[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Sat Apr 25 08:48:08 UTC 2020
The branch master has been updated
via 54b47afedb82822b33a72bb804157a425d2201ff (commit)
via 3873887e89ff12e7dc2cb7c166f21c79347da519 (commit)
via 99ea4f02bca848ed6304279cc40ebdc4a8b806d3 (commit)
via 2baf2d81e3e1d7813452509b13c3439994322c91 (commit)
from 6a960a94ccba41420c11ebd3eb82208b4681ee05 (commit)
- Log -----------------------------------------------------------------
commit 54b47afedb82822b33a72bb804157a425d2201ff
Author: Pauli <paul.dale at oracle.com>
Date: Thu Apr 23 20:31:12 2020 +1000
keymgmt: convert to use the params modification detection.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11601)
commit 3873887e89ff12e7dc2cb7c166f21c79347da519
Author: Pauli <paul.dale at oracle.com>
Date: Thu Apr 23 20:23:48 2020 +1000
params: change OSSL_PARAM_set_unmodified() to operate on a params array
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11601)
commit 99ea4f02bca848ed6304279cc40ebdc4a8b806d3
Author: Pauli <paul.dale at oracle.com>
Date: Wed Apr 22 14:20:11 2020 +1000
evp: convert existing code to use the new modified sentinel for params.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11601)
commit 2baf2d81e3e1d7813452509b13c3439994322c91
Author: Pauli <paul.dale at oracle.com>
Date: Wed Apr 22 14:10:24 2020 +1000
params: handle the modified sentinel.
The param builder and the params from text helpers also need to be modified
aware.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11601)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/evp_lib.c | 6 ++++--
crypto/evp/keymgmt_lib.c | 10 ++++------
crypto/evp/p_lib.c | 47 ++++++++++-----------------------------------
crypto/param_build.c | 2 +-
crypto/params.c | 5 +++--
crypto/params_from_text.c | 2 +-
doc/man3/OSSL_PARAM_int.pod | 11 ++++++-----
include/openssl/params.h | 2 +-
test/params_api_test.c | 34 +++++++++++++++++++++++++++++++-
util/libcrypto.num | 2 +-
10 files changed, 64 insertions(+), 57 deletions(-)
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index d2890d3a26..d5f758fb4f 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -76,13 +76,15 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
goto err;
/* ... but, we should get a return size too! */
- if (params[0].return_size != 0
+ if (OSSL_PARAM_modified(params)
+ && params[0].return_size != 0
&& (der = OPENSSL_malloc(params[0].return_size)) != NULL) {
params[0].data = der;
params[0].data_size = params[0].return_size;
- params[0].return_size = 0;
+ OSSL_PARAM_set_all_unmodified(params);
derp = der;
if (EVP_CIPHER_CTX_get_params(c, params)
+ && OSSL_PARAM_modified(params)
&& d2i_ASN1_TYPE(&type, (const unsigned char **)&derp,
params[0].return_size) != NULL) {
ret = 1;
diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c
index 9ed176410a..3493ceb3cb 100644
--- a/crypto/evp/keymgmt_lib.c
+++ b/crypto/evp/keymgmt_lib.c
@@ -432,25 +432,23 @@ int evp_keymgmt_util_get_deflt_digest_name(EVP_KEYMGMT *keymgmt,
params[0] =
OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_DEFAULT_DIGEST,
mddefault, sizeof(mddefault));
- params[0].return_size = sizeof(mddefault) + 1;
params[1] =
OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_MANDATORY_DIGEST,
mdmandatory,
sizeof(mdmandatory));
- params[1].return_size = sizeof(mdmandatory) + 1;
params[2] = OSSL_PARAM_construct_end();
if (!evp_keymgmt_get_params(keymgmt, keydata, params))
return 0;
- if (params[1].return_size != sizeof(mdmandatory) + 1) {
- if (params[1].return_size == 1) /* Only a NUL byte */
+ if (OSSL_PARAM_modified(params + 1)) {
+ if (params[1].return_size <= 1) /* Only a NUL byte */
result = SN_undef;
else
result = mdmandatory;
rv = 2;
- } else if (params[0].return_size != sizeof(mddefault) + 1) {
- if (params[0].return_size == 1) /* Only a NUL byte */
+ } else if (OSSL_PARAM_modified(params)) {
+ if (params[0].return_size <= 1) /* Only a NUL byte */
result = SN_undef;
else
result = mddefault;
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index fcf369ad5d..0b75777a09 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1617,23 +1617,11 @@ const OSSL_PARAM *EVP_PKEY_gettable_params(EVP_PKEY *pkey)
return evp_keymgmt_gettable_params(pkey->keymgmt);
}
-/*
- * For the following methods param->return_size is set to a value
- * larger than can be returned by the call to evp_keymgmt_get_params().
- * If it is still this value then the parameter was ignored - and in this
- * case it returns an error..
- */
-
int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn)
{
int ret = 0;
OSSL_PARAM params[2];
unsigned char buffer[2048];
- /*
- * Use -1 as the terminator here instead of sizeof(buffer) + 1 since
- * -1 is less likely to be a valid value.
- */
- const size_t not_set = (size_t)-1;
unsigned char *buf = NULL;
size_t buf_sz = 0;
@@ -1646,12 +1634,9 @@ int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn)
memset(buffer, 0, sizeof(buffer));
params[0] = OSSL_PARAM_construct_BN(key_name, buffer, sizeof(buffer));
- /* If the return_size is still not_set then we know it was not found */
- params[0].return_size = not_set;
params[1] = OSSL_PARAM_construct_end();
if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) {
- if (params[0].return_size == not_set
- || params[0].return_size == 0)
+ if (!OSSL_PARAM_modified(params) || params[0].return_size == 0)
return 0;
buf_sz = params[0].return_size;
/*
@@ -1668,7 +1653,7 @@ int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn)
goto err;
}
/* Fail if the param was not found */
- if (params[0].return_size == not_set)
+ if (!OSSL_PARAM_modified(params))
goto err;
ret = OSSL_PARAM_get_BN(params, bn);
err:
@@ -1681,7 +1666,6 @@ int EVP_PKEY_get_octet_string_param(EVP_PKEY *pkey, const char *key_name,
size_t *out_sz)
{
OSSL_PARAM params[2];
- const size_t not_set = max_buf_sz + 1;
if (pkey == NULL
|| pkey->keymgmt == NULL
@@ -1690,11 +1674,9 @@ int EVP_PKEY_get_octet_string_param(EVP_PKEY *pkey, const char *key_name,
return 0;
params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, max_buf_sz);
- params[0].return_size = not_set;
params[1] = OSSL_PARAM_construct_end();
- if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params))
- return 0;
- if (params[0].return_size == not_set)
+ if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
+ || !OSSL_PARAM_modified(params))
return 0;
if (out_sz != NULL)
*out_sz = params[0].return_size;
@@ -1706,7 +1688,6 @@ int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
size_t *out_sz)
{
OSSL_PARAM params[2];
- const size_t not_set = max_buf_sz + 1;
if (pkey == NULL
|| pkey->keymgmt == NULL
@@ -1715,11 +1696,9 @@ int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
return 0;
params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, max_buf_sz);
- params[0].return_size = not_set;
params[1] = OSSL_PARAM_construct_end();
- if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params))
- return 0;
- if (params[0].return_size == not_set)
+ if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
+ || !OSSL_PARAM_modified(params))
return 0;
if (out_sz != NULL)
*out_sz = params[0].return_size;
@@ -1729,7 +1708,6 @@ int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out)
{
OSSL_PARAM params[2];
- const size_t not_set = sizeof(int) + 1;
if (pkey == NULL
|| pkey->keymgmt == NULL
@@ -1738,11 +1716,9 @@ int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out)
return 0;
params[0] = OSSL_PARAM_construct_int(key_name, out);
- params[0].return_size = not_set;
params[1] = OSSL_PARAM_construct_end();
- if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params))
- return 0;
- if (params[0].return_size == not_set)
+ if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
+ || !OSSL_PARAM_modified(params))
return 0;
return 1;
}
@@ -1750,7 +1726,6 @@ int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out)
int EVP_PKEY_get_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t *out)
{
OSSL_PARAM params[2];
- const size_t not_set = sizeof(size_t) + 1;
if (pkey == NULL
|| pkey->keymgmt == NULL
@@ -1759,11 +1734,9 @@ int EVP_PKEY_get_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t *out)
return 0;
params[0] = OSSL_PARAM_construct_size_t(key_name, out);
- params[0].return_size = not_set;
params[1] = OSSL_PARAM_construct_end();
- if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params))
- return 0;
- if (params[0].return_size == not_set)
+ if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
+ || !OSSL_PARAM_modified(params))
return 0;
return 1;
}
diff --git a/crypto/param_build.c b/crypto/param_build.c
index 5927d01239..c4624ec33e 100644
--- a/crypto/param_build.c
+++ b/crypto/param_build.c
@@ -312,7 +312,7 @@ static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param,
param[i].key = pd->key;
param[i].data_type = pd->type;
param[i].data_size = pd->size;
- param[i].return_size = 0;
+ param[i].return_size = OSSL_PARAM_UNMODIFIED;
if (pd->secure) {
p = secure;
diff --git a/crypto/params.c b/crypto/params.c
index 98c83bbe42..32161d0533 100644
--- a/crypto/params.c
+++ b/crypto/params.c
@@ -45,10 +45,11 @@ int OSSL_PARAM_modified(const OSSL_PARAM *p)
return p != NULL && p->return_size != OSSL_PARAM_UNMODIFIED;
}
-void OSSL_PARAM_set_unmodified(OSSL_PARAM *p)
+void OSSL_PARAM_set_all_unmodified(OSSL_PARAM *p)
{
if (p != NULL)
- p->return_size = OSSL_PARAM_UNMODIFIED;
+ while (p->key != NULL)
+ p++->return_size = OSSL_PARAM_UNMODIFIED;
}
int OSSL_PARAM_get_int(const OSSL_PARAM *p, int *val)
diff --git a/crypto/params_from_text.c b/crypto/params_from_text.c
index 25671c592c..14b64edb6b 100644
--- a/crypto/params_from_text.c
+++ b/crypto/params_from_text.c
@@ -157,7 +157,7 @@ static int construct_from_text(OSSL_PARAM *to, const OSSL_PARAM *paramdef,
*to = *paramdef;
to->data = buf;
to->data_size = buf_n;
- to->return_size = 0;
+ to->return_size = OSSL_PARAM_UNMODIFIED;
return 1;
}
diff --git a/doc/man3/OSSL_PARAM_int.pod b/doc/man3/OSSL_PARAM_int.pod
index b6faedb911..9126906883 100644
--- a/doc/man3/OSSL_PARAM_int.pod
+++ b/doc/man3/OSSL_PARAM_int.pod
@@ -93,8 +93,8 @@ OSSL_PARAM_set_octet_ptr, OSSL_PARAM_UNMODIFIED
int OSSL_PARAM_set_octet_ptr(OSSL_PARAM *p, const void *val,
size_t used_len);
- int OSSL_PARAM_modified(const OSSL_PARAM *p);
- void OSSL_PARAM_set_unmodified(OSSL_PARAM *p);
+ int OSSL_PARAM_modified(const OSSL_PARAM *param);
+ void OSSL_PARAM_set_all_unmodified(OSSL_PARAM *params);
=head1 DESCRIPTION
@@ -260,10 +260,11 @@ creation, via either the macros or construct calls, the I<return_size> field
is set to this. If the parameter is set using the calls defined herein, the
I<return_size> field is changed.
-OSSL_PARAM_modified() queries if the parameter has been set or not using the
-calls defined herein.
+OSSL_PARAM_modified() queries if the parameter B<param> has been set or not
+using the calls defined herein.
-OSSL_PARAM_set_unmodified() is used to reset unused indicator.
+OSSL_PARAM_set_all_unmodified() resets the unused indicator for all parameters
+in the array B<params>.
=head1 RETURN VALUES
diff --git a/include/openssl/params.h b/include/openssl/params.h
index 9f6dcb49ac..993ee8188e 100644
--- a/include/openssl/params.h
+++ b/include/openssl/params.h
@@ -138,7 +138,7 @@ int OSSL_PARAM_set_octet_ptr(OSSL_PARAM *p, const void *val,
size_t used_len);
int OSSL_PARAM_modified(const OSSL_PARAM *p);
-void OSSL_PARAM_set_unmodified(OSSL_PARAM *p);
+void OSSL_PARAM_set_all_unmodified(OSSL_PARAM *p);
# ifdef __cplusplus
}
diff --git a/test/params_api_test.c b/test/params_api_test.c
index 43cdd75531..110820c8d1 100644
--- a/test/params_api_test.c
+++ b/test/params_api_test.c
@@ -69,7 +69,11 @@ static int test_param_type_extra(OSSL_PARAM *param, const unsigned char *cmp,
const int sizet = bit32 && sizeof(size_t) > sizeof(int32_t);
const int signd = param->data_type == OSSL_PARAM_INTEGER;
- OSSL_PARAM_set_unmodified(param);
+ /*
+ * Set the unmodified sentinal directly because there is no param array
+ * for these tests.
+ */
+ param->return_size = OSSL_PARAM_UNMODIFIED;
if (signd) {
if ((bit32 && !TEST_true(OSSL_PARAM_get_int32(param, &i32)))
|| !TEST_true(OSSL_PARAM_get_int64(param, &i64)))
@@ -568,6 +572,33 @@ err:
return ret;
}
+static int test_param_modified(void)
+{
+ OSSL_PARAM param[3] = { OSSL_PARAM_int("a", NULL),
+ OSSL_PARAM_int("b", NULL),
+ OSSL_PARAM_END };
+ int a, b;
+
+ param->data = &a;
+ param[1].data = &b;
+ if (!TEST_false(OSSL_PARAM_modified(param))
+ && !TEST_true(OSSL_PARAM_set_int32(param, 1234))
+ && !TEST_true(OSSL_PARAM_modified(param))
+ && !TEST_false(OSSL_PARAM_modified(param + 1))
+ && !TEST_true(OSSL_PARAM_set_int32(param + 1, 1))
+ && !TEST_true(OSSL_PARAM_modified(param + 1)))
+ return 0;
+ OSSL_PARAM_set_all_unmodified(param);
+ if (!TEST_false(OSSL_PARAM_modified(param))
+ && !TEST_true(OSSL_PARAM_set_int32(param, 4321))
+ && !TEST_true(OSSL_PARAM_modified(param))
+ && !TEST_false(OSSL_PARAM_modified(param + 1))
+ && !TEST_true(OSSL_PARAM_set_int32(param + 1, 2))
+ && !TEST_true(OSSL_PARAM_modified(param + 1)))
+ return 0;
+ return 1;
+}
+
int setup_tests(void)
{
ADD_ALL_TESTS(test_param_int, OSSL_NELEM(raw_values));
@@ -582,5 +613,6 @@ int setup_tests(void)
ADD_ALL_TESTS(test_param_bignum, OSSL_NELEM(raw_values));
ADD_TEST(test_param_real);
ADD_TEST(test_param_construct);
+ ADD_TEST(test_param_modified);
return 1;
}
diff --git a/util/libcrypto.num b/util/libcrypto.num
index dbaea8c716..79f8fd86c0 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5078,4 +5078,4 @@ X509_ALGOR_copy ? 3_0_0 EXIST::FUNCTION:
X509_REQ_set0_signature ? 3_0_0 EXIST::FUNCTION:
X509_REQ_set1_signature_algo ? 3_0_0 EXIST::FUNCTION:
OSSL_PARAM_modified ? 3_0_0 EXIST::FUNCTION:
-OSSL_PARAM_set_unmodified ? 3_0_0 EXIST::FUNCTION:
+OSSL_PARAM_set_all_unmodified ? 3_0_0 EXIST::FUNCTION:
More information about the openssl-commits
mailing list