To avoid mutating key data add OSSL_FUNC_KEYMGMT_DUP function
to the provider API and implement it for all asym-key key
managements.
Use it when copying everything to an empty EVP_PKEY
which is the case with EVP_PKEY_dup().
Fixes#14658
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14793)
Partial fix for #12964
This adds ossl_ names for the following symbols:
ec_*, ecx_*, ecdh_*, ecdsa_*, sm2_*
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)
Because decoders are coupled with keymgmts from the same provider,
ours need to produce provider side keys the same way. Since our
keymgmts create key data with the provider library context, so must
our decoders.
We solve with functions to adjust the library context of decoded keys,
and use them.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13661)
Currently, when configuring OpenSSL using -DREF_PRINT the following
compilation error is generated:
In file included from include/crypto/ecx.h:21,
from crypto/ec/ecx_key.c:11:
crypto/ec/ecx_key.c: In function 'ecx_key_free':
crypto/ec/ecx_key.c:65:32: error: 'r' undeclared
(first use in this function)
65 | REF_PRINT_COUNT("ECX_KEY", r);
| ^
include/internal/refcount.h:169:40: note: in definition of macro
'REF_PRINT_COUNT'
169 | fprintf(stderr, "%p:%4d:%s\n", b, b->references, a)
| ^
crypto/ec/ecx_key.c:65:32: note: each undeclared identifier is reported
only once for each function it appears in
65 | REF_PRINT_COUNT("ECX_KEY", r);
| ^
include/internal/refcount.h:169:40: note: in definition of macro
'REF_PRINT_COUNT'
169 | fprintf(stderr, "%p:%4d:%s\n", b, b->references, a)
| ^
make[1]: *** [Makefile:14929: crypto/ec/libcrypto-lib-ecx_key.o] Error 1
This commit updates the argument passed in to be the ECX_KEY* key.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13298)
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
The OPENSSL_CTX type stands out a little by using a different prefix.
For consistency reasons, this type is renamed to OSSL_LIB_CTX.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12621)
At various points we need to be able to retrieve the current library
context so we store it in the ECX_KEY structure.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11635)
This is largely based on the existing X25519 and X448 serializers - but
a few adjustments were necessary so that we can identify what type of key
we are using. Previously we used the keylen for this but X25519 and
ED25519 have the same keylen.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11272)
Add ref counting and control how we allocate storage for the private key.
We will need this type in following commits where we move the ecx code
to be provider aware.
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10964)
