From 2b9add696573131fc463d098ed8bcbff1b5829d9 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 19 Mar 2020 11:16:45 +0100 Subject: [PATCH] KEYMGMT: Add functions to get param/key generation parameters Reviewed-by: Matt Caswell Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/11328) --- crypto/evp/evp_local.h | 2 ++ crypto/evp/keymgmt_meth.c | 35 +++++++++++++++++++++++++++++++++- crypto/evp/pmeth_lib.c | 6 ++++++ doc/man7/provider-keymgmt.pod | 12 ++++++++++++ include/crypto/evp.h | 4 ++++ include/openssl/core_numbers.h | 28 ++++++++++++++++----------- 6 files changed, 75 insertions(+), 12 deletions(-) diff --git a/crypto/evp/evp_local.h b/crypto/evp/evp_local.h index 836dc33e26..40f02b340a 100644 --- a/crypto/evp/evp_local.h +++ b/crypto/evp/evp_local.h @@ -86,6 +86,8 @@ struct evp_keymgmt_st { OSSL_OP_keymgmt_gen_set_template_fn *gen_set_template; OSSL_OP_keymgmt_gen_set_params_fn *gen_set_params; OSSL_OP_keymgmt_gen_settable_params_fn *gen_settable_params; + OSSL_OP_keymgmt_gen_get_params_fn *gen_get_params; + OSSL_OP_keymgmt_gen_gettable_params_fn *gen_gettable_params; OSSL_OP_keymgmt_gen_fn *gen; OSSL_OP_keymgmt_gen_cleanup_fn *gen_cleanup; diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c index 07d52ebf68..7ea414e8dd 100644 --- a/crypto/evp/keymgmt_meth.c +++ b/crypto/evp/keymgmt_meth.c @@ -38,7 +38,8 @@ static void *keymgmt_from_dispatch(int name_id, OSSL_PROVIDER *prov) { EVP_KEYMGMT *keymgmt = NULL; - int setparamfncnt = 0, getparamfncnt = 0, setgenparamfncnt = 0; + int setparamfncnt = 0, getparamfncnt = 0; + int setgenparamfncnt = 0, getgenparamfncnt = 0; int importfncnt = 0, exportfncnt = 0; if ((keymgmt = keymgmt_new()) == NULL) { @@ -76,6 +77,20 @@ static void *keymgmt_from_dispatch(int name_id, OSSL_get_OP_keymgmt_gen_settable_params(fns); } break; + case OSSL_FUNC_KEYMGMT_GEN_GET_PARAMS: + if (keymgmt->gen_get_params == NULL) { + getgenparamfncnt++; + keymgmt->gen_get_params = + OSSL_get_OP_keymgmt_gen_get_params(fns); + } + break; + case OSSL_FUNC_KEYMGMT_GEN_GETTABLE_PARAMS: + if (keymgmt->gen_gettable_params == NULL) { + getgenparamfncnt++; + keymgmt->gen_gettable_params = + OSSL_get_OP_keymgmt_gen_gettable_params(fns); + } + break; case OSSL_FUNC_KEYMGMT_GEN: if (keymgmt->gen == NULL) keymgmt->gen = OSSL_get_OP_keymgmt_gen(fns); @@ -171,6 +186,7 @@ static void *keymgmt_from_dispatch(int name_id, || (getparamfncnt != 0 && getparamfncnt != 2) || (setparamfncnt != 0 && setparamfncnt != 2) || (setgenparamfncnt != 0 && setgenparamfncnt != 2) + || (getgenparamfncnt != 0 && getgenparamfncnt != 2) || (importfncnt != 0 && importfncnt != 2) || (exportfncnt != 0 && exportfncnt != 2) || (keymgmt->gen != NULL @@ -319,6 +335,23 @@ const OSSL_PARAM *evp_keymgmt_gen_settable_params(const EVP_KEYMGMT *keymgmt) return keymgmt->gen_settable_params(provctx); } +int evp_keymgmt_gen_get_params(const EVP_KEYMGMT *keymgmt, void *genctx, + OSSL_PARAM params[]) +{ + if (keymgmt->gen_get_params == NULL) + return 0; + return keymgmt->gen_get_params(genctx, params); +} + +const OSSL_PARAM *evp_keymgmt_gen_gettable_params(const EVP_KEYMGMT *keymgmt) +{ + void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt)); + + if (keymgmt->gen_gettable_params == NULL) + return NULL; + return keymgmt->gen_gettable_params(provctx); +} + void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx, OSSL_CALLBACK *cb, void *cbarg) { diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index f36a7363db..dffc2dd5d1 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -611,6 +611,12 @@ int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params) && ctx->op.ciph.cipher->get_ctx_params != NULL) return ctx->op.ciph.cipher->get_ctx_params(ctx->op.ciph.ciphprovctx, params); + if (EVP_PKEY_CTX_IS_GEN_OP(ctx) + && ctx->op.keymgmt.genctx != NULL + && ctx->keymgmt != NULL + && ctx->keymgmt->gen_get_params != NULL) + return evp_keymgmt_gen_get_params(ctx->keymgmt, ctx->op.keymgmt.genctx, + params); return 0; } diff --git a/doc/man7/provider-keymgmt.pod b/doc/man7/provider-keymgmt.pod index 00596a0a4b..52cb977cb4 100644 --- a/doc/man7/provider-keymgmt.pod +++ b/doc/man7/provider-keymgmt.pod @@ -22,6 +22,8 @@ provider-keymgmt - The KEYMGMT library E-E provider functions int OP_keymgmt_gen_set_template(void *genctx, void *template); int OP_keymgmt_gen_set_params(void *genctx, const OSSL_PARAM params[]); const OSSL_PARAM *OP_keymgmt_gen_settable_params(void *provctx); + int OP_keymgmt_gen_get_params(void *genctx, const OSSL_PARAM params[]); + const OSSL_PARAM *OP_keymgmt_gen_gettable_params(void *provctx); void *OP_keymgmt_gen(void *genctx, OSSL_CALLBACK *cb, void *cbarg); void OP_keymgmt_gen_cleanup(void *genctx); @@ -91,6 +93,8 @@ macros in L, as follows: OP_keymgmt_gen_set_template OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE OP_keymgmt_gen_set_params OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS OP_keymgmt_gen_settable_params OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS + OP_keymgmt_gen_get_params OSSL_FUNC_KEYMGMT_GEN_GET_PARAMS + OP_keymgmt_gen_gettable_params OSSL_FUNC_KEYMGMT_GEN_GETTABLE_PARAMS OP_keymgmt_gen OSSL_FUNC_KEYMGMT_GEN OP_keymgmt_gen_cleanup OSSL_FUNC_KEYMGMT_GEN_CLEANUP @@ -209,6 +213,7 @@ OP_keymgmt_free() should free the passed I. OP_keymgmt_gen_init(), OP_keymgmt_gen_set_template(), OP_keymgmt_gen_set_params(), OP_keymgmt_gen_settable_params(), +OP_keymgmt_gen_get_params(), OP_keymgmt_gen_gettable_params(), OP_keymgmt_gen() and OP_keymgmt_gen_cleanup() work together as a more elaborate context based key object constructor. @@ -230,6 +235,13 @@ OP_keymgmt_gen_settable_params() should return a constant array of descriptor B, for parameters that OP_keymgmt_gen_set_params() can handle. +OP_keymgmt_gen_get_params() should extract information data associated +with the key object generation context I. + +OP_keymgmt_gen_gettable_params() should return a constant array of +descriptor B, for parameters that OP_keymgmt_gen_get_params() +can handle. + OP_keymgmt_gen() should perform the key object generation itself, and return the result. The callback I should be called at regular intervals with indications on how the key object generation diff --git a/include/crypto/evp.h b/include/crypto/evp.h index 8acbc6a73e..38adbd0c82 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -676,6 +676,10 @@ int evp_keymgmt_gen_set_params(const EVP_KEYMGMT *keymgmt, void *genctx, const OSSL_PARAM params[]); const OSSL_PARAM * evp_keymgmt_gen_settable_params(const EVP_KEYMGMT *keymgmt); +int evp_keymgmt_gen_get_params(const EVP_KEYMGMT *keymgmt, void *genctx, + OSSL_PARAM params[]); +const OSSL_PARAM * +evp_keymgmt_gen_gettable_params(const EVP_KEYMGMT *keymgmt); void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx, OSSL_CALLBACK *cb, void *cbarg); void evp_keymgmt_gen_cleanup(const EVP_KEYMGMT *keymgmt, void *genctx); diff --git a/include/openssl/core_numbers.h b/include/openssl/core_numbers.h index 925dfeaa3e..e3b89fd252 100644 --- a/include/openssl/core_numbers.h +++ b/include/openssl/core_numbers.h @@ -388,12 +388,14 @@ OSSL_CORE_MAKE_FUNC(int, OP_kdf_set_ctx_params, OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_new, (void *provctx)) /* Generation, a more complex constructor */ -# define OSSL_FUNC_KEYMGMT_GEN_INIT 3 -# define OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE 4 -# define OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS 5 -# define OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS 6 -# define OSSL_FUNC_KEYMGMT_GEN 7 -# define OSSL_FUNC_KEYMGMT_GEN_CLEANUP 8 +# define OSSL_FUNC_KEYMGMT_GEN_INIT 2 +# define OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE 3 +# define OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS 4 +# define OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS 5 +# define OSSL_FUNC_KEYMGMT_GEN_GET_PARAMS 6 +# define OSSL_FUNC_KEYMGMT_GEN_GETTABLE_PARAMS 7 +# define OSSL_FUNC_KEYMGMT_GEN 8 +# define OSSL_FUNC_KEYMGMT_GEN_CLEANUP 9 OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_gen_init, (void *provctx, int selection)) OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_gen_set_template, @@ -402,23 +404,27 @@ OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_gen_set_params, (void *genctx, const OSSL_PARAM params[])) OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_gen_settable_params, (void *provctx)) +OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_gen_get_params, + (void *genctx, OSSL_PARAM params[])) +OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, + OP_keymgmt_gen_gettable_params, (void *provctx)) OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_gen, (void *genctx, OSSL_CALLBACK *cb, void *cbarg)) OSSL_CORE_MAKE_FUNC(void, OP_keymgmt_gen_cleanup, (void *genctx)) /* Basic key object destruction */ -# define OSSL_FUNC_KEYMGMT_FREE 9 +# define OSSL_FUNC_KEYMGMT_FREE 10 OSSL_CORE_MAKE_FUNC(void, OP_keymgmt_free, (void *keydata)) /* Key object information, with discovery */ -#define OSSL_FUNC_KEYMGMT_GET_PARAMS 10 -#define OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS 11 +#define OSSL_FUNC_KEYMGMT_GET_PARAMS 11 +#define OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS 12 OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_get_params, (void *keydata, OSSL_PARAM params[])) OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_gettable_params, (void)) -#define OSSL_FUNC_KEYMGMT_SET_PARAMS 12 -#define OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS 13 +#define OSSL_FUNC_KEYMGMT_SET_PARAMS 13 +#define OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS 14 OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_set_params, (void *keydata, const OSSL_PARAM params[])) OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_settable_params, (void)) -- 2.25.1