2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
12 #include <openssl/err.h>
13 #include <openssl/cryptoerr.h>
14 #include <openssl/params.h>
15 #include "internal/cryptlib.h"
16 #include "internal/param_build.h"
18 #define OSSL_PARAM_ALLOCATED_END 127
22 } OSSL_PARAM_BLD_BLOCK
;
24 #define ALIGN_SIZE sizeof(OSSL_PARAM_BLD_BLOCK)
26 static size_t bytes_to_blocks(size_t bytes
)
28 return (bytes
+ ALIGN_SIZE
- 1) / ALIGN_SIZE
;
31 static OSSL_PARAM_BLD_DEF
*param_push(OSSL_PARAM_BLD
*bld
, const char *key
,
32 int size
, size_t alloc
, int type
,
35 OSSL_PARAM_BLD_DEF
*pd
;
37 if (bld
->curr
>= OSSL_PARAM_BLD_MAX
) {
38 CRYPTOerr(CRYPTO_F_PARAM_PUSH
, CRYPTO_R_TOO_MANY_RECORDS
);
41 pd
= bld
->params
+ bld
->curr
++;
42 memset(pd
, 0, sizeof(*pd
));
46 pd
->alloc_blocks
= bytes_to_blocks(size
);
47 if ((pd
->secure
= secure
) != 0)
48 bld
->secure_blocks
+= pd
->alloc_blocks
;
50 bld
->total_blocks
+= pd
->alloc_blocks
;
54 static int param_push_num(OSSL_PARAM_BLD
*bld
, const char *key
,
55 void *num
, size_t size
, int type
)
57 OSSL_PARAM_BLD_DEF
*pd
= param_push(bld
, key
, size
, size
, type
, 0);
61 if (size
> sizeof(pd
->num
)) {
62 CRYPTOerr(CRYPTO_F_PARAM_PUSH_NUM
, CRYPTO_R_TOO_MANY_BYTES
);
65 memcpy(&pd
->num
, num
, size
);
69 void ossl_param_bld_init(OSSL_PARAM_BLD
*bld
)
71 memset(bld
, 0, sizeof(*bld
));
74 int ossl_param_bld_push_int(OSSL_PARAM_BLD
*bld
, const char *key
, int num
)
76 return param_push_num(bld
, key
, &num
, sizeof(num
), OSSL_PARAM_INTEGER
);
79 int ossl_param_bld_push_uint(OSSL_PARAM_BLD
*bld
, const char *key
,
82 return param_push_num(bld
, key
, &num
, sizeof(num
),
83 OSSL_PARAM_UNSIGNED_INTEGER
);
86 int ossl_param_bld_push_long(OSSL_PARAM_BLD
*bld
, const char *key
,
89 return param_push_num(bld
, key
, &num
, sizeof(num
), OSSL_PARAM_INTEGER
);
92 int ossl_param_bld_push_ulong(OSSL_PARAM_BLD
*bld
, const char *key
,
93 unsigned long int num
)
95 return param_push_num(bld
, key
, &num
, sizeof(num
),
96 OSSL_PARAM_UNSIGNED_INTEGER
);
99 int ossl_param_bld_push_int32(OSSL_PARAM_BLD
*bld
, const char *key
,
102 return param_push_num(bld
, key
, &num
, sizeof(num
), OSSL_PARAM_INTEGER
);
105 int ossl_param_bld_push_uint32(OSSL_PARAM_BLD
*bld
, const char *key
,
108 return param_push_num(bld
, key
, &num
, sizeof(num
),
109 OSSL_PARAM_UNSIGNED_INTEGER
);
112 int ossl_param_bld_push_int64(OSSL_PARAM_BLD
*bld
, const char *key
,
115 return param_push_num(bld
, key
, &num
, sizeof(num
), OSSL_PARAM_INTEGER
);
118 int ossl_param_bld_push_uint64(OSSL_PARAM_BLD
*bld
, const char *key
,
121 return param_push_num(bld
, key
, &num
, sizeof(num
),
122 OSSL_PARAM_UNSIGNED_INTEGER
);
125 int ossl_param_bld_push_size_t(OSSL_PARAM_BLD
*bld
, const char *key
,
128 return param_push_num(bld
, key
, &num
, sizeof(num
),
129 OSSL_PARAM_UNSIGNED_INTEGER
);
132 int ossl_param_bld_push_double(OSSL_PARAM_BLD
*bld
, const char *key
,
135 return param_push_num(bld
, key
, &num
, sizeof(num
), OSSL_PARAM_REAL
);
138 int ossl_param_bld_push_BN(OSSL_PARAM_BLD
*bld
, const char *key
,
141 int sz
= -1, secure
= 0;
142 OSSL_PARAM_BLD_DEF
*pd
;
145 sz
= BN_num_bytes(bn
);
147 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_BN
,
148 CRYPTO_R_ZERO_LENGTH_NUMBER
);
151 if (BN_get_flags(bn
, BN_FLG_SECURE
) == BN_FLG_SECURE
)
154 pd
= param_push(bld
, key
, sz
, sz
>= 0 ? sz
: 0,
155 OSSL_PARAM_UNSIGNED_INTEGER
, secure
);
162 int ossl_param_bld_push_utf8_string(OSSL_PARAM_BLD
*bld
, const char *key
,
163 const char *buf
, size_t bsize
)
165 OSSL_PARAM_BLD_DEF
*pd
;
168 bsize
= strlen(buf
) + 1;
169 } else if (bsize
> INT_MAX
) {
170 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING
,
171 CRYPTO_R_STRING_TOO_LONG
);
174 pd
= param_push(bld
, key
, bsize
, bsize
, OSSL_PARAM_UTF8_STRING
, 0);
181 int ossl_param_bld_push_utf8_ptr(OSSL_PARAM_BLD
*bld
, const char *key
,
182 char *buf
, size_t bsize
)
184 OSSL_PARAM_BLD_DEF
*pd
;
187 bsize
= strlen(buf
) + 1;
188 } else if (bsize
> INT_MAX
) {
189 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR
,
190 CRYPTO_R_STRING_TOO_LONG
);
193 pd
= param_push(bld
, key
, bsize
, sizeof(buf
), OSSL_PARAM_UTF8_PTR
, 0);
200 int ossl_param_bld_push_octet_string(OSSL_PARAM_BLD
*bld
, const char *key
,
201 const void *buf
, size_t bsize
)
203 OSSL_PARAM_BLD_DEF
*pd
;
205 if (bsize
> INT_MAX
) {
206 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING
,
207 CRYPTO_R_STRING_TOO_LONG
);
210 pd
= param_push(bld
, key
, bsize
, bsize
, OSSL_PARAM_OCTET_STRING
, 0);
217 int ossl_param_bld_push_octet_ptr(OSSL_PARAM_BLD
*bld
, const char *key
,
218 void *buf
, size_t bsize
)
220 OSSL_PARAM_BLD_DEF
*pd
;
222 if (bsize
> INT_MAX
) {
223 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR
,
224 CRYPTO_R_STRING_TOO_LONG
);
227 pd
= param_push(bld
, key
, bsize
, sizeof(buf
), OSSL_PARAM_OCTET_PTR
, 0);
234 static OSSL_PARAM
*param_bld_convert(OSSL_PARAM_BLD
*bld
, OSSL_PARAM
*param
,
235 OSSL_PARAM_BLD_BLOCK
*blk
,
236 OSSL_PARAM_BLD_BLOCK
*secure
)
239 OSSL_PARAM_BLD_DEF
*pd
;
242 for (i
= 0; i
< bld
->curr
; i
++) {
243 pd
= bld
->params
+ i
;
244 param
[i
].key
= pd
->key
;
245 param
[i
].data_type
= pd
->type
;
246 param
[i
].data_size
= pd
->size
;
247 param
[i
].return_size
= 0;
251 secure
+= pd
->alloc_blocks
;
254 blk
+= pd
->alloc_blocks
;
257 if (pd
->bn
!= NULL
) {
259 BN_bn2nativepad(pd
->bn
, (unsigned char *)p
, pd
->size
);
260 } else if (pd
->type
== OSSL_PARAM_OCTET_PTR
261 || pd
->type
== OSSL_PARAM_UTF8_PTR
) {
263 *(const void **)p
= pd
->string
;
264 } else if (pd
->type
== OSSL_PARAM_OCTET_STRING
265 || pd
->type
== OSSL_PARAM_UTF8_STRING
) {
266 if (pd
->string
!= NULL
)
267 memcpy(p
, pd
->string
, pd
->size
);
269 memset(p
, 0, pd
->size
);
271 /* Number, but could also be a NULL BIGNUM */
272 if (pd
->size
> sizeof(pd
->num
))
273 memset(p
, 0, pd
->size
);
274 else if (pd
->size
> 0)
275 memcpy(p
, &pd
->num
, pd
->size
);
278 param
[i
] = OSSL_PARAM_construct_end();
282 OSSL_PARAM
*ossl_param_bld_to_param(OSSL_PARAM_BLD
*bld
)
284 OSSL_PARAM_BLD_BLOCK
*blk
, *s
= NULL
;
285 OSSL_PARAM
*params
, *last
;
286 const size_t p_blks
= bytes_to_blocks((1 + bld
->curr
) * sizeof(*params
));
287 const size_t total
= ALIGN_SIZE
* (p_blks
+ bld
->total_blocks
);
288 const size_t ss
= ALIGN_SIZE
* bld
->secure_blocks
;
291 s
= OPENSSL_secure_malloc(ss
);
293 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM
,
294 CRYPTO_R_SECURE_MALLOC_FAILURE
);
298 params
= OPENSSL_malloc(total
);
299 if (params
== NULL
) {
300 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM
, ERR_R_MALLOC_FAILURE
);
301 OPENSSL_secure_free(s
);
304 blk
= p_blks
+ (OSSL_PARAM_BLD_BLOCK
*)(params
);
305 last
= param_bld_convert(bld
, params
, blk
, s
);
306 last
->data_size
= ss
;
308 last
->data_type
= OSSL_PARAM_ALLOCATED_END
;
312 void ossl_param_bld_free(OSSL_PARAM
*params
)
314 if (params
!= NULL
) {
317 for (p
= params
; p
->key
!= NULL
; p
++)
319 if (p
->data_type
== OSSL_PARAM_ALLOCATED_END
)
320 OPENSSL_secure_clear_free(p
->data
, p
->data_size
);
321 OPENSSL_free(params
);
325 OSSL_PARAM
*ossl_param_bld_to_param_ex(OSSL_PARAM_BLD
*bld
, OSSL_PARAM
*params
,
326 size_t param_n
, void *data
,
327 size_t data_n
, void *secure
,
330 if (params
== NULL
|| data
== NULL
) {
331 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX
,
332 CRYPTO_R_INVALID_NULL_ARGUMENT
);
335 if (param_n
< bld
->curr
+ 1) {
336 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX
,
337 CRYPTO_R_INSUFFICIENT_PARAM_SIZE
);
340 if (data_n
< ALIGN_SIZE
* bld
->total_blocks
) {
341 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX
,
342 CRYPTO_R_INSUFFICIENT_DATA_SPACE
);
345 if (bld
->secure_blocks
> 0 && secure_n
< ALIGN_SIZE
* bld
->secure_blocks
) {
346 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX
,
347 CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE
);
350 param_bld_convert(bld
, params
, (OSSL_PARAM_BLD_BLOCK
*)data
,
351 (OSSL_PARAM_BLD_BLOCK
*)secure
);