diff options
author | Richard Levitte <levitte@openssl.org> | 2020-12-04 06:32:24 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-12-08 20:13:54 +0100 |
commit | 88bddad42ee27483d153a0b0c0edd13b2b5fdbc0 (patch) | |
tree | fd271110a0be056d687571762287de1357a78c53 /crypto/evp | |
parent | a73a1892221e04ddb8ff9ec85ebaa48b5a853de6 (diff) |
EVP: Add EVP_PKEY_get_group_name() to extract the group name of a pkey
This replaces the internal evp_pkey_get_EC_KEY_curve_nid()
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13436)
Diffstat (limited to 'crypto/evp')
-rw-r--r-- | crypto/evp/evp_err.c | 2 | ||||
-rw-r--r-- | crypto/evp/p_lib.c | 97 |
2 files changed, 56 insertions, 43 deletions
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index 3a4253b353..c2259f0beb 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -176,6 +176,8 @@ static const ERR_STRING_DATA EVP_str_reasons[] = { "unsupported key derivation function"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_KEY_SIZE), "unsupported key size"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_KEY_TYPE), + "unsupported key type"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS), "unsupported number of rounds"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_PRF), "unsupported prf"}, diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index af14706939..6211019b62 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -32,10 +32,10 @@ #include <openssl/encoder.h> #include <openssl/core_names.h> +#include "internal/ffc.h" #include "crypto/asn1.h" #include "crypto/evp.h" #include "crypto/ecx.h" -#include "internal/evp.h" #include "internal/provider.h" #include "evp_local.h" @@ -1056,48 +1056,6 @@ int EVP_PKEY_can_sign(const EVP_PKEY *pkey) return 0; } -#ifndef OPENSSL_NO_EC -/* - * TODO rewrite when we have proper data extraction functions - * Note: an octet pointer would be desirable! - */ -static OSSL_CALLBACK get_ec_curve_name_cb; -static int get_ec_curve_name_cb(const OSSL_PARAM params[], void *arg) -{ - const OSSL_PARAM *p = NULL; - - if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_GROUP_NAME)) != NULL) - return OSSL_PARAM_get_utf8_string(p, arg, 0); - - /* If there is no curve name, this is not an EC key */ - return 0; -} - -int evp_pkey_get_EC_KEY_curve_nid(const EVP_PKEY *pkey) -{ - int ret = NID_undef; - - if (pkey->keymgmt == NULL) { - if (EVP_PKEY_base_id(pkey) == EVP_PKEY_EC) { - EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); - - ret = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); - } - } else if (EVP_PKEY_is_a(pkey, "EC") || EVP_PKEY_is_a(pkey, "SM2")) { - char *curve_name = NULL; - - ret = evp_keymgmt_util_export(pkey, - OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, - get_ec_curve_name_cb, &curve_name); - if (ret) - ret = ec_curve_name2nid(curve_name); - OPENSSL_free(curve_name); - } - - return ret; -} -#endif - static int print_reset_indent(BIO **out, int pop_f_prefix, long saved_indent) { BIO_set_indent(*out, saved_indent); @@ -1259,6 +1217,59 @@ int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey, } } +int EVP_PKEY_get_group_name(const EVP_PKEY *pkey, char *gname, size_t gname_sz, + size_t *gname_len) +{ + if (evp_pkey_is_legacy(pkey)) { + const char *name = NULL; + + switch (EVP_PKEY_base_id(pkey)) { +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: + { + EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); + int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); + + if (nid != NID_undef) + name = ec_curve_nid2name(nid); + } + break; +#endif +#ifndef OPENSSL_NO_DH + case EVP_PKEY_DH: + { + DH *dh = EVP_PKEY_get0_DH(pkey); + int uid = DH_get_nid(dh); + + if (uid != NID_undef) + name = ossl_ffc_named_group_from_uid(uid); + } + break; +#endif + default: + break; + } + + if (gname_len != NULL) + *gname_len = (name == NULL ? 0 : strlen(name)); + if (name != NULL) { + if (gname != NULL) + OPENSSL_strlcpy(gname, name, gname_sz); + return 1; + } + } else if (evp_pkey_is_provided(pkey)) { + if (EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_GROUP_NAME, + gname, gname_sz, gname_len)) + return 1; + } else { + ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY); + return 0; + } + + ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE); + return 0; +} + int EVP_PKEY_supports_digest_nid(EVP_PKEY *pkey, int nid) { int rv, default_nid; |