OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________
________________
Server: cvs.openssl.org Name: Dr.
Stephen Henson
Root: /v/openssl/cvs Email: steve openssl.org
Module: openssl Date:
15-Apr-2006 20:50:57
Branch: HEAD Handle:
2006041519505501
Modified files:
openssl/apps pkeyutl.c
openssl/crypto/dh dh_pmeth.c
openssl/crypto/dsa dsa_pmeth.c
openssl/crypto/evp evp.h evp_err.c evp_locl.h
pmeth_fn.c pmeth_lib.c
openssl/crypto/rsa rsa_pmeth.c
Log:
Use more flexible method of determining output length,
by setting &outlen
value of the passed output buffer is NULL.
The old method of using EVP_PKEY_size(pkey) isn't
flexible enough to cover all
cases where the output length may depend on the
operation or the parameters
associated with it.
Summary:
Revision Changes Path
1.9 +51 -31 openssl/apps/pkeyutl.c
1.5 +1 -1 openssl/crypto/dh/dh_pmeth.c
1.4 +1 -1 openssl/crypto/dsa/dsa_pmeth.c
1.143 +3 -0 openssl/crypto/evp/evp.h
1.38 +4 -3 openssl/crypto/evp/evp_err.c
1.21 +1 -1 openssl/crypto/evp/evp_locl.h
1.7 +21 -0 openssl/crypto/evp/pmeth_fn.c
1.16 +2 -2 openssl/crypto/evp/pmeth_lib.c
1.20 +1 -1 openssl/crypto/rsa/rsa_pmeth.c
____________________________________________________________
________________
patch -p0 <<' .'
Index: openssl/apps/pkeyutl.c
============================================================
================
$ cvs diff -u -r1.8 -r1.9 pkeyutl.c
--- openssl/apps/pkeyutl.c 13 Apr 2006 20:16:52 -0000 1.8
+++ openssl/apps/pkeyutl.c 15 Apr 2006 18:50:55 -0000 1.9
-79,6 +79,10
static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int
peerform,
const char *file);
+static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
+ unsigned char *out, int *poutlen,
+ unsigned char *in, int inlen);
+
int MAIN(int argc, char **);
int MAIN(int argc, char **argv)
-299,8 +303,6
}
}
- buf_out = OPENSSL_malloc(keysize);
-
if (in)
{
/* Read the input data */
-323,29 +325,8
}
}
- switch(pkey_op)
+ if(pkey_op == EVP_PKEY_OP_VERIFY)
{
- case EVP_PKEY_OP_VERIFYRECOVER:
- rv = EVP_PKEY_verify_recover(ctx, buf_out,
&buf_outlen,
- buf_in, buf_inlen);
- break;
-
- case EVP_PKEY_OP_SIGN:
- rv = EVP_PKEY_sign(ctx, buf_out, &buf_outlen,
- buf_in, buf_inlen);
- break;
-
- case EVP_PKEY_OP_ENCRYPT:
- rv = EVP_PKEY_encrypt(ctx, buf_out, &buf_outlen,
- buf_in, buf_inlen);
- break;
-
- case EVP_PKEY_OP_DECRYPT:
- rv = EVP_PKEY_decrypt(ctx, buf_out, &buf_outlen,
- buf_in, buf_inlen);
- break;
-
- case EVP_PKEY_OP_VERIFY:
rv = EVP_PKEY_verify(ctx, sig, siglen, buf_in,
buf_inlen);
if (rv == 0)
BIO_puts(out, "Signature Verification
Failure\n");
-353,12 +334,21
BIO_puts(out, "Signature Verified
Successfully\n");
if (rv >= 0)
goto end;
- break;
-
- case EVP_PKEY_OP_DERIVE:
- rv = EVP_PKEY_derive(ctx, buf_out, &buf_outlen);
- break;
-
+ }
+ else
+ {
+ rv = do_keyop(ctx, pkey_op, NULL, &buf_outlen,
+ buf_in, buf_inlen);
+ if (rv > 0)
+ {
+ buf_out = OPENSSL_malloc(buf_outlen);
+ if (!buf_out)
+ rv = -1;
+ else
+ rv = do_keyop(ctx, pkey_op,
+ buf_out, &buf_outlen,
+ buf_in, buf_inlen);
+ }
}
if(rv <= 0)
-541,4 +531,34
ERR_print_errors(err);
return ret;
}
-
+
+static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
+ unsigned char *out, int *poutlen,
+ unsigned char *in, int inlen)
+ {
+ int rv;
+ switch(pkey_op)
+ {
+ case EVP_PKEY_OP_VERIFYRECOVER:
+ rv = EVP_PKEY_verify_recover(ctx, out, poutlen, in,
inlen);
+ break;
+
+ case EVP_PKEY_OP_SIGN:
+ rv = EVP_PKEY_sign(ctx, out, poutlen, in, inlen);
+ break;
+
+ case EVP_PKEY_OP_ENCRYPT:
+ rv = EVP_PKEY_encrypt(ctx, out, poutlen, in, inlen);
+ break;
+
+ case EVP_PKEY_OP_DECRYPT:
+ rv = EVP_PKEY_decrypt(ctx, out, poutlen, in, inlen);
+ break;
+
+ case EVP_PKEY_OP_DERIVE:
+ rv = EVP_PKEY_derive(ctx, out, poutlen);
+ break;
+
+ }
+ return rv;
+ }
.
patch -p0 <<' .'
Index: openssl/crypto/dh/dh_pmeth.c
============================================================
================
$ cvs diff -u -r1.4 -r1.5 dh_pmeth.c
--- openssl/crypto/dh/dh_pmeth.c 13 Apr 2006 20:16:53
-0000 1.4
+++ openssl/crypto/dh/dh_pmeth.c 15 Apr 2006 18:50:55
-0000 1.5
-206,7 +206,7
const EVP_PKEY_METHOD dh_pkey_meth =
{
EVP_PKEY_DH,
- 0,
+ EVP_PKEY_FLAG_AUTOARGLEN,
pkey_dh_init,
pkey_dh_cleanup,
.
patch -p0 <<' .'
Index: openssl/crypto/dsa/dsa_pmeth.c
============================================================
================
$ cvs diff -u -r1.3 -r1.4 dsa_pmeth.c
--- openssl/crypto/dsa/dsa_pmeth.c 13 Apr 2006 12:56:40
-0000 1.3
+++ openssl/crypto/dsa/dsa_pmeth.c 15 Apr 2006 18:50:55
-0000 1.4
-221,7 +221,7
const EVP_PKEY_METHOD dsa_pkey_meth =
{
EVP_PKEY_DSA,
- 0,
+ EVP_PKEY_FLAG_AUTOARGLEN,
pkey_dsa_init,
pkey_dsa_cleanup,
.
patch -p0 <<' .'
Index: openssl/crypto/evp/evp.h
============================================================
================
$ cvs diff -u -r1.142 -r1.143 evp.h
--- openssl/crypto/evp/evp.h 14 Apr 2006 12:41:34
-0000 1.142
+++ openssl/crypto/evp/evp.h 15 Apr 2006 18:50:56
-0000 1.143
-937,6 +937,8
#define EVP_PKEY_ALG_CTRL 0x1000
+#define EVP_PKEY_FLAG_AUTOARGLEN 2
+
const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type,
ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE
*e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
-1119,6 +1121,7
#define EVP_R_BAD_KEY_LENGTH 137
#define EVP_R_BN_DECODE_ERROR 112
#define EVP_R_BN_PUBKEY_ERROR 113
+#define EVP_R_BUFFER_TOO_SMALL 155
#define EVP_R_CIPHER_PARAMETER_ERROR 122
#define EVP_R_COMMAND_NOT_SUPPORTED 147
#define EVP_R_CTRL_NOT_IMPLEMENTED 132
.
patch -p0 <<' .'
Index: openssl/crypto/evp/evp_err.c
============================================================
================
$ cvs diff -u -r1.37 -r1.38 evp_err.c
--- openssl/crypto/evp/evp_err.c 13 Apr 2006 20:16:55
-0000 1.37
+++ openssl/crypto/evp/evp_err.c 15 Apr 2006 18:50:56
-0000 1.38
-95,9 +95,9
{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt&
quot;},
{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decr
ypt_init"},
{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decry
pt_old"},
-{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_DERIVE&q
uot;},
-{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_DERI
VE_INIT"},
-{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_
DERIVE_SET_PEER"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive&q
uot;},
+{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_deri
ve_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_
derive_set_peer"},
{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt&
quot;},
{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encr
ypt_init"},
{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encry
pt_old"},
-137,6 +137,7
{ERR_REASON(EVP_R_BAD_KEY_LENGTH) ,"bad key
length"},
{ERR_REASON(EVP_R_BN_DECODE_ERROR) ,"bn
decode error"},
{ERR_REASON(EVP_R_BN_PUBKEY_ERROR) ,"bn
pubkey error"},
+{ERR_REASON(EVP_R_BUFFER_TOO_SMALL) ,"buffer
too small"},
{ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher
parameter error"},
{ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) ,"command
not supported"},
{ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) ,"ctrl not
implemented"},
.
patch -p0 <<' .'
Index: openssl/crypto/evp/evp_locl.h
============================================================
================
$ cvs diff -u -r1.20 -r1.21 evp_locl.h
--- openssl/crypto/evp/evp_locl.h 14 Apr 2006 12:41:34
-0000 1.20
+++ openssl/crypto/evp/evp_locl.h 15 Apr 2006 18:50:56
-0000 1.21
-256,7 +256,7
int keygen_info_count;
} /* EVP_PKEY_CTX */;
-#define EVP_PKEY_DYNAMIC 1
+#define EVP_PKEY_FLAG_DYNAMIC 1
struct evp_pkey_method_st
{
.
patch -p0 <<' .'
Index: openssl/crypto/evp/pmeth_fn.c
============================================================
================
$ cvs diff -u -r1.6 -r1.7 pmeth_fn.c
--- openssl/crypto/evp/pmeth_fn.c 13 Apr 2006 20:16:56
-0000 1.6
+++ openssl/crypto/evp/pmeth_fn.c 15 Apr 2006 18:50:56
-0000 1.7
-63,6 +63,22
#include <openssl/evp.h>
#include "evp_locl.h"
+#define M_check_autoarg(ctx, arg, arglen, err) \
+ if (ctx->pmeth->flags &
EVP_PKEY_FLAG_AUTOARGLEN) \
+ { \
+ int pksize = EVP_PKEY_size(ctx->pkey); \
+ if (!arg) \
+ { \
+ *arglen = pksize; \
+ return 1; \
+ } \
+ else if (*arglen < pksize) \
+ { \
+ EVPerr(err, EVP_R_BUFFER_TOO_SMALL); \
+ return 0; \
+ } \
+ }
+
int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
{
int ret;
-96,6 +112,7
EVPerr(EVP_F_EVP_PKEY_SIGN,
EVP_R_OPERATON_NOT_INITIALIZED);
return -1;
}
+ M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
return ctx->pmeth->sign(ctx, sig, siglen, tbs,
tbslen);
}
-168,6 +185,7
EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
EVP_R_OPERATON_NOT_INITIALIZED);
return -1;
}
+ M_check_autoarg(ctx, rout, routlen,
EVP_F_EVP_PKEY_VERIFY_RECOVER)
return ctx->pmeth->verify_recover(ctx, rout,
routlen, sig, siglen);
}
-204,6 +222,7
EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
EVP_R_OPERATON_NOT_INITIALIZED);
return -1;
}
+ M_check_autoarg(ctx, out, outlen,
EVP_F_EVP_PKEY_ENCRYPT)
return ctx->pmeth->encrypt(ctx, out, outlen, in,
inlen);
}
-240,6 +259,7
EVPerr(EVP_F_EVP_PKEY_DECRYPT,
EVP_R_OPERATON_NOT_INITIALIZED);
return -1;
}
+ M_check_autoarg(ctx, out, outlen,
EVP_F_EVP_PKEY_DECRYPT)
return ctx->pmeth->decrypt(ctx, out, outlen, in,
inlen);
}
-335,6 +355,7
EVPerr(EVP_F_EVP_PKEY_DERIVE,
EVP_R_OPERATON_NOT_INITIALIZED);
return -1;
}
+ M_check_autoarg(ctx, key, pkeylen,
EVP_F_EVP_PKEY_DERIVE)
return ctx->pmeth->derive(ctx, key, pkeylen);
}
.
patch -p0 <<' .'
Index: openssl/crypto/evp/pmeth_lib.c
============================================================
================
$ cvs diff -u -r1.15 -r1.16 pmeth_lib.c
--- openssl/crypto/evp/pmeth_lib.c 14 Apr 2006 12:41:35
-0000 1.15
+++ openssl/crypto/evp/pmeth_lib.c 15 Apr 2006 18:50:56
-0000 1.16
-146,7 +146,7
return NULL;
pmeth->pkey_id = id;
- pmeth->flags = flags | EVP_PKEY_DYNAMIC;
+ pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
pmeth->init = 0;
pmeth->cleanup = 0;
-178,7 +178,7
void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
{
- if (pmeth && (pmeth->flags &
EVP_PKEY_DYNAMIC))
+ if (pmeth && (pmeth->flags &
EVP_PKEY_FLAG_DYNAMIC))
OPENSSL_free(pmeth);
}
.
patch -p0 <<' .'
Index: openssl/crypto/rsa/rsa_pmeth.c
============================================================
================
$ cvs diff -u -r1.19 -r1.20 rsa_pmeth.c
--- openssl/crypto/rsa/rsa_pmeth.c 14 Apr 2006 17:36:18
-0000 1.19
+++ openssl/crypto/rsa/rsa_pmeth.c 15 Apr 2006 18:50:56
-0000 1.20
-498,7 +498,7
const EVP_PKEY_METHOD rsa_pkey_meth =
{
EVP_PKEY_RSA,
- 0,
+ EVP_PKEY_FLAG_AUTOARGLEN,
pkey_rsa_init,
pkey_rsa_cleanup,
.
____________________________________________________________
__________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List
openssl-cvsopenssl.org
Automated List Manager
majordomoopenssl.org
|