[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Wed Jan 12 09:10:53 UTC 2022
The branch master has been updated
via a10a576090022e583a06271ceced8e38dd509657 (commit)
via 3ee3a2bd1e5763b0df5c0a2cba3b06edc26f5276 (commit)
via 3831351da50b7ce07edba88056394a7a33c5e5d5 (commit)
via 291c5b3e39f4c98e61cf7f65056fe49780d1f0ac (commit)
via ac1082f00f991aca1c6e8282717fece16e9bb41f (commit)
via 826da1451b2525b70f93fcc57ed5dbab61a19591 (commit)
from b82fd89d8bae1445c89ec90d1a6145fe3216d2d7 (commit)
- Log -----------------------------------------------------------------
commit a10a576090022e583a06271ceced8e38dd509657
Author: Pauli <pauli at openssl.org>
Date: Mon Jan 10 11:36:24 2022 +1100
param dup: add errors to failure returns
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17440)
commit 3ee3a2bd1e5763b0df5c0a2cba3b06edc26f5276
Author: Pauli <pauli at openssl.org>
Date: Mon Jan 10 11:33:06 2022 +1100
param build set: add errors to failure returns
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17440)
commit 3831351da50b7ce07edba88056394a7a33c5e5d5
Author: Pauli <pauli at openssl.org>
Date: Mon Jan 10 11:31:45 2022 +1100
param build: add errors to failure returns
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17440)
commit 291c5b3e39f4c98e61cf7f65056fe49780d1f0ac
Author: Pauli <pauli at openssl.org>
Date: Mon Jan 10 11:10:34 2022 +1100
test: check for properly raised errors during param conversion
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17440)
commit ac1082f00f991aca1c6e8282717fece16e9bb41f
Author: Pauli <pauli at openssl.org>
Date: Fri Jan 7 22:11:10 2022 +1100
params: add error messages for built in param conversions
Specifically:
* out of range
* unsigned negatives
* inexact reals
* bad param types
* buffers that are too small
* null function arguments
* unknown sizes of real
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17440)
commit 826da1451b2525b70f93fcc57ed5dbab61a19591
Author: Pauli <pauli at openssl.org>
Date: Fri Jan 7 22:10:38 2022 +1100
err: add additional errors
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17440)
-----------------------------------------------------------------------
Summary of changes:
crypto/cpt_err.c | 20 ++-
crypto/err/openssl.txt | 15 ++-
crypto/param_build.c | 4 +-
crypto/param_build_set.c | 4 +-
crypto/params.c | 305 +++++++++++++++++++++++++++++++++++-------
crypto/params_dup.c | 12 +-
include/crypto/cryptoerr.h | 2 +-
include/openssl/cryptoerr.h | 11 +-
test/params_conversion_test.c | 15 ++-
9 files changed, 324 insertions(+), 64 deletions(-)
diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c
index 8574f31a81..02d631466c 100644
--- a/crypto/cpt_err.c
+++ b/crypto/cpt_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -29,14 +29,32 @@ static const ERR_STRING_DATA CRYPTO_str_reasons[] = {
"insufficient param size"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE),
"insufficient secure data space"},
+ {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INTEGER_OVERFLOW),
+ "integer overflow"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_NEGATIVE_VALUE),
"invalid negative value"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_NULL_ARGUMENT),
"invalid null argument"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_OSSL_PARAM_TYPE),
"invalid ossl param type"},
+ {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_NO_PARAMS_TO_MERGE),
+ "no params to merge"},
+ {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_NO_SPACE_FOR_TERMINATING_NULL),
+ "no space for terminating null"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_ODD_NUMBER_OF_DIGITS),
"odd number of digits"},
+ {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_CANNOT_BE_REPRESENTED_EXACTLY),
+ "param cannot be represented exactly"},
+ {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_NOT_INTEGER_TYPE),
+ "param not integer type"},
+ {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_OF_INCOMPATIBLE_TYPE),
+ "param of incompatible type"},
+ {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_UNSIGNED_INTEGER_NEGATIVE_VALUE_UNSUPPORTED),
+ "param unsigned integer negative value unsupported"},
+ {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_UNSUPPORTED_FLOATING_POINT_FORMAT),
+ "param unsupported floating point format"},
+ {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_VALUE_TOO_LARGE_FOR_DESTINATION),
+ "param value too large for destination"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PROVIDER_ALREADY_EXISTS),
"provider already exists"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PROVIDER_SECTION_ERROR),
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 3c59fce96c..c6157e2e04 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1,4 +1,4 @@
-# Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -434,10 +434,23 @@ CRYPTO_R_ILLEGAL_HEX_DIGIT:102:illegal hex digit
CRYPTO_R_INSUFFICIENT_DATA_SPACE:106:insufficient data space
CRYPTO_R_INSUFFICIENT_PARAM_SIZE:107:insufficient param size
CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE:108:insufficient secure data space
+CRYPTO_R_INTEGER_OVERFLOW:127:integer overflow
CRYPTO_R_INVALID_NEGATIVE_VALUE:122:invalid negative value
CRYPTO_R_INVALID_NULL_ARGUMENT:109:invalid null argument
CRYPTO_R_INVALID_OSSL_PARAM_TYPE:110:invalid ossl param type
+CRYPTO_R_NO_PARAMS_TO_MERGE:131:no params to merge
+CRYPTO_R_NO_SPACE_FOR_TERMINATING_NULL:128:no space for terminating null
CRYPTO_R_ODD_NUMBER_OF_DIGITS:103:odd number of digits
+CRYPTO_R_PARAM_CANNOT_BE_REPRESENTED_EXACTLY:123:\
+ param cannot be represented exactly
+CRYPTO_R_PARAM_NOT_INTEGER_TYPE:124:param not integer type
+CRYPTO_R_PARAM_OF_INCOMPATIBLE_TYPE:129:param of incompatible type
+CRYPTO_R_PARAM_UNSIGNED_INTEGER_NEGATIVE_VALUE_UNSUPPORTED:125:\
+ param unsigned integer negative value unsupported
+CRYPTO_R_PARAM_UNSUPPORTED_FLOATING_POINT_FORMAT:130:\
+ param unsupported floating point format
+CRYPTO_R_PARAM_VALUE_TOO_LARGE_FOR_DESTINATION:126:\
+ param value too large for destination
CRYPTO_R_PROVIDER_ALREADY_EXISTS:104:provider already exists
CRYPTO_R_PROVIDER_SECTION_ERROR:105:provider section error
CRYPTO_R_RANDOM_SECTION_ERROR:119:random section error
diff --git a/crypto/param_build.c b/crypto/param_build.c
index eaece0026d..a86f4baf17 100644
--- a/crypto/param_build.c
+++ b/crypto/param_build.c
@@ -78,8 +78,10 @@ static int param_push_num(OSSL_PARAM_BLD *bld, const char *key,
{
OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);
- if (pd == NULL)
+ if (pd == NULL) {
+ ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
return 0;
+ }
if (size > sizeof(pd->num)) {
ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES);
return 0;
diff --git a/crypto/param_build_set.c b/crypto/param_build_set.c
index 8b570ded96..75400eea9e 100644
--- a/crypto/param_build_set.c
+++ b/crypto/param_build_set.c
@@ -73,8 +73,10 @@ int ossl_param_build_set_bn_pad(OSSL_PARAM_BLD *bld, OSSL_PARAM *p,
return OSSL_PARAM_BLD_push_BN_pad(bld, key, bn, sz);
p = OSSL_PARAM_locate(p, key);
if (p != NULL) {
- if (sz > p->data_size)
+ if (sz > p->data_size) {
+ ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER);
return 0;
+ }
p->data_size = sz;
return OSSL_PARAM_set_BN(p, bn);
}
diff --git a/crypto/params.c b/crypto/params.c
index 9049041e3b..cf86eea3c7 100644
--- a/crypto/params.c
+++ b/crypto/params.c
@@ -10,10 +10,32 @@
#include <string.h>
#include <openssl/params.h>
+#include <openssl/err.h>
#include "internal/thread_once.h"
#include "internal/numbers.h"
#include "internal/endian.h"
+/* Shortcuts for raising errors that are widely used */
+#define err_unsigned_negative \
+ ERR_raise(ERR_LIB_CRYPTO, \
+ CRYPTO_R_PARAM_UNSIGNED_INTEGER_NEGATIVE_VALUE_UNSUPPORTED)
+#define err_out_of_range \
+ ERR_raise(ERR_LIB_CRYPTO, \
+ CRYPTO_R_PARAM_VALUE_TOO_LARGE_FOR_DESTINATION)
+#define err_inexact \
+ ERR_raise(ERR_LIB_CRYPTO, \
+ CRYPTO_R_PARAM_CANNOT_BE_REPRESENTED_EXACTLY)
+#define err_not_integer \
+ ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_PARAM_NOT_INTEGER_TYPE)
+#define err_too_small \
+ ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER)
+#define err_bad_type \
+ ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_PARAM_OF_INCOMPATIBLE_TYPE)
+#define err_null_argument \
+ ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER)
+#define err_unsupported_real \
+ ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_PARAM_UNSUPPORTED_FLOATING_POINT_FORMAT)
+
/*
* Return the number of bits in the mantissa of a double. This is used to
* shift a larger integral value to determine if it will exactly fit into a
@@ -107,8 +129,10 @@ static int copy_integer(unsigned char *dest, size_t dest_len,
* Shortening a signed value must retain the correct sign.
* Avoiding this kind of thing: -253 = 0xff03 -> 0x03 = 3
*/
- || (signed_int && ((pad ^ src[n]) & 0x80) != 0))
+ || (signed_int && ((pad ^ src[n]) & 0x80) != 0)) {
+ err_out_of_range;
return 0;
+ }
memcpy(dest, src + n, dest_len);
}
} else /* IS_LITTLE_ENDIAN */ {
@@ -123,8 +147,10 @@ static int copy_integer(unsigned char *dest, size_t dest_len,
* Shortening a signed value must retain the correct sign.
* Avoiding this kind of thing: 130 = 0x0082 -> 0x82 = -126
*/
- || (signed_int && ((pad ^ src[dest_len - 1]) & 0x80) != 0))
+ || (signed_int && ((pad ^ src[dest_len - 1]) & 0x80) != 0)) {
+ err_out_of_range;
return 0;
+ }
memcpy(dest, src, dest_len);
}
}
@@ -150,8 +176,10 @@ static int signed_from_unsigned(void *dest, size_t dest_len,
static int unsigned_from_signed(void *dest, size_t dest_len,
const void *src, size_t src_len)
{
- if (is_negative(src, src_len))
+ if (is_negative(src, src_len)) {
+ err_unsigned_negative;
return 0;
+ }
return copy_integer(dest, dest_len, src, src_len, 0, 0);
}
@@ -169,6 +197,7 @@ static int general_get_int(const OSSL_PARAM *p, void *val, size_t val_size)
return signed_from_signed(val, val_size, p->data, p->data_size);
if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER)
return signed_from_unsigned(val, val_size, p->data, p->data_size);
+ err_not_integer;
return 0;
}
@@ -184,6 +213,8 @@ static int general_set_int(OSSL_PARAM *p, void *val, size_t val_size)
r = signed_from_signed(p->data, p->data_size, val, val_size);
else if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER)
r = unsigned_from_signed(p->data, p->data_size, val, val_size);
+ else
+ err_not_integer;
p->return_size = r ? p->data_size : val_size;
return r;
}
@@ -195,6 +226,7 @@ static int general_get_uint(const OSSL_PARAM *p, void *val, size_t val_size)
return unsigned_from_signed(val, val_size, p->data, p->data_size);
if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER)
return unsigned_from_unsigned(val, val_size, p->data, p->data_size);
+ err_not_integer;
return 0;
}
@@ -210,6 +242,8 @@ static int general_set_uint(OSSL_PARAM *p, void *val, size_t val_size)
r = signed_from_unsigned(p->data, p->data_size, val, val_size);
else if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER)
r = unsigned_from_unsigned(p->data, p->data_size, val, val_size);
+ else
+ err_not_integer;
p->return_size = r ? p->data_size : val_size;
return r;
}
@@ -344,8 +378,10 @@ int OSSL_PARAM_get_int32(const OSSL_PARAM *p, int32_t *val)
{
double d;
- if (val == NULL || p == NULL )
+ if (val == NULL || p == NULL) {
+ err_null_argument;
return 0;
+ }
if (p->data_type == OSSL_PARAM_INTEGER) {
#ifndef OPENSSL_SMALL_FOOTPRINT
@@ -361,6 +397,7 @@ int OSSL_PARAM_get_int32(const OSSL_PARAM *p, int32_t *val)
*val = (int32_t)i64;
return 1;
}
+ err_out_of_range;
return 0;
}
#endif
@@ -378,6 +415,7 @@ int OSSL_PARAM_get_int32(const OSSL_PARAM *p, int32_t *val)
*val = (int32_t)u32;
return 1;
}
+ err_out_of_range;
return 0;
case sizeof(uint64_t):
u64 = *(const uint64_t *)p->data;
@@ -385,6 +423,7 @@ int OSSL_PARAM_get_int32(const OSSL_PARAM *p, int32_t *val)
*val = (int32_t)u64;
return 1;
}
+ err_out_of_range;
return 0;
}
#endif
@@ -398,16 +437,25 @@ int OSSL_PARAM_get_int32(const OSSL_PARAM *p, int32_t *val)
*val = (int32_t)d;
return 1;
}
- break;
+ err_out_of_range;
+ return 0;
}
+ err_unsupported_real;
+ return 0;
}
+ err_bad_type;
return 0;
}
int OSSL_PARAM_set_int32(OSSL_PARAM *p, int32_t val)
{
- if (p == NULL)
+ uint32_t u32;
+ unsigned int shift;
+
+ if (p == NULL) {
+ err_null_argument;
return 0;
+ }
p->return_size = 0;
if (p->data_type == OSSL_PARAM_INTEGER) {
#ifndef OPENSSL_SMALL_FOOTPRINT
@@ -447,10 +495,21 @@ int OSSL_PARAM_set_int32(OSSL_PARAM *p, int32_t val)
return 1;
switch (p->data_size) {
case sizeof(double):
+ shift = real_shift();
+ if (shift < 8 * sizeof(val) - 1) {
+ u32 = val < 0 ? -val : val;
+ if ((u32 >> shift) != 0) {
+ err_inexact;
+ return 0;
+ }
+ }
*(double *)p->data = (double)val;
return 1;
}
+ err_unsupported_real;
+ return 0;
}
+ err_bad_type;
return 0;
}
@@ -464,8 +523,10 @@ int OSSL_PARAM_get_uint32(const OSSL_PARAM *p, uint32_t *val)
{
double d;
- if (val == NULL || p == NULL)
+ if (val == NULL || p == NULL) {
+ err_null_argument;
return 0;
+ }
if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER) {
#ifndef OPENSSL_SMALL_FOOTPRINT
@@ -481,6 +542,7 @@ int OSSL_PARAM_get_uint32(const OSSL_PARAM *p, uint32_t *val)
*val = (uint32_t)u64;
return 1;
}
+ err_out_of_range;
return 0;
}
#endif
@@ -497,6 +559,7 @@ int OSSL_PARAM_get_uint32(const OSSL_PARAM *p, uint32_t *val)
*val = i32;
return 1;
}
+ err_unsigned_negative;
return 0;
case sizeof(int64_t):
i64 = *(const int64_t *)p->data;
@@ -504,6 +567,10 @@ int OSSL_PARAM_get_uint32(const OSSL_PARAM *p, uint32_t *val)
*val = (uint32_t)i64;
return 1;
}
+ if (i64 < 0)
+ err_unsigned_negative;
+ else
+ err_out_of_range;
return 0;
}
#endif
@@ -516,16 +583,24 @@ int OSSL_PARAM_get_uint32(const OSSL_PARAM *p, uint32_t *val)
*val = (uint32_t)d;
return 1;
}
- break;
+ err_inexact;
+ return 0;
}
+ err_unsupported_real;
+ return 0;
}
+ err_bad_type;
return 0;
}
int OSSL_PARAM_set_uint32(OSSL_PARAM *p, uint32_t val)
{
- if (p == NULL)
+ unsigned int shift;
+
+ if (p == NULL) {
+ err_null_argument;
return 0;
+ }
p->return_size = 0;
if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER) {
@@ -555,6 +630,7 @@ int OSSL_PARAM_set_uint32(OSSL_PARAM *p, uint32_t val)
*(int32_t *)p->data = (int32_t)val;
return 1;
}
+ err_out_of_range;
return 0;
case sizeof(int64_t):
p->return_size = sizeof(int64_t);
@@ -569,10 +645,18 @@ int OSSL_PARAM_set_uint32(OSSL_PARAM *p, uint32_t val)
return 1;
switch (p->data_size) {
case sizeof(double):
+ shift = real_shift();
+ if (shift < 8 * sizeof(val) && (val >> shift) != 0) {
+ err_inexact;
+ return 0;
+ }
*(double *)p->data = (double)val;
return 1;
}
+ err_unsupported_real;
+ return 0;
}
+ err_bad_type;
return 0;
}
@@ -586,8 +670,10 @@ int OSSL_PARAM_get_int64(const OSSL_PARAM *p, int64_t *val)
{
double d;
- if (val == NULL || p == NULL )
+ if (val == NULL || p == NULL) {
+ err_null_argument;
return 0;
+ }
if (p->data_type == OSSL_PARAM_INTEGER) {
#ifndef OPENSSL_SMALL_FOOTPRINT
@@ -615,6 +701,7 @@ int OSSL_PARAM_get_int64(const OSSL_PARAM *p, int64_t *val)
*val = (int64_t)u64;
return 1;
}
+ err_out_of_range;
return 0;
}
#endif
@@ -634,9 +721,13 @@ int OSSL_PARAM_get_int64(const OSSL_PARAM *p, int64_t *val)
*val = (int64_t)d;
return 1;
}
- break;
+ err_inexact;
+ return 0;
}
+ err_unsupported_real;
+ return 0;
}
+ err_bad_type;
return 0;
}
@@ -644,8 +735,10 @@ int OSSL_PARAM_set_int64(OSSL_PARAM *p, int64_t val)
{
uint64_t u64;
- if (p == NULL)
+ if (p == NULL) {
+ err_null_argument;
return 0;
+ }
p->return_size = 0;
if (p->data_type == OSSL_PARAM_INTEGER) {
#ifndef OPENSSL_SMALL_FOOTPRINT
@@ -659,6 +752,7 @@ int OSSL_PARAM_set_int64(OSSL_PARAM *p, int64_t val)
*(int32_t *)p->data = (int32_t)val;
return 1;
}
+ err_out_of_range;
return 0;
case sizeof(int64_t):
*(int64_t *)p->data = val;
@@ -678,6 +772,7 @@ int OSSL_PARAM_set_int64(OSSL_PARAM *p, int64_t val)
*(uint32_t *)p->data = (uint32_t)val;
return 1;
}
+ err_out_of_range;
return 0;
case sizeof(uint64_t):
*(uint64_t *)p->data = (uint64_t)val;
@@ -696,9 +791,13 @@ int OSSL_PARAM_set_int64(OSSL_PARAM *p, int64_t val)
*(double *)p->data = (double)val;
return 1;
}
- break;
+ err_inexact;
+ return 0;
}
+ err_unsupported_real;
+ return 0;
}
+ err_bad_type;
return 0;
}
@@ -711,8 +810,10 @@ int OSSL_PARAM_get_uint64(const OSSL_PARAM *p, uint64_t *val)
{
double d;
- if (val == NULL || p == NULL)
+ if (val == NULL || p == NULL) {
+ err_null_argument;
return 0;
+ }
if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER) {
#ifndef OPENSSL_SMALL_FOOTPRINT
@@ -738,6 +839,7 @@ int OSSL_PARAM_get_uint64(const OSSL_PARAM *p, uint64_t *val)
*val = (uint64_t)i32;
return 1;
}
+ err_unsigned_negative;
return 0;
case sizeof(int64_t):
i64 = *(const int64_t *)p->data;
@@ -745,6 +847,7 @@ int OSSL_PARAM_get_uint64(const OSSL_PARAM *p, uint64_t *val)
*val = (uint64_t)i64;
return 1;
}
+ err_unsigned_negative;
return 0;
}
#endif
@@ -764,16 +867,22 @@ int OSSL_PARAM_get_uint64(const OSSL_PARAM *p, uint64_t *val)
*val = (uint64_t)d;
return 1;
}
- break;
+ err_inexact;
+ return 0;
}
+ err_unsupported_real;
+ return 0;
}
+ err_bad_type;
return 0;
}
int OSSL_PARAM_set_uint64(OSSL_PARAM *p, uint64_t val)
{
- if (p == NULL)
+ if (p == NULL) {
+ err_null_argument;
return 0;
+ }
p->return_size = 0;
if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER) {
@@ -788,6 +897,7 @@ int OSSL_PARAM_set_uint64(OSSL_PARAM *p, uint64_t val)
*(uint32_t *)p->data = (uint32_t)val;
return 1;
}
+ err_out_of_range;
return 0;
case sizeof(uint64_t):
*(uint64_t *)p->data = val;
@@ -807,12 +917,14 @@ int OSSL_PARAM_set_uint64(OSSL_PARAM *p, uint64_t val)
*(int32_t *)p->data = (int32_t)val;
return 1;
}
+ err_out_of_range;
return 0;
case sizeof(int64_t):
if (val <= INT64_MAX) {
*(int64_t *)p->data = (int64_t)val;
return 1;
}
+ err_out_of_range;
return 0;
}
#endif
@@ -825,9 +937,13 @@ int OSSL_PARAM_set_uint64(OSSL_PARAM *p, uint64_t val)
*(double *)p->data = (double)val;
return 1;
}
- break;
+ err_inexact;
+ return 0;
}
+ err_unsupported_real;
+ return 0;
}
+ err_bad_type;
return 0;
}
@@ -904,16 +1020,21 @@ int OSSL_PARAM_get_BN(const OSSL_PARAM *p, BIGNUM **val)
{
BIGNUM *b;
- if (val == NULL
- || p == NULL
- || p->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
+ if (val == NULL || p == NULL) {
+ err_null_argument;
+ return 0;
+ }
+ if (p->data_type != OSSL_PARAM_UNSIGNED_INTEGER) {
+ err_bad_type;
return 0;
+ }
b = BN_native2bn(p->data, (int)p->data_size, *val);
if (b != NULL) {
*val = b;
return 1;
}
+ ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -921,15 +1042,25 @@ int OSSL_PARAM_set_BN(OSSL_PARAM *p, const BIGNUM *val)
{
size_t bytes;
- if (p == NULL)
+ if (p == NULL) {
+ err_null_argument;
return 0;
+ }
p->return_size = 0;
- if (val == NULL || p->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
+ if (val == NULL) {
+ err_null_argument;
return 0;
+ }
+ if (p->data_type != OSSL_PARAM_UNSIGNED_INTEGER) {
+ err_bad_type;
+ return 0;
+ }
/* For the moment, only positive values are permitted */
- if (BN_is_negative(val))
+ if (BN_is_negative(val)) {
+ err_unsigned_negative;
return 0;
+ }
bytes = (size_t)BN_num_bytes(val);
p->return_size = bytes;
@@ -937,8 +1068,12 @@ int OSSL_PARAM_set_BN(OSSL_PARAM *p, const BIGNUM *val)
return 1;
if (p->data_size >= bytes) {
p->return_size = p->data_size;
- return BN_bn2nativepad(val, p->data, p->data_size) >= 0;
+ if (BN_bn2nativepad(val, p->data, p->data_size) >= 0)
+ return 1;
+ ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_INTEGER_OVERFLOW);
+ return 0;
}
+ err_too_small;
return 0;
}
@@ -954,8 +1089,10 @@ int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val)
int64_t i64;
uint64_t u64;
- if (val == NULL || p == NULL)
+ if (val == NULL || p == NULL) {
+ err_null_argument;
return 0;
+ }
if (p->data_type == OSSL_PARAM_REAL) {
switch (p->data_size) {
@@ -963,6 +1100,8 @@ int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val)
*val = *(const double *)p->data;
return 1;
}
+ err_unsupported_real;
+ return 0;
} else if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER) {
switch (p->data_size) {
case sizeof(uint32_t):
@@ -974,7 +1113,8 @@ int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val)
*val = (double)u64;
return 1;
}
- break;
+ err_inexact;
+ return 0;
}
} else if (p->data_type == OSSL_PARAM_INTEGER) {
switch (p->data_size) {
@@ -988,16 +1128,20 @@ int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val)
*val = 0.0 + i64;
return 1;
}
- break;
+ err_inexact;
+ return 0;
}
}
+ err_bad_type;
return 0;
}
int OSSL_PARAM_set_double(OSSL_PARAM *p, double val)
{
- if (p == NULL)
+ if (p == NULL) {
+ err_null_argument;
return 0;
+ }
p->return_size = 0;
if (p->data_type == OSSL_PARAM_REAL) {
@@ -1009,11 +1153,16 @@ int OSSL_PARAM_set_double(OSSL_PARAM *p, double val)
*(double *)p->data = val;
return 1;
}
- } else if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER
- && val == (uint64_t)val) {
+ err_unsupported_real;
+ return 0;
+ } else if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER) {
p->return_size = sizeof(double);
if (p->data == NULL)
return 1;
+ if (val != (uint64_t)val) {
+ err_inexact;
+ return 0;
+ }
switch (p->data_size) {
case sizeof(uint32_t):
if (val >= 0 && val <= UINT32_MAX) {
@@ -1021,7 +1170,8 @@ int OSSL_PARAM_set_double(OSSL_PARAM *p, double val)
*(uint32_t *)p->data = (uint32_t)val;
return 1;
}
- break;
+ err_out_of_range;
+ return 0;
case sizeof(uint64_t):
if (val >= 0
/*
@@ -1034,11 +1184,17 @@ int OSSL_PARAM_set_double(OSSL_PARAM *p, double val)
*(uint64_t *)p->data = (uint64_t)val;
return 1;
}
- break; }
- } else if (p->data_type == OSSL_PARAM_INTEGER && val == (int64_t)val) {
+ err_out_of_range;
+ return 0;
+ }
+ } else if (p->data_type == OSSL_PARAM_INTEGER) {
p->return_size = sizeof(double);
if (p->data == NULL)
return 1;
+ if (val != (int64_t)val) {
+ err_inexact;
+ return 0;
+ }
switch (p->data_size) {
case sizeof(int32_t):
if (val >= INT32_MIN && val <= INT32_MAX) {
@@ -1046,7 +1202,8 @@ int OSSL_PARAM_set_double(OSSL_PARAM *p, double val)
*(int32_t *)p->data = (int32_t)val;
return 1;
}
- break;
+ err_out_of_range;
+ return 0;
case sizeof(int64_t):
if (val >= INT64_MIN
/*
@@ -1059,9 +1216,11 @@ int OSSL_PARAM_set_double(OSSL_PARAM *p, double val)
*(int64_t *)p->data = (int64_t)val;
return 1;
}
- break;
+ err_out_of_range;
+ return 0;
}
}
+ err_bad_type;
return 0;
}
@@ -1076,8 +1235,14 @@ static int get_string_internal(const OSSL_PARAM *p, void **val,
{
size_t sz, alloc_sz;
- if ((val == NULL && used_len == NULL) || p == NULL || p->data_type != type)
+ if ((val == NULL && used_len == NULL) || p == NULL) {
+ err_null_argument;
+ return 0;
+ }
+ if (p->data_type != type) {
+ err_bad_type;
return 0;
+ }
sz = p->data_size;
/*
@@ -1089,8 +1254,10 @@ static int get_string_internal(const OSSL_PARAM *p, void **val,
if (used_len != NULL)
*used_len = sz;
- if (p->data == NULL)
+ if (p->data == NULL) {
+ err_null_argument;
return 0;
+ }
if (val == NULL)
return 1;
@@ -1098,14 +1265,18 @@ static int get_string_internal(const OSSL_PARAM *p, void **val,
if (*val == NULL) {
char *const q = OPENSSL_malloc(alloc_sz);
- if (q == NULL)
+ if (q == NULL) {
+ ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
return 0;
+ }
*val = q;
*max_len = alloc_sz;
}
- if (*max_len < sz)
+ if (*max_len < sz) {
+ err_too_small;
return 0;
+ }
memcpy(*val, p->data, sz);
return 1;
}
@@ -1132,8 +1303,10 @@ int OSSL_PARAM_get_utf8_string(const OSSL_PARAM *p, char **val, size_t max_len)
return 0;
if (data_length >= max_len)
data_length = OPENSSL_strnlen(p->data, data_length);
- if (data_length >= max_len)
+ if (data_length >= max_len) {
+ ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_NO_SPACE_FOR_TERMINATING_NULL);
return 0; /* No space for a terminating NUL byte */
+ }
(*val)[data_length] = '\0';
return ret;
@@ -1152,8 +1325,14 @@ static int set_string_internal(OSSL_PARAM *p, const void *val, size_t len,
p->return_size = len;
if (p->data == NULL)
return 1;
- if (p->data_type != type || p->data_size < len)
+ if (p->data_type != type) {
+ err_bad_type;
return 0;
+ }
+ if (p->data_size < len) {
+ err_too_small;
+ return 0;
+ }
memcpy(p->data, val, len);
/* If possible within the size of p->data, add a NUL terminator byte */
@@ -1164,24 +1343,32 @@ static int set_string_internal(OSSL_PARAM *p, const void *val, size_t len,
int OSSL_PARAM_set_utf8_string(OSSL_PARAM *p, const char *val)
{
- if (p == NULL)
+ if (p == NULL) {
+ err_null_argument;
return 0;
+ }
p->return_size = 0;
- if (val == NULL)
+ if (val == NULL) {
+ err_null_argument;
return 0;
+ }
return set_string_internal(p, val, strlen(val), OSSL_PARAM_UTF8_STRING);
}
int OSSL_PARAM_set_octet_string(OSSL_PARAM *p, const void *val,
size_t len)
{
- if (p == NULL)
+ if (p == NULL) {
+ err_null_argument;
return 0;
+ }
p->return_size = 0;
- if (val == NULL)
+ if (val == NULL) {
+ err_null_argument;
return 0;
+ }
return set_string_internal(p, val, len, OSSL_PARAM_OCTET_STRING);
}
@@ -1202,8 +1389,14 @@ OSSL_PARAM OSSL_PARAM_construct_octet_string(const char *key, void *buf,
static int get_ptr_internal(const OSSL_PARAM *p, const void **val,
size_t *used_len, unsigned int type)
{
- if (val == NULL || p == NULL || p->data_type != type)
+ if (val == NULL || p == NULL) {
+ err_null_argument;
+ return 0;
+ }
+ if (p->data_type != type) {
+ err_bad_type;
return 0;
+ }
if (used_len != NULL)
*used_len = p->data_size;
*val = *(const void **)p->data;
@@ -1225,8 +1418,10 @@ static int set_ptr_internal(OSSL_PARAM *p, const void *val,
unsigned int type, size_t len)
{
p->return_size = len;
- if (p->data_type != type)
+ if (p->data_type != type) {
+ err_bad_type;
return 0;
+ }
if (p->data != NULL)
*(const void **)p->data = val;
return 1;
@@ -1234,8 +1429,10 @@ static int set_ptr_internal(OSSL_PARAM *p, const void *val,
int OSSL_PARAM_set_utf8_ptr(OSSL_PARAM *p, const char *val)
{
- if (p == NULL)
+ if (p == NULL) {
+ err_null_argument;
return 0;
+ }
p->return_size = 0;
return set_ptr_internal(p, val, OSSL_PARAM_UTF8_PTR,
val == NULL ? 0 : strlen(val));
@@ -1244,8 +1441,10 @@ int OSSL_PARAM_set_utf8_ptr(OSSL_PARAM *p, const char *val)
int OSSL_PARAM_set_octet_ptr(OSSL_PARAM *p, const void *val,
size_t used_len)
{
- if (p == NULL)
+ if (p == NULL) {
+ err_null_argument;
return 0;
+ }
p->return_size = 0;
return set_ptr_internal(p, val, OSSL_PARAM_OCTET_PTR, used_len);
}
@@ -1272,8 +1471,14 @@ OSSL_PARAM OSSL_PARAM_construct_end(void)
static int get_string_ptr_internal(const OSSL_PARAM *p, const void **val,
size_t *used_len, unsigned int type)
{
- if (val == NULL || p == NULL || p->data_type != type)
+ if (val == NULL || p == NULL) {
+ err_null_argument;
return 0;
+ }
+ if (p->data_type != type) {
+ err_bad_type;
+ return 0;
+ }
if (used_len != NULL)
*used_len = p->data_size;
*val = p->data;
diff --git a/crypto/params_dup.c b/crypto/params_dup.c
index 6a58b52f65..530bc530cc 100644
--- a/crypto/params_dup.c
+++ b/crypto/params_dup.c
@@ -106,8 +106,10 @@ OSSL_PARAM *OSSL_PARAM_dup(const OSSL_PARAM *src)
OSSL_PARAM *last, *dst;
int param_count = 1; /* Include terminator in the count */
- if (src == NULL)
+ if (src == NULL) {
+ ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
+ }
memset(buf, 0, sizeof(buf));
@@ -155,8 +157,10 @@ OSSL_PARAM *OSSL_PARAM_merge(const OSSL_PARAM *p1, const OSSL_PARAM *p2)
size_t list1_sz = 0, list2_sz = 0;
int diff;
- if (p1 == NULL && p2 == NULL)
+ if (p1 == NULL && p2 == NULL) {
+ ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
+ }
/* Copy p1 to list1 */
if (p1 != NULL) {
@@ -171,8 +175,10 @@ OSSL_PARAM *OSSL_PARAM_merge(const OSSL_PARAM *p1, const OSSL_PARAM *p2)
list2[list2_sz++] = p;
}
list2[list2_sz] = NULL;
- if (list1_sz == 0 && list2_sz == 0)
+ if (list1_sz == 0 && list2_sz == 0) {
+ ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_NO_PARAMS_TO_MERGE);
return NULL;
+ }
/* Sort the 2 lists */
qsort(list1, list1_sz, sizeof(OSSL_PARAM *), compare_params);
diff --git a/include/crypto/cryptoerr.h b/include/crypto/cryptoerr.h
index 288b87ac86..1b6192e3f0 100644
--- a/include/crypto/cryptoerr.h
+++ b/include/crypto/cryptoerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
diff --git a/include/openssl/cryptoerr.h b/include/openssl/cryptoerr.h
index c6a04d9b97..e84b12df6d 100644
--- a/include/openssl/cryptoerr.h
+++ b/include/openssl/cryptoerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -28,10 +28,19 @@
# define CRYPTO_R_INSUFFICIENT_DATA_SPACE 106
# define CRYPTO_R_INSUFFICIENT_PARAM_SIZE 107
# define CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE 108
+# define CRYPTO_R_INTEGER_OVERFLOW 127
# define CRYPTO_R_INVALID_NEGATIVE_VALUE 122
# define CRYPTO_R_INVALID_NULL_ARGUMENT 109
# define CRYPTO_R_INVALID_OSSL_PARAM_TYPE 110
+# define CRYPTO_R_NO_PARAMS_TO_MERGE 131
+# define CRYPTO_R_NO_SPACE_FOR_TERMINATING_NULL 128
# define CRYPTO_R_ODD_NUMBER_OF_DIGITS 103
+# define CRYPTO_R_PARAM_CANNOT_BE_REPRESENTED_EXACTLY 123
+# define CRYPTO_R_PARAM_NOT_INTEGER_TYPE 124
+# define CRYPTO_R_PARAM_OF_INCOMPATIBLE_TYPE 129
+# define CRYPTO_R_PARAM_UNSIGNED_INTEGER_NEGATIVE_VALUE_UNSUPPORTED 125
+# define CRYPTO_R_PARAM_UNSUPPORTED_FLOATING_POINT_FORMAT 130
+# define CRYPTO_R_PARAM_VALUE_TOO_LARGE_FOR_DESTINATION 126
# define CRYPTO_R_PROVIDER_ALREADY_EXISTS 104
# define CRYPTO_R_PROVIDER_SECTION_ERROR 105
# define CRYPTO_R_RANDOM_SECTION_ERROR 119
diff --git a/test/params_conversion_test.c b/test/params_conversion_test.c
index 9422ef1473..01f940065b 100644
--- a/test/params_conversion_test.c
+++ b/test/params_conversion_test.c
@@ -194,7 +194,8 @@ static int param_conversion_test(const PARAM_CONVERSION *pc, int line)
double d;
if (!pc->valid_i32) {
- if (!TEST_false(OSSL_PARAM_get_int32(pc->param, &i32))) {
+ if (!TEST_false(OSSL_PARAM_get_int32(pc->param, &i32))
+ || !TEST_ulong_ne(ERR_get_error(), 0)) {
TEST_note("unexpected valid conversion to int32 on line %d", line);
return 0;
}
@@ -214,7 +215,8 @@ static int param_conversion_test(const PARAM_CONVERSION *pc, int line)
}
if (!pc->valid_i64) {
- if (!TEST_false(OSSL_PARAM_get_int64(pc->param, &i64))) {
+ if (!TEST_false(OSSL_PARAM_get_int64(pc->param, &i64))
+ || !TEST_ulong_ne(ERR_get_error(), 0)) {
TEST_note("unexpected valid conversion to int64 on line %d", line);
return 0;
}
@@ -234,7 +236,8 @@ static int param_conversion_test(const PARAM_CONVERSION *pc, int line)
}
if (!pc->valid_u32) {
- if (!TEST_false(OSSL_PARAM_get_uint32(pc->param, &u32))) {
+ if (!TEST_false(OSSL_PARAM_get_uint32(pc->param, &u32))
+ || !TEST_ulong_ne(ERR_get_error(), 0)) {
TEST_note("unexpected valid conversion to uint32 on line %d", line);
return 0;
}
@@ -254,7 +257,8 @@ static int param_conversion_test(const PARAM_CONVERSION *pc, int line)
}
if (!pc->valid_u64) {
- if (!TEST_false(OSSL_PARAM_get_uint64(pc->param, &u64))) {
+ if (!TEST_false(OSSL_PARAM_get_uint64(pc->param, &u64))
+ || !TEST_ulong_ne(ERR_get_error(), 0)) {
TEST_note("unexpected valid conversion to uint64 on line %d", line);
return 0;
}
@@ -274,7 +278,8 @@ static int param_conversion_test(const PARAM_CONVERSION *pc, int line)
}
if (!pc->valid_d) {
- if (!TEST_false(OSSL_PARAM_get_double(pc->param, &d))) {
+ if (!TEST_false(OSSL_PARAM_get_double(pc->param, &d))
+ || !TEST_ulong_ne(ERR_get_error(), 0)) {
TEST_note("unexpected valid conversion to double on line %d", line);
return 0;
}
More information about the openssl-commits
mailing list