From 1c3ace6898032b7b45d8106ba4e0d21d75b0997e Mon Sep 17 00:00:00 2001 From: Shane Lontis Date: Thu, 5 Sep 2019 11:23:57 +1000 Subject: [PATCH] Change provider params from int to size_t Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9699) --- crypto/evp/evp_enc.c | 32 ++++----- crypto/evp/evp_lib.c | 70 +++++++++++-------- crypto/evp/pmeth_lib.c | 3 +- doc/man3/EVP_PKEY_CTX_ctrl.pod | 2 +- doc/man7/provider-cipher.pod | 22 +++--- doc/man7/provider-digest.pod | 6 +- doc/man7/provider-keyexch.pod | 2 +- include/openssl/core_names.h | 50 ++++++------- include/openssl/mdc2.h | 2 +- providers/common/ciphers/cipher_ccm.c | 4 +- providers/common/ciphers/cipher_common.c | 58 +++++++-------- providers/common/ciphers/cipher_gcm.c | 28 ++++---- providers/common/ciphers/cipher_gcm_hw.c | 2 +- providers/common/ciphers/cipher_locl.h | 8 +-- providers/common/digests/digest_common.c | 13 ++-- providers/common/exchange/dh_exch.c | 10 ++- .../include/internal/ciphers/cipher_aead.h | 2 + .../include/internal/ciphers/cipher_ccm.h | 22 +++--- .../include/internal/ciphers/cipher_gcm.h | 30 ++++---- .../include/internal/ciphers/ciphercommon.h | 25 +++---- .../common/include/internal/digestcommon.h | 2 +- providers/legacy/digests/mdc2_prov.c | 4 +- test/mdc2test.c | 7 +- 23 files changed, 209 insertions(+), 195 deletions(-) diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 96dc83b2a0..466a03dbf3 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -986,8 +986,9 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) { int ok; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; + size_t len = keylen; - params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &keylen); + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &len); ok = evp_do_ciph_ctx_setparams(c->cipher, c->provctx, params); if (ok != EVP_CTRL_RET_UNSUPPORTED) @@ -1010,13 +1011,14 @@ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) { int ok; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; + unsigned int pd = pad; if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING; else ctx->flags |= EVP_CIPH_NO_PADDING; - params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_PADDING, &pad); + params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_PADDING, &pd); ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); return ok != 0; @@ -1026,7 +1028,7 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { int ret = EVP_CTRL_RET_UNSUPPORTED; int set_params = 1; - size_t sz; + size_t sz = arg; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; if (ctx == NULL || ctx->cipher == NULL) { @@ -1039,13 +1041,13 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) switch (type) { case EVP_CTRL_SET_KEY_LENGTH: - params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &arg); + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &sz); break; case EVP_CTRL_RAND_KEY: /* Used by DES */ set_params = 0; params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, - ptr, (size_t)arg); + ptr, sz); break; case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */ @@ -1055,35 +1057,29 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) case EVP_CTRL_GET_IV: set_params = 0; params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, - ptr, (size_t)arg); + ptr, sz); break; case EVP_CTRL_AEAD_SET_IVLEN: if (arg < 0) return 0; - sz = (size_t)arg; - params[0] = - OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, &sz); + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &sz); break; case EVP_CTRL_GCM_SET_IV_FIXED: params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED, - ptr, (size_t)arg); - break; - case EVP_CTRL_AEAD_SET_TAG: - params[0] = - OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, - ptr, (size_t)arg); + ptr, sz); break; case EVP_CTRL_AEAD_GET_TAG: - set_params = 0; + set_params = 0; /* Fall thru */ + case EVP_CTRL_AEAD_SET_TAG: params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, - ptr, (size_t)arg); + ptr, sz); break; case EVP_CTRL_AEAD_TLS1_AAD: /* This one does a set and a get - since it returns a padding size */ params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, - ptr, (size_t)arg); + ptr, sz); ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); if (ret <= 0) return ret; diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index b5b39a7f2d..acb90f222b 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -218,13 +218,14 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx) int EVP_CIPHER_block_size(const EVP_CIPHER *cipher) { - int ok, v = cipher->block_size; + int ok; + size_t v = cipher->block_size; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; - params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_BLOCK_SIZE, &v); + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, &v); ok = evp_do_ciph_getparams(cipher, params); - return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED; + return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; } int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) @@ -304,31 +305,33 @@ void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data) int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher) { - int ok, v = cipher->iv_len; + int ok; + size_t v = cipher->iv_len; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; - params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_IVLEN, &v); + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v); ok = evp_do_ciph_getparams(cipher, params); - return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED; + return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; } int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) { - int len, rv, v = EVP_CIPHER_iv_length(ctx->cipher); + int rv; + size_t len, v = EVP_CIPHER_iv_length(ctx->cipher); OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; - params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_IVLEN, &v); + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v); rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); if (rv == EVP_CTRL_RET_UNSUPPORTED) goto legacy; - return rv != 0 ? v : -1; + return rv != 0 ? (int)v : -1; /* TODO (3.0) Remove legacy support */ legacy: if ((EVP_CIPHER_flags(ctx->cipher) & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) { rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN, 0, &len); - return (rv == 1) ? len : -1; + return (rv == 1) ? (int)len : -1; } return v; } @@ -376,48 +379,52 @@ unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx) int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx) { - int ok, v = ctx->num; + int ok; + unsigned int v = (unsigned int)ctx->num; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; - params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_NUM, &v); + params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v); ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); - return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED; + return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; } int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num) { int ok; + unsigned int n = (unsigned int)num; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; - params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_NUM, &num); + params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n); ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); if (ok != 0) - ctx->num = num; + ctx->num = (int)n; return ok != 0; } int EVP_CIPHER_key_length(const EVP_CIPHER *cipher) { - int ok, v = cipher->key_len; + int ok; + size_t v = cipher->key_len; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; - params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &v); + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v); ok = evp_do_ciph_getparams(cipher, params); - return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED; + return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; } int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) { - int ok, v = ctx->key_len; + int ok; + size_t v = ctx->key_len; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; - params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &v); + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v); ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); - return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED; + return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; } int EVP_CIPHER_nid(const EVP_CIPHER *cipher) @@ -448,13 +455,14 @@ const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher) int EVP_CIPHER_mode(const EVP_CIPHER *cipher) { - int ok, v = EVP_CIPHER_flags(cipher) & EVP_CIPH_MODE; + int ok; + unsigned int v = EVP_CIPHER_flags(cipher) & EVP_CIPH_MODE; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; - params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_MODE, &v); + params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_MODE, &v); ok = evp_do_ciph_getparams(cipher, params); - return ok != 0 ? v : 0; + return ok != 0 ? (int)v : 0; } const char *EVP_MD_name(const EVP_MD *md) @@ -475,7 +483,8 @@ const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md) int EVP_MD_block_size(const EVP_MD *md) { - int ok, v = md->block_size; + int ok; + size_t v = md->block_size; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; if (md == NULL) { @@ -483,10 +492,10 @@ int EVP_MD_block_size(const EVP_MD *md) return -1; } - params[0] = OSSL_PARAM_construct_int(OSSL_DIGEST_PARAM_BLOCK_SIZE, &v); + params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, &v); ok = evp_do_md_getparams(md, params); - return ok != 0 ? v : -1; + return ok != 0 ? (int)v : -1; } int EVP_MD_type(const EVP_MD *md) @@ -501,7 +510,8 @@ int EVP_MD_pkey_type(const EVP_MD *md) int EVP_MD_size(const EVP_MD *md) { - int ok, v = md->md_size; + int ok; + size_t v = md->md_size; OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; if (md == NULL) { @@ -509,10 +519,10 @@ int EVP_MD_size(const EVP_MD *md) return -1; } - params[0] = OSSL_PARAM_construct_int(OSSL_DIGEST_PARAM_SIZE, &v); + params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &v); ok = evp_do_md_getparams(md, params); - return ok != 0 ? v : -1; + return ok != 0 ? (int)v : -1; } unsigned long EVP_MD_flags(const EVP_MD *md) diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 31b4ae4411..d2b28f825b 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -409,13 +409,14 @@ int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params) int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad) { OSSL_PARAM dh_pad_params[2]; + unsigned int upad = pad; /* TODO(3.0): Remove this eventually when no more legacy */ if (ctx->exchprovctx == NULL) return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_DH_PAD, pad, NULL); - dh_pad_params[0] = OSSL_PARAM_construct_int(OSSL_EXCHANGE_PARAM_PAD, &pad); + dh_pad_params[0] = OSSL_PARAM_construct_uint(OSSL_EXCHANGE_PARAM_PAD, &upad); dh_pad_params[1] = OSSL_PARAM_construct_end(); return EVP_PKEY_CTX_set_params(ctx, dh_pad_params); diff --git a/doc/man3/EVP_PKEY_CTX_ctrl.pod b/doc/man3/EVP_PKEY_CTX_ctrl.pod index 369fc0f9d0..1787e19ab7 100644 --- a/doc/man3/EVP_PKEY_CTX_ctrl.pod +++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod @@ -153,7 +153,7 @@ The parameters currently supported by the default provider are: =over 4 -=item OSSL_EXCHANGE_PARAM_PAD (int type) +=item OSSL_EXCHANGE_PARAM_PAD (uint type) Sets the DH padding mode. If B is 1 then the shared secret is padded with zeroes diff --git a/doc/man7/provider-cipher.pod b/doc/man7/provider-cipher.pod index 040a34c126..1b7dff8f76 100644 --- a/doc/man7/provider-cipher.pod +++ b/doc/man7/provider-cipher.pod @@ -39,7 +39,7 @@ provider-cipher - The cipher library E-E provider functions /* Cipher parameter descriptors */ const OSSL_PARAM *OP_cipher_gettable_params(void); - /* Cipheroperation parameter descriptors */ + /* Cipher operation parameter descriptors */ const OSSL_PARAM *OP_cipher_gettable_ctx_params(void); const OSSL_PARAM *OP_cipher_settable_ctx_params(void); @@ -111,7 +111,7 @@ OP_cipher_newctx() should create and return a pointer to a provider side structure for holding context information during a cipher operation. A pointer to this context will be passed back in a number of the other cipher operation function calls. -The paramater B is the provider context generated during provider +The parameter B is the provider context generated during provider initialisation (see L). OP_cipher_freectx() is passed a pointer to the provider side cipher context in @@ -124,7 +124,7 @@ B parameter and return the duplicate copy. =head2 Encryption/Decryption Functions OP_cipher_encrypt_init() initialises a cipher operation for encryption given a -newly created provider side cipher context in the B paramter. +newly created provider side cipher context in the B parameter. The key to be used is given in B which is B bytes long. The IV to be used is given in B which is B bytes long. @@ -158,7 +158,7 @@ The same expectations apply to B as documented for L and L. OP_cipher_cipher() performs encryption/decryption using the provider side cipher -context in the B paramter that should have been previously initialised via +context in the B parameter that should have been previously initialised via a call to OP_cipher_encrypt_init() or OP_cipher_decrypt_init. This should call the raw underlying cipher function without any padding. This will be invoked in the provider as a result of the application calling @@ -197,18 +197,18 @@ parameters are relevant to, or are understood by all ciphers: =over 4 -=item B (int) +=item B (uint) Sets the padding mode for the associated cipher ctx. Setting a value of 1 will turn padding on. -Setting a vlue of 0 will turn padding off. +Setting a value of 0 will turn padding off. -=item B (int) +=item B (uint) Gets the mode for the associated cipher algorithm. See L for a list of valid modes. -=item B (int) +=item B (size_t) Gets the block size for the associated cipher algorithm. The block size should be 1 for stream ciphers. @@ -223,13 +223,13 @@ Gets any flags for the associated cipher algorithm. See L for a list of currently defined cipher flags. -=item B (int) +=item B (size_t) Gets the key length for the associated cipher algorithm. This can also be used to get or set the key length for the associated cipher ctx. -=item B (int) +=item B (size_t) Gets the IV length for the associated cipher algorithm. @@ -237,7 +237,7 @@ Gets the IV length for the associated cipher algorithm. Gets the IV for the associated cipher ctx. -=item B (int) +=item B (uint) Gets or sets the cipher specific "num" parameter for the associated cipher ctx. Built-in ciphers typically use this to track how much of the current underlying diff --git a/doc/man7/provider-digest.pod b/doc/man7/provider-digest.pod index 31d3516def..3d7808452c 100644 --- a/doc/man7/provider-digest.pod +++ b/doc/man7/provider-digest.pod @@ -164,11 +164,11 @@ by all digests: =over 4 -=item B (int) +=item B (size_t) The digest block size. -=item B (int) +=item B (size_t) The digest output size. @@ -243,7 +243,7 @@ section 5.6.8. The next call after setting this parameter will be OP_digest_final(). This is only relevant for implementations of SHA1 or MD5_SHA1. -=item B (int) +=item B (uint) Sets the pad type to be used. The only built-in digest that uses this is MDC2. diff --git a/doc/man7/provider-keyexch.pod b/doc/man7/provider-keyexch.pod index 875d6e267e..71830c12c6 100644 --- a/doc/man7/provider-keyexch.pod +++ b/doc/man7/provider-keyexch.pod @@ -138,7 +138,7 @@ algorithms: =over 4 -=item B (int) +=item B (uint) Sets the padding mode for the associated key exchange ctx. Setting a value of 1 will turn padding on. diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h index 448bc50e8a..2fe06dc272 100644 --- a/include/openssl/core_names.h +++ b/include/openssl/core_names.h @@ -41,50 +41,50 @@ extern "C" { #define OSSL_PROV_PARAM_MODULE_FILENAME "module-filename" /* cipher parameters */ -#define OSSL_CIPHER_PARAM_PADDING "padding" /* int */ -#define OSSL_CIPHER_PARAM_MODE "mode" /* int */ -#define OSSL_CIPHER_PARAM_BLOCK_SIZE "blocksize" /* int */ +#define OSSL_CIPHER_PARAM_PADDING "padding" /* uint */ +#define OSSL_CIPHER_PARAM_MODE "mode" /* uint */ +#define OSSL_CIPHER_PARAM_BLOCK_SIZE "blocksize" /* size_t */ #define OSSL_CIPHER_PARAM_FLAGS "flags" /* ulong */ -#define OSSL_CIPHER_PARAM_KEYLEN "keylen" /* int */ -#define OSSL_CIPHER_PARAM_IVLEN "ivlen" /* int */ +#define OSSL_CIPHER_PARAM_KEYLEN "keylen" /* size_t */ +#define OSSL_CIPHER_PARAM_IVLEN "ivlen" /* size_t */ #define OSSL_CIPHER_PARAM_IV "iv" /* octet_string OR octet_ptr */ -#define OSSL_CIPHER_PARAM_NUM "num" /* int */ +#define OSSL_CIPHER_PARAM_NUM "num" /* uint */ #define OSSL_CIPHER_PARAM_AEAD_TAG "tag" /* octet_string */ #define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD "tlsaad" /* octet_string */ #define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD "tlsaadpad" /* size_t */ #define OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED "tlsivfixed" /* octet_string */ -#define OSSL_CIPHER_PARAM_AEAD_IVLEN "aeadivlen" /* size_t */ +#define OSSL_CIPHER_PARAM_AEAD_IVLEN OSSL_CIPHER_PARAM_IVLEN #define OSSL_CIPHER_PARAM_RANDOM_KEY "randkey" /* octet_string */ /* digest parameters */ -#define OSSL_DIGEST_PARAM_XOFLEN "xoflen" -#define OSSL_DIGEST_PARAM_SSL3_MS "ssl3-ms" -#define OSSL_DIGEST_PARAM_PAD_TYPE "pad_type" -#define OSSL_DIGEST_PARAM_MICALG "micalg" -#define OSSL_DIGEST_PARAM_BLOCK_SIZE "blocksize" /* OSSL_PARAM_INTEGER */ -#define OSSL_DIGEST_PARAM_SIZE "size" /* OSSL_PARAM_INTEGER */ -#define OSSL_DIGEST_PARAM_FLAGS "flags" /* OSSL_PARAM_UNSIGNED_INTEGER */ +#define OSSL_DIGEST_PARAM_XOFLEN "xoflen" /* size_t */ +#define OSSL_DIGEST_PARAM_SSL3_MS "ssl3-ms" /* octet string */ +#define OSSL_DIGEST_PARAM_PAD_TYPE "pad_type" /* uint */ +#define OSSL_DIGEST_PARAM_MICALG "micalg" /* utf8 string */ +#define OSSL_DIGEST_PARAM_BLOCK_SIZE "blocksize" /* size_t */ +#define OSSL_DIGEST_PARAM_SIZE "size" /* size_t */ +#define OSSL_DIGEST_PARAM_FLAGS "flags" /* ulong */ /* Known DIGEST names (not a complete list) */ #define OSSL_DIGEST_NAME_KECCAK_KMAC128 "KECCAK_KMAC128" #define OSSL_DIGEST_NAME_KECCAK_KMAC256 "KECCAK_KMAC256" /* MAC parameters */ -#define OSSL_MAC_PARAM_KEY "key" /* octet string */ -#define OSSL_MAC_PARAM_IV "iv" /* octet string */ -#define OSSL_MAC_PARAM_CUSTOM "custom" /* utf8 string */ -#define OSSL_MAC_PARAM_SALT "salt" /* octet string */ -#define OSSL_MAC_PARAM_XOF "xof" /* int, 0 or 1 */ -#define OSSL_MAC_PARAM_FLAGS "flags" /* int */ +#define OSSL_MAC_PARAM_KEY "key" /* octet string */ +#define OSSL_MAC_PARAM_IV "iv" /* octet string */ +#define OSSL_MAC_PARAM_CUSTOM "custom" /* utf8 string */ +#define OSSL_MAC_PARAM_SALT "salt" /* octet string */ +#define OSSL_MAC_PARAM_XOF "xof" /* int, 0 or 1 */ +#define OSSL_MAC_PARAM_FLAGS "flags" /* int */ /* * If "engine" or "properties" are specified, they should always be paired * with "cipher" or "digest". */ -#define OSSL_MAC_PARAM_CIPHER "cipher" /* utf8 string */ -#define OSSL_MAC_PARAM_DIGEST "digest" /* utf8 string */ -#define OSSL_MAC_PARAM_ENGINE "engine" /* utf8 string */ +#define OSSL_MAC_PARAM_CIPHER "cipher" /* utf8 string */ +#define OSSL_MAC_PARAM_DIGEST "digest" /* utf8 string */ +#define OSSL_MAC_PARAM_ENGINE "engine" /* utf8 string */ #define OSSL_MAC_PARAM_PROPERTIES "properties" /* utf8 string */ -#define OSSL_MAC_PARAM_SIZE "size" /* size_t */ +#define OSSL_MAC_PARAM_SIZE "size" /* size_t */ /* Known MAC names (not a complete list) */ #define OSSL_MAC_NAME_CMAC "CMAC" @@ -103,7 +103,7 @@ extern "C" { /* Key Exchange parameters */ -#define OSSL_EXCHANGE_PARAM_PAD "exchange-pad" +#define OSSL_EXCHANGE_PARAM_PAD "exchange-pad" /* uint */ # ifdef __cplusplus } diff --git a/include/openssl/mdc2.h b/include/openssl/mdc2.h index a26a3c0f06..576695cf7b 100644 --- a/include/openssl/mdc2.h +++ b/include/openssl/mdc2.h @@ -26,7 +26,7 @@ typedef struct mdc2_ctx_st { unsigned int num; unsigned char data[MDC2_BLOCK]; DES_cblock h, hh; - int pad_type; /* either 1 or 2, default 1 */ + unsigned int pad_type; /* either 1 or 2, default 1 */ } MDC2_CTX; int MDC2_Init(MDC2_CTX *c); diff --git a/providers/common/ciphers/cipher_ccm.c b/providers/common/ciphers/cipher_ccm.c index 211b64f768..8970b02670 100644 --- a/providers/common/ciphers/cipher_ccm.c +++ b/providers/common/ciphers/cipher_ccm.c @@ -143,7 +143,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) OSSL_PARAM *p; p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); - if (p != NULL && !OSSL_PARAM_set_int(p, ccm_get_ivlen(ctx))) { + if (p != NULL && !OSSL_PARAM_set_size_t(p, ccm_get_ivlen(ctx))) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } @@ -161,7 +161,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL && !OSSL_PARAM_set_int(p, ctx->keylen)) { + if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } diff --git a/providers/common/ciphers/cipher_common.c b/providers/common/ciphers/cipher_common.c index 5abd2c0010..de67fc1341 100644 --- a/providers/common/ciphers/cipher_common.c +++ b/providers/common/ciphers/cipher_common.c @@ -19,10 +19,11 @@ * Generic cipher functions for OSSL_PARAM gettables and settables */ static const OSSL_PARAM cipher_known_gettable_params[] = { - OSSL_PARAM_int(OSSL_CIPHER_PARAM_MODE, NULL), - OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_int(OSSL_CIPHER_PARAM_IVLEN, NULL), - OSSL_PARAM_int(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL), + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_MODE, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL), + OSSL_PARAM_ulong(OSSL_CIPHER_PARAM_FLAGS, NULL), OSSL_PARAM_END }; const OSSL_PARAM *cipher_generic_gettable_params(void) @@ -30,13 +31,14 @@ const OSSL_PARAM *cipher_generic_gettable_params(void) return cipher_known_gettable_params; } -int cipher_generic_get_params(OSSL_PARAM params[], int md, unsigned long flags, - int kbits, int blkbits, int ivbits) +int cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, + unsigned long flags, + size_t kbits, size_t blkbits, size_t ivbits) { OSSL_PARAM *p; p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE); - if (p != NULL && !OSSL_PARAM_set_int(p, md)) { + if (p != NULL && !OSSL_PARAM_set_uint(p, md)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } @@ -46,17 +48,17 @@ int cipher_generic_get_params(OSSL_PARAM params[], int md, unsigned long flags, return 0; } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL && !OSSL_PARAM_set_int(p, kbits / 8)) { + if (p != NULL && !OSSL_PARAM_set_size_t(p, kbits / 8)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_BLOCK_SIZE); - if (p != NULL && !OSSL_PARAM_set_int(p, blkbits / 8)) { + if (p != NULL && !OSSL_PARAM_set_size_t(p, blkbits / 8)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); - if (p != NULL && !OSSL_PARAM_set_int(p, ivbits / 8)) { + if (p != NULL && !OSSL_PARAM_set_size_t(p, ivbits / 8)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } @@ -67,9 +69,9 @@ CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(cipher_generic) CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(cipher_generic) static const OSSL_PARAM cipher_known_settable_ctx_params[] = { - OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_int(OSSL_CIPHER_PARAM_PADDING, NULL), - OSSL_PARAM_int(OSSL_CIPHER_PARAM_NUM, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_PADDING, NULL), + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_NUM, NULL), OSSL_PARAM_END }; const OSSL_PARAM *cipher_generic_settable_ctx_params(void) @@ -81,8 +83,8 @@ const OSSL_PARAM *cipher_generic_settable_ctx_params(void) * AEAD cipher functions for OSSL_PARAM gettables and settables */ static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = { - OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_int(OSSL_CIPHER_PARAM_IVLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL), @@ -94,7 +96,7 @@ const OSSL_PARAM *cipher_aead_gettable_ctx_params(void) } static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = { - OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, NULL), OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0), @@ -111,7 +113,7 @@ static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, const unsigned char *iv, size_t ivlen, int enc) { - ctx->enc = enc; + ctx->enc = enc ? 1 : 0; if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) { if (ivlen != ctx->ivlen) { @@ -312,12 +314,12 @@ int cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[]) OSSL_PARAM *p; p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); - if (p != NULL && !OSSL_PARAM_set_int(p, ctx->ivlen)) { + if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING); - if (p != NULL && !OSSL_PARAM_set_int(p, ctx->pad)) { + if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->pad)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } @@ -329,12 +331,12 @@ int cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_NUM); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->num)) { + if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->num)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL && !OSSL_PARAM_set_int(p, ctx->keylen)) { + if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } @@ -349,9 +351,9 @@ int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_PADDING); if (p != NULL) { - int pad; + unsigned int pad; - if (!OSSL_PARAM_get_int(p, &pad)) { + if (!OSSL_PARAM_get_uint(p, &pad)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -359,9 +361,9 @@ int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_NUM); if (p != NULL) { - int num; + unsigned int num; - if (!OSSL_PARAM_get_int(p, &num)) { + if (!OSSL_PARAM_get_uint(p, &num)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -369,9 +371,9 @@ int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); if (p != NULL) { - int keylen; + size_t keylen; - if (!OSSL_PARAM_get_int(p, &keylen)) { + if (!OSSL_PARAM_get_size_t(p, &keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -381,7 +383,7 @@ int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, - size_t ivbits, int mode, + size_t ivbits, unsigned int mode, const PROV_CIPHER_HW *hw, void *provctx) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; diff --git a/providers/common/ciphers/cipher_gcm.c b/providers/common/ciphers/cipher_gcm.c index 7d0e47b823..4247319091 100644 --- a/providers/common/ciphers/cipher_gcm.c +++ b/providers/common/ciphers/cipher_gcm.c @@ -29,8 +29,8 @@ void gcm_initctx(void *provctx, PROV_GCM_CTX *ctx, size_t keybits, { ctx->pad = 1; ctx->mode = EVP_CIPH_GCM_MODE; - ctx->taglen = -1; - ctx->tls_aad_len = -1; + ctx->taglen = UNINITIALISED_SIZET; + ctx->tls_aad_len = UNINITIALISED_SIZET; ctx->ivlen_min = ivlen_min; ctx->ivlen = (EVP_GCM_TLS_FIXED_IV_LEN + EVP_GCM_TLS_EXPLICIT_IV_LEN); ctx->keylen = keybits / 8; @@ -89,12 +89,12 @@ int gcm_get_ctx_params(void *vctx, OSSL_PARAM params[]) size_t sz; p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); - if (p != NULL && !OSSL_PARAM_set_int(p, ctx->ivlen)) { + if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL && !OSSL_PARAM_set_int(p, ctx->keylen)) { + if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } @@ -103,7 +103,7 @@ int gcm_get_ctx_params(void *vctx, OSSL_PARAM params[]) if (p != NULL) { if (ctx->iv_gen != 1 && ctx->iv_gen_rand != 1) return 0; - if (ctx->ivlen != (int)p->data_size) { + if (ctx->ivlen != p->data_size) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } @@ -121,7 +121,10 @@ int gcm_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); if (p != NULL) { sz = p->data_size; - if (sz == 0 || sz > EVP_GCM_TLS_TAG_LEN || !ctx->enc || ctx->taglen < 0) { + if (sz == 0 + || sz > EVP_GCM_TLS_TAG_LEN + || !ctx->enc + || ctx->taglen == UNINITIALISED_SIZET) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG); return 0; } @@ -201,14 +204,14 @@ int gcm_set_ctx_params(void *vctx, const OSSL_PARAM params[]) */ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); if (p != NULL) { - int keylen; + size_t keylen; - if (!OSSL_PARAM_get_int(p, &keylen)) { + if (!OSSL_PARAM_get_size_t(p, &keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } /* The key length can not be modified for gcm mode */ - if (keylen != (int)ctx->keylen) + if (keylen != ctx->keylen) return 0; } @@ -296,7 +299,7 @@ static int gcm_cipher_internal(PROV_GCM_CTX *ctx, unsigned char *out, int rv = 0; const PROV_GCM_HW *hw = ctx->hw; - if (ctx->tls_aad_len >= 0) + if (ctx->tls_aad_len != UNINITIALISED_SIZET) return gcm_tls_cipher(ctx, out, padlen, in, len); if (!ctx->key_set || ctx->iv_state == IV_STATE_FINISHED) @@ -425,7 +428,8 @@ static void ctr64_inc(unsigned char *counter) static int gcm_tls_cipher(PROV_GCM_CTX *ctx, unsigned char *out, size_t *padlen, const unsigned char *in, size_t len) { - int rv = 0, arg = EVP_GCM_TLS_EXPLICIT_IV_LEN; + int rv = 0; + size_t arg = EVP_GCM_TLS_EXPLICIT_IV_LEN; size_t plen = 0; unsigned char *tag = NULL; @@ -491,7 +495,7 @@ static int gcm_tls_cipher(PROV_GCM_CTX *ctx, unsigned char *out, size_t *padlen, rv = 1; err: ctx->iv_state = IV_STATE_FINISHED; - ctx->tls_aad_len = -1; + ctx->tls_aad_len = UNINITIALISED_SIZET; *padlen = plen; return rv; } diff --git a/providers/common/ciphers/cipher_gcm_hw.c b/providers/common/ciphers/cipher_gcm_hw.c index 4ef5190b5f..e2587f2e5e 100644 --- a/providers/common/ciphers/cipher_gcm_hw.c +++ b/providers/common/ciphers/cipher_gcm_hw.c @@ -90,7 +90,7 @@ int gcm_cipher_final(PROV_GCM_CTX *ctx, unsigned char *tag) CRYPTO_gcm128_tag(&ctx->gcm, tag, GCM_TAG_MAX_SIZE); ctx->taglen = GCM_TAG_MAX_SIZE; } else { - if (ctx->taglen < 0 + if (ctx->taglen == UNINITIALISED_SIZET || CRYPTO_gcm128_finish(&ctx->gcm, tag, ctx->taglen) != 0) return 0; } diff --git a/providers/common/ciphers/cipher_locl.h b/providers/common/ciphers/cipher_locl.h index 8313498e5e..7e0aaad438 100644 --- a/providers/common/ciphers/cipher_locl.h +++ b/providers/common/ciphers/cipher_locl.h @@ -11,10 +11,10 @@ #define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(name) \ static const OSSL_PARAM name##_known_gettable_ctx_params[] = { \ - OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL), \ - OSSL_PARAM_int(OSSL_CIPHER_PARAM_IVLEN, NULL), \ - OSSL_PARAM_int(OSSL_CIPHER_PARAM_PADDING, NULL), \ - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_NUM, NULL), \ + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), \ + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), \ + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_PADDING, NULL), \ + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_NUM, NULL), \ OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), #define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(name) \ diff --git a/providers/common/digests/digest_common.c b/providers/common/digests/digest_common.c index de135b0a94..062209f329 100644 --- a/providers/common/digests/digest_common.c +++ b/providers/common/digests/digest_common.c @@ -11,18 +11,18 @@ #include "internal/digestcommon.h" #include "internal/providercommonerr.h" -int digest_default_get_params(OSSL_PARAM params[], int blksz, int paramsz, +int digest_default_get_params(OSSL_PARAM params[], size_t blksz, size_t paramsz, unsigned long flags) { OSSL_PARAM *p = NULL; p = OSSL_PARAM_locate(params, OSSL_DIGEST_PARAM_BLOCK_SIZE); - if (p != NULL && !OSSL_PARAM_set_int(p, blksz)) { + if (p != NULL && !OSSL_PARAM_set_size_t(p, blksz)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } p = OSSL_PARAM_locate(params, OSSL_DIGEST_PARAM_SIZE); - if (p != NULL && !OSSL_PARAM_set_int(p, paramsz)) { + if (p != NULL && !OSSL_PARAM_set_size_t(p, paramsz)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } @@ -35,10 +35,9 @@ int digest_default_get_params(OSSL_PARAM params[], int blksz, int paramsz, } static const OSSL_PARAM digest_default_known_gettable_params[] = { - { OSSL_DIGEST_PARAM_BLOCK_SIZE, OSSL_PARAM_INTEGER, NULL, sizeof(int), 0}, - { OSSL_DIGEST_PARAM_SIZE, OSSL_PARAM_INTEGER, NULL, sizeof(int), 0}, - { OSSL_DIGEST_PARAM_FLAGS, OSSL_PARAM_INTEGER, NULL, - sizeof(unsigned long), 0}, + OSSL_PARAM_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, NULL), + OSSL_PARAM_size_t(OSSL_DIGEST_PARAM_SIZE, NULL), + OSSL_PARAM_ulong(OSSL_DIGEST_PARAM_FLAGS, NULL), OSSL_PARAM_END }; const OSSL_PARAM *digest_default_gettable_params(void) diff --git a/providers/common/exchange/dh_exch.c b/providers/common/exchange/dh_exch.c index 69980d8e97..5ff8318725 100644 --- a/providers/common/exchange/dh_exch.c +++ b/providers/common/exchange/dh_exch.c @@ -30,7 +30,7 @@ static OSSL_OP_keyexch_dupctx_fn dh_dupctx; typedef struct { DH *dh; DH *dhpeer; - int pad; + unsigned int pad : 1; } PROV_DH_CTX; static void *dh_newctx(void *provctx) @@ -128,17 +128,15 @@ static int dh_set_params(void *vpdhctx, const OSSL_PARAM params[]) { PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; const OSSL_PARAM *p; - int pad; + unsigned int pad; if (pdhctx == NULL || params == NULL) return 0; p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_PAD); - if (p == NULL || !OSSL_PARAM_get_int(p, &pad)) + if (p == NULL || !OSSL_PARAM_get_uint(p, &pad)) return 0; - - pdhctx->pad = pad; - + pdhctx->pad = pad ? 1 : 0; return 1; } diff --git a/providers/common/include/internal/ciphers/cipher_aead.h b/providers/common/include/internal/ciphers/cipher_aead.h index a2fe87e967..1ddba1c325 100644 --- a/providers/common/include/internal/ciphers/cipher_aead.h +++ b/providers/common/include/internal/ciphers/cipher_aead.h @@ -7,6 +7,8 @@ * https://www.openssl.org/source/license.html */ +#define UNINITIALISED_SIZET ((size_t)-1) + /* TODO(3.0) Figure out what flags are really needed */ #define AEAD_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ diff --git a/providers/common/include/internal/ciphers/cipher_ccm.h b/providers/common/include/internal/ciphers/cipher_ccm.h index 503d077def..08a2d46858 100644 --- a/providers/common/include/internal/ciphers/cipher_ccm.h +++ b/providers/common/include/internal/ciphers/cipher_ccm.h @@ -28,24 +28,24 @@ typedef struct S390X_kmac_params_st { /* Base structure that is shared by AES & ARIA for CCM MODE */ typedef struct prov_ccm_st { - int enc; - int key_set; /* Set if key initialised */ - int iv_set; /* Set if an iv is set */ - int tag_set; /* Set if tag is valid */ - int len_set; /* Set if message length set */ - size_t l, m; /* L and M parameters from RFC3610 */ + unsigned int enc : 1; + unsigned int key_set : 1; /* Set if key initialised */ + unsigned int iv_set : 1; /* Set if an iv is set */ + unsigned int tag_set : 1; /* Set if tag is valid */ + unsigned int len_set : 1; /* Set if message length set */ + size_t l, m; /* L and M parameters from RFC3610 */ size_t keylen; - int tls_aad_len; /* TLS AAD length */ - int tls_aad_pad_sz; + int tls_aad_len; /* TLS AAD length */ + size_t tls_aad_pad_sz; unsigned char iv[AES_BLOCK_SIZE]; unsigned char buf[AES_BLOCK_SIZE]; CCM128_CONTEXT ccm_ctx; ccm128_f str; - const PROV_CCM_HW *hw; /* hardware specific methods */ + const PROV_CCM_HW *hw; /* hardware specific methods */ } PROV_CCM_CTX; typedef struct prov_aes_ccm_ctx_st { - PROV_CCM_CTX base; /* Must be first */ + PROV_CCM_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; /*- @@ -71,7 +71,7 @@ typedef struct prov_aes_ccm_ctx_st { unsigned char b[AES_BLOCK_SIZE]; } buf; unsigned char dummy_pad[168]; - unsigned int fc; /* fc has same offset as ks.ks.rounds */ + unsigned int fc; /* fc has same offset as ks.ks.rounds */ } s390x; #endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */ } ccm; diff --git a/providers/common/include/internal/ciphers/cipher_gcm.h b/providers/common/include/internal/ciphers/cipher_gcm.h index 63600c38e7..f4e2894fe2 100644 --- a/providers/common/include/internal/ciphers/cipher_gcm.h +++ b/providers/common/include/internal/ciphers/cipher_gcm.h @@ -13,7 +13,7 @@ typedef struct prov_gcm_hw_st PROV_GCM_HW; -#define GCM_IV_DEFAULT_SIZE 12/* IV's for AES_GCM should normally be 12 bytes */ +#define GCM_IV_DEFAULT_SIZE 12 /* IV's for AES_GCM should normally be 12 bytes */ #define GCM_IV_MAX_SIZE 64 #define GCM_TAG_MAX_SIZE 16 @@ -45,18 +45,13 @@ typedef struct S390X_kma_params_st { #endif typedef struct prov_gcm_ctx_st { - int enc; /* Set to 1 if we are encrypting or 0 otherwise */ - int mode; /* The mode that we are using */ + unsigned int mode; /* The mode that we are using */ size_t keylen; - int ivlen; + size_t ivlen; size_t ivlen_min; - int taglen; - int key_set; /* Set if key initialised */ - int iv_state; /* set to one of IV_STATE_XXX */ - int iv_gen_rand; /* No IV was specified, so generate a rand IV */ - int iv_gen; /* It is OK to generate IVs */ - int tls_aad_pad_sz; - int tls_aad_len; /* TLS AAD length */ + size_t taglen; + size_t tls_aad_pad_sz; + size_t tls_aad_len; /* TLS AAD length */ uint64_t tls_enc_records; /* Number of TLS records encrypted */ /* @@ -64,13 +59,18 @@ typedef struct prov_gcm_ctx_st { * manage partial blocks themselves. */ size_t num; - size_t bufsz; /* Number of bytes in buf */ + size_t bufsz; /* Number of bytes in buf */ uint64_t flags; - unsigned int pad : 1; /* Whether padding should be used or not */ + unsigned int iv_state; /* set to one of IV_STATE_XXX */ + unsigned int enc:1; /* Set to 1 if we are encrypting or 0 otherwise */ + unsigned int pad:1; /* Whether padding should be used or not */ + unsigned int key_set:1; /* Set if key initialised */ + unsigned int iv_gen_rand:1; /* No IV was specified, so generate a rand IV */ + unsigned int iv_gen:1; /* It is OK to generate IVs */ unsigned char iv[GCM_IV_MAX_SIZE]; /* Buffer to use for IV's */ - unsigned char buf[AES_BLOCK_SIZE]; /* Buffer of partial blocks processed via update calls */ + unsigned char buf[AES_BLOCK_SIZE]; /* Buffer of partial blocks processed via update calls */ OPENSSL_CTX *libctx; /* needed for rand calls */ const PROV_GCM_HW *hw; /* hardware specific methods */ @@ -153,7 +153,7 @@ int gcm_one_shot(PROV_GCM_CTX *ctx, unsigned char *aad, size_t aad_len, int gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in, size_t len, unsigned char *out); -#define GCM_HW_SET_KEY_CTR_FN(ks, fn_set_enc_key, fn_block, fn_ctr) \ +#define GCM_HW_SET_KEY_CTR_FN(ks, fn_set_enc_key, fn_block, fn_ctr) \ ctx->ks = ks; \ fn_set_enc_key(key, keylen * 8, ks); \ CRYPTO_gcm128_init(&ctx->gcm, ks, (block128_f)fn_block); \ diff --git a/providers/common/include/internal/ciphers/ciphercommon.h b/providers/common/include/internal/ciphers/ciphercommon.h index 38d0396902..5593447264 100644 --- a/providers/common/include/internal/ciphers/ciphercommon.h +++ b/providers/common/include/internal/ciphers/ciphercommon.h @@ -39,20 +39,20 @@ struct prov_cipher_ctx_st { ctr128_f ctr; } stream; + unsigned int mode; + size_t keylen; /* key size (in bytes) */ + size_t ivlen; + size_t blocksize; + size_t bufsz; /* Number of bytes in buf */ + unsigned int pad : 1; /* Whether padding should be used or not */ + unsigned int enc : 1; /* Set to 1 for encrypt, or 0 otherwise */ + /* * num contains the number of bytes of |iv| which are valid for modes that * manage partial blocks themselves. */ - size_t num; - - int mode; - int enc; /* Set to 1 for encrypt, or 0 otherwise */ - size_t bufsz; /* Number of bytes in buf */ - size_t keylen; /* key size (in bytes) */ - size_t ivlen; - size_t blocksize; + unsigned int num; uint64_t flags; - unsigned int pad : 1; /* Whether padding should be used or not */ /* Buffer of partial blocks processed via update calls */ unsigned char buf[GENERIC_BLOCK_SIZE]; @@ -81,10 +81,11 @@ OSSL_OP_cipher_gettable_ctx_params_fn cipher_generic_gettable_ctx_params; OSSL_OP_cipher_settable_ctx_params_fn cipher_generic_settable_ctx_params; OSSL_OP_cipher_gettable_ctx_params_fn cipher_aead_gettable_ctx_params; OSSL_OP_cipher_settable_ctx_params_fn cipher_aead_settable_ctx_params; -int cipher_generic_get_params(OSSL_PARAM params[], int md, unsigned long flags, - int kbits, int blkbits, int ivbits); +int cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, + unsigned long flags, + size_t kbits, size_t blkbits, size_t ivbits); void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, - size_t ivbits, int mode, + size_t ivbits, unsigned int mode, const PROV_CIPHER_HW *hw, void *provctx); #define IMPLEMENT_generic_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \ diff --git a/providers/common/include/internal/digestcommon.h b/providers/common/include/internal/digestcommon.h index 533e854e30..88caccf7cd 100644 --- a/providers/common/include/internal/digestcommon.h +++ b/providers/common/include/internal/digestcommon.h @@ -93,7 +93,7 @@ PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END const OSSL_PARAM *digest_default_gettable_params(void); -int digest_default_get_params(OSSL_PARAM params[], int blksz, int paramsz, +int digest_default_get_params(OSSL_PARAM params[], size_t blksz, size_t paramsz, unsigned long flags); # ifdef __cplusplus diff --git a/providers/legacy/digests/mdc2_prov.c b/providers/legacy/digests/mdc2_prov.c index b30d50327d..cf37b528e7 100644 --- a/providers/legacy/digests/mdc2_prov.c +++ b/providers/legacy/digests/mdc2_prov.c @@ -20,7 +20,7 @@ static OSSL_OP_digest_set_ctx_params_fn mdc2_set_ctx_params; static OSSL_OP_digest_settable_ctx_params_fn mdc2_settable_ctx_params; static const OSSL_PARAM known_mdc2_settable_ctx_params[] = { - {OSSL_DIGEST_PARAM_PAD_TYPE, OSSL_PARAM_INTEGER, NULL, sizeof(int), 0}, + OSSL_PARAM_uint(OSSL_DIGEST_PARAM_PAD_TYPE, NULL), OSSL_PARAM_END }; @@ -36,7 +36,7 @@ static int mdc2_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (ctx != NULL && params != NULL) { p = OSSL_PARAM_locate_const(params, OSSL_DIGEST_PARAM_PAD_TYPE); - if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->pad_type)) { + if (p != NULL && !OSSL_PARAM_get_uint(p, &ctx->pad_type)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } diff --git a/test/mdc2test.c b/test/mdc2test.c index 5b54f1038b..d1c2f26bdc 100644 --- a/test/mdc2test.c +++ b/test/mdc2test.c @@ -39,7 +39,8 @@ static unsigned char pad2[16] = { static int test_mdc2(void) { - int testresult = 0, pad_type = 2; + int testresult = 0; + unsigned int pad_type = 2; unsigned char md[MDC2_DIGEST_LENGTH]; EVP_MD_CTX *c; static char text[] = "Now is the time for all "; @@ -47,8 +48,8 @@ static int test_mdc2(void) OSSL_PROVIDER *prov = NULL; OSSL_PARAM params[2]; - params[i++] = OSSL_PARAM_construct_int(OSSL_DIGEST_PARAM_PAD_TYPE, - &pad_type), + params[i++] = OSSL_PARAM_construct_uint(OSSL_DIGEST_PARAM_PAD_TYPE, + &pad_type), params[i++] = OSSL_PARAM_construct_end(); prov = OSSL_PROVIDER_load(NULL, "legacy"); -- 2.25.1