Implement key match functionality for ECX keys

This makes EVP_PKEY_cmp work for provider side ECX keys. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11635)
2025-05-11 00:49:41 +00:00 · 2020-04-27 16:14:16 +01:00 · 2020-04-27 16:14:16 +01:00 · 262ff12347
commit 262ff12347
parent 48b4b10449
1 changed files with 32 additions and 0 deletions
--- a/providers/implementations/keymgmt/ecx_kmgmt.c
+++ b/providers/implementations/keymgmt/ecx_kmgmt.c
@ -47,6 +47,7 @@ static OSSL_OP_keymgmt_gettable_params_fn x448_gettable_params;
 static OSSL_OP_keymgmt_gettable_params_fn ed25519_gettable_params;
 static OSSL_OP_keymgmt_gettable_params_fn ed448_gettable_params;
 static OSSL_OP_keymgmt_has_fn ecx_has;
+static OSSL_OP_keymgmt_match_fn ecx_match;
 static OSSL_OP_keymgmt_import_fn ecx_import;
 static OSSL_OP_keymgmt_import_types_fn ecx_imexport_types;
 static OSSL_OP_keymgmt_export_fn ecx_export;
@ -104,6 +105,36 @@ static int ecx_has(void *keydata, int selection)
    return ok;
 }

+static int ecx_match(const void *keydata1, const void *keydata2, int selection)
+{
+    const ECX_KEY *key1 = keydata1;
+    const ECX_KEY *key2 = keydata2;
+    int ok = 1;
+
+    if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0)
+        ok = ok && key1->type == key2->type;
+    if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
+        if ((key1->privkey == NULL && key2->privkey != NULL)
+                || (key1->privkey != NULL && key2->privkey == NULL)
+                || key1->type != key2->type)
+            ok = 0;
+        else
+            ok = ok && (key1->privkey == NULL /* implies key2->privkey == NULL */
+                        || CRYPTO_memcmp(key1->privkey, key2->privkey,
+                                         key1->keylen) == 0);
+    }
+    if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) {
+        if (key1->haspubkey != key2->haspubkey
+                || key1->type != key2->type)
+            ok = 0;
+        else
+            ok = ok && (key1->haspubkey == 0 /* implies key2->haspubkey == 0 */
+                        || CRYPTO_memcmp(key1->pubkey, key2->pubkey,
+                                         key1->keylen) == 0);
+    }
+    return ok;
+}
+
 static int ecx_import(void *keydata, int selection, const OSSL_PARAM params[])
 {
    ECX_KEY *key = keydata;
@ -420,6 +451,7 @@ static void ecx_gen_cleanup(void *genctx)
        { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))alg##_get_params }, \
        { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))alg##_gettable_params }, \
        { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))ecx_has }, \
+        { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))ecx_match }, \
        { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))ecx_import }, \
        { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))ecx_imexport_types }, \
        { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))ecx_export }, \