2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
12 #include <openssl/err.h>
13 #include <openssl/cryptoerr.h>
14 #include <openssl/params.h>
15 #include "internal/cryptlib.h"
16 #include "internal/param_build.h"
18 #define OSSL_PARAM_ALLOCATED_END 127
22 } OSSL_PARAM_BLD_BLOCK;
24 #define ALIGN_SIZE sizeof(OSSL_PARAM_BLD_BLOCK)
26 static size_t bytes_to_blocks(size_t bytes)
28 return (bytes + ALIGN_SIZE - 1) / ALIGN_SIZE;
31 static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key,
32 int size, size_t alloc, int type,
35 OSSL_PARAM_BLD_DEF *pd;
37 if (bld->curr >= OSSL_PARAM_BLD_MAX) {
38 CRYPTOerr(CRYPTO_F_PARAM_PUSH, CRYPTO_R_TOO_MANY_RECORDS);
41 pd = bld->params + bld->curr++;
42 memset(pd, 0, sizeof(*pd));
46 pd->alloc_blocks = bytes_to_blocks(size);
47 if ((pd->secure = secure) != 0)
48 bld->secure_blocks += pd->alloc_blocks;
50 bld->total_blocks += pd->alloc_blocks;
54 static int param_push_num(OSSL_PARAM_BLD *bld, const char *key,
55 void *num, size_t size, int type)
57 OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);
61 if (size > sizeof(pd->num)) {
62 CRYPTOerr(CRYPTO_F_PARAM_PUSH_NUM, CRYPTO_R_TOO_MANY_BYTES);
65 memcpy(&pd->num, num, size);
69 void ossl_param_bld_init(OSSL_PARAM_BLD *bld)
71 memset(bld, 0, sizeof(*bld));
74 int ossl_param_bld_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
76 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
79 int ossl_param_bld_push_uint(OSSL_PARAM_BLD *bld, const char *key,
82 return param_push_num(bld, key, &num, sizeof(num),
83 OSSL_PARAM_UNSIGNED_INTEGER);
86 int ossl_param_bld_push_long(OSSL_PARAM_BLD *bld, const char *key,
89 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
92 int ossl_param_bld_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
93 unsigned long int num)
95 return param_push_num(bld, key, &num, sizeof(num),
96 OSSL_PARAM_UNSIGNED_INTEGER);
99 int ossl_param_bld_push_int32(OSSL_PARAM_BLD *bld, const char *key,
102 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
105 int ossl_param_bld_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
108 return param_push_num(bld, key, &num, sizeof(num),
109 OSSL_PARAM_UNSIGNED_INTEGER);
112 int ossl_param_bld_push_int64(OSSL_PARAM_BLD *bld, const char *key,
115 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
118 int ossl_param_bld_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
121 return param_push_num(bld, key, &num, sizeof(num),
122 OSSL_PARAM_UNSIGNED_INTEGER);
125 int ossl_param_bld_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
128 return param_push_num(bld, key, &num, sizeof(num),
129 OSSL_PARAM_UNSIGNED_INTEGER);
132 int ossl_param_bld_push_double(OSSL_PARAM_BLD *bld, const char *key,
135 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
138 int ossl_param_bld_push_BN(OSSL_PARAM_BLD *bld, const char *key,
141 int sz = -1, secure = 0;
142 OSSL_PARAM_BLD_DEF *pd;
145 sz = BN_num_bytes(bn);
147 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_BN,
148 CRYPTO_R_ZERO_LENGTH_NUMBER);
151 if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
154 pd = param_push(bld, key, sz, sz >= 0 ? sz : 0,
155 OSSL_PARAM_UNSIGNED_INTEGER, secure);
162 int ossl_param_bld_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
163 char *buf, size_t bsize)
165 OSSL_PARAM_BLD_DEF *pd;
168 bsize = strlen(buf) + 1;
169 } else if (bsize > INT_MAX) {
170 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING,
171 CRYPTO_R_STRING_TOO_LONG);
174 pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_UTF8_STRING, 0);
181 int ossl_param_bld_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
182 char *buf, size_t bsize)
184 OSSL_PARAM_BLD_DEF *pd;
187 bsize = strlen(buf) + 1;
188 } else if (bsize > INT_MAX) {
189 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR,
190 CRYPTO_R_STRING_TOO_LONG);
193 pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
200 int ossl_param_bld_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
201 void *buf, size_t bsize)
203 OSSL_PARAM_BLD_DEF *pd;
205 if (bsize > INT_MAX) {
206 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING,
207 CRYPTO_R_STRING_TOO_LONG);
210 pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, 0);
217 int ossl_param_bld_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
218 void *buf, size_t bsize)
220 OSSL_PARAM_BLD_DEF *pd;
222 if (bsize > INT_MAX) {
223 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR,
224 CRYPTO_R_STRING_TOO_LONG);
227 pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
234 static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param,
235 OSSL_PARAM_BLD_BLOCK *blk,
236 OSSL_PARAM_BLD_BLOCK *secure)
239 OSSL_PARAM_BLD_DEF *pd;
242 for (i = 0; i < bld->curr; i++) {
243 pd = bld->params + i;
244 param[i].key = pd->key;
245 param[i].data_type = pd->type;
246 param[i].data_size = pd->size;
247 param[i].return_size = 0;
251 secure += pd->alloc_blocks;
254 blk += pd->alloc_blocks;
257 if (pd->bn != NULL) {
259 BN_bn2nativepad(pd->bn, (unsigned char *)p, pd->size);
260 } else if (pd->type == OSSL_PARAM_OCTET_PTR
261 || pd->type == OSSL_PARAM_UTF8_PTR) {
263 *(void **)p = pd->string;
264 } else if (pd->type == OSSL_PARAM_OCTET_STRING
265 || pd->type == OSSL_PARAM_UTF8_STRING) {
266 if (pd->string != NULL)
267 memcpy(p, pd->string, pd->size);
269 memset(p, 0, pd->size);
271 /* Number, but could also be a NULL BIGNUM */
272 if (pd->size > sizeof(pd->num))
273 memset(p, 0, pd->size);
274 else if (pd->size > 0)
275 memcpy(p, &pd->num, pd->size);
278 param[i] = OSSL_PARAM_construct_end();
282 OSSL_PARAM *ossl_param_bld_to_param(OSSL_PARAM_BLD *bld)
284 OSSL_PARAM_BLD_BLOCK *blk, *s = NULL;
285 OSSL_PARAM *params, *last;
286 const size_t p_blks = bytes_to_blocks((1 + bld->curr) * sizeof(*params));
287 const size_t total = ALIGN_SIZE * (p_blks + bld->total_blocks);
288 const size_t ss = ALIGN_SIZE * bld->secure_blocks;
291 s = OPENSSL_secure_malloc(ss);
293 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM,
294 CRYPTO_R_SECURE_MALLOC_FAILURE);
298 params = OPENSSL_malloc(total);
299 if (params == NULL) {
300 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE);
301 OPENSSL_secure_free(s);
304 blk = p_blks + (OSSL_PARAM_BLD_BLOCK *)(params);
305 last = param_bld_convert(bld, params, blk, s);
306 last->data_size = ss;
308 last->data_type = OSSL_PARAM_ALLOCATED_END;
312 void ossl_param_bld_free(OSSL_PARAM *params)
314 if (params != NULL) {
317 for (p = params; p->key != NULL; p++)
319 if (p->data_type == OSSL_PARAM_ALLOCATED_END)
320 OPENSSL_secure_clear_free(p->data, p->data_size);
321 OPENSSL_free(params);
325 OSSL_PARAM *ossl_param_bld_to_param_ex(OSSL_PARAM_BLD *bld, OSSL_PARAM *params,
326 size_t param_n, void *data,
327 size_t data_n, void *secure,
330 if (params == NULL || data == NULL) {
331 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX,
332 CRYPTO_R_INVALID_NULL_ARGUMENT);
335 if (param_n < bld->curr + 1) {
336 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX,
337 CRYPTO_R_INSUFFICIENT_PARAM_SIZE);
340 if (data_n < ALIGN_SIZE * bld->total_blocks) {
341 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX,
342 CRYPTO_R_INSUFFICIENT_DATA_SPACE);
345 if (bld->secure_blocks > 0 && secure_n < ALIGN_SIZE * bld->secure_blocks) {
346 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX,
347 CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE);
350 param_bld_convert(bld, params, (OSSL_PARAM_BLD_BLOCK *)data,
351 (OSSL_PARAM_BLD_BLOCK *)secure);