Add support for EVP_PKEY_CTX_ctrl_str - Step #1 (aws#1842)

### Description of changes: 
* This is a starting point for implementing the functionality of
`EVP_PKEY_CTX_ctrl_str` for each of the `EVP_PKEY` types.
* Adds `OPENSSL_hexstr2buf` which will be needed to parse the
HEX-strings that may be passed to `EVP_PKEY_CTX_ctrl_str`

### Testing:
* Added test for `OPENSSL_hexstr2buf`

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license and the ISC license.

crypto/crypto_test.cc

@@ -73,6 +73,33 @@ TEST(CryptoTest, Strndup) {
   EXPECT_STREQ("", str.get());
 }
 
+TEST(CryptoTest, OPENSSL_hexstr2buf) {
+  const char *test_cases[][2] = {{"a2", "\xa2"},
+                                 {"a213", "\xa2\x13"},
+                                 {"ffeedd", "\xff\xee\xdd"},
+                                 {"10aab1c2", "\x10\xaa\xb1\xc2"}};
+
+  for (auto test_case : test_cases) {
+    const char *test_value = test_case[0];
+    const char *expected_answer = test_case[1];
+    size_t actual_answer_len = 0;
+    // The longest test case we have is currently 4 bytes long
+    size_t expected_answer_len = OPENSSL_strnlen(test_case[1], 5);
+    unsigned char *buf = OPENSSL_hexstr2buf(test_value, &actual_answer_len);
+    ASSERT_TRUE(buf != nullptr);
+    EXPECT_EQ(expected_answer_len, actual_answer_len);
+    EXPECT_EQ(0, OPENSSL_memcmp(buf, expected_answer, expected_answer_len));
+    OPENSSL_free(buf);
+  }
+
+  // Test failure modes
+  size_t actual_answer_len = 0;
+  EXPECT_FALSE(OPENSSL_hexstr2buf("a", &actual_answer_len));
+  EXPECT_FALSE(OPENSSL_hexstr2buf(NULL, &actual_answer_len));
+  EXPECT_FALSE(OPENSSL_hexstr2buf("ab", nullptr));
+  EXPECT_FALSE(OPENSSL_hexstr2buf("ag", &actual_answer_len));
+}
+
 #if defined(BORINGSSL_FIPS_COUNTERS)
 using CounterArray = size_t[fips_counter_max + 1];
 

crypto/dilithium/p_dilithium3.c

@@ -117,6 +117,7 @@ const EVP_PKEY_METHOD dilithium3_pkey_meth = {
     NULL /* derive */,
     NULL /* paramgen */,
     NULL /* ctrl */,
+    NULL /* ctrl_str */,
     NULL /* keygen deterministic */,
     NULL /* encapsulate deterministic */,
     NULL /* encapsulate */,

crypto/evp_extra/p_dh.c

@@ -129,6 +129,7 @@ const EVP_PKEY_METHOD dh_pkey_meth = {
     .keygen = pkey_dh_keygen,
     .derive = pkey_dh_derive,
     .ctrl = pkey_dh_ctrl,
+    .ctrl_str = NULL
 };
 
 int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad) {

crypto/evp_extra/p_x25519.c

@@ -106,6 +106,7 @@ const EVP_PKEY_METHOD x25519_pkey_meth = {
     pkey_x25519_derive,
     NULL /* paramgen */,
     pkey_x25519_ctrl,
+    NULL, /* ctrl_str */
     NULL /* keygen deterministic */,
     NULL /* encapsulate deterministic */,
     NULL /* encapsulate */,

crypto/fipsmodule/evp/evp_ctx.c

@@ -643,13 +643,31 @@ int EVP_PKEY_decapsulate(EVP_PKEY_CTX *ctx, uint8_t *shared_secret,
   return ret;
 }
 
-// Deprecated keygen NO-OP functions
-int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
-                            const char *value) {
-  // No-op
-  return 0;
+int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md) {
+  const EVP_MD *m;
+
+  if (md == NULL || (m = EVP_get_digestbyname(md)) == NULL) {
+    OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_DIGEST_TYPE);
+    return 0;
+  }
+  return EVP_PKEY_CTX_ctrl(ctx, -1, optype, cmd, 0, (void *)m);
 }
 
+int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *name,
+                          const char *value) {
+  if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
+    OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED);
+    return -2;
+  }
+  if (strcmp(name, "digest") == 0) {
+    OPENSSL_BEGIN_ALLOW_DEPRECATED
+    return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_MD, value);
+    OPENSSL_END_ALLOW_DEPRECATED
+  }
+  return ctx->pmeth->ctrl_str(ctx, name, value);
+}
+
+// Deprecated keygen NO-OP functions
 void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb) {
   // No-op
 }

crypto/fipsmodule/evp/internal.h

@@ -188,6 +188,17 @@ struct evp_pkey_st {
 OPENSSL_EXPORT int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
                                      int cmd, int p1, void *p2);
 
+// EVP_PKEY_CTX_md sets the message digest type for a specific operation.
+// This function is deprecated and should not be used in new code.
+//
+// |ctx| is the context to operate on.
+// |optype| is the operation type (e.g., EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_OP_KEYGEN).
+// |cmd| is the specific command (e.g., EVP_PKEY_CTRL_MD).
+// |md| is the name of the message digest algorithm to use.
+//
+// It returns 1 for success and 0 or a negative value for failure.
+OPENSSL_EXPORT int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
 // EVP_RSA_PKEY_CTX_ctrl is a wrapper of |EVP_PKEY_CTX_ctrl|.
 // Before calling |EVP_PKEY_CTX_ctrl|, a check is added to make sure
 // the |ctx->pmeth->pkey_id| is either |EVP_PKEY_RSA| or |EVP_PKEY_RSA_PSS|.
@@ -283,6 +294,8 @@ struct evp_pkey_method_st {
 
   int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
 
+  int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
+
   // Encapsulate, encapsulate_deterministic, keygen_deterministic, and
   // decapsulate are operations defined for a Key Encapsulation Mechanism (KEM).
   int (*keygen_deterministic)(EVP_PKEY_CTX *ctx,

crypto/fipsmodule/evp/p_ec.c

@@ -289,6 +289,7 @@ DEFINE_METHOD_FUNCTION(EVP_PKEY_METHOD, EVP_PKEY_ec_pkey_meth) {
     out->derive = pkey_ec_derive;
     out->paramgen = pkey_ec_paramgen;
     out->ctrl = pkey_ec_ctrl;
+    out->ctrl_str = NULL;
 }
 
 int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid) {

crypto/fipsmodule/evp/p_ed25519.c

@@ -99,6 +99,7 @@ DEFINE_METHOD_FUNCTION(EVP_PKEY_METHOD, EVP_PKEY_ed25519_pkey_meth) {
   out->derive = NULL;
   out->paramgen = NULL;
   out->ctrl = NULL;
+  out->ctrl_str = NULL;
   out->keygen_deterministic = NULL;
   out->encapsulate_deterministic = NULL;
   out->encapsulate = NULL;

crypto/fipsmodule/evp/p_hkdf.c

@@ -197,6 +197,7 @@ DEFINE_METHOD_FUNCTION(EVP_PKEY_METHOD, EVP_PKEY_hkdf_pkey_meth) {
     out->derive = pkey_hkdf_derive;
     out->paramgen = NULL; /* paramgen */
     out->ctrl = pkey_hkdf_ctrl;
+    out->ctrl_str = NULL;
 }
 
 int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *ctx, int mode) {

crypto/fipsmodule/evp/p_hmac.c

@@ -124,6 +124,7 @@ DEFINE_METHOD_FUNCTION(EVP_PKEY_METHOD, EVP_PKEY_hmac_pkey_meth) {
   out->derive = NULL;
   out->paramgen = NULL;
   out->ctrl = hmac_ctrl;
+  out->ctrl_str = NULL;
 }
 
 int used_for_hmac(EVP_MD_CTX *ctx) {

crypto/fipsmodule/evp/p_kem.c

@@ -318,6 +318,7 @@ DEFINE_METHOD_FUNCTION(EVP_PKEY_METHOD, EVP_PKEY_kem_pkey_meth) {
   out->derive = pkey_hkdf_derive;
   out->paramgen = NULL;
   out->ctrl = NULL;
+  out->ctrl_str = NULL;
   out->keygen_deterministic = pkey_kem_keygen_deterministic;
   out->encapsulate_deterministic = pkey_kem_encapsulate_deterministic;
   out->encapsulate = pkey_kem_encapsulate;

crypto/fipsmodule/evp/p_rsa.c

@@ -703,6 +703,7 @@ DEFINE_METHOD_FUNCTION(EVP_PKEY_METHOD, EVP_PKEY_rsa_pkey_meth) {
     out->derive = NULL;
     out->paramgen = NULL;
     out->ctrl = pkey_rsa_ctrl;
+    out->ctrl_str = NULL;
 }
 
 DEFINE_METHOD_FUNCTION(EVP_PKEY_METHOD, EVP_PKEY_rsa_pss_pkey_meth) {
@@ -723,6 +724,7 @@ DEFINE_METHOD_FUNCTION(EVP_PKEY_METHOD, EVP_PKEY_rsa_pss_pkey_meth) {
     out->derive = NULL;
     out->paramgen = NULL;
     out->ctrl = pkey_rsa_ctrl;
+    out->ctrl_str = NULL;
 }
 
 int EVP_RSA_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2) {

crypto/mem.c

@@ -414,6 +414,36 @@ int OPENSSL_fromxdigit(uint8_t *out, int c) {
   return 0;
 }
 
+uint8_t *OPENSSL_hexstr2buf(const char *str, size_t *len) {
+  if (str == NULL || len == NULL) {
+    return NULL;
+  }
+
+  const size_t slen = OPENSSL_strnlen(str, INT16_MAX);
+  if (slen % 2 != 0) {
+    return NULL;
+  }
+
+  const size_t buflen = slen / 2;
+  uint8_t *buf = OPENSSL_zalloc(buflen);
+  if (buf == NULL) {
+    return NULL;
+  }
+
+  for (size_t i = 0; i < buflen; i++) {
+    uint8_t hi, lo;
+    if (!OPENSSL_fromxdigit(&hi, str[2 * i]) ||
+        !OPENSSL_fromxdigit(&lo, str[2 * i + 1])) {
+      OPENSSL_free(buf);
+      return NULL;
+    }
+    buf[i] = (hi << 4) | lo;
+  }
+
+  *len = buflen;
+  return buf;
+}
+
 int OPENSSL_isalnum(int c) { return OPENSSL_isalpha(c) || OPENSSL_isdigit(c); }
 
 int OPENSSL_tolower(int c) {

include/openssl/evp.h

@@ -1255,11 +1255,21 @@ OPENSSL_EXPORT OPENSSL_DEPRECATED int EVP_PKEY_CTX_set_dsa_paramgen_q_bits(
     EVP_PKEY_CTX *ctx, int qbits);
 
 
-// EVP_PKEY_CTX No-ops [Deprecated].
+// EVP_PKEY_CTX_ctrl_str
 
-// EVP_PKEY_CTX_ctrl_str is a no-op.
+// EVP_PKEY_CTX_ctrl_str sets a parameter on |ctx| of type |type| to |value|.
+// This function is deprecated and should not be used in new code.
+//
+// WARNING: This function is difficult to use correctly. New code should use
+// the EVP_PKEY_CTX_set1_* or EVP_PKEY_CTX_set_* functions instead.
+//
+// |ctx| is the context to operate on.
+// |type| is the parameter type as a string.
+// |value| is the value to set.
+//
+// It returns 1 for success and 0 or a negative value for failure.
 OPENSSL_EXPORT OPENSSL_DEPRECATED int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
-                            const char *value);
+                              const char *value);
 
 // EVP_PKEY_CTX keygen no-ops [Deprecated].
 

include/openssl/mem.h

@@ -145,6 +145,13 @@ OPENSSL_EXPORT int OPENSSL_isxdigit(int c);
 // zero is returned.
 OPENSSL_EXPORT int OPENSSL_fromxdigit(uint8_t *out, int c);
 
+// OPENSSL_hexstr2buf allocates and returns a buffer containing the bytes
+// represented by the hexadecimal string |str|. |str| must be a NULL terminated
+// string of hex characters. The length of the buffer is stored in |*len|.
+// |len| must not be NULL. The caller must free the returned
+// buffer with |OPENSSL_free|. If |str| is malformed, NULL is returned.
+OPENSSL_EXPORT uint8_t *OPENSSL_hexstr2buf(const char *str, size_t *len);
+
 // OPENSSL_isalnum is a locale-independent, ASCII-only version of isalnum(3), It
 // only recognizes what |OPENSSL_isalpha| and |OPENSSL_isdigit| recognize.
 OPENSSL_EXPORT int OPENSSL_isalnum(int c);