From 98dbf2c1c8143c0cc6dd05be7950d90bc6792064 Mon Sep 17 00:00:00 2001 From: Shane Lontis Date: Thu, 15 Oct 2020 13:39:02 +1000 Subject: [PATCH] Add functions to set values into an EVP_PKEY Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13139) --- crypto/evp/p_lib.c | 104 ++++++++++++++++++++++++++ doc/man3/EVP_PKEY_settable_params.pod | 82 ++++++++++++++++++++ include/openssl/evp.h | 10 +++ util/libcrypto.num | 7 ++ 4 files changed, 203 insertions(+) create mode 100644 doc/man3/EVP_PKEY_settable_params.pod diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index f82e42c7e3..f43f5488d0 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -2138,3 +2138,107 @@ int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name, return 0; return 1; } + +int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in) +{ + OSSL_PARAM params[2]; + + if (pkey == NULL + || pkey->keymgmt == NULL + || pkey->keydata == NULL + || key_name == NULL) + return 0; + + params[0] = OSSL_PARAM_construct_int(key_name, &in); + params[1] = OSSL_PARAM_construct_end(); + return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); +} + +int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in) +{ + OSSL_PARAM params[2]; + + if (pkey == NULL + || pkey->keymgmt == NULL + || pkey->keydata == NULL + || key_name == NULL) + return 0; + + params[0] = OSSL_PARAM_construct_size_t(key_name, &in); + params[1] = OSSL_PARAM_construct_end(); + return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); +} + +int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn) +{ + OSSL_PARAM params[2]; + unsigned char buffer[2048]; + int bsize = 0; + + if (pkey == NULL + || pkey->keymgmt == NULL + || pkey->keydata == NULL + || key_name == NULL + || bn == NULL) + return 0; + + bsize = BN_num_bytes(bn); + if (!ossl_assert(bsize <= (int)sizeof(buffer))) + return 0; + + if (BN_bn2nativepad(bn, buffer, bsize) < 0) + return 0; + params[0] = OSSL_PARAM_construct_BN(key_name, buffer, bsize); + params[1] = OSSL_PARAM_construct_end(); + return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); +} + +int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name, + char *str) +{ + OSSL_PARAM params[2]; + + if (pkey == NULL + || pkey->keymgmt == NULL + || pkey->keydata == NULL + || key_name == NULL) + return 0; + + params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, 0); + params[1] = OSSL_PARAM_construct_end(); + return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); +} + +int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, + unsigned char *buf, size_t bsize) +{ + OSSL_PARAM params[2]; + + if (pkey == NULL + || pkey->keymgmt == NULL + || pkey->keydata == NULL + || key_name == NULL) + return 0; + + params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, bsize); + params[1] = OSSL_PARAM_construct_end(); + return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); +} + +const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey) +{ + if (pkey == NULL + || pkey->keymgmt == NULL + || pkey->keydata == NULL) + return 0; + return EVP_KEYMGMT_settable_params(pkey->keymgmt); +} + +int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]) +{ + if (pkey == NULL + || pkey->keymgmt == NULL + || pkey->keydata == NULL) + return 0; + return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); +} diff --git a/doc/man3/EVP_PKEY_settable_params.pod b/doc/man3/EVP_PKEY_settable_params.pod new file mode 100644 index 0000000000..7d18472465 --- /dev/null +++ b/doc/man3/EVP_PKEY_settable_params.pod @@ -0,0 +1,82 @@ +=pod + +=head1 NAME + +EVP_PKEY_settable_params, EVP_PKEY_set_params, +EVP_PKEY_set_int_param, EVP_PKEY_set_size_t_param, EVP_PKEY_set_bn_param, +EVP_PKEY_set_utf8_string_param, EVP_PKEY_set_octet_string_param +- set key parameters into a key + +=head1 SYNOPSIS + + #include + + const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey); + int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]); + int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in); + int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in); + int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn); + int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name, + char *str); + int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, + unsigned char *buf, size_t bsize); + +=head1 DESCRIPTION + +These functions can be used to set additional parameters into an existing +B. + +EVP_PKEY_set_params() sets one or more I into a I. +See L for information about parameters. + +EVP_PKEY_settable_params() returns a constant list of I indicating +the names and types of key parameters that can be set. +See L for information about parameters. + +EVP_PKEY_set_int_param() sets an integer value I into a key I for the +associated field I. + +EVP_PKEY_set_size_t_param() sets an size_t value I into a key I for +the associated field I. + +EVP_PKEY_set_bn_param() sets the BIGNUM value I into a key I for the +associated field I. + +EVP_PKEY_set_utf8_string_param() sets the UTF8 string I into a key I +for the associated field I. + +EVP_PKEY_set_octet_string_param() sets the octet string value I with a +size I into a key I for the associated field I. + +=head1 NOTES + +These functions only work for Bs that contain a provider side key. + +=head1 RETURN VALUES + +EVP_PKEY_settable_params() returns NULL on error or if it is not supported, + +All other methods return 1 if a value was successfully set, or 0 if +there was an error. + +=head1 SEE ALSO + +L, +L, L, L, + + +=head1 HISTORY + +These functions were added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut + diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 0180170b8d..6893b49ce4 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1795,6 +1795,16 @@ int EVP_PKEY_get_octet_string_param(const EVP_PKEY *pkey, const char *key_name, unsigned char *buf, size_t max_buf_sz, size_t *out_sz); +const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey); +int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]); +int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in); +int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in); +int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn); +int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name, + char *str); +int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, + unsigned char *buf, size_t bsize); + int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx); diff --git a/util/libcrypto.num b/util/libcrypto.num index bc39e25b6d..8b23993b07 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5287,3 +5287,10 @@ PEM_write_bio_PUBKEY_ex ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_get_group_name ? 3_0_0 EXIST::FUNCTION: CRYPTO_atomic_or ? 3_0_0 EXIST::FUNCTION: CRYPTO_atomic_load ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_settable_params ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_set_params ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_set_int_param ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_set_size_t_param ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_set_bn_param ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_set_utf8_string_param ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_set_octet_string_param ? 3_0_0 EXIST::FUNCTION: