PROV: Add a OP_keymgmt_match() function to our DH, DSA, RSA and EC_KEY impl

[openssl.git] / providers / implementations / keymgmt / dh_kmgmt.c

diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c
index 9a1734bd57b86bbd7f899a4ecc2addc32bad2b8c..90a583e7db86f7216be301ee7ac45530112f92a0 100644 (file)
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@@ -7,21 +7,29 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
 #include <openssl/core_numbers.h>
 #include <openssl/core_names.h>
 #include <openssl/bn.h>
-#include <openssl/dh.h>
 #include <openssl/params.h>
 #include "internal/param_build.h"
 #include "crypto/dh.h"
 #include "prov/implementations.h"
 #include "prov/providercommon.h"
+#include "prov/provider_ctx.h"
+#include "crypto/dh.h"
 
 static OSSL_OP_keymgmt_new_fn dh_newdata;
 static OSSL_OP_keymgmt_free_fn dh_freedata;
 static OSSL_OP_keymgmt_get_params_fn dh_get_params;
 static OSSL_OP_keymgmt_gettable_params_fn dh_gettable_params;
 static OSSL_OP_keymgmt_has_fn dh_has;
+static OSSL_OP_keymgmt_match_fn dh_match;
 static OSSL_OP_keymgmt_import_fn dh_import;
 static OSSL_OP_keymgmt_import_types_fn dh_import_types;
 static OSSL_OP_keymgmt_export_fn dh_export;
@@ -110,7 +118,7 @@ static int params_to_key(DH *dh, const OSSL_PARAM params[])
     return 1;
 
  err:
-    BN_free(priv_key);
+    BN_clear_free(priv_key);
     BN_free(pub_key);
     return 0;
 }
@@ -137,7 +145,7 @@ static int key_to_params(DH *dh, OSSL_PARAM_BLD *tmpl)
 
 static void *dh_newdata(void *provctx)
 {
-    return DH_new();
+    return dh_new_with_ctx(PROV_LIBRARY_CONTEXT_OF(provctx));
 }
 
 static void dh_freedata(void *keydata)
@@ -162,6 +170,25 @@ static int dh_has(void *keydata, int selection)
     return ok;
 }
 
+static int dh_match(const void *keydata1, const void *keydata2, int selection)
+{
+    const DH *dh1 = keydata1;
+    const DH *dh2 = keydata2;
+    int ok = 1;
+
+    if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)
+        ok = ok && BN_cmp(DH_get0_pub_key(dh1), DH_get0_pub_key(dh2)) == 0;
+    if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
+        ok = ok && BN_cmp(DH_get0_priv_key(dh1), DH_get0_priv_key(dh2)) == 0;
+    if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) {
+        FFC_PARAMS *dhparams1 = dh_get0_params((DH *)dh1);
+        FFC_PARAMS *dhparams2 = dh_get0_params((DH *)dh2);
+
+        ok = ok && ffc_params_cmp(dhparams1, dhparams2, 1);
+    }
+    return ok;
+}
+
 static int dh_import(void *keydata, int selection, const OSSL_PARAM params[])
 {
     DH *dh = keydata;
@@ -295,6 +322,7 @@ const OSSL_DISPATCH dh_keymgmt_functions[] = {
     { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))dh_get_params },
     { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))dh_gettable_params },
     { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))dh_has },
+    { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))dh_match },
     { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))dh_import },
     { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))dh_import_types },
     { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))dh_export },