From fa9faf010460f5fe0722a65f9d496221c2f41f7b Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 11 Jul 2019 12:52:16 +0200 Subject: [PATCH] Add an internal API to access the KEYMGMT provider functions Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9312) --- crypto/evp/keymgmt_lib.c | 87 +++++++++++++++++ crypto/include/internal/evp_int.h | 26 ++++++ doc/internal/man3/evp_keymgmt_freekey.pod | 109 ++++++++++++++++++++++ 3 files changed, 222 insertions(+) create mode 100644 doc/internal/man3/evp_keymgmt_freekey.pod diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c index 7169f4270e..8ee28fbe60 100644 --- a/crypto/evp/keymgmt_lib.c +++ b/crypto/evp/keymgmt_lib.c @@ -199,3 +199,90 @@ void evp_keymgmt_clear_pkey_cache(EVP_PKEY *pk) } } } + + +/* internal functions */ +/* TODO(3.0) decide if these should be public or internal */ +void *evp_keymgmt_importdomparams(const EVP_KEYMGMT *keymgmt, + const OSSL_PARAM params[]) +{ + void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt)); + + return keymgmt->importdomparams(provctx, params); +} + +void *evp_keymgmt_gendomparams(const EVP_KEYMGMT *keymgmt, + const OSSL_PARAM params[]) +{ + void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt)); + + return keymgmt->gendomparams(provctx, params); +} + +void evp_keymgmt_freedomparams(const EVP_KEYMGMT *keymgmt, + void *provdomparams) +{ + keymgmt->freedomparams(provdomparams); +} + +int evp_keymgmt_exportdomparams(const EVP_KEYMGMT *keymgmt, + void *provdomparams, OSSL_PARAM params[]) +{ + return keymgmt->exportdomparams(provdomparams, params); +} + +const OSSL_PARAM *evp_keymgmt_importdomparam_types(const EVP_KEYMGMT *keymgmt) +{ + return keymgmt->importdomparam_types(); +} + +const OSSL_PARAM *evp_keymgmt_exportdomparam_types(const EVP_KEYMGMT *keymgmt) +{ + return keymgmt->exportdomparam_types(); +} + + +void *evp_keymgmt_importkey(const EVP_KEYMGMT *keymgmt, + const OSSL_PARAM params[]) +{ + void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt)); + + return keymgmt->importkey(provctx, params); +} + +void *evp_keymgmt_genkey(const EVP_KEYMGMT *keymgmt, void *domparams, + const OSSL_PARAM params[]) +{ + void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt)); + + return keymgmt->genkey(provctx, domparams, params); +} + +void *evp_keymgmt_loadkey(const EVP_KEYMGMT *keymgmt, + void *id, size_t idlen) +{ + void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt)); + + return keymgmt->loadkey(provctx, id, idlen); +} + +void evp_keymgmt_freekey(const EVP_KEYMGMT *keymgmt, void *provkey) +{ + keymgmt->freekey(provkey); +} + +int evp_keymgmt_exportkey(const EVP_KEYMGMT *keymgmt, void *provkey, + OSSL_PARAM params[]) +{ + return keymgmt->exportkey(provkey, params); +} + +const OSSL_PARAM *evp_keymgmt_importkey_types(const EVP_KEYMGMT *keymgmt) +{ + return keymgmt->importkey_types(); +} + +const OSSL_PARAM *evp_keymgmt_exportkey_types(const EVP_KEYMGMT *keymgmt) +{ + return keymgmt->exportkey_types(); +} diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h index af273f2bf3..50ed933926 100644 --- a/crypto/include/internal/evp_int.h +++ b/crypto/include/internal/evp_int.h @@ -564,6 +564,32 @@ void evp_app_cleanup_int(void); void *evp_keymgmt_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt); void evp_keymgmt_clear_pkey_cache(EVP_PKEY *pk); +/* KEYMGMT provider interface functions */ +void *evp_keymgmt_importdomparams(const EVP_KEYMGMT *keymgmt, + const OSSL_PARAM params[]); +void *evp_keymgmt_gendomparams(const EVP_KEYMGMT *keymgmt, + const OSSL_PARAM params[]); +void evp_keymgmt_freedomparams(const EVP_KEYMGMT *keymgmt, + void *provdomparams); +int evp_keymgmt_exportdomparams(const EVP_KEYMGMT *keymgmt, + void *provdomparams, OSSL_PARAM params[]); +const OSSL_PARAM * +evp_keymgmt_importdomparam_types(const EVP_KEYMGMT *keymgmt); +const OSSL_PARAM * +evp_keymgmt_exportdomparam_types(const EVP_KEYMGMT *keymgmt); + +void *evp_keymgmt_importkey(const EVP_KEYMGMT *keymgmt, + const OSSL_PARAM params[]); +void *evp_keymgmt_genkey(const EVP_KEYMGMT *keymgmt, void *domparams, + const OSSL_PARAM params[]); +void *evp_keymgmt_loadkey(const EVP_KEYMGMT *keymgmt, + void *id, size_t idlen); +void evp_keymgmt_freekey(const EVP_KEYMGMT *keymgmt, void *provkey); +int evp_keymgmt_exportkey(const EVP_KEYMGMT *keymgmt, + void *provkey, OSSL_PARAM params[]); +const OSSL_PARAM *evp_keymgmt_importkey_types(const EVP_KEYMGMT *keymgmt); +const OSSL_PARAM *evp_keymgmt_exportkey_types(const EVP_KEYMGMT *keymgmt); + /* Pulling defines out of C source files */ #define EVP_RC4_KEY_SIZE 16 diff --git a/doc/internal/man3/evp_keymgmt_freekey.pod b/doc/internal/man3/evp_keymgmt_freekey.pod new file mode 100644 index 0000000000..597c34b6d4 --- /dev/null +++ b/doc/internal/man3/evp_keymgmt_freekey.pod @@ -0,0 +1,109 @@ +=pod + +=head1 NAME + +evp_keymgmt_importdomparams, evp_keymgmt_gendomparams, +evp_keymgmt_freedomparams, +evp_keymgmt_exportdomparams, +evp_keymgmt_importdomparams_types, evp_keymgmt_exportdomparams_types, +evp_keymgmt_importkey, evp_keymgmt_genkey, evp_keymgmt_loadkey, +evp_keymgmt_freekey, +evp_keymgmt_exportkey, +evp_keymgmt_importkey_types, evp_keymgmt_exportkey_types +- internal KEYMGMT support functions + +=head1 SYNOPSIS + + #include "internal/evp_int.h" + + void *evp_keymgmt_importdomparams(const EVP_KEYMGMT *keymgmt, + const OSSL_PARAM params[]); + void *evp_keymgmt_gendomparams(const EVP_KEYMGMT *keymgmt, + const OSSL_PARAM params[]); + void evp_keymgmt_freedomparams(const EVP_KEYMGMT *keymgmt, void *provdomparams); + int evp_keymgmt_exportdomparams(const EVP_KEYMGMT *keymgmt, + void *provdomparams, OSSL_PARAM params[]); + const OSSL_PARAM *evp_keymgmt_importdomparams_types(const EVP_KEYMGMT *keymgmt); + const OSSL_PARAM *evp_keymgmt_exportdomparams_types(const EVP_KEYMGMT *keymgmt); + + void *evp_keymgmt_importkey(const EVP_KEYMGMT *keymgmt, + const OSSL_PARAM params[]); + void *evp_keymgmt_genkey(const EVP_KEYMGMT *keymgmt, void *domparams, + const OSSL_PARAM params[]); + void *evp_keymgmt_loadkey(const EVP_KEYMGMT *keymgmt, + void *id, size_t idlen); + void evp_keymgmt_freekey(const EVP_KEYMGMT *keymgmt, void *provkey); + int evp_keymgmt_exportkey(const EVP_KEYMGMT *keymgmt, void *provkey, + OSSL_PARAM params[]); + const OSSL_PARAM *evp_keymgmt_importkey_types(const EVP_KEYMGMT *keymgmt); + const OSSL_PARAM *evp_keymgmt_exportkey_types(const EVP_KEYMGMT *keymgmt); + +=head1 DESCRIPTION + +All these functions are helpers to call the provider's corresponding +function. + +evp_keymgmt_importdomparams() calls the method's importdomparams() function. + +evp_keymgmt_gendomparams() calls the method's gendomparams() function. + +evp_keymgmt_freedomparams() calls the method's freedomparams() function. + +evp_keymgmt_exportdomparams() calls the method's exportdomparams() +function. + +evp_keymgmt_importdomparams_types() calls the method's +importdomparams_types() function. + +evp_keymgmt_exportdomparams_types() calls the method's +exportdomparams_types() function. + +evp_keymgmt_importkey() calls the method's importkey() +function. + +evp_keymgmt_genkey() calls the method's genkey() function. + +evp_keymgmt_loadkey() calls the method's loadkey() function. + +evp_keymgmt_freekey() calls the method's freekey() function. + +evp_keymgmt_exportkey() calls the method's exportkey() +function. + +evp_keymgmt_importkey_types() calls the method's importkey_types() function. + +evp_keymgmt_exportkey_types() calls the method's exportkey_types() function. + +=head1 RETURN VALUES + +evp_keymgmt_importdomparams(), evp_keymgmt_gendomparams() return a pointer +to a provider owned set of domparams parameters, or NULL on error. + +evp_keymgmt_importkey(), evp_keymgmt_genkey(), evp_keymgmt_loadkey() return +a pointer to a provider owned key, or NULL on error. + +evp_keymgmt_exportdomparams() and evp_keymgmt_exportkey() return 1 on success, +or 0 on error. + +evp_keymgmt_importdomparams_types(), evp_keymgmt_exportdomparams_types() +return parameter descriptor for importing and exporting domparams +parameters, or NULL if there are no such descriptors. + +evp_keymgmt_importkey_types() and evp_keymgmt_exportkey_types() +return parameter descriptor for importing and exporting keys, or NULL +if there are no such descriptors. + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut