Introduce EVP_PKEY_is_opaque to replace RSA_METHOD_FLAG_NO_CHECK.
Custom RSA and ECDSA keys may not expose the key material. Plumb and "opaque"
bit out of the *_METHOD up to EVP_PKEY. Query that in ssl_rsa.c to skip the
sanity checks for certificate and key matching.
Change-Id: I362a2d5116bfd1803560dfca1d69a91153e895fc
Reviewed-on: https://boringssl-review.googlesource.com/1255
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ec_key.h b/include/openssl/ec_key.h
index ac58a8f..4a48ffc 100644
--- a/include/openssl/ec_key.h
+++ b/include/openssl/ec_key.h
@@ -109,6 +109,10 @@
* success and zero otherwise. */
int EC_KEY_up_ref(EC_KEY *key);
+/* EC_KEY_is_opaque returns one if |key| is opaque and doesn't expose its key
+ * material. Otherwise it return zero. */
+int EC_KEY_is_opaque(const EC_KEY *key);
+
/* EC_KEY_get0_group returns a pointer to the |EC_GROUP| object inside |key|. */
const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
@@ -229,6 +233,11 @@
/* ECDSA method. */
+/* ECDSA_FLAG_OPAQUE specifies that this ECDSA_METHOD does not expose its key
+ * material. This may be set if, for instance, it is wrapping some other crypto
+ * API, like a platform key store. */
+#define ECDSA_FLAG_OPAQUE 1
+
/* ecdsa_method_st is a structure of function pointers for implementing ECDSA.
* See engine.h. */
struct ecdsa_method_st {
@@ -251,6 +260,8 @@
/* verify matches the arguments and behaviour of |ECDSA_verify|. */
int (*verify)(const uint8_t *digest, size_t digest_len, const uint8_t *sig,
size_t sig_len, EC_KEY *eckey);
+
+ int flags;
};
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 2d82fd9..b522e8f 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -89,6 +89,11 @@
* itself. */
void EVP_PKEY_free(EVP_PKEY *pkey);
+/* EVP_PKEY_is_opaque returns one if |pkey| is opaque. Opaque keys are backed by
+ * custom implementations which do not expose key material and parameters. It is
+ * an error to attempt to duplicate, export, or compare an opaque key. */
+int EVP_PKEY_is_opaque(const EVP_PKEY *pkey);
+
/* EVP_PKEY_cmp compares |a| and |b| and returns one if they are equal, zero if
* not and a negative number on error.
*
diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index b67d396..89c56ed 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h
@@ -235,6 +235,10 @@
* of a signature of encrypted value using |rsa|. */
unsigned RSA_size(const RSA *rsa);
+/* RSA_is_opaque returns one if |rsa| is opaque and doesn't expose its key
+ * material. Otherwise it return zero. */
+int RSA_is_opaque(const RSA *rsa);
+
/* RSAPublicKey_dup allocates a fresh |RSA| and copies the private key from
* |rsa| into it. It returns the fresh |RSA| object, or NULL on error. */
RSA *RSAPublicKey_dup(const RSA *rsa);
@@ -291,6 +295,10 @@
int RSA_set_ex_data(RSA *r, int idx, void *arg);
void *RSA_get_ex_data(const RSA *r, int idx);
+/* RSA_FLAG_OPAQUE specifies that this RSA_METHOD does not expose its key
+ * material. This may be set if, for instance, it is wrapping some other crypto
+ * API, like a platform key store. */
+#define RSA_FLAG_OPAQUE 1
/* RSA_FLAG_CACHE_PUBLIC causes a precomputed Montgomery context to be created,
* on demand, for the public key operations. */
