2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
12 #include <openssl/err.h>
13 #include <openssl/cryptoerr.h>
14 #include <openssl/params.h>
15 #include <openssl/types.h>
16 #include <openssl/safestack.h>
17 #include "internal/cryptlib.h"
18 #include "openssl/param_build.h"
21 * Special internal param type to indicate the end of an allocate OSSL_PARAM
24 #define OSSL_PARAM_ALLOCATED_END 127
36 * These fields are never directly addressed, but their sizes are
37 * imporant so that all native types can be copied here without overrun.
45 DEFINE_STACK_OF(OSSL_PARAM_BLD_DEF)
47 struct ossl_param_bld_st {
50 STACK_OF(OSSL_PARAM_BLD_DEF) *params;
55 } OSSL_PARAM_BLD_BLOCK;
57 #define ALIGN_SIZE sizeof(OSSL_PARAM_BLD_BLOCK)
59 static size_t bytes_to_blocks(size_t bytes)
61 return (bytes + ALIGN_SIZE - 1) / ALIGN_SIZE;
64 static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key,
65 int size, size_t alloc, int type,
68 OSSL_PARAM_BLD_DEF *pd = OPENSSL_zalloc(sizeof(*pd));
71 CRYPTOerr(CRYPTO_F_PARAM_PUSH, ERR_R_MALLOC_FAILURE);
77 pd->alloc_blocks = bytes_to_blocks(size);
78 if ((pd->secure = secure) != 0)
79 bld->secure_blocks += pd->alloc_blocks;
81 bld->total_blocks += pd->alloc_blocks;
82 if (sk_OSSL_PARAM_BLD_DEF_push(bld->params, pd) <= 0) {
89 static int param_push_num(OSSL_PARAM_BLD *bld, const char *key,
90 void *num, size_t size, int type)
92 OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);
96 if (size > sizeof(pd->num)) {
97 CRYPTOerr(CRYPTO_F_PARAM_PUSH_NUM, CRYPTO_R_TOO_MANY_BYTES);
100 memcpy(&pd->num, num, size);
104 OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void)
106 OSSL_PARAM_BLD *r = OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD));
109 r->params = sk_OSSL_PARAM_BLD_DEF_new_null();
110 if (r->params == NULL) {
118 static void free_all_params(OSSL_PARAM_BLD *bld)
120 int i, n = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
122 for (i = 0; i < n; i++)
123 OPENSSL_free(sk_OSSL_PARAM_BLD_DEF_pop(bld->params));
126 void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld)
130 free_all_params(bld);
131 sk_OSSL_PARAM_BLD_DEF_free(bld->params);
135 int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
137 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
140 int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
143 return param_push_num(bld, key, &num, sizeof(num),
144 OSSL_PARAM_UNSIGNED_INTEGER);
147 int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key,
150 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
153 int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
154 unsigned long int num)
156 return param_push_num(bld, key, &num, sizeof(num),
157 OSSL_PARAM_UNSIGNED_INTEGER);
160 int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key,
163 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
166 int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
169 return param_push_num(bld, key, &num, sizeof(num),
170 OSSL_PARAM_UNSIGNED_INTEGER);
173 int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key,
176 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
179 int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
182 return param_push_num(bld, key, &num, sizeof(num),
183 OSSL_PARAM_UNSIGNED_INTEGER);
186 int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
189 return param_push_num(bld, key, &num, sizeof(num),
190 OSSL_PARAM_UNSIGNED_INTEGER);
193 int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key,
196 return param_push_num(bld, key, &num, sizeof(num),
200 int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key,
203 return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
206 int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key,
209 return OSSL_PARAM_BLD_push_BN_pad(bld, key, bn,
210 bn == NULL ? 0 : BN_num_bytes(bn));
213 int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key,
214 const BIGNUM *bn, size_t sz)
217 OSSL_PARAM_BLD_DEF *pd;
220 n = BN_num_bytes(bn);
222 CRYPTOerr(0, CRYPTO_R_ZERO_LENGTH_NUMBER);
225 if (sz < (size_t)n) {
226 CRYPTOerr(0, CRYPTO_R_TOO_SMALL_BUFFER);
229 if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
232 pd = param_push(bld, key, sz, sz, OSSL_PARAM_UNSIGNED_INTEGER, secure);
239 int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
240 const char *buf, size_t bsize)
242 OSSL_PARAM_BLD_DEF *pd;
245 bsize = strlen(buf) + 1;
246 } else if (bsize > INT_MAX) {
247 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING,
248 CRYPTO_R_STRING_TOO_LONG);
251 pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_UTF8_STRING, 0);
258 int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
259 char *buf, size_t bsize)
261 OSSL_PARAM_BLD_DEF *pd;
264 bsize = strlen(buf) + 1;
265 } else if (bsize > INT_MAX) {
266 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR,
267 CRYPTO_R_STRING_TOO_LONG);
270 pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
277 int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
278 const void *buf, size_t bsize)
280 OSSL_PARAM_BLD_DEF *pd;
282 if (bsize > INT_MAX) {
283 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING,
284 CRYPTO_R_STRING_TOO_LONG);
287 pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, 0);
294 int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
295 void *buf, size_t bsize)
297 OSSL_PARAM_BLD_DEF *pd;
299 if (bsize > INT_MAX) {
300 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR,
301 CRYPTO_R_STRING_TOO_LONG);
304 pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
311 static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param,
312 OSSL_PARAM_BLD_BLOCK *blk,
313 OSSL_PARAM_BLD_BLOCK *secure)
315 int i, num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
316 OSSL_PARAM_BLD_DEF *pd;
319 for (i = 0; i < num; i++) {
320 pd = sk_OSSL_PARAM_BLD_DEF_value(bld->params, i);
321 param[i].key = pd->key;
322 param[i].data_type = pd->type;
323 param[i].data_size = pd->size;
324 param[i].return_size = OSSL_PARAM_UNMODIFIED;
328 secure += pd->alloc_blocks;
331 blk += pd->alloc_blocks;
334 if (pd->bn != NULL) {
336 BN_bn2nativepad(pd->bn, (unsigned char *)p, pd->size);
337 } else if (pd->type == OSSL_PARAM_OCTET_PTR
338 || pd->type == OSSL_PARAM_UTF8_PTR) {
340 *(const void **)p = pd->string;
341 } else if (pd->type == OSSL_PARAM_OCTET_STRING
342 || pd->type == OSSL_PARAM_UTF8_STRING) {
343 if (pd->string != NULL)
344 memcpy(p, pd->string, pd->size);
346 memset(p, 0, pd->size);
348 /* Number, but could also be a NULL BIGNUM */
349 if (pd->size > sizeof(pd->num))
350 memset(p, 0, pd->size);
351 else if (pd->size > 0)
352 memcpy(p, &pd->num, pd->size);
355 param[i] = OSSL_PARAM_construct_end();
359 OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld)
361 OSSL_PARAM_BLD_BLOCK *blk, *s = NULL;
362 OSSL_PARAM *params, *last;
363 const int num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
364 const size_t p_blks = bytes_to_blocks((1 + num) * sizeof(*params));
365 const size_t total = ALIGN_SIZE * (p_blks + bld->total_blocks);
366 const size_t ss = ALIGN_SIZE * bld->secure_blocks;
369 s = OPENSSL_secure_malloc(ss);
371 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM,
372 CRYPTO_R_SECURE_MALLOC_FAILURE);
376 params = OPENSSL_malloc(total);
377 if (params == NULL) {
378 CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE);
379 OPENSSL_secure_free(s);
382 blk = p_blks + (OSSL_PARAM_BLD_BLOCK *)(params);
383 last = param_bld_convert(bld, params, blk, s);
384 last->data_size = ss;
386 last->data_type = OSSL_PARAM_ALLOCATED_END;
388 /* Reset builder for reuse */
389 bld->total_blocks = 0;
390 bld->secure_blocks = 0;
391 free_all_params(bld);
395 void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params)
397 if (params != NULL) {
400 for (p = params; p->key != NULL; p++)
402 if (p->data_type == OSSL_PARAM_ALLOCATED_END)
403 OPENSSL_secure_clear_free(p->data, p->data_size);
404 OPENSSL_free(params);