Commit Graph

4 Commits

Author SHA1 Message Date
Richard Levitte
506cb0f632 EVP: add functions that return the name number
The returned number can be used for comparison purposes.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9979)
2019-10-17 09:16:45 +02:00
Richard Levitte
f651c727f8 EVP: add name traversal functions to all fetchable types
The following new functions all do the same thing; they traverse
the set of names assigned to implementations of each algorithm type:

EVP_MD_names_do_all(), EVP_CIPHER_names_do_all(),
EVP_MAC_names_do_all(), EVP_KEYMGMT_names_do_all(),
EVP_KEYEXCH_names_do_all(), EVP_KDF_names_do_all(),
EVP_SIGNATURE_names_do_all()

We add a warning to the documentation of EVP_CIPHER_name() and
EVP_MD_name(), as they aren't suitable to use with multiple-name
implementation.

We also remove EVP_MAC_name() and evp_KDF_name(), as they serve no
useful purpose.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9979)
2019-10-17 09:16:45 +02:00
Richard Levitte
251e610ce4 EVP: add missing common functionality
This adds the missing functions that should be common for all
fetchable EVP sub-APIs:

EVP_KEYMGMT_is_a(), EVP_KEYMGMT_do_all_provided(), EVP_KEYEXCH_is_a(),
EVP_KEYEXCH_do_all_provided(), EVP_KDF_is_a(), EVP_MD_is_a(),
EVP_SIGNATURE_do_all_provided(), EVP_SIGNATURE_is_a().

This also renames EVP_MD_do_all_ex(), EVP_CIPHER_do_all_ex(),
EVP_KDF_do_all_ex(), EVP_MAC_do_all_ex() to change '_ex'
to '_provided'.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9979)
2019-10-17 09:16:45 +02:00
Richard Levitte
a94a3e0d91 Add basic EVP_KEYMGMT API and libcrypto <-> provider interface
The idea with the key management "operation" is to support the
following set of functionality:

- Key domain parameter generation
- Key domain parameter import
- Key domain parameter export

- Key generation
- Key import
- Key export
- Key loading (HSM / hidden key support)

With that set of function, we can support handling domain parameters
on one provider, key handling on another, and key usage on a third,
with transparent export / import of applicable data.  Of course, if a
provider doesn't offer export / import functionality, then all
operations surrounding a key must be performed with the same
provider.

This method also avoids having to do anything special with legacy
assignment of libcrypto key structures, i.e. EVP_PKEY_assign_RSA().
They will simply be used as keys to be exported from whenever they are
used with provider based operations.

This change only adds the EVP_KEYMGMT API and the libcrypto <->
provider interface.  Further changes will integrate them into existing
libcrypto functionality.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9312)
2019-07-22 06:17:38 +02:00