projects / thirdparty / openssl.git / blame
| Commit | Line | Data |
|---|---|---|
| ac2d58c7 | 1 | /* |
| da1c088f | 2 | * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. |
| ac2d58c7 MC |
3 | * |
| 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
| 5 | * this file except in compliance with the License. You can obtain a copy | |
| 6 | * in the file LICENSE in the source distribution or at | |
| 7 | * https://www.openssl.org/source/license.html | |
| 8 | */ | |
| 9 | ||
| 10 | /* | |
| 11 | * This implemments a dummy key manager for legacy KDFs that still support the | |
| 12 | * old way of performing a KDF via EVP_PKEY_derive(). New KDFs should not be | |
| 13 | * implemented this way. In reality there is no key data for such KDFs, so this | |
| 14 | * key manager does very little. | |
| 15 | */ | |
| 16 | ||
| 17 | #include <openssl/core_dispatch.h> | |
| 18 | #include <openssl/core_names.h> | |
| 19 | #include <openssl/err.h> | |
| 20 | #include "prov/implementations.h" | |
| 21 | #include "prov/providercommon.h" | |
| 22 | #include "prov/provider_ctx.h" | |
| 23 | #include "prov/kdfexchange.h" | |
| 24 | ||
| 25 | static OSSL_FUNC_keymgmt_new_fn kdf_newdata; | |
| 26 | static OSSL_FUNC_keymgmt_free_fn kdf_freedata; | |
| 27 | static OSSL_FUNC_keymgmt_has_fn kdf_has; | |
| 28 | ||
| 9500c823 | 29 | KDF_DATA *ossl_kdf_data_new(void *provctx) |
| ac2d58c7 | 30 | { |
| 422cbcee | 31 | KDF_DATA *kdfdata; |
| ac2d58c7 | 32 | |
| 422cbcee P |
33 | if (!ossl_prov_is_running()) |
| 34 | return NULL; | |
| 35 | ||
| 36 | kdfdata = OPENSSL_zalloc(sizeof(*kdfdata)); | |
| ac2d58c7 MC |
37 | if (kdfdata == NULL) |
| 38 | return NULL; | |
| 39 | ||
| 7599d17d | 40 | if (!CRYPTO_NEW_REF(&kdfdata->refcnt, 1)) { |
| ac2d58c7 MC |
41 | OPENSSL_free(kdfdata); |
| 42 | return NULL; | |
| 43 | } | |
| a829b735 | 44 | kdfdata->libctx = PROV_LIBCTX_OF(provctx); |
| ac2d58c7 MC |
45 | |
| 46 | return kdfdata; | |
| 47 | } | |
| 48 | ||
| 9500c823 | 49 | void ossl_kdf_data_free(KDF_DATA *kdfdata) |
| ac2d58c7 MC |
50 | { |
| 51 | int ref = 0; | |
| 52 | ||
| 53 | if (kdfdata == NULL) | |
| 54 | return; | |
| 55 | ||
| 7599d17d | 56 | CRYPTO_DOWN_REF(&kdfdata->refcnt, &ref); |
| ac2d58c7 MC |
57 | if (ref > 0) |
| 58 | return; | |
| 59 | ||
| 7599d17d | 60 | CRYPTO_FREE_REF(&kdfdata->refcnt); |
| ac2d58c7 MC |
61 | OPENSSL_free(kdfdata); |
| 62 | } | |
| 63 | ||
| 9500c823 | 64 | int ossl_kdf_data_up_ref(KDF_DATA *kdfdata) |
| ac2d58c7 MC |
65 | { |
| 66 | int ref = 0; | |
| 67 | ||
| 422cbcee P |
68 | /* This is effectively doing a new operation on the KDF_DATA and should be |
| 69 | * adequately guarded again modules' error states. However, both current | |
| e304aa87 | 70 | * calls here are guarded properly in exchange/kdf_exch.c. Thus, it |
| 422cbcee P |
71 | * could be removed here. The concern is that something in the future |
| 72 | * might call this function without adequate guards. It's a cheap call, | |
| 73 | * it seems best to leave it even though it is currently redundant. | |
| 74 | */ | |
| 75 | if (!ossl_prov_is_running()) | |
| 76 | return 0; | |
| 77 | ||
| 7599d17d | 78 | CRYPTO_UP_REF(&kdfdata->refcnt, &ref); |
| ac2d58c7 MC |
79 | return 1; |
| 80 | } | |
| 81 | ||
| 82 | static void *kdf_newdata(void *provctx) | |
| 83 | { | |
| 9500c823 | 84 | return ossl_kdf_data_new(provctx); |
| ac2d58c7 MC |
85 | } |
| 86 | ||
| 87 | static void kdf_freedata(void *kdfdata) | |
| 88 | { | |
| 9500c823 | 89 | ossl_kdf_data_free(kdfdata); |
| ac2d58c7 MC |
90 | } |
| 91 | ||
| 3d914185 | 92 | static int kdf_has(const void *keydata, int selection) |
| ac2d58c7 | 93 | { |
| 9a485440 | 94 | return 1; /* nothing is missing */ |
| ac2d58c7 MC |
95 | } |
| 96 | ||
| 1be63951 | 97 | const OSSL_DISPATCH ossl_kdf_keymgmt_functions[] = { |
| ac2d58c7 MC |
98 | { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))kdf_newdata }, |
| 99 | { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))kdf_freedata }, | |
| 100 | { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))kdf_has }, | |
| 1e6bd31e | 101 | OSSL_DISPATCH_END |
| ac2d58c7 | 102 | }; |