diff options
| author | Ingo Franzki <ifranzki@linux.ibm.com> | 2023-02-08 17:26:20 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2023-02-24 09:53:07 +0000 |
| commit | 5e3b84505e44377b183e7529dab7585674b83936 (patch) | |
| tree | cad04fa7b51ef890a101b905b56789ff1ffa3b59 /include | |
| parent | 65def9de8088ae39d8f251e0b57f1a0f204daa14 (diff) | |
Add OSSL_FUNC_keymgmt_im/export_types function that gets the provider context
The provider functions OSSL_FUNC_keymgmt_import_types() and
OSSL_FUNC_keymgmt_export_types() do not get the provider context passed.
This makes it difficult for providers to implement these functions unless
its a static implementation returning a truly constant OSSL_PARAM array.
Some providers may have a need to return an OSSL_PARAM array that is
dependent on the provider configuration, or anything else that is contained
in its provider context.
Add extended variants of these functions that get the provider context passed.
The functions should still return a static and constant OSSL_PARAM array, but
may use the provider context to select the array to return dependent on its
context. The returned array must be constant at least until the provider is
unloaded.
Providers can implement only the original functions, or only the extended
functions, or both. Implementing at least one of those functions is required
if also the respective OSSL_FUNC_keymgmt_import() or OSSL_FUNC_keymgmt_export()
function is implemented. If an extended function is available, it is called by
evp_keymgmt_import_types() or evp_keymgmt_export_types(), otherwise the original
function is called.
This makes the code backward compatible. Existing providers will only implement
the original functions, so these functions will continued to be called.
Newer providers can choose to implement the extended functions, and thus can
benefit from the provider context being passed to the implementation.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20255)
Diffstat (limited to 'include')
| -rw-r--r-- | include/openssl/core_dispatch.h | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h index 114e2667ce..92767e413f 100644 --- a/include/openssl/core_dispatch.h +++ b/include/openssl/core_dispatch.h @@ -644,6 +644,14 @@ OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_export_types, OSSL_CORE_MAKE_FUNC(void *, keymgmt_dup, (const void *keydata_from, int selection)) +/* Extended import and export functions */ +# define OSSL_FUNC_KEYMGMT_IMPORT_TYPES_EX 45 +# define OSSL_FUNC_KEYMGMT_EXPORT_TYPES_EX 46 +OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_import_types_ex, + (void *provctx, int selection)) +OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_export_types_ex, + (void *provctx, int selection)) + /* Key Exchange */ # define OSSL_FUNC_KEYEXCH_NEWCTX 1 |