[openssl] master update

Tue Jul 23 05:30:44 UTC 2019

The branch master has been updated
       via  261750134865150fe72298fd34dc7214c849b926 (commit)
       via  3efe19145ceaf27d27c45384269fa37aa4f4b57f (commit)
      from  b8441adb593392e224eccc95495e9a7451d04821 (commit)


- Log -----------------------------------------------------------------
commit 261750134865150fe72298fd34dc7214c849b926
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Jul 11 12:19:33 2019 +0200

    Replace OSSL_ITEM with OSSL_PARAM as parameter descriptor, everywhere
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/9346)

commit 3efe19145ceaf27d27c45384269fa37aa4f4b57f
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Jul 11 12:18:42 2019 +0200

    Describe OSSL_PARAM as a parameter descriptor
    
    This affects doc/man3/OSSL_PARAM.pod and doc/man7/openssl-core.h.pod
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/9346)

-----------------------------------------------------------------------

Summary of changes:
 crypto/provider.c                       |  2 +-
 crypto/provider_core.c                  | 12 ++++++------
 doc/internal/man3/ossl_provider_new.pod | 10 +++++-----
 doc/man3/OSSL_PARAM.pod                 | 28 +++++++++++++++++++++++-----
 doc/man3/OSSL_PROVIDER.pod              | 13 +++++--------
 doc/man7/openssl-core.h.pod             |  4 ++--
 include/internal/provider.h             |  2 +-
 include/openssl/core.h                  |  2 +-
 include/openssl/core_numbers.h          |  4 ++--
 include/openssl/provider.h              |  2 +-
 providers/default/defltprov.c           | 12 ++++++------
 providers/fips/fipsprov.c               | 12 ++++++------
 test/p_test.c                           |  8 ++++----
 13 files changed, 63 insertions(+), 48 deletions(-)

diff --git a/crypto/provider.c b/crypto/provider.c
index 8c9c6da..f81260c 100644
--- a/crypto/provider.c
+++ b/crypto/provider.c
@@ -35,7 +35,7 @@ int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov)
     return 1;
 }
 
-const OSSL_ITEM *OSSL_PROVIDER_get_param_types(const OSSL_PROVIDER *prov)
+const OSSL_PARAM *OSSL_PROVIDER_get_param_types(const OSSL_PROVIDER *prov)
 {
     return ossl_provider_get_param_types(prov);
 }
diff --git a/crypto/provider_core.c b/crypto/provider_core.c
index c16e91d..d96e214 100644
--- a/crypto/provider_core.c
+++ b/crypto/provider_core.c
@@ -680,7 +680,7 @@ void ossl_provider_teardown(const OSSL_PROVIDER *prov)
         prov->teardown(prov->provctx);
 }
 
-const OSSL_ITEM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov)
+const OSSL_PARAM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov)
 {
     return prov->get_param_types == NULL
         ? NULL : prov->get_param_types(prov->provctx);
@@ -712,13 +712,13 @@ const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov,
  * discovery.  We do not expect that many providers will use this, but one
  * never knows.
  */
-static const OSSL_ITEM param_types[] = {
-    { OSSL_PARAM_UTF8_PTR, "openssl-version" },
-    { OSSL_PARAM_UTF8_PTR, "provider-name" },
-    { 0, NULL }
+static const OSSL_PARAM param_types[] = {
+    OSSL_PARAM_DEFN("openssl-verstion", OSSL_PARAM_UTF8_PTR, NULL, 0),
+    OSSL_PARAM_DEFN("provider-name", OSSL_PARAM_UTF8_PTR, NULL, 0),
+    OSSL_PARAM_END
 };
 
-static const OSSL_ITEM *core_get_param_types(const OSSL_PROVIDER *prov)
+static const OSSL_PARAM *core_get_param_types(const OSSL_PROVIDER *prov)
 {
     return param_types;
 }
diff --git a/doc/internal/man3/ossl_provider_new.pod b/doc/internal/man3/ossl_provider_new.pod
index cb40cb2..426d953 100644
--- a/doc/internal/man3/ossl_provider_new.pod
+++ b/doc/internal/man3/ossl_provider_new.pod
@@ -51,7 +51,7 @@ ossl_provider_get_params, ossl_provider_query_operation
 
  /* Thin wrappers around calls to the provider */
  void ossl_provider_teardown(const OSSL_PROVIDER *prov);
- const OSSL_ITEM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov);
+ const OSSL_PARAM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov);
  int ossl_provider_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]);
  const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov,
                                                      int operation_id,
@@ -174,7 +174,7 @@ the provider has one.
 
 ossl_provider_get_param_types() calls the provider's I<get_param_types>
 function, if the provider has one.
-It should return an array of I<OSSL_ITEM> to describe all the
+It should return an array of I<OSSL_PARAM> to describe all the
 parameters that the provider has for the provider object.
 
 ossl_provider_get_params() calls the provider's parameter request
@@ -235,9 +235,9 @@ is returned.
 
 ossl_provider_teardown() doesnt't return any value.
 
-ossl_provider_get_param_types() returns a pointer to an I<OSSL_ITEM>
-array if this function is available in the provider, otherwise
-NULL.
+ossl_provider_get_param_types() returns a pointer to a constant
+I<OSSL_PARAM> array if this function is available in the provider,
+otherwise NULL.
 
 ossl_provider_get_params() returns 1 on success, or 0 on error.
 If this function isn't available in the provider, 0 is returned.
diff --git a/doc/man3/OSSL_PARAM.pod b/doc/man3/OSSL_PARAM.pod
index 0f6358c..61ff378 100644
--- a/doc/man3/OSSL_PARAM.pod
+++ b/doc/man3/OSSL_PARAM.pod
@@ -27,27 +27,37 @@ A typical usage example could be an application that wants to set some
 parameters for an object, or wants to find out some parameters of an
 object.
 
-Arrays of this type can be used for two purposes:
+Arrays of this type can be used for the following purposes:
 
 =over 4
 
-=item *
+=item * Setting parameters for some object
 
-Setting parameters for some object.
 The caller sets up the C<OSSL_PARAM> array and calls some function
 (the I<setter>) that has intimate knowledge about the object that can
 take the data from the C<OSSL_PARAM> array and assign them in a
 suitable form for the internal structure of the object.
 
-=item *
+=item * Request parameters of some object
 
-Request parameters of some object.
 The caller (the I<requestor>) sets up the C<OSSL_PARAM> array and
 calls some function (the I<responder>) that has intimate knowledge
 about the object, which can take the internal data of the object and
 copy (possibly convert) that to the memory prepared by the
 I<requestor> and pointed at with the C<OSSL_PARAM> C<data>.
 
+=item * Request parameter descriptors
+
+The caller gets an array of constant C<OSSL_PARAM>, which describe
+available parameters and some of their properties; name, data type and
+expected data size.
+For a detailed description of each field for this use, see the field
+descriptions below.
+
+The caller may then use the information from this descriptor array to
+build up its own C<OSSL_PARAM> array to pass down to a I<setter> or
+I<responder>.
+
 =back
 
 =head2 C<OSSL_PARAM> fields
@@ -78,6 +88,11 @@ setting parameters) or shall (when requesting parameters) be stored,
 and C<data_size> is its size in bytes.
 The organization of the data depends on the parameter type and flag.
 
+When the C<OSSL_PARAM> is used as a parameter descriptor, C<data>
+should be ignored.
+If C<data_size> is zero, it means that an arbitrary data size is
+accepted, otherwise it specifies the maximum size allowed.
+
 =item C<return_size>
 
 When an array of C<OSSL_PARAM> is used to request data, the
@@ -86,6 +101,9 @@ parameter data.
 In case the C<data_size> is too small for the data, the I<responder>
 must still set this field to indicate the minimum data size required.
 
+When the C<OSSL_PARAM> is used as a parameter descriptor,
+C<return_size> should be ignored.
+
 =back
 
 B<NOTE:>
diff --git a/doc/man3/OSSL_PROVIDER.pod b/doc/man3/OSSL_PROVIDER.pod
index fec6706..1453fcc 100644
--- a/doc/man3/OSSL_PROVIDER.pod
+++ b/doc/man3/OSSL_PROVIDER.pod
@@ -15,7 +15,7 @@ OSSL_PROVIDER_add_builtin, OSSL_PROVIDER_name - provider routines
  OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *, const char *name);
  int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
 
- const OSSL_ITEM *OSSL_PROVIDER_get_param_types(OSSL_PROVIDER *prov);
+ const OSSL_PARAM *OSSL_PROVIDER_get_param_types(OSSL_PROVIDER *prov);
  int OSSL_PROVIDER_get_params(OSSL_PROVIDER *prov, OSSL_PARAM params[]);
 
  int OSSL_PROVIDER_add_builtin(OPENSSL_CTX *, const char *name,
@@ -50,11 +50,8 @@ For a provider added with OSSL_PROVIDER_add_builtin(), this simply
 runs its teardown function.
 
 OSSL_PROVIDER_get_param_types() is used to get a provider parameter
-descriptor set as an B<OSSL_ITEM> array.
-Each element is a tuple of an B<OSSL_PARAM> parameter type and a name
-in form of a C string.
-See L<openssl-core.h(7)> for more information on B<OSSL_ITEM> and
-parameter types.
+descriptor set as a constant B<OSSL_PARAM> array.
+See L<OSSL_PARAM(3)> for more information.
 
 OSSL_PROVIDER_get_params() is used to get provider parameter values.
 The caller must prepare the B<OSSL_PARAM> array before calling this
@@ -72,8 +69,8 @@ success, or B<NULL> on error.
 
 OSSL_PROVIDER_unload() returns 1 on success, or 0 on error.
 
-OSSL_PROVIDER_get_param_types() returns a pointer to a constant array
-of B<OSSL_ITEM>, or NULL if none is provided.
+OSSL_PROVIDER_get_param_types() returns a pointer to an array
+of constant B<OSSL_PARAM>, or NULL if none is provided.
 
 OSSL_PROVIDER_get_params() returns 1 on success, or 0 on error.
 
diff --git a/doc/man7/openssl-core.h.pod b/doc/man7/openssl-core.h.pod
index 7fd4dfb..737293d 100644
--- a/doc/man7/openssl-core.h.pod
+++ b/doc/man7/openssl-core.h.pod
@@ -69,8 +69,8 @@ It's normally passed in arrays, where the array is terminated with an
 element where all fields are zero (for non-pointers) or C<NULL> (for
 pointers).
 
-These arrays can be used both to set parameters for some object, and
-to request parameters.
+These arrays can be used to set parameters for some object, to request
+parameters, and to describe parameters.
 
 C<OSSL_PARAM> is further described in L<OSSL_PARAM(3)>
 
diff --git a/include/internal/provider.h b/include/internal/provider.h
index 493fbde..fbc60fc 100644
--- a/include/internal/provider.h
+++ b/include/internal/provider.h
@@ -62,7 +62,7 @@ const char *ossl_provider_module_path(const OSSL_PROVIDER *prov);
 
 /* Thin wrappers around calls to the provider */
 void ossl_provider_teardown(const OSSL_PROVIDER *prov);
-const OSSL_ITEM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov);
+const OSSL_PARAM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov);
 int ossl_provider_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]);
 const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov,
                                                     int operation_id,
diff --git a/include/openssl/core.h b/include/openssl/core.h
index e9bc489..43e9d0a 100644
--- a/include/openssl/core.h
+++ b/include/openssl/core.h
@@ -43,7 +43,7 @@ struct ossl_dispatch_st {
  * tables remain tables with function pointers only.
  *
  * This is used whenever we need to pass things like a table of error reason
- * codes <-> reason string maps, parameter name <-> parameter type maps, ...
+ * codes <-> reason string maps, ...
  *
  * Usage determines which field works as key if any, rather than field order.
  *
diff --git a/include/openssl/core_numbers.h b/include/openssl/core_numbers.h
index 905094d..21f4303 100644
--- a/include/openssl/core_numbers.h
+++ b/include/openssl/core_numbers.h
@@ -58,7 +58,7 @@ extern "C" {
  */
 /* Functions provided by the Core to the provider, reserved numbers 1-1023 */
 # define OSSL_FUNC_CORE_GET_PARAM_TYPES        1
-OSSL_CORE_MAKE_FUNC(const OSSL_ITEM *,
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
                     core_get_param_types,(const OSSL_PROVIDER *prov))
 # define OSSL_FUNC_CORE_GET_PARAMS             2
 OSSL_CORE_MAKE_FUNC(int,core_get_params,(const OSSL_PROVIDER *prov,
@@ -132,7 +132,7 @@ OSSL_CORE_MAKE_FUNC(unsigned char *,
 # define OSSL_FUNC_PROVIDER_TEARDOWN         1024
 OSSL_CORE_MAKE_FUNC(void,provider_teardown,(void *provctx))
 # define OSSL_FUNC_PROVIDER_GET_PARAM_TYPES  1025
-OSSL_CORE_MAKE_FUNC(const OSSL_ITEM *,
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
                     provider_get_param_types,(void *provctx))
 # define OSSL_FUNC_PROVIDER_GET_PARAMS       1026
 OSSL_CORE_MAKE_FUNC(int,provider_get_params,(void *provctx,
diff --git a/include/openssl/provider.h b/include/openssl/provider.h
index 722e83b..68d5d10 100644
--- a/include/openssl/provider.h
+++ b/include/openssl/provider.h
@@ -20,7 +20,7 @@ extern "C" {
 OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *, const char *name);
 int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
 
-const OSSL_ITEM *OSSL_PROVIDER_get_param_types(const OSSL_PROVIDER *prov);
+const OSSL_PARAM *OSSL_PROVIDER_get_param_types(const OSSL_PROVIDER *prov);
 int OSSL_PROVIDER_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]);
 
 /* Add a built in providers */
diff --git a/providers/default/defltprov.c b/providers/default/defltprov.c
index 18e3a5c..2c25bf7 100644
--- a/providers/default/defltprov.c
+++ b/providers/default/defltprov.c
@@ -20,14 +20,14 @@ static OSSL_core_get_param_types_fn *c_get_param_types = NULL;
 static OSSL_core_get_params_fn *c_get_params = NULL;
 
 /* Parameters we provide to the core */
-static const OSSL_ITEM deflt_param_types[] = {
-    { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_NAME },
-    { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_VERSION },
-    { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_BUILDINFO },
-    { 0, NULL }
+static const OSSL_PARAM deflt_param_types[] = {
+    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0),
+    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
+    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0),
+    OSSL_PARAM_END
 };
 
-static const OSSL_ITEM *deflt_get_param_types(const OSSL_PROVIDER *prov)
+static const OSSL_PARAM *deflt_get_param_types(const OSSL_PROVIDER *prov)
 {
     return deflt_param_types;
 }
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index c1fbe4a..50d3c4b 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -80,11 +80,11 @@ static const OPENSSL_CTX_METHOD fips_prov_ossl_ctx_method = {
 
 
 /* Parameters we provide to the core */
-static const OSSL_ITEM fips_param_types[] = {
-    { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_NAME },
-    { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_VERSION },
-    { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_BUILDINFO },
-    { 0, NULL }
+static const OSSL_PARAM fips_param_types[] = {
+    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0),
+    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
+    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0),
+    OSSL_PARAM_END
 };
 
 /* TODO(3.0): To be removed */
@@ -149,7 +149,7 @@ static int dummy_evp_call(void *provctx)
     return ret;
 }
 
-static const OSSL_ITEM *fips_get_param_types(const OSSL_PROVIDER *prov)
+static const OSSL_PARAM *fips_get_param_types(const OSSL_PROVIDER *prov)
 {
     return fips_param_types;
 }
diff --git a/test/p_test.c b/test/p_test.c
index 904b75b..a730530 100644
--- a/test/p_test.c
+++ b/test/p_test.c
@@ -33,16 +33,16 @@ static OSSL_core_get_param_types_fn *c_get_param_types = NULL;
 static OSSL_core_get_params_fn *c_get_params = NULL;
 
 /* Tell the core what params we provide and what type they are */
-static const OSSL_ITEM p_param_types[] = {
-    { OSSL_PARAM_UTF8_STRING, "greeting" },
-    { 0, NULL }
+static const OSSL_PARAM p_param_types[] = {
+    { "greeting", OSSL_PARAM_UTF8_STRING, NULL, 0, 0 },
+    { NULL, 0, NULL, 0, 0 }
 };
 
 /* This is a trick to ensure we define the provider functions correctly */
 static OSSL_provider_get_param_types_fn p_get_param_types;
 static OSSL_provider_get_params_fn p_get_params;
 
-static const OSSL_ITEM *p_get_param_types(void *_)
+static const OSSL_PARAM *p_get_param_types(void *_)
 {
     return p_param_types;
 }
