1 // Copyright 2021 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16 #include "tink/internal/bn_util.h"
17
18 #include <stddef.h>
19
20 #include <memory>
21 #include <string>
22 #include <utility>
23
24 #include "absl/status/status.h"
25 #include "absl/strings/string_view.h"
26 #include "absl/types/span.h"
27 #include "openssl/bn.h"
28 #include "tink/internal/ssl_unique_ptr.h"
29 #include "tink/subtle/subtle_util.h"
30 #include "tink/util/secret_data.h"
31 #include "tink/util/status.h"
32 #include "tink/util/statusor.h"
33
34 namespace crypto {
35 namespace tink {
36 namespace internal {
37
BignumToBinaryPadded(absl::Span<char> buffer,const BIGNUM * bignum)38 util::Status BignumToBinaryPadded(absl::Span<char> buffer,
39 const BIGNUM *bignum) {
40 if (bignum == nullptr) {
41 return util::Status(absl::StatusCode::kInvalidArgument, "BIGNUM is NULL");
42 }
43 if (BN_is_negative(bignum)) {
44 return util::Status(absl::StatusCode::kInternal,
45 "Value must not be negative");
46 }
47
48 // BN_bn2binpad returns the length of the buffer on success and -1 on failure.
49 int len = BN_bn2binpad(
50 bignum, reinterpret_cast<unsigned char *>(buffer.data()), buffer.size());
51 if (len == -1) {
52 return util::Status(absl::StatusCode::kInternal,
53 "Value too large to fit into the given buffer");
54 }
55
56 return util::OkStatus();
57 }
58
BignumToString(const BIGNUM * bn,size_t len)59 util::StatusOr<std::string> BignumToString(const BIGNUM *bn, size_t len) {
60 if (bn == nullptr) {
61 return util::Status(absl::StatusCode::kInvalidArgument, "BIGNUM is NULL");
62 }
63 std::string buffer;
64 subtle::ResizeStringUninitialized(&buffer, len);
65 util::Status res = BignumToBinaryPadded(absl::MakeSpan(&buffer[0], len), bn);
66 if (!res.ok()) {
67 return res;
68 }
69 return buffer;
70 }
71
BignumToSecretData(const BIGNUM * bn,size_t len)72 util::StatusOr<util::SecretData> BignumToSecretData(const BIGNUM *bn,
73 size_t len) {
74 if (bn == nullptr) {
75 return util::Status(absl::StatusCode::kInvalidArgument, "BIGNUM is NULL");
76 }
77 util::SecretData secret_data(len);
78 util::Status res = BignumToBinaryPadded(
79 absl::MakeSpan(reinterpret_cast<char *>(secret_data.data()),
80 secret_data.size()),
81 bn);
82 if (!res.ok()) {
83 return res;
84 }
85 return secret_data;
86 }
87
StringToBignum(absl::string_view bigendian_bn_str)88 util::StatusOr<internal::SslUniquePtr<BIGNUM>> StringToBignum(
89 absl::string_view bigendian_bn_str) {
90 internal::SslUniquePtr<BIGNUM> bn(BN_bin2bn(
91 reinterpret_cast<const unsigned char *>(bigendian_bn_str.data()),
92 bigendian_bn_str.length(), /*ret=*/nullptr));
93 if (bn.get() == nullptr) {
94 return util::Status(absl::StatusCode::kInternal,
95 "BIGNUM allocation failed");
96 }
97 return std::move(bn);
98 }
99
CompareBignumWithWord(const BIGNUM * bignum,BN_ULONG word)100 int CompareBignumWithWord(const BIGNUM *bignum, BN_ULONG word) {
101 #ifdef OPENSSL_IS_BORINGSSL
102 return BN_cmp_word(bignum, word);
103 #else
104 internal::SslUniquePtr<BIGNUM> bn_word(BN_new());
105 BN_set_word(bn_word.get(), word);
106 return BN_cmp(bignum, bn_word.get());
107 #endif
108 }
109
110 } // namespace internal
111 } // namespace tink
112 } // namespace crypto
113