diff options
| author | Richard Levitte <levitte@openssl.org> | 2019-10-15 14:50:35 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2019-11-07 11:50:39 +0100 |
| commit | 46e2dd05ef1456e3e8fc3d12bd839bae01576c19 (patch) | |
| tree | 34349335133b5c1692863ce82627647867dbe426 /include | |
| parent | 54a0d4ceb28d53f5b00a27fc5ca8ff8f0ddf9036 (diff) | |
Add EVP functionality to create domain params and keys by user data
This is the EVP operation that corresponds to creating direct RSA, DH
and DSA keys and set their numbers, to then assign them to an EVP_PKEY,
but done entirely using an algorithm agnostic EVP interface.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10187)
Diffstat (limited to 'include')
| -rw-r--r-- | include/crypto/evp.h | 3 | ||||
| -rw-r--r-- | include/openssl/evp.h | 28 |
2 files changed, 22 insertions, 9 deletions
diff --git a/include/crypto/evp.h b/include/crypto/evp.h index 8f8def2655..7753bc0e42 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -581,6 +581,9 @@ void evp_app_cleanup_int(void); void *evp_keymgmt_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt, int domainparams); void evp_keymgmt_clear_pkey_cache(EVP_PKEY *pk); +void *evp_keymgmt_fromdata(EVP_PKEY *target, EVP_KEYMGMT *keymgmt, + const OSSL_PARAM params[], int domainparams); + /* KEYMGMT provider interface functions */ void *evp_keymgmt_importdomparams(const EVP_KEYMGMT *keymgmt, diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 06f8b1f1db..05bf87147c 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1375,14 +1375,16 @@ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); # define EVP_PKEY_OP_UNDEFINED 0 # define EVP_PKEY_OP_PARAMGEN (1<<1) # define EVP_PKEY_OP_KEYGEN (1<<2) -# define EVP_PKEY_OP_SIGN (1<<3) -# define EVP_PKEY_OP_VERIFY (1<<4) -# define EVP_PKEY_OP_VERIFYRECOVER (1<<5) -# define EVP_PKEY_OP_SIGNCTX (1<<6) -# define EVP_PKEY_OP_VERIFYCTX (1<<7) -# define EVP_PKEY_OP_ENCRYPT (1<<8) -# define EVP_PKEY_OP_DECRYPT (1<<9) -# define EVP_PKEY_OP_DERIVE (1<<10) +# define EVP_PKEY_OP_PARAMFROMDATA (1<<3) +# define EVP_PKEY_OP_KEYFROMDATA (1<<4) +# define EVP_PKEY_OP_SIGN (1<<5) +# define EVP_PKEY_OP_VERIFY (1<<6) +# define EVP_PKEY_OP_VERIFYRECOVER (1<<7) +# define EVP_PKEY_OP_SIGNCTX (1<<8) +# define EVP_PKEY_OP_VERIFYCTX (1<<9) +# define EVP_PKEY_OP_ENCRYPT (1<<10) +# define EVP_PKEY_OP_DECRYPT (1<<11) +# define EVP_PKEY_OP_DERIVE (1<<12) # define EVP_PKEY_OP_TYPE_SIG \ (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \ @@ -1395,7 +1397,10 @@ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); (EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_DERIVE) # define EVP_PKEY_OP_TYPE_GEN \ - (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN) + (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN) + +# define EVP_PKEY_OP_TYPE_FROMDATA \ + (EVP_PKEY_OP_PARAMFROMDATA | EVP_PKEY_OP_KEYFROMDATA) # define EVP_PKEY_CTX_set_mac_key(ctx, key, len) \ EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_KEYGEN, \ @@ -1553,6 +1558,11 @@ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); +int EVP_PKEY_param_fromdata_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_key_fromdata_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, OSSL_PARAM param[]); +const OSSL_PARAM *EVP_PKEY_param_fromdata_settable(EVP_PKEY_CTX *ctx); +const OSSL_PARAM *EVP_PKEY_key_fromdata_settable(EVP_PKEY_CTX *ctx); int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx); |