Since this is public, it is best to make the underlying structure opaque.
This means converting from stack allocation to dynamic allocation for all
usages.
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11390)
EVP_KEYMGMT *to_keymgmt)
{
DH *dh = from->pkey.dh;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl;
const BIGNUM *p = DH_get0_p(dh), *g = DH_get0_g(dh), *q = DH_get0_q(dh);
const BIGNUM *pub_key = DH_get0_pub_key(dh);
const BIGNUM *priv_key = DH_get0_priv_key(dh);
- OSSL_PARAM *params;
+ OSSL_PARAM *params = NULL;
int selection = 0;
- int rv;
+ int rv = 0;
/*
* If the DH method is foreign, then we can't be sure of anything, and
if (p == NULL || g == NULL)
return 0;
- OSSL_PARAM_BLD_init(&tmpl);
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_P, p)
- || !OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_G, g))
+ tmpl = OSSL_PARAM_BLD_new();
+ if (tmpl == NULL)
return 0;
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, p)
+ || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_G, g))
+ goto err;
if (q != NULL) {
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_Q, q))
- return 0;
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_Q, q))
+ goto err;
}
selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
if (pub_key != NULL) {
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_PUB_KEY, pub_key))
- return 0;
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PUB_KEY, pub_key))
+ goto err;
selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
}
if (priv_key != NULL) {
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_PRIV_KEY,
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PRIV_KEY,
priv_key))
- return 0;
+ goto err;
selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY;
}
- if ((params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL)
- return 0;
+ if ((params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)
+ goto err;
/* We export, the provider imports */
rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
- OSSL_PARAM_BLD_free(params);
-
+ OSSL_PARAM_BLD_free_params(params);
+err:
+ OSSL_PARAM_BLD_free(tmpl);
return rv;
}
EVP_KEYMGMT *to_keymgmt)
{
DSA *dsa = from->pkey.dsa;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl;
const BIGNUM *p = DSA_get0_p(dsa), *g = DSA_get0_g(dsa);
const BIGNUM *q = DSA_get0_q(dsa), *pub_key = DSA_get0_pub_key(dsa);
const BIGNUM *priv_key = DSA_get0_priv_key(dsa);
OSSL_PARAM *params;
int selection = 0;
- int rv;
+ int rv = 0;
/*
* If the DSA method is foreign, then we can't be sure of anything, and
if (p == NULL || q == NULL || g == NULL)
return 0;
- OSSL_PARAM_BLD_init(&tmpl);
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_P, p)
- || !OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_Q, q)
- || !OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_FFC_G, g))
+ tmpl = OSSL_PARAM_BLD_new();
+ if (tmpl == NULL)
return 0;
+
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, p)
+ || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_Q, q)
+ || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_G, g))
+ goto err;
selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
if (pub_key != NULL) {
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_PUB_KEY,
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PUB_KEY,
pub_key))
- return 0;
+ goto err;
selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
}
if (priv_key != NULL) {
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_PRIV_KEY,
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PRIV_KEY,
priv_key))
- return 0;
+ goto err;
selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY;
}
- if ((params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL)
- return 0;
+ if ((params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)
+ goto err;
/* We export, the provider imports */
rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
- OSSL_PARAM_BLD_free(params);
-
+ OSSL_PARAM_BLD_free_params(params);
+err:
+ OSSL_PARAM_BLD_free(tmpl);
return rv;
}
const EC_GROUP *ecg = NULL;
unsigned char *pub_key_buf = NULL;
size_t pub_key_buflen;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl;
OSSL_PARAM *params = NULL;
const BIGNUM *priv_key = NULL;
const EC_POINT *pub_point = NULL;
if (EC_KEY_get_method(eckey) != EC_KEY_OpenSSL())
return 0;
- OSSL_PARAM_BLD_init(&tmpl);
+ tmpl = OSSL_PARAM_BLD_new();
+ if (tmpl == NULL)
+ return 0;
/* export the domain parameters */
- if (!ecparams_to_params(eckey, &tmpl))
+ if (!ecparams_to_params(eckey, tmpl))
goto err;
selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
if ((pub_key_buflen = EC_POINT_point2buf(ecg, pub_point,
POINT_CONVERSION_COMPRESSED,
&pub_key_buf, NULL)) == 0
- || !OSSL_PARAM_BLD_push_octet_string(&tmpl,
+ || !OSSL_PARAM_BLD_push_octet_string(tmpl,
OSSL_PKEY_PARAM_PUB_KEY,
pub_key_buf,
pub_key_buflen))
goto err;
sz = (ecbits + 7 ) / 8;
- if (!OSSL_PARAM_BLD_push_BN_pad(&tmpl,
+ if (!OSSL_PARAM_BLD_push_BN_pad(tmpl,
OSSL_PKEY_PARAM_PRIV_KEY,
priv_key, sz))
goto err;
(EC_KEY_get_flags(eckey) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0;
/* Export the ECDH_COFACTOR_MODE parameter */
- if (!OSSL_PARAM_BLD_push_int(&tmpl,
+ if (!OSSL_PARAM_BLD_push_int(tmpl,
OSSL_PKEY_PARAM_USE_COFACTOR_ECDH,
ecdh_cofactor_mode))
goto err;
selection |= OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS;
}
- params = OSSL_PARAM_BLD_to_param(&tmpl);
+ params = OSSL_PARAM_BLD_to_param(tmpl);
/* We export, the provider imports */
rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
err:
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free(tmpl);
+ OSSL_PARAM_BLD_free_params(params);
OPENSSL_free(pub_key_buf);
return rv;
}
EVP_KEYMGMT *to_keymgmt)
{
const ECX_KEY *key = from->pkey.ecx;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new();
OSSL_PARAM *params = NULL;
int selection = 0;
int rv = 0;
- OSSL_PARAM_BLD_init(&tmpl);
+ if (tmpl == NULL)
+ return 0;
/* A key must at least have a public part */
- if (!OSSL_PARAM_BLD_push_octet_string(&tmpl, OSSL_PKEY_PARAM_PUB_KEY,
+ if (!OSSL_PARAM_BLD_push_octet_string(tmpl, OSSL_PKEY_PARAM_PUB_KEY,
key->pubkey, key->keylen))
goto err;
selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
if (key->privkey != NULL) {
- if (!OSSL_PARAM_BLD_push_octet_string(&tmpl,
+ if (!OSSL_PARAM_BLD_push_octet_string(tmpl,
OSSL_PKEY_PARAM_PRIV_KEY,
key->privkey, key->keylen))
goto err;
selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY;
}
- params = OSSL_PARAM_BLD_to_param(&tmpl);
+ params = OSSL_PARAM_BLD_to_param(tmpl);
/* We export, the provider imports */
rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
err:
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free(tmpl);
+ OSSL_PARAM_BLD_free_params(params);
return rv;
}
#include <openssl/err.h>
#include <openssl/cryptoerr.h>
#include <openssl/params.h>
+#include <openssl/types.h>
#include "internal/cryptlib.h"
#include "openssl/param_build.h"
+/*
+ * The number of OSSL_PARAM elements a builder will allow.
+ */
+#define OSSL_PARAM_BLD_MAX 25
+
+/*
+ * Special internal param type to indicate the end of an allocate OSSL_PARAM
+ * array.
+ */
#define OSSL_PARAM_ALLOCATED_END 127
+typedef struct {
+ const char *key;
+ int type;
+ int secure;
+ size_t size;
+ size_t alloc_blocks;
+ const BIGNUM *bn;
+ const void *string;
+ union {
+ /*
+ * These fields are never directly addressed, but their sizes are
+ * imporant so that all native types can be copied here without overrun.
+ */
+ ossl_intmax_t i;
+ ossl_uintmax_t u;
+ double d;
+ } num;
+} OSSL_PARAM_BLD_DEF;
+
+struct ossl_param_bld_st {
+ size_t curr;
+ size_t total_blocks;
+ size_t secure_blocks;
+ OSSL_PARAM_BLD_DEF params[OSSL_PARAM_BLD_MAX];
+};
+
typedef union {
OSSL_UNION_ALIGN;
} OSSL_PARAM_BLD_BLOCK;
return 1;
}
-void OSSL_PARAM_BLD_init(OSSL_PARAM_BLD *bld)
+OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void)
{
- memset(bld, 0, sizeof(*bld));
+ return OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD));
+}
+
+void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld)
+{
+ OPENSSL_free(bld);
}
int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
if (s == NULL) {
CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM,
CRYPTO_R_SECURE_MALLOC_FAILURE);
+ OPENSSL_free(bld);
return NULL;
}
}
params = OPENSSL_malloc(total);
if (params == NULL) {
CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(bld);
OPENSSL_secure_free(s);
return NULL;
}
last->data_size = ss;
last->data = s;
last->data_type = OSSL_PARAM_ALLOCATED_END;
+
+ /* Reset for reuse */
+ memset(bld, 0, sizeof(*bld));
return params;
}
-void OSSL_PARAM_BLD_free(OSSL_PARAM *params)
+void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params)
{
if (params != NULL) {
OSSL_PARAM *p;
EVP_KEYMGMT *to_keymgmt)
{
RSA *rsa = from->pkey.rsa;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new();
const BIGNUM *n = RSA_get0_n(rsa), *e = RSA_get0_e(rsa);
const BIGNUM *d = RSA_get0_d(rsa);
STACK_OF(BIGNUM_const) *primes = NULL, *exps = NULL, *coeffs = NULL;
int selection = 0;
int rv = 0;
+ if (tmpl == NULL)
+ return 0;
/*
* If the RSA method is foreign, then we can't be sure of anything, and
* can therefore not export or pretend to export.
*/
if (RSA_get_method(rsa) != RSA_PKCS1_OpenSSL())
- return 0;
+ goto err;
/* Public parameters must always be present */
if (n == NULL || e == NULL)
goto err;
- OSSL_PARAM_BLD_init(&tmpl);
-
/* |e| and |n| are always present */
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_E, e))
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_E, e))
goto err;
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_N, n))
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_N, n))
goto err;
selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
&& (numprimes < 2 || numexps < 2 || numcoeffs < 1))
goto err;
- /* assert that an OSSL_PARAM_BLD has enough space. */
- if (!ossl_assert(/* n, e */ 2 + /* d */ 1 + /* numprimes */ 1
- + numprimes + numexps + numcoeffs
- <= OSSL_PARAM_BLD_MAX))
- goto err;
-
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_D, d))
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_D, d))
goto err;
selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY;
for (i = 0; i < numprimes; i++) {
const BIGNUM *num = sk_BIGNUM_const_value(primes, i);
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_FACTOR,
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_FACTOR,
num))
goto err;
}
for (i = 0; i < numexps; i++) {
const BIGNUM *num = sk_BIGNUM_const_value(exps, i);
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_EXPONENT,
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_EXPONENT,
num))
goto err;
}
for (i = 0; i < numcoeffs; i++) {
const BIGNUM *num = sk_BIGNUM_const_value(coeffs, i);
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_COEFFICIENT,
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_COEFFICIENT,
num))
goto err;
}
}
- if ((params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL)
+ if ((params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)
goto err;
/* We export, the provider imports */
sk_BIGNUM_const_free(primes);
sk_BIGNUM_const_free(exps);
sk_BIGNUM_const_free(coeffs);
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free_params(params);
+ OSSL_PARAM_BLD_free(tmpl);
return rv;
}
int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp)
{
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl;
OSSL_PARAM *params;
int ret;
return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN,
EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp);
- OSSL_PARAM_BLD_init(&tmpl);
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_E, pubexp)
- || (params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL)
+ if ((tmpl = OSSL_PARAM_BLD_new()) == NULL)
return 0;
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_E, pubexp)
+ || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) {
+ OSSL_PARAM_BLD_free(tmpl);
+ return 0;
+ }
+ OSSL_PARAM_BLD_free(tmpl);
ret = EVP_PKEY_CTX_set_params(ctx, params);
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free_params(params);
return ret;
}
#include "openssl/param_build.h"
- #define OSSL_PARAM_BLD_MAX 10
- typedef struct { ... } OSSL_PARAM_BLD;
+ typedef struct OSSL_PARAM_BLD;
- void OSSL_PARAM_BLD_init(OSSL_PARAM_BLD *bld);
+ OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void);
OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld);
void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params);
void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld);
A collection of utility functions that simplify the creation of OSSL_PARAM
arrays. The B<I<TYPE>> names are as per L<OSSL_PARAM_int(3)>.
-OSSL_PARAM_BLD_init() initialises the OSSL_PARAM_BLD structure so that values
-can be added.
+OSSL_PARAM_BLD_new() allocates and initialises a new OSSL_PARAM_BLD structure
+so that values can be added.
Any existing values are cleared.
OSSL_PARAM_BLD_free() deallocates the memory allocates by OSSL_PARAM_BLD_new().
=head1 RETURN VALUES
+OSSL_PARAM_BLD_new() returns the allocated OSSL_PARAM_BLD structure, or NULL
+on error.
+
OSSL_PARAM_BLD_to_param() returns the allocated OSSL_PARAM array, or NULL
on error.
All of the OSSL_PARAM_BLD_push_TYPE functions return 1 on success and 0
on error.
-=head1 NOTES
-
-The constant B<OSSL_PARAM_BLD_MAX> specifies the maximum number of parameters
-that can be added.
-Exceeding this will result in the push functions returning errors.
-The define used for this will always be at least 10 but otherwise no assumption
-should be made about it's specific value.
-
-The structure B<OSSL_PARAM_BLD> should be considered opaque and subject to
-change between versions.
-
=head1 EXAMPLES
Both examples creating an OSSL_PARAM array that contains an RSA key.
This example shows how to create an OSSL_PARAM array that contains an RSA
private key.
- OSSL_PARAM_BLD bld;
+ OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
OSSL_PARAM *params;
- OSSL_PARAM_BLD_init(&bld, &secure);
- if (!OSSL_PARAM_BLD_push_BN(&bld, "p", p)
+ if (bld == NULL
+ || !OSSL_PARAM_BLD_push_BN(&bld, "p", p)
|| !OSSL_PARAM_BLD_push_BN(&bld, "q", q)
|| !OSSL_PARAM_BLD_push_uint(&bld, "e", e)
|| !OSSL_PARAM_BLD_push_BN(&bld, "n", n)
This example shows how to create an OSSL_PARAM array that contains an RSA
public key.
- OSSL_PARAM_BLD bld;
+ OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
OSSL_PARAM *params;
- OSSL_PARAM_BLD_init(&bld, &secure);
- if (!OSSL_PARAM_BLD_push_BN(&bld, "n", n)
- || !OSSL_PARAM_BLD_push_BN(&bld, "d", d)
- || (params = OSSL_PARAM_BLD_to_param(&bld)) == NULL)
+ if (nld == NULL
+ || !OSSL_PARAM_BLD_push_BN(bld, "n", n)
+ || !OSSL_PARAM_BLD_push_BN(bld, "d", d)
+ || (params = OSSL_PARAM_BLD_to_param(bld)) == NULL)
goto err;
OSSL_PARAM_BLD_free(bld);
/* Use params */
#include <openssl/params.h>
#include <openssl/types.h>
-#define OSSL_PARAM_BLD_MAX 25
-
-typedef struct {
- const char *key;
- int type;
- int secure;
- size_t size;
- size_t alloc_blocks;
- const BIGNUM *bn;
- const void *string;
- union {
- /*
- * These fields are never directly addressed, but their sizes are
- * imporant so that all native types can be copied here without overrun.
- */
- ossl_intmax_t i;
- ossl_uintmax_t u;
- double d;
- } num;
-} OSSL_PARAM_BLD_DEF;
-
-typedef struct {
- size_t curr;
- size_t total_blocks;
- size_t secure_blocks;
- OSSL_PARAM_BLD_DEF params[OSSL_PARAM_BLD_MAX];
-} OSSL_PARAM_BLD;
-
-void OSSL_PARAM_BLD_init(OSSL_PARAM_BLD *bld);
+OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void);
OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld);
-void OSSL_PARAM_BLD_free(OSSL_PARAM *params);
+void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld);
+void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params);
int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int val);
int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
typedef struct ossl_item_st OSSL_ITEM;
typedef struct ossl_algorithm_st OSSL_ALGORITHM;
typedef struct ossl_param_st OSSL_PARAM;
+typedef struct ossl_param_bld_st OSSL_PARAM_BLD;
typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
BIGNUM *p = NULL, *q = NULL, *g = NULL;
BIGNUM *pub = NULL, *priv = NULL;
OSSL_PARAM *params = NULL, *params_sig = NULL;
- OSSL_PARAM_BLD bld;
+ OSSL_PARAM_BLD *bld = NULL;
EVP_PKEY_CTX *sctx = NULL, *kctx = NULL;
EVP_PKEY *pkey = NULL;
unsigned char sig[64];
|| !hextobn(dsa_priv_hex, &priv))
goto err;
- OSSL_PARAM_BLD_init(&bld);
- if (!OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_P, p)
- || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_Q, q)
- || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_G, g)
- || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PUB_KEY, pub)
- || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
+ bld = OSSL_PARAM_BLD_new();
+ if (bld == NULL
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p)
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q)
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g)
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub)
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
goto err;
- params = OSSL_PARAM_BLD_to_param(&bld);
+ params = OSSL_PARAM_BLD_to_param(bld);
/* Create a EVP_PKEY_CTX to load the DSA key into */
kctx = EVP_PKEY_CTX_new_from_name(libctx, SN_dsa, "");
goto err;
/* set signature parameters */
- OSSL_PARAM_BLD_init(&bld);
- if (!OSSL_PARAM_BLD_push_utf8_string(&bld, OSSL_SIGNATURE_PARAM_DIGEST,
+ if (!OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_SIGNATURE_PARAM_DIGEST,
SN_sha256,strlen(SN_sha256) + 1))
goto err;
- params_sig = OSSL_PARAM_BLD_to_param(&bld);
+ params_sig = OSSL_PARAM_BLD_to_param(bld);
if (EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0)
goto err;
goto err;
ret = 1;
err:
- OSSL_PARAM_BLD_free(params);
- OSSL_PARAM_BLD_free(params_sig);
+ OSSL_PARAM_BLD_free_params(params);
+ OSSL_PARAM_BLD_free_params(params_sig);
+ OSSL_PARAM_BLD_free(bld);
BN_free(p);
BN_free(q);
BN_free(g);
OSSL_PARAM *params_peer = NULL;
unsigned char secret[256];
size_t secret_len, kat_secret_len = 0;
- OSSL_PARAM_BLD bld;
+ OSSL_PARAM_BLD *bld = NULL;
/* DH KAT */
static const char *dh_p_hex[] = {
|| !hextobin(dh_secret_exptd_hex, &kat_secret, &kat_secret_len))
goto err;
- OSSL_PARAM_BLD_init(&bld);
- if (!OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_P, p)
- || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_Q, q)
- || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_G, g)
- || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PUB_KEY, pub)
- || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
+ bld = OSSL_PARAM_BLD_new();
+ if (bld == NULL
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p)
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q)
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g)
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub)
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
goto err;
- params = OSSL_PARAM_BLD_to_param(&bld);
+ params = OSSL_PARAM_BLD_to_param(bld);
- OSSL_PARAM_BLD_init(&bld);
- if (!OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_P, p)
- || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_Q, q)
- || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_FFC_G, g)
- || !OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PUB_KEY, pub_peer))
+ if (!OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p)
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q)
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g)
+ || !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub_peer))
goto err;
- params_peer = OSSL_PARAM_BLD_to_param(&bld);
+ params_peer = OSSL_PARAM_BLD_to_param(bld);
if (params == NULL || params_peer == NULL)
goto err;
goto err;
ret = 1;
err:
- OSSL_PARAM_BLD_free(params_peer);
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free(bld);
+ OSSL_PARAM_BLD_free_params(params_peer);
+ OSSL_PARAM_BLD_free_params(params);
BN_free(p);
BN_free(q);
BN_free(g);
void *cbarg)
{
DH *dh = keydata;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl;
OSSL_PARAM *params = NULL;
int ok = 1;
if (dh == NULL)
return 0;
- OSSL_PARAM_BLD_init(&tmpl);
+ tmpl = OSSL_PARAM_BLD_new();
+ if (tmpl == NULL)
+ return 0;
if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0)
- ok = ok && domparams_to_params(dh, &tmpl);
+ ok = ok && domparams_to_params(dh, tmpl);
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
- ok = ok && key_to_params(dh, &tmpl);
+ ok = ok && key_to_params(dh, tmpl);
if (!ok
- || (params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL)
+ || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) {
+ OSSL_PARAM_BLD_free(tmpl);
return 0;
+ }
+ OSSL_PARAM_BLD_free(tmpl);
ok = param_cb(params, cbarg);
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free_params(params);
return ok;
}
void *cbarg)
{
DSA *dsa = keydata;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new();
OSSL_PARAM *params = NULL;
int ok = 1;
if (dsa == NULL)
- return 0;
-
- OSSL_PARAM_BLD_init(&tmpl);
+ goto err;;
if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0)
- ok = ok && domparams_to_params(dsa, &tmpl);
+ ok = ok && domparams_to_params(dsa, tmpl);
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
- ok = ok && key_to_params(dsa, &tmpl);
+ ok = ok && key_to_params(dsa, tmpl);
if (!ok
- || (params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL)
- return 0;
+ || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)
+ goto err;;
ok = param_cb(params, cbarg);
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free_params(params);
+err:
+ OSSL_PARAM_BLD_free(tmpl);
return ok;
}
void *cbarg)
{
EC_KEY *ec = keydata;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl;
OSSL_PARAM *params = NULL;
int ok = 1;
&& (selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0)
return 0;
- OSSL_PARAM_BLD_init(&tmpl);
+ tmpl = OSSL_PARAM_BLD_new();
+ if (tmpl == NULL)
+ return 0;
if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0)
- ok = ok && domparams_to_params(ec, &tmpl);
+ ok = ok && domparams_to_params(ec, tmpl);
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
int include_private =
selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
- ok = ok && key_to_params(ec, &tmpl, include_private);
+ ok = ok && key_to_params(ec, tmpl, include_private);
}
if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0)
- ok = ok && otherparams_to_params(ec, &tmpl);
+ ok = ok && otherparams_to_params(ec, tmpl);
if (!ok
- || (params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL)
- return 0;
+ || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)
+ goto err;
ok = param_cb(params, cbarg);
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free_params(params);
+err:
+ OSSL_PARAM_BLD_free(tmpl);
return ok;
}
void *cbarg)
{
ECX_KEY *key = keydata;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl;
OSSL_PARAM *params = NULL;
int ret;
if (key == NULL)
return 0;
- if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0
- && !key_to_params(key, &tmpl))
+ tmpl = OSSL_PARAM_BLD_new();
+ if (tmpl == NULL)
return 0;
- OSSL_PARAM_BLD_init(&tmpl);
- params = OSSL_PARAM_BLD_to_param(&tmpl);
- if (params == NULL) {
- OSSL_PARAM_BLD_free(params);
+ if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0
+ && !key_to_params(key, tmpl)) {
+ OSSL_PARAM_BLD_free(tmpl);
return 0;
}
+ params = OSSL_PARAM_BLD_to_param(tmpl);
+ OSSL_PARAM_BLD_free(tmpl);
+ if (params == NULL)
+ return 0;
+
ret = param_cb(params, cbarg);
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free_params(params);
return ret;
}
OSSL_CALLBACK *param_callback, void *cbarg)
{
RSA *rsa = keydata;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl;
OSSL_PARAM *params = NULL;
int ok = 1;
/* TODO(3.0) PSS and OAEP should bring on parameters */
- OSSL_PARAM_BLD_init(&tmpl);
+ tmpl = OSSL_PARAM_BLD_new();
+ if (tmpl == NULL)
+ return 0;
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
- ok = ok && key_to_params(rsa, &tmpl);
+ ok = ok && key_to_params(rsa, tmpl);
if (!ok
- || (params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL)
+ || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) {
+ OSSL_PARAM_BLD_free(tmpl);
return 0;
+ }
+ OSSL_PARAM_BLD_free(tmpl);
ok = param_callback(params, cbarg);
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free_params(params);
return ok;
}
int ret = 0;
EVP_PKEY_CTX *ctx = NULL;
EVP_PKEY *pk = NULL, *copy_pk = NULL;
- OSSL_PARAM_BLD bld;
+ OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
BIGNUM *ec_priv_bn = NULL;
OSSL_PARAM *fromdata_params = NULL;
const char *alg = "EC";
0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
};
- OSSL_PARAM_BLD_init(&bld);
-
+ if (!TEST_ptr(bld))
+ goto err;
if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
sizeof(ec_priv_keydata), NULL)))
goto err;
- if (OSSL_PARAM_BLD_push_utf8_string(&bld, OSSL_PKEY_PARAM_EC_NAME,
+ if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_EC_NAME,
"prime256v1", 0) <= 0)
goto err;
- if (OSSL_PARAM_BLD_push_octet_string(&bld, OSSL_PKEY_PARAM_PUB_KEY,
+ if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
ec_pub_keydata,
sizeof(ec_pub_keydata)) <= 0)
goto err;
- if (OSSL_PARAM_BLD_push_BN(&bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
+ if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
goto err;
- if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(&bld)))
+ if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
goto err;
ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
if (!TEST_ptr(ctx))
&& test_print_key_using_serializer(alg, pk);
err:
BN_free(ec_priv_bn);
- OSSL_PARAM_BLD_free(fromdata_params);
+ OSSL_PARAM_BLD_free_params(fromdata_params);
+ OSSL_PARAM_BLD_free(bld);
EVP_PKEY_free(pk);
EVP_PKEY_free(copy_pk);
EVP_PKEY_CTX_free(ctx);
static int template_public_test(void)
{
- OSSL_PARAM_BLD bld;
+ OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
OSSL_PARAM *params = NULL, *p;
BIGNUM *bn = NULL, *bn_res = NULL;
int i;
const char *cutf;
int res = 0;
- OSSL_PARAM_BLD_init(&bld);
- if (!TEST_true(OSSL_PARAM_BLD_push_int(&bld, "i", -6))
- || !TEST_true(OSSL_PARAM_BLD_push_long(&bld, "l", 42))
- || !TEST_true(OSSL_PARAM_BLD_push_int32(&bld, "i32", 1532))
- || !TEST_true(OSSL_PARAM_BLD_push_int64(&bld, "i64", -9999999))
- || !TEST_true(OSSL_PARAM_BLD_push_double(&bld, "d", 1.61803398875))
+ if (!TEST_ptr(bld)
+ || !TEST_true(OSSL_PARAM_BLD_push_int(bld, "i", -6))
+ || !TEST_true(OSSL_PARAM_BLD_push_long(bld, "l", 42))
+ || !TEST_true(OSSL_PARAM_BLD_push_int32(bld, "i32", 1532))
+ || !TEST_true(OSSL_PARAM_BLD_push_int64(bld, "i64", -9999999))
+ || !TEST_true(OSSL_PARAM_BLD_push_double(bld, "d", 1.61803398875))
|| !TEST_ptr(bn = BN_new())
|| !TEST_true(BN_set_word(bn, 1729))
- || !TEST_true(OSSL_PARAM_BLD_push_BN(&bld, "bignumber", bn))
- || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(&bld, "utf8_s", "foo",
+ || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, "bignumber", bn))
+ || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, "utf8_s", "foo",
sizeof("foo")))
- || !TEST_true(OSSL_PARAM_BLD_push_utf8_ptr(&bld, "utf8_p", "bar-boom",
+ || !TEST_true(OSSL_PARAM_BLD_push_utf8_ptr(bld, "utf8_p", "bar-boom",
0))
- || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(&bld))
+ || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
/* Check int */
|| !TEST_ptr(p = OSSL_PARAM_locate(params, "i"))
|| !TEST_true(OSSL_PARAM_get_int(p, &i))
goto err;
res = 1;
err:
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free_params(params);
+ OSSL_PARAM_BLD_free(bld);
OPENSSL_free(utf);
BN_free(bn);
BN_free(bn_res);
{
static int data1[] = { 2, 3, 5, 7, 11, 15, 17 };
static unsigned char data2[] = { 2, 4, 6, 8, 10 };
- OSSL_PARAM_BLD bld;
+ OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
OSSL_PARAM *params = NULL, *p;
unsigned int i;
unsigned long int l;
BIGNUM *bn = NULL, *bn_res = NULL;
int res = 0;
- OSSL_PARAM_BLD_init(&bld);
- if (!TEST_true(OSSL_PARAM_BLD_push_uint(&bld, "i", 6))
- || !TEST_true(OSSL_PARAM_BLD_push_ulong(&bld, "l", 42))
- || !TEST_true(OSSL_PARAM_BLD_push_uint32(&bld, "i32", 1532))
- || !TEST_true(OSSL_PARAM_BLD_push_uint64(&bld, "i64", 9999999))
- || !TEST_true(OSSL_PARAM_BLD_push_size_t(&bld, "st", 65537))
+ if (!TEST_ptr(bld)
+ || !TEST_true(OSSL_PARAM_BLD_push_uint(bld, "i", 6))
+ || !TEST_true(OSSL_PARAM_BLD_push_ulong(bld, "l", 42))
+ || !TEST_true(OSSL_PARAM_BLD_push_uint32(bld, "i32", 1532))
+ || !TEST_true(OSSL_PARAM_BLD_push_uint64(bld, "i64", 9999999))
+ || !TEST_true(OSSL_PARAM_BLD_push_size_t(bld, "st", 65537))
|| !TEST_ptr(bn = BN_secure_new())
|| !TEST_true(BN_set_word(bn, 1729))
- || !TEST_true(OSSL_PARAM_BLD_push_BN(&bld, "bignumber", bn))
- || !TEST_true(OSSL_PARAM_BLD_push_octet_string(&bld, "oct_s", data1,
+ || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, "bignumber", bn))
+ || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, "oct_s", data1,
sizeof(data1)))
- || !TEST_true(OSSL_PARAM_BLD_push_octet_ptr(&bld, "oct_p", data2,
+ || !TEST_true(OSSL_PARAM_BLD_push_octet_ptr(bld, "oct_p", data2,
sizeof(data2)))
- || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(&bld))
+ || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
/* Check unsigned int */
|| !TEST_ptr(p = OSSL_PARAM_locate(params, "i"))
|| !TEST_true(OSSL_PARAM_get_uint(p, &i))
goto err;
res = 1;
err:
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free_params(params);
+ OSSL_PARAM_BLD_free(bld);
BN_free(bn);
BN_free(bn_res);
return res;
NCONF_new_with_libctx ? 3_0_0 EXIST::FUNCTION:
CONF_modules_load_file_with_libctx ? 3_0_0 EXIST::FUNCTION:
OPENSSL_CTX_load_config ? 3_0_0 EXIST::FUNCTION:
-OSSL_PARAM_BLD_init ? 3_0_0 EXIST::FUNCTION:
OSSL_PARAM_BLD_to_param ? 3_0_0 EXIST::FUNCTION:
-OSSL_PARAM_BLD_free ? 3_0_0 EXIST::FUNCTION:
+OSSL_PARAM_BLD_free_params ? 3_0_0 EXIST::FUNCTION:
OSSL_PARAM_BLD_push_int ? 3_0_0 EXIST::FUNCTION:
OSSL_PARAM_BLD_push_uint ? 3_0_0 EXIST::FUNCTION:
OSSL_PARAM_BLD_push_long ? 3_0_0 EXIST::FUNCTION:
OSSL_PARAM_BLD_push_utf8_ptr ? 3_0_0 EXIST::FUNCTION:
OSSL_PARAM_BLD_push_octet_string ? 3_0_0 EXIST::FUNCTION:
OSSL_PARAM_BLD_push_octet_ptr ? 3_0_0 EXIST::FUNCTION:
+OSSL_PARAM_BLD_new ? 3_0_0 EXIST::FUNCTION:
+OSSL_PARAM_BLD_free ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_set_type_by_keymgmt ? 3_0_0 EXIST::FUNCTION:
OCSP_RESPID_set_by_key_ex ? 3_0_0 EXIST::FUNCTION:OCSP
OCSP_RESPID_match_ex ? 3_0_0 EXIST::FUNCTION:OCSP
projects / oweals / openssl.git / commitdiff