Modify EVP_PKEY_ASN1_METHOD's export_to function to take an importer

We previously took an EVP_KEYMGMT pointer, but now found it necessary to use a different import function in some cases. Since that's the only thing we use from EVP_KEYMGMT, we might as well pass the import function directly, allowing for some flexibility in how export_to is used. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15293)
2025-03-25 20:00:44 +08:00 · 2021-05-15 07:43:06 +02:00 · 2021-05-15 07:43:06 +02:00 · bed7437b00
commit bed7437b00
parent 0e5a4da4a8
7 changed files with 26 additions and 23 deletions
--- a/crypto/dh/dh_ameth.c
+++ b/crypto/dh/dh_ameth.c
@ -440,8 +440,8 @@ static size_t dh_pkey_dirty_cnt(const EVP_PKEY *pkey)
 }

 static int dh_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
-                             EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx,
-                             const char *propq)
+                             OSSL_FUNC_keymgmt_import_fn *importer,
+                             OSSL_LIB_CTX *libctx, const char *propq)
 {
    DH *dh = from->pkey.dh;
    OSSL_PARAM_BLD *tmpl;
@ -495,7 +495,7 @@ static int dh_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
        goto err;

    /* We export, the provider imports */
-    rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
+    rv = importer(to_keydata, selection, params);

    OSSL_PARAM_free(params);
 err:
--- a/crypto/dsa/dsa_ameth.c
+++ b/crypto/dsa/dsa_ameth.c
@ -424,8 +424,8 @@ static size_t dsa_pkey_dirty_cnt(const EVP_PKEY *pkey)
 }

 static int dsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
-                              EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx,
-                              const char *propq)
+                              OSSL_FUNC_keymgmt_import_fn *importer,
+                              OSSL_LIB_CTX *libctx, const char *propq)
 {
    DSA *dsa = from->pkey.dsa;
    OSSL_PARAM_BLD *tmpl;
@ -472,7 +472,7 @@ static int dsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
        goto err;

    /* We export, the provider imports */
-    rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
+    rv = importer(to_keydata, selection, params);

    OSSL_PARAM_free(params);
 err:
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@ -478,8 +478,8 @@ size_t ec_pkey_dirty_cnt(const EVP_PKEY *pkey)

 static
 int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
-                      EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx,
-                      const char *propq)
+                      OSSL_FUNC_keymgmt_import_fn *importer,
+                      OSSL_LIB_CTX *libctx, const char *propq)
 {
    const EC_KEY *eckey = NULL;
    const EC_GROUP *ecg = NULL;
@ -607,7 +607,7 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
    params = OSSL_PARAM_BLD_to_param(tmpl);

    /* We export, the provider imports */
-    rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
+    rv = importer(to_keydata, selection, params);

 err:
    OSSL_PARAM_BLD_free(tmpl);
--- a/crypto/ec/ecx_meth.c
+++ b/crypto/ec/ecx_meth.c
@ -346,8 +346,8 @@ static size_t ecx_pkey_dirty_cnt(const EVP_PKEY *pkey)
 }

 static int ecx_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
-                              EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx,
-                              const char *propq)
+                              OSSL_FUNC_keymgmt_import_fn *importer,
+                              OSSL_LIB_CTX *libctx, const char *propq)
 {
    const ECX_KEY *key = from->pkey.ecx;
    OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new();
@ -375,7 +375,7 @@ static int ecx_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
    params = OSSL_PARAM_BLD_to_param(tmpl);

    /* We export, the provider imports */
-    rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
+    rv = importer(to_keydata, selection, params);

 err:
    OSSL_PARAM_BLD_free(tmpl);
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@ -1878,7 +1878,8 @@ void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx,
        if ((keydata = evp_keymgmt_newdata(tmp_keymgmt)) == NULL)
            goto end;

-        if (!pk->ameth->export_to(pk, keydata, tmp_keymgmt, libctx, propquery)) {
+        if (!pk->ameth->export_to(pk, keydata, tmp_keymgmt->import,
+                                  libctx, propquery)) {
            evp_keymgmt_freedata(tmp_keymgmt, keydata);
            keydata = NULL;
            goto end;
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@ -725,7 +725,8 @@ static size_t rsa_pkey_dirty_cnt(const EVP_PKEY *pkey)
 * checks in this method since the caller tests EVP_KEYMGMT_is_a() first.
 */
 static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type,
-                             void *to_keydata, EVP_KEYMGMT *to_keymgmt,
+                             void *to_keydata,
+                             OSSL_FUNC_keymgmt_import_fn *importer,
                             OSSL_LIB_CTX *libctx, const char *propq)
 {
    RSA *rsa = from->pkey.rsa;
@ -778,7 +779,7 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type,
        goto err;

    /* We export, the provider imports */
-    rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
+    rv = importer(to_keydata, selection, params);

 err:
    OSSL_PARAM_free(params);
@ -859,19 +860,19 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx,
 }

 static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
-                              EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx,
-                              const char *propq)
+                              OSSL_FUNC_keymgmt_import_fn *importer,
+                              OSSL_LIB_CTX *libctx, const char *propq)
 {
    return rsa_int_export_to(from, RSA_FLAG_TYPE_RSA, to_keydata,
-                             to_keymgmt, libctx, propq);
+                             importer, libctx, propq);
 }

 static int rsa_pss_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
-                                  EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx,
-                                  const char *propq)
+                                  OSSL_FUNC_keymgmt_import_fn *importer,
+                                  OSSL_LIB_CTX *libctx, const char *propq)
 {
    return rsa_int_export_to(from, RSA_FLAG_TYPE_RSASSAPSS, to_keydata,
-                             to_keymgmt, libctx, propq);
+                             importer, libctx, propq);
 }

 static int rsa_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
--- a/include/crypto/asn1.h
+++ b/include/crypto/asn1.h
@ -12,6 +12,7 @@
 # pragma once

 # include <openssl/asn1.h>
+# include <openssl/core_dispatch.h> /* OSSL_FUNC_keymgmt_import() */

 /* Internal ASN1 structures and functions: not for application use */

@ -80,8 +81,8 @@ struct evp_pkey_asn1_method_st {
    /* Exports and imports to / from providers */
    size_t (*dirty_cnt) (const EVP_PKEY *pk);
    int (*export_to) (const EVP_PKEY *pk, void *to_keydata,
-                      EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx,
-                      const char *propq);
+                      OSSL_FUNC_keymgmt_import_fn *importer,
+                      OSSL_LIB_CTX *libctx, const char *propq);
    OSSL_CALLBACK *import_from;
    int (*copy) (EVP_PKEY *to, EVP_PKEY *from);