From: Simo Sorce Date: Mon, 20 Oct 2025 22:46:45 +0000 (-0400) Subject: Use generated param decoders in SHA provider X-Git-Url: https://git.feebdaed.xyz/?a=commitdiff_plain;h=a95faeb567115d0d353ac408e79396aaa8a678ec;p=0xmirror%2Fopenssl.git Use generated param decoders in SHA provider Refactor the SHA provider's context parameter handling in sha2_prov.c to use the generated parameter decoder framework. This change replaces manual parameter lookups using `OSSL_PARAM_locate` and static `OSSL_PARAM` arrays with generated decoder functions and structs. A new template, `sha2_prov.inc.in`, is added to create the necessary decoders during the build. This simplifies the code, reduces boilerplate, and improves type safety. Signed-off-by: Simo Sorce Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/28837) --- diff --git a/.gitignore b/.gitignore index 129335aa44..851a319a5e 100644 --- a/.gitignore +++ b/.gitignore @@ -159,6 +159,7 @@ providers/implementations/ciphers/cipher_sm4_xts.inc providers/implementations/digests/blake2_prov.inc providers/implementations/digests/digestcommon.inc providers/implementations/digests/mdc2_prov.inc +providers/implementations/digests/sha2_prov.inc providers/implementations/digests/sha3_prov.inc providers/implementations/include/prov/blake2_params.inc providers/implementations/macs/cmac_prov.inc diff --git a/build.info b/build.info index f2d6da6c8b..41e82e6acb 100644 --- a/build.info +++ b/build.info @@ -115,6 +115,7 @@ DEPEND[]=include/openssl/asn1.h \ providers/implementations/digests/blake2_prov.inc \ providers/implementations/digests/digestcommon.inc \ providers/implementations/digests/mdc2_prov.inc \ + providers/implementations/digests/sha2_prov.inc \ providers/implementations/digests/sha3_prov.inc \ providers/implementations/include/prov/blake2_params.inc \ providers/implementations/macs/cmac_prov.inc \ @@ -233,6 +234,7 @@ DEPEND[providers/implementations/asymciphers/rsa_enc.inc \ providers/implementations/digests/blake2_prov.inc \ providers/implementations/digests/digestcommon.inc \ providers/implementations/digests/mdc2_prov.inc \ + providers/implementations/digests/sha2_prov.inc \ providers/implementations/digests/sha3_prov.inc \ providers/implementations/include/prov/blake2_params.inc \ providers/implementations/macs/cmac_prov.inc \ @@ -389,6 +391,8 @@ GENERATE[providers/implementations/digests/digestcommon.inc]=\ providers/implementations/digests/digestcommon.inc.in GENERATE[providers/implementations/digests/mdc2_prov.inc]=\ providers/implementations/digests/mdc2_prov.inc.in +GENERATE[providers/implementations/digests/sha2_prov.inc]=\ + providers/implementations/digests/sha2_prov.inc.in GENERATE[providers/implementations/digests/sha3_prov.inc]=\ providers/implementations/digests/sha3_prov.inc.in GENERATE[providers/implementations/include/prov/blake2_params.inc]=\ diff --git a/providers/implementations/digests/sha2_prov.c b/providers/implementations/digests/sha2_prov.c index fe179ca8f5..31a6b85450 100644 --- a/providers/implementations/digests/sha2_prov.c +++ b/providers/implementations/digests/sha2_prov.c @@ -17,46 +17,41 @@ #include #include #include +#include #include #include +#include #include #include "prov/digestcommon.h" #include "prov/implementations.h" #include "crypto/sha.h" +#include "internal/common.h" +#include "providers/implementations/digests/sha2_prov.inc" #define SHA2_FLAGS PROV_DIGEST_FLAG_ALGID_ABSENT -static OSSL_FUNC_digest_set_ctx_params_fn sha1_set_ctx_params; -static OSSL_FUNC_digest_settable_ctx_params_fn sha1_settable_ctx_params; - -static const OSSL_PARAM known_sha1_settable_ctx_params[] = { - { OSSL_DIGEST_PARAM_SSL3_MS, OSSL_PARAM_OCTET_STRING, NULL, 0, 0 }, - OSSL_PARAM_END -}; -static const OSSL_PARAM *sha1_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) -{ - return known_sha1_settable_ctx_params; -} - /* Special set_params method for SSL3 */ static int sha1_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { - const OSSL_PARAM *p; + struct sha1_set_ctx_params_st p; SHA_CTX *ctx = (SHA_CTX *)vctx; - if (ctx == NULL) + if (ossl_unlikely(ctx == NULL || !sha1_set_ctx_params_decoder(params, &p))) return 0; - if (ossl_param_is_empty(params)) - return 1; - p = OSSL_PARAM_locate_const(params, OSSL_DIGEST_PARAM_SSL3_MS); - if (p != NULL && p->data_type == OSSL_PARAM_OCTET_STRING) + if (p.ssl3_ms != NULL) return ossl_sha1_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET, - (int)p->data_size, p->data); + (int)p.ssl3_ms->data_size, p.ssl3_ms->data); + return 1; } +static const OSSL_PARAM *sha1_settable_ctx_params(ossl_unused void *ctx, + ossl_unused void *provctx) +{ + return sha1_set_ctx_params_list; +} + static const unsigned char sha256magic[] = "SHA256v1"; #define SHA256MAGIC_LEN (sizeof(sha256magic) - 1) #define SHA256_SERIALIZATION_LEN \ diff --git a/providers/implementations/digests/sha2_prov.inc.in b/providers/implementations/digests/sha2_prov.inc.in new file mode 100644 index 0000000000..33b2931a25 --- /dev/null +++ b/providers/implementations/digests/sha2_prov.inc.in @@ -0,0 +1,18 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- +produce_param_decoder('sha1_set_ctx_params', + ([ 'OSSL_DIGEST_PARAM_SSL3_MS', 'ssl3_ms', 'octet_string' ], + )); +-}