2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
12 #include <openssl/err.h>
13 #include <openssl/cryptoerr.h>
14 #include <openssl/params.h>
15 #include "internal/cryptlib.h"
16 #include "internal/param_build.h"
20 } OSSL_PARAM_BLD_BLOCK;
22 #define ALIGN_SIZE sizeof(OSSL_PARAM_BLD_BLOCK)
24 static size_t bytes_to_blocks(size_t bytes)
26 return (bytes + ALIGN_SIZE - 1) / ALIGN_SIZE;
29 static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key,
30 int size, size_t alloc, int type,
33 OSSL_PARAM_BLD_DEF *pd;
35 if (bld->curr >= OSSL_PARAM_BLD_MAX) {
36 CRYPTOerr(CRYPTO_F_PARAM_PUSH, CRYPTO_R_TOO_MANY_RECORDS);
39 pd = bld->params + bld->curr++;
40 memset(pd, 0, sizeof(*pd));
44 pd->alloc_blocks = bytes_to_blocks(size);
45 if ((pd->secure = secure) != 0)
46 bld->secure_blocks += pd->alloc_blocks;
48 bld->total_blocks += pd->alloc_blocks;
52 static int param_push_num(OSSL_PARAM_BLD *bld, const char *key,
53 void *num, size_t size, int type)
55 OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);
59 if (size > sizeof(pd->num)) {
60 CRYPTOerr(CRYPTO_F_PARAM_PUSH_NUM, CRYPTO_R_TOO_MANY_BYTES);
63 memcpy(&pd->num, num, size);
67 void ossl_param_bld_init(OSSL_PARAM_BLD *bld)
69 memset(bld, 0, sizeof(*bld));
72 int ossl_param_bld_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
74 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
77 int ossl_param_bld_push_uint(OSSL_PARAM_BLD *bld, const char *key,
80 return param_push_num(bld, key, &num, sizeof(num),
81 OSSL_PARAM_UNSIGNED_INTEGER);
84 int ossl_param_bld_push_long(OSSL_PARAM_BLD *bld, const char *key,
87 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
90 int ossl_param_bld_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
91 unsigned long int num)
93 return param_push_num(bld, key, &num, sizeof(num),
94 OSSL_PARAM_UNSIGNED_INTEGER);
97 int ossl_param_bld_push_int32(OSSL_PARAM_BLD *bld, const char *key,
100 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
103 int ossl_param_bld_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
106 return param_push_num(bld, key, &num, sizeof(num),
107 OSSL_PARAM_UNSIGNED_INTEGER);
110 int ossl_param_bld_push_int64(OSSL_PARAM_BLD *bld, const char *key,
113 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
116 int ossl_param_bld_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
119 return param_push_num(bld, key, &num, sizeof(num),
120 OSSL_PARAM_UNSIGNED_INTEGER);
123 int ossl_param_bld_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
126 return param_push_num(bld, key, &num, sizeof(num),
127 OSSL_PARAM_UNSIGNED_INTEGER);
130 int ossl_param_bld_push_double(OSSL_PARAM_BLD *bld, const char *key,
133 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
136 int ossl_param_bld_push_BN(OSSL_PARAM_BLD *bld, const char *key,
139 int sz = -1, secure = 0;
140 OSSL_PARAM_BLD_DEF *pd;
143 sz = BN_num_bytes(bn);
145 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_BN,
146 CRYPTO_R_ZERO_LENGTH_NUMBER);
149 if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
152 pd = param_push(bld, key, sz, sz >= 0 ? sz : 0,
153 OSSL_PARAM_UNSIGNED_INTEGER, secure);
160 int ossl_param_bld_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
161 char *buf, size_t bsize)
163 OSSL_PARAM_BLD_DEF *pd;
166 bsize = strlen(buf) + 1;
167 } else if (bsize > INT_MAX) {
168 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING,
169 CRYPTO_R_STRING_TOO_LONG);
172 pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_UTF8_STRING, 0);
179 int ossl_param_bld_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
180 char *buf, size_t bsize)
182 OSSL_PARAM_BLD_DEF *pd;
185 bsize = strlen(buf) + 1;
186 } else if (bsize > INT_MAX) {
187 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR,
188 CRYPTO_R_STRING_TOO_LONG);
191 pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
198 int ossl_param_bld_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
199 void *buf, size_t bsize)
201 OSSL_PARAM_BLD_DEF *pd;
203 if (bsize > INT_MAX) {
204 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING,
205 CRYPTO_R_STRING_TOO_LONG);
208 pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, 0);
215 int ossl_param_bld_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
216 void *buf, size_t bsize)
218 OSSL_PARAM_BLD_DEF *pd;
220 if (bsize > INT_MAX) {
221 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR,
222 CRYPTO_R_STRING_TOO_LONG);
225 pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
232 static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param,
233 OSSL_PARAM_BLD_BLOCK *blk,
234 OSSL_PARAM_BLD_BLOCK *secure)
237 OSSL_PARAM_BLD_DEF *pd;
240 for (i = 0; i < bld->curr; i++) {
241 pd = bld->params + i;
242 param[i].key = pd->key;
243 param[i].data_type = pd->type;
244 param[i].data_size = pd->size;
245 param[i].return_size = 0;
249 secure += pd->alloc_blocks;
252 blk += pd->alloc_blocks;
255 if (pd->bn != NULL) {
257 BN_bn2nativepad(pd->bn, (unsigned char *)p, pd->size);
258 } else if (pd->type == OSSL_PARAM_OCTET_PTR
259 || pd->type == OSSL_PARAM_UTF8_PTR) {
261 *(void **)p = pd->string;
262 } else if (pd->type == OSSL_PARAM_OCTET_STRING
263 || pd->type == OSSL_PARAM_UTF8_STRING) {
264 if (pd->string != NULL)
265 memcpy(p, pd->string, pd->size);
267 memset(p, 0, pd->size);
269 /* Number, but could also be a NULL BIGNUM */
270 if (pd->size > sizeof(pd->num))
271 memset(p, 0, pd->size);
272 else if (pd->size > 0)
273 memcpy(p, &pd->num, pd->size);
276 param[i] = OSSL_PARAM_construct_end();
280 OSSL_PARAM *ossl_param_bld_to_param(OSSL_PARAM_BLD *bld, void **secure)
282 OSSL_PARAM_BLD_BLOCK *blk, *s = NULL;
284 const size_t p_blks = bytes_to_blocks((bld->curr + 1) * sizeof(*param));
285 const size_t total = ALIGN_SIZE * (p_blks + bld->total_blocks);
287 if (bld->secure_blocks > 0) {
288 if (secure == NULL) {
289 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM,
290 CRYPTO_R_INVALID_NULL_ARGUMENT);
293 s = OPENSSL_secure_malloc(bld->secure_blocks * ALIGN_SIZE);
295 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM,
296 CRYPTO_R_SECURE_MALLOC_FAILURE);
300 param = OPENSSL_malloc(total);
302 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE);
303 OPENSSL_secure_free(s);
308 blk = p_blks + (OSSL_PARAM_BLD_BLOCK *)(param);
309 param_bld_convert(bld, param, blk, s);
313 OSSL_PARAM *ossl_param_bld_to_param_ex(OSSL_PARAM_BLD *bld, OSSL_PARAM *params,
314 size_t param_n, void *data,
315 size_t data_n, void *secure,
318 if (params == NULL || data == NULL) {
319 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX,
320 CRYPTO_R_INVALID_NULL_ARGUMENT);
323 if (param_n < bld->curr + 1) {
324 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX,
325 CRYPTO_R_INSUFFICIENT_PARAM_SIZE);
328 if (data_n < ALIGN_SIZE * bld->total_blocks) {
329 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX,
330 CRYPTO_R_INSUFFICIENT_DATA_SPACE);
333 if (bld->secure_blocks > 0 && secure_n < ALIGN_SIZE * bld->secure_blocks) {
334 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX,
335 CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE);
338 param_bld_convert(bld, params, (OSSL_PARAM_BLD_BLOCK *)data,
339 (OSSL_PARAM_BLD_BLOCK *)secure);