/* Actual operation */
int operation;
+ /*
+ * Library context, Key type name and properties associated
+ * with this context
+ */
+ OPENSSL_CTX *libctx;
+ const char *keytype;
+ const char *propquery;
+
+ /* cached key manager */
+ EVP_KEYMGMT *keymgmt;
+
union {
struct {
EVP_KEYEXCH *exchange;
EVP_SIGNATURE *signature;
void *sigprovctx;
} sig;
+
+ struct {
+ EVP_ASYM_CIPHER *cipher;
+ void *ciphprovctx;
+ } ciph;
} op;
/* Legacy fields below */
OSSL_OP_kdf_set_ctx_params_fn *set_ctx_params;
};
-extern const EVP_KDF pbkdf2_kdf_meth;
-extern const EVP_KDF scrypt_kdf_meth;
-extern const EVP_KDF tls1_prf_kdf_meth;
-extern const EVP_KDF hkdf_kdf_meth;
-extern const EVP_KDF sshkdf_kdf_meth;
-extern const EVP_KDF ss_kdf_meth;
-extern const EVP_KDF x963_kdf_meth;
-extern const EVP_KDF x942_kdf_meth;
-
struct evp_md_st {
/* nid */
int type;
/*
* To support transparent export/import between providers that
* support the methods for it, and still not having to do the
- * export/import every time a key is used, we maintain a cache
- * of imported key, indexed by provider address.
- * pkeys[0] is *always* the "original" key.
+ * export/import every time a key or domain params are used, we
+ * maintain a cache of imported key / domain params, indexed by
+ * provider address. pkeys[0] is *always* the "original" data.
*/
struct {
EVP_KEYMGMT *keymgmt;
- void *provkey;
+ void *provdata;
+ /* 0 = provdata is a key, 1 = provdata is domain params */
+ int domainparams;
} pkeys[10];
/*
* If there is a legacy key assigned to this structure, we keep
#define EVP_PKEY_CTX_IS_DERIVE_OP(ctx) \
((ctx)->operation == EVP_PKEY_OP_DERIVE)
+#define EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx) \
+ ((ctx)->operation == EVP_PKEY_OP_ENCRYPT \
+ || (ctx)->operation == EVP_PKEY_OP_DECRYPT)
+
void openssl_add_all_ciphers_int(void);
void openssl_add_all_digests_int(void);
void evp_cleanup_int(void);
void evp_app_cleanup_int(void);
/* KEYMGMT helper functions */
-void *evp_keymgmt_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt);
+void *evp_keymgmt_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt,
+ int domainparams);
void evp_keymgmt_clear_pkey_cache(EVP_PKEY *pk);
+void *evp_keymgmt_fromdata(EVP_PKEY *target, EVP_KEYMGMT *keymgmt,
+ const OSSL_PARAM params[], int domainparams);
+
/* KEYMGMT provider interface functions */
void *evp_keymgmt_importdomparams(const EVP_KEYMGMT *keymgmt,
void evp_keymgmt_freedomparams(const EVP_KEYMGMT *keymgmt,
void *provdomparams);
int evp_keymgmt_exportdomparams(const EVP_KEYMGMT *keymgmt,
- void *provdomparams, OSSL_PARAM params[]);
+ void *provdomparams,
+ OSSL_CALLBACK *param_cb, void *cbarg);
const OSSL_PARAM *
evp_keymgmt_importdomparam_types(const EVP_KEYMGMT *keymgmt);
const OSSL_PARAM *
void *evp_keymgmt_loadkey(const EVP_KEYMGMT *keymgmt,
void *id, size_t idlen);
void evp_keymgmt_freekey(const EVP_KEYMGMT *keymgmt, void *provkey);
-int evp_keymgmt_exportkey(const EVP_KEYMGMT *keymgmt,
- void *provkey, OSSL_PARAM params[]);
+int evp_keymgmt_exportkey(const EVP_KEYMGMT *keymgmt, void *provkey,
+ OSSL_CALLBACK *param_cb, void *cbarg);
const OSSL_PARAM *evp_keymgmt_importkey_types(const EVP_KEYMGMT *keymgmt);
const OSSL_PARAM *evp_keymgmt_exportkey_types(const EVP_KEYMGMT *keymgmt);
#define EVP_ENCODE_CTX_NO_NEWLINES 1
/* Use the SRP base64 alphabet instead of the standard one */
#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2
+
+const EVP_CIPHER *evp_get_cipherbyname_ex(OPENSSL_CTX *libctx, const char *name);
+const EVP_MD *evp_get_digestbyname_ex(OPENSSL_CTX *libctx, const char *name);
+