keymgmt: KEYMGMT library <-> provider functions

Start implemententing the keymgmt functions:

 * parsec_provider_query now returns the function table for
   OSSL_OP_KEYMGMT
 * Implement OSSL_FUNC_keymgmt_new, returning a dummy Key Object.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>

Author: tgonzalezorlandoarm

parsec-openssl-provider/src/keymgmt/mod.rs

@@ -0,0 +1,53 @@
+// Copyright 2024 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+
+use crate::openssl_binding::{OSSL_ALGORITHM, OSSL_DISPATCH, OSSL_FUNC_KEYMGMT_NEW};
+use crate::ParsecProviderContext;
+use parsec_openssl2::types::VOID_PTR;
+use parsec_openssl2::*;
+use std::sync::{Arc, Mutex};
+
+// Parameter names that Providers can define
+const PARSEC_PROVIDER_RSA_NAME: &[u8; 4] = b"RSA\0";
+const PARSEC_PROVIDER_DESCRIPTION_RSA: &[u8; 11] = b"Parsec RSA\0";
+const PARSEC_PROVIDER_DFLT_PROPERTIES: &[u8; 16] = b"provider=parsec\0";
+
+struct ParsecProviderKeyObject {
+    _provctx: Arc<ParsecProviderContext>,
+    key_name: Mutex<Option<String>>,
+}
+
+fn kmgmt_keyobj_new(provctx: Arc<ParsecProviderContext>) -> Arc<ParsecProviderKeyObject> {
+    Arc::new(ParsecProviderKeyObject {
+        _provctx: provctx.clone(),
+        key_name: None.into(),
+    })
+}
+
+/*
+should create a provider side key object. The provider context provctx is passed and may be incorporated
+in the key object, but that is not mandatory.
+*/
+pub unsafe extern "C" fn parsec_provider_kmgmt_new(provctx: VOID_PTR) -> VOID_PTR {
+    if provctx.is_null() {
+        return std::ptr::null_mut();
+    }
+    let ctx = provctx as *const ParsecProviderContext;
+    Arc::increment_strong_count(ctx);
+    let context = Arc::from_raw(ctx);
+
+    Arc::into_raw(kmgmt_keyobj_new(context)) as VOID_PTR
+}
+
+pub type KeyMgmtNewPtr = unsafe extern "C" fn(VOID_PTR) -> VOID_PTR;
+const OSSL_FUNC_KEYMGMT_NEW_PTR: KeyMgmtNewPtr = parsec_provider_kmgmt_new;
+
+const PARSEC_PROVIDER_RSA_KEYMGMT_IMPL: [OSSL_DISPATCH; 1] =
+    [unsafe { ossl_dispatch!(OSSL_FUNC_KEYMGMT_NEW, OSSL_FUNC_KEYMGMT_NEW_PTR) }];
+
+pub const PARSEC_PROVIDER_KEYMGMT: [OSSL_ALGORITHM; 1] = [ossl_algorithm!(
+    PARSEC_PROVIDER_RSA_NAME,
+    PARSEC_PROVIDER_DFLT_PROPERTIES,
+    PARSEC_PROVIDER_RSA_KEYMGMT_IMPL,
+    PARSEC_PROVIDER_DESCRIPTION_RSA
+)];

parsec-openssl-provider/src/lib.rs

@@ -2,7 +2,6 @@
 // SPDX-License-Identifier: Apache-2.0
 #![allow(clippy::missing_safety_doc)]
 
-use std::mem;
 use std::sync::Arc;
 
 pub use openssl_errors;
@@ -16,6 +15,7 @@ use parsec_openssl2::openssl::error::ErrorStack;
 use parsec_openssl2::types::VOID_PTR;
 use parsec_openssl2::{openssl_binding, types};
 
+mod keymgmt;
 mod provider;
 use provider::*;
 

parsec-openssl-provider/src/provider.rs

@@ -1,6 +1,7 @@
 // Copyright 2023 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
 
+use crate::keymgmt::PARSEC_PROVIDER_KEYMGMT;
 use parsec_openssl2::{
     locate_and_set_provider_status_param, locate_and_set_utf8_param, ossl_param, OPENSSL_ERROR,
     OPENSSL_SUCCESS, OSSL_PROVIDER,
@@ -11,8 +12,9 @@ use parsec_client::BasicClient;
 use std::sync::Arc;
 
 use crate::openssl_binding::{
-    OSSL_ALGORITHM, OSSL_PARAM, OSSL_PARAM_INTEGER, OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_BUILDINFO,
-    OSSL_PROV_PARAM_NAME, OSSL_PROV_PARAM_STATUS, OSSL_PROV_PARAM_VERSION,
+    OSSL_ALGORITHM, OSSL_OP_KEYMGMT, OSSL_PARAM, OSSL_PARAM_INTEGER, OSSL_PARAM_UTF8_PTR,
+    OSSL_PROV_PARAM_BUILDINFO, OSSL_PROV_PARAM_NAME, OSSL_PROV_PARAM_STATUS,
+    OSSL_PROV_PARAM_VERSION,
 };
 
 // Parsec provider parameters
@@ -33,7 +35,7 @@ const PARSEC_PROVIDER_PARAM_TYPES: [OSSL_PARAM; 5] = [
 ];
 
 pub struct ParsecProviderContext {
-    client: BasicClient,
+    pub client: BasicClient,
 }
 
 impl ParsecProviderContext {
@@ -101,11 +103,15 @@ pub type ProviderTeardownPtr = unsafe extern "C" fn(provctx: *const OSSL_PROVIDE
 // The null provider implementation currently doesn't supply any algorithms to the core
 pub unsafe extern "C" fn parsec_provider_query(
     _prov: *mut OSSL_PROVIDER,
-    _operation_id: ::std::os::raw::c_int,
+    operation_id: ::std::os::raw::c_int,
     no_cache: *mut ::std::os::raw::c_int,
 ) -> *const OSSL_ALGORITHM {
     *no_cache = 0;
-    std::ptr::null_mut()
+
+    match operation_id as u32 {
+        OSSL_OP_KEYMGMT => PARSEC_PROVIDER_KEYMGMT.as_ptr(),
+        _ => std::ptr::null_mut(),
+    }
 }
 
 // Teardowns the Provider context

parsec-openssl2/src/lib.rs

@@ -8,6 +8,7 @@ pub mod types;
 
 pub use openssl;
 pub use openssl2::*;
+pub type Openssl2Error = openssl2::Error;
 
 // OpenSSL expects an integer return value of 1 and 0 for success and error
 pub const OPENSSL_SUCCESS: std::os::raw::c_int = 1;