2 files changed, 109 insertions, 2 deletions
diff --git a/src/lib/libssl/bs_cbs.c b/src/lib/libssl/bs_cbs.c
index 97b0163f3f..63c078c9b0 100644
--- a/src/lib/libssl/bs_cbs.c
+++ b/src/lib/libssl/bs_cbs.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: bs_cbs.c,v 1.23 2021/12/15 17:30:20 jsing Exp $       */
+/*      $OpenBSD: bs_cbs.c,v 1.24 2021/12/15 17:36:49 jsing Exp $       */
 /*
 * Copyright (c) 2014, Google Inc.
 *
@@ -47,6 +47,16 @@ cbs_get(CBS *cbs, const uint8_t **p, size_t n)
        return 1;
 }
+static int
+cbs_peek(CBS *cbs, const uint8_t **p, size_t n)
+{
+        if (cbs->len < n)
+                return 0;
+        *p = cbs->data;
+        return 1;
+}
 size_t
 CBS_offset(const CBS *cbs)
 {
@@ -259,6 +269,73 @@ CBS_get_u24_length_prefixed(CBS *cbs, CBS *out)
        return cbs_get_length_prefixed(cbs, out, 3);
 }
+static int
+cbs_peek_u(CBS *cbs, uint32_t *out, size_t len)
+{
+        uint32_t result = 0;
+        size_t i;
+        const uint8_t *data;
+        if (len < 1 || len > 4)
+                return 0;
+        if (!cbs_peek(cbs, &data, len))
+                return 0;
+        for (i = 0; i < len; i++) {
+                result <<= 8;
+                result |= data[i];
+        }
+        *out = result;
+        return 1;
+}
+int
+CBS_peek_u8(CBS *cbs, uint8_t *out)
+{
+        const uint8_t *v;
+        if (!cbs_peek(cbs, &v, 1))
+                return 0;
+        *out = *v;
+        return 1;
+}
+int
+CBS_peek_u16(CBS *cbs, uint16_t *out)
+{
+        uint32_t v;
+        if (!cbs_peek_u(cbs, &v, 2))
+                return 0;
+        *out = v;
+        return 1;
+}
+int
+CBS_peek_u24(CBS *cbs, uint32_t *out)
+{
+        return cbs_peek_u(cbs, out, 3);
+}
+int
+CBS_peek_u32(CBS *cbs, uint32_t *out)
+{
+        return cbs_peek_u(cbs, out, 4);
+}
+int
+CBS_peek_last_u8(CBS *cbs, uint8_t *out)
+{
+        if (cbs->len == 0)
+                return 0;
+        *out = cbs->data[cbs->len - 1];
+        return 1;
+}
 int
 CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned int *out_tag,
    size_t *out_header_len)
diff --git a/src/lib/libssl/bytestring.h b/src/lib/libssl/bytestring.h
index fa5e05fa27..ce933f3f7b 100644
--- a/src/lib/libssl/bytestring.h
+++ b/src/lib/libssl/bytestring.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: bytestring.h,v 1.21 2021/12/15 17:30:20 jsing Exp $   */
+/*      $OpenBSD: bytestring.h,v 1.22 2021/12/15 17:36:49 jsing Exp $   */
 /*
 * Copyright (c) 2014, Google Inc.
 *
@@ -172,6 +172,36 @@ int CBS_get_u16_length_prefixed(CBS *cbs, CBS *out);
 */
 int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out);
+/*
+ * CBS_peek_u8 sets |*out| to the next uint8_t from |cbs|, but does not advance
+ * |cbs|. It returns one on success and zero on error.
+ */
+int CBS_peek_u8(CBS *cbs, uint8_t *out);
+/*
+ * CBS_peek_u16 sets |*out| to the next, big-endian uint16_t from |cbs|, but
+ * does not advance |cbs|. It returns one on success and zero on error.
+ */
+int CBS_peek_u16(CBS *cbs, uint16_t *out);
+/*
+ * CBS_peek_u24 sets |*out| to the next, big-endian 24-bit value from |cbs|, but
+ * does not advance |cbs|. It returns one on success and zero on error.
+ */
+int CBS_peek_u24(CBS *cbs, uint32_t *out);
+/*
+ * CBS_peek_u32 sets |*out| to the next, big-endian uint32_t value from |cbs|,
+ * but does not advance |cbs|. It returns one on success and zero on error.
+ */
+int CBS_peek_u32(CBS *cbs, uint32_t *out);
+/*
+ * CBS_peek_last_u8 sets |*out| to the last uint8_t from |cbs|, but does not
+ * shorten |cbs|. It returns one on success and zero on error.
+ */
+int CBS_peek_last_u8(CBS *cbs, uint8_t *out);
 /* Parsing ASN.1 */

diff --git a/src/lib/libssl/bs_cbs.c b/src/lib/libssl/bs_cbs.c index 97b0163f3f..63c078c9b0 100644 --- a/src/lib/libssl/bs_cbs.c +++ b/src/lib/libssl/bs_cbs.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bs_cbs.c,v 1.23 2021/12/15 17:30:20 jsing Exp $ */	1	/* $OpenBSD: bs_cbs.c,v 1.24 2021/12/15 17:36:49 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014, Google Inc.	3	* Copyright (c) 2014, Google Inc.
4	*	4	*
@@ -47,6 +47,16 @@ cbs_get(CBS cbs, const uint8_t *p, size_t n)
47	return 1;	47	return 1;
48	}	48	}
49		49
		50	static int
		51	cbs_peek(CBS cbs, const uint8_t *p, size_t n)
		52	{
		53	if (cbs->len < n)
		54	return 0;
		55
		56	*p = cbs->data;
		57	return 1;
		58	}
		59
50	size_t	60	size_t
51	CBS_offset(const CBS *cbs)	61	CBS_offset(const CBS *cbs)
52	{	62	{
@@ -259,6 +269,73 @@ CBS_get_u24_length_prefixed(CBS cbs, CBS out)
259	return cbs_get_length_prefixed(cbs, out, 3);	269	return cbs_get_length_prefixed(cbs, out, 3);
260	}	270	}
261		271
		272	static int
		273	cbs_peek_u(CBS cbs, uint32_t out, size_t len)
		274	{
		275	uint32_t result = 0;
		276	size_t i;
		277	const uint8_t *data;
		278
		279	if (len < 1 \|\| len > 4)
		280	return 0;
		281
		282	if (!cbs_peek(cbs, &data, len))
		283	return 0;
		284
		285	for (i = 0; i < len; i++) {
		286	result <<= 8;
		287	result \|= data[i];
		288	}
		289	*out = result;
		290	return 1;
		291	}
		292
		293	int
		294	CBS_peek_u8(CBS cbs, uint8_t out)
		295	{
		296	const uint8_t *v;
		297
		298	if (!cbs_peek(cbs, &v, 1))
		299	return 0;
		300
		301	out = v;
		302	return 1;
		303	}
		304
		305	int
		306	CBS_peek_u16(CBS cbs, uint16_t out)
		307	{
		308	uint32_t v;
		309
		310	if (!cbs_peek_u(cbs, &v, 2))
		311	return 0;
		312
		313	*out = v;
		314	return 1;
		315	}
		316
		317	int
		318	CBS_peek_u24(CBS cbs, uint32_t out)
		319	{
		320	return cbs_peek_u(cbs, out, 3);
		321	}
		322
		323	int
		324	CBS_peek_u32(CBS cbs, uint32_t out)
		325	{
		326	return cbs_peek_u(cbs, out, 4);
		327	}
		328
		329	int
		330	CBS_peek_last_u8(CBS cbs, uint8_t out)
		331	{
		332	if (cbs->len == 0)
		333	return 0;
		334
		335	*out = cbs->data[cbs->len - 1];
		336	return 1;
		337	}
		338
262	int	339	int
263	CBS_get_any_asn1_element(CBS cbs, CBS out, unsigned int *out_tag,	340	CBS_get_any_asn1_element(CBS cbs, CBS out, unsigned int *out_tag,
264	size_t *out_header_len)	341	size_t *out_header_len)


diff --git a/src/lib/libssl/bytestring.h b/src/lib/libssl/bytestring.h index fa5e05fa27..ce933f3f7b 100644 --- a/src/lib/libssl/bytestring.h +++ b/src/lib/libssl/bytestring.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bytestring.h,v 1.21 2021/12/15 17:30:20 jsing Exp $ */	1	/* $OpenBSD: bytestring.h,v 1.22 2021/12/15 17:36:49 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014, Google Inc.	3	* Copyright (c) 2014, Google Inc.
4	*	4	*
@@ -172,6 +172,36 @@ int CBS_get_u16_length_prefixed(CBS cbs, CBS out);
172	*/	172	*/
173	int CBS_get_u24_length_prefixed(CBS cbs, CBS out);	173	int CBS_get_u24_length_prefixed(CBS cbs, CBS out);
174		174
		175	/*
		176	* CBS_peek_u8 sets \|*out\| to the next uint8_t from \|cbs\|, but does not advance
		177	* \|cbs\|. It returns one on success and zero on error.
		178	*/
		179	int CBS_peek_u8(CBS cbs, uint8_t out);
		180
		181	/*
		182	* CBS_peek_u16 sets \|*out\| to the next, big-endian uint16_t from \|cbs\|, but
		183	* does not advance \|cbs\|. It returns one on success and zero on error.
		184	*/
		185	int CBS_peek_u16(CBS cbs, uint16_t out);
		186
		187	/*
		188	* CBS_peek_u24 sets \|*out\| to the next, big-endian 24-bit value from \|cbs\|, but
		189	* does not advance \|cbs\|. It returns one on success and zero on error.
		190	*/
		191	int CBS_peek_u24(CBS cbs, uint32_t out);
		192
		193	/*
		194	* CBS_peek_u32 sets \|*out\| to the next, big-endian uint32_t value from \|cbs\|,
		195	* but does not advance \|cbs\|. It returns one on success and zero on error.
		196	*/
		197	int CBS_peek_u32(CBS cbs, uint32_t out);
		198
		199	/*
		200	* CBS_peek_last_u8 sets \|*out\| to the last uint8_t from \|cbs\|, but does not
		201	* shorten \|cbs\|. It returns one on success and zero on error.
		202	*/
		203	int CBS_peek_last_u8(CBS cbs, uint8_t out);
		204
175		205
176	/* Parsing ASN.1 */	206	/* Parsing ASN.1 */
177		207