The branch openssl-3.0 has been updated
via 8100a59fed1c985a3307c97af12cc8794bd93069 (commit)
via b5a4f7f56fc8601c6aadd58a5e22ab1a1954ba5a (commit)
from 38e2957249c90317a26a080c7e7eb186dd5b6598 (commit)
- Log -----------------------------------------------------------------
commit 8100a59fed1c985a3307c97af12cc8794bd93069
Author: Richard Levitte <levi...@openssl.org>
Date: Sun Nov 21 09:48:05 2021 +0100
DOC: OSSL_PARAM_{set,get,construct}_BN() currently only supports
nonnegative numbers
Reviewed-by: Matt Caswell <m...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17074)
(cherry picked from commit b33fb68a3230b8fc87f6663212ac3ffae0b361c5)
commit b5a4f7f56fc8601c6aadd58a5e22ab1a1954ba5a
Author: Richard Levitte <levi...@openssl.org>
Date: Fri Nov 19 13:18:34 2021 +0100
Make OSSL_PARAM_BLD_push_BN{,_pad}() return an error on negative numbers
Adding documentation to that fact as well.
Fixes #17070
Reviewed-by: Matt Caswell <m...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17074)
(cherry picked from commit db65eabefe76e44818ff8bd19c68990e7dcc70d3)
-----------------------------------------------------------------------
Summary of changes:
crypto/param_build.c | 6 ++++++
doc/man3/OSSL_PARAM_BLD.pod | 5 +++++
doc/man3/OSSL_PARAM_int.pod | 6 ++++++
3 files changed, 17 insertions(+)
diff --git a/crypto/param_build.c b/crypto/param_build.c
index e64deaa88f..eaece0026d 100644
--- a/crypto/param_build.c
+++ b/crypto/param_build.c
@@ -204,6 +204,12 @@ int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const
char *key,
OSSL_PARAM_BLD_DEF *pd;
if (bn != NULL) {
+ if (BN_is_negative(bn)) {
+ ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_UNSUPPORTED,
+ "Negative big numbers are unsupported for
OSSL_PARAM");
+ return 0;
+ }
+
n = BN_num_bytes(bn);
if (n < 0) {
ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_ZERO_LENGTH_NUMBER);
diff --git a/doc/man3/OSSL_PARAM_BLD.pod b/doc/man3/OSSL_PARAM_BLD.pod
index d07eff6f27..114ce44489 100644
--- a/doc/man3/OSSL_PARAM_BLD.pod
+++ b/doc/man3/OSSL_PARAM_BLD.pod
@@ -124,6 +124,11 @@ on error.
All of the OSSL_PARAM_BLD_push_TYPE functions return 1 on success and 0
on error.
+=head1 NOTES
+
+OSSL_PARAM_BLD_push_BN() and OSSL_PARAM_BLD_push_BN_pad() currently only
+support nonnegative B<BIGNUM>s. They return an error on negative B<BIGNUM>s.
+
=head1 EXAMPLES
Both examples creating an OSSL_PARAM array that contains an RSA key.
diff --git a/doc/man3/OSSL_PARAM_int.pod b/doc/man3/OSSL_PARAM_int.pod
index 69b723d348..9ca725d120 100644
--- a/doc/man3/OSSL_PARAM_int.pod
+++ b/doc/man3/OSSL_PARAM_int.pod
@@ -331,6 +331,12 @@ representable by the target type or parameter.
Apart from that, the functions must be used appropriately for the
expected type of the parameter.
+OSSL_PARAM_get_BN() and OSSL_PARAM_set_BN() currently only support
+nonnegative B<BIGNUM>s, and by consequence, only
+B<OSSL_PARAM_UNSIGNED_INTEGER>. OSSL_PARAM_construct_BN() currently
+constructs an B<OSSL_PARAM> structure with the data type
+B<OSSL_PARAM_UNSIGNED_INTEGER>.
+
For OSSL_PARAM_construct_utf8_ptr() and OSSL_PARAM_consstruct_octet_ptr(),
I<bsize> is not relevant if the purpose is to send the B<OSSL_PARAM> array
to a I<responder>, i.e. to get parameter data back.
