From d40b42ab4c8a88740a2cc2a20c709fe869c4dd1e Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 6 May 2020 12:29:57 +0100 Subject: Maintain strict type discipline between the core and providers A provider could be linked against a different version of libcrypto than the version of libcrypto that loaded the provider. Different versions of libcrypto could define opaque types differently. It must never occur that a type created in one libcrypto is used directly by the other libcrypto. This will cause crashes. We can "cheat" for "built-in" providers that are part of libcrypto itself, because we know that the two libcrypto versions are the same - but not for other providers. To ensure this does not occur we use different types names for the handful of opaque types that are passed between the core and providers. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/11758) --- providers/common/bio_prov.c | 114 +++++++++++++++++++-- providers/common/include/prov/bio.h | 18 ++-- providers/common/include/prov/provider_ctx.h | 22 ++-- providers/common/include/prov/providercommon.h | 2 +- providers/common/provider_ctx.c | 21 +++- providers/defltprov.c | 19 ++-- providers/fips/fipsprov.c | 27 +++-- providers/fips/self_test.c | 4 +- .../serializers/serializer_common.c | 32 +++--- .../implementations/serializers/serializer_dh.c | 2 +- .../serializers/serializer_dh_param.c | 48 +++++++-- .../serializers/serializer_dh_priv.c | 37 +++++-- .../serializers/serializer_dh_pub.c | 60 ++++++++--- .../implementations/serializers/serializer_dsa.c | 3 +- .../serializers/serializer_dsa_param.c | 49 +++++++-- .../serializers/serializer_dsa_priv.c | 58 ++++++++--- .../serializers/serializer_dsa_pub.c | 53 ++++++++-- .../implementations/serializers/serializer_ec.c | 10 +- .../serializers/serializer_ec_param.c | 55 +++++++--- .../serializers/serializer_ec_priv.c | 63 +++++++++--- .../serializers/serializer_ec_pub.c | 53 ++++++++-- .../implementations/serializers/serializer_ecx.c | 2 +- .../serializers/serializer_ecx_priv.c | 38 +++++-- .../serializers/serializer_ecx_pub.c | 59 ++++++++--- .../serializers/serializer_ffc_params.c | 8 +- .../implementations/serializers/serializer_rsa.c | 54 +++++----- .../serializers/serializer_rsa_priv.c | 36 +++++-- .../serializers/serializer_rsa_pub.c | 61 ++++++++--- providers/legacyprov.c | 4 +- providers/nullprov.c | 36 +------ 30 files changed, 762 insertions(+), 286 deletions(-) (limited to 'providers') diff --git a/providers/common/bio_prov.c b/providers/common/bio_prov.c index 7b44004399..2bfd14b512 100644 --- a/providers/common/bio_prov.c +++ b/providers/common/bio_prov.c @@ -7,12 +7,15 @@ * https://www.openssl.org/source/license.html */ +#include #include +#include "internal/cryptlib.h" #include "prov/bio.h" static OSSL_BIO_new_file_fn *c_bio_new_file = NULL; static OSSL_BIO_new_membuf_fn *c_bio_new_membuf = NULL; static OSSL_BIO_read_ex_fn *c_bio_read_ex = NULL; +static OSSL_BIO_write_ex_fn *c_bio_write_ex = NULL; static OSSL_BIO_free_fn *c_bio_free = NULL; static OSSL_BIO_vprintf_fn *c_bio_vprintf = NULL; @@ -32,6 +35,10 @@ int ossl_prov_bio_from_dispatch(const OSSL_DISPATCH *fns) if (c_bio_read_ex == NULL) c_bio_read_ex = OSSL_get_BIO_read_ex(fns); break; + case OSSL_FUNC_BIO_WRITE_EX: + if (c_bio_write_ex == NULL) + c_bio_write_ex = OSSL_get_BIO_write_ex(fns); + break; case OSSL_FUNC_BIO_FREE: if (c_bio_free == NULL) c_bio_free = OSSL_get_BIO_free(fns); @@ -46,21 +53,21 @@ int ossl_prov_bio_from_dispatch(const OSSL_DISPATCH *fns) return 1; } -BIO *ossl_prov_bio_new_file(const char *filename, const char *mode) +OSSL_CORE_BIO *ossl_prov_bio_new_file(const char *filename, const char *mode) { if (c_bio_new_file == NULL) return NULL; return c_bio_new_file(filename, mode); } -BIO *ossl_prov_bio_new_membuf(const char *filename, int len) +OSSL_CORE_BIO *ossl_prov_bio_new_membuf(const char *filename, int len) { if (c_bio_new_membuf == NULL) return NULL; return c_bio_new_membuf(filename, len); } -int ossl_prov_bio_read_ex(BIO *bio, void *data, size_t data_len, +int ossl_prov_bio_read_ex(OSSL_CORE_BIO *bio, void *data, size_t data_len, size_t *bytes_read) { if (c_bio_read_ex == NULL) @@ -68,21 +75,29 @@ int ossl_prov_bio_read_ex(BIO *bio, void *data, size_t data_len, return c_bio_read_ex(bio, data, data_len, bytes_read); } -int ossl_prov_bio_free(BIO *bio) +int ossl_prov_bio_write_ex(OSSL_CORE_BIO *bio, const void *data, size_t data_len, + size_t *written) +{ + if (c_bio_write_ex == NULL) + return 0; + return c_bio_write_ex(bio, data, data_len, written); +} + +int ossl_prov_bio_free(OSSL_CORE_BIO *bio) { if (c_bio_free == NULL) return 0; return c_bio_free(bio); } -int ossl_prov_bio_vprintf(BIO *bio, const char *format, va_list ap) +int ossl_prov_bio_vprintf(OSSL_CORE_BIO *bio, const char *format, va_list ap) { if (c_bio_vprintf == NULL) return -1; return c_bio_vprintf(bio, format, ap); } -int ossl_prov_bio_printf(BIO *bio, const char *format, ...) +int ossl_prov_bio_printf(OSSL_CORE_BIO *bio, const char *format, ...) { va_list ap; int ret; @@ -94,3 +109,90 @@ int ossl_prov_bio_printf(BIO *bio, const char *format, ...) return ret; } +#ifndef FIPS_MODULE + +/* No direct BIO support in the FIPS module */ + +static int bio_core_read_ex(BIO *bio, char *data, size_t data_len, + size_t *bytes_read) +{ + return ossl_prov_bio_read_ex(BIO_get_data(bio), data, data_len, bytes_read); +} + +static int bio_core_write_ex(BIO *bio, const char *data, size_t data_len, + size_t *written) +{ + return ossl_prov_bio_write_ex(BIO_get_data(bio), data, data_len, written); +} + +static long bio_core_ctrl(BIO *bio, int cmd, long num, void *ptr) +{ + /* We don't support this */ + assert(0); + return 0; +} + +static int bio_core_gets(BIO *bio, char *buf, int size) +{ + /* We don't support this */ + assert(0); + return -1; +} + +static int bio_core_puts(BIO *bio, const char *str) +{ + /* We don't support this */ + assert(0); + return -1; +} + +static int bio_core_new(BIO *bio) +{ + BIO_set_init(bio, 1); + + return 1; +} + +static int bio_core_free(BIO *bio) +{ + BIO_set_init(bio, 0); + + return 1; +} + +BIO_METHOD *bio_prov_init_bio_method(void) +{ + BIO_METHOD *corebiometh = NULL; + + corebiometh = BIO_meth_new(BIO_TYPE_CORE_TO_PROV, "BIO to Core filter"); + if (corebiometh == NULL + || !BIO_meth_set_write_ex(corebiometh, bio_core_write_ex) + || !BIO_meth_set_read_ex(corebiometh, bio_core_read_ex) + || !BIO_meth_set_puts(corebiometh, bio_core_puts) + || !BIO_meth_set_gets(corebiometh, bio_core_gets) + || !BIO_meth_set_ctrl(corebiometh, bio_core_ctrl) + || !BIO_meth_set_create(corebiometh, bio_core_new) + || !BIO_meth_set_destroy(corebiometh, bio_core_free)) { + BIO_meth_free(corebiometh); + return NULL; + } + + return corebiometh; +} + +BIO *bio_new_from_core_bio(PROV_CTX *provctx, OSSL_CORE_BIO *corebio) +{ + BIO *outbio; + BIO_METHOD *corebiometh = PROV_CTX_get0_core_bio_method(provctx); + + if (corebiometh == NULL) + return NULL; + + outbio = BIO_new(corebiometh); + if (outbio != NULL) + BIO_set_data(outbio, corebio); + + return outbio; +} + +#endif diff --git a/providers/common/include/prov/bio.h b/providers/common/include/prov/bio.h index 63f9d4ec3a..732dc06f03 100644 --- a/providers/common/include/prov/bio.h +++ b/providers/common/include/prov/bio.h @@ -10,13 +10,19 @@ #include #include #include +#include "prov/provider_ctx.h" int ossl_prov_bio_from_dispatch(const OSSL_DISPATCH *fns); -BIO *ossl_prov_bio_new_file(const char *filename, const char *mode); -BIO *ossl_prov_bio_new_membuf(const char *filename, int len); -int ossl_prov_bio_read_ex(BIO *bio, void *data, size_t data_len, +OSSL_CORE_BIO *ossl_prov_bio_new_file(const char *filename, const char *mode); +OSSL_CORE_BIO *ossl_prov_bio_new_membuf(const char *filename, int len); +int ossl_prov_bio_read_ex(OSSL_CORE_BIO *bio, void *data, size_t data_len, size_t *bytes_read); -int ossl_prov_bio_free(BIO *bio); -int ossl_prov_bio_vprintf(BIO *bio, const char *format, va_list ap); -int ossl_prov_bio_printf(BIO *bio, const char *format, ...); +int ossl_prov_bio_write_ex(OSSL_CORE_BIO *bio, const void *data, size_t data_len, + size_t *written); +int ossl_prov_bio_free(OSSL_CORE_BIO *bio); +int ossl_prov_bio_vprintf(OSSL_CORE_BIO *bio, const char *format, va_list ap); +int ossl_prov_bio_printf(OSSL_CORE_BIO *bio, const char *format, ...); + +BIO_METHOD *bio_prov_init_bio_method(void); +BIO *bio_new_from_core_bio(PROV_CTX *provctx, OSSL_CORE_BIO *corebio); diff --git a/providers/common/include/prov/provider_ctx.h b/providers/common/include/prov/provider_ctx.h index fc2df2ee67..a252143e81 100644 --- a/providers/common/include/prov/provider_ctx.h +++ b/providers/common/include/prov/provider_ctx.h @@ -7,24 +7,34 @@ * https://www.openssl.org/source/license.html */ -#include -#include +#ifndef OSSL_PROV_PROVIDER_CTX_H +# define OSSL_PROV_PROVIDER_CTX_H + +# include +# include +# include +# include typedef struct prov_ctx_st { - const OSSL_PROVIDER *provider; + const OSSL_CORE_HANDLE *handle; OPENSSL_CTX *libctx; /* For all provider modules */ + BIO_METHOD *corebiometh; } PROV_CTX; /* * To be used anywhere the library context needs to be passed, such as to * fetching functions. */ -#define PROV_LIBRARY_CONTEXT_OF(provctx) \ +# define PROV_LIBRARY_CONTEXT_OF(provctx) \ PROV_CTX_get0_library_context((provctx)) PROV_CTX *PROV_CTX_new(void); void PROV_CTX_free(PROV_CTX *ctx); void PROV_CTX_set0_library_context(PROV_CTX *ctx, OPENSSL_CTX *libctx); -void PROV_CTX_set0_provider(PROV_CTX *ctx, const OSSL_PROVIDER *libctx); +void PROV_CTX_set0_handle(PROV_CTX *ctx, const OSSL_CORE_HANDLE *handle); +void PROV_CTX_set0_core_bio_method(PROV_CTX *ctx, BIO_METHOD *corebiometh); OPENSSL_CTX *PROV_CTX_get0_library_context(PROV_CTX *ctx); -const OSSL_PROVIDER *PROV_CTX_get0_provider(PROV_CTX *ctx); +const OSSL_CORE_HANDLE *PROV_CTX_get0_handle(PROV_CTX *ctx); +BIO_METHOD *PROV_CTX_get0_core_bio_method(PROV_CTX *ctx); + +#endif diff --git a/providers/common/include/prov/providercommon.h b/providers/common/include/prov/providercommon.h index 5123f78ee1..07c5a67f38 100644 --- a/providers/common/include/prov/providercommon.h +++ b/providers/common/include/prov/providercommon.h @@ -9,7 +9,7 @@ #include -const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *ctx); +const OSSL_CORE_HANDLE *FIPS_get_core_handle(OPENSSL_CTX *ctx); const char *ossl_prov_util_nid_to_name(int nid); diff --git a/providers/common/provider_ctx.c b/providers/common/provider_ctx.c index 66c7c74890..04cca1f23e 100644 --- a/providers/common/provider_ctx.c +++ b/providers/common/provider_ctx.c @@ -9,6 +9,7 @@ #include #include "prov/provider_ctx.h" +#include "prov/bio.h" PROV_CTX *PROV_CTX_new(void) { @@ -26,12 +27,17 @@ void PROV_CTX_set0_library_context(PROV_CTX *ctx, OPENSSL_CTX *libctx) ctx->libctx = libctx; } -void PROV_CTX_set0_provider(PROV_CTX *ctx, const OSSL_PROVIDER *provider) +void PROV_CTX_set0_handle(PROV_CTX *ctx, const OSSL_CORE_HANDLE *handle) { if (ctx != NULL) - ctx->provider = provider; + ctx->handle = handle; } +void PROV_CTX_set0_core_bio_method(PROV_CTX *ctx, BIO_METHOD *corebiometh) +{ + if (ctx != NULL) + ctx->corebiometh = corebiometh; +} OPENSSL_CTX *PROV_CTX_get0_library_context(PROV_CTX *ctx) { @@ -40,9 +46,16 @@ OPENSSL_CTX *PROV_CTX_get0_library_context(PROV_CTX *ctx) return ctx->libctx; } -const OSSL_PROVIDER *PROV_CTX_get0_provider(PROV_CTX *ctx) +const OSSL_CORE_HANDLE *PROV_CTX_get0_handle(PROV_CTX *ctx) +{ + if (ctx == NULL) + return NULL; + return ctx->handle; +} + +BIO_METHOD *PROV_CTX_get0_core_bio_method(PROV_CTX *ctx) { if (ctx == NULL) return NULL; - return ctx->provider; + return ctx->corebiometh; } diff --git a/providers/defltprov.c b/providers/defltprov.c index cedbddb80e..4b15a21c0b 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -552,6 +552,7 @@ static const OSSL_ALGORITHM *deflt_query(void *provctx, int operation_id, static void deflt_teardown(void *provctx) { + BIO_meth_free(PROV_CTX_get0_core_bio_method(provctx)); PROV_CTX_free(provctx); } @@ -566,12 +567,13 @@ static const OSSL_DISPATCH deflt_dispatch_table[] = { OSSL_provider_init_fn ossl_default_provider_init; -int ossl_default_provider_init(const OSSL_PROVIDER *provider, +int ossl_default_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH *in, const OSSL_DISPATCH **out, void **provctx) { OSSL_core_get_library_context_fn *c_get_libctx = NULL; + BIO_METHOD *corebiometh; if (!ossl_prov_bio_from_dispatch(in)) return 0; @@ -598,15 +600,20 @@ int ossl_default_provider_init(const OSSL_PROVIDER *provider, /* * We want to make sure that all calls from this provider that requires * a library context use the same context as the one used to call our - * functions. We do that by passing it along as the provider context. + * functions. We do that by passing it along in the provider context. * - * This is special for built-in providers. External providers should + * This only works for built-in providers. Most providers should * create their own library context. */ - if ((*provctx = PROV_CTX_new()) == NULL) + if ((*provctx = PROV_CTX_new()) == NULL + || (corebiometh = bio_prov_init_bio_method()) == NULL) { + PROV_CTX_free(*provctx); + *provctx = NULL; return 0; - PROV_CTX_set0_library_context(*provctx, c_get_libctx(provider)); - PROV_CTX_set0_provider(*provctx, provider); + } + PROV_CTX_set0_library_context(*provctx, (OPENSSL_CTX *)c_get_libctx(handle)); + PROV_CTX_set0_handle(*provctx, handle); + PROV_CTX_set0_core_bio_method(*provctx, corebiometh); *out = deflt_dispatch_table; diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 1d19c1b91a..1c4f3fdf50 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -81,7 +81,7 @@ static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated; static OSSL_BIO_vsnprintf_fn *c_BIO_vsnprintf; typedef struct fips_global_st { - const OSSL_PROVIDER *prov; + const OSSL_CORE_HANDLE *handle; } FIPS_GLOBAL; static void *fips_prov_ossl_ctx_new(OPENSSL_CTX *libctx) @@ -546,7 +546,7 @@ static const OSSL_DISPATCH intern_dispatch_table[] = { }; -int OSSL_provider_init(const OSSL_PROVIDER *provider, +int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH *in, const OSSL_DISPATCH **out, void **provctx) @@ -647,7 +647,7 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, } if (stcbfn != NULL && c_get_libctx != NULL) { - stcbfn(c_get_libctx(provider), &selftest_params.cb, + stcbfn(c_get_libctx(handle), &selftest_params.cb, &selftest_params.cb_arg); } else { @@ -655,7 +655,7 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, selftest_params.cb_arg = NULL; } - if (!c_get_params(provider, core_params)) + if (!c_get_params(handle, core_params)) return 0; /* Create a context. */ @@ -670,13 +670,13 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, goto err; } PROV_CTX_set0_library_context(*provctx, libctx); - PROV_CTX_set0_provider(*provctx, provider); + PROV_CTX_set0_handle(*provctx, handle); if ((fgbl = openssl_ctx_get_data(libctx, OPENSSL_CTX_FIPS_PROV_INDEX, &fips_prov_ossl_ctx_method)) == NULL) goto err; - fgbl->prov = provider; + fgbl->handle = handle; selftest_params.libctx = libctx; if (!SELF_TEST_post(&selftest_params, 0)) @@ -706,7 +706,7 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, * that was used in the EVP call that initiated this recursive call. */ OSSL_provider_init_fn fips_intern_provider_init; -int fips_intern_provider_init(const OSSL_PROVIDER *provider, +int fips_intern_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH *in, const OSSL_DISPATCH **out, void **provctx) @@ -728,8 +728,13 @@ int fips_intern_provider_init(const OSSL_PROVIDER *provider, if ((*provctx = PROV_CTX_new()) == NULL) return 0; - PROV_CTX_set0_library_context(*provctx, c_get_libctx(provider)); - PROV_CTX_set0_provider(*provctx, provider); + /* + * Using the parent library context only works because we are a built-in + * internal provider. This is not something that most providers would be + * able to do. + */ + PROV_CTX_set0_library_context(*provctx, (OPENSSL_CTX *)c_get_libctx(handle)); + PROV_CTX_set0_handle(*provctx, handle); *out = intern_dispatch_table; return 1; @@ -781,7 +786,7 @@ int ERR_pop_to_mark(void) * is also called from other parts of libcrypto, which all pass around a * OPENSSL_CTX pointer) */ -const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *libctx) +const OSSL_CORE_HANDLE *FIPS_get_core_handle(OPENSSL_CTX *libctx) { FIPS_GLOBAL *fgbl = openssl_ctx_get_data(libctx, OPENSSL_CTX_FIPS_PROV_INDEX, @@ -790,7 +795,7 @@ const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *libctx) if (fgbl == NULL) return NULL; - return fgbl->prov; + return fgbl->handle; } void *CRYPTO_malloc(size_t num, const char *file, int line) diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c index 5c69dfa691..b767e8f300 100644 --- a/providers/fips/self_test.c +++ b/providers/fips/self_test.c @@ -130,7 +130,7 @@ DEP_FINI_ATTRIBUTE void cleanup(void) * the result matches the expected value. * Return 1 if verified, or 0 if it fails. */ -static int verify_integrity(BIO *bio, OSSL_BIO_read_ex_fn read_ex_cb, +static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_BIO_read_ex_fn read_ex_cb, unsigned char *expected, size_t expected_len, OPENSSL_CTX *libctx, OSSL_SELF_TEST *ev, const char *event_type) @@ -188,7 +188,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) int ok = 0; int kats_already_passed = 0; long checksum_len; - BIO *bio_module = NULL, *bio_indicator = NULL; + OSSL_CORE_BIO *bio_module = NULL, *bio_indicator = NULL; unsigned char *module_checksum = NULL; unsigned char *indicator_checksum = NULL; int loclstate; diff --git a/providers/implementations/serializers/serializer_common.c b/providers/implementations/serializers/serializer_common.c index 2dbbe6b37c..75c1ddc245 100644 --- a/providers/implementations/serializers/serializer_common.c +++ b/providers/implementations/serializers/serializer_common.c @@ -178,7 +178,7 @@ int ossl_prov_print_labeled_bignum(BIO *out, const char *label, } if (BN_is_zero(bn)) - return ossl_prov_bio_printf(out, "%s%s0\n", label, post_label_spc); + return BIO_printf(out, "%s%s0\n", label, post_label_spc); if (BN_num_bytes(bn) <= BN_BYTES) { BN_ULONG *words = bn_get_words(bn); @@ -186,10 +186,8 @@ int ossl_prov_print_labeled_bignum(BIO *out, const char *label, if (BN_is_negative(bn)) neg = "-"; - return ossl_prov_bio_printf(out, - "%s%s%s" BN_FMTu " (%s0x" BN_FMTx ")\n", - label, post_label_spc, neg, words[0], - neg, words[0]); + return BIO_printf(out, "%s%s%s" BN_FMTu " (%s0x" BN_FMTx ")\n", + label, post_label_spc, neg, words[0], neg, words[0]); } hex_str = BN_bn2hex(bn); @@ -198,18 +196,18 @@ int ossl_prov_print_labeled_bignum(BIO *out, const char *label, ++p; neg = " (Negative)"; } - if (ossl_prov_bio_printf(out, "%s%s\n", label, neg) <= 0) + if (BIO_printf(out, "%s%s\n", label, neg) <= 0) goto err; /* Keep track of how many bytes we have printed out so far */ bytes = 0; - if (ossl_prov_bio_printf(out, "%s", spaces) <= 0) + if (BIO_printf(out, "%s", spaces) <= 0) goto err; /* Add a leading 00 if the top bit is set */ if (*p >= '8') { - if (ossl_prov_bio_printf(out, "%02x", 0) <= 0) + if (BIO_printf(out, "%02x", 0) <= 0) goto err; ++bytes; use_sep = 1; @@ -217,18 +215,18 @@ int ossl_prov_print_labeled_bignum(BIO *out, const char *label, while (*p != '\0') { /* Do a newline after every 15 hex bytes + add the space indent */ if ((bytes % 15) == 0 && bytes > 0) { - if (ossl_prov_bio_printf(out, ":\n%s", spaces) <= 0) + if (BIO_printf(out, ":\n%s", spaces) <= 0) goto err; use_sep = 0; /* The first byte on the next line doesnt have a : */ } - if (ossl_prov_bio_printf(out, "%s%c%c", use_sep ? ":" : "", - ossl_tolower(p[0]), ossl_tolower(p[1])) <= 0) + if (BIO_printf(out, "%s%c%c", use_sep ? ":" : "", + ossl_tolower(p[0]), ossl_tolower(p[1])) <= 0) goto err; ++bytes; p += 2; use_sep = 1; } - if (ossl_prov_bio_printf(out, "\n") <= 0) + if (BIO_printf(out, "\n") <= 0) goto err; ret = 1; err: @@ -244,22 +242,22 @@ int ossl_prov_print_labeled_buf(BIO *out, const char *label, { size_t i; - if (ossl_prov_bio_printf(out, "%s\n", label) <= 0) + if (BIO_printf(out, "%s\n", label) <= 0) return 0; for (i = 0; i < buflen; i++) { if ((i % LABELED_BUF_PRINT_WIDTH) == 0) { - if (i > 0 && ossl_prov_bio_printf(out, "\n") <= 0) + if (i > 0 && BIO_printf(out, "\n") <= 0) return 0; - if (ossl_prov_bio_printf(out, " ") <= 0) + if (BIO_printf(out, " ") <= 0) return 0; } - if (ossl_prov_bio_printf(out, "%02x%s", buf[i], + if (BIO_printf(out, "%02x%s", buf[i], (i == buflen - 1) ? "" : ":") <= 0) return 0; } - if (ossl_prov_bio_printf(out, "\n") <= 0) + if (BIO_printf(out, "\n") <= 0) return 0; return 1; diff --git a/providers/implementations/serializers/serializer_dh.c b/providers/implementations/serializers/serializer_dh.c index 2b616b2ef1..df92017ba3 100644 --- a/providers/implementations/serializers/serializer_dh.c +++ b/providers/implementations/serializers/serializer_dh.c @@ -70,7 +70,7 @@ int ossl_prov_print_dh(BIO *out, DH *dh, enum dh_print_type type) if (p == NULL) goto null_err; - if (ossl_prov_bio_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) + if (BIO_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) <= 0) goto err; if (priv_key != NULL diff --git a/providers/implementations/serializers/serializer_dh_param.c b/providers/implementations/serializers/serializer_dh_param.c index 5e06178590..4acf5caec6 100644 --- a/providers/implementations/serializers/serializer_dh_param.c +++ b/providers/implementations/serializers/serializer_dh_param.c @@ -21,6 +21,7 @@ #include "prov/bio.h" #include "prov/implementations.h" #include "prov/providercommonerr.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn dh_param_newctx; @@ -48,7 +49,8 @@ static void dh_param_freectx(void *ctx) } /* Public key : DER */ -static int dh_param_der_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dh_param_der_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); @@ -69,14 +71,23 @@ static int dh_param_der_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_param_der(void *ctx, void *dh, BIO *out, +static int dh_param_der(void *ctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return i2d_DHparams_bio(out, dh); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + ret = i2d_DHparams_bio(out, dh); + BIO_free(out); + + return ret; } /* Public key : PEM */ -static int dh_param_pem_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dh_param_pem_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); @@ -97,13 +108,23 @@ static int dh_param_pem_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_param_pem(void *ctx, void *dh, BIO *out, +static int dh_param_pem(void *ctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return PEM_write_bio_DHparams(out, dh); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = PEM_write_bio_DHparams(out, dh); + BIO_free(out); + + return ret; } -static int dh_param_print_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dh_param_print_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); @@ -124,10 +145,19 @@ static int dh_param_print_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_param_print(void *ctx, void *dh, BIO *out, +static int dh_param_print(void *ctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_print_dh(out, dh, dh_print_params); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_print_dh(out, dh, dh_print_params); + BIO_free(out); + + return ret; } const OSSL_DISPATCH dh_param_der_serializer_functions[] = { diff --git a/providers/implementations/serializers/serializer_dh_priv.c b/providers/implementations/serializers/serializer_dh_priv.c index 99d529b052..c37eb40297 100644 --- a/providers/implementations/serializers/serializer_dh_priv.c +++ b/providers/implementations/serializers/serializer_dh_priv.c @@ -22,6 +22,7 @@ #include #include "prov/bio.h" #include "prov/implementations.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn dh_priv_newctx; @@ -117,7 +118,8 @@ static int dh_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } /* Private key : DER */ -static int dh_priv_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, +static int dh_priv_der_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct dh_priv_ctx_st *ctx = vctx; @@ -138,11 +140,15 @@ static int dh_priv_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_priv_der(void *vctx, void *dh, BIO *out, +static int dh_priv_der(void *vctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct dh_priv_ctx_st *ctx = vctx; int ret; + BIO *out = bio_new_from_core_bio(ctx->provctx, cout); + + if (out == NULL) + return 0; ctx->sc.cb = cb; ctx->sc.cbarg = cbarg; @@ -151,12 +157,14 @@ static int dh_priv_der(void *vctx, void *dh, BIO *out, ossl_prov_prepare_dh_params, ossl_prov_dh_priv_to_der, &ctx->sc); + BIO_free(out); return ret; } /* Private key : PEM */ -static int dh_pem_priv_data(void *vctx, const OSSL_PARAM params[], BIO *out, +static int dh_pem_priv_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct dh_priv_ctx_st *ctx = vctx; @@ -177,11 +185,15 @@ static int dh_pem_priv_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_pem_priv(void *vctx, void *dh, BIO *out, +static int dh_pem_priv(void *vctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct dh_priv_ctx_st *ctx = vctx; int ret; + BIO *out = bio_new_from_core_bio(ctx->provctx, cout); + + if (out == NULL) + return 0; ctx->sc.cb = cb; ctx->sc.cbarg = cbarg; @@ -190,6 +202,7 @@ static int dh_pem_priv(void *vctx, void *dh, BIO *out, ossl_prov_prepare_dh_params, ossl_prov_dh_priv_to_der, &ctx->sc); + BIO_free(out); return ret; } @@ -206,7 +219,8 @@ static void dh_print_freectx(void *ctx) { } -static int dh_priv_print_data(void *vctx, const OSSL_PARAM params[], BIO *out, +static int dh_priv_print_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct dh_priv_ctx_st *ctx = vctx; @@ -227,10 +241,19 @@ static int dh_priv_print_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_priv_print(void *ctx, void *dh, BIO *out, +static int dh_priv_print(void *ctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_print_dh(out, dh, dh_print_priv); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_print_dh(out, dh, dh_print_priv); + BIO_free(out); + + return ret; } const OSSL_DISPATCH dh_priv_der_serializer_functions[] = { diff --git a/providers/implementations/serializers/serializer_dh_pub.c b/providers/implementations/serializers/serializer_dh_pub.c index b787f7c08a..d1b60d87c5 100644 --- a/providers/implementations/serializers/serializer_dh_pub.c +++ b/providers/implementations/serializers/serializer_dh_pub.c @@ -21,6 +21,7 @@ #include #include "prov/bio.h" #include "prov/implementations.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn dh_pub_newctx; @@ -48,7 +49,8 @@ static void dh_pub_freectx(void *ctx) } /* Public key : DER */ -static int dh_pub_der_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dh_pub_der_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); @@ -69,17 +71,27 @@ static int dh_pub_der_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_pub_der(void *ctx, void *dh, BIO *out, +static int dh_pub_der(void *ctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_write_pub_der_from_obj(out, dh, EVP_PKEY_DH, - ossl_prov_prepare_dh_params, - ossl_prov_dh_pub_to_der); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_write_pub_der_from_obj(out, dh, EVP_PKEY_DH, + ossl_prov_prepare_dh_params, + ossl_prov_dh_pub_to_der); + BIO_free(out); + + return ret; } /* Public key : PEM */ -static int dh_pub_pem_data(void *ctx, const OSSL_PARAM params[], BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) +static int dh_pub_pem_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, + OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); OSSL_OP_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free(); @@ -99,17 +111,26 @@ static int dh_pub_pem_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_pub_pem(void *ctx, void *dh, BIO *out, +static int dh_pub_pem(void *ctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_write_pub_pem_from_obj(out, dh, EVP_PKEY_DH, - ossl_prov_prepare_dh_params, - ossl_prov_dh_pub_to_der); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + ret = ossl_prov_write_pub_pem_from_obj(out, dh, EVP_PKEY_DH, + ossl_prov_prepare_dh_params, + ossl_prov_dh_pub_to_der); + BIO_free(out); + + return ret; } -static int dh_pub_print_data(void *ctx, const OSSL_PARAM params[], BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) +static int dh_pub_print_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, + OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); OSSL_OP_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free(); @@ -129,10 +150,19 @@ static int dh_pub_print_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dh_pub_print(void *ctx, void *dh, BIO *out, +static int dh_pub_print(void *ctx, void *dh, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_print_dh(out, dh, dh_print_pub); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_print_dh(out, dh, dh_print_pub); + BIO_free(out); + + return ret; } const OSSL_DISPATCH dh_pub_der_serializer_functions[] = { diff --git a/providers/implementations/serializers/serializer_dsa.c b/providers/implementations/serializers/serializer_dsa.c index 7ee0bc739b..dea7a18eda 100644 --- a/providers/implementations/serializers/serializer_dsa.c +++ b/providers/implementations/serializers/serializer_dsa.c @@ -73,8 +73,7 @@ int ossl_prov_print_dsa(BIO *out, DSA *dsa, enum dsa_print_type type) if (p == NULL) goto null_err; - if (ossl_prov_bio_printf(out, "%s: (%d bit)\n", type_label, - BN_num_bits(p)) <= 0) + if (BIO_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) <= 0) goto err; if (priv_key != NULL && !ossl_prov_print_labeled_bignum(out, "priv:", priv_key)) diff --git a/providers/implementations/serializers/serializer_dsa_param.c b/providers/implementations/serializers/serializer_dsa_param.c index 720c390341..23a6d1d25d 100644 --- a/providers/implementations/serializers/serializer_dsa_param.c +++ b/providers/implementations/serializers/serializer_dsa_param.c @@ -21,6 +21,7 @@ #include "prov/bio.h" #include "prov/implementations.h" #include "prov/providercommonerr.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn dsa_param_newctx; @@ -48,7 +49,8 @@ static void dsa_param_freectx(void *ctx) } /* Public key : DER */ -static int dsa_param_der_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dsa_param_der_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); @@ -69,14 +71,24 @@ static int dsa_param_der_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dsa_param_der(void *ctx, void *dsa, BIO *out, +static int dsa_param_der(void *ctx, void *dsa, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return i2d_DSAparams_bio(out, dsa); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = i2d_DSAparams_bio(out, dsa); + BIO_free(out); + + return ret; } /* Public key : PEM */ -static int dsa_param_pem_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dsa_param_pem_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); @@ -97,13 +109,23 @@ static int dsa_param_pem_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dsa_param_pem(void *ctx, void *dsa, BIO *out, +static int dsa_param_pem(void *ctx, void *dsa, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return PEM_write_bio_DSAparams(out, dsa); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = PEM_write_bio_DSAparams(out, dsa); + BIO_free(out); + + return ret; } -static int dsa_param_print_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dsa_param_print_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); @@ -124,10 +146,19 @@ static int dsa_param_print_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dsa_param_print(void *ctx, void *dsa, BIO *out, +static int dsa_param_print(void *ctx, void *dsa, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_print_dsa(out, dsa, dsa_print_params); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_print_dsa(out, dsa, dsa_print_params); + BIO_free(out); + + return ret; } const OSSL_DISPATCH dsa_param_der_serializer_functions[] = { diff --git a/providers/implementations/serializers/serializer_dsa_priv.c b/providers/implementations/serializers/serializer_dsa_priv.c index 7fdc1567ee..cb9136140d 100644 --- a/providers/implementations/serializers/serializer_dsa_priv.c +++ b/providers/implementations/serializers/serializer_dsa_priv.c @@ -22,6 +22,7 @@ #include #include "prov/bio.h" #include "prov/implementations.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn dsa_priv_newctx; @@ -117,7 +118,8 @@ static int dsa_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } /* Private key : DER */ -static int dsa_priv_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, +static int dsa_priv_der_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct dsa_priv_ctx_st *ctx = vctx; @@ -138,22 +140,31 @@ static int dsa_priv_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dsa_priv_der(void *vctx, void *dsa, BIO *out, +static int dsa_priv_der(void *vctx, void *dsa, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct dsa_priv_ctx_st *ctx = vctx; + BIO *out = bio_new_from_core_bio(ctx->provctx, cout); + int ret; + + if (out == NULL) + return 0; ctx->sc.cb = cb; ctx->sc.cbarg = cbarg; - return ossl_prov_write_priv_der_from_obj(out, dsa, EVP_PKEY_DSA, - ossl_prov_prepare_dsa_params, - ossl_prov_dsa_priv_to_der, - &ctx->sc); + ret = ossl_prov_write_priv_der_from_obj(out, dsa, EVP_PKEY_DSA, + ossl_prov_prepare_dsa_params, + ossl_prov_dsa_priv_to_der, + &ctx->sc); + BIO_free(out); + + return ret; } /* Private key : PEM */ -static int dsa_pem_priv_data(void *vctx, const OSSL_PARAM params[], BIO *out, +static int dsa_pem_priv_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct dsa_priv_ctx_st *ctx = vctx; @@ -174,18 +185,26 @@ static int dsa_pem_priv_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dsa_pem_priv(void *vctx, void *dsa, BIO *out, +static int dsa_pem_priv(void *vctx, void *dsa, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct dsa_priv_ctx_st *ctx = vctx; + BIO *out = bio_new_from_core_bio(ctx->provctx, cout); + int ret; + + if (out == NULL) + return 0; ctx->sc.cb = cb; ctx->sc.cbarg = cbarg; - return ossl_prov_write_priv_pem_from_obj(out, dsa, EVP_PKEY_DSA, - ossl_prov_prepare_dsa_params, - ossl_prov_dsa_priv_to_der, - &ctx->sc); + ret = ossl_prov_write_priv_pem_from_obj(out, dsa, EVP_PKEY_DSA, + ossl_prov_prepare_dsa_params, + ossl_prov_dsa_priv_to_der, + &ctx->sc); + BIO_free(out); + + return ret; } /* @@ -201,7 +220,7 @@ static void dsa_print_freectx(void *ctx) } static int dsa_priv_print_data(void *vctx, const OSSL_PARAM params[], - BIO *out, + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct dsa_priv_ctx_st *ctx = vctx; @@ -222,10 +241,19 @@ static int dsa_priv_print_data(void *vctx, const OSSL_PARAM params[], return ok; } -static int dsa_priv_print(void *ctx, void *dsa, BIO *out, +static int dsa_priv_print(void *ctx, void *dsa, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_print_dsa(out, dsa, dsa_print_priv); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_print_dsa(out, dsa, dsa_print_priv); + BIO_free(out); + + return ret; } const OSSL_DISPATCH dsa_priv_der_serializer_functions[] = { diff --git a/providers/implementations/serializers/serializer_dsa_pub.c b/providers/implementations/serializers/serializer_dsa_pub.c index 46e5c7167b..5c5e61f13d 100644 --- a/providers/implementations/serializers/serializer_dsa_pub.c +++ b/providers/implementations/serializers/serializer_dsa_pub.c @@ -21,6 +21,7 @@ #include #include "prov/bio.h" #include "prov/implementations.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn dsa_pub_newctx; @@ -48,7 +49,8 @@ static void dsa_pub_freectx(void *ctx) } /* Public key : DER */ -static int dsa_pub_der_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dsa_pub_der_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); @@ -69,7 +71,7 @@ static int dsa_pub_der_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dsa_pub_der(void *ctx, void *dsa, BIO *out, +static int dsa_pub_der(void *ctx, void *dsa, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { /* @@ -77,8 +79,13 @@ static int dsa_pub_der(void *ctx, void *dsa, BIO *out, * in crypto/dsa/dsa_ameth.c */ int save_parameters = 1; + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; - return + if (out == NULL) + return 0; + + ret = save_parameters ? ossl_prov_write_pub_der_from_obj(out, dsa, EVP_PKEY_DSA, ossl_prov_prepare_all_dsa_params, @@ -87,10 +94,14 @@ static int dsa_pub_der(void *ctx, void *dsa, BIO *out, ossl_prov_prepare_dsa_params, ossl_prov_dsa_pub_to_der); + BIO_free(out); + + return ret; } /* Public key : PEM */ -static int dsa_pub_pem_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dsa_pub_pem_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); @@ -111,15 +122,26 @@ static int dsa_pub_pem_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dsa_pub_pem(void *ctx, void *dsa, BIO *out, +static int dsa_pub_pem(void *ctx, void *dsa, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_write_pub_pem_from_obj(out, dsa, EVP_PKEY_DSA, - ossl_prov_prepare_dsa_params, - ossl_prov_dsa_pub_to_der); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_write_pub_pem_from_obj(out, dsa, EVP_PKEY_DSA, + ossl_prov_prepare_dsa_params, + ossl_prov_dsa_pub_to_der); + + BIO_free(out); + + return ret; } -static int dsa_pub_print_data(void *ctx, const OSSL_PARAM params[], BIO *out, +static int dsa_pub_print_data(void *ctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); @@ -140,10 +162,19 @@ static int dsa_pub_print_data(void *ctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int dsa_pub_print(void *ctx, void *dsa, BIO *out, +static int dsa_pub_print(void *ctx, void *dsa, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_print_dsa(out, dsa, 0); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_print_dsa(out, dsa, 0); + BIO_free(out); + + return ret; } const OSSL_DISPATCH dsa_pub_der_serializer_functions[] = { diff --git a/providers/implementations/serializers/serializer_ec.c b/providers/implementations/serializers/serializer_ec.c index 3d455f1507..c4ca0c08be 100644 --- a/providers/implementations/serializers/serializer_ec.c +++ b/providers/implementations/serializers/serializer_ec.c @@ -31,15 +31,13 @@ static int ossl_prov_print_ec_param(BIO *out, const EC_GROUP *group) if (curve_nid == NID_undef) return 0; - if (ossl_prov_bio_printf(out, "%s: %s\n", "ASN1 OID", - OBJ_nid2sn(curve_nid)) <= 0) + if (BIO_printf(out, "%s: %s\n", "ASN1 OID", OBJ_nid2sn(curve_nid)) <= 0) return 0; /* TODO(3.0): Only named curves are currently supported */ curve_name = EC_curve_nid2nist(curve_nid); return (curve_name == NULL - || ossl_prov_bio_printf(out, "%s: %s\n", "NIST CURVE", - curve_name) > 0); + || BIO_printf(out, "%s: %s\n", "NIST CURVE", curve_name) > 0); } int ossl_prov_print_eckey(BIO *out, EC_KEY *eckey, enum ec_print_type type) @@ -86,8 +84,8 @@ int ossl_prov_print_eckey(BIO *out, EC_KEY *eckey, enum ec_print_type type) goto err; } - if (ossl_prov_bio_printf(out, "%s: (%d bit)\n", type_label, - EC_GROUP_order_bits(group)) <= 0) + if (BIO_printf(out, "%s: (%d bit)\n", type_label, + EC_GROUP_order_bits(group)) <= 0) goto err; if (priv != NULL && !ossl_prov_print_labeled_buf(out, "priv:", priv, priv_len)) diff --git a/providers/implementations/serializers/serializer_ec_param.c b/providers/implementations/serializers/serializer_ec_param.c index fdeedb5dff..a82971602f 100644 --- a/providers/implementations/serializers/serializer_ec_param.c +++ b/providers/implementations/serializers/serializer_ec_param.c @@ -15,6 +15,7 @@ #include "prov/bio.h" #include "prov/implementations.h" #include "prov/providercommonerr.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn ec_param_newctx; @@ -39,8 +40,9 @@ static void ec_param_freectx(void *vctx) } /* Public key : DER */ -static int ec_param_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) +static int ec_param_der_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, + OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *ec_new; OSSL_OP_keymgmt_free_fn *ec_free; @@ -62,15 +64,25 @@ static int ec_param_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int ec_param_der(void *vctx, void *eckey, BIO *out, +static int ec_param_der(void *vctx, void *eckey, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return i2d_ECPKParameters_bio(out, EC_KEY_get0_group(eckey)); + BIO *out = bio_new_from_core_bio(vctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = i2d_ECPKParameters_bio(out, EC_KEY_get0_group(eckey)); + BIO_free(out); + + return ret; } /* Public key : PEM */ -static int ec_param_pem_data(void *vctx, const OSSL_PARAM params[], BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) +static int ec_param_pem_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, + OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *ec_new; OSSL_OP_keymgmt_free_fn *ec_free; @@ -92,14 +104,24 @@ static int ec_param_pem_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int ec_param_pem(void *vctx, void *eckey, BIO *out, +static int ec_param_pem(void *vctx, void *eckey, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return PEM_write_bio_ECPKParameters(out, EC_KEY_get0_group(eckey)); + BIO *out = bio_new_from_core_bio(vctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = PEM_write_bio_ECPKParameters(out, EC_KEY_get0_group(eckey)); + BIO_free(out); + + return ret; } -static int ec_param_print_data(void *vctx, const OSSL_PARAM params[], BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) +static int ec_param_print_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, + OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *ec_new; OSSL_OP_keymgmt_free_fn *ec_free; @@ -121,10 +143,19 @@ static int ec_param_print_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int ec_param_print(void *vctx, void *eckey, BIO *out, +static int ec_param_print(void *vctx, void *eckey, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_print_eckey(out, eckey, ec_print_params); + BIO *out = bio_new_from_core_bio(vctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_print_eckey(out, eckey, ec_print_params); + BIO_free(out); + + return ret; } const OSSL_DISPATCH ec_param_der_serializer_functions[] = { diff --git a/providers/implementations/serializers/serializer_ec_priv.c b/providers/implementations/serializers/serializer_ec_priv.c index 14ff2ae60e..4a0e3d8be7 100644 --- a/providers/implementations/serializers/serializer_ec_priv.c +++ b/providers/implementations/serializers/serializer_ec_priv.c @@ -16,6 +16,7 @@ #include #include "prov/bio.h" #include "prov/implementations.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn ec_priv_newctx; @@ -111,8 +112,9 @@ static int ec_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } /* Private key : DER */ -static int ec_priv_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) +static int ec_priv_der_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, + OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct ec_priv_ctx_st *ctx = vctx; OSSL_OP_keymgmt_new_fn *ec_new; @@ -134,23 +136,32 @@ static int ec_priv_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int ec_priv_der(void *vctx, void *eckey, BIO *out, +static int ec_priv_der(void *vctx, void *eckey, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct ec_priv_ctx_st *ctx = vctx; + BIO *out = bio_new_from_core_bio(ctx->provctx, cout); + int ret; + + if (out == NULL) + return 0; ctx->sc.cb = cb; ctx->sc.cbarg = cbarg; - return ossl_prov_write_priv_der_from_obj(out, eckey, EVP_PKEY_EC, - ossl_prov_prepare_ec_params, - ossl_prov_ec_priv_to_der, - &ctx->sc); + ret = ossl_prov_write_priv_der_from_obj(out, eckey, EVP_PKEY_EC, + ossl_prov_prepare_ec_params, + ossl_prov_ec_priv_to_der, + &ctx->sc); + BIO_free(out); + + return ret; } /* Private key : PEM */ -static int ec_pem_priv_data(void *vctx, const OSSL_PARAM params[], BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) +static int ec_pem_priv_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, + OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct ec_priv_ctx_st *ctx = vctx; OSSL_OP_keymgmt_new_fn *ec_new; @@ -172,18 +183,26 @@ static int ec_pem_priv_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int ec_pem_priv(void *vctx, void *eckey, BIO *out, +static int ec_pem_priv(void *vctx, void *eckey, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct ec_priv_ctx_st *ctx = vctx; + BIO *out = bio_new_from_core_bio(ctx->provctx, cout); + int ret; + + if (out == NULL) + return 0; ctx->sc.cb = cb; ctx->sc.cbarg = cbarg; - return ossl_prov_write_priv_pem_from_obj(out, eckey, EVP_PKEY_EC, - ossl_prov_prepare_ec_params, - ossl_prov_ec_priv_to_der, - &ctx->sc); + ret = ossl_prov_write_priv_pem_from_obj(out, eckey, EVP_PKEY_EC, + ossl_prov_prepare_ec_params, + ossl_prov_ec_priv_to_der, + &ctx->sc); + BIO_free(out); + + return ret; } /* @@ -198,7 +217,8 @@ static void ec_print_freectx(void *ctx) { } -static int ec_priv_print_data(void *vctx, const OSSL_PARAM params[], BIO *out, +static int ec_priv_print_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct ec_priv_ctx_st *ctx = vctx; @@ -221,10 +241,19 @@ static int ec_priv_print_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int ec_priv_print(void *vctx, void *eckey, BIO *out, +static int ec_priv_print(void *ctx, void *eckey, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_print_eckey(out, eckey, ec_print_priv); + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_print_eckey(out, eckey, ec_print_priv); + BIO_free(out); + + return ret; } const OSSL_DISPATCH ec_priv_der_serializer_functions[] = { diff --git a/providers/implementations/serializers/serializer_ec_pub.c b/providers/implementations/serializers/serializer_ec_pub.c index e9d90f1d20..1c145cf3c0 100644 --- a/providers/implementations/serializers/serializer_ec_pub.c +++ b/providers/implementations/serializers/serializer_ec_pub.c @@ -14,6 +14,7 @@ #include #include "prov/bio.h" #include "prov/implementations.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn ec_pub_newctx; @@ -41,7 +42,8 @@ static void ec_pub_freectx(void *ctx) } /* Public key : DER */ -static int ec_pub_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, +static int ec_pub_der_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *ec_new; @@ -64,16 +66,26 @@ static int ec_pub_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int ec_pub_der(void *ctx, void *eckey, BIO *out, +static int ec_pub_der(void *ctx, void *eckey, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_write_pub_der_from_obj(out, eckey, EVP_PKEY_EC, + BIO *out = bio_new_from_core_bio(ctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_write_pub_der_from_obj(out, eckey, EVP_PKEY_EC, ossl_prov_prepare_ec_params, ossl_prov_ec_pub_to_der); + BIO_free(out); + + return ret; } /* Public key : PEM */ -static int ec_pub_pem_data(void *vctx, const OSSL_PARAM params[], BIO *out, +static int ec_pub_pem_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *ec_new; @@ -96,15 +108,25 @@ static int ec_pub_pem_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int ec_pub_pem(void *vctx, void *eckey, BIO *out, +static int ec_pub_pem(void *vctx, void *eckey, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_write_pub_pem_from_obj(out, eckey, EVP_PKEY_EC, - ossl_prov_prepare_ec_params, - ossl_prov_ec_pub_to_der); + BIO *out = bio_new_from_core_bio(vctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_write_pub_pem_from_obj(out, eckey, EVP_PKEY_EC, + ossl_prov_prepare_ec_params, + ossl_prov_ec_pub_to_der); + BIO_free(out); + + return ret; } -static int ec_pub_print_data(void *vctx, const OSSL_PARAM params[], BIO *out, +static int ec_pub_print_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { OSSL_OP_keymgmt_new_fn *ec_new; @@ -127,10 +149,19 @@ static int ec_pub_print_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int ec_pub_print(void *vctx, void *eckey, BIO *out, +static int ec_pub_print(void *vctx, void *eckey, OSSL_CORE_BIO *cout, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { - return ossl_prov_print_eckey(out, eckey, ec_print_pub); + BIO *out = bio_new_from_core_bio(vctx, cout); + int ret; + + if (out == NULL) + return 0; + + ret = ossl_prov_print_eckey(out, eckey, ec_print_pub); + BIO_free(out); + + return ret; } const OSSL_DISPATCH ec_pub_der_serializer_functions[] = { diff --git a/providers/implementations/serializers/serializer_ecx.c b/providers/implementations/serializers/serializer_ecx.c index 78b6ec9691..a768355a13 100644 --- a/providers/implementations/serializers/serializer_ecx.c +++ b/providers/implementations/serializers/serializer_ecx.c @@ -86,7 +86,7 @@ int ossl_prov_print_ecx(BIO *out, ECX_KEY *ecxkey, enum ecx_print_type type) return 0; } - if (ossl_prov_bio_printf(out, "%s:\n", type_label) <= 0) + if (BIO_printf(out, "%s:\n", type_label) <= 0) return 0; if (type == ecx_print_priv && !ossl_prov_print_labeled_buf(out, "priv:", ecxkey->privkey, diff --git a/providers/implementations/serializers/serializer_ecx_priv.c b/providers/implementations/serializers/serializer_ecx_priv.c index c746109424..ea46d6c5e4 100644 --- a/providers/implementations/serializers/serializer_ecx_priv.c +++ b/providers/implementations/serializers/serializer_ecx_priv.c @@ -16,6 +16,7 @@ #include "crypto/ecx.h" #include "prov/bio.h" #include "prov/implementations.h" +#include "prov/provider_ctx.h" #include "serializer_local.h" static OSSL_OP_serializer_newctx_fn x25519_priv_newctx; @@ -134,7 +135,8 @@ static int ecx_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } /* Private key : DER */ -static int ecx_priv_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, +static int ecx_priv_der_data(void *vctx, const OSSL_PARAM params[], + OSSL_CORE_BIO *out, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { struct ecx_priv_ctx_st *ctx = vctx; @@ -157,13 +159,17 @@ static int ecx_priv_der_data(void *vctx, const OSSL_PARAM params[], BIO *out, return ok; } -static int ecx_priv_der(void *vctx, void *vecxkey, BIO *out, +static int ecx_priv_der(void *vctx