From 99ea4f02bca848ed6304279cc40ebdc4a8b806d3 Mon Sep 17 00:00:00 2001 From: Pauli Date: Wed, 22 Apr 2020 14:20:11 +1000 Subject: [PATCH] evp: convert existing code to use the new modified sentinel for params. Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/11601) --- crypto/evp/evp_lib.c | 6 ++++-- crypto/evp/p_lib.c | 47 ++++++++++---------------------------------- 2 files changed, 14 insertions(+), 39 deletions(-) diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index d2890d3a26..d5f758fb4f 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -76,13 +76,15 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) goto err; /* ... but, we should get a return size too! */ - if (params[0].return_size != 0 + if (OSSL_PARAM_modified(params) + && params[0].return_size != 0 && (der = OPENSSL_malloc(params[0].return_size)) != NULL) { params[0].data = der; params[0].data_size = params[0].return_size; - params[0].return_size = 0; + OSSL_PARAM_set_all_unmodified(params); derp = der; if (EVP_CIPHER_CTX_get_params(c, params) + && OSSL_PARAM_modified(params) && d2i_ASN1_TYPE(&type, (const unsigned char **)&derp, params[0].return_size) != NULL) { ret = 1; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index fcf369ad5d..0b75777a09 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1617,23 +1617,11 @@ const OSSL_PARAM *EVP_PKEY_gettable_params(EVP_PKEY *pkey) return evp_keymgmt_gettable_params(pkey->keymgmt); } -/* - * For the following methods param->return_size is set to a value - * larger than can be returned by the call to evp_keymgmt_get_params(). - * If it is still this value then the parameter was ignored - and in this - * case it returns an error.. - */ - int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn) { int ret = 0; OSSL_PARAM params[2]; unsigned char buffer[2048]; - /* - * Use -1 as the terminator here instead of sizeof(buffer) + 1 since - * -1 is less likely to be a valid value. - */ - const size_t not_set = (size_t)-1; unsigned char *buf = NULL; size_t buf_sz = 0; @@ -1646,12 +1634,9 @@ int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn) memset(buffer, 0, sizeof(buffer)); params[0] = OSSL_PARAM_construct_BN(key_name, buffer, sizeof(buffer)); - /* If the return_size is still not_set then we know it was not found */ - params[0].return_size = not_set; params[1] = OSSL_PARAM_construct_end(); if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) { - if (params[0].return_size == not_set - || params[0].return_size == 0) + if (!OSSL_PARAM_modified(params) || params[0].return_size == 0) return 0; buf_sz = params[0].return_size; /* @@ -1668,7 +1653,7 @@ int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn) goto err; } /* Fail if the param was not found */ - if (params[0].return_size == not_set) + if (!OSSL_PARAM_modified(params)) goto err; ret = OSSL_PARAM_get_BN(params, bn); err: @@ -1681,7 +1666,6 @@ int EVP_PKEY_get_octet_string_param(EVP_PKEY *pkey, const char *key_name, size_t *out_sz) { OSSL_PARAM params[2]; - const size_t not_set = max_buf_sz + 1; if (pkey == NULL || pkey->keymgmt == NULL @@ -1690,11 +1674,9 @@ int EVP_PKEY_get_octet_string_param(EVP_PKEY *pkey, const char *key_name, return 0; params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, max_buf_sz); - params[0].return_size = not_set; params[1] = OSSL_PARAM_construct_end(); - if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) - return 0; - if (params[0].return_size == not_set) + if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params) + || !OSSL_PARAM_modified(params)) return 0; if (out_sz != NULL) *out_sz = params[0].return_size; @@ -1706,7 +1688,6 @@ int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name, size_t *out_sz) { OSSL_PARAM params[2]; - const size_t not_set = max_buf_sz + 1; if (pkey == NULL || pkey->keymgmt == NULL @@ -1715,11 +1696,9 @@ int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name, return 0; params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, max_buf_sz); - params[0].return_size = not_set; params[1] = OSSL_PARAM_construct_end(); - if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) - return 0; - if (params[0].return_size == not_set) + if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params) + || !OSSL_PARAM_modified(params)) return 0; if (out_sz != NULL) *out_sz = params[0].return_size; @@ -1729,7 +1708,6 @@ int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name, int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out) { OSSL_PARAM params[2]; - const size_t not_set = sizeof(int) + 1; if (pkey == NULL || pkey->keymgmt == NULL @@ -1738,11 +1716,9 @@ int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out) return 0; params[0] = OSSL_PARAM_construct_int(key_name, out); - params[0].return_size = not_set; params[1] = OSSL_PARAM_construct_end(); - if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) - return 0; - if (params[0].return_size == not_set) + if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params) + || !OSSL_PARAM_modified(params)) return 0; return 1; } @@ -1750,7 +1726,6 @@ int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out) int EVP_PKEY_get_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t *out) { OSSL_PARAM params[2]; - const size_t not_set = sizeof(size_t) + 1; if (pkey == NULL || pkey->keymgmt == NULL @@ -1759,11 +1734,9 @@ int EVP_PKEY_get_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t *out) return 0; params[0] = OSSL_PARAM_construct_size_t(key_name, out); - params[0].return_size = not_set; params[1] = OSSL_PARAM_construct_end(); - if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) - return 0; - if (params[0].return_size == not_set) + if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params) + || !OSSL_PARAM_modified(params)) return 0; return 1; } -- 2.25.1