From: Pauli Date: Mon, 21 Sep 2020 23:25:35 +0000 (+1000) Subject: kdf/mac: add name query calls for KDFs and MACs X-Git-Tag: openssl-3.0.0-alpha7~155 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c9452d74a4bad8853ca60889788e51d46328877d;p=thirdparty%2Fopenssl.git kdf/mac: add name query calls for KDFs and MACs Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/12931) --- diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c index d22bb39c824..9ccaec8cc12 100644 --- a/crypto/evp/kdf_lib.c +++ b/crypto/evp/kdf_lib.c @@ -88,6 +88,13 @@ int EVP_KDF_number(const EVP_KDF *kdf) return kdf->name_id; } +const char *EVP_KDF_name(const EVP_KDF *kdf) +{ + if (kdf->prov != NULL) + return evp_first_name(kdf->prov, kdf->name_id); + return NULL; +} + int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name) { return evp_is_a(kdf->prov, kdf->name_id, NULL, name); diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c index 79dd49ae200..d76ffedcb8c 100644 --- a/crypto/evp/mac_lib.c +++ b/crypto/evp/mac_lib.c @@ -162,6 +162,13 @@ int EVP_MAC_number(const EVP_MAC *mac) return mac->name_id; } +const char *EVP_MAC_name(const EVP_MAC *mac) +{ + if (mac->prov != NULL) + return evp_first_name(mac->prov, mac->name_id); + return NULL; +} + int EVP_MAC_is_a(const EVP_MAC *mac, const char *name) { return evp_is_a(mac->prov, mac->name_id, NULL, name); diff --git a/doc/man3/EVP_KDF.pod b/doc/man3/EVP_KDF.pod index d97d33936d9..b041ccd4d96 100644 --- a/doc/man3/EVP_KDF.pod +++ b/doc/man3/EVP_KDF.pod @@ -6,7 +6,7 @@ EVP_KDF, EVP_KDF_fetch, EVP_KDF_free, EVP_KDF_up_ref, EVP_KDF_CTX, EVP_KDF_CTX_new, EVP_KDF_CTX_free, EVP_KDF_CTX_dup, EVP_KDF_reset, EVP_KDF_derive, EVP_KDF_size, EVP_KDF_provider, EVP_KDF_CTX_kdf, EVP_KDF_is_a, -EVP_KDF_number, EVP_KDF_names_do_all, +EVP_KDF_number, EVP_KDF_name, EVP_KDF_names_do_all, EVP_KDF_CTX_get_params, EVP_KDF_CTX_set_params, EVP_KDF_do_all_provided, EVP_KDF_get_params, EVP_KDF_gettable_ctx_params, EVP_KDF_settable_ctx_params, EVP_KDF_gettable_params - EVP KDF routines @@ -31,6 +31,7 @@ EVP_KDF_gettable_params - EVP KDF routines const char *properties); int EVP_KDF_number(const EVP_KDF *kdf); int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name); + const char *EVP_KDF_name(const EVP_KDF *kdf); const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf); void EVP_KDF_do_all_provided(OPENSSL_CTX *libctx, void (*fn)(EVP_KDF *kdf, void *arg), @@ -151,6 +152,10 @@ and the given I as argument. EVP_KDF_number() returns the internal dynamic number assigned to I. +EVP_KDF_name() return the name of the given KDF. For fetched KDFs +with multiple names, only one of them is returned; it's +recommended to use EVP_KDF_names_do_all() instead. + EVP_KDF_names_do_all() traverses all names for I, and calls I with each name and I. @@ -245,6 +250,8 @@ EVP_KDF_CTX_free() and EVP_KDF_reset() do not return a value. EVP_KDF_size() returns the output size. B is returned to indicate that the algorithm produces a variable amount of output; 0 to indicate failure. +EVP_KDF_name() returns the name of the KDF, or NULL on error. + The remaining functions return 1 for success and 0 or a negative value for failure. In particular, a return value of -2 indicates the operation is not supported by the KDF algorithm. diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod index b33af5a670b..8ce9f67d454 100644 --- a/doc/man3/EVP_MAC.pod +++ b/doc/man3/EVP_MAC.pod @@ -3,7 +3,7 @@ =head1 NAME EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free, -EVP_MAC_is_a, EVP_MAC_number, EVP_MAC_names_do_all, +EVP_MAC_is_a, EVP_MAC_number, EVP_MAC_name, EVP_MAC_names_do_all, EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params, EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup, EVP_MAC_CTX_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params, @@ -24,6 +24,7 @@ EVP_MAC_do_all_provided - EVP MAC routines void EVP_MAC_free(EVP_MAC *mac); int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); int EVP_MAC_number(const EVP_MAC *mac); + const char *EVP_MAC_name(const EVP_MAC *mac); void EVP_MAC_names_do_all(const EVP_MAC *mac, void (*fn)(const char *name, void *data), void *data); @@ -177,6 +178,10 @@ and the given I as argument. EVP_MAC_number() returns the internal dynamic number assigned to I. +EVP_MAC_name() return the name of the given MAC. For fetched MACs +with multiple names, only one of them is returned; it's +recommended to use EVP_MAC_names_do_all() instead. + EVP_MAC_names_do_all() traverses all names for I, and calls I with each name and I. @@ -282,6 +287,8 @@ EVP_MAC_free() returns nothing at all. EVP_MAC_is_a() returns 1 if the given method can be identified with the given name, otherwise 0. +EVP_MAC_name() returns a name of the MAC, or NULL on error. + EVP_MAC_provider() returns a pointer to the provider for the MAC, or NULL on error. diff --git a/include/openssl/evp.h b/include/openssl/evp.h index ff3234a9141..e843a48b22c 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1104,6 +1104,7 @@ EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm, int EVP_MAC_up_ref(EVP_MAC *mac); void EVP_MAC_free(EVP_MAC *mac); int EVP_MAC_number(const EVP_MAC *mac); +const char *EVP_MAC_name(const EVP_MAC *mac); int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac); int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h index b7611139569..5bef72da52b 100644 --- a/include/openssl/kdf.h +++ b/include/openssl/kdf.h @@ -35,6 +35,7 @@ void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src); int EVP_KDF_number(const EVP_KDF *kdf); int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name); +const char *EVP_KDF_name(const EVP_KDF *kdf); const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf); const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx); diff --git a/util/libcrypto.num b/util/libcrypto.num index 3658d14c294..ceab5d3fd98 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4452,6 +4452,7 @@ EVP_KDF_CTX_free ? 3_0_0 EXIST::FUNCTION: EVP_KDF_reset ? 3_0_0 EXIST::FUNCTION: EVP_KDF_size ? 3_0_0 EXIST::FUNCTION: EVP_KDF_derive ? 3_0_0 EXIST::FUNCTION: +EVP_KDF_name ? 3_0_0 EXIST::FUNCTION: EC_GROUP_get0_field ? 3_0_0 EXIST::FUNCTION:EC CRYPTO_alloc_ex_data ? 3_0_0 EXIST::FUNCTION: OPENSSL_CTX_new ? 3_0_0 EXIST::FUNCTION: @@ -4692,6 +4693,7 @@ EVP_MAC_get_params ? 3_0_0 EXIST::FUNCTION: EVP_MAC_gettable_params ? 3_0_0 EXIST::FUNCTION: EVP_MAC_provider ? 3_0_0 EXIST::FUNCTION: EVP_MAC_do_all_provided ? 3_0_0 EXIST::FUNCTION: +EVP_MAC_name ? 3_0_0 EXIST::FUNCTION: EVP_MD_free ? 3_0_0 EXIST::FUNCTION: EVP_CIPHER_free ? 3_0_0 EXIST::FUNCTION: EVP_KDF_up_ref ? 3_0_0 EXIST::FUNCTION: @@ -5309,6 +5311,6 @@ OSSL_ENCODER_INSTANCE_get_output_type ? 3_0_0 EXIST::FUNCTION: OSSL_ENCODER_CTX_set_construct ? 3_0_0 EXIST::FUNCTION: OSSL_ENCODER_CTX_set_construct_data ? 3_0_0 EXIST::FUNCTION: OSSL_ENCODER_CTX_set_cleanup ? 3_0_0 EXIST::FUNCTION: -OSSL_DECODER_INSTANCE_get_input_type ? 3_0_0 EXIST::FUNCTION: OSSL_ENCODER_CTX_set_passphrase_cb ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_typenames_do_all ? 3_0_0 EXIST::FUNCTION: +OSSL_DECODER_INSTANCE_get_input_type ? 3_0_0 EXIST::FUNCTION: