added PQDSA assign

aws · Nov 7, 2024 · 8d6ff48 · 8d6ff48
1 parent 7e524df
commit 8d6ff48
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 12 deletions.
diff --git a/crypto/dilithium/p_dilithium3.c b/crypto/dilithium/p_dilithium3.c
@@ -106,12 +106,10 @@ static int pkey_pqdsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) {
   if (key == NULL ||
       !PQDSA_KEY_init(key, pqdsa) ||
       !pqdsa->method->keygen(key->public_key, key->secret_key) ||
-      !EVP_PKEY_set_type(pkey, EVP_PKEY_PQDSA)) {
+      !EVP_PKEY_assign_PQDSA_KEY(pkey, key)) {
     PQDSA_KEY_free(key);
     return 0;
       }
-
-  pkey->pkey.pqdsa_key = key;
   return 1;
 }
 

diff --git a/crypto/evp_extra/internal.h b/crypto/evp_extra/internal.h
@@ -19,15 +19,6 @@ typedef struct {
   char has_private;
 } X25519_KEY;
 
-#ifdef ENABLE_DILITHIUM
-
-typedef struct {
-  uint8_t *pub;
-  uint8_t *priv;
-} DILITHIUM3_KEY;
-
-#endif
-
 extern const size_t asn1_evp_pkey_methods_size;
 extern const EVP_PKEY_ASN1_METHOD *const asn1_evp_pkey_methods[];
 extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth;

diff --git a/crypto/fipsmodule/evp/evp.c b/crypto/fipsmodule/evp/evp.c
@@ -422,6 +422,17 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(const EVP_PKEY *pkey) {
   return ec_key;
 }
 
+#ifdef ENABLE_DILITHIUM
+int EVP_PKEY_assign_PQDSA_KEY(EVP_PKEY *pkey, PQDSA_KEY *key) {
+  SET_DIT_AUTO_RESET;
+  const EVP_PKEY_ASN1_METHOD *meth = evp_pkey_asn1_find(EVP_PKEY_PQDSA);
+  assert(meth != NULL);
+  evp_pkey_set_method(pkey, meth);
+  pkey->pkey.ptr = key;
+  return key != NULL;
+}
+#endif
+
 int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) {
   // This function can only be used to assign RSA, DSA, EC, and DH keys. Other
   // key types have internal representations which are not exposed through the
@@ -436,6 +447,10 @@ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) {
       return EVP_PKEY_assign_EC_KEY(pkey, key);
     case EVP_PKEY_DH:
       return EVP_PKEY_assign_DH(pkey, key);
+#ifdef ENABLE_DILITHIUM
+    case EVP_PKEY_PQDSA:
+      return EVP_PKEY_assign_PQDSA_KEY(pkey, key);
+#endif
     default:
       if (!EVP_PKEY_set_type(pkey, type)) {
         return 0;

diff --git a/include/openssl/evp.h b/include/openssl/evp.h
@@ -181,6 +181,8 @@ OPENSSL_EXPORT int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
 OPENSSL_EXPORT DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey);
 OPENSSL_EXPORT DH *EVP_PKEY_get1_DH(const EVP_PKEY *pkey);
 
+OPENSSL_EXPORT int EVP_PKEY_assign_PQDSA_KEY(EVP_PKEY *pkey, PQDSA_KEY *key);
+
 // EVP_PKEY_CTX_set_dh_paramgen_prime_len sets the length of the DH prime
 // parameter p for DH parameter generation. If this function is not called,
 // the default length of 2048 is used. |pbits| must be greater than or equal