diff options
| author | Richard Levitte <levitte@openssl.org> | 2021-02-10 16:56:57 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2021-02-23 13:41:48 +0100 |
| commit | 513731299398f4597aa575154a973654bbc2e0ef (patch) | |
| tree | 91447e0ae2f5f3dca7787e841baa376ff6352e0a | |
| parent | EVP: Implement data-driven translation between known ctrl and OSSL_PARAMs (diff) | |
| download | openssl-513731299398f4597aa575154a973654bbc2e0ef.tar.xz openssl-513731299398f4597aa575154a973654bbc2e0ef.zip | |
EVP: Make evp_pkey_ctx_{set,get}_params_strict() legacy aware
In the interest of calling these functions on legacy EVP_PKEY
contexts, only check the settable / gettable params for provider side
keys, leaving to the translated EVP_PKEY_CTX_ctrl() call check the
ctrl commands on its own.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
| -rw-r--r-- | crypto/evp/pmeth_lib.c | 44 |
1 files changed, 30 insertions, 14 deletions
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index fa9dda60c2..abea7b02df 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -801,16 +801,24 @@ const OSSL_PARAM *EVP_PKEY_CTX_settable_params(EVP_PKEY_CTX *ctx) */ int evp_pkey_ctx_set_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params) { - const OSSL_PARAM *p; - if (ctx == NULL || params == NULL) return 0; - for (p = params; p->key != NULL; p++) { - /* Check the ctx actually understands this parameter */ - if (OSSL_PARAM_locate_const(EVP_PKEY_CTX_settable_params(ctx), - p->key) == NULL ) - return -2; + /* + * We only check for provider side EVP_PKEY_CTX. For #legacy, we + * depend on the translation that happens in EVP_PKEY_CTX_set_params() + * call, and that the resulting ctrl call will return -2 if it doesn't + * known the ctrl command number. + */ + if (evp_pkey_ctx_is_provided(ctx)) { + const OSSL_PARAM *settable = EVP_PKEY_CTX_settable_params(ctx); + const OSSL_PARAM *p; + + for (p = params; p->key != NULL; p++) { + /* Check the ctx actually understands this parameter */ + if (OSSL_PARAM_locate_const(settable, p->key) == NULL ) + return -2; + } } return EVP_PKEY_CTX_set_params(ctx, params); @@ -818,16 +826,24 @@ int evp_pkey_ctx_set_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params) int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params) { - const OSSL_PARAM *p; - if (ctx == NULL || params == NULL) return 0; - for (p = params; p->key != NULL; p++ ) { - /* Check the ctx actually understands this parameter */ - if (OSSL_PARAM_locate_const(EVP_PKEY_CTX_gettable_params(ctx), - p->key) == NULL ) - return -2; + /* + * We only check for provider side EVP_PKEY_CTX. For #legacy, we + * depend on the translation that happens in EVP_PKEY_CTX_get_params() + * call, and that the resulting ctrl call will return -2 if it doesn't + * known the ctrl command number. + */ + if (evp_pkey_ctx_is_provided(ctx)) { + const OSSL_PARAM *gettable = EVP_PKEY_CTX_gettable_params(ctx); + const OSSL_PARAM *p; + + for (p = params; p->key != NULL; p++ ) { + /* Check the ctx actually understands this parameter */ + if (OSSL_PARAM_locate_const(gettable, p->key) == NULL ) + return -2; + } } return EVP_PKEY_CTX_get_params(ctx, params); |