]>
Commit | Line | Data |
---|---|---|
3c93fbac | 1 | /* |
33388b44 | 2 | * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. |
3c93fbac P |
3 | * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. |
4 | * | |
5 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
6 | * this file except in compliance with the License. You can obtain a copy | |
7 | * in the file LICENSE in the source distribution or at | |
8 | * https://www.openssl.org/source/license.html | |
9 | */ | |
10 | ||
11 | #include <string.h> | |
12 | #include <openssl/err.h> | |
13 | #include <openssl/cryptoerr.h> | |
14 | #include <openssl/params.h> | |
6d4e6009 | 15 | #include <openssl/types.h> |
20c98cd4 | 16 | #include <openssl/safestack.h> |
3c93fbac | 17 | #include "internal/cryptlib.h" |
110bff61 | 18 | #include "openssl/param_build.h" |
3c93fbac | 19 | |
6d4e6009 P |
20 | /* |
21 | * Special internal param type to indicate the end of an allocate OSSL_PARAM | |
22 | * array. | |
23 | */ | |
7312ef3f P |
24 | #define OSSL_PARAM_ALLOCATED_END 127 |
25 | ||
6d4e6009 P |
26 | typedef struct { |
27 | const char *key; | |
28 | int type; | |
29 | int secure; | |
30 | size_t size; | |
31 | size_t alloc_blocks; | |
32 | const BIGNUM *bn; | |
33 | const void *string; | |
34 | union { | |
35 | /* | |
36 | * These fields are never directly addressed, but their sizes are | |
37 | * imporant so that all native types can be copied here without overrun. | |
38 | */ | |
39 | ossl_intmax_t i; | |
40 | ossl_uintmax_t u; | |
41 | double d; | |
42 | } num; | |
43 | } OSSL_PARAM_BLD_DEF; | |
44 | ||
20c98cd4 P |
45 | DEFINE_STACK_OF(OSSL_PARAM_BLD_DEF) |
46 | ||
6d4e6009 | 47 | struct ossl_param_bld_st { |
6d4e6009 P |
48 | size_t total_blocks; |
49 | size_t secure_blocks; | |
20c98cd4 | 50 | STACK_OF(OSSL_PARAM_BLD_DEF) *params; |
6d4e6009 P |
51 | }; |
52 | ||
3c93fbac P |
53 | typedef union { |
54 | OSSL_UNION_ALIGN; | |
55 | } OSSL_PARAM_BLD_BLOCK; | |
56 | ||
57 | #define ALIGN_SIZE sizeof(OSSL_PARAM_BLD_BLOCK) | |
58 | ||
59 | static size_t bytes_to_blocks(size_t bytes) | |
60 | { | |
61 | return (bytes + ALIGN_SIZE - 1) / ALIGN_SIZE; | |
62 | } | |
63 | ||
64 | static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key, | |
65 | int size, size_t alloc, int type, | |
66 | int secure) | |
67 | { | |
20c98cd4 | 68 | OSSL_PARAM_BLD_DEF *pd = OPENSSL_zalloc(sizeof(*pd)); |
3c93fbac | 69 | |
20c98cd4 P |
70 | if (pd == NULL) { |
71 | CRYPTOerr(CRYPTO_F_PARAM_PUSH, ERR_R_MALLOC_FAILURE); | |
3c93fbac P |
72 | return NULL; |
73 | } | |
3c93fbac P |
74 | pd->key = key; |
75 | pd->type = type; | |
76 | pd->size = size; | |
77 | pd->alloc_blocks = bytes_to_blocks(size); | |
78 | if ((pd->secure = secure) != 0) | |
79 | bld->secure_blocks += pd->alloc_blocks; | |
80 | else | |
81 | bld->total_blocks += pd->alloc_blocks; | |
20c98cd4 P |
82 | if (sk_OSSL_PARAM_BLD_DEF_push(bld->params, pd) <= 0) { |
83 | OPENSSL_free(pd); | |
84 | pd = NULL; | |
85 | } | |
3c93fbac P |
86 | return pd; |
87 | } | |
88 | ||
89 | static int param_push_num(OSSL_PARAM_BLD *bld, const char *key, | |
90 | void *num, size_t size, int type) | |
91 | { | |
92 | OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0); | |
93 | ||
94 | if (pd == NULL) | |
95 | return 0; | |
96 | if (size > sizeof(pd->num)) { | |
97 | CRYPTOerr(CRYPTO_F_PARAM_PUSH_NUM, CRYPTO_R_TOO_MANY_BYTES); | |
98 | return 0; | |
99 | } | |
100 | memcpy(&pd->num, num, size); | |
101 | return 1; | |
102 | } | |
103 | ||
6d4e6009 | 104 | OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void) |
3c93fbac | 105 | { |
20c98cd4 P |
106 | OSSL_PARAM_BLD *r = OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD)); |
107 | ||
108 | if (r != NULL) { | |
109 | r->params = sk_OSSL_PARAM_BLD_DEF_new_null(); | |
110 | if (r->params == NULL) { | |
111 | OPENSSL_free(r); | |
112 | r = NULL; | |
113 | } | |
114 | } | |
115 | return r; | |
116 | } | |
117 | ||
118 | static void free_all_params(OSSL_PARAM_BLD *bld) | |
119 | { | |
120 | int i, n = sk_OSSL_PARAM_BLD_DEF_num(bld->params); | |
121 | ||
122 | for (i = 0; i < n; i++) | |
123 | OPENSSL_free(sk_OSSL_PARAM_BLD_DEF_pop(bld->params)); | |
6d4e6009 P |
124 | } |
125 | ||
126 | void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld) | |
127 | { | |
a6f8a834 MC |
128 | if (bld == NULL) |
129 | return; | |
20c98cd4 P |
130 | free_all_params(bld); |
131 | sk_OSSL_PARAM_BLD_DEF_free(bld->params); | |
6d4e6009 | 132 | OPENSSL_free(bld); |
3c93fbac P |
133 | } |
134 | ||
110bff61 | 135 | int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num) |
3c93fbac P |
136 | { |
137 | return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); | |
138 | } | |
139 | ||
110bff61 | 140 | int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
141 | unsigned int num) |
142 | { | |
143 | return param_push_num(bld, key, &num, sizeof(num), | |
144 | OSSL_PARAM_UNSIGNED_INTEGER); | |
145 | } | |
146 | ||
110bff61 | 147 | int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
148 | long int num) |
149 | { | |
150 | return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); | |
151 | } | |
152 | ||
110bff61 | 153 | int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
154 | unsigned long int num) |
155 | { | |
156 | return param_push_num(bld, key, &num, sizeof(num), | |
157 | OSSL_PARAM_UNSIGNED_INTEGER); | |
158 | } | |
159 | ||
110bff61 | 160 | int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
161 | int32_t num) |
162 | { | |
163 | return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); | |
164 | } | |
165 | ||
110bff61 | 166 | int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
167 | uint32_t num) |
168 | { | |
169 | return param_push_num(bld, key, &num, sizeof(num), | |
170 | OSSL_PARAM_UNSIGNED_INTEGER); | |
171 | } | |
172 | ||
110bff61 | 173 | int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
174 | int64_t num) |
175 | { | |
176 | return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); | |
177 | } | |
178 | ||
110bff61 | 179 | int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
180 | uint64_t num) |
181 | { | |
182 | return param_push_num(bld, key, &num, sizeof(num), | |
183 | OSSL_PARAM_UNSIGNED_INTEGER); | |
184 | } | |
185 | ||
110bff61 | 186 | int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
187 | size_t num) |
188 | { | |
189 | return param_push_num(bld, key, &num, sizeof(num), | |
190 | OSSL_PARAM_UNSIGNED_INTEGER); | |
191 | } | |
192 | ||
5fdaa38f P |
193 | int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key, |
194 | time_t num) | |
195 | { | |
196 | return param_push_num(bld, key, &num, sizeof(num), | |
197 | OSSL_PARAM_INTEGER); | |
198 | } | |
199 | ||
110bff61 | 200 | int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
201 | double num) |
202 | { | |
203 | return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL); | |
204 | } | |
205 | ||
110bff61 | 206 | int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
207 | const BIGNUM *bn) |
208 | { | |
110bff61 | 209 | return OSSL_PARAM_BLD_push_BN_pad(bld, key, bn, |
ac23078b P |
210 | bn == NULL ? 0 : BN_num_bytes(bn)); |
211 | } | |
212 | ||
110bff61 | 213 | int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key, |
ac23078b P |
214 | const BIGNUM *bn, size_t sz) |
215 | { | |
216 | int n, secure = 0; | |
3c93fbac P |
217 | OSSL_PARAM_BLD_DEF *pd; |
218 | ||
219 | if (bn != NULL) { | |
ac23078b P |
220 | n = BN_num_bytes(bn); |
221 | if (n < 0) { | |
222 | CRYPTOerr(0, CRYPTO_R_ZERO_LENGTH_NUMBER); | |
223 | return 0; | |
224 | } | |
225 | if (sz < (size_t)n) { | |
226 | CRYPTOerr(0, CRYPTO_R_TOO_SMALL_BUFFER); | |
3c93fbac P |
227 | return 0; |
228 | } | |
229 | if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE) | |
230 | secure = 1; | |
231 | } | |
ac23078b | 232 | pd = param_push(bld, key, sz, sz, OSSL_PARAM_UNSIGNED_INTEGER, secure); |
3c93fbac P |
233 | if (pd == NULL) |
234 | return 0; | |
235 | pd->bn = bn; | |
236 | return 1; | |
237 | } | |
238 | ||
110bff61 | 239 | int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key, |
5fa7789f | 240 | const char *buf, size_t bsize) |
3c93fbac P |
241 | { |
242 | OSSL_PARAM_BLD_DEF *pd; | |
243 | ||
244 | if (bsize == 0) { | |
245 | bsize = strlen(buf) + 1; | |
246 | } else if (bsize > INT_MAX) { | |
247 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING, | |
248 | CRYPTO_R_STRING_TOO_LONG); | |
249 | return 0; | |
250 | } | |
251 | pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_UTF8_STRING, 0); | |
252 | if (pd == NULL) | |
253 | return 0; | |
254 | pd->string = buf; | |
255 | return 1; | |
256 | } | |
257 | ||
110bff61 | 258 | int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
259 | char *buf, size_t bsize) |
260 | { | |
261 | OSSL_PARAM_BLD_DEF *pd; | |
262 | ||
263 | if (bsize == 0) { | |
264 | bsize = strlen(buf) + 1; | |
265 | } else if (bsize > INT_MAX) { | |
266 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR, | |
267 | CRYPTO_R_STRING_TOO_LONG); | |
268 | return 0; | |
269 | } | |
270 | pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0); | |
271 | if (pd == NULL) | |
272 | return 0; | |
273 | pd->string = buf; | |
274 | return 1; | |
275 | } | |
276 | ||
110bff61 | 277 | int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key, |
5fa7789f | 278 | const void *buf, size_t bsize) |
3c93fbac P |
279 | { |
280 | OSSL_PARAM_BLD_DEF *pd; | |
281 | ||
282 | if (bsize > INT_MAX) { | |
283 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING, | |
284 | CRYPTO_R_STRING_TOO_LONG); | |
285 | return 0; | |
286 | } | |
287 | pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, 0); | |
288 | if (pd == NULL) | |
289 | return 0; | |
290 | pd->string = buf; | |
291 | return 1; | |
292 | } | |
293 | ||
110bff61 | 294 | int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key, |
3c93fbac P |
295 | void *buf, size_t bsize) |
296 | { | |
297 | OSSL_PARAM_BLD_DEF *pd; | |
298 | ||
299 | if (bsize > INT_MAX) { | |
300 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR, | |
301 | CRYPTO_R_STRING_TOO_LONG); | |
302 | return 0; | |
303 | } | |
304 | pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0); | |
305 | if (pd == NULL) | |
306 | return 0; | |
307 | pd->string = buf; | |
308 | return 1; | |
309 | } | |
310 | ||
311 | static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param, | |
312 | OSSL_PARAM_BLD_BLOCK *blk, | |
313 | OSSL_PARAM_BLD_BLOCK *secure) | |
314 | { | |
20c98cd4 | 315 | int i, num = sk_OSSL_PARAM_BLD_DEF_num(bld->params); |
3c93fbac P |
316 | OSSL_PARAM_BLD_DEF *pd; |
317 | void *p; | |
318 | ||
20c98cd4 P |
319 | for (i = 0; i < num; i++) { |
320 | pd = sk_OSSL_PARAM_BLD_DEF_value(bld->params, i); | |
3c93fbac P |
321 | param[i].key = pd->key; |
322 | param[i].data_type = pd->type; | |
323 | param[i].data_size = pd->size; | |
2baf2d81 | 324 | param[i].return_size = OSSL_PARAM_UNMODIFIED; |
3c93fbac P |
325 | |
326 | if (pd->secure) { | |
327 | p = secure; | |
328 | secure += pd->alloc_blocks; | |
329 | } else { | |
330 | p = blk; | |
331 | blk += pd->alloc_blocks; | |
332 | } | |
333 | param[i].data = p; | |
334 | if (pd->bn != NULL) { | |
335 | /* BIGNUM */ | |
336 | BN_bn2nativepad(pd->bn, (unsigned char *)p, pd->size); | |
337 | } else if (pd->type == OSSL_PARAM_OCTET_PTR | |
338 | || pd->type == OSSL_PARAM_UTF8_PTR) { | |
339 | /* PTR */ | |
d32d3048 | 340 | *(const void **)p = pd->string; |
3c93fbac P |
341 | } else if (pd->type == OSSL_PARAM_OCTET_STRING |
342 | || pd->type == OSSL_PARAM_UTF8_STRING) { | |
343 | if (pd->string != NULL) | |
344 | memcpy(p, pd->string, pd->size); | |
345 | else | |
346 | memset(p, 0, pd->size); | |
347 | } else { | |
348 | /* Number, but could also be a NULL BIGNUM */ | |
349 | if (pd->size > sizeof(pd->num)) | |
350 | memset(p, 0, pd->size); | |
351 | else if (pd->size > 0) | |
352 | memcpy(p, &pd->num, pd->size); | |
353 | } | |
354 | } | |
355 | param[i] = OSSL_PARAM_construct_end(); | |
7312ef3f | 356 | return param + i; |
3c93fbac P |
357 | } |
358 | ||
110bff61 | 359 | OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld) |
3c93fbac P |
360 | { |
361 | OSSL_PARAM_BLD_BLOCK *blk, *s = NULL; | |
7312ef3f | 362 | OSSL_PARAM *params, *last; |
20c98cd4 P |
363 | const int num = sk_OSSL_PARAM_BLD_DEF_num(bld->params); |
364 | const size_t p_blks = bytes_to_blocks((1 + num) * sizeof(*params)); | |
3c93fbac | 365 | const size_t total = ALIGN_SIZE * (p_blks + bld->total_blocks); |
7312ef3f | 366 | const size_t ss = ALIGN_SIZE * bld->secure_blocks; |
3c93fbac | 367 | |
7312ef3f P |
368 | if (ss > 0) { |
369 | s = OPENSSL_secure_malloc(ss); | |
3c93fbac P |
370 | if (s == NULL) { |
371 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, | |
372 | CRYPTO_R_SECURE_MALLOC_FAILURE); | |
373 | return NULL; | |
374 | } | |
375 | } | |
7312ef3f P |
376 | params = OPENSSL_malloc(total); |
377 | if (params == NULL) { | |
3c93fbac P |
378 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE); |
379 | OPENSSL_secure_free(s); | |
380 | return NULL; | |
381 | } | |
7312ef3f P |
382 | blk = p_blks + (OSSL_PARAM_BLD_BLOCK *)(params); |
383 | last = param_bld_convert(bld, params, blk, s); | |
384 | last->data_size = ss; | |
385 | last->data = s; | |
386 | last->data_type = OSSL_PARAM_ALLOCATED_END; | |
6d4e6009 | 387 | |
20c98cd4 P |
388 | /* Reset builder for reuse */ |
389 | bld->total_blocks = 0; | |
390 | bld->secure_blocks = 0; | |
391 | free_all_params(bld); | |
7312ef3f P |
392 | return params; |
393 | } | |
394 | ||
6d4e6009 | 395 | void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params) |
7312ef3f P |
396 | { |
397 | if (params != NULL) { | |
398 | OSSL_PARAM *p; | |
399 | ||
400 | for (p = params; p->key != NULL; p++) | |
401 | ; | |
402 | if (p->data_type == OSSL_PARAM_ALLOCATED_END) | |
403 | OPENSSL_secure_clear_free(p->data, p->data_size); | |
404 | OPENSSL_free(params); | |
405 | } | |
3c93fbac | 406 | } |