[openssl] master update
shane.lontis at oracle.com
shane.lontis at oracle.com
Wed Jul 31 10:38:24 UTC 2019
The branch master has been updated
via e870791a4d6aea3a0275396bd01da629cb6f4ac8 (commit)
from 8c00f267b8df1a8c70eff8198de40aa561299e48 (commit)
- Log -----------------------------------------------------------------
commit e870791a4d6aea3a0275396bd01da629cb6f4ac8
Author: Shane Lontis <shane.lontis at oracle.com>
Date: Wed Jul 31 20:34:26 2019 +1000
Add evp_util macros
Also added EVP_CTRL_RET_UNSUPPORTED define (so magic numbers can be removed)
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9464)
-----------------------------------------------------------------------
Summary of changes:
crypto/err/openssl.txt | 2 ++
crypto/evp/evp_enc.c | 8 ++---
crypto/evp/evp_err.c | 4 +++
crypto/evp/evp_lib.c | 10 +++----
crypto/evp/evp_locl.h | 3 ++
crypto/evp/evp_utils.c | 76 +++++++++++++++++++++++++++++++++++-------------
include/openssl/evperr.h | 5 ++++
7 files changed, 78 insertions(+), 30 deletions(-)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index d172f4c288..6b52193895 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2421,6 +2421,8 @@ EVP_R_BAD_DECRYPT:100:bad decrypt
EVP_R_BAD_KEY_LENGTH:195:bad key length
EVP_R_BUFFER_TOO_SMALL:155:buffer too small
EVP_R_CAMELLIA_KEY_SETUP_FAILED:157:camellia key setup failed
+EVP_R_CANNOT_GET_PARAMETERS:197:cannot get parameters
+EVP_R_CANNOT_SET_PARAMETERS:198:cannot set parameters
EVP_R_CIPHER_NOT_GCM_MODE:184:cipher not gcm mode
EVP_R_CIPHER_PARAMETER_ERROR:122:cipher parameter error
EVP_R_COMMAND_NOT_SUPPORTED:147:command not supported
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index b2c0a260e6..8f5175b525 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -926,7 +926,7 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &keylen);
ok = evp_do_ciph_ctx_setparams(c->cipher, c->provctx, params);
- if (ok != -2)
+ if (ok != EVP_CTRL_RET_UNSUPPORTED)
return ok;
/* TODO(3.0) legacy code follows */
@@ -960,7 +960,7 @@ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
- int ret = -2; /* Unsupported */
+ int ret = EVP_CTRL_RET_UNSUPPORTED;
int set_params = 1;
size_t sz;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
@@ -981,7 +981,7 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */
case EVP_CTRL_INIT: /* TODO(3.0) Purely legacy, no provider counterpart */
default:
- return -2; /* Unsupported */
+ return EVP_CTRL_RET_UNSUPPORTED;
case EVP_CTRL_GET_IV:
set_params = 0;
params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV,
@@ -1039,7 +1039,7 @@ legacy:
}
ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
- if (ret == -1) {
+ if (ret == EVP_CTRL_RET_UNSUPPORTED) {
EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL,
EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
return 0;
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 92df593821..749f189be3 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -23,6 +23,10 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BUFFER_TOO_SMALL), "buffer too small"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CAMELLIA_KEY_SETUP_FAILED),
"camellia key setup failed"},
+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CANNOT_GET_PARAMETERS),
+ "cannot get parameters"},
+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CANNOT_SET_PARAMETERS),
+ "cannot set parameters"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CIPHER_NOT_GCM_MODE),
"cipher not gcm mode"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CIPHER_PARAMETER_ERROR),
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 9091f8b475..e6daf684be 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -224,7 +224,7 @@ int EVP_CIPHER_block_size(const EVP_CIPHER *cipher)
params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_BLOCK_SIZE, &v);
ok = evp_do_ciph_getparams(cipher, params);
- return ok != 0 ? v : -1;
+ return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED;
}
int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
@@ -310,7 +310,7 @@ int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_IVLEN, &v);
ok = evp_do_ciph_getparams(cipher, params);
- return ok != 0 ? v : -1;
+ return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED;
}
int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
@@ -367,7 +367,7 @@ int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx)
params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_NUM, &v);
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
- return ok != 0 ? v : -1;
+ return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED;
}
int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
@@ -391,7 +391,7 @@ int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &v);
ok = evp_do_ciph_getparams(cipher, params);
- return ok != 0 ? v : -1;
+ return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED;
}
int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
@@ -402,7 +402,7 @@ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &v);
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
- return ok != 0 ? v : -1;
+ return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED;
}
int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h
index 848ef299ca..17ab24c07a 100644
--- a/crypto/evp/evp_locl.h
+++ b/crypto/evp/evp_locl.h
@@ -11,6 +11,9 @@
#include <openssl/core_numbers.h>
+#define EVP_CTRL_RET_UNSUPPORTED -1
+
+
struct evp_md_ctx_st {
const EVP_MD *reqdigest; /* The original requested digest */
const EVP_MD *digest;
diff --git a/crypto/evp/evp_utils.c b/crypto/evp/evp_utils.c
index c3b5520593..e24bee1c0c 100644
--- a/crypto/evp/evp_utils.c
+++ b/crypto/evp/evp_utils.c
@@ -17,31 +17,65 @@
#include "internal/evp_int.h" /* evp_locl.h needs it */
#include "evp_locl.h"
-int evp_do_ciph_getparams(const EVP_CIPHER *ciph, OSSL_PARAM params[])
-{
- if (ciph->prov == NULL)
- return -2;
- if (ciph->get_params == NULL)
- return -1;
- return ciph->get_params(params);
+/*
+ * EVP_CTRL_RET_UNSUPPORTED = -1 is the returned value from any ctrl function
+ * where the control command isn't supported, and an alternative code path
+ * may be chosen.
+ * Since these functions are used to implement ctrl functionality, we
+ * use the same value, and other callers will have to compensate.
+ */
+#define PARAM_CHECK(obj, func, errfunc) \
+ if (obj->prov == NULL) \
+ return EVP_CTRL_RET_UNSUPPORTED; \
+ if (obj->func == NULL) { \
+ errfunc(); \
+ return 0; \
+ }
+
+#define PARAM_FUNC(name, func, type, err) \
+int name (const type *obj, OSSL_PARAM params[]) \
+{ \
+ PARAM_CHECK(obj, func, err) \
+ return obj->func(params); \
+}
+
+#define PARAM_CTX_FUNC(name, func, type, err) \
+int name (const type *obj, void *provctx, OSSL_PARAM params[]) \
+{ \
+ PARAM_CHECK(obj, func, err) \
+ return obj->func(provctx, params); \
}
-int evp_do_ciph_ctx_getparams(const EVP_CIPHER *ciph, void *provctx,
- OSSL_PARAM params[])
+#define PARAM_FUNCTIONS(type, \
+ getname, getfunc, \
+ getctxname, getctxfunc, \
+ setctxname, setctxfunc) \
+ PARAM_FUNC(getname, getfunc, type, geterr) \
+ PARAM_CTX_FUNC(getctxname, getctxfunc, type, geterr) \
+ PARAM_CTX_FUNC(setctxname, setctxfunc, type, seterr)
+
+/*
+ * These error functions are a workaround for the error scripts, which
+ * currently require that XXXerr method appears inside a function (not a macro).
+ */
+static void geterr(void)
{
- if (ciph->prov == NULL)
- return -2;
- if (ciph->ctx_get_params == NULL)
- return -1;
- return ciph->ctx_get_params(provctx, params);
+ EVPerr(0, EVP_R_CANNOT_GET_PARAMETERS);
}
-int evp_do_ciph_ctx_setparams(const EVP_CIPHER *ciph, void *provctx,
- OSSL_PARAM params[])
+static void seterr(void)
{
- if (ciph->prov == NULL)
- return -2;
- if (ciph->ctx_set_params == NULL)
- return -1;
- return ciph->ctx_set_params(provctx, params);
+ EVPerr(0, EVP_R_CANNOT_SET_PARAMETERS);
}
+
+PARAM_FUNCTIONS(EVP_CIPHER,
+ evp_do_ciph_getparams, get_params,
+ evp_do_ciph_ctx_getparams, ctx_get_params,
+ evp_do_ciph_ctx_setparams, ctx_set_params)
+
+#if 0
+PARAM_FUNCTIONS(EVP_MD,
+ evp_do_md_getparams, get_params,
+ evp_do_md_ctx_getparams, ctx_get_params,
+ evp_do_md_ctx_setparams, ctx_set_params)
+#endif
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h
index 8b46d76ec1..34966f84cd 100644
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@@ -73,6 +73,8 @@ int ERR_load_EVP_strings(void);
# define EVP_F_EVP_KDF_CTRL_STR 0
# define EVP_F_EVP_KDF_CTX_NEW 0
# define EVP_F_EVP_KDF_CTX_NEW_ID 0
+# define EVP_F_EVP_KEYEXCH_FETCH 0
+# define EVP_F_EVP_KEYEXCH_FROM_DISPATCH 0
# define EVP_F_EVP_MAC_CTRL 0
# define EVP_F_EVP_MAC_CTRL_STR 0
# define EVP_F_EVP_MAC_CTX_DUP 0
@@ -100,6 +102,7 @@ int ERR_load_EVP_strings(void);
# define EVP_F_EVP_PKEY_DECRYPT_OLD 0
# define EVP_F_EVP_PKEY_DERIVE 0
# define EVP_F_EVP_PKEY_DERIVE_INIT 0
+# define EVP_F_EVP_PKEY_DERIVE_INIT_EX 0
# define EVP_F_EVP_PKEY_DERIVE_SET_PEER 0
# define EVP_F_EVP_PKEY_ENCRYPT 0
# define EVP_F_EVP_PKEY_ENCRYPT_INIT 0
@@ -168,6 +171,8 @@ int ERR_load_EVP_strings(void);
# define EVP_R_BAD_KEY_LENGTH 195
# define EVP_R_BUFFER_TOO_SMALL 155
# define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
+# define EVP_R_CANNOT_GET_PARAMETERS 197
+# define EVP_R_CANNOT_SET_PARAMETERS 198
# define EVP_R_CIPHER_NOT_GCM_MODE 184
# define EVP_R_CIPHER_PARAMETER_ERROR 122
# define EVP_R_COMMAND_NOT_SUPPORTED 147
More information about the openssl-commits
mailing list