QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-04-30 03:34:39 +00:00
Code Issues Projects Releases Wiki Activity

Don't pass a digest-size to signature implementations

Browse Source 
It turns out this was never necessary, as the implementation should
always check the default digest size anyway.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10947)
This commit is contained in:
Richard Levitte 2020-02-02 12:55:05 +01:00
parent 972fa31895
commit 00bc1ad99a
5 changed files with 13 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
crypto/evp/pmeth_lib.c
View File

@ -679,8 +679,7 @@ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
{ {
OSSL_PARAM sig_md_params[3], *p = sig_md_params; OSSL_PARAM sig_md_params[2], *p = sig_md_params;
size_t mdsize;
const char *name; const char *name;
if (ctx == NULL || !EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) { if (ctx == NULL || !EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) {
@ -696,9 +695,7 @@ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
if (md == NULL) { if (md == NULL) {
name = ""; name = "";
mdsize = 0;
} else { } else {
mdsize = EVP_MD_size(md);
name = EVP_MD_name(md); name = EVP_MD_name(md);
} }
@ -709,8 +706,6 @@ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
*/ */
(char *)name, (char *)name,
strlen(name) + 1); strlen(name) + 1);
*p++ = OSSL_PARAM_construct_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE,
&mdsize);
*p++ = OSSL_PARAM_construct_end(); *p++ = OSSL_PARAM_construct_end();
return EVP_PKEY_CTX_set_params(ctx, sig_md_params); return EVP_PKEY_CTX_set_params(ctx, sig_md_params);

2
include/openssl/core_names.h
View File

@ -168,7 +168,6 @@ extern "C" {
#define OSSL_PKEY_PARAM_MAX_SIZE "max-size" /* integer */ #define OSSL_PKEY_PARAM_MAX_SIZE "max-size" /* integer */
#define OSSL_PKEY_PARAM_SECURITY_BITS "security-bits" /* integer */ #define OSSL_PKEY_PARAM_SECURITY_BITS "security-bits" /* integer */
#define OSSL_PKEY_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST #define OSSL_PKEY_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
#define OSSL_PKEY_PARAM_DIGEST_SIZE "digest-size"
#define OSSL_PKEY_PARAM_DEFAULT_DIGEST "default-digest" /* utf8 string */ #define OSSL_PKEY_PARAM_DEFAULT_DIGEST "default-digest" /* utf8 string */
#define OSSL_PKEY_PARAM_MANDATORY_DIGEST "mandatory-digest" /* utf8 string */ #define OSSL_PKEY_PARAM_MANDATORY_DIGEST "mandatory-digest" /* utf8 string */
@ -213,7 +212,6 @@ extern "C" {
/* Signature parameters */ /* Signature parameters */
#define OSSL_SIGNATURE_PARAM_ALGORITHM_ID "algorithm-id" #define OSSL_SIGNATURE_PARAM_ALGORITHM_ID "algorithm-id"
#define OSSL_SIGNATURE_PARAM_DIGEST OSSL_PKEY_PARAM_DIGEST #define OSSL_SIGNATURE_PARAM_DIGEST OSSL_PKEY_PARAM_DIGEST
#define OSSL_SIGNATURE_PARAM_DIGEST_SIZE OSSL_PKEY_PARAM_DIGEST_SIZE
/* Asym cipher parameters */ /* Asym cipher parameters */
#define OSSL_ASYM_CIPHER_PARAM_PAD_MODE "pad-mode" #define OSSL_ASYM_CIPHER_PARAM_PAD_MODE "pad-mode"

4
providers/fips/fipsprov.c
View File

@ -276,9 +276,7 @@ static int dsa_key_signature_test(OPENSSL_CTX *libctx)
/* set signature parameters */ /* set signature parameters */
ossl_param_bld_init(&bld); ossl_param_bld_init(&bld);
if (!ossl_param_bld_push_utf8_string(&bld, OSSL_SIGNATURE_PARAM_DIGEST, if (!ossl_param_bld_push_utf8_string(&bld, OSSL_SIGNATURE_PARAM_DIGEST,
SN_sha256,strlen(SN_sha256) + 1) SN_sha256,strlen(SN_sha256) + 1))
|| !ossl_param_bld_push_size_t(&bld, OSSL_SIGNATURE_PARAM_DIGEST_SIZE,
SHA256_DIGEST_LENGTH))
goto err; goto err;
params_sig = ossl_param_bld_to_param(&bld); params_sig = ossl_param_bld_to_param(&bld);
if (EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0) if (EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0)

11
providers/implementations/signature/dsa.c
View File

@ -206,7 +206,6 @@ static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname,
EVP_MD_CTX_free(pdsactx->mdctx); EVP_MD_CTX_free(pdsactx->mdctx);
EVP_MD_free(pdsactx->md); EVP_MD_free(pdsactx->md);
pdsactx->mdctx = NULL; pdsactx->mdctx = NULL;
pdsactx->mdsize = 0;
pdsactx->md = NULL; pdsactx->md = NULL;
return 0; return 0;
} }
@ -330,10 +329,6 @@ static int dsa_get_ctx_params(void *vpdsactx, OSSL_PARAM *params)
&& !OSSL_PARAM_set_octet_string(p, pdsactx->aid, pdsactx->aid_len)) && !OSSL_PARAM_set_octet_string(p, pdsactx->aid, pdsactx->aid_len))
return 0; return 0;
p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE);
if (p != NULL && !OSSL_PARAM_set_size_t(p, pdsactx->mdsize))
return 0;
p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST); p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST);
if (p != NULL && !OSSL_PARAM_set_utf8_string(p, pdsactx->md == NULL if (p != NULL && !OSSL_PARAM_set_utf8_string(p, pdsactx->md == NULL
? pdsactx->mdname ? pdsactx->mdname
@ -345,7 +340,6 @@ static int dsa_get_ctx_params(void *vpdsactx, OSSL_PARAM *params)
static const OSSL_PARAM known_gettable_ctx_params[] = { static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0), OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0),
OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL),
OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0), OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
OSSL_PARAM_END OSSL_PARAM_END
}; };
@ -372,10 +366,6 @@ static int dsa_set_ctx_params(void *vpdsactx, const OSSL_PARAM params[])
return 1; return 1;
} }
p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE);
if (p != NULL && !OSSL_PARAM_get_size_t(p, &pdsactx->mdsize))
return 0;
/* /*
* We never actually use the mdname, but we do support getting it later. * We never actually use the mdname, but we do support getting it later.
* This can be useful for applications that want to know the MD that they * This can be useful for applications that want to know the MD that they
@ -391,7 +381,6 @@ static int dsa_set_ctx_params(void *vpdsactx, const OSSL_PARAM params[])
} }
static const OSSL_PARAM known_settable_ctx_params[] = { static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL),
OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0), OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
OSSL_PARAM_END OSSL_PARAM_END
}; };

21
test/evp_extra_test.c
View File

@ -25,6 +25,7 @@
#include <openssl/dh.h> #include <openssl/dh.h>
#include "testutil.h" #include "testutil.h"
#include "internal/nelem.h" #include "internal/nelem.h"
#include "internal/sizes.h"
#include "crypto/evp.h" #include "crypto/evp.h"
/* /*
@ -1239,13 +1240,13 @@ static int test_EVP_PKEY_CTX_get_set_params(void)
EVP_PKEY_CTX *ctx = NULL; EVP_PKEY_CTX *ctx = NULL;
EVP_SIGNATURE *dsaimpl = NULL; EVP_SIGNATURE *dsaimpl = NULL;
const OSSL_PARAM *params; const OSSL_PARAM *params;
OSSL_PARAM ourparams[2], *param = ourparams; OSSL_PARAM ourparams[2], *param = ourparams, *param_md;
DSA *dsa = NULL; DSA *dsa = NULL;
BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL; BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
EVP_PKEY *pkey = NULL; EVP_PKEY *pkey = NULL;
int ret = 0; int ret = 0;
const EVP_MD *md; const EVP_MD *md;
size_t mdsize = SHA512_DIGEST_LENGTH; char mdname[OSSL_MAX_NAME_SIZE];
char ssl3ms[48]; char ssl3ms[48];
/* /*
@ -1288,8 +1289,6 @@ static int test_EVP_PKEY_CTX_get_set_params(void)
*/ */
params = EVP_PKEY_CTX_settable_params(ctx); params = EVP_PKEY_CTX_settable_params(ctx);
if (!TEST_ptr(params) if (!TEST_ptr(params)
|| !TEST_ptr(OSSL_PARAM_locate_const(params,
OSSL_SIGNATURE_PARAM_DIGEST_SIZE))
|| !TEST_ptr(OSSL_PARAM_locate_const(params, || !TEST_ptr(OSSL_PARAM_locate_const(params,
OSSL_SIGNATURE_PARAM_DIGEST))) OSSL_SIGNATURE_PARAM_DIGEST)))
goto err; goto err;
@ -1298,8 +1297,6 @@ static int test_EVP_PKEY_CTX_get_set_params(void)
if (!TEST_ptr(params) if (!TEST_ptr(params)
|| !TEST_ptr(OSSL_PARAM_locate_const(params, || !TEST_ptr(OSSL_PARAM_locate_const(params,
OSSL_SIGNATURE_PARAM_ALGORITHM_ID)) OSSL_SIGNATURE_PARAM_ALGORITHM_ID))
|| !TEST_ptr(OSSL_PARAM_locate_const(params,
OSSL_SIGNATURE_PARAM_DIGEST_SIZE))
|| !TEST_ptr(OSSL_PARAM_locate_const(params, || !TEST_ptr(OSSL_PARAM_locate_const(params,
OSSL_SIGNATURE_PARAM_DIGEST))) OSSL_SIGNATURE_PARAM_DIGEST)))
goto err; goto err;
@ -1308,16 +1305,20 @@ static int test_EVP_PKEY_CTX_get_set_params(void)
* Test getting and setting params via EVP_PKEY_CTX_set_params() and * Test getting and setting params via EVP_PKEY_CTX_set_params() and
* EVP_PKEY_CTX_get_params() * EVP_PKEY_CTX_get_params()
*/ */
*param++ = OSSL_PARAM_construct_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, strcpy(mdname, "SHA512");
&mdsize); param_md = param;
*param++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
mdname, 0);
*param++ = OSSL_PARAM_construct_end(); *param++ = OSSL_PARAM_construct_end();
if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams))) if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams)))
goto err; goto err;
mdsize = 0; mdname[0] = '\0';
*param_md = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
mdname, sizeof(mdname));
if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams)) if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams))
|| !TEST_size_t_eq(mdsize, SHA512_DIGEST_LENGTH)) || !TEST_str_eq(mdname, "SHA512"))
goto err; goto err;
/* /*