Adapt DH to use with KEYMGMT

The biggest part in this was to move the key->param builder from EVP to the DH ASN.1 method, and to implement the KEYMGMT support in the provider DH. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9394)
author: Richard Levitte <levitte@openssl.org> 2019-07-07 10:56:46 +0200
committer: Richard Levitte <levitte@openssl.org> 2019-07-23 19:43:09 +0200
commit: 8b84b075ff065554c0cdd1086950f1a8614d93a4 (patch)
tree: 504e19c43e2f8313665156f2220539830dece99d /crypto/evp/evp_lib.c
parent: Remove some utilities from the core to provider interface (diff)
download: openssl-8b84b075ff065554c0cdd1086950f1a8614d93a4.tar.xz
openssl-8b84b075ff065554c0cdd1086950f1a8614d93a4.zip
1 files changed, 0 insertions, 134 deletions
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 0825c102b5..9091f8b475 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -760,137 +760,3 @@ int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
     OPENSSL_free(bin);
     return rv;
 }
-
-#ifndef FIPS_MODE
-# ifndef OPENSSL_NO_DH
-/*
- * TODO(3.0): Temporarily unavailable in FIPS mode. This will need to be added
- * in later.
- */
-
-#  define MAX_PARAMS 10
-typedef struct {
-    /* Number of the current param */
-    size_t curr;
-    struct {
-        /* Key for the current param */
-        const char *key;
-        /* Value for the current param */
-        const BIGNUM *bnparam;
-        /* Size of the buffer required for the BN */
-        size_t bufsz;
-    } params[MAX_PARAMS];
-    /* Running count of the total size required */
-    size_t totsz;
-    int ispublic;
-} PARAMS_TEMPLATE;
-
-static int push_param_bn(PARAMS_TEMPLATE *tmpl, const char *key,
-                         const BIGNUM *bn)
-{
-    int sz;
-
-    sz = BN_num_bytes(bn);
-    if (sz <= 0)
-        return 0;
-    tmpl->params[tmpl->curr].key = key;
-    tmpl->params[tmpl->curr].bnparam = bn;
-    tmpl->params[tmpl->curr++].bufsz = (size_t)sz;
-    tmpl->totsz += sizeof(OSSL_PARAM) + (size_t)sz;
-
-    return 1;
-}
-
-static OSSL_PARAM *param_template_to_param(PARAMS_TEMPLATE *tmpl, size_t *sz)
-{
-    size_t i;
-    void *buf;
-    OSSL_PARAM *param = NULL;
-    unsigned char *currbuf = NULL;
-
-    if (tmpl->totsz == 0)
-        return NULL;
-
-    /* Add some space for the end of OSSL_PARAM marker */
-    tmpl->totsz += sizeof(*param);
-
-    if (tmpl->ispublic)
-        buf = OPENSSL_zalloc(tmpl->totsz);
-    else
-        buf = OPENSSL_secure_zalloc(tmpl->totsz);
-    if (buf == NULL)
-        return NULL;
-    param = buf;
-
-    currbuf = (unsigned char *)buf + (sizeof(*param) * (tmpl->curr + 1));
-
-    for (i = 0; i < tmpl->curr; i++) {
-        if (!ossl_assert((currbuf - (unsigned char *)buf )
-                         + tmpl->params[i].bufsz <= tmpl->totsz))
-            goto err;
-        if (BN_bn2nativepad(tmpl->params[i].bnparam, currbuf,
-                            tmpl->params[i].bufsz) < 0)
-            goto err;
-        param[i] = OSSL_PARAM_construct_BN(tmpl->params[i].key, currbuf,
-                                           tmpl->params[i].bufsz);
-        currbuf += tmpl->params[i].bufsz;
-    }
-    param[i] = OSSL_PARAM_construct_end();
-
-    if (sz != NULL)
-        *sz = tmpl->totsz;
-    return param;
-
- err:
-    if (tmpl->ispublic)
-        OPENSSL_free(param);
-    else
-        OPENSSL_clear_free(param, tmpl->totsz);
-    return NULL;
-}
-
-static OSSL_PARAM *evp_pkey_dh_to_param(EVP_PKEY *pkey, size_t *sz)
-{
-    DH *dh = pkey->pkey.dh;
-    PARAMS_TEMPLATE tmpl = {0};
-    const BIGNUM *p = DH_get0_p(dh), *g = DH_get0_g(dh), *q = DH_get0_q(dh);
-    const BIGNUM *pub_key = DH_get0_pub_key(dh);
-    const BIGNUM *priv_key = DH_get0_priv_key(dh);
-
-    if (p == NULL || g == NULL || pub_key == NULL)
-        return NULL;
-
-    if (!push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_P, p)
-            || !push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_G, g)
-            || !push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_PUB_KEY, pub_key))
-        return NULL;
-
-    if (q != NULL) {
-        if (!push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_Q, q))
-            return NULL;
-    }
-
-    if (priv_key != NULL) {
-        if (!push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_PRIV_KEY, priv_key))
-            return NULL;
-    } else {
-        tmpl.ispublic = 1;
-    }
-
-    return param_template_to_param(&tmpl, sz);
-}
-# endif /* OPENSSL_NO_DH */
-
-OSSL_PARAM *evp_pkey_to_param(EVP_PKEY *pkey, size_t *sz)
-{
-    switch (pkey->type) {
-# ifndef OPENSSL_NO_DH
-    case EVP_PKEY_DH:
-        return evp_pkey_dh_to_param(pkey, sz);
-# endif
-    default:
-        return NULL;
-    }
-}
-
-#endif /* FIPS_MODE */
author	Richard Levitte <levitte@openssl.org>	2019-07-07 10:56:46 +0200
committer	Richard Levitte <levitte@openssl.org>	2019-07-23 19:43:09 +0200
commit	8b84b075ff065554c0cdd1086950f1a8614d93a4 (patch)
tree	504e19c43e2f8313665156f2220539830dece99d /crypto/evp/evp_lib.c
parent	Remove some utilities from the core to provider interface (diff)
download	openssl-8b84b075ff065554c0cdd1086950f1a8614d93a4.tar.xz openssl-8b84b075ff065554c0cdd1086950f1a8614d93a4.zip