parallaxsecond · gowthamsk-arm · Apr 15, 2024 · Apr 12, 2024 · Apr 15, 2024
diff --git a/parsec-openssl-provider-shared/e2e_tests/src/lib.rs b/parsec-openssl-provider-shared/e2e_tests/src/lib.rs
@@ -7,11 +7,7 @@ pub use foreign_types_shared::ForeignType;
 pub use parsec_openssl_provider::parsec_openssl2::openssl::{lib_ctx::LibCtx, provider::Provider};
 pub use parsec_openssl_provider::parsec_openssl2::openssl_bindings::*;
 use parsec_openssl_provider::parsec_openssl2::openssl_returns_1;
-
-// These needs to be replaced with consts from the key management module
-pub const PARSEC_PROVIDER_RSA: &[u8; 4] = b"RSA\0";
-pub const PARSEC_PROVIDER_ECDSA: &[u8; 6] = b"ECDSA\0";
-pub const PARSEC_PROVIDER_PROPERTY: &[u8; 16] = b"provider=parsec\0";
+use parsec_openssl_provider::PARSEC_PROVIDER_DFLT_PROPERTIES;
 
 // Loads a provider into the given library context
 pub fn load_provider(lib_ctx: &LibCtx, provider_name: &str, provider_path: String) -> Provider {
@@ -30,7 +26,7 @@ pub unsafe fn load_key(
     let evp_ctx: *mut EVP_PKEY_CTX = EVP_PKEY_CTX_new_from_name(
         lib_ctx.as_ptr() as *mut ossl_lib_ctx_st,
         key_type.as_ptr() as *const ::std::os::raw::c_char,
-        PARSEC_PROVIDER_PROPERTY.as_ptr() as *const ::std::os::raw::c_char,
+        PARSEC_PROVIDER_DFLT_PROPERTIES.as_ptr() as *const ::std::os::raw::c_char,
     );
     assert_ne!(evp_ctx, std::ptr::null_mut());
     openssl_returns_1(EVP_PKEY_fromdata_init(evp_ctx)).unwrap();

diff --git a/parsec-openssl-provider-shared/e2e_tests/tests/keys.rs b/parsec-openssl-provider-shared/e2e_tests/tests/keys.rs
@@ -3,7 +3,9 @@
 
 use e2e_tests::*;
 use parsec_openssl_provider::parsec_openssl2::ossl_param;
-use parsec_openssl_provider::PARSEC_PROVIDER_KEY_NAME;
+use parsec_openssl_provider::{
+    PARSEC_PROVIDER_ECDSA_NAME, PARSEC_PROVIDER_KEY_NAME, PARSEC_PROVIDER_RSA_NAME,
+};
 
 // Loads RSA key from the provider
 #[test]
@@ -19,7 +21,12 @@ fn test_loading_rsa_key() {
     let mut param = ossl_param!(PARSEC_PROVIDER_KEY_NAME, OSSL_PARAM_UTF8_PTR, key_name);
     unsafe {
         let mut parsec_pkey: *mut EVP_PKEY = std::ptr::null_mut();
-        load_key(&lib_ctx, &mut param, &mut parsec_pkey, PARSEC_PROVIDER_RSA);
+        load_key(
+            &lib_ctx,
+            &mut param,
+            &mut parsec_pkey,
+            PARSEC_PROVIDER_RSA_NAME,
+        );
 
         EVP_PKEY_free(parsec_pkey);
     }
@@ -43,7 +50,7 @@ fn test_loading_ecdsa_key() {
             &lib_ctx,
             &mut param,
             &mut parsec_pkey,
-            PARSEC_PROVIDER_ECDSA,
+            PARSEC_PROVIDER_ECDSA_NAME,
         );
 
         EVP_PKEY_free(parsec_pkey);

diff --git a/parsec-openssl-provider-shared/e2e_tests/tests/sign.rs b/parsec-openssl-provider-shared/e2e_tests/tests/sign.rs
@@ -6,7 +6,10 @@ use parsec_client::core::basic_client::BasicClient;
 use parsec_client::core::interface::operations::psa_algorithm::{AsymmetricSignature, Hash};
 use parsec_openssl_provider::parsec_openssl2::ossl_param;
 use parsec_openssl_provider::parsec_openssl2::{openssl_returns_1, Openssl2Error};
-use parsec_openssl_provider::PARSEC_PROVIDER_KEY_NAME;
+use parsec_openssl_provider::{
+    PARSEC_PROVIDER_DFLT_PROPERTIES, PARSEC_PROVIDER_ECDSA_NAME, PARSEC_PROVIDER_KEY_NAME,
+    PARSEC_PROVIDER_RSA_NAME,
+};
 use sha2::{Digest, Sha256};
 
 // Signs a digest using Parsec Provider and verifies the signature using the
@@ -37,7 +40,7 @@ fn sign_verify(
         let evp_ctx: *mut EVP_PKEY_CTX = EVP_PKEY_CTX_new_from_pkey(
             lib_ctx.as_ptr() as *mut ossl_lib_ctx_st,
             parsec_pkey,
-            PARSEC_PROVIDER_PROPERTY.as_ptr() as *const ::std::os::raw::c_char,
+            PARSEC_PROVIDER_DFLT_PROPERTIES.as_ptr() as *const ::std::os::raw::c_char,
         );
 
         let mut sign_len = signature.len();
@@ -76,7 +79,12 @@ fn test_signing_ecdsa() {
         hash_alg: Hash::Sha256.into(),
     };
 
-    let _ = sign_verify(&key_name, &mut signature, sign_alg, PARSEC_PROVIDER_ECDSA);
+    let _ = sign_verify(
+        &key_name,
+        &mut signature,
+        sign_alg,
+        PARSEC_PROVIDER_ECDSA_NAME,
+    );
 }
 
 #[ignore]
@@ -91,5 +99,10 @@ fn test_signing_rsa() {
         hash_alg: Hash::Sha256.into(),
     };
 
-    let _ = sign_verify(&key_name, &mut signature, sign_alg, PARSEC_PROVIDER_RSA);
+    let _ = sign_verify(
+        &key_name,
+        &mut signature,
+        sign_alg,
+        PARSEC_PROVIDER_RSA_NAME,
+    );
 }
diff --git a/parsec-openssl-provider/src/keymgmt/mod.rs b/parsec-openssl-provider/src/keymgmt/mod.rs
@@ -9,8 +9,9 @@ use crate::openssl_bindings::{
     OSSL_PARAM, OSSL_PARAM_UTF8_PTR,
 };
 use crate::{
-    ParsecProviderContext, PARSEC_PROVIDER_DESCRIPTION_RSA, PARSEC_PROVIDER_DFLT_PROPERTIES,
-    PARSEC_PROVIDER_KEY_NAME, PARSEC_PROVIDER_RSA_NAME,
+    ParsecProviderContext, PARSEC_PROVIDER_DESCRIPTION_ECDSA, PARSEC_PROVIDER_DESCRIPTION_RSA,
+    PARSEC_PROVIDER_DFLT_PROPERTIES, PARSEC_PROVIDER_ECDSA_NAME, PARSEC_PROVIDER_KEY_NAME,
+    PARSEC_PROVIDER_RSA_NAME,
 };
 use parsec_openssl2::types::VOID_PTR;
 use parsec_openssl2::*;
@@ -368,7 +369,7 @@ const OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS_PTR: KeyMgmtSettableParamsPtr =
 const OSSL_FUNC_KEYMGMT_VALIDATE_PTR: KeyMgmtValidatePtr = parsec_provider_kmgmt_validate;
 const OSSL_FUNC_KEYMGMT_MATCH_PTR: KeyMgmtMatchPtr = parsec_provider_kmgmt_match;
 
-const PARSEC_PROVIDER_RSA_KEYMGMT_IMPL: [OSSL_DISPATCH; 11] = [
+const PARSEC_PROVIDER_KEYMGMT_IMPL: [OSSL_DISPATCH; 11] = [
     unsafe { ossl_dispatch!(OSSL_FUNC_KEYMGMT_DUP, OSSL_FUNC_KEYMGMT_DUP_PTR) },
     unsafe { ossl_dispatch!(OSSL_FUNC_KEYMGMT_NEW, OSSL_FUNC_KEYMGMT_NEW_PTR) },
     unsafe { ossl_dispatch!(OSSL_FUNC_KEYMGMT_FREE, OSSL_FUNC_KEYMGMT_FREE_PTR) },
@@ -397,11 +398,17 @@ const PARSEC_PROVIDER_RSA_KEYMGMT_IMPL: [OSSL_DISPATCH; 11] = [
     ossl_dispatch!(),
 ];
 
-pub const PARSEC_PROVIDER_KEYMGMT: [OSSL_ALGORITHM; 2] = [
+pub const PARSEC_PROVIDER_KEYMGMT: [OSSL_ALGORITHM; 3] = [
+    ossl_algorithm!(
+        PARSEC_PROVIDER_ECDSA_NAME,
+        PARSEC_PROVIDER_DFLT_PROPERTIES,
+        PARSEC_PROVIDER_KEYMGMT_IMPL,
+        PARSEC_PROVIDER_DESCRIPTION_ECDSA
+    ),
     ossl_algorithm!(
         PARSEC_PROVIDER_RSA_NAME,
         PARSEC_PROVIDER_DFLT_PROPERTIES,
-        PARSEC_PROVIDER_RSA_KEYMGMT_IMPL,
+        PARSEC_PROVIDER_KEYMGMT_IMPL,
         PARSEC_PROVIDER_DESCRIPTION_RSA
     ),
     ossl_algorithm!(),
@@ -509,7 +516,7 @@ fn test_kmgmt_validate() {
     assert_eq!(result, OPENSSL_ERROR);
 
     // Check that validate succeeds with "good" data
-    let my_key_name = "PARSEC_TEST_RSA_KEY".to_string();
+    let my_key_name = "PARSEC_TEST_ECDSA_KEY".to_string();
     let mut params = [
         ossl_param!(PARSEC_PROVIDER_KEY_NAME, OSSL_PARAM_UTF8_PTR, my_key_name),
         ossl_param!(),

diff --git a/parsec-openssl-provider/src/lib.rs b/parsec-openssl-provider/src/lib.rs
@@ -26,11 +26,11 @@ mod catch;
 use catch::r#catch;
 
 // Parameter names that Providers can define
-const PARSEC_PROVIDER_RSA_NAME: &[u8; 4] = b"RSA\0";
-const PARSEC_PROVIDER_ECDSA_NAME: &[u8; 6] = b"ECDSA\0";
+pub const PARSEC_PROVIDER_RSA_NAME: &[u8; 39] = b"RSA:rsaEncryption:1.2.840.113549.1.1.1\0";
+pub const PARSEC_PROVIDER_ECDSA_NAME: &[u8; 36] = b"EC:id-ecPublicKey:1.2.840.10045.2.1\0";
 const PARSEC_PROVIDER_DESCRIPTION_RSA: &[u8; 11] = b"Parsec RSA\0";
 const PARSEC_PROVIDER_DESCRIPTION_ECDSA: &[u8; 13] = b"Parsec ECDSA\0";
-const PARSEC_PROVIDER_DFLT_PROPERTIES: &[u8; 16] = b"provider=parsec\0";
+pub const PARSEC_PROVIDER_DFLT_PROPERTIES: &[u8; 16] = b"provider=parsec\0";
 pub const PARSEC_PROVIDER_KEY_NAME: &[u8; 25] = b"parsec_provider_key_name\0";
 
 // The init function populates the dispatch table and returns a void pointer