/src/openssl36/crypto/param_build.c

Source
/*
 * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
 * Copyright (c) 2019, Oracle and/or its affiliates.  All rights reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <string.h>
#include <openssl/err.h>
#include <openssl/cryptoerr.h>
#include <openssl/params.h>
#include <openssl/types.h>
#include <openssl/safestack.h>
#include "internal/param_build_set.h"

/*
 * Special internal param type to indicate the end of an allocate OSSL_PARAM
 * array.
 */

typedef struct {
    const char *key;
    int type;
    int secure;
    size_t size;
    size_t alloc_blocks;
    const BIGNUM *bn;
    const void *string;
    union {
        /*
         * These fields are never directly addressed, but their sizes are
         * important so that all native types can be copied here without overrun.
         */
        ossl_intmax_t i;
        ossl_uintmax_t u;
        double d;
    } num;
} OSSL_PARAM_BLD_DEF;

DEFINE_STACK_OF(OSSL_PARAM_BLD_DEF)

struct ossl_param_bld_st {
    size_t total_blocks;
    size_t secure_blocks;
    STACK_OF(OSSL_PARAM_BLD_DEF) *params;
};

static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key,
    size_t size, size_t alloc, int type,
    int secure)
{
    OSSL_PARAM_BLD_DEF *pd = OPENSSL_zalloc(sizeof(*pd));

    if (pd == NULL)
        return NULL;
    pd->key = key;
    pd->type = type;
    pd->size = size;
    pd->alloc_blocks = ossl_param_bytes_to_blocks(alloc);
    if ((pd->secure = secure) != 0)
        bld->secure_blocks += pd->alloc_blocks;
    else
        bld->total_blocks += pd->alloc_blocks;
    if (sk_OSSL_PARAM_BLD_DEF_push(bld->params, pd) <= 0) {
        OPENSSL_free(pd);
        pd = NULL;
    }
    return pd;
}

static int param_push_num(OSSL_PARAM_BLD *bld, const char *key,
    void *num, size_t size, int type)
{
    OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);

    if (pd == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }
    if (size > sizeof(pd->num)) {
        ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES);
        return 0;
    }
    memcpy(&pd->num, num, size);
    return 1;
}

OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void)
{
    OSSL_PARAM_BLD *r = OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD));

    if (r != NULL) {
        r->params = sk_OSSL_PARAM_BLD_DEF_new_null();
        if (r->params == NULL) {
            OPENSSL_free(r);
            r = NULL;
        }
    }
    return r;
}

static void free_all_params(OSSL_PARAM_BLD *bld)
{
    int i, n = sk_OSSL_PARAM_BLD_DEF_num(bld->params);

    for (i = 0; i < n; i++)
        OPENSSL_free(sk_OSSL_PARAM_BLD_DEF_pop(bld->params));
}

void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld)
{
    if (bld == NULL)
        return;
    free_all_params(bld);
    sk_OSSL_PARAM_BLD_DEF_free(bld->params);
    OPENSSL_free(bld);
}

int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
}

int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
    unsigned int num)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return param_push_num(bld, key, &num, sizeof(num),
        OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key,
    long int num)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
}

int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
    unsigned long int num)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return param_push_num(bld, key, &num, sizeof(num),
        OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key,
    int32_t num)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
}

int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
    uint32_t num)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return param_push_num(bld, key, &num, sizeof(num),
        OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key,
    int64_t num)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
}

int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
    uint64_t num)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return param_push_num(bld, key, &num, sizeof(num),
        OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
    size_t num)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return param_push_num(bld, key, &num, sizeof(num),
        OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key,
    time_t num)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return param_push_num(bld, key, &num, sizeof(num),
        OSSL_PARAM_INTEGER);
}

int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key,
    double num)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
}

static int push_BN(OSSL_PARAM_BLD *bld, const char *key,
    const BIGNUM *bn, size_t sz, int type)
{
    int n, secure = 0;
    OSSL_PARAM_BLD_DEF *pd;

    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    if (!ossl_assert(type == OSSL_PARAM_UNSIGNED_INTEGER
            || type == OSSL_PARAM_INTEGER))
        return 0;

    if (bn != NULL) {
        if (type == OSSL_PARAM_UNSIGNED_INTEGER && BN_is_negative(bn)) {
            ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_UNSUPPORTED,
                "Negative big numbers are unsupported for OSSL_PARAM_UNSIGNED_INTEGER");
            return 0;
        }

        n = BN_num_bytes(bn);
        if (n < 0) {
            ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_ZERO_LENGTH_NUMBER);
            return 0;
        }
        if (sz < (size_t)n) {
            ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER);
            return 0;
        }
        if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
            secure = 1;

        /* The BIGNUM is zero, we must transfer at least one byte */
        if (sz == 0)
            sz++;
    }
    pd = param_push(bld, key, sz, sz, type, secure);
    if (pd == NULL)
        return 0;
    pd->bn = bn;
    return 1;
}

int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key,
    const BIGNUM *bn)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    if (bn != NULL && BN_is_negative(bn))
        return push_BN(bld, key, bn, BN_num_bytes(bn) + 1,
            OSSL_PARAM_INTEGER);
    return push_BN(bld, key, bn, bn == NULL ? 0 : BN_num_bytes(bn),
        OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key,
    const BIGNUM *bn, size_t sz)
{
    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    if (bn != NULL && BN_is_negative(bn))
        return push_BN(bld, key, bn, BN_num_bytes(bn),
            OSSL_PARAM_INTEGER);
    return push_BN(bld, key, bn, sz, OSSL_PARAM_UNSIGNED_INTEGER);
}

int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
    const char *buf, size_t bsize)
{
    OSSL_PARAM_BLD_DEF *pd;
    int secure;

    if (bld == NULL || key == NULL || buf == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    if (bsize == 0)
        bsize = strlen(buf);
    secure = CRYPTO_secure_allocated(buf);
    pd = param_push(bld, key, bsize, bsize + 1, OSSL_PARAM_UTF8_STRING, secure);
    if (pd == NULL)
        return 0;
    pd->string = buf;
    return 1;
}

int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
    char *buf, size_t bsize)
{
    OSSL_PARAM_BLD_DEF *pd;

    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    if (bsize == 0)
        bsize = strlen(buf);
    pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
    if (pd == NULL)
        return 0;
    pd->string = buf;
    return 1;
}

int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
    const void *buf, size_t bsize)
{
    OSSL_PARAM_BLD_DEF *pd;
    int secure;

    if (bld == NULL || key == NULL || buf == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    secure = CRYPTO_secure_allocated(buf);
    pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, secure);
    if (pd == NULL)
        return 0;
    pd->string = buf;
    return 1;
}

int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
    void *buf, size_t bsize)
{
    OSSL_PARAM_BLD_DEF *pd;

    if (bld == NULL || key == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
    if (pd == NULL)
        return 0;
    pd->string = buf;
    return 1;
}

static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param,
    OSSL_PARAM_ALIGNED_BLOCK *blk,
    OSSL_PARAM_ALIGNED_BLOCK *secure)
{
    int i, num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
    OSSL_PARAM_BLD_DEF *pd;
    void *p;

    for (i = 0; i < num; i++) {
        pd = sk_OSSL_PARAM_BLD_DEF_value(bld->params, i);
        param[i].key = pd->key;
        param[i].data_type = pd->type;
        param[i].data_size = pd->size;
        param[i].return_size = OSSL_PARAM_UNMODIFIED;

        if (pd->secure) {
            p = secure;
            secure += pd->alloc_blocks;
        } else {
            p = blk;
            blk += pd->alloc_blocks;
        }
        param[i].data = p;
        if (pd->bn != NULL) {
            /* BIGNUM */
            if (pd->type == OSSL_PARAM_UNSIGNED_INTEGER)
                BN_bn2nativepad(pd->bn, (unsigned char *)p, (int)pd->size);
            else
                BN_signed_bn2native(pd->bn, (unsigned char *)p, (int)pd->size);
        } else if (pd->type == OSSL_PARAM_OCTET_PTR
            || pd->type == OSSL_PARAM_UTF8_PTR) {
            /* PTR */
            *(const void **)p = pd->string;
        } else if (pd->type == OSSL_PARAM_OCTET_STRING
            || pd->type == OSSL_PARAM_UTF8_STRING) {
            if (pd->string != NULL)
                memcpy(p, pd->string, pd->size);
            else
                memset(p, 0, pd->size);
            if (pd->type == OSSL_PARAM_UTF8_STRING)
                ((char *)p)[pd->size] = '\0';
        } else {
            /* Number, but could also be a NULL BIGNUM */
            if (pd->size > sizeof(pd->num))
                memset(p, 0, pd->size);
            else if (pd->size > 0)
                memcpy(p, &pd->num, pd->size);
        }
    }
    param[i] = OSSL_PARAM_construct_end();
    return param + i;
}

OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld)
{
    OSSL_PARAM_ALIGNED_BLOCK *blk, *s = NULL;
    OSSL_PARAM *params, *last;
    int num;
    size_t p_blks, total, ss;

    if (bld == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
    p_blks = ossl_param_bytes_to_blocks((1 + num) * sizeof(*params));
    total = OSSL_PARAM_ALIGN_SIZE * (p_blks + bld->total_blocks);
    ss = OSSL_PARAM_ALIGN_SIZE * bld->secure_blocks;

    if (ss > 0) {
        s = OPENSSL_secure_malloc(ss);
        if (s == NULL) {
            ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_SECURE_MALLOC_FAILURE);
            return NULL;
        }
    }
    params = OPENSSL_malloc(total);
    if (params == NULL) {
        OPENSSL_secure_free(s);
        return NULL;
    }
    blk = p_blks + (OSSL_PARAM_ALIGNED_BLOCK *)(params);
    last = param_bld_convert(bld, params, blk, s);
    ossl_param_set_secure_block(last, s, ss);

    /* Reset builder for reuse */
    bld->total_blocks = 0;
    bld->secure_blocks = 0;
    free_all_params(bld);
    return params;
}

Coverage Report

Created: 2026-04-01 06:39

Line	Count	Source
1		/*
2		* Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
3		* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
4		*
5		* Licensed under the Apache License 2.0 (the "License"). You may not use
6		* this file except in compliance with the License. You can obtain a copy
7		* in the file LICENSE in the source distribution or at
8		* https://www.openssl.org/source/license.html
9		*/
10
11		#include <string.h>
12		#include <openssl/err.h>
13		#include <openssl/cryptoerr.h>
14		#include <openssl/params.h>
15		#include <openssl/types.h>
16		#include <openssl/safestack.h>
17		#include "internal/param_build_set.h"
18
19		/*
20		* Special internal param type to indicate the end of an allocate OSSL_PARAM
21		* array.
22		*/
23
24		typedef struct {
25		const char *key;
26		int type;
27		int secure;
28		size_t size;
29		size_t alloc_blocks;
30		const BIGNUM *bn;
31		const void *string;
32		union {
33		/*
34		* These fields are never directly addressed, but their sizes are
35		* important so that all native types can be copied here without overrun.
36		*/
37		ossl_intmax_t i;
38		ossl_uintmax_t u;
39		double d;
40		} num;
41		} OSSL_PARAM_BLD_DEF;
42
43		DEFINE_STACK_OF(OSSL_PARAM_BLD_DEF)
44
45		struct ossl_param_bld_st {
46		size_t total_blocks;
47		size_t secure_blocks;
48		STACK_OF(OSSL_PARAM_BLD_DEF) *params;
49		};
50
51		static OSSL_PARAM_BLD_DEF param_push(OSSL_PARAM_BLD bld, const char *key,
52		size_t size, size_t alloc, int type,
53		int secure)
54	2.17M	{
55	2.17M	OSSL_PARAM_BLD_DEF pd = OPENSSL_zalloc(sizeof(pd));
56
57	2.17M	if (pd == NULL)
58	0	return NULL;
59	2.17M	pd->key = key;
60	2.17M	pd->type = type;
61	2.17M	pd->size = size;
62	2.17M	pd->alloc_blocks = ossl_param_bytes_to_blocks(alloc);
63	2.17M	if ((pd->secure = secure) != 0)
64	421k	bld->secure_blocks += pd->alloc_blocks;
65	1.75M	else
66	1.75M	bld->total_blocks += pd->alloc_blocks;
67	2.17M	if (sk_OSSL_PARAM_BLD_DEF_push(bld->params, pd) <= 0) {
68	0	OPENSSL_free(pd);
69	0	pd = NULL;
70	0	}
71	2.17M	return pd;
72	2.17M	}
73
74		static int param_push_num(OSSL_PARAM_BLD bld, const char key,
75		void *num, size_t size, int type)
76	492k	{
77	492k	OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);
78
79	492k	if (pd == NULL) {
80	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
81	0	return 0;
82	0	}
83	492k	if (size > sizeof(pd->num)) {
84	0	ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES);
85	0	return 0;
86	0	}
87	492k	memcpy(&pd->num, num, size);
88	492k	return 1;
89	492k	}
90
91		OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void)
92	373k	{
93	373k	OSSL_PARAM_BLD *r = OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD));
94
95	373k	if (r != NULL) {
96	373k	r->params = sk_OSSL_PARAM_BLD_DEF_new_null();
97	373k	if (r->params == NULL) {
98	0	OPENSSL_free(r);
99	0	r = NULL;
100	0	}
101	373k	}
102	373k	return r;
103	373k	}
104
105		static void free_all_params(OSSL_PARAM_BLD *bld)
106	747k	{
107	747k	int i, n = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
108
109	2.92M	for (i = 0; i < n; i++)
110	2.17M	OPENSSL_free(sk_OSSL_PARAM_BLD_DEF_pop(bld->params));
111	747k	}
112
113		void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld)
114	373k	{
115	373k	if (bld == NULL)
116	0	return;
117	373k	free_all_params(bld);
118	373k	sk_OSSL_PARAM_BLD_DEF_free(bld->params);
119	373k	OPENSSL_free(bld);
120	373k	}
121
122		int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD bld, const char key, int num)
123	492k	{
124	492k	if (bld == NULL \|\| key == NULL) {
125	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
126	0	return 0;
127	0	}
128
129	492k	return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
130	492k	}
131
132		int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD bld, const char key,
133		unsigned int num)
134	0	{
135	0	if (bld == NULL \|\| key == NULL) {
136	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
137	0	return 0;
138	0	}
139
140	0	return param_push_num(bld, key, &num, sizeof(num),
141	0	OSSL_PARAM_UNSIGNED_INTEGER);
142	0	}
143
144		int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD bld, const char key,
145		long int num)
146	0	{
147	0	if (bld == NULL \|\| key == NULL) {
148	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
149	0	return 0;
150	0	}
151
152	0	return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
153	0	}
154
155		int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD bld, const char key,
156		unsigned long int num)
157	0	{
158	0	if (bld == NULL \|\| key == NULL) {
159	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
160	0	return 0;
161	0	}
162
163	0	return param_push_num(bld, key, &num, sizeof(num),
164	0	OSSL_PARAM_UNSIGNED_INTEGER);
165	0	}
166
167		int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD bld, const char key,
168		int32_t num)
169	0	{
170	0	if (bld == NULL \|\| key == NULL) {
171	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
172	0	return 0;
173	0	}
174
175	0	return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
176	0	}
177
178		int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD bld, const char key,
179		uint32_t num)
180	0	{
181	0	if (bld == NULL \|\| key == NULL) {
182	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
183	0	return 0;
184	0	}
185
186	0	return param_push_num(bld, key, &num, sizeof(num),
187	0	OSSL_PARAM_UNSIGNED_INTEGER);
188	0	}
189
190		int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD bld, const char key,
191		int64_t num)
192	0	{
193	0	if (bld == NULL \|\| key == NULL) {
194	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
195	0	return 0;
196	0	}
197
198	0	return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
199	0	}
200
201		int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD bld, const char key,
202		uint64_t num)
203	0	{
204	0	if (bld == NULL \|\| key == NULL) {
205	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
206	0	return 0;
207	0	}
208
209	0	return param_push_num(bld, key, &num, sizeof(num),
210	0	OSSL_PARAM_UNSIGNED_INTEGER);
211	0	}
212
213		int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD bld, const char key,
214		size_t num)
215	0	{
216	0	if (bld == NULL \|\| key == NULL) {
217	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
218	0	return 0;
219	0	}
220
221	0	return param_push_num(bld, key, &num, sizeof(num),
222	0	OSSL_PARAM_UNSIGNED_INTEGER);
223	0	}
224
225		int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD bld, const char key,
226		time_t num)
227	0	{
228	0	if (bld == NULL \|\| key == NULL) {
229	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
230	0	return 0;
231	0	}
232
233	0	return param_push_num(bld, key, &num, sizeof(num),
234	0	OSSL_PARAM_INTEGER);
235	0	}
236
237		int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD bld, const char key,
238		double num)
239	0	{
240	0	if (bld == NULL \|\| key == NULL) {
241	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
242	0	return 0;
243	0	}
244
245	0	return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
246	0	}
247
248		static int push_BN(OSSL_PARAM_BLD bld, const char key,
249		const BIGNUM *bn, size_t sz, int type)
250	1.00M	{
251	1.00M	int n, secure = 0;
252	1.00M	OSSL_PARAM_BLD_DEF *pd;
253
254	1.00M	if (bld == NULL \|\| key == NULL) {
255	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
256	0	return 0;
257	0	}
258
259	1.00M	if (!ossl_assert(type == OSSL_PARAM_UNSIGNED_INTEGER
260	1.00M	\|\| type == OSSL_PARAM_INTEGER))
261	0	return 0;
262
263	1.00M	if (bn != NULL) {
264	1.00M	if (type == OSSL_PARAM_UNSIGNED_INTEGER && BN_is_negative(bn)) {
265	0	ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_UNSUPPORTED,
266	0	"Negative big numbers are unsupported for OSSL_PARAM_UNSIGNED_INTEGER");
267	0	return 0;
268	0	}
269
270	1.00M	n = BN_num_bytes(bn);
271	1.00M	if (n < 0) {
272	0	ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_ZERO_LENGTH_NUMBER);
273	0	return 0;
274	0	}
275	1.00M	if (sz < (size_t)n) {
276	0	ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER);
277	0	return 0;
278	0	}
279	1.00M	if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
280	380k	secure = 1;
281
282		/* The BIGNUM is zero, we must transfer at least one byte */
283	1.00M	if (sz == 0)
284	3.31k	sz++;
285	1.00M	}
286	1.00M	pd = param_push(bld, key, sz, sz, type, secure);
287	1.00M	if (pd == NULL)
288	0	return 0;
289	1.00M	pd->bn = bn;
290	1.00M	return 1;
291	1.00M	}
292
293		int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD bld, const char key,
294		const BIGNUM *bn)
295	916k	{
296	916k	if (bld == NULL \|\| key == NULL) {
297	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
298	0	return 0;
299	0	}
300
301	916k	if (bn != NULL && BN_is_negative(bn))
302	0	return push_BN(bld, key, bn, BN_num_bytes(bn) + 1,
303	0	OSSL_PARAM_INTEGER);
304	916k	return push_BN(bld, key, bn, bn == NULL ? 0 : BN_num_bytes(bn),
305	916k	OSSL_PARAM_UNSIGNED_INTEGER);
306	916k	}
307
308		int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD bld, const char key,
309		const BIGNUM *bn, size_t sz)
310	83.6k	{
311	83.6k	if (bld == NULL \|\| key == NULL) {
312	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
313	0	return 0;
314	0	}
315
316	83.6k	if (bn != NULL && BN_is_negative(bn))
317	0	return push_BN(bld, key, bn, BN_num_bytes(bn),
318	0	OSSL_PARAM_INTEGER);
319	83.6k	return push_BN(bld, key, bn, sz, OSSL_PARAM_UNSIGNED_INTEGER);
320	83.6k	}
321
322		int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD bld, const char key,
323		const char *buf, size_t bsize)
324	355k	{
325	355k	OSSL_PARAM_BLD_DEF *pd;
326	355k	int secure;
327
328	355k	if (bld == NULL \|\| key == NULL \|\| buf == NULL) {
329	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
330	0	return 0;
331	0	}
332
333	355k	if (bsize == 0)
334	355k	bsize = strlen(buf);
335	355k	secure = CRYPTO_secure_allocated(buf);
336	355k	pd = param_push(bld, key, bsize, bsize + 1, OSSL_PARAM_UTF8_STRING, secure);
337	355k	if (pd == NULL)
338	0	return 0;
339	355k	pd->string = buf;
340	355k	return 1;
341	355k	}
342
343		int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD bld, const char key,
344		char *buf, size_t bsize)
345	0	{
346	0	OSSL_PARAM_BLD_DEF *pd;
347
348	0	if (bld == NULL \|\| key == NULL) {
349	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
350	0	return 0;
351	0	}
352
353	0	if (bsize == 0)
354	0	bsize = strlen(buf);
355	0	pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
356	0	if (pd == NULL)
357	0	return 0;
358	0	pd->string = buf;
359	0	return 1;
360	0	}
361
362		int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD bld, const char key,
363		const void *buf, size_t bsize)
364	185k	{
365	185k	OSSL_PARAM_BLD_DEF *pd;
366	185k	int secure;
367
368	185k	if (bld == NULL \|\| key == NULL \|\| buf == NULL) {
369	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
370	0	return 0;
371	0	}
372
373	185k	secure = CRYPTO_secure_allocated(buf);
374	185k	pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, secure);
375	185k	if (pd == NULL)
376	0	return 0;
377	185k	pd->string = buf;
378	185k	return 1;
379	185k	}
380
381		int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD bld, const char key,
382		void *buf, size_t bsize)
383	0	{
384	0	OSSL_PARAM_BLD_DEF *pd;
385
386	0	if (bld == NULL \|\| key == NULL) {
387	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
388	0	return 0;
389	0	}
390
391	0	pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
392	0	if (pd == NULL)
393	0	return 0;
394	0	pd->string = buf;
395	0	return 1;
396	0	}
397
398		static OSSL_PARAM param_bld_convert(OSSL_PARAM_BLD bld, OSSL_PARAM *param,
399		OSSL_PARAM_ALIGNED_BLOCK *blk,
400		OSSL_PARAM_ALIGNED_BLOCK *secure)
401	348k	{
402	348k	int i, num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
403	348k	OSSL_PARAM_BLD_DEF *pd;
404	348k	void *p;
405
406	2.33M	for (i = 0; i < num; i++) {
407	1.98M	pd = sk_OSSL_PARAM_BLD_DEF_value(bld->params, i);
408	1.98M	param[i].key = pd->key;
409	1.98M	param[i].data_type = pd->type;
410	1.98M	param[i].data_size = pd->size;
411	1.98M	param[i].return_size = OSSL_PARAM_UNMODIFIED;
412
413	1.98M	if (pd->secure) {
414	380k	p = secure;
415	380k	secure += pd->alloc_blocks;
416	1.60M	} else {
417	1.60M	p = blk;
418	1.60M	blk += pd->alloc_blocks;
419	1.60M	}
420	1.98M	param[i].data = p;
421	1.98M	if (pd->bn != NULL) {
422		/* BIGNUM */
423	1.00M	if (pd->type == OSSL_PARAM_UNSIGNED_INTEGER)
424	1.00M	BN_bn2nativepad(pd->bn, (unsigned char *)p, (int)pd->size);
425	0	else
426	0	BN_signed_bn2native(pd->bn, (unsigned char *)p, (int)pd->size);
427	1.00M	} else if (pd->type == OSSL_PARAM_OCTET_PTR
428	988k	\|\| pd->type == OSSL_PARAM_UTF8_PTR) {
429		/* PTR */
430	0	(const void *)p = pd->string;
431	988k	} else if (pd->type == OSSL_PARAM_OCTET_STRING
432	803k	\|\| pd->type == OSSL_PARAM_UTF8_STRING) {
433	541k	if (pd->string != NULL)
434	541k	memcpy(p, pd->string, pd->size);
435	0	else
436	0	memset(p, 0, pd->size);
437	541k	if (pd->type == OSSL_PARAM_UTF8_STRING)
438	355k	((char *)p)[pd->size] = '\0';
439	541k	} else {
440		/* Number, but could also be a NULL BIGNUM */
441	447k	if (pd->size > sizeof(pd->num))
442	0	memset(p, 0, pd->size);
443	447k	else if (pd->size > 0)
444	447k	memcpy(p, &pd->num, pd->size);
445	447k	}
446	1.98M	}
447	348k	param[i] = OSSL_PARAM_construct_end();
448	348k	return param + i;
449	348k	}
450
451		OSSL_PARAM OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD bld)
452	373k	{
453	373k	OSSL_PARAM_ALIGNED_BLOCK blk, s = NULL;
454	373k	OSSL_PARAM params, last;
455	373k	int num;
456	373k	size_t p_blks, total, ss;
457
458	373k	if (bld == NULL) {
459	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
460	0	return 0;
461	0	}
462
463	373k	num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
464	373k	p_blks = ossl_param_bytes_to_blocks((1 + num) * sizeof(*params));
465	373k	total = OSSL_PARAM_ALIGN_SIZE * (p_blks + bld->total_blocks);
466	373k	ss = OSSL_PARAM_ALIGN_SIZE * bld->secure_blocks;
467
468	373k	if (ss > 0) {
469	190k	s = OPENSSL_secure_malloc(ss);
470	190k	if (s == NULL) {
471	0	ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_SECURE_MALLOC_FAILURE);
472	0	return NULL;
473	0	}
474	190k	}
475	373k	params = OPENSSL_malloc(total);
476	373k	if (params == NULL) {
477	0	OPENSSL_secure_free(s);
478	0	return NULL;
479	0	}
480	373k	blk = p_blks + (OSSL_PARAM_ALIGNED_BLOCK *)(params);
481	373k	last = param_bld_convert(bld, params, blk, s);
482	373k	ossl_param_set_secure_block(last, s, ss);
483
484		/* Reset builder for reuse */
485	373k	bld->total_blocks = 0;
486	373k	bld->secure_blocks = 0;
487	373k	free_all_params(bld);
488	373k	return params;
489	373k	}