KEYMGMT: Add functions to get param/key generation parameters

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11328)
2020-03-19 11:16:45 +01:00 · 2020-03-19 11:16:45 +01:00 · 2b9add6965
parent a5c864ce90
commit 2b9add6965
6 changed files with 75 additions and 12 deletions
--- a/crypto/evp/evp_local.h
+++ b/crypto/evp/evp_local.h
@ -86,6 +86,8 @@ struct evp_keymgmt_st {
    OSSL_OP_keymgmt_gen_set_template_fn *gen_set_template;
    OSSL_OP_keymgmt_gen_set_params_fn *gen_set_params;
    OSSL_OP_keymgmt_gen_settable_params_fn *gen_settable_params;
+    OSSL_OP_keymgmt_gen_get_params_fn *gen_get_params;
+    OSSL_OP_keymgmt_gen_gettable_params_fn *gen_gettable_params;
    OSSL_OP_keymgmt_gen_fn *gen;
    OSSL_OP_keymgmt_gen_cleanup_fn *gen_cleanup;

--- a/crypto/evp/keymgmt_meth.c
+++ b/crypto/evp/keymgmt_meth.c
@ -38,7 +38,8 @@ static void *keymgmt_from_dispatch(int name_id,
                                   OSSL_PROVIDER *prov)
 {
    EVP_KEYMGMT *keymgmt = NULL;
-    int setparamfncnt = 0, getparamfncnt = 0, setgenparamfncnt = 0;
+    int setparamfncnt = 0, getparamfncnt = 0;
+    int setgenparamfncnt = 0, getgenparamfncnt = 0;
    int importfncnt = 0, exportfncnt = 0;

    if ((keymgmt = keymgmt_new()) == NULL) {
@ -76,6 +77,20 @@ static void *keymgmt_from_dispatch(int name_id,
                    OSSL_get_OP_keymgmt_gen_settable_params(fns);
            }
            break;
+        case OSSL_FUNC_KEYMGMT_GEN_GET_PARAMS:
+            if (keymgmt->gen_get_params == NULL) {
+                getgenparamfncnt++;
+                keymgmt->gen_get_params =
+                    OSSL_get_OP_keymgmt_gen_get_params(fns);
+            }
+            break;
+        case OSSL_FUNC_KEYMGMT_GEN_GETTABLE_PARAMS:
+            if (keymgmt->gen_gettable_params == NULL) {
+                getgenparamfncnt++;
+                keymgmt->gen_gettable_params =
+                    OSSL_get_OP_keymgmt_gen_gettable_params(fns);
+            }
+            break;
        case OSSL_FUNC_KEYMGMT_GEN:
            if (keymgmt->gen == NULL)
                keymgmt->gen = OSSL_get_OP_keymgmt_gen(fns);
@ -171,6 +186,7 @@ static void *keymgmt_from_dispatch(int name_id,
        || (getparamfncnt != 0 && getparamfncnt != 2)
        || (setparamfncnt != 0 && setparamfncnt != 2)
        || (setgenparamfncnt != 0 && setgenparamfncnt != 2)
+        || (getgenparamfncnt != 0 && getgenparamfncnt != 2)
        || (importfncnt != 0 && importfncnt != 2)
        || (exportfncnt != 0 && exportfncnt != 2)
        || (keymgmt->gen != NULL
@ -319,6 +335,23 @@ const OSSL_PARAM *evp_keymgmt_gen_settable_params(const EVP_KEYMGMT *keymgmt)
    return keymgmt->gen_settable_params(provctx);
 }

+int evp_keymgmt_gen_get_params(const EVP_KEYMGMT *keymgmt, void *genctx,
+                               OSSL_PARAM params[])
+{
+    if (keymgmt->gen_get_params == NULL)
+        return 0;
+    return keymgmt->gen_get_params(genctx, params);
+}
+
+const OSSL_PARAM *evp_keymgmt_gen_gettable_params(const EVP_KEYMGMT *keymgmt)
+{
+    void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
+
+    if (keymgmt->gen_gettable_params == NULL)
+        return NULL;
+    return keymgmt->gen_gettable_params(provctx);
+}
+
 void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx,
                      OSSL_CALLBACK *cb, void *cbarg)
 {
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@ -611,6 +611,12 @@ int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
            && ctx->op.ciph.cipher->get_ctx_params != NULL)
        return ctx->op.ciph.cipher->get_ctx_params(ctx->op.ciph.ciphprovctx,
                                                   params);
+    if (EVP_PKEY_CTX_IS_GEN_OP(ctx)
+        && ctx->op.keymgmt.genctx != NULL
+        && ctx->keymgmt != NULL
+        && ctx->keymgmt->gen_get_params != NULL)
+        return evp_keymgmt_gen_get_params(ctx->keymgmt, ctx->op.keymgmt.genctx,
+                                          params);
    return 0;
 }

--- a/doc/man7/provider-keymgmt.pod
+++ b/doc/man7/provider-keymgmt.pod
@ -22,6 +22,8 @@ provider-keymgmt - The KEYMGMT library E<lt>-E<gt> provider functions
 int OP_keymgmt_gen_set_template(void *genctx, void *template);
 int OP_keymgmt_gen_set_params(void *genctx, const OSSL_PARAM params[]);
 const OSSL_PARAM *OP_keymgmt_gen_settable_params(void *provctx);
+ int OP_keymgmt_gen_get_params(void *genctx, const OSSL_PARAM params[]);
+ const OSSL_PARAM *OP_keymgmt_gen_gettable_params(void *provctx);
 void *OP_keymgmt_gen(void *genctx, OSSL_CALLBACK *cb, void *cbarg);
 void OP_keymgmt_gen_cleanup(void *genctx);

@ -91,6 +93,8 @@ macros in L<openssl-core_numbers.h(7)>, as follows:
 OP_keymgmt_gen_set_template     OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE
 OP_keymgmt_gen_set_params       OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS
 OP_keymgmt_gen_settable_params  OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS
+ OP_keymgmt_gen_get_params       OSSL_FUNC_KEYMGMT_GEN_GET_PARAMS
+ OP_keymgmt_gen_gettable_params  OSSL_FUNC_KEYMGMT_GEN_GETTABLE_PARAMS
 OP_keymgmt_gen                  OSSL_FUNC_KEYMGMT_GEN
 OP_keymgmt_gen_cleanup          OSSL_FUNC_KEYMGMT_GEN_CLEANUP

@ -209,6 +213,7 @@ OP_keymgmt_free() should free the passed I<keydata>.

 OP_keymgmt_gen_init(), OP_keymgmt_gen_set_template(),
 OP_keymgmt_gen_set_params(), OP_keymgmt_gen_settable_params(),
+OP_keymgmt_gen_get_params(), OP_keymgmt_gen_gettable_params(),
 OP_keymgmt_gen() and OP_keymgmt_gen_cleanup() work together as a more
 elaborate context based key object constructor.

@ -230,6 +235,13 @@ OP_keymgmt_gen_settable_params() should return a constant array of
 descriptor B<OSSL_PARAM>, for parameters that OP_keymgmt_gen_set_params() 
 can handle.

+OP_keymgmt_gen_get_params() should extract information data associated
+with the key object generation context I<genctx>.
+
+OP_keymgmt_gen_gettable_params() should return a constant array of
+descriptor B<OSSL_PARAM>, for parameters that OP_keymgmt_gen_get_params() 
+can handle.
+
 OP_keymgmt_gen() should perform the key object generation itself, and
 return the result.  The callback I<cb> should be called at regular
 intervals with indications on how the key object generation
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@ -676,6 +676,10 @@ int evp_keymgmt_gen_set_params(const EVP_KEYMGMT *keymgmt, void *genctx,
                               const OSSL_PARAM params[]);
 const OSSL_PARAM *
 evp_keymgmt_gen_settable_params(const EVP_KEYMGMT *keymgmt);
+int evp_keymgmt_gen_get_params(const EVP_KEYMGMT *keymgmt, void *genctx,
+                               OSSL_PARAM params[]);
+const OSSL_PARAM *
+evp_keymgmt_gen_gettable_params(const EVP_KEYMGMT *keymgmt);
 void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx,
                      OSSL_CALLBACK *cb, void *cbarg);
 void evp_keymgmt_gen_cleanup(const EVP_KEYMGMT *keymgmt, void *genctx);
--- a/include/openssl/core_numbers.h
+++ b/include/openssl/core_numbers.h
@ -388,12 +388,14 @@ OSSL_CORE_MAKE_FUNC(int, OP_kdf_set_ctx_params,
 OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_new, (void *provctx))

 /* Generation, a more complex constructor */
-# define OSSL_FUNC_KEYMGMT_GEN_INIT                    3
-# define OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE            4
-# define OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS              5
-# define OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS         6
-# define OSSL_FUNC_KEYMGMT_GEN                         7
-# define OSSL_FUNC_KEYMGMT_GEN_CLEANUP                 8
+# define OSSL_FUNC_KEYMGMT_GEN_INIT                    2
+# define OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE            3
+# define OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS              4
+# define OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS         5
+# define OSSL_FUNC_KEYMGMT_GEN_GET_PARAMS              6
+# define OSSL_FUNC_KEYMGMT_GEN_GETTABLE_PARAMS         7
+# define OSSL_FUNC_KEYMGMT_GEN                         8
+# define OSSL_FUNC_KEYMGMT_GEN_CLEANUP                 9
 OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_gen_init,
                    (void *provctx, int selection))
 OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_gen_set_template,
@ -402,23 +404,27 @@ OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_gen_set_params,
                    (void *genctx, const OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
                    OP_keymgmt_gen_settable_params, (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_gen_get_params,
+                    (void *genctx, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
+                    OP_keymgmt_gen_gettable_params, (void *provctx))
 OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_gen,
                    (void *genctx, OSSL_CALLBACK *cb, void *cbarg))
 OSSL_CORE_MAKE_FUNC(void, OP_keymgmt_gen_cleanup, (void *genctx))

 /* Basic key object destruction */
-# define OSSL_FUNC_KEYMGMT_FREE                        9
+# define OSSL_FUNC_KEYMGMT_FREE                       10
 OSSL_CORE_MAKE_FUNC(void, OP_keymgmt_free, (void *keydata))

 /* Key object information, with discovery */
-#define OSSL_FUNC_KEYMGMT_GET_PARAMS                  10
-#define OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS             11
+#define OSSL_FUNC_KEYMGMT_GET_PARAMS                  11
+#define OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS             12
 OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_get_params,
                    (void *keydata, OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_gettable_params, (void))

-#define OSSL_FUNC_KEYMGMT_SET_PARAMS                  12
-#define OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS             13
+#define OSSL_FUNC_KEYMGMT_SET_PARAMS                  13
+#define OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS             14
 OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_set_params,
                    (void *keydata, const OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_settable_params, (void))