Commit Graph

107 Commits

Author SHA1 Message Date
Dr. Matthias St. Pierre
363b1e5dae Make the naming scheme for dispatched functions more consistent
The new naming scheme consistently usese the `OSSL_FUNC_` prefix for all
functions which are dispatched between the core and providers.

This change includes in particular all up- and downcalls, i.e., the
dispatched functions passed from core to provider and vice versa.

- OSSL_core_  -> OSSL_FUNC_core_
- OSSL_provider_ -> OSSL_FUNC_core_

For operations and their function dispatch tables, the following convention
is used:

  Type                 | Name (evp_generic_fetch(3))       |
  ---------------------|-----------------------------------|
  operation            | OSSL_OP_FOO                       |
  function id          | OSSL_FUNC_FOO_FUNCTION_NAME       |
  function "name"      | OSSL_FUNC_foo_function_name       |
  function typedef     | OSSL_FUNC_foo_function_name_fn    |
  function ptr getter  | OSSL_FUNC_foo_function_name       |

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)
2020-06-24 22:01:22 +02:00
Dr. Matthias St. Pierre
23c48d94d4 Rename <openssl/core_numbers.h> -> <openssl/core_dispatch.h>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)
2020-06-24 22:01:22 +02:00
Pauli
bcdea3badf share rand_pool between libcrypto and providers
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
2020-06-24 20:05:41 +10:00
Matt Caswell
2da8d4eb28 Add more complete support for libctx/propq in the EC code
Renames some "new_ex" functions to "new_with_libctx" and ensures that we
pass around the libctx AND the propq everywhere.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12159)
2020-06-19 10:34:58 +01:00
Shane Lontis
4f2271d58a Add ACVP fips module tests
For FIPS validation purposes - Automated Cryptographic Validation Protocol (ACVP) tests need to be
performed. (See https://github.com/usnistgov/ACVP). These tests are very similiar to the old CAVS tests.

This PR uses a hardwired subset of these test vectors to perform similiar operations,
to show the usage and prove that the API's are able to perform the required operations.
It may also help with communication with the lab (i.e- The lab could add a test here to show
a unworking use case - which we can then address).

The EVP layer performs these tests instead of calling lower level API's
as was done in the old FOM.
Some of these tests require access to internals that are not normally allowed/required.

The config option 'acvp_tests' (enabled by default) has been added so that this
access may be removed.

The mechanism has been implemented as additional OSSL_PARAM values that can be set and get.
A callback mechanism did not seem to add any additional benefit.
These params will not be added to the gettables lists.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11572)
2020-06-17 11:33:16 +10:00
Matt Caswell
6a9bd9298b Make EVP_PKEY_[get1|set1]_tls_encodedpoint work with provided keys
EVP_PKEY_[get1|set1]_tls_encodedpoint() only worked if an ameth was present
which isn't the case for provided keys. Support has been added to dh,
ec and ecx keys.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11898)
2020-06-05 11:04:11 +01:00
FdaSilvaYY
9e3c510bde crypto/cms: add CAdES-BES signed attributes validation
for signing certificate V2 and signing certificate extensions.

CAdES: lowercase name for now internal methods.

crypto/cms: generated file changes.

Add some CHANGES entries.

[extended tests]

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8098)
2020-05-27 13:16:30 +02:00
Richard Levitte
f7f53d7d61 PROV: Use rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx() in RSA-OAEP
Fixes #11904

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11959)
2020-05-27 12:42:20 +02:00
Dr. David von Oheimb
7674e92324 Constify X509_PUBKEY_get(), X509_PUBKEY_get0(), and X509_PUBKEY_get0_param()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11894)
2020-05-26 09:35:05 +02:00
Shane Lontis
b808665265 Update core_names.h fields and document most fields.
Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC.
Added some strings values related to RSA keys.
Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file.
Updated Keyexchange and signature code and docs.
Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod.
Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it.

Added some usage examples. As a result of the usage examples the following change was also made:
ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11610)
2020-05-26 13:53:07 +10:00
Richard Levitte
5e5bc836fb Re-introduce legacy EVP_PKEY types for provided keys
EVP_PKEYs with provider side internal keys got the key type
EVP_PKEY_NONE.  This turned out to be too disruptive, so we try
instead to find a matching EVP_PKEY_ASN1_METHOD and use whatever
EVP_PKEY type it uses.

To make internal coding easier, we introduce a few internal macros to
distinguish what can be expected from a EVP_PKEY:

- evp_pkey_is_blank(), to detect an unassigned EVP_PKEY.
- evp_pkey_is_typed(), to detect that an EVP_PKEY has been assigned a
  type, which may be an old style type number or a EVP_KEYMGMT method.
- evp_pkey_is_assigned(), to detect that an EVP_PKEY has been assigned
  an key value.
- evp_pkey_is_legacy(), to detect that the internal EVP_PKEY key is a
  legacy one, i.e. will be handled via an EVP_PKEY_ASN1_METHOD and an
  EVP_PKEY_METHOD.
- evp_pkey_is_provided(), to detect that the internal EVP_PKEY key is
  a provider side one, i.e. will be handdled via an EVP_KEYMGMT and
  other provider methods.

This also introduces EVP_PKEY_KEYMGMT, to indicate that this EVP_PKEY
contains a provider side key for which there are no known
EVP_PKEY_ASN1_METHODs or EVP_PKEY_METHODs, i.e. these can only be
handled via EVP_KEYMGMT and other provider methods.

Fixes #11823

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11913)
2020-05-23 21:11:09 +02:00
Richard Levitte
8a758e96f2 PROV & KEYMGMT: Add PSS-parameter support in the RSA KEYMGMT implementation
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
2020-05-14 12:16:35 +02:00
Richard Levitte
15671090f4 RSA: Add a less loaded PSS-parameter structure
RSA_PSS_PARAMS carries with it a lot of baggage in form of X509_ALGOR
and ASN1_INTEGER, which we would rather avoid in our providers.
Therefore, we create a parallell structure - RSA_PSS_PARAMS_30 - that
contains the same information, but uses numeric identities (*) and C
integers (**).  This makes it simpler to handle.

Note that neither this structure nor its contents are passed between
libcrypto and the providers.  Instead, the numeric identities are
translated to and from names, which are then passed over that
boundary.

For future considerations, we might consider dropping RSA_PSS_PARAMS
entirely.  For now, it's still reserved for EVP_PKEY_ASN1_METHOD code,
which RSA_PSS_PARAMS_30 is (almost entirely) reserved for use in our
providers.

(*) We use NIDs in this case, because we already have them and because
only algorithms that libcrypto knows about are permitted in PSS
restrictions.  We could use any number series we want, as long as we
know for sure what they represent.

(**) That's for saltlen and for trailerfield, which are never expect
to surpass the set of numbers that fit in a regular 'int'.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
2020-05-14 12:16:35 +02:00
Richard Levitte
e9d6186e05 RSA: Add rsa_schemes.c, to store scheme data and translator functions
The scheme currently added is OAEP-PSSDigestAlgorithms codified.
The translator functions translate an EVP_MD into a NID, and a NID
into a name, to support the creation and parsing of OSSL_PARAM items.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
2020-05-14 12:16:34 +02:00
Richard Levitte
645a541a3f RSA: Extract much of the rsa_pkey_export_to() code to a separate function
The resulting function, rsa_todata(), is designed to be usable by
providers as well.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
2020-05-14 12:16:34 +02:00
Shane Lontis
5e77b79a8c Remove gen_get_params & gen_gettable_params from keygen operation
EVP_PKEY_CTX_gettable_params() was missing code for the keygen operation.
After adding it it was noticed that it is probably not required for this type, so instead
the gen_get_params and gen_gettable_params have been remnoved from the provider interface.
gen_get_params was only implemented for ec to get the curve name. This seems redundant
since normally you would set parameters into the keygen_init() and then generate a key.
Normally you would expect to extract data from the key - not the object that we just set up
to do the keygen.

Added a simple settable and gettable test into a test that does keygen.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11683)
2020-05-07 15:31:05 +10:00
Matt Caswell
f3336f4050 Add the library ctx into an ECX_KEY
At various points we need to be able to retrieve the current library
context so we store it in the ECX_KEY structure.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11635)
2020-05-04 09:30:55 +01:00
Matt Caswell
969024b458 Add the ability to ECX to import keys with only the private key
ECX keys can very easily crete the public key from the private key.
Therefore when we import ecx keys it is sufficent to just have the private
key.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11635)
2020-05-04 09:30:55 +01:00
Richard Levitte
f844f9eb44 Rename FIPS_MODE to FIPS_MODULE
This macro is used to determine if certain pieces of code should
become part of the FIPS module or not.  The old name was confusing.

Fixes #11538

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11539)
2020-04-28 15:37:37 +02:00
Matt Caswell
33388b44b6 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)
2020-04-23 13:55:52 +01:00
Richard Levitte
3b924da0f0 EVP: add internal evp_keymgmt_util_get_deflt_digest_name() and use it
evp_keymgmt_util_get_deflt_digest_name() is a refactor of the provider
side key part of EVP_PKEY_get_default_digest_name(), that takes
EVP_KEYMGMT and provider keydata pointers instead of an EVP_PKEY
pointer.

We also ensure that it uses SN_undef as the default name if the
provider implementation gave us an empty string, since this is what
EVP_PKEY_get_default_digest_name() responds when getting the digest
name via a EVP_PKEY_ASN1_METHOD ctrl call that returns NID_undef.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11576)
2020-04-23 10:44:37 +01:00
Shane Lontis
738ee1819e Fix DH_get_nid() so that it does not cache values.
DH_set0_pqg() is now responsible for caching the nid, q and length.

DH with or without named safe prime groups now default to using the maximum private key length (BN_num_bits(q) - 1)
when generating a DH private key. The code is now shared between fips and non fips mode for DH key generation.

The OSSL_PKEY_PARAM_DH_PRIV_LEN parameter can be used during keygen to override the maximum private key length to be
in the range (2 * strength ... bits(q) - 1). Where the strength depends on the length of p.

Added q = (p - 1) / 2 safe prime BIGNUMS so that the code is data driven (To simplify adding new names).
The BIGNUMS were code generated.

Fix error in documented return value for DH_get_nid

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11562)
2020-04-20 11:07:38 +10:00
Pauli
c1e48c5171 s390: ECX key generation fixes.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11371)
2020-04-17 19:51:37 +10:00
Pauli
43cd37014e ecx: add key generation support.
Specifically for x25519, x448, ed25519 and ed448.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11371)
2020-04-17 19:51:37 +10:00
Matt Caswell
465f34ed27 Introduce an internal version of X509_check_issued()
The internal version is library context aware.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11507)
2020-04-16 14:19:52 +01:00
Shane Lontis
7165593ce5 Add DH keygen to providers
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11332)
2020-04-16 01:14:00 +10:00
Shane Lontis
b03ec3b5d6 Add DSA keygen to provider
Moved some shared FFC code into the FFC files.
Added extra paramgen parameters for seed, gindex.
Fixed bug in ossl_prov util to print bignums.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11303)
2020-04-15 21:02:52 +10:00
Matt Caswell
8755b08524 Teach the OSSL_STORE code about libctx
We restrict this to just the PrivateKey loading code at the moment.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11494)
2020-04-15 11:24:13 +01:00
Matt Caswell
472a88b79e Teach d2i_PrivateKey et al about libctx
The Ed448 private key decoding makes algorithm fetches. Therefore we teach
d2i_PrivateKey et al about libctx and make sure it is passed through the
layers.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11494)
2020-04-15 11:24:13 +01:00
Richard Levitte
2b9add6965 KEYMGMT: Add functions to get param/key generation parameters
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11328)
2020-04-15 11:03:59 +02:00
Aaron Thompson
ff1f7cdeb1 Add ex_data to EVP_PKEY.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11515)
2020-04-14 17:58:17 +03:00
Matt Caswell
5435044fd6 Enable Ed25519 signing/verifying to use the libctx
Ed25519 needs to fetch a digest and so needs to use the correct libctx.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11496)
2020-04-09 16:10:00 +01:00
Matt Caswell
76e23fc50b Enable export_to functions to have access to the libctx
The EC export_to function calls EC_POINT_point2buf that can later
generate a random number in some circumstances. Therefore we pass in a
BN_CTX associated with the library context. This means we have to change
the export_to function signature to accept the library context.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11493)
2020-04-09 12:24:24 +01:00
Matt Caswell
1143c27be1 Add X509_STORE_CTX_new_with_libctx()
Make it possible to create an X509_STORE_CTX with an associated libctx
and propq.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11457)
2020-04-08 23:56:27 +01:00
Shane Lontis
96ebe52e89 Add EVP_PKEY_gettable_params support for accessing EVP_PKEY key data fields
Currently only RSA, EC and ECX are supported (DH and DSA need to be added to the keygen
PR's seperately because the fields supported have changed significantly).

The API's require the keys to be provider based.

Made the keymanagement export and get_params functions share the same code by supplying
support functions that work for both a OSSL_PARAM_BLD as well as a OSSL_PARAM[].
This approach means that complex code is not required to build an
empty OSSL_PARAM[] with the correct sized fields before then doing a second
pass to populate the array.

The RSA factor arrays have been changed to use unique key names to simplify the interface
needed by the user.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11365)
2020-04-01 15:51:18 +10:00
Richard Levitte
0abae1636d EVP: Implement support for key downgrading in backends
Downgrading EVP_PKEYs from containing provider side internal keys to
containing legacy keys demands support in the EVP_PKEY_ASN1_METHOD.

This became a bit elaborate because the code would be almost exactly
the same as the import functions int EVP_KEYMGMT.  Therefore, we end
up moving most of the code to common backend support files that can be
used both by legacy backend code and by our providers.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11375)
2020-03-25 17:01:32 +01:00
Richard Levitte
acb90ba8ff EVP: Downgrade keys rather than upgrade
Upgrading EVP_PKEYs from containing legacy keys to containing provider
side keys proved to be risky, with a number of unpleasant corner
cases, and with functions like EVP_PKEY_get0_DSA() failing
unexpectedly.

We therefore change course, and instead of upgrading legacy internal
keys to provider side internal keys, we downgrade provider side
internal keys to legacy ones.  To be able to do this, we add
|import_from| and make it a callback function designed for
evp_keymgmt_export().

This means that evp_pkey_upgrade_to_provider() is replaced with
evp_pkey_downgrade().

EVP_PKEY_copy_parameters() is the most deeply affected function of
this change.

Fixes #11366

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11375)
2020-03-25 17:01:10 +01:00
Richard Levitte
adc9f73126 EVP: Clarify the states of an EVP_PKEY
EVP_PKEY is rather complex, even before provider side keys entered the
stage.
You could have untyped / unassigned keys (pk->type == EVP_PKEY_NONE),
keys that had been assigned a type but no data (pk->pkey.ptr == NULL),
and fully assigned keys (pk->type != EVP_PKEY_NONE && pk->pkey.ptr != NULL).

For provider side keys, the corresponding states weren't well defined,
and the code didn't quite account for all the possibilities.

We also guard most of the legacy fields in EVP_PKEY with FIPS_MODE, so
they don't exist at all in the FIPS module.

Most of all, code needs to adapt to the case where an EVP_PKEY's
|keymgmt| is non-NULL, but its |keydata| is NULL.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11375)
2020-03-25 17:00:39 +01:00
Dr. David von Oheimb
8cc86b81ac Constify various mostly X509-related parameter types in crypto/ and apps/
in particular X509_NAME*, X509_STORE{,_CTX}*, and ASN1_INTEGER *,
also some result types of new functions, which does not break compatibility

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/10504)
2020-03-23 08:30:37 +01:00
Richard Levitte
4b9e90f42a EVP: fetch the EVP_KEYMGMT earlier
Instead of fetching the EVP_KEYMGMT in the init for every different
operation, do it when creating the EVP_PKEY_CTX.

This allows certain control functions to be called between the
creation of the EVP_PKEY_CTX and the call of the operation's init
function.

Use case: EVP_PKEY_CTX_set1_id(), which is allowed to be called very
early with the legacy implementation, this should still be allowed
with provider implementations.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/11343)
2020-03-21 09:28:11 +01:00
Matt Caswell
0f2deef59d Use RAND_bytes_ex in crypto/rsa
At various points in crypto/rsa we need to get random numbers. We should
ensure that we use the correct libctx when doing so.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11355)
2020-03-19 18:49:12 +00:00
Matt Caswell
244bc29746 Implement serializers for ED25519 and ED448
This is largely based on the existing X25519 and X448 serializers - but
a few adjustments were necessary so that we can identify what type of key
we are using. Previously we used the keylen for this but X25519 and
ED25519 have the same keylen.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11272)
2020-03-18 08:40:33 +10:00
Richard Levitte
70a7dd6f96 X509: Rename X509_set0_sm2_id() and friends
- X509_set0_sm2_id() -> X509_set0_distinguishing_id()
- X509_get0_sm2_id() -> X509_get0_distinguishing_id()
- X509_REQ_set0_sm2_id -> X509_REQ_set0_distinguishing_id()
- X509_REQ_get0_sm2_id -> X509_REQ_get0_distinguishing_id()

The reason for this rename is that the SM2 ID isn't really a unique
SM2 data item, but rather a re-use of the Distinguished that is
defined in ISO/IEC 15946-3 as well as in FIPS 196, with no special
attribution toward any algorithm in particular.

Fixes #11293

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/11302)
2020-03-15 19:42:04 +01:00
Richard Levitte
a5ce329eb4 EVP: Don't call digest_custom() quite so early
A huge problem with calling digest_custom() already in the
initialization of DigestSign, DigestVerify etc, is that it force all
callers to know that certain controls must be performed before Init
and the rest after.  This has lead to quite interesting hacks in our
own openssl app, where the SM2 ID had to get special treatment instead
of just being another sign option or verification option among others.

This change moves the call of digest_custom() to the Update and Final
functions, to be done exactly once, subject to a flag that's set in
the Init function.  Seeing to the process of data, through these
operations, this makes no difference at all.  Seeing to making it
possible to perform all controls after the Init call, this makes a
huge difference.

Fixes #11293

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/11302)
2020-03-15 19:42:04 +01:00
Shane Lontis
edd3b7a309 Add ECDSA to providers
Added ECDSA support for OSSL_SIGNATURE_PARAM_ALGORITHM_ID

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10968)
2020-03-15 21:34:29 +10:00
Richard Levitte
6292475573 EVP: Add new domparams and key generation functionality
The following functions are added:

EVP_PKEY_gen_set_params(), replacing the older EVP_PKEY_CTX_ctrl()
EVP_PKEY_gen(), replacing both EVP_PKEY_keygen() and EVP_PKEY_paramgen()

These functions are made to work together with already existing domparams
and key generation functionality: EVP_PKEY_CTX_new_provided(),
EVP_PKEY_paramgen_init(), EVP_PKEY_keygen_init(), etc.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10289)
2020-03-12 10:44:01 +01:00
Richard Levitte
1a5632e0dc CORE: Add the key object generator libcrypto<->provider interface
We introduce these dispatched functions:

-   OP_keymgmt_gen_init() to initialize the key object generation.
-   OP_keymgmt_gen_set_template() to set a template for key object
    generation.  The template is another key object, for example one
    with domain parameters.
-   OP_keymgmt_gen_set_params() to set other key object generation
    parameters.
-   OP_keymgmt_gen_settable_params() to find out what settable
    parameters there are.
-   OP_keymgmt_gen() to perform the key object generation.
-   OP_keymgmt_gen_cleanup() to clean up the key object generation.

Internal function for easy and consistent use of these ddispatched
functions are added.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10289)
2020-03-12 10:43:58 +01:00
Shane Lontis
1c725f463e Add ECDH to fips provider
Note: This PR has not attempted to move the curves into the provider dispatch table.
Mappings between the curve name / nid have been added to the inbuilt curve table.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11133)
2020-03-12 07:36:04 +10:00
Shane Lontis
a173cc9c38 Add EC key validation to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10861)
2020-03-12 07:14:32 +10:00
Richard Levitte
c518117b99 DH: add internal dh_get_method()
This should have been publically present a long time ago, to be
consistent with the RSA, DSA and EC_KEY APIs.  However, since we've
now deprecated that kind of function for the other key types, there's
no point in adding a public function, but we still need it internally.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11193)
2020-03-09 10:54:34 +01:00