diff options
| author | Richard Levitte <levitte@openssl.org> | 2021-02-03 13:55:30 +0100 |
|---|---|---|
| committer | Pauli <ppzgs1@gmail.com> | 2021-02-05 15:53:42 +1000 |
| commit | 13e85fb3214fc5c84e30258ed56add1275b0fde3 (patch) | |
| tree | 180fb3720c93425df00f4d74b90322367828cf0b | |
| parent | f4a3799cc45cb986d5920403b3e0471678fee020 (diff) | |
EVP: Adapt the other EVP_PKEY_set_xxx_param() functions
They were calling evp_keymgmt_set_params() directly. Those calls are
changed to go through EVP_PKEY_set_params().
We take the opportunity to constify these functions. They have to
unconstify internally for the compiler to stop complaining when
placing those pointers in an OSSL_PARAM element, but that's still
better than forcing the callers to do that cast.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14056)
| -rw-r--r-- | crypto/evp/p_lib.c | 65 | ||||
| -rw-r--r-- | doc/man3/EVP_PKEY_gettable_params.pod | 8 | ||||
| -rw-r--r-- | doc/man3/EVP_PKEY_settable_params.pod | 7 | ||||
| -rw-r--r-- | include/openssl/evp.h | 8 | ||||
| -rw-r--r-- | util/libcrypto.num | 1 |
5 files changed, 51 insertions, 38 deletions
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index b97a8d16fa..122e5149b8 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1995,15 +1995,6 @@ int evp_pkey_downgrade(EVP_PKEY *pk) } #endif /* FIPS_MODULE */ -const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey) -{ - if (pkey == NULL - || pkey->keymgmt == NULL - || pkey->keydata == NULL) - return 0; - return EVP_KEYMGMT_gettable_params(pkey->keymgmt); -} - int EVP_PKEY_get_bn_param(const EVP_PKEY *pkey, const char *key_name, BIGNUM **bn) { @@ -2023,7 +2014,7 @@ int EVP_PKEY_get_bn_param(const EVP_PKEY *pkey, const char *key_name, memset(buffer, 0, sizeof(buffer)); params[0] = OSSL_PARAM_construct_BN(key_name, buffer, sizeof(buffer)); params[1] = OSSL_PARAM_construct_end(); - if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) { + if (!EVP_PKEY_get_params(pkey, params)) { if (!OSSL_PARAM_modified(params) || params[0].return_size == 0) return 0; buf_sz = params[0].return_size; @@ -2037,7 +2028,7 @@ int EVP_PKEY_get_bn_param(const EVP_PKEY *pkey, const char *key_name, params[0].data = buf; params[0].data_size = buf_sz; - if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) + if (!EVP_PKEY_get_params(pkey, params)) goto err; } /* Fail if the param was not found */ @@ -2063,7 +2054,7 @@ int EVP_PKEY_get_octet_string_param(const EVP_PKEY *pkey, const char *key_name, params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, max_buf_sz); params[1] = OSSL_PARAM_construct_end(); - if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params) + if (!EVP_PKEY_get_params(pkey, params) || !OSSL_PARAM_modified(params)) return 0; if (out_sz != NULL) @@ -2085,7 +2076,7 @@ int EVP_PKEY_get_utf8_string_param(const EVP_PKEY *pkey, const char *key_name, params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, max_buf_sz); params[1] = OSSL_PARAM_construct_end(); - if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params) + if (!EVP_PKEY_get_params(pkey, params) || !OSSL_PARAM_modified(params)) return 0; if (out_sz != NULL) @@ -2106,10 +2097,8 @@ int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name, params[0] = OSSL_PARAM_construct_int(key_name, out); params[1] = OSSL_PARAM_construct_end(); - if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params) - || !OSSL_PARAM_modified(params)) - return 0; - return 1; + return EVP_PKEY_get_params(pkey, params) + && OSSL_PARAM_modified(params); } int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name, @@ -2125,10 +2114,8 @@ int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name, params[0] = OSSL_PARAM_construct_size_t(key_name, out); params[1] = OSSL_PARAM_construct_end(); - if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params) - || !OSSL_PARAM_modified(params)) - return 0; - return 1; + return EVP_PKEY_get_params(pkey, params) + && OSSL_PARAM_modified(params); } int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in) @@ -2143,7 +2130,7 @@ int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in) params[0] = OSSL_PARAM_construct_int(key_name, &in); params[1] = OSSL_PARAM_construct_end(); - return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); + return EVP_PKEY_set_params(pkey, params); } int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in) @@ -2158,10 +2145,11 @@ int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in) params[0] = OSSL_PARAM_construct_size_t(key_name, &in); params[1] = OSSL_PARAM_construct_end(); - return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); + return EVP_PKEY_set_params(pkey, params); } -int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn) +int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, + const BIGNUM *bn) { OSSL_PARAM params[2]; unsigned char buffer[2048]; @@ -2182,11 +2170,11 @@ int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn) return 0; params[0] = OSSL_PARAM_construct_BN(key_name, buffer, bsize); params[1] = OSSL_PARAM_construct_end(); - return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); + return EVP_PKEY_set_params(pkey, params); } int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name, - char *str) + const char *str) { OSSL_PARAM params[2]; @@ -2196,13 +2184,13 @@ int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name, || key_name == NULL) return 0; - params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, 0); + params[0] = OSSL_PARAM_construct_utf8_string(key_name, (char *)str, 0); params[1] = OSSL_PARAM_construct_end(); - return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); + return EVP_PKEY_set_params(pkey, params); } int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, - unsigned char *buf, size_t bsize) + const unsigned char *buf, size_t bsize) { OSSL_PARAM params[2]; @@ -2212,9 +2200,10 @@ int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, || key_name == NULL) return 0; - params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, bsize); + params[0] = OSSL_PARAM_construct_octet_string(key_name, + (unsigned char *)buf, bsize); params[1] = OSSL_PARAM_construct_end(); - return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); + return EVP_PKEY_set_params(pkey, params); } const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey) @@ -2236,6 +2225,20 @@ int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]) && evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); } +const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey) +{ + return pkey != NULL + && evp_pkey_is_provided(pkey) + && EVP_KEYMGMT_gettable_params(pkey->keymgmt); +} + +int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[]) +{ + return pkey != NULL + && evp_pkey_is_provided(pkey) + && evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params); +} + #ifndef FIPS_MODULE int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey) { diff --git a/doc/man3/EVP_PKEY_gettable_params.pod b/doc/man3/EVP_PKEY_gettable_params.pod index 8b176f0819..9b455a22f6 100644 --- a/doc/man3/EVP_PKEY_gettable_params.pod +++ b/doc/man3/EVP_PKEY_gettable_params.pod @@ -2,7 +2,8 @@ =head1 NAME -EVP_PKEY_gettable_params, EVP_PKEY_get_int_param, EVP_PKEY_get_size_t_param, +EVP_PKEY_gettable_params, EVP_PKEY_get_params, +EVP_PKEY_get_int_param, EVP_PKEY_get_size_t_param, EVP_PKEY_get_bn_param, EVP_PKEY_get_utf8_string_param, EVP_PKEY_get_octet_string_param - retrieve key parameters from a key @@ -12,6 +13,7 @@ EVP_PKEY_get_octet_string_param #include <openssl/evp.h> const OSSL_PARAM *EVP_PKEY_gettable_params(EVP_PKEY *pkey); + int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[]); int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name, int *out); int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name, @@ -27,6 +29,10 @@ EVP_PKEY_get_octet_string_param =head1 DESCRIPTION +EVP_PKEY_get_params() retrieves parameters from the key I<pkey>, according to +the contents of I<params>. +See L<OSSL_PARAM(3)> for information about parameters. + EVP_PKEY_gettable_params() returns a constant list of I<params> indicating the names and types of key parameters that can be retrieved. See L<OSSL_PARAM(3)> for information about parameters. diff --git a/doc/man3/EVP_PKEY_settable_params.pod b/doc/man3/EVP_PKEY_settable_params.pod index a33eadc8fc..535570cd1d 100644 --- a/doc/man3/EVP_PKEY_settable_params.pod +++ b/doc/man3/EVP_PKEY_settable_params.pod @@ -15,11 +15,12 @@ EVP_PKEY_set_utf8_string_param, EVP_PKEY_set_octet_string_param int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]); int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in); int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in); - int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn); + int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, + const BIGNUM *bn); int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name, - char *str); + const char *str); int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, - unsigned char *buf, size_t bsize); + const unsigned char *buf, size_t bsize); =head1 DESCRIPTION diff --git a/include/openssl/evp.h b/include/openssl/evp.h index f5e3592c30..d327397121 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1796,6 +1796,7 @@ int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, OSSL_PARAM param[]); const OSSL_PARAM *EVP_PKEY_param_fromdata_settable(EVP_PKEY_CTX *ctx); const OSSL_PARAM *EVP_PKEY_key_fromdata_settable(EVP_PKEY_CTX *ctx); const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey); +int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[]); int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name, int *out); int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name, @@ -1812,11 +1813,12 @@ const OSSL_PARAM *EVP_PKEY_settable_params(EVP_PKEY *pkey); int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]); int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in); int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in); -int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM *bn); +int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, + const BIGNUM *bn); int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name, - char *str); + const char *str); int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, - unsigned char *buf, size_t bsize); + const unsigned char *buf, size_t bsize); int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey); int EVP_PKEY_get_field_type(const EVP_PKEY *pkey); diff --git a/util/libcrypto.num b/util/libcrypto.num index cbba0768b1..32e7779bce 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5298,3 +5298,4 @@ EVP_PKEY_set_utf8_string_param ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_set_octet_string_param ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_get_ec_point_conv_form ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_get_field_type ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_get_params ? 3_0_0 EXIST::FUNCTION: |