EVP: Add EVP_PKEY_get0_provider() and EVP_PKEY_CTX_get0_provider()

Fixes #16058

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16063)

diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index 6f0b3dbda9605e5c13408d2ef11fefa2c2cd8333..8f3f1503756c09fdae33b43421111a4d0c4bf44b 100644 (file)
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -237,3 +237,10 @@ const char *EVP_PKEY_get0_type_name(const EVP_PKEY *key)
 
     return name;
 }
+
+const OSSL_PROVIDER *EVP_PKEY_get0_provider(const EVP_PKEY *key)
+{
+    if (evp_pkey_is_provided(key))
+        return EVP_KEYMGMT_get0_provider(key->keymgmt);
+    return NULL;
+}

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index e5975081e1362da1fee6a23e39261ab8af5612e9..7b835a5eb637c4ff9a101ae232a58cfc38163ff8 100644 (file)
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -1531,11 +1531,33 @@ OSSL_LIB_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx)
     return ctx->libctx;
 }
 
-const char *EVP_PKEY_CTX_get0_propq(EVP_PKEY_CTX *ctx)
+const char *EVP_PKEY_CTX_get0_propq(const EVP_PKEY_CTX *ctx)
 {
     return ctx->propquery;
 }
 
+const OSSL_PROVIDER *EVP_PKEY_CTX_get0_provider(const EVP_PKEY_CTX *ctx)
+{
+    if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) {
+        if (ctx->op.sig.signature != NULL)
+            return EVP_SIGNATURE_get0_provider(ctx->op.sig.signature);
+    } else if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
+        if (ctx->op.kex.exchange != NULL)
+            return EVP_KEYEXCH_get0_provider(ctx->op.kex.exchange);
+    } else if (EVP_PKEY_CTX_IS_KEM_OP(ctx)) {
+        if (ctx->op.encap.kem != NULL)
+            return EVP_KEM_get0_provider(ctx->op.encap.kem);
+    } else if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)) {
+        if (ctx->op.ciph.cipher != NULL)
+            return EVP_ASYM_CIPHER_get0_provider(ctx->op.ciph.cipher);
+    } else if (EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
+        if (ctx->keymgmt != NULL)
+            return EVP_KEYMGMT_get0_provider(ctx->keymgmt);
+    }
+
+    return NULL;
+}
+
 /* Utility functions to send a string of hex string to a ctrl */
 
 int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str)

diff --git a/doc/man3/EVP_PKEY_CTX_get0_libctx.pod b/doc/man3/EVP_PKEY_CTX_get0_libctx.pod
index 33aa418462d2336e455717102b33c02fe9c148f9..9f84bd96c415debce86f3e826d125fb959d02d9b 100644 (file)
--- a/doc/man3/EVP_PKEY_CTX_get0_libctx.pod
+++ b/doc/man3/EVP_PKEY_CTX_get0_libctx.pod
@@ -3,28 +3,37 @@
 =head1 NAME
 
 EVP_PKEY_CTX_get0_libctx,
-EVP_PKEY_CTX_get0_propq
-- functions for getting OSSL_LIB_CTX and property query data from an EVP_PKEY_CTX
+EVP_PKEY_CTX_get0_propq,
+EVP_PKEY_CTX_get0_provider
+- functions for getting diverse information from an EVP_PKEY_CTX
 
 =head1 SYNOPSIS
 
  #include <openssl/evp.h>
 
  OSSL_LIB_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx);
- const char *EVP_PKEY_CTX_get0_propq(EVP_PKEY_CTX *ctx);
+ const char *EVP_PKEY_CTX_get0_propq(const EVP_PKEY_CTX *ctx);
+ const OSSL_PROVIDER *EVP_PKEY_CTX_get0_provider(const EVP_PKEY_CTX *ctx);
 
 =head1 DESCRIPTION
 
-The EVP_PKEY_CTX_get0_libctx() and EVP_PKEY_CTX_get0_propq() functions obtain
-the OSSL_LIB_CTX and property query string values respectively that were
+EVP_PKEY_CTX_get0_libctx() and EVP_PKEY_CTX_get0_propq() obtain the
+OSSL_LIB_CTX and property query string values respectively that were
 associated with the EVP_PKEY_CTX when it was constructed.
 
+EVP_PKEY_CTX_get0_provider() returns the provider associated with the
+ongoing B<EVP_PKEY_CTX> operation.  If the operation is performed by
+en B<ENGINE>, this function returns NULL.
+
 =head1 RETURN VALUES
 
 EVP_PKEY_CTX_get0_libctx() and EVP_PKEY_CTX_get0_propq() functions return the
 OSSL_LIB_CTX and property query string associated with the EVP_PKEY_CTX or NULL
 if they are not set. The returned values should not be freed by the caller.
 
+EVP_PKEY_CTX_get0_provider() returns a provider if an operation performed by
+a provider is ongoing, otherwise NULL.
+
 =head1 SEE ALSO
 
 L<EVP_PKEY_CTX_new(3)>

diff --git a/doc/man3/EVP_PKEY_is_a.pod b/doc/man3/EVP_PKEY_is_a.pod
index 58c7ed7f8e0e06c623ddb4df0fb240fb26c47df6..5a012f780486feddf730ac7b44f7c40eb859e04c 100644 (file)
--- a/doc/man3/EVP_PKEY_is_a.pod
+++ b/doc/man3/EVP_PKEY_is_a.pod
@@ -3,7 +3,7 @@
 =head1 NAME
 
 EVP_PKEY_is_a, EVP_PKEY_can_sign, EVP_PKEY_type_names_do_all,
-EVP_PKEY_get0_type_name
+EVP_PKEY_get0_type_name, EVP_PKEY_get0_provider
 - key type and capabilities functions
 
 =head1 SYNOPSIS
@@ -16,6 +16,7 @@ EVP_PKEY_get0_type_name
                                 void (*fn)(const char *name, void *data),
                                 void *data);
  const char *EVP_PKEY_get0_type_name(const EVP_PKEY *key);
+ const OSSL_PROVIDER *EVP_PKEY_get0_provider(const EVP_PKEY *key);
 
 =head1 DESCRIPTION
 
@@ -38,6 +39,9 @@ that holds the key which one will be returned.
 Ownership of the returned string is retained by the I<pkey> object and should
 not be freed by the caller.
 
+EVP_PKEY_get0_provider() returns the provider of the B<EVP_PKEY>'s
+L<EVP_KEYMGMT(3)>.
+
 =head1 RETURN VALUES
 
 EVP_PKEY_is_a() returns 1 if I<pkey> has the key type I<name>,
@@ -48,6 +52,8 @@ supports signing, otherwise 0.
 
 EVP_PKEY_get0_type_name() returns the name that is found or NULL on error.
 
+EVP_PKEY_get0_provider() returns the provider if found or NULL if not.
+
 EVP_PKEY_type_names_do_all() returns 1 if the callback was called for all
 names. A return value of 0 means that the callback was not called for any
 names.

diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index f76c4a26d1a8ee3cfb10a9cced60d58a3a7f0962..1c8ce48773a9b3cb2b363e23f99dbb2c78df5f49 100644 (file)
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1380,6 +1380,7 @@ int EVP_PKEY_up_ref(EVP_PKEY *pkey);
 EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey);
 void EVP_PKEY_free(EVP_PKEY *pkey);
 const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey);
+const OSSL_PROVIDER *EVP_PKEY_get0_provider(const EVP_PKEY *key);
 
 EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
                         long length);
@@ -2160,7 +2161,8 @@ int EVP_PKEY_get_group_name(const EVP_PKEY *pkey, char *name, size_t name_sz,
                             size_t *gname_len);
 
 OSSL_LIB_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx);
-const char *EVP_PKEY_CTX_get0_propq(EVP_PKEY_CTX *ctx);
+const char *EVP_PKEY_CTX_get0_propq(const EVP_PKEY_CTX *ctx);
+const OSSL_PROVIDER *EVP_PKEY_CTX_get0_provider(const EVP_PKEY_CTX *ctx);
 
 # ifdef  __cplusplus
 }

diff --git a/util/libcrypto.num b/util/libcrypto.num
index c7862c568dda424df419677941b145679c7aad93..3d4d7c37df2623b24867b23d59c28f9845227612 100644 (file)
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5423,3 +5423,5 @@ ASN1_item_d2i_fp_ex                     ? 3_0_0   EXIST::FUNCTION:STDIO
 ASN1_item_d2i_bio_ex                    ?      3_0_0   EXIST::FUNCTION:
 ASN1_item_d2i_ex                        ?      3_0_0   EXIST::FUNCTION:
 ASN1_TIME_print_ex                      ?      3_0_0   EXIST::FUNCTION:
+EVP_PKEY_get0_provider                  ?      3_0_0   EXIST::FUNCTION:
+EVP_PKEY_CTX_get0_provider              ?      3_0_0   EXIST::FUNCTION: