"Downgrade" provider-native keys to legacy where needed

Some sub-systems and openssl sub-commands do not yet deal cleanly with
purely provider-native EVP_PKEYs.  We compensate that by "downgrading"
keys in select places, or ensure that the 'file:' scheme ENGINE loader
is activated.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12587)

6 files changed, 83 insertions, 13 deletions

diff --git a/apps/cms.c b/apps/cms.c
index bcf2f44ce5..d154f460b3 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -866,6 +866,13 @@ int cms_main(int argc, char **argv)
         key = load_key(keyfile, keyform, 0, passin, e, "signing key file");
         if (key == NULL)
             goto end;
+
+        /*
+         * TODO: Remove this when CMS has full support for provider-native
+         * EVP_PKEYs
+         */
+        if (EVP_PKEY_get0(key) == NULL)
+            goto end;
     }
 
     in = bio_open_default(infile, 'r', informat);
@@ -1064,6 +1071,14 @@ int cms_main(int argc, char **argv)
                 ret = 2;
                 goto end;
             }
+
+            /*
+             * TODO: Remove this when CMS has full support for provider-native
+             * EVP_PKEYs
+             */
+            if (EVP_PKEY_get0(key) == NULL)
+                goto end;
+
             for (kparam = key_first; kparam; kparam = kparam->next) {
                 if (kparam->idx == i) {
                     tflags |= CMS_KEY_PARAM;
diff --git a/apps/smime.c b/apps/smime.c
index 5ecdc019d2..dbfcdbeb5a 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -477,6 +477,14 @@ int smime_main(int argc, char **argv)
         key = load_key(keyfile, keyform, 0, passin, e, "signing key file");
         if (key == NULL)
             goto end;
+
+        /*
+         * TODO: Remove this when CMS has full support for provider-native
+         * EVP_PKEYs
+         */
+        if (EVP_PKEY_get0(key) == NULL)
+            goto end;
+
     }
 
     in = bio_open_default(infile, 'r', informat);
@@ -571,6 +579,14 @@ int smime_main(int argc, char **argv)
             key = load_key(keyfile, keyform, 0, passin, e, "signing key file");
             if (key == NULL)
                 goto end;
+
+            /*
+             * TODO: Remove this when CMS has full support for provider-native
+             * EVP_PKEYs
+             */
+            if (EVP_PKEY_get0(key) == NULL)
+                goto end;
+
             if (!PKCS7_sign_add_signer(p7, signer, key, sign_md, flags))
                 goto end;
             X509_free(signer);
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index 797d1d2c25..d891ca22e8 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -319,6 +319,17 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
           ASN1_INTEGER_dup(X509_get0_serialNumber(x509))))
         goto err;
 
+    /*
+     * TODO(3.0) Adapt for provider-native keys
+     * Meanwhile, we downgrade the key.
+     * #legacy
+     */
+    if (!evp_pkey_downgrade(pkey)) {
+        PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET,
+                 PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+        goto err;
+    }
+
     /* lets keep the pkey around for a while */
     EVP_PKEY_up_ref(pkey);
     p7i->pkey = pkey;
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index bae6f2339b..f62e26c290 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -33,6 +33,14 @@
 #include "internal/sizes.h"
 #include "crypto/evp.h"
 
+#ifndef OPENSSL_NO_SM2
+/*
+ * TODO(3.0) remove when provider SM2 keymgmt is implemented and
+ * EVP_PKEY_set_alias_type() works with provider-native keys.
+ */
+# define TMP_SM2_HACK
+#endif
+
 static OPENSSL_CTX *testctx = NULL;
 
 /*
@@ -881,6 +889,11 @@ static int test_EVP_SM2_verify(void)
     if (!TEST_true(pkey != NULL))
         goto done;
 
+#ifdef TMP_SM2_HACK
+    if (!TEST_ptr(EVP_PKEY_get0(pkey)))
+        goto done;
+#endif
+
     if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
         goto done;
 
diff --git a/test/recipes/20-test_pkeyutl.t b/test/recipes/20-test_pkeyutl.t
index 543038cab9..3c135630f7 100644
--- a/test/recipes/20-test_pkeyutl.t
+++ b/test/recipes/20-test_pkeyutl.t
@@ -24,14 +24,21 @@ SKIP: {
     skip "Skipping tests that require EC, SM2 or SM3", 2
         if disabled("ec") || disabled("sm2") || disabled("sm3");
 
+    # TODO(3.0) Remove this when we have a SM2 keymgmt and decoder
+    my @tmp_sm2_hack = qw(-engine loader_attic)
+        unless disabled('dynamic-engine') || disabled('deprecated-3.0');
+    skip "Skipping tests that require dynamic enginess (temporary meaasure)", 2
+        unless @tmp_sm2_hack;
+
     # SM2
-    ok_nofips(run(app(([ 'openssl', 'pkeyutl', '-sign',
+    ok_nofips(run(app(([ 'openssl', 'pkeyutl', @tmp_sm2_hack, '-sign',
                       '-in', srctop_file('test', 'certs', 'sm2.pem'),
                       '-inkey', srctop_file('test', 'certs', 'sm2.key'),
                       '-out', 'sm2.sig', '-rawin',
                       '-digest', 'sm3', '-pkeyopt', 'distid:someid']))),
                       "Sign a piece of data using SM2");
-    ok_nofips(run(app(([ 'openssl', 'pkeyutl', '-verify', '-certin',
+    ok_nofips(run(app(([ 'openssl', 'pkeyutl', @tmp_sm2_hack,
+                      '-verify', '-certin',
                       '-in', srctop_file('test', 'certs', 'sm2.pem'),
                       '-inkey', srctop_file('test', 'certs', 'sm2.pem'),
                       '-sigfile', 'sm2.sig', '-rawin',
diff --git a/test/recipes/25-test_req.t b/test/recipes/25-test_req.t
index 8d26be2bf0..544d32963c 100644
--- a/test/recipes/25-test_req.t
+++ b/test/recipes/25-test_req.t
@@ -29,6 +29,14 @@ if (disabled("rsa")) {
     note("There should not be more that at most 80 per line");
 }
 
+# TODO(3.0) This should be removed as soon as missing support is added
+# Identified problems:
+# - SM2 lacks provider-native keymgmt and decoder
+# - ED25519, ED448, X25519 and X448 signature implementations do not
+#   respond to the "algorithm-id" parameter request.
+my @tmp_loader_hack = qw(-engine loader_attic)
+    unless disabled('dynamic-engine') || disabled('deprecated-3.0');
+
 # Check for duplicate -addext parameters, and one "working" case.
 my @addext_args = ( "openssl", "req", "-new", "-out", "testreq.pem",
     "-config", srctop_file("test", "test.cnf"), @req_new );
@@ -135,15 +143,15 @@ subtest "generating certificate requests with Ed25519" => sub {
 
     SKIP: {
         skip "Ed25519 is not supported by this OpenSSL build", 2
-            if disabled("ec");
+            if disabled("ec") || !@tmp_loader_hack;
 
-        ok(run(app(["openssl", "req",
+        ok(run(app(["openssl", "req", @tmp_loader_hack,
                     "-config", srctop_file("test", "test.cnf"),
                     "-new", "-out", "testreq-ed25519.pem", "-utf8",
                     "-key", srctop_file("test", "tested25519.pem")])),
            "Generating request");
 
-        ok(run(app(["openssl", "req",
+        ok(run(app(["openssl", "req", @tmp_loader_hack,
                     "-config", srctop_file("test", "test.cnf"),
                     "-verify", "-in", "testreq-ed25519.pem", "-noout"])),
            "Verifying signature on request");
@@ -155,15 +163,15 @@ subtest "generating certificate requests with Ed448" => sub {
 
     SKIP: {
         skip "Ed448 is not supported by this OpenSSL build", 2
-            if disabled("ec");
+            if disabled("ec") || !@tmp_loader_hack;
 
-        ok(run(app(["openssl", "req",
+        ok(run(app(["openssl", "req", @tmp_loader_hack,
                     "-config", srctop_file("test", "test.cnf"),
                     "-new", "-out", "testreq-ed448.pem", "-utf8",
                     "-key", srctop_file("test", "tested448.pem")])),
            "Generating request");
 
-        ok(run(app(["openssl", "req",
+        ok(run(app(["openssl", "req", @tmp_loader_hack,
                     "-config", srctop_file("test", "test.cnf"),
                     "-verify", "-in", "testreq-ed448.pem", "-noout"])),
            "Verifying signature on request");
@@ -187,28 +195,28 @@ subtest "generating SM2 certificate requests" => sub {
 
     SKIP: {
         skip "SM2 is not supported by this OpenSSL build", 4
-        if disabled("sm2");
-        ok(run(app(["openssl", "req",
+        if disabled("sm2") || !@tmp_loader_hack;
+        ok(run(app(["openssl", "req", @tmp_loader_hack,
                     "-config", srctop_file("test", "test.cnf"),
                     "-new", "-key", srctop_file("test", "certs", "sm2.key"),
                     "-sigopt", "distid:1234567812345678",
                     "-out", "testreq-sm2.pem", "-sm3"])),
            "Generating SM2 certificate request");
 
-        ok(run(app(["openssl", "req",
+        ok(run(app(["openssl", "req", @tmp_loader_hack,
                     "-config", srctop_file("test", "test.cnf"),
                     "-verify", "-in", "testreq-sm2.pem", "-noout",
                     "-vfyopt", "distid:1234567812345678", "-sm3"])),
            "Verifying signature on SM2 certificate request");
 
-        ok(run(app(["openssl", "req",
+        ok(run(app(["openssl", "req", @tmp_loader_hack,
                     "-config", srctop_file("test", "test.cnf"),
                     "-new", "-key", srctop_file("test", "certs", "sm2.key"),
                     "-sigopt", "hexdistid:DEADBEEF",
                     "-out", "testreq-sm2.pem", "-sm3"])),
            "Generating SM2 certificate request with hex id");
 
-        ok(run(app(["openssl", "req",
+        ok(run(app(["openssl", "req", @tmp_loader_hack,
                     "-config", srctop_file("test", "test.cnf"),
                     "-verify", "-in", "testreq-sm2.pem", "-noout",
                     "-vfyopt", "hexdistid:DEADBEEF", "-sm3"])),