EVP: Adapt the EC_KEY specific EVP_PKEY_CTX setter / getter functions

author Richard Levitte <levitte@openssl.org>

Wed, 10 Feb 2021 18:00:05 +0000 (19:00 +0100)

committer Richard Levitte <levitte@openssl.org>

Tue, 23 Feb 2021 12:41:48 +0000 (13:41 +0100)
author Richard Levitte <levitte@openssl.org>
Wed, 10 Feb 2021 18:00:05 +0000 (19:00 +0100)
committer Richard Levitte <levitte@openssl.org>
Tue, 23 Feb 2021 12:41:48 +0000 (13:41 +0100)
diff --git a/crypto/evp/ec_ctrl.c b/crypto/evp/ec_ctrl.c

index 9d35e5f6baab3931cc0587a9be6fe7abaa313891..17f1a8f28882b9e643b5a39c4029e6c1824b13ee 100644 (file)
--- a/crypto/evp/ec_ctrl.c
+++ b/crypto/evp/ec_ctrl.c
@@ -32,7 +32,8 @@ int evp_pkey_ctx_getset_ecdh_param_checks(const EVP_PKEY_CTX *ctx)
      }
  
      /* If key type not EC return error */
-    if (ctx->pmeth != NULL && ctx->pmeth->pkey_id != EVP_PKEY_EC)
+    if (evp_pkey_ctx_is_legacy(ctx)
+        && ctx->pmeth != NULL && ctx->pmeth->pkey_id != EVP_PKEY_EC)
          return -1;
  
      return 1;
@@ -58,24 +59,13 @@ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode)
          return -2;
      }
  
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.kex.exchprovctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
-                                 EVP_PKEY_OP_DERIVE,
-                                 EVP_PKEY_CTRL_EC_ECDH_COFACTOR,
-                                 cofactor_mode, NULL);
-
      *p++ = OSSL_PARAM_construct_int(OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE,
                                      &cofactor_mode);
      *p++ = OSSL_PARAM_construct_end();
  
      ret = evp_pkey_ctx_set_params_strict(ctx, params);
-    if (ret == -2) {
+    if (ret == -2)
          ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    }
-
      return ret;
  }
  
@@ -88,207 +78,87 @@ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx)
      if (ret != 1)
          return ret;
  
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.kex.exchprovctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
-                                 EVP_PKEY_OP_DERIVE,
-                                 EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL);
-
      *p++ = OSSL_PARAM_construct_int(OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE,
                                      &mode);
      *p++ = OSSL_PARAM_construct_end();
  
      ret = evp_pkey_ctx_get_params_strict(ctx, params);
-    if (ret == -2) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    } else if (ret != 1) {
-        return -1;
-    }
  
-    if (mode < 0 || mode > 1) {
-        /*
-         * The provider should return either 0 or 1, any other value is a
-         * provider error.
-         */
-        return -1;
+    switch (ret) {
+    case -2:
+        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+        break;
+    case 1:
+        ret = mode;
+        if (mode < 0 || mode > 1) {
+            /*
+             * The provider should return either 0 or 1, any other value is a
+             * provider error.
+             */
+            ret = -1;
+        }
+        break;
+    default:
+        ret = -1;
+        break;
      }
  
-    return mode;
+    return ret;
  }
  
+/*
+ * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
+ * simply because that's easier.
+ */
  int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf)
  {
-    int ret;
-    const char *kdf_type;
-    OSSL_PARAM params[2], *p = params;
-
-    ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx);
-    if (ret != 1)
-        return ret;
-
-    switch (kdf) {
-        case EVP_PKEY_ECDH_KDF_NONE:
-            kdf_type = "";
-            break;
-        case EVP_PKEY_ECDH_KDF_X9_63:
-            kdf_type = OSSL_KDF_NAME_X963KDF;
-            break;
-        default:
-            return -2;
-    }
-
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.kex.exchprovctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
-                                 EVP_PKEY_OP_DERIVE,
-                                 EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL);
-
-    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE,
-                                            /*
-                                             * Cast away the const. This is read
-                                             * only so should be safe
-                                             */
-                                            (char *)kdf_type, 0);
-    *p++ = OSSL_PARAM_construct_end();
-
-    ret = evp_pkey_ctx_set_params_strict(ctx, params);
-    if (ret == -2) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    }
-
-    return ret;
+    return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE,
+                             EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL);
  }
  
+/*
+ * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
+ * simply because that's easier.
+ */
  int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx)
  {
-    int ret;
-    /* 80 should be big enough */
-    char kdf_type[80];
-    OSSL_PARAM params[2], *p = params;
-
-    ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx);
-    if (ret != 1)
-        return ret;
-
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.kex.exchprovctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
-                                 EVP_PKEY_OP_DERIVE,
-                                 EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL);
-
-    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE,
-                                            kdf_type, sizeof(kdf_type));
-    *p++ = OSSL_PARAM_construct_end();
-
-    ret = evp_pkey_ctx_get_params_strict(ctx, params);
-    if (ret == -2) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    } else if (ret != 1) {
-        return -1;
-    }
-
-    if (kdf_type[0] == '\0')
-        return EVP_PKEY_ECDH_KDF_NONE;
-    else if (strcmp(kdf_type, OSSL_KDF_NAME_X963KDF) == 0)
-        return EVP_PKEY_ECDH_KDF_X9_63;
-
-    return -1;
+    return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE,
+                             EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL);
  }
  
+/*
+ * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
+ * simply because that's easier.
+ * TODO(3.0) Should this be deprecated in favor of passing a name?
+ */
  int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
  {
-    int ret;
-    OSSL_PARAM params[2], *p = params;
-    const char *md_name = NULL;
-
-    ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx);
-    if (ret != 1)
-        return ret;
-
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.kex.exchprovctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
-                                 EVP_PKEY_OP_DERIVE,
-                                 EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)(md));
-
-    md_name = (md == NULL) ? "" : EVP_MD_name(md);
-
-    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST,
-                                            /*
-                                             * Cast away the const. This is read
-                                             * only so should be safe
-                                             */
-                                            (char *)md_name, 0);
-    *p++ = OSSL_PARAM_construct_end();
-
-    ret = evp_pkey_ctx_set_params_strict(ctx, params);
-    if (ret == -2) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    }
-    return ret;
+    return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE,
+                             EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)(md));
  }
  
+/*
+ * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
+ * simply because that's easier.
+ * TODO(3.0) Should this be deprecated in favor of getting a name?
+ */
  int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd)
  {
-    /* 80 should be big enough */
-    char name[80] = "";
-    int ret;
-    OSSL_PARAM params[2], *p = params;
-
-    ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx);
-    if (ret != 1)
-        return ret;
-
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.kex.exchprovctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
-                                 EVP_PKEY_OP_DERIVE,
-                                 EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)(pmd));
-
-    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST,
-                                            name, sizeof(name));
-    *p++ = OSSL_PARAM_construct_end();
-
-    ret = evp_pkey_ctx_get_params_strict(ctx, params);
-    if (ret == -2) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    } else if (ret != 1) {
-        return -1;
-    }
-
-    /* May be NULL meaning "unknown" */
-    *pmd = EVP_get_digestbyname(name);
-
-    return 1;
+    return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE,
+                             EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)(pmd));
  }
  
-int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int in)
+int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int outlen)
  {
      int ret;
-    size_t len = in;
+    size_t len = outlen;
      OSSL_PARAM params[2], *p = params;
  
      ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx);
      if (ret != 1)
          return ret;
  
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.kex.exchprovctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
-                                 EVP_PKEY_OP_DERIVE,
-                                 EVP_PKEY_CTRL_EC_KDF_OUTLEN, in, NULL);
-
-    if (in <= 0) {
+    if (outlen <= 0) {
          /*
           * This would ideally be -1 or 0, but we have to retain compatibility
           * with legacy behaviour of EVP_PKEY_CTX_ctrl() which returned -2 if
@@ -302,11 +172,8 @@ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int in)
      *p++ = OSSL_PARAM_construct_end();
  
      ret = evp_pkey_ctx_set_params_strict(ctx, params);
-    if (ret == -2) {
+    if (ret == -2)
          ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    }
      return ret;
  }
  
@@ -320,32 +187,28 @@ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *plen)
      if (ret != 1)
          return ret;
  
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.kex.exchprovctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
-                                 EVP_PKEY_OP_DERIVE,
-                                 EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0,
-                                 (void *)(plen));
-
      *p++ = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN,
                                         &len);
      *p++ = OSSL_PARAM_construct_end();
  
      ret = evp_pkey_ctx_get_params_strict(ctx, params);
-    if (ret == -2) {
+
+    switch (ret) {
+    case -2:
          ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    } else if (ret != 1) {
-        return -1;
+        break;
+    case 1:
+        if (len <= INT_MAX)
+            *plen = (int)len;
+        else
+            ret = -1;
+        break;
+    default:
+        ret = -1;
+        break;
      }
  
-    if (len > INT_MAX)
-        return -1;
-
-    *plen = (int)len;
-
-    return 1;
+    return ret;
  }
  
  int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len)
@@ -357,12 +220,6 @@ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int le
      if (ret != 1)
          return ret;
  
-    /* TODO(3.0): Remove this eventually when no more legacy */
-    if (ctx->op.kex.exchprovctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
-                                 EVP_PKEY_OP_DERIVE,
-                                 EVP_PKEY_CTRL_EC_KDF_UKM, len, (void *)(ukm));
-
      *p++ = OSSL_PARAM_construct_octet_string(OSSL_EXCHANGE_PARAM_KDF_UKM,
                                              /*
                                               * Cast away the const. This is read
@@ -373,13 +230,16 @@ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int le
      *p++ = OSSL_PARAM_construct_end();
  
      ret = evp_pkey_ctx_set_params_strict(ctx, params);
-    if (ret == -2) {
+
+    switch (ret) {
+    case -2:
          ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    }
-    if (ret == 1)
+        break;
+    case 1:
          OPENSSL_free(ukm);
+        break;
+    }
+
      return ret;
  }
  
@@ -405,81 +265,46 @@ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **pukm)
      *p++ = OSSL_PARAM_construct_end();
  
      ret = evp_pkey_ctx_get_params_strict(ctx, params);
-    if (ret == -2) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    } else if (ret != 1) {
-        return -1;
-    }
  
-    ukmlen = params[0].return_size;
-    if (ukmlen > INT_MAX)
-        return -1;
-
-    return (int)ukmlen;
-}
-
-#ifndef FIPS_MODULE
-int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid)
-{
-    if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
+    switch (ret) {
+    case -2:
          ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
-        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
-        return -2;
-    }
-
-    /* Legacy: if key type not EC return error */
-    if (ctx->pmeth != NULL
-        && EVP_PKEY_type(ctx->pmeth->pkey_id) != EVP_PKEY_EC)
-        return -1;
-
-    if (ctx->op.keymgmt.genctx == NULL)
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
-                                 EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN,
-                                 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID,
-                                 nid, NULL);
-
-    return EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(nid));
-}
-
-int evp_pkey_ctx_set_ec_param_enc_prov(EVP_PKEY_CTX *ctx, int param_enc)
-{
-    const char *enc = NULL;
-    OSSL_PARAM params[2], *p = params;
-    int ret = -2;                /* Assume unsupported */
-
-    if (ctx == NULL
-        || !EVP_PKEY_CTX_IS_GEN_OP(ctx)
-        || ctx->op.keymgmt.genctx == NULL)
-        goto end;
-
-    switch (param_enc) {
-    case OPENSSL_EC_EXPLICIT_CURVE:
-        enc = OSSL_PKEY_EC_ENCODING_EXPLICIT;
          break;
-    case OPENSSL_EC_NAMED_CURVE:
-        enc = OSSL_PKEY_EC_ENCODING_GROUP;
+    case 1:
+        ret = -1;
+        ukmlen = params[0].return_size;
+        if (ukmlen <= INT_MAX)
+            ret = (int)ukmlen;
          break;
      default:
-        goto end;
+        ret = -1;
+        break;
      }
  
-    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_EC_ENCODING,
-                                            (char *)enc, 0);
-    *p = OSSL_PARAM_construct_end();
-
-    ret = evp_pkey_ctx_set_params_strict(ctx, params);
- end:
-    if (ret == -2)
-        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
      return ret;
  }
  
+#ifndef FIPS_MODULE
+/*
+ * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
+ * simply because that's easier.
+ * TODO(3.0) Should this be deprecated in favor of setting a name or an
+ * ASN1_OBJECT (which would be converted to text internally)?
+ */
+int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid)
+{
+    return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_TYPE_GEN,
+                             EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID,
+                             nid, NULL);
+}
+
+/*
+ * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
+ * simply because that's easier.
+ */
  int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc)
  {
-    return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
-                             EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN,
+    return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_TYPE_GEN,
                               EVP_PKEY_CTRL_EC_PARAM_ENC, param_enc, NULL);
  }
  #endif
author	Richard Levitte <levitte@openssl.org>
	Wed, 10 Feb 2021 18:00:05 +0000 (19:00 +0100)
committer	Richard Levitte <levitte@openssl.org>
	Tue, 23 Feb 2021 12:41:48 +0000 (13:41 +0100)