2 * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
12 #include <openssl/err.h>
13 #include <openssl/cryptoerr.h>
14 #include <openssl/params.h>
15 #include <openssl/types.h>
16 #include <openssl/safestack.h>
17 #include "internal/param_build_set.h"
20 * Special internal param type to indicate the end of an allocate OSSL_PARAM
34 * These fields are never directly addressed, but their sizes are
35 * imporant so that all native types can be copied here without overrun.
43 DEFINE_STACK_OF(OSSL_PARAM_BLD_DEF)
45 struct ossl_param_bld_st {
48 STACK_OF(OSSL_PARAM_BLD_DEF) *params;
51 static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key,
52 int size, size_t alloc, int type,
55 OSSL_PARAM_BLD_DEF *pd = OPENSSL_zalloc(sizeof(*pd));
58 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
64 pd->alloc_blocks = ossl_param_bytes_to_blocks(alloc);
65 if ((pd->secure = secure) != 0)
66 bld->secure_blocks += pd->alloc_blocks;
68 bld->total_blocks += pd->alloc_blocks;
69 if (sk_OSSL_PARAM_BLD_DEF_push(bld->params, pd) <= 0) {
76 static int param_push_num(OSSL_PARAM_BLD *bld, const char *key,
77 void *num, size_t size, int type)
79 OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);
82 ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
85 if (size > sizeof(pd->num)) {
86 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES);
89 memcpy(&pd->num, num, size);
93 OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void)
95 OSSL_PARAM_BLD *r = OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD));
98 r->params = sk_OSSL_PARAM_BLD_DEF_new_null();
99 if (r->params == NULL) {
107 static void free_all_params(OSSL_PARAM_BLD *bld)
109 int i, n = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
111 for (i = 0; i < n; i++)
112 OPENSSL_free(sk_OSSL_PARAM_BLD_DEF_pop(bld->params));
115 void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld)
119 free_all_params(bld);
120 sk_OSSL_PARAM_BLD_DEF_free(bld->params);
124 int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
126 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
129 int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
132 return param_push_num(bld, key, &num, sizeof(num),
133 OSSL_PARAM_UNSIGNED_INTEGER);
136 int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key,
139 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
142 int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
143 unsigned long int num)
145 return param_push_num(bld, key, &num, sizeof(num),
146 OSSL_PARAM_UNSIGNED_INTEGER);
149 int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key,
152 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
155 int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
158 return param_push_num(bld, key, &num, sizeof(num),
159 OSSL_PARAM_UNSIGNED_INTEGER);
162 int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key,
165 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
168 int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
171 return param_push_num(bld, key, &num, sizeof(num),
172 OSSL_PARAM_UNSIGNED_INTEGER);
175 int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
178 return param_push_num(bld, key, &num, sizeof(num),
179 OSSL_PARAM_UNSIGNED_INTEGER);
182 int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key,
185 return param_push_num(bld, key, &num, sizeof(num),
189 int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key,
192 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
195 static int push_BN(OSSL_PARAM_BLD *bld, const char *key,
196 const BIGNUM *bn, size_t sz, int type)
199 OSSL_PARAM_BLD_DEF *pd;
201 if (!ossl_assert(type == OSSL_PARAM_UNSIGNED_INTEGER
202 || type == OSSL_PARAM_INTEGER))
206 if (type == OSSL_PARAM_UNSIGNED_INTEGER && BN_is_negative(bn)) {
207 ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_UNSUPPORTED,
208 "Negative big numbers are unsupported for OSSL_PARAM_UNSIGNED_INTEGER");
212 n = BN_num_bytes(bn);
214 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_ZERO_LENGTH_NUMBER);
217 if (sz < (size_t)n) {
218 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER);
221 if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
224 pd = param_push(bld, key, sz, sz, type, secure);
231 int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key,
234 if (BN_is_negative(bn))
235 return push_BN(bld, key, bn, bn == NULL ? 0 : BN_num_bytes(bn) + 1,
237 return push_BN(bld, key, bn, bn == NULL ? 0 : BN_num_bytes(bn),
238 OSSL_PARAM_UNSIGNED_INTEGER);
241 int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key,
242 const BIGNUM *bn, size_t sz)
244 if (BN_is_negative(bn))
245 return push_BN(bld, key, bn, bn == NULL ? 0 : BN_num_bytes(bn),
247 return push_BN(bld, key, bn, sz, OSSL_PARAM_UNSIGNED_INTEGER);
250 int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
251 const char *buf, size_t bsize)
253 OSSL_PARAM_BLD_DEF *pd;
258 } else if (bsize > INT_MAX) {
259 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_STRING_TOO_LONG);
262 secure = CRYPTO_secure_allocated(buf);
263 pd = param_push(bld, key, bsize, bsize + 1, OSSL_PARAM_UTF8_STRING, secure);
270 int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
271 char *buf, size_t bsize)
273 OSSL_PARAM_BLD_DEF *pd;
277 } else if (bsize > INT_MAX) {
278 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_STRING_TOO_LONG);
281 pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
288 int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
289 const void *buf, size_t bsize)
291 OSSL_PARAM_BLD_DEF *pd;
294 if (bsize > INT_MAX) {
295 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_STRING_TOO_LONG);
298 secure = CRYPTO_secure_allocated(buf);
299 pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, secure);
306 int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
307 void *buf, size_t bsize)
309 OSSL_PARAM_BLD_DEF *pd;
311 if (bsize > INT_MAX) {
312 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_STRING_TOO_LONG);
315 pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
322 static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param,
323 OSSL_PARAM_ALIGNED_BLOCK *blk,
324 OSSL_PARAM_ALIGNED_BLOCK *secure)
326 int i, num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
327 OSSL_PARAM_BLD_DEF *pd;
330 for (i = 0; i < num; i++) {
331 pd = sk_OSSL_PARAM_BLD_DEF_value(bld->params, i);
332 param[i].key = pd->key;
333 param[i].data_type = pd->type;
334 param[i].data_size = pd->size;
335 param[i].return_size = OSSL_PARAM_UNMODIFIED;
339 secure += pd->alloc_blocks;
342 blk += pd->alloc_blocks;
345 if (pd->bn != NULL) {
347 if (pd->type == OSSL_PARAM_UNSIGNED_INTEGER)
348 BN_bn2nativepad(pd->bn, (unsigned char *)p, pd->size);
350 BN_signed_bn2native(pd->bn, (unsigned char *)p, pd->size);
351 } else if (pd->type == OSSL_PARAM_OCTET_PTR
352 || pd->type == OSSL_PARAM_UTF8_PTR) {
354 *(const void **)p = pd->string;
355 } else if (pd->type == OSSL_PARAM_OCTET_STRING
356 || pd->type == OSSL_PARAM_UTF8_STRING) {
357 if (pd->string != NULL)
358 memcpy(p, pd->string, pd->size);
360 memset(p, 0, pd->size);
361 if (pd->type == OSSL_PARAM_UTF8_STRING)
362 ((char *)p)[pd->size] = '\0';
364 /* Number, but could also be a NULL BIGNUM */
365 if (pd->size > sizeof(pd->num))
366 memset(p, 0, pd->size);
367 else if (pd->size > 0)
368 memcpy(p, &pd->num, pd->size);
371 param[i] = OSSL_PARAM_construct_end();
375 OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld)
377 OSSL_PARAM_ALIGNED_BLOCK *blk, *s = NULL;
378 OSSL_PARAM *params, *last;
379 const int num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
380 const size_t p_blks = ossl_param_bytes_to_blocks((1 + num) * sizeof(*params));
381 const size_t total = OSSL_PARAM_ALIGN_SIZE * (p_blks + bld->total_blocks);
382 const size_t ss = OSSL_PARAM_ALIGN_SIZE * bld->secure_blocks;
385 s = OPENSSL_secure_malloc(ss);
387 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_SECURE_MALLOC_FAILURE);
391 params = OPENSSL_malloc(total);
392 if (params == NULL) {
393 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
394 OPENSSL_secure_free(s);
397 blk = p_blks + (OSSL_PARAM_ALIGNED_BLOCK *)(params);
398 last = param_bld_convert(bld, params, blk, s);
399 ossl_param_set_secure_block(last, s, ss);
401 /* Reset builder for reuse */
402 bld->total_blocks = 0;
403 bld->secure_blocks = 0;
404 free_all_params(bld);