2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/crypto.h>
11 #include <openssl/core_numbers.h>
12 #include <openssl/evp.h>
13 #include <openssl/err.h>
14 #include "internal/provider.h"
15 #include "internal/refcount.h"
16 #include "crypto/evp.h"
17 #include "evp_local.h"
20 static void *keymgmt_new(void)
22 EVP_KEYMGMT *keymgmt = NULL;
24 if ((keymgmt = OPENSSL_zalloc(sizeof(*keymgmt))) == NULL
25 || (keymgmt->lock = CRYPTO_THREAD_lock_new()) == NULL) {
26 EVP_KEYMGMT_free(keymgmt);
27 EVPerr(0, ERR_R_MALLOC_FAILURE);
36 static void *keymgmt_from_dispatch(int name_id,
37 const OSSL_DISPATCH *fns,
40 EVP_KEYMGMT *keymgmt = NULL;
41 int paramfncnt = 0, importfncnt = 0, exportfncnt = 0;
43 if ((keymgmt = keymgmt_new()) == NULL) {
44 EVP_KEYMGMT_free(keymgmt);
47 keymgmt->name_id = name_id;
49 for (; fns->function_id != 0; fns++) {
50 switch (fns->function_id) {
51 case OSSL_FUNC_KEYMGMT_NEW:
52 if (keymgmt->new == NULL)
53 keymgmt->new = OSSL_get_OP_keymgmt_new(fns);
55 case OSSL_FUNC_KEYMGMT_FREE:
56 if (keymgmt->free == NULL)
57 keymgmt->free = OSSL_get_OP_keymgmt_free(fns);
59 case OSSL_FUNC_KEYMGMT_GET_PARAMS:
60 if (keymgmt->get_params == NULL) {
62 keymgmt->get_params = OSSL_get_OP_keymgmt_get_params(fns);
65 case OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS:
66 if (keymgmt->gettable_params == NULL) {
68 keymgmt->gettable_params =
69 OSSL_get_OP_keymgmt_gettable_params(fns);
72 case OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME:
73 if (keymgmt->query_operation_name == NULL)
74 keymgmt->query_operation_name =
75 OSSL_get_OP_keymgmt_query_operation_name(fns);
77 case OSSL_FUNC_KEYMGMT_HAS:
78 if (keymgmt->has == NULL)
79 keymgmt->has = OSSL_get_OP_keymgmt_has(fns);
81 case OSSL_FUNC_KEYMGMT_VALIDATE:
82 if (keymgmt->validate == NULL)
83 keymgmt->validate = OSSL_get_OP_keymgmt_validate(fns);
85 case OSSL_FUNC_KEYMGMT_IMPORT:
86 if (keymgmt->import == NULL) {
88 keymgmt->import = OSSL_get_OP_keymgmt_import(fns);
91 case OSSL_FUNC_KEYMGMT_IMPORT_TYPES:
92 if (keymgmt->import_types == NULL) {
94 keymgmt->import_types = OSSL_get_OP_keymgmt_import_types(fns);
97 case OSSL_FUNC_KEYMGMT_EXPORT:
98 if (keymgmt->export == NULL) {
100 keymgmt->export = OSSL_get_OP_keymgmt_export(fns);
103 case OSSL_FUNC_KEYMGMT_EXPORT_TYPES:
104 if (keymgmt->export_types == NULL) {
106 keymgmt->export_types = OSSL_get_OP_keymgmt_export_types(fns);
112 * Try to check that the method is sensible.
113 * At least one constructor and the destructor are MANDATORY
114 * The functions 'has' is MANDATORY
115 * It makes no sense being able to free stuff if you can't create it.
116 * It makes no sense providing OSSL_PARAM descriptors for import and
117 * export if you can't import or export.
119 if (keymgmt->free == NULL
120 || keymgmt->new == NULL
121 || keymgmt->has == NULL
122 || (paramfncnt != 0 && paramfncnt != 2)
123 || (importfncnt != 0 && importfncnt != 2)
124 || (exportfncnt != 0 && exportfncnt != 2)) {
125 EVP_KEYMGMT_free(keymgmt);
126 EVPerr(0, EVP_R_INVALID_PROVIDER_FUNCTIONS);
129 keymgmt->prov = prov;
131 ossl_provider_up_ref(prov);
136 EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OPENSSL_CTX *ctx, int name_id,
137 const char *properties)
139 return evp_generic_fetch_by_number(ctx,
140 OSSL_OP_KEYMGMT, name_id, properties,
141 keymgmt_from_dispatch,
142 (int (*)(void *))EVP_KEYMGMT_up_ref,
143 (void (*)(void *))EVP_KEYMGMT_free);
146 EVP_KEYMGMT *EVP_KEYMGMT_fetch(OPENSSL_CTX *ctx, const char *algorithm,
147 const char *properties)
149 return evp_generic_fetch(ctx, OSSL_OP_KEYMGMT, algorithm, properties,
150 keymgmt_from_dispatch,
151 (int (*)(void *))EVP_KEYMGMT_up_ref,
152 (void (*)(void *))EVP_KEYMGMT_free);
155 int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt)
159 CRYPTO_UP_REF(&keymgmt->refcnt, &ref, keymgmt->lock);
163 void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt)
170 CRYPTO_DOWN_REF(&keymgmt->refcnt, &ref, keymgmt->lock);
173 ossl_provider_free(keymgmt->prov);
174 CRYPTO_THREAD_lock_free(keymgmt->lock);
175 OPENSSL_free(keymgmt);
178 const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt)
180 return keymgmt->prov;
183 int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt)
185 return keymgmt->name_id;
188 int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name)
190 return evp_is_a(keymgmt->prov, keymgmt->name_id, NULL, name);
193 void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx,
194 void (*fn)(EVP_KEYMGMT *keymgmt, void *arg),
197 evp_generic_do_all(libctx, OSSL_OP_KEYMGMT,
198 (void (*)(void *, void *))fn, arg,
199 keymgmt_from_dispatch,
200 (void (*)(void *))EVP_KEYMGMT_free);
203 void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
204 void (*fn)(const char *name, void *data),
207 if (keymgmt->prov != NULL)
208 evp_names_do_all(keymgmt->prov, keymgmt->name_id, fn, data);
212 * Internal API that interfaces with the method function pointers
214 void *evp_keymgmt_newdata(const EVP_KEYMGMT *keymgmt)
216 void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
219 * TODO(3.0) 'new' is currently mandatory on its own, but when new
220 * constructors appear, it won't be quite as mandatory, so we have
221 * a check for future cases.
223 if (keymgmt->new == NULL)
225 return keymgmt->new(provctx);
228 void evp_keymgmt_freedata(const EVP_KEYMGMT *keymgmt, void *keydata)
230 /* This is mandatory, no need to check for its presence */
231 keymgmt->free(keydata);
234 int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt, void *keydata,
237 if (keymgmt->get_params == NULL)
239 return keymgmt->get_params(keydata, params);
242 const OSSL_PARAM *evp_keymgmt_gettable_params(const EVP_KEYMGMT *keymgmt)
244 if (keymgmt->gettable_params == NULL)
246 return keymgmt->gettable_params();
249 int evp_keymgmt_has(const EVP_KEYMGMT *keymgmt, void *keydata, int selection)
251 /* This is mandatory, no need to check for its presence */
252 return keymgmt->has(keydata, selection);
255 int evp_keymgmt_validate(const EVP_KEYMGMT *keymgmt, void *keydata,
258 /* We assume valid if the implementation doesn't have a function */
259 if (keymgmt->validate == NULL)
261 return keymgmt->validate(keydata, selection);
264 int evp_keymgmt_import(const EVP_KEYMGMT *keymgmt, void *keydata,
265 int selection, const OSSL_PARAM params[])
267 if (keymgmt->import == NULL)
269 return keymgmt->import(keydata, selection, params);
272 const OSSL_PARAM *evp_keymgmt_import_types(const EVP_KEYMGMT *keymgmt,
275 if (keymgmt->import_types == NULL)
277 return keymgmt->import_types(selection);
280 int evp_keymgmt_export(const EVP_KEYMGMT *keymgmt, void *keydata,
281 int selection, OSSL_CALLBACK *param_cb, void *cbarg)
283 if (keymgmt->export == NULL)
285 return keymgmt->export(keydata, selection, param_cb, cbarg);
288 const OSSL_PARAM *evp_keymgmt_export_types(const EVP_KEYMGMT *keymgmt,
291 if (keymgmt->export_types == NULL)
293 return keymgmt->export_types(selection);