summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--crypto/dh/dh_lib.c5
-rw-r--r--crypto/dsa/dsa_lib.c5
-rw-r--r--crypto/ec/ec_key.c6
-rw-r--r--crypto/ec/ecx_key.c5
-rw-r--r--crypto/rsa/rsa_lib.c5
-rw-r--r--include/crypto/dh.h1
-rw-r--r--include/crypto/dsa.h1
-rw-r--r--include/crypto/ec.h1
-rw-r--r--include/crypto/ecx.h1
-rw-r--r--include/crypto/rsa.h1
-rw-r--r--providers/implementations/encode_decode/decode_der2key.c60
11 files changed, 91 insertions, 0 deletions
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index e687b04259..e8a66878ab 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -168,6 +168,11 @@ int DH_up_ref(DH *r)
return ((i > 1) ? 1 : 0);
}
+void ossl_dh_set0_libctx(DH *d, OSSL_LIB_CTX *libctx)
+{
+ d->libctx = libctx;
+}
+
#ifndef FIPS_MODULE
int DH_set_ex_data(DH *d, int idx, void *arg)
{
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index 4a9f572edd..df9dd73dfd 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -247,6 +247,11 @@ int DSA_up_ref(DSA *r)
return ((i > 1) ? 1 : 0);
}
+void ossl_dsa_set0_libctx(DSA *d, OSSL_LIB_CTX *libctx)
+{
+ d->libctx = libctx;
+}
+
void DSA_get0_pqg(const DSA *d,
const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
{
diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
index da3d6f04a2..d03c75e8aa 100644
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -659,6 +659,12 @@ const char *ec_key_get0_propq(const EC_KEY *key)
return key->propq;
}
+void ec_key_set0_libctx(EC_KEY *key, OSSL_LIB_CTX *libctx)
+{
+ key->libctx = libctx;
+ /* Do we need to propagate this to the group? */
+}
+
const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key)
{
return key->group;
diff --git a/crypto/ec/ecx_key.c b/crypto/ec/ecx_key.c
index db74a40c97..2b9386d522 100644
--- a/crypto/ec/ecx_key.c
+++ b/crypto/ec/ecx_key.c
@@ -73,6 +73,11 @@ void ecx_key_free(ECX_KEY *key)
OPENSSL_free(key);
}
+void ecx_key_set0_libctx(ECX_KEY *key, OSSL_LIB_CTX *libctx)
+{
+ key->libctx = libctx;
+}
+
int ecx_key_up_ref(ECX_KEY *key)
{
int i;
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 8e7ad45608..f4e3ff423e 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -194,6 +194,11 @@ OSSL_LIB_CTX *ossl_rsa_get0_libctx(RSA *r)
return r->libctx;
}
+void ossl_rsa_set0_libctx(RSA *r, OSSL_LIB_CTX *libctx)
+{
+ r->libctx = libctx;
+}
+
#ifndef FIPS_MODULE
int RSA_set_ex_data(RSA *r, int idx, void *arg)
{
diff --git a/include/crypto/dh.h b/include/crypto/dh.h
index 3afe16935f..290cc7c0d2 100644
--- a/include/crypto/dh.h
+++ b/include/crypto/dh.h
@@ -14,6 +14,7 @@
DH *dh_new_by_nid_ex(OSSL_LIB_CTX *libctx, int nid);
DH *dh_new_ex(OSSL_LIB_CTX *libctx);
+void ossl_dh_set0_libctx(DH *d, OSSL_LIB_CTX *libctx);
int dh_generate_ffc_parameters(DH *dh, int type, int pbits, int qbits,
BN_GENCB *cb);
diff --git a/include/crypto/dsa.h b/include/crypto/dsa.h
index 759fa4cce4..775a83c1ea 100644
--- a/include/crypto/dsa.h
+++ b/include/crypto/dsa.h
@@ -15,6 +15,7 @@
#define DSA_PARAMGEN_TYPE_FIPS_186_2 1 /* Use legacy FIPS186-2 standard */
DSA *dsa_new_with_ctx(OSSL_LIB_CTX *libctx);
+void ossl_dsa_set0_libctx(DSA *d, OSSL_LIB_CTX *libctx);
int dsa_generate_ffc_parameters(DSA *dsa, int type, int pbits, int qbits,
BN_GENCB *cb);
diff --git a/include/crypto/ec.h b/include/crypto/ec.h
index 451a3751a1..087457fa50 100644
--- a/include/crypto/ec.h
+++ b/include/crypto/ec.h
@@ -61,6 +61,7 @@ int ec_key_private_check(const EC_KEY *eckey);
int ec_key_pairwise_check(const EC_KEY *eckey, BN_CTX *ctx);
OSSL_LIB_CTX *ec_key_get_libctx(const EC_KEY *eckey);
const char *ec_key_get0_propq(const EC_KEY *eckey);
+void ec_key_set0_libctx(EC_KEY *key, OSSL_LIB_CTX *libctx);
/* Backend support */
int ec_group_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl,
diff --git a/include/crypto/ecx.h b/include/crypto/ecx.h
index 4771df5fb6..df04cdb562 100644
--- a/include/crypto/ecx.h
+++ b/include/crypto/ecx.h
@@ -77,6 +77,7 @@ typedef struct ecx_key_st ECX_KEY;
size_t ecx_key_length(ECX_KEY_TYPE type);
ECX_KEY *ecx_key_new(OSSL_LIB_CTX *libctx, ECX_KEY_TYPE type, int haspubkey,
const char *propq);
+void ecx_key_set0_libctx(ECX_KEY *key, OSSL_LIB_CTX *libctx);
unsigned char *ecx_key_allocate_privkey(ECX_KEY *key);
void ecx_key_free(ECX_KEY *key);
int ecx_key_up_ref(ECX_KEY *key);
diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h
index ede11cfd41..cb53b5dde6 100644
--- a/include/crypto/rsa.h
+++ b/include/crypto/rsa.h
@@ -51,6 +51,7 @@ const char *ossl_rsa_oaeppss_nid2name(int md);
RSA *ossl_rsa_new_with_ctx(OSSL_LIB_CTX *libctx);
OSSL_LIB_CTX *ossl_rsa_get0_libctx(RSA *r);
+void ossl_rsa_set0_libctx(RSA *r, OSSL_LIB_CTX *libctx);
int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes,
const STACK_OF(BIGNUM) *exps,
diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c
index 17ed16235d..a91bd3b7b8 100644
--- a/providers/implementations/encode_decode/decode_der2key.c
+++ b/providers/implementations/encode_decode/decode_der2key.c
@@ -24,7 +24,11 @@
#include <openssl/x509.h>
#include "internal/cryptlib.h" /* ossl_assert() */
#include "internal/asn1.h"
+#include "crypto/dh.h"
+#include "crypto/dsa.h"
+#include "crypto/ec.h"
#include "crypto/ecx.h"
+#include "crypto/rsa.h"
#include "prov/bio.h"
#include "prov/implementations.h"
#include "prov/providercommonerr.h"
@@ -106,7 +110,9 @@ static OSSL_FUNC_decoder_freectx_fn der2key_freectx;
static OSSL_FUNC_decoder_decode_fn der2key_decode;
static OSSL_FUNC_decoder_export_object_fn der2key_export_object;
+struct der2key_ctx_st; /* Forward declaration */
typedef void *(extract_key_fn)(EVP_PKEY *);
+typedef void (adjust_key_fn)(void *, struct der2key_ctx_st *ctx);
typedef void (free_key_fn)(void *);
struct keytype_desc_st {
const char *keytype_name;
@@ -130,10 +136,16 @@ struct keytype_desc_st {
d2i_of_void *d2i_private_key;
d2i_of_void *d2i_public_key;
d2i_of_void *d2i_key_params;
+
/*
* For PKCS#8 decoders, we use EVP_PKEY extractors, EVP_PKEY_get1_{TYPE}()
*/
extract_key_fn *extract_key;
+ /*
+ * For any key, we may need to make provider specific adjustments, such
+ * as ensure the key carries the correct library context.
+ */
+ adjust_key_fn *adjust_key;
/* {type}_free() */
free_key_fn *free_key;
};
@@ -341,6 +353,9 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
}
}
+ if (key != NULL && ctx->desc->adjust_key != NULL)
+ ctx->desc->adjust_key(key, ctx);
+
end:
/*
* Prune low-level ASN.1 parse errors from error queue, assuming
@@ -403,12 +418,18 @@ static int der2key_export_object(void *vctx,
# define dh_d2i_key_params (d2i_of_void *)d2i_DHparams
# define dh_free (free_key_fn *)DH_free
+static void dh_adjust(void *key, struct der2key_ctx_st *ctx)
+{
+ ossl_dh_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx));
+}
+
# define dhx_evp_type EVP_PKEY_DHX
# define dhx_evp_extract (extract_key_fn *)EVP_PKEY_get1_DH
# define dhx_d2i_private_key NULL
# define dhx_d2i_public_key NULL
# define dhx_d2i_key_params (d2i_of_void *)d2i_DHxparams
# define dhx_free (free_key_fn *)DH_free
+# define dhx_adjust dh_adjust
#endif
/* ---------------------------------------------------------------------- */
@@ -420,6 +441,11 @@ static int der2key_export_object(void *vctx,
# define dsa_d2i_public_key (d2i_of_void *)d2i_DSAPublicKey
# define dsa_d2i_key_params (d2i_of_void *)d2i_DSAparams
# define dsa_free (free_key_fn *)DSA_free
+
+static void dsa_adjust(void *key, struct der2key_ctx_st *ctx)
+{
+ ossl_dsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx));
+}
#endif
/* ---------------------------------------------------------------------- */
@@ -432,16 +458,28 @@ static int der2key_export_object(void *vctx,
# define ec_d2i_key_params (d2i_of_void *)d2i_ECParameters
# define ec_free (free_key_fn *)EC_KEY_free
+static void ec_adjust(void *key, struct der2key_ctx_st *ctx)
+{
+ ec_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx));
+}
+
/*
* ED25519, ED448, X25519, X448 only implement PKCS#8 and SubjectPublicKeyInfo,
* so no d2i functions to be had.
*/
+
+static void ecx_key_adjust(void *key, struct der2key_ctx_st *ctx)
+{
+ ecx_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx));
+}
+
# define ed25519_evp_type EVP_PKEY_ED25519
# define ed25519_evp_extract (extract_key_fn *)evp_pkey_get1_ED25519
# define ed25519_d2i_private_key NULL
# define ed25519_d2i_public_key NULL
# define ed25519_d2i_key_params NULL
# define ed25519_free (free_key_fn *)ecx_key_free
+# define ed25519_adjust ecx_key_adjust
# define ed448_evp_type EVP_PKEY_ED448
# define ed448_evp_extract (extract_key_fn *)evp_pkey_get1_ED448
@@ -449,6 +487,7 @@ static int der2key_export_object(void *vctx,
# define ed448_d2i_public_key NULL
# define ed448_d2i_key_params NULL
# define ed448_free (free_key_fn *)ecx_key_free
+# define ed448_adjust ecx_key_adjust
# define x25519_evp_type EVP_PKEY_X25519
# define x25519_evp_extract (extract_key_fn *)evp_pkey_get1_X25519
@@ -456,6 +495,7 @@ static int der2key_export_object(void *vctx,
# define x25519_d2i_public_key NULL
# define x25519_d2i_key_params NULL
# define x25519_free (free_key_fn *)ecx_key_free
+# define x25519_adjust ecx_key_adjust
# define x448_evp_type EVP_PKEY_X448
# define x448_evp_extract (extract_key_fn *)evp_pkey_get1_X448
@@ -463,6 +503,7 @@ static int der2key_export_object(void *vctx,
# define x448_d2i_public_key NULL
# define x448_d2i_key_params NULL
# define x448_free (free_key_fn *)ecx_key_free
+# define x448_adjust ecx_key_adjust
#endif
/* ---------------------------------------------------------------------- */
@@ -474,12 +515,18 @@ static int der2key_export_object(void *vctx,
#define rsa_d2i_key_params NULL
#define rsa_free (free_key_fn *)RSA_free
+static void rsa_adjust(void *key, struct der2key_ctx_st *ctx)
+{
+ ossl_rsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx));
+}
+
#define rsapss_evp_type EVP_PKEY_RSA_PSS
#define rsapss_evp_extract (extract_key_fn *)EVP_PKEY_get1_RSA
#define rsapss_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey
#define rsapss_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey
#define rsapss_d2i_key_params NULL
#define rsapss_free (free_key_fn *)RSA_free
+#define rsapss_adjust rsa_adjust
/* ---------------------------------------------------------------------- */
@@ -494,6 +541,7 @@ static int der2key_export_object(void *vctx,
keytype##_d2i_public_key, \
NULL, \
NULL, \
+ keytype##_adjust, \
keytype##_free
#define DO_type_specific_pub(keytype) \
@@ -503,6 +551,7 @@ static int der2key_export_object(void *vctx,
keytype##_d2i_public_key, \
NULL, \
NULL, \
+ keytype##_adjust, \
keytype##_free
#define DO_type_specific_priv(keytype) \
@@ -512,6 +561,7 @@ static int der2key_export_object(void *vctx,
NULL, \
NULL, \
NULL, \
+ keytype##_adjust, \
keytype##_free
#define DO_type_specific_params(keytype) \
@@ -521,6 +571,7 @@ static int der2key_export_object(void *vctx,
NULL, \
keytype##_d2i_key_params, \
NULL, \
+ keytype##_adjust, \
keytype##_free
#define DO_type_specific(keytype) \
@@ -530,6 +581,7 @@ static int der2key_export_object(void *vctx,
keytype##_d2i_public_key, \
keytype##_d2i_key_params, \
NULL, \
+ keytype##_adjust, \
keytype##_free
#define DO_type_specific_no_pub(keytype) \
@@ -540,6 +592,7 @@ static int der2key_export_object(void *vctx,
NULL, \
keytype##_d2i_key_params, \
NULL, \
+ keytype##_adjust, \
keytype##_free
#define DO_PKCS8(keytype) \
@@ -549,6 +602,7 @@ static int der2key_export_object(void *vctx,
NULL, \
NULL, \
keytype##_evp_extract, \
+ keytype##_adjust, \
keytype##_free
#define DO_SubjectPublicKeyInfo(keytype) \
@@ -558,6 +612,7 @@ static int der2key_export_object(void *vctx,
NULL, \
NULL, \
keytype##_evp_extract, \
+ keytype##_adjust, \
keytype##_free
#define DO_DH(keytype) \
@@ -567,6 +622,7 @@ static int der2key_export_object(void *vctx,
NULL, \
keytype##_d2i_key_params, \
NULL, \
+ keytype##_adjust, \
keytype##_free
#define DO_DHX(keytype) \
@@ -576,6 +632,7 @@ static int der2key_export_object(void *vctx,
NULL, \
keytype##_d2i_key_params, \
NULL, \
+ keytype##_adjust, \
keytype##_free
#define DO_DSA(keytype) \
@@ -585,6 +642,7 @@ static int der2key_export_object(void *vctx,
keytype##_d2i_public_key, \
keytype##_d2i_key_params, \
NULL, \
+ keytype##_adjust, \
keytype##_free
#define DO_EC(keytype) \
@@ -595,6 +653,7 @@ static int der2key_export_object(void *vctx,
NULL, \
keytype##_d2i_key_params, \
NULL, \
+ keytype##_adjust, \
keytype##_free
#define DO_RSA(keytype) \
@@ -604,6 +663,7 @@ static int der2key_export_object(void *vctx,
keytype##_d2i_public_key, \
NULL, \
NULL, \
+ keytype##_adjust, \
keytype##_free
/*
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 09:36:26 +0000