From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Fri, 23 Aug 2019 07:42:09 +0000 (+0300)
Subject: lib-dcrypt: Add key usage and id
X-Git-Tag: 2.3.9~252
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e61f438ee8aab648bf0d9f0757e4b768bb4aec72;p=thirdparty%2Fdovecot%2Fcore.git

lib-dcrypt: Add key usage and id

These can be used for e.g. JWK keys.
---

diff --git a/src/lib-dcrypt/dcrypt-openssl.c b/src/lib-dcrypt/dcrypt-openssl.c
index 70a6bfa813..d56a05744f 100644
--- a/src/lib-dcrypt/dcrypt-openssl.c
+++ b/src/lib-dcrypt/dcrypt-openssl.c
@@ -2198,6 +2198,7 @@ static void dcrypt_openssl_unref_public_key(struct dcrypt_public_key **key)
 	*key = NULL;
 	if (--_key->ref > 0) return;
 	EVP_PKEY_free(_key->key);
+	i_free(_key->key_id);
 	i_free(_key);
 }
 
@@ -2211,6 +2212,7 @@ static void dcrypt_openssl_unref_private_key(struct dcrypt_private_key **key)
 	*key = NULL;
 	if (--_key->ref > 0) return;
 	EVP_PKEY_free(_key->key);
+	i_free(_key->key_id);
 	i_free(_key);
 }
 
diff --git a/src/lib-dcrypt/dcrypt-private.h b/src/lib-dcrypt/dcrypt-private.h
index 13bfadbec7..6701e46b06 100644
--- a/src/lib-dcrypt/dcrypt-private.h
+++ b/src/lib-dcrypt/dcrypt-private.h
@@ -171,6 +171,16 @@ struct dcrypt_vfs {
 				    const char **error_r);
 	bool (*key_get_curve_public)(struct dcrypt_public_key *key,
 				     const char **curve_r, const char **error_r);
+	const char *(*key_get_id_public)(struct dcrypt_public_key *key);
+	const char *(*key_get_id_private)(struct dcrypt_private_key *key);
+	void (*key_set_id_public)(struct dcrypt_public_key *key, const char *id);
+	void (*key_set_id_private)(struct dcrypt_private_key *key, const char *id);
+	enum dcrypt_key_usage (*key_get_usage_public)(struct dcrypt_public_key *key);
+	enum dcrypt_key_usage (*key_get_usage_private)(struct dcrypt_private_key *key);
+	void (*key_set_usage_public)(struct dcrypt_public_key *key,
+				     enum dcrypt_key_usage usage);
+	void (*key_set_usage_private)(struct dcrypt_private_key *key,
+				      enum dcrypt_key_usage usage);
 };
 
 void dcrypt_set_vfs(struct dcrypt_vfs *vfs);
diff --git a/src/lib-dcrypt/dcrypt.c b/src/lib-dcrypt/dcrypt.c
index 77a3bd0ae8..6405ef6b50 100644
--- a/src/lib-dcrypt/dcrypt.c
+++ b/src/lib-dcrypt/dcrypt.c
@@ -501,3 +501,69 @@ bool dcrypt_key_get_curve_public(struct dcrypt_public_key *key,
 	}
 	return dcrypt_vfs->key_get_curve_public(key, curve_r, error_r);
 }
+
+const char *dcrypt_key_get_id_public(struct dcrypt_public_key *key)
+{
+	i_assert(dcrypt_vfs != NULL);
+	if (dcrypt_vfs->key_get_id_public == NULL)
+		return NULL;
+	return dcrypt_vfs->key_get_id_public(key);
+}
+
+const char *dcrypt_key_get_id_private(struct dcrypt_private_key *key)
+{
+	i_assert(dcrypt_vfs != NULL);
+	if (dcrypt_vfs->key_get_id_private == NULL)
+		return NULL;
+	return dcrypt_vfs->key_get_id_private(key);
+}
+
+void dcrypt_key_set_id_public(struct dcrypt_public_key *key, const char *id)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_set_id_public == NULL)
+                return;
+        dcrypt_vfs->key_set_id_public(key, id);
+}
+
+void dcrypt_key_set_id_private(struct dcrypt_private_key *key, const char *id)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_set_id_private == NULL)
+                return;
+        dcrypt_vfs->key_set_id_private(key, id);
+}
+
+enum dcrypt_key_usage dcrypt_key_get_usage_public(struct dcrypt_public_key *key)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_get_usage_public == NULL)
+                return DCRYPT_KEY_USAGE_NONE;
+        return dcrypt_vfs->key_get_usage_public(key);
+}
+
+enum dcrypt_key_usage dcrypt_key_get_usage_private(struct dcrypt_private_key *key)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_get_usage_private == NULL)
+                return DCRYPT_KEY_USAGE_NONE;
+        return dcrypt_vfs->key_get_usage_private(key);
+}
+
+void dcrypt_key_set_usage_public(struct dcrypt_public_key *key,
+				 enum dcrypt_key_usage usage)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_set_usage_public == NULL)
+                return;
+        dcrypt_vfs->key_set_usage_public(key, usage);
+}
+
+void dcrypt_key_set_usage_private(struct dcrypt_private_key *key,
+				  enum dcrypt_key_usage usage)
+{
+        i_assert(dcrypt_vfs != NULL);
+        if (dcrypt_vfs->key_set_usage_private == NULL)
+                return;
+        dcrypt_vfs->key_set_usage_private(key, usage);
+}
diff --git a/src/lib-dcrypt/dcrypt.h b/src/lib-dcrypt/dcrypt.h
index 79a334f665..24c7499080 100644
--- a/src/lib-dcrypt/dcrypt.h
+++ b/src/lib-dcrypt/dcrypt.h
@@ -326,6 +326,20 @@ bool dcrypt_key_string_get_info(const char *key_data,
 				const char **encryption_key_hash_r,
 				const char **key_hash_r, const char **error_r);
 
+/* Get/Set key identifier, this is optional opaque string identifying the key. */
+const char *dcrypt_key_get_id_public(struct dcrypt_public_key *key);
+const char *dcrypt_key_get_id_private(struct dcrypt_private_key *key);
+void dcrypt_key_set_id_public(struct dcrypt_public_key *key, const char *id);
+void dcrypt_key_set_id_private(struct dcrypt_private_key *key, const char *id);
+
+/* Get/Set key usage, optional. Defaults to NONE */
+enum dcrypt_key_usage dcrypt_key_get_usage_public(struct dcrypt_public_key *key);
+enum dcrypt_key_usage dcrypt_key_get_usage_private(struct dcrypt_private_key *key);
+void dcrypt_key_set_usage_public(struct dcrypt_public_key *key,
+				 enum dcrypt_key_usage usage);
+void dcrypt_key_set_usage_private(struct dcrypt_private_key *key,
+				  enum dcrypt_key_usage usage);
+
 /* RSA stuff */
 bool dcrypt_rsa_encrypt(struct dcrypt_public_key *key,
 			const unsigned char *data, size_t data_len,