search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
TOR 0.2.7.6
[tomato.git] / release / src / router / tor / src / trunnel / link_handshake.c
blobf9b55f0739d0602b9776ba5fdd00eee9d6a2b4ff
1 /* link_handshake.c -- generated by Trunnel v1.4.3.
2 * https://gitweb.torproject.org/trunnel.git
3 * You probably shouldn't edit this file.
4 */
5 #include <stdlib.h>
6 #include "trunnel-impl.h"
7
8 #include "link_handshake.h"
9
10 #define TRUNNEL_SET_ERROR_CODE(obj) \
11 do { \
12 (obj)->trunnel_error_code_ = 1; \
13 } while (0)
14
15 #if defined(__COVERITY__) || defined(__clang_analyzer__)
16 /* If we're runnning a static analysis tool, we don't want it to complain
17 * that some of our remaining-bytes checks are dead-code. */
18 int linkhandshake_deadcode_dummy__ = 0;
19 #define OR_DEADCODE_DUMMY || linkhandshake_deadcode_dummy__
20 #else
21 #define OR_DEADCODE_DUMMY
22 #endif
23
24 #define CHECK_REMAINING(nbytes, label) \
25 do { \
26 if (remaining < (nbytes) OR_DEADCODE_DUMMY) { \
27 goto label; \
28 } \
29 } while (0)
30
31 auth_challenge_cell_t *
32 auth_challenge_cell_new(void)
33 {
34 auth_challenge_cell_t *val = trunnel_calloc(1, sizeof(auth_challenge_cell_t));
35 if (NULL == val)
36 return NULL;
37 return val;
38 }
39
40 /** Release all storage held inside 'obj', but do not free 'obj'.
41 */
42 static void
43 auth_challenge_cell_clear(auth_challenge_cell_t *obj)
44 {
45 (void) obj;
46 TRUNNEL_DYNARRAY_WIPE(&obj->methods);
47 TRUNNEL_DYNARRAY_CLEAR(&obj->methods);
48 }
49
50 void
51 auth_challenge_cell_free(auth_challenge_cell_t *obj)
52 {
53 if (obj == NULL)
54 return;
55 auth_challenge_cell_clear(obj);
56 trunnel_memwipe(obj, sizeof(auth_challenge_cell_t));
57 trunnel_free_(obj);
58 }
59
60 size_t
61 auth_challenge_cell_getlen_challenge(const auth_challenge_cell_t *inp)
62 {
63 (void)inp; return 32;
64 }
65
66 uint8_t
67 auth_challenge_cell_get_challenge(const auth_challenge_cell_t *inp, size_t idx)
68 {
69 trunnel_assert(idx < 32);
70 return inp->challenge[idx];
71 }
72
73 int
74 auth_challenge_cell_set_challenge(auth_challenge_cell_t *inp, size_t idx, uint8_t elt)
75 {
76 trunnel_assert(idx < 32);
77 inp->challenge[idx] = elt;
78 return 0;
79 }
80
81 uint8_t *
82 auth_challenge_cell_getarray_challenge(auth_challenge_cell_t *inp)
83 {
84 return inp->challenge;
85 }
86 uint16_t
87 auth_challenge_cell_get_n_methods(auth_challenge_cell_t *inp)
88 {
89 return inp->n_methods;
90 }
91 int
92 auth_challenge_cell_set_n_methods(auth_challenge_cell_t *inp, uint16_t val)
93 {
94 inp->n_methods = val;
95 return 0;
96 }
97 size_t
98 auth_challenge_cell_getlen_methods(const auth_challenge_cell_t *inp)
99 {
100 return TRUNNEL_DYNARRAY_LEN(&inp->methods);
101 }
102
103 uint16_t
104 auth_challenge_cell_get_methods(auth_challenge_cell_t *inp, size_t idx)
105 {
106 return TRUNNEL_DYNARRAY_GET(&inp->methods, idx);
107 }
108
109 int
110 auth_challenge_cell_set_methods(auth_challenge_cell_t *inp, size_t idx, uint16_t elt)
111 {
112 TRUNNEL_DYNARRAY_SET(&inp->methods, idx, elt);
113 return 0;
114 }
115 int
116 auth_challenge_cell_add_methods(auth_challenge_cell_t *inp, uint16_t elt)
117 {
118 #if SIZE_MAX >= UINT16_MAX
119 if (inp->methods.n_ == UINT16_MAX)
120 goto trunnel_alloc_failed;
121 #endif
122 TRUNNEL_DYNARRAY_ADD(uint16_t, &inp->methods, elt, {});
123 return 0;
124 trunnel_alloc_failed:
125 TRUNNEL_SET_ERROR_CODE(inp);
126 return -1;
127 }
128
129 uint16_t *
130 auth_challenge_cell_getarray_methods(auth_challenge_cell_t *inp)
131 {
132 return inp->methods.elts_;
133 }
134 int
135 auth_challenge_cell_setlen_methods(auth_challenge_cell_t *inp, size_t newlen)
136 {
137 uint16_t *newptr;
138 #if UINT16_MAX < SIZE_MAX
139 if (newlen > UINT16_MAX)
140 goto trunnel_alloc_failed;
141 #endif
142 newptr = trunnel_dynarray_setlen(&inp->methods.allocated_,
143 &inp->methods.n_, inp->methods.elts_, newlen,
144 sizeof(inp->methods.elts_[0]), (trunnel_free_fn_t) NULL,
145 &inp->trunnel_error_code_);
146 if (newptr == NULL)
147 goto trunnel_alloc_failed;
148 inp->methods.elts_ = newptr;
149 return 0;
150 trunnel_alloc_failed:
151 TRUNNEL_SET_ERROR_CODE(inp);
152 return -1;
153 }
154 const char *
155 auth_challenge_cell_check(const auth_challenge_cell_t *obj)
156 {
157 if (obj == NULL)
158 return "Object was NULL";
159 if (obj->trunnel_error_code_)
160 return "A set function failed on this object";
161 if (TRUNNEL_DYNARRAY_LEN(&obj->methods) != obj->n_methods)
162 return "Length mismatch for methods";
163 return NULL;
164 }
165
166 ssize_t
167 auth_challenge_cell_encoded_len(const auth_challenge_cell_t *obj)
168 {
169 ssize_t result = 0;
170
171 if (NULL != auth_challenge_cell_check(obj))
172 return -1;
173
174
175 /* Length of u8 challenge[32] */
176 result += 32;
177
178 /* Length of u16 n_methods */
179 result += 2;
180
181 /* Length of u16 methods[n_methods] */
182 result += 2 * TRUNNEL_DYNARRAY_LEN(&obj->methods);
183 return result;
184 }
185 int
186 auth_challenge_cell_clear_errors(auth_challenge_cell_t *obj)
187 {
188 int r = obj->trunnel_error_code_;
189 obj->trunnel_error_code_ = 0;
190 return r;
191 }
192 ssize_t
193 auth_challenge_cell_encode(uint8_t *output, const size_t avail, const auth_challenge_cell_t *obj)
194 {
195 ssize_t result = 0;
196 size_t written = 0;
197 uint8_t *ptr = output;
198 const char *msg;
199 #ifdef TRUNNEL_CHECK_ENCODED_LEN
200 const ssize_t encoded_len = auth_challenge_cell_encoded_len(obj);
201 #endif
202
203 if (NULL != (msg = auth_challenge_cell_check(obj)))
204 goto check_failed;
205
206 #ifdef TRUNNEL_CHECK_ENCODED_LEN
207 trunnel_assert(encoded_len >= 0);
208 #endif
209
210 /* Encode u8 challenge[32] */
211 trunnel_assert(written <= avail);
212 if (avail - written < 32)
213 goto truncated;
214 memcpy(ptr, obj->challenge, 32);
215 written += 32; ptr += 32;
216
217 /* Encode u16 n_methods */
218 trunnel_assert(written <= avail);
219 if (avail - written < 2)
220 goto truncated;
221 trunnel_set_uint16(ptr, trunnel_htons(obj->n_methods));
222 written += 2; ptr += 2;
223
224 /* Encode u16 methods[n_methods] */
225 {
226
227 unsigned idx;
228 for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->methods); ++idx) {
229 trunnel_assert(written <= avail);
230 if (avail - written < 2)
231 goto truncated;
232 trunnel_set_uint16(ptr, trunnel_htons(TRUNNEL_DYNARRAY_GET(&obj->methods, idx)));
233 written += 2; ptr += 2;
234 }
235 }
236
237
238 trunnel_assert(ptr == output + written);
239 #ifdef TRUNNEL_CHECK_ENCODED_LEN
240 {
241 trunnel_assert(encoded_len >= 0);
242 trunnel_assert((size_t)encoded_len == written);
243 }
244
245 #endif
246
247 return written;
248
249 truncated:
250 result = -2;
251 goto fail;
252 check_failed:
253 (void)msg;
254 result = -1;
255 goto fail;
256 fail:
257 trunnel_assert(result < 0);
258 return result;
259 }
260
261 /** As auth_challenge_cell_parse(), but do not allocate the output
262 * object.
263 */
264 static ssize_t
265 auth_challenge_cell_parse_into(auth_challenge_cell_t *obj, const uint8_t *input, const size_t len_in)
266 {
267 const uint8_t *ptr = input;
268 size_t remaining = len_in;
269 ssize_t result = 0;
270 (void)result;
271
272 /* Parse u8 challenge[32] */
273 CHECK_REMAINING(32, truncated);
274 memcpy(obj->challenge, ptr, 32);
275 remaining -= 32; ptr += 32;
276
277 /* Parse u16 n_methods */
278 CHECK_REMAINING(2, truncated);
279 obj->n_methods = trunnel_ntohs(trunnel_get_uint16(ptr));
280 remaining -= 2; ptr += 2;
281
282 /* Parse u16 methods[n_methods] */
283 TRUNNEL_DYNARRAY_EXPAND(uint16_t, &obj->methods, obj->n_methods, {});
284 {
285 uint16_t elt;
286 unsigned idx;
287 for (idx = 0; idx < obj->n_methods; ++idx) {
288 CHECK_REMAINING(2, truncated);
289 elt = trunnel_ntohs(trunnel_get_uint16(ptr));
290 remaining -= 2; ptr += 2;
291 TRUNNEL_DYNARRAY_ADD(uint16_t, &obj->methods, elt, {});
292 }
293 }
294 trunnel_assert(ptr + remaining == input + len_in);
295 return len_in - remaining;
296
297 truncated:
298 return -2;
299 trunnel_alloc_failed:
300 return -1;
301 }
302
303 ssize_t
304 auth_challenge_cell_parse(auth_challenge_cell_t **output, const uint8_t *input, const size_t len_in)
305 {
306 ssize_t result;
307 *output = auth_challenge_cell_new();
308 if (NULL == *output)
309 return -1;
310 result = auth_challenge_cell_parse_into(*output, input, len_in);
311 if (result < 0) {
312 auth_challenge_cell_free(*output);
313 *output = NULL;
314 }
315 return result;
316 }
317 auth_ctx_t *
318 auth_ctx_new(void)
319 {
320 auth_ctx_t *val = trunnel_calloc(1, sizeof(auth_ctx_t));
321 if (NULL == val)
322 return NULL;
323 return val;
324 }
325
326 /** Release all storage held inside 'obj', but do not free 'obj'.
327 */
328 static void
329 auth_ctx_clear(auth_ctx_t *obj)
330 {
331 (void) obj;
332 }
333
334 void
335 auth_ctx_free(auth_ctx_t *obj)
336 {
337 if (obj == NULL)
338 return;
339 auth_ctx_clear(obj);
340 trunnel_memwipe(obj, sizeof(auth_ctx_t));
341 trunnel_free_(obj);
342 }
343
344 uint8_t
345 auth_ctx_get_is_ed(auth_ctx_t *inp)
346 {
347 return inp->is_ed;
348 }
349 int
350 auth_ctx_set_is_ed(auth_ctx_t *inp, uint8_t val)
351 {
352 inp->is_ed = val;
353 return 0;
354 }
355 certs_cell_cert_t *
356 certs_cell_cert_new(void)
357 {
358 certs_cell_cert_t *val = trunnel_calloc(1, sizeof(certs_cell_cert_t));
359 if (NULL == val)
360 return NULL;
361 return val;
362 }
363
364 /** Release all storage held inside 'obj', but do not free 'obj'.
365 */
366 static void
367 certs_cell_cert_clear(certs_cell_cert_t *obj)
368 {
369 (void) obj;
370 TRUNNEL_DYNARRAY_WIPE(&obj->body);
371 TRUNNEL_DYNARRAY_CLEAR(&obj->body);
372 }
373
374 void
375 certs_cell_cert_free(certs_cell_cert_t *obj)
376 {
377 if (obj == NULL)
378 return;
379 certs_cell_cert_clear(obj);
380 trunnel_memwipe(obj, sizeof(certs_cell_cert_t));
381 trunnel_free_(obj);
382 }
383
384 uint8_t
385 certs_cell_cert_get_cert_type(certs_cell_cert_t *inp)
386 {
387 return inp->cert_type;
388 }
389 int
390 certs_cell_cert_set_cert_type(certs_cell_cert_t *inp, uint8_t val)
391 {
392 inp->cert_type = val;
393 return 0;
394 }
395 uint16_t
396 certs_cell_cert_get_cert_len(certs_cell_cert_t *inp)
397 {
398 return inp->cert_len;
399 }
400 int
401 certs_cell_cert_set_cert_len(certs_cell_cert_t *inp, uint16_t val)
402 {
403 inp->cert_len = val;
404 return 0;
405 }
406 size_t
407 certs_cell_cert_getlen_body(const certs_cell_cert_t *inp)
408 {
409 return TRUNNEL_DYNARRAY_LEN(&inp->body);
410 }
411
412 uint8_t
413 certs_cell_cert_get_body(certs_cell_cert_t *inp, size_t idx)
414 {
415 return TRUNNEL_DYNARRAY_GET(&inp->body, idx);
416 }
417
418 int
419 certs_cell_cert_set_body(certs_cell_cert_t *inp, size_t idx, uint8_t elt)
420 {
421 TRUNNEL_DYNARRAY_SET(&inp->body, idx, elt);
422 return 0;
423 }
424 int
425 certs_cell_cert_add_body(certs_cell_cert_t *inp, uint8_t elt)
426 {
427 #if SIZE_MAX >= UINT16_MAX
428 if (inp->body.n_ == UINT16_MAX)
429 goto trunnel_alloc_failed;
430 #endif
431 TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->body, elt, {});
432 return 0;
433 trunnel_alloc_failed:
434 TRUNNEL_SET_ERROR_CODE(inp);
435 return -1;
436 }
437
438 uint8_t *
439 certs_cell_cert_getarray_body(certs_cell_cert_t *inp)
440 {
441 return inp->body.elts_;
442 }
443 int
444 certs_cell_cert_setlen_body(certs_cell_cert_t *inp, size_t newlen)
445 {
446 uint8_t *newptr;
447 #if UINT16_MAX < SIZE_MAX
448 if (newlen > UINT16_MAX)
449 goto trunnel_alloc_failed;
450 #endif
451 newptr = trunnel_dynarray_setlen(&inp->body.allocated_,
452 &inp->body.n_, inp->body.elts_, newlen,
453 sizeof(inp->body.elts_[0]), (trunnel_free_fn_t) NULL,
454 &inp->trunnel_error_code_);
455 if (newptr == NULL)
456 goto trunnel_alloc_failed;
457 inp->body.elts_ = newptr;
458 return 0;
459 trunnel_alloc_failed:
460 TRUNNEL_SET_ERROR_CODE(inp);
461 return -1;
462 }
463 const char *
464 certs_cell_cert_check(const certs_cell_cert_t *obj)
465 {
466 if (obj == NULL)
467 return "Object was NULL";
468 if (obj->trunnel_error_code_)
469 return "A set function failed on this object";
470 if (TRUNNEL_DYNARRAY_LEN(&obj->body) != obj->cert_len)
471 return "Length mismatch for body";
472 return NULL;
473 }
474
475 ssize_t
476 certs_cell_cert_encoded_len(const certs_cell_cert_t *obj)
477 {
478 ssize_t result = 0;
479
480 if (NULL != certs_cell_cert_check(obj))
481 return -1;
482
483
484 /* Length of u8 cert_type */
485 result += 1;
486
487 /* Length of u16 cert_len */
488 result += 2;
489
490 /* Length of u8 body[cert_len] */
491 result += TRUNNEL_DYNARRAY_LEN(&obj->body);
492 return result;
493 }
494 int
495 certs_cell_cert_clear_errors(certs_cell_cert_t *obj)
496 {
497 int r = obj->trunnel_error_code_;
498 obj->trunnel_error_code_ = 0;
499 return r;
500 }
501 ssize_t
502 certs_cell_cert_encode(uint8_t *output, const size_t avail, const certs_cell_cert_t *obj)
503 {
504 ssize_t result = 0;
505 size_t written = 0;
506 uint8_t *ptr = output;
507 const char *msg;
508 #ifdef TRUNNEL_CHECK_ENCODED_LEN
509 const ssize_t encoded_len = certs_cell_cert_encoded_len(obj);
510 #endif
511
512 if (NULL != (msg = certs_cell_cert_check(obj)))
513 goto check_failed;
514
515 #ifdef TRUNNEL_CHECK_ENCODED_LEN
516 trunnel_assert(encoded_len >= 0);
517 #endif
518
519 /* Encode u8 cert_type */
520 trunnel_assert(written <= avail);
521 if (avail - written < 1)
522 goto truncated;
523 trunnel_set_uint8(ptr, (obj->cert_type));
524 written += 1; ptr += 1;
525
526 /* Encode u16 cert_len */
527 trunnel_assert(written <= avail);
528 if (avail - written < 2)
529 goto truncated;
530 trunnel_set_uint16(ptr, trunnel_htons(obj->cert_len));
531 written += 2; ptr += 2;
532
533 /* Encode u8 body[cert_len] */
534 {
535 size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->body);
536 trunnel_assert(obj->cert_len == elt_len);
537 trunnel_assert(written <= avail);
538 if (avail - written < elt_len)
539 goto truncated;
540 memcpy(ptr, obj->body.elts_, elt_len);
541 written += elt_len; ptr += elt_len;
542 }
543
544
545 trunnel_assert(ptr == output + written);
546 #ifdef TRUNNEL_CHECK_ENCODED_LEN
547 {
548 trunnel_assert(encoded_len >= 0);
549 trunnel_assert((size_t)encoded_len == written);
550 }
551
552 #endif
553
554 return written;
555
556 truncated:
557 result = -2;
558 goto fail;
559 check_failed:
560 (void)msg;
561 result = -1;
562 goto fail;
563 fail:
564 trunnel_assert(result < 0);
565 return result;
566 }
567
568 /** As certs_cell_cert_parse(), but do not allocate the output object.
569 */
570 static ssize_t
571 certs_cell_cert_parse_into(certs_cell_cert_t *obj, const uint8_t *input, const size_t len_in)
572 {
573 const uint8_t *ptr = input;
574 size_t remaining = len_in;
575 ssize_t result = 0;
576 (void)result;
577
578 /* Parse u8 cert_type */
579 CHECK_REMAINING(1, truncated);
580 obj->cert_type = (trunnel_get_uint8(ptr));
581 remaining -= 1; ptr += 1;
582
583 /* Parse u16 cert_len */
584 CHECK_REMAINING(2, truncated);
585 obj->cert_len = trunnel_ntohs(trunnel_get_uint16(ptr));
586 remaining -= 2; ptr += 2;
587
588 /* Parse u8 body[cert_len] */
589 CHECK_REMAINING(obj->cert_len, truncated);
590 TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->body, obj->cert_len, {});
591 obj->body.n_ = obj->cert_len;
592 memcpy(obj->body.elts_, ptr, obj->cert_len);
593 ptr += obj->cert_len; remaining -= obj->cert_len;
594 trunnel_assert(ptr + remaining == input + len_in);
595 return len_in - remaining;
596
597 truncated:
598 return -2;
599 trunnel_alloc_failed:
600 return -1;
601 }
602
603 ssize_t
604 certs_cell_cert_parse(certs_cell_cert_t **output, const uint8_t *input, const size_t len_in)
605 {
606 ssize_t result;
607 *output = certs_cell_cert_new();
608 if (NULL == *output)
609 return -1;
610 result = certs_cell_cert_parse_into(*output, input, len_in);
611 if (result < 0) {
612 certs_cell_cert_free(*output);
613 *output = NULL;
614 }
615 return result;
616 }
617 rsa_ed_crosscert_t *
618 rsa_ed_crosscert_new(void)
619 {
620 rsa_ed_crosscert_t *val = trunnel_calloc(1, sizeof(rsa_ed_crosscert_t));
621 if (NULL == val)
622 return NULL;
623 return val;
624 }
625
626 /** Release all storage held inside 'obj', but do not free 'obj'.
627 */
628 static void
629 rsa_ed_crosscert_clear(rsa_ed_crosscert_t *obj)
630 {
631 (void) obj;
632 TRUNNEL_DYNARRAY_WIPE(&obj->sig);
633 TRUNNEL_DYNARRAY_CLEAR(&obj->sig);
634 }
635
636 void
637 rsa_ed_crosscert_free(rsa_ed_crosscert_t *obj)
638 {
639 if (obj == NULL)
640 return;
641 rsa_ed_crosscert_clear(obj);
642 trunnel_memwipe(obj, sizeof(rsa_ed_crosscert_t));
643 trunnel_free_(obj);
644 }
645
646 size_t
647 rsa_ed_crosscert_getlen_ed_key(const rsa_ed_crosscert_t *inp)
648 {
649 (void)inp; return 32;
650 }
651
652 uint8_t
653 rsa_ed_crosscert_get_ed_key(const rsa_ed_crosscert_t *inp, size_t idx)
654 {
655 trunnel_assert(idx < 32);
656 return inp->ed_key[idx];
657 }
658
659 int
660 rsa_ed_crosscert_set_ed_key(rsa_ed_crosscert_t *inp, size_t idx, uint8_t elt)
661 {
662 trunnel_assert(idx < 32);
663 inp->ed_key[idx] = elt;
664 return 0;
665 }
666
667 uint8_t *
668 rsa_ed_crosscert_getarray_ed_key(rsa_ed_crosscert_t *inp)
669 {
670 return inp->ed_key;
671 }
672 uint32_t
673 rsa_ed_crosscert_get_expiration(rsa_ed_crosscert_t *inp)
674 {
675 return inp->expiration;
676 }
677 int
678 rsa_ed_crosscert_set_expiration(rsa_ed_crosscert_t *inp, uint32_t val)
679 {
680 inp->expiration = val;
681 return 0;
682 }
683 const uint8_t *
684 rsa_ed_crosscert_get_end_of_signed(const rsa_ed_crosscert_t *inp)
685 {
686 return inp->end_of_signed;
687 }
688 uint8_t
689 rsa_ed_crosscert_get_sig_len(rsa_ed_crosscert_t *inp)
690 {
691 return inp->sig_len;
692 }
693 int
694 rsa_ed_crosscert_set_sig_len(rsa_ed_crosscert_t *inp, uint8_t val)
695 {
696 inp->sig_len = val;
697 return 0;
698 }
699 size_t
700 rsa_ed_crosscert_getlen_sig(const rsa_ed_crosscert_t *inp)
701 {
702 return TRUNNEL_DYNARRAY_LEN(&inp->sig);
703 }
704
705 uint8_t
706 rsa_ed_crosscert_get_sig(rsa_ed_crosscert_t *inp, size_t idx)
707 {
708 return TRUNNEL_DYNARRAY_GET(&inp->sig, idx);
709 }
710
711 int
712 rsa_ed_crosscert_set_sig(rsa_ed_crosscert_t *inp, size_t idx, uint8_t elt)
713 {
714 TRUNNEL_DYNARRAY_SET(&inp->sig, idx, elt);
715 return 0;
716 }
717 int
718 rsa_ed_crosscert_add_sig(rsa_ed_crosscert_t *inp, uint8_t elt)
719 {
720 #if SIZE_MAX >= UINT8_MAX
721 if (inp->sig.n_ == UINT8_MAX)
722 goto trunnel_alloc_failed;
723 #endif
724 TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->sig, elt, {});
725 return 0;
726 trunnel_alloc_failed:
727 TRUNNEL_SET_ERROR_CODE(inp);
728 return -1;
729 }
730
731 uint8_t *
732 rsa_ed_crosscert_getarray_sig(rsa_ed_crosscert_t *inp)
733 {
734 return inp->sig.elts_;
735 }
736 int
737 rsa_ed_crosscert_setlen_sig(rsa_ed_crosscert_t *inp, size_t newlen)
738 {
739 uint8_t *newptr;
740 #if UINT8_MAX < SIZE_MAX
741 if (newlen > UINT8_MAX)
742 goto trunnel_alloc_failed;
743 #endif
744 newptr = trunnel_dynarray_setlen(&inp->sig.allocated_,
745 &inp->sig.n_, inp->sig.elts_, newlen,
746 sizeof(inp->sig.elts_[0]), (trunnel_free_fn_t) NULL,
747 &inp->trunnel_error_code_);
748 if (newptr == NULL)
749 goto trunnel_alloc_failed;
750 inp->sig.elts_ = newptr;
751 return 0;
752 trunnel_alloc_failed:
753 TRUNNEL_SET_ERROR_CODE(inp);
754 return -1;
755 }
756 const char *
757 rsa_ed_crosscert_check(const rsa_ed_crosscert_t *obj)
758 {
759 if (obj == NULL)
760 return "Object was NULL";
761 if (obj->trunnel_error_code_)
762 return "A set function failed on this object";
763 if (TRUNNEL_DYNARRAY_LEN(&obj->sig) != obj->sig_len)
764 return "Length mismatch for sig";
765 return NULL;
766 }
767
768 ssize_t
769 rsa_ed_crosscert_encoded_len(const rsa_ed_crosscert_t *obj)
770 {
771 ssize_t result = 0;
772
773 if (NULL != rsa_ed_crosscert_check(obj))
774 return -1;
775
776
777 /* Length of u8 ed_key[32] */
778 result += 32;
779
780 /* Length of u32 expiration */
781 result += 4;
782
783 /* Length of u8 sig_len */
784 result += 1;
785
786 /* Length of u8 sig[sig_len] */
787 result += TRUNNEL_DYNARRAY_LEN(&obj->sig);
788 return result;
789 }
790 int
791 rsa_ed_crosscert_clear_errors(rsa_ed_crosscert_t *obj)
792 {
793 int r = obj->trunnel_error_code_;
794 obj->trunnel_error_code_ = 0;
795 return r;
796 }
797 ssize_t
798 rsa_ed_crosscert_encode(uint8_t *output, const size_t avail, const rsa_ed_crosscert_t *obj)
799 {
800 ssize_t result = 0;
801 size_t written = 0;
802 uint8_t *ptr = output;
803 const char *msg;
804 #ifdef TRUNNEL_CHECK_ENCODED_LEN
805 const ssize_t encoded_len = rsa_ed_crosscert_encoded_len(obj);
806 #endif
807
808 if (NULL != (msg = rsa_ed_crosscert_check(obj)))
809 goto check_failed;
810
811 #ifdef TRUNNEL_CHECK_ENCODED_LEN
812 trunnel_assert(encoded_len >= 0);
813 #endif
814
815 /* Encode u8 ed_key[32] */
816 trunnel_assert(written <= avail);
817 if (avail - written < 32)
818 goto truncated;
819 memcpy(ptr, obj->ed_key, 32);
820 written += 32; ptr += 32;
821
822 /* Encode u32 expiration */
823 trunnel_assert(written <= avail);
824 if (avail - written < 4)
825 goto truncated;
826 trunnel_set_uint32(ptr, trunnel_htonl(obj->expiration));
827 written += 4; ptr += 4;
828
829 /* Encode u8 sig_len */
830 trunnel_assert(written <= avail);
831 if (avail - written < 1)
832 goto truncated;
833 trunnel_set_uint8(ptr, (obj->sig_len));
834 written += 1; ptr += 1;
835
836 /* Encode u8 sig[sig_len] */
837 {
838 size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->sig);
839 trunnel_assert(obj->sig_len == elt_len);
840 trunnel_assert(written <= avail);
841 if (avail - written < elt_len)
842 goto truncated;
843 memcpy(ptr, obj->sig.elts_, elt_len);
844 written += elt_len; ptr += elt_len;
845 }
846
847
848 trunnel_assert(ptr == output + written);
849 #ifdef TRUNNEL_CHECK_ENCODED_LEN
850 {
851 trunnel_assert(encoded_len >= 0);
852 trunnel_assert((size_t)encoded_len == written);
853 }
854
855 #endif
856
857 return written;
858
859 truncated:
860 result = -2;
861 goto fail;
862 check_failed:
863 (void)msg;
864 result = -1;
865 goto fail;
866 fail:
867 trunnel_assert(result < 0);
868 return result;
869 }
870
871 /** As rsa_ed_crosscert_parse(), but do not allocate the output
872 * object.
873 */
874 static ssize_t
875 rsa_ed_crosscert_parse_into(rsa_ed_crosscert_t *obj, const uint8_t *input, const size_t len_in)
876 {
877 const uint8_t *ptr = input;
878 size_t remaining = len_in;
879 ssize_t result = 0;
880 (void)result;
881
882 /* Parse u8 ed_key[32] */
883 CHECK_REMAINING(32, truncated);
884 memcpy(obj->ed_key, ptr, 32);
885 remaining -= 32; ptr += 32;
886
887 /* Parse u32 expiration */
888 CHECK_REMAINING(4, truncated);
889 obj->expiration = trunnel_ntohl(trunnel_get_uint32(ptr));
890 remaining -= 4; ptr += 4;
891 obj->end_of_signed = ptr;
892
893 /* Parse u8 sig_len */
894 CHECK_REMAINING(1, truncated);
895 obj->sig_len = (trunnel_get_uint8(ptr));
896 remaining -= 1; ptr += 1;
897
898 /* Parse u8 sig[sig_len] */
899 CHECK_REMAINING(obj->sig_len, truncated);
900 TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->sig, obj->sig_len, {});
901 obj->sig.n_ = obj->sig_len;
902 memcpy(obj->sig.elts_, ptr, obj->sig_len);
903 ptr += obj->sig_len; remaining -= obj->sig_len;
904 trunnel_assert(ptr + remaining == input + len_in);
905 return len_in - remaining;
906
907 truncated:
908 return -2;
909 trunnel_alloc_failed:
910 return -1;
911 }
912
913 ssize_t
914 rsa_ed_crosscert_parse(rsa_ed_crosscert_t **output, const uint8_t *input, const size_t len_in)
915 {
916 ssize_t result;
917 *output = rsa_ed_crosscert_new();
918 if (NULL == *output)
919 return -1;
920 result = rsa_ed_crosscert_parse_into(*output, input, len_in);
921 if (result < 0) {
922 rsa_ed_crosscert_free(*output);
923 *output = NULL;
924 }
925 return result;
926 }
927 auth1_t *
928 auth1_new(void)
929 {
930 auth1_t *val = trunnel_calloc(1, sizeof(auth1_t));
931 if (NULL == val)
932 return NULL;
933 return val;
934 }
935
936 /** Release all storage held inside 'obj', but do not free 'obj'.
937 */
938 static void
939 auth1_clear(auth1_t *obj)
940 {
941 (void) obj;
942 TRUNNEL_DYNARRAY_WIPE(&obj->sig);
943 TRUNNEL_DYNARRAY_CLEAR(&obj->sig);
944 }
945
946 void
947 auth1_free(auth1_t *obj)
948 {
949 if (obj == NULL)
950 return;
951 auth1_clear(obj);
952 trunnel_memwipe(obj, sizeof(auth1_t));
953 trunnel_free_(obj);
954 }
955
956 size_t
957 auth1_getlen_type(const auth1_t *inp)
958 {
959 (void)inp; return 8;
960 }
961
962 uint8_t
963 auth1_get_type(const auth1_t *inp, size_t idx)
964 {
965 trunnel_assert(idx < 8);
966 return inp->type[idx];
967 }
968
969 int
970 auth1_set_type(auth1_t *inp, size_t idx, uint8_t elt)
971 {
972 trunnel_assert(idx < 8);
973 inp->type[idx] = elt;
974 return 0;
975 }
976
977 uint8_t *
978 auth1_getarray_type(auth1_t *inp)
979 {
980 return inp->type;
981 }
982 size_t
983 auth1_getlen_cid(const auth1_t *inp)
984 {
985 (void)inp; return 32;
986 }
987
988 uint8_t
989 auth1_get_cid(const auth1_t *inp, size_t idx)
990 {
991 trunnel_assert(idx < 32);
992 return inp->cid[idx];
993 }
994
995 int
996 auth1_set_cid(auth1_t *inp, size_t idx, uint8_t elt)
997 {
998 trunnel_assert(idx < 32);
999 inp->cid[idx] = elt;
1000 return 0;
1001 }
1002
1003 uint8_t *
1004 auth1_getarray_cid(auth1_t *inp)
1005 {
1006 return inp->cid;
1007 }
1008 size_t
1009 auth1_getlen_sid(const auth1_t *inp)
1010 {
1011 (void)inp; return 32;
1012 }
1013
1014 uint8_t
1015 auth1_get_sid(const auth1_t *inp, size_t idx)
1016 {
1017 trunnel_assert(idx < 32);
1018 return inp->sid[idx];
1019 }
1020
1021 int
1022 auth1_set_sid(auth1_t *inp, size_t idx, uint8_t elt)
1023 {
1024 trunnel_assert(idx < 32);
1025 inp->sid[idx] = elt;
1026 return 0;
1027 }
1028
1029 uint8_t *
1030 auth1_getarray_sid(auth1_t *inp)
1031 {
1032 return inp->sid;
1033 }
1034 size_t
1035 auth1_getlen_u1_cid_ed(const auth1_t *inp)
1036 {
1037 (void)inp; return 32;
1038 }
1039
1040 uint8_t
1041 auth1_get_u1_cid_ed(const auth1_t *inp, size_t idx)
1042 {
1043 trunnel_assert(idx < 32);
1044 return inp->u1_cid_ed[idx];
1045 }
1046
1047 int
1048 auth1_set_u1_cid_ed(auth1_t *inp, size_t idx, uint8_t elt)
1049 {
1050 trunnel_assert(idx < 32);
1051 inp->u1_cid_ed[idx] = elt;
1052 return 0;
1053 }
1054
1055 uint8_t *
1056 auth1_getarray_u1_cid_ed(auth1_t *inp)
1057 {
1058 return inp->u1_cid_ed;
1059 }
1060 size_t
1061 auth1_getlen_u1_sid_ed(const auth1_t *inp)
1062 {
1063 (void)inp; return 32;
1064 }
1065
1066 uint8_t
1067 auth1_get_u1_sid_ed(const auth1_t *inp, size_t idx)
1068 {
1069 trunnel_assert(idx < 32);
1070 return inp->u1_sid_ed[idx];
1071 }
1072
1073 int
1074 auth1_set_u1_sid_ed(auth1_t *inp, size_t idx, uint8_t elt)
1075 {
1076 trunnel_assert(idx < 32);
1077 inp->u1_sid_ed[idx] = elt;
1078 return 0;
1079 }
1080
1081 uint8_t *
1082 auth1_getarray_u1_sid_ed(auth1_t *inp)
1083 {
1084 return inp->u1_sid_ed;
1085 }
1086 size_t
1087 auth1_getlen_slog(const auth1_t *inp)
1088 {
1089 (void)inp; return 32;
1090 }
1091
1092 uint8_t
1093 auth1_get_slog(const auth1_t *inp, size_t idx)
1094 {
1095 trunnel_assert(idx < 32);
1096 return inp->slog[idx];
1097 }
1098
1099 int
1100 auth1_set_slog(auth1_t *inp, size_t idx, uint8_t elt)
1101 {
1102 trunnel_assert(idx < 32);
1103 inp->slog[idx] = elt;
1104 return 0;
1105 }
1106
1107 uint8_t *
1108 auth1_getarray_slog(auth1_t *inp)
1109 {
1110 return inp->slog;
1111 }
1112 size_t
1113 auth1_getlen_clog(const auth1_t *inp)
1114 {
1115 (void)inp; return 32;
1116 }
1117
1118 uint8_t
1119 auth1_get_clog(const auth1_t *inp, size_t idx)
1120 {
1121 trunnel_assert(idx < 32);
1122 return inp->clog[idx];
1123 }
1124
1125 int
1126 auth1_set_clog(auth1_t *inp, size_t idx, uint8_t elt)
1127 {
1128 trunnel_assert(idx < 32);
1129 inp->clog[idx] = elt;
1130 return 0;
1131 }
1132
1133 uint8_t *
1134 auth1_getarray_clog(auth1_t *inp)
1135 {
1136 return inp->clog;
1137 }
1138 size_t
1139 auth1_getlen_scert(const auth1_t *inp)
1140 {
1141 (void)inp; return 32;
1142 }
1143
1144 uint8_t
1145 auth1_get_scert(const auth1_t *inp, size_t idx)
1146 {
1147 trunnel_assert(idx < 32);
1148 return inp->scert[idx];
1149 }
1150
1151 int
1152 auth1_set_scert(auth1_t *inp, size_t idx, uint8_t elt)
1153 {
1154 trunnel_assert(idx < 32);
1155 inp->scert[idx] = elt;
1156 return 0;
1157 }
1158
1159 uint8_t *
1160 auth1_getarray_scert(auth1_t *inp)
1161 {
1162 return inp->scert;
1163 }
1164 size_t
1165 auth1_getlen_tlssecrets(const auth1_t *inp)
1166 {
1167 (void)inp; return 32;
1168 }
1169
1170 uint8_t
1171 auth1_get_tlssecrets(const auth1_t *inp, size_t idx)
1172 {
1173 trunnel_assert(idx < 32);
1174 return inp->tlssecrets[idx];
1175 }
1176
1177 int
1178 auth1_set_tlssecrets(auth1_t *inp, size_t idx, uint8_t elt)
1179 {
1180 trunnel_assert(idx < 32);
1181 inp->tlssecrets[idx] = elt;
1182 return 0;
1183 }
1184
1185 uint8_t *
1186 auth1_getarray_tlssecrets(auth1_t *inp)
1187 {
1188 return inp->tlssecrets;
1189 }
1190 const uint8_t *
1191 auth1_get_end_of_fixed_part(const auth1_t *inp)
1192 {
1193 return inp->end_of_fixed_part;
1194 }
1195 size_t
1196 auth1_getlen_rand(const auth1_t *inp)
1197 {
1198 (void)inp; return 24;
1199 }
1200
1201 uint8_t
1202 auth1_get_rand(const auth1_t *inp, size_t idx)
1203 {
1204 trunnel_assert(idx < 24);
1205 return inp->rand[idx];
1206 }
1207
1208 int
1209 auth1_set_rand(auth1_t *inp, size_t idx, uint8_t elt)
1210 {
1211 trunnel_assert(idx < 24);
1212 inp->rand[idx] = elt;
1213 return 0;
1214 }
1215
1216 uint8_t *
1217 auth1_getarray_rand(auth1_t *inp)
1218 {
1219 return inp->rand;
1220 }
1221 const uint8_t *
1222 auth1_get_end_of_signed(const auth1_t *inp)
1223 {
1224 return inp->end_of_signed;
1225 }
1226 size_t
1227 auth1_getlen_sig(const auth1_t *inp)
1228 {
1229 return TRUNNEL_DYNARRAY_LEN(&inp->sig);
1230 }
1231
1232 uint8_t
1233 auth1_get_sig(auth1_t *inp, size_t idx)
1234 {
1235 return TRUNNEL_DYNARRAY_GET(&inp->sig, idx);
1236 }
1237
1238 int
1239 auth1_set_sig(auth1_t *inp, size_t idx, uint8_t elt)
1240 {
1241 TRUNNEL_DYNARRAY_SET(&inp->sig, idx, elt);
1242 return 0;
1243 }
1244 int
1245 auth1_add_sig(auth1_t *inp, uint8_t elt)
1246 {
1247 TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->sig, elt, {});
1248 return 0;
1249 trunnel_alloc_failed:
1250 TRUNNEL_SET_ERROR_CODE(inp);
1251 return -1;
1252 }
1253
1254 uint8_t *
1255 auth1_getarray_sig(auth1_t *inp)
1256 {
1257 return inp->sig.elts_;
1258 }
1259 int
1260 auth1_setlen_sig(auth1_t *inp, size_t newlen)
1261 {
1262 uint8_t *newptr;
1263 newptr = trunnel_dynarray_setlen(&inp->sig.allocated_,
1264 &inp->sig.n_, inp->sig.elts_, newlen,
1265 sizeof(inp->sig.elts_[0]), (trunnel_free_fn_t) NULL,
1266 &inp->trunnel_error_code_);
1267 if (newptr == NULL)
1268 goto trunnel_alloc_failed;
1269 inp->sig.elts_ = newptr;
1270 return 0;
1271 trunnel_alloc_failed:
1272 TRUNNEL_SET_ERROR_CODE(inp);
1273 return -1;
1274 }
1275 const char *
1276 auth1_check(const auth1_t *obj, const auth_ctx_t *auth_ctx_ctx)
1277 {
1278 if (obj == NULL)
1279 return "Object was NULL";
1280 if (obj->trunnel_error_code_)
1281 return "A set function failed on this object";
1282 if (auth_ctx_ctx == NULL)
1283 return "Context was NULL";
1284 switch (auth_ctx_ctx->is_ed) {
1285
1286 case 0:
1287 break;
1288
1289 case 1:
1290 break;
1291
1292 default:
1293 return "Bad tag for union";
1294 break;
1295 }
1296 return NULL;
1297 }
1298
1299 ssize_t
1300 auth1_encoded_len(const auth1_t *obj, const auth_ctx_t *auth_ctx_ctx)
1301 {
1302 ssize_t result = 0;
1303
1304 if (NULL != auth1_check(obj, auth_ctx_ctx))
1305 return -1;
1306
1307
1308 /* Length of u8 type[8] */
1309 result += 8;
1310
1311 /* Length of u8 cid[32] */
1312 result += 32;
1313
1314 /* Length of u8 sid[32] */
1315 result += 32;
1316 switch (auth_ctx_ctx->is_ed) {
1317
1318 case 0:
1319 break;
1320
1321 case 1:
1322
1323 /* Length of u8 u1_cid_ed[32] */
1324 result += 32;
1325
1326 /* Length of u8 u1_sid_ed[32] */
1327 result += 32;
1328 break;
1329
1330 default:
1331 trunnel_assert(0);
1332 break;
1333 }
1334
1335 /* Length of u8 slog[32] */
1336 result += 32;
1337
1338 /* Length of u8 clog[32] */
1339 result += 32;
1340
1341 /* Length of u8 scert[32] */
1342 result += 32;
1343
1344 /* Length of u8 tlssecrets[32] */
1345 result += 32;
1346
1347 /* Length of u8 rand[24] */
1348 result += 24;
1349
1350 /* Length of u8 sig[] */
1351 result += TRUNNEL_DYNARRAY_LEN(&obj->sig);
1352 return result;
1353 }
1354 int
1355 auth1_clear_errors(auth1_t *obj)
1356 {
1357 int r = obj->trunnel_error_code_;
1358 obj->trunnel_error_code_ = 0;
1359 return r;
1360 }
1361 ssize_t
1362 auth1_encode(uint8_t *output, const size_t avail, const auth1_t *obj, const auth_ctx_t *auth_ctx_ctx)
1363 {
1364 ssize_t result = 0;
1365 size_t written = 0;
1366 uint8_t *ptr = output;
1367 const char *msg;
1368 #ifdef TRUNNEL_CHECK_ENCODED_LEN
1369 const ssize_t encoded_len = auth1_encoded_len(obj, auth_ctx_ctx);
1370 #endif
1371
1372 if (NULL != (msg = auth1_check(obj, auth_ctx_ctx)))
1373 goto check_failed;
1374
1375 #ifdef TRUNNEL_CHECK_ENCODED_LEN
1376 trunnel_assert(encoded_len >= 0);
1377 #endif
1378
1379 /* Encode u8 type[8] */
1380 trunnel_assert(written <= avail);
1381 if (avail - written < 8)
1382 goto truncated;
1383 memcpy(ptr, obj->type, 8);
1384 written += 8; ptr += 8;
1385
1386 /* Encode u8 cid[32] */
1387 trunnel_assert(written <= avail);
1388 if (avail - written < 32)
1389 goto truncated;
1390 memcpy(ptr, obj->cid, 32);
1391 written += 32; ptr += 32;
1392
1393 /* Encode u8 sid[32] */
1394 trunnel_assert(written <= avail);
1395 if (avail - written < 32)
1396 goto truncated;
1397 memcpy(ptr, obj->sid, 32);
1398 written += 32; ptr += 32;
1399
1400 /* Encode union u1[auth_ctx.is_ed] */
1401 trunnel_assert(written <= avail);
1402 switch (auth_ctx_ctx->is_ed) {
1403
1404 case 0:
1405 break;
1406
1407 case 1:
1408
1409 /* Encode u8 u1_cid_ed[32] */
1410 trunnel_assert(written <= avail);
1411 if (avail - written < 32)
1412 goto truncated;
1413 memcpy(ptr, obj->u1_cid_ed, 32);
1414 written += 32; ptr += 32;
1415
1416 /* Encode u8 u1_sid_ed[32] */
1417 trunnel_assert(written <= avail);
1418 if (avail - written < 32)
1419 goto truncated;
1420 memcpy(ptr, obj->u1_sid_ed, 32);
1421 written += 32; ptr += 32;
1422 break;
1423
1424 default:
1425 trunnel_assert(0);
1426 break;
1427 }
1428
1429 /* Encode u8 slog[32] */
1430 trunnel_assert(written <= avail);
1431 if (avail - written < 32)
1432 goto truncated;
1433 memcpy(ptr, obj->slog, 32);
1434 written += 32; ptr += 32;
1435
1436 /* Encode u8 clog[32] */
1437 trunnel_assert(written <= avail);
1438 if (avail - written < 32)
1439 goto truncated;
1440 memcpy(ptr, obj->clog, 32);
1441 written += 32; ptr += 32;
1442
1443 /* Encode u8 scert[32] */
1444 trunnel_assert(written <= avail);
1445 if (avail - written < 32)
1446 goto truncated;
1447 memcpy(ptr, obj->scert, 32);
1448 written += 32; ptr += 32;
1449
1450 /* Encode u8 tlssecrets[32] */
1451 trunnel_assert(written <= avail);
1452 if (avail - written < 32)
1453 goto truncated;
1454 memcpy(ptr, obj->tlssecrets, 32);
1455 written += 32; ptr += 32;
1456
1457 /* Encode u8 rand[24] */
1458 trunnel_assert(written <= avail);
1459 if (avail - written < 24)
1460 goto truncated;
1461 memcpy(ptr, obj->rand, 24);
1462 written += 24; ptr += 24;
1463
1464 /* Encode u8 sig[] */
1465 {
1466 size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->sig);
1467 trunnel_assert(written <= avail);
1468 if (avail - written < elt_len)
1469 goto truncated;
1470 memcpy(ptr, obj->sig.elts_, elt_len);
1471 written += elt_len; ptr += elt_len;
1472 }
1473
1474
1475 trunnel_assert(ptr == output + written);
1476 #ifdef TRUNNEL_CHECK_ENCODED_LEN
1477 {
1478 trunnel_assert(encoded_len >= 0);
1479 trunnel_assert((size_t)encoded_len == written);
1480 }
1481
1482 #endif
1483
1484 return written;
1485
1486 truncated:
1487 result = -2;
1488 goto fail;
1489 check_failed:
1490 (void)msg;
1491 result = -1;
1492 goto fail;
1493 fail:
1494 trunnel_assert(result < 0);
1495 return result;
1496 }
1497
1498 /** As auth1_parse(), but do not allocate the output object.
1499 */
1500 static ssize_t
1501 auth1_parse_into(auth1_t *obj, const uint8_t *input, const size_t len_in, const auth_ctx_t *auth_ctx_ctx)
1502 {
1503 const uint8_t *ptr = input;
1504 size_t remaining = len_in;
1505 ssize_t result = 0;
1506 (void)result;
1507 if (auth_ctx_ctx == NULL)
1508 return -1;
1509
1510 /* Parse u8 type[8] */
1511 CHECK_REMAINING(8, truncated);
1512 memcpy(obj->type, ptr, 8);
1513 remaining -= 8; ptr += 8;
1514
1515 /* Parse u8 cid[32] */
1516 CHECK_REMAINING(32, truncated);
1517 memcpy(obj->cid, ptr, 32);
1518 remaining -= 32; ptr += 32;
1519
1520 /* Parse u8 sid[32] */
1521 CHECK_REMAINING(32, truncated);
1522 memcpy(obj->sid, ptr, 32);
1523 remaining -= 32; ptr += 32;
1524
1525 /* Parse union u1[auth_ctx.is_ed] */
1526 switch (auth_ctx_ctx->is_ed) {
1527
1528 case 0:
1529 break;
1530
1531 case 1:
1532
1533 /* Parse u8 u1_cid_ed[32] */
1534 CHECK_REMAINING(32, truncated);
1535 memcpy(obj->u1_cid_ed, ptr, 32);
1536 remaining -= 32; ptr += 32;
1537
1538 /* Parse u8 u1_sid_ed[32] */
1539 CHECK_REMAINING(32, truncated);
1540 memcpy(obj->u1_sid_ed, ptr, 32);
1541 remaining -= 32; ptr += 32;
1542 break;
1543
1544 default:
1545 goto fail;
1546 break;
1547 }
1548
1549 /* Parse u8 slog[32] */
1550 CHECK_REMAINING(32, truncated);
1551 memcpy(obj->slog, ptr, 32);
1552 remaining -= 32; ptr += 32;
1553
1554 /* Parse u8 clog[32] */
1555 CHECK_REMAINING(32, truncated);
1556 memcpy(obj->clog, ptr, 32);
1557 remaining -= 32; ptr += 32;
1558
1559 /* Parse u8 scert[32] */
1560 CHECK_REMAINING(32, truncated);
1561 memcpy(obj->scert, ptr, 32);
1562 remaining -= 32; ptr += 32;
1563
1564 /* Parse u8 tlssecrets[32] */
1565 CHECK_REMAINING(32, truncated);
1566 memcpy(obj->tlssecrets, ptr, 32);
1567 remaining -= 32; ptr += 32;
1568 obj->end_of_fixed_part = ptr;
1569
1570 /* Parse u8 rand[24] */
1571 CHECK_REMAINING(24, truncated);
1572 memcpy(obj->rand, ptr, 24);
1573 remaining -= 24; ptr += 24;
1574 obj->end_of_signed = ptr;
1575
1576 /* Parse u8 sig[] */
1577 TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->sig, remaining, {});
1578 obj->sig.n_ = remaining;
1579 memcpy(obj->sig.elts_, ptr, remaining);
1580 ptr += remaining; remaining -= remaining;
1581 trunnel_assert(ptr + remaining == input + len_in);
1582 return len_in - remaining;
1583
1584 truncated:
1585 return -2;
1586 trunnel_alloc_failed:
1587 return -1;
1588 fail:
1589 result = -1;
1590 return result;
1591 }
1592
1593 ssize_t
1594 auth1_parse(auth1_t **output, const uint8_t *input, const size_t len_in, const auth_ctx_t *auth_ctx_ctx)
1595 {
1596 ssize_t result;
1597 *output = auth1_new();
1598 if (NULL == *output)
1599 return -1;
1600 result = auth1_parse_into(*output, input, len_in, auth_ctx_ctx);
1601 if (result < 0) {
1602 auth1_free(*output);
1603 *output = NULL;
1604 }
1605 return result;
1606 }
1607 certs_cell_t *
1608 certs_cell_new(void)
1609 {
1610 certs_cell_t *val = trunnel_calloc(1, sizeof(certs_cell_t));
1611 if (NULL == val)
1612 return NULL;
1613 return val;
1614 }
1615
1616 /** Release all storage held inside 'obj', but do not free 'obj'.
1617 */
1618 static void
1619 certs_cell_clear(certs_cell_t *obj)
1620 {
1621 (void) obj;
1622 {
1623
1624 unsigned idx;
1625 for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->certs); ++idx) {
1626 certs_cell_cert_free(TRUNNEL_DYNARRAY_GET(&obj->certs, idx));
1627 }
1628 }
1629 TRUNNEL_DYNARRAY_WIPE(&obj->certs);
1630 TRUNNEL_DYNARRAY_CLEAR(&obj->certs);
1631 }
1632
1633 void
1634 certs_cell_free(certs_cell_t *obj)
1635 {
1636 if (obj == NULL)
1637 return;
1638 certs_cell_clear(obj);
1639 trunnel_memwipe(obj, sizeof(certs_cell_t));
1640 trunnel_free_(obj);
1641 }
1642
1643 uint8_t
1644 certs_cell_get_n_certs(certs_cell_t *inp)
1645 {
1646 return inp->n_certs;
1647 }
1648 int
1649 certs_cell_set_n_certs(certs_cell_t *inp, uint8_t val)
1650 {
1651 inp->n_certs = val;
1652 return 0;
1653 }
1654 size_t
1655 certs_cell_getlen_certs(const certs_cell_t *inp)
1656 {
1657 return TRUNNEL_DYNARRAY_LEN(&inp->certs);
1658 }
1659
1660 struct certs_cell_cert_st *
1661 certs_cell_get_certs(certs_cell_t *inp, size_t idx)
1662 {
1663 return TRUNNEL_DYNARRAY_GET(&inp->certs, idx);
1664 }
1665
1666 int
1667 certs_cell_set_certs(certs_cell_t *inp, size_t idx, struct certs_cell_cert_st * elt)
1668 {
1669 certs_cell_cert_t *oldval = TRUNNEL_DYNARRAY_GET(&inp->certs, idx);
1670 if (oldval && oldval != elt)
1671 certs_cell_cert_free(oldval);
1672 return certs_cell_set0_certs(inp, idx, elt);
1673 }
1674 int
1675 certs_cell_set0_certs(certs_cell_t *inp, size_t idx, struct certs_cell_cert_st * elt)
1676 {
1677 TRUNNEL_DYNARRAY_SET(&inp->certs, idx, elt);
1678 return 0;
1679 }
1680 int
1681 certs_cell_add_certs(certs_cell_t *inp, struct certs_cell_cert_st * elt)
1682 {
1683 #if SIZE_MAX >= UINT8_MAX
1684 if (inp->certs.n_ == UINT8_MAX)
1685 goto trunnel_alloc_failed;
1686 #endif
1687 TRUNNEL_DYNARRAY_ADD(struct certs_cell_cert_st *, &inp->certs, elt, {});
1688 return 0;
1689 trunnel_alloc_failed:
1690 TRUNNEL_SET_ERROR_CODE(inp);
1691 return -1;
1692 }
1693
1694 struct certs_cell_cert_st * *
1695 certs_cell_getarray_certs(certs_cell_t *inp)
1696 {
1697 return inp->certs.elts_;
1698 }
1699 int
1700 certs_cell_setlen_certs(certs_cell_t *inp, size_t newlen)
1701 {
1702 struct certs_cell_cert_st * *newptr;
1703 #if UINT8_MAX < SIZE_MAX
1704 if (newlen > UINT8_MAX)
1705 goto trunnel_alloc_failed;
1706 #endif
1707 newptr = trunnel_dynarray_setlen(&inp->certs.allocated_,
1708 &inp->certs.n_, inp->certs.elts_, newlen,
1709 sizeof(inp->certs.elts_[0]), (trunnel_free_fn_t) certs_cell_cert_free,
1710 &inp->trunnel_error_code_);
1711 if (newptr == NULL)
1712 goto trunnel_alloc_failed;
1713 inp->certs.elts_ = newptr;
1714 return 0;
1715 trunnel_alloc_failed:
1716 TRUNNEL_SET_ERROR_CODE(inp);
1717 return -1;
1718 }
1719 const char *
1720 certs_cell_check(const certs_cell_t *obj)
1721 {
1722 if (obj == NULL)
1723 return "Object was NULL";
1724 if (obj->trunnel_error_code_)
1725 return "A set function failed on this object";
1726 {
1727 const char *msg;
1728
1729 unsigned idx;
1730 for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->certs); ++idx) {
1731 if (NULL != (msg = certs_cell_cert_check(TRUNNEL_DYNARRAY_GET(&obj->certs, idx))))
1732 return msg;
1733 }
1734 }
1735 if (TRUNNEL_DYNARRAY_LEN(&obj->certs) != obj->n_certs)
1736 return "Length mismatch for certs";
1737 return NULL;
1738 }
1739
1740 ssize_t
1741 certs_cell_encoded_len(const certs_cell_t *obj)
1742 {
1743 ssize_t result = 0;
1744
1745 if (NULL != certs_cell_check(obj))
1746 return -1;
1747
1748
1749 /* Length of u8 n_certs */
1750 result += 1;
1751
1752 /* Length of struct certs_cell_cert certs[n_certs] */
1753 {
1754
1755 unsigned idx;
1756 for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->certs); ++idx) {
1757 result += certs_cell_cert_encoded_len(TRUNNEL_DYNARRAY_GET(&obj->certs, idx));
1758 }
1759 }
1760 return result;
1761 }
1762 int
1763 certs_cell_clear_errors(certs_cell_t *obj)
1764 {
1765 int r = obj->trunnel_error_code_;
1766 obj->trunnel_error_code_ = 0;
1767 return r;
1768 }
1769 ssize_t
1770 certs_cell_encode(uint8_t *output, const size_t avail, const certs_cell_t *obj)
1771 {
1772 ssize_t result = 0;
1773 size_t written = 0;
1774 uint8_t *ptr = output;
1775 const char *msg;
1776 #ifdef TRUNNEL_CHECK_ENCODED_LEN
1777 const ssize_t encoded_len = certs_cell_encoded_len(obj);
1778 #endif
1779
1780 if (NULL != (msg = certs_cell_check(obj)))
1781 goto check_failed;
1782
1783 #ifdef TRUNNEL_CHECK_ENCODED_LEN
1784 trunnel_assert(encoded_len >= 0);
1785 #endif
1786
1787 /* Encode u8 n_certs */
1788 trunnel_assert(written <= avail);
1789 if (avail - written < 1)
1790 goto truncated;
1791 trunnel_set_uint8(ptr, (obj->n_certs));
1792 written += 1; ptr += 1;
1793
1794 /* Encode struct certs_cell_cert certs[n_certs] */
1795 {
1796
1797 unsigned idx;
1798 for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->certs); ++idx) {
1799 trunnel_assert(written <= avail);
1800 result = certs_cell_cert_encode(ptr, avail - written, TRUNNEL_DYNARRAY_GET(&obj->certs, idx));
1801 if (result < 0)
1802 goto fail; /* XXXXXXX !*/
1803 written += result; ptr += result;
1804 }
1805 }
1806
1807
1808 trunnel_assert(ptr == output + written);
1809 #ifdef TRUNNEL_CHECK_ENCODED_LEN
1810 {
1811 trunnel_assert(encoded_len >= 0);
1812 trunnel_assert((size_t)encoded_len == written);
1813 }
1814
1815 #endif
1816
1817 return written;
1818
1819 truncated:
1820 result = -2;
1821 goto fail;
1822 check_failed:
1823 (void)msg;
1824 result = -1;
1825 goto fail;
1826 fail:
1827 trunnel_assert(result < 0);
1828 return result;
1829 }
1830
1831 /** As certs_cell_parse(), but do not allocate the output object.
1832 */
1833 static ssize_t
1834 certs_cell_parse_into(certs_cell_t *obj, const uint8_t *input, const size_t len_in)
1835 {
1836 const uint8_t *ptr = input;
1837 size_t remaining = len_in;
1838 ssize_t result = 0;
1839 (void)result;
1840
1841 /* Parse u8 n_certs */
1842 CHECK_REMAINING(1, truncated);
1843 obj->n_certs = (trunnel_get_uint8(ptr));
1844 remaining -= 1; ptr += 1;
1845
1846 /* Parse struct certs_cell_cert certs[n_certs] */
1847 TRUNNEL_DYNARRAY_EXPAND(certs_cell_cert_t *, &obj->certs, obj->n_certs, {});
1848 {
1849 certs_cell_cert_t * elt;
1850 unsigned idx;
1851 for (idx = 0; idx < obj->n_certs; ++idx) {
1852 result = certs_cell_cert_parse(&elt, ptr, remaining);
1853 if (result < 0)
1854 goto relay_fail;
1855 trunnel_assert((size_t)result <= remaining);
1856 remaining -= result; ptr += result;
1857 TRUNNEL_DYNARRAY_ADD(certs_cell_cert_t *, &obj->certs, elt, {certs_cell_cert_free(elt);});
1858 }
1859 }
1860 trunnel_assert(ptr + remaining == input + len_in);
1861 return len_in - remaining;
1862
1863 truncated:
1864 return -2;
1865 relay_fail:
1866 trunnel_assert(result < 0);
1867 return result;
1868 trunnel_alloc_failed:
1869 return -1;
1870 }
1871
1872 ssize_t
1873 certs_cell_parse(certs_cell_t **output, const uint8_t *input, const size_t len_in)
1874 {
1875 ssize_t result;
1876 *output = certs_cell_new();
1877 if (NULL == *output)
1878 return -1;
1879 result = certs_cell_parse_into(*output, input, len_in);
1880 if (result < 0) {
1881 certs_cell_free(*output);
1882 *output = NULL;
1883 }
1884 return result;
1885 }
Tomato firmware and modifications.