From 037439c46addc62130617bbba8c5e58e1548bfd8 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Mon, 22 Jul 2019 15:19:02 +0100 Subject: [PATCH] Remove some utilities from the core to provider interface The core provides a number of essential functions as "upcalls" to providers. Some of those were just utility functions that wrap other upcalls - which don't seem essential and bloat the interface. We should remove them in order to simplify the interface. Reviewed-by: Richard Levitte Reviewed-by: Shane Lontis Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/9432) --- crypto/build.info | 2 +- crypto/mem_str.c | 133 --------------------------------- crypto/o_str.c | 120 +++++++++++++++++++++++++++++ crypto/provider_core.c | 4 - include/openssl/core_numbers.h | 32 +++----- providers/fips/fipsprov.c | 36 --------- 6 files changed, 131 insertions(+), 196 deletions(-) delete mode 100644 crypto/mem_str.c diff --git a/crypto/build.info b/crypto/build.info index 3f9eb52bb6..fe49fa387d 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -73,7 +73,7 @@ $UTIL_COMMON=\ $UTIL_DEFINE=$CPUIDDEF SOURCE[../libcrypto]=$UTIL_COMMON \ - mem.c mem_sec.c mem_str.c mem_dbg.c \ + mem.c mem_sec.c mem_dbg.c \ cversion.c info.c cpt_err.c ebcdic.c uid.c o_time.c o_dir.c \ o_fopen.c getenv.c o_init.c o_fips.c init.c trace.c provider.c \ asn1_dsa.c packet.c $UPLINKSRC diff --git a/crypto/mem_str.c b/crypto/mem_str.c deleted file mode 100644 index da13ea4af3..0000000000 --- a/crypto/mem_str.c +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright 2003-2017 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include "e_os.h" -#include -#include -#include "internal/cryptlib.h" - -char *CRYPTO_strdup(const char *str, const char* file, int line) -{ - char *ret; - - if (str == NULL) - return NULL; - ret = CRYPTO_malloc(strlen(str) + 1, file, line); - if (ret != NULL) - strcpy(ret, str); - return ret; -} - -char *CRYPTO_strndup(const char *str, size_t s, const char* file, int line) -{ - size_t maxlen; - char *ret; - - if (str == NULL) - return NULL; - - maxlen = OPENSSL_strnlen(str, s); - - ret = CRYPTO_malloc(maxlen + 1, file, line); - if (ret) { - memcpy(ret, str, maxlen); - ret[maxlen] = '\0'; - } - return ret; -} - -void *CRYPTO_memdup(const void *data, size_t siz, const char* file, int line) -{ - void *ret; - - if (data == NULL || siz >= INT_MAX) - return NULL; - - ret = CRYPTO_malloc(siz, file, line); - if (ret == NULL) { - CRYPTOerr(CRYPTO_F_CRYPTO_MEMDUP, ERR_R_MALLOC_FAILURE); - return NULL; - } - return memcpy(ret, data, siz); -} - -/* - * Give a string of hex digits convert to a buffer - */ -unsigned char *OPENSSL_hexstr2buf(const char *str, long *len) -{ - unsigned char *hexbuf, *q; - unsigned char ch, cl; - int chi, cli; - const unsigned char *p; - size_t s; - - s = strlen(str); - if ((hexbuf = OPENSSL_malloc(s >> 1)) == NULL) { - CRYPTOerr(CRYPTO_F_OPENSSL_HEXSTR2BUF, ERR_R_MALLOC_FAILURE); - return NULL; - } - for (p = (const unsigned char *)str, q = hexbuf; *p; ) { - ch = *p++; - if (ch == ':') - continue; - cl = *p++; - if (!cl) { - CRYPTOerr(CRYPTO_F_OPENSSL_HEXSTR2BUF, - CRYPTO_R_ODD_NUMBER_OF_DIGITS); - OPENSSL_free(hexbuf); - return NULL; - } - cli = OPENSSL_hexchar2int(cl); - chi = OPENSSL_hexchar2int(ch); - if (cli < 0 || chi < 0) { - OPENSSL_free(hexbuf); - CRYPTOerr(CRYPTO_F_OPENSSL_HEXSTR2BUF, CRYPTO_R_ILLEGAL_HEX_DIGIT); - return NULL; - } - *q++ = (unsigned char)((chi << 4) | cli); - } - - if (len) - *len = q - hexbuf; - return hexbuf; -} - -/* - * Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its - * hex representation @@@ (Contents of buffer are always kept in ASCII, also - * on EBCDIC machines) - */ -char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len) -{ - static const char hexdig[] = "0123456789ABCDEF"; - char *tmp, *q; - const unsigned char *p; - int i; - - if (len == 0) - return OPENSSL_zalloc(1); - - if ((tmp = OPENSSL_malloc(len * 3)) == NULL) { - CRYPTOerr(CRYPTO_F_OPENSSL_BUF2HEXSTR, ERR_R_MALLOC_FAILURE); - return NULL; - } - q = tmp; - for (i = 0, p = buffer; i < len; i++, p++) { - *q++ = hexdig[(*p >> 4) & 0xf]; - *q++ = hexdig[*p & 0xf]; - *q++ = ':'; - } - q[-1] = 0; -#ifdef CHARSET_EBCDIC - ebcdic2ascii(tmp, tmp, q - tmp - 1); -#endif - - return tmp; -} diff --git a/crypto/o_str.c b/crypto/o_str.c index 35bb6540f8..c24524f892 100644 --- a/crypto/o_str.c +++ b/crypto/o_str.c @@ -12,6 +12,51 @@ #include #include "internal/cryptlib.h" +char *CRYPTO_strdup(const char *str, const char* file, int line) +{ + char *ret; + + if (str == NULL) + return NULL; + ret = CRYPTO_malloc(strlen(str) + 1, file, line); + if (ret != NULL) + strcpy(ret, str); + return ret; +} + +char *CRYPTO_strndup(const char *str, size_t s, const char* file, int line) +{ + size_t maxlen; + char *ret; + + if (str == NULL) + return NULL; + + maxlen = OPENSSL_strnlen(str, s); + + ret = CRYPTO_malloc(maxlen + 1, file, line); + if (ret) { + memcpy(ret, str, maxlen); + ret[maxlen] = '\0'; + } + return ret; +} + +void *CRYPTO_memdup(const void *data, size_t siz, const char* file, int line) +{ + void *ret; + + if (data == NULL || siz >= INT_MAX) + return NULL; + + ret = CRYPTO_malloc(siz, file, line); + if (ret == NULL) { + CRYPTOerr(CRYPTO_F_CRYPTO_MEMDUP, ERR_R_MALLOC_FAILURE); + return NULL; + } + return memcpy(ret, data, siz); +} + size_t OPENSSL_strnlen(const char *str, size_t maxlen) { const char *p; @@ -84,6 +129,81 @@ int OPENSSL_hexchar2int(unsigned char c) return -1; } +/* + * Give a string of hex digits convert to a buffer + */ +unsigned char *OPENSSL_hexstr2buf(const char *str, long *len) +{ + unsigned char *hexbuf, *q; + unsigned char ch, cl; + int chi, cli; + const unsigned char *p; + size_t s; + + s = strlen(str); + if ((hexbuf = OPENSSL_malloc(s >> 1)) == NULL) { + CRYPTOerr(CRYPTO_F_OPENSSL_HEXSTR2BUF, ERR_R_MALLOC_FAILURE); + return NULL; + } + for (p = (const unsigned char *)str, q = hexbuf; *p; ) { + ch = *p++; + if (ch == ':') + continue; + cl = *p++; + if (!cl) { + CRYPTOerr(CRYPTO_F_OPENSSL_HEXSTR2BUF, + CRYPTO_R_ODD_NUMBER_OF_DIGITS); + OPENSSL_free(hexbuf); + return NULL; + } + cli = OPENSSL_hexchar2int(cl); + chi = OPENSSL_hexchar2int(ch); + if (cli < 0 || chi < 0) { + OPENSSL_free(hexbuf); + CRYPTOerr(CRYPTO_F_OPENSSL_HEXSTR2BUF, CRYPTO_R_ILLEGAL_HEX_DIGIT); + return NULL; + } + *q++ = (unsigned char)((chi << 4) | cli); + } + + if (len) + *len = q - hexbuf; + return hexbuf; +} + +/* + * Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its + * hex representation @@@ (Contents of buffer are always kept in ASCII, also + * on EBCDIC machines) + */ +char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len) +{ + static const char hexdig[] = "0123456789ABCDEF"; + char *tmp, *q; + const unsigned char *p; + int i; + + if (len == 0) + return OPENSSL_zalloc(1); + + if ((tmp = OPENSSL_malloc(len * 3)) == NULL) { + CRYPTOerr(CRYPTO_F_OPENSSL_BUF2HEXSTR, ERR_R_MALLOC_FAILURE); + return NULL; + } + q = tmp; + for (i = 0, p = buffer; i < len; i++, p++) { + *q++ = hexdig[(*p >> 4) & 0xf]; + *q++ = hexdig[*p & 0xf]; + *q++ = ':'; + } + q[-1] = 0; +#ifdef CHARSET_EBCDIC + ebcdic2ascii(tmp, tmp, q - tmp - 1); +#endif + + return tmp; +} + int openssl_strerror_r(int errnum, char *buf, size_t buflen) { #if defined(_MSC_VER) && _MSC_VER>=1400 diff --git a/crypto/provider_core.c b/crypto/provider_core.c index d96e2144f4..0e86097cd0 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -812,9 +812,6 @@ static const OSSL_DISPATCH core_dispatch_[] = { { OSSL_FUNC_CRYPTO_MALLOC, (void (*)(void))CRYPTO_malloc }, { OSSL_FUNC_CRYPTO_ZALLOC, (void (*)(void))CRYPTO_zalloc }, - { OSSL_FUNC_CRYPTO_MEMDUP, (void (*)(void))CRYPTO_memdup }, - { OSSL_FUNC_CRYPTO_STRDUP, (void (*)(void))CRYPTO_strdup }, - { OSSL_FUNC_CRYPTO_STRNDUP, (void (*)(void))CRYPTO_strndup }, { OSSL_FUNC_CRYPTO_FREE, (void (*)(void))CRYPTO_free }, { OSSL_FUNC_CRYPTO_CLEAR_FREE, (void (*)(void))CRYPTO_clear_free }, { OSSL_FUNC_CRYPTO_REALLOC, (void (*)(void))CRYPTO_realloc }, @@ -827,7 +824,6 @@ static const OSSL_DISPATCH core_dispatch_[] = { { OSSL_FUNC_CRYPTO_SECURE_ALLOCATED, (void (*)(void))CRYPTO_secure_allocated }, { OSSL_FUNC_OPENSSL_CLEANSE, (void (*)(void))OPENSSL_cleanse }, - { OSSL_FUNC_OPENSSL_HEXSTR2BUF, (void (*)(void))OPENSSL_hexstr2buf }, { 0, NULL } }; diff --git a/include/openssl/core_numbers.h b/include/openssl/core_numbers.h index 21f4303150..f8a700a2b5 100644 --- a/include/openssl/core_numbers.h +++ b/include/openssl/core_numbers.h @@ -85,48 +85,36 @@ OSSL_CORE_MAKE_FUNC(void *, #define OSSL_FUNC_CRYPTO_ZALLOC 11 OSSL_CORE_MAKE_FUNC(void *, CRYPTO_zalloc, (size_t num, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_MEMDUP 12 -OSSL_CORE_MAKE_FUNC(void *, - CRYPTO_memdup, (const void *str, size_t siz, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_STRDUP 13 -OSSL_CORE_MAKE_FUNC(char *, - CRYPTO_strdup, (const char *str, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_STRNDUP 14 -OSSL_CORE_MAKE_FUNC(char *, - CRYPTO_strndup, (const char *str, size_t s, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_FREE 15 +#define OSSL_FUNC_CRYPTO_FREE 12 OSSL_CORE_MAKE_FUNC(void, CRYPTO_free, (void *ptr, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_CLEAR_FREE 16 +#define OSSL_FUNC_CRYPTO_CLEAR_FREE 13 OSSL_CORE_MAKE_FUNC(void, CRYPTO_clear_free, (void *ptr, size_t num, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_REALLOC 17 +#define OSSL_FUNC_CRYPTO_REALLOC 14 OSSL_CORE_MAKE_FUNC(void *, CRYPTO_realloc, (void *addr, size_t num, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_CLEAR_REALLOC 18 +#define OSSL_FUNC_CRYPTO_CLEAR_REALLOC 15 OSSL_CORE_MAKE_FUNC(void *, CRYPTO_clear_realloc, (void *addr, size_t old_num, size_t num, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_SECURE_MALLOC 19 +#define OSSL_FUNC_CRYPTO_SECURE_MALLOC 16 OSSL_CORE_MAKE_FUNC(void *, CRYPTO_secure_malloc, (size_t num, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_SECURE_ZALLOC 20 +#define OSSL_FUNC_CRYPTO_SECURE_ZALLOC 17 OSSL_CORE_MAKE_FUNC(void *, CRYPTO_secure_zalloc, (size_t num, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_SECURE_FREE 21 +#define OSSL_FUNC_CRYPTO_SECURE_FREE 18 OSSL_CORE_MAKE_FUNC(void, CRYPTO_secure_free, (void *ptr, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE 22 +#define OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE 19 OSSL_CORE_MAKE_FUNC(void, CRYPTO_secure_clear_free, (void *ptr, size_t num, const char *file, int line)) -#define OSSL_FUNC_CRYPTO_SECURE_ALLOCATED 23 +#define OSSL_FUNC_CRYPTO_SECURE_ALLOCATED 20 OSSL_CORE_MAKE_FUNC(int, CRYPTO_secure_allocated, (const void *ptr)) -#define OSSL_FUNC_OPENSSL_CLEANSE 24 +#define OSSL_FUNC_OPENSSL_CLEANSE 21 OSSL_CORE_MAKE_FUNC(void, OPENSSL_cleanse, (void *ptr, size_t len)) -# define OSSL_FUNC_OPENSSL_HEXSTR2BUF 25 -OSSL_CORE_MAKE_FUNC(unsigned char *, - OPENSSL_hexstr2buf, (const char *str, long *len)) /* Functions provided by the provider to the Core, reserved numbers 1024-1535 */ # define OSSL_FUNC_PROVIDER_TEARDOWN 1024 diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 50d3c4b0d7..4c010c895e 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -43,9 +43,6 @@ static OSSL_core_put_error_fn *c_put_error; static OSSL_core_add_error_vdata_fn *c_add_error_vdata; static OSSL_CRYPTO_malloc_fn *c_CRYPTO_malloc; static OSSL_CRYPTO_zalloc_fn *c_CRYPTO_zalloc; -static OSSL_CRYPTO_memdup_fn *c_CRYPTO_memdup; -static OSSL_CRYPTO_strdup_fn *c_CRYPTO_strdup; -static OSSL_CRYPTO_strndup_fn *c_CRYPTO_strndup; static OSSL_CRYPTO_free_fn *c_CRYPTO_free; static OSSL_CRYPTO_clear_free_fn *c_CRYPTO_clear_free; static OSSL_CRYPTO_realloc_fn *c_CRYPTO_realloc; @@ -55,7 +52,6 @@ static OSSL_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc; static OSSL_CRYPTO_secure_free_fn *c_CRYPTO_secure_free; static OSSL_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free; static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated; -static OSSL_OPENSSL_hexstr2buf_fn *c_OPENSSL_hexstr2buf; typedef struct fips_global_st { const OSSL_PROVIDER *prov; @@ -321,15 +317,6 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, case OSSL_FUNC_CRYPTO_ZALLOC: c_CRYPTO_zalloc = OSSL_get_CRYPTO_zalloc(in); break; - case OSSL_FUNC_CRYPTO_MEMDUP: - c_CRYPTO_memdup = OSSL_get_CRYPTO_memdup(in); - break; - case OSSL_FUNC_CRYPTO_STRDUP: - c_CRYPTO_strdup = OSSL_get_CRYPTO_strdup(in); - break; - case OSSL_FUNC_CRYPTO_STRNDUP: - c_CRYPTO_strndup = OSSL_get_CRYPTO_strndup(in); - break; case OSSL_FUNC_CRYPTO_FREE: c_CRYPTO_free = OSSL_get_CRYPTO_free(in); break; @@ -357,9 +344,6 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, case OSSL_FUNC_CRYPTO_SECURE_ALLOCATED: c_CRYPTO_secure_allocated = OSSL_get_CRYPTO_secure_allocated(in); break; - case OSSL_FUNC_OPENSSL_HEXSTR2BUF: - c_OPENSSL_hexstr2buf = OSSL_get_OPENSSL_hexstr2buf(in); - break; default: /* Just ignore anything we don't understand */ break; @@ -478,21 +462,6 @@ void *CRYPTO_zalloc(size_t num, const char *file, int line) return c_CRYPTO_zalloc(num, file, line); } -void *CRYPTO_memdup(const void *str, size_t siz, const char *file, int line) -{ - return c_CRYPTO_memdup(str, siz, file, line); -} - -char *CRYPTO_strdup(const char *str, const char *file, int line) -{ - return c_CRYPTO_strdup(str, file, line); -} - -char *CRYPTO_strndup(const char *str, size_t s, const char *file, int line) -{ - return c_CRYPTO_strndup(str, s, file, line); -} - void CRYPTO_free(void *ptr, const char *file, int line) { c_CRYPTO_free(ptr, file, line); @@ -534,11 +503,6 @@ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *file, int line) c_CRYPTO_secure_clear_free(ptr, num, file, line); } -unsigned char *OPENSSL_hexstr2buf(const char *str, long *len) -{ - return c_OPENSSL_hexstr2buf(str, len); -} - int CRYPTO_secure_allocated(const void *ptr) { return c_CRYPTO_secure_allocated(ptr); -- 2.25.1