diff options
author | Richard Levitte <levitte@openssl.org> | 2021-01-20 23:10:48 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2021-02-23 13:41:48 +0100 |
commit | 6fcd92d3d72540bddb738e2b037dda9a157cfc5c (patch) | |
tree | f6d8fd89760537abf53e62e1208e746bdb4f4204 /crypto/evp/pmeth_lib.c | |
parent | 513731299398f4597aa575154a973654bbc2e0ef (diff) | |
download | openssl-6fcd92d3d72540bddb738e2b037dda9a157cfc5c.tar.gz |
EVP: Adapt diverse OSSL_PARAM setters and getters
EVP_PKEY_get_group_name() now simply calls EVP_PKEY_get_utf8_string_param().
EVP_PKEY_CTX_set_group_name() now simply calls EVP_PKEY_CTX_set_params().
EVP_PKEY_get_bn_param(), EVP_PKEY_get_octet_string_param(),
EVP_PKEY_get_utf8_string_param() and EVP_PKEY_get_int_param() can now
handle legacy EVP_PKEYs by calling evp_pkey_get_params_to_ctrl().
EVP_PKEY_CTX_get_params() can now handle a legacy backed EVP_PKEY_CTX
by calling evp_pkey_ctx_get_params_to_ctrl().
Note: EVP_PKEY_CTX_set_params() doesn't call the translator yet.
Should it ever?
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Diffstat (limited to 'crypto/evp/pmeth_lib.c')
-rw-r--r-- | crypto/evp/pmeth_lib.c | 102 |
1 files changed, 60 insertions, 42 deletions
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index abea7b02df..c83ebaecc7 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -655,65 +655,83 @@ int EVP_PKEY_CTX_is_a(EVP_PKEY_CTX *ctx, const char *keytype) int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params) { - if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx) - && ctx->op.kex.exchprovctx != NULL + switch (evp_pkey_ctx_state(ctx)) { + case EVP_PKEY_STATE_PROVIDER: + if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx) && ctx->op.kex.exchange != NULL && ctx->op.kex.exchange->set_ctx_params != NULL) - return ctx->op.kex.exchange->set_ctx_params(ctx->op.kex.exchprovctx, - params); - if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx) - && ctx->op.sig.sigprovctx != NULL + return + ctx->op.kex.exchange->set_ctx_params(ctx->op.kex.exchprovctx, + params); + if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx) && ctx->op.sig.signature != NULL && ctx->op.sig.signature->set_ctx_params != NULL) - return ctx->op.sig.signature->set_ctx_params(ctx->op.sig.sigprovctx, - params); - if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx) - && ctx->op.ciph.ciphprovctx != NULL + return + ctx->op.sig.signature->set_ctx_params(ctx->op.sig.sigprovctx, + params); + if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx) && ctx->op.ciph.cipher != NULL && ctx->op.ciph.cipher->set_ctx_params != NULL) - return ctx->op.ciph.cipher->set_ctx_params(ctx->op.ciph.ciphprovctx, - params); - if (EVP_PKEY_CTX_IS_GEN_OP(ctx) - && ctx->op.keymgmt.genctx != NULL - && ctx->keymgmt != NULL - && ctx->keymgmt->gen_set_params != NULL) - return evp_keymgmt_gen_set_params(ctx->keymgmt, ctx->op.keymgmt.genctx, - params); - if (EVP_PKEY_CTX_IS_KEM_OP(ctx) - && ctx->op.encap.kemprovctx != NULL - && ctx->op.encap.kem != NULL - && ctx->op.encap.kem->set_ctx_params != NULL) - return ctx->op.encap.kem->set_ctx_params(ctx->op.encap.kemprovctx, - params); + return + ctx->op.ciph.cipher->set_ctx_params(ctx->op.ciph.ciphprovctx, + params); + if (EVP_PKEY_CTX_IS_GEN_OP(ctx) + && ctx->keymgmt != NULL + && ctx->keymgmt->gen_set_params != NULL) + return + evp_keymgmt_gen_set_params(ctx->keymgmt, ctx->op.keymgmt.genctx, + params); + if (EVP_PKEY_CTX_IS_KEM_OP(ctx) + && ctx->op.encap.kem != NULL + && ctx->op.encap.kem->set_ctx_params != NULL) + return + ctx->op.encap.kem->set_ctx_params(ctx->op.encap.kemprovctx, + params); + break; +#ifndef FIPS_MODULE + case EVP_PKEY_STATE_UNKNOWN: + case EVP_PKEY_STATE_LEGACY: + return evp_pkey_ctx_set_params_to_ctrl(ctx, params); +#endif + } return 0; } int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params) { - if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx) - && ctx->op.kex.exchprovctx != NULL + switch (evp_pkey_ctx_state(ctx)) { + case EVP_PKEY_STATE_PROVIDER: + if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx) && ctx->op.kex.exchange != NULL && ctx->op.kex.exchange->get_ctx_params != NULL) - return ctx->op.kex.exchange->get_ctx_params(ctx->op.kex.exchprovctx, - params); - if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx) - && ctx->op.sig.sigprovctx != NULL + return + ctx->op.kex.exchange->get_ctx_params(ctx->op.kex.exchprovctx, + params); + if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx) && ctx->op.sig.signature != NULL && ctx->op.sig.signature->get_ctx_params != NULL) - return ctx->op.sig.signature->get_ctx_params(ctx->op.sig.sigprovctx, - params); - if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx) - && ctx->op.ciph.ciphprovctx != NULL + return + ctx->op.sig.signature->get_ctx_params(ctx->op.sig.sigprovctx, + params); + if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx) && ctx->op.ciph.cipher != NULL && ctx->op.ciph.cipher->get_ctx_params != NULL) - return ctx->op.ciph.cipher->get_ctx_params(ctx->op.ciph.ciphprovctx, - params); - if (EVP_PKEY_CTX_IS_KEM_OP(ctx) - && ctx->op.encap.kemprovctx != NULL - && ctx->op.encap.kem != NULL - && ctx->op.encap.kem->get_ctx_params != NULL) - return ctx->op.encap.kem->get_ctx_params(ctx->op.encap.kemprovctx, - params); + return + ctx->op.ciph.cipher->get_ctx_params(ctx->op.ciph.ciphprovctx, + params); + if (EVP_PKEY_CTX_IS_KEM_OP(ctx) + && ctx->op.encap.kem != NULL + && ctx->op.encap.kem->get_ctx_params != NULL) + return + ctx->op.encap.kem->get_ctx_params(ctx->op.encap.kemprovctx, + params); + break; +#ifndef FIPS_MODULE + case EVP_PKEY_STATE_UNKNOWN: + case EVP_PKEY_STATE_LEGACY: + return evp_pkey_ctx_get_params_to_ctrl(ctx, params); +#endif + } return 0; } |