From: Pauli Date: Mon, 1 Mar 2021 23:02:25 +0000 (+1000) Subject: provider: add params argument to key manager's gen_init call X-Git-Tag: openssl-3.0.0-alpha14~333 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f9562909b73f02f0ca5f411f87a2e73de654f3bd;p=thirdparty%2Fopenssl.git provider: add params argument to key manager's gen_init call Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/14383) --- diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index 5731b734187..da111c2cd7c 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -408,7 +408,8 @@ static int dh_validate(const void *keydata, int selection, int checktype) return ok; } -static void *dh_gen_init_base(void *provctx, int selection, int type) +static void *dh_gen_init_base(void *provctx, int selection, + const OSSL_PARAM params[], int type) { OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct dh_gen_ctx *gctx = NULL; @@ -441,17 +442,23 @@ static void *dh_gen_init_base(void *provctx, int selection, int type) gctx->generator = DH_GENERATOR_2; gctx->dh_type = type; } + if (!dh_gen_set_params(gctx, params)) { + OPENSSL_free(gctx); + gctx = NULL; + } return gctx; } -static void *dh_gen_init(void *provctx, int selection) +static void *dh_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) { - return dh_gen_init_base(provctx, selection, DH_FLAG_TYPE_DH); + return dh_gen_init_base(provctx, selection, params, DH_FLAG_TYPE_DH); } -static void *dhx_gen_init(void *provctx, int selection) +static void *dhx_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) { - return dh_gen_init_base(provctx, selection, DH_FLAG_TYPE_DHX); + return dh_gen_init_base(provctx, selection, params, DH_FLAG_TYPE_DHX); } static int dh_gen_set_template(void *genctx, void *templ) @@ -487,6 +494,9 @@ static int dh_gen_set_params(void *genctx, const OSSL_PARAM params[]) if (gctx == NULL) return 0; + if (params == NULL) + return 1; + p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_TYPE); if (p != NULL) { diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index 92ab579b66f..e6e9a513971 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -365,7 +365,8 @@ static int dsa_validate(const void *keydata, int selection, int checktype) return ok; } -static void *dsa_gen_init(void *provctx, int selection) +static void *dsa_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) { OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct dsa_gen_ctx *gctx = NULL; @@ -387,6 +388,10 @@ static void *dsa_gen_init(void *provctx, int selection) gctx->pcounter = -1; gctx->hindex = 0; } + if (!dsa_gen_set_params(gctx, params)) { + OPENSSL_free(gctx); + gctx = NULL; + } return gctx; } @@ -423,6 +428,9 @@ static int dsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) if (gctx == NULL) return 0; + if (params == NULL) + return 1; + p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_TYPE); if (p != NULL) { diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index 92521b66ec6..01e59832360 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -774,6 +774,9 @@ int ec_set_params(void *key, const OSSL_PARAM params[]) if (key == NULL) return 0; + if (params == NULL) + return 1; + if (!ossl_ec_group_set_params((EC_GROUP *)EC_KEY_get0_group(key), params)) return 0; @@ -932,7 +935,8 @@ struct ec_gen_ctx { EC_GROUP *gen_group; }; -static void *ec_gen_init(void *provctx, int selection) +static void *ec_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) { OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct ec_gen_ctx *gctx = NULL; @@ -945,6 +949,10 @@ static void *ec_gen_init(void *provctx, int selection) gctx->selection = selection; gctx->ecdh_mode = 0; } + if (!ec_gen_set_params(gctx, params)) { + OPENSSL_free(gctx); + gctx = NULL; + } return gctx; } diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c index 0adfd011732..8e47dfb03e2 100644 --- a/providers/implementations/keymgmt/ecx_kmgmt.c +++ b/providers/implementations/keymgmt/ecx_kmgmt.c @@ -41,6 +41,8 @@ static OSSL_FUNC_keymgmt_gen_fn x448_gen; static OSSL_FUNC_keymgmt_gen_fn ed25519_gen; static OSSL_FUNC_keymgmt_gen_fn ed448_gen; static OSSL_FUNC_keymgmt_gen_cleanup_fn ecx_gen_cleanup; +static OSSL_FUNC_keymgmt_gen_set_params_fn ecx_gen_set_params; +static OSSL_FUNC_keymgmt_gen_settable_params_fn ecx_gen_settable_params; static OSSL_FUNC_keymgmt_load_fn ecx_load; static OSSL_FUNC_keymgmt_get_params_fn x25519_get_params; static OSSL_FUNC_keymgmt_get_params_fn x448_get_params; @@ -373,6 +375,9 @@ static int ecx_set_params(void *key, const OSSL_PARAM params[]) ECX_KEY *ecxkey = key; const OSSL_PARAM *p; + if (params == NULL) + return 1; + p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY); if (p != NULL) { void *buf = ecxkey->pubkey; @@ -445,7 +450,8 @@ static const OSSL_PARAM *ed448_settable_params(void *provctx) return ed_settable_params; } -static void *ecx_gen_init(void *provctx, int selection, ECX_KEY_TYPE type) +static void *ecx_gen_init(void *provctx, int selection, + const OSSL_PARAM params[], ECX_KEY_TYPE type) { OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct ecx_gen_ctx *gctx = NULL; @@ -458,27 +464,35 @@ static void *ecx_gen_init(void *provctx, int selection, ECX_KEY_TYPE type) gctx->type = type; gctx->selection = selection; } + if (!ecx_gen_set_params(gctx, params)) { + OPENSSL_free(gctx); + gctx = NULL; + } return gctx; } -static void *x25519_gen_init(void *provctx, int selection) +static void *x25519_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) { - return ecx_gen_init(provctx, selection, ECX_KEY_TYPE_X25519); + return ecx_gen_init(provctx, selection, params, ECX_KEY_TYPE_X25519); } -static void *x448_gen_init(void *provctx, int selection) +static void *x448_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) { - return ecx_gen_init(provctx, selection, ECX_KEY_TYPE_X448); + return ecx_gen_init(provctx, selection, params, ECX_KEY_TYPE_X448); } -static void *ed25519_gen_init(void *provctx, int selection) +static void *ed25519_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) { - return ecx_gen_init(provctx, selection, ECX_KEY_TYPE_ED25519); + return ecx_gen_init(provctx, selection, params, ECX_KEY_TYPE_ED25519); } -static void *ed448_gen_init(void *provctx, int selection) +static void *ed448_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) { - return ecx_gen_init(provctx, selection, ECX_KEY_TYPE_ED448); + return ecx_gen_init(provctx, selection, params, ECX_KEY_TYPE_ED448); } static int ecx_gen_set_params(void *genctx, const OSSL_PARAM params[]) diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index 9d98d32fb2e..9039816ee8a 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -47,6 +47,7 @@ static OSSL_FUNC_keymgmt_new_fn mac_new_cmac; static OSSL_FUNC_keymgmt_gettable_params_fn cmac_gettable_params; static OSSL_FUNC_keymgmt_import_types_fn cmac_imexport_types; static OSSL_FUNC_keymgmt_export_types_fn cmac_imexport_types; +static OSSL_FUNC_keymgmt_gen_init_fn cmac_gen_init; static OSSL_FUNC_keymgmt_gen_set_params_fn cmac_gen_set_params; static OSSL_FUNC_keymgmt_gen_settable_params_fn cmac_gen_settable_params; @@ -371,7 +372,7 @@ static const OSSL_PARAM *mac_settable_params(void *provctx) return settable_params; } -static void *mac_gen_init(void *provctx, int selection) +static void *mac_gen_init_common(void *provctx, int selection) { OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct mac_gen_ctx *gctx = NULL; @@ -386,6 +387,30 @@ static void *mac_gen_init(void *provctx, int selection) return gctx; } +static void *mac_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) +{ + struct mac_gen_ctx *gctx = mac_gen_init_common(provctx, selection); + + if (gctx != NULL && !mac_gen_set_params(gctx, params)) { + OPENSSL_free(gctx); + gctx = NULL; + } + return gctx; +} + +static void *cmac_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) +{ + struct mac_gen_ctx *gctx = mac_gen_init_common(provctx, selection); + + if (gctx != NULL && !cmac_gen_set_params(gctx, params)) { + OPENSSL_free(gctx); + gctx = NULL; + } + return gctx; +} + static int mac_gen_set_params(void *genctx, const OSSL_PARAM params[]) { struct mac_gen_ctx *gctx = genctx; @@ -535,7 +560,7 @@ const OSSL_DISPATCH ossl_cossl_mac_legacy_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))cmac_imexport_types }, { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))mac_export }, { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))cmac_imexport_types }, - { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))mac_gen_init }, + { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))cmac_gen_init }, { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))cmac_gen_set_params }, { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, (void (*)(void))cmac_gen_settable_params }, diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index ac8443a7399..095c713aac3 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -417,7 +417,8 @@ static int rsa_gencb(int p, int n, BN_GENCB *cb) return gctx->cb(params, gctx->cbarg); } -static void *gen_init(void *provctx, int selection, int rsa_type) +static void *gen_init(void *provctx, int selection, int rsa_type, + const OSSL_PARAM params[]) { OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct rsa_gen_ctx *gctx = NULL; @@ -441,17 +442,23 @@ static void *gen_init(void *provctx, int selection, int rsa_type) gctx->rsa_type = rsa_type; } } + if (!rsa_gen_set_params(gctx, params)) { + OPENSSL_free(gctx); + gctx = NULL; + } return gctx; } -static void *rsa_gen_init(void *provctx, int selection) +static void *rsa_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) { - return gen_init(provctx, selection, RSA_FLAG_TYPE_RSA); + return gen_init(provctx, selection, RSA_FLAG_TYPE_RSA, params); } -static void *rsapss_gen_init(void *provctx, int selection) +static void *rsapss_gen_init(void *provctx, int selection, + const OSSL_PARAM params[]) { - return gen_init(provctx, selection, RSA_FLAG_TYPE_RSASSAPSS); + return gen_init(provctx, selection, RSA_FLAG_TYPE_RSASSAPSS, params); } /* @@ -464,6 +471,9 @@ static int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) struct rsa_gen_ctx *gctx = genctx; const OSSL_PARAM *p; + if (params == NULL) + return 1; + if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_BITS)) != NULL && !OSSL_PARAM_get_size_t(p, &gctx->nbits)) return 0;