Rename the BIGNUM ASN.1 functions.
There's many ways to serialize a BIGNUM, so not including asn1 in the name is
confusing (and collides with BN_bn2cbb_padded). Since BN_asn12bn looks
ridiculous, match the parse/marshal naming scheme of other modules instead.
Change-Id: I53d22ae0537a98e223ed943e943c48cb0743cf51
Reviewed-on: https://boringssl-review.googlesource.com/6822
Reviewed-by: Adam Langley <alangley@gmail.com>
diff --git a/crypto/bn/bn_asn1.c b/crypto/bn/bn_asn1.c
index 9d70ba8..efb2335 100644
--- a/crypto/bn/bn_asn1.c
+++ b/crypto/bn/bn_asn1.c
@@ -18,7 +18,7 @@
#include <openssl/err.h>
-int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret) {
+int BN_parse_asn1_unsigned(CBS *cbs, BIGNUM *ret) {
CBS child;
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) ||
CBS_len(&child) == 0) {
@@ -42,7 +42,7 @@
return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL;
}
-int BN_cbs2unsigned_buggy(CBS *cbs, BIGNUM *ret) {
+int BN_parse_asn1_unsigned_buggy(CBS *cbs, BIGNUM *ret) {
CBS child;
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) ||
CBS_len(&child) == 0) {
@@ -58,7 +58,7 @@
return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL;
}
-int BN_bn2cbb(CBB *cbb, const BIGNUM *bn) {
+int BN_marshal_asn1(CBB *cbb, const BIGNUM *bn) {
/* Negative numbers are unsupported. */
if (BN_is_negative(bn)) {
OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER);
@@ -66,28 +66,15 @@
}
CBB child;
- if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER)) {
+ if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER) ||
+ /* The number must be padded with a leading zero if the high bit would
+ * otherwise be set or if |bn| is zero. */
+ (BN_num_bits(bn) % 8 == 0 && !CBB_add_u8(&child, 0x00)) ||
+ !BN_bn2cbb_padded(&child, BN_num_bytes(bn), bn) ||
+ !CBB_flush(cbb)) {
OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR);
return 0;
}
- /* The number must be padded with a leading zero if the high bit would
- * otherwise be set (or |bn| is zero). */
- if (BN_num_bits(bn) % 8 == 0 &&
- !CBB_add_u8(&child, 0x00)) {
- OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR);
- return 0;
- }
-
- uint8_t *out;
- if (!CBB_add_space(&child, &out, BN_num_bytes(bn))) {
- OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR);
- return 0;
- }
- BN_bn2bin(bn, out);
- if (!CBB_flush(cbb)) {
- OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR);
- return 0;
- }
return 1;
}
diff --git a/crypto/bn/bn_test.cc b/crypto/bn/bn_test.cc
index e7e04f1..d60d271 100644
--- a/crypto/bn/bn_test.cc
+++ b/crypto/bn/bn_test.cc
@@ -1823,7 +1823,7 @@
}
CBS cbs;
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len);
- if (!BN_cbs2unsigned(&cbs, bn2.get()) || CBS_len(&cbs) != 0) {
+ if (!BN_parse_asn1_unsigned(&cbs, bn2.get()) || CBS_len(&cbs) != 0) {
fprintf(stderr, "Parsing ASN.1 INTEGER failed.\n");
return false;
}
@@ -1838,7 +1838,7 @@
size_t der_len;
CBB_zero(&cbb);
if (!CBB_init(&cbb, 0) ||
- !BN_bn2cbb(&cbb, bn.get()) ||
+ !BN_marshal_asn1(&cbb, bn.get()) ||
!CBB_finish(&cbb, &der, &der_len)) {
CBB_cleanup(&cbb);
return false;
@@ -1852,7 +1852,7 @@
// |BN_cbs2unsigned_buggy| parses all valid input.
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len);
- if (!BN_cbs2unsigned_buggy(&cbs, bn2.get()) || CBS_len(&cbs) != 0) {
+ if (!BN_parse_asn1_unsigned_buggy(&cbs, bn2.get()) || CBS_len(&cbs) != 0) {
fprintf(stderr, "Parsing ASN.1 INTEGER failed.\n");
return false;
}
@@ -1869,7 +1869,7 @@
}
CBS cbs;
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len);
- if (BN_cbs2unsigned(&cbs, bn.get())) {
+ if (BN_parse_asn1_unsigned(&cbs, bn.get())) {
fprintf(stderr, "Parsed invalid input.\n");
return false;
}
@@ -1878,7 +1878,7 @@
// All tests in kASN1InvalidTests are also rejected by
// |BN_cbs2unsigned_buggy|.
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len);
- if (BN_cbs2unsigned_buggy(&cbs, bn.get())) {
+ if (BN_parse_asn1_unsigned_buggy(&cbs, bn.get())) {
fprintf(stderr, "Parsed invalid input.\n");
return false;
}
@@ -1894,7 +1894,7 @@
CBS cbs;
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len);
- if (BN_cbs2unsigned(&cbs, bn.get())) {
+ if (BN_parse_asn1_unsigned(&cbs, bn.get())) {
fprintf(stderr, "Parsed invalid input.\n");
return false;
}
@@ -1907,7 +1907,7 @@
}
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(test.der), test.der_len);
- if (!BN_cbs2unsigned_buggy(&cbs, bn.get()) || CBS_len(&cbs) != 0) {
+ if (!BN_parse_asn1_unsigned_buggy(&cbs, bn.get()) || CBS_len(&cbs) != 0) {
fprintf(stderr, "Parsing (invalid) ASN.1 INTEGER failed.\n");
return false;
}
@@ -1926,7 +1926,7 @@
CBB cbb;
CBB_zero(&cbb);
if (!CBB_init(&cbb, 0) ||
- BN_bn2cbb(&cbb, bn.get())) {
+ BN_marshal_asn1(&cbb, bn.get())) {
fprintf(stderr, "Serialized negative number.\n");
CBB_cleanup(&cbb);
return false;
diff --git a/crypto/ecdsa/ecdsa_asn1.c b/crypto/ecdsa/ecdsa_asn1.c
index 3fee191..61f5d62 100644
--- a/crypto/ecdsa/ecdsa_asn1.c
+++ b/crypto/ecdsa/ecdsa_asn1.c
@@ -115,8 +115,8 @@
}
CBS child;
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) ||
- !BN_cbs2unsigned(&child, ret->r) ||
- !BN_cbs2unsigned(&child, ret->s) ||
+ !BN_parse_asn1_unsigned(&child, ret->r) ||
+ !BN_parse_asn1_unsigned(&child, ret->s) ||
CBS_len(&child) != 0) {
OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE);
ECDSA_SIG_free(ret);
@@ -140,8 +140,8 @@
int ECDSA_SIG_marshal(CBB *cbb, const ECDSA_SIG *sig) {
CBB child;
if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) ||
- !BN_bn2cbb(&child, sig->r) ||
- !BN_bn2cbb(&child, sig->s) ||
+ !BN_marshal_asn1(&child, sig->r) ||
+ !BN_marshal_asn1(&child, sig->s) ||
!CBB_flush(cbb)) {
OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR);
return 0;
diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c
index b73a0e1..2970717 100644
--- a/crypto/rsa/rsa_asn1.c
+++ b/crypto/rsa/rsa_asn1.c
@@ -76,9 +76,9 @@
return 0;
}
if (buggy) {
- return BN_cbs2unsigned_buggy(cbs, *out);
+ return BN_parse_asn1_unsigned_buggy(cbs, *out);
}
- return BN_cbs2unsigned(cbs, *out);
+ return BN_parse_asn1_unsigned(cbs, *out);
}
static int parse_integer(CBS *cbs, BIGNUM **out) {
@@ -91,7 +91,7 @@
OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING);
return 0;
}
- return BN_bn2cbb(cbb, bn);
+ return BN_marshal_asn1(cbb, bn);
}
static RSA *parse_public_key(CBS *cbs, int buggy) {
diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index 6e971e4..64ec5c9 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@@ -303,17 +303,17 @@
/* ASN.1 functions. */
-/* BN_cbs2unsigned parses a non-negative DER INTEGER from |cbs| writes the
- * result to |ret|. It returns one on success and zero on failure. */
-OPENSSL_EXPORT int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret);
+/* BN_parse_asn1_unsigned parses a non-negative DER INTEGER from |cbs| writes
+ * the result to |ret|. It returns one on success and zero on failure. */
+OPENSSL_EXPORT int BN_parse_asn1_unsigned(CBS *cbs, BIGNUM *ret);
-/* BN_cbs2unsigned_buggy acts like |BN_cbs2unsigned| but tolerates some invalid
- * encodings. Do not use this function. */
-OPENSSL_EXPORT int BN_cbs2unsigned_buggy(CBS *cbs, BIGNUM *ret);
+/* BN_parse_asn1_unsigned_buggy acts like |BN_parse_asn1_unsigned| but tolerates
+ * some invalid encodings. Do not use this function. */
+OPENSSL_EXPORT int BN_parse_asn1_unsigned_buggy(CBS *cbs, BIGNUM *ret);
-/* BN_bn2cbb marshals |bn| as a non-negative DER INTEGER and appends the result
- * to |cbb|. It returns one on success and zero on failure. */
-OPENSSL_EXPORT int BN_bn2cbb(CBB *cbb, const BIGNUM *bn);
+/* BN_marshal_asn1 marshals |bn| as a non-negative DER INTEGER and appends the
+ * result to |cbb|. It returns one on success and zero on failure. */
+OPENSSL_EXPORT int BN_marshal_asn1(CBB *cbb, const BIGNUM *bn);
/* Internal functions.
