Changeset 105949 in vbox for trunk/src/libs/openssl-3.1.7/crypto/evp/pmeth_lib.c

Timestamp:

Sep 4, 2024 12:53:14 PM (6 months ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

164683

Message:

openssl-3.1.7: Applied and adjusted our OpenSSL changes to 3.1.7. bugref:10757

File:

• trunk/src/libs/openssl-3.1.7/crypto/evp/pmeth_lib.c (modified) (3 diffs)

trunk/src/libs/openssl-3.1.7/crypto/evp/pmeth_lib.c

@@ -1 +1 @@
 /*
- * Copyright 2006-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
@@ -1029 +1029 @@
 }
 
-static int evp_pkey_ctx_add1_octet_string(EVP_PKEY_CTX *ctx, int fallback,
-                                          const char *param, int op, int ctrl,
-                                          const unsigned char *data,
-                                          int datalen)
-{
-    OSSL_PARAM os_params[2];
-    const OSSL_PARAM *gettables;
-    unsigned char *info = NULL;
-    size_t info_len = 0;
-    size_t info_alloc = 0;
-    int ret = 0;
-
-    if (ctx == NULL || (ctx->operation & op) == 0) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    }
-
-    /* Code below to be removed when legacy support is dropped. */
-    if (fallback)
-        return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, datalen, (void *)(data));
-    /* end of legacy support */
-
-    if (datalen < 0) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH);
-        return 0;
-    } else if (datalen == 0) {
-        return 1;
-    }
-
-    /* Check for older provider that doesn't support getting this parameter */
-    gettables = EVP_PKEY_CTX_gettable_params(ctx);
-    if (gettables == NULL || OSSL_PARAM_locate_const(gettables, param) == NULL)
-        return evp_pkey_ctx_set1_octet_string(ctx, fallback, param, op, ctrl,
-                                              data, datalen);
-
-    /* Get the original value length */
-    os_params[0] = OSSL_PARAM_construct_octet_string(param, NULL, 0);
-    os_params[1] = OSSL_PARAM_construct_end();
-
-    if (!EVP_PKEY_CTX_get_params(ctx, os_params))
-        return 0;
-
-    /* This should not happen but check to be sure. */
-    if (os_params[0].return_size == OSSL_PARAM_UNMODIFIED)
-        return 0;
-
-    info_alloc = os_params[0].return_size + datalen;
-    if (info_alloc == 0)
-        return 0;
-    info = OPENSSL_zalloc(info_alloc);
-    if (info == NULL)
-        return 0;
-    info_len = os_params[0].return_size;
-
-    os_params[0] = OSSL_PARAM_construct_octet_string(param, info, info_alloc);
-
-    /* if we have data, then go get it */
-    if (info_len > 0) {
-        if (!EVP_PKEY_CTX_get_params(ctx, os_params))
-            goto error;
-    }
-
-    /* Copy the input data */
-    memcpy(&info[info_len], data, datalen);
-    ret = EVP_PKEY_CTX_set_params(ctx, os_params);
-
- error:
-    OPENSSL_clear_free(info, info_alloc);
-    return ret;
-}
-
 int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *ctx,
                                       const unsigned char *sec, int seclen)
@@ -1151 +1079 @@
                                       const unsigned char *info, int infolen)
 {
-    return evp_pkey_ctx_add1_octet_string(ctx, ctx->op.kex.algctx == NULL,
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
                                           OSSL_KDF_PARAM_INFO,
                                           EVP_PKEY_OP_DERIVE,