Skip to content

Commit 96dddf7

Browse files
JakujeJakuje
committed
ossl: Allow passing propq to the key creation API
Signed-off-by: Jakub Jelen <[email protected]>
1 parent 41a3887 commit 96dddf7

File tree

10 files changed

+73
-28
lines changed

10 files changed

+73
-28
lines changed

ossl/src/pkey.rs

Lines changed: 19 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -23,13 +23,18 @@ pub struct EvpPkeyCtx {
2323
/// Methods for creating and accessing `EvpPkeyCtx`.
2424
impl EvpPkeyCtx {
2525
/// Fetches an algorithm by name and returns a wrapper `EvpPkeyCtx`
26-
pub fn new(ctx: &OsslContext, name: &CStr) -> Result<EvpPkeyCtx, Error> {
26+
pub fn new(
27+
ctx: &OsslContext,
28+
name: &CStr,
29+
propq: Option<&CStr>,
30+
) -> Result<EvpPkeyCtx, Error> {
31+
let propqp = if let Some(p) = propq {
32+
p.as_ptr()
33+
} else {
34+
std::ptr::null()
35+
};
2736
let ptr = unsafe {
28-
EVP_PKEY_CTX_new_from_name(
29-
ctx.ptr(),
30-
name.as_ptr(),
31-
std::ptr::null(),
32-
)
37+
EVP_PKEY_CTX_new_from_name(ctx.ptr(), name.as_ptr(), propqp)
3338
};
3439
if ptr.is_null() {
3540
trace_ossl!("EVP_PKEY_CTX_new_from_name()");
@@ -817,8 +822,9 @@ impl EvpPkey {
817822
pkey_name: &CStr,
818823
pkey_type: u32,
819824
params: &OsslParam,
825+
propq: Option<&CStr>,
820826
) -> Result<EvpPkey, Error> {
821-
let mut pctx = EvpPkeyCtx::new(ctx, pkey_name)?;
827+
let mut pctx = EvpPkeyCtx::new(ctx, pkey_name, propq)?;
822828
let res = unsafe { EVP_PKEY_fromdata_init(pctx.as_mut_ptr()) };
823829
if res != 1 {
824830
trace_ossl!("EVP_PKEY_fromdata_init()");
@@ -877,11 +883,12 @@ impl EvpPkey {
877883
pub fn generate(
878884
ctx: &OsslContext,
879885
pkey_type: EvpPkeyType,
886+
propq: Option<&CStr>,
880887
) -> Result<EvpPkey, Error> {
881888
let mut params_builder = OsslParamBuilder::new();
882889
let name = pkey_type_to_params(&pkey_type, &mut params_builder)?;
883890
let params = params_builder.finalize();
884-
let mut pctx = EvpPkeyCtx::new(ctx, name)?;
891+
let mut pctx = EvpPkeyCtx::new(ctx, name, propq)?;
885892
let res = unsafe { EVP_PKEY_keygen_init(pctx.as_mut_ptr()) };
886893
if res != 1 {
887894
trace_ossl!("EVP_PKEY_keygen_init()");
@@ -927,6 +934,7 @@ impl EvpPkey {
927934
ctx: &OsslContext,
928935
pkey_type: EvpPkeyType,
929936
data: PkeyData,
937+
propq: Option<&CStr>,
930938
) -> Result<EvpPkey, Error> {
931939
let mut pkey_class: u32 = 0;
932940
let mut params_builder = OsslParamBuilder::with_capacity(2);
@@ -1076,7 +1084,7 @@ impl EvpPkey {
10761084
}
10771085
let params = params_builder.finalize();
10781086

1079-
EvpPkey::fromdata(ctx, name, pkey_class, &params)
1087+
EvpPkey::fromdata(ctx, name, pkey_class, &params, propq)
10801088
}
10811089

10821090
/// Export public point in encoded form and/or private key
@@ -1181,6 +1189,7 @@ impl EvpPkey {
11811189
&self,
11821190
ctx: &OsslContext,
11831191
public: &[u8],
1192+
propq: Option<&CStr>,
11841193
) -> Result<EvpPkey, Error> {
11851194
let mut params_builder = OsslParamBuilder::with_capacity(1);
11861195
params_builder.add_empty_utf8_string(
@@ -1219,7 +1228,7 @@ impl EvpPkey {
12191228
}),
12201229
_ => return Err(Error::new(ErrorKind::WrapperError)),
12211230
};
1222-
Self::import(ctx, pkey_type, data)
1231+
Self::import(ctx, pkey_type, data, propq)
12231232
}
12241233

12251234
/// Returns a const pointer to the underlying `EVP_PKEY`.

ossl/src/tests/brainpool.rs

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -43,11 +43,12 @@ fn do_ecdh_test(
4343
pubkey: None,
4444
prikey: Some(OsslSecret::from_slice(&da)),
4545
}),
46+
None,
4647
)
4748
.unwrap();
4849

4950
let mut peer_b = key_a
50-
.make_peer(test_ossl_context(), &pub_b_uncompressed)
51+
.make_peer(test_ossl_context(), &pub_b_uncompressed, None)
5152
.unwrap();
5253
let mut ecdh_a = EcdhDerive::new(test_ossl_context(), &mut key_a).unwrap();
5354
let mut shared_secret_a = vec![0u8; expected_z.len()];
@@ -64,11 +65,12 @@ fn do_ecdh_test(
6465
pubkey: None,
6566
prikey: Some(OsslSecret::from_slice(&db)),
6667
}),
68+
None,
6769
)
6870
.unwrap();
6971

7072
let mut peer_a = key_b
71-
.make_peer(test_ossl_context(), &pub_a_uncompressed)
73+
.make_peer(test_ossl_context(), &pub_a_uncompressed, None)
7274
.unwrap();
7375
let mut ecdh_b = EcdhDerive::new(test_ossl_context(), &mut key_b).unwrap();
7476
let mut shared_secret_b = vec![0u8; expected_z.len()];
@@ -192,9 +194,12 @@ use crate::signature::{OsslSignature, SigAlg, SigOp};
192194
#[parallel]
193195
fn test_brainpool_p256r1_signature() {
194196
// Generate a key pair
195-
let mut key =
196-
EvpPkey::generate(test_ossl_context(), EvpPkeyType::BrainpoolP256r1)
197-
.unwrap();
197+
let mut key = EvpPkey::generate(
198+
test_ossl_context(),
199+
EvpPkeyType::BrainpoolP256r1,
200+
None,
201+
)
202+
.unwrap();
198203

199204
// Sample data to sign. Use ECDSA without a pre-computed digest.
200205
let data = b"some sample data to sign";

src/ossl/ecdh.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -187,7 +187,7 @@ impl Derive for ECDHOperation {
187187

188188
let mut secret = vec![0u8; raw_max];
189189
let outlen = ecdh.derive(
190-
&mut pkey.make_peer(osslctx(), &ec_point)?,
190+
&mut pkey.make_peer(osslctx(), &ec_point, None)?,
191191
secret.as_mut_slice(),
192192
)?;
193193
secret.resize(outlen, 0);

src/ossl/ecdsa.rs

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,7 @@ pub fn ecc_object_to_pkey(
4040
pubkey: Some(get_ec_point_from_obj(key)?),
4141
prikey: None,
4242
}),
43+
None,
4344
)?),
4445
CKO_PRIVATE_KEY => Ok(EvpPkey::import(
4546
osslctx(),
@@ -50,6 +51,7 @@ pub fn ecc_object_to_pkey(
5051
key.get_attr_as_bytes(CKA_VALUE)?.clone(),
5152
)),
5253
}),
54+
None,
5355
)?),
5456
_ => Err(CKR_KEY_TYPE_INCONSISTENT)?,
5557
}
@@ -242,8 +244,11 @@ impl EcdsaOperation {
242244
pubkey: &mut Object,
243245
privkey: &mut Object,
244246
) -> Result<()> {
245-
let pkey =
246-
EvpPkey::generate(osslctx(), get_evp_pkey_type_from_obj(pubkey)?)?;
247+
let pkey = EvpPkey::generate(
248+
osslctx(),
249+
get_evp_pkey_type_from_obj(pubkey)?,
250+
None,
251+
)?;
247252
let mut ecc = match pkey.export()? {
248253
PkeyData::Ecc(e) => e,
249254
_ => return Err(CKR_GENERAL_ERROR)?,

src/ossl/eddsa.rs

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -86,6 +86,7 @@ pub fn eddsa_object_to_pkey(
8686
pubkey: Some(get_ec_point_from_obj(key)?),
8787
prikey: None,
8888
}),
89+
None,
8990
)?),
9091
CKO_PRIVATE_KEY => Ok(EvpPkey::import(
9192
osslctx(),
@@ -96,6 +97,7 @@ pub fn eddsa_object_to_pkey(
9697
key.get_attr_as_bytes(CKA_VALUE)?.to_vec(),
9798
)),
9899
}),
100+
None,
99101
)?),
100102
_ => Err(CKR_KEY_TYPE_INCONSISTENT)?,
101103
}
@@ -201,8 +203,11 @@ impl EddsaOperation {
201203
pubkey: &mut Object,
202204
privkey: &mut Object,
203205
) -> Result<()> {
204-
let pkey =
205-
EvpPkey::generate(osslctx(), get_evp_pkey_type_from_obj(pubkey)?)?;
206+
let pkey = EvpPkey::generate(
207+
osslctx(),
208+
get_evp_pkey_type_from_obj(pubkey)?,
209+
None,
210+
)?;
206211
let mut ecc = match pkey.export()? {
207212
PkeyData::Ecc(e) => e,
208213
_ => return Err(CKR_GENERAL_ERROR)?,

src/ossl/ffdh.rs

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,7 @@ pub fn ffdh_object_to_pkey(
6161
pubkey: Some(key.get_attr_as_bytes(CKA_VALUE)?.clone()),
6262
prikey: None,
6363
}),
64+
None,
6465
)?),
6566
CKO_PRIVATE_KEY => Ok(EvpPkey::import(
6667
osslctx(),
@@ -71,6 +72,7 @@ pub fn ffdh_object_to_pkey(
7172
key.get_attr_as_bytes(CKA_VALUE)?.clone(),
7273
)),
7374
}),
75+
None,
7476
)?),
7577
_ => Err(CKR_KEY_TYPE_INCONSISTENT)?,
7678
}
@@ -114,7 +116,8 @@ impl FFDHOperation {
114116
pubkey: &mut Object,
115117
privkey: &mut Object,
116118
) -> Result<()> {
117-
let pkey = EvpPkey::generate(osslctx(), group_to_pkey_type(group)?)?;
119+
let pkey =
120+
EvpPkey::generate(osslctx(), group_to_pkey_type(group)?, None)?;
118121

119122
let mut ffdh = match pkey.export()? {
120123
PkeyData::Ffdh(f) => f,
@@ -179,7 +182,8 @@ impl Derive for FFDHOperation {
179182
objectfactories.get_obj_factory_from_key_template(template)?;
180183

181184
let mut pkey = privkey_from_object(key)?;
182-
let mut peer = pkey.make_peer(osslctx(), self.public.as_slice())?;
185+
let mut peer =
186+
pkey.make_peer(osslctx(), self.public.as_slice(), None)?;
183187
let mut ffdh = FfdhDerive::new(osslctx(), &mut pkey)?;
184188

185189
let pkey_size = pkey.get_size()?;

src/ossl/mldsa.rs

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -90,6 +90,7 @@ pub fn mldsa_object_to_pkey(
9090
prikey: None,
9191
seed: None,
9292
}),
93+
None,
9394
)?),
9495
CKO_PRIVATE_KEY => Ok(EvpPkey::import(
9596
osslctx(),
@@ -104,6 +105,7 @@ pub fn mldsa_object_to_pkey(
104105
Err(_) => None,
105106
},
106107
}),
108+
None,
107109
)?),
108110
_ => Err(CKR_KEY_TYPE_INCONSISTENT)?,
109111
}
@@ -770,8 +772,11 @@ pub fn generate_keypair(
770772
pubkey: &mut Object,
771773
privkey: &mut Object,
772774
) -> Result<()> {
773-
let pkey =
774-
EvpPkey::generate(osslctx(), mldsa_param_set_to_pkey_type(param_set)?)?;
775+
let pkey = EvpPkey::generate(
776+
osslctx(),
777+
mldsa_param_set_to_pkey_type(param_set)?,
778+
None,
779+
)?;
775780
let mut mlk = match pkey.export()? {
776781
PkeyData::Mlkey(m) => m,
777782
_ => return Err(CKR_GENERAL_ERROR)?,

src/ossl/mlkem.rs

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,7 @@ pub fn mlkem_object_to_pkey(
5252
prikey: None,
5353
seed: None,
5454
}),
55+
None,
5556
)?),
5657
CKO_PRIVATE_KEY => Ok(EvpPkey::import(
5758
osslctx(),
@@ -66,6 +67,7 @@ pub fn mlkem_object_to_pkey(
6667
Err(_) => None,
6768
},
6869
}),
70+
None,
6971
)?),
7072
_ => Err(CKR_KEY_TYPE_INCONSISTENT)?,
7173
}
@@ -116,8 +118,11 @@ pub fn generate_keypair(
116118
pubkey: &mut Object,
117119
privkey: &mut Object,
118120
) -> Result<()> {
119-
let pkey =
120-
EvpPkey::generate(osslctx(), mlkem_param_set_to_pkey_type(param_set)?)?;
121+
let pkey = EvpPkey::generate(
122+
osslctx(),
123+
mlkem_param_set_to_pkey_type(param_set)?,
124+
None,
125+
)?;
121126

122127
let mut mlk = match pkey.export()? {
123128
PkeyData::Mlkey(m) => m,

src/ossl/montgomery.rs

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ pub fn ecm_object_to_pkey(
3737
pubkey: Some(get_ec_point_from_obj(key)?),
3838
prikey: None,
3939
}),
40+
None,
4041
)?),
4142
CKO_PRIVATE_KEY => Ok(EvpPkey::import(
4243
osslctx(),
@@ -47,6 +48,7 @@ pub fn ecm_object_to_pkey(
4748
key.get_attr_as_bytes(CKA_VALUE)?.clone(),
4849
)),
4950
}),
51+
None,
5052
)?),
5153
_ => Err(CKR_KEY_TYPE_INCONSISTENT)?,
5254
}
@@ -68,8 +70,11 @@ impl ECMontgomeryOperation {
6870
pubkey: &mut Object,
6971
privkey: &mut Object,
7072
) -> Result<()> {
71-
let pkey =
72-
EvpPkey::generate(osslctx(), get_evp_pkey_type_from_obj(pubkey)?)?;
73+
let pkey = EvpPkey::generate(
74+
osslctx(),
75+
get_evp_pkey_type_from_obj(pubkey)?,
76+
None,
77+
)?;
7378
let mut ecc = match pkey.export()? {
7479
PkeyData::Ecc(e) => e,
7580
_ => return Err(CKR_GENERAL_ERROR)?,

src/ossl/rsa.rs

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -97,6 +97,7 @@ pub fn rsa_object_to_pkey(
9797
b: b,
9898
c: c,
9999
}),
100+
None,
100101
)?)
101102
}
102103

@@ -432,6 +433,7 @@ impl RsaPKCSOperation {
432433
let pkey = EvpPkey::generate(
433434
osslctx(),
434435
EvpPkeyType::Rsa(bits, exponent.clone()),
436+
None,
435437
)?;
436438
let mut rsa = match pkey.export()? {
437439
PkeyData::Rsa(r) => r,

0 commit comments

Comments
 (0)