Coverage Report

Created: 2024-11-21 07:03

/src/openssl/crypto/evp/exchange.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
#include <openssl/crypto.h>
11
#include <openssl/evp.h>
12
#include <openssl/err.h>
13
#include "internal/cryptlib.h"
14
#include "internal/refcount.h"
15
#include "internal/provider.h"
16
#include "internal/core.h"
17
#include "internal/numbers.h"   /* includes SIZE_MAX */
18
#include "crypto/evp.h"
19
#include "evp_local.h"
20
21
static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov)
22
14
{
23
14
    EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH));
24
25
14
    if (exchange == NULL)
26
0
        return NULL;
27
28
14
    if (!CRYPTO_NEW_REF(&exchange->refcnt, 1)) {
29
0
        OPENSSL_free(exchange);
30
0
        return NULL;
31
0
    }
32
14
    exchange->prov = prov;
33
14
    ossl_provider_up_ref(prov);
34
35
14
    return exchange;
36
14
}
37
38
static void *evp_keyexch_from_algorithm(int name_id,
39
                                        const OSSL_ALGORITHM *algodef,
40
                                        OSSL_PROVIDER *prov)
41
14
{
42
14
    const OSSL_DISPATCH *fns = algodef->implementation;
43
14
    EVP_KEYEXCH *exchange = NULL;
44
14
    int fncnt = 0, sparamfncnt = 0, gparamfncnt = 0;
45
46
14
    if ((exchange = evp_keyexch_new(prov)) == NULL) {
47
0
        ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
48
0
        goto err;
49
0
    }
50
51
14
    exchange->name_id = name_id;
52
14
    if ((exchange->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL)
53
0
        goto err;
54
14
    exchange->description = algodef->algorithm_description;
55
56
140
    for (; fns->function_id != 0; fns++) {
57
126
        switch (fns->function_id) {
58
14
        case OSSL_FUNC_KEYEXCH_NEWCTX:
59
14
            if (exchange->newctx != NULL)
60
0
                break;
61
14
            exchange->newctx = OSSL_FUNC_keyexch_newctx(fns);
62
14
            fncnt++;
63
14
            break;
64
14
        case OSSL_FUNC_KEYEXCH_INIT:
65
14
            if (exchange->init != NULL)
66
0
                break;
67
14
            exchange->init = OSSL_FUNC_keyexch_init(fns);
68
14
            fncnt++;
69
14
            break;
70
8
        case OSSL_FUNC_KEYEXCH_SET_PEER:
71
8
            if (exchange->set_peer != NULL)
72
0
                break;
73
8
            exchange->set_peer = OSSL_FUNC_keyexch_set_peer(fns);
74
8
            break;
75
14
        case OSSL_FUNC_KEYEXCH_DERIVE:
76
14
            if (exchange->derive != NULL)
77
0
                break;
78
14
            exchange->derive = OSSL_FUNC_keyexch_derive(fns);
79
14
            fncnt++;
80
14
            break;
81
14
        case OSSL_FUNC_KEYEXCH_FREECTX:
82
14
            if (exchange->freectx != NULL)
83
0
                break;
84
14
            exchange->freectx = OSSL_FUNC_keyexch_freectx(fns);
85
14
            fncnt++;
86
14
            break;
87
14
        case OSSL_FUNC_KEYEXCH_DUPCTX:
88
14
            if (exchange->dupctx != NULL)
89
0
                break;
90
14
            exchange->dupctx = OSSL_FUNC_keyexch_dupctx(fns);
91
14
            break;
92
14
        case OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS:
93
14
            if (exchange->get_ctx_params != NULL)
94
0
                break;
95
14
            exchange->get_ctx_params = OSSL_FUNC_keyexch_get_ctx_params(fns);
96
14
            gparamfncnt++;
97
14
            break;
98
14
        case OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS:
99
14
            if (exchange->gettable_ctx_params != NULL)
100
0
                break;
101
14
            exchange->gettable_ctx_params
102
14
                = OSSL_FUNC_keyexch_gettable_ctx_params(fns);
103
14
            gparamfncnt++;
104
14
            break;
105
10
        case OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS:
106
10
            if (exchange->set_ctx_params != NULL)
107
0
                break;
108
10
            exchange->set_ctx_params = OSSL_FUNC_keyexch_set_ctx_params(fns);
109
10
            sparamfncnt++;
110
10
            break;
111
10
        case OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS:
112
10
            if (exchange->settable_ctx_params != NULL)
113
0
                break;
114
10
            exchange->settable_ctx_params
115
10
                = OSSL_FUNC_keyexch_settable_ctx_params(fns);
116
10
            sparamfncnt++;
117
10
            break;
118
126
        }
119
126
    }
120
14
    if (fncnt != 4
121
14
            || (gparamfncnt != 0 && gparamfncnt != 2)
122
14
            || (sparamfncnt != 0 && sparamfncnt != 2)) {
123
        /*
124
         * In order to be a consistent set of functions we must have at least
125
         * a complete set of "exchange" functions: init, derive, newctx,
126
         * and freectx. The set_ctx_params and settable_ctx_params functions are
127
         * optional, but if one of them is present then the other one must also
128
         * be present. Same goes for get_ctx_params and gettable_ctx_params.
129
         * The dupctx and set_peer functions are optional.
130
         */
131
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
132
0
        goto err;
133
0
    }
134
135
14
    return exchange;
136
137
0
 err:
138
0
    EVP_KEYEXCH_free(exchange);
139
0
    return NULL;
140
14
}
141
142
void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange)
143
974
{
144
974
    int i;
145
146
974
    if (exchange == NULL)
147
470
        return;
148
504
    CRYPTO_DOWN_REF(&exchange->refcnt, &i);
149
504
    if (i > 0)
150
490
        return;
151
14
    OPENSSL_free(exchange->type_name);
152
14
    ossl_provider_free(exchange->prov);
153
14
    CRYPTO_FREE_REF(&exchange->refcnt);
154
14
    OPENSSL_free(exchange);
155
14
}
156
157
int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange)
158
490
{
159
490
    int ref = 0;
160
161
490
    CRYPTO_UP_REF(&exchange->refcnt, &ref);
162
490
    return 1;
163
490
}
164
165
OSSL_PROVIDER *EVP_KEYEXCH_get0_provider(const EVP_KEYEXCH *exchange)
166
671
{
167
671
    return exchange->prov;
168
671
}
169
170
EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
171
                               const char *properties)
172
470
{
173
470
    return evp_generic_fetch(ctx, OSSL_OP_KEYEXCH, algorithm, properties,
174
470
                             evp_keyexch_from_algorithm,
175
470
                             (int (*)(void *))EVP_KEYEXCH_up_ref,
176
470
                             (void (*)(void *))EVP_KEYEXCH_free);
177
470
}
178
179
EVP_KEYEXCH *evp_keyexch_fetch_from_prov(OSSL_PROVIDER *prov,
180
                                         const char *algorithm,
181
                                         const char *properties)
182
0
{
183
0
    return evp_generic_fetch_from_prov(prov, OSSL_OP_KEYEXCH,
184
0
                                       algorithm, properties,
185
0
                                       evp_keyexch_from_algorithm,
186
0
                                       (int (*)(void *))EVP_KEYEXCH_up_ref,
187
0
                                       (void (*)(void *))EVP_KEYEXCH_free);
188
0
}
189
190
int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
191
470
{
192
470
    return EVP_PKEY_derive_init_ex(ctx, NULL);
193
470
}
194
195
int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[])
196
470
{
197
470
    int ret;
198
470
    void *provkey = NULL;
199
470
    EVP_KEYEXCH *exchange = NULL;
200
470
    EVP_KEYMGMT *tmp_keymgmt = NULL;
201
470
    const OSSL_PROVIDER *tmp_prov = NULL;
202
470
    const char *supported_exch = NULL;
203
470
    int iter;
204
205
470
    if (ctx == NULL) {
206
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
207
0
        return -2;
208
0
    }
209
210
470
    evp_pkey_ctx_free_old_ops(ctx);
211
470
    ctx->operation = EVP_PKEY_OP_DERIVE;
212
213
470
    ERR_set_mark();
214
215
470
    if (evp_pkey_ctx_is_legacy(ctx))
216
0
        goto legacy;
217
218
    /*
219
     * Some algorithms (e.g. legacy KDFs) don't have a pkey - so we create
220
     * a blank one.
221
     */
222
470
    if (ctx->pkey == NULL) {
223
470
        EVP_PKEY *pkey = EVP_PKEY_new();
224
225
470
        if (pkey == NULL
226
470
            || !EVP_PKEY_set_type_by_keymgmt(pkey, ctx->keymgmt)
227
470
            || (pkey->keydata = evp_keymgmt_newdata(ctx->keymgmt)) == NULL) {
228
0
            ERR_clear_last_mark();
229
0
            EVP_PKEY_free(pkey);
230
0
            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
231
0
            goto err;
232
0
        }
233
470
        ctx->pkey = pkey;
234
470
    }
235
236
    /*
237
     * Try to derive the supported exch from |ctx->keymgmt|.
238
     */
239
470
    if (!ossl_assert(ctx->pkey->keymgmt == NULL
240
470
                     || ctx->pkey->keymgmt == ctx->keymgmt)) {
241
0
        ERR_clear_last_mark();
242
0
        ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
243
0
        goto err;
244
0
    }
245
470
    supported_exch = evp_keymgmt_util_query_operation_name(ctx->keymgmt,
246
470
                                                           OSSL_OP_KEYEXCH);
247
470
    if (supported_exch == NULL) {
248
0
        ERR_clear_last_mark();
249
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
250
0
        goto err;
251
0
    }
252
253
254
    /*
255
     * We perform two iterations:
256
     *
257
     * 1.  Do the normal exchange fetch, using the fetching data given by
258
     *     the EVP_PKEY_CTX.
259
     * 2.  Do the provider specific exchange fetch, from the same provider
260
     *     as |ctx->keymgmt|
261
     *
262
     * We then try to fetch the keymgmt from the same provider as the
263
     * exchange, and try to export |ctx->pkey| to that keymgmt (when
264
     * this keymgmt happens to be the same as |ctx->keymgmt|, the export
265
     * is a no-op, but we call it anyway to not complicate the code even
266
     * more).
267
     * If the export call succeeds (returns a non-NULL provider key pointer),
268
     * we're done and can perform the operation itself.  If not, we perform
269
     * the second iteration, or jump to legacy.
270
     */
271
940
    for (iter = 1, provkey = NULL; iter < 3 && provkey == NULL; iter++) {
272
470
        EVP_KEYMGMT *tmp_keymgmt_tofree = NULL;
273
274
        /*
275
         * If we're on the second iteration, free the results from the first.
276
         * They are NULL on the first iteration, so no need to check what
277
         * iteration we're on.
278
         */
279
470
        EVP_KEYEXCH_free(exchange);
280
470
        EVP_KEYMGMT_free(tmp_keymgmt);
281
282
470
        switch (iter) {
283
470
        case 1:
284
470
            exchange =
285
470
                EVP_KEYEXCH_fetch(ctx->libctx, supported_exch, ctx->propquery);
286
470
            if (exchange != NULL)
287
470
                tmp_prov = EVP_KEYEXCH_get0_provider(exchange);
288
470
            break;
289
0
        case 2:
290
0
            tmp_prov = EVP_KEYMGMT_get0_provider(ctx->keymgmt);
291
0
            exchange =
292
0
                evp_keyexch_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
293
0
                                              supported_exch, ctx->propquery);
294
0
            if (exchange == NULL)
295
0
                goto legacy;
296
0
            break;
297
470
        }
298
470
        if (exchange == NULL)
299
0
            continue;
300
301
        /*
302
         * Ensure that the key is provided, either natively, or as a cached
303
         * export.  We start by fetching the keymgmt with the same name as
304
         * |ctx->keymgmt|, but from the provider of the exchange method, using
305
         * the same property query as when fetching the exchange method.
306
         * With the keymgmt we found (if we did), we try to export |ctx->pkey|
307
         * to it (evp_pkey_export_to_provider() is smart enough to only actually
308
         * export it if |tmp_keymgmt| is different from |ctx->pkey|'s keymgmt)
309
         */
310
470
        tmp_keymgmt_tofree = tmp_keymgmt =
311
470
            evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
312
470
                                        EVP_KEYMGMT_get0_name(ctx->keymgmt),
313
470
                                        ctx->propquery);
314
470
        if (tmp_keymgmt != NULL)
315
470
            provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx,
316
470
                                                  &tmp_keymgmt, ctx->propquery);
317
470
        if (tmp_keymgmt == NULL)
318
0
            EVP_KEYMGMT_free(tmp_keymgmt_tofree);
319
470
    }
320
321
470
    if (provkey == NULL) {
322
0
        EVP_KEYEXCH_free(exchange);
323
0
        goto legacy;
324
0
    }
325
326
470
    ERR_pop_to_mark();
327
328
    /* No more legacy from here down to legacy: */
329
330
    /* A Coverity false positive with up_ref/down_ref and free */
331
    /* coverity[use_after_free] */
332
470
    ctx->op.kex.exchange = exchange;
333
    /* A Coverity false positive with up_ref/down_ref and free */
334
    /* coverity[deref_arg] */
335
470
    ctx->op.kex.algctx = exchange->newctx(ossl_provider_ctx(exchange->prov));
336
470
    if (ctx->op.kex.algctx == NULL) {
337
        /* The provider key can stay in the cache */
338
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
339
0
        goto err;
340
0
    }
341
470
    ret = exchange->init(ctx->op.kex.algctx, provkey, params);
342
343
470
    EVP_KEYMGMT_free(tmp_keymgmt);
344
470
    return ret ? 1 : 0;
345
0
 err:
346
0
    evp_pkey_ctx_free_old_ops(ctx);
347
0
    ctx->operation = EVP_PKEY_OP_UNDEFINED;
348
0
    EVP_KEYMGMT_free(tmp_keymgmt);
349
0
    return 0;
350
351
0
 legacy:
352
    /*
353
     * If we don't have the full support we need with provided methods,
354
     * let's go see if legacy does.
355
     */
356
0
    ERR_pop_to_mark();
357
358
#ifdef FIPS_MODULE
359
    return 0;
360
#else
361
0
    if (ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
362
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
363
0
        return -2;
364
0
    }
365
366
0
    if (ctx->pmeth->derive_init == NULL)
367
0
        return 1;
368
0
    ret = ctx->pmeth->derive_init(ctx);
369
0
    if (ret <= 0)
370
0
        ctx->operation = EVP_PKEY_OP_UNDEFINED;
371
0
    EVP_KEYMGMT_free(tmp_keymgmt);
372
0
    return ret;
373
0
#endif
374
0
}
375
376
int EVP_PKEY_derive_set_peer_ex(EVP_PKEY_CTX *ctx, EVP_PKEY *peer,
377
                                int validate_peer)
378
0
{
379
0
    int ret = 0, check;
380
0
    void *provkey = NULL;
381
0
    EVP_PKEY_CTX *check_ctx = NULL;
382
0
    EVP_KEYMGMT *tmp_keymgmt = NULL, *tmp_keymgmt_tofree = NULL;
383
384
0
    if (ctx == NULL) {
385
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
386
0
        return -1;
387
0
    }
388
389
0
    if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx) || ctx->op.kex.algctx == NULL)
390
0
        goto legacy;
391
392
0
    if (ctx->op.kex.exchange->set_peer == NULL) {
393
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
394
0
        return -2;
395
0
    }
396
397
0
    if (validate_peer) {
398
0
        check_ctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, peer, ctx->propquery);
399
0
        if (check_ctx == NULL)
400
0
            return -1;
401
0
        check = EVP_PKEY_public_check(check_ctx);
402
0
        EVP_PKEY_CTX_free(check_ctx);
403
0
        if (check <= 0)
404
0
            return -1;
405
0
    }
406
407
    /*
408
     * Ensure that the |peer| is provided, either natively, or as a cached
409
     * export.  We start by fetching the keymgmt with the same name as
410
     * |ctx->keymgmt|, but from the provider of the exchange method, using
411
     * the same property query as when fetching the exchange method.
412
     * With the keymgmt we found (if we did), we try to export |peer|
413
     * to it (evp_pkey_export_to_provider() is smart enough to only actually
414
     * export it if |tmp_keymgmt| is different from |peer|'s keymgmt)
415
     */
416
0
    tmp_keymgmt_tofree = tmp_keymgmt =
417
0
        evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)
418
0
                                    EVP_KEYEXCH_get0_provider(ctx->op.kex.exchange),
419
0
                                    EVP_KEYMGMT_get0_name(ctx->keymgmt),
420
0
                                    ctx->propquery);
421
0
    if (tmp_keymgmt != NULL)
422
        /* A Coverity issue with up_ref/down_ref and free */
423
        /* coverity[pass_freed_arg] */
424
0
        provkey = evp_pkey_export_to_provider(peer, ctx->libctx,
425
0
                                              &tmp_keymgmt, ctx->propquery);
426
0
    EVP_KEYMGMT_free(tmp_keymgmt_tofree);
427
428
    /*
429
     * If making the key provided wasn't possible, legacy may be able to pick
430
     * it up
431
     */
432
0
    if (provkey == NULL)
433
0
        goto legacy;
434
0
    return ctx->op.kex.exchange->set_peer(ctx->op.kex.algctx, provkey);
435
436
0
 legacy:
437
#ifdef FIPS_MODULE
438
    return ret;
439
#else
440
0
    if (ctx->pmeth == NULL
441
0
        || !(ctx->pmeth->derive != NULL
442
0
             || ctx->pmeth->encrypt != NULL
443
0
             || ctx->pmeth->decrypt != NULL)
444
0
        || ctx->pmeth->ctrl == NULL) {
445
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
446
0
        return -2;
447
0
    }
448
0
    if (ctx->operation != EVP_PKEY_OP_DERIVE
449
0
        && ctx->operation != EVP_PKEY_OP_ENCRYPT
450
0
        && ctx->operation != EVP_PKEY_OP_DECRYPT) {
451
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
452
0
        return -1;
453
0
    }
454
455
0
    ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
456
457
0
    if (ret <= 0)
458
0
        return ret;
459
460
0
    if (ret == 2)
461
0
        return 1;
462
463
0
    if (ctx->pkey == NULL) {
464
0
        ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET);
465
0
        return -1;
466
0
    }
467
468
0
    if (ctx->pkey->type != peer->type) {
469
0
        ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES);
470
0
        return -1;
471
0
    }
472
473
    /*
474
     * For clarity.  The error is if parameters in peer are
475
     * present (!missing) but don't match.  EVP_PKEY_parameters_eq may return
476
     * 1 (match), 0 (don't match) and -2 (comparison is not defined).  -1
477
     * (different key types) is impossible here because it is checked earlier.
478
     * -2 is OK for us here, as well as 1, so we can check for 0 only.
479
     */
480
0
    if (!EVP_PKEY_missing_parameters(peer) &&
481
0
        !EVP_PKEY_parameters_eq(ctx->pkey, peer)) {
482
0
        ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_PARAMETERS);
483
0
        return -1;
484
0
    }
485
486
0
    EVP_PKEY_free(ctx->peerkey);
487
0
    ctx->peerkey = peer;
488
489
0
    ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
490
491
0
    if (ret <= 0) {
492
0
        ctx->peerkey = NULL;
493
0
        return ret;
494
0
    }
495
496
0
    EVP_PKEY_up_ref(peer);
497
0
    return 1;
498
0
#endif
499
0
}
500
501
int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
502
0
{
503
0
    return EVP_PKEY_derive_set_peer_ex(ctx, peer, 1);
504
0
}
505
506
int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
507
351
{
508
351
    int ret;
509
510
351
    if (ctx == NULL || pkeylen == NULL) {
511
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
512
0
        return -1;
513
0
    }
514
515
351
    if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
516
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
517
0
        return -1;
518
0
    }
519
520
351
    if (ctx->op.kex.algctx == NULL)
521
0
        goto legacy;
522
523
351
    ret = ctx->op.kex.exchange->derive(ctx->op.kex.algctx, key, pkeylen,
524
351
                                       key != NULL ? *pkeylen : 0);
525
526
351
    return ret;
527
0
 legacy:
528
0
    if (ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
529
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
530
0
        return -2;
531
0
    }
532
533
0
    M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
534
0
        return ctx->pmeth->derive(ctx, key, pkeylen);
535
0
}
536
537
int evp_keyexch_get_number(const EVP_KEYEXCH *keyexch)
538
0
{
539
0
    return keyexch->name_id;
540
0
}
541
542
const char *EVP_KEYEXCH_get0_name(const EVP_KEYEXCH *keyexch)
543
0
{
544
0
    return keyexch->type_name;
545
0
}
546
547
const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch)
548
0
{
549
0
    return keyexch->description;
550
0
}
551
552
int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name)
553
0
{
554
0
    return keyexch != NULL
555
0
           && evp_is_a(keyexch->prov, keyexch->name_id, NULL, name);
556
0
}
557
558
void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx,
559
                                 void (*fn)(EVP_KEYEXCH *keyexch, void *arg),
560
                                 void *arg)
561
0
{
562
0
    evp_generic_do_all(libctx, OSSL_OP_KEYEXCH,
563
0
                       (void (*)(void *, void *))fn, arg,
564
0
                       evp_keyexch_from_algorithm,
565
0
                       (int (*)(void *))EVP_KEYEXCH_up_ref,
566
0
                       (void (*)(void *))EVP_KEYEXCH_free);
567
0
}
568
569
int EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch,
570
                             void (*fn)(const char *name, void *data),
571
                             void *data)
572
0
{
573
0
    if (keyexch->prov != NULL)
574
0
        return evp_names_do_all(keyexch->prov, keyexch->name_id, fn, data);
575
576
0
    return 1;
577
0
}
578
579
const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch)
580
0
{
581
0
    void *provctx;
582
583
0
    if (keyexch == NULL || keyexch->gettable_ctx_params == NULL)
584
0
        return NULL;
585
586
0
    provctx = ossl_provider_ctx(EVP_KEYEXCH_get0_provider(keyexch));
587
0
    return keyexch->gettable_ctx_params(NULL, provctx);
588
0
}
589
590
const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch)
591
0
{
592
0
    void *provctx;
593
594
0
    if (keyexch == NULL || keyexch->settable_ctx_params == NULL)
595
0
        return NULL;
596
0
    provctx = ossl_provider_ctx(EVP_KEYEXCH_get0_provider(keyexch));
597
0
    return keyexch->settable_ctx_params(NULL, provctx);
598
0
}