Commit 83b4a243 authored by Shane Lontis's avatar Shane Lontis
Browse files

Make EVP_MD_CTX_ctrl() work for legacy use cases (ssl3). 



This is still required currently by engines and digestsign/digestverify.
This PR contains merged in code from Richard Levitte's PR #9126.

[extended tests]

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9103)
parent 3d700c3f

crypto/evp/digest.c

+25 −22
Original line number Diff line number Diff line
@@ -539,10 +539,11 @@ int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[]) 
    return 0;

}



#if !OPENSSL_API_3

/* TODO(3.0): Remove legacy code below - only used by engines & DigestSign */

int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)

{

    if (ctx->digest != NULL) {

        if (ctx->digest->prov != NULL) {

            OSSL_PARAM params[2];

            size_t i, sz, n = 0;
@@ -551,19 +552,22 @@ int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) 
                if (ctx->digest->set_params == NULL)

                    break;

                i = (size_t)p1;

            params[n++] = OSSL_PARAM_construct_size_t(

                              OSSL_DIGEST_PARAM_XOFLEN, &i, &sz);

                params[n++] =

                    OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_XOFLEN, &i,

                                                &sz);

                params[n++] = OSSL_PARAM_construct_end();

            return ctx->digest->set_params(ctx->provctx, params) > 0;

                return ctx->digest->set_params(ctx->provctx, params);

            case EVP_MD_CTRL_MICALG:

                if (ctx->digest->get_params == NULL)

                    break;

            params[n++] = OSSL_PARAM_construct_utf8_string(

                              OSSL_DIGEST_PARAM_MICALG, p2, p1 ? p1 : 9999,

                              &sz);

                params[n++] =

                    OSSL_PARAM_construct_utf8_string(OSSL_DIGEST_PARAM_MICALG,

                                                     p2, p1 ? p1 : 9999, &sz);

                params[n++] = OSSL_PARAM_construct_end();

                return ctx->digest->get_params(ctx->provctx, params);

            }

            return 0;

        }

        /* legacy code */

        if (ctx->digest->md_ctrl != NULL) {

            int ret = ctx->digest->md_ctrl(ctx, cmd, p1, p2);
@@ -574,7 +578,6 @@ int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) 
    }

    return 0;

}

#endif



static void *evp_md_from_dispatch(const OSSL_DISPATCH *fns,

                                  OSSL_PROVIDER *prov)

doc/man3/EVP_DigestInit.pod

+1 −1
Original line number Diff line number Diff line
@@ -90,7 +90,7 @@ Cleans up digest context B<ctx> and frees up the space allocated to it. 


=item EVP_MD_CTX_ctrl()



This is a deprecated function. EVP_MD_CTX_set_params() and EVP_MD_CTX_get_params()

This is a legacy method. EVP_MD_CTX_set_params() and EVP_MD_CTX_get_params()

is the mechanism that should be used to set and get parameters that are used by

providers.

Performs digest-specific control actions on context B<ctx>. The control command

include/openssl/core_names.h

+1 −2
Original line number Diff line number Diff line
@@ -42,8 +42,7 @@ extern "C" { 


/* digest parameters */

#define OSSL_DIGEST_PARAM_XOFLEN    "xoflen"

#define OSSL_DIGEST_PARAM_CMD       "cmd"

#define OSSL_DIGEST_PARAM_MSG       "msg"

#define OSSL_DIGEST_PARAM_SSL3_MS   "ssl3-ms"

#define OSSL_DIGEST_PARAM_PAD_TYPE  "pad_type"

#define OSSL_DIGEST_PARAM_MICALG    "micalg"

include/openssl/evp.h

+1 −1
Original line number Diff line number Diff line
@@ -542,7 +542,7 @@ void BIO_set_md(BIO *, const EVP_MD *md); 


int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[]);

int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[]);

DEPRECATEDIN_3(int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2))

int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);

EVP_MD_CTX *EVP_MD_CTX_new(void);

int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);

void EVP_MD_CTX_free(EVP_MD_CTX *ctx);

providers/common/digests/sha2_prov.c

+5 −10
Original line number Diff line number Diff line
@@ -10,6 +10,7 @@ 
#include <openssl/crypto.h>

#include <openssl/core_numbers.h>

#include <openssl/sha.h>

#include <openssl/evp.h>

#include <openssl/params.h>

#include <openssl/core_names.h>

#include "internal/core_mkdigest.h"
@@ -21,20 +22,14 @@ static OSSL_OP_digest_set_params_fn sha1_set_params; 
/* Special set_params method for SSL3 */

static int sha1_set_params(void *vctx, const OSSL_PARAM params[])

{

    int cmd = 0;

    size_t msg_len = 0;

    const void *msg = NULL;

    const OSSL_PARAM *p;

    SHA_CTX *ctx = (SHA_CTX *)vctx;



    if (ctx != NULL && params != NULL) {

        p = OSSL_PARAM_locate(params, OSSL_DIGEST_PARAM_CMD);

        if (p != NULL && !OSSL_PARAM_get_int(p, &cmd))

            return 0;

        p = OSSL_PARAM_locate(params, OSSL_DIGEST_PARAM_MSG);

        if (p != NULL && !OSSL_PARAM_get_octet_ptr(p, &msg, &msg_len))

            return 0;

        return sha1_ctrl(ctx, cmd, msg_len, (void *)msg);

        p = OSSL_PARAM_locate(params, OSSL_DIGEST_PARAM_SSL3_MS);

        if (p != NULL && p->data_type == OSSL_PARAM_OCTET_STRING)

            return sha1_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET, p->data_size,

                             p->data);

    }

    return 0;

}