From d82c7f3dba44b190eac80e5ddffac9a00cefd47d Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 3 Feb 2021 14:10:08 +0100 Subject: [PATCH] EVP: Modify the checks in EVP_PKEY_{set,get}_xxx_param() functions The checks of the type of EVP_PKEY were from before we had the macro evp_pkey_is_provided(). Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/14056) --- crypto/evp/p_lib.c | 76 +++++++++------------------ doc/man3/EVP_PKEY_settable_params.pod | 2 +- include/openssl/evp.h | 2 +- 3 files changed, 27 insertions(+), 53 deletions(-) diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 122e5149b8..5dfe48f3c6 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -2004,11 +2004,10 @@ int EVP_PKEY_get_bn_param(const EVP_PKEY *pkey, const char *key_name, unsigned char *buf = NULL; size_t buf_sz = 0; - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL - || key_name == NULL - || bn == NULL) + if (key_name == NULL + || bn == NULL + || pkey == NULL + || !evp_pkey_is_provided(pkey)) return 0; memset(buffer, 0, sizeof(buffer)); @@ -2046,10 +2045,9 @@ int EVP_PKEY_get_octet_string_param(const EVP_PKEY *pkey, const char *key_name, { OSSL_PARAM params[2]; - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL - || key_name == NULL) + if (key_name == NULL + || pkey == NULL + || !evp_pkey_is_provided(pkey)) return 0; params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, max_buf_sz); @@ -2068,10 +2066,7 @@ int EVP_PKEY_get_utf8_string_param(const EVP_PKEY *pkey, const char *key_name, { OSSL_PARAM params[2]; - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL - || key_name == NULL) + if (key_name == NULL) return 0; params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, max_buf_sz); @@ -2089,10 +2084,7 @@ int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name, { OSSL_PARAM params[2]; - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL - || key_name == NULL) + if (key_name == NULL) return 0; params[0] = OSSL_PARAM_construct_int(key_name, out); @@ -2106,10 +2098,7 @@ int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name, { OSSL_PARAM params[2]; - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL - || key_name == NULL) + if (key_name == NULL) return 0; params[0] = OSSL_PARAM_construct_size_t(key_name, out); @@ -2122,10 +2111,7 @@ int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in) { OSSL_PARAM params[2]; - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL - || key_name == NULL) + if (key_name == NULL) return 0; params[0] = OSSL_PARAM_construct_int(key_name, &in); @@ -2137,10 +2123,7 @@ int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in) { OSSL_PARAM params[2]; - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL - || key_name == NULL) + if (key_name == NULL) return 0; params[0] = OSSL_PARAM_construct_size_t(key_name, &in); @@ -2155,11 +2138,10 @@ int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, unsigned char buffer[2048]; int bsize = 0; - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL - || key_name == NULL - || bn == NULL) + if (key_name == NULL + || bn == NULL + || pkey == NULL + || !evp_pkey_is_provided(pkey)) return 0; bsize = BN_num_bytes(bn); @@ -2178,10 +2160,7 @@ int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name, { OSSL_PARAM params[2]; - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL - || key_name == NULL) + if (key_name == NULL) return 0; params[0] = OSSL_PARAM_construct_utf8_string(key_name, (char *)str, 0); @@ -2194,10 +2173,7 @@ int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, { OSSL_PARAM params[2]; - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL - || key_name == NULL) + if (key_name == NULL) return 0; params[0] = OSSL_PARAM_construct_octet_string(key_name, @@ -2206,13 +2182,11 @@ int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, return EVP_PKEY_set_params(pkey, params); } -const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey) +const OSSL_PARAM *EVP_PKEY_settable_params(const EVP_PKEY *pkey) { - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL) - return 0; - return EVP_KEYMGMT_settable_params(pkey->keymgmt); + return (pkey != NULL && evp_pkey_is_provided(pkey)) + ? EVP_KEYMGMT_settable_params(pkey->keymgmt) + : NULL; } int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]) @@ -2227,9 +2201,9 @@ int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]) const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey) { - return pkey != NULL - && evp_pkey_is_provided(pkey) - && EVP_KEYMGMT_gettable_params(pkey->keymgmt); + return (pkey != NULL && evp_pkey_is_provided(pkey)) + ? EVP_KEYMGMT_gettable_params(pkey->keymgmt) + : NULL; } int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[]) diff --git a/doc/man3/EVP_PKEY_settable_params.pod b/doc/man3/EVP_PKEY_settable_params.pod index 535570cd1d..6760818cda 100644 --- a/doc/man3/EVP_PKEY_settable_params.pod +++ b/doc/man3/EVP_PKEY_settable_params.pod @@ -11,7 +11,7 @@ EVP_PKEY_set_utf8_string_param, EVP_PKEY_set_octet_string_param #include - const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey); + const OSSL_PARAM *EVP_PKEY_settable_params(const EVP_PKEY *pkey); int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]); int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in); int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in); diff --git a/include/openssl/evp.h b/include/openssl/evp.h index d327397121..239b107833 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1809,7 +1809,7 @@ int EVP_PKEY_get_octet_string_param(const EVP_PKEY *pkey, const char *key_name, unsigned char *buf, size_t max_buf_sz, size_t *out_sz); -const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey); +const OSSL_PARAM *EVP_PKEY_settable_params(const EVP_PKEY *pkey); int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]); int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in); int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in);