Add functions to set values into an EVP_PKEY

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13139)
author: Shane Lontis <shane.lontis@oracle.com> 2020-10-15 13:39:02 +1000
committer: Tomas Mraz <tomas@openssl.org> 2021-01-26 15:22:13 +0100
commit: 98dbf2c1c8143c0cc6dd05be7950d90bc6792064 (patch)
tree: 80e18bd238e8f64b4b207846e8322b4ecfdb1592
parent: 5764c3522c417fc775a78df4529e7a6f93379de8 (diff)
4 files changed, 203 insertions, 0 deletions
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index f82e42c7e3..f43f5488d0 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -2138,3 +2138,107 @@ int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name,
         return 0;
     return 1;
 }
+
+int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in)
+{
+    OSSL_PARAM params[2];
+
+    if (pkey == NULL
+        || pkey->keymgmt == NULL
+        || pkey->keydata == NULL
+        || key_name == NULL)
+        return 0;
+
+    params[0] = OSSL_PARAM_construct_int(key_name, &in);
+    params[1] = OSSL_PARAM_construct_end();
+    return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
+}
+
+int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in)
+{
+    OSSL_PARAM params[2];
+
+    if (pkey == NULL
+        || pkey->keymgmt == NULL
+        || pkey->keydata == NULL
+        || key_name == NULL)
+        return 0;
+
+    params[0] = OSSL_PARAM_construct_size_t(key_name, &in);
+    params[1] = OSSL_PARAM_construct_end();
+    return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
+}
+
+int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn)
+{
+    OSSL_PARAM params[2];
+    unsigned char buffer[2048];
+    int bsize = 0;
+
+    if (pkey == NULL
+        || pkey->keymgmt == NULL
+        || pkey->keydata == NULL
+        || key_name == NULL
+        || bn == NULL)
+        return 0;
+
+    bsize = BN_num_bytes(bn);
+    if (!ossl_assert(bsize <= (int)sizeof(buffer)))
+        return 0;
+
+    if (BN_bn2nativepad(bn, buffer, bsize) < 0)
+        return 0;
+    params[0] = OSSL_PARAM_construct_BN(key_name, buffer, bsize);
+    params[1] = OSSL_PARAM_construct_end();
+    return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
+}
+
+int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
+                                   char *str)
+{
+    OSSL_PARAM params[2];
+
+    if (pkey == NULL
+        || pkey->keymgmt == NULL
+        || pkey->keydata == NULL
+        || key_name == NULL)
+        return 0;
+
+    params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, 0);
+    params[1] = OSSL_PARAM_construct_end();
+    return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
+}
+
+int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name,
+                                    unsigned char *buf, size_t bsize)
+{
+    OSSL_PARAM params[2];
+
+    if (pkey == NULL
+        || pkey->keymgmt == NULL
+        || pkey->keydata == NULL
+        || key_name == NULL)
+        return 0;
+
+    params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, bsize);
+    params[1] = OSSL_PARAM_construct_end();
+    return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
+}
+
+const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey)
+{
+    if (pkey == NULL
+        || pkey->keymgmt == NULL
+        || pkey->keydata == NULL)
+        return 0;
+    return EVP_KEYMGMT_settable_params(pkey->keymgmt);
+}
+
+int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[])
+{
+    if (pkey == NULL
+        || pkey->keymgmt == NULL
+        || pkey->keydata == NULL)
+        return 0;
+    return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
+}
diff --git a/doc/man3/EVP_PKEY_settable_params.pod b/doc/man3/EVP_PKEY_settable_params.pod
new file mode 100644
index 0000000000..7d18472465
--- /dev/null
+++ b/doc/man3/EVP_PKEY_settable_params.pod
@@ -0,0 +1,82 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_settable_params, EVP_PKEY_set_params,
+EVP_PKEY_set_int_param, EVP_PKEY_set_size_t_param, EVP_PKEY_set_bn_param,
+EVP_PKEY_set_utf8_string_param, EVP_PKEY_set_octet_string_param
+- set key parameters into a key
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey);
+ int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]);
+ int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in);
+ int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in);
+ int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn);
+ int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
+                                    char *str);
+ int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name,
+                                     unsigned char *buf, size_t bsize);
+
+=head1 DESCRIPTION
+
+These functions can be used to set additional parameters into an existing
+B<EVP_PKEY>.
+
+EVP_PKEY_set_params() sets one or more I<params> into a I<pkey>.
+See L<OSSL_PARAM(3)> for information about parameters.
+
+EVP_PKEY_settable_params() returns a constant list of I<params> indicating
+the names and types of key parameters that can be set.
+See L<OSSL_PARAM(3)> for information about parameters.
+
+EVP_PKEY_set_int_param() sets an integer value I<in> into a key I<pkey> for the
+associated field I<key_name>.
+
+EVP_PKEY_set_size_t_param() sets an size_t value I<in> into a key I<pkey> for
+the associated field I<key_name>.
+
+EVP_PKEY_set_bn_param() sets the BIGNUM value I<bn> into a key I<pkey> for the
+associated field I<key_name>.
+
+EVP_PKEY_set_utf8_string_param() sets the UTF8 string I<str> into a key I<pkey>
+for the associated field I<key_name>.
+
+EVP_PKEY_set_octet_string_param() sets the octet string value I<buf> with a
+size I<bsize> into a key I<pkey> for the associated field I<key_name>.
+
+=head1 NOTES
+
+These functions only work for B<EVP_PKEY>s that contain a provider side key.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_settable_params() returns NULL on error or if it is not supported,
+
+All other methods return 1 if a value was successfully set, or 0 if
+there was an error.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_gettable_params(3)>,
+L<EVP_PKEY_CTX_new(3)>, L<provider-keymgmt(7)>, L<OSSL_PARAM(3)>,
+
+
+=head1 HISTORY
+
+These functions were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
+
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 0180170b8d..6893b49ce4 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1795,6 +1795,16 @@ int EVP_PKEY_get_octet_string_param(const EVP_PKEY *pkey, const char *key_name,
                                     unsigned char *buf, size_t max_buf_sz,
                                     size_t *out_sz);
 
+const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey);
+int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]);
+int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in);
+int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in);
+int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn);
+int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
+                                   char *str);
+int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name,
+                                    unsigned char *buf, size_t bsize);
+
 int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
 int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index bc39e25b6d..8b23993b07 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5287,3 +5287,10 @@ PEM_write_bio_PUBKEY_ex                 ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_get_group_name                 ?	3_0_0	EXIST::FUNCTION:
 CRYPTO_atomic_or                        ?	3_0_0	EXIST::FUNCTION:
 CRYPTO_atomic_load                      ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_settable_params                ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_set_params                     ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_set_int_param                  ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_set_size_t_param               ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_set_bn_param                   ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_set_utf8_string_param          ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_set_octet_string_param         ?	3_0_0	EXIST::FUNCTION:
author	Shane Lontis <shane.lontis@oracle.com>	2020-10-15 13:39:02 +1000
committer	Tomas Mraz <tomas@openssl.org>	2021-01-26 15:22:13 +0100
commit	98dbf2c1c8143c0cc6dd05be7950d90bc6792064 (patch)
tree	80e18bd238e8f64b4b207846e8322b4ecfdb1592
parent	5764c3522c417fc775a78df4529e7a6f93379de8 (diff)