diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2022-06-28 07:53:59 +0200 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2022-07-19 08:44:19 +0200 |
commit | 7c310e872e72977432b3520c5d27641e13815548 (patch) | |
tree | 6a280ea938354730e9421c1b375ab689f9fa3224 /crypto | |
parent | 33847508d5605d8dbe868d7694a4eff79d785404 (diff) | |
download | openssl-new-7c310e872e72977432b3520c5d27641e13815548.tar.gz |
libcrypto refactoring: introduce and use ossl_asn1_string_set_bits_left()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18668)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/asn1/a_bitstr.c | 3 | ||||
-rw-r--r-- | crypto/asn1/a_sign.c | 6 | ||||
-rw-r--r-- | crypto/asn1/asn1_gen.c | 7 | ||||
-rw-r--r-- | crypto/asn1/asn1_lib.c | 6 | ||||
-rw-r--r-- | crypto/asn1/asn1_local.h | 2 | ||||
-rw-r--r-- | crypto/cmp/cmp_protect.c | 3 | ||||
-rw-r--r-- | crypto/cms/cms_dh.c | 4 | ||||
-rw-r--r-- | crypto/cms/cms_ec.c | 4 | ||||
-rw-r--r-- | crypto/ec/ec_asn1.c | 7 | ||||
-rw-r--r-- | crypto/x509/v3_addr.c | 10 | ||||
-rw-r--r-- | crypto/x509/x_pubkey.c | 4 |
11 files changed, 25 insertions, 31 deletions
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c index f8938ad107..7b3991a071 100644 --- a/crypto/asn1/a_bitstr.c +++ b/crypto/asn1/a_bitstr.c @@ -110,8 +110,7 @@ ASN1_BIT_STRING *ossl_c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, * We do this to preserve the settings. If we modify the settings, via * the _set_bit function, we will recalculate on output */ - ret->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); /* clear */ - ret->flags |= (ASN1_STRING_FLAG_BITS_LEFT | i); /* set */ + ossl_asn1_string_set_bits_left(ret, i); if (len-- > 1) { /* using one because of the bits left byte */ s = OPENSSL_malloc((int)len); diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index fc3f15007e..a1e2719e64 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -102,8 +102,7 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, * In the interests of compatibility, I'll make sure that the bit string * has a 'not-used bits' value of 0 */ - signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; + ossl_asn1_string_set_bits_left(signature, 0); err: EVP_MD_CTX_free(ctx); OPENSSL_clear_free((char *)buf_in, inll); @@ -286,8 +285,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, * In the interests of compatibility, I'll make sure that the bit string * has a 'not-used bits' value of 0 */ - signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; + ossl_asn1_string_set_bits_left(signature, 0); err: OPENSSL_clear_free((char *)buf_in, inl); OPENSSL_clear_free((char *)buf_out, outll); diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c index 5b5a469fa9..c590c62fc2 100644 --- a/crypto/asn1/asn1_gen.c +++ b/crypto/asn1/asn1_gen.c @@ -714,11 +714,8 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) goto bad_form; } - if ((utype == V_ASN1_BIT_STRING) && no_unused) { - atmp->value.asn1_string->flags - &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - atmp->value.asn1_string->flags |= ASN1_STRING_FLAG_BITS_LEFT; - } + if ((utype == V_ASN1_BIT_STRING) && no_unused) + ossl_asn1_string_set_bits_left(atmp->value.asn1_string, 0); break; diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index 5359cbc117..55e3ddbafd 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -248,6 +248,12 @@ int ASN1_object_size(int constructed, int length, int tag) return ret + length; } +void ossl_asn1_string_set_bits_left(ASN1_STRING *str, unsigned int num) +{ + str->flags &= ~0x07; + str->flags |= ASN1_STRING_FLAG_BITS_LEFT | (num & 0x07); +} + int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str) { if (str == NULL) diff --git a/crypto/asn1/asn1_local.h b/crypto/asn1/asn1_local.h index f73bd8fc6a..10e9fcb7de 100644 --- a/crypto/asn1/asn1_local.h +++ b/crypto/asn1/asn1_local.h @@ -9,6 +9,8 @@ /* Internal ASN1 structures and functions: not for application use */ +#include "crypto/asn1.h" + typedef const ASN1_VALUE const_ASN1_VALUE; SKM_DEFINE_STACK_OF(const_ASN1_VALUE, const ASN1_VALUE, ASN1_VALUE) diff --git a/crypto/cmp/cmp_protect.c b/crypto/cmp/cmp_protect.c index 937b713c23..93b6116ef3 100644 --- a/crypto/cmp/cmp_protect.c +++ b/crypto/cmp/cmp_protect.c @@ -93,8 +93,7 @@ ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx, if ((prot = ASN1_BIT_STRING_new()) == NULL) goto end; /* OpenSSL defaults all bit strings to be encoded as ASN.1 NamedBitList */ - prot->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - prot->flags |= ASN1_STRING_FLAG_BITS_LEFT; + ossl_asn1_string_set_bits_left(prot, 0); if (!ASN1_BIT_STRING_set(prot, protection, sig_len)) { ASN1_BIT_STRING_free(prot); prot = NULL; diff --git a/crypto/cms/cms_dh.c b/crypto/cms/cms_dh.c index 31082894eb..ea8b24528f 100644 --- a/crypto/cms/cms_dh.c +++ b/crypto/cms/cms_dh.c @@ -13,6 +13,7 @@ #include <openssl/err.h> #include <openssl/core_names.h> #include "internal/sizes.h" +#include "crypto/asn1.h" #include "crypto/evp.h" #include "cms_local.h" @@ -234,8 +235,7 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri) if (penclen <= 0) goto err; ASN1_STRING_set0(pubkey, penc, penclen); - pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT; + ossl_asn1_string_set_bits_left(pubkey, 0); penc = NULL; (void)X509_ALGOR_set0(talg, OBJ_nid2obj(NID_dhpublicnumber), diff --git a/crypto/cms/cms_ec.c b/crypto/cms/cms_ec.c index e82115934e..808b3bf1ae 100644 --- a/crypto/cms/cms_ec.c +++ b/crypto/cms/cms_ec.c @@ -12,6 +12,7 @@ #include <openssl/err.h> #include <openssl/decoder.h> #include "internal/sizes.h" +#include "crypto/asn1.h" #include "crypto/evp.h" #include "cms_local.h" @@ -277,8 +278,7 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri) penclen = EVP_PKEY_get1_encoded_public_key(pkey, &penc); ASN1_STRING_set0(pubkey, penc, penclen); - pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT; + ossl_asn1_string_set_bits_left(pubkey, 0); penc = NULL; (void)X509_ALGOR_set0(talg, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index e1b6f88d44..3d9fc197e9 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -19,6 +19,7 @@ #include <openssl/asn1t.h> #include <openssl/objects.h> #include "internal/nelem.h" +#include "crypto/asn1.h" #include "crypto/asn1_dsa.h" #ifndef FIPS_MODULE @@ -358,8 +359,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); goto err; } - curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT; + ossl_asn1_string_set_bits_left(curve->seed, 0); if (!ASN1_BIT_STRING_set(curve->seed, group->seed, (int)group->seed_len)) { ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); @@ -1072,8 +1072,7 @@ int i2d_ECPrivateKey(const EC_KEY *a, unsigned char **out) goto err; } - priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT; + ossl_asn1_string_set_bits_left(priv_key->publicKey, 0); ASN1_STRING_set0(priv_key->publicKey, pub, publen); pub = NULL; } diff --git a/crypto/x509/v3_addr.c b/crypto/x509/v3_addr.c index c3ccecb2eb..a490f76ed0 100644 --- a/crypto/x509/v3_addr.c +++ b/crypto/x509/v3_addr.c @@ -407,12 +407,10 @@ static int make_addressPrefix(IPAddressOrRange **result, goto err; if (!ASN1_BIT_STRING_set(aor->u.addressPrefix, addr, bytelen)) goto err; - aor->u.addressPrefix->flags &= ~7; - aor->u.addressPrefix->flags |= ASN1_STRING_FLAG_BITS_LEFT; if (bitlen > 0) { aor->u.addressPrefix->data[bytelen - 1] &= ~(0xFF >> bitlen); - aor->u.addressPrefix->flags |= 8 - bitlen; } + ossl_asn1_string_set_bits_left(aor->u.addressPrefix, 8 - bitlen); *result = aor; return 1; @@ -455,8 +453,7 @@ static int make_addressRange(IPAddressOrRange **result, for (i = length; i > 0 && min[i - 1] == 0x00; --i) ; if (!ASN1_BIT_STRING_set(aor->u.addressRange->min, min, i)) goto err; - aor->u.addressRange->min->flags &= ~7; - aor->u.addressRange->min->flags |= ASN1_STRING_FLAG_BITS_LEFT; + ossl_asn1_string_set_bits_left(aor->u.addressRange->min, 0); if (i > 0) { unsigned char b = min[i - 1]; int j = 1; @@ -468,8 +465,7 @@ static int make_addressRange(IPAddressOrRange **result, for (i = length; i > 0 && max[i - 1] == 0xFF; --i) ; if (!ASN1_BIT_STRING_set(aor->u.addressRange->max, max, i)) goto err; - aor->u.addressRange->max->flags &= ~7; - aor->u.addressRange->max->flags |= ASN1_STRING_FLAG_BITS_LEFT; + ossl_asn1_string_set_bits_left(aor->u.addressRange->max, 0); if (i > 0) { unsigned char b = max[i - 1]; int j = 1; diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index 126c2400f6..c8d76f882e 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -981,9 +981,7 @@ void X509_PUBKEY_set0_public_key(X509_PUBKEY *pub, unsigned char *penc, int penclen) { ASN1_STRING_set0(pub->public_key, penc, penclen); - /* Set number of unused bits to zero */ - pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT; + ossl_asn1_string_set_bits_left(pub->public_key, 0); } int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, |