public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

APPS/{ecparam,pkeyparam}: fix case where infile and outfile are the same

Browse source 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)
This commit is contained in:
Dr. David von Oheimb 2024-09-27 07:58:20 +02:00 committed by Tomas Mraz
parent 32189981a3
commit 1dbb67c4f1
5 changed files with 44 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

20
apps/ecparam.c
View file

@ -194,16 +194,6 @@ int ecparam_main(int argc, char **argv)
private = genkey ? 1 : 0; private = genkey ? 1 : 0;
out = bio_open_owner(outfile, outformat, private);
if (out == NULL)
goto end;
if (list_curves) {
if (list_builtin_curves(out))
ret = 0;
goto end;
}
if (curve_name != NULL) { if (curve_name != NULL) {
OSSL_PARAM params[4]; OSSL_PARAM params[4];
OSSL_PARAM *p = params; OSSL_PARAM *p = params;
@ -276,6 +266,16 @@ int ecparam_main(int argc, char **argv)
goto end; goto end;
} }
out = bio_open_owner(outfile, outformat, private);
if (out == NULL)
goto end;
if (list_curves) {
if (list_builtin_curves(out))
ret = 0;
goto end;
}
if (text if (text
&& !EVP_PKEY_print_params(out, params_key, 0, NULL)) { && !EVP_PKEY_print_params(out, params_key, 0, NULL)) {
BIO_printf(bio_err, "unable to print params\n"); BIO_printf(bio_err, "unable to print params\n");

6
apps/pkeyparam.c
View file

@ -97,9 +97,6 @@ int pkeyparam_main(int argc, char **argv)
in = bio_open_default(infile, 'r', FORMAT_PEM); in = bio_open_default(infile, 'r', FORMAT_PEM);
if (in == NULL) if (in == NULL)
goto end; goto end;
out = bio_open_default(outfile, 'w', FORMAT_PEM);
if (out == NULL)
goto end;
pkey = PEM_read_bio_Parameters_ex(in, NULL, app_get0_libctx(), pkey = PEM_read_bio_Parameters_ex(in, NULL, app_get0_libctx(),
app_get0_propq()); app_get0_propq());
if (pkey == NULL) { if (pkey == NULL) {
@ -107,6 +104,9 @@ int pkeyparam_main(int argc, char **argv)
ERR_print_errors(bio_err); ERR_print_errors(bio_err);
goto end; goto end;
} }
out = bio_open_default(outfile, 'w', FORMAT_PEM);
if (out == NULL)
goto end;
if (check) { if (check) {
if (e == NULL) if (e == NULL)

8
doc/man1/openssl-ecparam.pod.in
View file

@ -55,14 +55,16 @@ Parameters are encoded as B<EcpkParameters> as specified in IETF RFC 3279.
=item B<-in> I<filename> =item B<-in> I<filename>
This specifies the input filename to read parameters from or standard input if This specifies the input file to read parameters from or standard input if
this option is not specified. this option is not specified.
=item B<-out> I<filename> =item B<-out> I<filename>
This specifies the output filename parameters to. Standard output is used This specifies the output filename parameters to. Standard output is used
if this option is not present. The output filename should B<not> be the same if this option is not present.
as the input filename. The output filename can be the same as the input filename,
which leads to replacing the file contents.
Note that file I/O is not atomic. The output file is truncated and then written.
=item B<-noout> =item B<-noout>

5
doc/man1/openssl-pkeyparam.pod.in
View file

@ -35,13 +35,16 @@ Print out a usage message.
=item B<-in> I<filename> =item B<-in> I<filename>
This specifies the input filename to read parameters from or standard input if This specifies the input file to read parameters from or standard input if
this option is not specified. this option is not specified.
=item B<-out> I<filename> =item B<-out> I<filename>
This specifies the output filename to write parameters to or standard output if This specifies the output filename to write parameters to or standard output if
this option is not specified. this option is not specified.
The output filename can be the same as the input filename,
which leads to replacing the file contents.
Note that file I/O is not atomic. The output file is truncated and then written.
=item B<-text> =item B<-text>

24
test/recipes/15-test_ecparam.t
View file

@ -11,7 +11,8 @@ use strict;
use warnings; use warnings;
use File::Spec; use File::Spec;
use File::Compare qw/compare_text/; use File::Copy;
use File::Compare qw/compare_text compare/;
use OpenSSL::Glob; use OpenSSL::Glob;
use OpenSSL::Test qw/:DEFAULT data_file srctop_file bldtop_dir/; use OpenSSL::Test qw/:DEFAULT data_file srctop_file bldtop_dir/;
use OpenSSL::Test::Utils; use OpenSSL::Test::Utils;
@ -29,7 +30,7 @@ if (disabled("sm2")) {
@valid = grep { !/sm2-.*\.pem/} @valid; @valid = grep { !/sm2-.*\.pem/} @valid;
} }
plan tests => 12; plan tests => 13;
sub checkload { sub checkload {
my $files = shift; # List of files my $files = shift; # List of files
@ -63,6 +64,19 @@ sub checkcompare {
} }
} }
sub check_identical {
my $apps = shift; # List of applications
foreach (@$apps) {
my $inout = "$_.tst";
my $backup = "backup.tst";
copy($inout, $backup);
ok(run(app(['openssl', $_, '-in', $inout, '-out', $inout])));
ok(!compare($inout, $backup), "converted file $inout did not change");
}
}
my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
subtest "Check loading valid parameters by ecparam with -check" => sub { subtest "Check loading valid parameters by ecparam with -check" => sub {
@ -120,6 +134,12 @@ subtest "Check pkeyparam does not change the parameter file on output" => sub {
checkcompare(\@valid, "pkeyparam"); checkcompare(\@valid, "pkeyparam");
}; };
my @apps = ("ecparam", "pkeyparam");
subtest "Check param apps do not garble infile identical to outfile" => sub {
plan tests => 2 * scalar(@apps);
check_identical(\@apps);
};
subtest "Check loading of fips and non-fips params" => sub { subtest "Check loading of fips and non-fips params" => sub {
plan skip_all => "FIPS is disabled" plan skip_all => "FIPS is disabled"
if $no_fips; if $no_fips;