crypto/param_build.c

   1 /*
   2  * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
   3  * Copyright (c) 2019, Oracle and/or its affiliates.  All rights reserved.
   4  *
   5  * Licensed under the Apache License 2.0 (the "License").  You may not use
   6  * this file except in compliance with the License.  You can obtain a copy
   7  * in the file LICENSE in the source distribution or at
   8  * https://www.openssl.org/source/license.html
   9  */
  10
  11 #include <string.h>
  12 #include <openssl/err.h>
  13 #include <openssl/cryptoerr.h>
  14 #include <openssl/params.h>
  15 #include <openssl/types.h>
  16 #include "internal/cryptlib.h"
  17 #include "openssl/param_build.h"
  18
  19 /*
  20  * The number of OSSL_PARAM elements a builder will allow.
  21  */
  22 #define OSSL_PARAM_BLD_MAX          25
  23
  24 /*
  25  * Special internal param type to indicate the end of an allocate OSSL_PARAM
  26  * array.
  27  */
  28 #define OSSL_PARAM_ALLOCATED_END    127
  29
  30 typedef struct {
  31     const char *key;
  32     int type;
  33     int secure;
  34     size_t size;
  35     size_t alloc_blocks;
  36     const BIGNUM *bn;
  37     const void *string;
  38     union {
  39         /*
  40          * These fields are never directly addressed, but their sizes are
  41          * imporant so that all native types can be copied here without overrun.
  42          */
  43         ossl_intmax_t i;
  44         ossl_uintmax_t u;
  45         double d;
  46     } num;
  47 } OSSL_PARAM_BLD_DEF;
  48
  49 struct ossl_param_bld_st {
  50     size_t curr;
  51     size_t total_blocks;
  52     size_t secure_blocks;
  53     OSSL_PARAM_BLD_DEF params[OSSL_PARAM_BLD_MAX];
  54 };
  55
  56 typedef union {
  57     OSSL_UNION_ALIGN;
  58 } OSSL_PARAM_BLD_BLOCK;
  59
  60 #define ALIGN_SIZE  sizeof(OSSL_PARAM_BLD_BLOCK)
  61
  62 static size_t bytes_to_blocks(size_t bytes)
  63 {
  64     return (bytes + ALIGN_SIZE - 1) / ALIGN_SIZE;
  65 }
  66
  67 static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key,
  68                                       int size, size_t alloc, int type,
  69                                       int secure)
  70 {
  71     OSSL_PARAM_BLD_DEF *pd;
  72
  73     if (bld->curr >= OSSL_PARAM_BLD_MAX) {
  74         CRYPTOerr(CRYPTO_F_PARAM_PUSH, CRYPTO_R_TOO_MANY_RECORDS);
  75         return NULL;
  76     }
  77     pd = bld->params + bld->curr++;
  78     memset(pd, 0, sizeof(*pd));
  79     pd->key = key;
  80     pd->type = type;
  81     pd->size = size;
  82     pd->alloc_blocks = bytes_to_blocks(size);
  83     if ((pd->secure = secure) != 0)
  84         bld->secure_blocks += pd->alloc_blocks;
  85     else
  86         bld->total_blocks += pd->alloc_blocks;
  87     return pd;
  88 }
  89
  90 static int param_push_num(OSSL_PARAM_BLD *bld, const char *key,
  91                           void *num, size_t size, int type)
  92 {
  93     OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);
  94
  95     if (pd == NULL)
  96         return 0;
  97     if (size > sizeof(pd->num)) {
  98         CRYPTOerr(CRYPTO_F_PARAM_PUSH_NUM, CRYPTO_R_TOO_MANY_BYTES);
  99         return 0;
 100     }
 101     memcpy(&pd->num, num, size);
 102     return 1;
 103 }
 104
 105 OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void)
 106 {
 107     return OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD));
 108 }
 109
 110 void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld)
 111 {
 112     OPENSSL_free(bld);
 113 }
 114
 115 int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
 116 {
 117     return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
 118 }
 119
 120 int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
 121                              unsigned int num)
 122 {
 123     return param_push_num(bld, key, &num, sizeof(num),
 124                           OSSL_PARAM_UNSIGNED_INTEGER);
 125 }
 126
 127 int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key,
 128                              long int num)
 129 {
 130     return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
 131 }
 132
 133 int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
 134                               unsigned long int num)
 135 {
 136     return param_push_num(bld, key, &num, sizeof(num),
 137                           OSSL_PARAM_UNSIGNED_INTEGER);
 138 }
 139
 140 int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key,
 141                               int32_t num)
 142 {
 143     return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
 144 }
 145
 146 int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
 147                                uint32_t num)
 148 {
 149     return param_push_num(bld, key, &num, sizeof(num),
 150                           OSSL_PARAM_UNSIGNED_INTEGER);
 151 }
 152
 153 int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key,
 154                               int64_t num)
 155 {
 156     return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
 157 }
 158
 159 int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
 160                                uint64_t num)
 161 {
 162     return param_push_num(bld, key, &num, sizeof(num),
 163                           OSSL_PARAM_UNSIGNED_INTEGER);
 164 }
 165
 166 int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
 167                                size_t num)
 168 {
 169     return param_push_num(bld, key, &num, sizeof(num),
 170                           OSSL_PARAM_UNSIGNED_INTEGER);
 171 }
 172
 173 int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key,
 174                                double num)
 175 {
 176     return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
 177 }
 178
 179 int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key,
 180                            const BIGNUM *bn)
 181 {
 182     return OSSL_PARAM_BLD_push_BN_pad(bld, key, bn,
 183                                       bn == NULL ? 0 : BN_num_bytes(bn));
 184 }
 185
 186 int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key,
 187                                const BIGNUM *bn, size_t sz)
 188 {
 189     int n, secure = 0;
 190     OSSL_PARAM_BLD_DEF *pd;
 191
 192     if (bn != NULL) {
 193         n = BN_num_bytes(bn);
 194         if (n < 0) {
 195             CRYPTOerr(0, CRYPTO_R_ZERO_LENGTH_NUMBER);
 196             return 0;
 197         }
 198         if (sz < (size_t)n) {
 199             CRYPTOerr(0, CRYPTO_R_TOO_SMALL_BUFFER);
 200             return 0;
 201         }
 202         if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
 203             secure = 1;
 204     }
 205     pd = param_push(bld, key, sz, sz, OSSL_PARAM_UNSIGNED_INTEGER, secure);
 206     if (pd == NULL)
 207         return 0;
 208     pd->bn = bn;
 209     return 1;
 210 }
 211
 212 int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
 213                                     const char *buf, size_t bsize)
 214 {
 215     OSSL_PARAM_BLD_DEF *pd;
 216
 217     if (bsize == 0) {
 218         bsize = strlen(buf) + 1;
 219     } else if (bsize > INT_MAX) {
 220         CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING,
 221                   CRYPTO_R_STRING_TOO_LONG);
 222         return 0;
 223     }
 224     pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_UTF8_STRING, 0);
 225     if (pd == NULL)
 226         return 0;
 227     pd->string = buf;
 228     return 1;
 229 }
 230
 231 int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
 232                                  char *buf, size_t bsize)
 233 {
 234     OSSL_PARAM_BLD_DEF *pd;
 235
 236     if (bsize == 0) {
 237         bsize = strlen(buf) + 1;
 238     } else if (bsize > INT_MAX) {
 239         CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR,
 240                   CRYPTO_R_STRING_TOO_LONG);
 241         return 0;
 242     }
 243     pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
 244     if (pd == NULL)
 245         return 0;
 246     pd->string = buf;
 247     return 1;
 248 }
 249
 250 int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
 251                                      const void *buf, size_t bsize)
 252 {
 253     OSSL_PARAM_BLD_DEF *pd;
 254
 255     if (bsize > INT_MAX) {
 256         CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING,
 257                   CRYPTO_R_STRING_TOO_LONG);
 258         return 0;
 259     }
 260     pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, 0);
 261     if (pd == NULL)
 262         return 0;
 263     pd->string = buf;
 264     return 1;
 265 }
 266
 267 int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
 268                                   void *buf, size_t bsize)
 269 {
 270     OSSL_PARAM_BLD_DEF *pd;
 271
 272     if (bsize > INT_MAX) {
 273         CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR,
 274                   CRYPTO_R_STRING_TOO_LONG);
 275         return 0;
 276     }
 277     pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
 278     if (pd == NULL)
 279         return 0;
 280     pd->string = buf;
 281     return 1;
 282 }
 283
 284 static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param,
 285                                      OSSL_PARAM_BLD_BLOCK *blk,
 286                                      OSSL_PARAM_BLD_BLOCK *secure)
 287 {
 288     size_t i;
 289     OSSL_PARAM_BLD_DEF *pd;
 290     void *p;
 291
 292     for (i = 0; i < bld->curr; i++) {
 293         pd = bld->params + i;
 294         param[i].key = pd->key;
 295         param[i].data_type = pd->type;
 296         param[i].data_size = pd->size;
 297         param[i].return_size = 0;
 298
 299         if (pd->secure) {
 300             p = secure;
 301             secure += pd->alloc_blocks;
 302         } else {
 303             p = blk;
 304             blk += pd->alloc_blocks;
 305         }
 306         param[i].data = p;
 307         if (pd->bn != NULL) {
 308             /* BIGNUM */
 309             BN_bn2nativepad(pd->bn, (unsigned char *)p, pd->size);
 310         } else if (pd->type == OSSL_PARAM_OCTET_PTR
 311                    || pd->type == OSSL_PARAM_UTF8_PTR) {
 312             /* PTR */
 313             *(const void **)p = pd->string;
 314         } else if (pd->type == OSSL_PARAM_OCTET_STRING
 315                    || pd->type == OSSL_PARAM_UTF8_STRING) {
 316             if (pd->string != NULL)
 317                 memcpy(p, pd->string, pd->size);
 318             else
 319                 memset(p, 0, pd->size);
 320         } else {
 321             /* Number, but could also be a NULL BIGNUM */
 322             if (pd->size > sizeof(pd->num))
 323                 memset(p, 0, pd->size);
 324             else if (pd->size > 0)
 325                 memcpy(p, &pd->num, pd->size);
 326         }
 327     }
 328     param[i] = OSSL_PARAM_construct_end();
 329     return param + i;
 330 }
 331
 332 OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld)
 333 {
 334     OSSL_PARAM_BLD_BLOCK *blk, *s = NULL;
 335     OSSL_PARAM *params, *last;
 336     const size_t p_blks = bytes_to_blocks((1 + bld->curr) * sizeof(*params));
 337     const size_t total = ALIGN_SIZE * (p_blks + bld->total_blocks);
 338     const size_t ss = ALIGN_SIZE * bld->secure_blocks;
 339
 340     if (ss > 0) {
 341         s = OPENSSL_secure_malloc(ss);
 342         if (s == NULL) {
 343             CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM,
 344                       CRYPTO_R_SECURE_MALLOC_FAILURE);
 345             OPENSSL_free(bld);
 346             return NULL;
 347         }
 348     }
 349     params = OPENSSL_malloc(total);
 350     if (params == NULL) {
 351         CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE);
 352         OPENSSL_free(bld);
 353         OPENSSL_secure_free(s);
 354         return NULL;
 355     }
 356     blk = p_blks + (OSSL_PARAM_BLD_BLOCK *)(params);
 357     last = param_bld_convert(bld, params, blk, s);
 358     last->data_size = ss;
 359     last->data = s;
 360     last->data_type = OSSL_PARAM_ALLOCATED_END;
 361
 362     /* Reset for reuse */
 363     memset(bld, 0, sizeof(*bld));
 364     return params;
 365 }
 366
 367 void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params)
 368 {
 369     if (params != NULL) {
 370         OSSL_PARAM *p;
 371
 372         for (p = params; p->key != NULL; p++)
 373             ;
 374         if (p->data_type == OSSL_PARAM_ALLOCATED_END)
 375             OPENSSL_secure_clear_free(p->data, p->data_size);
 376         OPENSSL_free(params);
 377     }
 378 }