/src/openssl/crypto/evp/s_lib.c

Source (jump to first uncovered line)
/*
 * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <string.h>
#include <openssl/params.h>
#include <openssl/param_build.h>
#include <openssl/evp.h>
#include <openssl/core_names.h>

#include "internal/common.h"
#include "internal/provider.h"
#include "crypto/evp.h"
#include "evp_local.h"

int EVP_SKEY_export(const EVP_SKEY *skey, int selection,
                    OSSL_CALLBACK *export_cb, void *export_cbarg)
{
    if (skey == NULL) {
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    return evp_skeymgmt_export(skey->skeymgmt, skey->keydata, selection, export_cb, export_cbarg);
}

EVP_SKEY *evp_skey_alloc(EVP_SKEYMGMT *skeymgmt)
{
    EVP_SKEY *skey;

    if (!ossl_assert(skeymgmt != NULL))
        return NULL;

    if ((skey = OPENSSL_zalloc(sizeof(*skey))) == NULL)
        return NULL;

    if (!CRYPTO_NEW_REF(&skey->references, 1))
        goto err;

    skey->lock = CRYPTO_THREAD_lock_new();
    if (skey->lock == NULL) {
        ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB);
        goto err;
    }
    if (EVP_SKEYMGMT_up_ref(skeymgmt)) {
        skey->skeymgmt = skeymgmt;
        return skey;
    } else {
        goto err;
    }

 err:
    CRYPTO_FREE_REF(&skey->references);
    CRYPTO_THREAD_lock_free(skey->lock);
    OPENSSL_free(skey);
    return NULL;
}

static EVP_SKEY *evp_skey_alloc_fetch(OSSL_LIB_CTX *libctx,
                                      const char *skeymgmtname,
                                      const char *propquery)
{
    EVP_SKEYMGMT *skeymgmt;
    EVP_SKEY *skey;

    skeymgmt = EVP_SKEYMGMT_fetch(libctx, skeymgmtname, propquery);
    if (skeymgmt == NULL) {
        /*
         * if the specific key_type is unknown, attempt to use the generic
         * key management
         */
        skeymgmt = EVP_SKEYMGMT_fetch(libctx, OSSL_SKEY_TYPE_GENERIC, propquery);
        if (skeymgmt == NULL) {
            ERR_raise(ERR_LIB_EVP, ERR_R_FETCH_FAILED);
            return NULL;
        }
    }

    skey = evp_skey_alloc(skeymgmt);
    EVP_SKEYMGMT_free(skeymgmt);

    return skey;
}

EVP_SKEY *EVP_SKEY_import(OSSL_LIB_CTX *libctx, const char *skeymgmtname, const char *propquery,
                          int selection, const OSSL_PARAM *params)
{
    EVP_SKEY *skey = evp_skey_alloc_fetch(libctx, skeymgmtname, propquery);

    if (skey == NULL)
        return NULL;

    skey->keydata = evp_skeymgmt_import(skey->skeymgmt, selection, params);
    if (skey->keydata == NULL)
        goto err;

    return skey;

 err:
    EVP_SKEY_free(skey);
    return NULL;
}

EVP_SKEY *EVP_SKEY_import_SKEYMGMT(OSSL_LIB_CTX *libctx, EVP_SKEYMGMT *skeymgmt,
                                   int selection, const OSSL_PARAM *params)
{
    EVP_SKEY *skey = evp_skey_alloc(skeymgmt);

    if (skey == NULL)
        return NULL;

    skey->keydata = evp_skeymgmt_import(skey->skeymgmt, selection, params);
    if (skey->keydata == NULL)
        goto err;

    return skey;

 err:
    EVP_SKEY_free(skey);
    return NULL;
}

EVP_SKEY *EVP_SKEY_generate(OSSL_LIB_CTX *libctx, const char *skeymgmtname,
                            const char *propquery, const OSSL_PARAM *params)
{
    EVP_SKEY *skey = evp_skey_alloc_fetch(libctx, skeymgmtname, propquery);

    if (skey == NULL)
        return NULL;

    skey->keydata = evp_skeymgmt_generate(skey->skeymgmt, params);
    if (skey->keydata == NULL)
        goto err;

    return skey;

 err:
    EVP_SKEY_free(skey);
    return NULL;
}

struct raw_key_details_st {
    const void **key;
    size_t *len;
};

static int get_secret_key(const OSSL_PARAM params[], void *arg)
{
    const OSSL_PARAM *p = NULL;
    struct raw_key_details_st *raw_key = arg;

    if ((p = OSSL_PARAM_locate_const(params, OSSL_SKEY_PARAM_RAW_BYTES)) != NULL)
        return OSSL_PARAM_get_octet_string_ptr(p, raw_key->key, raw_key->len);

    return 0;
}

int EVP_SKEY_get0_raw_key(const EVP_SKEY *skey, const unsigned char **key,
                          size_t *len)
{
    struct raw_key_details_st raw_key;

    if (skey == NULL || key == NULL || len == NULL) {
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    raw_key.key = (const void **)key;
    raw_key.len = len;

    return evp_skeymgmt_export(skey->skeymgmt, skey->keydata,
                               OSSL_SKEYMGMT_SELECT_SECRET_KEY,
                               get_secret_key, &raw_key);
}

EVP_SKEY *EVP_SKEY_import_raw_key(OSSL_LIB_CTX *libctx, const char *skeymgmtname,
                                  unsigned char *key, size_t keylen,
                                  const char *propquery)
{
    OSSL_PARAM params[2];

    params[0] = OSSL_PARAM_construct_octet_string(OSSL_SKEY_PARAM_RAW_BYTES,
                                                  (void *)key, keylen);
    params[1] = OSSL_PARAM_construct_end();

    return EVP_SKEY_import(libctx, skeymgmtname, propquery,
                           OSSL_SKEYMGMT_SELECT_SECRET_KEY, params);
}

int EVP_SKEY_up_ref(EVP_SKEY *skey)
{
    int i;

    if (CRYPTO_UP_REF(&skey->references, &i) <= 0)
        return 0;

    REF_PRINT_COUNT("EVP_SKEY", i, skey);
    REF_ASSERT_ISNT(i < 2);
    return i > 1 ? 1 : 0;
}

void EVP_SKEY_free(EVP_SKEY *skey)
{
    int i;

    if (skey == NULL)
        return;

    CRYPTO_DOWN_REF(&skey->references, &i);
    REF_PRINT_COUNT("EVP_SKEY", i, skey);
    if (i > 0)
        return;
    REF_ASSERT_ISNT(i < 0);
    evp_skeymgmt_freedata(skey->skeymgmt, skey->keydata);

    EVP_SKEYMGMT_free(skey->skeymgmt);

    CRYPTO_THREAD_lock_free(skey->lock);
    CRYPTO_FREE_REF(&skey->references);
    OPENSSL_free(skey);
}

const char *EVP_SKEY_get0_key_id(const EVP_SKEY *skey)
{
    if (skey == NULL)
        return NULL;

    if (skey->skeymgmt->get_key_id)
        return skey->skeymgmt->get_key_id(skey->keydata);

    return NULL;
}

const char *EVP_SKEY_get0_skeymgmt_name(const EVP_SKEY *skey)
{
    if (skey == NULL)
        return NULL;

    return skey->skeymgmt->type_name;

}

const char *EVP_SKEY_get0_provider_name(const EVP_SKEY *skey)
{
    if (skey == NULL)
        return NULL;

    return ossl_provider_name(skey->skeymgmt->prov);
}

int EVP_SKEY_is_a(const EVP_SKEY *skey, const char *name)
{
    if (skey == NULL)
        return 0;

    return EVP_SKEYMGMT_is_a(skey->skeymgmt, name);
}

struct transfer_cb_ctx {
    int selection;
    EVP_SKEYMGMT *skeymgmt;
    void *keydata;
};

static int transfer_cb(const OSSL_PARAM params[], void *arg)
{
    struct transfer_cb_ctx *ctx = arg;

    ctx->keydata = evp_skeymgmt_import(ctx->skeymgmt, ctx->selection, params);
    return 1;
}

EVP_SKEY *EVP_SKEY_to_provider(EVP_SKEY *skey, OSSL_LIB_CTX *libctx,
                               OSSL_PROVIDER *prov, const char *propquery)
{
    struct transfer_cb_ctx ctx = { 0 };
    EVP_SKEYMGMT *skeymgmt = NULL;
    EVP_SKEY *ret = NULL;

    if (skey == NULL) {
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
        return NULL;
    }

    if (prov != NULL) {
        if (skey->skeymgmt->prov == prov)
            skeymgmt = skey->skeymgmt;
        else
            skeymgmt = evp_skeymgmt_fetch_from_prov(prov, skey->skeymgmt->type_name,
                                                    propquery);
    } else {
        /* If no provider, get the default skeymgmt */
        skeymgmt = EVP_SKEYMGMT_fetch(libctx, skey->skeymgmt->type_name,
                                      propquery);
    }
    if (skeymgmt == NULL) {
        ERR_raise(ERR_LIB_EVP, ERR_R_FETCH_FAILED);
        return NULL;
    }

    /* Short-circuit if destination provider is the same as origin */
    if (skey->skeymgmt->name_id == skeymgmt->name_id
        && skey->skeymgmt->prov == skeymgmt->prov) {
        if (!EVP_SKEY_up_ref(skey))
            goto err;
        EVP_SKEYMGMT_free(skeymgmt);
        return skey;
    }

    ctx.selection = OSSL_SKEYMGMT_SELECT_ALL;
    ctx.skeymgmt = skeymgmt;

    if (!EVP_SKEY_export(skey, ctx.selection, transfer_cb, &ctx))
        goto err;

    if (ctx.keydata == NULL)
        goto err;

    ret = evp_skey_alloc(skeymgmt);
    if (ret == NULL)
        goto err;

    ret->keydata = ctx.keydata;

    return ret;

 err:
    EVP_SKEYMGMT_free(skeymgmt);
    EVP_SKEY_free(ret);
    return NULL;
}

Coverage Report

Created: 2025-09-05 07:01

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2025 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <string.h>
11		#include <openssl/params.h>
12		#include <openssl/param_build.h>
13		#include <openssl/evp.h>
14		#include <openssl/core_names.h>
15
16		#include "internal/common.h"
17		#include "internal/provider.h"
18		#include "crypto/evp.h"
19		#include "evp_local.h"
20
21		int EVP_SKEY_export(const EVP_SKEY *skey, int selection,
22		OSSL_CALLBACK export_cb, void export_cbarg)
23	0	{
24	0	if (skey == NULL) {
25	0	ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
26	0	return 0;
27	0	}
28
29	0	return evp_skeymgmt_export(skey->skeymgmt, skey->keydata, selection, export_cb, export_cbarg);
30	0	}
31
32		EVP_SKEY evp_skey_alloc(EVP_SKEYMGMT skeymgmt)
33	0	{
34	0	EVP_SKEY *skey;
35
36	0	if (!ossl_assert(skeymgmt != NULL))
37	0	return NULL;
38
39	0	if ((skey = OPENSSL_zalloc(sizeof(*skey))) == NULL)
40	0	return NULL;
41
42	0	if (!CRYPTO_NEW_REF(&skey->references, 1))
43	0	goto err;
44
45	0	skey->lock = CRYPTO_THREAD_lock_new();
46	0	if (skey->lock == NULL) {
47	0	ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB);
48	0	goto err;
49	0	}
50	0	if (EVP_SKEYMGMT_up_ref(skeymgmt)) {
51	0	skey->skeymgmt = skeymgmt;
52	0	return skey;
53	0	} else {
54	0	goto err;
55	0	}
56
57	0	err:
58	0	CRYPTO_FREE_REF(&skey->references);
59	0	CRYPTO_THREAD_lock_free(skey->lock);
60	0	OPENSSL_free(skey);
61	0	return NULL;
62	0	}
63
64		static EVP_SKEY evp_skey_alloc_fetch(OSSL_LIB_CTX libctx,
65		const char *skeymgmtname,
66		const char *propquery)
67	0	{
68	0	EVP_SKEYMGMT *skeymgmt;
69	0	EVP_SKEY *skey;
70
71	0	skeymgmt = EVP_SKEYMGMT_fetch(libctx, skeymgmtname, propquery);
72	0	if (skeymgmt == NULL) {
73		/*
74		* if the specific key_type is unknown, attempt to use the generic
75		* key management
76		*/
77	0	skeymgmt = EVP_SKEYMGMT_fetch(libctx, OSSL_SKEY_TYPE_GENERIC, propquery);
78	0	if (skeymgmt == NULL) {
79	0	ERR_raise(ERR_LIB_EVP, ERR_R_FETCH_FAILED);
80	0	return NULL;
81	0	}
82	0	}
83
84	0	skey = evp_skey_alloc(skeymgmt);
85	0	EVP_SKEYMGMT_free(skeymgmt);
86
87	0	return skey;
88	0	}
89
90		EVP_SKEY EVP_SKEY_import(OSSL_LIB_CTX libctx, const char skeymgmtname, const char propquery,
91		int selection, const OSSL_PARAM *params)
92	0	{
93	0	EVP_SKEY *skey = evp_skey_alloc_fetch(libctx, skeymgmtname, propquery);
94
95	0	if (skey == NULL)
96	0	return NULL;
97
98	0	skey->keydata = evp_skeymgmt_import(skey->skeymgmt, selection, params);
99	0	if (skey->keydata == NULL)
100	0	goto err;
101
102	0	return skey;
103
104	0	err:
105	0	EVP_SKEY_free(skey);
106	0	return NULL;
107	0	}
108
109		EVP_SKEY EVP_SKEY_import_SKEYMGMT(OSSL_LIB_CTX libctx, EVP_SKEYMGMT *skeymgmt,
110		int selection, const OSSL_PARAM *params)
111	0	{
112	0	EVP_SKEY *skey = evp_skey_alloc(skeymgmt);
113
114	0	if (skey == NULL)
115	0	return NULL;
116
117	0	skey->keydata = evp_skeymgmt_import(skey->skeymgmt, selection, params);
118	0	if (skey->keydata == NULL)
119	0	goto err;
120
121	0	return skey;
122
123	0	err:
124	0	EVP_SKEY_free(skey);
125	0	return NULL;
126	0	}
127
128		EVP_SKEY EVP_SKEY_generate(OSSL_LIB_CTX libctx, const char *skeymgmtname,
129		const char propquery, const OSSL_PARAM params)
130	0	{
131	0	EVP_SKEY *skey = evp_skey_alloc_fetch(libctx, skeymgmtname, propquery);
132
133	0	if (skey == NULL)
134	0	return NULL;
135
136	0	skey->keydata = evp_skeymgmt_generate(skey->skeymgmt, params);
137	0	if (skey->keydata == NULL)
138	0	goto err;
139
140	0	return skey;
141
142	0	err:
143	0	EVP_SKEY_free(skey);
144	0	return NULL;
145	0	}
146
147		struct raw_key_details_st {
148		const void **key;
149		size_t *len;
150		};
151
152		static int get_secret_key(const OSSL_PARAM params[], void *arg)
153	0	{
154	0	const OSSL_PARAM *p = NULL;
155	0	struct raw_key_details_st *raw_key = arg;
156
157	0	if ((p = OSSL_PARAM_locate_const(params, OSSL_SKEY_PARAM_RAW_BYTES)) != NULL)
158	0	return OSSL_PARAM_get_octet_string_ptr(p, raw_key->key, raw_key->len);
159
160	0	return 0;
161	0	}
162
163		int EVP_SKEY_get0_raw_key(const EVP_SKEY skey, const unsigned char *key,
164		size_t *len)
165	0	{
166	0	struct raw_key_details_st raw_key;
167
168	0	if (skey == NULL \|\| key == NULL \|\| len == NULL) {
169	0	ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
170	0	return 0;
171	0	}
172
173	0	raw_key.key = (const void **)key;
174	0	raw_key.len = len;
175
176	0	return evp_skeymgmt_export(skey->skeymgmt, skey->keydata,
177	0	OSSL_SKEYMGMT_SELECT_SECRET_KEY,
178	0	get_secret_key, &raw_key);
179	0	}
180
181		EVP_SKEY EVP_SKEY_import_raw_key(OSSL_LIB_CTX libctx, const char *skeymgmtname,
182		unsigned char *key, size_t keylen,
183		const char *propquery)
184	0	{
185	0	OSSL_PARAM params[2];
186
187	0	params[0] = OSSL_PARAM_construct_octet_string(OSSL_SKEY_PARAM_RAW_BYTES,
188	0	(void *)key, keylen);
189	0	params[1] = OSSL_PARAM_construct_end();
190
191	0	return EVP_SKEY_import(libctx, skeymgmtname, propquery,
192	0	OSSL_SKEYMGMT_SELECT_SECRET_KEY, params);
193	0	}
194
195		int EVP_SKEY_up_ref(EVP_SKEY *skey)
196	0	{
197	0	int i;
198
199	0	if (CRYPTO_UP_REF(&skey->references, &i) <= 0)
200	0	return 0;
201
202	0	REF_PRINT_COUNT("EVP_SKEY", i, skey);
203	0	REF_ASSERT_ISNT(i < 2);
204	0	return i > 1 ? 1 : 0;
205	0	}
206
207		void EVP_SKEY_free(EVP_SKEY *skey)
208	0	{
209	0	int i;
210
211	0	if (skey == NULL)
212	0	return;
213
214	0	CRYPTO_DOWN_REF(&skey->references, &i);
215	0	REF_PRINT_COUNT("EVP_SKEY", i, skey);
216	0	if (i > 0)
217	0	return;
218	0	REF_ASSERT_ISNT(i < 0);
219	0	evp_skeymgmt_freedata(skey->skeymgmt, skey->keydata);
220
221	0	EVP_SKEYMGMT_free(skey->skeymgmt);
222
223	0	CRYPTO_THREAD_lock_free(skey->lock);
224	0	CRYPTO_FREE_REF(&skey->references);
225	0	OPENSSL_free(skey);
226	0	}
227
228		const char EVP_SKEY_get0_key_id(const EVP_SKEY skey)
229	0	{
230	0	if (skey == NULL)
231	0	return NULL;
232
233	0	if (skey->skeymgmt->get_key_id)
234	0	return skey->skeymgmt->get_key_id(skey->keydata);
235
236	0	return NULL;
237	0	}
238
239		const char EVP_SKEY_get0_skeymgmt_name(const EVP_SKEY skey)
240	0	{
241	0	if (skey == NULL)
242	0	return NULL;
243
244	0	return skey->skeymgmt->type_name;
245
246	0	}
247
248		const char EVP_SKEY_get0_provider_name(const EVP_SKEY skey)
249	0	{
250	0	if (skey == NULL)
251	0	return NULL;
252
253	0	return ossl_provider_name(skey->skeymgmt->prov);
254	0	}
255
256		int EVP_SKEY_is_a(const EVP_SKEY skey, const char name)
257	0	{
258	0	if (skey == NULL)
259	0	return 0;
260
261	0	return EVP_SKEYMGMT_is_a(skey->skeymgmt, name);
262	0	}
263
264		struct transfer_cb_ctx {
265		int selection;
266		EVP_SKEYMGMT *skeymgmt;
267		void *keydata;
268		};
269
270		static int transfer_cb(const OSSL_PARAM params[], void *arg)
271	0	{
272	0	struct transfer_cb_ctx *ctx = arg;
273
274	0	ctx->keydata = evp_skeymgmt_import(ctx->skeymgmt, ctx->selection, params);
275	0	return 1;
276	0	}
277
278		EVP_SKEY EVP_SKEY_to_provider(EVP_SKEY skey, OSSL_LIB_CTX *libctx,
279		OSSL_PROVIDER prov, const char propquery)
280	0	{
281	0	struct transfer_cb_ctx ctx = { 0 };
282	0	EVP_SKEYMGMT *skeymgmt = NULL;
283	0	EVP_SKEY *ret = NULL;
284
285	0	if (skey == NULL) {
286	0	ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
287	0	return NULL;
288	0	}
289
290	0	if (prov != NULL) {
291	0	if (skey->skeymgmt->prov == prov)
292	0	skeymgmt = skey->skeymgmt;
293	0	else
294	0	skeymgmt = evp_skeymgmt_fetch_from_prov(prov, skey->skeymgmt->type_name,
295	0	propquery);
296	0	} else {
297		/* If no provider, get the default skeymgmt */
298	0	skeymgmt = EVP_SKEYMGMT_fetch(libctx, skey->skeymgmt->type_name,
299	0	propquery);
300	0	}
301	0	if (skeymgmt == NULL) {
302	0	ERR_raise(ERR_LIB_EVP, ERR_R_FETCH_FAILED);
303	0	return NULL;
304	0	}
305
306		/* Short-circuit if destination provider is the same as origin */
307	0	if (skey->skeymgmt->name_id == skeymgmt->name_id
308	0	&& skey->skeymgmt->prov == skeymgmt->prov) {
309	0	if (!EVP_SKEY_up_ref(skey))
310	0	goto err;
311	0	EVP_SKEYMGMT_free(skeymgmt);
312	0	return skey;
313	0	}
314
315	0	ctx.selection = OSSL_SKEYMGMT_SELECT_ALL;
316	0	ctx.skeymgmt = skeymgmt;
317
318	0	if (!EVP_SKEY_export(skey, ctx.selection, transfer_cb, &ctx))
319	0	goto err;
320
321	0	if (ctx.keydata == NULL)
322	0	goto err;
323
324	0	ret = evp_skey_alloc(skeymgmt);
325	0	if (ret == NULL)
326	0	goto err;
327
328	0	ret->keydata = ctx.keydata;
329
330	0	return ret;
331
332	0	err:
333	0	EVP_SKEYMGMT_free(skeymgmt);
334	0	EVP_SKEY_free(ret);
335	0	return NULL;
336	0	}