EC: Reimplement EVP_PKEY_CTX_set_ec_param_enc() to support providers

author Richard Levitte <levitte@openssl.org>

Thu, 10 Sep 2020 20:06:46 +0000 (22:06 +0200)

committer Richard Levitte <levitte@openssl.org>

Sat, 12 Sep 2020 18:24:22 +0000 (20:24 +0200)
author Richard Levitte <levitte@openssl.org>
Thu, 10 Sep 2020 20:06:46 +0000 (22:06 +0200)
committer Richard Levitte <levitte@openssl.org>
Sat, 12 Sep 2020 18:24:22 +0000 (20:24 +0200)
diff --git a/crypto/ec/ec_ctrl.c b/crypto/ec/ec_ctrl.c

index b47d7b606c188147cd9fbc53e6ad47a837042523..1465af2becee03065518b44e47c86bc1f4a385ad 100644 (file)
--- a/crypto/ec/ec_ctrl.c
+++ b/crypto/ec/ec_ctrl.c
@@ -443,4 +443,44 @@ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid)
  
      return EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(nid));
  }
+
+int evp_pkey_ctx_set_ec_param_enc_prov(EVP_PKEY_CTX *ctx, int param_enc)
+{
+    const char *enc = NULL;
+    OSSL_PARAM params[2], *p = params;
+    int ret = -2;                /* Assume unsupported */
+
+    if (ctx == NULL
+        || !EVP_PKEY_CTX_IS_GEN_OP(ctx)
+        || ctx->op.keymgmt.genctx == NULL)
+        goto end;
+
+    switch (param_enc) {
+    case OPENSSL_EC_EXPLICIT_CURVE:
+        enc = OSSL_PKEY_EC_ENCODING_EXPLICIT;
+        break;
+    case OPENSSL_EC_NAMED_CURVE:
+        enc = OSSL_PKEY_EC_ENCODING_GROUP;
+        break;
+    default:
+        goto end;
+    }
+
+    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_EC_ENCODING,
+                                            (char *)enc, 0);
+    *p++ = OSSL_PARAM_construct_end();
+
+    ret = evp_pkey_ctx_set_params_strict(ctx, params);
+ end:
+    if (ret == -2)
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+    return ret;
+}
+
+int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc)
+{
+    return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
+                             EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN,
+                             EVP_PKEY_CTRL_EC_PARAM_ENC, param_enc, NULL);
+}
  #endif
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c

index e557e14e183ffcb780c303a67c26f92a16233d00..12f09ed79b829c267852701628576f073ed0efd6 100644 (file)
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -26,6 +26,7 @@
  #include "crypto/asn1.h"
  #include "crypto/evp.h"
  #include "crypto/dh.h"
+#include "crypto/ec.h"
  #include "internal/ffc.h"
  #include "internal/numbers.h"
  #include "internal/provider.h"
@@ -1248,6 +1249,8 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
  # ifndef OPENSSL_NO_EC
      if (keytype == EVP_PKEY_EC) {
          switch (cmd) {
+        case EVP_PKEY_CTRL_EC_PARAM_ENC:
+            return evp_pkey_ctx_set_ec_param_enc_prov(ctx, p1);
          case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID:
              return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, p1);
          case EVP_PKEY_CTRL_EC_ECDH_COFACTOR:
diff --git a/include/crypto/ec.h b/include/crypto/ec.h

index 587f7a39fc2d9f028a99e4d5c9a9996ee5c4a5db..071fbcad1929db9bea895fec2f7c05aaeb209989 100644 (file)
--- a/include/crypto/ec.h
+++ b/include/crypto/ec.h
@@ -68,5 +68,7 @@ int ec_key_otherparams_fromdata(EC_KEY *ec, const OSSL_PARAM params[]);
  int ec_set_ecdh_cofactor_mode(EC_KEY *ec, int mode);
  int ec_encoding_name2id(const char *name);
  
+int evp_pkey_ctx_set_ec_param_enc_prov(EVP_PKEY_CTX *ctx, int param_enc);
+
  # endif /* OPENSSL_NO_EC */
  #endif
diff --git a/include/openssl/ec.h b/include/openssl/ec.h

index 9e0a6486cd117f8309d742bf7d7305c541554590..aca52e6923ea3cc4826740cf665690249cc6dc26 100644 (file)
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -1470,12 +1470,7 @@ DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_verify
  #  endif
  
  int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
-
-#  define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                          EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
-                          EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL)
-
+int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
  int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
  int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
  
diff --git a/util/libcrypto.num b/util/libcrypto.num

index e3ca2fe625d2908571fddfeccaf6db2546a8d932..efadadd94b3f0fe5fb72f9ab92338f8c6e1ba7af 100644 (file)
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5301,3 +5301,4 @@ EVP_PKEY_CTX_get1_id                    ? 3_0_0   EXIST::FUNCTION:
  EVP_PKEY_CTX_get1_id_len                ?      3_0_0   EXIST::FUNCTION:
  CMS_AuthEnvelopedData_create            ?      3_0_0   EXIST::FUNCTION:CMS
  CMS_AuthEnvelopedData_create_with_libctx ?     3_0_0   EXIST::FUNCTION:CMS
+EVP_PKEY_CTX_set_ec_param_enc           ?      3_0_0   EXIST::FUNCTION:EC
author	Richard Levitte <levitte@openssl.org>
	Thu, 10 Sep 2020 20:06:46 +0000 (22:06 +0200)
committer	Richard Levitte <levitte@openssl.org>
	Sat, 12 Sep 2020 18:24:22 +0000 (20:24 +0200)
crypto/ec/ec_ctrl.c		patch \| blob \| blame \| history
crypto/evp/pmeth_lib.c		patch \| blob \| blame \| history
include/crypto/ec.h		patch \| blob \| blame \| history
include/openssl/ec.h		patch \| blob \| blame \| history
util/libcrypto.num		patch \| blob \| blame \| history