mirror of
https://github.com/openssl/openssl.git
synced 2026-05-07 20:12:39 +00:00
Viktor Dukhovni
7e57092596
ossl_param_build_set_bn_pad() is reached by two distinct caller populations. When an OSSL_PARAM_BLD template is supplied (bld != NULL), the template allocates backing storage internally and no caller-side sizing is required. When an explicit OSSL_PARAM[] array is supplied (bld == NULL), the caller follows the standard OSSL_PARAM size-probe contract: invoke the primitive once with p->data == NULL to learn the required size via p->return_size, then allocate a buffer of that size and invoke again with the real storage. The bld == NULL branch did not honour the size-probe contract: with p->data == NULL and a non-zero sz it fell through to OSSL_PARAM_set_BN() and raised CRYPTO_R_TOO_SMALL_BUFFER, so callers could never discover the required size. The defect has been latent across several releases. This primitive is the *padded* BN setter: it emits a fixed-width encoding regardless of the BN's actual magnitude, which is needed for the private key -- a minimal encoding would leak its bit-length through timing or allocation side channels. In practice the private key is the only provider parameter that reaches this primitive. Callers that want private-key material have historically done so through EVP_PKEY_todata() and its OSSL_PARAM_BLD template path, where the bug is invisible. EVP_PKEY_get_params() callers exist but have not previously needed the private-key BN. Any caller that does request it on the explicit-params path -- whether by name or as part of iterating a provider's full gettable list -- now sees the probe behave as it does elsewhere. Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com> MergeDate: Sun Apr 26 13:35:32 2026 (Merged from https://github.com/openssl/openssl/pull/30942)
130 lines
3.6 KiB
C
130 lines
3.6 KiB
C
/*
|
|
* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
* in the file LICENSE in the source distribution or at
|
|
* https://www.openssl.org/source/license.html
|
|
*/
|
|
|
|
/*
|
|
* Key Management utility functions to share functionality between the export()
|
|
* and get_params() methods.
|
|
* export() uses OSSL_PARAM_BLD, and get_params() used the OSSL_PARAM[] to
|
|
* fill in parameter data for the same key and data fields.
|
|
*/
|
|
|
|
#include <openssl/core_names.h>
|
|
#include "internal/param_build_set.h"
|
|
|
|
DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM)
|
|
|
|
int ossl_param_build_set_int(OSSL_PARAM_BLD *bld, OSSL_PARAM *p,
|
|
const char *key, int num)
|
|
{
|
|
if (bld != NULL)
|
|
return OSSL_PARAM_BLD_push_int(bld, key, num);
|
|
p = OSSL_PARAM_locate(p, key);
|
|
if (p != NULL)
|
|
return OSSL_PARAM_set_int(p, num);
|
|
return 1;
|
|
}
|
|
|
|
int ossl_param_build_set_long(OSSL_PARAM_BLD *bld, OSSL_PARAM *p,
|
|
const char *key, long num)
|
|
{
|
|
if (bld != NULL)
|
|
return OSSL_PARAM_BLD_push_long(bld, key, num);
|
|
p = OSSL_PARAM_locate(p, key);
|
|
if (p != NULL)
|
|
return OSSL_PARAM_set_long(p, num);
|
|
return 1;
|
|
}
|
|
|
|
int ossl_param_build_set_utf8_string(OSSL_PARAM_BLD *bld, OSSL_PARAM *p,
|
|
const char *key, const char *buf)
|
|
{
|
|
if (bld != NULL)
|
|
return OSSL_PARAM_BLD_push_utf8_string(bld, key, buf, 0);
|
|
p = OSSL_PARAM_locate(p, key);
|
|
if (p != NULL)
|
|
return OSSL_PARAM_set_utf8_string(p, buf);
|
|
return 1;
|
|
}
|
|
|
|
int ossl_param_build_set_octet_string(OSSL_PARAM_BLD *bld, OSSL_PARAM *p,
|
|
const char *key,
|
|
const unsigned char *data,
|
|
size_t data_len)
|
|
{
|
|
if (bld != NULL)
|
|
return OSSL_PARAM_BLD_push_octet_string(bld, key, data, data_len);
|
|
|
|
p = OSSL_PARAM_locate(p, key);
|
|
if (p != NULL)
|
|
return OSSL_PARAM_set_octet_string(p, data, data_len);
|
|
return 1;
|
|
}
|
|
|
|
int ossl_param_build_set_bn_pad(OSSL_PARAM_BLD *bld, OSSL_PARAM *p,
|
|
const char *key, const BIGNUM *bn, size_t sz)
|
|
{
|
|
if (bld != NULL)
|
|
return OSSL_PARAM_BLD_push_BN_pad(bld, key, bn, sz);
|
|
p = OSSL_PARAM_locate(p, key);
|
|
if (p != NULL) {
|
|
/* Size probe: NULL data means "report the required size". */
|
|
if (p->data == NULL) {
|
|
p->return_size = sz;
|
|
return 1;
|
|
}
|
|
if (sz > p->data_size) {
|
|
ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER);
|
|
return 0;
|
|
}
|
|
p->data_size = sz;
|
|
return OSSL_PARAM_set_BN(p, bn);
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
int ossl_param_build_set_bn(OSSL_PARAM_BLD *bld, OSSL_PARAM *p,
|
|
const char *key, const BIGNUM *bn)
|
|
{
|
|
if (bld != NULL)
|
|
return OSSL_PARAM_BLD_push_BN(bld, key, bn);
|
|
|
|
p = OSSL_PARAM_locate(p, key);
|
|
if (p != NULL)
|
|
return OSSL_PARAM_set_BN(p, bn) > 0;
|
|
return 1;
|
|
}
|
|
|
|
int ossl_param_build_set_multi_key_bn(OSSL_PARAM_BLD *bld, OSSL_PARAM *params,
|
|
const char *names[],
|
|
STACK_OF(BIGNUM_const) *stk)
|
|
{
|
|
int i, sz = sk_BIGNUM_const_num(stk);
|
|
OSSL_PARAM *p;
|
|
const BIGNUM *bn;
|
|
|
|
if (bld != NULL) {
|
|
for (i = 0; i < sz && names[i] != NULL; ++i) {
|
|
bn = sk_BIGNUM_const_value(stk, i);
|
|
if (bn != NULL && !OSSL_PARAM_BLD_push_BN(bld, names[i], bn))
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
for (i = 0; i < sz && names[i] != NULL; ++i) {
|
|
bn = sk_BIGNUM_const_value(stk, i);
|
|
p = OSSL_PARAM_locate(params, names[i]);
|
|
if (p != NULL && bn != NULL) {
|
|
if (!OSSL_PARAM_set_BN(p, bn))
|
|
return 0;
|
|
}
|
|
}
|
|
return 1;
|
|
}
|