Question about EVP API interaction
Juan di Mauro
juan.dimauro at syndeno.com
Fri Nov 17 10:22:03 UTC 2023
Dear Matt,
Thanks for your reply. Unfortunately, the issue persists. I think something
is missing in my provider. Could be the case that I'm not loading default
provider?
I included the change that you suggested, but it returns a NULL. Below is
the code sample
OSSL_LIB_CTX *libctx = NULL;
libctx = OSSL_LIB_CTX_new();
OSSL_PROVIDER_set_default_search_path(libctx,"./provider");
OSSL_PROVIDER *prov = OSSL_PROVIDER_load(libctx,"libprovider");
if(!prov){
printf("Provider not found. Exiting\n");
return -1;
}else{
printf("The provider was successfully loaded\n");
}
EVP_PKEY *key = NULL;
EVP_PKEY_CTX *ctx;
// ctx = EVP_PKEY_CTX_new_from_name(libctx,"syndenokmgm",NULL);
ctx = EVP_PKEY_CTX_new_from_pkey(libctx, key,NULL );
if (!ctx){
printf("The context can't be created. Exiting\n");
return -1;
}else{
printf("The context was successfully created\n");
}
//generate the key
EVP_PKEY_keygen_init(ctx);
//EVP_PKEY_generate(ctx,&key);
EVP_PKEY_keygen(ctx, &key);
// Now, the operation code is good but since the pkey is NULL, fails
int res_encaps_init = EVP_PKEY_encapsulate_init(ctx,NULL);
Best regards,
J.
On Fri, Nov 10, 2023 at 6:07 PM Matt Caswell <matt at openssl.org> wrote:
>
>
> On 10/11/2023 16:05, Juan di Mauro wrote:
> > Dear all,
> >
> > I'm coding an external provider for OpenSSL to incorporate a KEM
> > algorithm (the provider will be compiled as a .so as usual). I have the
> > KEM part of the code
> > and the Key management module (the OSSL_ALGORITHM dispatch tables and so
> > on, corresponding to the OSSL_OP_KEM and OSSL_OP_KEYMGMT query types).
> >
> > However, I have problems making things interact ok. It's clear that
> > I do not fully understand the way the API should work in this case so my
> > first question is: Is there a complete documented guide about that?
> >
> > Secondly, to state things clearly: I want to make key encapsulation and
> > I'm following this sequence of API calls to interact with my provider:
> >
> >
> > EVP_PKEY_CTX *ctx;
> > ctx = EVP_PKEY_CTX_new_from_name(libctx,<Name of my Keymgmt
> > algorithm>,NULL);
> > if (!ctx){
> > printf("The context can't be created. Exiting\n");
> > return -1;
> > }
> > //generate the key
> > EVP_PKEY *key = NULL;
> > EVP_PKEY_keygen_init(ctx);
> > EVP_PKEY_keygen(ctx, &key);
> > // Here, since the pkey in context is NULL, fails
> > int res_encaps_init = EVP_PKEY_encapsulate_init(ctx,NULL);
>
> Since you are starting a new operation here you should probably use a
> new pkey ctx created via EVP_PKEY_CTX_new_from_pkey() rather than trying
> to reuse the old one.
>
> Matt
>
> >
> >
> > So, maybe the sequence of steps is wrong or my code doesn't satisfy the
> > API requirements.
> >
> > Thanks in advance,
> >
> > /LEGAL NOTICE: The content of this email message, including the attached
> > files, is confidential and is protected by article 18.3 of the Spanish
> > Constitution, which guarantees the secrecy of communications. If you
> > receive this message in error, please contact the sender to inform them
> > of this fact, and do not broadcast its content or make copies./
> > /*** This message has been verified with removal tools for viruses and
> > malicious content ***/
> > /This legal notice has been automatically incorporated into the message./
> > /---------------------------------------------/
> > /AVISO LEGAL: El contenido de este mensaje de correo electrónico,
> > incluidos los ficheros adjuntos, es confidencial y está protegido por el
> > artículo 18.3 de la Constitución Española, que garantiza el secreto de
> > las comunicaciones. Si usted recibe este mensaje por error, por favor
> > póngase en contacto con el remitente para informarle de este hecho, y no
> > difunda su contenido ni haga copias.
> > /
> > /*** Este mensaje ha sido verificado con herramientas de eliminación de
> > virus y contenido malicioso ***/
> > /Este aviso legal ha sido incorporado automáticamente al mensaje./
>
--
Juan Di Mauro
I+D
www.syndeno.com
--
_LEGAL NOTICE: The content of this email message, including the attached
files, is confidential and is protected by article 18.3 of the Spanish
Constitution, which guarantees the secrecy of communications. If you
receive this message in error, please contact the sender to inform them of
this fact, and do not broadcast its content or make copies.
_
_*** This
message has been verified with removal tools for viruses and malicious
content ***
_
_This legal notice has been automatically incorporated into
the message.
_
*---------------------------------------------*
*AVISO
LEGAL: El contenido de este mensaje de correo electrónico, incluidos los
ficheros adjuntos, es confidencial y está protegido por el artículo 18.3 de
la Constitución Española, que garantiza el secreto de las comunicaciones.
Si usted recibe este mensaje por error, por favor póngase en contacto con
el remitente para informarle de este hecho, y no difunda su contenido ni
haga copias.
*
_*** Este mensaje ha sido verificado con herramientas de
eliminación de virus y contenido malicioso ***
_
_Este aviso legal ha sido
incorporado automáticamente al mensaje._
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20231117/22053455/attachment.htm>
More information about the openssl-users
mailing list