11cb0ef41Sopenharmony_ci/*
21cb0ef41Sopenharmony_ci * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
31cb0ef41Sopenharmony_ci *
41cb0ef41Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License").  You may not use
51cb0ef41Sopenharmony_ci * this file except in compliance with the License.  You can obtain a copy
61cb0ef41Sopenharmony_ci * in the file LICENSE in the source distribution or at
71cb0ef41Sopenharmony_ci * https://www.openssl.org/source/license.html
81cb0ef41Sopenharmony_ci */
91cb0ef41Sopenharmony_ci
101cb0ef41Sopenharmony_ci#include <openssl/err.h>
111cb0ef41Sopenharmony_ci#include "crypto/ctype.h"
121cb0ef41Sopenharmony_ci#include "bn_local.h"
131cb0ef41Sopenharmony_ci
141cb0ef41Sopenharmony_cistatic const char Hex[] = "0123456789ABCDEF";
151cb0ef41Sopenharmony_ci
161cb0ef41Sopenharmony_ci/* Must 'OPENSSL_free' the returned data */
171cb0ef41Sopenharmony_cichar *BN_bn2hex(const BIGNUM *a)
181cb0ef41Sopenharmony_ci{
191cb0ef41Sopenharmony_ci    int i, j, v, z = 0;
201cb0ef41Sopenharmony_ci    char *buf;
211cb0ef41Sopenharmony_ci    char *p;
221cb0ef41Sopenharmony_ci
231cb0ef41Sopenharmony_ci    if (BN_is_zero(a))
241cb0ef41Sopenharmony_ci        return OPENSSL_strdup("0");
251cb0ef41Sopenharmony_ci    buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2);
261cb0ef41Sopenharmony_ci    if (buf == NULL) {
271cb0ef41Sopenharmony_ci        ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE);
281cb0ef41Sopenharmony_ci        goto err;
291cb0ef41Sopenharmony_ci    }
301cb0ef41Sopenharmony_ci    p = buf;
311cb0ef41Sopenharmony_ci    if (a->neg)
321cb0ef41Sopenharmony_ci        *p++ = '-';
331cb0ef41Sopenharmony_ci    for (i = a->top - 1; i >= 0; i--) {
341cb0ef41Sopenharmony_ci        for (j = BN_BITS2 - 8; j >= 0; j -= 8) {
351cb0ef41Sopenharmony_ci            /* strip leading zeros */
361cb0ef41Sopenharmony_ci            v = (int)((a->d[i] >> j) & 0xff);
371cb0ef41Sopenharmony_ci            if (z || v != 0) {
381cb0ef41Sopenharmony_ci                *p++ = Hex[v >> 4];
391cb0ef41Sopenharmony_ci                *p++ = Hex[v & 0x0f];
401cb0ef41Sopenharmony_ci                z = 1;
411cb0ef41Sopenharmony_ci            }
421cb0ef41Sopenharmony_ci        }
431cb0ef41Sopenharmony_ci    }
441cb0ef41Sopenharmony_ci    *p = '\0';
451cb0ef41Sopenharmony_ci err:
461cb0ef41Sopenharmony_ci    return buf;
471cb0ef41Sopenharmony_ci}
481cb0ef41Sopenharmony_ci
491cb0ef41Sopenharmony_ci#ifndef FIPS_MODULE
501cb0ef41Sopenharmony_ci/* No BIO_snprintf in FIPS_MODULE */
511cb0ef41Sopenharmony_ci/* Must 'OPENSSL_free' the returned data */
521cb0ef41Sopenharmony_cichar *BN_bn2dec(const BIGNUM *a)
531cb0ef41Sopenharmony_ci{
541cb0ef41Sopenharmony_ci    int i = 0, num, ok = 0, n, tbytes;
551cb0ef41Sopenharmony_ci    char *buf = NULL;
561cb0ef41Sopenharmony_ci    char *p;
571cb0ef41Sopenharmony_ci    BIGNUM *t = NULL;
581cb0ef41Sopenharmony_ci    BN_ULONG *bn_data = NULL, *lp;
591cb0ef41Sopenharmony_ci    int bn_data_num;
601cb0ef41Sopenharmony_ci
611cb0ef41Sopenharmony_ci    /*-
621cb0ef41Sopenharmony_ci     * get an upper bound for the length of the decimal integer
631cb0ef41Sopenharmony_ci     * num <= (BN_num_bits(a) + 1) * log(2)
641cb0ef41Sopenharmony_ci     *     <= 3 * BN_num_bits(a) * 0.101 + log(2) + 1     (rounding error)
651cb0ef41Sopenharmony_ci     *     <= 3 * BN_num_bits(a) / 10 + 3 * BN_num_bits / 1000 + 1 + 1
661cb0ef41Sopenharmony_ci     */
671cb0ef41Sopenharmony_ci    i = BN_num_bits(a) * 3;
681cb0ef41Sopenharmony_ci    num = (i / 10 + i / 1000 + 1) + 1;
691cb0ef41Sopenharmony_ci    tbytes = num + 3;   /* negative and terminator and one spare? */
701cb0ef41Sopenharmony_ci    bn_data_num = num / BN_DEC_NUM + 1;
711cb0ef41Sopenharmony_ci    bn_data = OPENSSL_malloc(bn_data_num * sizeof(BN_ULONG));
721cb0ef41Sopenharmony_ci    buf = OPENSSL_malloc(tbytes);
731cb0ef41Sopenharmony_ci    if (buf == NULL || bn_data == NULL) {
741cb0ef41Sopenharmony_ci        ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE);
751cb0ef41Sopenharmony_ci        goto err;
761cb0ef41Sopenharmony_ci    }
771cb0ef41Sopenharmony_ci    if ((t = BN_dup(a)) == NULL)
781cb0ef41Sopenharmony_ci        goto err;
791cb0ef41Sopenharmony_ci
801cb0ef41Sopenharmony_ci    p = buf;
811cb0ef41Sopenharmony_ci    lp = bn_data;
821cb0ef41Sopenharmony_ci    if (BN_is_zero(t)) {
831cb0ef41Sopenharmony_ci        *p++ = '0';
841cb0ef41Sopenharmony_ci        *p++ = '\0';
851cb0ef41Sopenharmony_ci    } else {
861cb0ef41Sopenharmony_ci        if (BN_is_negative(t))
871cb0ef41Sopenharmony_ci            *p++ = '-';
881cb0ef41Sopenharmony_ci
891cb0ef41Sopenharmony_ci        while (!BN_is_zero(t)) {
901cb0ef41Sopenharmony_ci            if (lp - bn_data >= bn_data_num)
911cb0ef41Sopenharmony_ci                goto err;
921cb0ef41Sopenharmony_ci            *lp = BN_div_word(t, BN_DEC_CONV);
931cb0ef41Sopenharmony_ci            if (*lp == (BN_ULONG)-1)
941cb0ef41Sopenharmony_ci                goto err;
951cb0ef41Sopenharmony_ci            lp++;
961cb0ef41Sopenharmony_ci        }
971cb0ef41Sopenharmony_ci        lp--;
981cb0ef41Sopenharmony_ci        /*
991cb0ef41Sopenharmony_ci         * We now have a series of blocks, BN_DEC_NUM chars in length, where
1001cb0ef41Sopenharmony_ci         * the last one needs truncation. The blocks need to be reversed in
1011cb0ef41Sopenharmony_ci         * order.
1021cb0ef41Sopenharmony_ci         */
1031cb0ef41Sopenharmony_ci        n = BIO_snprintf(p, tbytes - (size_t)(p - buf), BN_DEC_FMT1, *lp);
1041cb0ef41Sopenharmony_ci        if (n < 0)
1051cb0ef41Sopenharmony_ci            goto err;
1061cb0ef41Sopenharmony_ci        p += n;
1071cb0ef41Sopenharmony_ci        while (lp != bn_data) {
1081cb0ef41Sopenharmony_ci            lp--;
1091cb0ef41Sopenharmony_ci            n = BIO_snprintf(p, tbytes - (size_t)(p - buf), BN_DEC_FMT2, *lp);
1101cb0ef41Sopenharmony_ci            if (n < 0)
1111cb0ef41Sopenharmony_ci                goto err;
1121cb0ef41Sopenharmony_ci            p += n;
1131cb0ef41Sopenharmony_ci        }
1141cb0ef41Sopenharmony_ci    }
1151cb0ef41Sopenharmony_ci    ok = 1;
1161cb0ef41Sopenharmony_ci err:
1171cb0ef41Sopenharmony_ci    OPENSSL_free(bn_data);
1181cb0ef41Sopenharmony_ci    BN_free(t);
1191cb0ef41Sopenharmony_ci    if (ok)
1201cb0ef41Sopenharmony_ci        return buf;
1211cb0ef41Sopenharmony_ci    OPENSSL_free(buf);
1221cb0ef41Sopenharmony_ci    return NULL;
1231cb0ef41Sopenharmony_ci}
1241cb0ef41Sopenharmony_ci#endif
1251cb0ef41Sopenharmony_ci
1261cb0ef41Sopenharmony_ciint BN_hex2bn(BIGNUM **bn, const char *a)
1271cb0ef41Sopenharmony_ci{
1281cb0ef41Sopenharmony_ci    BIGNUM *ret = NULL;
1291cb0ef41Sopenharmony_ci    BN_ULONG l = 0;
1301cb0ef41Sopenharmony_ci    int neg = 0, h, m, i, j, k, c;
1311cb0ef41Sopenharmony_ci    int num;
1321cb0ef41Sopenharmony_ci
1331cb0ef41Sopenharmony_ci    if (a == NULL || *a == '\0')
1341cb0ef41Sopenharmony_ci        return 0;
1351cb0ef41Sopenharmony_ci
1361cb0ef41Sopenharmony_ci    if (*a == '-') {
1371cb0ef41Sopenharmony_ci        neg = 1;
1381cb0ef41Sopenharmony_ci        a++;
1391cb0ef41Sopenharmony_ci    }
1401cb0ef41Sopenharmony_ci
1411cb0ef41Sopenharmony_ci    for (i = 0; i <= INT_MAX / 4 && ossl_isxdigit(a[i]); i++)
1421cb0ef41Sopenharmony_ci        continue;
1431cb0ef41Sopenharmony_ci
1441cb0ef41Sopenharmony_ci    if (i == 0 || i > INT_MAX / 4)
1451cb0ef41Sopenharmony_ci        return 0;
1461cb0ef41Sopenharmony_ci
1471cb0ef41Sopenharmony_ci    num = i + neg;
1481cb0ef41Sopenharmony_ci    if (bn == NULL)
1491cb0ef41Sopenharmony_ci        return num;
1501cb0ef41Sopenharmony_ci
1511cb0ef41Sopenharmony_ci    /* a is the start of the hex digits, and it is 'i' long */
1521cb0ef41Sopenharmony_ci    if (*bn == NULL) {
1531cb0ef41Sopenharmony_ci        if ((ret = BN_new()) == NULL)
1541cb0ef41Sopenharmony_ci            return 0;
1551cb0ef41Sopenharmony_ci    } else {
1561cb0ef41Sopenharmony_ci        ret = *bn;
1571cb0ef41Sopenharmony_ci        if (BN_get_flags(ret, BN_FLG_STATIC_DATA)) {
1581cb0ef41Sopenharmony_ci            ERR_raise(ERR_LIB_BN, ERR_R_PASSED_INVALID_ARGUMENT);
1591cb0ef41Sopenharmony_ci            return 0;
1601cb0ef41Sopenharmony_ci        }
1611cb0ef41Sopenharmony_ci        BN_zero(ret);
1621cb0ef41Sopenharmony_ci    }
1631cb0ef41Sopenharmony_ci
1641cb0ef41Sopenharmony_ci    /* i is the number of hex digits */
1651cb0ef41Sopenharmony_ci    if (bn_expand(ret, i * 4) == NULL)
1661cb0ef41Sopenharmony_ci        goto err;
1671cb0ef41Sopenharmony_ci
1681cb0ef41Sopenharmony_ci    j = i;                      /* least significant 'hex' */
1691cb0ef41Sopenharmony_ci    m = 0;
1701cb0ef41Sopenharmony_ci    h = 0;
1711cb0ef41Sopenharmony_ci    while (j > 0) {
1721cb0ef41Sopenharmony_ci        m = (BN_BYTES * 2 <= j) ? BN_BYTES * 2 : j;
1731cb0ef41Sopenharmony_ci        l = 0;
1741cb0ef41Sopenharmony_ci        for (;;) {
1751cb0ef41Sopenharmony_ci            c = a[j - m];
1761cb0ef41Sopenharmony_ci            k = OPENSSL_hexchar2int(c);
1771cb0ef41Sopenharmony_ci            if (k < 0)
1781cb0ef41Sopenharmony_ci                k = 0;          /* paranoia */
1791cb0ef41Sopenharmony_ci            l = (l << 4) | k;
1801cb0ef41Sopenharmony_ci
1811cb0ef41Sopenharmony_ci            if (--m <= 0) {
1821cb0ef41Sopenharmony_ci                ret->d[h++] = l;
1831cb0ef41Sopenharmony_ci                break;
1841cb0ef41Sopenharmony_ci            }
1851cb0ef41Sopenharmony_ci        }
1861cb0ef41Sopenharmony_ci        j -= BN_BYTES * 2;
1871cb0ef41Sopenharmony_ci    }
1881cb0ef41Sopenharmony_ci    ret->top = h;
1891cb0ef41Sopenharmony_ci    bn_correct_top(ret);
1901cb0ef41Sopenharmony_ci
1911cb0ef41Sopenharmony_ci    *bn = ret;
1921cb0ef41Sopenharmony_ci    bn_check_top(ret);
1931cb0ef41Sopenharmony_ci    /* Don't set the negative flag if it's zero. */
1941cb0ef41Sopenharmony_ci    if (ret->top != 0)
1951cb0ef41Sopenharmony_ci        ret->neg = neg;
1961cb0ef41Sopenharmony_ci    return num;
1971cb0ef41Sopenharmony_ci err:
1981cb0ef41Sopenharmony_ci    if (*bn == NULL)
1991cb0ef41Sopenharmony_ci        BN_free(ret);
2001cb0ef41Sopenharmony_ci    return 0;
2011cb0ef41Sopenharmony_ci}
2021cb0ef41Sopenharmony_ci
2031cb0ef41Sopenharmony_ciint BN_dec2bn(BIGNUM **bn, const char *a)
2041cb0ef41Sopenharmony_ci{
2051cb0ef41Sopenharmony_ci    BIGNUM *ret = NULL;
2061cb0ef41Sopenharmony_ci    BN_ULONG l = 0;
2071cb0ef41Sopenharmony_ci    int neg = 0, i, j;
2081cb0ef41Sopenharmony_ci    int num;
2091cb0ef41Sopenharmony_ci
2101cb0ef41Sopenharmony_ci    if (a == NULL || *a == '\0')
2111cb0ef41Sopenharmony_ci        return 0;
2121cb0ef41Sopenharmony_ci    if (*a == '-') {
2131cb0ef41Sopenharmony_ci        neg = 1;
2141cb0ef41Sopenharmony_ci        a++;
2151cb0ef41Sopenharmony_ci    }
2161cb0ef41Sopenharmony_ci
2171cb0ef41Sopenharmony_ci    for (i = 0; i <= INT_MAX / 4 && ossl_isdigit(a[i]); i++)
2181cb0ef41Sopenharmony_ci        continue;
2191cb0ef41Sopenharmony_ci
2201cb0ef41Sopenharmony_ci    if (i == 0 || i > INT_MAX / 4)
2211cb0ef41Sopenharmony_ci        goto err;
2221cb0ef41Sopenharmony_ci
2231cb0ef41Sopenharmony_ci    num = i + neg;
2241cb0ef41Sopenharmony_ci    if (bn == NULL)
2251cb0ef41Sopenharmony_ci        return num;
2261cb0ef41Sopenharmony_ci
2271cb0ef41Sopenharmony_ci    /*
2281cb0ef41Sopenharmony_ci     * a is the start of the digits, and it is 'i' long. We chop it into
2291cb0ef41Sopenharmony_ci     * BN_DEC_NUM digits at a time
2301cb0ef41Sopenharmony_ci     */
2311cb0ef41Sopenharmony_ci    if (*bn == NULL) {
2321cb0ef41Sopenharmony_ci        if ((ret = BN_new()) == NULL)
2331cb0ef41Sopenharmony_ci            return 0;
2341cb0ef41Sopenharmony_ci    } else {
2351cb0ef41Sopenharmony_ci        ret = *bn;
2361cb0ef41Sopenharmony_ci        BN_zero(ret);
2371cb0ef41Sopenharmony_ci    }
2381cb0ef41Sopenharmony_ci
2391cb0ef41Sopenharmony_ci    /* i is the number of digits, a bit of an over expand */
2401cb0ef41Sopenharmony_ci    if (bn_expand(ret, i * 4) == NULL)
2411cb0ef41Sopenharmony_ci        goto err;
2421cb0ef41Sopenharmony_ci
2431cb0ef41Sopenharmony_ci    j = BN_DEC_NUM - i % BN_DEC_NUM;
2441cb0ef41Sopenharmony_ci    if (j == BN_DEC_NUM)
2451cb0ef41Sopenharmony_ci        j = 0;
2461cb0ef41Sopenharmony_ci    l = 0;
2471cb0ef41Sopenharmony_ci    while (--i >= 0) {
2481cb0ef41Sopenharmony_ci        l *= 10;
2491cb0ef41Sopenharmony_ci        l += *a - '0';
2501cb0ef41Sopenharmony_ci        a++;
2511cb0ef41Sopenharmony_ci        if (++j == BN_DEC_NUM) {
2521cb0ef41Sopenharmony_ci            if (!BN_mul_word(ret, BN_DEC_CONV)
2531cb0ef41Sopenharmony_ci                || !BN_add_word(ret, l))
2541cb0ef41Sopenharmony_ci                goto err;
2551cb0ef41Sopenharmony_ci            l = 0;
2561cb0ef41Sopenharmony_ci            j = 0;
2571cb0ef41Sopenharmony_ci        }
2581cb0ef41Sopenharmony_ci    }
2591cb0ef41Sopenharmony_ci
2601cb0ef41Sopenharmony_ci    bn_correct_top(ret);
2611cb0ef41Sopenharmony_ci    *bn = ret;
2621cb0ef41Sopenharmony_ci    bn_check_top(ret);
2631cb0ef41Sopenharmony_ci    /* Don't set the negative flag if it's zero. */
2641cb0ef41Sopenharmony_ci    if (ret->top != 0)
2651cb0ef41Sopenharmony_ci        ret->neg = neg;
2661cb0ef41Sopenharmony_ci    return num;
2671cb0ef41Sopenharmony_ci err:
2681cb0ef41Sopenharmony_ci    if (*bn == NULL)
2691cb0ef41Sopenharmony_ci        BN_free(ret);
2701cb0ef41Sopenharmony_ci    return 0;
2711cb0ef41Sopenharmony_ci}
2721cb0ef41Sopenharmony_ci
2731cb0ef41Sopenharmony_ciint BN_asc2bn(BIGNUM **bn, const char *a)
2741cb0ef41Sopenharmony_ci{
2751cb0ef41Sopenharmony_ci    const char *p = a;
2761cb0ef41Sopenharmony_ci
2771cb0ef41Sopenharmony_ci    if (*p == '-')
2781cb0ef41Sopenharmony_ci        p++;
2791cb0ef41Sopenharmony_ci
2801cb0ef41Sopenharmony_ci    if (p[0] == '0' && (p[1] == 'X' || p[1] == 'x')) {
2811cb0ef41Sopenharmony_ci        if (!BN_hex2bn(bn, p + 2))
2821cb0ef41Sopenharmony_ci            return 0;
2831cb0ef41Sopenharmony_ci    } else {
2841cb0ef41Sopenharmony_ci        if (!BN_dec2bn(bn, p))
2851cb0ef41Sopenharmony_ci            return 0;
2861cb0ef41Sopenharmony_ci    }
2871cb0ef41Sopenharmony_ci    /* Don't set the negative flag if it's zero. */
2881cb0ef41Sopenharmony_ci    if (*a == '-' && (*bn)->top != 0)
2891cb0ef41Sopenharmony_ci        (*bn)->neg = 1;
2901cb0ef41Sopenharmony_ci    return 1;
2911cb0ef41Sopenharmony_ci}
292