* method, as in, can it do arbitrary encryption....
*/
struct evp_pkey_st {
+ /* == Legacy attributes == */
int type;
int save_type;
- CRYPTO_REF_COUNT references;
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *engine;
ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */
ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */
# endif
} pkey;
- int save_parameters;
- STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
+
+ /* == Common attributes == */
+ CRYPTO_REF_COUNT references;
CRYPTO_RWLOCK *lock;
+ STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
+ int save_parameters;
+
+ /* == Provider attributes == */
+ /*
+ * To support transparent export/import between providers that
+ * support the methods for it, and still not having to do the
+ * export/import every time a key is used, we maintain a cache
+ * of imported key, indexed by provider address.
+ * pkeys[0] is *always* the "original" key.
+ */
+ struct {
+ EVP_KEYMGMT *keymgmt;
+ void *provkey;
+ } pkeys[10];
+ /*
+ * If there is a legacy key assigned to this structure, we keep
+ * a copy of that key's dirty count.
+ */
+ size_t dirty_cnt_copy;
} /* EVP_PKEY */ ;
void evp_cleanup_int(void);
void evp_app_cleanup_int(void);
+/* KEYMGMT helper functions */
+void *evp_keymgmt_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt);
+void evp_keymgmt_clear_pkey_cache(EVP_PKEY *pk);
+
+/* KEYMGMT provider interface functions */
+void *evp_keymgmt_importdomparams(const EVP_KEYMGMT *keymgmt,
+ const OSSL_PARAM params[]);
+void *evp_keymgmt_gendomparams(const EVP_KEYMGMT *keymgmt,
+ const OSSL_PARAM params[]);
+void evp_keymgmt_freedomparams(const EVP_KEYMGMT *keymgmt,
+ void *provdomparams);
+int evp_keymgmt_exportdomparams(const EVP_KEYMGMT *keymgmt,
+ void *provdomparams, OSSL_PARAM params[]);
+const OSSL_PARAM *
+evp_keymgmt_importdomparam_types(const EVP_KEYMGMT *keymgmt);
+const OSSL_PARAM *
+evp_keymgmt_exportdomparam_types(const EVP_KEYMGMT *keymgmt);
+
+void *evp_keymgmt_importkey(const EVP_KEYMGMT *keymgmt,
+ const OSSL_PARAM params[]);
+void *evp_keymgmt_genkey(const EVP_KEYMGMT *keymgmt, void *domparams,
+ const OSSL_PARAM params[]);
+void *evp_keymgmt_loadkey(const EVP_KEYMGMT *keymgmt,
+ void *id, size_t idlen);
+void evp_keymgmt_freekey(const EVP_KEYMGMT *keymgmt, void *provkey);
+int evp_keymgmt_exportkey(const EVP_KEYMGMT *keymgmt,
+ void *provkey, OSSL_PARAM params[]);
+const OSSL_PARAM *evp_keymgmt_importkey_types(const EVP_KEYMGMT *keymgmt);
+const OSSL_PARAM *evp_keymgmt_exportkey_types(const EVP_KEYMGMT *keymgmt);
+
/* Pulling defines out of C source files */
#define EVP_RC4_KEY_SIZE 16