/src/openssl/crypto/param_build.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. |
4 | | * |
5 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
6 | | * this file except in compliance with the License. You can obtain a copy |
7 | | * in the file LICENSE in the source distribution or at |
8 | | * https://www.openssl.org/source/license.html |
9 | | */ |
10 | | |
11 | | #include <string.h> |
12 | | #include <openssl/err.h> |
13 | | #include <openssl/cryptoerr.h> |
14 | | #include <openssl/params.h> |
15 | | #include "internal/cryptlib.h" |
16 | | #include "internal/param_build.h" |
17 | | |
18 | 0 | #define OSSL_PARAM_ALLOCATED_END 127 |
19 | | |
20 | | typedef union { |
21 | | OSSL_UNION_ALIGN; |
22 | | } OSSL_PARAM_BLD_BLOCK; |
23 | | |
24 | 0 | #define ALIGN_SIZE sizeof(OSSL_PARAM_BLD_BLOCK) |
25 | | |
26 | | static size_t bytes_to_blocks(size_t bytes) |
27 | 0 | { |
28 | 0 | return (bytes + ALIGN_SIZE - 1) / ALIGN_SIZE; |
29 | 0 | } |
30 | | |
31 | | static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key, |
32 | | int size, size_t alloc, int type, |
33 | | int secure) |
34 | 0 | { |
35 | 0 | OSSL_PARAM_BLD_DEF *pd; |
36 | |
|
37 | 0 | if (bld->curr >= OSSL_PARAM_BLD_MAX) { |
38 | 0 | CRYPTOerr(CRYPTO_F_PARAM_PUSH, CRYPTO_R_TOO_MANY_RECORDS); |
39 | 0 | return NULL; |
40 | 0 | } |
41 | 0 | pd = bld->params + bld->curr++; |
42 | 0 | memset(pd, 0, sizeof(*pd)); |
43 | 0 | pd->key = key; |
44 | 0 | pd->type = type; |
45 | 0 | pd->size = size; |
46 | 0 | pd->alloc_blocks = bytes_to_blocks(size); |
47 | 0 | if ((pd->secure = secure) != 0) |
48 | 0 | bld->secure_blocks += pd->alloc_blocks; |
49 | 0 | else |
50 | 0 | bld->total_blocks += pd->alloc_blocks; |
51 | 0 | return pd; |
52 | 0 | } |
53 | | |
54 | | static int param_push_num(OSSL_PARAM_BLD *bld, const char *key, |
55 | | void *num, size_t size, int type) |
56 | 0 | { |
57 | 0 | OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0); |
58 | |
|
59 | 0 | if (pd == NULL) |
60 | 0 | return 0; |
61 | 0 | if (size > sizeof(pd->num)) { |
62 | 0 | CRYPTOerr(CRYPTO_F_PARAM_PUSH_NUM, CRYPTO_R_TOO_MANY_BYTES); |
63 | 0 | return 0; |
64 | 0 | } |
65 | 0 | memcpy(&pd->num, num, size); |
66 | 0 | return 1; |
67 | 0 | } |
68 | | |
69 | | void ossl_param_bld_init(OSSL_PARAM_BLD *bld) |
70 | 0 | { |
71 | 0 | memset(bld, 0, sizeof(*bld)); |
72 | 0 | } |
73 | | |
74 | | int ossl_param_bld_push_int(OSSL_PARAM_BLD *bld, const char *key, int num) |
75 | 0 | { |
76 | 0 | return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); |
77 | 0 | } |
78 | | |
79 | | int ossl_param_bld_push_uint(OSSL_PARAM_BLD *bld, const char *key, |
80 | | unsigned int num) |
81 | 0 | { |
82 | 0 | return param_push_num(bld, key, &num, sizeof(num), |
83 | 0 | OSSL_PARAM_UNSIGNED_INTEGER); |
84 | 0 | } |
85 | | |
86 | | int ossl_param_bld_push_long(OSSL_PARAM_BLD *bld, const char *key, |
87 | | long int num) |
88 | 0 | { |
89 | 0 | return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); |
90 | 0 | } |
91 | | |
92 | | int ossl_param_bld_push_ulong(OSSL_PARAM_BLD *bld, const char *key, |
93 | | unsigned long int num) |
94 | 0 | { |
95 | 0 | return param_push_num(bld, key, &num, sizeof(num), |
96 | 0 | OSSL_PARAM_UNSIGNED_INTEGER); |
97 | 0 | } |
98 | | |
99 | | int ossl_param_bld_push_int32(OSSL_PARAM_BLD *bld, const char *key, |
100 | | int32_t num) |
101 | 0 | { |
102 | 0 | return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); |
103 | 0 | } |
104 | | |
105 | | int ossl_param_bld_push_uint32(OSSL_PARAM_BLD *bld, const char *key, |
106 | | uint32_t num) |
107 | 0 | { |
108 | 0 | return param_push_num(bld, key, &num, sizeof(num), |
109 | 0 | OSSL_PARAM_UNSIGNED_INTEGER); |
110 | 0 | } |
111 | | |
112 | | int ossl_param_bld_push_int64(OSSL_PARAM_BLD *bld, const char *key, |
113 | | int64_t num) |
114 | 0 | { |
115 | 0 | return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); |
116 | 0 | } |
117 | | |
118 | | int ossl_param_bld_push_uint64(OSSL_PARAM_BLD *bld, const char *key, |
119 | | uint64_t num) |
120 | 0 | { |
121 | 0 | return param_push_num(bld, key, &num, sizeof(num), |
122 | 0 | OSSL_PARAM_UNSIGNED_INTEGER); |
123 | 0 | } |
124 | | |
125 | | int ossl_param_bld_push_size_t(OSSL_PARAM_BLD *bld, const char *key, |
126 | | size_t num) |
127 | 0 | { |
128 | 0 | return param_push_num(bld, key, &num, sizeof(num), |
129 | 0 | OSSL_PARAM_UNSIGNED_INTEGER); |
130 | 0 | } |
131 | | |
132 | | int ossl_param_bld_push_double(OSSL_PARAM_BLD *bld, const char *key, |
133 | | double num) |
134 | 0 | { |
135 | 0 | return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL); |
136 | 0 | } |
137 | | |
138 | | int ossl_param_bld_push_BN(OSSL_PARAM_BLD *bld, const char *key, |
139 | | const BIGNUM *bn) |
140 | 0 | { |
141 | 0 | return ossl_param_bld_push_BN_pad(bld, key, bn, |
142 | 0 | bn == NULL ? 0 : BN_num_bytes(bn)); |
143 | 0 | } |
144 | | |
145 | | int ossl_param_bld_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key, |
146 | | const BIGNUM *bn, size_t sz) |
147 | 0 | { |
148 | 0 | int n, secure = 0; |
149 | 0 | OSSL_PARAM_BLD_DEF *pd; |
150 | |
|
151 | 0 | if (bn != NULL) { |
152 | 0 | n = BN_num_bytes(bn); |
153 | 0 | if (n < 0) { |
154 | 0 | CRYPTOerr(0, CRYPTO_R_ZERO_LENGTH_NUMBER); |
155 | 0 | return 0; |
156 | 0 | } |
157 | 0 | if (sz < (size_t)n) { |
158 | 0 | CRYPTOerr(0, CRYPTO_R_TOO_SMALL_BUFFER); |
159 | 0 | return 0; |
160 | 0 | } |
161 | 0 | if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE) |
162 | 0 | secure = 1; |
163 | 0 | } |
164 | 0 | pd = param_push(bld, key, sz, sz, OSSL_PARAM_UNSIGNED_INTEGER, secure); |
165 | 0 | if (pd == NULL) |
166 | 0 | return 0; |
167 | 0 | pd->bn = bn; |
168 | 0 | return 1; |
169 | 0 | } |
170 | | |
171 | | int ossl_param_bld_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key, |
172 | | const char *buf, size_t bsize) |
173 | 0 | { |
174 | 0 | OSSL_PARAM_BLD_DEF *pd; |
175 | |
|
176 | 0 | if (bsize == 0) { |
177 | 0 | bsize = strlen(buf) + 1; |
178 | 0 | } else if (bsize > INT_MAX) { |
179 | 0 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING, |
180 | 0 | CRYPTO_R_STRING_TOO_LONG); |
181 | 0 | return 0; |
182 | 0 | } |
183 | 0 | pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_UTF8_STRING, 0); |
184 | 0 | if (pd == NULL) |
185 | 0 | return 0; |
186 | 0 | pd->string = buf; |
187 | 0 | return 1; |
188 | 0 | } |
189 | | |
190 | | int ossl_param_bld_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key, |
191 | | char *buf, size_t bsize) |
192 | 0 | { |
193 | 0 | OSSL_PARAM_BLD_DEF *pd; |
194 | |
|
195 | 0 | if (bsize == 0) { |
196 | 0 | bsize = strlen(buf) + 1; |
197 | 0 | } else if (bsize > INT_MAX) { |
198 | 0 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR, |
199 | 0 | CRYPTO_R_STRING_TOO_LONG); |
200 | 0 | return 0; |
201 | 0 | } |
202 | 0 | pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0); |
203 | 0 | if (pd == NULL) |
204 | 0 | return 0; |
205 | 0 | pd->string = buf; |
206 | 0 | return 1; |
207 | 0 | } |
208 | | |
209 | | int ossl_param_bld_push_octet_string(OSSL_PARAM_BLD *bld, const char *key, |
210 | | const void *buf, size_t bsize) |
211 | 0 | { |
212 | 0 | OSSL_PARAM_BLD_DEF *pd; |
213 | |
|
214 | 0 | if (bsize > INT_MAX) { |
215 | 0 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING, |
216 | 0 | CRYPTO_R_STRING_TOO_LONG); |
217 | 0 | return 0; |
218 | 0 | } |
219 | 0 | pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, 0); |
220 | 0 | if (pd == NULL) |
221 | 0 | return 0; |
222 | 0 | pd->string = buf; |
223 | 0 | return 1; |
224 | 0 | } |
225 | | |
226 | | int ossl_param_bld_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key, |
227 | | void *buf, size_t bsize) |
228 | 0 | { |
229 | 0 | OSSL_PARAM_BLD_DEF *pd; |
230 | |
|
231 | 0 | if (bsize > INT_MAX) { |
232 | 0 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR, |
233 | 0 | CRYPTO_R_STRING_TOO_LONG); |
234 | 0 | return 0; |
235 | 0 | } |
236 | 0 | pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0); |
237 | 0 | if (pd == NULL) |
238 | 0 | return 0; |
239 | 0 | pd->string = buf; |
240 | 0 | return 1; |
241 | 0 | } |
242 | | |
243 | | static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param, |
244 | | OSSL_PARAM_BLD_BLOCK *blk, |
245 | | OSSL_PARAM_BLD_BLOCK *secure) |
246 | 0 | { |
247 | 0 | size_t i; |
248 | 0 | OSSL_PARAM_BLD_DEF *pd; |
249 | 0 | void *p; |
250 | |
|
251 | 0 | for (i = 0; i < bld->curr; i++) { |
252 | 0 | pd = bld->params + i; |
253 | 0 | param[i].key = pd->key; |
254 | 0 | param[i].data_type = pd->type; |
255 | 0 | param[i].data_size = pd->size; |
256 | 0 | param[i].return_size = 0; |
257 | |
|
258 | 0 | if (pd->secure) { |
259 | 0 | p = secure; |
260 | 0 | secure += pd->alloc_blocks; |
261 | 0 | } else { |
262 | 0 | p = blk; |
263 | 0 | blk += pd->alloc_blocks; |
264 | 0 | } |
265 | 0 | param[i].data = p; |
266 | 0 | if (pd->bn != NULL) { |
267 | | /* BIGNUM */ |
268 | 0 | BN_bn2nativepad(pd->bn, (unsigned char *)p, pd->size); |
269 | 0 | } else if (pd->type == OSSL_PARAM_OCTET_PTR |
270 | 0 | || pd->type == OSSL_PARAM_UTF8_PTR) { |
271 | | /* PTR */ |
272 | 0 | *(const void **)p = pd->string; |
273 | 0 | } else if (pd->type == OSSL_PARAM_OCTET_STRING |
274 | 0 | || pd->type == OSSL_PARAM_UTF8_STRING) { |
275 | 0 | if (pd->string != NULL) |
276 | 0 | memcpy(p, pd->string, pd->size); |
277 | 0 | else |
278 | 0 | memset(p, 0, pd->size); |
279 | 0 | } else { |
280 | | /* Number, but could also be a NULL BIGNUM */ |
281 | 0 | if (pd->size > sizeof(pd->num)) |
282 | 0 | memset(p, 0, pd->size); |
283 | 0 | else if (pd->size > 0) |
284 | 0 | memcpy(p, &pd->num, pd->size); |
285 | 0 | } |
286 | 0 | } |
287 | 0 | param[i] = OSSL_PARAM_construct_end(); |
288 | 0 | return param + i; |
289 | 0 | } |
290 | | |
291 | | OSSL_PARAM *ossl_param_bld_to_param(OSSL_PARAM_BLD *bld) |
292 | 0 | { |
293 | 0 | OSSL_PARAM_BLD_BLOCK *blk, *s = NULL; |
294 | 0 | OSSL_PARAM *params, *last; |
295 | 0 | const size_t p_blks = bytes_to_blocks((1 + bld->curr) * sizeof(*params)); |
296 | 0 | const size_t total = ALIGN_SIZE * (p_blks + bld->total_blocks); |
297 | 0 | const size_t ss = ALIGN_SIZE * bld->secure_blocks; |
298 | |
|
299 | 0 | if (ss > 0) { |
300 | 0 | s = OPENSSL_secure_malloc(ss); |
301 | 0 | if (s == NULL) { |
302 | 0 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, |
303 | 0 | CRYPTO_R_SECURE_MALLOC_FAILURE); |
304 | 0 | return NULL; |
305 | 0 | } |
306 | 0 | } |
307 | 0 | params = OPENSSL_malloc(total); |
308 | 0 | if (params == NULL) { |
309 | 0 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE); |
310 | 0 | OPENSSL_secure_free(s); |
311 | 0 | return NULL; |
312 | 0 | } |
313 | 0 | blk = p_blks + (OSSL_PARAM_BLD_BLOCK *)(params); |
314 | 0 | last = param_bld_convert(bld, params, blk, s); |
315 | 0 | last->data_size = ss; |
316 | 0 | last->data = s; |
317 | 0 | last->data_type = OSSL_PARAM_ALLOCATED_END; |
318 | 0 | return params; |
319 | 0 | } |
320 | | |
321 | | void ossl_param_bld_free(OSSL_PARAM *params) |
322 | 0 | { |
323 | 0 | if (params != NULL) { |
324 | 0 | OSSL_PARAM *p; |
325 | |
|
326 | 0 | for (p = params; p->key != NULL; p++) |
327 | 0 | ; |
328 | 0 | if (p->data_type == OSSL_PARAM_ALLOCATED_END) |
329 | 0 | OPENSSL_secure_clear_free(p->data, p->data_size); |
330 | 0 | OPENSSL_free(params); |
331 | 0 | } |
332 | 0 | } |
333 | | |
334 | | OSSL_PARAM *ossl_param_bld_to_param_ex(OSSL_PARAM_BLD *bld, OSSL_PARAM *params, |
335 | | size_t param_n, void *data, |
336 | | size_t data_n, void *secure, |
337 | | size_t secure_n) |
338 | 0 | { |
339 | 0 | if (params == NULL || data == NULL) { |
340 | 0 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX, |
341 | 0 | CRYPTO_R_INVALID_NULL_ARGUMENT); |
342 | 0 | return NULL; |
343 | 0 | } |
344 | 0 | if (param_n < bld->curr + 1) { |
345 | 0 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX, |
346 | 0 | CRYPTO_R_INSUFFICIENT_PARAM_SIZE); |
347 | 0 | return NULL; |
348 | 0 | } |
349 | 0 | if (data_n < ALIGN_SIZE * bld->total_blocks) { |
350 | 0 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX, |
351 | 0 | CRYPTO_R_INSUFFICIENT_DATA_SPACE); |
352 | 0 | return NULL; |
353 | 0 | } |
354 | 0 | if (bld->secure_blocks > 0 && secure_n < ALIGN_SIZE * bld->secure_blocks) { |
355 | 0 | CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX, |
356 | 0 | CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE); |
357 | 0 | return NULL; |
358 | 0 | } |
359 | 0 | param_bld_convert(bld, params, (OSSL_PARAM_BLD_BLOCK *)data, |
360 | 0 | (OSSL_PARAM_BLD_BLOCK *)secure); |
361 | 0 | return params; |
362 | 0 | } |