2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/crypto.h>
11 #include <openssl/core_numbers.h>
12 #include <openssl/evp.h>
13 #include <openssl/err.h>
14 #include "internal/provider.h"
15 #include "internal/refcount.h"
16 #include "crypto/evp.h"
17 #include "evp_local.h"
20 static void *keymgmt_new(void)
22 EVP_KEYMGMT
*keymgmt
= NULL
;
24 if ((keymgmt
= OPENSSL_zalloc(sizeof(*keymgmt
))) == NULL
25 || (keymgmt
->lock
= CRYPTO_THREAD_lock_new()) == NULL
) {
26 EVP_KEYMGMT_free(keymgmt
);
27 EVPerr(0, ERR_R_MALLOC_FAILURE
);
36 static void *keymgmt_from_dispatch(int name_id
,
37 const OSSL_DISPATCH
*fns
,
40 EVP_KEYMGMT
*keymgmt
= NULL
;
41 int paramfncnt
= 0, importfncnt
= 0, exportfncnt
= 0;
43 if ((keymgmt
= keymgmt_new()) == NULL
) {
44 EVP_KEYMGMT_free(keymgmt
);
47 keymgmt
->name_id
= name_id
;
49 for (; fns
->function_id
!= 0; fns
++) {
50 switch (fns
->function_id
) {
51 case OSSL_FUNC_KEYMGMT_NEW
:
52 if (keymgmt
->new == NULL
)
53 keymgmt
->new = OSSL_get_OP_keymgmt_new(fns
);
55 case OSSL_FUNC_KEYMGMT_FREE
:
56 if (keymgmt
->free
== NULL
)
57 keymgmt
->free
= OSSL_get_OP_keymgmt_free(fns
);
59 case OSSL_FUNC_KEYMGMT_GET_PARAMS
:
60 if (keymgmt
->get_params
== NULL
) {
62 keymgmt
->get_params
= OSSL_get_OP_keymgmt_get_params(fns
);
65 case OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS
:
66 if (keymgmt
->gettable_params
== NULL
) {
68 keymgmt
->gettable_params
=
69 OSSL_get_OP_keymgmt_gettable_params(fns
);
72 case OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME
:
73 if (keymgmt
->query_operation_name
== NULL
)
74 keymgmt
->query_operation_name
=
75 OSSL_get_OP_keymgmt_query_operation_name(fns
);
77 case OSSL_FUNC_KEYMGMT_HAS
:
78 if (keymgmt
->has
== NULL
)
79 keymgmt
->has
= OSSL_get_OP_keymgmt_has(fns
);
81 case OSSL_FUNC_KEYMGMT_VALIDATE
:
82 if (keymgmt
->validate
== NULL
)
83 keymgmt
->validate
= OSSL_get_OP_keymgmt_validate(fns
);
85 case OSSL_FUNC_KEYMGMT_IMPORT
:
86 if (keymgmt
->import
== NULL
) {
88 keymgmt
->import
= OSSL_get_OP_keymgmt_import(fns
);
91 case OSSL_FUNC_KEYMGMT_IMPORT_TYPES
:
92 if (keymgmt
->import_types
== NULL
) {
94 keymgmt
->import_types
= OSSL_get_OP_keymgmt_import_types(fns
);
97 case OSSL_FUNC_KEYMGMT_EXPORT
:
98 if (keymgmt
->export
== NULL
) {
100 keymgmt
->export
= OSSL_get_OP_keymgmt_export(fns
);
103 case OSSL_FUNC_KEYMGMT_EXPORT_TYPES
:
104 if (keymgmt
->export_types
== NULL
) {
106 keymgmt
->export_types
= OSSL_get_OP_keymgmt_export_types(fns
);
112 * Try to check that the method is sensible.
113 * At least one constructor and the destructor are MANDATORY
114 * The functions 'has' is MANDATORY
115 * It makes no sense being able to free stuff if you can't create it.
116 * It makes no sense providing OSSL_PARAM descriptors for import and
117 * export if you can't import or export.
119 if (keymgmt
->free
== NULL
120 || keymgmt
->new == NULL
121 || keymgmt
->has
== NULL
122 || (paramfncnt
!= 0 && paramfncnt
!= 2)
123 || (importfncnt
!= 0 && importfncnt
!= 2)
124 || (exportfncnt
!= 0 && exportfncnt
!= 2)) {
125 EVP_KEYMGMT_free(keymgmt
);
126 EVPerr(0, EVP_R_INVALID_PROVIDER_FUNCTIONS
);
129 keymgmt
->prov
= prov
;
131 ossl_provider_up_ref(prov
);
136 EVP_KEYMGMT
*evp_keymgmt_fetch_by_number(OPENSSL_CTX
*ctx
, int name_id
,
137 const char *properties
)
139 return evp_generic_fetch_by_number(ctx
,
140 OSSL_OP_KEYMGMT
, name_id
, properties
,
141 keymgmt_from_dispatch
,
142 (int (*)(void *))EVP_KEYMGMT_up_ref
,
143 (void (*)(void *))EVP_KEYMGMT_free
);
146 EVP_KEYMGMT
*EVP_KEYMGMT_fetch(OPENSSL_CTX
*ctx
, const char *algorithm
,
147 const char *properties
)
149 return evp_generic_fetch(ctx
, OSSL_OP_KEYMGMT
, algorithm
, properties
,
150 keymgmt_from_dispatch
,
151 (int (*)(void *))EVP_KEYMGMT_up_ref
,
152 (void (*)(void *))EVP_KEYMGMT_free
);
155 int EVP_KEYMGMT_up_ref(EVP_KEYMGMT
*keymgmt
)
159 CRYPTO_UP_REF(&keymgmt
->refcnt
, &ref
, keymgmt
->lock
);
163 void EVP_KEYMGMT_free(EVP_KEYMGMT
*keymgmt
)
170 CRYPTO_DOWN_REF(&keymgmt
->refcnt
, &ref
, keymgmt
->lock
);
173 ossl_provider_free(keymgmt
->prov
);
174 CRYPTO_THREAD_lock_free(keymgmt
->lock
);
175 OPENSSL_free(keymgmt
);
178 const OSSL_PROVIDER
*EVP_KEYMGMT_provider(const EVP_KEYMGMT
*keymgmt
)
180 return keymgmt
->prov
;
183 int EVP_KEYMGMT_number(const EVP_KEYMGMT
*keymgmt
)
185 return keymgmt
->name_id
;
188 int EVP_KEYMGMT_is_a(const EVP_KEYMGMT
*keymgmt
, const char *name
)
190 return evp_is_a(keymgmt
->prov
, keymgmt
->name_id
, NULL
, name
);
193 void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX
*libctx
,
194 void (*fn
)(EVP_KEYMGMT
*keymgmt
, void *arg
),
197 evp_generic_do_all(libctx
, OSSL_OP_KEYMGMT
,
198 (void (*)(void *, void *))fn
, arg
,
199 keymgmt_from_dispatch
,
200 (void (*)(void *))EVP_KEYMGMT_free
);
203 void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT
*keymgmt
,
204 void (*fn
)(const char *name
, void *data
),
207 if (keymgmt
->prov
!= NULL
)
208 evp_names_do_all(keymgmt
->prov
, keymgmt
->name_id
, fn
, data
);
212 * Internal API that interfaces with the method function pointers
214 void *evp_keymgmt_newdata(const EVP_KEYMGMT
*keymgmt
)
216 void *provctx
= ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt
));
219 * TODO(3.0) 'new' is currently mandatory on its own, but when new
220 * constructors appear, it won't be quite as mandatory, so we have
221 * a check for future cases.
223 if (keymgmt
->new == NULL
)
225 return keymgmt
->new(provctx
);
228 void evp_keymgmt_freedata(const EVP_KEYMGMT
*keymgmt
, void *keydata
)
230 /* This is mandatory, no need to check for its presence */
231 keymgmt
->free(keydata
);
234 int evp_keymgmt_get_params(const EVP_KEYMGMT
*keymgmt
, void *keydata
,
237 if (keymgmt
->get_params
== NULL
)
239 return keymgmt
->get_params(keydata
, params
);
242 const OSSL_PARAM
*evp_keymgmt_gettable_params(const EVP_KEYMGMT
*keymgmt
)
244 if (keymgmt
->gettable_params
== NULL
)
246 return keymgmt
->gettable_params();
249 int evp_keymgmt_has(const EVP_KEYMGMT
*keymgmt
, void *keydata
, int selection
)
251 /* This is mandatory, no need to check for its presence */
252 return keymgmt
->has(keydata
, selection
);
255 int evp_keymgmt_validate(const EVP_KEYMGMT
*keymgmt
, void *keydata
,
258 /* We assume valid if the implementation doesn't have a function */
259 if (keymgmt
->validate
== NULL
)
261 return keymgmt
->validate(keydata
, selection
);
264 int evp_keymgmt_import(const EVP_KEYMGMT
*keymgmt
, void *keydata
,
265 int selection
, const OSSL_PARAM params
[])
267 if (keymgmt
->import
== NULL
)
269 return keymgmt
->import(keydata
, selection
, params
);
272 const OSSL_PARAM
*evp_keymgmt_import_types(const EVP_KEYMGMT
*keymgmt
,
275 if (keymgmt
->import_types
== NULL
)
277 return keymgmt
->import_types(selection
);
280 int evp_keymgmt_export(const EVP_KEYMGMT
*keymgmt
, void *keydata
,
281 int selection
, OSSL_CALLBACK
*param_cb
, void *cbarg
)
283 if (keymgmt
->export
== NULL
)
285 return keymgmt
->export(keydata
, selection
, param_cb
, cbarg
);
288 const OSSL_PARAM
*evp_keymgmt_export_types(const EVP_KEYMGMT
*keymgmt
,
291 if (keymgmt
->export_types
== NULL
)
293 return keymgmt
->export_types(selection
);