[thirdparty/openssl.git] / crypto / param_build.c

/*
 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 * Copyright (c) 2019, Oracle and/or its affiliates.  All rights reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <string.h>
#include <openssl/err.h>
#include <openssl/cryptoerr.h>
#include <openssl/params.h>
#include <openssl/types.h>
#include <openssl/safestack.h>
#include "internal/cryptlib.h"
#include "openssl/param_build.h"

/*
 * Special internal param type to indicate the end of an allocate OSSL_PARAM
 * array.
 */
#define OSSL_PARAM_ALLOCATED_END    127

typedef struct {
    const char *key;
    int type;
    int secure;
    size_t size;
    size_t alloc_blocks;
    const BIGNUM *bn;
    const void *string;
    union {
        /*
         * These fields are never directly addressed, but their sizes are
         * imporant so that all native types can be copied here without overrun.
         */
        ossl_intmax_t i;
        ossl_uintmax_t u;
        double d;
    } num;
} OSSL_PARAM_BLD_DEF;

DEFINE_STACK_OF(OSSL_PARAM_BLD_DEF)

struct ossl_param_bld_st {
    size_t total_blocks;
    size_t secure_blocks;
    STACK_OF(OSSL_PARAM_BLD_DEF) *params;
};

typedef union {
    OSSL_UNION_ALIGN;
} OSSL_PARAM_BLD_BLOCK;

#define ALIGN_SIZE  sizeof(OSSL_PARAM_BLD_BLOCK)

static size_t bytes_to_blocks(size_t bytes)
{
    return (bytes + ALIGN_SIZE - 1) / ALIGN_SIZE;
}

static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key,
                                      int size, size_t alloc, int type,
                                      int secure)
{
    OSSL_PARAM_BLD_DEF *pd = OPENSSL_zalloc(sizeof(*pd));

    if (pd == NULL) {
        CRYPTOerr(CRYPTO_F_PARAM_PUSH, ERR_R_MALLOC_FAILURE);
        return NULL;
    }
    pd->key = key;
    pd->type = type;
    pd->size = size;
    pd->alloc_blocks = bytes_to_blocks(size);
    if ((pd->secure = secure) != 0)
        bld->secure_blocks += pd->alloc_blocks;
    else
        bld->total_blocks += pd->alloc_blocks;
    if (sk_OSSL_PARAM_BLD_DEF_push(bld->params, pd) <= 0) {
        OPENSSL_free(pd);
        pd = NULL;
    }
    return pd;
}

static int param_push_num(OSSL_PARAM_BLD *bld, const char *key,
                          void *num, size_t size, int type)
{
    OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);

    if (pd == NULL)
        return 0;
    if (size > sizeof(pd->num)) {
        CRYPTOerr(CRYPTO_F_PARAM_PUSH_NUM, CRYPTO_R_TOO_MANY_BYTES);
        return 0;
    }
    memcpy(&pd->num, num, size);
    return 1;
}

OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void)
{
    OSSL_PARAM_BLD *r = OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD));

    if (r != NULL) {
        r->params = sk_OSSL_PARAM_BLD_DEF_new_null();
        if (r->params == NULL) {
            OPENSSL_free(r);
            r = NULL;
        }
    }
    return r;
}

static void free_all_params(OSSL_PARAM_BLD *bld)
{
    int i, n = sk_OSSL_PARAM_BLD_DEF_num(bld->params);

    for (i = 0; i < n; i++)
        OPENSSL_free(sk_OSSL_PARAM_BLD_DEF_pop(bld->params));
}

void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld)
{
    if (bld == NULL)
        return;
    free_all_params(bld);
    sk_OSSL_PARAM_BLD_DEF_free(bld->params);
    OPENSSL_free(bld);
}

int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
{
    return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
}

int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
                             unsigned int num)
{
    return param_push_num(bld, key, &num, sizeof(num),
                          OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key,
                             long int num)
{
    return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
}

int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
                              unsigned long int num)
{
    return param_push_num(bld, key, &num, sizeof(num),
                          OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key,
                              int32_t num)
{
    return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
}

int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
                               uint32_t num)
{
    return param_push_num(bld, key, &num, sizeof(num),
                          OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key,
                              int64_t num)
{
    return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
}

int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
                               uint64_t num)
{
    return param_push_num(bld, key, &num, sizeof(num),
                          OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
                               size_t num)
{
    return param_push_num(bld, key, &num, sizeof(num),
                          OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key,
                               time_t num)
{
    return param_push_num(bld, key, &num, sizeof(num),
                          OSSL_PARAM_INTEGER);
}

int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key,
                               double num)
{
    return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
}

int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key,
                           const BIGNUM *bn)
{
    return OSSL_PARAM_BLD_push_BN_pad(bld, key, bn,
                                      bn == NULL ? 0 : BN_num_bytes(bn));
}

int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key,
                               const BIGNUM *bn, size_t sz)
{
    int n, secure = 0;
    OSSL_PARAM_BLD_DEF *pd;

    if (bn != NULL) {
        n = BN_num_bytes(bn);
        if (n < 0) {
            CRYPTOerr(0, CRYPTO_R_ZERO_LENGTH_NUMBER);
            return 0;
        }
        if (sz < (size_t)n) {
            CRYPTOerr(0, CRYPTO_R_TOO_SMALL_BUFFER);
            return 0;
        }
        if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
            secure = 1;
    }
    pd = param_push(bld, key, sz, sz, OSSL_PARAM_UNSIGNED_INTEGER, secure);
    if (pd == NULL)
        return 0;
    pd->bn = bn;
    return 1;
}

int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
                                    const char *buf, size_t bsize)
{
    OSSL_PARAM_BLD_DEF *pd;

    if (bsize == 0) {
        bsize = strlen(buf) + 1;
    } else if (bsize > INT_MAX) {
        CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING,
                  CRYPTO_R_STRING_TOO_LONG);
        return 0;
    }
    pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_UTF8_STRING, 0);
    if (pd == NULL)
        return 0;
    pd->string = buf;
    return 1;
}

int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
                                 char *buf, size_t bsize)
{
    OSSL_PARAM_BLD_DEF *pd;

    if (bsize == 0) {
        bsize = strlen(buf) + 1;
    } else if (bsize > INT_MAX) {
        CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR,
                  CRYPTO_R_STRING_TOO_LONG);
        return 0;
    }
    pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
    if (pd == NULL)
        return 0;
    pd->string = buf;
    return 1;
}

int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
                                     const void *buf, size_t bsize)
{
    OSSL_PARAM_BLD_DEF *pd;

    if (bsize > INT_MAX) {
        CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING,
                  CRYPTO_R_STRING_TOO_LONG);
        return 0;
    }
    pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, 0);
    if (pd == NULL)
        return 0;
    pd->string = buf;
    return 1;
}

int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
                                  void *buf, size_t bsize)
{
    OSSL_PARAM_BLD_DEF *pd;

    if (bsize > INT_MAX) {
        CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR,
                  CRYPTO_R_STRING_TOO_LONG);
        return 0;
    }
    pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
    if (pd == NULL)
        return 0;
    pd->string = buf;
    return 1;
}

static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param,
                                     OSSL_PARAM_BLD_BLOCK *blk,
                                     OSSL_PARAM_BLD_BLOCK *secure)
{
    int i, num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
    OSSL_PARAM_BLD_DEF *pd;
    void *p;

    for (i = 0; i < num; i++) {
        pd = sk_OSSL_PARAM_BLD_DEF_value(bld->params, i);
        param[i].key = pd->key;
        param[i].data_type = pd->type;
        param[i].data_size = pd->size;
        param[i].return_size = OSSL_PARAM_UNMODIFIED;

        if (pd->secure) {
            p = secure;
            secure += pd->alloc_blocks;
        } else {
            p = blk;
            blk += pd->alloc_blocks;
        }
        param[i].data = p;
        if (pd->bn != NULL) {
            /* BIGNUM */
            BN_bn2nativepad(pd->bn, (unsigned char *)p, pd->size);
        } else if (pd->type == OSSL_PARAM_OCTET_PTR
                   || pd->type == OSSL_PARAM_UTF8_PTR) {
            /* PTR */
            *(const void **)p = pd->string;
        } else if (pd->type == OSSL_PARAM_OCTET_STRING
                   || pd->type == OSSL_PARAM_UTF8_STRING) {
            if (pd->string != NULL)
                memcpy(p, pd->string, pd->size);
            else
                memset(p, 0, pd->size);
        } else {
            /* Number, but could also be a NULL BIGNUM */
            if (pd->size > sizeof(pd->num))
                memset(p, 0, pd->size);
            else if (pd->size > 0)
                memcpy(p, &pd->num, pd->size);
        }
    }
    param[i] = OSSL_PARAM_construct_end();
    return param + i;
}

OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld)
{
    OSSL_PARAM_BLD_BLOCK *blk, *s = NULL;
    OSSL_PARAM *params, *last;
    const int num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
    const size_t p_blks = bytes_to_blocks((1 + num) * sizeof(*params));
    const size_t total = ALIGN_SIZE * (p_blks + bld->total_blocks);
    const size_t ss = ALIGN_SIZE * bld->secure_blocks;

    if (ss > 0) {
        s = OPENSSL_secure_malloc(ss);
        if (s == NULL) {
            CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM,
                      CRYPTO_R_SECURE_MALLOC_FAILURE);
            return NULL;
        }
    }
    params = OPENSSL_malloc(total);
    if (params == NULL) {
        CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE);
        OPENSSL_secure_free(s);
        return NULL;
    }
    blk = p_blks + (OSSL_PARAM_BLD_BLOCK *)(params);
    last = param_bld_convert(bld, params, blk, s);
    last->data_size = ss;
    last->data = s;
    last->data_type = OSSL_PARAM_ALLOCATED_END;

    /* Reset builder for reuse */
    bld->total_blocks = 0;
    bld->secure_blocks = 0;
    free_all_params(bld);
    return params;
}

void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params)
{
    if (params != NULL) {
        OSSL_PARAM *p;

        for (p = params; p->key != NULL; p++)
            ;
        if (p->data_type == OSSL_PARAM_ALLOCATED_END)
            OPENSSL_secure_clear_free(p->data, p->data_size);
        OPENSSL_free(params);
    }
}
Commit	Line	Data
3c93fbac	1	/*
33388b44	2	* Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
3c93fbac P	3	* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
	4	*
	5	* Licensed under the Apache License 2.0 (the "License"). You may not use
	6	* this file except in compliance with the License. You can obtain a copy
	7	* in the file LICENSE in the source distribution or at
	8	* https://www.openssl.org/source/license.html
	9	*/
	10
	11	#include <string.h>
	12	#include <openssl/err.h>
	13	#include <openssl/cryptoerr.h>
	14	#include <openssl/params.h>
6d4e6009	15	#include <openssl/types.h>
20c98cd4	16	#include <openssl/safestack.h>
3c93fbac	17	#include "internal/cryptlib.h"
110bff61	18	#include "openssl/param_build.h"
3c93fbac	19
6d4e6009 P	20	/*
	21	* Special internal param type to indicate the end of an allocate OSSL_PARAM
	22	* array.
	23	*/
7312ef3f P	24	#define OSSL_PARAM_ALLOCATED_END 127
7312ef3f P	25
6d4e6009 P	26	typedef struct {
	27	const char *key;
	28	int type;
	29	int secure;
	30	size_t size;
	31	size_t alloc_blocks;
	32	const BIGNUM *bn;
	33	const void *string;
	34	union {
	35	/*
	36	* These fields are never directly addressed, but their sizes are
	37	* imporant so that all native types can be copied here without overrun.
	38	*/
	39	ossl_intmax_t i;
	40	ossl_uintmax_t u;
	41	double d;
	42	} num;
	43	} OSSL_PARAM_BLD_DEF;
	44
20c98cd4 P	45	DEFINE_STACK_OF(OSSL_PARAM_BLD_DEF)
20c98cd4 P	46
6d4e6009	47	struct ossl_param_bld_st {
6d4e6009 P	48	size_t total_blocks;
6d4e6009 P	49	size_t secure_blocks;
20c98cd4	50	STACK_OF(OSSL_PARAM_BLD_DEF) *params;
6d4e6009 P	51	};
6d4e6009 P	52
3c93fbac P	53	typedef union {
	54	OSSL_UNION_ALIGN;
	55	} OSSL_PARAM_BLD_BLOCK;
	56
	57	#define ALIGN_SIZE sizeof(OSSL_PARAM_BLD_BLOCK)
	58
	59	static size_t bytes_to_blocks(size_t bytes)
	60	{
	61	return (bytes + ALIGN_SIZE - 1) / ALIGN_SIZE;
	62	}
	63
	64	static OSSL_PARAM_BLD_DEF param_push(OSSL_PARAM_BLD bld, const char *key,
	65	int size, size_t alloc, int type,
	66	int secure)
	67	{
20c98cd4	68	OSSL_PARAM_BLD_DEF pd = OPENSSL_zalloc(sizeof(pd));
3c93fbac	69
20c98cd4 P	70	if (pd == NULL) {
20c98cd4 P	71	CRYPTOerr(CRYPTO_F_PARAM_PUSH, ERR_R_MALLOC_FAILURE);
3c93fbac P	72	return NULL;
3c93fbac P	73	}
3c93fbac P	74	pd->key = key;
	75	pd->type = type;
	76	pd->size = size;
	77	pd->alloc_blocks = bytes_to_blocks(size);
	78	if ((pd->secure = secure) != 0)
	79	bld->secure_blocks += pd->alloc_blocks;
	80	else
	81	bld->total_blocks += pd->alloc_blocks;
20c98cd4 P	82	if (sk_OSSL_PARAM_BLD_DEF_push(bld->params, pd) <= 0) {
	83	OPENSSL_free(pd);
	84	pd = NULL;
	85	}
3c93fbac P	86	return pd;
	87	}
	88
	89	static int param_push_num(OSSL_PARAM_BLD bld, const char key,
	90	void *num, size_t size, int type)
	91	{
	92	OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);
	93
	94	if (pd == NULL)
	95	return 0;
	96	if (size > sizeof(pd->num)) {
	97	CRYPTOerr(CRYPTO_F_PARAM_PUSH_NUM, CRYPTO_R_TOO_MANY_BYTES);
	98	return 0;
	99	}
	100	memcpy(&pd->num, num, size);
	101	return 1;
	102	}
	103
6d4e6009	104	OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void)
3c93fbac	105	{
20c98cd4 P	106	OSSL_PARAM_BLD *r = OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD));
	107
	108	if (r != NULL) {
	109	r->params = sk_OSSL_PARAM_BLD_DEF_new_null();
	110	if (r->params == NULL) {
	111	OPENSSL_free(r);
	112	r = NULL;
	113	}
	114	}
	115	return r;
	116	}
	117
	118	static void free_all_params(OSSL_PARAM_BLD *bld)
	119	{
	120	int i, n = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
	121
	122	for (i = 0; i < n; i++)
	123	OPENSSL_free(sk_OSSL_PARAM_BLD_DEF_pop(bld->params));
6d4e6009 P	124	}
	125
	126	void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld)
	127	{
a6f8a834 MC	128	if (bld == NULL)
a6f8a834 MC	129	return;
20c98cd4 P	130	free_all_params(bld);
20c98cd4 P	131	sk_OSSL_PARAM_BLD_DEF_free(bld->params);
6d4e6009	132	OPENSSL_free(bld);
3c93fbac P	133	}
3c93fbac P	134
110bff61	135	int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD bld, const char key, int num)
3c93fbac P	136	{
	137	return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
	138	}
	139
110bff61	140	int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	141	unsigned int num)
	142	{
	143	return param_push_num(bld, key, &num, sizeof(num),
	144	OSSL_PARAM_UNSIGNED_INTEGER);
	145	}
	146
110bff61	147	int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	148	long int num)
	149	{
	150	return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
	151	}
	152
110bff61	153	int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	154	unsigned long int num)
	155	{
	156	return param_push_num(bld, key, &num, sizeof(num),
	157	OSSL_PARAM_UNSIGNED_INTEGER);
	158	}
	159
110bff61	160	int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	161	int32_t num)
	162	{
	163	return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
	164	}
	165
110bff61	166	int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	167	uint32_t num)
	168	{
	169	return param_push_num(bld, key, &num, sizeof(num),
	170	OSSL_PARAM_UNSIGNED_INTEGER);
	171	}
	172
110bff61	173	int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	174	int64_t num)
	175	{
	176	return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
	177	}
	178
110bff61	179	int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	180	uint64_t num)
	181	{
	182	return param_push_num(bld, key, &num, sizeof(num),
	183	OSSL_PARAM_UNSIGNED_INTEGER);
	184	}
	185
110bff61	186	int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	187	size_t num)
	188	{
	189	return param_push_num(bld, key, &num, sizeof(num),
	190	OSSL_PARAM_UNSIGNED_INTEGER);
	191	}
	192
5fdaa38f P	193	int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD bld, const char key,
	194	time_t num)
	195	{
	196	return param_push_num(bld, key, &num, sizeof(num),
	197	OSSL_PARAM_INTEGER);
	198	}
	199
110bff61	200	int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	201	double num)
	202	{
	203	return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
	204	}
	205
110bff61	206	int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	207	const BIGNUM *bn)
3c93fbac P	208	{
110bff61	209	return OSSL_PARAM_BLD_push_BN_pad(bld, key, bn,
ac23078b P	210	bn == NULL ? 0 : BN_num_bytes(bn));
	211	}
	212
110bff61	213	int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD bld, const char key,
ac23078b P	214	const BIGNUM *bn, size_t sz)
	215	{
	216	int n, secure = 0;
3c93fbac P	217	OSSL_PARAM_BLD_DEF *pd;
	218
	219	if (bn != NULL) {
ac23078b P	220	n = BN_num_bytes(bn);
	221	if (n < 0) {
	222	CRYPTOerr(0, CRYPTO_R_ZERO_LENGTH_NUMBER);
	223	return 0;
	224	}
	225	if (sz < (size_t)n) {
	226	CRYPTOerr(0, CRYPTO_R_TOO_SMALL_BUFFER);
3c93fbac P	227	return 0;
	228	}
	229	if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
	230	secure = 1;
	231	}
ac23078b	232	pd = param_push(bld, key, sz, sz, OSSL_PARAM_UNSIGNED_INTEGER, secure);
3c93fbac P	233	if (pd == NULL)
	234	return 0;
	235	pd->bn = bn;
	236	return 1;
	237	}
	238
110bff61	239	int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD bld, const char key,
5fa7789f	240	const char *buf, size_t bsize)
3c93fbac P	241	{
	242	OSSL_PARAM_BLD_DEF *pd;
	243
	244	if (bsize == 0) {
	245	bsize = strlen(buf) + 1;
	246	} else if (bsize > INT_MAX) {
	247	CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING,
	248	CRYPTO_R_STRING_TOO_LONG);
	249	return 0;
	250	}
	251	pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_UTF8_STRING, 0);
	252	if (pd == NULL)
	253	return 0;
	254	pd->string = buf;
	255	return 1;
	256	}
	257
110bff61	258	int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	259	char *buf, size_t bsize)
	260	{
	261	OSSL_PARAM_BLD_DEF *pd;
	262
	263	if (bsize == 0) {
	264	bsize = strlen(buf) + 1;
	265	} else if (bsize > INT_MAX) {
	266	CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR,
	267	CRYPTO_R_STRING_TOO_LONG);
	268	return 0;
	269	}
	270	pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
	271	if (pd == NULL)
	272	return 0;
	273	pd->string = buf;
	274	return 1;
	275	}
	276
110bff61	277	int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD bld, const char key,
5fa7789f	278	const void *buf, size_t bsize)
3c93fbac P	279	{
	280	OSSL_PARAM_BLD_DEF *pd;
	281
	282	if (bsize > INT_MAX) {
	283	CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING,
	284	CRYPTO_R_STRING_TOO_LONG);
	285	return 0;
	286	}
	287	pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, 0);
	288	if (pd == NULL)
	289	return 0;
	290	pd->string = buf;
	291	return 1;
	292	}
	293
110bff61	294	int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD bld, const char key,
3c93fbac P	295	void *buf, size_t bsize)
	296	{
	297	OSSL_PARAM_BLD_DEF *pd;
	298
	299	if (bsize > INT_MAX) {
	300	CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR,
	301	CRYPTO_R_STRING_TOO_LONG);
	302	return 0;
	303	}
	304	pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
	305	if (pd == NULL)
	306	return 0;
	307	pd->string = buf;
	308	return 1;
	309	}
	310
	311	static OSSL_PARAM param_bld_convert(OSSL_PARAM_BLD bld, OSSL_PARAM *param,
	312	OSSL_PARAM_BLD_BLOCK *blk,
	313	OSSL_PARAM_BLD_BLOCK *secure)
	314	{
20c98cd4	315	int i, num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
3c93fbac P	316	OSSL_PARAM_BLD_DEF *pd;
	317	void *p;
	318
20c98cd4 P	319	for (i = 0; i < num; i++) {
20c98cd4 P	320	pd = sk_OSSL_PARAM_BLD_DEF_value(bld->params, i);
3c93fbac P	321	param[i].key = pd->key;
	322	param[i].data_type = pd->type;
	323	param[i].data_size = pd->size;
2baf2d81	324	param[i].return_size = OSSL_PARAM_UNMODIFIED;
3c93fbac P	325
	326	if (pd->secure) {
	327	p = secure;
	328	secure += pd->alloc_blocks;
	329	} else {
	330	p = blk;
	331	blk += pd->alloc_blocks;
	332	}
	333	param[i].data = p;
	334	if (pd->bn != NULL) {
	335	/* BIGNUM */
	336	BN_bn2nativepad(pd->bn, (unsigned char *)p, pd->size);
	337	} else if (pd->type == OSSL_PARAM_OCTET_PTR
	338	\|\| pd->type == OSSL_PARAM_UTF8_PTR) {
	339	/* PTR */
d32d3048	340	(const void *)p = pd->string;
3c93fbac P	341	} else if (pd->type == OSSL_PARAM_OCTET_STRING
	342	\|\| pd->type == OSSL_PARAM_UTF8_STRING) {
	343	if (pd->string != NULL)
	344	memcpy(p, pd->string, pd->size);
	345	else
	346	memset(p, 0, pd->size);
	347	} else {
	348	/* Number, but could also be a NULL BIGNUM */
	349	if (pd->size > sizeof(pd->num))
	350	memset(p, 0, pd->size);
	351	else if (pd->size > 0)
	352	memcpy(p, &pd->num, pd->size);
	353	}
	354	}
	355	param[i] = OSSL_PARAM_construct_end();
7312ef3f	356	return param + i;
3c93fbac P	357	}
3c93fbac P	358
110bff61	359	OSSL_PARAM OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD bld)
3c93fbac P	360	{
3c93fbac P	361	OSSL_PARAM_BLD_BLOCK blk, s = NULL;
7312ef3f	362	OSSL_PARAM params, last;
20c98cd4 P	363	const int num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
20c98cd4 P	364	const size_t p_blks = bytes_to_blocks((1 + num) * sizeof(*params));
3c93fbac	365	const size_t total = ALIGN_SIZE * (p_blks + bld->total_blocks);
7312ef3f	366	const size_t ss = ALIGN_SIZE * bld->secure_blocks;
3c93fbac	367
7312ef3f P	368	if (ss > 0) {
7312ef3f P	369	s = OPENSSL_secure_malloc(ss);
3c93fbac P	370	if (s == NULL) {
	371	CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM,
	372	CRYPTO_R_SECURE_MALLOC_FAILURE);
	373	return NULL;
	374	}
	375	}
7312ef3f P	376	params = OPENSSL_malloc(total);
7312ef3f P	377	if (params == NULL) {
3c93fbac P	378	CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE);
	379	OPENSSL_secure_free(s);
	380	return NULL;
	381	}
7312ef3f P	382	blk = p_blks + (OSSL_PARAM_BLD_BLOCK *)(params);
	383	last = param_bld_convert(bld, params, blk, s);
	384	last->data_size = ss;
	385	last->data = s;
	386	last->data_type = OSSL_PARAM_ALLOCATED_END;
6d4e6009	387
20c98cd4 P	388	/* Reset builder for reuse */
	389	bld->total_blocks = 0;
	390	bld->secure_blocks = 0;
	391	free_all_params(bld);
7312ef3f P	392	return params;
	393	}
	394
6d4e6009	395	void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params)
7312ef3f P	396	{
	397	if (params != NULL) {
	398	OSSL_PARAM *p;
	399
	400	for (p = params; p->key != NULL; p++)
	401	;
	402	if (p->data_type == OSSL_PARAM_ALLOCATED_END)
	403	OPENSSL_secure_clear_free(p->data, p->data_size);
	404	OPENSSL_free(params);
	405	}
3c93fbac	406	}