_memcpy__(WPACKET *pkt, const void *src, size_t len,
  364. size_t lenbytes)
  365. {
  366. if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
  367. || !WPACKET_memcpy(pkt, src, len)
  368. || !WPACKET_close(pkt))
  369. return 0;
  370. return 1;
  371. }
  372. int WPACKET_get_total_written(WPACKET *pkt, size_t *written)
  373. {
  374. /* Internal API, so should not fail */
  375. if (!ossl_assert(written != NULL))
  376. return 0;
  377. *written = pkt->written;
  378. return 1;
  379. }
  380. int WPACKET_get_length(WPACKET *pkt, size_t *len)
  381. {
  382. /* Internal API, so should not fail */
  383. if (!ossl_assert(pkt->subs != NULL && len != NULL))
  384. return 0;
  385. *len = pkt->written - pkt->subs->pwritten;
  386. return 1;
  387. }
  388. unsigned char *WPACKET_get_curr(WPACKET *pkt)
  389. {
  390. unsigned char *buf = GETBUF(pkt);
  391. if (buf == NULL)
  392. return NULL;
  393. if (pkt->endfirst)
  394. return buf + pkt->maxsize - pkt->curr;
  395. return buf + pkt->curr;
  396. }
  397. int WPACKET_is_null_buf(WPACKET *pkt)
  398. {
  399. return pkt->buf == NULL && pkt->staticbuf == NULL;
  400. }
  401. void WPACKET_cleanup(WPACKET *pkt)
  402. {
  403. WPACKET_SUB *sub, *parent;
  404. for (sub = pkt->subs; sub != NULL; sub = parent) {
  405. parent = sub->parent;
  406. OPENSSL_free(sub);
  407. }
  408. pkt->subs = NULL;
  409. }
  410. int WPACKET_start_quic_sub_packet_bound(WPACKET *pkt, size_t max_len)
  411. {
  412. size_t enclen = ossl_quic_vlint_encode_len(max_len);
  413. if (enclen == 0)
  414. return 0;
  415. if (WPACKET_start_sub_packet_len__(pkt, enclen) == 0)
  416. return 0;
  417. pkt->subs->flags |= WPACKET_FLAGS_QUIC_VLINT;
  418. return 1;
  419. }
  420. int WPACKET_start_quic_sub_packet(WPACKET *pkt)
  421. {
  422. /*
  423. * Assume no (sub)packet will exceed 4GiB, thus the 8-byte encoding need not
  424. * be used.
  425. */
  426. return WPACKET_start_quic_sub_packet_bound(pkt, OSSL_QUIC_VLINT_4B_MIN);
  427. }
  428. int WPACKET_quic_sub_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
  429. {
  430. if (!WPACKET_start_quic_sub_packet_bound(pkt, len)
  431. || !WPACKET_allocate_bytes(pkt, len, allocbytes)
  432. || !WPACKET_close(pkt))
  433. return 0;
  434. return 1;
  435. }
  436. /*
  437. * Write a QUIC variable-length integer to the packet.
  438. */
  439. int WPACKET_quic_write_vlint(WPACKET *pkt, uint64_t v)
  440. {
  441. unsigned char *b = NULL;
  442. size_t enclen = ossl_quic_vlint_encode_len(v);
  443. if (enclen == 0)
  444. return 0;
  445. if (WPACKET_allocate_bytes(pkt, enclen, &b) == 0)
  446. return 0;
  447. ossl_quic_vlint_encode(b, v);
  448. return 1;
  449. }