[thirdparty/openssl.git] / crypto / evp / keymgmt_meth.c

/*
 * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/crypto.h>
#include <openssl/core_dispatch.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include "internal/provider.h"
#include "internal/refcount.h"
#include "internal/core.h"
#include "crypto/evp.h"
#include "evp_local.h"

static void *keymgmt_new(void)
{
    EVP_KEYMGMT *keymgmt = NULL;

    if ((keymgmt = OPENSSL_zalloc(sizeof(*keymgmt))) == NULL)
        return NULL;
    if (!CRYPTO_NEW_REF(&keymgmt->refcnt, 1)) {
        EVP_KEYMGMT_free(keymgmt);
        return NULL;
    }
    return keymgmt;
}

#ifndef FIPS_MODULE
static void help_get_legacy_alg_type_from_keymgmt(const char *keytype,
                                                  void *arg)
{
    int *type = arg;

    if (*type == NID_undef)
        *type = evp_pkey_name2type(keytype);
}

static int get_legacy_alg_type_from_keymgmt(const EVP_KEYMGMT *keymgmt)
{
    int type = NID_undef;

    EVP_KEYMGMT_names_do_all(keymgmt, help_get_legacy_alg_type_from_keymgmt,
                             &type);
    return type;
}
#endif

static void *keymgmt_from_algorithm(int name_id,
                                    const OSSL_ALGORITHM *algodef,
                                    OSSL_PROVIDER *prov)
{
    const OSSL_DISPATCH *fns = algodef->implementation;
    EVP_KEYMGMT *keymgmt = NULL;
    int setparamfncnt = 0, getparamfncnt = 0;
    int setgenparamfncnt = 0;
    int importfncnt = 0, exportfncnt = 0;
    int importtypesfncnt = 0, exporttypesfncnt = 0;

    if ((keymgmt = keymgmt_new()) == NULL)
        return NULL;

    keymgmt->name_id = name_id;
    if ((keymgmt->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
        EVP_KEYMGMT_free(keymgmt);
        return NULL;
    }
    keymgmt->description = algodef->algorithm_description;

    for (; fns->function_id != 0; fns++) {
        switch (fns->function_id) {
        case OSSL_FUNC_KEYMGMT_NEW:
            if (keymgmt->new == NULL)
                keymgmt->new = OSSL_FUNC_keymgmt_new(fns);
            break;
        case OSSL_FUNC_KEYMGMT_GEN_INIT:
            if (keymgmt->gen_init == NULL)
                keymgmt->gen_init = OSSL_FUNC_keymgmt_gen_init(fns);
            break;
        case OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE:
            if (keymgmt->gen_set_template == NULL)
                keymgmt->gen_set_template =
                    OSSL_FUNC_keymgmt_gen_set_template(fns);
            break;
        case OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS:
            if (keymgmt->gen_set_params == NULL) {
                setgenparamfncnt++;
                keymgmt->gen_set_params =
                    OSSL_FUNC_keymgmt_gen_set_params(fns);
            }
            break;
        case OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS:
            if (keymgmt->gen_settable_params == NULL) {
                setgenparamfncnt++;
                keymgmt->gen_settable_params =
                    OSSL_FUNC_keymgmt_gen_settable_params(fns);
            }
            break;
        case OSSL_FUNC_KEYMGMT_GEN:
            if (keymgmt->gen == NULL)
                keymgmt->gen = OSSL_FUNC_keymgmt_gen(fns);
            break;
        case OSSL_FUNC_KEYMGMT_GEN_CLEANUP:
            if (keymgmt->gen_cleanup == NULL)
                keymgmt->gen_cleanup = OSSL_FUNC_keymgmt_gen_cleanup(fns);
            break;
        case OSSL_FUNC_KEYMGMT_FREE:
            if (keymgmt->free == NULL)
                keymgmt->free = OSSL_FUNC_keymgmt_free(fns);
            break;
        case OSSL_FUNC_KEYMGMT_LOAD:
            if (keymgmt->load == NULL)
                keymgmt->load = OSSL_FUNC_keymgmt_load(fns);
            break;
        case OSSL_FUNC_KEYMGMT_GET_PARAMS:
            if (keymgmt->get_params == NULL) {
                getparamfncnt++;
                keymgmt->get_params = OSSL_FUNC_keymgmt_get_params(fns);
            }
            break;
        case OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS:
            if (keymgmt->gettable_params == NULL) {
                getparamfncnt++;
                keymgmt->gettable_params =
                    OSSL_FUNC_keymgmt_gettable_params(fns);
            }
            break;
         case OSSL_FUNC_KEYMGMT_SET_PARAMS:
            if (keymgmt->set_params == NULL) {
                setparamfncnt++;
                keymgmt->set_params = OSSL_FUNC_keymgmt_set_params(fns);
            }
            break;
        case OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS:
            if (keymgmt->settable_params == NULL) {
                setparamfncnt++;
                keymgmt->settable_params =
                    OSSL_FUNC_keymgmt_settable_params(fns);
            }
            break;
        case OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME:
            if (keymgmt->query_operation_name == NULL)
                keymgmt->query_operation_name =
                    OSSL_FUNC_keymgmt_query_operation_name(fns);
            break;
        case OSSL_FUNC_KEYMGMT_HAS:
            if (keymgmt->has == NULL)
                keymgmt->has = OSSL_FUNC_keymgmt_has(fns);
            break;
        case OSSL_FUNC_KEYMGMT_DUP:
            if (keymgmt->dup == NULL)
                keymgmt->dup = OSSL_FUNC_keymgmt_dup(fns);
            break;
        case OSSL_FUNC_KEYMGMT_VALIDATE:
            if (keymgmt->validate == NULL)
                keymgmt->validate = OSSL_FUNC_keymgmt_validate(fns);
            break;
        case OSSL_FUNC_KEYMGMT_MATCH:
            if (keymgmt->match == NULL)
                keymgmt->match = OSSL_FUNC_keymgmt_match(fns);
            break;
        case OSSL_FUNC_KEYMGMT_IMPORT:
            if (keymgmt->import == NULL) {
                importfncnt++;
                keymgmt->import = OSSL_FUNC_keymgmt_import(fns);
            }
            break;
        case OSSL_FUNC_KEYMGMT_IMPORT_TYPES:
            if (keymgmt->import_types == NULL) {
                if (importtypesfncnt == 0)
                    importfncnt++;
                importtypesfncnt++;
                keymgmt->import_types = OSSL_FUNC_keymgmt_import_types(fns);
            }
            break;
        case OSSL_FUNC_KEYMGMT_IMPORT_TYPES_EX:
            if (keymgmt->import_types_ex == NULL) {
                if (importtypesfncnt == 0)
                    importfncnt++;
                importtypesfncnt++;
                keymgmt->import_types_ex = OSSL_FUNC_keymgmt_import_types_ex(fns);
            }
            break;
        case OSSL_FUNC_KEYMGMT_EXPORT:
            if (keymgmt->export == NULL) {
                exportfncnt++;
                keymgmt->export = OSSL_FUNC_keymgmt_export(fns);
            }
            break;
        case OSSL_FUNC_KEYMGMT_EXPORT_TYPES:
            if (keymgmt->export_types == NULL) {
                if (exporttypesfncnt == 0)
                    exportfncnt++;
                exporttypesfncnt++;
                keymgmt->export_types = OSSL_FUNC_keymgmt_export_types(fns);
            }
            break;
        case OSSL_FUNC_KEYMGMT_EXPORT_TYPES_EX:
            if (keymgmt->export_types_ex == NULL) {
                if (exporttypesfncnt == 0)
                    exportfncnt++;
                exporttypesfncnt++;
                keymgmt->export_types_ex = OSSL_FUNC_keymgmt_export_types_ex(fns);
            }
            break;
        }
    }
    /*
     * Try to check that the method is sensible.
     * At least one constructor and the destructor are MANDATORY
     * The functions 'has' is MANDATORY
     * It makes no sense being able to free stuff if you can't create it.
     * It makes no sense providing OSSL_PARAM descriptors for import and
     * export if you can't import or export.
     */
    if (keymgmt->free == NULL
        || (keymgmt->new == NULL
            && keymgmt->gen == NULL
            && keymgmt->load == NULL)
        || keymgmt->has == NULL
        || (getparamfncnt != 0 && getparamfncnt != 2)
        || (setparamfncnt != 0 && setparamfncnt != 2)
        || (setgenparamfncnt != 0 && setgenparamfncnt != 2)
        || (importfncnt != 0 && importfncnt != 2)
        || (exportfncnt != 0 && exportfncnt != 2)
        || (keymgmt->gen != NULL
            && (keymgmt->gen_init == NULL
                || keymgmt->gen_cleanup == NULL))) {
        EVP_KEYMGMT_free(keymgmt);
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
        return NULL;
    }
    keymgmt->prov = prov;
    if (prov != NULL)
        ossl_provider_up_ref(prov);

#ifndef FIPS_MODULE
    keymgmt->legacy_alg = get_legacy_alg_type_from_keymgmt(keymgmt);
#endif

    return keymgmt;
}

EVP_KEYMGMT *evp_keymgmt_fetch_from_prov(OSSL_PROVIDER *prov,
                                         const char *name,
                                         const char *properties)
{
    return evp_generic_fetch_from_prov(prov, OSSL_OP_KEYMGMT,
                                       name, properties,
                                       keymgmt_from_algorithm,
                                       (int (*)(void *))EVP_KEYMGMT_up_ref,
                                       (void (*)(void *))EVP_KEYMGMT_free);
}

EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                               const char *properties)
{
    return evp_generic_fetch(ctx, OSSL_OP_KEYMGMT, algorithm, properties,
                             keymgmt_from_algorithm,
                             (int (*)(void *))EVP_KEYMGMT_up_ref,
                             (void (*)(void *))EVP_KEYMGMT_free);
}

int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt)
{
    int ref = 0;

    CRYPTO_UP_REF(&keymgmt->refcnt, &ref);
    return 1;
}

void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt)
{
    int ref = 0;

    if (keymgmt == NULL)
        return;

    CRYPTO_DOWN_REF(&keymgmt->refcnt, &ref);
    if (ref > 0)
        return;
    OPENSSL_free(keymgmt->type_name);
    ossl_provider_free(keymgmt->prov);
    CRYPTO_FREE_REF(&keymgmt->refcnt);
    OPENSSL_free(keymgmt);
}

const OSSL_PROVIDER *EVP_KEYMGMT_get0_provider(const EVP_KEYMGMT *keymgmt)
{
    return keymgmt->prov;
}

int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt)
{
    return keymgmt->name_id;
}

int evp_keymgmt_get_legacy_alg(const EVP_KEYMGMT *keymgmt)
{
    return keymgmt->legacy_alg;
}

const char *EVP_KEYMGMT_get0_description(const EVP_KEYMGMT *keymgmt)
{
    return keymgmt->description;
}

const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt)
{
    return keymgmt->type_name;
}

int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name)
{
    return keymgmt != NULL
           && evp_is_a(keymgmt->prov, keymgmt->name_id, NULL, name);
}

void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx,
                                 void (*fn)(EVP_KEYMGMT *keymgmt, void *arg),
                                 void *arg)
{
    evp_generic_do_all(libctx, OSSL_OP_KEYMGMT,
                       (void (*)(void *, void *))fn, arg,
                       keymgmt_from_algorithm,
                       (int (*)(void *))EVP_KEYMGMT_up_ref,
                       (void (*)(void *))EVP_KEYMGMT_free);
}

int EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
                             void (*fn)(const char *name, void *data),
                             void *data)
{
    if (keymgmt->prov != NULL)
        return evp_names_do_all(keymgmt->prov, keymgmt->name_id, fn, data);

    return 1;
}

/*
 * Internal API that interfaces with the method function pointers
 */
void *evp_keymgmt_newdata(const EVP_KEYMGMT *keymgmt)
{
    void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));

    /*
     * 'new' is currently mandatory on its own, but when new
     * constructors appear, it won't be quite as mandatory,
     * so we have a check for future cases.
     */
    if (keymgmt->new == NULL)
        return NULL;
    return keymgmt->new(provctx);
}

void evp_keymgmt_freedata(const EVP_KEYMGMT *keymgmt, void *keydata)
{
    /* This is mandatory, no need to check for its presence */
    keymgmt->free(keydata);
}

void *evp_keymgmt_gen_init(const EVP_KEYMGMT *keymgmt, int selection,
                           const OSSL_PARAM params[])
{
    void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));

    if (keymgmt->gen_init == NULL)
        return NULL;
    return keymgmt->gen_init(provctx, selection, params);
}

int evp_keymgmt_gen_set_template(const EVP_KEYMGMT *keymgmt, void *genctx,
                                 void *templ)
{
    /*
     * It's arguable if we actually should return success in this case, as
     * it allows the caller to set a template key, which is then ignored.
     * However, this is how the legacy methods (EVP_PKEY_METHOD) operate,
     * so we do this in the interest of backward compatibility.
     */
    if (keymgmt->gen_set_template == NULL)
        return 1;
    return keymgmt->gen_set_template(genctx, templ);
}

int evp_keymgmt_gen_set_params(const EVP_KEYMGMT *keymgmt, void *genctx,
                               const OSSL_PARAM params[])
{
    if (keymgmt->gen_set_params == NULL)
        return 0;
    return keymgmt->gen_set_params(genctx, params);
}

const OSSL_PARAM *EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT *keymgmt)
{
    void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));

    if (keymgmt->gen_settable_params == NULL)
        return NULL;
    return keymgmt->gen_settable_params(NULL, provctx);
}

void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx,
                      OSSL_CALLBACK *cb, void *cbarg)
{
    if (keymgmt->gen == NULL)
        return NULL;
    return keymgmt->gen(genctx, cb, cbarg);
}

void evp_keymgmt_gen_cleanup(const EVP_KEYMGMT *keymgmt, void *genctx)
{
    if (keymgmt->gen_cleanup != NULL)
        keymgmt->gen_cleanup(genctx);
}

int evp_keymgmt_has_load(const EVP_KEYMGMT *keymgmt)
{
    return keymgmt != NULL && keymgmt->load != NULL;
}

void *evp_keymgmt_load(const EVP_KEYMGMT *keymgmt,
                       const void *objref, size_t objref_sz)
{
    if (evp_keymgmt_has_load(keymgmt))
        return keymgmt->load(objref, objref_sz);
    return NULL;
}

int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt, void *keydata,
                           OSSL_PARAM params[])
{
    if (keymgmt->get_params == NULL)
        return 1;
    return keymgmt->get_params(keydata, params);
}

const OSSL_PARAM *EVP_KEYMGMT_gettable_params(const EVP_KEYMGMT *keymgmt)
{
    void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));

    if (keymgmt->gettable_params == NULL)
        return NULL;
    return keymgmt->gettable_params(provctx);
}

int evp_keymgmt_set_params(const EVP_KEYMGMT *keymgmt, void *keydata,
                           const OSSL_PARAM params[])
{
    if (keymgmt->set_params == NULL)
        return 1;
    return keymgmt->set_params(keydata, params);
}

const OSSL_PARAM *EVP_KEYMGMT_settable_params(const EVP_KEYMGMT *keymgmt)
{
    void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));

    if (keymgmt->settable_params == NULL)
        return NULL;
    return keymgmt->settable_params(provctx);
}

int evp_keymgmt_has(const EVP_KEYMGMT *keymgmt, void *keydata, int selection)
{
    /* This is mandatory, no need to check for its presence */
    return keymgmt->has(keydata, selection);
}

int evp_keymgmt_validate(const EVP_KEYMGMT *keymgmt, void *keydata,
                         int selection, int checktype)
{
    /* We assume valid if the implementation doesn't have a function */
    if (keymgmt->validate == NULL)
        return 1;
    return keymgmt->validate(keydata, selection, checktype);
}

int evp_keymgmt_match(const EVP_KEYMGMT *keymgmt,
                      const void *keydata1, const void *keydata2,
                      int selection)
{
    /* We assume no match if the implementation doesn't have a function */
    if (keymgmt->match == NULL)
        return 0;
    return keymgmt->match(keydata1, keydata2, selection);
}

int evp_keymgmt_import(const EVP_KEYMGMT *keymgmt, void *keydata,
                       int selection, const OSSL_PARAM params[])
{
    if (keymgmt->import == NULL)
        return 0;
    return keymgmt->import(keydata, selection, params);
}

const OSSL_PARAM *evp_keymgmt_import_types(const EVP_KEYMGMT *keymgmt,
                                           int selection)
{
    void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));

    if (keymgmt->import_types_ex != NULL)
        return keymgmt->import_types_ex(provctx, selection);
    if (keymgmt->import_types == NULL)
        return NULL;
    return keymgmt->import_types(selection);
}

int evp_keymgmt_export(const EVP_KEYMGMT *keymgmt, void *keydata,
                       int selection, OSSL_CALLBACK *param_cb, void *cbarg)
{
    if (keymgmt->export == NULL)
        return 0;
    return keymgmt->export(keydata, selection, param_cb, cbarg);
}

const OSSL_PARAM *evp_keymgmt_export_types(const EVP_KEYMGMT *keymgmt,
                                           int selection)
{
    void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));

    if (keymgmt->export_types_ex != NULL)
        return keymgmt->export_types_ex(provctx, selection);
    if (keymgmt->export_types == NULL)
        return NULL;
    return keymgmt->export_types(selection);
}

void *evp_keymgmt_dup(const EVP_KEYMGMT *keymgmt, const void *keydata_from,
                      int selection)
{
    /* We assume no dup if the implementation doesn't have a function */
    if (keymgmt->dup == NULL)
        return NULL;
    return keymgmt->dup(keydata_from, selection);
}
Commit	Line	Data
a94a3e0d	1	/*
b6461792	2	* Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
a94a3e0d RL	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	#include <openssl/crypto.h>
23c48d94	11	#include <openssl/core_dispatch.h>
a94a3e0d RL	12	#include <openssl/evp.h>
	13	#include <openssl/err.h>
	14	#include "internal/provider.h"
	15	#include "internal/refcount.h"
6c9bc258	16	#include "internal/core.h"
25f2138b	17	#include "crypto/evp.h"
706457b7	18	#include "evp_local.h"
a94a3e0d	19
a94a3e0d RL	20	static void *keymgmt_new(void)
	21	{
	22	EVP_KEYMGMT *keymgmt = NULL;
	23
e077455e RL	24	if ((keymgmt = OPENSSL_zalloc(sizeof(*keymgmt))) == NULL)
e077455e RL	25	return NULL;
6be83ac1	26	if (!CRYPTO_NEW_REF(&keymgmt->refcnt, 1)) {
a94a3e0d RL	27	EVP_KEYMGMT_free(keymgmt);
	28	return NULL;
	29	}
a94a3e0d RL	30	return keymgmt;
	31	}
	32
8aa3781b MC	33	#ifndef FIPS_MODULE
	34	static void help_get_legacy_alg_type_from_keymgmt(const char *keytype,
	35	void *arg)
	36	{
	37	int *type = arg;
	38
	39	if (*type == NID_undef)
	40	*type = evp_pkey_name2type(keytype);
	41	}
	42
	43	static int get_legacy_alg_type_from_keymgmt(const EVP_KEYMGMT *keymgmt)
	44	{
	45	int type = NID_undef;
	46
	47	EVP_KEYMGMT_names_do_all(keymgmt, help_get_legacy_alg_type_from_keymgmt,
	48	&type);
	49	return type;
	50	}
	51	#endif
	52
309a78aa RL	53	static void *keymgmt_from_algorithm(int name_id,
	54	const OSSL_ALGORITHM *algodef,
	55	OSSL_PROVIDER *prov)
a94a3e0d	56	{
309a78aa	57	const OSSL_DISPATCH *fns = algodef->implementation;
a94a3e0d	58	EVP_KEYMGMT *keymgmt = NULL;
2b9add69	59	int setparamfncnt = 0, getparamfncnt = 0;
5e77b79a	60	int setgenparamfncnt = 0;
1a5632e0	61	int importfncnt = 0, exportfncnt = 0;
5e3b8450	62	int importtypesfncnt = 0, exporttypesfncnt = 0;
a94a3e0d	63
6c9bc258 TM	64	if ((keymgmt = keymgmt_new()) == NULL)
	65	return NULL;
	66
	67	keymgmt->name_id = name_id;
	68	if ((keymgmt->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
6b9e3724	69	EVP_KEYMGMT_free(keymgmt);
a94a3e0d	70	return NULL;
6b9e3724	71	}
309a78aa	72	keymgmt->description = algodef->algorithm_description;
a94a3e0d RL	73
	74	for (; fns->function_id != 0; fns++) {
	75	switch (fns->function_id) {
b305452f RL	76	case OSSL_FUNC_KEYMGMT_NEW:
b305452f RL	77	if (keymgmt->new == NULL)
363b1e5d	78	keymgmt->new = OSSL_FUNC_keymgmt_new(fns);
a94a3e0d	79	break;
1a5632e0 RL	80	case OSSL_FUNC_KEYMGMT_GEN_INIT:
1a5632e0 RL	81	if (keymgmt->gen_init == NULL)
363b1e5d	82	keymgmt->gen_init = OSSL_FUNC_keymgmt_gen_init(fns);
1a5632e0 RL	83	break;
	84	case OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE:
	85	if (keymgmt->gen_set_template == NULL)
	86	keymgmt->gen_set_template =
363b1e5d	87	OSSL_FUNC_keymgmt_gen_set_template(fns);
1a5632e0 RL	88	break;
	89	case OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS:
	90	if (keymgmt->gen_set_params == NULL) {
	91	setgenparamfncnt++;
	92	keymgmt->gen_set_params =
363b1e5d	93	OSSL_FUNC_keymgmt_gen_set_params(fns);
1a5632e0 RL	94	}
	95	break;
	96	case OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS:
	97	if (keymgmt->gen_settable_params == NULL) {
	98	setgenparamfncnt++;
	99	keymgmt->gen_settable_params =
363b1e5d	100	OSSL_FUNC_keymgmt_gen_settable_params(fns);
1a5632e0 RL	101	}
	102	break;
	103	case OSSL_FUNC_KEYMGMT_GEN:
	104	if (keymgmt->gen == NULL)
363b1e5d	105	keymgmt->gen = OSSL_FUNC_keymgmt_gen(fns);
1a5632e0 RL	106	break;
	107	case OSSL_FUNC_KEYMGMT_GEN_CLEANUP:
	108	if (keymgmt->gen_cleanup == NULL)
363b1e5d	109	keymgmt->gen_cleanup = OSSL_FUNC_keymgmt_gen_cleanup(fns);
1a5632e0	110	break;
b305452f RL	111	case OSSL_FUNC_KEYMGMT_FREE:
b305452f RL	112	if (keymgmt->free == NULL)
363b1e5d	113	keymgmt->free = OSSL_FUNC_keymgmt_free(fns);
a94a3e0d	114	break;
5dacb38c RL	115	case OSSL_FUNC_KEYMGMT_LOAD:
	116	if (keymgmt->load == NULL)
	117	keymgmt->load = OSSL_FUNC_keymgmt_load(fns);
	118	break;
b305452f	119	case OSSL_FUNC_KEYMGMT_GET_PARAMS:
273a67e3	120	if (keymgmt->get_params == NULL) {
4fe54d67	121	getparamfncnt++;
363b1e5d	122	keymgmt->get_params = OSSL_FUNC_keymgmt_get_params(fns);
273a67e3	123	}
a94a3e0d	124	break;
b305452f	125	case OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS:
273a67e3	126	if (keymgmt->gettable_params == NULL) {
4fe54d67	127	getparamfncnt++;
b305452f	128	keymgmt->gettable_params =
363b1e5d	129	OSSL_FUNC_keymgmt_gettable_params(fns);
273a67e3	130	}
a94a3e0d	131	break;
4fe54d67 NT	132	case OSSL_FUNC_KEYMGMT_SET_PARAMS:
	133	if (keymgmt->set_params == NULL) {
	134	setparamfncnt++;
363b1e5d	135	keymgmt->set_params = OSSL_FUNC_keymgmt_set_params(fns);
4fe54d67 NT	136	}
	137	break;
	138	case OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS:
	139	if (keymgmt->settable_params == NULL) {
	140	setparamfncnt++;
	141	keymgmt->settable_params =
363b1e5d	142	OSSL_FUNC_keymgmt_settable_params(fns);
4fe54d67 NT	143	}
4fe54d67 NT	144	break;
b305452f RL	145	case OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME:
	146	if (keymgmt->query_operation_name == NULL)
	147	keymgmt->query_operation_name =
363b1e5d	148	OSSL_FUNC_keymgmt_query_operation_name(fns);
6508e858	149	break;
b305452f RL	150	case OSSL_FUNC_KEYMGMT_HAS:
b305452f RL	151	if (keymgmt->has == NULL)
363b1e5d	152	keymgmt->has = OSSL_FUNC_keymgmt_has(fns);
6508e858	153	break;
4a9fe33c TM	154	case OSSL_FUNC_KEYMGMT_DUP:
	155	if (keymgmt->dup == NULL)
	156	keymgmt->dup = OSSL_FUNC_keymgmt_dup(fns);
	157	break;
b305452f RL	158	case OSSL_FUNC_KEYMGMT_VALIDATE:
b305452f RL	159	if (keymgmt->validate == NULL)
363b1e5d	160	keymgmt->validate = OSSL_FUNC_keymgmt_validate(fns);
e62a45b6	161	break;
bee5d6cd RL	162	case OSSL_FUNC_KEYMGMT_MATCH:
bee5d6cd RL	163	if (keymgmt->match == NULL)
363b1e5d	164	keymgmt->match = OSSL_FUNC_keymgmt_match(fns);
bee5d6cd	165	break;
b305452f	166	case OSSL_FUNC_KEYMGMT_IMPORT:
273a67e3 RL	167	if (keymgmt->import == NULL) {
273a67e3 RL	168	importfncnt++;
363b1e5d	169	keymgmt->import = OSSL_FUNC_keymgmt_import(fns);
273a67e3	170	}
12603de6	171	break;
b305452f	172	case OSSL_FUNC_KEYMGMT_IMPORT_TYPES:
273a67e3	173	if (keymgmt->import_types == NULL) {
5e3b8450 IF	174	if (importtypesfncnt == 0)
	175	importfncnt++;
	176	importtypesfncnt++;
363b1e5d	177	keymgmt->import_types = OSSL_FUNC_keymgmt_import_types(fns);
273a67e3	178	}
12603de6	179	break;
5e3b8450 IF	180	case OSSL_FUNC_KEYMGMT_IMPORT_TYPES_EX:
	181	if (keymgmt->import_types_ex == NULL) {
	182	if (importtypesfncnt == 0)
	183	importfncnt++;
	184	importtypesfncnt++;
	185	keymgmt->import_types_ex = OSSL_FUNC_keymgmt_import_types_ex(fns);
	186	}
	187	break;
b305452f	188	case OSSL_FUNC_KEYMGMT_EXPORT:
273a67e3 RL	189	if (keymgmt->export == NULL) {
273a67e3 RL	190	exportfncnt++;
363b1e5d	191	keymgmt->export = OSSL_FUNC_keymgmt_export(fns);
273a67e3	192	}
12603de6	193	break;
b305452f	194	case OSSL_FUNC_KEYMGMT_EXPORT_TYPES:
273a67e3	195	if (keymgmt->export_types == NULL) {
5e3b8450 IF	196	if (exporttypesfncnt == 0)
	197	exportfncnt++;
	198	exporttypesfncnt++;
363b1e5d	199	keymgmt->export_types = OSSL_FUNC_keymgmt_export_types(fns);
273a67e3	200	}
12603de6	201	break;
5e3b8450 IF	202	case OSSL_FUNC_KEYMGMT_EXPORT_TYPES_EX:
	203	if (keymgmt->export_types_ex == NULL) {
	204	if (exporttypesfncnt == 0)
	205	exportfncnt++;
	206	exporttypesfncnt++;
	207	keymgmt->export_types_ex = OSSL_FUNC_keymgmt_export_types_ex(fns);
	208	}
	209	break;
a94a3e0d RL	210	}
	211	}
	212	/*
	213	* Try to check that the method is sensible.
b305452f RL	214	* At least one constructor and the destructor are MANDATORY
b305452f RL	215	* The functions 'has' is MANDATORY
a94a3e0d RL	216	* It makes no sense being able to free stuff if you can't create it.
	217	* It makes no sense providing OSSL_PARAM descriptors for import and
	218	* export if you can't import or export.
	219	*/
b305452f	220	if (keymgmt->free == NULL
5dacb38c RL	221	\|\| (keymgmt->new == NULL
	222	&& keymgmt->gen == NULL
	223	&& keymgmt->load == NULL)
b305452f	224	\|\| keymgmt->has == NULL
4fe54d67 NT	225	\|\| (getparamfncnt != 0 && getparamfncnt != 2)
4fe54d67 NT	226	\|\| (setparamfncnt != 0 && setparamfncnt != 2)
1a5632e0	227	\|\| (setgenparamfncnt != 0 && setgenparamfncnt != 2)
273a67e3	228	\|\| (importfncnt != 0 && importfncnt != 2)
1a5632e0 RL	229	\|\| (exportfncnt != 0 && exportfncnt != 2)
	230	\|\| (keymgmt->gen != NULL
	231	&& (keymgmt->gen_init == NULL
	232	\|\| keymgmt->gen_cleanup == NULL))) {
a94a3e0d	233	EVP_KEYMGMT_free(keymgmt);
9311d0c4	234	ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
a94a3e0d RL	235	return NULL;
	236	}
	237	keymgmt->prov = prov;
	238	if (prov != NULL)
	239	ossl_provider_up_ref(prov);
	240
8aa3781b MC	241	#ifndef FIPS_MODULE
	242	keymgmt->legacy_alg = get_legacy_alg_type_from_keymgmt(keymgmt);
	243	#endif
	244
a94a3e0d RL	245	return keymgmt;
	246	}
	247
33561e0d RL	248	EVP_KEYMGMT evp_keymgmt_fetch_from_prov(OSSL_PROVIDER prov,
	249	const char *name,
	250	const char *properties)
	251	{
	252	return evp_generic_fetch_from_prov(prov, OSSL_OP_KEYMGMT,
	253	name, properties,
	254	keymgmt_from_algorithm,
f7c16d48 RL	255	(int ()(void ))EVP_KEYMGMT_up_ref,
	256	(void ()(void ))EVP_KEYMGMT_free);
	257	}
	258
b4250010	259	EVP_KEYMGMT EVP_KEYMGMT_fetch(OSSL_LIB_CTX ctx, const char *algorithm,
a94a3e0d RL	260	const char *properties)
a94a3e0d RL	261	{
f7c16d48	262	return evp_generic_fetch(ctx, OSSL_OP_KEYMGMT, algorithm, properties,
309a78aa	263	keymgmt_from_algorithm,
f7c16d48 RL	264	(int ()(void ))EVP_KEYMGMT_up_ref,
f7c16d48 RL	265	(void ()(void ))EVP_KEYMGMT_free);
a94a3e0d RL	266	}
	267
	268	int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt)
	269	{
	270	int ref = 0;
	271
6be83ac1	272	CRYPTO_UP_REF(&keymgmt->refcnt, &ref);
a94a3e0d RL	273	return 1;
	274	}
	275
	276	void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt)
	277	{
	278	int ref = 0;
	279
	280	if (keymgmt == NULL)
	281	return;
	282
6be83ac1	283	CRYPTO_DOWN_REF(&keymgmt->refcnt, &ref);
a94a3e0d RL	284	if (ref > 0)
a94a3e0d RL	285	return;
6c9bc258	286	OPENSSL_free(keymgmt->type_name);
a94a3e0d	287	ossl_provider_free(keymgmt->prov);
6be83ac1	288	CRYPTO_FREE_REF(&keymgmt->refcnt);
a94a3e0d RL	289	OPENSSL_free(keymgmt);
	290	}
	291
ed576acd	292	const OSSL_PROVIDER EVP_KEYMGMT_get0_provider(const EVP_KEYMGMT keymgmt)
a94a3e0d RL	293	{
	294	return keymgmt->prov;
	295	}
	296
bcd5d3a2	297	int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt)
506cb0f6 RL	298	{
	299	return keymgmt->name_id;
	300	}
	301
8aa3781b MC	302	int evp_keymgmt_get_legacy_alg(const EVP_KEYMGMT *keymgmt)
	303	{
	304	return keymgmt->legacy_alg;
	305	}
	306
ed576acd	307	const char EVP_KEYMGMT_get0_description(const EVP_KEYMGMT keymgmt)
03888233 RL	308	{
	309	return keymgmt->description;
	310	}
	311
ed576acd	312	const char EVP_KEYMGMT_get0_name(const EVP_KEYMGMT keymgmt)
d8025f4a	313	{
6c9bc258	314	return keymgmt->type_name;
d8025f4a MC	315	}
d8025f4a MC	316
251e610c RL	317	int EVP_KEYMGMT_is_a(const EVP_KEYMGMT keymgmt, const char name)
251e610c RL	318	{
ee8db8c5 P	319	return keymgmt != NULL
ee8db8c5 P	320	&& evp_is_a(keymgmt->prov, keymgmt->name_id, NULL, name);
251e610c RL	321	}
251e610c RL	322
b4250010	323	void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx,
251e610c RL	324	void (fn)(EVP_KEYMGMT keymgmt, void *arg),
	325	void *arg)
	326	{
	327	evp_generic_do_all(libctx, OSSL_OP_KEYMGMT,
	328	(void ()(void , void *))fn, arg,
309a78aa	329	keymgmt_from_algorithm,
cd770738	330	(int ()(void ))EVP_KEYMGMT_up_ref,
251e610c RL	331	(void ()(void ))EVP_KEYMGMT_free);
251e610c RL	332	}
f651c727	333
d84f5515 MC	334	int EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
	335	void (fn)(const char name, void *data),
	336	void *data)
f651c727 RL	337	{
f651c727 RL	338	if (keymgmt->prov != NULL)
d84f5515 MC	339	return evp_names_do_all(keymgmt->prov, keymgmt->name_id, fn, data);
	340
	341	return 1;
f651c727	342	}
68552cde RL	343
	344	/*
	345	* Internal API that interfaces with the method function pointers
	346	*/
b305452f	347	void evp_keymgmt_newdata(const EVP_KEYMGMT keymgmt)
68552cde	348	{
ed576acd	349	void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));
68552cde	350
b305452f	351	/*
91bd45eb TM	352	* 'new' is currently mandatory on its own, but when new
	353	* constructors appear, it won't be quite as mandatory,
	354	* so we have a check for future cases.
b305452f RL	355	*/
	356	if (keymgmt->new == NULL)
	357	return NULL;
	358	return keymgmt->new(provctx);
68552cde RL	359	}
68552cde RL	360
b305452f	361	void evp_keymgmt_freedata(const EVP_KEYMGMT keymgmt, void keydata)
68552cde	362	{
b305452f RL	363	/* This is mandatory, no need to check for its presence */
b305452f RL	364	keymgmt->free(keydata);
68552cde RL	365	}
68552cde RL	366
1be63b3e P	367	void evp_keymgmt_gen_init(const EVP_KEYMGMT keymgmt, int selection,
1be63b3e P	368	const OSSL_PARAM params[])
1a5632e0	369	{
ed576acd	370	void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));
1a5632e0 RL	371
	372	if (keymgmt->gen_init == NULL)
	373	return NULL;
1be63b3e	374	return keymgmt->gen_init(provctx, selection, params);
1a5632e0 RL	375	}
	376
	377	int evp_keymgmt_gen_set_template(const EVP_KEYMGMT keymgmt, void genctx,
420a0874	378	void *templ)
1a5632e0	379	{
d0ddf9b4 RL	380	/*
	381	* It's arguable if we actually should return success in this case, as
	382	* it allows the caller to set a template key, which is then ignored.
	383	* However, this is how the legacy methods (EVP_PKEY_METHOD) operate,
	384	* so we do this in the interest of backward compatibility.
d0ddf9b4	385	*/
1a5632e0	386	if (keymgmt->gen_set_template == NULL)
d0ddf9b4	387	return 1;
420a0874	388	return keymgmt->gen_set_template(genctx, templ);
1a5632e0 RL	389	}
	390
	391	int evp_keymgmt_gen_set_params(const EVP_KEYMGMT keymgmt, void genctx,
	392	const OSSL_PARAM params[])
	393	{
	394	if (keymgmt->gen_set_params == NULL)
	395	return 0;
	396	return keymgmt->gen_set_params(genctx, params);
	397	}
	398
e3efe7a5	399	const OSSL_PARAM EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT keymgmt)
1a5632e0	400	{
ed576acd	401	void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));
1a5632e0 RL	402
	403	if (keymgmt->gen_settable_params == NULL)
	404	return NULL;
fb67126e	405	return keymgmt->gen_settable_params(NULL, provctx);
1a5632e0 RL	406	}
	407
	408	void evp_keymgmt_gen(const EVP_KEYMGMT keymgmt, void *genctx,
	409	OSSL_CALLBACK cb, void cbarg)
	410	{
	411	if (keymgmt->gen == NULL)
	412	return NULL;
	413	return keymgmt->gen(genctx, cb, cbarg);
	414	}
	415
	416	void evp_keymgmt_gen_cleanup(const EVP_KEYMGMT keymgmt, void genctx)
	417	{
6469043b	418	if (keymgmt->gen_cleanup != NULL)
1a5632e0 RL	419	keymgmt->gen_cleanup(genctx);
	420	}
	421
f616ad4b RL	422	int evp_keymgmt_has_load(const EVP_KEYMGMT *keymgmt)
	423	{
	424	return keymgmt != NULL && keymgmt->load != NULL;
	425	}
	426
5dacb38c RL	427	void evp_keymgmt_load(const EVP_KEYMGMT keymgmt,
	428	const void *objref, size_t objref_sz)
	429	{
f616ad4b	430	if (evp_keymgmt_has_load(keymgmt))
5dacb38c RL	431	return keymgmt->load(objref, objref_sz);
	432	return NULL;
	433	}
	434
b305452f RL	435	int evp_keymgmt_get_params(const EVP_KEYMGMT keymgmt, void keydata,
b305452f RL	436	OSSL_PARAM params[])
68552cde	437	{
b305452f	438	if (keymgmt->get_params == NULL)
68552cde	439	return 1;
b305452f	440	return keymgmt->get_params(keydata, params);
68552cde RL	441	}
68552cde RL	442
e3efe7a5	443	const OSSL_PARAM EVP_KEYMGMT_gettable_params(const EVP_KEYMGMT keymgmt)
68552cde	444	{
ed576acd	445	void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));
18ec26ba	446
b305452f	447	if (keymgmt->gettable_params == NULL)
68552cde	448	return NULL;
18ec26ba	449	return keymgmt->gettable_params(provctx);
68552cde RL	450	}
68552cde RL	451
4fe54d67 NT	452	int evp_keymgmt_set_params(const EVP_KEYMGMT keymgmt, void keydata,
	453	const OSSL_PARAM params[])
	454	{
	455	if (keymgmt->set_params == NULL)
	456	return 1;
	457	return keymgmt->set_params(keydata, params);
	458	}
	459
e3efe7a5	460	const OSSL_PARAM EVP_KEYMGMT_settable_params(const EVP_KEYMGMT keymgmt)
4fe54d67	461	{
ed576acd	462	void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));
18ec26ba	463
4fe54d67 NT	464	if (keymgmt->settable_params == NULL)
4fe54d67 NT	465	return NULL;
18ec26ba	466	return keymgmt->settable_params(provctx);
4fe54d67 NT	467	}
4fe54d67 NT	468
b305452f	469	int evp_keymgmt_has(const EVP_KEYMGMT keymgmt, void keydata, int selection)
68552cde	470	{
b305452f RL	471	/* This is mandatory, no need to check for its presence */
b305452f RL	472	return keymgmt->has(keydata, selection);
68552cde RL	473	}
68552cde RL	474
b305452f	475	int evp_keymgmt_validate(const EVP_KEYMGMT keymgmt, void keydata,
899e2564	476	int selection, int checktype)
68552cde	477	{
b305452f RL	478	/* We assume valid if the implementation doesn't have a function */
b305452f RL	479	if (keymgmt->validate == NULL)
68552cde	480	return 1;
899e2564	481	return keymgmt->validate(keydata, selection, checktype);
68552cde RL	482	}
68552cde RL	483
bee5d6cd RL	484	int evp_keymgmt_match(const EVP_KEYMGMT *keymgmt,
	485	const void keydata1, const void keydata2,
	486	int selection)
	487	{
	488	/* We assume no match if the implementation doesn't have a function */
	489	if (keymgmt->match == NULL)
	490	return 0;
	491	return keymgmt->match(keydata1, keydata2, selection);
	492	}
	493
b305452f RL	494	int evp_keymgmt_import(const EVP_KEYMGMT keymgmt, void keydata,
b305452f RL	495	int selection, const OSSL_PARAM params[])
68552cde	496	{
b305452f RL	497	if (keymgmt->import == NULL)
	498	return 0;
	499	return keymgmt->import(keydata, selection, params);
68552cde RL	500	}
68552cde RL	501
b305452f RL	502	const OSSL_PARAM evp_keymgmt_import_types(const EVP_KEYMGMT keymgmt,
b305452f RL	503	int selection)
68552cde	504	{
5e3b8450 IF	505	void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));
	506
	507	if (keymgmt->import_types_ex != NULL)
	508	return keymgmt->import_types_ex(provctx, selection);
b305452f RL	509	if (keymgmt->import_types == NULL)
	510	return NULL;
	511	return keymgmt->import_types(selection);
68552cde RL	512	}
68552cde RL	513
b305452f RL	514	int evp_keymgmt_export(const EVP_KEYMGMT keymgmt, void keydata,
b305452f RL	515	int selection, OSSL_CALLBACK param_cb, void cbarg)
68552cde	516	{
b305452f RL	517	if (keymgmt->export == NULL)
	518	return 0;
	519	return keymgmt->export(keydata, selection, param_cb, cbarg);
68552cde RL	520	}
68552cde RL	521
b305452f RL	522	const OSSL_PARAM evp_keymgmt_export_types(const EVP_KEYMGMT keymgmt,
b305452f RL	523	int selection)
68552cde	524	{
5e3b8450 IF	525	void *provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(keymgmt));
	526
	527	if (keymgmt->export_types_ex != NULL)
	528	return keymgmt->export_types_ex(provctx, selection);
b305452f RL	529	if (keymgmt->export_types == NULL)
	530	return NULL;
	531	return keymgmt->export_types(selection);
68552cde	532	}
13697f1c	533
b4f447c0 TM	534	void evp_keymgmt_dup(const EVP_KEYMGMT keymgmt, const void *keydata_from,
b4f447c0 TM	535	int selection)
4a9fe33c TM	536	{
	537	/* We assume no dup if the implementation doesn't have a function */
	538	if (keymgmt->dup == NULL)
	539	return NULL;
b4f447c0	540	return keymgmt->dup(keydata_from, selection);
4a9fe33c	541	}