From f5b00834dd11d766b9232e89e40884db8f3cd7ec Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 10 Feb 2021 19:00:05 +0100 Subject: [PATCH] EVP: Adapt the EC_KEY specific EVP_PKEY_CTX setter / getter functions Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13913) --- crypto/evp/ec_ctrl.c | 379 ++++++++++++------------------------------- 1 file changed, 102 insertions(+), 277 deletions(-) diff --git a/crypto/evp/ec_ctrl.c b/crypto/evp/ec_ctrl.c index 9d35e5f6ba..17f1a8f288 100644 --- a/crypto/evp/ec_ctrl.c +++ b/crypto/evp/ec_ctrl.c @@ -32,7 +32,8 @@ int evp_pkey_ctx_getset_ecdh_param_checks(const EVP_PKEY_CTX *ctx) } /* If key type not EC return error */ - if (ctx->pmeth != NULL && ctx->pmeth->pkey_id != EVP_PKEY_EC) + if (evp_pkey_ctx_is_legacy(ctx) + && ctx->pmeth != NULL && ctx->pmeth->pkey_id != EVP_PKEY_EC) return -1; return 1; @@ -58,24 +59,13 @@ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode) return -2; } - /* TODO(3.0): Remove this eventually when no more legacy */ - if (ctx->op.kex.exchprovctx == NULL) - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, - EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_EC_ECDH_COFACTOR, - cofactor_mode, NULL); - *p++ = OSSL_PARAM_construct_int(OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, &cofactor_mode); *p++ = OSSL_PARAM_construct_end(); ret = evp_pkey_ctx_set_params_strict(ctx, params); - if (ret == -2) { + if (ret == -2) ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - /* Uses the same return values as EVP_PKEY_CTX_ctrl */ - return -2; - } - return ret; } @@ -88,207 +78,87 @@ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx) if (ret != 1) return ret; - /* TODO(3.0): Remove this eventually when no more legacy */ - if (ctx->op.kex.exchprovctx == NULL) - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, - EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL); - *p++ = OSSL_PARAM_construct_int(OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, &mode); *p++ = OSSL_PARAM_construct_end(); ret = evp_pkey_ctx_get_params_strict(ctx, params); - if (ret == -2) { + + switch (ret) { + case -2: ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - /* Uses the same return values as EVP_PKEY_CTX_ctrl */ - return -2; - } else if (ret != 1) { - return -1; + break; + case 1: + ret = mode; + if (mode < 0 || mode > 1) { + /* + * The provider should return either 0 or 1, any other value is a + * provider error. + */ + ret = -1; + } + break; + default: + ret = -1; + break; } - if (mode < 0 || mode > 1) { - /* - * The provider should return either 0 or 1, any other value is a - * provider error. - */ - return -1; - } - - return mode; + return ret; } +/* + * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper, + * simply because that's easier. + */ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf) { - int ret; - const char *kdf_type; - OSSL_PARAM params[2], *p = params; - - ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx); - if (ret != 1) - return ret; - - switch (kdf) { - case EVP_PKEY_ECDH_KDF_NONE: - kdf_type = ""; - break; - case EVP_PKEY_ECDH_KDF_X9_63: - kdf_type = OSSL_KDF_NAME_X963KDF; - break; - default: - return -2; - } - - /* TODO(3.0): Remove this eventually when no more legacy */ - if (ctx->op.kex.exchprovctx == NULL) - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, - EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL); - - *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE, - /* - * Cast away the const. This is read - * only so should be safe - */ - (char *)kdf_type, 0); - *p++ = OSSL_PARAM_construct_end(); - - ret = evp_pkey_ctx_set_params_strict(ctx, params); - if (ret == -2) { - ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - /* Uses the same return values as EVP_PKEY_CTX_ctrl */ - return -2; - } - - return ret; + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL); } +/* + * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper, + * simply because that's easier. + */ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx) { - int ret; - /* 80 should be big enough */ - char kdf_type[80]; - OSSL_PARAM params[2], *p = params; - - ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx); - if (ret != 1) - return ret; - - /* TODO(3.0): Remove this eventually when no more legacy */ - if (ctx->op.kex.exchprovctx == NULL) - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, - EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL); - - *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE, - kdf_type, sizeof(kdf_type)); - *p++ = OSSL_PARAM_construct_end(); - - ret = evp_pkey_ctx_get_params_strict(ctx, params); - if (ret == -2) { - ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - /* Uses the same return values as EVP_PKEY_CTX_ctrl */ - return -2; - } else if (ret != 1) { - return -1; - } - - if (kdf_type[0] == '\0') - return EVP_PKEY_ECDH_KDF_NONE; - else if (strcmp(kdf_type, OSSL_KDF_NAME_X963KDF) == 0) - return EVP_PKEY_ECDH_KDF_X9_63; - - return -1; + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL); } +/* + * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper, + * simply because that's easier. + * TODO(3.0) Should this be deprecated in favor of passing a name? + */ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) { - int ret; - OSSL_PARAM params[2], *p = params; - const char *md_name = NULL; - - ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx); - if (ret != 1) - return ret; - - /* TODO(3.0): Remove this eventually when no more legacy */ - if (ctx->op.kex.exchprovctx == NULL) - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, - EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)(md)); - - md_name = (md == NULL) ? "" : EVP_MD_name(md); - - *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, - /* - * Cast away the const. This is read - * only so should be safe - */ - (char *)md_name, 0); - *p++ = OSSL_PARAM_construct_end(); - - ret = evp_pkey_ctx_set_params_strict(ctx, params); - if (ret == -2) { - ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - /* Uses the same return values as EVP_PKEY_CTX_ctrl */ - return -2; - } - return ret; + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)(md)); } +/* + * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper, + * simply because that's easier. + * TODO(3.0) Should this be deprecated in favor of getting a name? + */ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd) { - /* 80 should be big enough */ - char name[80] = ""; - int ret; - OSSL_PARAM params[2], *p = params; - - ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx); - if (ret != 1) - return ret; - - /* TODO(3.0): Remove this eventually when no more legacy */ - if (ctx->op.kex.exchprovctx == NULL) - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, - EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)(pmd)); - - *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, - name, sizeof(name)); - *p++ = OSSL_PARAM_construct_end(); - - ret = evp_pkey_ctx_get_params_strict(ctx, params); - if (ret == -2) { - ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - /* Uses the same return values as EVP_PKEY_CTX_ctrl */ - return -2; - } else if (ret != 1) { - return -1; - } - - /* May be NULL meaning "unknown" */ - *pmd = EVP_get_digestbyname(name); - - return 1; + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)(pmd)); } -int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int in) +int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int outlen) { int ret; - size_t len = in; + size_t len = outlen; OSSL_PARAM params[2], *p = params; ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx); if (ret != 1) return ret; - /* TODO(3.0): Remove this eventually when no more legacy */ - if (ctx->op.kex.exchprovctx == NULL) - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, - EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_EC_KDF_OUTLEN, in, NULL); - - if (in <= 0) { + if (outlen <= 0) { /* * This would ideally be -1 or 0, but we have to retain compatibility * with legacy behaviour of EVP_PKEY_CTX_ctrl() which returned -2 if @@ -302,11 +172,8 @@ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int in) *p++ = OSSL_PARAM_construct_end(); ret = evp_pkey_ctx_set_params_strict(ctx, params); - if (ret == -2) { + if (ret == -2) ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - /* Uses the same return values as EVP_PKEY_CTX_ctrl */ - return -2; - } return ret; } @@ -320,32 +187,28 @@ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *plen) if (ret != 1) return ret; - /* TODO(3.0): Remove this eventually when no more legacy */ - if (ctx->op.kex.exchprovctx == NULL) - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, - EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, - (void *)(plen)); - *p++ = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN, &len); *p++ = OSSL_PARAM_construct_end(); ret = evp_pkey_ctx_get_params_strict(ctx, params); - if (ret == -2) { + + switch (ret) { + case -2: ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - /* Uses the same return values as EVP_PKEY_CTX_ctrl */ - return -2; - } else if (ret != 1) { - return -1; + break; + case 1: + if (len <= INT_MAX) + *plen = (int)len; + else + ret = -1; + break; + default: + ret = -1; + break; } - if (len > INT_MAX) - return -1; - - *plen = (int)len; - - return 1; + return ret; } int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len) @@ -357,12 +220,6 @@ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int le if (ret != 1) return ret; - /* TODO(3.0): Remove this eventually when no more legacy */ - if (ctx->op.kex.exchprovctx == NULL) - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, - EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_EC_KDF_UKM, len, (void *)(ukm)); - *p++ = OSSL_PARAM_construct_octet_string(OSSL_EXCHANGE_PARAM_KDF_UKM, /* * Cast away the const. This is read @@ -373,13 +230,16 @@ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int le *p++ = OSSL_PARAM_construct_end(); ret = evp_pkey_ctx_set_params_strict(ctx, params); - if (ret == -2) { + + switch (ret) { + case -2: ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - /* Uses the same return values as EVP_PKEY_CTX_ctrl */ - return -2; - } - if (ret == 1) + break; + case 1: OPENSSL_free(ukm); + break; + } + return ret; } @@ -405,81 +265,46 @@ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **pukm) *p++ = OSSL_PARAM_construct_end(); ret = evp_pkey_ctx_get_params_strict(ctx, params); - if (ret == -2) { + + switch (ret) { + case -2: ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - /* Uses the same return values as EVP_PKEY_CTX_ctrl */ - return -2; - } else if (ret != 1) { - return -1; - } - - ukmlen = params[0].return_size; - if (ukmlen > INT_MAX) - return -1; - - return (int)ukmlen; -} - -#ifndef FIPS_MODULE -int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid) -{ - if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) { - ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - /* Uses the same return values as EVP_PKEY_CTX_ctrl */ - return -2; - } - - /* Legacy: if key type not EC return error */ - if (ctx->pmeth != NULL - && EVP_PKEY_type(ctx->pmeth->pkey_id) != EVP_PKEY_EC) - return -1; - - if (ctx->op.keymgmt.genctx == NULL) - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, - EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, - EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, - nid, NULL); - - return EVP_PKEY_CTX_set_group_name(ctx, OBJ_nid2sn(nid)); -} - -int evp_pkey_ctx_set_ec_param_enc_prov(EVP_PKEY_CTX *ctx, int param_enc) -{ - const char *enc = NULL; - OSSL_PARAM params[2], *p = params; - int ret = -2; /* Assume unsupported */ - - if (ctx == NULL - || !EVP_PKEY_CTX_IS_GEN_OP(ctx) - || ctx->op.keymgmt.genctx == NULL) - goto end; - - switch (param_enc) { - case OPENSSL_EC_EXPLICIT_CURVE: - enc = OSSL_PKEY_EC_ENCODING_EXPLICIT; break; - case OPENSSL_EC_NAMED_CURVE: - enc = OSSL_PKEY_EC_ENCODING_GROUP; + case 1: + ret = -1; + ukmlen = params[0].return_size; + if (ukmlen <= INT_MAX) + ret = (int)ukmlen; break; default: - goto end; + ret = -1; + break; } - *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_EC_ENCODING, - (char *)enc, 0); - *p = OSSL_PARAM_construct_end(); - - ret = evp_pkey_ctx_set_params_strict(ctx, params); - end: - if (ret == -2) - ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); return ret; } +#ifndef FIPS_MODULE +/* + * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper, + * simply because that's easier. + * TODO(3.0) Should this be deprecated in favor of setting a name or an + * ASN1_OBJECT (which would be converted to text internally)? + */ +int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_TYPE_GEN, + EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, + nid, NULL); +} + +/* + * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper, + * simply because that's easier. + */ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc) { - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, - EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_TYPE_GEN, EVP_PKEY_CTRL_EC_PARAM_ENC, param_enc, NULL); } #endif