ecx: add security category support

author Pauli <ppzgs1@gmail.com>

Tue, 6 May 2025 03:08:37 +0000 (13:08 +1000)

committer Pauli <ppzgs1@gmail.com>

Tue, 27 May 2025 08:01:44 +0000 (18:01 +1000)
author Pauli <ppzgs1@gmail.com>
Tue, 6 May 2025 03:08:37 +0000 (13:08 +1000)
committer Pauli <ppzgs1@gmail.com>
Tue, 27 May 2025 08:01:44 +0000 (18:01 +1000)
diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c

index b229b0bf39ca26a6743d76213b28e837f8ea8823..3324eab99eb48d6ee0fe196729c655f7ef4b59cd 100644 (file)
--- a/providers/implementations/keymgmt/ecx_kmgmt.c
+++ b/providers/implementations/keymgmt/ecx_kmgmt.c
@@ -304,6 +304,10 @@ static int ecx_get_params(void *key, OSSL_PARAM params[], int bits, int secbits,
          if (!OSSL_PARAM_set_octet_string(p, ecx->pubkey, ecx->keylen))
              return 0;
      }
+    if ((p = OSSL_PARAM_locate(params,
+                               OSSL_PKEY_PARAM_SECURITY_CATEGORY)) != NULL
+        && !OSSL_PARAM_set_int(p, 0))
+            return 0;
  #ifdef FIPS_MODULE
      {
          /* X25519 and X448 are not approved */
@@ -359,6 +363,7 @@ static const OSSL_PARAM ecx_gettable_params[] = {
      OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
      OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
      OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
+    OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_CATEGORY, NULL),
      OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
      ECX_KEY_TYPES(),
      OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
author	Pauli <ppzgs1@gmail.com>
	Tue, 6 May 2025 03:08:37 +0000 (13:08 +1000)
committer	Pauli <ppzgs1@gmail.com>
	Tue, 27 May 2025 08:01:44 +0000 (18:01 +1000)