[openssl] master update
shane.lontis at oracle.com
shane.lontis at oracle.com
Thu Sep 5 01:26:36 UTC 2019
The branch master has been updated
via 1c3ace6898032b7b45d8106ba4e0d21d75b0997e (commit)
from bc5a80910dccbc1e417f96bb7f0a3814d3ad5a4d (commit)
- Log -----------------------------------------------------------------
commit 1c3ace6898032b7b45d8106ba4e0d21d75b0997e
Author: Shane Lontis <shane.lontis at oracle.com>
Date: Thu Sep 5 11:23:57 2019 +1000
Change provider params from int to size_t
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9699)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/evp_enc.c | 32 +++++-----
crypto/evp/evp_lib.c | 70 ++++++++++++----------
crypto/evp/pmeth_lib.c | 3 +-
doc/man3/EVP_PKEY_CTX_ctrl.pod | 2 +-
doc/man7/provider-cipher.pod | 22 +++----
doc/man7/provider-digest.pod | 6 +-
doc/man7/provider-keyexch.pod | 2 +-
include/openssl/core_names.h | 50 ++++++++--------
include/openssl/mdc2.h | 2 +-
providers/common/ciphers/cipher_ccm.c | 4 +-
providers/common/ciphers/cipher_common.c | 58 +++++++++---------
providers/common/ciphers/cipher_gcm.c | 28 +++++----
providers/common/ciphers/cipher_gcm_hw.c | 2 +-
providers/common/ciphers/cipher_locl.h | 8 +--
providers/common/digests/digest_common.c | 13 ++--
providers/common/exchange/dh_exch.c | 10 ++--
.../common/include/internal/ciphers/cipher_aead.h | 2 +
.../common/include/internal/ciphers/cipher_ccm.h | 22 +++----
.../common/include/internal/ciphers/cipher_gcm.h | 30 +++++-----
.../common/include/internal/ciphers/ciphercommon.h | 25 ++++----
providers/common/include/internal/digestcommon.h | 2 +-
providers/legacy/digests/mdc2_prov.c | 4 +-
test/mdc2test.c | 7 ++-
23 files changed, 209 insertions(+), 195 deletions(-)
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 96dc83b2a0..466a03dbf3 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -986,8 +986,9 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
{
int ok;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+ size_t len = keylen;
- params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &keylen);
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &len);
ok = evp_do_ciph_ctx_setparams(c->cipher, c->provctx, params);
if (ok != EVP_CTRL_RET_UNSUPPORTED)
@@ -1010,13 +1011,14 @@ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
{
int ok;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+ unsigned int pd = pad;
if (pad)
ctx->flags &= ~EVP_CIPH_NO_PADDING;
else
ctx->flags |= EVP_CIPH_NO_PADDING;
- params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_PADDING, &pad);
+ params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_PADDING, &pd);
ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
return ok != 0;
@@ -1026,7 +1028,7 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
int ret = EVP_CTRL_RET_UNSUPPORTED;
int set_params = 1;
- size_t sz;
+ size_t sz = arg;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
if (ctx == NULL || ctx->cipher == NULL) {
@@ -1039,13 +1041,13 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
switch (type) {
case EVP_CTRL_SET_KEY_LENGTH:
- params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &arg);
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &sz);
break;
case EVP_CTRL_RAND_KEY: /* Used by DES */
set_params = 0;
params[0] =
OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY,
- ptr, (size_t)arg);
+ ptr, sz);
break;
case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */
@@ -1055,35 +1057,29 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
case EVP_CTRL_GET_IV:
set_params = 0;
params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV,
- ptr, (size_t)arg);
+ ptr, sz);
break;
case EVP_CTRL_AEAD_SET_IVLEN:
if (arg < 0)
return 0;
- sz = (size_t)arg;
- params[0] =
- OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, &sz);
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &sz);
break;
case EVP_CTRL_GCM_SET_IV_FIXED:
params[0] =
OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED,
- ptr, (size_t)arg);
- break;
- case EVP_CTRL_AEAD_SET_TAG:
- params[0] =
- OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
- ptr, (size_t)arg);
+ ptr, sz);
break;
case EVP_CTRL_AEAD_GET_TAG:
- set_params = 0;
+ set_params = 0; /* Fall thru */
+ case EVP_CTRL_AEAD_SET_TAG:
params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
- ptr, (size_t)arg);
+ ptr, sz);
break;
case EVP_CTRL_AEAD_TLS1_AAD:
/* This one does a set and a get - since it returns a padding size */
params[0] =
OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD,
- ptr, (size_t)arg);
+ ptr, sz);
ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
if (ret <= 0)
return ret;
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index b5b39a7f2d..acb90f222b 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -218,13 +218,14 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx)
int EVP_CIPHER_block_size(const EVP_CIPHER *cipher)
{
- int ok, v = cipher->block_size;
+ int ok;
+ size_t v = cipher->block_size;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_BLOCK_SIZE, &v);
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, &v);
ok = evp_do_ciph_getparams(cipher, params);
- return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED;
+ return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
}
int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
@@ -304,31 +305,33 @@ void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data)
int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
{
- int ok, v = cipher->iv_len;
+ int ok;
+ size_t v = cipher->iv_len;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_IVLEN, &v);
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v);
ok = evp_do_ciph_getparams(cipher, params);
- return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED;
+ return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
}
int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
{
- int len, rv, v = EVP_CIPHER_iv_length(ctx->cipher);
+ int rv;
+ size_t len, v = EVP_CIPHER_iv_length(ctx->cipher);
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_IVLEN, &v);
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v);
rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
if (rv == EVP_CTRL_RET_UNSUPPORTED)
goto legacy;
- return rv != 0 ? v : -1;
+ return rv != 0 ? (int)v : -1;
/* TODO (3.0) Remove legacy support */
legacy:
if ((EVP_CIPHER_flags(ctx->cipher) & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
0, &len);
- return (rv == 1) ? len : -1;
+ return (rv == 1) ? (int)len : -1;
}
return v;
}
@@ -376,48 +379,52 @@ unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx)
{
- int ok, v = ctx->num;
+ int ok;
+ unsigned int v = (unsigned int)ctx->num;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_NUM, &v);
+ params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v);
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
- return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED;
+ return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
}
int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
{
int ok;
+ unsigned int n = (unsigned int)num;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_NUM, &num);
+ params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n);
ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
if (ok != 0)
- ctx->num = num;
+ ctx->num = (int)n;
return ok != 0;
}
int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
{
- int ok, v = cipher->key_len;
+ int ok;
+ size_t v = cipher->key_len;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &v);
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v);
ok = evp_do_ciph_getparams(cipher, params);
- return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED;
+ return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
}
int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
{
- int ok, v = ctx->key_len;
+ int ok;
+ size_t v = ctx->key_len;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_KEYLEN, &v);
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v);
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
- return ok != 0 ? v : EVP_CTRL_RET_UNSUPPORTED;
+ return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
}
int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
@@ -448,13 +455,14 @@ const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher)
int EVP_CIPHER_mode(const EVP_CIPHER *cipher)
{
- int ok, v = EVP_CIPHER_flags(cipher) & EVP_CIPH_MODE;
+ int ok;
+ unsigned int v = EVP_CIPHER_flags(cipher) & EVP_CIPH_MODE;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_MODE, &v);
+ params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_MODE, &v);
ok = evp_do_ciph_getparams(cipher, params);
- return ok != 0 ? v : 0;
+ return ok != 0 ? (int)v : 0;
}
const char *EVP_MD_name(const EVP_MD *md)
@@ -475,7 +483,8 @@ const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md)
int EVP_MD_block_size(const EVP_MD *md)
{
- int ok, v = md->block_size;
+ int ok;
+ size_t v = md->block_size;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
if (md == NULL) {
@@ -483,10 +492,10 @@ int EVP_MD_block_size(const EVP_MD *md)
return -1;
}
- params[0] = OSSL_PARAM_construct_int(OSSL_DIGEST_PARAM_BLOCK_SIZE, &v);
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, &v);
ok = evp_do_md_getparams(md, params);
- return ok != 0 ? v : -1;
+ return ok != 0 ? (int)v : -1;
}
int EVP_MD_type(const EVP_MD *md)
@@ -501,7 +510,8 @@ int EVP_MD_pkey_type(const EVP_MD *md)
int EVP_MD_size(const EVP_MD *md)
{
- int ok, v = md->md_size;
+ int ok;
+ size_t v = md->md_size;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
if (md == NULL) {
@@ -509,10 +519,10 @@ int EVP_MD_size(const EVP_MD *md)
return -1;
}
- params[0] = OSSL_PARAM_construct_int(OSSL_DIGEST_PARAM_SIZE, &v);
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &v);
ok = evp_do_md_getparams(md, params);
- return ok != 0 ? v : -1;
+ return ok != 0 ? (int)v : -1;
}
unsigned long EVP_MD_flags(const EVP_MD *md)
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 31b4ae4411..d2b28f825b 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -409,13 +409,14 @@ int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad)
{
OSSL_PARAM dh_pad_params[2];
+ unsigned int upad = pad;
/* TODO(3.0): Remove this eventually when no more legacy */
if (ctx->exchprovctx == NULL)
return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE,
EVP_PKEY_CTRL_DH_PAD, pad, NULL);
- dh_pad_params[0] = OSSL_PARAM_construct_int(OSSL_EXCHANGE_PARAM_PAD, &pad);
+ dh_pad_params[0] = OSSL_PARAM_construct_uint(OSSL_EXCHANGE_PARAM_PAD, &upad);
dh_pad_params[1] = OSSL_PARAM_construct_end();
return EVP_PKEY_CTX_set_params(ctx, dh_pad_params);
diff --git a/doc/man3/EVP_PKEY_CTX_ctrl.pod b/doc/man3/EVP_PKEY_CTX_ctrl.pod
index 369fc0f9d0..1787e19ab7 100644
--- a/doc/man3/EVP_PKEY_CTX_ctrl.pod
+++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod
@@ -153,7 +153,7 @@ The parameters currently supported by the default provider are:
=over 4
-=item OSSL_EXCHANGE_PARAM_PAD (int type)
+=item OSSL_EXCHANGE_PARAM_PAD (uint type)
Sets the DH padding mode.
If B<OSSL_EXCHANGE_PARAM_PAD> is 1 then the shared secret is padded with zeroes
diff --git a/doc/man7/provider-cipher.pod b/doc/man7/provider-cipher.pod
index 040a34c126..1b7dff8f76 100644
--- a/doc/man7/provider-cipher.pod
+++ b/doc/man7/provider-cipher.pod
@@ -39,7 +39,7 @@ provider-cipher - The cipher library E<lt>-E<gt> provider functions
/* Cipher parameter descriptors */
const OSSL_PARAM *OP_cipher_gettable_params(void);
- /* Cipheroperation parameter descriptors */
+ /* Cipher operation parameter descriptors */
const OSSL_PARAM *OP_cipher_gettable_ctx_params(void);
const OSSL_PARAM *OP_cipher_settable_ctx_params(void);
@@ -111,7 +111,7 @@ OP_cipher_newctx() should create and return a pointer to a provider side
structure for holding context information during a cipher operation.
A pointer to this context will be passed back in a number of the other cipher
operation function calls.
-The paramater B<provctx> is the provider context generated during provider
+The parameter B<provctx> is the provider context generated during provider
initialisation (see L<provider(3)>).
OP_cipher_freectx() is passed a pointer to the provider side cipher context in
@@ -124,7 +124,7 @@ B<cctx> parameter and return the duplicate copy.
=head2 Encryption/Decryption Functions
OP_cipher_encrypt_init() initialises a cipher operation for encryption given a
-newly created provider side cipher context in the B<cctx> paramter.
+newly created provider side cipher context in the B<cctx> parameter.
The key to be used is given in B<key> which is B<keylen> bytes long.
The IV to be used is given in B<iv> which is B<ivlen> bytes long.
@@ -158,7 +158,7 @@ The same expectations apply to B<outsize> as documented for
L<EVP_EncryptFinal(3)> and L<EVP_DecryptFinal(3)>.
OP_cipher_cipher() performs encryption/decryption using the provider side cipher
-context in the B<cctx> paramter that should have been previously initialised via
+context in the B<cctx> parameter that should have been previously initialised via
a call to OP_cipher_encrypt_init() or OP_cipher_decrypt_init.
This should call the raw underlying cipher function without any padding.
This will be invoked in the provider as a result of the application calling
@@ -197,18 +197,18 @@ parameters are relevant to, or are understood by all ciphers:
=over 4
-=item B<OSSL_CIPHER_PARAM_PADDING> (int)
+=item B<OSSL_CIPHER_PARAM_PADDING> (uint)
Sets the padding mode for the associated cipher ctx.
Setting a value of 1 will turn padding on.
-Setting a vlue of 0 will turn padding off.
+Setting a value of 0 will turn padding off.
-=item B<OSSL_CIPHER_PARAM_MODE> (int)
+=item B<OSSL_CIPHER_PARAM_MODE> (uint)
Gets the mode for the associated cipher algorithm.
See L<EVP_CIPHER_mode(3)> for a list of valid modes.
-=item B<OSSL_CIPHER_PARAM_BLOCK_SIZE> (int)
+=item B<OSSL_CIPHER_PARAM_BLOCK_SIZE> (size_t)
Gets the block size for the associated cipher algorithm.
The block size should be 1 for stream ciphers.
@@ -223,13 +223,13 @@ Gets any flags for the associated cipher algorithm.
See L<EVP_CIPHER_meth_set_flags(3)> for a list of currently defined cipher
flags.
-=item B<OSSL_CIPHER_PARAM_KEYLEN> (int)
+=item B<OSSL_CIPHER_PARAM_KEYLEN> (size_t)
Gets the key length for the associated cipher algorithm.
This can also be used to get or set the key length for the associated cipher
ctx.
-=item B<OSSL_CIPHER_PARAM_IVLEN> (int)
+=item B<OSSL_CIPHER_PARAM_IVLEN> (size_t)
Gets the IV length for the associated cipher algorithm.
@@ -237,7 +237,7 @@ Gets the IV length for the associated cipher algorithm.
Gets the IV for the associated cipher ctx.
-=item B<OSSL_CIPHER_PARAM_NUM> (int)
+=item B<OSSL_CIPHER_PARAM_NUM> (uint)
Gets or sets the cipher specific "num" parameter for the associated cipher ctx.
Built-in ciphers typically use this to track how much of the current underlying
diff --git a/doc/man7/provider-digest.pod b/doc/man7/provider-digest.pod
index 31d3516def..3d7808452c 100644
--- a/doc/man7/provider-digest.pod
+++ b/doc/man7/provider-digest.pod
@@ -164,11 +164,11 @@ by all digests:
=over 4
-=item B<OSSL_DIGEST_PARAM_BLOCK_SIZE> (int)
+=item B<OSSL_DIGEST_PARAM_BLOCK_SIZE> (size_t)
The digest block size.
-=item B<OSSL_DIGEST_PARAM_SIZE> (int)
+=item B<OSSL_DIGEST_PARAM_SIZE> (size_t)
The digest output size.
@@ -243,7 +243,7 @@ section 5.6.8.
The next call after setting this parameter will be OP_digest_final().
This is only relevant for implementations of SHA1 or MD5_SHA1.
-=item B<OSSL_DIGEST_PARAM_PAD_TYPE> (int)
+=item B<OSSL_DIGEST_PARAM_PAD_TYPE> (uint)
Sets the pad type to be used.
The only built-in digest that uses this is MDC2.
diff --git a/doc/man7/provider-keyexch.pod b/doc/man7/provider-keyexch.pod
index 875d6e267e..71830c12c6 100644
--- a/doc/man7/provider-keyexch.pod
+++ b/doc/man7/provider-keyexch.pod
@@ -138,7 +138,7 @@ algorithms:
=over 4
-=item B<OSSL_EXCHANGE_PARAM_PAD> (int)
+=item B<OSSL_EXCHANGE_PARAM_PAD> (uint)
Sets the padding mode for the associated key exchange ctx.
Setting a value of 1 will turn padding on.
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index 448bc50e8a..2fe06dc272 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -41,50 +41,50 @@ extern "C" {
#define OSSL_PROV_PARAM_MODULE_FILENAME "module-filename"
/* cipher parameters */
-#define OSSL_CIPHER_PARAM_PADDING "padding" /* int */
-#define OSSL_CIPHER_PARAM_MODE "mode" /* int */
-#define OSSL_CIPHER_PARAM_BLOCK_SIZE "blocksize" /* int */
+#define OSSL_CIPHER_PARAM_PADDING "padding" /* uint */
+#define OSSL_CIPHER_PARAM_MODE "mode" /* uint */
+#define OSSL_CIPHER_PARAM_BLOCK_SIZE "blocksize" /* size_t */
#define OSSL_CIPHER_PARAM_FLAGS "flags" /* ulong */
-#define OSSL_CIPHER_PARAM_KEYLEN "keylen" /* int */
-#define OSSL_CIPHER_PARAM_IVLEN "ivlen" /* int */
+#define OSSL_CIPHER_PARAM_KEYLEN "keylen" /* size_t */
+#define OSSL_CIPHER_PARAM_IVLEN "ivlen" /* size_t */
#define OSSL_CIPHER_PARAM_IV "iv" /* octet_string OR octet_ptr */
-#define OSSL_CIPHER_PARAM_NUM "num" /* int */
+#define OSSL_CIPHER_PARAM_NUM "num" /* uint */
#define OSSL_CIPHER_PARAM_AEAD_TAG "tag" /* octet_string */
#define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD "tlsaad" /* octet_string */
#define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD "tlsaadpad" /* size_t */
#define OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED "tlsivfixed" /* octet_string */
-#define OSSL_CIPHER_PARAM_AEAD_IVLEN "aeadivlen" /* size_t */
+#define OSSL_CIPHER_PARAM_AEAD_IVLEN OSSL_CIPHER_PARAM_IVLEN
#define OSSL_CIPHER_PARAM_RANDOM_KEY "randkey" /* octet_string */
/* digest parameters */
-#define OSSL_DIGEST_PARAM_XOFLEN "xoflen"
-#define OSSL_DIGEST_PARAM_SSL3_MS "ssl3-ms"
-#define OSSL_DIGEST_PARAM_PAD_TYPE "pad_type"
-#define OSSL_DIGEST_PARAM_MICALG "micalg"
-#define OSSL_DIGEST_PARAM_BLOCK_SIZE "blocksize" /* OSSL_PARAM_INTEGER */
-#define OSSL_DIGEST_PARAM_SIZE "size" /* OSSL_PARAM_INTEGER */
-#define OSSL_DIGEST_PARAM_FLAGS "flags" /* OSSL_PARAM_UNSIGNED_INTEGER */
+#define OSSL_DIGEST_PARAM_XOFLEN "xoflen" /* size_t */
+#define OSSL_DIGEST_PARAM_SSL3_MS "ssl3-ms" /* octet string */
+#define OSSL_DIGEST_PARAM_PAD_TYPE "pad_type" /* uint */
+#define OSSL_DIGEST_PARAM_MICALG "micalg" /* utf8 string */
+#define OSSL_DIGEST_PARAM_BLOCK_SIZE "blocksize" /* size_t */
+#define OSSL_DIGEST_PARAM_SIZE "size" /* size_t */
+#define OSSL_DIGEST_PARAM_FLAGS "flags" /* ulong */
/* Known DIGEST names (not a complete list) */
#define OSSL_DIGEST_NAME_KECCAK_KMAC128 "KECCAK_KMAC128"
#define OSSL_DIGEST_NAME_KECCAK_KMAC256 "KECCAK_KMAC256"
/* MAC parameters */
-#define OSSL_MAC_PARAM_KEY "key" /* octet string */
-#define OSSL_MAC_PARAM_IV "iv" /* octet string */
-#define OSSL_MAC_PARAM_CUSTOM "custom" /* utf8 string */
-#define OSSL_MAC_PARAM_SALT "salt" /* octet string */
-#define OSSL_MAC_PARAM_XOF "xof" /* int, 0 or 1 */
-#define OSSL_MAC_PARAM_FLAGS "flags" /* int */
+#define OSSL_MAC_PARAM_KEY "key" /* octet string */
+#define OSSL_MAC_PARAM_IV "iv" /* octet string */
+#define OSSL_MAC_PARAM_CUSTOM "custom" /* utf8 string */
+#define OSSL_MAC_PARAM_SALT "salt" /* octet string */
+#define OSSL_MAC_PARAM_XOF "xof" /* int, 0 or 1 */
+#define OSSL_MAC_PARAM_FLAGS "flags" /* int */
/*
* If "engine" or "properties" are specified, they should always be paired
* with "cipher" or "digest".
*/
-#define OSSL_MAC_PARAM_CIPHER "cipher" /* utf8 string */
-#define OSSL_MAC_PARAM_DIGEST "digest" /* utf8 string */
-#define OSSL_MAC_PARAM_ENGINE "engine" /* utf8 string */
+#define OSSL_MAC_PARAM_CIPHER "cipher" /* utf8 string */
+#define OSSL_MAC_PARAM_DIGEST "digest" /* utf8 string */
+#define OSSL_MAC_PARAM_ENGINE "engine" /* utf8 string */
#define OSSL_MAC_PARAM_PROPERTIES "properties" /* utf8 string */
-#define OSSL_MAC_PARAM_SIZE "size" /* size_t */
+#define OSSL_MAC_PARAM_SIZE "size" /* size_t */
/* Known MAC names (not a complete list) */
#define OSSL_MAC_NAME_CMAC "CMAC"
@@ -103,7 +103,7 @@ extern "C" {
/* Key Exchange parameters */
-#define OSSL_EXCHANGE_PARAM_PAD "exchange-pad"
+#define OSSL_EXCHANGE_PARAM_PAD "exchange-pad" /* uint */
# ifdef __cplusplus
}
diff --git a/include/openssl/mdc2.h b/include/openssl/mdc2.h
index a26a3c0f06..576695cf7b 100644
--- a/include/openssl/mdc2.h
+++ b/include/openssl/mdc2.h
@@ -26,7 +26,7 @@ typedef struct mdc2_ctx_st {
unsigned int num;
unsigned char data[MDC2_BLOCK];
DES_cblock h, hh;
- int pad_type; /* either 1 or 2, default 1 */
+ unsigned int pad_type; /* either 1 or 2, default 1 */
} MDC2_CTX;
int MDC2_Init(MDC2_CTX *c);
diff --git a/providers/common/ciphers/cipher_ccm.c b/providers/common/ciphers/cipher_ccm.c
index 211b64f768..8970b02670 100644
--- a/providers/common/ciphers/cipher_ccm.c
+++ b/providers/common/ciphers/cipher_ccm.c
@@ -143,7 +143,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[])
OSSL_PARAM *p;
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
- if (p != NULL && !OSSL_PARAM_set_int(p, ccm_get_ivlen(ctx))) {
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, ccm_get_ivlen(ctx))) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
@@ -161,7 +161,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[])
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
- if (p != NULL && !OSSL_PARAM_set_int(p, ctx->keylen)) {
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
diff --git a/providers/common/ciphers/cipher_common.c b/providers/common/ciphers/cipher_common.c
index 5abd2c0010..de67fc1341 100644
--- a/providers/common/ciphers/cipher_common.c
+++ b/providers/common/ciphers/cipher_common.c
@@ -19,10 +19,11 @@
* Generic cipher functions for OSSL_PARAM gettables and settables
*/
static const OSSL_PARAM cipher_known_gettable_params[] = {
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_MODE, NULL),
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL),
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_IVLEN, NULL),
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL),
+ OSSL_PARAM_uint(OSSL_CIPHER_PARAM_MODE, NULL),
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL),
+ OSSL_PARAM_ulong(OSSL_CIPHER_PARAM_FLAGS, NULL),
OSSL_PARAM_END
};
const OSSL_PARAM *cipher_generic_gettable_params(void)
@@ -30,13 +31,14 @@ const OSSL_PARAM *cipher_generic_gettable_params(void)
return cipher_known_gettable_params;
}
-int cipher_generic_get_params(OSSL_PARAM params[], int md, unsigned long flags,
- int kbits, int blkbits, int ivbits)
+int cipher_generic_get_params(OSSL_PARAM params[], unsigned int md,
+ unsigned long flags,
+ size_t kbits, size_t blkbits, size_t ivbits)
{
OSSL_PARAM *p;
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE);
- if (p != NULL && !OSSL_PARAM_set_int(p, md)) {
+ if (p != NULL && !OSSL_PARAM_set_uint(p, md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
@@ -46,17 +48,17 @@ int cipher_generic_get_params(OSSL_PARAM params[], int md, unsigned long flags,
return 0;
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
- if (p != NULL && !OSSL_PARAM_set_int(p, kbits / 8)) {
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, kbits / 8)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_BLOCK_SIZE);
- if (p != NULL && !OSSL_PARAM_set_int(p, blkbits / 8)) {
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, blkbits / 8)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
- if (p != NULL && !OSSL_PARAM_set_int(p, ivbits / 8)) {
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, ivbits / 8)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
@@ -67,9 +69,9 @@ CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(cipher_generic)
CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(cipher_generic)
static const OSSL_PARAM cipher_known_settable_ctx_params[] = {
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL),
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_PADDING, NULL),
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_NUM, NULL),
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
+ OSSL_PARAM_uint(OSSL_CIPHER_PARAM_PADDING, NULL),
+ OSSL_PARAM_uint(OSSL_CIPHER_PARAM_NUM, NULL),
OSSL_PARAM_END
};
const OSSL_PARAM *cipher_generic_settable_ctx_params(void)
@@ -81,8 +83,8 @@ const OSSL_PARAM *cipher_generic_settable_ctx_params(void)
* AEAD cipher functions for OSSL_PARAM gettables and settables
*/
static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = {
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL),
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_IVLEN, NULL),
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
@@ -94,7 +96,7 @@ const OSSL_PARAM *cipher_aead_gettable_ctx_params(void)
}
static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = {
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL),
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, NULL),
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0),
@@ -111,7 +113,7 @@ static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx,
const unsigned char *iv, size_t ivlen,
int enc)
{
- ctx->enc = enc;
+ ctx->enc = enc ? 1 : 0;
if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) {
if (ivlen != ctx->ivlen) {
@@ -312,12 +314,12 @@ int cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[])
OSSL_PARAM *p;
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
- if (p != NULL && !OSSL_PARAM_set_int(p, ctx->ivlen)) {
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->ivlen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING);
- if (p != NULL && !OSSL_PARAM_set_int(p, ctx->pad)) {
+ if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->pad)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
@@ -329,12 +331,12 @@ int cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[])
return 0;
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_NUM);
- if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->num)) {
+ if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->num)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
- if (p != NULL && !OSSL_PARAM_set_int(p, ctx->keylen)) {
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
@@ -349,9 +351,9 @@ int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[])
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_PADDING);
if (p != NULL) {
- int pad;
+ unsigned int pad;
- if (!OSSL_PARAM_get_int(p, &pad)) {
+ if (!OSSL_PARAM_get_uint(p, &pad)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0;
}
@@ -359,9 +361,9 @@ int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[])
}
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_NUM);
if (p != NULL) {
- int num;
+ unsigned int num;
- if (!OSSL_PARAM_get_int(p, &num)) {
+ if (!OSSL_PARAM_get_uint(p, &num)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0;
}
@@ -369,9 +371,9 @@ int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[])
}
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
if (p != NULL) {
- int keylen;
+ size_t keylen;
- if (!OSSL_PARAM_get_int(p, &keylen)) {
+ if (!OSSL_PARAM_get_size_t(p, &keylen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0;
}
@@ -381,7 +383,7 @@ int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[])
}
void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits,
- size_t ivbits, int mode,
+ size_t ivbits, unsigned int mode,
const PROV_CIPHER_HW *hw, void *provctx)
{
PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
diff --git a/providers/common/ciphers/cipher_gcm.c b/providers/common/ciphers/cipher_gcm.c
index 7d0e47b823..4247319091 100644
--- a/providers/common/ciphers/cipher_gcm.c
+++ b/providers/common/ciphers/cipher_gcm.c
@@ -29,8 +29,8 @@ void gcm_initctx(void *provctx, PROV_GCM_CTX *ctx, size_t keybits,
{
ctx->pad = 1;
ctx->mode = EVP_CIPH_GCM_MODE;
- ctx->taglen = -1;
- ctx->tls_aad_len = -1;
+ ctx->taglen = UNINITIALISED_SIZET;
+ ctx->tls_aad_len = UNINITIALISED_SIZET;
ctx->ivlen_min = ivlen_min;
ctx->ivlen = (EVP_GCM_TLS_FIXED_IV_LEN + EVP_GCM_TLS_EXPLICIT_IV_LEN);
ctx->keylen = keybits / 8;
@@ -89,12 +89,12 @@ int gcm_get_ctx_params(void *vctx, OSSL_PARAM params[])
size_t sz;
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
- if (p != NULL && !OSSL_PARAM_set_int(p, ctx->ivlen)) {
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->ivlen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
- if (p != NULL && !OSSL_PARAM_set_int(p, ctx->keylen)) {
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
@@ -103,7 +103,7 @@ int gcm_get_ctx_params(void *vctx, OSSL_PARAM params[])
if (p != NULL) {
if (ctx->iv_gen != 1 && ctx->iv_gen_rand != 1)
return 0;
- if (ctx->ivlen != (int)p->data_size) {
+ if (ctx->ivlen != p->data_size) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH);
return 0;
}
@@ -121,7 +121,10 @@ int gcm_get_ctx_params(void *vctx, OSSL_PARAM params[])
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG);
if (p != NULL) {
sz = p->data_size;
- if (sz == 0 || sz > EVP_GCM_TLS_TAG_LEN || !ctx->enc || ctx->taglen < 0) {
+ if (sz == 0
+ || sz > EVP_GCM_TLS_TAG_LEN
+ || !ctx->enc
+ || ctx->taglen == UNINITIALISED_SIZET) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG);
return 0;
}
@@ -201,14 +204,14 @@ int gcm_set_ctx_params(void *vctx, const OSSL_PARAM params[])
*/
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
if (p != NULL) {
- int keylen;
+ size_t keylen;
- if (!OSSL_PARAM_get_int(p, &keylen)) {
+ if (!OSSL_PARAM_get_size_t(p, &keylen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0;
}
/* The key length can not be modified for gcm mode */
- if (keylen != (int)ctx->keylen)
+ if (keylen != ctx->keylen)
return 0;
}
@@ -296,7 +299,7 @@ static int gcm_cipher_internal(PROV_GCM_CTX *ctx, unsigned char *out,
int rv = 0;
const PROV_GCM_HW *hw = ctx->hw;
- if (ctx->tls_aad_len >= 0)
+ if (ctx->tls_aad_len != UNINITIALISED_SIZET)
return gcm_tls_cipher(ctx, out, padlen, in, len);
if (!ctx->key_set || ctx->iv_state == IV_STATE_FINISHED)
@@ -425,7 +428,8 @@ static void ctr64_inc(unsigned char *counter)
static int gcm_tls_cipher(PROV_GCM_CTX *ctx, unsigned char *out, size_t *padlen,
const unsigned char *in, size_t len)
{
- int rv = 0, arg = EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ int rv = 0;
+ size_t arg = EVP_GCM_TLS_EXPLICIT_IV_LEN;
size_t plen = 0;
unsigned char *tag = NULL;
@@ -491,7 +495,7 @@ static int gcm_tls_cipher(PROV_GCM_CTX *ctx, unsigned char *out, size_t *padlen,
rv = 1;
err:
ctx->iv_state = IV_STATE_FINISHED;
- ctx->tls_aad_len = -1;
+ ctx->tls_aad_len = UNINITIALISED_SIZET;
*padlen = plen;
return rv;
}
diff --git a/providers/common/ciphers/cipher_gcm_hw.c b/providers/common/ciphers/cipher_gcm_hw.c
index 4ef5190b5f..e2587f2e5e 100644
--- a/providers/common/ciphers/cipher_gcm_hw.c
+++ b/providers/common/ciphers/cipher_gcm_hw.c
@@ -90,7 +90,7 @@ int gcm_cipher_final(PROV_GCM_CTX *ctx, unsigned char *tag)
CRYPTO_gcm128_tag(&ctx->gcm, tag, GCM_TAG_MAX_SIZE);
ctx->taglen = GCM_TAG_MAX_SIZE;
} else {
- if (ctx->taglen < 0
+ if (ctx->taglen == UNINITIALISED_SIZET
|| CRYPTO_gcm128_finish(&ctx->gcm, tag, ctx->taglen) != 0)
return 0;
}
diff --git a/providers/common/ciphers/cipher_locl.h b/providers/common/ciphers/cipher_locl.h
index 8313498e5e..7e0aaad438 100644
--- a/providers/common/ciphers/cipher_locl.h
+++ b/providers/common/ciphers/cipher_locl.h
@@ -11,10 +11,10 @@
#define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(name) \
static const OSSL_PARAM name##_known_gettable_ctx_params[] = { \
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL), \
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_IVLEN, NULL), \
- OSSL_PARAM_int(OSSL_CIPHER_PARAM_PADDING, NULL), \
- OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_NUM, NULL), \
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), \
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), \
+ OSSL_PARAM_uint(OSSL_CIPHER_PARAM_PADDING, NULL), \
+ OSSL_PARAM_uint(OSSL_CIPHER_PARAM_NUM, NULL), \
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
#define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(name) \
diff --git a/providers/common/digests/digest_common.c b/providers/common/digests/digest_common.c
index de135b0a94..062209f329 100644
--- a/providers/common/digests/digest_common.c
+++ b/providers/common/digests/digest_common.c
@@ -11,18 +11,18 @@
#include "internal/digestcommon.h"
#include "internal/providercommonerr.h"
-int digest_default_get_params(OSSL_PARAM params[], int blksz, int paramsz,
+int digest_default_get_params(OSSL_PARAM params[], size_t blksz, size_t paramsz,
unsigned long flags)
{
OSSL_PARAM *p = NULL;
p = OSSL_PARAM_locate(params, OSSL_DIGEST_PARAM_BLOCK_SIZE);
- if (p != NULL && !OSSL_PARAM_set_int(p, blksz)) {
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, blksz)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
p = OSSL_PARAM_locate(params, OSSL_DIGEST_PARAM_SIZE);
- if (p != NULL && !OSSL_PARAM_set_int(p, paramsz)) {
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, paramsz)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
@@ -35,10 +35,9 @@ int digest_default_get_params(OSSL_PARAM params[], int blksz, int paramsz,
}
static const OSSL_PARAM digest_default_known_gettable_params[] = {
- { OSSL_DIGEST_PARAM_BLOCK_SIZE, OSSL_PARAM_INTEGER, NULL, sizeof(int), 0},
- { OSSL_DIGEST_PARAM_SIZE, OSSL_PARAM_INTEGER, NULL, sizeof(int), 0},
- { OSSL_DIGEST_PARAM_FLAGS, OSSL_PARAM_INTEGER, NULL,
- sizeof(unsigned long), 0},
+ OSSL_PARAM_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, NULL),
+ OSSL_PARAM_size_t(OSSL_DIGEST_PARAM_SIZE, NULL),
+ OSSL_PARAM_ulong(OSSL_DIGEST_PARAM_FLAGS, NULL),
OSSL_PARAM_END
};
const OSSL_PARAM *digest_default_gettable_params(void)
diff --git a/providers/common/exchange/dh_exch.c b/providers/common/exchange/dh_exch.c
index 69980d8e97..5ff8318725 100644
--- a/providers/common/exchange/dh_exch.c
+++ b/providers/common/exchange/dh_exch.c
@@ -30,7 +30,7 @@ static OSSL_OP_keyexch_dupctx_fn dh_dupctx;
typedef struct {
DH *dh;
DH *dhpeer;
- int pad;
+ unsigned int pad : 1;
} PROV_DH_CTX;
static void *dh_newctx(void *provctx)
@@ -128,17 +128,15 @@ static int dh_set_params(void *vpdhctx, const OSSL_PARAM params[])
{
PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
const OSSL_PARAM *p;
- int pad;
+ unsigned int pad;
if (pdhctx == NULL || params == NULL)
return 0;
p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_PAD);
- if (p == NULL || !OSSL_PARAM_get_int(p, &pad))
+ if (p == NULL || !OSSL_PARAM_get_uint(p, &pad))
return 0;
-
- pdhctx->pad = pad;
-
+ pdhctx->pad = pad ? 1 : 0;
return 1;
}
diff --git a/providers/common/include/internal/ciphers/cipher_aead.h b/providers/common/include/internal/ciphers/cipher_aead.h
index a2fe87e967..1ddba1c325 100644
--- a/providers/common/include/internal/ciphers/cipher_aead.h
+++ b/providers/common/include/internal/ciphers/cipher_aead.h
@@ -7,6 +7,8 @@
* https://www.openssl.org/source/license.html
*/
+#define UNINITIALISED_SIZET ((size_t)-1)
+
/* TODO(3.0) Figure out what flags are really needed */
#define AEAD_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \
| EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
diff --git a/providers/common/include/internal/ciphers/cipher_ccm.h b/providers/common/include/internal/ciphers/cipher_ccm.h
index 503d077def..08a2d46858 100644
--- a/providers/common/include/internal/ciphers/cipher_ccm.h
+++ b/providers/common/include/internal/ciphers/cipher_ccm.h
@@ -28,24 +28,24 @@ typedef struct S390X_kmac_params_st {
/* Base structure that is shared by AES & ARIA for CCM MODE */
typedef struct prov_ccm_st {
- int enc;
- int key_set; /* Set if key initialised */
- int iv_set; /* Set if an iv is set */
- int tag_set; /* Set if tag is valid */
- int len_set; /* Set if message length set */
- size_t l, m; /* L and M parameters from RFC3610 */
+ unsigned int enc : 1;
+ unsigned int key_set : 1; /* Set if key initialised */
+ unsigned int iv_set : 1; /* Set if an iv is set */
+ unsigned int tag_set : 1; /* Set if tag is valid */
+ unsigned int len_set : 1; /* Set if message length set */
+ size_t l, m; /* L and M parameters from RFC3610 */
size_t keylen;
- int tls_aad_len; /* TLS AAD length */
- int tls_aad_pad_sz;
+ int tls_aad_len; /* TLS AAD length */
+ size_t tls_aad_pad_sz;
unsigned char iv[AES_BLOCK_SIZE];
unsigned char buf[AES_BLOCK_SIZE];
CCM128_CONTEXT ccm_ctx;
ccm128_f str;
- const PROV_CCM_HW *hw; /* hardware specific methods */
+ const PROV_CCM_HW *hw; /* hardware specific methods */
} PROV_CCM_CTX;
typedef struct prov_aes_ccm_ctx_st {
- PROV_CCM_CTX base; /* Must be first */
+ PROV_CCM_CTX base; /* Must be first */
union {
OSSL_UNION_ALIGN;
/*-
@@ -71,7 +71,7 @@ typedef struct prov_aes_ccm_ctx_st {
unsigned char b[AES_BLOCK_SIZE];
} buf;
unsigned char dummy_pad[168];
- unsigned int fc; /* fc has same offset as ks.ks.rounds */
+ unsigned int fc; /* fc has same offset as ks.ks.rounds */
} s390x;
#endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */
} ccm;
diff --git a/providers/common/include/internal/ciphers/cipher_gcm.h b/providers/common/include/internal/ciphers/cipher_gcm.h
index 63600c38e7..f4e2894fe2 100644
--- a/providers/common/include/internal/ciphers/cipher_gcm.h
+++ b/providers/common/include/internal/ciphers/cipher_gcm.h
@@ -13,7 +13,7 @@
typedef struct prov_gcm_hw_st PROV_GCM_HW;
-#define GCM_IV_DEFAULT_SIZE 12/* IV's for AES_GCM should normally be 12 bytes */
+#define GCM_IV_DEFAULT_SIZE 12 /* IV's for AES_GCM should normally be 12 bytes */
#define GCM_IV_MAX_SIZE 64
#define GCM_TAG_MAX_SIZE 16
@@ -45,18 +45,13 @@ typedef struct S390X_kma_params_st {
#endif
typedef struct prov_gcm_ctx_st {
- int enc; /* Set to 1 if we are encrypting or 0 otherwise */
- int mode; /* The mode that we are using */
+ unsigned int mode; /* The mode that we are using */
size_t keylen;
- int ivlen;
+ size_t ivlen;
size_t ivlen_min;
- int taglen;
- int key_set; /* Set if key initialised */
- int iv_state; /* set to one of IV_STATE_XXX */
- int iv_gen_rand; /* No IV was specified, so generate a rand IV */
- int iv_gen; /* It is OK to generate IVs */
- int tls_aad_pad_sz;
- int tls_aad_len; /* TLS AAD length */
+ size_t taglen;
+ size_t tls_aad_pad_sz;
+ size_t tls_aad_len; /* TLS AAD length */
uint64_t tls_enc_records; /* Number of TLS records encrypted */
/*
@@ -64,13 +59,18 @@ typedef struct prov_gcm_ctx_st {
* manage partial blocks themselves.
*/
size_t num;
- size_t bufsz; /* Number of bytes in buf */
+ size_t bufsz; /* Number of bytes in buf */
uint64_t flags;
- unsigned int pad : 1; /* Whether padding should be used or not */
+ unsigned int iv_state; /* set to one of IV_STATE_XXX */
+ unsigned int enc:1; /* Set to 1 if we are encrypting or 0 otherwise */
+ unsigned int pad:1; /* Whether padding should be used or not */
+ unsigned int key_set:1; /* Set if key initialised */
+ unsigned int iv_gen_rand:1; /* No IV was specified, so generate a rand IV */
+ unsigned int iv_gen:1; /* It is OK to generate IVs */
unsigned char iv[GCM_IV_MAX_SIZE]; /* Buffer to use for IV's */
- unsigned char buf[AES_BLOCK_SIZE]; /* Buffer of partial blocks processed via update calls */
+ unsigned char buf[AES_BLOCK_SIZE]; /* Buffer of partial blocks processed via update calls */
OPENSSL_CTX *libctx; /* needed for rand calls */
const PROV_GCM_HW *hw; /* hardware specific methods */
@@ -153,7 +153,7 @@ int gcm_one_shot(PROV_GCM_CTX *ctx, unsigned char *aad, size_t aad_len,
int gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in,
size_t len, unsigned char *out);
-#define GCM_HW_SET_KEY_CTR_FN(ks, fn_set_enc_key, fn_block, fn_ctr) \
+#define GCM_HW_SET_KEY_CTR_FN(ks, fn_set_enc_key, fn_block, fn_ctr) \
ctx->ks = ks; \
fn_set_enc_key(key, keylen * 8, ks); \
CRYPTO_gcm128_init(&ctx->gcm, ks, (block128_f)fn_block); \
diff --git a/providers/common/include/internal/ciphers/ciphercommon.h b/providers/common/include/internal/ciphers/ciphercommon.h
index 38d0396902..5593447264 100644
--- a/providers/common/include/internal/ciphers/ciphercommon.h
+++ b/providers/common/include/internal/ciphers/ciphercommon.h
@@ -39,20 +39,20 @@ struct prov_cipher_ctx_st {
ctr128_f ctr;
} stream;
+ unsigned int mode;
+ size_t keylen; /* key size (in bytes) */
+ size_t ivlen;
+ size_t blocksize;
+ size_t bufsz; /* Number of bytes in buf */
+ unsigned int pad : 1; /* Whether padding should be used or not */
+ unsigned int enc : 1; /* Set to 1 for encrypt, or 0 otherwise */
+
/*
* num contains the number of bytes of |iv| which are valid for modes that
* manage partial blocks themselves.
*/
- size_t num;
-
- int mode;
- int enc; /* Set to 1 for encrypt, or 0 otherwise */
- size_t bufsz; /* Number of bytes in buf */
- size_t keylen; /* key size (in bytes) */
- size_t ivlen;
- size_t blocksize;
+ unsigned int num;
uint64_t flags;
- unsigned int pad : 1; /* Whether padding should be used or not */
/* Buffer of partial blocks processed via update calls */
unsigned char buf[GENERIC_BLOCK_SIZE];
@@ -81,10 +81,11 @@ OSSL_OP_cipher_gettable_ctx_params_fn cipher_generic_gettable_ctx_params;
OSSL_OP_cipher_settable_ctx_params_fn cipher_generic_settable_ctx_params;
OSSL_OP_cipher_gettable_ctx_params_fn cipher_aead_gettable_ctx_params;
OSSL_OP_cipher_settable_ctx_params_fn cipher_aead_settable_ctx_params;
-int cipher_generic_get_params(OSSL_PARAM params[], int md, unsigned long flags,
- int kbits, int blkbits, int ivbits);
+int cipher_generic_get_params(OSSL_PARAM params[], unsigned int md,
+ unsigned long flags,
+ size_t kbits, size_t blkbits, size_t ivbits);
void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits,
- size_t ivbits, int mode,
+ size_t ivbits, unsigned int mode,
const PROV_CIPHER_HW *hw, void *provctx);
#define IMPLEMENT_generic_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \
diff --git a/providers/common/include/internal/digestcommon.h b/providers/common/include/internal/digestcommon.h
index 533e854e30..88caccf7cd 100644
--- a/providers/common/include/internal/digestcommon.h
+++ b/providers/common/include/internal/digestcommon.h
@@ -93,7 +93,7 @@ PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END
const OSSL_PARAM *digest_default_gettable_params(void);
-int digest_default_get_params(OSSL_PARAM params[], int blksz, int paramsz,
+int digest_default_get_params(OSSL_PARAM params[], size_t blksz, size_t paramsz,
unsigned long flags);
# ifdef __cplusplus
diff --git a/providers/legacy/digests/mdc2_prov.c b/providers/legacy/digests/mdc2_prov.c
index b30d50327d..cf37b528e7 100644
--- a/providers/legacy/digests/mdc2_prov.c
+++ b/providers/legacy/digests/mdc2_prov.c
@@ -20,7 +20,7 @@ static OSSL_OP_digest_set_ctx_params_fn mdc2_set_ctx_params;
static OSSL_OP_digest_settable_ctx_params_fn mdc2_settable_ctx_params;
static const OSSL_PARAM known_mdc2_settable_ctx_params[] = {
- {OSSL_DIGEST_PARAM_PAD_TYPE, OSSL_PARAM_INTEGER, NULL, sizeof(int), 0},
+ OSSL_PARAM_uint(OSSL_DIGEST_PARAM_PAD_TYPE, NULL),
OSSL_PARAM_END
};
@@ -36,7 +36,7 @@ static int mdc2_set_ctx_params(void *vctx, const OSSL_PARAM params[])
if (ctx != NULL && params != NULL) {
p = OSSL_PARAM_locate_const(params, OSSL_DIGEST_PARAM_PAD_TYPE);
- if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->pad_type)) {
+ if (p != NULL && !OSSL_PARAM_get_uint(p, &ctx->pad_type)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0;
}
diff --git a/test/mdc2test.c b/test/mdc2test.c
index 5b54f1038b..d1c2f26bdc 100644
--- a/test/mdc2test.c
+++ b/test/mdc2test.c
@@ -39,7 +39,8 @@ static unsigned char pad2[16] = {
static int test_mdc2(void)
{
- int testresult = 0, pad_type = 2;
+ int testresult = 0;
+ unsigned int pad_type = 2;
unsigned char md[MDC2_DIGEST_LENGTH];
EVP_MD_CTX *c;
static char text[] = "Now is the time for all ";
@@ -47,8 +48,8 @@ static int test_mdc2(void)
OSSL_PROVIDER *prov = NULL;
OSSL_PARAM params[2];
- params[i++] = OSSL_PARAM_construct_int(OSSL_DIGEST_PARAM_PAD_TYPE,
- &pad_type),
+ params[i++] = OSSL_PARAM_construct_uint(OSSL_DIGEST_PARAM_PAD_TYPE,
+ &pad_type),
params[i++] = OSSL_PARAM_construct_end();
prov = OSSL_PROVIDER_load(NULL, "legacy");
More information about the openssl-commits
mailing list