lib-dcrypt: Add key usage and id

These can be used for e.g. JWK keys.

diff --git a/src/lib-dcrypt/dcrypt-openssl.c b/src/lib-dcrypt/dcrypt-openssl.c
index 70a6bfa8133ea34a32a3f1881ac003e4c046b552..d56a05744f7416b4142d237a922517a10478b151 100644 (file)
--- a/src/lib-dcrypt/dcrypt-openssl.c
+++ b/src/lib-dcrypt/dcrypt-openssl.c
@@ -2198,6 +2198,7 @@ static void dcrypt_openssl_unref_public_key(struct dcrypt_public_key **key)
        *key = NULL;
        if (--_key->ref > 0) return;
        EVP_PKEY_free(_key->key);
+       i_free(_key->key_id);
        i_free(_key);
 }
 
@@ -2211,6 +2212,7 @@ static void dcrypt_openssl_unref_private_key(struct dcrypt_private_key **key)
        *key = NULL;
        if (--_key->ref > 0) return;
        EVP_PKEY_free(_key->key);
+       i_free(_key->key_id);
        i_free(_key);
 }
 

diff --git a/src/lib-dcrypt/dcrypt-private.h b/src/lib-dcrypt/dcrypt-private.h
index 13bfadbec7ee704371231c508d61b10c97714252..6701e46b06a8ed5053b13217080f10fd85977fb6 100644 (file)
--- a/src/lib-dcrypt/dcrypt-private.h
+++ b/src/lib-dcrypt/dcrypt-private.h
@@ -171,6 +171,16 @@ struct dcrypt_vfs {
                                    const char **error_r);
        bool (*key_get_curve_public)(struct dcrypt_public_key *key,
                                     const char **curve_r, const char **error_r);
+       const char *(*key_get_id_public)(struct dcrypt_public_key *key);
+       const char *(*key_get_id_private)(struct dcrypt_private_key *key);
+       void (*key_set_id_public)(struct dcrypt_public_key *key, const char *id);
+       void (*key_set_id_private)(struct dcrypt_private_key *key, const char *id);
+       enum dcrypt_key_usage (*key_get_usage_public)(struct dcrypt_public_key *key);
+       enum dcrypt_key_usage (*key_get_usage_private)(struct dcrypt_private_key *key);
+       void (*key_set_usage_public)(struct dcrypt_public_key *key,
+                                    enum dcrypt_key_usage usage);
+       void (*key_set_usage_private)(struct dcrypt_private_key *key,
+                                     enum dcrypt_key_usage usage);
 };
 
 void dcrypt_set_vfs(struct dcrypt_vfs *vfs);

diff --git a/src/lib-dcrypt/dcrypt.c b/src/lib-dcrypt/dcrypt.c
index 77a3bd0ae86b9f1c753609adfcfea1cd95ac4ffa..6405ef6b50a37997643fde1f2a719f873be5daf4 100644 (file)
--- a/src/lib-dcrypt/dcrypt.c
+++ b/src/lib-dcrypt/dcrypt.c
@@ -501,3 +501,69 @@ bool dcrypt_key_get_curve_public(struct dcrypt_public_key *key,
        }
        return dcrypt_vfs->key_get_curve_public(key, curve_r, error_r);
 }
+
+const char *dcrypt_key_get_id_public(struct dcrypt_public_key *key)
+{
+       i_assert(dcrypt_vfs != NULL);
+       if (dcrypt_vfs->key_get_id_public == NULL)
+               return NULL;
+       return dcrypt_vfs->key_get_id_public(key);
+}
+
+const char *dcrypt_key_get_id_private(struct dcrypt_private_key *key)
+{
+       i_assert(dcrypt_vfs != NULL);
+       if (dcrypt_vfs->key_get_id_private == NULL)
+               return NULL;
+       return dcrypt_vfs->key_get_id_private(key);
+}
+
+void dcrypt_key_set_id_public(struct dcrypt_public_key *key, const char *id)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_set_id_public == NULL)
+                return;
+        dcrypt_vfs->key_set_id_public(key, id);
+}
+
+void dcrypt_key_set_id_private(struct dcrypt_private_key *key, const char *id)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_set_id_private == NULL)
+                return;
+        dcrypt_vfs->key_set_id_private(key, id);
+}
+
+enum dcrypt_key_usage dcrypt_key_get_usage_public(struct dcrypt_public_key *key)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_get_usage_public == NULL)
+                return DCRYPT_KEY_USAGE_NONE;
+        return dcrypt_vfs->key_get_usage_public(key);
+}
+
+enum dcrypt_key_usage dcrypt_key_get_usage_private(struct dcrypt_private_key *key)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_get_usage_private == NULL)
+                return DCRYPT_KEY_USAGE_NONE;
+        return dcrypt_vfs->key_get_usage_private(key);
+}
+
+void dcrypt_key_set_usage_public(struct dcrypt_public_key *key,
+                                enum dcrypt_key_usage usage)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_set_usage_public == NULL)
+                return;
+        dcrypt_vfs->key_set_usage_public(key, usage);
+}
+
+void dcrypt_key_set_usage_private(struct dcrypt_private_key *key,
+                                 enum dcrypt_key_usage usage)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_set_usage_private == NULL)
+                return;
+        dcrypt_vfs->key_set_usage_private(key, usage);
+}

diff --git a/src/lib-dcrypt/dcrypt.h b/src/lib-dcrypt/dcrypt.h
index 79a334f665536fcd7d0d7652db7e947cfc3fbb4a..24c74990807f80293f1f0a7dd2491e7f36715e9b 100644 (file)
--- a/src/lib-dcrypt/dcrypt.h
+++ b/src/lib-dcrypt/dcrypt.h
@@ -326,6 +326,20 @@ bool dcrypt_key_string_get_info(const char *key_data,
                                const char **encryption_key_hash_r,
                                const char **key_hash_r, const char **error_r);
 
+/* Get/Set key identifier, this is optional opaque string identifying the key. */
+const char *dcrypt_key_get_id_public(struct dcrypt_public_key *key);
+const char *dcrypt_key_get_id_private(struct dcrypt_private_key *key);
+void dcrypt_key_set_id_public(struct dcrypt_public_key *key, const char *id);
+void dcrypt_key_set_id_private(struct dcrypt_private_key *key, const char *id);
+
+/* Get/Set key usage, optional. Defaults to NONE */
+enum dcrypt_key_usage dcrypt_key_get_usage_public(struct dcrypt_public_key *key);
+enum dcrypt_key_usage dcrypt_key_get_usage_private(struct dcrypt_private_key *key);
+void dcrypt_key_set_usage_public(struct dcrypt_public_key *key,
+                                enum dcrypt_key_usage usage);
+void dcrypt_key_set_usage_private(struct dcrypt_private_key *key,
+                                 enum dcrypt_key_usage usage);
+
 /* RSA stuff */
 bool dcrypt_rsa_encrypt(struct dcrypt_public_key *key,
                        const unsigned char *data, size_t data_len,