Param build: make structures opaque.

Since this is public, it is best to make the underlying structure opaque. This means converting from stack allocation to dynamic allocation for all usages. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11390)
author: Pauli <paul.dale@oracle.com> 2020-03-26 09:28:01 +1000
committer: Pauli <paul.dale@oracle.com> 2020-03-28 12:27:22 +1000
commit: 6d4e6009d27712a405e1e3a4c33fb8a8566f134a (patch)
tree: 09d94a8c8f8f6f493cc758b6fd704837be82cb8c /crypto/ec
parent: be19d3caf0724b786ecc97ec4207c07cff63c745 (diff)
2 files changed, 19 insertions, 14 deletions
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index 85427cf456..65af8cc3c5 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -626,7 +626,7 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
     const EC_GROUP *ecg = NULL;
     unsigned char *pub_key_buf = NULL;
     size_t pub_key_buflen;
-    OSSL_PARAM_BLD tmpl;
+    OSSL_PARAM_BLD *tmpl;
     OSSL_PARAM *params = NULL;
     const BIGNUM *priv_key = NULL;
     const EC_POINT *pub_point = NULL;
@@ -645,10 +645,12 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
     if (EC_KEY_get_method(eckey) != EC_KEY_OpenSSL())
         return 0;
 
-    OSSL_PARAM_BLD_init(&tmpl);
+    tmpl = OSSL_PARAM_BLD_new();
+    if (tmpl == NULL)
+        return 0;
 
     /* export the domain parameters */
-    if (!ecparams_to_params(eckey, &tmpl))
+    if (!ecparams_to_params(eckey, tmpl))
         goto err;
     selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
 
@@ -660,7 +662,7 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
         if ((pub_key_buflen = EC_POINT_point2buf(ecg, pub_point,
                                                  POINT_CONVERSION_COMPRESSED,
                                                  &pub_key_buf, NULL)) == 0
-            || !OSSL_PARAM_BLD_push_octet_string(&tmpl,
+            || !OSSL_PARAM_BLD_push_octet_string(tmpl,
                                                  OSSL_PKEY_PARAM_PUB_KEY,
                                                  pub_key_buf,
                                                  pub_key_buflen))
@@ -711,7 +713,7 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
             goto err;
 
         sz = (ecbits + 7 ) / 8;
-        if (!OSSL_PARAM_BLD_push_BN_pad(&tmpl,
+        if (!OSSL_PARAM_BLD_push_BN_pad(tmpl,
                                         OSSL_PKEY_PARAM_PRIV_KEY,
                                         priv_key, sz))
             goto err;
@@ -726,20 +728,21 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
             (EC_KEY_get_flags(eckey) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0;
 
         /* Export the ECDH_COFACTOR_MODE parameter */
-        if (!OSSL_PARAM_BLD_push_int(&tmpl,
+        if (!OSSL_PARAM_BLD_push_int(tmpl,
                                      OSSL_PKEY_PARAM_USE_COFACTOR_ECDH,
                                      ecdh_cofactor_mode))
             goto err;
         selection |= OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS;
     }
 
-    params = OSSL_PARAM_BLD_to_param(&tmpl);
+    params = OSSL_PARAM_BLD_to_param(tmpl);
 
     /* We export, the provider imports */
     rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
 
  err:
-    OSSL_PARAM_BLD_free(params);
+    OSSL_PARAM_BLD_free(tmpl);
+    OSSL_PARAM_BLD_free_params(params);
     OPENSSL_free(pub_key_buf);
     return rv;
 }
diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c
index 8a48b28f38..c142552b29 100644
--- a/crypto/ec/ecx_meth.c
+++ b/crypto/ec/ecx_meth.c
@@ -409,34 +409,36 @@ static int ecx_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
                               EVP_KEYMGMT *to_keymgmt)
 {
     const ECX_KEY *key = from->pkey.ecx;
-    OSSL_PARAM_BLD tmpl;
+    OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new();
     OSSL_PARAM *params = NULL;
     int selection = 0;
     int rv = 0;
 
-    OSSL_PARAM_BLD_init(&tmpl);
+    if (tmpl == NULL)
+        return 0;
 
     /* A key must at least have a public part */
-    if (!OSSL_PARAM_BLD_push_octet_string(&tmpl, OSSL_PKEY_PARAM_PUB_KEY,
+    if (!OSSL_PARAM_BLD_push_octet_string(tmpl, OSSL_PKEY_PARAM_PUB_KEY,
                                           key->pubkey, key->keylen))
         goto err;
     selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
 
     if (key->privkey != NULL) {
-        if (!OSSL_PARAM_BLD_push_octet_string(&tmpl,
+        if (!OSSL_PARAM_BLD_push_octet_string(tmpl,
                                               OSSL_PKEY_PARAM_PRIV_KEY,
                                               key->privkey, key->keylen))
             goto err;
         selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY;
     }
 
-    params = OSSL_PARAM_BLD_to_param(&tmpl);
+    params = OSSL_PARAM_BLD_to_param(tmpl);
 
     /* We export, the provider imports */
     rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
 
  err:
-    OSSL_PARAM_BLD_free(params);
+    OSSL_PARAM_BLD_free(tmpl);
+    OSSL_PARAM_BLD_free_params(params);
     return rv;
 }
author	Pauli <paul.dale@oracle.com>	2020-03-26 09:28:01 +1000
committer	Pauli <paul.dale@oracle.com>	2020-03-28 12:27:22 +1000
commit	6d4e6009d27712a405e1e3a4c33fb8a8566f134a (patch)
tree	09d94a8c8f8f6f493cc758b6fd704837be82cb8c /crypto/ec
parent	be19d3caf0724b786ecc97ec4207c07cff63c745 (diff)