diff options
Diffstat (limited to 'providers')
30 files changed, 762 insertions, 286 deletions
diff --git a/providers/common/bio_prov.c b/providers/common/bio_prov.c index 7b44004399..2bfd14b512 100644 --- a/providers/common/bio_prov.c +++ b/providers/common/bio_prov.c @@ -7,12 +7,15 @@ * https://www.openssl.org/source/license.html */ +#include <assert.h> #include <openssl/core_numbers.h> +#include "internal/cryptlib.h" #include "prov/bio.h" static OSSL_BIO_new_file_fn *c_bio_new_file = NULL; static OSSL_BIO_new_membuf_fn *c_bio_new_membuf = NULL; static OSSL_BIO_read_ex_fn *c_bio_read_ex = NULL; +static OSSL_BIO_write_ex_fn *c_bio_write_ex = NULL; static OSSL_BIO_free_fn *c_bio_free = NULL; static OSSL_BIO_vprintf_fn *c_bio_vprintf = NULL; @@ -32,6 +35,10 @@ int ossl_prov_bio_from_dispatch(const OSSL_DISPATCH *fns) if (c_bio_read_ex == NULL) c_bio_read_ex = OSSL_get_BIO_read_ex(fns); break; + case OSSL_FUNC_BIO_WRITE_EX: + if (c_bio_write_ex == NULL) + c_bio_write_ex = OSSL_get_BIO_write_ex(fns); + break; case OSSL_FUNC_BIO_FREE: if (c_bio_free == NULL) c_bio_free = OSSL_get_BIO_free(fns); @@ -46,21 +53,21 @@ int ossl_prov_bio_from_dispatch(const OSSL_DISPATCH *fns) return 1; } -BIO *ossl_prov_bio_new_file(const char *filename, const char *mode) +OSSL_CORE_BIO *ossl_prov_bio_new_file(const char *filename, const char *mode) { if (c_bio_new_file == NULL) return NULL; return c_bio_new_file(filename, mode); } -BIO *ossl_prov_bio_new_membuf(const char *filename, int len) +OSSL_CORE_BIO *ossl_prov_bio_new_membuf(const char *filename, int len) { if (c_bio_new_membuf == NULL) return NULL; return c_bio_new_membuf(filename, len); } -int ossl_prov_bio_read_ex(BIO *bio, void *data, size_t data_len, +int ossl_prov_bio_read_ex(OSSL_CORE_BIO *bio, void *data, size_t data_len, size_t *bytes_read) { if (c_bio_read_ex == NULL) @@ -68,21 +75,29 @@ int ossl_prov_bio_read_ex(BIO *bio, void *data, size_t data_len, return c_bio_read_ex(bio, data, data_len, bytes_read); } -int ossl_prov_bio_free(BIO *bio) +int ossl_prov_bio_write_ex(OSSL_CORE_BIO *bio, const void *data, size_t data_len, + size_t *written) +{ + if (c_bio_write_ex == NULL) + return 0; + return c_bio_write_ex(bio, data, data_len, written); +} + +int ossl_prov_bio_free(OSSL_CORE_BIO *bio) { if (c_bio_free == NULL) return 0; return c_bio_free(bio); } -int ossl_prov_bio_vprintf(BIO *bio, const char *format, va_list ap) +int ossl_prov_bio_vprintf(OSSL_CORE_BIO *bio, const char *format, va_list ap) { if (c_bio_vprintf == NULL) return -1; return c_bio_vprintf(bio, format, ap); } -int ossl_prov_bio_printf(BIO *bio, const char *format, ...) +int ossl_prov_bio_printf(OSSL_CORE_BIO *bio, const char *format, ...) { va_list ap; int ret; @@ -94,3 +109,90 @@ int ossl_prov_bio_printf(BIO *bio, const char *format, ...) return ret; } +#ifndef FIPS_MODULE + +/* No direct BIO support in the FIPS module */ + +static int bio_core_read_ex(BIO *bio, char *data, size_t data_len, + size_t *bytes_read) +{ + return ossl_prov_bio_read_ex(BIO_get_data(bio), data, data_len, bytes_read); +} + +static int bio_core_write_ex(BIO *bio, const char *data, size_t data_len, + size_t *written) +{ + return ossl_prov_bio_write_ex(BIO_get_data(bio), data, data_len, written); +} + +static long bio_core_ctrl(BIO *bio, int cmd, long num, void *ptr) +{ + /* We don't support this */ + assert(0); + return 0; +} + +static int bio_core_gets(BIO *bio, char *buf, int size) +{ + /* We don't support this */ + assert(0); + return -1; +} + +static int bio_core_puts(BIO *bio, const char *str) +{ + /* We don't support this */ + assert(0); + return -1; +} + +static int bio_core_new(BIO *bio) +{ + BIO_set_init(bio, 1); + + return 1; +} + +static int bio_core_free(BIO *bio) +{ + BIO_set_init(bio, 0); + + return 1; +} + +BIO_METHOD *bio_prov_init_bio_method(void) +{ + BIO_METHOD *corebiometh = NULL; + + corebiometh = BIO_meth_new(BIO_TYPE_CORE_TO_PROV, "BIO to Core filter"); + if (corebiometh == NULL + || !BIO_meth_set_write_ex(corebiometh, bio_core_write_ex) + || !BIO_meth_set_read_ex(corebiometh, bio_core_read_ex) + || !BIO_meth_set_puts(corebiometh, bio_core_puts) + || !BIO_meth_set_gets(corebiometh, bio_core_gets) + || !BIO_meth_set_ctrl(corebiometh, bio_core_ctrl) + || !BIO_meth_set_create(corebiometh, bio_core_new) + || !BIO_meth_set_destroy(corebiometh, bio_core_free)) { + BIO_meth_free(corebiometh); + return NULL; + } + + return corebiometh; +} + +BIO *bio_new_from_core_bio(PROV_CTX *provctx, OSSL_CORE_BIO *corebio) +{ + BIO *outbio; + BIO_METHOD *corebiometh = PROV_CTX_get0_core_bio_method(provctx); + + if (corebiometh == NULL) + return NULL; + + outbio = BIO_new(corebiometh); + if (outbio != NULL) + BIO_set_data(outbio, corebio); + + return outbio; +} + +#endif diff --git a/providers/common/include/prov/bio.h b/providers/common/include/prov/bio.h index 63f9d4ec3a..732dc06f03 100644 --- a/providers/common/include/prov/bio.h +++ b/providers/common/include/prov/bio.h @@ -10,13 +10,19 @@ #include <stdarg.h> #include <openssl/bio.h> #include <openssl/core.h> +#include "prov/provider_ctx.h" int ossl_prov_bio_from_dispatch(const OSSL_DISPATCH *fns); -BIO *ossl_prov_bio_new_file(const char *filename, const char *mode); -BIO *ossl_prov_bio_new_membuf(const char *filename, int len); -int ossl_prov_bio_read_ex(BIO *bio, void *data, size_t data_len, +OSSL_CORE_BIO *ossl_prov_bio_new_file(const char *filename, const char *mode); +OSSL_CORE_BIO *ossl_prov_bio_new_membuf(const char *filename, int len); +int ossl_prov_bio_read_ex(OSSL_CORE_BIO *bio, void *data, size_t data_len, size_t *bytes_read); -int ossl_prov_bio_free(BIO *bio); -int ossl_prov_bio_vprintf(BIO *bio, const char *format, va_list ap); -int ossl_prov_bio_printf(BIO *bio, const char *format, ...); +int ossl_prov_bio_write_ex(OSSL_CORE_BIO *bio, const void *data, size_t data_len, + size_t *written); +int ossl_prov_bio_free(OSSL_CORE_BIO *bio); +int ossl_prov_bio_vprintf(OSSL_CORE_BIO *bio, const char *format, va_list ap); +int ossl_prov_bio_printf(OSSL_CORE_BIO *bio, const char *format, ...); + +BIO_METHOD *bio_prov_init_bio_method(void); +BIO *bio_new_from_core_bio(PROV_CTX *provctx, OSSL_CORE_BIO *corebio); diff --git a/providers/common/include/prov/provider_ctx.h b/providers/common/include/prov/provider_ctx.h index fc2df2ee67..a252143e81 100644 --- a/providers/common/include/prov/provider_ctx.h +++ b/providers/common/include/prov/provider_ctx.h @@ -7,24 +7,34 @@ * https://www.openssl.org/source/license.html */ -#include <openssl/types.h> -#include <openssl/crypto.h> +#ifndef OSSL_PROV_PROVIDER_CTX_H +# define OSSL_PROV_PROVIDER_CTX_H + +# include <openssl/types.h> +# include <openssl/crypto.h> +# include <openssl/bio.h> +# include <openssl/core.h> typedef struct prov_ctx_st { - const OSSL_PROVIDER *provider; + const OSSL_CORE_HANDLE *handle; OPENSSL_CTX *libctx; /* For all provider modules */ + BIO_METHOD *corebiometh; } PROV_CTX; /* * To be used anywhere the library context needs to be passed, such as to * fetching functions. */ -#define PROV_LIBRARY_CONTEXT_OF(provctx) \ +# define PROV_LIBRARY_CONTEXT_OF(provctx) \ PROV_CTX_get0_library_context((provctx)) PROV_CTX *PROV_CTX_new(void); void PROV_CTX_free(PROV_CTX *ctx); void PROV_CTX_set0_library_context(PROV_CTX *ctx, OPENSSL_CTX *libctx); -void PROV_CTX_set0_provider(PROV_CTX *ctx, const OSSL_PROVIDER *libctx); +void PROV_CTX_set0_handle(PROV_CTX *ctx, const OSSL_CORE_HANDLE *handle); +void PROV_CTX_set0_core_bio_method(PROV_CTX *ctx, BIO_METHOD *corebiometh); OPENSSL_CTX *PROV_CTX_get0_library_context(PROV_CTX *ctx); -const OSSL_PROVIDER *PROV_CTX_get0_provider(PROV_CTX *ctx); +const OSSL_CORE_HANDLE *PROV_CTX_get0_handle(PROV_CTX *ctx); +BIO_METHOD *PROV_CTX_get0_core_bio_method(PROV_CTX *ctx); + +#endif diff --git a/providers/common/include/prov/providercommon.h b/providers/common/include/prov/providercommon.h index 5123f78ee1..07c5a67f38 100644 --- a/providers/common/include/prov/providercommon.h +++ b/providers/common/include/prov/providercommon.h @@ -9,7 +9,7 @@ #include <openssl/provider.h> -const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *ctx); +const OSSL_CORE_HANDLE *FIPS_get_core_handle(OPENSSL_CTX *ctx); const char *ossl_prov_util_nid_to_name(int nid); diff --git a/providers/common/provider_ctx.c b/providers/common/provider_ctx.c index 66c7c74890..04cca1f23e 100644 --- a/providers/common/provider_ctx.c +++ b/providers/common/provider_ctx.c @@ -9,6 +9,7 @@ #include <stdlib.h> #include "prov/provider_ctx.h" +#include "prov/bio.h" PROV_CTX *PROV_CTX_new(void) { @@ -26,12 +27,17 @@ void PROV_CTX_set0_library_context(PROV_CTX *ctx, OPENSSL_CTX *libctx) ctx->libctx = libctx; } -void PROV_CTX_set0_provider(PROV_CTX *ctx, const OSSL_PROVIDER *provider) +void PROV_CTX_set0_handle(PROV_CTX *ctx, const OSSL_CORE_HANDLE *handle) { if (ctx != NULL) - ctx->provider = provider; + ctx->handle = handle; } +void PROV_CTX_set0_core_bio_method(PROV_CTX *ctx, BIO_METHOD *corebiometh) +{ + if (ctx != NULL) + ctx->corebiometh = corebiometh; +} OPENSSL_CTX *PROV_CTX_get0_library_context(PROV_CTX *ctx) { @@ -40,9 +46,16 @@ OPENSSL_CTX *PROV_CTX_get0_library_context(PROV_CTX *ctx) return ctx->libctx; } -const OSSL_PROVIDER *PROV_CTX_get0_provider(PROV_CTX *ctx) +const OSSL_CORE_HANDLE *PROV_CTX_get0_handle(PROV_CTX *ctx) +{ + if (ctx == NULL) + return NULL; + return ctx->handle; +} + +BIO_METHOD *PROV_CTX_get0_core_bio_method(PROV_CTX *ctx) { if (ctx == NULL) return NULL; - return ctx->provider; + return ctx->corebiometh; } diff --git a/providers/defltprov.c b/providers/defltprov.c index cedbddb80e..4b15a21c0b 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -552,6 +552,7 @@ static const OSSL_ALGORITHM *deflt_query(void *provctx, int operation_id, static void deflt_teardown(void *provctx) { + BIO_meth_free(PROV_CTX_get0_core_bio_method(provctx)); PROV_CTX_free(provctx); } @@ -566,12 +567,13 @@ static const OSSL_DISPATCH deflt_dispatch_table[] = { OSSL_provider_init_fn ossl_default_provider_init; -int ossl_default_provider_init(const OSSL_PROVIDER *provider, +int ossl_default_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH *in, const OSSL_DISPATCH **out, void **provctx) { OSSL_core_get_library_context_fn *c_get_libctx = NULL; + BIO_METHOD *corebiometh; if (!ossl_prov_bio_from_dispatch(in)) return 0; @@ -598,15 +600,20 @@ int ossl_default_provider_init(const OSSL_PROVIDER *provider, /* * We want to make sure that all calls from this provider that requires * a library context use the same context as the one used to call our - * functions. We do that by passing it along as the provider context. + * functions. We do that by passing it along in the provider context. * - * This is special for built-in providers. External providers should + * This only works for built-in providers. Most providers should * create their own library context. */ - if ((*provctx = PROV_CTX_new()) == NULL) + if ((*provctx = PROV_CTX_new()) == NULL + || (corebiometh = bio_prov_init_bio_method()) == NULL) { + PROV_CTX_free(*provctx); + *provctx = NULL; return 0; - PROV_CTX_set0_library_context(*provctx, c_get_libctx(provider)); - PROV_CTX_set0_provider(*provctx, provider); + } + PROV_CTX_set0_library_context(*provctx, (OPENSSL_CTX *)c_get_libctx(handle)); + PROV_CTX_set0_handle(*provctx, handle); + PROV_CTX_set0_core_bio_method(*provctx, corebiometh); *out = deflt_dispatch_table; diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 1d19c1b91a..1c4f3fdf50 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -81,7 +81,7 @@ static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated; static OSSL_BIO_vsnprintf_fn *c_BIO_vsnprintf; typedef struct fips_global_st { - const OSSL_PROVIDER *prov; + const OSSL_CORE_HANDLE *handle; } FIPS_GLOBAL; static void *fips_prov_ossl_ctx_new(OPENSSL_CTX *libctx) @@ -546,7 +546,7 @@ static const OSSL_DISPATCH intern_dispatch_table[] = { }; -int OSSL_provider_init(const OSSL_PROVIDER *provider, +int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH *in, const OSSL_DISPATCH **out, void **provctx) @@ -647,7 +647,7 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, } if (stcbfn != NULL && c_get_libctx != NULL) { - stcbfn(c_get_libctx(provider), &selftest_params.cb, + stcbfn(c_get_libctx(handle), &selftest_params.cb, &selftest_params.cb_arg); } else { @@ -655,7 +655,7 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, selftest_params.cb_arg = NULL; } - if (!c_get_params(provider, core_params)) + if (!c_get_params(handle, core_params)) return 0; /* Create a context. */ @@ -670,13 +670,13 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, goto err; } PROV_CTX_set0_library_context(*provctx, libctx); - PROV_CTX_set0_provider(*provctx, provider); + PROV_CTX_set0_handle(*provctx, handle); if ((fgbl = openssl_ctx_get_data(libctx, OPENSSL_CTX_FIPS_PROV_INDEX, &fips_prov_ossl_ctx_method)) == NULL) goto err; - fgbl->prov = provider; + fgbl->handle = handle; selftest_params.libctx = libctx; if (!SELF_TEST_post(&selftest_params, 0)) @@ -706,7 +706,7 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, * that was used in the EVP call that initiated this recursive call. */ OSSL_provider_init_fn fips_intern_provider_init; -int fips_intern_provider_init(const OSSL_PROVIDER *provider, +int fips_intern_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH *in, const OSSL_DISPATCH **out, void **provctx) @@ -728,8 +728,13 @@ int fips_intern_provider_init(const OSSL_PROVIDER *provider, if ((*provctx = PROV_CTX_new()) == NULL) return 0; - PROV_CTX_set0_library_context(*provctx, c_get_libctx(provider)); - PROV_CTX_set0_provider(*provctx, provider); + /* + * Using the parent library context only works because we are a built-in + * internal provider. This is not something that most providers would be + * able to do. + */ + PROV_CTX_set0_library_context(*provctx, (OPENSSL_CTX *)c_get_libctx(handle)); + PROV_CTX_set0_handle(*provctx, handle); *out = intern_dispatch_table; return 1; @@ -781,7 +786,7 @@ int ERR_pop_to_mark(void) * is also called from other parts of libcrypto, which all pass around a * OPENSSL_CTX pointer) */ -const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *libctx) +const OSSL_CORE_HANDLE *FIPS_get_core_handle(OPENSSL_CTX *libctx) { FIPS_GLOBAL *fgbl = openssl_ctx_get_data(libctx, OPENSSL_CTX_FIPS_PROV_INDEX, @@ -790,7 +795,7 @@ const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *libctx) if (fgbl == NULL) return NULL; - return fgbl->prov; + return fgbl->handle; } void *CRYPTO_malloc(size_t num, const char *file, int line) diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c index 5c69dfa691..b767e8f300 100644 --- a/providers/fips/self_test.c +++ b/providers/fips/self_test.c @@ -130,7 +130,7 @@ DEP_FINI_ATTRIBUTE void cleanup(void) * the result matches the expected value. * Return 1 if verified, or 0 if it fails. */ -static int verify_integrity(BIO *bio, OSSL_BIO_read_ex_fn read_ex_cb, +static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_BIO_read_ex_fn read_ex_cb, unsigned char *expected, size_t expected_len, OPENSSL_CTX *libctx, OSSL_SELF_TEST *ev, const char *event_type) @@ -188,7 +188,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) int ok = 0; int kats_already_passed = 0; long checksum_len; - BIO *bio_module = NULL, *bio_indicator = NULL; + OSSL_CORE_BIO *bio_module = NULL, *bio_indicator = NULL; unsigned char *module_checksum = NULL; unsigned char *indicator_checksum = NULL; int loclstate; diff --git a/providers/implementations/serializers/serializer_common.c b/providers/implementations/serializers/serializer_common.c index 2dbbe6b37c..75c1ddc245 100644 --- a/providers/implementations/serializers/serializer_common.c +++ b/providers/implementations/serializers/serializer_common.c @@ -178,7 +178,7 @@ int ossl_prov_print_labeled_bignum(BIO *out, const char *label, } if (BN_is_zero(bn)) - return ossl_prov_bio_printf(out, "%s%s0\n", label, post_label_spc); + return BIO_printf(out, "%s%s0\n", label, post_label_spc); if (BN_num_bytes(bn) <= BN_BYTES) { BN_ULONG *words = bn_get_words(bn); @@ -186,10 +186,8 @@ int ossl_prov_print_labeled_bignum(BIO *out, const char *label, if (BN_is_negative(bn)) neg = "-"; - return ossl_prov_bio_printf(out, - "%s%s%s" BN_FMTu " (%s0x" BN_FMTx ")\n", - label, post_label_spc, neg, words[0], - neg, words[0]); + return BIO_printf(out, "%s%s%s" BN_FMTu " (%s0x" BN_FMTx ")\n", + label, post_label_spc, neg, words[0], neg, words[0]); } hex_str = BN_bn2hex(bn); @@ -198,18 +196,18 @@ int ossl_prov_print_labeled_bignum(BIO *out, const char *label, ++p; neg = " (Negative)"; } - if (ossl_prov_bio_printf(out, "%s%s\n", label, neg) <= 0) + if (BIO_printf(out, "%s%s\n", label, neg) <= 0) goto err; /* Keep track of how many bytes we have printed out so far */ bytes = 0; - if (ossl_prov_bio_printf(out, "%s", spaces) <= 0) + if (BIO_printf(out, "%s", spaces) <= 0) goto err; /* Add a leading 00 if the top bit is set */ if (*p >= '8') { - if (ossl_prov_bio_printf(out, "%02x", 0) <= 0) + if (BIO_printf(out, "%02x", 0) <= 0) goto err; ++bytes; use_sep = 1; @@ -217,18 +215,18 @@ int ossl_prov_print_labeled_bignum(BIO *out, const char *label, while (*p != '\0') { /* Do a newline after every 15 hex bytes + add the space indent */ if ((bytes % 15) == 0 && bytes > 0) { - if (ossl_prov_bio_printf(out, ":\n%s", spaces) <= 0) + if (BIO_printf(out, ":\n%s", spaces) <= 0) goto err; use_sep = 0; /* The first byte on the next line doesnt have a : */ } - if (ossl_prov_bio_printf(out, "%s%c%c", use_sep ? ":" : "", - ossl_tolower(p[0]), ossl_tolower(p[1])) <= 0) + if (BIO_printf(out, "%s%c%c", use_sep ? ":" : "", + ossl_tolower(p[0]), ossl_tolower(p[1])) <= 0) goto err; ++bytes; p += 2; use_sep = 1; } - if (ossl_prov_bio_printf(out, "\n") <= 0) + if (BIO_printf(out, "\n") <= 0) goto err; ret = 1; err: @@ -244,22 +242,22 @@ int ossl_prov_print_labeled_buf(BIO *out, const char *label, { size_t i; - if (ossl_prov_bio_printf(out, "%s\n", label) <= 0) + if (BIO_printf(out, "%s\n", label) <= 0) return 0; for (i = 0; i < buflen; i++) { if ((i % LABELED_BUF_PRINT_WIDTH) == 0) { - if (i > 0 && ossl_prov_bio_printf(out, "\n") <= 0) + if (i > 0 && BIO_printf(out, "\n") <= 0) return 0; - if (ossl_prov_bio_printf(out, " ") <= 0) + if (BIO_printf(out, " ") <= 0) return 0; } - if (ossl_prov_bio_printf(out, "%02x%s", buf[i], + if (BIO_printf(out, "%02x%s", buf[i], (i == buflen - 1) ? "" : ":") <= 0) return 0; } - if (ossl_prov_bio_printf(out, "\n") <= 0) + if (BIO_printf(out, "\n") <= 0) return 0; return 1; diff --git a/providers/implementations/serializers/serializer_dh.c b/providers/implementations/serializers/serializer_dh.c index 2b616b2ef1..df92017ba3 100644 --- a/providers/implementations/serializers/serializer_dh.c +++ b/providers/implementations/serializers/serializer_dh.c @@ -70,7 +70,7 @@ int ossl_prov_print_dh(BIO *out, DH *dh, enum dh_print_type type) if (p == NULL) goto null_err; - if (ossl_prov_bio_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) + if (BIO_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) <= 0) goto err; if (priv_key != NULL diff --git a/providers/implementations/serializers/serializer_dh_param.c b/providers/implementations/serializers/serializer_dh_param.c index 5e06178590..4acf5caec6 100644 --- a/providers/implementations/serializers/serializer_dh_param.c +++ b/providers/implementations/serializers/serializer_dh_param.c @@ -21,6 +21,7 @@ #include "prov/bio.h" #include "prov/implementations.h" #include "prov/providercommonerr.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn dh_param_newctx; @@ -48,7 +49,8 @@ static void dh_param_freectx(void *ctx) } /* Public key : DER */ -static int dh_param_der_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dh_param_der_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); @@ -69,14 +71,23 @@ static int dh_param_der_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_param_der(void *ctx, void *dh, BIO *out, +static int dh_param_der(void *ctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return i2d_DHparams_bio(out, dh); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + ret = i2d_DHparams_bio(out, dh); + BIO_free(out); + + return ret; } /* Public key : PEM */ -static int dh_param_pem_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dh_param_pem_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); @@ -97,13 +108,23 @@ static int dh_param_pem_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_param_pem(void *ctx, void *dh, BIO *out, +static int dh_param_pem(void *ctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return PEM_write_bio_DHparams(out, dh); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = PEM_write_bio_DHparams(out, dh); + BIO_free(out); + + return ret; } -static int dh_param_print_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dh_param_print_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); @@ -124,10 +145,19 @@ static int dh_param_print_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_param_print(void *ctx, void *dh, BIO *out, +static int dh_param_print(void *ctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_print_dh(out, dh, dh_print_params); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_print_dh(out, dh, dh_print_params); + BIO_free(out); + + return ret; } const OSSL_DISPATCH dh_param_der_serializer_functions[] = { diff --git a/providers/implementations/serializers/serializer_dh_priv.c b/providers/implementations/serializers/serializer_dh_priv.c index 99d529b052..c37eb40297 100644 --- a/providers/implementations/serializers/serializer_dh_priv.c +++ b/providers/implementations/serializers/serializer_dh_priv.c @@ -22,6 +22,7 @@ #include <openssl/params.h> #include "prov/bio.h" #include "prov/implementations.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn dh_priv_newctx; @@ -117,7 +118,8 @@ static int dh_priv_set_ctx_params(void *vctx, const OS |