]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/evp/keymgmt_meth.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
KEYMGMT: Require both get_params and gettable_params, or none
[thirdparty/openssl.git] / crypto / evp / keymgmt_meth.c
1 /*
2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <openssl/crypto.h>
11 #include <openssl/core_numbers.h>
12 #include <openssl/evp.h>
13 #include <openssl/err.h>
14 #include "internal/provider.h"
15 #include "internal/refcount.h"
16 #include "crypto/evp.h"
17 #include "evp_local.h"
18
19
20 static void *keymgmt_new(void)
21 {
22 EVP_KEYMGMT *keymgmt = NULL;
23
24 if ((keymgmt = OPENSSL_zalloc(sizeof(*keymgmt))) == NULL
25 || (keymgmt->lock = CRYPTO_THREAD_lock_new()) == NULL) {
26 EVP_KEYMGMT_free(keymgmt);
27 EVPerr(0, ERR_R_MALLOC_FAILURE);
28 return NULL;
29 }
30
31 keymgmt->refcnt = 1;
32
33 return keymgmt;
34 }
35
36 static void *keymgmt_from_dispatch(int name_id,
37 const OSSL_DISPATCH *fns,
38 OSSL_PROVIDER *prov)
39 {
40 EVP_KEYMGMT *keymgmt = NULL;
41 int paramfncnt = 0, importfncnt = 0, exportfncnt = 0;
42
43 if ((keymgmt = keymgmt_new()) == NULL) {
44 EVP_KEYMGMT_free(keymgmt);
45 return NULL;
46 }
47 keymgmt->name_id = name_id;
48
49 for (; fns->function_id != 0; fns++) {
50 switch (fns->function_id) {
51 case OSSL_FUNC_KEYMGMT_NEW:
52 if (keymgmt->new == NULL)
53 keymgmt->new = OSSL_get_OP_keymgmt_new(fns);
54 break;
55 case OSSL_FUNC_KEYMGMT_FREE:
56 if (keymgmt->free == NULL)
57 keymgmt->free = OSSL_get_OP_keymgmt_free(fns);
58 break;
59 case OSSL_FUNC_KEYMGMT_GET_PARAMS:
60 if (keymgmt->get_params == NULL) {
61 paramfncnt++;
62 keymgmt->get_params = OSSL_get_OP_keymgmt_get_params(fns);
63 }
64 break;
65 case OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS:
66 if (keymgmt->gettable_params == NULL) {
67 paramfncnt++;
68 keymgmt->gettable_params =
69 OSSL_get_OP_keymgmt_gettable_params(fns);
70 }
71 break;
72 case OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME:
73 if (keymgmt->query_operation_name == NULL)
74 keymgmt->query_operation_name =
75 OSSL_get_OP_keymgmt_query_operation_name(fns);
76 break;
77 case OSSL_FUNC_KEYMGMT_HAS:
78 if (keymgmt->has == NULL)
79 keymgmt->has = OSSL_get_OP_keymgmt_has(fns);
80 break;
81 case OSSL_FUNC_KEYMGMT_VALIDATE:
82 if (keymgmt->validate == NULL)
83 keymgmt->validate = OSSL_get_OP_keymgmt_validate(fns);
84 break;
85 case OSSL_FUNC_KEYMGMT_IMPORT:
86 if (keymgmt->import == NULL) {
87 importfncnt++;
88 keymgmt->import = OSSL_get_OP_keymgmt_import(fns);
89 }
90 break;
91 case OSSL_FUNC_KEYMGMT_IMPORT_TYPES:
92 if (keymgmt->import_types == NULL) {
93 importfncnt++;
94 keymgmt->import_types = OSSL_get_OP_keymgmt_import_types(fns);
95 }
96 break;
97 case OSSL_FUNC_KEYMGMT_EXPORT:
98 if (keymgmt->export == NULL) {
99 exportfncnt++;
100 keymgmt->export = OSSL_get_OP_keymgmt_export(fns);
101 }
102 break;
103 case OSSL_FUNC_KEYMGMT_EXPORT_TYPES:
104 if (keymgmt->export_types == NULL) {
105 exportfncnt++;
106 keymgmt->export_types = OSSL_get_OP_keymgmt_export_types(fns);
107 }
108 break;
109 }
110 }
111 /*
112 * Try to check that the method is sensible.
113 * At least one constructor and the destructor are MANDATORY
114 * The functions 'has' is MANDATORY
115 * It makes no sense being able to free stuff if you can't create it.
116 * It makes no sense providing OSSL_PARAM descriptors for import and
117 * export if you can't import or export.
118 */
119 if (keymgmt->free == NULL
120 || keymgmt->new == NULL
121 || keymgmt->has == NULL
122 || (paramfncnt != 0 && paramfncnt != 2)
123 || (importfncnt != 0 && importfncnt != 2)
124 || (exportfncnt != 0 && exportfncnt != 2)) {
125 EVP_KEYMGMT_free(keymgmt);
126 EVPerr(0, EVP_R_INVALID_PROVIDER_FUNCTIONS);
127 return NULL;
128 }
129 keymgmt->prov = prov;
130 if (prov != NULL)
131 ossl_provider_up_ref(prov);
132
133 return keymgmt;
134 }
135
136 EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OPENSSL_CTX *ctx, int name_id,
137 const char *properties)
138 {
139 return evp_generic_fetch_by_number(ctx,
140 OSSL_OP_KEYMGMT, name_id, properties,
141 keymgmt_from_dispatch,
142 (int (*)(void *))EVP_KEYMGMT_up_ref,
143 (void (*)(void *))EVP_KEYMGMT_free);
144 }
145
146 EVP_KEYMGMT *EVP_KEYMGMT_fetch(OPENSSL_CTX *ctx, const char *algorithm,
147 const char *properties)
148 {
149 return evp_generic_fetch(ctx, OSSL_OP_KEYMGMT, algorithm, properties,
150 keymgmt_from_dispatch,
151 (int (*)(void *))EVP_KEYMGMT_up_ref,
152 (void (*)(void *))EVP_KEYMGMT_free);
153 }
154
155 int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt)
156 {
157 int ref = 0;
158
159 CRYPTO_UP_REF(&keymgmt->refcnt, &ref, keymgmt->lock);
160 return 1;
161 }
162
163 void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt)
164 {
165 int ref = 0;
166
167 if (keymgmt == NULL)
168 return;
169
170 CRYPTO_DOWN_REF(&keymgmt->refcnt, &ref, keymgmt->lock);
171 if (ref > 0)
172 return;
173 ossl_provider_free(keymgmt->prov);
174 CRYPTO_THREAD_lock_free(keymgmt->lock);
175 OPENSSL_free(keymgmt);
176 }
177
178 const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt)
179 {
180 return keymgmt->prov;
181 }
182
183 int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt)
184 {
185 return keymgmt->name_id;
186 }
187
188 int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name)
189 {
190 return evp_is_a(keymgmt->prov, keymgmt->name_id, NULL, name);
191 }
192
193 void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx,
194 void (*fn)(EVP_KEYMGMT *keymgmt, void *arg),
195 void *arg)
196 {
197 evp_generic_do_all(libctx, OSSL_OP_KEYMGMT,
198 (void (*)(void *, void *))fn, arg,
199 keymgmt_from_dispatch,
200 (void (*)(void *))EVP_KEYMGMT_free);
201 }
202
203 void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
204 void (*fn)(const char *name, void *data),
205 void *data)
206 {
207 if (keymgmt->prov != NULL)
208 evp_names_do_all(keymgmt->prov, keymgmt->name_id, fn, data);
209 }
210
211 /*
212 * Internal API that interfaces with the method function pointers
213 */
214 void *evp_keymgmt_newdata(const EVP_KEYMGMT *keymgmt)
215 {
216 void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
217
218 /*
219 * TODO(3.0) 'new' is currently mandatory on its own, but when new
220 * constructors appear, it won't be quite as mandatory, so we have
221 * a check for future cases.
222 */
223 if (keymgmt->new == NULL)
224 return NULL;
225 return keymgmt->new(provctx);
226 }
227
228 void evp_keymgmt_freedata(const EVP_KEYMGMT *keymgmt, void *keydata)
229 {
230 /* This is mandatory, no need to check for its presence */
231 keymgmt->free(keydata);
232 }
233
234 int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt, void *keydata,
235 OSSL_PARAM params[])
236 {
237 if (keymgmt->get_params == NULL)
238 return 1;
239 return keymgmt->get_params(keydata, params);
240 }
241
242 const OSSL_PARAM *evp_keymgmt_gettable_params(const EVP_KEYMGMT *keymgmt)
243 {
244 if (keymgmt->gettable_params == NULL)
245 return NULL;
246 return keymgmt->gettable_params();
247 }
248
249 int evp_keymgmt_has(const EVP_KEYMGMT *keymgmt, void *keydata, int selection)
250 {
251 /* This is mandatory, no need to check for its presence */
252 return keymgmt->has(keydata, selection);
253 }
254
255 int evp_keymgmt_validate(const EVP_KEYMGMT *keymgmt, void *keydata,
256 int selection)
257 {
258 /* We assume valid if the implementation doesn't have a function */
259 if (keymgmt->validate == NULL)
260 return 1;
261 return keymgmt->validate(keydata, selection);
262 }
263
264 int evp_keymgmt_import(const EVP_KEYMGMT *keymgmt, void *keydata,
265 int selection, const OSSL_PARAM params[])
266 {
267 if (keymgmt->import == NULL)
268 return 0;
269 return keymgmt->import(keydata, selection, params);
270 }
271
272 const OSSL_PARAM *evp_keymgmt_import_types(const EVP_KEYMGMT *keymgmt,
273 int selection)
274 {
275 if (keymgmt->import_types == NULL)
276 return NULL;
277 return keymgmt->import_types(selection);
278 }
279
280 int evp_keymgmt_export(const EVP_KEYMGMT *keymgmt, void *keydata,
281 int selection, OSSL_CALLBACK *param_cb, void *cbarg)
282 {
283 if (keymgmt->export == NULL)
284 return 0;
285 return keymgmt->export(keydata, selection, param_cb, cbarg);
286 }
287
288 const OSSL_PARAM *evp_keymgmt_export_types(const EVP_KEYMGMT *keymgmt,
289 int selection)
290 {
291 if (keymgmt->export_types == NULL)
292 return NULL;
293 return keymgmt->export_types(selection);
294 }
A mirror of the official openssl repository