From 6d4e6009d27712a405e1e3a4c33fb8a8566f134a Mon Sep 17 00:00:00 2001 From: Pauli Date: Thu, 26 Mar 2020 09:28:01 +1000 Subject: [PATCH] Param build: make structures opaque. Since this is public, it is best to make the underlying structure opaque. This means converting from stack allocation to dynamic allocation for all usages. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/11390) --- crypto/dh/dh_ameth.c | 35 ++++++----- crypto/dsa/dsa_ameth.c | 32 +++++----- crypto/ec/ec_ameth.c | 19 +++--- crypto/ec/ecx_meth.c | 14 +++-- crypto/param_build.c | 52 +++++++++++++++- crypto/rsa/rsa_ameth.c | 31 ++++------ crypto/rsa/rsa_lib.c | 14 +++-- doc/man3/OSSL_PARAM_BLD_new.pod | 39 +++++------- include/openssl/param_build.h | 33 +--------- include/openssl/types.h | 1 + providers/fips/fipsprov.c | 60 ++++++++++--------- providers/implementations/keymgmt/dh_kmgmt.c | 17 ++++-- providers/implementations/keymgmt/dsa_kmgmt.c | 18 +++--- providers/implementations/keymgmt/ec_kmgmt.c | 20 ++++--- providers/implementations/keymgmt/ecx_kmgmt.c | 20 ++++--- providers/implementations/keymgmt/rsa_kmgmt.c | 15 +++-- test/evp_pkey_provided_test.c | 17 +++--- test/param_build_test.c | 50 ++++++++-------- util/libcrypto.num | 5 +- 19 files changed, 269 insertions(+), 223 deletions(-) diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 505211054f..86e78aaf6c 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -494,13 +494,13 @@ static int dh_pkey_export_to(const EVP_PKEY *from, void *to_keydata, EVP_KEYMGMT *to_keymgmt) { DH *dh = from->pkey.dh; - OSSL_PARAM_BLD tmpl; + OSSL_PARAM_BLD *tmpl; const BIGNUM *p = DH_get0_p(dh), *g = DH_get0_g(dh), *q = DH_get0_q(dh); const BIGNUM *pub_key = DH_get0_pub_key(dh); const BIGNUM *priv_key = DH_get0_priv_key(dh); - OSSL_PARAM *params; + OSSL_PARAM *params = NULL; int selection = 0; - int rv; + int rv = 0; /* * If the DH method is foreign, then we can't be sure of anything, and @@ -512,35 +512,38 @@ static int dh_pkey_export_to(const EVP_PKEY *from, void *to_keydata, if (p == NULL || g == NULL) return 0; - OSSL_PARAM_BLD_init(&tmpl); - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_P, p) - || !OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_G, g)) + tmpl = OSSL_PARAM_BLD_new(); + if (tmpl == NULL) return 0; + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, p) + || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_G, g)) + goto err; if (q != NULL) { - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_Q, q)) - return 0; + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_Q, q)) + goto err; } selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; if (pub_key != NULL) { - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_PUB_KEY, pub_key)) - return 0; + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PUB_KEY, pub_key)) + goto err; selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY; } if (priv_key != NULL) { - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_PRIV_KEY, + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PRIV_KEY, priv_key)) - return 0; + goto err; selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY; } - if ((params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL) - return 0; + if ((params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) + goto err; /* We export, the provider imports */ rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params); - OSSL_PARAM_BLD_free(params); - + OSSL_PARAM_BLD_free_params(params); +err: + OSSL_PARAM_BLD_free(tmpl); return rv; } diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 1de5a2da9b..cc72189cdb 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -523,13 +523,13 @@ static int dsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, EVP_KEYMGMT *to_keymgmt) { DSA *dsa = from->pkey.dsa; - OSSL_PARAM_BLD tmpl; + OSSL_PARAM_BLD *tmpl; const BIGNUM *p = DSA_get0_p(dsa), *g = DSA_get0_g(dsa); const BIGNUM *q = DSA_get0_q(dsa), *pub_key = DSA_get0_pub_key(dsa); const BIGNUM *priv_key = DSA_get0_priv_key(dsa); OSSL_PARAM *params; int selection = 0; - int rv; + int rv = 0; /* * If the DSA method is foreign, then we can't be sure of anything, and @@ -541,33 +541,37 @@ static int dsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, if (p == NULL || q == NULL || g == NULL) return 0; - OSSL_PARAM_BLD_init(&tmpl); - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_P, p) - || !OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_Q, q) - || !OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_G, g)) + tmpl = OSSL_PARAM_BLD_new(); + if (tmpl == NULL) return 0; + + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, p) + || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_Q, q) + || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_G, g)) + goto err; selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; if (pub_key != NULL) { - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_PUB_KEY, + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PUB_KEY, pub_key)) - return 0; + goto err; selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY; } if (priv_key != NULL) { - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_PRIV_KEY, + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PRIV_KEY, priv_key)) - return 0; + goto err; selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY; } - if ((params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL) - return 0; + if ((params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) + goto err; /* We export, the provider imports */ rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params); - OSSL_PARAM_BLD_free(params); - + OSSL_PARAM_BLD_free_params(params); +err: + OSSL_PARAM_BLD_free(tmpl); return rv; } diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 85427cf456..65af8cc3c5 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -626,7 +626,7 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata, const EC_GROUP *ecg = NULL; unsigned char *pub_key_buf = NULL; size_t pub_key_buflen; - OSSL_PARAM_BLD tmpl; + OSSL_PARAM_BLD *tmpl; OSSL_PARAM *params = NULL; const BIGNUM *priv_key = NULL; const EC_POINT *pub_point = NULL; @@ -645,10 +645,12 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata, if (EC_KEY_get_method(eckey) != EC_KEY_OpenSSL()) return 0; - OSSL_PARAM_BLD_init(&tmpl); + tmpl = OSSL_PARAM_BLD_new(); + if (tmpl == NULL) + return 0; /* export the domain parameters */ - if (!ecparams_to_params(eckey, &tmpl)) + if (!ecparams_to_params(eckey, tmpl)) goto err; selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; @@ -660,7 +662,7 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata, if ((pub_key_buflen = EC_POINT_point2buf(ecg, pub_point, POINT_CONVERSION_COMPRESSED, &pub_key_buf, NULL)) == 0 - || !OSSL_PARAM_BLD_push_octet_string(&tmpl, + || !OSSL_PARAM_BLD_push_octet_string(tmpl, OSSL_PKEY_PARAM_PUB_KEY, pub_key_buf, pub_key_buflen)) @@ -711,7 +713,7 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata, goto err; sz = (ecbits + 7 ) / 8; - if (!OSSL_PARAM_BLD_push_BN_pad(&tmpl, + if (!OSSL_PARAM_BLD_push_BN_pad(tmpl, OSSL_PKEY_PARAM_PRIV_KEY, priv_key, sz)) goto err; @@ -726,20 +728,21 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata, (EC_KEY_get_flags(eckey) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0; /* Export the ECDH_COFACTOR_MODE parameter */ - if (!OSSL_PARAM_BLD_push_int(&tmpl, + if (!OSSL_PARAM_BLD_push_int(tmpl, OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, ecdh_cofactor_mode)) goto err; selection |= OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS; } - params = OSSL_PARAM_BLD_to_param(&tmpl); + params = OSSL_PARAM_BLD_to_param(tmpl); /* We export, the provider imports */ rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params); err: - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free(tmpl); + OSSL_PARAM_BLD_free_params(params); OPENSSL_free(pub_key_buf); return rv; } diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index 8a48b28f38..c142552b29 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -409,34 +409,36 @@ static int ecx_pkey_export_to(const EVP_PKEY *from, void *to_keydata, EVP_KEYMGMT *to_keymgmt) { const ECX_KEY *key = from->pkey.ecx; - OSSL_PARAM_BLD tmpl; + OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new(); OSSL_PARAM *params = NULL; int selection = 0; int rv = 0; - OSSL_PARAM_BLD_init(&tmpl); + if (tmpl == NULL) + return 0; /* A key must at least have a public part */ - if (!OSSL_PARAM_BLD_push_octet_string(&tmpl, OSSL_PKEY_PARAM_PUB_KEY, + if (!OSSL_PARAM_BLD_push_octet_string(tmpl, OSSL_PKEY_PARAM_PUB_KEY, key->pubkey, key->keylen)) goto err; selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY; if (key->privkey != NULL) { - if (!OSSL_PARAM_BLD_push_octet_string(&tmpl, + if (!OSSL_PARAM_BLD_push_octet_string(tmpl, OSSL_PKEY_PARAM_PRIV_KEY, key->privkey, key->keylen)) goto err; selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY; } - params = OSSL_PARAM_BLD_to_param(&tmpl); + params = OSSL_PARAM_BLD_to_param(tmpl); /* We export, the provider imports */ rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params); err: - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free(tmpl); + OSSL_PARAM_BLD_free_params(params); return rv; } diff --git a/crypto/param_build.c b/crypto/param_build.c index ca4fc4af7e..11986d999b 100644 --- a/crypto/param_build.c +++ b/crypto/param_build.c @@ -12,11 +12,47 @@ #include #include #include +#include #include "internal/cryptlib.h" #include "openssl/param_build.h" +/* + * The number of OSSL_PARAM elements a builder will allow. + */ +#define OSSL_PARAM_BLD_MAX 25 + +/* + * Special internal param type to indicate the end of an allocate OSSL_PARAM + * array. + */ #define OSSL_PARAM_ALLOCATED_END 127 +typedef struct { + const char *key; + int type; + int secure; + size_t size; + size_t alloc_blocks; + const BIGNUM *bn; + const void *string; + union { + /* + * These fields are never directly addressed, but their sizes are + * imporant so that all native types can be copied here without overrun. + */ + ossl_intmax_t i; + ossl_uintmax_t u; + double d; + } num; +} OSSL_PARAM_BLD_DEF; + +struct ossl_param_bld_st { + size_t curr; + size_t total_blocks; + size_t secure_blocks; + OSSL_PARAM_BLD_DEF params[OSSL_PARAM_BLD_MAX]; +}; + typedef union { OSSL_UNION_ALIGN; } OSSL_PARAM_BLD_BLOCK; @@ -66,9 +102,14 @@ static int param_push_num(OSSL_PARAM_BLD *bld, const char *key, return 1; } -void OSSL_PARAM_BLD_init(OSSL_PARAM_BLD *bld) +OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void) { - memset(bld, 0, sizeof(*bld)); + return OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD)); +} + +void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld) +{ + OPENSSL_free(bld); } int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num) @@ -301,12 +342,14 @@ OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld) if (s == NULL) { CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, CRYPTO_R_SECURE_MALLOC_FAILURE); + OPENSSL_free(bld); return NULL; } } params = OPENSSL_malloc(total); if (params == NULL) { CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE); + OPENSSL_free(bld); OPENSSL_secure_free(s); return NULL; } @@ -315,10 +358,13 @@ OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld) last->data_size = ss; last->data = s; last->data_type = OSSL_PARAM_ALLOCATED_END; + + /* Reset for reuse */ + memset(bld, 0, sizeof(*bld)); return params; } -void OSSL_PARAM_BLD_free(OSSL_PARAM *params) +void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params) { if (params != NULL) { OSSL_PARAM *p; diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index ba82f6ccb7..ec8df4a718 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -1084,7 +1084,7 @@ static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, EVP_KEYMGMT *to_keymgmt) { RSA *rsa = from->pkey.rsa; - OSSL_PARAM_BLD tmpl; + OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new(); const BIGNUM *n = RSA_get0_n(rsa), *e = RSA_get0_e(rsa); const BIGNUM *d = RSA_get0_d(rsa); STACK_OF(BIGNUM_const) *primes = NULL, *exps = NULL, *coeffs = NULL; @@ -1093,23 +1093,23 @@ static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, int selection = 0; int rv = 0; + if (tmpl == NULL) + return 0; /* * If the RSA method is foreign, then we can't be sure of anything, and * can therefore not export or pretend to export. */ if (RSA_get_method(rsa) != RSA_PKCS1_OpenSSL()) - return 0; + goto err; /* Public parameters must always be present */ if (n == NULL || e == NULL) goto err; - OSSL_PARAM_BLD_init(&tmpl); - /* |e| and |n| are always present */ - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_E, e)) + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_E, e)) goto err; - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_N, n)) + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_N, n)) goto err; selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY; @@ -1138,20 +1138,14 @@ static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, && (numprimes < 2 || numexps < 2 || numcoeffs < 1)) goto err; - /* assert that an OSSL_PARAM_BLD has enough space. */ - if (!ossl_assert(/* n, e */ 2 + /* d */ 1 + /* numprimes */ 1 - + numprimes + numexps + numcoeffs - <= OSSL_PARAM_BLD_MAX)) - goto err; - - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_D, d)) + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_D, d)) goto err; selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY; for (i = 0; i < numprimes; i++) { const BIGNUM *num = sk_BIGNUM_const_value(primes, i); - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_FACTOR, + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_FACTOR, num)) goto err; } @@ -1159,7 +1153,7 @@ static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, for (i = 0; i < numexps; i++) { const BIGNUM *num = sk_BIGNUM_const_value(exps, i); - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_EXPONENT, + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_EXPONENT, num)) goto err; } @@ -1167,13 +1161,13 @@ static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, for (i = 0; i < numcoeffs; i++) { const BIGNUM *num = sk_BIGNUM_const_value(coeffs, i); - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_COEFFICIENT, + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_COEFFICIENT, num)) goto err; } } - if ((params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL) + if ((params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) goto err; /* We export, the provider imports */ @@ -1183,7 +1177,8 @@ static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, sk_BIGNUM_const_free(primes); sk_BIGNUM_const_free(exps); sk_BIGNUM_const_free(coeffs); - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free_params(params); + OSSL_PARAM_BLD_free(tmpl); return rv; } diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index e65e303735..e9a5b48fbc 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -1296,7 +1296,7 @@ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int bits) int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp) { - OSSL_PARAM_BLD tmpl; + OSSL_PARAM_BLD *tmpl; OSSL_PARAM *params; int ret; @@ -1315,13 +1315,17 @@ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp) return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp); - OSSL_PARAM_BLD_init(&tmpl); - if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_E, pubexp) - || (params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL) + if ((tmpl = OSSL_PARAM_BLD_new()) == NULL) return 0; + if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_E, pubexp) + || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) { + OSSL_PARAM_BLD_free(tmpl); + return 0; + } + OSSL_PARAM_BLD_free(tmpl); ret = EVP_PKEY_CTX_set_params(ctx, params); - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free_params(params); return ret; } diff --git a/doc/man3/OSSL_PARAM_BLD_new.pod b/doc/man3/OSSL_PARAM_BLD_new.pod index 8aeb0aadf0..72b2ff87a3 100644 --- a/doc/man3/OSSL_PARAM_BLD_new.pod +++ b/doc/man3/OSSL_PARAM_BLD_new.pod @@ -19,10 +19,9 @@ OSSL_PARAM_BLD_push_octet_string, OSSL_PARAM_BLD_push_octet_ptr #include "openssl/param_build.h" - #define OSSL_PARAM_BLD_MAX 10 - typedef struct { ... } OSSL_PARAM_BLD; + typedef struct OSSL_PARAM_BLD; - void OSSL_PARAM_BLD_init(OSSL_PARAM_BLD *bld); + OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void); OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld); void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params); void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld); @@ -49,8 +48,8 @@ OSSL_PARAM_BLD_push_octet_string, OSSL_PARAM_BLD_push_octet_ptr A collection of utility functions that simplify the creation of OSSL_PARAM arrays. The B> names are as per L. -OSSL_PARAM_BLD_init() initialises the OSSL_PARAM_BLD structure so that values -can be added. +OSSL_PARAM_BLD_new() allocates and initialises a new OSSL_PARAM_BLD structure +so that values can be added. Any existing values are cleared. OSSL_PARAM_BLD_free() deallocates the memory allocates by OSSL_PARAM_BLD_new(). @@ -117,23 +116,15 @@ scope until the OSSL_PARAM array is freed. =head1 RETURN VALUES +OSSL_PARAM_BLD_new() returns the allocated OSSL_PARAM_BLD structure, or NULL +on error. + OSSL_PARAM_BLD_to_param() returns the allocated OSSL_PARAM array, or NULL on error. All of the OSSL_PARAM_BLD_push_TYPE functions return 1 on success and 0 on error. -=head1 NOTES - -The constant B specifies the maximum number of parameters -that can be added. -Exceeding this will result in the push functions returning errors. -The define used for this will always be at least 10 but otherwise no assumption -should be made about it's specific value. - -The structure B should be considered opaque and subject to -change between versions. - =head1 EXAMPLES Both examples creating an OSSL_PARAM array that contains an RSA key. @@ -149,11 +140,11 @@ For both, the predefined key variables are: This example shows how to create an OSSL_PARAM array that contains an RSA private key. - OSSL_PARAM_BLD bld; + OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new(); OSSL_PARAM *params; - OSSL_PARAM_BLD_init(&bld, &secure); - if (!OSSL_PARAM_BLD_push_BN(&bld, "p", p) + if (bld == NULL + || !OSSL_PARAM_BLD_push_BN(&bld, "p", p) || !OSSL_PARAM_BLD_push_BN(&bld, "q", q) || !OSSL_PARAM_BLD_push_uint(&bld, "e", e) || !OSSL_PARAM_BLD_push_BN(&bld, "n", n) @@ -170,13 +161,13 @@ private key. This example shows how to create an OSSL_PARAM array that contains an RSA public key. - OSSL_PARAM_BLD bld; + OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new(); OSSL_PARAM *params; - OSSL_PARAM_BLD_init(&bld, &secure); - if (!OSSL_PARAM_BLD_push_BN(&bld, "n", n) - || !OSSL_PARAM_BLD_push_BN(&bld, "d", d) - || (params = OSSL_PARAM_BLD_to_param(&bld)) == NULL) + if (nld == NULL + || !OSSL_PARAM_BLD_push_BN(bld, "n", n) + || !OSSL_PARAM_BLD_push_BN(bld, "d", d) + || (params = OSSL_PARAM_BLD_to_param(bld)) == NULL) goto err; OSSL_PARAM_BLD_free(bld); /* Use params */ diff --git a/include/openssl/param_build.h b/include/openssl/param_build.h index 68b58e5768..edccd01758 100644 --- a/include/openssl/param_build.h +++ b/include/openssl/param_build.h @@ -11,37 +11,10 @@ #include #include -#define OSSL_PARAM_BLD_MAX 25 - -typedef struct { - const char *key; - int type; - int secure; - size_t size; - size_t alloc_blocks; - const BIGNUM *bn; - const void *string; - union { - /* - * These fields are never directly addressed, but their sizes are - * imporant so that all native types can be copied here without overrun. - */ - ossl_intmax_t i; - ossl_uintmax_t u; - double d; - } num; -} OSSL_PARAM_BLD_DEF; - -typedef struct { - size_t curr; - size_t total_blocks; - size_t secure_blocks; - OSSL_PARAM_BLD_DEF params[OSSL_PARAM_BLD_MAX]; -} OSSL_PARAM_BLD; - -void OSSL_PARAM_BLD_init(OSSL_PARAM_BLD *bld); +OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void); OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld); -void OSSL_PARAM_BLD_free(OSSL_PARAM *params); +void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld); +void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params); int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int val); int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key, diff --git a/include/openssl/types.h b/include/openssl/types.h index e7078df6d0..6520fbfaf8 100644 --- a/include/openssl/types.h +++ b/include/openssl/types.h @@ -203,6 +203,7 @@ typedef struct ossl_dispatch_st OSSL_DISPATCH; typedef struct ossl_item_st OSSL_ITEM; typedef struct ossl_algorithm_st OSSL_ALGORITHM; typedef struct ossl_param_st OSSL_PARAM; +typedef struct ossl_param_bld_st OSSL_PARAM_BLD; typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata); diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 46642321cd..8fbb618527 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -194,7 +194,7 @@ static int dsa_key_signature_test(OPENSSL_CTX *libctx) BIGNUM *p = NULL, *q = NULL, *g = NULL; BIGNUM *pub = NULL, *priv = NULL; OSSL_PARAM *params = NULL, *params_sig = NULL; - OSSL_PARAM_BLD bld; + OSSL_PARAM_BLD *bld = NULL; EVP_PKEY_CTX *sctx = NULL, *kctx = NULL; EVP_PKEY *pkey = NULL; unsigned char sig[64]; @@ -255,14 +255,15 @@ static int dsa_key_signature_test(OPENSSL_CTX *libctx) || !hextobn(dsa_priv_hex, &priv)) goto err; - OSSL_PARAM_BLD_init(&bld); - if (!OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_P, p) - || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_Q, q) - || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_G, g) - || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PUB_KEY, pub) - || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PRIV_KEY, priv)) + bld = OSSL_PARAM_BLD_new(); + if (bld == NULL + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv)) goto err; - params = OSSL_PARAM_BLD_to_param(&bld); + params = OSSL_PARAM_BLD_to_param(bld); /* Create a EVP_PKEY_CTX to load the DSA key into */ kctx = EVP_PKEY_CTX_new_from_name(libctx, SN_dsa, ""); @@ -279,11 +280,10 @@ static int dsa_key_signature_test(OPENSSL_CTX *libctx) goto err; /* set signature parameters */ - OSSL_PARAM_BLD_init(&bld); - if (!OSSL_PARAM_BLD_push_utf8_string(&bld, OSSL_SIGNATURE_PARAM_DIGEST, + if (!OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_SIGNATURE_PARAM_DIGEST, SN_sha256,strlen(SN_sha256) + 1)) goto err; - params_sig = OSSL_PARAM_BLD_to_param(&bld); + params_sig = OSSL_PARAM_BLD_to_param(bld); if (EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0) goto err; @@ -293,8 +293,9 @@ static int dsa_key_signature_test(OPENSSL_CTX *libctx) goto err; ret = 1; err: - OSSL_PARAM_BLD_free(params); - OSSL_PARAM_BLD_free(params_sig); + OSSL_PARAM_BLD_free_params(params); + OSSL_PARAM_BLD_free_params(params_sig); + OSSL_PARAM_BLD_free(bld); BN_free(p); BN_free(q); BN_free(g); @@ -320,7 +321,7 @@ static int dh_key_exchange_test(OPENSSL_CTX *libctx) OSSL_PARAM *params_peer = NULL; unsigned char secret[256]; size_t secret_len, kat_secret_len = 0; - OSSL_PARAM_BLD bld; + OSSL_PARAM_BLD *bld = NULL; /* DH KAT */ static const char *dh_p_hex[] = { @@ -404,23 +405,23 @@ static int dh_key_exchange_test(OPENSSL_CTX *libctx) || !hextobin(dh_secret_exptd_hex, &kat_secret, &kat_secret_len)) goto err; - OSSL_PARAM_BLD_init(&bld); - if (!OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_P, p) - || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_Q, q) - || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_G, g) - || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PUB_KEY, pub) - || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PRIV_KEY, priv)) + bld = OSSL_PARAM_BLD_new(); + if (bld == NULL + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv)) goto err; - params = OSSL_PARAM_BLD_to_param(&bld); + params = OSSL_PARAM_BLD_to_param(bld); - OSSL_PARAM_BLD_init(&bld); - if (!OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_P, p) - || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_Q, q) - || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_G, g) - || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PUB_KEY, pub_peer)) + if (!OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g) + || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub_peer)) goto err; - params_peer = OSSL_PARAM_BLD_to_param(&bld); + params_peer = OSSL_PARAM_BLD_to_param(bld); if (params == NULL || params_peer == NULL) goto err; @@ -450,8 +451,9 @@ static int dh_key_exchange_test(OPENSSL_CTX *libctx) goto err; ret = 1; err: - OSSL_PARAM_BLD_free(params_peer); - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free(bld); + OSSL_PARAM_BLD_free_params(params_peer); + OSSL_PARAM_BLD_free_params(params); BN_free(p); BN_free(q); BN_free(g); diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index bb316e4ddc..6514d8f066 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -148,26 +148,31 @@ static int dh_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, void *cbarg) { DH *dh = keydata; - OSSL_PARAM_BLD tmpl; + OSSL_PARAM_BLD *tmpl; OSSL_PARAM *params = NULL; int ok = 1; if (dh == NULL) return 0; - OSSL_PARAM_BLD_init(&tmpl); + tmpl = OSSL_PARAM_BLD_new(); + if (tmpl == NULL) + return 0; if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) - ok = ok && domparams_to_params(dh, &tmpl); + ok = ok && domparams_to_params(dh, tmpl); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) - ok = ok && key_to_params(dh, &tmpl); + ok = ok && key_to_params(dh, tmpl); if (!ok - || (params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL) + || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) { + OSSL_PARAM_BLD_free(tmpl); return 0; + } + OSSL_PARAM_BLD_free(tmpl); ok = param_cb(params, cbarg); - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free_params(params); return ok; } diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index 40995eb4a8..78edcaa9d4 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -153,26 +153,26 @@ static int dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, void *cbarg) { DSA *dsa = keydata; - OSSL_PARAM_BLD tmpl; + OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new(); OSSL_PARAM *params = NULL; int ok = 1; if (dsa == NULL) - return 0; - - OSSL_PARAM_BLD_init(&tmpl); + goto err;; if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) - ok = ok && domparams_to_params(dsa, &tmpl); + ok = ok && domparams_to_params(dsa, tmpl); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) - ok = ok && key_to_params(dsa, &tmpl); + ok = ok && key_to_params(dsa, tmpl); if (!ok - || (params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL) - return 0; + || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) + goto err;; ok = param_cb(params, cbarg); - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free_params(params); +err: + OSSL_PARAM_BLD_free(tmpl); return ok; } diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index ed0470c630..82ef3d3a67 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -312,7 +312,7 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, void *cbarg) { EC_KEY *ec = keydata; - OSSL_PARAM_BLD tmpl; + OSSL_PARAM_BLD *tmpl; OSSL_PARAM *params = NULL; int ok = 1; @@ -341,25 +341,29 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, && (selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0) return 0; - OSSL_PARAM_BLD_init(&tmpl); + tmpl = OSSL_PARAM_BLD_new(); + if (tmpl == NULL) + return 0; if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) - ok = ok && domparams_to_params(ec, &tmpl); + ok = ok && domparams_to_params(ec, tmpl); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { int include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; - ok = ok && key_to_params(ec, &tmpl, include_private); + ok = ok && key_to_params(ec, tmpl, include_private); } if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) - ok = ok && otherparams_to_params(ec, &tmpl); + ok = ok && otherparams_to_params(ec, tmpl); if (!ok - || (params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL) - return 0; + || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) + goto err; ok = param_cb(params, cbarg); - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free_params(params); +err: + OSSL_PARAM_BLD_free(tmpl); return ok; } diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c index 8d82f6bf57..be11f0b85e 100644 --- a/providers/implementations/keymgmt/ecx_kmgmt.c +++ b/providers/implementations/keymgmt/ecx_kmgmt.c @@ -111,26 +111,30 @@ static int ecx_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, void *cbarg) { ECX_KEY *key = keydata; - OSSL_PARAM_BLD tmpl; + OSSL_PARAM_BLD *tmpl; OSSL_PARAM *params = NULL; int ret; if (key == NULL) return 0; - if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0 - && !key_to_params(key, &tmpl)) + tmpl = OSSL_PARAM_BLD_new(); + if (tmpl == NULL) return 0; - OSSL_PARAM_BLD_init(&tmpl); - params = OSSL_PARAM_BLD_to_param(&tmpl); - if (params == NULL) { - OSSL_PARAM_BLD_free(params); + if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0 + && !key_to_params(key, tmpl)) { + OSSL_PARAM_BLD_free(tmpl); return 0; } + params = OSSL_PARAM_BLD_to_param(tmpl); + OSSL_PARAM_BLD_free(tmpl); + if (params == NULL) + return 0; + ret = param_cb(params, cbarg); - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free_params(params); return ret; } diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index d7331c84b0..50647eb6f5 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -175,7 +175,7 @@ static int rsa_export(void *keydata, int selection, OSSL_CALLBACK *param_callback, void *cbarg) { RSA *rsa = keydata; - OSSL_PARAM_BLD tmpl; + OSSL_PARAM_BLD *tmpl; OSSL_PARAM *params = NULL; int ok = 1; @@ -184,17 +184,22 @@ static int rsa_export(void *keydata, int selection, /* TODO(3.0) PSS and OAEP should bring on parameters */ - OSSL_PARAM_BLD_init(&tmpl); + tmpl = OSSL_PARAM_BLD_new(); + if (tmpl == NULL) + return 0; if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) - ok = ok && key_to_params(rsa, &tmpl); + ok = ok && key_to_params(rsa, tmpl); if (!ok - || (params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL) + || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) { + OSSL_PARAM_BLD_free(tmpl); return 0; + } + OSSL_PARAM_BLD_free(tmpl); ok = param_callback(params, cbarg); - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free_params(params); return ok; } diff --git a/test/evp_pkey_provided_test.c b/test/evp_pkey_provided_test.c index 5e77a3186a..6ba61c3cda 100644 --- a/test/evp_pkey_provided_test.c +++ b/test/evp_pkey_provided_test.c @@ -596,7 +596,7 @@ static int test_fromdata_ec(void) int ret = 0; EVP_PKEY_CTX *ctx = NULL; EVP_PKEY *pk = NULL, *copy_pk = NULL; - OSSL_PARAM_BLD bld; + OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new(); BIGNUM *ec_priv_bn = NULL; OSSL_PARAM *fromdata_params = NULL; const char *alg = "EC"; @@ -618,22 +618,22 @@ static int test_fromdata_ec(void) 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad }; - OSSL_PARAM_BLD_init(&bld); - + if (!TEST_ptr(bld)) + goto err; if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata, sizeof(ec_priv_keydata), NULL))) goto err; - if (OSSL_PARAM_BLD_push_utf8_string(&bld, OSSL_PKEY_PARAM_EC_NAME, + if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_EC_NAME, "prime256v1", 0) <= 0) goto err; - if (OSSL_PARAM_BLD_push_octet_string(&bld, OSSL_PKEY_PARAM_PUB_KEY, + if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY, ec_pub_keydata, sizeof(ec_pub_keydata)) <= 0) goto err; - if (OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0) + if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0) goto err; - if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(&bld))) + if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))) goto err; ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL); if (!TEST_ptr(ctx)) @@ -654,7 +654,8 @@ static int test_fromdata_ec(void) && test_print_key_using_serializer(alg, pk); err: BN_free(ec_priv_bn); - OSSL_PARAM_BLD_free(fromdata_params); + OSSL_PARAM_BLD_free_params(fromdata_params); + OSSL_PARAM_BLD_free(bld); EVP_PKEY_free(pk); EVP_PKEY_free(copy_pk); EVP_PKEY_CTX_free(ctx); diff --git a/test/param_build_test.c b/test/param_build_test.c index cbb4456bd7..9b20e33360 100644 --- a/test/param_build_test.c +++ b/test/param_build_test.c @@ -16,7 +16,7 @@ static int template_public_test(void) { - OSSL_PARAM_BLD bld; + OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new(); OSSL_PARAM *params = NULL, *p; BIGNUM *bn = NULL, *bn_res = NULL; int i; @@ -28,20 +28,20 @@ static int template_public_test(void) const char *cutf; int res = 0; - OSSL_PARAM_BLD_init(&bld); - if (!TEST_true(OSSL_PARAM_BLD_push_int(&bld, "i", -6)) - || !TEST_true(OSSL_PARAM_BLD_push_long(&bld, "l", 42)) - || !TEST_true(OSSL_PARAM_BLD_push_int32(&bld, "i32", 1532)) - || !TEST_true(OSSL_PARAM_BLD_push_int64(&bld, "i64", -9999999)) - || !TEST_true(OSSL_PARAM_BLD_push_double(&bld, "d", 1.61803398875)) + if (!TEST_ptr(bld) + || !TEST_true(OSSL_PARAM_BLD_push_int(bld, "i", -6)) + || !TEST_true(OSSL_PARAM_BLD_push_long(bld, "l", 42)) + || !TEST_true(OSSL_PARAM_BLD_push_int32(bld, "i32", 1532)) + || !TEST_true(OSSL_PARAM_BLD_push_int64(bld, "i64", -9999999)) + || !TEST_true(OSSL_PARAM_BLD_push_double(bld, "d", 1.61803398875)) || !TEST_ptr(bn = BN_new()) || !TEST_true(BN_set_word(bn, 1729)) - || !TEST_true(OSSL_PARAM_BLD_push_BN(&bld, "bignumber", bn)) - || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(&bld, "utf8_s", "foo", + || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, "bignumber", bn)) + || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, "utf8_s", "foo", sizeof("foo"))) - || !TEST_true(OSSL_PARAM_BLD_push_utf8_ptr(&bld, "utf8_p", "bar-boom", + || !TEST_true(OSSL_PARAM_BLD_push_utf8_ptr(bld, "utf8_p", "bar-boom", 0)) - || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(&bld)) + || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) /* Check int */ || !TEST_ptr(p = OSSL_PARAM_locate(params, "i")) || !TEST_true(OSSL_PARAM_get_int(p, &i)) @@ -95,7 +95,8 @@ static int template_public_test(void) goto err; res = 1; err: - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free_params(params); + OSSL_PARAM_BLD_free(bld); OPENSSL_free(utf); BN_free(bn); BN_free(bn_res); @@ -106,7 +107,7 @@ static int template_private_test(void) { static int data1[] = { 2, 3, 5, 7, 11, 15, 17 }; static unsigned char data2[] = { 2, 4, 6, 8, 10 }; - OSSL_PARAM_BLD bld; + OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new(); OSSL_PARAM *params = NULL, *p; unsigned int i; unsigned long int l; @@ -116,20 +117,20 @@ static int template_private_test(void) BIGNUM *bn = NULL, *bn_res = NULL; int res = 0; - OSSL_PARAM_BLD_init(&bld); - if (!TEST_true(OSSL_PARAM_BLD_push_uint(&bld, "i", 6)) - || !TEST_true(OSSL_PARAM_BLD_push_ulong(&bld, "l", 42)) - || !TEST_true(OSSL_PARAM_BLD_push_uint32(&bld, "i32", 1532)) - || !TEST_true(OSSL_PARAM_BLD_push_uint64(&bld, "i64", 9999999)) - || !TEST_true(OSSL_PARAM_BLD_push_size_t(&bld, "st", 65537)) + if (!TEST_ptr(bld) + || !TEST_true(OSSL_PARAM_BLD_push_uint(bld, "i", 6)) + || !TEST_true(OSSL_PARAM_BLD_push_ulong(bld, "l", 42)) + || !TEST_true(OSSL_PARAM_BLD_push_uint32(bld, "i32", 1532)) + || !TEST_true(OSSL_PARAM_BLD_push_uint64(bld, "i64", 9999999)) + || !TEST_true(OSSL_PARAM_BLD_push_size_t(bld, "st", 65537)) || !TEST_ptr(bn = BN_secure_new()) || !TEST_true(BN_set_word(bn, 1729)) - || !TEST_true(OSSL_PARAM_BLD_push_BN(&bld, "bignumber", bn)) - || !TEST_true(OSSL_PARAM_BLD_push_octet_string(&bld, "oct_s", data1, + || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, "bignumber", bn)) + || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, "oct_s", data1, sizeof(data1))) - || !TEST_true(OSSL_PARAM_BLD_push_octet_ptr(&bld, "oct_p", data2, + || !TEST_true(OSSL_PARAM_BLD_push_octet_ptr(bld, "oct_p", data2, sizeof(data2))) - || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(&bld)) + || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) /* Check unsigned int */ || !TEST_ptr(p = OSSL_PARAM_locate(params, "i")) || !TEST_true(OSSL_PARAM_get_uint(p, &i)) @@ -184,7 +185,8 @@ static int template_private_test(void) goto err; res = 1; err: - OSSL_PARAM_BLD_free(params); + OSSL_PARAM_BLD_free_params(params); + OSSL_PARAM_BLD_free(bld); BN_free(bn); BN_free(bn_res); return res; diff --git a/util/libcrypto.num b/util/libcrypto.num index 1f8be71fc0..fe6d69c2c5 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5000,9 +5000,8 @@ EVP_PKEY_CTX_set_rsa_keygen_primes ? 3_0_0 EXIST::FUNCTION:RSA NCONF_new_with_libctx ? 3_0_0 EXIST::FUNCTION: CONF_modules_load_file_with_libctx ? 3_0_0 EXIST::FUNCTION: OPENSSL_CTX_load_config ? 3_0_0 EXIST::FUNCTION: -OSSL_PARAM_BLD_init ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_to_param ? 3_0_0 EXIST::FUNCTION: -OSSL_PARAM_BLD_free ? 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_BLD_free_params ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_push_int ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_push_uint ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_push_long ? 3_0_0 EXIST::FUNCTION: @@ -5019,6 +5018,8 @@ OSSL_PARAM_BLD_push_utf8_string ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_push_utf8_ptr ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_push_octet_string ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_push_octet_ptr ? 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_BLD_new ? 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_BLD_free ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_set_type_by_keymgmt ? 3_0_0 EXIST::FUNCTION: OCSP_RESPID_set_by_key_ex ? 3_0_0 EXIST::FUNCTION:OCSP OCSP_RESPID_match_ex ? 3_0_0 EXIST::FUNCTION:OCSP -- 2.25.1