diff options
author | Paul Yang <kaishen.yy@antfin.com> | 2020-09-14 18:17:35 +0800 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-09-22 08:18:09 +0100 |
commit | e9aa4a16a63d3498ca211afb28207792e1cde0b6 (patch) | |
tree | 72ae433ead9f7c7f7978bfd051bf346bdebad6de | |
parent | 1d03db90850b18adb63b62afd800a08300cf8228 (diff) | |
download | openssl-e9aa4a16a63d3498ca211afb28207792e1cde0b6.tar.gz |
refactor get params functions
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536)
-rw-r--r-- | providers/implementations/keymgmt/ec_kmgmt.c | 128 |
1 files changed, 27 insertions, 101 deletions
diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index e4b7f80f4f..1e32db1b6f 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -88,41 +88,6 @@ const char *sm2_query_operation_name(int operation_id) } #endif -static ossl_inline -int domparams_to_params(const EC_KEY *ec, OSSL_PARAM_BLD *tmpl, - OSSL_PARAM params[]) -{ - const EC_GROUP *ecg; - int curve_nid; - - if (ec == NULL) - return 0; - - ecg = EC_KEY_get0_group(ec); - if (ecg == NULL) - return 0; - - curve_nid = EC_GROUP_get_curve_name(ecg); - - if (curve_nid == NID_undef) { - /* TODO(3.0): should we support explicit parameters curves? */ - return 0; - } else { - /* named curve */ - const char *curve_name = NULL; - - if ((curve_name = ec_curve_nid2name(curve_nid)) == NULL) - return 0; - if (!ossl_param_build_set_utf8_string(tmpl, params, - OSSL_PKEY_PARAM_GROUP_NAME, - curve_name)) - - return 0; - } - - return 1; -} - /* * Callers of key_to_params MUST make sure that domparams_to_params is also * called! @@ -591,7 +556,7 @@ err: } static -int ec_get_params(void *key, OSSL_PARAM params[]) +int common_get_params(void *key, OSSL_PARAM params[], int sm2) { int ret = 0; EC_KEY *eck = key; @@ -658,19 +623,28 @@ int ec_get_params(void *key, OSSL_PARAM params[]) goto err; } - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL - && !OSSL_PARAM_set_utf8_string(p, EC_DEFAULT_MD)) - goto err; + if (!sm2) { + if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL + && !OSSL_PARAM_set_utf8_string(p, EC_DEFAULT_MD)) + goto err; + } else { + if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL + && !OSSL_PARAM_set_utf8_string(p, SM2_DEFAULT_MD)) + goto err; + } - p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_USE_COFACTOR_ECDH); - if (p != NULL) { - int ecdh_cofactor_mode = 0; + /* SM2 doesn't support this PARAM */ + if (!sm2) { + p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_USE_COFACTOR_ECDH); + if (p != NULL) { + int ecdh_cofactor_mode = 0; - ecdh_cofactor_mode = - (EC_KEY_get_flags(eck) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0; + ecdh_cofactor_mode = + (EC_KEY_get_flags(eck) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0; - if (!OSSL_PARAM_set_int(p, ecdh_cofactor_mode)) - goto err; + if (!OSSL_PARAM_set_int(p, ecdh_cofactor_mode)) + goto err; + } } if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) { p->return_size = EC_POINT_point2oct(EC_KEY_get0_group(key), @@ -693,6 +667,12 @@ err: return ret; } +static +int ec_get_params(void *key, OSSL_PARAM params[]) +{ + return common_get_params(key, params, 0); +} + #ifndef OPENSSL_NO_EC2M # define EC2M_GETTABLE_DOM_PARAMS \ OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_M, NULL), \ @@ -765,61 +745,7 @@ int ec_set_params(void *key, const OSSL_PARAM params[]) static int sm2_get_params(void *key, OSSL_PARAM params[]) { - int ret; - EC_KEY *eck = key; - const EC_GROUP *ecg = NULL; - OSSL_PARAM *p; - unsigned char *pub_key = NULL; - - ecg = EC_KEY_get0_group(eck); - if (ecg == NULL) - return 0; - - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL - && !OSSL_PARAM_set_int(p, ECDSA_size(eck))) - return 0; - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_BITS)) != NULL - && !OSSL_PARAM_set_int(p, EC_GROUP_order_bits(ecg))) - return 0; - - /* XXX: - * We assume SM2 security bits the same as in normal EC case since - * I didn't find definition of SM2 security bits so far. This could - * be updated if the definition is clear in the future. - */ - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_SECURITY_BITS)) != NULL) { - int ecbits, sec_bits; - - ecbits = EC_GROUP_order_bits(ecg); - /* SM2 has only one curve so the sec_bits should always be a constant */ - sec_bits = ecbits / 2; - - if (!OSSL_PARAM_set_int(p, sec_bits)) - return 0; - } - - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL - && !OSSL_PARAM_set_utf8_string(p, SM2_DEFAULT_MD)) - return 0; - - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) { - BN_CTX *ctx = BN_CTX_new_ex(ec_key_get_libctx(key)); - - if (ctx == NULL) - return 0; - p->return_size = EC_POINT_point2oct(EC_KEY_get0_group(key), - EC_KEY_get0_public_key(key), - POINT_CONVERSION_UNCOMPRESSED, - p->data, p->return_size, ctx); - BN_CTX_free(ctx); - if (p->return_size == 0) - return 0; - } - - ret = domparams_to_params(eck, NULL, params) - && key_to_params(eck, NULL, params, 1, &pub_key); - OPENSSL_free(pub_key); - return ret; + return common_get_params(key, params, 1); } static const OSSL_PARAM sm2_known_gettable_params[] = { |