From: Pauli Date: Tue, 19 Aug 2025 02:44:09 +0000 (+1000) Subject: keymgmt: update template X-Git-Tag: openssl-3.6.0-alpha1~67 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3f5561a9f4274fa591af52099da8844c1e8cafb5;p=thirdparty%2Fopenssl.git keymgmt: update template The template file is exhibiting some bitrot: 1. convert to using generated param name decoders 2. add the missing `template_imexport_types` function. Reviewed-by: Tomas Mraz Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/28275) --- diff --git a/.gitignore b/.gitignore index 6bafc4dae7e..ed2d2ae1a66 100644 --- a/.gitignore +++ b/.gitignore @@ -127,6 +127,7 @@ providers/implementations/keymgmt/ml_dsa_kmgmt.c providers/implementations/keymgmt/ml_kem_kmgmt.c providers/implementations/keymgmt/mlx_kmgmt.c providers/implementations/keymgmt/slh_dsa_kmgmt.c +providers/implementations/keymgmt/template_kmgmt.c providers/implementations/signature/eddsa_sig.c providers/implementations/signature/ml_dsa_sig.c providers/implementations/signature/rsa_sig.c diff --git a/build.info b/build.info index 7d4860bd266..ca99292bc4a 100644 --- a/build.info +++ b/build.info @@ -84,6 +84,7 @@ DEPEND[]=include/openssl/asn1.h \ providers/implementations/keymgmt/ml_kem_kmgmt.c \ providers/implementations/keymgmt/mlx_kmgmt.c \ providers/implementations/keymgmt/slh_dsa_kmgmt.c \ + providers/implementations/keymgmt/template_kmgmt.c \ providers/implementations/signature/dsa_sig.c \ providers/implementations/signature/ecdsa_sig.c \ providers/implementations/signature/eddsa_sig.c \ @@ -186,6 +187,7 @@ DEPEND[providers/implementations/asymciphers/rsa_enc.c \ providers/implementations/keymgmt/ml_kem_kmgmt.c \ providers/implementations/keymgmt/mlx_kmgmt.c \ providers/implementations/keymgmt/slh_dsa_kmgmt.c \ + providers/implementations/keymgmt/template_kmgmt.c \ providers/implementations/signature/dsa_sig.c \ providers/implementations/signature/ecdsa_sig.c \ providers/implementations/signature/eddsa_sig.c \ @@ -291,6 +293,8 @@ GENERATE[providers/implementations/keymgmt/mlx_kmgmt.c]=\ providers/implementations/keymgmt/mlx_kmgmt.c.in GENERATE[providers/implementations/keymgmt/slh_dsa_kmgmt.c]=\ providers/implementations/keymgmt/slh_dsa_kmgmt.c.in +GENERATE[providers/implementations/keymgmt/template_kmgmt.c]=\ + providers/implementations/keymgmt/template_kmgmt.c.in GENERATE[providers/implementations/signature/dsa_sig.c]=\ providers/implementations/signature/dsa_sig.c.in GENERATE[providers/implementations/signature/ecdsa_sig.c]=\ diff --git a/providers/implementations/keymgmt/template_kmgmt.c b/providers/implementations/keymgmt/template_kmgmt.c.in similarity index 81% rename from providers/implementations/keymgmt/template_kmgmt.c rename to providers/implementations/keymgmt/template_kmgmt.c.in index c54ad7837e5..b908039237f 100644 --- a/providers/implementations/keymgmt/template_kmgmt.c +++ b/providers/implementations/keymgmt/template_kmgmt.c.in @@ -6,6 +6,9 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} #include #include @@ -38,8 +41,6 @@ static void debug_print(char *fmt, ...) va_start(argptr, fmt); vsnprintf(out, BUFSIZE, fmt, argptr); va_end(argptr); - if (getenv("TEMPLATEKM")) - fprintf(stderr, "TEMPLATE_KM: %s", out); } #endif @@ -180,32 +181,30 @@ err: return ret; } +{- produce_param_decoder('template_key_types', + (['PKEY_PARAM_PUB_KEY', 'pub_key', 'octet_string'], + ['PKEY_PARAM_PRIV_KEY', 'priv_key', 'octet_string'], + )); -} + static int ossl_template_key_fromdata(void *key, const OSSL_PARAM params[], int include_private) { - const OSSL_PARAM *param_priv_key = NULL, *param_pub_key; + struct template_key_types_st p; - if (key == NULL) - return 0; - if (ossl_param_is_empty(params)) + if (key == NULL || !template_key_types_decoder(params, &p)) return 0; /* validate integrity of key (algorithm type specific) */ - param_pub_key = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY); - if (include_private) - param_priv_key = - OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY); - - if (param_pub_key == NULL && param_priv_key == NULL) + if (p.pub_key == NULL && p.priv_key == NULL) return 0; - if (param_priv_key != NULL) { + if (include_private && p.priv_key != NULL) { /* retrieve private key and check integrity */ } - if (param_pub_key != NULL) { + if (p.pub_key != NULL) { /* retrieve public key and check integrity */ } @@ -231,76 +230,66 @@ static int template_import(void *key, int selection, const OSSL_PARAM params[]) return ok; } -#define TEMPLATE_KEY_TYPES() \ - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0), \ - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0) - -static const OSSL_PARAM template_key_types[] = { - TEMPLATE_KEY_TYPES(), - OSSL_PARAM_END -}; - static const OSSL_PARAM *template_imexport_types(int selection) { - debug_print("getting imexport types\n"); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) - return template_key_types; + return template_key_types_list; return NULL; } +{- produce_param_decoder('template_get_params', + (['PKEY_PARAM_BITS', 'bits', 'int'], + ['PKEY_PARAM_SECURITY_BITS', 'secbits', 'int'], + ['PKEY_PARAM_MAX_SIZE', 'size', 'int'], + ['PKEY_PARAM_SECURITY_CATEGORY', 'seccat', 'int'], + ['PKEY_PARAM_ENCODED_PUBLIC_KEY', 'encpub', 'octet_string'], + )); -} + static int template_get_params(void *key, OSSL_PARAM params[]) { - OSSL_PARAM *p; + struct template_get_params_st p; debug_print("get params %p\n", key); - if (ossl_param_is_empty(params)) + if (key == NULL || !template_get_params_decoder(params, &p)) return 0; /* return sensible values for at least these parameters */ - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_BITS)) != NULL - && !OSSL_PARAM_set_int(p, 0)) + if (p.bits != NULL && !OSSL_PARAM_set_int(p.bits, 0)) return 0; - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_SECURITY_BITS)) != NULL - && !OSSL_PARAM_set_int(p, 0)) + if (p.secbits != NULL && !OSSL_PARAM_set_int(p.secbits, 0)) return 0; - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL - && !OSSL_PARAM_set_int(p, 0)) + if (p.size != NULL && !OSSL_PARAM_set_int(p.size, 0)) + return 0; + if (p.seccat != NULL && !OSSL_PARAM_set_int(p.seccat, 0)) + return 0; + if (p.encpub != NULL && !OSSL_PARAM_set_octet_string(p.encpub, NULL, 0)) return 0; - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL) { - if (!OSSL_PARAM_set_octet_string(p, NULL, 0)) - return 0; - } debug_print("get params OK\n"); return 1; } -static const OSSL_PARAM template_gettable_params_arr[] = { - OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL), - OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL), - OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL), - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), - OSSL_PARAM_END -}; - static const OSSL_PARAM *template_gettable_params(void *provctx) { debug_print("gettable params called\n"); - return template_gettable_params_arr; + return template_get_params_list; } +{- produce_param_decoder('template_set_params', + (['PKEY_PARAM_ENCODED_PUBLIC_KEY', 'pub', 'octet_string'], + )); -} + static int template_set_params(void *key, const OSSL_PARAM params[]) { - const OSSL_PARAM *p; + struct template_set_params_st p; debug_print("set params called for %p\n", key); - if (ossl_param_is_empty(params)) - return 1; /* OK not to set anything */ + if (key == NULL || !template_set_params_decoder(params, &p)) + return 0; - p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY); - if (p != NULL) { + if (p.pub != NULL) { /* load public key structure */ } @@ -308,22 +297,22 @@ static int template_set_params(void *key, const OSSL_PARAM params[]) return 1; } -static const OSSL_PARAM template_settable_params_arr[] = { - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), - OSSL_PARAM_END -}; - static const OSSL_PARAM *template_settable_params(void *provctx) { debug_print("settable params called\n"); - return template_settable_params_arr; + return template_set_params_list; } +{- produce_param_decoder('template_gen_set_params', + (['PKEY_PARAM_GROUP_NAME', 'name', 'utf8_string'], + )); -} + static int template_gen_set_params(void *genctx, const OSSL_PARAM params[]) { struct template_gen_ctx *gctx = genctx; + struct template_gen_set_params_st p; - if (gctx == NULL) + if (gctx == NULL || !template_gen_set_params_decoder(params, &p)) return 0; debug_print("empty gen_set params called for %p\n", gctx); @@ -357,10 +346,7 @@ static void *template_gen_init(void *provctx, int selection, static const OSSL_PARAM *template_gen_settable_params(ossl_unused void *genctx, ossl_unused void *provctx) { - static OSSL_PARAM settable[] = { - OSSL_PARAM_END - }; - return settable; + return template_gen_set_params_list; } static void *template_gen(void *vctx, OSSL_CALLBACK *osslcb, void *cbarg)