]> git.ipfire.org Git - thirdparty/openssl.git/blame - crypto/evp/pmeth_lib.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add Explicit EC parameter support to providers.
[thirdparty/openssl.git] / crypto / evp / pmeth_lib.c
CommitLineData
0f113f3e 1/*
33388b44 2 * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
0b6f3c66 3 *
4a8b0c55 4 * Licensed under the Apache License 2.0 (the "License"). You may not use
62867571
RS		 5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
0b6f3c66
DSH		 8 */
9
ada66e78 10/*
b03ec3b5 11 * Low level key APIs (DH etc) are deprecated for public use, but still ok for
ada66e78
P		 12 * internal use.
13 */
14#include "internal/deprecated.h"
15
0b6f3c66
DSH		 16#include <stdio.h>
17#include <stdlib.h>
3c27208f 18#include <openssl/engine.h>
33bed28b 19#include <openssl/evp.h>
99119000 20#include <openssl/x509v3.h>
35aca9ec
MC		 21#include <openssl/core_names.h>
22#include <openssl/dh.h>
89abd1b6 23#include <openssl/rsa.h>
ac2d58c7 24#include <openssl/kdf.h>
35aca9ec 25#include "internal/cryptlib.h"
25f2138b
DMSP		 26#include "crypto/asn1.h"
27#include "crypto/evp.h"
7165593c
SL		 28#include "crypto/dh.h"
29#include "internal/ffc.h"
99119000 30#include "internal/numbers.h"
390acbeb 31#include "internal/provider.h"
706457b7 32#include "evp_local.h"
0b6f3c66 33
f844f9eb 34#ifndef FIPS_MODULE
e683582b 35
19bd1fa1 36typedef const EVP_PKEY_METHOD *(*pmeth_fn)(void);
0f113f3e 37typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
5ce278a7 38
df2ee0e2 39static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
0b6f3c66 40
cefa762e 41/* This array needs to be in order of NIDs */
19bd1fa1 42static pmeth_fn standard_methods[] = {
e683582b 43# ifndef OPENSSL_NO_RSA
19bd1fa1 44 rsa_pkey_method,
e683582b
SL		 45# endif
46# ifndef OPENSSL_NO_DH
19bd1fa1 47 dh_pkey_method,
e683582b
SL		 48# endif
49# ifndef OPENSSL_NO_DSA
19bd1fa1 50 dsa_pkey_method,
e683582b
SL		 51# endif
52# ifndef OPENSSL_NO_EC
19bd1fa1 53 ec_pkey_method,
e683582b 54# endif
19bd1fa1 55 hmac_pkey_method,
e683582b 56# ifndef OPENSSL_NO_CMAC
19bd1fa1 57 cmac_pkey_method,
e683582b
SL		 58# endif
59# ifndef OPENSSL_NO_RSA
19bd1fa1 60 rsa_pss_pkey_method,
e683582b
SL		 61# endif
62# ifndef OPENSSL_NO_DH
19bd1fa1 63 dhx_pkey_method,
e683582b 64# endif
e683582b 65# ifndef OPENSSL_NO_EC
19bd1fa1
PS		 66 ecx25519_pkey_method,
67 ecx448_pkey_method,
e683582b 68# endif
e683582b 69# ifndef OPENSSL_NO_POLY1305
19bd1fa1 70 poly1305_pkey_method,
e683582b
SL		 71# endif
72# ifndef OPENSSL_NO_SIPHASH
19bd1fa1 73 siphash_pkey_method,
e683582b
SL		 74# endif
75# ifndef OPENSSL_NO_EC
19bd1fa1
PS		 76 ed25519_pkey_method,
77 ed448_pkey_method,
e683582b
SL		 78# endif
79# ifndef OPENSSL_NO_SM2
19bd1fa1 80 sm2_pkey_method,
e683582b 81# endif
0f113f3e 82};
0b6f3c66 83
19bd1fa1
PS		 84DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func);
85
86static int pmeth_func_cmp(const EVP_PKEY_METHOD *const *a, pmeth_fn const *b)
87{
88 return ((*a)->pkey_id - ((**b)())->pkey_id);
89}
90
91IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func);
babb3798 92
0f113f3e
MC		 93static int pmeth_cmp(const EVP_PKEY_METHOD *const *a,
94 const EVP_PKEY_METHOD *const *b)
95{
96 return ((*a)->pkey_id - (*b)->pkey_id);
97}
0b6f3c66 98
c9777d26 99const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type)
0f113f3e 100{
19bd1fa1 101 pmeth_fn *ret;
0f113f3e 102 EVP_PKEY_METHOD tmp;
19bd1fa1 103 const EVP_PKEY_METHOD *t = &tmp;
12a765a5 104
0f113f3e
MC		 105 tmp.pkey_id = type;
106 if (app_pkey_methods) {
107 int idx;
108 idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
109 if (idx >= 0)
110 return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
111 }
19bd1fa1
PS		 112 ret = OBJ_bsearch_pmeth_func(&t, standard_methods,
113 sizeof(standard_methods) /
114 sizeof(pmeth_fn));
12a765a5 115 if (ret == NULL || *ret == NULL)
0f113f3e 116 return NULL;
19bd1fa1 117 return (**ret)();
0f113f3e 118}
0b6f3c66 119
e683582b
SL		 120EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
121{
122 EVP_PKEY_METHOD *pmeth;
123
124 pmeth = OPENSSL_zalloc(sizeof(*pmeth));
125 if (pmeth == NULL) {
126 EVPerr(EVP_F_EVP_PKEY_METH_NEW, ERR_R_MALLOC_FAILURE);
127 return NULL;
128 }
129
130 pmeth->pkey_id = id;
131 pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
132 return pmeth;
133}
f844f9eb 134#endif /* FIPS_MODULE */
e683582b 135
b533510f
MC		 136static int is_legacy_alg(int id, const char *keytype)
137{
138#ifndef FIPS_MODULE
139 /* Certain EVP_PKEY keytypes are only available in legacy form */
140 if (id == -1) {
141 id = OBJ_sn2nid(keytype);
142 if (id == NID_undef)
143 id = OBJ_ln2nid(keytype);
144 if (id == NID_undef)
145 return 0;
146 }
147 switch (id) {
148 /*
149 * TODO(3.0): Remove SM2 and DHX when they are converted to have provider
150 * support
151 */
152 case EVP_PKEY_SM2:
b533510f
MC		 153 case EVP_PKEY_CMAC:
154 case EVP_PKEY_HMAC:
155 case EVP_PKEY_SIPHASH:
156 case EVP_PKEY_POLY1305:
157 return 1;
158 default:
159 return 0;
160 }
161#else
162 return 0;
163#endif
164}
165
3ee348b0
RL		 166static EVP_PKEY_CTX *int_ctx_new(OPENSSL_CTX *libctx,
167 EVP_PKEY *pkey, ENGINE *e,
4b9e90f4 168 const char *keytype, const char *propquery,
a07c17ef 169 int id)
e683582b 170
0f113f3e
MC		 171{
172 EVP_PKEY_CTX *ret;
d0ea49a8 173 const EVP_PKEY_METHOD *pmeth = NULL;
4b9e90f4 174 EVP_KEYMGMT *keymgmt = NULL;
d0ea49a8
RL		 175
176 /*
177 * When using providers, the context is bound to the algo implementation
178 * later.
179 */
180 if (pkey == NULL && e == NULL && id == -1)
181 goto common;
2f2e6b62 182
982efd77 183 /*
5e5bc836
RL		 184 * If the internal key is provided, we extract the keytype from its
185 * keymgmt and skip over the legacy code.
982efd77 186 */
5e5bc836 187 if (pkey != NULL && evp_pkey_is_provided(pkey)) {
982efd77
RL		 188 /* If we have an engine, something went wrong somewhere... */
189 if (!ossl_assert(e == NULL))
190 return NULL;
4b9e90f4 191 keytype = evp_first_name(pkey->keymgmt->prov, pkey->keymgmt->name_id);
982efd77
RL		 192 goto common;
193 }
f844f9eb 194#ifndef FIPS_MODULE
d0ea49a8
RL		 195 /* TODO(3.0) Legacy code should be removed when all is provider based */
196 /* BEGIN legacy */
0f113f3e 197 if (id == -1) {
a6465b3f 198 if (pkey == NULL)
982efd77 199 return NULL;
2f2e6b62 200 id = pkey->type;
0f113f3e 201 }
60653e5b
RL		 202
203 /*
204 * Here, we extract what information we can for the purpose of
205 * supporting usage with implementations from providers, to make
206 * for a smooth transition from legacy stuff to provider based stuff.
207 *
208 * If an engine is given, this is entirely legacy, and we should not
209 * pretend anything else, so we only set the name when no engine is
210 * given. If both are already given, someone made a mistake, and
211 * since that can only happen internally, it's safe to make an
212 * assertion.
213 */
4b9e90f4 214 if (!ossl_assert(e == NULL || keytype == NULL))
60653e5b
RL		 215 return NULL;
216 if (e == NULL)
4b9e90f4 217 keytype = OBJ_nid2sn(id);
60653e5b 218
e683582b 219# ifndef OPENSSL_NO_ENGINE
c2976edf 220 if (e == NULL && pkey != NULL)
d19b01ad 221 e = pkey->pmeth_engine != NULL ? pkey->pmeth_engine : pkey->engine;
0f113f3e
MC		 222 /* Try to find an ENGINE which implements this method */
223 if (e) {
224 if (!ENGINE_init(e)) {
225 EVPerr(EVP_F_INT_CTX_NEW, ERR_R_ENGINE_LIB);
226 return NULL;
227 }
c2976edf 228 } else {
0f113f3e 229 e = ENGINE_get_pkey_meth_engine(id);
c2976edf 230 }
0f113f3e
MC		 231
232 /*
0d4fb843 233 * If an ENGINE handled this method look it up. Otherwise use internal
0f113f3e
MC		 234 * tables.
235 */
ac2d58c7 236 if (e != NULL) {
0f113f3e 237 pmeth = ENGINE_get_pkey_meth(e, id);
1704752b
MC		 238 /*
239 * We are supposed to use an engine, so no point in looking for a
240 * provided implementation. If pmeth is NULL here we just fail.
241 */
242 if (pmeth == NULL) {
243 ENGINE_finish(e);
244 EVPerr(EVP_F_INT_CTX_NEW, EVP_R_UNSUPPORTED_ALGORITHM);
245 return NULL;
246 }
247 } else
e683582b 248# endif
0f113f3e 249 pmeth = EVP_PKEY_meth_find(id);
1704752b
MC		 250 /*
251 * if pmeth is NULL here we can keep trying to see if we have a provided
252 * implementation below.
253 */
c9777d26 254
d0ea49a8 255 /* END legacy */
f844f9eb 256#endif /* FIPS_MODULE */
d0ea49a8 257 common:
4b9e90f4
RL		 258 /*
259 * If there's no engine and there's a name, we try fetching a provider
260 * implementation.
261 */
5fcb97c6 262 if (e == NULL && keytype != NULL) {
b533510f
MC		 263 int legacy = is_legacy_alg(id, keytype);
264
265 if (legacy) {
266 /* This could fail so ignore errors */
267 ERR_set_mark();
268 }
269
4b9e90f4 270 keymgmt = EVP_KEYMGMT_fetch(libctx, keytype, propquery);
b533510f
MC		 271 if (legacy) {
272 ERR_pop_to_mark();
273 } else if (keymgmt == NULL) {
274 EVPerr(EVP_F_INT_CTX_NEW, EVP_R_FETCH_FAILED);
275 return NULL;
276 }
5fcb97c6 277 }
4b9e90f4 278
64b25758 279 ret = OPENSSL_zalloc(sizeof(*ret));
90945fa3 280 if (ret == NULL) {
b5bcc053 281 EVP_KEYMGMT_free(keymgmt);
f844f9eb 282#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
7c96dbcd 283 ENGINE_finish(e);
a63bf2c5 284#endif
0f113f3e
MC		 285 EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
286 return NULL;
287 }
3ee348b0 288 ret->libctx = libctx;
a07c17ef 289 ret->propquery = propquery;
4b9e90f4
RL		 290 ret->keytype = keytype;
291 ret->keymgmt = keymgmt;
0f113f3e
MC		 292 ret->engine = e;
293 ret->pmeth = pmeth;
294 ret->operation = EVP_PKEY_OP_UNDEFINED;
295 ret->pkey = pkey;
a6465b3f 296 if (pkey != NULL)
03273d61 297 EVP_PKEY_up_ref(pkey);
0f113f3e 298
8b84b075 299 if (pmeth != NULL && pmeth->init != NULL) {
0f113f3e 300 if (pmeth->init(ret) <= 0) {
83b4049a 301 ret->pmeth = NULL;
0f113f3e
MC		 302 EVP_PKEY_CTX_free(ret);
303 return NULL;
304 }
305 }
306
307 return ret;
308}
309
f844f9eb 310/*- All methods below can also be used in FIPS_MODULE */
e683582b
SL		 311
312EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OPENSSL_CTX *libctx,
313 const char *name,
314 const char *propquery)
315{
316 return int_ctx_new(libctx, NULL, NULL, name, propquery, -1);
317}
318
2ee4a50a
MC		 319EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OPENSSL_CTX *libctx, EVP_PKEY *pkey,
320 const char *propquery)
e683582b 321{
2ee4a50a 322 return int_ctx_new(libctx, pkey, NULL, NULL, propquery, -1);
e683582b
SL		 323}
324
864b89ce
MC		 325void evp_pkey_ctx_free_old_ops(EVP_PKEY_CTX *ctx)
326{
e683582b 327 if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) {
864b89ce
MC		 328 if (ctx->op.sig.sigprovctx != NULL && ctx->op.sig.signature != NULL)
329 ctx->op.sig.signature->freectx(ctx->op.sig.sigprovctx);
330 EVP_SIGNATURE_free(ctx->op.sig.signature);
fb1ecf85
RL		 331 ctx->op.sig.sigprovctx = NULL;
332 ctx->op.sig.signature = NULL;
62f49b90 333 } else if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
e683582b
SL		 334 if (ctx->op.kex.exchprovctx != NULL && ctx->op.kex.exchange != NULL)
335 ctx->op.kex.exchange->freectx(ctx->op.kex.exchprovctx);
336 EVP_KEYEXCH_free(ctx->op.kex.exchange);
337 ctx->op.kex.exchprovctx = NULL;
338 ctx->op.kex.exchange = NULL;
62f49b90
SL		 339 }
340/* TODO(3.0): add dependancies and uncomment this when available for fips mode */
f844f9eb 341#ifndef FIPS_MODULE
62f49b90 342 else if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)) {
2c938e2e
MC		 343 if (ctx->op.ciph.ciphprovctx != NULL && ctx->op.ciph.cipher != NULL)
344 ctx->op.ciph.cipher->freectx(ctx->op.ciph.ciphprovctx);
345 EVP_ASYM_CIPHER_free(ctx->op.ciph.cipher);
346 ctx->op.ciph.ciphprovctx = NULL;
347 ctx->op.ciph.cipher = NULL;
62924755
RL		 348 } else if (EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
349 if (ctx->op.keymgmt.genctx != NULL && ctx->keymgmt != NULL)
350 evp_keymgmt_gen_cleanup(ctx->keymgmt, ctx->op.keymgmt.genctx);
864b89ce 351 }
e683582b 352#endif
864b89ce
MC		 353}
354
e683582b 355void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
0f113f3e 356{
e683582b
SL		 357 if (ctx == NULL)
358 return;
359 if (ctx->pmeth && ctx->pmeth->cleanup)
360 ctx->pmeth->cleanup(ctx);
b4faea50 361
e683582b
SL		 362 evp_pkey_ctx_free_old_ops(ctx);
363 EVP_KEYMGMT_free(ctx->keymgmt);
0f113f3e 364
e683582b
SL		 365 EVP_PKEY_free(ctx->pkey);
366 EVP_PKEY_free(ctx->peerkey);
f844f9eb 367#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
e683582b
SL		 368 ENGINE_finish(ctx->engine);
369#endif
370 OPENSSL_free(ctx);
0f113f3e 371}
ba30bad5 372
f844f9eb 373#ifndef FIPS_MODULE
e683582b 374
f830c68f 375void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
0f113f3e
MC		 376 const EVP_PKEY_METHOD *meth)
377{
378 if (ppkey_id)
379 *ppkey_id = meth->pkey_id;
380 if (pflags)
381 *pflags = meth->flags;
382}
f830c68f
DSH		 383
384void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
0f113f3e 385{
4cbb196b
AT		 386 int pkey_id = dst->pkey_id;
387 int flags = dst->flags;
f830c68f 388
4cbb196b 389 *dst = *src;
f830c68f 390
4cbb196b
AT		 391 /* We only copy the function pointers so restore the other values */
392 dst->pkey_id = pkey_id;
393 dst->flags = flags;
0f113f3e 394}
f830c68f 395
ba30bad5 396void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
0f113f3e
MC		 397{
398 if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
399 OPENSSL_free(pmeth);
400}
ba30bad5 401
f5cda4cb 402EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
0f113f3e 403{
3ee348b0 404 return int_ctx_new(NULL, pkey, e, NULL, NULL, -1);
0f113f3e 405}
f5cda4cb
DSH		 406
407EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
0f113f3e 408{
3ee348b0 409 return int_ctx_new(NULL, NULL, e, NULL, NULL, id);
a07c17ef
RL		 410}
411
9fdcc21f 412EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
0f113f3e
MC		 413{
414 EVP_PKEY_CTX *rctx;
ff64702b
MC		 415
416 if (((pctx->pmeth == NULL) || (pctx->pmeth->copy == NULL))
864b89ce
MC		 417 && ((EVP_PKEY_CTX_IS_DERIVE_OP(pctx)
418 && pctx->op.kex.exchprovctx == NULL)
419 || (EVP_PKEY_CTX_IS_SIGNATURE_OP(pctx)
420 && pctx->op.sig.sigprovctx == NULL)))
0f113f3e 421 return NULL;
e683582b 422# ifndef OPENSSL_NO_ENGINE
0f113f3e
MC		 423 /* Make sure it's safe to copy a pkey context using an ENGINE */
424 if (pctx->engine && !ENGINE_init(pctx->engine)) {
425 EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_ENGINE_LIB);
426 return 0;
427 }
e683582b 428# endif
ff64702b 429 rctx = OPENSSL_zalloc(sizeof(*rctx));
3484236d
F		 430 if (rctx == NULL) {
431 EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_MALLOC_FAILURE);
0f113f3e 432 return NULL;
3484236d 433 }
8bdcef40 434
ff64702b
MC		 435 if (pctx->pkey != NULL)
436 EVP_PKEY_up_ref(pctx->pkey);
437 rctx->pkey = pctx->pkey;
438 rctx->operation = pctx->operation;
3ee348b0 439 rctx->libctx = pctx->libctx;
f23bc0b7 440 rctx->keytype = pctx->keytype;
a07c17ef 441 rctx->propquery = pctx->propquery;
ff64702b 442
864b89ce
MC		 443 if (EVP_PKEY_CTX_IS_DERIVE_OP(pctx)) {
444 if (pctx->op.kex.exchange != NULL) {
445 rctx->op.kex.exchange = pctx->op.kex.exchange;
446 if (!EVP_KEYEXCH_up_ref(rctx->op.kex.exchange)) {
447 OPENSSL_free(rctx);
448 return NULL;
449 }
ff64702b 450 }
864b89ce
MC		 451 if (pctx->op.kex.exchprovctx != NULL) {
452 if (!ossl_assert(pctx->op.kex.exchange != NULL))
453 return NULL;
454 rctx->op.kex.exchprovctx
455 = pctx->op.kex.exchange->dupctx(pctx->op.kex.exchprovctx);
456 if (rctx->op.kex.exchprovctx == NULL) {
457 EVP_KEYEXCH_free(rctx->op.kex.exchange);
458 OPENSSL_free(rctx);
459 return NULL;
460 }
461 return rctx;
462 }
463 } else if (EVP_PKEY_CTX_IS_SIGNATURE_OP(pctx)) {
464 if (pctx->op.sig.signature != NULL) {
465 rctx->op.sig.signature = pctx->op.sig.signature;
466 if (!EVP_SIGNATURE_up_ref(rctx->op.sig.signature)) {
467 OPENSSL_free(rctx);
468 return NULL;
469 }
470 }
471 if (pctx->op.sig.sigprovctx != NULL) {
472 if (!ossl_assert(pctx->op.sig.signature != NULL))
473 return NULL;
474 rctx->op.sig.sigprovctx
475 = pctx->op.sig.signature->dupctx(pctx->op.sig.sigprovctx);
476 if (rctx->op.sig.sigprovctx == NULL) {
477 EVP_SIGNATURE_free(rctx->op.sig.signature);
478 OPENSSL_free(rctx);
479 return NULL;
480 }
481 return rctx;
ff64702b 482 }
2c938e2e
MC		 483 } else if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(pctx)) {
484 if (pctx->op.ciph.cipher != NULL) {
485 rctx->op.ciph.cipher = pctx->op.ciph.cipher;
486 if (!EVP_ASYM_CIPHER_up_ref(rctx->op.ciph.cipher)) {
487 OPENSSL_free(rctx);
488 return NULL;
489 }
490 }
491 if (pctx->op.ciph.ciphprovctx != NULL) {
492 if (!ossl_assert(pctx->op.ciph.cipher != NULL))
493 return NULL;
494 rctx->op.ciph.ciphprovctx
495 = pctx->op.ciph.cipher->dupctx(pctx->op.ciph.ciphprovctx);
496 if (rctx->op.ciph.ciphprovctx == NULL) {
497 EVP_ASYM_CIPHER_free(rctx->op.ciph.cipher);
498 OPENSSL_free(rctx);
499 return NULL;
500 }
501 return rctx;
502 }
ff64702b
MC		 503 }
504
0f113f3e 505 rctx->pmeth = pctx->pmeth;
e683582b 506# ifndef OPENSSL_NO_ENGINE
0f113f3e 507 rctx->engine = pctx->engine;
e683582b 508# endif
8bdcef40 509
0f113f3e 510 if (pctx->peerkey)
03273d61 511 EVP_PKEY_up_ref(pctx->peerkey);
0f113f3e 512 rctx->peerkey = pctx->peerkey;
8bdcef40 513
0f113f3e
MC		 514 if (pctx->pmeth->copy(rctx, pctx) > 0)
515 return rctx;
8bdcef40 516
83b4049a 517 rctx->pmeth = NULL;
0f113f3e
MC		 518 EVP_PKEY_CTX_free(rctx);
519 return NULL;
8bdcef40 520
0f113f3e 521}
8bdcef40 522
ba30bad5 523int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
0f113f3e
MC		 524{
525 if (app_pkey_methods == NULL) {
526 app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
3484236d
F		 527 if (app_pkey_methods == NULL){
528 EVPerr(EVP_F_EVP_PKEY_METH_ADD0, ERR_R_MALLOC_FAILURE);
0f113f3e 529 return 0;
3484236d 530 }
0f113f3e 531 }
3484236d
F		 532 if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth)) {
533 EVPerr(EVP_F_EVP_PKEY_METH_ADD0, ERR_R_MALLOC_FAILURE);
0f113f3e 534 return 0;
3484236d 535 }
0f113f3e
MC		 536 sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
537 return 1;
538}
ba30bad5 539
0822e89a
PY		 540void evp_app_cleanup_int(void)
541{
542 if (app_pkey_methods != NULL)
543 sk_EVP_PKEY_METHOD_pop_free(app_pkey_methods, EVP_PKEY_meth_free);
544}
545
546int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth)
547{
548 const EVP_PKEY_METHOD *ret;
549
550 ret = sk_EVP_PKEY_METHOD_delete_ptr(app_pkey_methods, pmeth);
551
552 return ret == NULL ? 0 : 1;
553}
554
48ed9c23
DSH		 555size_t EVP_PKEY_meth_get_count(void)
556{
557 size_t rv = OSSL_NELEM(standard_methods);
558
559 if (app_pkey_methods)
560 rv += sk_EVP_PKEY_METHOD_num(app_pkey_methods);
561 return rv;
562}
563
564const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx)
565{
566 if (idx < OSSL_NELEM(standard_methods))
19bd1fa1 567 return (standard_methods[idx])();
48ed9c23
DSH		 568 if (app_pkey_methods == NULL)
569 return NULL;
570 idx -= OSSL_NELEM(standard_methods);
571 if (idx >= (size_t)sk_EVP_PKEY_METHOD_num(app_pkey_methods))
572 return NULL;
573 return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
574}
e683582b 575#endif
48ed9c23 576
e683582b 577int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
0f113f3e 578{
e683582b
SL		 579 if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
580 && ctx->op.kex.exchprovctx != NULL
581 && ctx->op.kex.exchange != NULL
582 && ctx->op.kex.exchange->set_ctx_params != NULL)
583 return ctx->op.kex.exchange->set_ctx_params(ctx->op.kex.exchprovctx,
584 params);
585 if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
586 && ctx->op.sig.sigprovctx != NULL
587 && ctx->op.sig.signature != NULL
588 && ctx->op.sig.signature->set_ctx_params != NULL)
589 return ctx->op.sig.signature->set_ctx_params(ctx->op.sig.sigprovctx,
590 params);
591 if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
592 && ctx->op.ciph.ciphprovctx != NULL
593 && ctx->op.ciph.cipher != NULL
594 && ctx->op.ciph.cipher->set_ctx_params != NULL)
595 return ctx->op.ciph.cipher->set_ctx_params(ctx->op.ciph.ciphprovctx,
596 params);
62924755
RL		 597 if (EVP_PKEY_CTX_IS_GEN_OP(ctx)
598 && ctx->op.keymgmt.genctx != NULL
599 && ctx->keymgmt != NULL
600 && ctx->keymgmt->gen_set_params != NULL)
601 return evp_keymgmt_gen_set_params(ctx->keymgmt, ctx->op.keymgmt.genctx,
602 params);
e683582b 603 return 0;
0f113f3e 604}
5da98aa6 605
9c45222d
MC		 606int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
607{
4fe54d67
NT		 608 if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
609 && ctx->op.kex.exchprovctx != NULL
610 && ctx->op.kex.exchange != NULL
611 && ctx->op.kex.exchange->get_ctx_params != NULL)
612 return ctx->op.kex.exchange->get_ctx_params(ctx->op.kex.exchprovctx,
613 params);
864b89ce
MC		 614 if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
615 && ctx->op.sig.sigprovctx != NULL
616 && ctx->op.sig.signature != NULL
617 && ctx->op.sig.signature->get_ctx_params != NULL)
618 return ctx->op.sig.signature->get_ctx_params(ctx->op.sig.sigprovctx,
619 params);
2c938e2e
MC		 620 if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
621 && ctx->op.ciph.ciphprovctx != NULL
622 && ctx->op.ciph.cipher != NULL
623 && ctx->op.ciph.cipher->get_ctx_params != NULL)
624 return ctx->op.ciph.cipher->get_ctx_params(ctx->op.ciph.ciphprovctx,
625 params);
9c45222d
MC		 626 return 0;
627}
628
11a1b341 629#ifndef FIPS_MODULE
9c45222d
MC		 630const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(EVP_PKEY_CTX *ctx)
631{
18ec26ba
P		 632 void *provctx;
633
4fe54d67
NT		 634 if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
635 && ctx->op.kex.exchange != NULL
18ec26ba
P		 636 && ctx->op.kex.exchange->gettable_ctx_params != NULL) {
637 provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(ctx->op.kex.exchange));
638 return ctx->op.kex.exchange->gettable_ctx_params(provctx);
639 }
864b89ce
MC		 640 if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
641 && ctx->op.sig.signature != NULL
18ec26ba
P		 642 && ctx->op.sig.signature->gettable_ctx_params != NULL) {
643 provctx = ossl_provider_ctx(
644 EVP_SIGNATURE_provider(ctx->op.sig.signature));
645 return ctx->op.sig.signature->gettable_ctx_params(provctx);
646 }
2c938e2e
MC		 647 if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
648 && ctx->op.ciph.cipher != NULL
18ec26ba
P		 649 && ctx->op.ciph.cipher->gettable_ctx_params != NULL) {
650 provctx = ossl_provider_ctx(
651 EVP_ASYM_CIPHER_provider(ctx->op.ciph.cipher));
652 return ctx->op.ciph.cipher->gettable_ctx_params(provctx);
653 }
9c45222d
MC		 654 return NULL;
655}
656
9c45222d
MC		 657const OSSL_PARAM *EVP_PKEY_CTX_settable_params(EVP_PKEY_CTX *ctx)
658{
18ec26ba
P		 659 void *provctx;
660
864b89ce
MC		 661 if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
662 && ctx->op.kex.exchange != NULL
18ec26ba
P		 663 && ctx->op.kex.exchange->settable_ctx_params != NULL) {
664 provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(ctx->op.kex.exchange));
665 return ctx->op.kex.exchange->settable_ctx_params(provctx);
666 }
864b89ce
MC		 667 if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
668 && ctx->op.sig.signature != NULL
18ec26ba
P		 669 && ctx->op.sig.signature->settable_ctx_params != NULL) {
670 provctx = ossl_provider_ctx(
671 EVP_SIGNATURE_provider(ctx->op.sig.signature));
672 return ctx->op.sig.signature->settable_ctx_params(provctx);
673 }
2c938e2e
MC		 674 if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
675 && ctx->op.ciph.cipher != NULL
18ec26ba
P		 676 && ctx->op.ciph.cipher->settable_ctx_params != NULL) {
677 provctx = ossl_provider_ctx(
678 EVP_ASYM_CIPHER_provider(ctx->op.ciph.cipher));
679 return ctx->op.ciph.cipher->settable_ctx_params(provctx);
680 }
62924755 681 if (EVP_PKEY_CTX_IS_GEN_OP(ctx)
5e77b79a 682 && ctx->keymgmt != NULL)
e3efe7a5 683 return EVP_KEYMGMT_gen_settable_params(ctx->keymgmt);
9c45222d
MC		 684
685 return NULL;
686}
687
4fe54d67
NT		 688/*
689 * Internal helpers for stricter EVP_PKEY_CTX_{set,get}_params().
690 *
691 * Return 1 on success, 0 or negative for errors.
692 *
693 * In particular they return -2 if any of the params is not supported.
694 *
f844f9eb 695 * They are not available in FIPS_MODULE as they depend on
4fe54d67
NT		 696 * - EVP_PKEY_CTX_{get,set}_params()
697 * - EVP_PKEY_CTX_{gettable,settable}_params()
698 *
699 */
700int evp_pkey_ctx_set_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
701{
702 const OSSL_PARAM *p;
703
704 if (ctx == NULL || params == NULL)
705 return 0;
706
707 for (p = params; p->key != NULL; p++) {
708 /* Check the ctx actually understands this parameter */
709 if (OSSL_PARAM_locate_const(EVP_PKEY_CTX_settable_params(ctx),
710 p->key) == NULL )
711 return -2;
712 }
713
714 return EVP_PKEY_CTX_set_params(ctx, params);
715}
716
717int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
718{
719 const OSSL_PARAM *p;
720
721 if (ctx == NULL || params == NULL)
722 return 0;
723
724 for (p = params; p->key != NULL; p++ ) {
725 /* Check the ctx actually understands this parameter */
726 if (OSSL_PARAM_locate_const(EVP_PKEY_CTX_gettable_params(ctx),
727 p->key) == NULL )
728 return -2;
729 }
730
731 return EVP_PKEY_CTX_get_params(ctx, params);
732}
733
e683582b 734# ifndef OPENSSL_NO_DH
35aca9ec
MC		 735int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad)
736{
737 OSSL_PARAM dh_pad_params[2];
1c3ace68 738 unsigned int upad = pad;
35aca9ec 739
864b89ce
MC		 740 /* We use EVP_PKEY_CTX_ctrl return values */
741 if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
742 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
743 return -2;
744 }
745
35aca9ec 746 /* TODO(3.0): Remove this eventually when no more legacy */
864b89ce 747 if (ctx->op.kex.exchprovctx == NULL)
35aca9ec
MC		 748 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE,
749 EVP_PKEY_CTRL_DH_PAD, pad, NULL);
750
1c3ace68 751 dh_pad_params[0] = OSSL_PARAM_construct_uint(OSSL_EXCHANGE_PARAM_PAD, &upad);
35aca9ec
MC		 752 dh_pad_params[1] = OSSL_PARAM_construct_end();
753
754 return EVP_PKEY_CTX_set_params(ctx, dh_pad_params);
755}
e683582b 756# endif
35aca9ec 757
9c45222d
MC		 758int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
759{
ac2d58c7 760 OSSL_PARAM sig_md_params[2], *p = sig_md_params;
9c45222d
MC		 761 /* 80 should be big enough */
762 char name[80] = "";
763 const EVP_MD *tmp;
764
864b89ce 765 if (ctx == NULL || !EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) {
9c45222d
MC		 766 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
767 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
768 return -2;
769 }
770
771 /* TODO(3.0): Remove this eventually when no more legacy */
864b89ce 772 if (ctx->op.sig.sigprovctx == NULL)
9c45222d
MC		 773 return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,
774 EVP_PKEY_CTRL_GET_MD, 0, (void *)(md));
775
776 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
777 name,
778 sizeof(name));
ac2d58c7 779 *p = OSSL_PARAM_construct_end();
9c45222d
MC		 780
781 if (!EVP_PKEY_CTX_get_params(ctx, sig_md_params))
782 return 0;
783
7606bed9 784 tmp = evp_get_digestbyname_ex(ctx->libctx, name);
9c45222d
MC		 785 if (tmp == NULL)
786 return 0;
787
788 *md = tmp;
789
790 return 1;
791}
792
05d2f72e
MC		 793static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
794 int fallback, const char *param, int op,
795 int ctrl)
4889dadc 796{
05d2f72e 797 OSSL_PARAM md_params[2], *p = md_params;
4889dadc
MC		 798 const char *name;
799
05d2f72e 800 if (ctx == NULL || (ctx->operation & op) == 0) {
9c45222d
MC		 801 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
802 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
803 return -2;
804 }
805
4889dadc 806 /* TODO(3.0): Remove this eventually when no more legacy */
05d2f72e
MC		 807 if (fallback)
808 return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, 0, (void *)(md));
4889dadc 809
9c45222d
MC		 810 if (md == NULL) {
811 name = "";
9c45222d 812 } else {
9c45222d
MC		 813 name = EVP_MD_name(md);
814 }
4889dadc 815
05d2f72e 816 *p++ = OSSL_PARAM_construct_utf8_string(param,
9c45222d
MC		 817 /*
818 * Cast away the const. This is read
819 * only so should be safe
820 */
8b6ffd40 821 (char *)name, 0);
ac2d58c7 822 *p = OSSL_PARAM_construct_end();
4889dadc 823
05d2f72e
MC		 824 return EVP_PKEY_CTX_set_params(ctx, md_params);
825}
826
827int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
828{
829 return evp_pkey_ctx_set_md(ctx, md, ctx->op.sig.sigprovctx == NULL,
830 OSSL_SIGNATURE_PARAM_DIGEST,
831 EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_MD);
4889dadc
MC		 832}
833
ac2d58c7
MC		 834int EVP_PKEY_CTX_set_tls1_prf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
835{
05d2f72e
MC		 836 return evp_pkey_ctx_set_md(ctx, md, ctx->op.kex.exchprovctx == NULL,
837 OSSL_KDF_PARAM_DIGEST,
838 EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_TLS_MD);
839}
840
841static int evp_pkey_ctx_set1_octet_string(EVP_PKEY_CTX *ctx, int fallback,
842 const char *param, int op, int ctrl,
843 const unsigned char *data,
844 int datalen)
845{
846 OSSL_PARAM octet_string_params[2], *p = octet_string_params;
ac2d58c7
MC		 847
848 if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
849 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
850 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
851 return -2;
852 }
853
854 /* TODO(3.0): Remove this eventually when no more legacy */
05d2f72e
MC		 855 if (fallback)
856 return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, datalen, (void *)(data));
ac2d58c7 857
05d2f72e
MC		 858 if (datalen < 0) {
859 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH);
860 return 0;
ac2d58c7
MC		 861 }
862
05d2f72e 863 *p++ = OSSL_PARAM_construct_octet_string(param,
ac2d58c7
MC		 864 /*
865 * Cast away the const. This is read
866 * only so should be safe
867 */
05d2f72e
MC		 868 (unsigned char *)data,
869 (size_t)datalen);
194de849 870 *p = OSSL_PARAM_construct_end();
ac2d58c7 871
05d2f72e 872 return EVP_PKEY_CTX_set_params(ctx, octet_string_params);
ac2d58c7
MC		 873}
874
875int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *ctx,
876 const unsigned char *sec, int seclen)
877{
05d2f72e
MC		 878 return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
879 OSSL_KDF_PARAM_SECRET,
880 EVP_PKEY_OP_DERIVE,
881 EVP_PKEY_CTRL_TLS_SECRET,
882 sec, seclen);
883}
ac2d58c7 884
05d2f72e
MC		 885int EVP_PKEY_CTX_add1_tls1_prf_seed(EVP_PKEY_CTX *ctx,
886 const unsigned char *seed, int seedlen)
887{
888 return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
889 OSSL_KDF_PARAM_SEED,
890 EVP_PKEY_OP_DERIVE,
891 EVP_PKEY_CTRL_TLS_SEED,
892 seed, seedlen);
893}
ac2d58c7 894
05d2f72e
MC		 895int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
896{
897 return evp_pkey_ctx_set_md(ctx, md, ctx->op.kex.exchprovctx == NULL,
898 OSSL_KDF_PARAM_DIGEST,
899 EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_HKDF_MD);
900}
ac2d58c7 901
05d2f72e
MC		 902int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *ctx,
903 const unsigned char *salt, int saltlen)
904{
905 return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
906 OSSL_KDF_PARAM_SALT,
907 EVP_PKEY_OP_DERIVE,
908 EVP_PKEY_CTRL_HKDF_SALT,
909 salt, saltlen);
910}
ac2d58c7 911
05d2f72e
MC		 912int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *ctx,
913 const unsigned char *key, int keylen)
914{
915 return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
916 OSSL_KDF_PARAM_KEY,
917 EVP_PKEY_OP_DERIVE,
918 EVP_PKEY_CTRL_HKDF_KEY,
919 key, keylen);
920}
ac2d58c7 921
05d2f72e
MC		 922int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *ctx,
923 const unsigned char *info, int infolen)
924{
925 return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
926 OSSL_KDF_PARAM_INFO,
927 EVP_PKEY_OP_DERIVE,
928 EVP_PKEY_CTRL_HKDF_INFO,
929 info, infolen);
ac2d58c7
MC		 930}
931
05d2f72e 932int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *ctx, int mode)
ac2d58c7 933{
05d2f72e 934 OSSL_PARAM int_params[2], *p = int_params;
ac2d58c7
MC		 935
936 if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
937 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
938 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
939 return -2;
940 }
941
942 /* TODO(3.0): Remove this eventually when no more legacy */
943 if (ctx->op.kex.exchprovctx == NULL)
944 return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE,
05d2f72e
MC		 945 EVP_PKEY_CTRL_HKDF_MODE, mode, NULL);
946
ac2d58c7 947
05d2f72e
MC		 948 if (mode < 0) {
949 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
ac2d58c7
MC		 950 return 0;
951 }
952
05d2f72e 953 *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_MODE, &mode);
194de849 954 *p = OSSL_PARAM_construct_end();
ac2d58c7 955
05d2f72e 956 return EVP_PKEY_CTX_set_params(ctx, int_params);
ac2d58c7
MC		 957}
958
194de849
MC		 959int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *ctx, const char *pass,
960 int passlen)
961{
962 return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
963 OSSL_KDF_PARAM_PASSWORD,
964 EVP_PKEY_OP_DERIVE,
965 EVP_PKEY_CTRL_PASS,
966 (const unsigned char *)pass, passlen);
967}
968
969int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *ctx,
970 const unsigned char *salt, int saltlen)
971{
972 return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
973 OSSL_KDF_PARAM_SALT,
974 EVP_PKEY_OP_DERIVE,
975 EVP_PKEY_CTRL_SCRYPT_SALT,
976 salt, saltlen);
977}
978
979static int evp_pkey_ctx_set_uint64(EVP_PKEY_CTX *ctx, const char *param,
980 int op, int ctrl, uint64_t val)
981{
982 OSSL_PARAM uint64_params[2], *p = uint64_params;
983
984 if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
985 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
986 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
987 return -2;
988 }
989
990 /* TODO(3.0): Remove this eventually when no more legacy */
991 if (ctx->op.kex.exchprovctx == NULL)
992 return EVP_PKEY_CTX_ctrl_uint64(ctx, -1, op, ctrl, val);
993
994 *p++ = OSSL_PARAM_construct_uint64(param, &val);
995 *p = OSSL_PARAM_construct_end();
996
997 return EVP_PKEY_CTX_set_params(ctx, uint64_params);
998}
999
1000int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *ctx, uint64_t n)
1001{
1002 return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_N,
1003 EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_SCRYPT_N,
1004 n);
1005}
1006
1007int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *ctx, uint64_t r)
1008{
1009 return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_R,
1010 EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_SCRYPT_R,
1011 r);
1012}
1013
1014int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *ctx, uint64_t p)
1015{
1016 return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_P,
1017 EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_SCRYPT_P,
1018 p);
1019}
1020
1021int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *ctx,
1022 uint64_t maxmem_bytes)
1023{
1024 return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_MAXMEM,
1025 EVP_PKEY_OP_DERIVE,
1026 EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES,
1027 maxmem_bytes);
1028}
1029
35aca9ec
MC		 1030static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
1031 int cmd, int p1, void *p2)
1032{
71434aed
DB		 1033 /*
1034 * GOST CMS format is different for different cipher algorithms.
1035 * Most of other algorithms don't have such a difference
1036 * so this ctrl is just ignored.
1037 */
1038 if (cmd == EVP_PKEY_CTRL_CIPHER)
1039 return -2;
7165593c 1040
e683582b 1041# ifndef OPENSSL_NO_DH
116d2510
SL		 1042 if (keytype == EVP_PKEY_DHX) {
1043 switch (cmd) {
1044 case EVP_PKEY_CTRL_DH_KDF_TYPE:
1045 return EVP_PKEY_CTX_set_dh_kdf_type(ctx, p1);
1046 case EVP_PKEY_CTRL_DH_KDF_MD:
1047 return EVP_PKEY_CTX_set_dh_kdf_md(ctx, p2);
1048 case EVP_PKEY_CTRL_DH_KDF_OUTLEN:
1049 return EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, p1);
1050 case EVP_PKEY_CTRL_DH_KDF_UKM:
1051 return EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p2, p1);
1052 case EVP_PKEY_CTRL_DH_KDF_OID:
1053 return EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, p2);
1054 case EVP_PKEY_CTRL_GET_DH_KDF_MD:
1055 return EVP_PKEY_CTX_get_dh_kdf_md(ctx, p2);
1056 case EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN:
1057 return EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, p2);
1058 case EVP_PKEY_CTRL_GET_DH_KDF_UKM:
1059 return EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p2);
1060 case EVP_PKEY_CTRL_GET_DH_KDF_OID:
1061 return EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, p2);
1062 }
1063 }
4fe54d67
NT		 1064 if (keytype == EVP_PKEY_DH) {
1065 switch (cmd) {
1066 case EVP_PKEY_CTRL_DH_PAD:
1067 return EVP_PKEY_CTX_set_dh_pad(ctx, p1);
7165593c
SL		 1068 case EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN:
1069 return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, p1);
1070 case EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN:
1071 return EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, p1);
1072 case EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR:
1073 return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, p1);
1074 case EVP_PKEY_CTRL_DH_PARAMGEN_TYPE:
1075 return EVP_PKEY_CTX_set_dh_paramgen_type(ctx, p1);
1076 case EVP_PKEY_CTRL_DH_RFC5114:
1077 return EVP_PKEY_CTX_set_dh_rfc5114(ctx, p1);
4fe54d67
NT		 1078 }
1079 }
1080# endif
b03ec3b5
SL		 1081# ifndef OPENSSL_NO_DSA
1082 if (keytype == EVP_PKEY_DSA) {
1083 switch (cmd) {
1084 case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
1085 return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, p1);
1086 case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS:
1087 return EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, p1);
1088 case EVP_PKEY_CTRL_DSA_PARAMGEN_MD:
1089 return EVP_PKEY_CTX_set_dsa_paramgen_md(ctx, p2);
1090 }
1091 }
1092# endif
4fe54d67
NT		 1093# ifndef OPENSSL_NO_EC
1094 if (keytype == EVP_PKEY_EC) {
1095 switch (cmd) {
10d756a7
RL		 1096 case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID:
1097 return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, p1);
6f4b7663
RL		 1098 case EVP_PKEY_CTRL_EC_ECDH_COFACTOR:
1099 if (p1 == -2) {
1100 return EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx);
1101 } else if (p1 < -1 || p1 > 1) {
1102 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
1103 return -2;
1104 } else {
1105 return EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, p1);
1106 }
1107 case EVP_PKEY_CTRL_EC_KDF_TYPE:
1108 if (p1 == -2) {
1109 return EVP_PKEY_CTX_get_ecdh_kdf_type(ctx);
1110 } else {
1111 return EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, p1);
1112 }
1113 case EVP_PKEY_CTRL_GET_EC_KDF_MD:
1114 return EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, p2);
1115 case EVP_PKEY_CTRL_EC_KDF_MD:
1116 return EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, p2);
1117 case EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN:
1118 return EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, p2);
1119 case EVP_PKEY_CTRL_EC_KDF_OUTLEN:
1120 return EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, p1);
1121 case EVP_PKEY_CTRL_GET_EC_KDF_UKM:
1122 return EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p2);
1123 case EVP_PKEY_CTRL_EC_KDF_UKM:
1124 return EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p2, p1);
4fe54d67
NT		 1125 }
1126 }
e683582b 1127# endif
2decdad3
RL		 1128 if (keytype == EVP_PKEY_RSA) {
1129 switch (cmd) {
1130 case EVP_PKEY_CTRL_RSA_OAEP_MD:
1131 return EVP_PKEY_CTX_set_rsa_oaep_md(ctx, p2);
1132 case EVP_PKEY_CTRL_GET_RSA_OAEP_MD:
1133 return EVP_PKEY_CTX_get_rsa_oaep_md(ctx, p2);
1134 case EVP_PKEY_CTRL_RSA_MGF1_MD:
1135 return EVP_PKEY_CTX_set_rsa_oaep_md(ctx, p2);
1136 case EVP_PKEY_CTRL_RSA_OAEP_LABEL:
1137 return EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, p2, p1);
1138 case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL:
1139 return EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, (unsigned char **)p2);
1140 case EVP_PKEY_CTRL_RSA_KEYGEN_BITS:
1141 return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, p1);
1142 case EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP:
1143 return EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, p2);
1144 case EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES:
1145 return EVP_PKEY_CTX_set_rsa_keygen_primes(ctx, p1);
1146 }
1147 }
1148 /*
1149 * keytype == -1 is used when several key types share the same structure,
1150 * or for generic controls that are the same across multiple key types.
1151 */
4fe54d67 1152 if (keytype == -1) {
ac2d58c7
MC		 1153 if (optype == EVP_PKEY_OP_DERIVE) {
1154 switch (cmd) {
05d2f72e 1155 /* TLS1-PRF */
ac2d58c7
MC		 1156 case EVP_PKEY_CTRL_TLS_MD:
1157 return EVP_PKEY_CTX_set_tls1_prf_md(ctx, p2);
1158 case EVP_PKEY_CTRL_TLS_SECRET:
1159 return EVP_PKEY_CTX_set1_tls1_prf_secret(ctx, p2, p1);
1160 case EVP_PKEY_CTRL_TLS_SEED:
1161 return EVP_PKEY_CTX_add1_tls1_prf_seed(ctx, p2, p1);
05d2f72e
MC		 1162
1163 /* HKDF */
1164 case EVP_PKEY_CTRL_HKDF_MD:
1165 return EVP_PKEY_CTX_set_hkdf_md(ctx, p2);
1166 case EVP_PKEY_CTRL_HKDF_SALT :
1167 return EVP_PKEY_CTX_set1_hkdf_salt(ctx, p2, p1);
1168 case EVP_PKEY_CTRL_HKDF_KEY:
1169 return EVP_PKEY_CTX_set1_hkdf_key(ctx, p2, p1);
1170 case EVP_PKEY_CTRL_HKDF_INFO:
1171 return EVP_PKEY_CTX_add1_hkdf_info(ctx, p2, p1);
1172 case EVP_PKEY_CTRL_HKDF_MODE:
1173 return EVP_PKEY_CTX_hkdf_mode(ctx, p1);
194de849
MC		 1174
1175 /* Scrypt */
1176 case EVP_PKEY_CTRL_PASS:
1177 return EVP_PKEY_CTX_set1_pbe_pass(ctx, p2, p1);
1178 case EVP_PKEY_CTRL_SCRYPT_SALT:
1179 return EVP_PKEY_CTX_set1_scrypt_salt(ctx, p2, p1);
1180 case EVP_PKEY_CTRL_SCRYPT_N:
1181 return EVP_PKEY_CTX_set_scrypt_N(ctx, p1);
1182 case EVP_PKEY_CTRL_SCRYPT_R:
1183 return EVP_PKEY_CTX_set_scrypt_r(ctx, p1);
1184 case EVP_PKEY_CTRL_SCRYPT_P:
1185 return EVP_PKEY_CTX_set_scrypt_p(ctx, p1);
1186 case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES:
1187 return EVP_PKEY_CTX_set_scrypt_maxmem_bytes(ctx, p1);
ac2d58c7
MC		 1188 }
1189 }
4fe54d67 1190 switch (cmd) {
6f4b7663
RL		 1191 case EVP_PKEY_CTRL_MD:
1192 return EVP_PKEY_CTX_set_signature_md(ctx, p2);
1193 case EVP_PKEY_CTRL_GET_MD:
1194 return EVP_PKEY_CTX_get_signature_md(ctx, p2);
1195 case EVP_PKEY_CTRL_RSA_PADDING:
1196 return EVP_PKEY_CTX_set_rsa_padding(ctx, p1);
1197 case EVP_PKEY_CTRL_GET_RSA_PADDING:
1198 return EVP_PKEY_CTX_get_rsa_padding(ctx, p2);
6f4b7663
RL		 1199 case EVP_PKEY_CTRL_GET_RSA_MGF1_MD:
1200 return EVP_PKEY_CTX_get_rsa_oaep_md(ctx, p2);
6f4b7663
RL		 1201 case EVP_PKEY_CTRL_RSA_PSS_SALTLEN:
1202 return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, p1);
1203 case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN:
1204 return EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, p2);
1205 case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
1206 case EVP_PKEY_CTRL_PKCS7_DECRYPT:
e683582b 1207# ifndef OPENSSL_NO_CMS
6f4b7663
RL		 1208 case EVP_PKEY_CTRL_CMS_DECRYPT:
1209 case EVP_PKEY_CTRL_CMS_ENCRYPT:
e683582b 1210# endif
cc572c25
RL		 1211 /* TODO (3.0) Temporary hack, this should probe */
1212 if (!EVP_PKEY_is_a(EVP_PKEY_CTX_get0_pkey(ctx), "RSASSA-PSS"))
6f4b7663
RL		 1213 return 1;
1214 ERR_raise(ERR_LIB_EVP,
1215 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
1216 return -2;
4fe54d67 1217 }
35aca9ec
MC		 1218 }
1219 return 0;
1220}
1221
0b6f3c66 1222int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
0f113f3e
MC		 1223 int cmd, int p1, void *p2)
1224{
1225 int ret;
4803717f 1226
35aca9ec
MC		 1227 if (ctx == NULL) {
1228 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
1229 return -2;
1230 }
1231
864b89ce 1232 if ((EVP_PKEY_CTX_IS_DERIVE_OP(ctx) && ctx->op.kex.exchprovctx != NULL)
48bb9792 1233 || (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
2c938e2e
MC		 1234 && ctx->op.sig.sigprovctx != NULL)
1235 || (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
62924755
RL		 1236 && ctx->op.ciph.ciphprovctx != NULL)
1237 || (EVP_PKEY_CTX_IS_GEN_OP(ctx)
1238 && ctx->op.keymgmt.genctx != NULL))
35aca9ec
MC		 1239 return legacy_ctrl_to_param(ctx, keytype, optype, cmd, p1, p2);
1240
1241 if (ctx->pmeth == NULL || ctx->pmeth->ctrl == NULL) {
0f113f3e
MC		 1242 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
1243 return -2;
1244 }
1245 if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
1246 return -1;
1247
4803717f
PY		 1248 /* Skip the operation checks since this is called in a very early stage */
1249 if (ctx->pmeth->digest_custom != NULL)
1250 goto doit;
1251
0f113f3e
MC		 1252 if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
1253 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);
1254 return -1;
1255 }
1256
1257 if ((optype != -1) && !(ctx->operation & optype)) {
1258 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
1259 return -1;
1260 }
1261
4803717f 1262 doit:
0f113f3e
MC		 1263 ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
1264
1265 if (ret == -2)
1266 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
1267
1268 return ret;
0f113f3e 1269}
0b6f3c66 1270
cefa762e 1271int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
64bf1016 1272 int cmd, uint64_t value)
cefa762e
JB		 1273{
1274 return EVP_PKEY_CTX_ctrl(ctx, keytype, optype, cmd, 0, &value);
1275}
1276
35aca9ec
MC		 1277static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name,
1278 const char *value)
1279{
ac2d58c7
MC		 1280 if (strcmp(name, "md") == 0)
1281 name = OSSL_ALG_PARAM_DIGEST;
1282 else if (strcmp(name, "rsa_padding_mode") == 0)
972fa318
RL		 1283 name = OSSL_ASYM_CIPHER_PARAM_PAD_MODE;
1284 else if (strcmp(name, "rsa_mgf1_md") == 0)
1285 name = OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST;
1286 else if (strcmp(name, "rsa_oaep_md") == 0)
1287 name = OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST;
1288 else if (strcmp(name, "rsa_oaep_label") == 0)
1289 name = OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL;
6f4b7663
RL		 1290 else if (strcmp(name, "rsa_pss_saltlen") == 0)
1291 name = OSSL_SIGNATURE_PARAM_PSS_SALTLEN;
2972af10
RL		 1292 else if (strcmp(name, "rsa_keygen_bits") == 0)
1293 name = OSSL_PKEY_PARAM_RSA_BITS;
1294 else if (strcmp(name, "rsa_keygen_pubexp") == 0)
1295 name = OSSL_PKEY_PARAM_RSA_E;
1296 else if (strcmp(name, "rsa_keygen_primes") == 0)
1297 name = OSSL_PKEY_PARAM_RSA_PRIMES;
e25761b1
RL		 1298 else if (strcmp(name, "rsa_pss_keygen_md") == 0)
1299 name = OSSL_PKEY_PARAM_RSA_DIGEST;
1300 else if (strcmp(name, "rsa_pss_keygen_mgf1_md") == 0)
1301 name = OSSL_PKEY_PARAM_RSA_MGF1_DIGEST;
1302 else if (strcmp(name, "rsa_pss_keygen_saltlen") == 0)
1303 name = OSSL_PKEY_PARAM_RSA_PSS_SALTLEN;
b03ec3b5
SL		 1304# ifndef OPENSSL_NO_DSA
1305 else if (strcmp(name, "dsa_paramgen_bits") == 0)
1306 name = OSSL_PKEY_PARAM_FFC_PBITS;
1307 else if (strcmp(name, "dsa_paramgen_q_bits") == 0)
1308 name = OSSL_PKEY_PARAM_FFC_QBITS;
1309 else if (strcmp(name, "dsa_paramgen_md") == 0)
1310 name = OSSL_PKEY_PARAM_FFC_DIGEST;
1311# endif
e683582b 1312# ifndef OPENSSL_NO_DH
7165593c 1313 else if (strcmp(name, "dh_paramgen_generator") == 0)
b8086652 1314 name = OSSL_PKEY_PARAM_DH_GENERATOR;
7165593c
SL		 1315 else if (strcmp(name, "dh_paramgen_prime_len") == 0)
1316 name = OSSL_PKEY_PARAM_FFC_PBITS;
1317 else if (strcmp(name, "dh_paramgen_subprime_len") == 0)
1318 name = OSSL_PKEY_PARAM_FFC_QBITS;
1319 else if (strcmp(name, "dh_paramgen_type") == 0) {
1320 name = OSSL_PKEY_PARAM_FFC_TYPE;
1321 value = dh_gen_type_id2name(atoi(value));
1322 } else if (strcmp(name, "dh_param") == 0)
023b188c 1323 name = OSSL_PKEY_PARAM_GROUP_NAME;
7165593c 1324 else if (strcmp(name, "dh_rfc5114") == 0) {
023b188c 1325 name = OSSL_PKEY_PARAM_GROUP_NAME;
7165593c
SL		 1326 value = ffc_named_group_from_uid(atoi(value));
1327 } else if (strcmp(name, "dh_pad") == 0)
972fa318 1328 name = OSSL_EXCHANGE_PARAM_PAD;
e683582b 1329# endif
4fe54d67 1330# ifndef OPENSSL_NO_EC
10d756a7 1331 else if (strcmp(name, "ec_paramgen_curve") == 0)
11a1b341 1332 name = OSSL_PKEY_PARAM_GROUP_NAME;
4fe54d67
NT		 1333 else if (strcmp(name, "ecdh_cofactor_mode") == 0)
1334 name = OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE;
1335 else if (strcmp(name, "ecdh_kdf_md") == 0)
f552d900 1336 name = OSSL_EXCHANGE_PARAM_KDF_DIGEST;
c0f39ded
SL		 1337 else if (strcmp(name, "ec_param_enc") == 0)
1338 name = OSSL_PKEY_PARAM_EC_ENCODING;
4fe54d67 1339# endif
194de849
MC		 1340 else if (strcmp(name, "N") == 0)
1341 name = OSSL_KDF_PARAM_SCRYPT_N;
89abd1b6 1342
972fa318
RL		 1343 {
1344 /*
1345 * TODO(3.0) reduce the code above to only translate known legacy
1346 * string to the corresponding core name (see core_names.h), but
1347 * otherwise leave it to this code block to do the actual work.
1348 */
1349 const OSSL_PARAM *settable = EVP_PKEY_CTX_settable_params(ctx);
1350 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
1351 int rv = 0;
292c8bdc 1352 int exists = 0;
89abd1b6 1353
972fa318 1354 if (!OSSL_PARAM_allocate_from_text(&params[0], settable, name, value,
292c8bdc
P		 1355 strlen(value), &exists)) {
1356 if (!exists) {
e25761b1
RL		 1357 ERR_raise_data(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED,
1358 "name=%s,value=%s", name, value);
292c8bdc
P		 1359 return -2;
1360 }
89abd1b6 1361 return 0;
292c8bdc 1362 }
972fa318
RL		 1363 if (EVP_PKEY_CTX_set_params(ctx, params))
1364 rv = 1;
1365 OPENSSL_free(params[0].data);
1366 return rv;
89abd1b6 1367 }
35aca9ec
MC		 1368}
1369
4a3dc3c0 1370int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
0f113f3e
MC		 1371 const char *name, const char *value)
1372{
35aca9ec
MC		 1373 if (ctx == NULL) {
1374 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED);
1375 return -2;
1376 }
1377
864b89ce
MC		 1378 if ((EVP_PKEY_CTX_IS_DERIVE_OP(ctx) && ctx->op.kex.exchprovctx != NULL)
1379 || (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
2c938e2e
MC		 1380 && ctx->op.sig.sigprovctx != NULL)
1381 || (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
62924755
RL		 1382 && ctx->op.ciph.ciphprovctx != NULL)
1383 || (EVP_PKEY_CTX_IS_GEN_OP(ctx)
1384 && ctx->op.keymgmt.genctx != NULL))
35aca9ec
MC		 1385 return legacy_ctrl_str_to_param(ctx, name, value);
1386
0f113f3e
MC		 1387 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
1388 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED);
1389 return -2;
1390 }
410877ba
DSH		 1391 if (strcmp(name, "digest") == 0)
1392 return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_MD,
1393 value);
0f113f3e
MC		 1394 return ctx->pmeth->ctrl_str(ctx, name, value);
1395}
f5cda4cb 1396
99119000
DSH		 1397/* Utility functions to send a string of hex string to a ctrl */
1398
1399int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str)
1400{
1401 size_t len;
1402
1403 len = strlen(str);
1404 if (len > INT_MAX)
1405 return -1;
1406 return ctx->pmeth->ctrl(ctx, cmd, len, (void *)str);
1407}
1408
1409int EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hex)
1410{
1411 unsigned char *bin;
1412 long binlen;
1413 int rv = -1;
1414
14f051a0 1415 bin = OPENSSL_hexstr2buf(hex, &binlen);
99119000
DSH		 1416 if (bin == NULL)
1417 return 0;
1418 if (binlen <= INT_MAX)
1419 rv = ctx->pmeth->ctrl(ctx, cmd, binlen, bin);
1420 OPENSSL_free(bin);
1421 return rv;
1422}
52ad523c 1423
410877ba
DSH		 1424/* Pass a message digest to a ctrl */
1425int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md)
1426{
1427 const EVP_MD *m;
c82bafc5 1428
410877ba
DSH		 1429 if (md == NULL || (m = EVP_get_digestbyname(md)) == NULL) {
1430 EVPerr(EVP_F_EVP_PKEY_CTX_MD, EVP_R_INVALID_DIGEST);
1431 return 0;
1432 }
1433 return EVP_PKEY_CTX_ctrl(ctx, -1, optype, cmd, 0, (void *)m);
1434}
99119000 1435
b28dea4e 1436int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
0f113f3e
MC		 1437{
1438 return ctx->operation;
1439}
b28dea4e
DSH		 1440
1441void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
0f113f3e
MC		 1442{
1443 ctx->keygen_info = dat;
1444 ctx->keygen_info_count = datlen;
1445}
b28dea4e 1446
f5cda4cb 1447void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
0f113f3e
MC		 1448{
1449 ctx->data = data;
1450}
f5cda4cb 1451
9fdcc21f 1452void *EVP_PKEY_CTX_get_data(const EVP_PKEY_CTX *ctx)
0f113f3e
MC		 1453{
1454 return ctx->data;
1455}
f5cda4cb 1456
81cebb8b 1457EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
0f113f3e
MC		 1458{
1459 return ctx->pkey;
1460}
81cebb8b 1461
0e1dba93 1462EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
0f113f3e
MC		 1463{
1464 return ctx->peerkey;
1465}
1466
f5cda4cb 1467void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
0f113f3e
MC		 1468{
1469 ctx->app_data = data;
1470}
f5cda4cb
DSH		 1471
1472void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
0f113f3e
MC		 1473{
1474 return ctx->app_data;
1475}
ba30bad5
DSH		 1476
1477void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1478 int (*init) (EVP_PKEY_CTX *ctx))
1479{
1480 pmeth->init = init;
1481}
8bdcef40
DSH		 1482
1483void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
0f113f3e 1484 int (*copy) (EVP_PKEY_CTX *dst,
9fdcc21f 1485 const EVP_PKEY_CTX *src))
0f113f3e
MC		 1486{
1487 pmeth->copy = copy;
1488}
ba30bad5
DSH		 1489
1490void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1491 void (*cleanup) (EVP_PKEY_CTX *ctx))
1492{
1493 pmeth->cleanup = cleanup;
1494}
ba30bad5
DSH		 1495
1496void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1497 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
1498 int (*paramgen) (EVP_PKEY_CTX *ctx,
1499 EVP_PKEY *pkey))
1500{
1501 pmeth->paramgen_init = paramgen_init;
1502 pmeth->paramgen = paramgen;
1503}
ba30bad5
DSH		 1504
1505void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1506 int (*keygen_init) (EVP_PKEY_CTX *ctx),
1507 int (*keygen) (EVP_PKEY_CTX *ctx,
1508 EVP_PKEY *pkey))
1509{
1510 pmeth->keygen_init = keygen_init;
1511 pmeth->keygen = keygen;
1512}
ba30bad5
DSH		 1513
1514void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1515 int (*sign_init) (EVP_PKEY_CTX *ctx),
1516 int (*sign) (EVP_PKEY_CTX *ctx,
1517 unsigned char *sig, size_t *siglen,
1518 const unsigned char *tbs,
1519 size_t tbslen))
1520{
1521 pmeth->sign_init = sign_init;
1522 pmeth->sign = sign;
1523}
ba30bad5
DSH		 1524
1525void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1526 int (*verify_init) (EVP_PKEY_CTX *ctx),
1527 int (*verify) (EVP_PKEY_CTX *ctx,
1528 const unsigned char *sig,
1529 size_t siglen,
1530 const unsigned char *tbs,
1531 size_t tbslen))
1532{
1533 pmeth->verify_init = verify_init;
1534 pmeth->verify = verify;
1535}
ba30bad5
DSH		 1536
1537void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1538 int (*verify_recover_init) (EVP_PKEY_CTX
1539 *ctx),
1540 int (*verify_recover) (EVP_PKEY_CTX
1541 *ctx,
1542 unsigned char
1543 *sig,
1544 size_t *siglen,
1545 const unsigned
1546 char *tbs,
1547 size_t tbslen))
1548{
1549 pmeth->verify_recover_init = verify_recover_init;
1550 pmeth->verify_recover = verify_recover;
1551}
ba30bad5
DSH		 1552
1553void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1554 int (*signctx_init) (EVP_PKEY_CTX *ctx,
1555 EVP_MD_CTX *mctx),
1556 int (*signctx) (EVP_PKEY_CTX *ctx,
1557 unsigned char *sig,
1558 size_t *siglen,
1559 EVP_MD_CTX *mctx))
1560{
1561 pmeth->signctx_init = signctx_init;
1562 pmeth->signctx = signctx;
1563}
ba30bad5
DSH		 1564
1565void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1566 int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
1567 EVP_MD_CTX *mctx),
1568 int (*verifyctx) (EVP_PKEY_CTX *ctx,
1569 const unsigned char *sig,
1570 int siglen,
1571 EVP_MD_CTX *mctx))
1572{
1573 pmeth->verifyctx_init = verifyctx_init;
1574 pmeth->verifyctx = verifyctx;
1575}
ba30bad5
DSH		 1576
1577void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1578 int (*encrypt_init) (EVP_PKEY_CTX *ctx),
1579 int (*encryptfn) (EVP_PKEY_CTX *ctx,
1580 unsigned char *out,
1581 size_t *outlen,
1582 const unsigned char *in,
1583 size_t inlen))
1584{
1585 pmeth->encrypt_init = encrypt_init;
1586 pmeth->encrypt = encryptfn;
1587}
ba30bad5
DSH		 1588
1589void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1590 int (*decrypt_init) (EVP_PKEY_CTX *ctx),
1591 int (*decrypt) (EVP_PKEY_CTX *ctx,
1592 unsigned char *out,
1593 size_t *outlen,
1594 const unsigned char *in,
1595 size_t inlen))
1596{
1597 pmeth->decrypt_init = decrypt_init;
1598 pmeth->decrypt = decrypt;
1599}
ba30bad5
DSH		 1600
1601void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1602 int (*derive_init) (EVP_PKEY_CTX *ctx),
1603 int (*derive) (EVP_PKEY_CTX *ctx,
1604 unsigned char *key,
1605 size_t *keylen))
1606{
1607 pmeth->derive_init = derive_init;
1608 pmeth->derive = derive;
1609}
ba30bad5
DSH		 1610
1611void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
0f113f3e
MC		 1612 int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
1613 void *p2),
1614 int (*ctrl_str) (EVP_PKEY_CTX *ctx,
1615 const char *type,
1616 const char *value))
1617{
1618 pmeth->ctrl = ctrl;
1619 pmeth->ctrl_str = ctrl_str;
1620}
e7451ed1 1621
2555285f
AH		 1622void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
1623 int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
1624 const unsigned char *tbs, size_t tbslen))
1625{
1626 pmeth->digestsign = digestsign;
1627}
1628
1629void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
1630 int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
1631 size_t siglen, const unsigned char *tbs,
1632 size_t tbslen))
1633{
1634 pmeth->digestverify = digestverify;
1635}
1636
2aee35d3
PY		 1637void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
1638 int (*check) (EVP_PKEY *pkey))
1639{
1640 pmeth->check = check;
1641}
1642
b0004708
PY		 1643void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
1644 int (*check) (EVP_PKEY *pkey))
1645{
1646 pmeth->public_check = check;
1647}
1648
1649void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
1650 int (*check) (EVP_PKEY *pkey))
1651{
1652 pmeth->param_check = check;
1653}
1654
0a8fdef7
PY		 1655void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
1656 int (*digest_custom) (EVP_PKEY_CTX *ctx,
1657 EVP_MD_CTX *mctx))
1658{
1659 pmeth->digest_custom = digest_custom;
1660}
1661
693be9a2 1662void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1663 int (**pinit) (EVP_PKEY_CTX *ctx))
1664{
1665 *pinit = pmeth->init;
1666}
1667
693be9a2 1668void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
e7451ed1 1669 int (**pcopy) (EVP_PKEY_CTX *dst,
9fdcc21f 1670 const EVP_PKEY_CTX *src))
e7451ed1
DSH		 1671{
1672 *pcopy = pmeth->copy;
1673}
1674
693be9a2 1675void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1676 void (**pcleanup) (EVP_PKEY_CTX *ctx))
1677{
1678 *pcleanup = pmeth->cleanup;
1679}
1680
693be9a2 1681void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1682 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
1683 int (**pparamgen) (EVP_PKEY_CTX *ctx,
1684 EVP_PKEY *pkey))
1685{
1686 if (pparamgen_init)
1687 *pparamgen_init = pmeth->paramgen_init;
1688 if (pparamgen)
1689 *pparamgen = pmeth->paramgen;
1690}
1691
693be9a2 1692void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1693 int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
1694 int (**pkeygen) (EVP_PKEY_CTX *ctx,
1695 EVP_PKEY *pkey))
1696{
1697 if (pkeygen_init)
1698 *pkeygen_init = pmeth->keygen_init;
1699 if (pkeygen)
1700 *pkeygen = pmeth->keygen;
1701}
1702
693be9a2 1703void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1704 int (**psign_init) (EVP_PKEY_CTX *ctx),
1705 int (**psign) (EVP_PKEY_CTX *ctx,
1706 unsigned char *sig, size_t *siglen,
1707 const unsigned char *tbs,
1708 size_t tbslen))
1709{
1710 if (psign_init)
1711 *psign_init = pmeth->sign_init;
1712 if (psign)
1713 *psign = pmeth->sign;
1714}
1715
693be9a2 1716void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1717 int (**pverify_init) (EVP_PKEY_CTX *ctx),
1718 int (**pverify) (EVP_PKEY_CTX *ctx,
1719 const unsigned char *sig,
1720 size_t siglen,
1721 const unsigned char *tbs,
1722 size_t tbslen))
1723{
1724 if (pverify_init)
1725 *pverify_init = pmeth->verify_init;
1726 if (pverify)
1727 *pverify = pmeth->verify;
1728}
1729
693be9a2 1730void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1731 int (**pverify_recover_init) (EVP_PKEY_CTX
1732 *ctx),
1733 int (**pverify_recover) (EVP_PKEY_CTX
1734 *ctx,
1735 unsigned char
1736 *sig,
1737 size_t *siglen,
1738 const unsigned
1739 char *tbs,
1740 size_t tbslen))
1741{
1742 if (pverify_recover_init)
1743 *pverify_recover_init = pmeth->verify_recover_init;
1744 if (pverify_recover)
1745 *pverify_recover = pmeth->verify_recover;
1746}
1747
693be9a2 1748void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1749 int (**psignctx_init) (EVP_PKEY_CTX *ctx,
1750 EVP_MD_CTX *mctx),
1751 int (**psignctx) (EVP_PKEY_CTX *ctx,
1752 unsigned char *sig,
1753 size_t *siglen,
1754 EVP_MD_CTX *mctx))
1755{
1756 if (psignctx_init)
1757 *psignctx_init = pmeth->signctx_init;
1758 if (psignctx)
1759 *psignctx = pmeth->signctx;
1760}
1761
693be9a2 1762void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1763 int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
1764 EVP_MD_CTX *mctx),
1765 int (**pverifyctx) (EVP_PKEY_CTX *ctx,
1766 const unsigned char *sig,
1767 int siglen,
1768 EVP_MD_CTX *mctx))
1769{
1770 if (pverifyctx_init)
1771 *pverifyctx_init = pmeth->verifyctx_init;
1772 if (pverifyctx)
1773 *pverifyctx = pmeth->verifyctx;
1774}
1775
693be9a2 1776void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1777 int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
1778 int (**pencryptfn) (EVP_PKEY_CTX *ctx,
1779 unsigned char *out,
1780 size_t *outlen,
1781 const unsigned char *in,
1782 size_t inlen))
1783{
1784 if (pencrypt_init)
1785 *pencrypt_init = pmeth->encrypt_init;
1786 if (pencryptfn)
1787 *pencryptfn = pmeth->encrypt;
1788}
1789
693be9a2 1790void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1791 int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
1792 int (**pdecrypt) (EVP_PKEY_CTX *ctx,
1793 unsigned char *out,
1794 size_t *outlen,
1795 const unsigned char *in,
1796 size_t inlen))
1797{
1798 if (pdecrypt_init)
1799 *pdecrypt_init = pmeth->decrypt_init;
1800 if (pdecrypt)
1801 *pdecrypt = pmeth->decrypt;
1802}
1803
693be9a2 1804void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1805 int (**pderive_init) (EVP_PKEY_CTX *ctx),
1806 int (**pderive) (EVP_PKEY_CTX *ctx,
1807 unsigned char *key,
1808 size_t *keylen))
1809{
1810 if (pderive_init)
1811 *pderive_init = pmeth->derive_init;
1812 if (pderive)
1813 *pderive = pmeth->derive;
1814}
1815
693be9a2 1816void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
e7451ed1
DSH		 1817 int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
1818 void *p2),
1819 int (**pctrl_str) (EVP_PKEY_CTX *ctx,
1820 const char *type,
1821 const char *value))
1822{
1823 if (pctrl)
1824 *pctrl = pmeth->ctrl;
1825 if (pctrl_str)
1826 *pctrl_str = pmeth->ctrl_str;
1827}
2aee35d3 1828
2555285f
AH		 1829void EVP_PKEY_meth_get_digestsign(EVP_PKEY_METHOD *pmeth,
1830 int (**digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
1831 const unsigned char *tbs, size_t tbslen))
1832{
1833 if (digestsign)
1834 *digestsign = pmeth->digestsign;
1835}
1836
1837void EVP_PKEY_meth_get_digestverify(EVP_PKEY_METHOD *pmeth,
1838 int (**digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
1839 size_t siglen, const unsigned char *tbs,
1840 size_t tbslen))
1841{
1842 if (digestverify)
1843 *digestverify = pmeth->digestverify;
1844}
1845
693be9a2 1846void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
2aee35d3
PY		 1847 int (**pcheck) (EVP_PKEY *pkey))
1848{
34f5c8b1 1849 if (pcheck != NULL)
2aee35d3
PY		 1850 *pcheck = pmeth->check;
1851}
b0004708 1852
693be9a2 1853void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
b0004708
PY		 1854 int (**pcheck) (EVP_PKEY *pkey))
1855{
34f5c8b1 1856 if (pcheck != NULL)
b0004708
PY		 1857 *pcheck = pmeth->public_check;
1858}
1859
693be9a2 1860void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
b0004708
PY		 1861 int (**pcheck) (EVP_PKEY *pkey))
1862{
34f5c8b1 1863 if (pcheck != NULL)
b0004708
PY		 1864 *pcheck = pmeth->param_check;
1865}
0a8fdef7
PY		 1866
1867void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
1868 int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
1869 EVP_MD_CTX *mctx))
1870{
675f4cee 1871 if (pdigest_custom != NULL)
0a8fdef7
PY		 1872 *pdigest_custom = pmeth->digest_custom;
1873}
e683582b 1874
f844f9eb 1875#endif /* FIPS_MODULE */
A mirror of the official openssl repository