open-quantum-safe · baentsch · Oct 26, 2023 · Oct 25, 2023
@@ -944,6 +944,7 @@ static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[])
         }
     }
     OQS_ENC_PRINTF2(" cipher set to %p: \n", ctx->cipher);
+    // not passing in a cipher param will lead to no-op hence no error
     return 1;
 }
 

@@ -257,6 +257,7 @@ int oqsx_key_to_params(const OQSX_KEY *key, OSSL_PARAM_BLD *tmpl,
                 goto err;
         }
     }
+    // not passing in params to respond to is no error; the response is empty
     ret = 1;
 err:
     return ret;
@@ -373,6 +374,7 @@ static int oqsx_get_params(void *key, OSSL_PARAM params[])
             return 0;
     }
 
+    // not passing in params to respond to is no error
     return 1;
 }
 
@@ -443,6 +445,7 @@ static int oqsx_set_params(void *key, const OSSL_PARAM params[])
         }
     }
 
+    // not passing in params to set is no error, just a no-op
     return 1;
 }
 
@@ -571,6 +574,7 @@ static int oqsx_gen_set_params(void *genctx, const OSSL_PARAM params[])
         if (gctx->propq == NULL)
             return 0;
     }
+    // not passing in params is no error; subsequent operations may fail, though
     return 1;
 }
 

@@ -745,6 +745,7 @@ static int oqs_sig_set_ctx_params(void *vpoqs_sigctx, const OSSL_PARAM params[])
             return 0;
     }
 
+    // not passing in parameters we can act on is no error
     return 1;
 }
 

@@ -850,6 +850,7 @@ static int oqsprovider_get_params(void *provctx, OSSL_PARAM params[])
     p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_STATUS);
     if (p != NULL && !OSSL_PARAM_set_int(p, 1)) // provider is always running
         return 0;
+    // not passing in params to respond to is no error; response is empty then
     return 1;
 }
 

@@ -1013,44 +1013,49 @@ int oqsx_key_allocate_keymaterial(OQSX_KEY *key, int include_private)
 int oqsx_key_fromdata(OQSX_KEY *key, const OSSL_PARAM params[],
                       int include_private)
 {
-    const OSSL_PARAM *p;
+    const OSSL_PARAM *pp1, *pp2;
 
     OQS_KEY_PRINTF("OQSX Key from data called\n");
-    p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
-    if (p != NULL) {
-        if (p->data_type != OSSL_PARAM_OCTET_STRING) {
+    pp1 = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
+    pp2 = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY);
+    // at least one parameter must be given
+    if (pp1 == NULL && pp2 == NULL) {
+        ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS);
+        return 0;
+    }
+    if (pp1 != NULL) {
+        if (pp1->data_type != OSSL_PARAM_OCTET_STRING) {
             ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING);
             return 0;
         }
-        if (key->privkeylen != p->data_size) {
+        if (key->privkeylen != pp1->data_size) {
             ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_SIZE);
             return 0;
         }
-        OPENSSL_secure_clear_free(key->privkey, p->data_size);
-        key->privkey = OPENSSL_secure_malloc(p->data_size);
+        OPENSSL_secure_clear_free(key->privkey, pp1->data_size);
+        key->privkey = OPENSSL_secure_malloc(pp1->data_size);
         if (key->privkey == NULL) {
             ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE);
             return 0;
         }
-        memcpy(key->privkey, p->data, p->data_size);
+        memcpy(key->privkey, pp1->data, pp1->data_size);
     }
-    p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY);
-    if (p != NULL) {
-        if (p->data_type != OSSL_PARAM_OCTET_STRING) {
+    if (pp2 != NULL) {
+        if (pp2->data_type != OSSL_PARAM_OCTET_STRING) {
             OQS_KEY_PRINTF("invalid data type\n");
             return 0;
         }
-        if (key->pubkeylen != p->data_size) {
+        if (key->pubkeylen != pp2->data_size) {
             ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_SIZE);
             return 0;
         }
-        OPENSSL_secure_clear_free(key->pubkey, p->data_size);
-        key->pubkey = OPENSSL_secure_malloc(p->data_size);
+        OPENSSL_secure_clear_free(key->pubkey, pp2->data_size);
+        key->pubkey = OPENSSL_secure_malloc(pp2->data_size);
         if (key->pubkey == NULL) {
             ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE);
             return 0;
         }
-        memcpy(key->pubkey, p->data, p->data_size);
+        memcpy(key->pubkey, pp2->data, pp2->data_size);
     }
     if (!oqsx_key_set_composites(key)
         || !oqsx_key_recreate_classickey(
-Original file line number
+Diff line change
@@ Expand Up @@
             }
         }
         OQS_ENC_PRINTF2(" cipher set to %p: \n", ctx->cipher);
+        // not passing in a cipher param will lead to no-op hence no error
         return 1;
     }
@@ Expand Down @@