Skip to content

Commit

Permalink
check empty params lists passed (#296)
Browse files Browse the repository at this point in the history
  • Loading branch information
baentsch authored Oct 26, 2023
1 parent 8a96fed commit 4dac252
Show file tree
Hide file tree
Showing 5 changed files with 27 additions and 15 deletions.
1 change: 1 addition & 0 deletions oqsprov/oqs_encode_key2any.c
Original file line number Diff line number Diff line change
Expand Up @@ -944,6 +944,7 @@ static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[])
}
}
OQS_ENC_PRINTF2(" cipher set to %p: \n", ctx->cipher);
// not passing in a cipher param will lead to no-op hence no error
return 1;
}

Expand Down
4 changes: 4 additions & 0 deletions oqsprov/oqs_kmgmt.c
Original file line number Diff line number Diff line change
Expand Up @@ -257,6 +257,7 @@ int oqsx_key_to_params(const OQSX_KEY *key, OSSL_PARAM_BLD *tmpl,
goto err;
}
}
// not passing in params to respond to is no error; the response is empty
ret = 1;
err:
return ret;
Expand Down Expand Up @@ -373,6 +374,7 @@ static int oqsx_get_params(void *key, OSSL_PARAM params[])
return 0;
}

// not passing in params to respond to is no error
return 1;
}

Expand Down Expand Up @@ -443,6 +445,7 @@ static int oqsx_set_params(void *key, const OSSL_PARAM params[])
}
}

// not passing in params to set is no error, just a no-op
return 1;
}

Expand Down Expand Up @@ -571,6 +574,7 @@ static int oqsx_gen_set_params(void *genctx, const OSSL_PARAM params[])
if (gctx->propq == NULL)
return 0;
}
// not passing in params is no error; subsequent operations may fail, though
return 1;
}

Expand Down
1 change: 1 addition & 0 deletions oqsprov/oqs_sig.c
Original file line number Diff line number Diff line change
Expand Up @@ -745,6 +745,7 @@ static int oqs_sig_set_ctx_params(void *vpoqs_sigctx, const OSSL_PARAM params[])
return 0;
}

// not passing in parameters we can act on is no error
return 1;
}

Expand Down
1 change: 1 addition & 0 deletions oqsprov/oqsprov.c
Original file line number Diff line number Diff line change
Expand Up @@ -850,6 +850,7 @@ static int oqsprovider_get_params(void *provctx, OSSL_PARAM params[])
p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_STATUS);
if (p != NULL && !OSSL_PARAM_set_int(p, 1)) // provider is always running
return 0;
// not passing in params to respond to is no error; response is empty then
return 1;
}

Expand Down
35 changes: 20 additions & 15 deletions oqsprov/oqsprov_keys.c
Original file line number Diff line number Diff line change
Expand Up @@ -1013,44 +1013,49 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private)
int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[],
int include_private)
{
const OSSL_PARAM *p;
const OSSL_PARAM *pp1, *pp2;

OQS_KEY_PRINTF("OQSX Key from data called\n");
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
if (p != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING) {
pp1 = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
pp2 = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY);
// at least one parameter must be given
if (pp1 == NULL && pp2 == NULL) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS);
return 0;
}
if (pp1 != NULL) {
if (pp1->data_type != OSSL_PARAM_OCTET_STRING) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING);
return 0;
}
if (key->privkeylen != p->data_size) {
if (key->privkeylen != pp1->data_size) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_SIZE);
return 0;
}
OPENSSL_secure_clear_free(key->privkey, p->data_size);
key->privkey = OPENSSL_secure_malloc(p->data_size);
OPENSSL_secure_clear_free(key->privkey, pp1->data_size);
key->privkey = OPENSSL_secure_malloc(pp1->data_size);
if (key->privkey == NULL) {
ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE);
return 0;
}
memcpy(key->privkey, p->data, p->data_size);
memcpy(key->privkey, pp1->data, pp1->data_size);
}
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY);
if (p != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING) {
if (pp2 != NULL) {
if (pp2->data_type != OSSL_PARAM_OCTET_STRING) {
OQS_KEY_PRINTF("invalid data type\n");
return 0;
}
if (key->pubkeylen != p->data_size) {
if (key->pubkeylen != pp2->data_size) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_SIZE);
return 0;
}
OPENSSL_secure_clear_free(key->pubkey, p->data_size);
key->pubkey = OPENSSL_secure_malloc(p->data_size);
OPENSSL_secure_clear_free(key->pubkey, pp2->data_size);
key->pubkey = OPENSSL_secure_malloc(pp2->data_size);
if (key->pubkey == NULL) {
ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE);
return 0;
}
memcpy(key->pubkey, p->data, p->data_size);
memcpy(key->pubkey, pp2->data, pp2->data_size);
}
if (!oqsx_key_set_composites(key)
|| !oqsx_key_recreate_classickey(
Expand Down

0 comments on commit 4dac252

Please sign in to comment.