Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/openssl/providers/implementations/keymgmt/kdf_legacy_kmgmt.c
48292 views
1
/*

2
 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.

3
 *

4
 * Licensed under the Apache License 2.0 (the "License").  You may not use

5
 * this file except in compliance with the License.  You can obtain a copy

6
 * in the file LICENSE in the source distribution or at

7
 * https://www.openssl.org/source/license.html

8
 */

9


10
/*

11
 * This implemments a dummy key manager for legacy KDFs that still support the

12
 * old way of performing a KDF via EVP_PKEY_derive(). New KDFs should not be

13
 * implemented this way. In reality there is no key data for such KDFs, so this

14
 * key manager does very little.

15
 */

16


17
#include <openssl/core_dispatch.h>

18
#include <openssl/core_names.h>

19
#include <openssl/err.h>

20
#include "prov/implementations.h"

21
#include "prov/providercommon.h"

22
#include "prov/provider_ctx.h"

23
#include "prov/kdfexchange.h"

24


25
static OSSL_FUNC_keymgmt_new_fn kdf_newdata;

26
static OSSL_FUNC_keymgmt_free_fn kdf_freedata;

27
static OSSL_FUNC_keymgmt_has_fn kdf_has;

28


29
KDF_DATA *ossl_kdf_data_new(void *provctx)

30
{

31
    KDF_DATA *kdfdata;

32


33
    if (!ossl_prov_is_running())

34
        return NULL;

35


36
    kdfdata = OPENSSL_zalloc(sizeof(*kdfdata));

37
    if (kdfdata == NULL)

38
        return NULL;

39


40
    if (!CRYPTO_NEW_REF(&kdfdata->refcnt, 1)) {

41
        OPENSSL_free(kdfdata);

42
        return NULL;

43
    }

44
    kdfdata->libctx = PROV_LIBCTX_OF(provctx);

45


46
    return kdfdata;

47
}

48


49
void ossl_kdf_data_free(KDF_DATA *kdfdata)

50
{

51
    int ref = 0;

52


53
    if (kdfdata == NULL)

54
        return;

55


56
    CRYPTO_DOWN_REF(&kdfdata->refcnt, &ref);

57
    if (ref > 0)

58
        return;

59


60
    CRYPTO_FREE_REF(&kdfdata->refcnt);

61
    OPENSSL_free(kdfdata);

62
}

63


64
int ossl_kdf_data_up_ref(KDF_DATA *kdfdata)

65
{

66
    int ref = 0;

67


68
    /* This is effectively doing a new operation on the KDF_DATA and should be

69
     * adequately guarded again modules' error states.  However, both current

70
     * calls here are guarded properly in exchange/kdf_exch.c.  Thus, it

71
     * could be removed here.  The concern is that something in the future

72
     * might call this function without adequate guards.  It's a cheap call,

73
     * it seems best to leave it even though it is currently redundant.

74
     */

75
    if (!ossl_prov_is_running())

76
        return 0;

77


78
    CRYPTO_UP_REF(&kdfdata->refcnt, &ref);

79
    return 1;

80
}

81


82
static void *kdf_newdata(void *provctx)

83
{

84
    return ossl_kdf_data_new(provctx);

85
}

86


87
static void kdf_freedata(void *kdfdata)

88
{

89
    ossl_kdf_data_free(kdfdata);

90
}

91


92
static int kdf_has(const void *keydata, int selection)

93
{

94
    return 1; /* nothing is missing */

95
}

96


97
const OSSL_DISPATCH ossl_kdf_keymgmt_functions[] = {

98
    { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))kdf_newdata },

99
    { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))kdf_freedata },

100
    { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))kdf_has },

101
    OSSL_DISPATCH_END

102
};

103


104