From bed7437b00734ee463de3c6fd6851458fa8c6cb0 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 15 May 2021 07:43:06 +0200 Subject: [PATCH] Modify EVP_PKEY_ASN1_METHOD's export_to function to take an importer We previously took an EVP_KEYMGMT pointer, but now found it necessary to use a different import function in some cases. Since that's the only thing we use from EVP_KEYMGMT, we might as well pass the import function directly, allowing for some flexibility in how export_to is used. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/15293) --- crypto/dh/dh_ameth.c | 6 +++--- crypto/dsa/dsa_ameth.c | 6 +++--- crypto/ec/ec_ameth.c | 6 +++--- crypto/ec/ecx_meth.c | 6 +++--- crypto/evp/p_lib.c | 3 ++- crypto/rsa/rsa_ameth.c | 17 +++++++++-------- include/crypto/asn1.h | 5 +++-- 7 files changed, 26 insertions(+), 23 deletions(-) diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index d96b54285b..3d23321b59 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -440,8 +440,8 @@ static size_t dh_pkey_dirty_cnt(const EVP_PKEY *pkey) } static int dh_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, - const char *propq) + OSSL_FUNC_keymgmt_import_fn *importer, + OSSL_LIB_CTX *libctx, const char *propq) { DH *dh = from->pkey.dh; OSSL_PARAM_BLD *tmpl; @@ -495,7 +495,7 @@ static int dh_pkey_export_to(const EVP_PKEY *from, void *to_keydata, goto err; /* We export, the provider imports */ - rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params); + rv = importer(to_keydata, selection, params); OSSL_PARAM_free(params); err: diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 2e1ad081dc..ea9f839955 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -424,8 +424,8 @@ static size_t dsa_pkey_dirty_cnt(const EVP_PKEY *pkey) } static int dsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, - const char *propq) + OSSL_FUNC_keymgmt_import_fn *importer, + OSSL_LIB_CTX *libctx, const char *propq) { DSA *dsa = from->pkey.dsa; OSSL_PARAM_BLD *tmpl; @@ -472,7 +472,7 @@ static int dsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, goto err; /* We export, the provider imports */ - rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params); + rv = importer(to_keydata, selection, params); OSSL_PARAM_free(params); err: diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index e49252449d..32fe692d8a 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -478,8 +478,8 @@ size_t ec_pkey_dirty_cnt(const EVP_PKEY *pkey) static int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, - const char *propq) + OSSL_FUNC_keymgmt_import_fn *importer, + OSSL_LIB_CTX *libctx, const char *propq) { const EC_KEY *eckey = NULL; const EC_GROUP *ecg = NULL; @@ -607,7 +607,7 @@ int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata, params = OSSL_PARAM_BLD_to_param(tmpl); /* We export, the provider imports */ - rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params); + rv = importer(to_keydata, selection, params); err: OSSL_PARAM_BLD_free(tmpl); diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index 61f062a2f8..c47bd9f9dd 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -346,8 +346,8 @@ static size_t ecx_pkey_dirty_cnt(const EVP_PKEY *pkey) } static int ecx_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, - const char *propq) + OSSL_FUNC_keymgmt_import_fn *importer, + OSSL_LIB_CTX *libctx, const char *propq) { const ECX_KEY *key = from->pkey.ecx; OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new(); @@ -375,7 +375,7 @@ static int ecx_pkey_export_to(const EVP_PKEY *from, void *to_keydata, params = OSSL_PARAM_BLD_to_param(tmpl); /* We export, the provider imports */ - rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params); + rv = importer(to_keydata, selection, params); err: OSSL_PARAM_BLD_free(tmpl); diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 00a310d4e4..9b31c58288 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1878,7 +1878,8 @@ void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, if ((keydata = evp_keymgmt_newdata(tmp_keymgmt)) == NULL) goto end; - if (!pk->ameth->export_to(pk, keydata, tmp_keymgmt, libctx, propquery)) { + if (!pk->ameth->export_to(pk, keydata, tmp_keymgmt->import, + libctx, propquery)) { evp_keymgmt_freedata(tmp_keymgmt, keydata); keydata = NULL; goto end; diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index 2f9d60a7b3..f2283d81bd 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -725,7 +725,8 @@ static size_t rsa_pkey_dirty_cnt(const EVP_PKEY *pkey) * checks in this method since the caller tests EVP_KEYMGMT_is_a() first. */ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type, - void *to_keydata, EVP_KEYMGMT *to_keymgmt, + void *to_keydata, + OSSL_FUNC_keymgmt_import_fn *importer, OSSL_LIB_CTX *libctx, const char *propq) { RSA *rsa = from->pkey.rsa; @@ -778,7 +779,7 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type, goto err; /* We export, the provider imports */ - rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params); + rv = importer(to_keydata, selection, params); err: OSSL_PARAM_free(params); @@ -859,19 +860,19 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, } static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, - const char *propq) + OSSL_FUNC_keymgmt_import_fn *importer, + OSSL_LIB_CTX *libctx, const char *propq) { return rsa_int_export_to(from, RSA_FLAG_TYPE_RSA, to_keydata, - to_keymgmt, libctx, propq); + importer, libctx, propq); } static int rsa_pss_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, - const char *propq) + OSSL_FUNC_keymgmt_import_fn *importer, + OSSL_LIB_CTX *libctx, const char *propq) { return rsa_int_export_to(from, RSA_FLAG_TYPE_RSASSAPSS, to_keydata, - to_keymgmt, libctx, propq); + importer, libctx, propq); } static int rsa_pkey_import_from(const OSSL_PARAM params[], void *vpctx) diff --git a/include/crypto/asn1.h b/include/crypto/asn1.h index 17d5f637ef..5a187e41a7 100644 --- a/include/crypto/asn1.h +++ b/include/crypto/asn1.h @@ -12,6 +12,7 @@ # pragma once # include +# include /* OSSL_FUNC_keymgmt_import() */ /* Internal ASN1 structures and functions: not for application use */ @@ -80,8 +81,8 @@ struct evp_pkey_asn1_method_st { /* Exports and imports to / from providers */ size_t (*dirty_cnt) (const EVP_PKEY *pk); int (*export_to) (const EVP_PKEY *pk, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, - const char *propq); + OSSL_FUNC_keymgmt_import_fn *importer, + OSSL_LIB_CTX *libctx, const char *propq); OSSL_CALLBACK *import_from; int (*copy) (EVP_PKEY *to, EVP_PKEY *from); -- 2.39.2