diff options
| author | Richard Levitte <levitte@openssl.org> | 2019-07-06 21:57:15 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2019-07-22 06:18:58 +0200 |
| commit | 70a1f7b4d7a0611508f45ef884472b9d84cbe108 (patch) | |
| tree | cd5bedc27008fca58dbd88c09b5eafd640ec6fe3 /crypto/include | |
| parent | a94a3e0d91378b5c478f687a0dbc51914d4ed497 (diff) | |
Add evp_keymgmt_export_to_provider(), for key transfer between providers
This function is used to transport private key materia from whatever
is already attached to the EVP_PKEY to the new provider, using key
data export and import functionality.
If a legacy lower level key has been assigned to the EVP_PKEY, we use
its data to create a provider side key, and thereby have a bridge
between old style public key types and the EVP_PKEY on providers.
If successful, this function returns a reference to the appropriate
provider side data for the key.
This can be used by any operation that wants to use this key.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9312)
Diffstat (limited to 'crypto/include')
| -rw-r--r-- | crypto/include/internal/asn1_int.h | 8 | ||||
| -rw-r--r-- | crypto/include/internal/evp_int.h | 8 |
2 files changed, 16 insertions, 0 deletions
diff --git a/crypto/include/internal/asn1_int.h b/crypto/include/internal/asn1_int.h index 1f62063b08..674fa704a1 100644 --- a/crypto/include/internal/asn1_int.h +++ b/crypto/include/internal/asn1_int.h @@ -63,6 +63,14 @@ struct evp_pkey_asn1_method_st { int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len); int (*get_priv_key) (const EVP_PKEY *pk, unsigned char *priv, size_t *len); int (*get_pub_key) (const EVP_PKEY *pk, unsigned char *pub, size_t *len); + + /* + * TODO: Make sure these functions are defined for key types that are + * implemented in providers. + */ + /* Exports to providers */ + size_t (*dirty_cnt) (const EVP_PKEY *pk); + void *(*export_to) (const EVP_PKEY *pk, EVP_KEYMGMT *keymgmt); } /* EVP_PKEY_ASN1_METHOD */ ; DEFINE_STACK_OF_CONST(EVP_PKEY_ASN1_METHOD) diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h index 359d561342..ff9b6e545b 100644 --- a/crypto/include/internal/evp_int.h +++ b/crypto/include/internal/evp_int.h @@ -545,6 +545,11 @@ struct evp_pkey_st { EVP_KEYMGMT *keymgmt; void *provkey; } pkeys[10]; + /* + * If there is a legacy key assigned to this structure, we keep + * a copy of that key's dirty count. + */ + size_t dirty_cnt_copy; } /* EVP_PKEY */ ; @@ -555,6 +560,9 @@ void openssl_add_all_kdfs_int(void); void evp_cleanup_int(void); void evp_app_cleanup_int(void); +void *evp_keymgmt_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt); + + /* Pulling defines out of C source files */ #define EVP_RC4_KEY_SIZE 16 |