]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/param_build.c
Raise an error on syscall failure in tls_retry_write_records
[thirdparty/openssl.git] / crypto / param_build.c
1 /*
2 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
4 *
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
9 */
10
11 #include <string.h>
12 #include <openssl/err.h>
13 #include <openssl/cryptoerr.h>
14 #include <openssl/params.h>
15 #include <openssl/types.h>
16 #include <openssl/safestack.h>
17 #include "internal/param_build_set.h"
18
19 /*
20 * Special internal param type to indicate the end of an allocate OSSL_PARAM
21 * array.
22 */
23
24 typedef struct {
25 const char *key;
26 int type;
27 int secure;
28 size_t size;
29 size_t alloc_blocks;
30 const BIGNUM *bn;
31 const void *string;
32 union {
33 /*
34 * These fields are never directly addressed, but their sizes are
35 * important so that all native types can be copied here without overrun.
36 */
37 ossl_intmax_t i;
38 ossl_uintmax_t u;
39 double d;
40 } num;
41 } OSSL_PARAM_BLD_DEF;
42
43 DEFINE_STACK_OF(OSSL_PARAM_BLD_DEF)
44
45 struct ossl_param_bld_st {
46 size_t total_blocks;
47 size_t secure_blocks;
48 STACK_OF(OSSL_PARAM_BLD_DEF) *params;
49 };
50
51 static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key,
52 size_t size, size_t alloc, int type,
53 int secure)
54 {
55 OSSL_PARAM_BLD_DEF *pd = OPENSSL_zalloc(sizeof(*pd));
56
57 if (pd == NULL)
58 return NULL;
59 pd->key = key;
60 pd->type = type;
61 pd->size = size;
62 pd->alloc_blocks = ossl_param_bytes_to_blocks(alloc);
63 if ((pd->secure = secure) != 0)
64 bld->secure_blocks += pd->alloc_blocks;
65 else
66 bld->total_blocks += pd->alloc_blocks;
67 if (sk_OSSL_PARAM_BLD_DEF_push(bld->params, pd) <= 0) {
68 OPENSSL_free(pd);
69 pd = NULL;
70 }
71 return pd;
72 }
73
74 static int param_push_num(OSSL_PARAM_BLD *bld, const char *key,
75 void *num, size_t size, int type)
76 {
77 OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);
78
79 if (pd == NULL) {
80 ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
81 return 0;
82 }
83 if (size > sizeof(pd->num)) {
84 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES);
85 return 0;
86 }
87 memcpy(&pd->num, num, size);
88 return 1;
89 }
90
91 OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void)
92 {
93 OSSL_PARAM_BLD *r = OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD));
94
95 if (r != NULL) {
96 r->params = sk_OSSL_PARAM_BLD_DEF_new_null();
97 if (r->params == NULL) {
98 OPENSSL_free(r);
99 r = NULL;
100 }
101 }
102 return r;
103 }
104
105 static void free_all_params(OSSL_PARAM_BLD *bld)
106 {
107 int i, n = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
108
109 for (i = 0; i < n; i++)
110 OPENSSL_free(sk_OSSL_PARAM_BLD_DEF_pop(bld->params));
111 }
112
113 void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld)
114 {
115 if (bld == NULL)
116 return;
117 free_all_params(bld);
118 sk_OSSL_PARAM_BLD_DEF_free(bld->params);
119 OPENSSL_free(bld);
120 }
121
122 int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
123 {
124 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
125 }
126
127 int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
128 unsigned int num)
129 {
130 return param_push_num(bld, key, &num, sizeof(num),
131 OSSL_PARAM_UNSIGNED_INTEGER);
132 }
133
134 int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key,
135 long int num)
136 {
137 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
138 }
139
140 int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
141 unsigned long int num)
142 {
143 return param_push_num(bld, key, &num, sizeof(num),
144 OSSL_PARAM_UNSIGNED_INTEGER);
145 }
146
147 int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key,
148 int32_t num)
149 {
150 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
151 }
152
153 int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
154 uint32_t num)
155 {
156 return param_push_num(bld, key, &num, sizeof(num),
157 OSSL_PARAM_UNSIGNED_INTEGER);
158 }
159
160 int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key,
161 int64_t num)
162 {
163 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
164 }
165
166 int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
167 uint64_t num)
168 {
169 return param_push_num(bld, key, &num, sizeof(num),
170 OSSL_PARAM_UNSIGNED_INTEGER);
171 }
172
173 int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
174 size_t num)
175 {
176 return param_push_num(bld, key, &num, sizeof(num),
177 OSSL_PARAM_UNSIGNED_INTEGER);
178 }
179
180 int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key,
181 time_t num)
182 {
183 return param_push_num(bld, key, &num, sizeof(num),
184 OSSL_PARAM_INTEGER);
185 }
186
187 int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key,
188 double num)
189 {
190 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
191 }
192
193 static int push_BN(OSSL_PARAM_BLD *bld, const char *key,
194 const BIGNUM *bn, size_t sz, int type)
195 {
196 int n, secure = 0;
197 OSSL_PARAM_BLD_DEF *pd;
198
199 if (!ossl_assert(type == OSSL_PARAM_UNSIGNED_INTEGER
200 || type == OSSL_PARAM_INTEGER))
201 return 0;
202
203 if (bn != NULL) {
204 if (type == OSSL_PARAM_UNSIGNED_INTEGER && BN_is_negative(bn)) {
205 ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_UNSUPPORTED,
206 "Negative big numbers are unsupported for OSSL_PARAM_UNSIGNED_INTEGER");
207 return 0;
208 }
209
210 n = BN_num_bytes(bn);
211 if (n < 0) {
212 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_ZERO_LENGTH_NUMBER);
213 return 0;
214 }
215 if (sz < (size_t)n) {
216 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER);
217 return 0;
218 }
219 if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
220 secure = 1;
221
222 /* The BIGNUM is zero, we must transfer at least one byte */
223 if (sz == 0)
224 sz++;
225 }
226 pd = param_push(bld, key, sz, sz, type, secure);
227 if (pd == NULL)
228 return 0;
229 pd->bn = bn;
230 return 1;
231 }
232
233 int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key,
234 const BIGNUM *bn)
235 {
236 if (bn != NULL && BN_is_negative(bn))
237 return push_BN(bld, key, bn, BN_num_bytes(bn) + 1,
238 OSSL_PARAM_INTEGER);
239 return push_BN(bld, key, bn, bn == NULL ? 0 : BN_num_bytes(bn),
240 OSSL_PARAM_UNSIGNED_INTEGER);
241 }
242
243 int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key,
244 const BIGNUM *bn, size_t sz)
245 {
246 if (bn != NULL && BN_is_negative(bn))
247 return push_BN(bld, key, bn, BN_num_bytes(bn),
248 OSSL_PARAM_INTEGER);
249 return push_BN(bld, key, bn, sz, OSSL_PARAM_UNSIGNED_INTEGER);
250 }
251
252 int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
253 const char *buf, size_t bsize)
254 {
255 OSSL_PARAM_BLD_DEF *pd;
256 int secure;
257
258 if (bsize == 0)
259 bsize = strlen(buf);
260 secure = CRYPTO_secure_allocated(buf);
261 pd = param_push(bld, key, bsize, bsize + 1, OSSL_PARAM_UTF8_STRING, secure);
262 if (pd == NULL)
263 return 0;
264 pd->string = buf;
265 return 1;
266 }
267
268 int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
269 char *buf, size_t bsize)
270 {
271 OSSL_PARAM_BLD_DEF *pd;
272
273 if (bsize == 0)
274 bsize = strlen(buf);
275 pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
276 if (pd == NULL)
277 return 0;
278 pd->string = buf;
279 return 1;
280 }
281
282 int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
283 const void *buf, size_t bsize)
284 {
285 OSSL_PARAM_BLD_DEF *pd;
286 int secure;
287
288 secure = CRYPTO_secure_allocated(buf);
289 pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, secure);
290 if (pd == NULL)
291 return 0;
292 pd->string = buf;
293 return 1;
294 }
295
296 int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
297 void *buf, size_t bsize)
298 {
299 OSSL_PARAM_BLD_DEF *pd;
300
301 pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
302 if (pd == NULL)
303 return 0;
304 pd->string = buf;
305 return 1;
306 }
307
308 static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param,
309 OSSL_PARAM_ALIGNED_BLOCK *blk,
310 OSSL_PARAM_ALIGNED_BLOCK *secure)
311 {
312 int i, num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
313 OSSL_PARAM_BLD_DEF *pd;
314 void *p;
315
316 for (i = 0; i < num; i++) {
317 pd = sk_OSSL_PARAM_BLD_DEF_value(bld->params, i);
318 param[i].key = pd->key;
319 param[i].data_type = pd->type;
320 param[i].data_size = pd->size;
321 param[i].return_size = OSSL_PARAM_UNMODIFIED;
322
323 if (pd->secure) {
324 p = secure;
325 secure += pd->alloc_blocks;
326 } else {
327 p = blk;
328 blk += pd->alloc_blocks;
329 }
330 param[i].data = p;
331 if (pd->bn != NULL) {
332 /* BIGNUM */
333 if (pd->type == OSSL_PARAM_UNSIGNED_INTEGER)
334 BN_bn2nativepad(pd->bn, (unsigned char *)p, pd->size);
335 else
336 BN_signed_bn2native(pd->bn, (unsigned char *)p, pd->size);
337 } else if (pd->type == OSSL_PARAM_OCTET_PTR
338 || pd->type == OSSL_PARAM_UTF8_PTR) {
339 /* PTR */
340 *(const void **)p = pd->string;
341 } else if (pd->type == OSSL_PARAM_OCTET_STRING
342 || pd->type == OSSL_PARAM_UTF8_STRING) {
343 if (pd->string != NULL)
344 memcpy(p, pd->string, pd->size);
345 else
346 memset(p, 0, pd->size);
347 if (pd->type == OSSL_PARAM_UTF8_STRING)
348 ((char *)p)[pd->size] = '\0';
349 } else {
350 /* Number, but could also be a NULL BIGNUM */
351 if (pd->size > sizeof(pd->num))
352 memset(p, 0, pd->size);
353 else if (pd->size > 0)
354 memcpy(p, &pd->num, pd->size);
355 }
356 }
357 param[i] = OSSL_PARAM_construct_end();
358 return param + i;
359 }
360
361 OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld)
362 {
363 OSSL_PARAM_ALIGNED_BLOCK *blk, *s = NULL;
364 OSSL_PARAM *params, *last;
365 const int num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
366 const size_t p_blks = ossl_param_bytes_to_blocks((1 + num) * sizeof(*params));
367 const size_t total = OSSL_PARAM_ALIGN_SIZE * (p_blks + bld->total_blocks);
368 const size_t ss = OSSL_PARAM_ALIGN_SIZE * bld->secure_blocks;
369
370 if (ss > 0) {
371 s = OPENSSL_secure_malloc(ss);
372 if (s == NULL) {
373 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_SECURE_MALLOC_FAILURE);
374 return NULL;
375 }
376 }
377 params = OPENSSL_malloc(total);
378 if (params == NULL) {
379 OPENSSL_secure_free(s);
380 return NULL;
381 }
382 blk = p_blks + (OSSL_PARAM_ALIGNED_BLOCK *)(params);
383 last = param_bld_convert(bld, params, blk, s);
384 ossl_param_set_secure_block(last, s, ss);
385
386 /* Reset builder for reuse */
387 bld->total_blocks = 0;
388 bld->secure_blocks = 0;
389 free_all_params(bld);
390 return params;
391 }