summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/ct/ct_oct.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/ct/ct_oct.c')
-rw-r--r--src/lib/libcrypto/ct/ct_oct.c74
1 files changed, 43 insertions, 31 deletions
diff --git a/src/lib/libcrypto/ct/ct_oct.c b/src/lib/libcrypto/ct/ct_oct.c
index 7a45bdb5bf..bd15ab0e92 100644
--- a/src/lib/libcrypto/ct/ct_oct.c
+++ b/src/lib/libcrypto/ct/ct_oct.c
@@ -29,7 +29,7 @@ o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len)
29 const unsigned char *p; 29 const unsigned char *p;
30 30
31 if (sct->version != SCT_VERSION_V1) { 31 if (sct->version != SCT_VERSION_V1) {
32 CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_UNSUPPORTED_VERSION); 32 CTerror(CT_R_UNSUPPORTED_VERSION);
33 return -1; 33 return -1;
34 } 34 }
35 /* 35 /*
@@ -40,7 +40,7 @@ o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len)
40 * all supported algorithms. 40 * all supported algorithms.
41 */ 41 */
42 if (len <= 4) { 42 if (len <= 4) {
43 CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE); 43 CTerror(CT_R_SCT_INVALID_SIGNATURE);
44 return -1; 44 return -1;
45 } 45 }
46 46
@@ -49,14 +49,17 @@ o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len)
49 sct->hash_alg = *p++; 49 sct->hash_alg = *p++;
50 sct->sig_alg = *p++; 50 sct->sig_alg = *p++;
51 if (SCT_get_signature_nid(sct) == NID_undef) { 51 if (SCT_get_signature_nid(sct) == NID_undef) {
52 CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE); 52 CTerror(CT_R_SCT_INVALID_SIGNATURE);
53 return -1; 53 return -1;
54 } 54 }
55 /* Retrieve signature and check it is consistent with the buffer length */ 55 /*
56 * Retrieve signature and check it is consistent with the buffer
57 * length
58 */
56 n2s(p, siglen); 59 n2s(p, siglen);
57 len_remaining -= (p - *in); 60 len_remaining -= (p - *in);
58 if (siglen > len_remaining) { 61 if (siglen > len_remaining) {
59 CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE); 62 CTerror(CT_R_SCT_INVALID_SIGNATURE);
60 return -1; 63 return -1;
61 } 64 }
62 65
@@ -68,13 +71,19 @@ o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len)
68 return len - len_remaining; 71 return len - len_remaining;
69} 72}
70 73
71SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len) 74SCT *
75o2i_SCT(SCT **psct, const unsigned char **in, size_t len)
72{ 76{
73 SCT *sct = NULL; 77 SCT *sct = NULL;
74 const unsigned char *p; 78 const unsigned char *p;
75 79
80 /*
81 * XXX paging Dr Sing. please report to this function for an emergency
82 * CBS/CBB implantation surgery. Stat.
83 */
84
76 if (len == 0 || len > MAX_SCT_SIZE) { 85 if (len == 0 || len > MAX_SCT_SIZE) {
77 CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID); 86 CTerror(CT_R_SCT_INVALID);
78 goto err; 87 goto err;
79 } 88 }
80 89
@@ -97,14 +106,15 @@ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len)
97 * } 106 * }
98 */ 107 */
99 if (len < 43) { 108 if (len < 43) {
100 CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID); 109 CTerror(CT_R_SCT_INVALID);
101 goto err; 110 goto err;
102 } 111 }
103 len -= 43; 112 len -= 43;
104 p++; 113 p++;
105 sct->log_id = BUF_memdup(p, CT_V1_HASHLEN); 114 sct->log_id = malloc(CT_V1_HASHLEN);
106 if (sct->log_id == NULL) 115 if (sct->log_id == NULL)
107 goto err; 116 goto err;
117 memcpy(sct->log_id, p, CT_V1_HASHLEN);
108 sct->log_id_len = CT_V1_HASHLEN; 118 sct->log_id_len = CT_V1_HASHLEN;
109 p += CT_V1_HASHLEN; 119 p += CT_V1_HASHLEN;
110 120
@@ -112,13 +122,14 @@ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len)
112 122
113 n2s(p, len2); 123 n2s(p, len2);
114 if (len < len2) { 124 if (len < len2) {
115 CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID); 125 CTerror(CT_R_SCT_INVALID);
116 goto err; 126 goto err;
117 } 127 }
118 if (len2 > 0) { 128 if (len2 > 0) {
119 sct->ext = BUF_memdup(p, len2); 129 sct->ext = malloc(len2);
120 if (sct->ext == NULL) 130 if (sct->ext == NULL)
121 goto err; 131 goto err;
132 memcpy(sct->ext, p, len2);
122 } 133 }
123 sct->ext_len = len2; 134 sct->ext_len = len2;
124 p += len2; 135 p += len2;
@@ -126,16 +137,17 @@ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len)
126 137
127 sig_len = o2i_SCT_signature(sct, &p, len); 138 sig_len = o2i_SCT_signature(sct, &p, len);
128 if (sig_len <= 0) { 139 if (sig_len <= 0) {
129 CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID); 140 CTerror(CT_R_SCT_INVALID);
130 goto err; 141 goto err;
131 } 142 }
132 len -= sig_len; 143 len -= sig_len;
133 *in = p + len; 144 *in = p + len;
134 } else { 145 } else {
135 /* If not V1 just cache encoding */ 146 /* If not V1 just cache encoding */
136 sct->sct = BUF_memdup(p, len); 147 sct->sct = malloc(len);
137 if (sct->sct == NULL) 148 if (sct->sct == NULL)
138 goto err; 149 goto err;
150 memcpy(sct->sct, p, len);
139 sct->sct_len = len; 151 sct->sct_len = len;
140 *in = p + len; 152 *in = p + len;
141 } 153 }
@@ -158,12 +170,12 @@ i2o_SCT_signature(const SCT *sct, unsigned char **out)
158 unsigned char *p = NULL, *pstart = NULL; 170 unsigned char *p = NULL, *pstart = NULL;
159 171
160 if (!SCT_signature_is_complete(sct)) { 172 if (!SCT_signature_is_complete(sct)) {
161 CTerr(CT_F_I2O_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE); 173 CTerror(CT_R_SCT_INVALID_SIGNATURE);
162 goto err; 174 goto err;
163 } 175 }
164 176
165 if (sct->version != SCT_VERSION_V1) { 177 if (sct->version != SCT_VERSION_V1) {
166 CTerr(CT_F_I2O_SCT_SIGNATURE, CT_R_UNSUPPORTED_VERSION); 178 CTerror(CT_R_UNSUPPORTED_VERSION);
167 goto err; 179 goto err;
168 } 180 }
169 181
@@ -179,9 +191,9 @@ i2o_SCT_signature(const SCT *sct, unsigned char **out)
179 p = *out; 191 p = *out;
180 *out += len; 192 *out += len;
181 } else { 193 } else {
182 pstart = p = OPENSSL_malloc(len); 194 pstart = p = malloc(len);
183 if (p == NULL) { 195 if (p == NULL) {
184 CTerr(CT_F_I2O_SCT_SIGNATURE, ERR_R_MALLOC_FAILURE); 196 CTerror(ERR_R_MALLOC_FAILURE);
185 goto err; 197 goto err;
186 } 198 }
187 *out = p; 199 *out = p;
@@ -195,7 +207,7 @@ i2o_SCT_signature(const SCT *sct, unsigned char **out)
195 207
196 return len; 208 return len;
197 err: 209 err:
198 OPENSSL_free(pstart); 210 free(pstart);
199 return -1; 211 return -1;
200} 212}
201 213
@@ -206,7 +218,7 @@ i2o_SCT(const SCT *sct, unsigned char **out)
206 unsigned char *p = NULL, *pstart = NULL; 218 unsigned char *p = NULL, *pstart = NULL;
207 219
208 if (!SCT_is_complete(sct)) { 220 if (!SCT_is_complete(sct)) {
209 CTerr(CT_F_I2O_SCT, CT_R_SCT_NOT_SET); 221 CTerror(CT_R_SCT_NOT_SET);
210 goto err; 222 goto err;
211 } 223 }
212 /* 224 /*
@@ -227,9 +239,9 @@ i2o_SCT(const SCT *sct, unsigned char **out)
227 p = *out; 239 p = *out;
228 *out += len; 240 *out += len;
229 } else { 241 } else {
230 pstart = p = OPENSSL_malloc(len); 242 pstart = p = malloc(len);
231 if (p == NULL) { 243 if (p == NULL) {
232 CTerr(CT_F_I2O_SCT, ERR_R_MALLOC_FAILURE); 244 CTerror(ERR_R_MALLOC_FAILURE);
233 goto err; 245 goto err;
234 } 246 }
235 *out = p; 247 *out = p;
@@ -253,7 +265,7 @@ i2o_SCT(const SCT *sct, unsigned char **out)
253 265
254 return len; 266 return len;
255 err: 267 err:
256 OPENSSL_free(pstart); 268 free(pstart);
257 return -1; 269 return -1;
258} 270}
259 271
@@ -264,13 +276,13 @@ o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp, size_t len)
264 size_t list_len, sct_len; 276 size_t list_len, sct_len;
265 277
266 if (len < 2 || len > MAX_SCT_LIST_SIZE) { 278 if (len < 2 || len > MAX_SCT_LIST_SIZE) {
267 CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID); 279 CTerror(CT_R_SCT_LIST_INVALID);
268 return NULL; 280 return NULL;
269 } 281 }
270 282
271 n2s(*pp, list_len); 283 n2s(*pp, list_len);
272 if (list_len != len - 2) { 284 if (list_len != len - 2) {
273 CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID); 285 CTerror(CT_R_SCT_LIST_INVALID);
274 return NULL; 286 return NULL;
275 } 287 }
276 288
@@ -291,14 +303,14 @@ o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp, size_t len)
291 SCT *sct; 303 SCT *sct;
292 304
293 if (list_len < 2) { 305 if (list_len < 2) {
294 CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID); 306 CTerror(CT_R_SCT_LIST_INVALID);
295 goto err; 307 goto err;
296 } 308 }
297 n2s(*pp, sct_len); 309 n2s(*pp, sct_len);
298 list_len -= 2; 310 list_len -= 2;
299 311
300 if (sct_len == 0 || sct_len > list_len) { 312 if (sct_len == 0 || sct_len > list_len) {
301 CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID); 313 CTerror(CT_R_SCT_LIST_INVALID);
302 goto err; 314 goto err;
303 } 315 }
304 list_len -= sct_len; 316 list_len -= sct_len;
@@ -331,11 +343,11 @@ i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp)
331 if (pp != NULL) { 343 if (pp != NULL) {
332 if (*pp == NULL) { 344 if (*pp == NULL) {
333 if ((len = i2o_SCT_LIST(a, NULL)) == -1) { 345 if ((len = i2o_SCT_LIST(a, NULL)) == -1) {
334 CTerr(CT_F_I2O_SCT_LIST, CT_R_SCT_LIST_INVALID); 346 CTerror(CT_R_SCT_LIST_INVALID);
335 return -1; 347 return -1;
336 } 348 }
337 if ((*pp = OPENSSL_malloc(len)) == NULL) { 349 if ((*pp = malloc(len)) == NULL) {
338 CTerr(CT_F_I2O_SCT_LIST, ERR_R_MALLOC_FAILURE); 350 CTerror(ERR_R_MALLOC_FAILURE);
339 return -1; 351 return -1;
340 } 352 }
341 is_pp_new = 1; 353 is_pp_new = 1;
@@ -371,7 +383,7 @@ i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp)
371 383
372 err: 384 err:
373 if (is_pp_new) { 385 if (is_pp_new) {
374 OPENSSL_free(*pp); 386 free(*pp);
375 *pp = NULL; 387 *pp = NULL;
376 } 388 }
377 return -1; 389 return -1;
@@ -407,6 +419,6 @@ i2d_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **out)
407 return -1; 419 return -1;
408 420
409 len = i2d_ASN1_OCTET_STRING(&oct, out); 421 len = i2d_ASN1_OCTET_STRING(&oct, out);
410 OPENSSL_free(oct.data); 422 free(oct.data);
411 return len; 423 return len;
412} 424}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-21 21:55:48 +0000