From 506cb0f6322b24c980273ff5cd8f2c973a12b42f Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 23 Sep 2019 11:16:21 +0200 Subject: [PATCH] EVP: add functions that return the name number The returned number can be used for comparison purposes. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/9979) --- crypto/evp/evp_lib.c | 10 ++++++++++ crypto/evp/exchange.c | 5 +++++ crypto/evp/kdf_lib.c | 5 +++++ crypto/evp/keymgmt_meth.c | 5 +++++ crypto/evp/mac_lib.c | 5 +++++ crypto/evp/pmeth_fn.c | 5 +++++ doc/man3/EVP_DigestInit.pod | 8 +++++++- doc/man3/EVP_EncryptInit.pod | 5 +++++ doc/man3/EVP_KDF.pod | 6 +++++- doc/man3/EVP_KEYEXCH_free.pod | 9 ++++++++- doc/man3/EVP_KEYMGMT.pod | 7 +++++++ doc/man3/EVP_MAC.pod | 6 +++++- doc/man3/EVP_SIGNATURE_free.pod | 8 ++++++-- include/openssl/evp.h | 6 ++++++ include/openssl/kdf.h | 1 + util/libcrypto.num | 7 +++++++ 16 files changed, 92 insertions(+), 6 deletions(-) diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index f5e2505e0a..c25c40ddb0 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -545,6 +545,11 @@ int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name) return evp_is_a(cipher->prov, cipher->name_id, name); } +int EVP_CIPHER_number(const EVP_CIPHER *cipher) +{ + return cipher->name_id; +} + const char *EVP_CIPHER_name(const EVP_CIPHER *cipher) { if (cipher->prov != NULL) @@ -586,6 +591,11 @@ int EVP_MD_is_a(const EVP_MD *md, const char *name) return evp_is_a(md->prov, md->name_id, name); } +int EVP_MD_number(const EVP_MD *md) +{ + return md->name_id; +} + const char *EVP_MD_name(const EVP_MD *md) { if (md->prov != NULL) diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c index e9d7c6d1fb..faece8af3c 100644 --- a/crypto/evp/exchange.c +++ b/crypto/evp/exchange.c @@ -387,6 +387,11 @@ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen) return ctx->pmeth->derive(ctx, key, pkeylen); } +int EVP_KEYEXCH_number(const EVP_KEYEXCH *keyexch) +{ + return keyexch->name_id; +} + int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name) { return evp_is_a(keyexch->prov, keyexch->name_id, name); diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c index 90c43e984a..5ddf8560d2 100644 --- a/crypto/evp/kdf_lib.c +++ b/crypto/evp/kdf_lib.c @@ -83,6 +83,11 @@ EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src) return dst; } +int EVP_KDF_number(const EVP_KDF *kdf) +{ + return kdf->name_id; +} + int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name) { return evp_is_a(kdf->prov, kdf->name_id, name); diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c index 6a1c15ae24..9c8d482b4d 100644 --- a/crypto/evp/keymgmt_meth.c +++ b/crypto/evp/keymgmt_meth.c @@ -200,6 +200,11 @@ const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt) return keymgmt->prov; } +int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt) +{ + return keymgmt->name_id; +} + int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name) { return evp_is_a(keymgmt->prov, keymgmt->name_id, name); diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c index 8581853802..07ed1c8749 100644 --- a/crypto/evp/mac_lib.c +++ b/crypto/evp/mac_lib.c @@ -158,6 +158,11 @@ int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]) return 1; } +int EVP_MAC_number(const EVP_MAC *mac) +{ + return mac->name_id; +} + int EVP_MAC_is_a(const EVP_MAC *mac, const char *name) { return evp_is_a(mac->prov, mac->name_id, name); diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c index 685b6886c0..a78839b992 100644 --- a/crypto/evp/pmeth_fn.c +++ b/crypto/evp/pmeth_fn.c @@ -317,6 +317,11 @@ int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name) return evp_is_a(signature->prov, signature->name_id, name); } +int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature) +{ + return signature->name_id; +} + void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx, void (*fn)(EVP_SIGNATURE *signature, void *arg), diff --git a/doc/man3/EVP_DigestInit.pod b/doc/man3/EVP_DigestInit.pod index c00a07671c..2c72a0dce3 100644 --- a/doc/man3/EVP_DigestInit.pod +++ b/doc/man3/EVP_DigestInit.pod @@ -12,7 +12,7 @@ EVP_MD_CTX_settable_params, EVP_MD_CTX_gettable_params, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_Digest, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, -EVP_MD_is_a, EVP_MD_name, EVP_MD_names_do_all, EVP_MD_provider, +EVP_MD_is_a, EVP_MD_name, EVP_MD_number, EVP_MD_names_do_all, EVP_MD_provider, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_flags, EVP_MD_CTX_name, EVP_MD_CTX_md, EVP_MD_CTX_type, EVP_MD_CTX_size, EVP_MD_CTX_block_size, @@ -62,6 +62,7 @@ EVP_MD_do_all_provided int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in); const char *EVP_MD_name(const EVP_MD *md); + int EVP_MD_number(const EVP_MD *md); int EVP_MD_is_a(const EVP_MD *md, const char *name); void EVP_MD_names_do_all(const EVP_MD *md, void (*fn)(const char *name, void *data), @@ -247,6 +248,11 @@ be initialized. Returns 1 if I is an implementation of an algorithm that's identifiable with I, otherwise 0. +=item EVP_MD_number() + +Returns the internal dynamic number assigned to the I. This is +only useful with fetched Bs. + =item EVP_MD_name(), EVP_MD_CTX_name() diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index 0b6d4eba44..31e2fdeaf0 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -31,6 +31,7 @@ EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_is_a, EVP_CIPHER_name, +EVP_CIPHER_number, EVP_CIPHER_names_do_all, EVP_CIPHER_provider, EVP_CIPHER_nid, @@ -122,6 +123,7 @@ EVP_CIPHER_do_all_provided const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a); int EVP_CIPHER_nid(const EVP_CIPHER *e); + int EVP_CIPHER_number(const EVP_CIPHER *e); int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name); void EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, void (*fn)(const char *name, void *data), @@ -337,6 +339,9 @@ B. EVP_CIPHER_is_a() returns 1 if I is an implementation of an algorithm that's identifiable with I, otherwise 0. +EVP_CIPHER_number() returns the internal dynamic number assigned to +the I. This is only useful with fetched Bs. + EVP_CIPHER_name() and EVP_CIPHER_CTX_name() return the name of the passed cipher or context. For fetched ciphers with multiple names, only one of them is returned; it's recommended to use EVP_CIPHER_names_do_all() diff --git a/doc/man3/EVP_KDF.pod b/doc/man3/EVP_KDF.pod index 61c7a562e5..339129a943 100644 --- a/doc/man3/EVP_KDF.pod +++ b/doc/man3/EVP_KDF.pod @@ -6,7 +6,7 @@ EVP_KDF, EVP_KDF_fetch, EVP_KDF_free, EVP_KDF_up_ref, EVP_KDF_CTX, EVP_KDF_CTX_new, EVP_KDF_CTX_free, EVP_KDF_CTX_dup, EVP_KDF_reset, EVP_KDF_derive, EVP_KDF_size, EVP_KDF_provider, EVP_KDF_CTX_kdf, EVP_KDF_is_a, -EVP_KDF_names_do_all, +EVP_KDF_number, EVP_KDF_names_do_all, EVP_KDF_CTX_get_params, EVP_KDF_CTX_set_params, EVP_KDF_do_all_provided, EVP_KDF_get_params, EVP_KDF_gettable_ctx_params, EVP_KDF_settable_ctx_params, EVP_KDF_gettable_params - EVP KDF routines @@ -29,6 +29,7 @@ EVP_KDF_gettable_params - EVP KDF routines void EVP_KDF_free(EVP_KDF *kdf); EVP_KDF *EVP_KDF_fetch(OPENSSL_CTX *libctx, const char *algorithm, const char *properties); + int EVP_KDF_number(const EVP_KDF *kdf); int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name); const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf); void EVP_KDF_do_all_provided(OPENSSL_CTX *libctx, @@ -144,6 +145,9 @@ providers in the given library context I, and for each of the implementations, calls the given function I with the implementation method and the given I as argument. +EVP_KDF_number() returns the internal dynamic number assigned to +I. + EVP_KDF_names_do_all() traverses all names for I, and calls I with each name and I. diff --git a/doc/man3/EVP_KEYEXCH_free.pod b/doc/man3/EVP_KEYEXCH_free.pod index d9b36a495a..deb9b9999b 100644 --- a/doc/man3/EVP_KEYEXCH_free.pod +++ b/doc/man3/EVP_KEYEXCH_free.pod @@ -3,7 +3,8 @@ =head1 NAME EVP_KEYEXCH_fetch, EVP_KEYEXCH_free, EVP_KEYEXCH_up_ref, EVP_KEYEXCH_provider, -EVP_KEYEXCH_is_a, EVP_KEYEXCH_do_all_provided, EVP_KEYEXCH_names_do_all +EVP_KEYEXCH_is_a, EVP_KEYEXCH_do_all_provided, +EVP_KEYEXCH_number, EVP_KEYEXCH_names_do_all - Functions to manage EVP_KEYEXCH algorithm objects =head1 SYNOPSIS @@ -16,6 +17,7 @@ EVP_KEYEXCH_is_a, EVP_KEYEXCH_do_all_provided, EVP_KEYEXCH_names_do_all int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange); OSSL_PROVIDER *EVP_KEYEXCH_provider(const EVP_KEYEXCH *exchange); int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *exchange, const char *name); + int EVP_KEYEXCH_number(const EVP_KEYEXCH *exchange); void EVP_KEYEXCH_do_all_provided(OPENSSL_CTX *libctx, void (*fn)(EVP_KEYEXCH *exchange, void *arg), void *arg); @@ -45,6 +47,9 @@ EVP_KEYEXCH_provider() returns the provider that I was fetched from. EVP_KEYEXCH_is_a() checks if I is an implementation of an algorithm that's identifiable with I. +EVP_KEYEXCH_number() returns the internal dynamic number assigned to +the I. + EVP_KEYEXCH_names_do_all() traverses all names for the I, and calls I with each name and I. @@ -63,6 +68,8 @@ EVP_KEYEXCH_up_ref() returns 1 for success or 0 otherwise. EVP_KEYEXCH_is_a() returns 1 of I was identifiable, otherwise 0. +EVP_KEYEXCH_number() returns an integer. + =head1 SEE ALSO L, L diff --git a/doc/man3/EVP_KEYMGMT.pod b/doc/man3/EVP_KEYMGMT.pod index 2115d29e5e..853a15f089 100644 --- a/doc/man3/EVP_KEYMGMT.pod +++ b/doc/man3/EVP_KEYMGMT.pod @@ -8,6 +8,7 @@ EVP_KEYMGMT_up_ref, EVP_KEYMGMT_free, EVP_KEYMGMT_provider, EVP_KEYMGMT_is_a, +EVP_KEYMGMT_number, EVP_KEYMGMT_do_all_provided, EVP_KEYMGMT_names_do_all - EVP key management routines @@ -24,6 +25,7 @@ EVP_KEYMGMT_names_do_all void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt); const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt); int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name); + int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt); void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx, void (*fn)(EVP_KEYMGMT *keymgmt, void *arg), void *arg); @@ -58,6 +60,9 @@ implementation. EVP_KEYMGMT_is_a() checks if I is an implementation of an algorithm that's identifiable with I. +EVP_KEYMGMT_number() returns the internal dynamic number assigned to +the I. + EVP_KEYMGMT_names_do_all() traverses all names for the I, and calls I with each name and I. @@ -88,6 +93,8 @@ on error. EVP_KEYMGMT_is_a() returns 1 of I was identifiable, otherwise 0. +EVP_KEYMGMT_number() returns an integer. + =head1 SEE ALSO L, L diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod index cd3755d8ef..1081314879 100644 --- a/doc/man3/EVP_MAC.pod +++ b/doc/man3/EVP_MAC.pod @@ -3,7 +3,7 @@ =head1 NAME EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free, -EVP_MAC_is_a, EVP_MAC_names_do_all, +EVP_MAC_is_a, EVP_MAC_number, EVP_MAC_names_do_all, EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params, EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup, EVP_MAC_CTX_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params, @@ -23,6 +23,7 @@ EVP_MAC_do_all_provided - EVP MAC routines int EVP_MAC_up_ref(EVP_MAC *mac); void EVP_MAC_free(EVP_MAC *mac); int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); + int EVP_MAC_number(const EVP_MAC *mac); void EVP_MAC_names_do_all(const EVP_MAC *mac, void (*fn)(const char *name, void *data), void *data); @@ -170,6 +171,9 @@ providers in the given library context I, and for each of the implementations, calls the given function I with the implementation method and the given I as argument. +EVP_MAC_number() returns the internal dynamic number assigned to +I. + EVP_MAC_names_do_all() traverses all names for I, and calls I with each name and I. diff --git a/doc/man3/EVP_SIGNATURE_free.pod b/doc/man3/EVP_SIGNATURE_free.pod index fa2106aeb8..70a0ee72dc 100644 --- a/doc/man3/EVP_SIGNATURE_free.pod +++ b/doc/man3/EVP_SIGNATURE_free.pod @@ -3,8 +3,8 @@ =head1 NAME EVP_SIGNATURE_fetch, EVP_SIGNATURE_free, EVP_SIGNATURE_up_ref, -EVP_SIGNATURE_is_a, EVP_SIGNATURE_provider, EVP_SIGNATURE_do_all_provided, -EVP_SIGNATURE_names_do_all +EVP_SIGNATURE_number, EVP_SIGNATURE_is_a, EVP_SIGNATURE_provider, +EVP_SIGNATURE_do_all_provided, EVP_SIGNATURE_names_do_all - Functions to manage EVP_SIGNATURE algorithm objects =head1 SYNOPSIS @@ -15,6 +15,7 @@ EVP_SIGNATURE_names_do_all const char *properties); void EVP_SIGNATURE_free(EVP_SIGNATURE *signature); int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature); + int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature); int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name); OSSL_PROVIDER *EVP_SIGNATURE_provider(const EVP_SIGNATURE *signature); void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx, @@ -54,6 +55,9 @@ activated roviders in the given library context I, and for each of the implementations, calls the given function I with the implementation method and the given I as argument. +EVP_SIGNATURE_number() returns the internal dynamic number assigned to +I. + EVP_SIGNATURE_names_do_all() traverses all names for I, and calls I with each name and I. diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 0ff5b6536f..a0190c8b08 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -462,6 +462,7 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass, int EVP_MD_type(const EVP_MD *md); # define EVP_MD_nid(e) EVP_MD_type(e) const char *EVP_MD_name(const EVP_MD *md); +int EVP_MD_number(const EVP_MD *md); int EVP_MD_is_a(const EVP_MD *md, const char *name); void EVP_MD_names_do_all(const EVP_MD *md, void (*fn)(const char *name, void *data), @@ -488,6 +489,7 @@ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx); int EVP_CIPHER_nid(const EVP_CIPHER *cipher); const char *EVP_CIPHER_name(const EVP_CIPHER *cipher); +int EVP_CIPHER_number(const EVP_CIPHER *cipher); int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name); void EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, void (*fn)(const char *name, void *data), @@ -1058,6 +1060,7 @@ EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm, const char *properties); int EVP_MAC_up_ref(EVP_MAC *mac); void EVP_MAC_free(EVP_MAC *mac); +int EVP_MAC_number(const EVP_MAC *mac); int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac); int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); @@ -1447,6 +1450,7 @@ EVP_KEYMGMT *EVP_KEYMGMT_fetch(OPENSSL_CTX *ctx, const char *algorithm, int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt); void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt); const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt); +int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt); int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name); void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx, void (*fn)(EVP_KEYMGMT *keymgmt, void *arg), @@ -1512,6 +1516,7 @@ OSSL_PROVIDER *EVP_SIGNATURE_provider(const EVP_SIGNATURE *signature); EVP_SIGNATURE *EVP_SIGNATURE_fetch(OPENSSL_CTX *ctx, const char *algorithm, const char *properties); int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name); +int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature); void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx, void (*fn)(EVP_SIGNATURE *signature, void *data), @@ -1780,6 +1785,7 @@ EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm, const char *properties); OSSL_PROVIDER *EVP_KEYEXCH_provider(const EVP_KEYEXCH *exchange); int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name); +int EVP_KEYEXCH_number(const EVP_KEYEXCH *keyexch); void EVP_KEYEXCH_do_all_provided(OPENSSL_CTX *libctx, void (*fn)(EVP_KEYEXCH *keyexch, void *data), void *data); diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h index 1b9cada649..b80f6b3e0f 100644 --- a/include/openssl/kdf.h +++ b/include/openssl/kdf.h @@ -33,6 +33,7 @@ EVP_KDF *EVP_KDF_fetch(OPENSSL_CTX *libctx, const char *algorithm, EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf); void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src); +int EVP_KDF_number(const EVP_KDF *kdf); int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name); const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf); const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx); diff --git a/util/libcrypto.num b/util/libcrypto.num index 1fd7de9b09..3f76771b4d 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4843,3 +4843,10 @@ EVP_KEYMGMT_names_do_all 4959 3_0_0 EXIST::FUNCTION: EVP_KEYEXCH_names_do_all 4960 3_0_0 EXIST::FUNCTION: EVP_KDF_names_do_all 4961 3_0_0 EXIST::FUNCTION: EVP_SIGNATURE_names_do_all 4962 3_0_0 EXIST::FUNCTION: +EVP_MD_number 4963 3_0_0 EXIST::FUNCTION: +EVP_CIPHER_number 4964 3_0_0 EXIST::FUNCTION: +EVP_MAC_number 4965 3_0_0 EXIST::FUNCTION: +EVP_KEYMGMT_number 4966 3_0_0 EXIST::FUNCTION: +EVP_KEYEXCH_number 4967 3_0_0 EXIST::FUNCTION: +EVP_KDF_number 4968 3_0_0 EXIST::FUNCTION: +EVP_SIGNATURE_number 4969 3_0_0 EXIST::FUNCTION: -- 2.25.1