1b077aed3SPierre Pronchery /* 2*a7148ab3SEnji Cooper * Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved. 3b077aed3SPierre Pronchery * 4b077aed3SPierre Pronchery * Licensed under the Apache License 2.0 (the "License"). You may not use 5b077aed3SPierre Pronchery * this file except in compliance with the License. You can obtain a copy 6b077aed3SPierre Pronchery * in the file LICENSE in the source distribution or at 7b077aed3SPierre Pronchery * https://www.openssl.org/source/license.html 8b077aed3SPierre Pronchery */ 9b077aed3SPierre Pronchery 10b077aed3SPierre Pronchery /* 11b077aed3SPierre Pronchery * low level APIs are deprecated for public use, but still ok for 12b077aed3SPierre Pronchery * internal use. 13b077aed3SPierre Pronchery */ 14b077aed3SPierre Pronchery #include "internal/deprecated.h" 15b077aed3SPierre Pronchery 16b077aed3SPierre Pronchery #include <openssl/core_dispatch.h> 17b077aed3SPierre Pronchery #include <openssl/core_names.h> 18b077aed3SPierre Pronchery #include <openssl/core_object.h> 19b077aed3SPierre Pronchery #include <openssl/crypto.h> 20b077aed3SPierre Pronchery #include <openssl/err.h> 21b077aed3SPierre Pronchery #include <openssl/params.h> 22b077aed3SPierre Pronchery #include <openssl/pem.h> /* PEM_BUFSIZE and public PEM functions */ 23b077aed3SPierre Pronchery #include <openssl/pkcs12.h> 24b077aed3SPierre Pronchery #include <openssl/x509.h> 25b077aed3SPierre Pronchery #include <openssl/proverr.h> 26b077aed3SPierre Pronchery #include "internal/cryptlib.h" /* ossl_assert() */ 27b077aed3SPierre Pronchery #include "internal/asn1.h" 28b077aed3SPierre Pronchery #include "crypto/dh.h" 29b077aed3SPierre Pronchery #include "crypto/dsa.h" 30b077aed3SPierre Pronchery #include "crypto/ec.h" 31b077aed3SPierre Pronchery #include "crypto/evp.h" 32b077aed3SPierre Pronchery #include "crypto/ecx.h" 33b077aed3SPierre Pronchery #include "crypto/rsa.h" 34b077aed3SPierre Pronchery #include "crypto/x509.h" 35*a7148ab3SEnji Cooper #include "openssl/obj_mac.h" 36b077aed3SPierre Pronchery #include "prov/bio.h" 37b077aed3SPierre Pronchery #include "prov/implementations.h" 38b077aed3SPierre Pronchery #include "endecoder_local.h" 39b077aed3SPierre Pronchery 40b077aed3SPierre Pronchery struct der2key_ctx_st; /* Forward declaration */ 41b077aed3SPierre Pronchery typedef int check_key_fn(void *, struct der2key_ctx_st *ctx); 42b077aed3SPierre Pronchery typedef void adjust_key_fn(void *, struct der2key_ctx_st *ctx); 43b077aed3SPierre Pronchery typedef void free_key_fn(void *); 44b077aed3SPierre Pronchery typedef void *d2i_PKCS8_fn(void **, const unsigned char **, long, 45b077aed3SPierre Pronchery struct der2key_ctx_st *); 46b077aed3SPierre Pronchery struct keytype_desc_st { 47b077aed3SPierre Pronchery const char *keytype_name; 48b077aed3SPierre Pronchery const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */ 49b077aed3SPierre Pronchery 50b077aed3SPierre Pronchery /* The input structure name */ 51b077aed3SPierre Pronchery const char *structure_name; 52b077aed3SPierre Pronchery 53b077aed3SPierre Pronchery /* 54b077aed3SPierre Pronchery * The EVP_PKEY_xxx type macro. Should be zero for type specific 55b077aed3SPierre Pronchery * structures, non-zero when the outermost structure is PKCS#8 or 56b077aed3SPierre Pronchery * SubjectPublicKeyInfo. This determines which of the function 57b077aed3SPierre Pronchery * pointers below will be used. 58b077aed3SPierre Pronchery */ 59b077aed3SPierre Pronchery int evp_type; 60b077aed3SPierre Pronchery 61b077aed3SPierre Pronchery /* The selection mask for OSSL_FUNC_decoder_does_selection() */ 62b077aed3SPierre Pronchery int selection_mask; 63b077aed3SPierre Pronchery 64b077aed3SPierre Pronchery /* For type specific decoders, we use the corresponding d2i */ 65b077aed3SPierre Pronchery d2i_of_void *d2i_private_key; /* From type-specific DER */ 66b077aed3SPierre Pronchery d2i_of_void *d2i_public_key; /* From type-specific DER */ 67b077aed3SPierre Pronchery d2i_of_void *d2i_key_params; /* From type-specific DER */ 68b077aed3SPierre Pronchery d2i_PKCS8_fn *d2i_PKCS8; /* Wrapped in a PrivateKeyInfo */ 69b077aed3SPierre Pronchery d2i_of_void *d2i_PUBKEY; /* Wrapped in a SubjectPublicKeyInfo */ 70b077aed3SPierre Pronchery 71b077aed3SPierre Pronchery /* 72b077aed3SPierre Pronchery * For any key, we may need to check that the key meets expectations. 73b077aed3SPierre Pronchery * This is useful when the same functions can decode several variants 74b077aed3SPierre Pronchery * of a key. 75b077aed3SPierre Pronchery */ 76b077aed3SPierre Pronchery check_key_fn *check_key; 77b077aed3SPierre Pronchery 78b077aed3SPierre Pronchery /* 79b077aed3SPierre Pronchery * For any key, we may need to make provider specific adjustments, such 80b077aed3SPierre Pronchery * as ensure the key carries the correct library context. 81b077aed3SPierre Pronchery */ 82b077aed3SPierre Pronchery adjust_key_fn *adjust_key; 83b077aed3SPierre Pronchery /* {type}_free() */ 84b077aed3SPierre Pronchery free_key_fn *free_key; 85b077aed3SPierre Pronchery }; 86b077aed3SPierre Pronchery 87b077aed3SPierre Pronchery /* 88b077aed3SPierre Pronchery * Context used for DER to key decoding. 89b077aed3SPierre Pronchery */ 90b077aed3SPierre Pronchery struct der2key_ctx_st { 91b077aed3SPierre Pronchery PROV_CTX *provctx; 92b077aed3SPierre Pronchery const struct keytype_desc_st *desc; 93b077aed3SPierre Pronchery /* The selection that is passed to der2key_decode() */ 94b077aed3SPierre Pronchery int selection; 95b077aed3SPierre Pronchery /* Flag used to signal that a failure is fatal */ 96b077aed3SPierre Pronchery unsigned int flag_fatal : 1; 97b077aed3SPierre Pronchery }; 98b077aed3SPierre Pronchery 99b077aed3SPierre Pronchery typedef void *key_from_pkcs8_t(const PKCS8_PRIV_KEY_INFO *p8inf, 100b077aed3SPierre Pronchery OSSL_LIB_CTX *libctx, const char *propq); 101b077aed3SPierre Pronchery static void *der2key_decode_p8(const unsigned char **input_der, 102b077aed3SPierre Pronchery long input_der_len, struct der2key_ctx_st *ctx, 103b077aed3SPierre Pronchery key_from_pkcs8_t *key_from_pkcs8) 104b077aed3SPierre Pronchery { 105b077aed3SPierre Pronchery PKCS8_PRIV_KEY_INFO *p8inf = NULL; 106b077aed3SPierre Pronchery const X509_ALGOR *alg = NULL; 107b077aed3SPierre Pronchery void *key = NULL; 108b077aed3SPierre Pronchery 109b077aed3SPierre Pronchery if ((p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, input_der, input_der_len)) != NULL 110b077aed3SPierre Pronchery && PKCS8_pkey_get0(NULL, NULL, NULL, &alg, p8inf) 111*a7148ab3SEnji Cooper && (OBJ_obj2nid(alg->algorithm) == ctx->desc->evp_type 112*a7148ab3SEnji Cooper /* Allow decoding sm2 private key with id_ecPublicKey */ 113*a7148ab3SEnji Cooper || (OBJ_obj2nid(alg->algorithm) == NID_X9_62_id_ecPublicKey 114*a7148ab3SEnji Cooper && ctx->desc->evp_type == NID_sm2))) 115b077aed3SPierre Pronchery key = key_from_pkcs8(p8inf, PROV_LIBCTX_OF(ctx->provctx), NULL); 116b077aed3SPierre Pronchery PKCS8_PRIV_KEY_INFO_free(p8inf); 117b077aed3SPierre Pronchery 118b077aed3SPierre Pronchery return key; 119b077aed3SPierre Pronchery } 120b077aed3SPierre Pronchery 121b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 122b077aed3SPierre Pronchery 123b077aed3SPierre Pronchery static OSSL_FUNC_decoder_freectx_fn der2key_freectx; 124b077aed3SPierre Pronchery static OSSL_FUNC_decoder_decode_fn der2key_decode; 125b077aed3SPierre Pronchery static OSSL_FUNC_decoder_export_object_fn der2key_export_object; 126b077aed3SPierre Pronchery 127b077aed3SPierre Pronchery static struct der2key_ctx_st * 128b077aed3SPierre Pronchery der2key_newctx(void *provctx, const struct keytype_desc_st *desc) 129b077aed3SPierre Pronchery { 130b077aed3SPierre Pronchery struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); 131b077aed3SPierre Pronchery 132b077aed3SPierre Pronchery if (ctx != NULL) { 133b077aed3SPierre Pronchery ctx->provctx = provctx; 134b077aed3SPierre Pronchery ctx->desc = desc; 135b077aed3SPierre Pronchery } 136b077aed3SPierre Pronchery return ctx; 137b077aed3SPierre Pronchery } 138b077aed3SPierre Pronchery 139b077aed3SPierre Pronchery static void der2key_freectx(void *vctx) 140b077aed3SPierre Pronchery { 141b077aed3SPierre Pronchery struct der2key_ctx_st *ctx = vctx; 142b077aed3SPierre Pronchery 143b077aed3SPierre Pronchery OPENSSL_free(ctx); 144b077aed3SPierre Pronchery } 145b077aed3SPierre Pronchery 146b077aed3SPierre Pronchery static int der2key_check_selection(int selection, 147b077aed3SPierre Pronchery const struct keytype_desc_st *desc) 148b077aed3SPierre Pronchery { 149b077aed3SPierre Pronchery /* 150b077aed3SPierre Pronchery * The selections are kinda sorta "levels", i.e. each selection given 151b077aed3SPierre Pronchery * here is assumed to include those following. 152b077aed3SPierre Pronchery */ 153b077aed3SPierre Pronchery int checks[] = { 154b077aed3SPierre Pronchery OSSL_KEYMGMT_SELECT_PRIVATE_KEY, 155b077aed3SPierre Pronchery OSSL_KEYMGMT_SELECT_PUBLIC_KEY, 156b077aed3SPierre Pronchery OSSL_KEYMGMT_SELECT_ALL_PARAMETERS 157b077aed3SPierre Pronchery }; 158b077aed3SPierre Pronchery size_t i; 159b077aed3SPierre Pronchery 160b077aed3SPierre Pronchery /* The decoder implementations made here support guessing */ 161b077aed3SPierre Pronchery if (selection == 0) 162b077aed3SPierre Pronchery return 1; 163b077aed3SPierre Pronchery 164b077aed3SPierre Pronchery for (i = 0; i < OSSL_NELEM(checks); i++) { 165b077aed3SPierre Pronchery int check1 = (selection & checks[i]) != 0; 166b077aed3SPierre Pronchery int check2 = (desc->selection_mask & checks[i]) != 0; 167b077aed3SPierre Pronchery 168b077aed3SPierre Pronchery /* 169b077aed3SPierre Pronchery * If the caller asked for the currently checked bit(s), return 170b077aed3SPierre Pronchery * whether the decoder description says it's supported. 171b077aed3SPierre Pronchery */ 172b077aed3SPierre Pronchery if (check1) 173b077aed3SPierre Pronchery return check2; 174b077aed3SPierre Pronchery } 175b077aed3SPierre Pronchery 176b077aed3SPierre Pronchery /* This should be dead code, but just to be safe... */ 177b077aed3SPierre Pronchery return 0; 178b077aed3SPierre Pronchery } 179b077aed3SPierre Pronchery 180b077aed3SPierre Pronchery static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, 181b077aed3SPierre Pronchery OSSL_CALLBACK *data_cb, void *data_cbarg, 182b077aed3SPierre Pronchery OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) 183b077aed3SPierre Pronchery { 184b077aed3SPierre Pronchery struct der2key_ctx_st *ctx = vctx; 185b077aed3SPierre Pronchery unsigned char *der = NULL; 186b077aed3SPierre Pronchery const unsigned char *derp; 187b077aed3SPierre Pronchery long der_len = 0; 188b077aed3SPierre Pronchery void *key = NULL; 189b077aed3SPierre Pronchery int ok = 0; 190b077aed3SPierre Pronchery 191b077aed3SPierre Pronchery ctx->selection = selection; 192b077aed3SPierre Pronchery /* 193b077aed3SPierre Pronchery * The caller is allowed to specify 0 as a selection mark, to have the 194b077aed3SPierre Pronchery * structure and key type guessed. For type-specific structures, this 195b077aed3SPierre Pronchery * is not recommended, as some structures are very similar. 196b077aed3SPierre Pronchery * Note that 0 isn't the same as OSSL_KEYMGMT_SELECT_ALL, as the latter 197b077aed3SPierre Pronchery * signifies a private key structure, where everything else is assumed 198b077aed3SPierre Pronchery * to be present as well. 199b077aed3SPierre Pronchery */ 200b077aed3SPierre Pronchery if (selection == 0) 201b077aed3SPierre Pronchery selection = ctx->desc->selection_mask; 202b077aed3SPierre Pronchery if ((selection & ctx->desc->selection_mask) == 0) { 203b077aed3SPierre Pronchery ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); 204b077aed3SPierre Pronchery return 0; 205b077aed3SPierre Pronchery } 206b077aed3SPierre Pronchery 207b077aed3SPierre Pronchery ok = ossl_read_der(ctx->provctx, cin, &der, &der_len); 208b077aed3SPierre Pronchery if (!ok) 209b077aed3SPierre Pronchery goto next; 210b077aed3SPierre Pronchery 211b077aed3SPierre Pronchery ok = 0; /* Assume that we fail */ 212b077aed3SPierre Pronchery 213b077aed3SPierre Pronchery ERR_set_mark(); 214b077aed3SPierre Pronchery if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { 215b077aed3SPierre Pronchery derp = der; 216b077aed3SPierre Pronchery if (ctx->desc->d2i_PKCS8 != NULL) { 217b077aed3SPierre Pronchery key = ctx->desc->d2i_PKCS8(NULL, &derp, der_len, ctx); 218b077aed3SPierre Pronchery if (ctx->flag_fatal) { 219b077aed3SPierre Pronchery ERR_clear_last_mark(); 220b077aed3SPierre Pronchery goto end; 221b077aed3SPierre Pronchery } 222b077aed3SPierre Pronchery } else if (ctx->desc->d2i_private_key != NULL) { 223b077aed3SPierre Pronchery key = ctx->desc->d2i_private_key(NULL, &derp, der_len); 224b077aed3SPierre Pronchery } 225b077aed3SPierre Pronchery if (key == NULL && ctx->selection != 0) { 226b077aed3SPierre Pronchery ERR_clear_last_mark(); 227b077aed3SPierre Pronchery goto next; 228b077aed3SPierre Pronchery } 229b077aed3SPierre Pronchery } 230b077aed3SPierre Pronchery if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { 231b077aed3SPierre Pronchery derp = der; 232b077aed3SPierre Pronchery if (ctx->desc->d2i_PUBKEY != NULL) 233b077aed3SPierre Pronchery key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len); 234b077aed3SPierre Pronchery else if (ctx->desc->d2i_public_key != NULL) 235b077aed3SPierre Pronchery key = ctx->desc->d2i_public_key(NULL, &derp, der_len); 236b077aed3SPierre Pronchery if (key == NULL && ctx->selection != 0) { 237b077aed3SPierre Pronchery ERR_clear_last_mark(); 238b077aed3SPierre Pronchery goto next; 239b077aed3SPierre Pronchery } 240b077aed3SPierre Pronchery } 241b077aed3SPierre Pronchery if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) { 242b077aed3SPierre Pronchery derp = der; 243b077aed3SPierre Pronchery if (ctx->desc->d2i_key_params != NULL) 244b077aed3SPierre Pronchery key = ctx->desc->d2i_key_params(NULL, &derp, der_len); 245b077aed3SPierre Pronchery if (key == NULL && ctx->selection != 0) { 246b077aed3SPierre Pronchery ERR_clear_last_mark(); 247b077aed3SPierre Pronchery goto next; 248b077aed3SPierre Pronchery } 249b077aed3SPierre Pronchery } 250b077aed3SPierre Pronchery if (key == NULL) 251b077aed3SPierre Pronchery ERR_clear_last_mark(); 252b077aed3SPierre Pronchery else 253b077aed3SPierre Pronchery ERR_pop_to_mark(); 254b077aed3SPierre Pronchery 255b077aed3SPierre Pronchery /* 256b077aed3SPierre Pronchery * Last minute check to see if this was the correct type of key. This 257b077aed3SPierre Pronchery * should never lead to a fatal error, i.e. the decoding itself was 258b077aed3SPierre Pronchery * correct, it was just an unexpected key type. This is generally for 259b077aed3SPierre Pronchery * classes of key types that have subtle variants, like RSA-PSS keys as 260b077aed3SPierre Pronchery * opposed to plain RSA keys. 261b077aed3SPierre Pronchery */ 262b077aed3SPierre Pronchery if (key != NULL 263b077aed3SPierre Pronchery && ctx->desc->check_key != NULL 264b077aed3SPierre Pronchery && !ctx->desc->check_key(key, ctx)) { 265b077aed3SPierre Pronchery ctx->desc->free_key(key); 266b077aed3SPierre Pronchery key = NULL; 267b077aed3SPierre Pronchery } 268b077aed3SPierre Pronchery 269b077aed3SPierre Pronchery if (key != NULL && ctx->desc->adjust_key != NULL) 270b077aed3SPierre Pronchery ctx->desc->adjust_key(key, ctx); 271b077aed3SPierre Pronchery 272b077aed3SPierre Pronchery next: 273b077aed3SPierre Pronchery /* 274b077aed3SPierre Pronchery * Indicated that we successfully decoded something, or not at all. 275b077aed3SPierre Pronchery * Ending up "empty handed" is not an error. 276b077aed3SPierre Pronchery */ 277b077aed3SPierre Pronchery ok = 1; 278b077aed3SPierre Pronchery 279b077aed3SPierre Pronchery /* 280b077aed3SPierre Pronchery * We free memory here so it's not held up during the callback, because 281b077aed3SPierre Pronchery * we know the process is recursive and the allocated chunks of memory 282b077aed3SPierre Pronchery * add up. 283b077aed3SPierre Pronchery */ 284b077aed3SPierre Pronchery OPENSSL_free(der); 285b077aed3SPierre Pronchery der = NULL; 286b077aed3SPierre Pronchery 287b077aed3SPierre Pronchery if (key != NULL) { 288b077aed3SPierre Pronchery OSSL_PARAM params[4]; 289b077aed3SPierre Pronchery int object_type = OSSL_OBJECT_PKEY; 290b077aed3SPierre Pronchery 291b077aed3SPierre Pronchery params[0] = 292b077aed3SPierre Pronchery OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); 293*a7148ab3SEnji Cooper 294*a7148ab3SEnji Cooper #ifndef OPENSSL_NO_SM2 295*a7148ab3SEnji Cooper if (strcmp(ctx->desc->keytype_name, "EC") == 0 296*a7148ab3SEnji Cooper && (EC_KEY_get_flags(key) & EC_FLAG_SM2_RANGE) != 0) 297*a7148ab3SEnji Cooper params[1] = 298*a7148ab3SEnji Cooper OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, 299*a7148ab3SEnji Cooper "SM2", 0); 300*a7148ab3SEnji Cooper else 301*a7148ab3SEnji Cooper #endif 302b077aed3SPierre Pronchery params[1] = 303b077aed3SPierre Pronchery OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, 304b077aed3SPierre Pronchery (char *)ctx->desc->keytype_name, 305b077aed3SPierre Pronchery 0); 306b077aed3SPierre Pronchery /* The address of the key becomes the octet string */ 307b077aed3SPierre Pronchery params[2] = 308b077aed3SPierre Pronchery OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, 309b077aed3SPierre Pronchery &key, sizeof(key)); 310b077aed3SPierre Pronchery params[3] = OSSL_PARAM_construct_end(); 311b077aed3SPierre Pronchery 312b077aed3SPierre Pronchery ok = data_cb(params, data_cbarg); 313b077aed3SPierre Pronchery } 314b077aed3SPierre Pronchery 315b077aed3SPierre Pronchery end: 316b077aed3SPierre Pronchery ctx->desc->free_key(key); 317b077aed3SPierre Pronchery OPENSSL_free(der); 318b077aed3SPierre Pronchery 319b077aed3SPierre Pronchery return ok; 320b077aed3SPierre Pronchery } 321b077aed3SPierre Pronchery 322b077aed3SPierre Pronchery static int der2key_export_object(void *vctx, 323b077aed3SPierre Pronchery const void *reference, size_t reference_sz, 324b077aed3SPierre Pronchery OSSL_CALLBACK *export_cb, void *export_cbarg) 325b077aed3SPierre Pronchery { 326b077aed3SPierre Pronchery struct der2key_ctx_st *ctx = vctx; 327b077aed3SPierre Pronchery OSSL_FUNC_keymgmt_export_fn *export = 328b077aed3SPierre Pronchery ossl_prov_get_keymgmt_export(ctx->desc->fns); 329b077aed3SPierre Pronchery void *keydata; 330b077aed3SPierre Pronchery 331b077aed3SPierre Pronchery if (reference_sz == sizeof(keydata) && export != NULL) { 3326f1af0d7SPierre Pronchery int selection = ctx->selection; 3336f1af0d7SPierre Pronchery 3346f1af0d7SPierre Pronchery if (selection == 0) 3356f1af0d7SPierre Pronchery selection = OSSL_KEYMGMT_SELECT_ALL; 336b077aed3SPierre Pronchery /* The contents of the reference is the address to our object */ 337b077aed3SPierre Pronchery keydata = *(void **)reference; 338b077aed3SPierre Pronchery 3396f1af0d7SPierre Pronchery return export(keydata, selection, export_cb, export_cbarg); 340b077aed3SPierre Pronchery } 341b077aed3SPierre Pronchery return 0; 342b077aed3SPierre Pronchery } 343b077aed3SPierre Pronchery 344b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 345b077aed3SPierre Pronchery 346b077aed3SPierre Pronchery #ifndef OPENSSL_NO_DH 347b077aed3SPierre Pronchery # define dh_evp_type EVP_PKEY_DH 348b077aed3SPierre Pronchery # define dh_d2i_private_key NULL 349b077aed3SPierre Pronchery # define dh_d2i_public_key NULL 350b077aed3SPierre Pronchery # define dh_d2i_key_params (d2i_of_void *)d2i_DHparams 351b077aed3SPierre Pronchery 352b077aed3SPierre Pronchery static void *dh_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 353b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 354b077aed3SPierre Pronchery { 355b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 356b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_dh_key_from_pkcs8); 357b077aed3SPierre Pronchery } 358b077aed3SPierre Pronchery 359b077aed3SPierre Pronchery # define dh_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DH_PUBKEY 360b077aed3SPierre Pronchery # define dh_free (free_key_fn *)DH_free 361b077aed3SPierre Pronchery # define dh_check NULL 362b077aed3SPierre Pronchery 363b077aed3SPierre Pronchery static void dh_adjust(void *key, struct der2key_ctx_st *ctx) 364b077aed3SPierre Pronchery { 365b077aed3SPierre Pronchery ossl_dh_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 366b077aed3SPierre Pronchery } 367b077aed3SPierre Pronchery 368b077aed3SPierre Pronchery # define dhx_evp_type EVP_PKEY_DHX 369b077aed3SPierre Pronchery # define dhx_d2i_private_key NULL 370b077aed3SPierre Pronchery # define dhx_d2i_public_key NULL 371b077aed3SPierre Pronchery # define dhx_d2i_key_params (d2i_of_void *)d2i_DHxparams 372b077aed3SPierre Pronchery # define dhx_d2i_PKCS8 dh_d2i_PKCS8 373b077aed3SPierre Pronchery # define dhx_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DHx_PUBKEY 374b077aed3SPierre Pronchery # define dhx_free (free_key_fn *)DH_free 375b077aed3SPierre Pronchery # define dhx_check NULL 376b077aed3SPierre Pronchery # define dhx_adjust dh_adjust 377b077aed3SPierre Pronchery #endif 378b077aed3SPierre Pronchery 379b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 380b077aed3SPierre Pronchery 381b077aed3SPierre Pronchery #ifndef OPENSSL_NO_DSA 382b077aed3SPierre Pronchery # define dsa_evp_type EVP_PKEY_DSA 383b077aed3SPierre Pronchery # define dsa_d2i_private_key (d2i_of_void *)d2i_DSAPrivateKey 384b077aed3SPierre Pronchery # define dsa_d2i_public_key (d2i_of_void *)d2i_DSAPublicKey 385b077aed3SPierre Pronchery # define dsa_d2i_key_params (d2i_of_void *)d2i_DSAparams 386b077aed3SPierre Pronchery 387b077aed3SPierre Pronchery static void *dsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 388b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 389b077aed3SPierre Pronchery { 390b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 391b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_dsa_key_from_pkcs8); 392b077aed3SPierre Pronchery } 393b077aed3SPierre Pronchery 394b077aed3SPierre Pronchery # define dsa_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DSA_PUBKEY 395b077aed3SPierre Pronchery # define dsa_free (free_key_fn *)DSA_free 396b077aed3SPierre Pronchery # define dsa_check NULL 397b077aed3SPierre Pronchery 398b077aed3SPierre Pronchery static void dsa_adjust(void *key, struct der2key_ctx_st *ctx) 399b077aed3SPierre Pronchery { 400b077aed3SPierre Pronchery ossl_dsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 401b077aed3SPierre Pronchery } 402b077aed3SPierre Pronchery #endif 403b077aed3SPierre Pronchery 404b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 405b077aed3SPierre Pronchery 406b077aed3SPierre Pronchery #ifndef OPENSSL_NO_EC 407b077aed3SPierre Pronchery # define ec_evp_type EVP_PKEY_EC 408b077aed3SPierre Pronchery # define ec_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey 409b077aed3SPierre Pronchery # define ec_d2i_public_key NULL 410b077aed3SPierre Pronchery # define ec_d2i_key_params (d2i_of_void *)d2i_ECParameters 411b077aed3SPierre Pronchery 412b077aed3SPierre Pronchery static void *ec_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 413b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 414b077aed3SPierre Pronchery { 415b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 416b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); 417b077aed3SPierre Pronchery } 418b077aed3SPierre Pronchery 419b077aed3SPierre Pronchery # define ec_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY 420b077aed3SPierre Pronchery # define ec_free (free_key_fn *)EC_KEY_free 421b077aed3SPierre Pronchery 422b077aed3SPierre Pronchery static int ec_check(void *key, struct der2key_ctx_st *ctx) 423b077aed3SPierre Pronchery { 424b077aed3SPierre Pronchery /* We're trying to be clever by comparing two truths */ 425*a7148ab3SEnji Cooper int ret = 0; 426b077aed3SPierre Pronchery int sm2 = (EC_KEY_get_flags(key) & EC_FLAG_SM2_RANGE) != 0; 427b077aed3SPierre Pronchery 428*a7148ab3SEnji Cooper if (sm2) 429*a7148ab3SEnji Cooper ret = ctx->desc->evp_type == EVP_PKEY_SM2 430*a7148ab3SEnji Cooper || ctx->desc->evp_type == NID_X9_62_id_ecPublicKey; 431*a7148ab3SEnji Cooper else 432*a7148ab3SEnji Cooper ret = ctx->desc->evp_type != EVP_PKEY_SM2; 433*a7148ab3SEnji Cooper 434*a7148ab3SEnji Cooper return ret; 435b077aed3SPierre Pronchery } 436b077aed3SPierre Pronchery 437b077aed3SPierre Pronchery static void ec_adjust(void *key, struct der2key_ctx_st *ctx) 438b077aed3SPierre Pronchery { 439b077aed3SPierre Pronchery ossl_ec_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 440b077aed3SPierre Pronchery } 441b077aed3SPierre Pronchery 442b077aed3SPierre Pronchery /* 443b077aed3SPierre Pronchery * ED25519, ED448, X25519, X448 only implement PKCS#8 and SubjectPublicKeyInfo, 444b077aed3SPierre Pronchery * so no d2i functions to be had. 445b077aed3SPierre Pronchery */ 446b077aed3SPierre Pronchery 447b077aed3SPierre Pronchery static void *ecx_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 448b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 449b077aed3SPierre Pronchery { 450b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 451b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_ecx_key_from_pkcs8); 452b077aed3SPierre Pronchery } 453b077aed3SPierre Pronchery 454b077aed3SPierre Pronchery static void ecx_key_adjust(void *key, struct der2key_ctx_st *ctx) 455b077aed3SPierre Pronchery { 456b077aed3SPierre Pronchery ossl_ecx_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 457b077aed3SPierre Pronchery } 458b077aed3SPierre Pronchery 459b077aed3SPierre Pronchery # define ed25519_evp_type EVP_PKEY_ED25519 460b077aed3SPierre Pronchery # define ed25519_d2i_private_key NULL 461b077aed3SPierre Pronchery # define ed25519_d2i_public_key NULL 462b077aed3SPierre Pronchery # define ed25519_d2i_key_params NULL 463b077aed3SPierre Pronchery # define ed25519_d2i_PKCS8 ecx_d2i_PKCS8 464b077aed3SPierre Pronchery # define ed25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED25519_PUBKEY 465b077aed3SPierre Pronchery # define ed25519_free (free_key_fn *)ossl_ecx_key_free 466b077aed3SPierre Pronchery # define ed25519_check NULL 467b077aed3SPierre Pronchery # define ed25519_adjust ecx_key_adjust 468b077aed3SPierre Pronchery 469b077aed3SPierre Pronchery # define ed448_evp_type EVP_PKEY_ED448 470b077aed3SPierre Pronchery # define ed448_d2i_private_key NULL 471b077aed3SPierre Pronchery # define ed448_d2i_public_key NULL 472b077aed3SPierre Pronchery # define ed448_d2i_key_params NULL 473b077aed3SPierre Pronchery # define ed448_d2i_PKCS8 ecx_d2i_PKCS8 474b077aed3SPierre Pronchery # define ed448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED448_PUBKEY 475b077aed3SPierre Pronchery # define ed448_free (free_key_fn *)ossl_ecx_key_free 476b077aed3SPierre Pronchery # define ed448_check NULL 477b077aed3SPierre Pronchery # define ed448_adjust ecx_key_adjust 478b077aed3SPierre Pronchery 479b077aed3SPierre Pronchery # define x25519_evp_type EVP_PKEY_X25519 480b077aed3SPierre Pronchery # define x25519_d2i_private_key NULL 481b077aed3SPierre Pronchery # define x25519_d2i_public_key NULL 482b077aed3SPierre Pronchery # define x25519_d2i_key_params NULL 483b077aed3SPierre Pronchery # define x25519_d2i_PKCS8 ecx_d2i_PKCS8 484b077aed3SPierre Pronchery # define x25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X25519_PUBKEY 485b077aed3SPierre Pronchery # define x25519_free (free_key_fn *)ossl_ecx_key_free 486b077aed3SPierre Pronchery # define x25519_check NULL 487b077aed3SPierre Pronchery # define x25519_adjust ecx_key_adjust 488b077aed3SPierre Pronchery 489b077aed3SPierre Pronchery # define x448_evp_type EVP_PKEY_X448 490b077aed3SPierre Pronchery # define x448_d2i_private_key NULL 491b077aed3SPierre Pronchery # define x448_d2i_public_key NULL 492b077aed3SPierre Pronchery # define x448_d2i_key_params NULL 493b077aed3SPierre Pronchery # define x448_d2i_PKCS8 ecx_d2i_PKCS8 494b077aed3SPierre Pronchery # define x448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X448_PUBKEY 495b077aed3SPierre Pronchery # define x448_free (free_key_fn *)ossl_ecx_key_free 496b077aed3SPierre Pronchery # define x448_check NULL 497b077aed3SPierre Pronchery # define x448_adjust ecx_key_adjust 498b077aed3SPierre Pronchery 499b077aed3SPierre Pronchery # ifndef OPENSSL_NO_SM2 500b077aed3SPierre Pronchery # define sm2_evp_type EVP_PKEY_SM2 501b077aed3SPierre Pronchery # define sm2_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey 502b077aed3SPierre Pronchery # define sm2_d2i_public_key NULL 503b077aed3SPierre Pronchery # define sm2_d2i_key_params (d2i_of_void *)d2i_ECParameters 504b077aed3SPierre Pronchery 505b077aed3SPierre Pronchery static void *sm2_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 506b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 507b077aed3SPierre Pronchery { 508b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 509b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); 510b077aed3SPierre Pronchery } 511b077aed3SPierre Pronchery 512b077aed3SPierre Pronchery # define sm2_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY 513b077aed3SPierre Pronchery # define sm2_free (free_key_fn *)EC_KEY_free 514b077aed3SPierre Pronchery # define sm2_check ec_check 515b077aed3SPierre Pronchery # define sm2_adjust ec_adjust 516b077aed3SPierre Pronchery # endif 517b077aed3SPierre Pronchery #endif 518b077aed3SPierre Pronchery 519b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 520b077aed3SPierre Pronchery 521b077aed3SPierre Pronchery #define rsa_evp_type EVP_PKEY_RSA 522b077aed3SPierre Pronchery #define rsa_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey 523b077aed3SPierre Pronchery #define rsa_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey 524b077aed3SPierre Pronchery #define rsa_d2i_key_params NULL 525b077aed3SPierre Pronchery 526b077aed3SPierre Pronchery static void *rsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 527b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 528b077aed3SPierre Pronchery { 529b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 530b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_rsa_key_from_pkcs8); 531b077aed3SPierre Pronchery } 532b077aed3SPierre Pronchery 533b077aed3SPierre Pronchery #define rsa_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY 534b077aed3SPierre Pronchery #define rsa_free (free_key_fn *)RSA_free 535b077aed3SPierre Pronchery 536b077aed3SPierre Pronchery static int rsa_check(void *key, struct der2key_ctx_st *ctx) 537b077aed3SPierre Pronchery { 538b077aed3SPierre Pronchery switch (RSA_test_flags(key, RSA_FLAG_TYPE_MASK)) { 539b077aed3SPierre Pronchery case RSA_FLAG_TYPE_RSA: 540b077aed3SPierre Pronchery return ctx->desc->evp_type == EVP_PKEY_RSA; 541b077aed3SPierre Pronchery case RSA_FLAG_TYPE_RSASSAPSS: 542b077aed3SPierre Pronchery return ctx->desc->evp_type == EVP_PKEY_RSA_PSS; 543b077aed3SPierre Pronchery } 544b077aed3SPierre Pronchery 545b077aed3SPierre Pronchery /* Currently unsupported RSA key type */ 546b077aed3SPierre Pronchery return 0; 547b077aed3SPierre Pronchery } 548b077aed3SPierre Pronchery 549b077aed3SPierre Pronchery static void rsa_adjust(void *key, struct der2key_ctx_st *ctx) 550b077aed3SPierre Pronchery { 551b077aed3SPierre Pronchery ossl_rsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 552b077aed3SPierre Pronchery } 553b077aed3SPierre Pronchery 554b077aed3SPierre Pronchery #define rsapss_evp_type EVP_PKEY_RSA_PSS 555b077aed3SPierre Pronchery #define rsapss_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey 556b077aed3SPierre Pronchery #define rsapss_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey 557b077aed3SPierre Pronchery #define rsapss_d2i_key_params NULL 558b077aed3SPierre Pronchery #define rsapss_d2i_PKCS8 rsa_d2i_PKCS8 559b077aed3SPierre Pronchery #define rsapss_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY 560b077aed3SPierre Pronchery #define rsapss_free (free_key_fn *)RSA_free 561b077aed3SPierre Pronchery #define rsapss_check rsa_check 562b077aed3SPierre Pronchery #define rsapss_adjust rsa_adjust 563b077aed3SPierre Pronchery 564b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 565b077aed3SPierre Pronchery 566b077aed3SPierre Pronchery /* 567b077aed3SPierre Pronchery * The DO_ macros help define the selection mask and the method functions 568b077aed3SPierre Pronchery * for each kind of object we want to decode. 569b077aed3SPierre Pronchery */ 570b077aed3SPierre Pronchery #define DO_type_specific_keypair(keytype) \ 571b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 572b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ 573b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 574b077aed3SPierre Pronchery keytype##_d2i_public_key, \ 575b077aed3SPierre Pronchery NULL, \ 576b077aed3SPierre Pronchery NULL, \ 577b077aed3SPierre Pronchery NULL, \ 578b077aed3SPierre Pronchery keytype##_check, \ 579b077aed3SPierre Pronchery keytype##_adjust, \ 580b077aed3SPierre Pronchery keytype##_free 581b077aed3SPierre Pronchery 582b077aed3SPierre Pronchery #define DO_type_specific_pub(keytype) \ 583b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 584b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ 585b077aed3SPierre Pronchery NULL, \ 586b077aed3SPierre Pronchery keytype##_d2i_public_key, \ 587b077aed3SPierre Pronchery NULL, \ 588b077aed3SPierre Pronchery NULL, \ 589b077aed3SPierre Pronchery NULL, \ 590b077aed3SPierre Pronchery keytype##_check, \ 591b077aed3SPierre Pronchery keytype##_adjust, \ 592b077aed3SPierre Pronchery keytype##_free 593b077aed3SPierre Pronchery 594b077aed3SPierre Pronchery #define DO_type_specific_priv(keytype) \ 595b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 596b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ 597b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 598b077aed3SPierre Pronchery NULL, \ 599b077aed3SPierre Pronchery NULL, \ 600b077aed3SPierre Pronchery NULL, \ 601b077aed3SPierre Pronchery NULL, \ 602b077aed3SPierre Pronchery keytype##_check, \ 603b077aed3SPierre Pronchery keytype##_adjust, \ 604b077aed3SPierre Pronchery keytype##_free 605b077aed3SPierre Pronchery 606b077aed3SPierre Pronchery #define DO_type_specific_params(keytype) \ 607b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 608b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 609b077aed3SPierre Pronchery NULL, \ 610b077aed3SPierre Pronchery NULL, \ 611b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 612b077aed3SPierre Pronchery NULL, \ 613b077aed3SPierre Pronchery NULL, \ 614b077aed3SPierre Pronchery keytype##_check, \ 615b077aed3SPierre Pronchery keytype##_adjust, \ 616b077aed3SPierre Pronchery keytype##_free 617b077aed3SPierre Pronchery 618b077aed3SPierre Pronchery #define DO_type_specific(keytype) \ 619b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 620b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_ALL ), \ 621b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 622b077aed3SPierre Pronchery keytype##_d2i_public_key, \ 623b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 624b077aed3SPierre Pronchery NULL, \ 625b077aed3SPierre Pronchery NULL, \ 626b077aed3SPierre Pronchery keytype##_check, \ 627b077aed3SPierre Pronchery keytype##_adjust, \ 628b077aed3SPierre Pronchery keytype##_free 629b077aed3SPierre Pronchery 630b077aed3SPierre Pronchery #define DO_type_specific_no_pub(keytype) \ 631b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 632b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ 633b077aed3SPierre Pronchery | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 634b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 635b077aed3SPierre Pronchery NULL, \ 636b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 637b077aed3SPierre Pronchery NULL, \ 638b077aed3SPierre Pronchery NULL, \ 639b077aed3SPierre Pronchery keytype##_check, \ 640b077aed3SPierre Pronchery keytype##_adjust, \ 641b077aed3SPierre Pronchery keytype##_free 642b077aed3SPierre Pronchery 643b077aed3SPierre Pronchery #define DO_PrivateKeyInfo(keytype) \ 644b077aed3SPierre Pronchery "PrivateKeyInfo", keytype##_evp_type, \ 645b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ 646b077aed3SPierre Pronchery NULL, \ 647b077aed3SPierre Pronchery NULL, \ 648b077aed3SPierre Pronchery NULL, \ 649b077aed3SPierre Pronchery keytype##_d2i_PKCS8, \ 650b077aed3SPierre Pronchery NULL, \ 651b077aed3SPierre Pronchery keytype##_check, \ 652b077aed3SPierre Pronchery keytype##_adjust, \ 653b077aed3SPierre Pronchery keytype##_free 654b077aed3SPierre Pronchery 655b077aed3SPierre Pronchery #define DO_SubjectPublicKeyInfo(keytype) \ 656b077aed3SPierre Pronchery "SubjectPublicKeyInfo", keytype##_evp_type, \ 657b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ 658b077aed3SPierre Pronchery NULL, \ 659b077aed3SPierre Pronchery NULL, \ 660b077aed3SPierre Pronchery NULL, \ 661b077aed3SPierre Pronchery NULL, \ 662b077aed3SPierre Pronchery keytype##_d2i_PUBKEY, \ 663b077aed3SPierre Pronchery keytype##_check, \ 664b077aed3SPierre Pronchery keytype##_adjust, \ 665b077aed3SPierre Pronchery keytype##_free 666b077aed3SPierre Pronchery 667b077aed3SPierre Pronchery #define DO_DH(keytype) \ 668b077aed3SPierre Pronchery "DH", keytype##_evp_type, \ 669b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 670b077aed3SPierre Pronchery NULL, \ 671b077aed3SPierre Pronchery NULL, \ 672b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 673b077aed3SPierre Pronchery NULL, \ 674b077aed3SPierre Pronchery NULL, \ 675b077aed3SPierre Pronchery keytype##_check, \ 676b077aed3SPierre Pronchery keytype##_adjust, \ 677b077aed3SPierre Pronchery keytype##_free 678b077aed3SPierre Pronchery 679b077aed3SPierre Pronchery #define DO_DHX(keytype) \ 680b077aed3SPierre Pronchery "DHX", keytype##_evp_type, \ 681b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 682b077aed3SPierre Pronchery NULL, \ 683b077aed3SPierre Pronchery NULL, \ 684b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 685b077aed3SPierre Pronchery NULL, \ 686b077aed3SPierre Pronchery NULL, \ 687b077aed3SPierre Pronchery keytype##_check, \ 688b077aed3SPierre Pronchery keytype##_adjust, \ 689b077aed3SPierre Pronchery keytype##_free 690b077aed3SPierre Pronchery 691b077aed3SPierre Pronchery #define DO_DSA(keytype) \ 692b077aed3SPierre Pronchery "DSA", keytype##_evp_type, \ 693b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_ALL ), \ 694b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 695b077aed3SPierre Pronchery keytype##_d2i_public_key, \ 696b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 697b077aed3SPierre Pronchery NULL, \ 698b077aed3SPierre Pronchery NULL, \ 699b077aed3SPierre Pronchery keytype##_check, \ 700b077aed3SPierre Pronchery keytype##_adjust, \ 701b077aed3SPierre Pronchery keytype##_free 702b077aed3SPierre Pronchery 703b077aed3SPierre Pronchery #define DO_EC(keytype) \ 704b077aed3SPierre Pronchery "EC", keytype##_evp_type, \ 705b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ 706b077aed3SPierre Pronchery | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 707b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 708b077aed3SPierre Pronchery NULL, \ 709b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 710b077aed3SPierre Pronchery NULL, \ 711b077aed3SPierre Pronchery NULL, \ 712b077aed3SPierre Pronchery keytype##_check, \ 713b077aed3SPierre Pronchery keytype##_adjust, \ 714b077aed3SPierre Pronchery keytype##_free 715b077aed3SPierre Pronchery 716b077aed3SPierre Pronchery #define DO_RSA(keytype) \ 717b077aed3SPierre Pronchery "RSA", keytype##_evp_type, \ 718b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ 719b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 720b077aed3SPierre Pronchery keytype##_d2i_public_key, \ 721b077aed3SPierre Pronchery NULL, \ 722b077aed3SPierre Pronchery NULL, \ 723b077aed3SPierre Pronchery NULL, \ 724b077aed3SPierre Pronchery keytype##_check, \ 725b077aed3SPierre Pronchery keytype##_adjust, \ 726b077aed3SPierre Pronchery keytype##_free 727b077aed3SPierre Pronchery 728b077aed3SPierre Pronchery /* 729b077aed3SPierre Pronchery * MAKE_DECODER is the single driver for creating OSSL_DISPATCH tables. 730b077aed3SPierre Pronchery * It takes the following arguments: 731b077aed3SPierre Pronchery * 732b077aed3SPierre Pronchery * keytype_name The implementation key type as a string. 733b077aed3SPierre Pronchery * keytype The implementation key type. This must correspond exactly 734b077aed3SPierre Pronchery * to our existing keymgmt keytype names... in other words, 735b077aed3SPierre Pronchery * there must exist an ossl_##keytype##_keymgmt_functions. 736b077aed3SPierre Pronchery * type The type name for the set of functions that implement the 737b077aed3SPierre Pronchery * decoder for the key type. This isn't necessarily the same 738b077aed3SPierre Pronchery * as keytype. For example, the key types ed25519, ed448, 739b077aed3SPierre Pronchery * x25519 and x448 are all handled by the same functions with 740b077aed3SPierre Pronchery * the common type name ecx. 741b077aed3SPierre Pronchery * kind The kind of support to implement. This translates into 742b077aed3SPierre Pronchery * the DO_##kind macros above, to populate the keytype_desc_st 743b077aed3SPierre Pronchery * structure. 744b077aed3SPierre Pronchery */ 745b077aed3SPierre Pronchery #define MAKE_DECODER(keytype_name, keytype, type, kind) \ 746b077aed3SPierre Pronchery static const struct keytype_desc_st kind##_##keytype##_desc = \ 747b077aed3SPierre Pronchery { keytype_name, ossl_##keytype##_keymgmt_functions, \ 748b077aed3SPierre Pronchery DO_##kind(keytype) }; \ 749b077aed3SPierre Pronchery \ 750b077aed3SPierre Pronchery static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \ 751b077aed3SPierre Pronchery \ 752b077aed3SPierre Pronchery static void *kind##_der2##keytype##_newctx(void *provctx) \ 753b077aed3SPierre Pronchery { \ 754b077aed3SPierre Pronchery return der2key_newctx(provctx, &kind##_##keytype##_desc); \ 755b077aed3SPierre Pronchery } \ 756b077aed3SPierre Pronchery static int kind##_der2##keytype##_does_selection(void *provctx, \ 757b077aed3SPierre Pronchery int selection) \ 758b077aed3SPierre Pronchery { \ 759b077aed3SPierre Pronchery return der2key_check_selection(selection, \ 760b077aed3SPierre Pronchery &kind##_##keytype##_desc); \ 761b077aed3SPierre Pronchery } \ 762b077aed3SPierre Pronchery const OSSL_DISPATCH \ 763b077aed3SPierre Pronchery ossl_##kind##_der_to_##keytype##_decoder_functions[] = { \ 764b077aed3SPierre Pronchery { OSSL_FUNC_DECODER_NEWCTX, \ 765b077aed3SPierre Pronchery (void (*)(void))kind##_der2##keytype##_newctx }, \ 766b077aed3SPierre Pronchery { OSSL_FUNC_DECODER_FREECTX, \ 767b077aed3SPierre Pronchery (void (*)(void))der2key_freectx }, \ 768b077aed3SPierre Pronchery { OSSL_FUNC_DECODER_DOES_SELECTION, \ 769b077aed3SPierre Pronchery (void (*)(void))kind##_der2##keytype##_does_selection }, \ 770b077aed3SPierre Pronchery { OSSL_FUNC_DECODER_DECODE, \ 771b077aed3SPierre Pronchery (void (*)(void))der2key_decode }, \ 772b077aed3SPierre Pronchery { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ 773b077aed3SPierre Pronchery (void (*)(void))der2key_export_object }, \ 774b077aed3SPierre Pronchery { 0, NULL } \ 775b077aed3SPierre Pronchery } 776b077aed3SPierre Pronchery 777b077aed3SPierre Pronchery #ifndef OPENSSL_NO_DH 778b077aed3SPierre Pronchery MAKE_DECODER("DH", dh, dh, PrivateKeyInfo); 779b077aed3SPierre Pronchery MAKE_DECODER("DH", dh, dh, SubjectPublicKeyInfo); 780b077aed3SPierre Pronchery MAKE_DECODER("DH", dh, dh, type_specific_params); 781b077aed3SPierre Pronchery MAKE_DECODER("DH", dh, dh, DH); 782b077aed3SPierre Pronchery MAKE_DECODER("DHX", dhx, dhx, PrivateKeyInfo); 783b077aed3SPierre Pronchery MAKE_DECODER("DHX", dhx, dhx, SubjectPublicKeyInfo); 784b077aed3SPierre Pronchery MAKE_DECODER("DHX", dhx, dhx, type_specific_params); 785b077aed3SPierre Pronchery MAKE_DECODER("DHX", dhx, dhx, DHX); 786b077aed3SPierre Pronchery #endif 787b077aed3SPierre Pronchery #ifndef OPENSSL_NO_DSA 788b077aed3SPierre Pronchery MAKE_DECODER("DSA", dsa, dsa, PrivateKeyInfo); 789b077aed3SPierre Pronchery MAKE_DECODER("DSA", dsa, dsa, SubjectPublicKeyInfo); 790b077aed3SPierre Pronchery MAKE_DECODER("DSA", dsa, dsa, type_specific); 791b077aed3SPierre Pronchery MAKE_DECODER("DSA", dsa, dsa, DSA); 792b077aed3SPierre Pronchery #endif 793b077aed3SPierre Pronchery #ifndef OPENSSL_NO_EC 794b077aed3SPierre Pronchery MAKE_DECODER("EC", ec, ec, PrivateKeyInfo); 795b077aed3SPierre Pronchery MAKE_DECODER("EC", ec, ec, SubjectPublicKeyInfo); 796b077aed3SPierre Pronchery MAKE_DECODER("EC", ec, ec, type_specific_no_pub); 797b077aed3SPierre Pronchery MAKE_DECODER("EC", ec, ec, EC); 798b077aed3SPierre Pronchery MAKE_DECODER("X25519", x25519, ecx, PrivateKeyInfo); 799b077aed3SPierre Pronchery MAKE_DECODER("X25519", x25519, ecx, SubjectPublicKeyInfo); 800b077aed3SPierre Pronchery MAKE_DECODER("X448", x448, ecx, PrivateKeyInfo); 801b077aed3SPierre Pronchery MAKE_DECODER("X448", x448, ecx, SubjectPublicKeyInfo); 802b077aed3SPierre Pronchery MAKE_DECODER("ED25519", ed25519, ecx, PrivateKeyInfo); 803b077aed3SPierre Pronchery MAKE_DECODER("ED25519", ed25519, ecx, SubjectPublicKeyInfo); 804b077aed3SPierre Pronchery MAKE_DECODER("ED448", ed448, ecx, PrivateKeyInfo); 805b077aed3SPierre Pronchery MAKE_DECODER("ED448", ed448, ecx, SubjectPublicKeyInfo); 806b077aed3SPierre Pronchery # ifndef OPENSSL_NO_SM2 807b077aed3SPierre Pronchery MAKE_DECODER("SM2", sm2, ec, PrivateKeyInfo); 808b077aed3SPierre Pronchery MAKE_DECODER("SM2", sm2, ec, SubjectPublicKeyInfo); 809b077aed3SPierre Pronchery # endif 810b077aed3SPierre Pronchery #endif 811b077aed3SPierre Pronchery MAKE_DECODER("RSA", rsa, rsa, PrivateKeyInfo); 812b077aed3SPierre Pronchery MAKE_DECODER("RSA", rsa, rsa, SubjectPublicKeyInfo); 813b077aed3SPierre Pronchery MAKE_DECODER("RSA", rsa, rsa, type_specific_keypair); 814b077aed3SPierre Pronchery MAKE_DECODER("RSA", rsa, rsa, RSA); 815b077aed3SPierre Pronchery MAKE_DECODER("RSA-PSS", rsapss, rsapss, PrivateKeyInfo); 816b077aed3SPierre Pronchery MAKE_DECODER("RSA-PSS", rsapss, rsapss, SubjectPublicKeyInfo); 817