root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

evp: convert existing code to use the new modified sentinel for params. 

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11601)
This commit is contained in:
Pauli 2020-04-22 14:20:11 +10:00
parent 2baf2d81e3
commit 99ea4f02bc
2 changed files with 14 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
crypto/evp/evp_lib.c
View File

@ -76,13 +76,15 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
goto err; goto err;
/* ... but, we should get a return size too! */ /* ... but, we should get a return size too! */
if (params[0].return_size != 0 if (OSSL_PARAM_modified(params)
&& params[0].return_size != 0
&& (der = OPENSSL_malloc(params[0].return_size)) != NULL) { && (der = OPENSSL_malloc(params[0].return_size)) != NULL) {
params[0].data = der; params[0].data = der;
params[0].data_size = params[0].return_size; params[0].data_size = params[0].return_size;
params[0].return_size = 0; OSSL_PARAM_set_all_unmodified(params);
derp = der; derp = der;
if (EVP_CIPHER_CTX_get_params(c, params) if (EVP_CIPHER_CTX_get_params(c, params)
&& OSSL_PARAM_modified(params)
&& d2i_ASN1_TYPE(&type, (const unsigned char **)&derp, && d2i_ASN1_TYPE(&type, (const unsigned char **)&derp,
params[0].return_size) != NULL) { params[0].return_size) != NULL) {
ret = 1; ret = 1;

47
crypto/evp/p_lib.c
View File

@ -1617,23 +1617,11 @@ const OSSL_PARAM *EVP_PKEY_gettable_params(EVP_PKEY *pkey)
return evp_keymgmt_gettable_params(pkey->keymgmt); return evp_keymgmt_gettable_params(pkey->keymgmt);
} }
/*
* For the following methods param->return_size is set to a value
* larger than can be returned by the call to evp_keymgmt_get_params().
* If it is still this value then the parameter was ignored - and in this
* case it returns an error..
*/
int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn) int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn)
{ {
int ret = 0; int ret = 0;
OSSL_PARAM params[2]; OSSL_PARAM params[2];
unsigned char buffer[2048]; unsigned char buffer[2048];
/*
* Use -1 as the terminator here instead of sizeof(buffer) + 1 since
* -1 is less likely to be a valid value.
*/
const size_t not_set = (size_t)-1;
unsigned char *buf = NULL; unsigned char *buf = NULL;
size_t buf_sz = 0; size_t buf_sz = 0;
@ -1646,12 +1634,9 @@ int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn)
memset(buffer, 0, sizeof(buffer)); memset(buffer, 0, sizeof(buffer));
params[0] = OSSL_PARAM_construct_BN(key_name, buffer, sizeof(buffer)); params[0] = OSSL_PARAM_construct_BN(key_name, buffer, sizeof(buffer));
/* If the return_size is still not_set then we know it was not found */
params[0].return_size = not_set;
params[1] = OSSL_PARAM_construct_end(); params[1] = OSSL_PARAM_construct_end();
if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) { if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) {
if (params[0].return_size == not_set if (!OSSL_PARAM_modified(params) || params[0].return_size == 0)
|| params[0].return_size == 0)
return 0; return 0;
buf_sz = params[0].return_size; buf_sz = params[0].return_size;
/* /*
@ -1668,7 +1653,7 @@ int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn)
goto err; goto err;
} }
/* Fail if the param was not found */ /* Fail if the param was not found */
if (params[0].return_size == not_set) if (!OSSL_PARAM_modified(params))
goto err; goto err;
ret = OSSL_PARAM_get_BN(params, bn); ret = OSSL_PARAM_get_BN(params, bn);
err: err:
@ -1681,7 +1666,6 @@ int EVP_PKEY_get_octet_string_param(EVP_PKEY *pkey, const char *key_name,
size_t *out_sz) size_t *out_sz)
{ {
OSSL_PARAM params[2]; OSSL_PARAM params[2];
const size_t not_set = max_buf_sz + 1;
if (pkey == NULL if (pkey == NULL
|| pkey->keymgmt == NULL || pkey->keymgmt == NULL
@ -1690,11 +1674,9 @@ int EVP_PKEY_get_octet_string_param(EVP_PKEY *pkey, const char *key_name,
return 0; return 0;
params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, max_buf_sz); params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, max_buf_sz);
params[0].return_size = not_set;
params[1] = OSSL_PARAM_construct_end(); params[1] = OSSL_PARAM_construct_end();
if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
return 0; || !OSSL_PARAM_modified(params))
if (params[0].return_size == not_set)
return 0; return 0;
if (out_sz != NULL) if (out_sz != NULL)
*out_sz = params[0].return_size; *out_sz = params[0].return_size;
@ -1706,7 +1688,6 @@ int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
size_t *out_sz) size_t *out_sz)
{ {
OSSL_PARAM params[2]; OSSL_PARAM params[2];
const size_t not_set = max_buf_sz + 1;
if (pkey == NULL if (pkey == NULL
|| pkey->keymgmt == NULL || pkey->keymgmt == NULL
@ -1715,11 +1696,9 @@ int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
return 0; return 0;
params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, max_buf_sz); params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, max_buf_sz);
params[0].return_size = not_set;
params[1] = OSSL_PARAM_construct_end(); params[1] = OSSL_PARAM_construct_end();
if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
return 0; || !OSSL_PARAM_modified(params))
if (params[0].return_size == not_set)
return 0; return 0;
if (out_sz != NULL) if (out_sz != NULL)
*out_sz = params[0].return_size; *out_sz = params[0].return_size;
@ -1729,7 +1708,6 @@ int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out) int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out)
{ {
OSSL_PARAM params[2]; OSSL_PARAM params[2];
const size_t not_set = sizeof(int) + 1;
if (pkey == NULL if (pkey == NULL
|| pkey->keymgmt == NULL || pkey->keymgmt == NULL
@ -1738,11 +1716,9 @@ int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out)
return 0; return 0;
params[0] = OSSL_PARAM_construct_int(key_name, out); params[0] = OSSL_PARAM_construct_int(key_name, out);
params[0].return_size = not_set;
params[1] = OSSL_PARAM_construct_end(); params[1] = OSSL_PARAM_construct_end();
if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
return 0; || !OSSL_PARAM_modified(params))
if (params[0].return_size == not_set)
return 0; return 0;
return 1; return 1;
} }
@ -1750,7 +1726,6 @@ int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out)
int EVP_PKEY_get_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t *out) int EVP_PKEY_get_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t *out)
{ {
OSSL_PARAM params[2]; OSSL_PARAM params[2];
const size_t not_set = sizeof(size_t) + 1;
if (pkey == NULL if (pkey == NULL
|| pkey->keymgmt == NULL || pkey->keymgmt == NULL
@ -1759,11 +1734,9 @@ int EVP_PKEY_get_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t *out)
return 0; return 0;
params[0] = OSSL_PARAM_construct_size_t(key_name, out); params[0] = OSSL_PARAM_construct_size_t(key_name, out);
params[0].return_size = not_set;
params[1] = OSSL_PARAM_construct_end(); params[1] = OSSL_PARAM_construct_end();
if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
return 0; || !OSSL_PARAM_modified(params))
if (params[0].return_size == not_set)
return 0; return 0;
return 1; return 1;
} }