signature: SIGNATURE library <-> provider functions

tgonzalezorlandoarm · tgonzalezorlandoarm · commit 1e74e542ab57 · 2024-04-09T16:04:45.000+01:00
Start implemententing the signature functions:

 * Implement OSSL_FUNC_signature_newctx, returning a dummy signature
   context.
   Right now, we are not using the properties parameter.
 * Implement OSSL_FUNC_signature_freectx, that frees the signature
   context.

Signed-off-by: Tomás González &lt;tomasagustin.gonzalezorlando@arm.com&gt;
diff --git a/parsec-openssl-provider/src/keymgmt/mod.rs b/parsec-openssl-provider/src/keymgmt/mod.rs
@@ -15,12 +15,12 @@ use parsec_openssl2::types::VOID_PTR;
 use parsec_openssl2::*;
 use std::sync::{Arc, Mutex};
 
-struct ParsecProviderKeyObject {
+pub struct ParsecProviderKeyObject {
     _provctx: Arc<ParsecProviderContext>,
     key_name: Mutex<Option<String>>,
 }
 
-fn kmgmt_keyobj_new(provctx: Arc<ParsecProviderContext>) -> Arc<ParsecProviderKeyObject> {
+pub fn kmgmt_keyobj_new(provctx: Arc<ParsecProviderContext>) -> Arc<ParsecProviderKeyObject> {
     Arc::new(ParsecProviderKeyObject {
         _provctx: provctx.clone(),
         key_name: None.into(),
diff --git a/parsec-openssl-provider/src/signature/mod.rs b/parsec-openssl-provider/src/signature/mod.rs
@@ -1,16 +1,82 @@
 // Copyright 2024 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
 
-use crate::openssl_bindings::OSSL_ALGORITHM;
-use crate::OSSL_DISPATCH;
+use crate::keymgmt::{kmgmt_keyobj_new, ParsecProviderKeyObject};
+use crate::openssl_bindings::{
+    OSSL_ALGORITHM, OSSL_DISPATCH, OSSL_FUNC_SIGNATURE_FREECTX, OSSL_FUNC_SIGNATURE_NEWCTX,
+};
+use crate::ParsecProviderContext;
 use crate::{
     PARSEC_PROVIDER_DESCRIPTION_ECDSA, PARSEC_PROVIDER_DESCRIPTION_RSA,
     PARSEC_PROVIDER_DFLT_PROPERTIES, PARSEC_PROVIDER_ECDSA_NAME, PARSEC_PROVIDER_RSA_NAME,
 };
+use parsec_openssl2::types::VOID_PTR;
 use parsec_openssl2::*;
 
-const PARSEC_PROVIDER_RSA_SIGN_IMPL: [OSSL_DISPATCH; 1] = [ossl_dispatch!()];
+use std::sync::Arc;
+
+struct ParsecProviderSignatureContext {
+    _keyobj: Arc<ParsecProviderKeyObject>,
+}
+
+fn kmgmt_signaturecontext_new(
+    provctx: Arc<ParsecProviderContext>,
+) -> Arc<ParsecProviderSignatureContext> {
+    Arc::new(ParsecProviderSignatureContext {
+        _keyobj: kmgmt_keyobj_new(provctx),
+    })
+}
+
+/*
+Should create and return a pointer to a provider side structure for holding context information during a
+signature operation. A pointer to this context will be passed back in a number of the other signature operation
+function calls.
+The parameter provctx is the provider context generated during provider initialisation.
+The propq parameter is a property query string that may be (optionally) used by the provider during any "fetches" that
+it may perform (if it performs any).
+*/
+pub unsafe extern "C" fn parsec_provider_signature_newctx(
+    provctx: VOID_PTR,
+    propq: *const std::os::raw::c_char,
+) -> VOID_PTR {
+    if provctx.is_null() || propq.is_null() {
+        return std::ptr::null_mut();
+    }
+
+    let ctx = provctx as *const ParsecProviderContext;
+    Arc::increment_strong_count(ctx);
+    let context = Arc::from_raw(ctx);
+
+    Arc::into_raw(kmgmt_signaturecontext_new(context)) as VOID_PTR
+}
+
+// should free any resources associated with the provider side signature context
+pub unsafe extern "C" fn parsec_provider_signature_freectx(ctx: VOID_PTR) {
+    if ctx.is_null() {
+        return;
+    }
+
+    let ctx_ptr = ctx as *const ParsecProviderSignatureContext;
+    let arc_ctx = Arc::from_raw(ctx_ptr);
+    // A strong_count of 1 should be guaranteed by OPENSSL, as it doesn't make sense to be calling
+    // free when you are still using the ctx.
+    assert_eq!(1, Arc::strong_count(&arc_ctx));
+    // When arc_ctx is dropped, the reference count is decremented and the memory is freed
+}
+
+pub type SignatureNewCtxPtr =
+    unsafe extern "C" fn(VOID_PTR, *const std::os::raw::c_char) -> VOID_PTR;
+pub type SignatureFreeCtxPtr = unsafe extern "C" fn(VOID_PTR);
+
+const OSSL_FUNC_SIGNATURE_NEWCTX_PTR: SignatureNewCtxPtr = parsec_provider_signature_newctx;
+const OSSL_FUNC_SIGNATURE_FREECTX_PTR: SignatureFreeCtxPtr = parsec_provider_signature_freectx;
+
 const PARSEC_PROVIDER_ECDSA_SIGN_IMPL: [OSSL_DISPATCH; 1] = [ossl_dispatch!()];
+const PARSEC_PROVIDER_RSA_SIGN_IMPL: [OSSL_DISPATCH; 3] = [
+    unsafe { ossl_dispatch!(OSSL_FUNC_SIGNATURE_NEWCTX, OSSL_FUNC_SIGNATURE_NEWCTX_PTR) },
+    unsafe { ossl_dispatch!(OSSL_FUNC_SIGNATURE_FREECTX, OSSL_FUNC_SIGNATURE_FREECTX_PTR) },
+    ossl_dispatch!(),
+];
 
 pub const PARSEC_PROVIDER_SIGNATURE: [OSSL_ALGORITHM; 3] = [
     ossl_algorithm!(
