Coverage Report

Created: 2023-06-08 06:40

/src/openssl30/crypto/evp/exchange.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
#include <openssl/crypto.h>
11
#include <openssl/evp.h>
12
#include <openssl/err.h>
13
#include "internal/cryptlib.h"
14
#include "internal/refcount.h"
15
#include "internal/provider.h"
16
#include "internal/core.h"
17
#include "internal/numbers.h"   /* includes SIZE_MAX */
18
#include "crypto/evp.h"
19
#include "evp_local.h"
20
21
static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov)
22
0
{
23
0
    EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH));
24
25
0
    if (exchange == NULL) {
26
0
        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
27
0
        return NULL;
28
0
    }
29
30
0
    exchange->lock = CRYPTO_THREAD_lock_new();
31
0
    if (exchange->lock == NULL) {
32
0
        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
33
0
        OPENSSL_free(exchange);
34
0
        return NULL;
35
0
    }
36
0
    exchange->prov = prov;
37
0
    ossl_provider_up_ref(prov);
38
0
    exchange->refcnt = 1;
39
40
0
    return exchange;
41
0
}
42
43
static void *evp_keyexch_from_algorithm(int name_id,
44
                                        const OSSL_ALGORITHM *algodef,
45
                                        OSSL_PROVIDER *prov)
46
0
{
47
0
    const OSSL_DISPATCH *fns = algodef->implementation;
48
0
    EVP_KEYEXCH *exchange = NULL;
49
0
    int fncnt = 0, sparamfncnt = 0, gparamfncnt = 0;
50
51
0
    if ((exchange = evp_keyexch_new(prov)) == NULL) {
52
0
        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
53
0
        goto err;
54
0
    }
55
56
0
    exchange->name_id = name_id;
57
0
    if ((exchange->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL)
58
0
        goto err;
59
0
    exchange->description = algodef->algorithm_description;
60
61
0
    for (; fns->function_id != 0; fns++) {
62
0
        switch (fns->function_id) {
63
0
        case OSSL_FUNC_KEYEXCH_NEWCTX:
64
0
            if (exchange->newctx != NULL)
65
0
                break;
66
0
            exchange->newctx = OSSL_FUNC_keyexch_newctx(fns);
67
0
            fncnt++;
68
0
            break;
69
0
        case OSSL_FUNC_KEYEXCH_INIT:
70
0
            if (exchange->init != NULL)
71
0
                break;
72
0
            exchange->init = OSSL_FUNC_keyexch_init(fns);
73
0
            fncnt++;
74
0
            break;
75
0
        case OSSL_FUNC_KEYEXCH_SET_PEER:
76
0
            if (exchange->set_peer != NULL)
77
0
                break;
78
0
            exchange->set_peer = OSSL_FUNC_keyexch_set_peer(fns);
79
0
            break;
80
0
        case OSSL_FUNC_KEYEXCH_DERIVE:
81
0
            if (exchange->derive != NULL)
82
0
                break;
83
0
            exchange->derive = OSSL_FUNC_keyexch_derive(fns);
84
0
            fncnt++;
85
0
            break;
86
0
        case OSSL_FUNC_KEYEXCH_FREECTX:
87
0
            if (exchange->freectx != NULL)
88
0
                break;
89
0
            exchange->freectx = OSSL_FUNC_keyexch_freectx(fns);
90
0
            fncnt++;
91
0
            break;
92
0
        case OSSL_FUNC_KEYEXCH_DUPCTX:
93
0
            if (exchange->dupctx != NULL)
94
0
                break;
95
0
            exchange->dupctx = OSSL_FUNC_keyexch_dupctx(fns);
96
0
            break;
97
0
        case OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS:
98
0
            if (exchange->get_ctx_params != NULL)
99
0
                break;
100
0
            exchange->get_ctx_params = OSSL_FUNC_keyexch_get_ctx_params(fns);
101
0
            gparamfncnt++;
102
0
            break;
103
0
        case OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS:
104
0
            if (exchange->gettable_ctx_params != NULL)
105
0
                break;
106
0
            exchange->gettable_ctx_params
107
0
                = OSSL_FUNC_keyexch_gettable_ctx_params(fns);
108
0
            gparamfncnt++;
109
0
            break;
110
0
        case OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS:
111
0
            if (exchange->set_ctx_params != NULL)
112
0
                break;
113
0
            exchange->set_ctx_params = OSSL_FUNC_keyexch_set_ctx_params(fns);
114
0
            sparamfncnt++;
115
0
            break;
116
0
        case OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS:
117
0
            if (exchange->settable_ctx_params != NULL)
118
0
                break;
119
0
            exchange->settable_ctx_params
120
0
                = OSSL_FUNC_keyexch_settable_ctx_params(fns);
121
0
            sparamfncnt++;
122
0
            break;
123
0
        }
124
0
    }
125
0
    if (fncnt != 4
126
0
            || (gparamfncnt != 0 && gparamfncnt != 2)
127
0
            || (sparamfncnt != 0 && sparamfncnt != 2)) {
128
        /*
129
         * In order to be a consistent set of functions we must have at least
130
         * a complete set of "exchange" functions: init, derive, newctx,
131
         * and freectx. The set_ctx_params and settable_ctx_params functions are
132
         * optional, but if one of them is present then the other one must also
133
         * be present. Same goes for get_ctx_params and gettable_ctx_params.
134
         * The dupctx and set_peer functions are optional.
135
         */
136
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
137
0
        goto err;
138
0
    }
139
140
0
    return exchange;
141
142
0
 err:
143
0
    EVP_KEYEXCH_free(exchange);
144
0
    return NULL;
145
0
}
146
147
void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange)
148
0
{
149
0
    int i;
150
151
0
    if (exchange == NULL)
152
0
        return;
153
0
    CRYPTO_DOWN_REF(&exchange->refcnt, &i, exchange->lock);
154
0
    if (i > 0)
155
0
        return;
156
0
    OPENSSL_free(exchange->type_name);
157
0
    ossl_provider_free(exchange->prov);
158
0
    CRYPTO_THREAD_lock_free(exchange->lock);
159
0
    OPENSSL_free(exchange);
160
0
}
161
162
int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange)
163
0
{
164
0
    int ref = 0;
165
166
0
    CRYPTO_UP_REF(&exchange->refcnt, &ref, exchange->lock);
167
0
    return 1;
168
0
}
169
170
OSSL_PROVIDER *EVP_KEYEXCH_get0_provider(const EVP_KEYEXCH *exchange)
171
0
{
172
0
    return exchange->prov;
173
0
}
174
175
EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
176
                               const char *properties)
177
0
{
178
0
    return evp_generic_fetch(ctx, OSSL_OP_KEYEXCH, algorithm, properties,
179
0
                             evp_keyexch_from_algorithm,
180
0
                             (int (*)(void *))EVP_KEYEXCH_up_ref,
181
0
                             (void (*)(void *))EVP_KEYEXCH_free);
182
0
}
183
184
EVP_KEYEXCH *evp_keyexch_fetch_from_prov(OSSL_PROVIDER *prov,
185
                                         const char *algorithm,
186
                                         const char *properties)
187
0
{
188
0
    return evp_generic_fetch_from_prov(prov, OSSL_OP_KEYEXCH,
189
0
                                       algorithm, properties,
190
0
                                       evp_keyexch_from_algorithm,
191
0
                                       (int (*)(void *))EVP_KEYEXCH_up_ref,
192
0
                                       (void (*)(void *))EVP_KEYEXCH_free);
193
0
}
194
195
int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
196
0
{
197
0
    return EVP_PKEY_derive_init_ex(ctx, NULL);
198
0
}
199
200
int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[])
201
0
{
202
0
    int ret;
203
0
    void *provkey = NULL;
204
0
    EVP_KEYEXCH *exchange = NULL;
205
0
    EVP_KEYMGMT *tmp_keymgmt = NULL;
206
0
    const OSSL_PROVIDER *tmp_prov = NULL;
207
0
    const char *supported_exch = NULL;
208
0
    int iter;
209
210
0
    if (ctx == NULL) {
211
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
212
0
        return -2;
213
0
    }
214
215
0
    evp_pkey_ctx_free_old_ops(ctx);
216
0
    ctx->operation = EVP_PKEY_OP_DERIVE;
217
218
0
    ERR_set_mark();
219
220
0
    if (evp_pkey_ctx_is_legacy(ctx))
221
0
        goto legacy;
222
223
    /*
224
     * Some algorithms (e.g. legacy KDFs) don't have a pkey - so we create
225
     * a blank one.
226
     */
227
0
    if (ctx->pkey == NULL) {
228
0
        EVP_PKEY *pkey = EVP_PKEY_new();
229
230
0
        if (pkey == NULL
231
0
            || !EVP_PKEY_set_type_by_keymgmt(pkey, ctx->keymgmt)
232
0
            || (pkey->keydata = evp_keymgmt_newdata(ctx->keymgmt)) == NULL) {
233
0
            ERR_clear_last_mark();
234
0
            EVP_PKEY_free(pkey);
235
0
            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
236
0
            goto err;
237
0
        }
238
0
        ctx->pkey = pkey;
239
0
    }
240
241
    /*
242
     * Try to derive the supported exch from |ctx->keymgmt|.
243
     */
244
0
    if (!ossl_assert(ctx->pkey->keymgmt == NULL
245
0
                     || ctx->pkey->keymgmt == ctx->keymgmt)) {
246
0
        ERR_clear_last_mark();
247
0
        ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
248
0
        goto err;
249
0
    }
250
0
    supported_exch = evp_keymgmt_util_query_operation_name(ctx->keymgmt,
251
0
                                                           OSSL_OP_KEYEXCH);
252
0
    if (supported_exch == NULL) {
253
0
        ERR_clear_last_mark();
254
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
255
0
        goto err;
256
0
    }
257
258
259
    /*
260
     * We perform two iterations:
261
     *
262
     * 1.  Do the normal exchange fetch, using the fetching data given by
263
     *     the EVP_PKEY_CTX.
264
     * 2.  Do the provider specific exchange fetch, from the same provider
265
     *     as |ctx->keymgmt|
266
     *
267
     * We then try to fetch the keymgmt from the same provider as the
268
     * exchange, and try to export |ctx->pkey| to that keymgmt (when
269
     * this keymgmt happens to be the same as |ctx->keymgmt|, the export
270
     * is a no-op, but we call it anyway to not complicate the code even
271
     * more).
272
     * If the export call succeeds (returns a non-NULL provider key pointer),
273
     * we're done and can perform the operation itself.  If not, we perform
274
     * the second iteration, or jump to legacy.
275
     */
276
0
    for (iter = 1, provkey = NULL; iter < 3 && provkey == NULL; iter++) {
277
0
        EVP_KEYMGMT *tmp_keymgmt_tofree = NULL;
278
279
        /*
280
         * If we're on the second iteration, free the results from the first.
281
         * They are NULL on the first iteration, so no need to check what
282
         * iteration we're on.
283
         */
284
0
        EVP_KEYEXCH_free(exchange);
285
0
        EVP_KEYMGMT_free(tmp_keymgmt);
286
287
0
        switch (iter) {
288
0
        case 1:
289
0
            exchange =
290
0
                EVP_KEYEXCH_fetch(ctx->libctx, supported_exch, ctx->propquery);
291
0
            if (exchange != NULL)
292
0
                tmp_prov = EVP_KEYEXCH_get0_provider(exchange);
293
0
            break;
294
0
        case 2:
295
0
            tmp_prov = EVP_KEYMGMT_get0_provider(ctx->keymgmt);
296
0
            exchange =
297
0
                evp_keyexch_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
298
0
                                              supported_exch, ctx->propquery);
299
0
            if (exchange == NULL)
300
0
                goto legacy;
301
0
            break;
302
0
        }
303
0
        if (exchange == NULL)
304
0
            continue;
305
306
        /*
307
         * Ensure that the key is provided, either natively, or as a cached
308
         * export.  We start by fetching the keymgmt with the same name as
309
         * |ctx->keymgmt|, but from the provider of the exchange method, using
310
         * the same property query as when fetching the exchange method.
311
         * With the keymgmt we found (if we did), we try to export |ctx->pkey|
312
         * to it (evp_pkey_export_to_provider() is smart enough to only actually
313
         * export it if |tmp_keymgmt| is different from |ctx->pkey|'s keymgmt)
314
         */
315
0
        tmp_keymgmt_tofree = tmp_keymgmt =
316
0
            evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
317
0
                                        EVP_KEYMGMT_get0_name(ctx->keymgmt),
318
0
                                        ctx->propquery);
319
0
        if (tmp_keymgmt != NULL)
320
0
            provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx,
321
0
                                                  &tmp_keymgmt, ctx->propquery);
322
0
        if (tmp_keymgmt == NULL)
323
0
            EVP_KEYMGMT_free(tmp_keymgmt_tofree);
324
0
    }
325
326
0
    if (provkey == NULL) {
327
0
        EVP_KEYEXCH_free(exchange);
328
0
        goto legacy;
329
0
    }
330
331
0
    ERR_pop_to_mark();
332
333
    /* No more legacy from here down to legacy: */
334
335
0
    ctx->op.kex.exchange = exchange;
336
0
    ctx->op.kex.algctx = exchange->newctx(ossl_provider_ctx(exchange->prov));
337
0
    if (ctx->op.kex.algctx == NULL) {
338
        /* The provider key can stay in the cache */
339
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
340
0
        goto err;
341
0
    }
342
0
    ret = exchange->init(ctx->op.kex.algctx, provkey, params);
343
344
0
    EVP_KEYMGMT_free(tmp_keymgmt);
345
0
    return ret ? 1 : 0;
346
0
 err:
347
0
    evp_pkey_ctx_free_old_ops(ctx);
348
0
    ctx->operation = EVP_PKEY_OP_UNDEFINED;
349
0
    EVP_KEYMGMT_free(tmp_keymgmt);
350
0
    return 0;
351
352
0
 legacy:
353
    /*
354
     * If we don't have the full support we need with provided methods,
355
     * let's go see if legacy does.
356
     */
357
0
    ERR_pop_to_mark();
358
359
#ifdef FIPS_MODULE
360
    return 0;
361
#else
362
0
    if (ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
363
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
364
0
        return -2;
365
0
    }
366
367
0
    if (ctx->pmeth->derive_init == NULL)
368
0
        return 1;
369
0
    ret = ctx->pmeth->derive_init(ctx);
370
0
    if (ret <= 0)
371
0
        ctx->operation = EVP_PKEY_OP_UNDEFINED;
372
0
    EVP_KEYMGMT_free(tmp_keymgmt);
373
0
    return ret;
374
0
#endif
375
0
}
376
377
int EVP_PKEY_derive_set_peer_ex(EVP_PKEY_CTX *ctx, EVP_PKEY *peer,
378
                                int validate_peer)
379
0
{
380
0
    int ret = 0, check;
381
0
    void *provkey = NULL;
382
0
    EVP_PKEY_CTX *check_ctx = NULL;
383
0
    EVP_KEYMGMT *tmp_keymgmt = NULL, *tmp_keymgmt_tofree = NULL;
384
385
0
    if (ctx == NULL) {
386
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
387
0
        return -1;
388
0
    }
389
390
0
    if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx) || ctx->op.kex.algctx == NULL)
391
0
        goto legacy;
392
393
0
    if (ctx->op.kex.exchange->set_peer == NULL) {
394
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
395
0
        return -2;
396
0
    }
397
398
0
    if (validate_peer) {
399
0
        check_ctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, peer, ctx->propquery);
400
0
        if (check_ctx == NULL)
401
0
            return -1;
402
0
        check = EVP_PKEY_public_check(check_ctx);
403
0
        EVP_PKEY_CTX_free(check_ctx);
404
0
        if (check <= 0)
405
0
            return -1;
406
0
    }
407
408
    /*
409
     * Ensure that the |peer| is provided, either natively, or as a cached
410
     * export.  We start by fetching the keymgmt with the same name as
411
     * |ctx->keymgmt|, but from the provider of the exchange method, using
412
     * the same property query as when fetching the exchange method.
413
     * With the keymgmt we found (if we did), we try to export |peer|
414
     * to it (evp_pkey_export_to_provider() is smart enough to only actually
415
     * export it if |tmp_keymgmt| is different from |peer|'s keymgmt)
416
     */
417
0
    tmp_keymgmt_tofree = tmp_keymgmt =
418
0
        evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)
419
0
                                    EVP_KEYEXCH_get0_provider(ctx->op.kex.exchange),
420
0
                                    EVP_KEYMGMT_get0_name(ctx->keymgmt),
421
0
                                    ctx->propquery);
422
0
    if (tmp_keymgmt != NULL)
423
0
        provkey = evp_pkey_export_to_provider(peer, ctx->libctx,
424
0
                                              &tmp_keymgmt, ctx->propquery);
425
0
    EVP_KEYMGMT_free(tmp_keymgmt_tofree);
426
427
    /*
428
     * If making the key provided wasn't possible, legacy may be able to pick
429
     * it up
430
     */
431
0
    if (provkey == NULL)
432
0
        goto legacy;
433
0
    return ctx->op.kex.exchange->set_peer(ctx->op.kex.algctx, provkey);
434
435
0
 legacy:
436
#ifdef FIPS_MODULE
437
    return ret;
438
#else
439
0
    if (ctx->pmeth == NULL
440
0
        || !(ctx->pmeth->derive != NULL
441
0
             || ctx->pmeth->encrypt != NULL
442
0
             || ctx->pmeth->decrypt != NULL)
443
0
        || ctx->pmeth->ctrl == NULL) {
444
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
445
0
        return -2;
446
0
    }
447
0
    if (ctx->operation != EVP_PKEY_OP_DERIVE
448
0
        && ctx->operation != EVP_PKEY_OP_ENCRYPT
449
0
        && ctx->operation != EVP_PKEY_OP_DECRYPT) {
450
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
451
0
        return -1;
452
0
    }
453
454
0
    ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
455
456
0
    if (ret <= 0)
457
0
        return ret;
458
459
0
    if (ret == 2)
460
0
        return 1;
461
462
0
    if (ctx->pkey == NULL) {
463
0
        ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET);
464
0
        return -1;
465
0
    }
466
467
0
    if (ctx->pkey->type != peer->type) {
468
0
        ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES);
469
0
        return -1;
470
0
    }
471
472
    /*
473
     * For clarity.  The error is if parameters in peer are
474
     * present (!missing) but don't match.  EVP_PKEY_parameters_eq may return
475
     * 1 (match), 0 (don't match) and -2 (comparison is not defined).  -1
476
     * (different key types) is impossible here because it is checked earlier.
477
     * -2 is OK for us here, as well as 1, so we can check for 0 only.
478
     */
479
0
    if (!EVP_PKEY_missing_parameters(peer) &&
480
0
        !EVP_PKEY_parameters_eq(ctx->pkey, peer)) {
481
0
        ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_PARAMETERS);
482
0
        return -1;
483
0
    }
484
485
0
    EVP_PKEY_free(ctx->peerkey);
486
0
    ctx->peerkey = peer;
487
488
0
    ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
489
490
0
    if (ret <= 0) {
491
0
        ctx->peerkey = NULL;
492
0
        return ret;
493
0
    }
494
495
0
    EVP_PKEY_up_ref(peer);
496
0
    return 1;
497
0
#endif
498
0
}
499
500
int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
501
0
{
502
0
    return EVP_PKEY_derive_set_peer_ex(ctx, peer, 1);
503
0
}
504
505
int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
506
0
{
507
0
    int ret;
508
509
0
    if (ctx == NULL || pkeylen == NULL) {
510
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
511
0
        return -1;
512
0
    }
513
514
0
    if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
515
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
516
0
        return -1;
517
0
    }
518
519
0
    if (ctx->op.kex.algctx == NULL)
520
0
        goto legacy;
521
522
0
    ret = ctx->op.kex.exchange->derive(ctx->op.kex.algctx, key, pkeylen,
523
0
                                       key != NULL ? *pkeylen : 0);
524
525
0
    return ret;
526
0
 legacy:
527
0
    if (ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
528
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
529
0
        return -2;
530
0
    }
531
532
0
    M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
533
0
        return ctx->pmeth->derive(ctx, key, pkeylen);
534
0
}
535
536
int evp_keyexch_get_number(const EVP_KEYEXCH *keyexch)
537
0
{
538
0
    return keyexch->name_id;
539
0
}
540
541
const char *EVP_KEYEXCH_get0_name(const EVP_KEYEXCH *keyexch)
542
0
{
543
0
    return keyexch->type_name;
544
0
}
545
546
const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch)
547
0
{
548
0
    return keyexch->description;
549
0
}
550
551
int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name)
552
0
{
553
0
    return keyexch != NULL
554
0
           && evp_is_a(keyexch->prov, keyexch->name_id, NULL, name);
555
0
}
556
557
void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx,
558
                                 void (*fn)(EVP_KEYEXCH *keyexch, void *arg),
559
                                 void *arg)
560
0
{
561
0
    evp_generic_do_all(libctx, OSSL_OP_KEYEXCH,
562
0
                       (void (*)(void *, void *))fn, arg,
563
0
                       evp_keyexch_from_algorithm,
564
0
                       (int (*)(void *))EVP_KEYEXCH_up_ref,
565
0
                       (void (*)(void *))EVP_KEYEXCH_free);
566
0
}
567
568
int EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch,
569
                             void (*fn)(const char *name, void *data),
570
                             void *data)
571
0
{
572
0
    if (keyexch->prov != NULL)
573
0
        return evp_names_do_all(keyexch->prov, keyexch->name_id, fn, data);
574
575
0
    return 1;
576
0
}
577
578
const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch)
579
0
{
580
0
    void *provctx;
581
582
0
    if (keyexch == NULL || keyexch->gettable_ctx_params == NULL)
583
0
        return NULL;
584
585
0
    provctx = ossl_provider_ctx(EVP_KEYEXCH_get0_provider(keyexch));
586
0
    return keyexch->gettable_ctx_params(NULL, provctx);
587
0
}
588
589
const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch)
590
0
{
591
0
    void *provctx;
592
593
0
    if (keyexch == NULL || keyexch->settable_ctx_params == NULL)
594
0
        return NULL;
595
0
    provctx = ossl_provider_ctx(EVP_KEYEXCH_get0_provider(keyexch));
596
0
    return keyexch->settable_ctx_params(NULL, provctx);
597
0
}