diff options
| author | Richard Levitte <levitte@openssl.org> | 2020-09-10 22:06:46 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2020-09-12 20:24:22 +0200 |
| commit | 7229a2f4ab9b4d8cecf44be58adeb14e195ff051 (patch) | |
| tree | a53312a3ec4f5d2fa58efded3ebf9a2016b830f4 | |
| parent | 4588f35b5af9bc0d250877ce22915d0cd96f320e (diff) | |
EC: Reimplement EVP_PKEY_CTX_set_ec_param_enc() to support providers
Fixes #12852
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12853)
| -rw-r--r-- | crypto/ec/ec_ctrl.c | 40 | ||||
| -rw-r--r-- | crypto/evp/pmeth_lib.c | 3 | ||||
| -rw-r--r-- | include/crypto/ec.h | 2 | ||||
| -rw-r--r-- | include/openssl/ec.h | 7 | ||||
| -rw-r--r-- | util/libcrypto.num | 1 |
5 files changed, 47 insertions, 6 deletions
diff --git a/crypto/ec/ec_ctrl.c b/crypto/ec/ec_ctrl.c index b47d7b606c..1465af2bec 100644 --- a/crypto/ec/ec_ctrl.c +++ b/crypto/ec/ec_ctrl.c @@ -443,4 +443,44 @@ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid) return EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(nid)); } + +int evp_pkey_ctx_set_ec_param_enc_prov(EVP_PKEY_CTX *ctx, int param_enc) +{ + const char *enc = NULL; + OSSL_PARAM params[2], *p = params; + int ret = -2; /* Assume unsupported */ + + if (ctx == NULL + || !EVP_PKEY_CTX_IS_GEN_OP(ctx) + || ctx->op.keymgmt.genctx == NULL) + goto end; + + switch (param_enc) { + case OPENSSL_EC_EXPLICIT_CURVE: + enc = OSSL_PKEY_EC_ENCODING_EXPLICIT; + break; + case OPENSSL_EC_NAMED_CURVE: + enc = OSSL_PKEY_EC_ENCODING_GROUP; + break; + default: + goto end; + } + + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_EC_ENCODING, + (char *)enc, 0); + *p++ = OSSL_PARAM_construct_end(); + + ret = evp_pkey_ctx_set_params_strict(ctx, params); + end: + if (ret == -2) + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + return ret; +} + +int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, + EVP_PKEY_CTRL_EC_PARAM_ENC, param_enc, NULL); +} #endif diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index e557e14e18..12f09ed79b 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -26,6 +26,7 @@ #include "crypto/asn1.h" #include "crypto/evp.h" #include "crypto/dh.h" +#include "crypto/ec.h" #include "internal/ffc.h" #include "internal/numbers.h" #include "internal/provider.h" @@ -1248,6 +1249,8 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype, # ifndef OPENSSL_NO_EC if (keytype == EVP_PKEY_EC) { switch (cmd) { + case EVP_PKEY_CTRL_EC_PARAM_ENC: + return evp_pkey_ctx_set_ec_param_enc_prov(ctx, p1); case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID: return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, p1); case EVP_PKEY_CTRL_EC_ECDH_COFACTOR: diff --git a/include/crypto/ec.h b/include/crypto/ec.h index 587f7a39fc..071fbcad19 100644 --- a/include/crypto/ec.h +++ b/include/crypto/ec.h @@ -68,5 +68,7 @@ int ec_key_otherparams_fromdata(EC_KEY *ec, const OSSL_PARAM params[]); int ec_set_ecdh_cofactor_mode(EC_KEY *ec, int mode); int ec_encoding_name2id(const char *name); +int evp_pkey_ctx_set_ec_param_enc_prov(EVP_PKEY_CTX *ctx, int param_enc); + # endif /* OPENSSL_NO_EC */ #endif diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 9e0a6486cd..aca52e6923 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -1470,12 +1470,7 @@ DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_verify # endif int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid); - -# define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \ - EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL) - +int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc); int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode); int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx); diff --git a/util/libcrypto.num b/util/libcrypto.num index e3ca2fe625..efadadd94b 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5301,3 +5301,4 @@ EVP_PKEY_CTX_get1_id ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_get1_id_len ? 3_0_0 EXIST::FUNCTION: CMS_AuthEnvelopedData_create ? 3_0_0 EXIST::FUNCTION:CMS CMS_AuthEnvelopedData_create_with_libctx ? 3_0_0 EXIST::FUNCTION:CMS +EVP_PKEY_CTX_set_ec_param_enc ? 3_0_0 EXIST::FUNCTION:EC |