Move discovery of the legacy alg type into the keymgmt

During creation of the EVP_PKEY_CTX we were trying to discover what legacy alg it corresponds to every time which was slow. Instead we move this into the construction of the EVP_KEYMGMT. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23265)
2024-01-11 15:52:35 +00:00 · 2024-01-11 15:52:35 +00:00 · 8aa3781bfc
parent 575117efe1
commit 8aa3781bfc
4 changed files with 33 additions and 19 deletions
--- a/crypto/evp/evp_local.h
+++ b/crypto/evp/evp_local.h
@ -95,6 +95,8 @@ struct evp_keymgmt_st {
    int id;                      /* libcrypto internal */

    int name_id;
+    /* NID for the legacy alg if there is one */
+    int legacy_alg;
    char *type_name;
    const char *description;
    OSSL_PROVIDER *prov;
--- a/crypto/evp/keymgmt_meth.c
+++ b/crypto/evp/keymgmt_meth.c
@ -30,6 +30,26 @@ static void *keymgmt_new(void)
    return keymgmt;
 }

+#ifndef FIPS_MODULE
+static void help_get_legacy_alg_type_from_keymgmt(const char *keytype,
+                                                  void *arg)
+{
+    int *type = arg;
+
+    if (*type == NID_undef)
+        *type = evp_pkey_name2type(keytype);
+}
+
+static int get_legacy_alg_type_from_keymgmt(const EVP_KEYMGMT *keymgmt)
+{
+    int type = NID_undef;
+
+    EVP_KEYMGMT_names_do_all(keymgmt, help_get_legacy_alg_type_from_keymgmt,
+                             &type);
+    return type;
+}
+#endif
+
 static void *keymgmt_from_algorithm(int name_id,
                                    const OSSL_ALGORITHM *algodef,
                                    OSSL_PROVIDER *prov)
@ -218,6 +238,10 @@ static void *keymgmt_from_algorithm(int name_id,
    if (prov != NULL)
        ossl_provider_up_ref(prov);

+#ifndef FIPS_MODULE
+    keymgmt->legacy_alg = get_legacy_alg_type_from_keymgmt(keymgmt);
+#endif
+
    return keymgmt;
 }

@ -275,6 +299,11 @@ int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt)
    return keymgmt->name_id;
 }

+int evp_keymgmt_get_legacy_alg(const EVP_KEYMGMT *keymgmt)
+{
+    return keymgmt->legacy_alg;
+}
+
 const char *EVP_KEYMGMT_get0_description(const EVP_KEYMGMT *keymgmt)
 {
    return keymgmt->description;
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@ -133,24 +133,6 @@ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
    pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
    return pmeth;
 }
-
-static void help_get_legacy_alg_type_from_keymgmt(const char *keytype,
-                                                  void *arg)
-{
-    int *type = arg;
-
-    if (*type == NID_undef)
-        *type = evp_pkey_name2type(keytype);
-}
-
-static int get_legacy_alg_type_from_keymgmt(const EVP_KEYMGMT *keymgmt)
-{
-    int type = NID_undef;
-
-    EVP_KEYMGMT_names_do_all(keymgmt, help_get_legacy_alg_type_from_keymgmt,
-                             &type);
-    return type;
-}
 #endif /* FIPS_MODULE */

 int evp_pkey_ctx_state(const EVP_PKEY_CTX *ctx)
@ -288,7 +270,7 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx,
         * directly.
         */
        if (keymgmt != NULL) {
-            int tmp_id = get_legacy_alg_type_from_keymgmt(keymgmt);
+            int tmp_id = evp_keymgmt_get_legacy_alg(keymgmt);

            if (tmp_id != NID_undef) {
                if (id == -1) {
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@ -951,6 +951,7 @@ int evp_kdf_get_number(const EVP_KDF *kdf);
 int evp_kem_get_number(const EVP_KEM *wrap);
 int evp_keyexch_get_number(const EVP_KEYEXCH *keyexch);
 int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt);
+int evp_keymgmt_get_legacy_alg(const EVP_KEYMGMT *keymgmt);
 int evp_mac_get_number(const EVP_MAC *mac);
 int evp_md_get_number(const EVP_MD *md);
 int evp_rand_get_number(const EVP_RAND *rand);