Properly size_t EVP_PKEY_CTX_set0_rsa_oaep_label.
We do not expose EVP_PKEY_CTX_ctrl, so we can freely change the semantics of EVP_PKEY_CTRL_RSA_OAEP_LABEL. That means we can pass in an actual size_t rather than an int. Not that anyone is actually going to exceed an INT_MAX-length RSA-OAEP label. Change-Id: Ifc4eb296ff9088c8815f4f8cd88100a407e4d969 Reviewed-on: https://boringssl-review.googlesource.com/19984 Commit-Queue: Steven Valdez <svaldez@google.com> Reviewed-by: Steven Valdez <svaldez@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
parent
ce3773f9fe
commit
8459d06599
@ -92,6 +92,11 @@ typedef struct {
|
|||||||
size_t oaep_labellen;
|
size_t oaep_labellen;
|
||||||
} RSA_PKEY_CTX;
|
} RSA_PKEY_CTX;
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
uint8_t *data;
|
||||||
|
size_t len;
|
||||||
|
} RSA_OAEP_LABEL_PARAMS;
|
||||||
|
|
||||||
static int pkey_rsa_init(EVP_PKEY_CTX *ctx) {
|
static int pkey_rsa_init(EVP_PKEY_CTX *ctx) {
|
||||||
RSA_PKEY_CTX *rctx;
|
RSA_PKEY_CTX *rctx;
|
||||||
rctx = OPENSSL_malloc(sizeof(RSA_PKEY_CTX));
|
rctx = OPENSSL_malloc(sizeof(RSA_PKEY_CTX));
|
||||||
@ -485,20 +490,17 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) {
|
|||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
case EVP_PKEY_CTRL_RSA_OAEP_LABEL:
|
case EVP_PKEY_CTRL_RSA_OAEP_LABEL: {
|
||||||
if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
|
if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
|
||||||
OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE);
|
OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
OPENSSL_free(rctx->oaep_label);
|
OPENSSL_free(rctx->oaep_label);
|
||||||
if (p2 && p1 > 0) {
|
RSA_OAEP_LABEL_PARAMS *params = p2;
|
||||||
rctx->oaep_label = p2;
|
rctx->oaep_label = params->data;
|
||||||
rctx->oaep_labellen = p1;
|
rctx->oaep_labellen = params->len;
|
||||||
} else {
|
|
||||||
rctx->oaep_label = NULL;
|
|
||||||
rctx->oaep_labellen = 0;
|
|
||||||
}
|
|
||||||
return 1;
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL:
|
case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL:
|
||||||
if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
|
if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
|
||||||
@ -611,13 +613,9 @@ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **out_md) {
|
|||||||
|
|
||||||
int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, uint8_t *label,
|
int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, uint8_t *label,
|
||||||
size_t label_len) {
|
size_t label_len) {
|
||||||
if (label_len > INT_MAX) {
|
RSA_OAEP_LABEL_PARAMS params = {label, label_len};
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,
|
return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,
|
||||||
EVP_PKEY_CTRL_RSA_OAEP_LABEL, (int)label_len,
|
EVP_PKEY_CTRL_RSA_OAEP_LABEL, 0, ¶ms);
|
||||||
(void *)label);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx,
|
int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx,
|
||||||
|
Loading…
Reference in New Issue
Block a user