root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

refactor get params functions 

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536)
This commit is contained in:
Paul Yang 2020-09-14 18:17:35 +08:00 committed by Matt Caswell
parent 1d03db9085
commit e9aa4a16a6
1 changed files with 29 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

132
providers/implementations/keymgmt/ec_kmgmt.c
View File

@ -88,41 +88,6 @@ const char *sm2_query_operation_name(int operation_id)
} }
#endif #endif
static ossl_inline
int domparams_to_params(const EC_KEY *ec, OSSL_PARAM_BLD *tmpl,
OSSL_PARAM params[])
{
const EC_GROUP *ecg;
int curve_nid;
if (ec == NULL)
return 0;
ecg = EC_KEY_get0_group(ec);
if (ecg == NULL)
return 0;
curve_nid = EC_GROUP_get_curve_name(ecg);
if (curve_nid == NID_undef) {
/* TODO(3.0): should we support explicit parameters curves? */
return 0;
} else {
/* named curve */
const char *curve_name = NULL;
if ((curve_name = ec_curve_nid2name(curve_nid)) == NULL)
return 0;
if (!ossl_param_build_set_utf8_string(tmpl, params,
OSSL_PKEY_PARAM_GROUP_NAME,
curve_name))
return 0;
}
return 1;
}
/* /*
* Callers of key_to_params MUST make sure that domparams_to_params is also * Callers of key_to_params MUST make sure that domparams_to_params is also
* called! * called!
@ -591,7 +556,7 @@ err:
} }
static static
int ec_get_params(void *key, OSSL_PARAM params[]) int common_get_params(void *key, OSSL_PARAM params[], int sm2)
{ {
int ret = 0; int ret = 0;
EC_KEY *eck = key; EC_KEY *eck = key;
@ -658,19 +623,28 @@ int ec_get_params(void *key, OSSL_PARAM params[])
goto err; goto err;
} }
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL if (!sm2) {
&& !OSSL_PARAM_set_utf8_string(p, EC_DEFAULT_MD)) if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL
goto err; && !OSSL_PARAM_set_utf8_string(p, EC_DEFAULT_MD))
p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_USE_COFACTOR_ECDH);
if (p != NULL) {
int ecdh_cofactor_mode = 0;
ecdh_cofactor_mode =
(EC_KEY_get_flags(eck) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0;
if (!OSSL_PARAM_set_int(p, ecdh_cofactor_mode))
goto err; goto err;
} else {
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL
&& !OSSL_PARAM_set_utf8_string(p, SM2_DEFAULT_MD))
goto err;
}
/* SM2 doesn't support this PARAM */
if (!sm2) {
p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_USE_COFACTOR_ECDH);
if (p != NULL) {
int ecdh_cofactor_mode = 0;
ecdh_cofactor_mode =
(EC_KEY_get_flags(eck) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0;
if (!OSSL_PARAM_set_int(p, ecdh_cofactor_mode))
goto err;
}
} }
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) { if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) {
p->return_size = EC_POINT_point2oct(EC_KEY_get0_group(key), p->return_size = EC_POINT_point2oct(EC_KEY_get0_group(key),
@ -693,6 +667,12 @@ err:
return ret; return ret;
} }
static
int ec_get_params(void *key, OSSL_PARAM params[])
{
return common_get_params(key, params, 0);
}
#ifndef OPENSSL_NO_EC2M #ifndef OPENSSL_NO_EC2M
# define EC2M_GETTABLE_DOM_PARAMS \ # define EC2M_GETTABLE_DOM_PARAMS \
OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_M, NULL), \ OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_M, NULL), \
@ -765,61 +745,7 @@ int ec_set_params(void *key, const OSSL_PARAM params[])
static static
int sm2_get_params(void *key, OSSL_PARAM params[]) int sm2_get_params(void *key, OSSL_PARAM params[])
{ {
int ret; return common_get_params(key, params, 1);
EC_KEY *eck = key;
const EC_GROUP *ecg = NULL;
OSSL_PARAM *p;
unsigned char *pub_key = NULL;
ecg = EC_KEY_get0_group(eck);
if (ecg == NULL)
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL
&& !OSSL_PARAM_set_int(p, ECDSA_size(eck)))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_BITS)) != NULL
&& !OSSL_PARAM_set_int(p, EC_GROUP_order_bits(ecg)))
return 0;
/* XXX:
* We assume SM2 security bits the same as in normal EC case since
* I didn't find definition of SM2 security bits so far. This could
* be updated if the definition is clear in the future.
*/
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_SECURITY_BITS)) != NULL) {
int ecbits, sec_bits;
ecbits = EC_GROUP_order_bits(ecg);
/* SM2 has only one curve so the sec_bits should always be a constant */
sec_bits = ecbits / 2;
if (!OSSL_PARAM_set_int(p, sec_bits))
return 0;
}
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL
&& !OSSL_PARAM_set_utf8_string(p, SM2_DEFAULT_MD))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) {
BN_CTX *ctx = BN_CTX_new_ex(ec_key_get_libctx(key));
if (ctx == NULL)
return 0;
p->return_size = EC_POINT_point2oct(EC_KEY_get0_group(key),
EC_KEY_get0_public_key(key),
POINT_CONVERSION_UNCOMPRESSED,
p->data, p->return_size, ctx);
BN_CTX_free(ctx);
if (p->return_size == 0)
return 0;
}
ret = domparams_to_params(eck, NULL, params)
&& key_to_params(eck, NULL, params, 1, &pub_key);
OPENSSL_free(pub_key);
return ret;
} }
static const OSSL_PARAM sm2_known_gettable_params[] = { static const OSSL_PARAM sm2_known_gettable_params[] = {