From 612c200ca1ff0f4068fcd47d4869035d16e08bb0 Mon Sep 17 00:00:00 2001 From: Shubham Mittal Date: Tue, 3 Sep 2024 10:27:57 -0700 Subject: [PATCH] update documentation and added null checks --- crypto/fipsmodule/rsa/internal.h | 12 ++++++++---- crypto/fipsmodule/rsa/rsa.c | 28 ++++++++++++++++++++++------ crypto/fipsmodule/rsa/rsa_impl.c | 2 +- crypto/rsa_extra/rsa_crypt.c | 4 ++-- include/openssl/rsa.h | 19 +++++++++++++++++-- 5 files changed, 50 insertions(+), 15 deletions(-) diff --git a/crypto/fipsmodule/rsa/internal.h b/crypto/fipsmodule/rsa/internal.h index 69e7acfe6b..009f2c2177 100644 --- a/crypto/fipsmodule/rsa/internal.h +++ b/crypto/fipsmodule/rsa/internal.h @@ -81,16 +81,20 @@ struct rsa_meth_st { int (*sign)(int type, const uint8_t *m, unsigned int m_length, uint8_t *sigret, unsigned int *siglen, const RSA *rsa); - // Set via |RSA_meth_set_priv_enc| + // Set via |RSA_meth_set_priv_enc|. |sign_raw| is equivalent to the + // |priv_enc| field of OpenSSL's |RSA_METHOD| struct. int (*sign_raw)(int max_out, const uint8_t *in, uint8_t *out, RSA *rsa, int padding); - // Set via |RSA_meth_set_pub_dec| + // Set via |RSA_meth_set_pub_dec|. |verify_raw| is equivalent to the + // |pub_dec| field of OpenSSL's |RSA_METHOD| struct. int (*verify_raw)(int max_out, const uint8_t *in, uint8_t *out, RSA *rsa, int padding); - // Set via |RSA_meth_set_priv_dec| + // Set via |RSA_meth_set_priv_dec|. |decrypt| is equivalent to the + // |priv_dec| field of OpenSSL's |RSA_METHOD| struct. int (*decrypt)(int max_out, const uint8_t *in, uint8_t *out, RSA *rsa, int padding); - // Set via |RSA_meth_set_pub_enc| + // Set via |RSA_meth_set_pub_enc|. |encrypt| is equivalent to the + // |pub_enc| field of OpenSSL's |RSA_METHOD| struct. int (*encrypt)(int max_out, const uint8_t *in, uint8_t *out, RSA *rsa, int padding); diff --git a/crypto/fipsmodule/rsa/rsa.c b/crypto/fipsmodule/rsa/rsa.c index ab23d7680a..d309063585 100644 --- a/crypto/fipsmodule/rsa/rsa.c +++ b/crypto/fipsmodule/rsa/rsa.c @@ -572,7 +572,7 @@ static int rsa_sign_raw_no_self_test(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, const uint8_t *in, size_t in_len, int padding) { SET_DIT_AUTO_DISABLE; - if (rsa->meth->sign_raw) { + if (rsa->meth && rsa->meth->sign_raw) { // In OpenSSL, the RSA_METHOD |sign_raw| or |priv_enc| operation does // not directly take and initialize an |out_len| parameter. Instead, it // returns the size of the encrypted data or a negative number for error. @@ -602,7 +602,8 @@ int RSA_sign_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, unsigned RSA_size(const RSA *rsa) { SET_DIT_AUTO_DISABLE; - size_t ret = rsa->meth->size ? rsa->meth->size(rsa) : rsa_default_size(rsa); + size_t ret = (rsa->meth && rsa->meth->size) ? + rsa->meth->size(rsa) : rsa_default_size(rsa); // RSA modulus sizes are bounded by |BIGNUM|, which must fit in |unsigned|. // // TODO(https://crbug.com/boringssl/516): Should we make this return |size_t|? @@ -797,7 +798,7 @@ int RSA_add_pkcs1_prefix(uint8_t **out_msg, size_t *out_msg_len, int rsa_sign_no_self_test(int hash_nid, const uint8_t *digest, size_t digest_len, uint8_t *out, unsigned *out_len, RSA *rsa) { - if (rsa->meth->sign) { + if (rsa->meth && rsa->meth->sign) { if (!rsa_check_digest_size(hash_nid, digest_len)) { return 0; } @@ -994,7 +995,7 @@ int RSA_verify_pss_mgf1(RSA *rsa, const uint8_t *digest, size_t digest_len, int rsa_private_transform_no_self_test(RSA *rsa, uint8_t *out, const uint8_t *in, size_t len) { - if (rsa->meth->private_transform) { + if (rsa->meth && rsa->meth->private_transform) { return rsa->meth->private_transform(rsa, out, in, len); } @@ -1010,17 +1011,32 @@ int rsa_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, int RSA_flags(const RSA *rsa) { SET_DIT_AUTO_DISABLE; - return rsa->flags; + if (rsa) { + return rsa->flags; + } + + OPENSSL_PUT_ERROR(RSA, ERR_R_PASSED_NULL_PARAMETER); + return 0; } void RSA_set_flags(RSA *rsa, int flags) { SET_DIT_AUTO_DISABLE; + if (rsa == NULL) { + OPENSSL_PUT_ERROR(RSA, ERR_R_PASSED_NULL_PARAMETER); + return; + } + rsa->flags |= flags; } int RSA_test_flags(const RSA *rsa, int flags) { SET_DIT_AUTO_DISABLE; - return rsa->flags & flags; + if (rsa) { + return rsa->flags & flags; + } + + OPENSSL_PUT_ERROR(RSA, ERR_R_PASSED_NULL_PARAMETER); + return 0; } int RSA_blinding_on(RSA *rsa, BN_CTX *ctx) { diff --git a/crypto/fipsmodule/rsa/rsa_impl.c b/crypto/fipsmodule/rsa/rsa_impl.c index 9943bc39d7..c7fa319a49 100644 --- a/crypto/fipsmodule/rsa/rsa_impl.c +++ b/crypto/fipsmodule/rsa/rsa_impl.c @@ -412,7 +412,7 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); int rsa_verify_raw_no_self_test(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, const uint8_t *in, size_t in_len, int padding) { - if(rsa->meth->verify_raw) { + if(rsa->meth && rsa->meth->verify_raw) { // In OpenSSL, the RSA_METHOD |verify_raw| or |pub_dec| operation does // not directly take and initialize an |out_len| parameter. Instead, it // returns the size of the recovered plaintext or negative number for error. diff --git a/crypto/rsa_extra/rsa_crypt.c b/crypto/rsa_extra/rsa_crypt.c index 2e0e76bf32..f5679ac3c4 100644 --- a/crypto/rsa_extra/rsa_crypt.c +++ b/crypto/rsa_extra/rsa_crypt.c @@ -385,7 +385,7 @@ int RSA_private_encrypt(size_t flen, const uint8_t *from, uint8_t *to, RSA *rsa, int RSA_encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, const uint8_t *in, size_t in_len, int padding) { - if(rsa->meth->encrypt) { + if(rsa->meth && rsa->meth->encrypt) { // In OpenSSL, the RSA_METHOD |encrypt| or |pub_enc| operation does not // directly take and initialize an |out_len| parameter. Instead, it returns // the number of bytes written to |out| or a negative number for error. @@ -557,7 +557,7 @@ static int rsa_default_decrypt(RSA *rsa, size_t *out_len, uint8_t *out, int RSA_decrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, const uint8_t *in, size_t in_len, int padding) { - if (rsa->meth->decrypt) { + if (rsa->meth && rsa->meth->decrypt) { // In OpenSSL, the RSA_METHOD |decrypt| operation does not directly take // and initialize an |out_len| parameter. Instead, it returns the number // of bytes written to |out| or a negative number for error. Our wrapping diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h index ef73575c7a..838862ce84 100644 --- a/include/openssl/rsa.h +++ b/include/openssl/rsa.h @@ -240,16 +240,21 @@ OPENSSL_EXPORT void RSA_meth_free(RSA_METHOD *meth); // The following functions set the corresponding fields on |meth|. Returns one // on success and zero on failure. -// RSA_meth_set_init sets |init| on |meth|. +// RSA_meth_set_init sets |init| on |meth|. |init| should return one on +// success and zero on failure. OPENSSL_EXPORT int RSA_meth_set_init(RSA_METHOD *meth, int (*init) (RSA *rsa)); // RSA_meth_set_finish sets |finish| on |meth|. The |finish| function -// is called in |RSA_free| before freeing the key. +// is called in |RSA_free| before freeing the key. |finish| should return +// one on success and zero on failure. OPENSSL_EXPORT int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish) (RSA *rsa)); // RSA_meth_set_priv_dec sets |priv_dec| on |meth|. The |priv_dec| function // should return the number of bytes written to the object |to| or -1 for error. +// |priv_dec| should decrypt |max_out| bytes at |from| using the private key +// |rsa| and store the plaintext in |to|. |priv_dec| should return the size of +// the recovered plaintext or a negative number on error. OPENSSL_EXPORT int RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec) (int max_out, const uint8_t *from, uint8_t *to, RSA *rsa, @@ -257,6 +262,9 @@ OPENSSL_EXPORT int RSA_meth_set_priv_dec(RSA_METHOD *meth, // RSA_meth_set_priv_enc sets |priv_enc| on |meth|. The |priv_enc| function // should return the number of bytes written to the object |to| or -1 for error. +// |priv_enc| should sign |max_out| bytes at |from| using the private key |rsa| +// and store the signature in |to|. |priv_enc| should return the size of the +// signature or a negative number for error. OPENSSL_EXPORT int RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc) (int max_out, const uint8_t *from, uint8_t *to, RSA *rsa, @@ -264,6 +272,10 @@ OPENSSL_EXPORT int RSA_meth_set_priv_enc(RSA_METHOD *meth, // RSA_meth_set_pub_dec sets |pub_dec| on |meth|. The |pub_dec| function // should return the number of bytes written to the object |to| or -1 for error. +// |pub_dec| should recover the |max_out| bytes of the message digest at |from| +// using the signer's public key |rsa| and store it in |to|. |pub_dec| should +// return the size of the recovered message digest or a negative number on +// error. OPENSSL_EXPORT int RSA_meth_set_pub_dec(RSA_METHOD *meth, int (*pub_dec) (int max_out, const uint8_t *from, uint8_t *to, RSA *rsa, @@ -271,6 +283,9 @@ OPENSSL_EXPORT int RSA_meth_set_pub_dec(RSA_METHOD *meth, // RSA_meth_set_pub_enc sets |pub_enc| on |meth|. The |pub_enc| function // should return the number of bytes written to the object |to| or -1 for error. +// |pub_enc| should encrypt |max_out| bytes at |from| using the public key |rsa| +// and stores the ciphertext in |to|. |pub_enc| should return the size of the +// encrypted data or a negative number on error. OPENSSL_EXPORT int RSA_meth_set_pub_enc(RSA_METHOD *meth, int (*pub_enc) (int max_out, const uint8_t *from, uint8_t *to, RSA *rsa,