Use more flexible method of determining output length, by setting &outlen

value of the passed output buffer is NULL. The old method of using EVP_PKEY_size(pkey) isn't flexible enough to cover all cases where the output length may depend on the operation or the parameters associated with it.
author: Dr. Stephen Henson <steve@openssl.org> 2006-04-15 18:50:56 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2006-04-15 18:50:56 +0000
commit: b010b7c43478bef11b936475d89b87b4144e7d29 (patch)
tree: 110e5c21cae09ad3c2acd795d0e7d839c5129656 /crypto
parent: 9dc17a2536759997e1912cd438d20e5c5688a3e5 (diff)
8 files changed, 34 insertions, 9 deletions
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
index aaf32804b8..a4b7341c22 100644
--- a/crypto/dh/dh_pmeth.c
+++ b/crypto/dh/dh_pmeth.c
@@ -206,7 +206,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, int *keylen)
 const EVP_PKEY_METHOD dh_pkey_meth = 
 	{
 	EVP_PKEY_DH,
-	0,
+	EVP_PKEY_FLAG_AUTOARGLEN,
 	pkey_dh_init,
 	pkey_dh_cleanup,
 
diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index 306af267bb..711a68f6bd 100644
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -221,7 +221,7 @@ static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
 const EVP_PKEY_METHOD dsa_pkey_meth = 
 	{
 	EVP_PKEY_DSA,
-	0,
+	EVP_PKEY_FLAG_AUTOARGLEN,
 	pkey_dsa_init,
 	pkey_dsa_cleanup,
 
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index c81e1b0919..5659f67311 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -937,6 +937,8 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
 
 #define EVP_PKEY_ALG_CTRL		0x1000
 
+#define EVP_PKEY_FLAG_AUTOARGLEN	2
+
 const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type, ENGINE *e);
 EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
 EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
@@ -1119,6 +1121,7 @@ void ERR_load_EVP_strings(void);
 #define EVP_R_BAD_KEY_LENGTH				 137
 #define EVP_R_BN_DECODE_ERROR				 112
 #define EVP_R_BN_PUBKEY_ERROR				 113
+#define EVP_R_BUFFER_TOO_SMALL				 155
 #define EVP_R_CIPHER_PARAMETER_ERROR			 122
 #define EVP_R_COMMAND_NOT_SUPPORTED			 147
 #define EVP_R_CTRL_NOT_IMPLEMENTED			 132
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 225564d25e..27111e6281 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -95,9 +95,9 @@ static ERR_STRING_DATA EVP_str_functs[]=
 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT),	"EVP_PKEY_decrypt"},
 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT),	"EVP_PKEY_decrypt_init"},
 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD),	"EVP_PKEY_decrypt_old"},
-{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE),	"EVP_PKEY_DERIVE"},
-{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT),	"EVP_PKEY_DERIVE_INIT"},
-{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER),	"EVP_PKEY_DERIVE_SET_PEER"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE),	"EVP_PKEY_derive"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT),	"EVP_PKEY_derive_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER),	"EVP_PKEY_derive_set_peer"},
 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT),	"EVP_PKEY_encrypt"},
 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT),	"EVP_PKEY_encrypt_init"},
 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD),	"EVP_PKEY_encrypt_old"},
@@ -137,6 +137,7 @@ static ERR_STRING_DATA EVP_str_reasons[]=
 {ERR_REASON(EVP_R_BAD_KEY_LENGTH)        ,"bad key length"},
 {ERR_REASON(EVP_R_BN_DECODE_ERROR)       ,"bn decode error"},
 {ERR_REASON(EVP_R_BN_PUBKEY_ERROR)       ,"bn pubkey error"},
+{ERR_REASON(EVP_R_BUFFER_TOO_SMALL)      ,"buffer too small"},
 {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"},
 {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) ,"command not supported"},
 {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED)  ,"ctrl not implemented"},
diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h
index 613b102573..570ac97ae9 100644
--- a/crypto/evp/evp_locl.h
+++ b/crypto/evp/evp_locl.h
@@ -256,7 +256,7 @@ struct evp_pkey_ctx_st
 	int keygen_info_count;
 	} /* EVP_PKEY_CTX */;
 
-#define EVP_PKEY_DYNAMIC	1
+#define EVP_PKEY_FLAG_DYNAMIC	1
 
 struct evp_pkey_method_st
 	{
diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c
index 3d09ba245a..0b97fb5cc7 100644
--- a/crypto/evp/pmeth_fn.c
+++ b/crypto/evp/pmeth_fn.c
@@ -63,6 +63,22 @@
 #include <openssl/evp.h>
 #include "evp_locl.h"
 
+#define M_check_autoarg(ctx, arg, arglen, err) \
+	if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
+		{ \
+		int pksize = EVP_PKEY_size(ctx->pkey); \
+		if (!arg) \
+			{ \
+			*arglen = pksize; \
+			return 1; \
+			} \
+		else if (*arglen < pksize) \
+			{ \
+			EVPerr(err, EVP_R_BUFFER_TOO_SMALL); \
+			return 0; \
+			} \
+		}
+
 int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
 	{
 	int ret;
@@ -96,6 +112,7 @@ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
 		EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
 		return -1;
 		}
+	M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
 	return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
 	}
 
@@ -168,6 +185,7 @@ int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
 		EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED);
 		return -1;
 		}
+	M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
 	return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
 	}
 
@@ -204,6 +222,7 @@ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
 		EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
 		return -1;
 		}
+	M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
 	return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
 	}
 
@@ -240,6 +259,7 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
 		EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
 		return -1;
 		}
+	M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
 	return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
 	}
 
@@ -335,6 +355,7 @@ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, int *pkeylen)
 		EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
 		return -1;
 		}
+	M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
 	return ctx->pmeth->derive(ctx, key, pkeylen);
 	}
 
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 3c923b7a73..ae3baea96e 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -146,7 +146,7 @@ EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags)
 		return NULL;
 
 	pmeth->pkey_id = id;
-	pmeth->flags = flags | EVP_PKEY_DYNAMIC;
+	pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
 
 	pmeth->init = 0;
 	pmeth->cleanup = 0;
@@ -178,7 +178,7 @@ EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags)
 
 void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
 	{
-	if (pmeth && (pmeth->flags & EVP_PKEY_DYNAMIC))
+	if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
 		OPENSSL_free(pmeth);
 	}
 
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index e11ae23b16..01625a2ae7 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -498,7 +498,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
 const EVP_PKEY_METHOD rsa_pkey_meth = 
 	{
 	EVP_PKEY_RSA,
-	0,
+	EVP_PKEY_FLAG_AUTOARGLEN,
 	pkey_rsa_init,
 	pkey_rsa_cleanup,
author	Dr. Stephen Henson <steve@openssl.org>	2006-04-15 18:50:56 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2006-04-15 18:50:56 +0000
commit	b010b7c43478bef11b936475d89b87b4144e7d29 (patch)
tree	110e5c21cae09ad3c2acd795d0e7d839c5129656 /crypto
parent	9dc17a2536759997e1912cd438d20e5c5688a3e5 (diff)