diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2006-04-15 18:50:56 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2006-04-15 18:50:56 +0000 |
commit | b010b7c43478bef11b936475d89b87b4144e7d29 (patch) | |
tree | 110e5c21cae09ad3c2acd795d0e7d839c5129656 /crypto | |
parent | 9dc17a2536759997e1912cd438d20e5c5688a3e5 (diff) | |
download | openssl-new-b010b7c43478bef11b936475d89b87b4144e7d29.tar.gz |
Use more flexible method of determining output length, by setting &outlen
value of the passed output buffer is NULL.
The old method of using EVP_PKEY_size(pkey) isn't flexible enough to cover all
cases where the output length may depend on the operation or the parameters
associated with it.
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/dh/dh_pmeth.c | 2 | ||||
-rw-r--r-- | crypto/dsa/dsa_pmeth.c | 2 | ||||
-rw-r--r-- | crypto/evp/evp.h | 3 | ||||
-rw-r--r-- | crypto/evp/evp_err.c | 7 | ||||
-rw-r--r-- | crypto/evp/evp_locl.h | 2 | ||||
-rw-r--r-- | crypto/evp/pmeth_fn.c | 21 | ||||
-rw-r--r-- | crypto/evp/pmeth_lib.c | 4 | ||||
-rw-r--r-- | crypto/rsa/rsa_pmeth.c | 2 |
8 files changed, 34 insertions, 9 deletions
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index aaf32804b8..a4b7341c22 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -206,7 +206,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, int *keylen) const EVP_PKEY_METHOD dh_pkey_meth = { EVP_PKEY_DH, - 0, + EVP_PKEY_FLAG_AUTOARGLEN, pkey_dh_init, pkey_dh_cleanup, diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c index 306af267bb..711a68f6bd 100644 --- a/crypto/dsa/dsa_pmeth.c +++ b/crypto/dsa/dsa_pmeth.c @@ -221,7 +221,7 @@ static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) const EVP_PKEY_METHOD dsa_pkey_meth = { EVP_PKEY_DSA, - 0, + EVP_PKEY_FLAG_AUTOARGLEN, pkey_dsa_init, pkey_dsa_cleanup, diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index c81e1b0919..5659f67311 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -937,6 +937,8 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, #define EVP_PKEY_ALG_CTRL 0x1000 +#define EVP_PKEY_FLAG_AUTOARGLEN 2 + const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type, ENGINE *e); EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); @@ -1119,6 +1121,7 @@ void ERR_load_EVP_strings(void); #define EVP_R_BAD_KEY_LENGTH 137 #define EVP_R_BN_DECODE_ERROR 112 #define EVP_R_BN_PUBKEY_ERROR 113 +#define EVP_R_BUFFER_TOO_SMALL 155 #define EVP_R_CIPHER_PARAMETER_ERROR 122 #define EVP_R_COMMAND_NOT_SUPPORTED 147 #define EVP_R_CTRL_NOT_IMPLEMENTED 132 diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index 225564d25e..27111e6281 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -95,9 +95,9 @@ static ERR_STRING_DATA EVP_str_functs[]= {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"}, {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"}, {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"}, -{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_DERIVE"}, -{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_DERIVE_INIT"}, -{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_DERIVE_SET_PEER"}, +{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"}, +{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"}, +{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"}, {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"}, {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"}, {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"}, @@ -137,6 +137,7 @@ static ERR_STRING_DATA EVP_str_reasons[]= {ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key length"}, {ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn decode error"}, {ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn pubkey error"}, +{ERR_REASON(EVP_R_BUFFER_TOO_SMALL) ,"buffer too small"}, {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"}, {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) ,"command not supported"}, {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not implemented"}, diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h index 613b102573..570ac97ae9 100644 --- a/crypto/evp/evp_locl.h +++ b/crypto/evp/evp_locl.h @@ -256,7 +256,7 @@ struct evp_pkey_ctx_st int keygen_info_count; } /* EVP_PKEY_CTX */; -#define EVP_PKEY_DYNAMIC 1 +#define EVP_PKEY_FLAG_DYNAMIC 1 struct evp_pkey_method_st { diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c index 3d09ba245a..0b97fb5cc7 100644 --- a/crypto/evp/pmeth_fn.c +++ b/crypto/evp/pmeth_fn.c @@ -63,6 +63,22 @@ #include <openssl/evp.h> #include "evp_locl.h" +#define M_check_autoarg(ctx, arg, arglen, err) \ + if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \ + { \ + int pksize = EVP_PKEY_size(ctx->pkey); \ + if (!arg) \ + { \ + *arglen = pksize; \ + return 1; \ + } \ + else if (*arglen < pksize) \ + { \ + EVPerr(err, EVP_R_BUFFER_TOO_SMALL); \ + return 0; \ + } \ + } + int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) { int ret; @@ -96,6 +112,7 @@ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED); return -1; } + M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN) return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen); } @@ -168,6 +185,7 @@ int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED); return -1; } + M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER) return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen); } @@ -204,6 +222,7 @@ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED); return -1; } + M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT) return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen); } @@ -240,6 +259,7 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED); return -1; } + M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT) return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen); } @@ -335,6 +355,7 @@ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, int *pkeylen) EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED); return -1; } + M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE) return ctx->pmeth->derive(ctx, key, pkeylen); } diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 3c923b7a73..ae3baea96e 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -146,7 +146,7 @@ EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags) return NULL; pmeth->pkey_id = id; - pmeth->flags = flags | EVP_PKEY_DYNAMIC; + pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC; pmeth->init = 0; pmeth->cleanup = 0; @@ -178,7 +178,7 @@ EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags) void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) { - if (pmeth && (pmeth->flags & EVP_PKEY_DYNAMIC)) + if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC)) OPENSSL_free(pmeth); } diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index e11ae23b16..01625a2ae7 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -498,7 +498,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) const EVP_PKEY_METHOD rsa_pkey_meth = { EVP_PKEY_RSA, - 0, + EVP_PKEY_FLAG_AUTOARGLEN, pkey_rsa_init, pkey_rsa_cleanup, |