2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/crypto.h>
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/err.h>
14 #include "internal/provider.h"
15 #include "internal/refcount.h"
16 #include "crypto/evp.h"
17 #include "evp_local.h"
20 static void *keymgmt_new(void)
22 EVP_KEYMGMT *keymgmt = NULL;
24 if ((keymgmt = OPENSSL_zalloc(sizeof(*keymgmt))) == NULL
25 || (keymgmt->lock = CRYPTO_THREAD_lock_new()) == NULL) {
26 EVP_KEYMGMT_free(keymgmt);
27 EVPerr(0, ERR_R_MALLOC_FAILURE);
36 static void *keymgmt_from_dispatch(int name_id,
37 const OSSL_DISPATCH *fns,
40 EVP_KEYMGMT *keymgmt = NULL;
41 int setparamfncnt = 0, getparamfncnt = 0;
42 int setgenparamfncnt = 0;
43 int importfncnt = 0, exportfncnt = 0;
45 if ((keymgmt = keymgmt_new()) == NULL) {
46 EVP_KEYMGMT_free(keymgmt);
49 keymgmt->name_id = name_id;
51 for (; fns->function_id != 0; fns++) {
52 switch (fns->function_id) {
53 case OSSL_FUNC_KEYMGMT_NEW:
54 if (keymgmt->new == NULL)
55 keymgmt->new = OSSL_get_OP_keymgmt_new(fns);
57 case OSSL_FUNC_KEYMGMT_GEN_INIT:
58 if (keymgmt->gen_init == NULL)
59 keymgmt->gen_init = OSSL_get_OP_keymgmt_gen_init(fns);
61 case OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE:
62 if (keymgmt->gen_set_template == NULL)
63 keymgmt->gen_set_template =
64 OSSL_get_OP_keymgmt_gen_set_template(fns);
66 case OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS:
67 if (keymgmt->gen_set_params == NULL) {
69 keymgmt->gen_set_params =
70 OSSL_get_OP_keymgmt_gen_set_params(fns);
73 case OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS:
74 if (keymgmt->gen_settable_params == NULL) {
76 keymgmt->gen_settable_params =
77 OSSL_get_OP_keymgmt_gen_settable_params(fns);
80 case OSSL_FUNC_KEYMGMT_GEN:
81 if (keymgmt->gen == NULL)
82 keymgmt->gen = OSSL_get_OP_keymgmt_gen(fns);
84 case OSSL_FUNC_KEYMGMT_GEN_CLEANUP:
85 if (keymgmt->gen_cleanup == NULL)
86 keymgmt->gen_cleanup = OSSL_get_OP_keymgmt_gen_cleanup(fns);
88 case OSSL_FUNC_KEYMGMT_FREE:
89 if (keymgmt->free == NULL)
90 keymgmt->free = OSSL_get_OP_keymgmt_free(fns);
92 case OSSL_FUNC_KEYMGMT_GET_PARAMS:
93 if (keymgmt->get_params == NULL) {
95 keymgmt->get_params = OSSL_get_OP_keymgmt_get_params(fns);
98 case OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS:
99 if (keymgmt->gettable_params == NULL) {
101 keymgmt->gettable_params =
102 OSSL_get_OP_keymgmt_gettable_params(fns);
105 case OSSL_FUNC_KEYMGMT_SET_PARAMS:
106 if (keymgmt->set_params == NULL) {
108 keymgmt->set_params = OSSL_get_OP_keymgmt_set_params(fns);
111 case OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS:
112 if (keymgmt->settable_params == NULL) {
114 keymgmt->settable_params =
115 OSSL_get_OP_keymgmt_settable_params(fns);
118 case OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME:
119 if (keymgmt->query_operation_name == NULL)
120 keymgmt->query_operation_name =
121 OSSL_get_OP_keymgmt_query_operation_name(fns);
123 case OSSL_FUNC_KEYMGMT_HAS:
124 if (keymgmt->has == NULL)
125 keymgmt->has = OSSL_get_OP_keymgmt_has(fns);
127 case OSSL_FUNC_KEYMGMT_COPY:
128 if (keymgmt->copy == NULL)
129 keymgmt->copy = OSSL_get_OP_keymgmt_copy(fns);
131 case OSSL_FUNC_KEYMGMT_VALIDATE:
132 if (keymgmt->validate == NULL)
133 keymgmt->validate = OSSL_get_OP_keymgmt_validate(fns);
135 case OSSL_FUNC_KEYMGMT_MATCH:
136 if (keymgmt->match == NULL)
137 keymgmt->match = OSSL_get_OP_keymgmt_match(fns);
139 case OSSL_FUNC_KEYMGMT_IMPORT:
140 if (keymgmt->import == NULL) {
142 keymgmt->import = OSSL_get_OP_keymgmt_import(fns);
145 case OSSL_FUNC_KEYMGMT_IMPORT_TYPES:
146 if (keymgmt->import_types == NULL) {
148 keymgmt->import_types = OSSL_get_OP_keymgmt_import_types(fns);
151 case OSSL_FUNC_KEYMGMT_EXPORT:
152 if (keymgmt->export == NULL) {
154 keymgmt->export = OSSL_get_OP_keymgmt_export(fns);
157 case OSSL_FUNC_KEYMGMT_EXPORT_TYPES:
158 if (keymgmt->export_types == NULL) {
160 keymgmt->export_types = OSSL_get_OP_keymgmt_export_types(fns);
166 * Try to check that the method is sensible.
167 * At least one constructor and the destructor are MANDATORY
168 * The functions 'has' is MANDATORY
169 * It makes no sense being able to free stuff if you can't create it.
170 * It makes no sense providing OSSL_PARAM descriptors for import and
171 * export if you can't import or export.
173 if (keymgmt->free == NULL
174 || (keymgmt->new == NULL && keymgmt->gen == NULL)
175 || keymgmt->has == NULL
176 || (getparamfncnt != 0 && getparamfncnt != 2)
177 || (setparamfncnt != 0 && setparamfncnt != 2)
178 || (setgenparamfncnt != 0 && setgenparamfncnt != 2)
179 || (importfncnt != 0 && importfncnt != 2)
180 || (exportfncnt != 0 && exportfncnt != 2)
181 || (keymgmt->gen != NULL
182 && (keymgmt->gen_init == NULL
183 || keymgmt->gen_cleanup == NULL))) {
184 EVP_KEYMGMT_free(keymgmt);
185 EVPerr(0, EVP_R_INVALID_PROVIDER_FUNCTIONS);
188 keymgmt->prov = prov;
190 ossl_provider_up_ref(prov);
195 EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OPENSSL_CTX *ctx, int name_id,
196 const char *properties)
198 return evp_generic_fetch_by_number(ctx,
199 OSSL_OP_KEYMGMT, name_id, properties,
200 keymgmt_from_dispatch,
201 (int (*)(void *))EVP_KEYMGMT_up_ref,
202 (void (*)(void *))EVP_KEYMGMT_free);
205 EVP_KEYMGMT *EVP_KEYMGMT_fetch(OPENSSL_CTX *ctx, const char *algorithm,
206 const char *properties)
208 return evp_generic_fetch(ctx, OSSL_OP_KEYMGMT, algorithm, properties,
209 keymgmt_from_dispatch,
210 (int (*)(void *))EVP_KEYMGMT_up_ref,
211 (void (*)(void *))EVP_KEYMGMT_free);
214 int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt)
218 CRYPTO_UP_REF(&keymgmt->refcnt, &ref, keymgmt->lock);
222 void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt)
229 CRYPTO_DOWN_REF(&keymgmt->refcnt, &ref, keymgmt->lock);
232 ossl_provider_free(keymgmt->prov);
233 CRYPTO_THREAD_lock_free(keymgmt->lock);
234 OPENSSL_free(keymgmt);
237 const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt)
239 return keymgmt->prov;
242 int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt)
244 return keymgmt->name_id;
247 int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name)
249 return evp_is_a(keymgmt->prov, keymgmt->name_id, NULL, name);
252 void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx,
253 void (*fn)(EVP_KEYMGMT *keymgmt, void *arg),
256 evp_generic_do_all(libctx, OSSL_OP_KEYMGMT,
257 (void (*)(void *, void *))fn, arg,
258 keymgmt_from_dispatch,
259 (void (*)(void *))EVP_KEYMGMT_free);
262 void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
263 void (*fn)(const char *name, void *data),
266 if (keymgmt->prov != NULL)
267 evp_names_do_all(keymgmt->prov, keymgmt->name_id, fn, data);
271 * Internal API that interfaces with the method function pointers
273 void *evp_keymgmt_newdata(const EVP_KEYMGMT *keymgmt)
275 void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
278 * TODO(3.0) 'new' is currently mandatory on its own, but when new
279 * constructors appear, it won't be quite as mandatory, so we have
280 * a check for future cases.
282 if (keymgmt->new == NULL)
284 return keymgmt->new(provctx);
287 void evp_keymgmt_freedata(const EVP_KEYMGMT *keymgmt, void *keydata)
289 /* This is mandatory, no need to check for its presence */
290 keymgmt->free(keydata);
293 void *evp_keymgmt_gen_init(const EVP_KEYMGMT *keymgmt, int selection)
295 void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
297 if (keymgmt->gen_init == NULL)
299 return keymgmt->gen_init(provctx, selection);
302 int evp_keymgmt_gen_set_template(const EVP_KEYMGMT *keymgmt, void *genctx,
306 * It's arguable if we actually should return success in this case, as
307 * it allows the caller to set a template key, which is then ignored.
308 * However, this is how the legacy methods (EVP_PKEY_METHOD) operate,
309 * so we do this in the interest of backward compatibility.
310 * TODO(3.0) Investigate if we should change this behaviour.
312 if (keymgmt->gen_set_template == NULL)
314 return keymgmt->gen_set_template(genctx, template);
317 int evp_keymgmt_gen_set_params(const EVP_KEYMGMT *keymgmt, void *genctx,
318 const OSSL_PARAM params[])
320 if (keymgmt->gen_set_params == NULL)
322 return keymgmt->gen_set_params(genctx, params);
325 const OSSL_PARAM *evp_keymgmt_gen_settable_params(const EVP_KEYMGMT *keymgmt)
327 void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
329 if (keymgmt->gen_settable_params == NULL)
331 return keymgmt->gen_settable_params(provctx);
334 void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx,
335 OSSL_CALLBACK *cb, void *cbarg)
337 if (keymgmt->gen == NULL)
339 return keymgmt->gen(genctx, cb, cbarg);
342 void evp_keymgmt_gen_cleanup(const EVP_KEYMGMT *keymgmt, void *genctx)
344 if (keymgmt->gen != NULL)
345 keymgmt->gen_cleanup(genctx);
348 int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt, void *keydata,
351 if (keymgmt->get_params == NULL)
353 return keymgmt->get_params(keydata, params);
356 const OSSL_PARAM *evp_keymgmt_gettable_params(const EVP_KEYMGMT *keymgmt)
358 if (keymgmt->gettable_params == NULL)
360 return keymgmt->gettable_params();
363 int evp_keymgmt_set_params(const EVP_KEYMGMT *keymgmt, void *keydata,
364 const OSSL_PARAM params[])
366 if (keymgmt->set_params == NULL)
368 return keymgmt->set_params(keydata, params);
371 const OSSL_PARAM *evp_keymgmt_settable_params(const EVP_KEYMGMT *keymgmt)
373 if (keymgmt->settable_params == NULL)
375 return keymgmt->settable_params();
378 int evp_keymgmt_has(const EVP_KEYMGMT *keymgmt, void *keydata, int selection)
380 /* This is mandatory, no need to check for its presence */
381 return keymgmt->has(keydata, selection);
384 int evp_keymgmt_validate(const EVP_KEYMGMT *keymgmt, void *keydata,
387 /* We assume valid if the implementation doesn't have a function */
388 if (keymgmt->validate == NULL)
390 return keymgmt->validate(keydata, selection);
393 int evp_keymgmt_match(const EVP_KEYMGMT *keymgmt,
394 const void *keydata1, const void *keydata2,
397 /* We assume no match if the implementation doesn't have a function */
398 if (keymgmt->match == NULL)
400 return keymgmt->match(keydata1, keydata2, selection);
403 int evp_keymgmt_import(const EVP_KEYMGMT *keymgmt, void *keydata,
404 int selection, const OSSL_PARAM params[])
406 if (keymgmt->import == NULL)
408 return keymgmt->import(keydata, selection, params);
411 const OSSL_PARAM *evp_keymgmt_import_types(const EVP_KEYMGMT *keymgmt,
414 if (keymgmt->import_types == NULL)
416 return keymgmt->import_types(selection);
419 int evp_keymgmt_export(const EVP_KEYMGMT *keymgmt, void *keydata,
420 int selection, OSSL_CALLBACK *param_cb, void *cbarg)
422 if (keymgmt->export == NULL)
424 return keymgmt->export(keydata, selection, param_cb, cbarg);
427 const OSSL_PARAM *evp_keymgmt_export_types(const EVP_KEYMGMT *keymgmt,
430 if (keymgmt->export_types == NULL)
432 return keymgmt->export_types(selection);
435 int evp_keymgmt_copy(const EVP_KEYMGMT *keymgmt,
436 void *keydata_to, const void *keydata_from,
439 /* We assume no copy if the implementation doesn't have a function */
440 if (keymgmt->copy == NULL)
442 return keymgmt->copy(keydata_to, keydata_from, selection);
projects / oweals / openssl.git / blob