2020-06-11 07:08:01 +08:00
|
|
|
/*
|
|
|
|
* Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
* https://www.openssl.org/source/license.html
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <string.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <openssl/opensslconf.h>
|
|
|
|
#include <openssl/core.h>
|
|
|
|
#include <openssl/core_dispatch.h>
|
|
|
|
#include <openssl/core_names.h>
|
|
|
|
#include <openssl/params.h>
|
|
|
|
#include "prov/bio.h"
|
|
|
|
#include "prov/provider_ctx.h"
|
|
|
|
#include "prov/providercommon.h"
|
|
|
|
#include "prov/implementations.h"
|
|
|
|
#include "prov/provider_util.h"
|
|
|
|
#include "internal/nelem.h"
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Forward declarations to ensure that interface functions are correctly
|
|
|
|
* defined.
|
|
|
|
*/
|
|
|
|
static OSSL_FUNC_provider_gettable_params_fn base_gettable_params;
|
|
|
|
static OSSL_FUNC_provider_get_params_fn base_get_params;
|
|
|
|
static OSSL_FUNC_provider_query_operation_fn base_query;
|
|
|
|
|
|
|
|
/* Functions provided by the core */
|
|
|
|
static OSSL_FUNC_core_gettable_params_fn *c_gettable_params = NULL;
|
|
|
|
static OSSL_FUNC_core_get_params_fn *c_get_params = NULL;
|
|
|
|
|
|
|
|
/* Parameters we provide to the core */
|
|
|
|
static const OSSL_PARAM base_param_types[] = {
|
|
|
|
OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0),
|
|
|
|
OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
|
|
|
|
OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0),
|
2020-09-07 09:58:03 +08:00
|
|
|
OSSL_PARAM_DEFN(OSSL_PROV_PARAM_STATUS, OSSL_PARAM_INTEGER, NULL, 0),
|
2020-06-11 07:08:01 +08:00
|
|
|
OSSL_PARAM_END
|
|
|
|
};
|
|
|
|
|
|
|
|
static const OSSL_PARAM *base_gettable_params(void *provctx)
|
|
|
|
{
|
|
|
|
return base_param_types;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int base_get_params(void *provctx, OSSL_PARAM params[])
|
|
|
|
{
|
|
|
|
OSSL_PARAM *p;
|
|
|
|
|
|
|
|
p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME);
|
|
|
|
if (p != NULL
|
|
|
|
&& !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL Base Provider"))
|
|
|
|
return 0;
|
|
|
|
p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION);
|
|
|
|
if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR))
|
|
|
|
return 0;
|
|
|
|
p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
|
|
|
|
if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
|
|
|
|
return 0;
|
2020-09-07 09:58:03 +08:00
|
|
|
p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_STATUS);
|
|
|
|
if (p != NULL && !OSSL_PARAM_set_int(p, ossl_prov_is_running()))
|
|
|
|
return 0;
|
2020-06-11 07:08:01 +08:00
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2020-08-17 03:25:08 +08:00
|
|
|
static const OSSL_ALGORITHM base_encoder[] = {
|
2020-10-17 14:34:47 +08:00
|
|
|
#define ENCODER_PROVIDER "base"
|
2020-08-17 03:25:08 +08:00
|
|
|
#include "encoders.inc"
|
2020-06-11 07:08:01 +08:00
|
|
|
{ NULL, NULL, NULL }
|
2020-10-17 14:34:47 +08:00
|
|
|
#undef ENCODER_PROVIDER
|
2020-06-11 07:08:01 +08:00
|
|
|
};
|
|
|
|
|
2020-08-17 03:25:08 +08:00
|
|
|
static const OSSL_ALGORITHM base_decoder[] = {
|
PROV: Re-implement all the keypair decoders
The base functionality to implement the keypair decoders doesn't
change much, but this results in a more massive amount of
OSSL_DISPATCH and OSSL_ALGORITHM arrays, to support a fine grained
selection of implementation based on what parts of the keypair
structure (combinations of key parameters, public key and private key)
should be expected as input, the input type ("DER", "PEM", ...) and the
outermost input structure ("pkcs8", "SubjectPublicKeyInfo", key
type specific structures, ...).
We add support for the generic structure name "type-specific", to
allow selecting that without knowing the exact name of that structure.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-10-26 20:22:54 +08:00
|
|
|
#define DECODER_PROVIDER "base"
|
2020-08-17 03:25:08 +08:00
|
|
|
#include "decoders.inc"
|
2020-07-27 12:47:59 +08:00
|
|
|
{ NULL, NULL, NULL }
|
PROV: Re-implement all the keypair decoders
The base functionality to implement the keypair decoders doesn't
change much, but this results in a more massive amount of
OSSL_DISPATCH and OSSL_ALGORITHM arrays, to support a fine grained
selection of implementation based on what parts of the keypair
structure (combinations of key parameters, public key and private key)
should be expected as input, the input type ("DER", "PEM", ...) and the
outermost input structure ("pkcs8", "SubjectPublicKeyInfo", key
type specific structures, ...).
We add support for the generic structure name "type-specific", to
allow selecting that without knowing the exact name of that structure.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-10-26 20:22:54 +08:00
|
|
|
#undef DECODER_PROVIDER
|
2020-07-27 12:47:59 +08:00
|
|
|
};
|
|
|
|
|
2020-08-02 18:46:00 +08:00
|
|
|
static const OSSL_ALGORITHM base_store[] = {
|
2020-09-08 08:33:28 +08:00
|
|
|
#define STORE(name, _fips, func_table) \
|
|
|
|
{ name, "provider=base,fips=" _fips, (func_table) },
|
2020-08-02 18:46:00 +08:00
|
|
|
|
|
|
|
#include "stores.inc"
|
|
|
|
{ NULL, NULL, NULL }
|
|
|
|
#undef STORE
|
|
|
|
};
|
|
|
|
|
2020-06-11 07:08:01 +08:00
|
|
|
static const OSSL_ALGORITHM *base_query(void *provctx, int operation_id,
|
|
|
|
int *no_cache)
|
|
|
|
{
|
|
|
|
*no_cache = 0;
|
2020-07-27 12:47:59 +08:00
|
|
|
switch (operation_id) {
|
2020-08-17 03:25:08 +08:00
|
|
|
case OSSL_OP_ENCODER:
|
|
|
|
return base_encoder;
|
|
|
|
case OSSL_OP_DECODER:
|
|
|
|
return base_decoder;
|
2020-08-02 18:46:00 +08:00
|
|
|
case OSSL_OP_STORE:
|
|
|
|
return base_store;
|
2020-07-27 12:47:59 +08:00
|
|
|
}
|
|
|
|
return NULL;
|
2020-06-11 07:08:01 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void base_teardown(void *provctx)
|
|
|
|
{
|
2020-09-28 10:47:04 +08:00
|
|
|
BIO_meth_free(ossl_prov_ctx_get0_core_bio_method(provctx));
|
|
|
|
ossl_prov_ctx_free(provctx);
|
2020-06-11 07:08:01 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Functions we provide to the core */
|
|
|
|
static const OSSL_DISPATCH base_dispatch_table[] = {
|
|
|
|
{ OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))base_teardown },
|
|
|
|
{ OSSL_FUNC_PROVIDER_GETTABLE_PARAMS,
|
|
|
|
(void (*)(void))base_gettable_params },
|
|
|
|
{ OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))base_get_params },
|
|
|
|
{ OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))base_query },
|
|
|
|
{ 0, NULL }
|
|
|
|
};
|
|
|
|
|
|
|
|
OSSL_provider_init_fn ossl_base_provider_init;
|
|
|
|
|
|
|
|
int ossl_base_provider_init(const OSSL_CORE_HANDLE *handle,
|
|
|
|
const OSSL_DISPATCH *in, const OSSL_DISPATCH **out,
|
|
|
|
void **provctx)
|
|
|
|
{
|
2020-10-15 17:55:50 +08:00
|
|
|
OSSL_FUNC_core_get_libctx_fn *c_get_libctx = NULL;
|
2020-06-11 07:08:01 +08:00
|
|
|
BIO_METHOD *corebiometh;
|
|
|
|
|
|
|
|
if (!ossl_prov_bio_from_dispatch(in))
|
|
|
|
return 0;
|
|
|
|
for (; in->function_id != 0; in++) {
|
|
|
|
switch (in->function_id) {
|
|
|
|
case OSSL_FUNC_CORE_GETTABLE_PARAMS:
|
|
|
|
c_gettable_params = OSSL_FUNC_core_gettable_params(in);
|
|
|
|
break;
|
|
|
|
case OSSL_FUNC_CORE_GET_PARAMS:
|
|
|
|
c_get_params = OSSL_FUNC_core_get_params(in);
|
|
|
|
break;
|
2020-10-15 17:55:50 +08:00
|
|
|
case OSSL_FUNC_CORE_GET_LIBCTX:
|
|
|
|
c_get_libctx = OSSL_FUNC_core_get_libctx(in);
|
2020-06-11 07:08:01 +08:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
/* Just ignore anything we don't understand */
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (c_get_libctx == NULL)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We want to make sure that all calls from this provider that requires
|
|
|
|
* a library context use the same context as the one used to call our
|
|
|
|
* functions. We do that by passing it along in the provider context.
|
|
|
|
*
|
|
|
|
* This only works for built-in providers. Most providers should
|
|
|
|
* create their own library context.
|
|
|
|
*/
|
2020-09-28 10:47:04 +08:00
|
|
|
if ((*provctx = ossl_prov_ctx_new()) == NULL
|
2020-06-11 07:08:01 +08:00
|
|
|
|| (corebiometh = bio_prov_init_bio_method()) == NULL) {
|
2020-09-28 10:47:04 +08:00
|
|
|
ossl_prov_ctx_free(*provctx);
|
2020-06-11 07:08:01 +08:00
|
|
|
*provctx = NULL;
|
|
|
|
return 0;
|
|
|
|
}
|
2020-10-15 17:55:50 +08:00
|
|
|
ossl_prov_ctx_set0_libctx(*provctx,
|
2020-10-15 17:55:50 +08:00
|
|
|
(OSSL_LIB_CTX *)c_get_libctx(handle));
|
2020-09-28 10:47:04 +08:00
|
|
|
ossl_prov_ctx_set0_handle(*provctx, handle);
|
|
|
|
ossl_prov_ctx_set0_core_bio_method(*provctx, corebiometh);
|
2020-06-11 07:08:01 +08:00
|
|
|
|
|
|
|
*out = base_dispatch_table;
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|