diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-04-30 16:57:53 +0200 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-05-06 11:43:32 +0100 |
commit | d382e79632677f2457025be3d820e08d7ea12d85 (patch) | |
tree | 3a429b630ec1cce9656ee67434324c6930c677f4 /providers | |
parent | b86fa8c55682169c88e14e616170d6caeb208865 (diff) |
Make the -inform option to be respected if possible
Add OSSL_STORE_PARAM_INPUT_TYPE and make it possible to be
set when OSSL_STORE_open_ex() or OSSL_STORE_attach() is called.
The input type format is enforced only in case the file
type file store is used.
By default we use FORMAT_UNDEF meaning the input type
is not enforced.
Fixes #14569
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15100)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/fips-sources.checksums | 2 | ||||
-rw-r--r-- | providers/fips.checksum | 2 | ||||
-rw-r--r-- | providers/implementations/storemgmt/file_store.c | 33 |
3 files changed, 22 insertions, 15 deletions
diff --git a/providers/fips-sources.checksums b/providers/fips-sources.checksums index a7ee231b15..fc8d6362df 100644 --- a/providers/fips-sources.checksums +++ b/providers/fips-sources.checksums @@ -452,7 +452,7 @@ a7f16a6480f5051d1197b992e042a73535d0922bdd3c962d2a96af780994e858 providers/impl 1cb6ec2efb7b2bb131622aa95e245273f5967065eb0018392ed4ced50d0813b7 providers/implementations/signature/mac_legacy.c 25fe1a61578d54c3e67b60646f3fd3d0a47ff1d4cd620ef1f1fca3341f2662a2 providers/implementations/signature/rsa.c c0a862433e5da909cf0c614d3f982765b67821c7a4cc6257ceb8c490b4dcf732 providers/implementations/signature/sm2sig.c -c63cb744c26af304cf00006071d3ebd9325a4d65913b75a2bcb1d2e104c734fd providers/implementations/storemgmt/file_store.c +e2750b310565e74617310566c1ccfbd75559521117fd8936540fff54dd304902 providers/implementations/storemgmt/file_store.c 291288936fe321e3e85048366f790f6b7983561cd8f80eec4c0e01d7c43614ab providers/implementations/storemgmt/file_store_der2obj.c 04ea01e48b8fee822acb376ab8679b4c627b32ab75c137bf23ebb4fe2a1c0703 providers/prov_running.c 53a1e913fcc4a4e8e84009229cba60b9e29c7dc6536182fd290478331fad44b4 ssl/record/tls_pad.c diff --git a/providers/fips.checksum b/providers/fips.checksum index ff7a1c2c78..e28929484f 100644 --- a/providers/fips.checksum +++ b/providers/fips.checksum @@ -1 +1 @@ -b998b19b940b606688e4711014407c48c3fca4c58b2fdc60ac64c1cef94861c1 providers/fips-sources.checksums +de031c8fbe10ee9b6447dd230956217e599cf923ff36a1026b515c2a22158b37 providers/fips-sources.checksums diff --git a/providers/implementations/storemgmt/file_store.c b/providers/implementations/storemgmt/file_store.c index 033efb40ac..b9bb3b36c0 100644 --- a/providers/implementations/storemgmt/file_store.c +++ b/providers/implementations/storemgmt/file_store.c @@ -149,15 +149,11 @@ static OSSL_DECODER_CLEANUP file_load_cleanup; * */ static struct file_ctx_st *file_open_stream(BIO *source, const char *uri, - const char *input_type, void *provctx) { struct file_ctx_st *ctx; - if ((ctx = new_file_ctx(IS_FILE, uri, provctx)) == NULL - || (input_type != NULL - && (ctx->_.file.input_type = - OPENSSL_strdup(input_type)) == NULL)) { + if ((ctx = new_file_ctx(IS_FILE, uri, provctx)) == NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); goto err; } @@ -285,7 +281,7 @@ static void *file_open(void *provctx, const char *uri) if (S_ISDIR(st.st_mode)) ctx = file_open_dir(path, uri, provctx); else if ((bio = BIO_new_file(path, "rb")) == NULL - || (ctx = file_open_stream(bio, uri, NULL, provctx)) == NULL) + || (ctx = file_open_stream(bio, uri, provctx)) == NULL) BIO_free_all(bio); return ctx; @@ -299,7 +295,7 @@ void *file_attach(void *provctx, OSSL_CORE_BIO *cin) if (new_bio == NULL) return NULL; - ctx = file_open_stream(new_bio, NULL, NULL, provctx); + ctx = file_open_stream(new_bio, NULL, provctx); if (ctx == NULL) BIO_free(new_bio); return ctx; @@ -316,6 +312,7 @@ static const OSSL_PARAM *file_settable_ctx_params(void *provctx) OSSL_PARAM_utf8_string(OSSL_STORE_PARAM_PROPERTIES, NULL, 0), OSSL_PARAM_int(OSSL_STORE_PARAM_EXPECT, NULL), OSSL_PARAM_octet_string(OSSL_STORE_PARAM_SUBJECT, NULL, 0), + OSSL_PARAM_utf8_string(OSSL_STORE_PARAM_INPUT_TYPE, NULL, 0), OSSL_PARAM_END }; return known_settable_ctx_params; @@ -329,12 +326,22 @@ static int file_set_ctx_params(void *loaderctx, const OSSL_PARAM params[]) if (params == NULL) return 1; - p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_PROPERTIES); - if (p != NULL) { - OPENSSL_free(ctx->_.file.propq); - ctx->_.file.propq = NULL; - if (!OSSL_PARAM_get_utf8_string(p, &ctx->_.file.propq, 0)) - return 0; + if (ctx->type != IS_DIR) { + /* these parameters are ignored for directories */ + p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_PROPERTIES); + if (p != NULL) { + OPENSSL_free(ctx->_.file.propq); + ctx->_.file.propq = NULL; + if (!OSSL_PARAM_get_utf8_string(p, &ctx->_.file.propq, 0)) + return 0; + } + p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_INPUT_TYPE); + if (p != NULL) { + OPENSSL_free(ctx->_.file.input_type); + ctx->_.file.input_type = NULL; + if (!OSSL_PARAM_get_utf8_string(p, &ctx->_.file.input_type, 0)) + return 0; + } } p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_EXPECT); if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->expected_type)) |