EVP: Adapt the other EVP_PKEY_set_xxx_param() functions

They were calling evp_keymgmt_set_params() directly. Those calls are changed to go through EVP_PKEY_set_params(). We take the opportunity to constify these functions. They have to unconstify internally for the compiler to stop complaining when placing those pointers in an OSSL_PARAM element, but that's still better than forcing the callers to do that cast. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14056)
2025-05-06 06:29:42 +00:00 · 2021-02-03 13:55:30 +01:00 · 2021-02-03 13:55:30 +01:00 · 13e85fb321
commit 13e85fb321
parent f4a3799cc4
5 changed files with 51 additions and 38 deletions
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@ -1995,15 +1995,6 @@ int evp_pkey_downgrade(EVP_PKEY *pk)
 }
 #endif  /* FIPS_MODULE */
 const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey)
 {
    if (pkey == NULL
        || pkey->keymgmt == NULL
        || pkey->keydata == NULL)
        return 0;
    return EVP_KEYMGMT_gettable_params(pkey->keymgmt);
 }
 int EVP_PKEY_get_bn_param(const EVP_PKEY *pkey, const char *key_name,
                          BIGNUM **bn)
 {
@ -2023,7 +2014,7 @@ int EVP_PKEY_get_bn_param(const EVP_PKEY *pkey, const char *key_name,
    memset(buffer, 0, sizeof(buffer));
    params[0] = OSSL_PARAM_construct_BN(key_name, buffer, sizeof(buffer));
    params[1] = OSSL_PARAM_construct_end();
-    if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) {
+    if (!EVP_PKEY_get_params(pkey, params)) {
        if (!OSSL_PARAM_modified(params) || params[0].return_size == 0)
            return 0;
        buf_sz = params[0].return_size;
@ -2037,7 +2028,7 @@ int EVP_PKEY_get_bn_param(const EVP_PKEY *pkey, const char *key_name,
        params[0].data = buf;
        params[0].data_size = buf_sz;
-        if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params))
+        if (!EVP_PKEY_get_params(pkey, params))
            goto err;
    }
    /* Fail if the param was not found */
@ -2063,7 +2054,7 @@ int EVP_PKEY_get_octet_string_param(const EVP_PKEY *pkey, const char *key_name,
    params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, max_buf_sz);
    params[1] = OSSL_PARAM_construct_end();
-    if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
+    if (!EVP_PKEY_get_params(pkey, params)
        || !OSSL_PARAM_modified(params))
        return 0;
    if (out_sz != NULL)
@ -2085,7 +2076,7 @@ int EVP_PKEY_get_utf8_string_param(const EVP_PKEY *pkey, const char *key_name,
    params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, max_buf_sz);
    params[1] = OSSL_PARAM_construct_end();
-    if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
+    if (!EVP_PKEY_get_params(pkey, params)
        || !OSSL_PARAM_modified(params))
        return 0;
    if (out_sz != NULL)
@ -2106,10 +2097,8 @@ int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name,
    params[0] = OSSL_PARAM_construct_int(key_name, out);
    params[1] = OSSL_PARAM_construct_end();
-    if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
+    return EVP_PKEY_get_params(pkey, params)
-        || !OSSL_PARAM_modified(params))
+        && OSSL_PARAM_modified(params);
        return 0;
    return 1;
 }
 int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name,
@ -2125,10 +2114,8 @@ int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name,
    params[0] = OSSL_PARAM_construct_size_t(key_name, out);
    params[1] = OSSL_PARAM_construct_end();
-    if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)
+    return EVP_PKEY_get_params(pkey, params)
-        || !OSSL_PARAM_modified(params))
+        && OSSL_PARAM_modified(params);
        return 0;
    return 1;
 }
 int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in)
@ -2143,7 +2130,7 @@ int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in)
    params[0] = OSSL_PARAM_construct_int(key_name, &in);
    params[1] = OSSL_PARAM_construct_end();
-    return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
+    return EVP_PKEY_set_params(pkey, params);
 }
 int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in)
@ -2158,10 +2145,11 @@ int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in)
    params[0] = OSSL_PARAM_construct_size_t(key_name, &in);
    params[1] = OSSL_PARAM_construct_end();
-    return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
+    return EVP_PKEY_set_params(pkey, params);
 }
-int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn)
+int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name,
                          const BIGNUM *bn)
 {
    OSSL_PARAM params[2];
    unsigned char buffer[2048];
@ -2182,11 +2170,11 @@ int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn)
        return 0;
    params[0] = OSSL_PARAM_construct_BN(key_name, buffer, bsize);
    params[1] = OSSL_PARAM_construct_end();
-    return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
+    return EVP_PKEY_set_params(pkey, params);
 }
 int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
-                                   char *str)
+                                   const char *str)
 {
    OSSL_PARAM params[2];
@ -2196,13 +2184,13 @@ int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
        || key_name == NULL)
        return 0;
-    params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, 0);
+    params[0] = OSSL_PARAM_construct_utf8_string(key_name, (char *)str, 0);
    params[1] = OSSL_PARAM_construct_end();
-    return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
+    return EVP_PKEY_set_params(pkey, params);
 }
 int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name,
-                                    unsigned char *buf, size_t bsize)
+                                    const unsigned char *buf, size_t bsize)
 {
    OSSL_PARAM params[2];
@ -2212,9 +2200,10 @@ int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name,
        || key_name == NULL)
        return 0;
-    params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, bsize);
+    params[0] = OSSL_PARAM_construct_octet_string(key_name,
                                                  (unsigned char *)buf, bsize);
    params[1] = OSSL_PARAM_construct_end();
-    return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
+    return EVP_PKEY_set_params(pkey, params);
 }
 const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey)
@ -2236,6 +2225,20 @@ int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[])
        && evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
 }
 const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey)
 {
    return pkey != NULL
        && evp_pkey_is_provided(pkey)
        && EVP_KEYMGMT_gettable_params(pkey->keymgmt);
 }
 int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[])
 {
    return pkey != NULL
        && evp_pkey_is_provided(pkey)
        && evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params);
 }
 #ifndef FIPS_MODULE
 int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey)
 {
--- a/doc/man3/EVP_PKEY_gettable_params.pod
+++ b/doc/man3/EVP_PKEY_gettable_params.pod
@ -2,7 +2,8 @@
 =head1 NAME
-EVP_PKEY_gettable_params, EVP_PKEY_get_int_param, EVP_PKEY_get_size_t_param,
+EVP_PKEY_gettable_params, EVP_PKEY_get_params,
 EVP_PKEY_get_int_param, EVP_PKEY_get_size_t_param,
 EVP_PKEY_get_bn_param, EVP_PKEY_get_utf8_string_param,
 EVP_PKEY_get_octet_string_param
 - retrieve key parameters from a key
@ -12,6 +13,7 @@ EVP_PKEY_get_octet_string_param
 #include <openssl/evp.h>
 const OSSL_PARAM *EVP_PKEY_gettable_params(EVP_PKEY *pkey);
 int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[]);
 int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name,
                            int *out);
 int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name,
@ -27,6 +29,10 @@ EVP_PKEY_get_octet_string_param
 =head1 DESCRIPTION
 EVP_PKEY_get_params() retrieves parameters from the key I<pkey>, according to
 the contents of I<params>.
 See L<OSSL_PARAM(3)> for information about parameters.
 EVP_PKEY_gettable_params() returns a constant list of I<params> indicating
 the names and types of key parameters that can be retrieved.
 See L<OSSL_PARAM(3)> for information about parameters.
--- a/doc/man3/EVP_PKEY_settable_params.pod
+++ b/doc/man3/EVP_PKEY_settable_params.pod
@ -15,11 +15,12 @@ EVP_PKEY_set_utf8_string_param, EVP_PKEY_set_octet_string_param
 int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]);
 int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in);
 int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in);
- int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn);
+ int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name,
                           const BIGNUM *bn);
 int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
-                                    char *str);
+                                    const char *str);
 int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name,
-                                     unsigned char *buf, size_t bsize);
+                                     const unsigned char *buf, size_t bsize);
 =head1 DESCRIPTION
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@ -1796,6 +1796,7 @@ int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, OSSL_PARAM param[]);
 const OSSL_PARAM *EVP_PKEY_param_fromdata_settable(EVP_PKEY_CTX *ctx);
 const OSSL_PARAM *EVP_PKEY_key_fromdata_settable(EVP_PKEY_CTX *ctx);
 const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey);
 int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[]);
 int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name,
                           int *out);
 int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name,
@ -1812,11 +1813,12 @@ const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey);
 int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]);
 int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in);
 int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in);
-int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn);
+int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name,
                          const BIGNUM *bn);
 int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
-                                   char *str);
+                                   const char *str);
 int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name,
-                                    unsigned char *buf, size_t bsize);
+                                    const unsigned char *buf, size_t bsize);
 int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey);
 int EVP_PKEY_get_field_type(const EVP_PKEY *pkey);
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@ -5298,3 +5298,4 @@ EVP_PKEY_set_utf8_string_param          ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_set_octet_string_param         ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_get_ec_point_conv_form         ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_get_field_type                 ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_get_params                     ?	3_0_0	EXIST::FUNCTION: