[openssl] master update

shane.lontis at oracle.com shane.lontis at oracle.com
Wed Aug 12 02:25:13 UTC 2020


The branch master has been updated
       via  e3efe7a53299dff3cd2222542b6a999b1360d626 (commit)
      from  af88e64a98a6402dabd41ac2de194444dd285b49 (commit)


- Log -----------------------------------------------------------------
commit e3efe7a53299dff3cd2222542b6a999b1360d626
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Wed Aug 12 11:59:43 2020 +1000

    Add public API for gettables and settables for keymanagement, signatures and key exchange.
    
    The openssl provider app will now display these params.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/12396)

-----------------------------------------------------------------------

Summary of changes:
 apps/lib/app_params.c                     |  2 +-
 apps/provider.c                           | 67 +++++++++++++++++--------------
 crypto/evp/exchange.c                     | 21 ++++++++++
 crypto/evp/keymgmt_meth.c                 |  7 ++--
 crypto/evp/p_lib.c                        |  2 +-
 crypto/evp/pmeth_lib.c                    |  2 +-
 crypto/evp/signature.c                    | 22 ++++++++++
 doc/internal/man3/evp_keymgmt_newdata.pod | 12 ++----
 doc/man3/EVP_KEYEXCH_free.pod             | 15 ++++++-
 doc/man3/EVP_KEYMGMT.pod                  | 24 ++++++++++-
 doc/man3/EVP_SIGNATURE_free.pod           | 15 ++++++-
 include/crypto/evp.h                      |  5 ---
 include/openssl/evp.h                     |  7 ++++
 util/libcrypto.num                        |  7 ++++
 14 files changed, 152 insertions(+), 56 deletions(-)

diff --git a/apps/lib/app_params.c b/apps/lib/app_params.c
index ba50707926..3305b1e922 100644
--- a/apps/lib/app_params.c
+++ b/apps/lib/app_params.c
@@ -75,7 +75,7 @@ static int describe_param_type(char *buf, size_t bufsz, const OSSL_PARAM *param)
 int print_param_types(const char *thing, const OSSL_PARAM *pdefs, int indent)
 {
     if (pdefs == NULL) {
-        BIO_printf(bio_out, "%*sNo declared %s\n", indent, "", thing);
+        return 1;
     } else if (pdefs->key == NULL) {
         /*
          * An empty list?  This shouldn't happen, but let's just make sure to
diff --git a/apps/provider.c b/apps/provider.c
index 83fb2f3aee..7d3581153b 100644
--- a/apps/provider.c
+++ b/apps/provider.c
@@ -52,8 +52,10 @@ struct info_st {
     void (*collect_names_fn)(void *method, STACK_OF(OPENSSL_CSTRING) *names);
     void *method;
     const OSSL_PARAM *gettable_params;
+    const OSSL_PARAM *settable_params;
     const OSSL_PARAM *gettable_ctx_params;
     const OSSL_PARAM *settable_ctx_params;
+    const OSSL_PARAM *gen_settable_params;
 };
 
 struct meta_st {
@@ -134,12 +136,16 @@ static void print_caps(META *meta, INFO *info)
         BIO_printf(bio_out, "%*s%s ", meta->indent, "", meta->label);
         print_method_names(bio_out, info);
         BIO_printf(bio_out, "\n");
+        print_param_types("settable keygen parameters",
+                          info->gen_settable_params, meta->subindent);
+        print_param_types("settable algorithm parameters",
+                          info->settable_params, meta->subindent);
         print_param_types("retrievable algorithm parameters",
                           info->gettable_params, meta->subindent);
-        print_param_types("retrievable operation parameters",
-                          info->gettable_ctx_params, meta->subindent);
         print_param_types("settable operation parameters",
                           info->settable_ctx_params, meta->subindent);
+        print_param_types("retrievable operation parameters",
+                          info->gettable_ctx_params, meta->subindent);
         break;
     }
     meta->first = 0;
@@ -155,6 +161,7 @@ static void do_method(void *method,
 {
     INFO info;
 
+    memset(&info, 0, sizeof(info));
     info.collect_names_fn = collect_names_fn;
     info.method = method;
     info.gettable_params = gettable_params;
@@ -164,6 +171,27 @@ static void do_method(void *method,
     meta->total++;
 }
 
+static void do_keymgmt_method(void *method,
+                              void (*collect_names_fn)(void *method,
+                                                       STACK_OF(OPENSSL_CSTRING)
+                                                       *names),
+                              const OSSL_PARAM *gettable_params,
+                              const OSSL_PARAM *settable_params,
+                              const OSSL_PARAM *gen_settable_params,
+                              META *meta)
+{
+    INFO info;
+
+    memset(&info, 0, sizeof(info));
+    info.collect_names_fn = collect_names_fn;
+    info.method = method;
+    info.gettable_params = gettable_params;
+    info.settable_params = settable_params;
+    info.gen_settable_params = gen_settable_params;
+    meta->fn(meta, &info);
+    meta->total++;
+}
+
 static void do_cipher(EVP_CIPHER *cipher, void *meta)
 {
     do_method(cipher, collect_cipher_names,
@@ -193,49 +221,28 @@ static void do_mac(EVP_MAC *mac, void *meta)
 
 static void do_keymgmt(EVP_KEYMGMT *keymgmt, void *meta)
 {
-    do_method(keymgmt, collect_keymgmt_names,
-/*
- * TODO(3.0) Enable when KEYMGMT and KEYEXCH have gettables and settables
- */
-#if 0
-              EVP_KEYMGMT_gettable_params(keymgmt),
-              EVP_KEYMGMT_gettable_ctx_params(keymgmt),
-              EVP_KEYMGMT_settable_ctx_params(keymgmt),
-#else
-              NULL, NULL, NULL,
-#endif
-              meta);
+    do_keymgmt_method(keymgmt, collect_keymgmt_names,
+                      EVP_KEYMGMT_gettable_params(keymgmt),
+                      EVP_KEYMGMT_settable_params(keymgmt),
+                      EVP_KEYMGMT_gen_settable_params(keymgmt),
+                      meta);
 }
 
 static void do_keyexch(EVP_KEYEXCH *keyexch, void *meta)
 {
     do_method(keyexch, collect_keyexch_names,
-/*
- * TODO(3.0) Enable when KEYMGMT and KEYEXCH have gettables and settables
- */
-#if 0
-              EVP_KEYEXCH_gettable_params(keyexch),
+              NULL,
               EVP_KEYEXCH_gettable_ctx_params(keyexch),
               EVP_KEYEXCH_settable_ctx_params(keyexch),
-#else
-              NULL, NULL, NULL,
-#endif
               meta);
 }
 
 static void do_signature(EVP_SIGNATURE *signature, void *meta)
 {
     do_method(signature, collect_signature_names,
-/*
- * TODO(3.0) Enable when KEYMGMT and SIGNATURE have gettables and settables
- */
-#if 0
-              EVP_SIGNATURE_gettable_params(signature),
+              NULL,
               EVP_SIGNATURE_gettable_ctx_params(signature),
               EVP_SIGNATURE_settable_ctx_params(signature),
-#else
-              NULL, NULL, NULL,
-#endif
               meta);
 }
 
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index a47a0f0367..ccd75099ad 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -474,3 +474,24 @@ void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch,
     if (keyexch->prov != NULL)
         evp_names_do_all(keyexch->prov, keyexch->name_id, fn, data);
 }
+
+const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch)
+{
+    void *provctx;
+
+    if (keyexch == NULL || keyexch->gettable_ctx_params == NULL)
+        return NULL;
+
+    provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(keyexch));
+    return keyexch->gettable_ctx_params(provctx);
+}
+
+const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch)
+{
+    void *provctx;
+
+    if (keyexch == NULL || keyexch->settable_ctx_params == NULL)
+        return NULL;
+    provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(keyexch));
+    return keyexch->settable_ctx_params(provctx);
+}
diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c
index 99d9504251..1459b64f0e 100644
--- a/crypto/evp/keymgmt_meth.c
+++ b/crypto/evp/keymgmt_meth.c
@@ -16,7 +16,6 @@
 #include "crypto/evp.h"
 #include "evp_local.h"
 
-
 static void *keymgmt_new(void)
 {
     EVP_KEYMGMT *keymgmt = NULL;
@@ -328,7 +327,7 @@ int evp_keymgmt_gen_set_params(const EVP_KEYMGMT *keymgmt, void *genctx,
     return keymgmt->gen_set_params(genctx, params);
 }
 
-const OSSL_PARAM *evp_keymgmt_gen_settable_params(const EVP_KEYMGMT *keymgmt)
+const OSSL_PARAM *EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT *keymgmt)
 {
     void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
 
@@ -367,7 +366,7 @@ int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt, void *keydata,
     return keymgmt->get_params(keydata, params);
 }
 
-const OSSL_PARAM *evp_keymgmt_gettable_params(const EVP_KEYMGMT *keymgmt)
+const OSSL_PARAM *EVP_KEYMGMT_gettable_params(const EVP_KEYMGMT *keymgmt)
 {
     void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
 
@@ -384,7 +383,7 @@ int evp_keymgmt_set_params(const EVP_KEYMGMT *keymgmt, void *keydata,
     return keymgmt->set_params(keydata, params);
 }
 
-const OSSL_PARAM *evp_keymgmt_settable_params(const EVP_KEYMGMT *keymgmt)
+const OSSL_PARAM *EVP_KEYMGMT_settable_params(const EVP_KEYMGMT *keymgmt)
 {
     void *provctx = ossl_provider_ctx(EVP_KEYMGMT_provider(keymgmt));
 
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index b057669a2d..145c5286ce 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1883,7 +1883,7 @@ const OSSL_PARAM *EVP_PKEY_gettable_params(EVP_PKEY *pkey)
         || pkey->keymgmt == NULL
         || pkey->keydata == NULL)
         return 0;
-    return evp_keymgmt_gettable_params(pkey->keymgmt);
+    return EVP_KEYMGMT_gettable_params(pkey->keymgmt);
 }
 
 int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn)
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index ba85a8c143..fe2cc689f6 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -680,7 +680,7 @@ const OSSL_PARAM *EVP_PKEY_CTX_settable_params(EVP_PKEY_CTX *ctx)
     }
     if (EVP_PKEY_CTX_IS_GEN_OP(ctx)
             && ctx->keymgmt != NULL)
-        return evp_keymgmt_gen_settable_params(ctx->keymgmt);
+        return EVP_KEYMGMT_gen_settable_params(ctx->keymgmt);
 
     return NULL;
 }
diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index 03fd8582f8..67242f59be 100644
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -337,6 +337,28 @@ void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
         evp_names_do_all(signature->prov, signature->name_id, fn, data);
 }
 
+const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig)
+{
+    void *provctx;
+
+    if (sig == NULL || sig->gettable_ctx_params == NULL)
+        return NULL;
+
+    provctx = ossl_provider_ctx(EVP_SIGNATURE_provider(sig));
+    return sig->gettable_ctx_params(provctx);
+}
+
+const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig)
+{
+    void *provctx;
+
+    if (sig == NULL || sig->settable_ctx_params == NULL)
+        return NULL;
+
+    provctx = ossl_provider_ctx(EVP_SIGNATURE_provider(sig));
+    return sig->settable_ctx_params(provctx);
+}
+
 static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation)
 {
     int ret = 0;
diff --git a/doc/internal/man3/evp_keymgmt_newdata.pod b/doc/internal/man3/evp_keymgmt_newdata.pod
index 0f75e7936b..9b3f2c55f1 100644
--- a/doc/internal/man3/evp_keymgmt_newdata.pod
+++ b/doc/internal/man3/evp_keymgmt_newdata.pod
@@ -3,7 +3,7 @@
 =head1 NAME
 
 evp_keymgmt_newdata, evp_keymgmt_freedata,
-evp_keymgmt_get_params, evp_keymgmt_gettable_params,
+evp_keymgmt_get_params,
 evp_keymgmt_has, evp_keymgmt_validate,
 evp_keymgmt_import, evp_keymgmt_import_types,
 evp_keymgmt_export, evp_keymgmt_export_types
@@ -17,7 +17,6 @@ evp_keymgmt_export, evp_keymgmt_export_types
  void evp_keymgmt_freedata(const EVP_KEYMGMT *keymgmt, void *keyddata);
  int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt,
                             void *keydata, OSSL_PARAM params[]);
- const OSSL_PARAM *evp_keymgmt_gettable_params(const EVP_KEYMGMT *keymgmt);
 
  int evp_keymgmt_has(const EVP_KEYMGMT *keymgmt, void *keyddata, int selection);
  int evp_keymgmt_validate(const EVP_KEYMGMT *keymgmt, void *keydata,
@@ -50,9 +49,6 @@ evp_keymgmt_newdata() was chosen for consistency)
 
 evp_keymgmt_get_params() calls the method's get_params() function.
 
-evp_keymgmt_gettable_params() calls the method's gettable_params()
-function.
-
 evp_keymgmt_has() calls the method's has() function.
 
 evp_keymgmt_validate() calls the method's validate() function.
@@ -70,9 +66,9 @@ evp_keymgmt_export_types() calls the method's export_types() function.
 evp_keymgmt_newdata() returns a pointer to a provider side key object,
 or NULL on error.
 
-evp_keymgmt_gettable_params(), evp_keymgmt_import_types(), and
-evp_keymgmt_export_types() return parameter descriptor for importing
-and exporting key data, or NULL if there are no such descriptors.
+evp_keymgmt_import_types(), and evp_keymgmt_export_types() return a parameter
+descriptor for importing and exporting key data, or NULL if there are no such
+descriptors.
 
 All other functions return 1 on success and 0 on error.
 
diff --git a/doc/man3/EVP_KEYEXCH_free.pod b/doc/man3/EVP_KEYEXCH_free.pod
index deb9b9999b..1f5356b97a 100644
--- a/doc/man3/EVP_KEYEXCH_free.pod
+++ b/doc/man3/EVP_KEYEXCH_free.pod
@@ -4,7 +4,8 @@
 
 EVP_KEYEXCH_fetch, EVP_KEYEXCH_free, EVP_KEYEXCH_up_ref, EVP_KEYEXCH_provider,
 EVP_KEYEXCH_is_a, EVP_KEYEXCH_do_all_provided,
-EVP_KEYEXCH_number, EVP_KEYEXCH_names_do_all
+EVP_KEYEXCH_number, EVP_KEYEXCH_names_do_all,
+EVP_KEYEXCH_gettable_ctx_params, EVP_KEYEXCH_settable_ctx_params
 - Functions to manage EVP_KEYEXCH algorithm objects
 
 =head1 SYNOPSIS
@@ -24,6 +25,8 @@ EVP_KEYEXCH_number, EVP_KEYEXCH_names_do_all
  void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *exchange,
                                void (*fn)(const char *name, void *data),
                                void *data);
+ const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch);
+ const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch);
 
 =head1 DESCRIPTION
 
@@ -58,6 +61,11 @@ all activated providers in the library context I<libctx>, and for each
 of the implementations, calls I<fn> with the implementation method and
 I<data> as arguments.
 
+EVP_KEYEXCH_gettable_ctx_params() and EVP_KEYEXCH_settable_ctx_params() return
+a constant B<OSSL_PARAM> array that describes the names and types of key
+parameters that can be retrieved or set by a key exchange algorithm using
+L<EVP_PKEY_CTX_get_params(3)> and L<EVP_PKEY_CTX_set_params(3)>.
+
 =head1 RETURN VALUES
 
 EVP_KEYEXCH_fetch() returns a pointer to a B<EVP_KEYEXCH> for success
@@ -70,6 +78,9 @@ otherwise 0.
 
 EVP_KEYEXCH_number() returns an integer.
 
+EVP_KEYEXCH_gettable_ctx_params() and EVP_KEYEXCH_settable_ctx_params() return
+a constant B<OSSL_PARAM> array or NULL on error.
+
 =head1 SEE ALSO
 
 L<provider(7)/Fetching algorithms>, L<OSSL_PROVIDER(3)>
@@ -80,7 +91,7 @@ The functions described here were added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_KEYMGMT.pod b/doc/man3/EVP_KEYMGMT.pod
index 853a15f089..8e7afc6a22 100644
--- a/doc/man3/EVP_KEYMGMT.pod
+++ b/doc/man3/EVP_KEYMGMT.pod
@@ -10,7 +10,10 @@ EVP_KEYMGMT_provider,
 EVP_KEYMGMT_is_a,
 EVP_KEYMGMT_number,
 EVP_KEYMGMT_do_all_provided,
-EVP_KEYMGMT_names_do_all
+EVP_KEYMGMT_names_do_all,
+EVP_KEYMGMT_gettable_params,
+EVP_KEYMGMT_settable_params,
+EVP_KEYMGMT_gen_settable_params
 - EVP key management routines
 
 =head1 SYNOPSIS
@@ -32,6 +35,9 @@ EVP_KEYMGMT_names_do_all
  void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
                                void (*fn)(const char *name, void *data),
                                void *data);
+ const OSSL_PARAM *EVP_KEYMGMT_gettable_params(const EVP_KEYMGMT *keymgmt);
+ const OSSL_PARAM *EVP_KEYMGMT_settable_params(const EVP_KEYMGMT *keymgmt);
+ const OSSL_PARAM *EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT *keymgmt);
 
 =head1 DESCRIPTION
 
@@ -71,6 +77,16 @@ all activated providers in the library context I<libctx>, and for each
 of the implementations, calls I<fn> with the implementation method and
 I<data> as arguments.
 
+EVP_KEYMGMT_gettable_params() and EVP_KEYMGMT_settable_params() return a
+constant B<OSSL_PARAM> array that describes the names and types of key
+parameters that can be retrieved or set.
+EVP_KEYMGMT_gettable_params() is used by L<EVP_PKEY_gettable_params(3)>.
+See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as a parameter descriptor.
+
+EVP_KEYMGMT_gen_settable_params() returns a constant B<OSSL_PARAM> array that
+describes the names and types of key generation parameters that can be set via
+L<EVP_PKEY_CTX_set_params(3)>.
+
 =head1 NOTES
 
 EVP_KEYMGMT_fetch() may be called implicitly by other fetching
@@ -95,6 +111,10 @@ otherwise 0.
 
 EVP_KEYMGMT_number() returns an integer.
 
+EVP_KEYMGMT_gettable_params(), EVP_KEYMGMT_settable_params() and
+EVP_KEYMGMT_gen_settable_params() return a constant B<OSSL_PARAM> array or
+NULL on error.
+
 =head1 SEE ALSO
 
 L<EVP_MD_fetch(3)>, L<OPENSSL_CTX(3)>
@@ -105,7 +125,7 @@ The functions described here were added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/doc/man3/EVP_SIGNATURE_free.pod b/doc/man3/EVP_SIGNATURE_free.pod
index 70a0ee72dc..6c5724bf54 100644
--- a/doc/man3/EVP_SIGNATURE_free.pod
+++ b/doc/man3/EVP_SIGNATURE_free.pod
@@ -4,7 +4,8 @@
 
 EVP_SIGNATURE_fetch, EVP_SIGNATURE_free, EVP_SIGNATURE_up_ref,
 EVP_SIGNATURE_number, EVP_SIGNATURE_is_a, EVP_SIGNATURE_provider,
-EVP_SIGNATURE_do_all_provided, EVP_SIGNATURE_names_do_all
+EVP_SIGNATURE_do_all_provided, EVP_SIGNATURE_names_do_all,
+EVP_SIGNATURE_gettable_ctx_params, EVP_SIGNATURE_settable_ctx_params
 - Functions to manage EVP_SIGNATURE algorithm objects
 
 =head1 SYNOPSIS
@@ -25,6 +26,8 @@ EVP_SIGNATURE_do_all_provided, EVP_SIGNATURE_names_do_all
  void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
                                  void (*fn)(const char *name, void *data),
                                  void *data);
+ const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig);
+ const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig);
 
 =head1 DESCRIPTION
 
@@ -61,6 +64,11 @@ I<signature>.
 EVP_SIGNATURE_names_do_all() traverses all names for I<signature>, and calls
 I<fn> with each name and I<data>.
 
+EVP_SIGNATURE_gettable_ctx_params() and EVP_SIGNATURE_settable_ctx_params()
+return a constant B<OSSL_PARAM> array that describes the names and types of key
+parameters that can be retrieved or set by a signature algorithm using
+L<EVP_PKEY_CTX_get_params(3)> and L<EVP_PKEY_CTX_set_params(3)>.
+
 =head1 RETURN VALUES
 
 EVP_SIGNATURE_fetch() returns a pointer to an B<EVP_SIGNATURE> for success
@@ -68,6 +76,9 @@ or B<NULL> for failure.
 
 EVP_SIGNATURE_up_ref() returns 1 for success or 0 otherwise.
 
+EVP_SIGNATURE_gettable_ctx_params() and EVP_SIGNATURE_settable_ctx_params()
+return a constant B<OSSL_PARAM> array or NULL on error.
+
 =head1 SEE ALSO
 
 L<provider(7)/Fetching algorithms>, L<OSSL_PROVIDER(3)>
@@ -78,7 +89,7 @@ The functions described here were added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 07f7ee15ea..f170e59324 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -694,18 +694,13 @@ void *evp_keymgmt_newdata(const EVP_KEYMGMT *keymgmt);
 void evp_keymgmt_freedata(const EVP_KEYMGMT *keymgmt, void *keyddata);
 int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt,
                            void *keydata, OSSL_PARAM params[]);
-const OSSL_PARAM *evp_keymgmt_gettable_params(const EVP_KEYMGMT *keymgmt);
 int evp_keymgmt_set_params(const EVP_KEYMGMT *keymgmt,
                            void *keydata, const OSSL_PARAM params[]);
-const OSSL_PARAM *evp_keymgmt_settable_params(const EVP_KEYMGMT *keymgmt);
-
 void *evp_keymgmt_gen_init(const EVP_KEYMGMT *keymgmt, int selection);
 int evp_keymgmt_gen_set_template(const EVP_KEYMGMT *keymgmt, void *genctx,
                                  void *template);
 int evp_keymgmt_gen_set_params(const EVP_KEYMGMT *keymgmt, void *genctx,
                                const OSSL_PARAM params[]);
-const OSSL_PARAM *
-evp_keymgmt_gen_settable_params(const EVP_KEYMGMT *keymgmt);
 void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx,
                       OSSL_CALLBACK *cb, void *cbarg);
 void evp_keymgmt_gen_cleanup(const EVP_KEYMGMT *keymgmt, void *genctx);
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 76e5565f36..189112efaa 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1588,6 +1588,9 @@ void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx,
 void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
                               void (*fn)(const char *name, void *data),
                               void *data);
+const OSSL_PARAM *EVP_KEYMGMT_gettable_params(const EVP_KEYMGMT *keymgmt);
+const OSSL_PARAM *EVP_KEYMGMT_settable_params(const EVP_KEYMGMT *keymgmt);
+const OSSL_PARAM *EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT *keymgmt);
 
 EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
 EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
@@ -1667,6 +1670,8 @@ void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx,
 void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
                                 void (*fn)(const char *name, void *data),
                                 void *data);
+const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig);
+const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig);
 
 void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher);
 int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher);
@@ -1939,6 +1944,8 @@ void EVP_KEYEXCH_do_all_provided(OPENSSL_CTX *libctx,
 void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch,
                               void (*fn)(const char *name, void *data),
                               void *data);
+const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch);
+const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch);
 
 void EVP_add_alg_module(void);
 
diff --git a/util/libcrypto.num b/util/libcrypto.num
index d5f7d9826c..2a573cae7a 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5252,3 +5252,10 @@ EVP_PKEY_CTX_set0_dh_kdf_ukm            ?	3_0_0	EXIST::FUNCTION:DH
 EVP_PKEY_CTX_get0_dh_kdf_ukm            ?	3_0_0	EXIST::FUNCTION:DH
 EVP_CIPHER_CTX_get_iv_state             ?	3_0_0	EXIST::FUNCTION:
 EVP_CIPHER_CTX_get_iv                   ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYMGMT_gettable_params             ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYMGMT_settable_params             ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYMGMT_gen_settable_params         ?	3_0_0	EXIST::FUNCTION:
+EVP_SIGNATURE_gettable_ctx_params       ?	3_0_0	EXIST::FUNCTION:
+EVP_SIGNATURE_settable_ctx_params       ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYEXCH_gettable_ctx_params         ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYEXCH_settable_ctx_params         ?	3_0_0	EXIST::FUNCTION:


More information about the openssl-commits mailing list