Google Git
Sign in
boringssl/boringssl/ecc0ce7e67b7dcfdfc57ffa99d70c9a04996e15b^!/./include
commit
ecc0ce7e67b7dcfdfc57ffa99d70c9a04996e15b
[log] [tgz]
author
David Benjamin <davidben@chromium.org>
Fri Jul 18 18:39:42 2014 -0400
committer
Adam Langley <agl@google.com>
Fri Jul 18 23:35:04 2014 +0000
tree
22a6abd430d4e93e85367512dcba67be45785d5e
parent
e14dcc45e879807422c0497c7b6a4dcb92ad2a54 [diff]
Introduce EVP_PKEY_is_opaque to replace RSA_METHOD_FLAG_NO_CHECK.

Custom RSA and ECDSA keys may not expose the key material. Plumb and "opaque"
bit out of the *_METHOD up to EVP_PKEY. Query that in ssl_rsa.c to skip the
sanity checks for certificate and key matching.

Change-Id: I362a2d5116bfd1803560dfca1d69a91153e895fc
Reviewed-on: https://boringssl-review.googlesource.com/1255
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/include/openssl/ec_key.h b/include/openssl/ec_key.h
index ac58a8f..4a48ffc 100644
--- a/include/openssl/ec_key.h
+++ b/include/openssl/ec_key.h

@@ -109,6 +109,10 @@
  * success and zero otherwise. */
 int EC_KEY_up_ref(EC_KEY *key);
 
+/* EC_KEY_is_opaque returns one if |key| is opaque and doesn't expose its key
+ * material. Otherwise it return zero. */
+int EC_KEY_is_opaque(const EC_KEY *key);
+
 /* EC_KEY_get0_group returns a pointer to the |EC_GROUP| object inside |key|. */
 const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
 
@@ -229,6 +233,11 @@
 
 /* ECDSA method. */
 
+/* ECDSA_FLAG_OPAQUE specifies that this ECDSA_METHOD does not expose its key
+ * material. This may be set if, for instance, it is wrapping some other crypto
+ * API, like a platform key store. */
+#define ECDSA_FLAG_OPAQUE 1
+
 /* ecdsa_method_st is a structure of function pointers for implementing ECDSA.
  * See engine.h. */
 struct ecdsa_method_st {
@@ -251,6 +260,8 @@
   /* verify matches the arguments and behaviour of |ECDSA_verify|. */
   int (*verify)(const uint8_t *digest, size_t digest_len, const uint8_t *sig,
                 size_t sig_len, EC_KEY *eckey);
+
+  int flags;
 };
 
 

diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 2d82fd9..b522e8f 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h

@@ -89,6 +89,11 @@
  * itself. */
 void EVP_PKEY_free(EVP_PKEY *pkey);
 
+/* EVP_PKEY_is_opaque returns one if |pkey| is opaque. Opaque keys are backed by
+ * custom implementations which do not expose key material and parameters. It is
+ * an error to attempt to duplicate, export, or compare an opaque key. */
+int EVP_PKEY_is_opaque(const EVP_PKEY *pkey);
+
 /* EVP_PKEY_cmp compares |a| and |b| and returns one if they are equal, zero if
  * not and a negative number on error.
  *

diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index b67d396..89c56ed 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h

@@ -235,6 +235,10 @@
  * of a signature of encrypted value using |rsa|. */
 unsigned RSA_size(const RSA *rsa);
 
+/* RSA_is_opaque returns one if |rsa| is opaque and doesn't expose its key
+ * material. Otherwise it return zero. */
+int RSA_is_opaque(const RSA *rsa);
+
 /* RSAPublicKey_dup allocates a fresh |RSA| and copies the private key from
  * |rsa| into it. It returns the fresh |RSA| object, or NULL on error. */
 RSA *RSAPublicKey_dup(const RSA *rsa);
@@ -291,6 +295,10 @@
 int RSA_set_ex_data(RSA *r, int idx, void *arg);
 void *RSA_get_ex_data(const RSA *r, int idx);
 
+/* RSA_FLAG_OPAQUE specifies that this RSA_METHOD does not expose its key
+ * material. This may be set if, for instance, it is wrapping some other crypto
+ * API, like a platform key store. */
+#define RSA_FLAG_OPAQUE 1
 
 /* RSA_FLAG_CACHE_PUBLIC causes a precomputed Montgomery context to be created,
  * on demand, for the public key operations. */