EVP_PKEY_CTX_get/settable_params: pass provider operation context

This allows making the signature operations return different settable params when the context is initialized with EVP_DigestSign/VerifyInit. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14338)
author: Tomas Mraz <tomas@openssl.org> 2021-02-26 18:02:36 +0100
committer: Tomas Mraz <tomas@openssl.org> 2021-03-03 11:25:39 +0100
commit: fb67126ea8a1a9fadb9b60641d84808fc123cd9d (patch)
tree: bff46e01abd2dabca35123e422bcbc797a6ef484 /crypto/evp/pmeth_lib.c
parent: Fix NULL access in ssl_build_cert_chain() when ctx is NULL. (diff)
download: openssl-fb67126ea8a1a9fadb9b60641d84808fc123cd9d.tar.xz
openssl-fb67126ea8a1a9fadb9b60641d84808fc123cd9d.zip
1 files changed, 22 insertions, 10 deletions
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 478ae40a26..2cc30f1af4 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -744,27 +744,31 @@ const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(EVP_PKEY_CTX *ctx)
             && ctx->op.kex.exchange != NULL
             && ctx->op.kex.exchange->gettable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(ctx->op.kex.exchange));
-        return ctx->op.kex.exchange->gettable_ctx_params(provctx);
+        return ctx->op.kex.exchange->gettable_ctx_params(ctx->op.kex.exchprovctx,
+                                                         provctx);
     }
     if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
             && ctx->op.sig.signature != NULL
             && ctx->op.sig.signature->gettable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(
                       EVP_SIGNATURE_provider(ctx->op.sig.signature));
-        return ctx->op.sig.signature->gettable_ctx_params(provctx);
+        return ctx->op.sig.signature->gettable_ctx_params(ctx->op.sig.sigprovctx,
+                                                          provctx);
     }
     if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
             && ctx->op.ciph.cipher != NULL
             && ctx->op.ciph.cipher->gettable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(
                       EVP_ASYM_CIPHER_provider(ctx->op.ciph.cipher));
-        return ctx->op.ciph.cipher->gettable_ctx_params(provctx);
+        return ctx->op.ciph.cipher->gettable_ctx_params(ctx->op.ciph.ciphprovctx,
+                                                        provctx);
     }
     if (EVP_PKEY_CTX_IS_KEM_OP(ctx)
         && ctx->op.encap.kem != NULL
         && ctx->op.encap.kem->gettable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(EVP_KEM_provider(ctx->op.encap.kem));
-        return ctx->op.encap.kem->gettable_ctx_params(provctx);
+        return ctx->op.encap.kem->gettable_ctx_params(ctx->op.encap.kemprovctx,
+                                                      provctx);
     }
     return NULL;
 }
@@ -777,30 +781,38 @@ const OSSL_PARAM *EVP_PKEY_CTX_settable_params(EVP_PKEY_CTX *ctx)
             && ctx->op.kex.exchange != NULL
             && ctx->op.kex.exchange->settable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(ctx->op.kex.exchange));
-        return ctx->op.kex.exchange->settable_ctx_params(provctx);
+        return ctx->op.kex.exchange->settable_ctx_params(ctx->op.kex.exchprovctx,
+                                                         provctx);
     }
     if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
             && ctx->op.sig.signature != NULL
             && ctx->op.sig.signature->settable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(
                       EVP_SIGNATURE_provider(ctx->op.sig.signature));
-        return ctx->op.sig.signature->settable_ctx_params(provctx);
+        return ctx->op.sig.signature->settable_ctx_params(ctx->op.sig.sigprovctx,
+                                                          provctx);
     }
     if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
             && ctx->op.ciph.cipher != NULL
             && ctx->op.ciph.cipher->settable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(
                       EVP_ASYM_CIPHER_provider(ctx->op.ciph.cipher));
-        return ctx->op.ciph.cipher->settable_ctx_params(provctx);
+        return ctx->op.ciph.cipher->settable_ctx_params(ctx->op.ciph.ciphprovctx,
+                                                        provctx);
     }
     if (EVP_PKEY_CTX_IS_GEN_OP(ctx)
-            && ctx->keymgmt != NULL)
-        return EVP_KEYMGMT_gen_settable_params(ctx->keymgmt);
+            && ctx->keymgmt != NULL
+            && ctx->keymgmt->gen_settable_params != NULL) {
+        provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(ctx->keymgmt));
+        return ctx->keymgmt->gen_settable_params(ctx->op.keymgmt.genctx,
+                                                 provctx);
+    }
     if (EVP_PKEY_CTX_IS_KEM_OP(ctx)
         && ctx->op.encap.kem != NULL
         && ctx->op.encap.kem->settable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(EVP_KEM_provider(ctx->op.encap.kem));
-        return ctx->op.encap.kem->settable_ctx_params(provctx);
+        return ctx->op.encap.kem->settable_ctx_params(ctx->op.encap.kemprovctx,
+                                                      provctx);
     }
     return NULL;
 }
author	Tomas Mraz <tomas@openssl.org>	2021-02-26 18:02:36 +0100
committer	Tomas Mraz <tomas@openssl.org>	2021-03-03 11:25:39 +0100
commit	fb67126ea8a1a9fadb9b60641d84808fc123cd9d (patch)
tree	bff46e01abd2dabca35123e422bcbc797a6ef484 /crypto/evp/pmeth_lib.c
parent	Fix NULL access in ssl_build_cert_chain() when ctx is NULL. (diff)
download	openssl-fb67126ea8a1a9fadb9b60641d84808fc123cd9d.tar.xz openssl-fb67126ea8a1a9fadb9b60641d84808fc123cd9d.zip