1b077aed3SPierre Pronchery /* 2b077aed3SPierre Pronchery * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. 3b077aed3SPierre Pronchery * 4b077aed3SPierre Pronchery * Licensed under the Apache License 2.0 (the "License"). You may not use 5b077aed3SPierre Pronchery * this file except in compliance with the License. You can obtain a copy 6b077aed3SPierre Pronchery * in the file LICENSE in the source distribution or at 7b077aed3SPierre Pronchery * https://www.openssl.org/source/license.html 8b077aed3SPierre Pronchery */ 9b077aed3SPierre Pronchery 10b077aed3SPierre Pronchery /* 11b077aed3SPierre Pronchery * low level APIs are deprecated for public use, but still ok for 12b077aed3SPierre Pronchery * internal use. 13b077aed3SPierre Pronchery */ 14b077aed3SPierre Pronchery #include "internal/deprecated.h" 15b077aed3SPierre Pronchery 16b077aed3SPierre Pronchery #include <openssl/core_dispatch.h> 17b077aed3SPierre Pronchery #include <openssl/core_names.h> 18b077aed3SPierre Pronchery #include <openssl/core_object.h> 19b077aed3SPierre Pronchery #include <openssl/crypto.h> 20b077aed3SPierre Pronchery #include <openssl/err.h> 21b077aed3SPierre Pronchery #include <openssl/params.h> 22b077aed3SPierre Pronchery #include <openssl/pem.h> /* PEM_BUFSIZE and public PEM functions */ 23b077aed3SPierre Pronchery #include <openssl/pkcs12.h> 24b077aed3SPierre Pronchery #include <openssl/x509.h> 25b077aed3SPierre Pronchery #include <openssl/proverr.h> 26b077aed3SPierre Pronchery #include "internal/cryptlib.h" /* ossl_assert() */ 27b077aed3SPierre Pronchery #include "internal/asn1.h" 28b077aed3SPierre Pronchery #include "crypto/dh.h" 29b077aed3SPierre Pronchery #include "crypto/dsa.h" 30b077aed3SPierre Pronchery #include "crypto/ec.h" 31b077aed3SPierre Pronchery #include "crypto/evp.h" 32b077aed3SPierre Pronchery #include "crypto/ecx.h" 33b077aed3SPierre Pronchery #include "crypto/rsa.h" 34b077aed3SPierre Pronchery #include "crypto/x509.h" 35b077aed3SPierre Pronchery #include "prov/bio.h" 36b077aed3SPierre Pronchery #include "prov/implementations.h" 37b077aed3SPierre Pronchery #include "endecoder_local.h" 38b077aed3SPierre Pronchery 39b077aed3SPierre Pronchery struct der2key_ctx_st; /* Forward declaration */ 40b077aed3SPierre Pronchery typedef int check_key_fn(void *, struct der2key_ctx_st *ctx); 41b077aed3SPierre Pronchery typedef void adjust_key_fn(void *, struct der2key_ctx_st *ctx); 42b077aed3SPierre Pronchery typedef void free_key_fn(void *); 43b077aed3SPierre Pronchery typedef void *d2i_PKCS8_fn(void **, const unsigned char **, long, 44b077aed3SPierre Pronchery struct der2key_ctx_st *); 45b077aed3SPierre Pronchery struct keytype_desc_st { 46b077aed3SPierre Pronchery const char *keytype_name; 47b077aed3SPierre Pronchery const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */ 48b077aed3SPierre Pronchery 49b077aed3SPierre Pronchery /* The input structure name */ 50b077aed3SPierre Pronchery const char *structure_name; 51b077aed3SPierre Pronchery 52b077aed3SPierre Pronchery /* 53b077aed3SPierre Pronchery * The EVP_PKEY_xxx type macro. Should be zero for type specific 54b077aed3SPierre Pronchery * structures, non-zero when the outermost structure is PKCS#8 or 55b077aed3SPierre Pronchery * SubjectPublicKeyInfo. This determines which of the function 56b077aed3SPierre Pronchery * pointers below will be used. 57b077aed3SPierre Pronchery */ 58b077aed3SPierre Pronchery int evp_type; 59b077aed3SPierre Pronchery 60b077aed3SPierre Pronchery /* The selection mask for OSSL_FUNC_decoder_does_selection() */ 61b077aed3SPierre Pronchery int selection_mask; 62b077aed3SPierre Pronchery 63b077aed3SPierre Pronchery /* For type specific decoders, we use the corresponding d2i */ 64b077aed3SPierre Pronchery d2i_of_void *d2i_private_key; /* From type-specific DER */ 65b077aed3SPierre Pronchery d2i_of_void *d2i_public_key; /* From type-specific DER */ 66b077aed3SPierre Pronchery d2i_of_void *d2i_key_params; /* From type-specific DER */ 67b077aed3SPierre Pronchery d2i_PKCS8_fn *d2i_PKCS8; /* Wrapped in a PrivateKeyInfo */ 68b077aed3SPierre Pronchery d2i_of_void *d2i_PUBKEY; /* Wrapped in a SubjectPublicKeyInfo */ 69b077aed3SPierre Pronchery 70b077aed3SPierre Pronchery /* 71b077aed3SPierre Pronchery * For any key, we may need to check that the key meets expectations. 72b077aed3SPierre Pronchery * This is useful when the same functions can decode several variants 73b077aed3SPierre Pronchery * of a key. 74b077aed3SPierre Pronchery */ 75b077aed3SPierre Pronchery check_key_fn *check_key; 76b077aed3SPierre Pronchery 77b077aed3SPierre Pronchery /* 78b077aed3SPierre Pronchery * For any key, we may need to make provider specific adjustments, such 79b077aed3SPierre Pronchery * as ensure the key carries the correct library context. 80b077aed3SPierre Pronchery */ 81b077aed3SPierre Pronchery adjust_key_fn *adjust_key; 82b077aed3SPierre Pronchery /* {type}_free() */ 83b077aed3SPierre Pronchery free_key_fn *free_key; 84b077aed3SPierre Pronchery }; 85b077aed3SPierre Pronchery 86b077aed3SPierre Pronchery /* 87b077aed3SPierre Pronchery * Context used for DER to key decoding. 88b077aed3SPierre Pronchery */ 89b077aed3SPierre Pronchery struct der2key_ctx_st { 90b077aed3SPierre Pronchery PROV_CTX *provctx; 91b077aed3SPierre Pronchery const struct keytype_desc_st *desc; 92b077aed3SPierre Pronchery /* The selection that is passed to der2key_decode() */ 93b077aed3SPierre Pronchery int selection; 94b077aed3SPierre Pronchery /* Flag used to signal that a failure is fatal */ 95b077aed3SPierre Pronchery unsigned int flag_fatal : 1; 96b077aed3SPierre Pronchery }; 97b077aed3SPierre Pronchery 98b077aed3SPierre Pronchery typedef void *key_from_pkcs8_t(const PKCS8_PRIV_KEY_INFO *p8inf, 99b077aed3SPierre Pronchery OSSL_LIB_CTX *libctx, const char *propq); 100b077aed3SPierre Pronchery static void *der2key_decode_p8(const unsigned char **input_der, 101b077aed3SPierre Pronchery long input_der_len, struct der2key_ctx_st *ctx, 102b077aed3SPierre Pronchery key_from_pkcs8_t *key_from_pkcs8) 103b077aed3SPierre Pronchery { 104b077aed3SPierre Pronchery PKCS8_PRIV_KEY_INFO *p8inf = NULL; 105b077aed3SPierre Pronchery const X509_ALGOR *alg = NULL; 106b077aed3SPierre Pronchery void *key = NULL; 107b077aed3SPierre Pronchery 108b077aed3SPierre Pronchery if ((p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, input_der, input_der_len)) != NULL 109b077aed3SPierre Pronchery && PKCS8_pkey_get0(NULL, NULL, NULL, &alg, p8inf) 110b077aed3SPierre Pronchery && OBJ_obj2nid(alg->algorithm) == ctx->desc->evp_type) 111b077aed3SPierre Pronchery key = key_from_pkcs8(p8inf, PROV_LIBCTX_OF(ctx->provctx), NULL); 112b077aed3SPierre Pronchery PKCS8_PRIV_KEY_INFO_free(p8inf); 113b077aed3SPierre Pronchery 114b077aed3SPierre Pronchery return key; 115b077aed3SPierre Pronchery } 116b077aed3SPierre Pronchery 117b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 118b077aed3SPierre Pronchery 119b077aed3SPierre Pronchery static OSSL_FUNC_decoder_freectx_fn der2key_freectx; 120b077aed3SPierre Pronchery static OSSL_FUNC_decoder_decode_fn der2key_decode; 121b077aed3SPierre Pronchery static OSSL_FUNC_decoder_export_object_fn der2key_export_object; 122b077aed3SPierre Pronchery 123b077aed3SPierre Pronchery static struct der2key_ctx_st * 124b077aed3SPierre Pronchery der2key_newctx(void *provctx, const struct keytype_desc_st *desc) 125b077aed3SPierre Pronchery { 126b077aed3SPierre Pronchery struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); 127b077aed3SPierre Pronchery 128b077aed3SPierre Pronchery if (ctx != NULL) { 129b077aed3SPierre Pronchery ctx->provctx = provctx; 130b077aed3SPierre Pronchery ctx->desc = desc; 131b077aed3SPierre Pronchery } 132b077aed3SPierre Pronchery return ctx; 133b077aed3SPierre Pronchery } 134b077aed3SPierre Pronchery 135b077aed3SPierre Pronchery static void der2key_freectx(void *vctx) 136b077aed3SPierre Pronchery { 137b077aed3SPierre Pronchery struct der2key_ctx_st *ctx = vctx; 138b077aed3SPierre Pronchery 139b077aed3SPierre Pronchery OPENSSL_free(ctx); 140b077aed3SPierre Pronchery } 141b077aed3SPierre Pronchery 142b077aed3SPierre Pronchery static int der2key_check_selection(int selection, 143b077aed3SPierre Pronchery const struct keytype_desc_st *desc) 144b077aed3SPierre Pronchery { 145b077aed3SPierre Pronchery /* 146b077aed3SPierre Pronchery * The selections are kinda sorta "levels", i.e. each selection given 147b077aed3SPierre Pronchery * here is assumed to include those following. 148b077aed3SPierre Pronchery */ 149b077aed3SPierre Pronchery int checks[] = { 150b077aed3SPierre Pronchery OSSL_KEYMGMT_SELECT_PRIVATE_KEY, 151b077aed3SPierre Pronchery OSSL_KEYMGMT_SELECT_PUBLIC_KEY, 152b077aed3SPierre Pronchery OSSL_KEYMGMT_SELECT_ALL_PARAMETERS 153b077aed3SPierre Pronchery }; 154b077aed3SPierre Pronchery size_t i; 155b077aed3SPierre Pronchery 156b077aed3SPierre Pronchery /* The decoder implementations made here support guessing */ 157b077aed3SPierre Pronchery if (selection == 0) 158b077aed3SPierre Pronchery return 1; 159b077aed3SPierre Pronchery 160b077aed3SPierre Pronchery for (i = 0; i < OSSL_NELEM(checks); i++) { 161b077aed3SPierre Pronchery int check1 = (selection & checks[i]) != 0; 162b077aed3SPierre Pronchery int check2 = (desc->selection_mask & checks[i]) != 0; 163b077aed3SPierre Pronchery 164b077aed3SPierre Pronchery /* 165b077aed3SPierre Pronchery * If the caller asked for the currently checked bit(s), return 166b077aed3SPierre Pronchery * whether the decoder description says it's supported. 167b077aed3SPierre Pronchery */ 168b077aed3SPierre Pronchery if (check1) 169b077aed3SPierre Pronchery return check2; 170b077aed3SPierre Pronchery } 171b077aed3SPierre Pronchery 172b077aed3SPierre Pronchery /* This should be dead code, but just to be safe... */ 173b077aed3SPierre Pronchery return 0; 174b077aed3SPierre Pronchery } 175b077aed3SPierre Pronchery 176b077aed3SPierre Pronchery static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, 177b077aed3SPierre Pronchery OSSL_CALLBACK *data_cb, void *data_cbarg, 178b077aed3SPierre Pronchery OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) 179b077aed3SPierre Pronchery { 180b077aed3SPierre Pronchery struct der2key_ctx_st *ctx = vctx; 181b077aed3SPierre Pronchery unsigned char *der = NULL; 182b077aed3SPierre Pronchery const unsigned char *derp; 183b077aed3SPierre Pronchery long der_len = 0; 184b077aed3SPierre Pronchery void *key = NULL; 185b077aed3SPierre Pronchery int ok = 0; 186b077aed3SPierre Pronchery 187b077aed3SPierre Pronchery ctx->selection = selection; 188b077aed3SPierre Pronchery /* 189b077aed3SPierre Pronchery * The caller is allowed to specify 0 as a selection mark, to have the 190b077aed3SPierre Pronchery * structure and key type guessed. For type-specific structures, this 191b077aed3SPierre Pronchery * is not recommended, as some structures are very similar. 192b077aed3SPierre Pronchery * Note that 0 isn't the same as OSSL_KEYMGMT_SELECT_ALL, as the latter 193b077aed3SPierre Pronchery * signifies a private key structure, where everything else is assumed 194b077aed3SPierre Pronchery * to be present as well. 195b077aed3SPierre Pronchery */ 196b077aed3SPierre Pronchery if (selection == 0) 197b077aed3SPierre Pronchery selection = ctx->desc->selection_mask; 198b077aed3SPierre Pronchery if ((selection & ctx->desc->selection_mask) == 0) { 199b077aed3SPierre Pronchery ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); 200b077aed3SPierre Pronchery return 0; 201b077aed3SPierre Pronchery } 202b077aed3SPierre Pronchery 203b077aed3SPierre Pronchery ok = ossl_read_der(ctx->provctx, cin, &der, &der_len); 204b077aed3SPierre Pronchery if (!ok) 205b077aed3SPierre Pronchery goto next; 206b077aed3SPierre Pronchery 207b077aed3SPierre Pronchery ok = 0; /* Assume that we fail */ 208b077aed3SPierre Pronchery 209b077aed3SPierre Pronchery ERR_set_mark(); 210b077aed3SPierre Pronchery if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { 211b077aed3SPierre Pronchery derp = der; 212b077aed3SPierre Pronchery if (ctx->desc->d2i_PKCS8 != NULL) { 213b077aed3SPierre Pronchery key = ctx->desc->d2i_PKCS8(NULL, &derp, der_len, ctx); 214b077aed3SPierre Pronchery if (ctx->flag_fatal) { 215b077aed3SPierre Pronchery ERR_clear_last_mark(); 216b077aed3SPierre Pronchery goto end; 217b077aed3SPierre Pronchery } 218b077aed3SPierre Pronchery } else if (ctx->desc->d2i_private_key != NULL) { 219b077aed3SPierre Pronchery key = ctx->desc->d2i_private_key(NULL, &derp, der_len); 220b077aed3SPierre Pronchery } 221b077aed3SPierre Pronchery if (key == NULL && ctx->selection != 0) { 222b077aed3SPierre Pronchery ERR_clear_last_mark(); 223b077aed3SPierre Pronchery goto next; 224b077aed3SPierre Pronchery } 225b077aed3SPierre Pronchery } 226b077aed3SPierre Pronchery if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { 227b077aed3SPierre Pronchery derp = der; 228b077aed3SPierre Pronchery if (ctx->desc->d2i_PUBKEY != NULL) 229b077aed3SPierre Pronchery key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len); 230b077aed3SPierre Pronchery else if (ctx->desc->d2i_public_key != NULL) 231b077aed3SPierre Pronchery key = ctx->desc->d2i_public_key(NULL, &derp, der_len); 232b077aed3SPierre Pronchery if (key == NULL && ctx->selection != 0) { 233b077aed3SPierre Pronchery ERR_clear_last_mark(); 234b077aed3SPierre Pronchery goto next; 235b077aed3SPierre Pronchery } 236b077aed3SPierre Pronchery } 237b077aed3SPierre Pronchery if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) { 238b077aed3SPierre Pronchery derp = der; 239b077aed3SPierre Pronchery if (ctx->desc->d2i_key_params != NULL) 240b077aed3SPierre Pronchery key = ctx->desc->d2i_key_params(NULL, &derp, der_len); 241b077aed3SPierre Pronchery if (key == NULL && ctx->selection != 0) { 242b077aed3SPierre Pronchery ERR_clear_last_mark(); 243b077aed3SPierre Pronchery goto next; 244b077aed3SPierre Pronchery } 245b077aed3SPierre Pronchery } 246b077aed3SPierre Pronchery if (key == NULL) 247b077aed3SPierre Pronchery ERR_clear_last_mark(); 248b077aed3SPierre Pronchery else 249b077aed3SPierre Pronchery ERR_pop_to_mark(); 250b077aed3SPierre Pronchery 251b077aed3SPierre Pronchery /* 252b077aed3SPierre Pronchery * Last minute check to see if this was the correct type of key. This 253b077aed3SPierre Pronchery * should never lead to a fatal error, i.e. the decoding itself was 254b077aed3SPierre Pronchery * correct, it was just an unexpected key type. This is generally for 255b077aed3SPierre Pronchery * classes of key types that have subtle variants, like RSA-PSS keys as 256b077aed3SPierre Pronchery * opposed to plain RSA keys. 257b077aed3SPierre Pronchery */ 258b077aed3SPierre Pronchery if (key != NULL 259b077aed3SPierre Pronchery && ctx->desc->check_key != NULL 260b077aed3SPierre Pronchery && !ctx->desc->check_key(key, ctx)) { 261b077aed3SPierre Pronchery ctx->desc->free_key(key); 262b077aed3SPierre Pronchery key = NULL; 263b077aed3SPierre Pronchery } 264b077aed3SPierre Pronchery 265b077aed3SPierre Pronchery if (key != NULL && ctx->desc->adjust_key != NULL) 266b077aed3SPierre Pronchery ctx->desc->adjust_key(key, ctx); 267b077aed3SPierre Pronchery 268b077aed3SPierre Pronchery next: 269b077aed3SPierre Pronchery /* 270b077aed3SPierre Pronchery * Indicated that we successfully decoded something, or not at all. 271b077aed3SPierre Pronchery * Ending up "empty handed" is not an error. 272b077aed3SPierre Pronchery */ 273b077aed3SPierre Pronchery ok = 1; 274b077aed3SPierre Pronchery 275b077aed3SPierre Pronchery /* 276b077aed3SPierre Pronchery * We free memory here so it's not held up during the callback, because 277b077aed3SPierre Pronchery * we know the process is recursive and the allocated chunks of memory 278b077aed3SPierre Pronchery * add up. 279b077aed3SPierre Pronchery */ 280b077aed3SPierre Pronchery OPENSSL_free(der); 281b077aed3SPierre Pronchery der = NULL; 282b077aed3SPierre Pronchery 283b077aed3SPierre Pronchery if (key != NULL) { 284b077aed3SPierre Pronchery OSSL_PARAM params[4]; 285b077aed3SPierre Pronchery int object_type = OSSL_OBJECT_PKEY; 286b077aed3SPierre Pronchery 287b077aed3SPierre Pronchery params[0] = 288b077aed3SPierre Pronchery OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); 289b077aed3SPierre Pronchery params[1] = 290b077aed3SPierre Pronchery OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, 291b077aed3SPierre Pronchery (char *)ctx->desc->keytype_name, 292b077aed3SPierre Pronchery 0); 293b077aed3SPierre Pronchery /* The address of the key becomes the octet string */ 294b077aed3SPierre Pronchery params[2] = 295b077aed3SPierre Pronchery OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, 296b077aed3SPierre Pronchery &key, sizeof(key)); 297b077aed3SPierre Pronchery params[3] = OSSL_PARAM_construct_end(); 298b077aed3SPierre Pronchery 299b077aed3SPierre Pronchery ok = data_cb(params, data_cbarg); 300b077aed3SPierre Pronchery } 301b077aed3SPierre Pronchery 302b077aed3SPierre Pronchery end: 303b077aed3SPierre Pronchery ctx->desc->free_key(key); 304b077aed3SPierre Pronchery OPENSSL_free(der); 305b077aed3SPierre Pronchery 306b077aed3SPierre Pronchery return ok; 307b077aed3SPierre Pronchery } 308b077aed3SPierre Pronchery 309b077aed3SPierre Pronchery static int der2key_export_object(void *vctx, 310b077aed3SPierre Pronchery const void *reference, size_t reference_sz, 311b077aed3SPierre Pronchery OSSL_CALLBACK *export_cb, void *export_cbarg) 312b077aed3SPierre Pronchery { 313b077aed3SPierre Pronchery struct der2key_ctx_st *ctx = vctx; 314b077aed3SPierre Pronchery OSSL_FUNC_keymgmt_export_fn *export = 315b077aed3SPierre Pronchery ossl_prov_get_keymgmt_export(ctx->desc->fns); 316b077aed3SPierre Pronchery void *keydata; 317b077aed3SPierre Pronchery 318b077aed3SPierre Pronchery if (reference_sz == sizeof(keydata) && export != NULL) { 319*6f1af0d7SPierre Pronchery int selection = ctx->selection; 320*6f1af0d7SPierre Pronchery 321*6f1af0d7SPierre Pronchery if (selection == 0) 322*6f1af0d7SPierre Pronchery selection = OSSL_KEYMGMT_SELECT_ALL; 323b077aed3SPierre Pronchery /* The contents of the reference is the address to our object */ 324b077aed3SPierre Pronchery keydata = *(void **)reference; 325b077aed3SPierre Pronchery 326*6f1af0d7SPierre Pronchery return export(keydata, selection, export_cb, export_cbarg); 327b077aed3SPierre Pronchery } 328b077aed3SPierre Pronchery return 0; 329b077aed3SPierre Pronchery } 330b077aed3SPierre Pronchery 331b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 332b077aed3SPierre Pronchery 333b077aed3SPierre Pronchery #ifndef OPENSSL_NO_DH 334b077aed3SPierre Pronchery # define dh_evp_type EVP_PKEY_DH 335b077aed3SPierre Pronchery # define dh_d2i_private_key NULL 336b077aed3SPierre Pronchery # define dh_d2i_public_key NULL 337b077aed3SPierre Pronchery # define dh_d2i_key_params (d2i_of_void *)d2i_DHparams 338b077aed3SPierre Pronchery 339b077aed3SPierre Pronchery static void *dh_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 340b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 341b077aed3SPierre Pronchery { 342b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 343b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_dh_key_from_pkcs8); 344b077aed3SPierre Pronchery } 345b077aed3SPierre Pronchery 346b077aed3SPierre Pronchery # define dh_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DH_PUBKEY 347b077aed3SPierre Pronchery # define dh_free (free_key_fn *)DH_free 348b077aed3SPierre Pronchery # define dh_check NULL 349b077aed3SPierre Pronchery 350b077aed3SPierre Pronchery static void dh_adjust(void *key, struct der2key_ctx_st *ctx) 351b077aed3SPierre Pronchery { 352b077aed3SPierre Pronchery ossl_dh_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 353b077aed3SPierre Pronchery } 354b077aed3SPierre Pronchery 355b077aed3SPierre Pronchery # define dhx_evp_type EVP_PKEY_DHX 356b077aed3SPierre Pronchery # define dhx_d2i_private_key NULL 357b077aed3SPierre Pronchery # define dhx_d2i_public_key NULL 358b077aed3SPierre Pronchery # define dhx_d2i_key_params (d2i_of_void *)d2i_DHxparams 359b077aed3SPierre Pronchery # define dhx_d2i_PKCS8 dh_d2i_PKCS8 360b077aed3SPierre Pronchery # define dhx_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DHx_PUBKEY 361b077aed3SPierre Pronchery # define dhx_free (free_key_fn *)DH_free 362b077aed3SPierre Pronchery # define dhx_check NULL 363b077aed3SPierre Pronchery # define dhx_adjust dh_adjust 364b077aed3SPierre Pronchery #endif 365b077aed3SPierre Pronchery 366b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 367b077aed3SPierre Pronchery 368b077aed3SPierre Pronchery #ifndef OPENSSL_NO_DSA 369b077aed3SPierre Pronchery # define dsa_evp_type EVP_PKEY_DSA 370b077aed3SPierre Pronchery # define dsa_d2i_private_key (d2i_of_void *)d2i_DSAPrivateKey 371b077aed3SPierre Pronchery # define dsa_d2i_public_key (d2i_of_void *)d2i_DSAPublicKey 372b077aed3SPierre Pronchery # define dsa_d2i_key_params (d2i_of_void *)d2i_DSAparams 373b077aed3SPierre Pronchery 374b077aed3SPierre Pronchery static void *dsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 375b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 376b077aed3SPierre Pronchery { 377b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 378b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_dsa_key_from_pkcs8); 379b077aed3SPierre Pronchery } 380b077aed3SPierre Pronchery 381b077aed3SPierre Pronchery # define dsa_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DSA_PUBKEY 382b077aed3SPierre Pronchery # define dsa_free (free_key_fn *)DSA_free 383b077aed3SPierre Pronchery # define dsa_check NULL 384b077aed3SPierre Pronchery 385b077aed3SPierre Pronchery static void dsa_adjust(void *key, struct der2key_ctx_st *ctx) 386b077aed3SPierre Pronchery { 387b077aed3SPierre Pronchery ossl_dsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 388b077aed3SPierre Pronchery } 389b077aed3SPierre Pronchery #endif 390b077aed3SPierre Pronchery 391b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 392b077aed3SPierre Pronchery 393b077aed3SPierre Pronchery #ifndef OPENSSL_NO_EC 394b077aed3SPierre Pronchery # define ec_evp_type EVP_PKEY_EC 395b077aed3SPierre Pronchery # define ec_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey 396b077aed3SPierre Pronchery # define ec_d2i_public_key NULL 397b077aed3SPierre Pronchery # define ec_d2i_key_params (d2i_of_void *)d2i_ECParameters 398b077aed3SPierre Pronchery 399b077aed3SPierre Pronchery static void *ec_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 400b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 401b077aed3SPierre Pronchery { 402b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 403b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); 404b077aed3SPierre Pronchery } 405b077aed3SPierre Pronchery 406b077aed3SPierre Pronchery # define ec_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY 407b077aed3SPierre Pronchery # define ec_free (free_key_fn *)EC_KEY_free 408b077aed3SPierre Pronchery 409b077aed3SPierre Pronchery static int ec_check(void *key, struct der2key_ctx_st *ctx) 410b077aed3SPierre Pronchery { 411b077aed3SPierre Pronchery /* We're trying to be clever by comparing two truths */ 412b077aed3SPierre Pronchery 413b077aed3SPierre Pronchery int sm2 = (EC_KEY_get_flags(key) & EC_FLAG_SM2_RANGE) != 0; 414b077aed3SPierre Pronchery 415b077aed3SPierre Pronchery return sm2 == (ctx->desc->evp_type == EVP_PKEY_SM2); 416b077aed3SPierre Pronchery } 417b077aed3SPierre Pronchery 418b077aed3SPierre Pronchery static void ec_adjust(void *key, struct der2key_ctx_st *ctx) 419b077aed3SPierre Pronchery { 420b077aed3SPierre Pronchery ossl_ec_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 421b077aed3SPierre Pronchery } 422b077aed3SPierre Pronchery 423b077aed3SPierre Pronchery /* 424b077aed3SPierre Pronchery * ED25519, ED448, X25519, X448 only implement PKCS#8 and SubjectPublicKeyInfo, 425b077aed3SPierre Pronchery * so no d2i functions to be had. 426b077aed3SPierre Pronchery */ 427b077aed3SPierre Pronchery 428b077aed3SPierre Pronchery static void *ecx_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 429b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 430b077aed3SPierre Pronchery { 431b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 432b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_ecx_key_from_pkcs8); 433b077aed3SPierre Pronchery } 434b077aed3SPierre Pronchery 435b077aed3SPierre Pronchery static void ecx_key_adjust(void *key, struct der2key_ctx_st *ctx) 436b077aed3SPierre Pronchery { 437b077aed3SPierre Pronchery ossl_ecx_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 438b077aed3SPierre Pronchery } 439b077aed3SPierre Pronchery 440b077aed3SPierre Pronchery # define ed25519_evp_type EVP_PKEY_ED25519 441b077aed3SPierre Pronchery # define ed25519_d2i_private_key NULL 442b077aed3SPierre Pronchery # define ed25519_d2i_public_key NULL 443b077aed3SPierre Pronchery # define ed25519_d2i_key_params NULL 444b077aed3SPierre Pronchery # define ed25519_d2i_PKCS8 ecx_d2i_PKCS8 445b077aed3SPierre Pronchery # define ed25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED25519_PUBKEY 446b077aed3SPierre Pronchery # define ed25519_free (free_key_fn *)ossl_ecx_key_free 447b077aed3SPierre Pronchery # define ed25519_check NULL 448b077aed3SPierre Pronchery # define ed25519_adjust ecx_key_adjust 449b077aed3SPierre Pronchery 450b077aed3SPierre Pronchery # define ed448_evp_type EVP_PKEY_ED448 451b077aed3SPierre Pronchery # define ed448_d2i_private_key NULL 452b077aed3SPierre Pronchery # define ed448_d2i_public_key NULL 453b077aed3SPierre Pronchery # define ed448_d2i_key_params NULL 454b077aed3SPierre Pronchery # define ed448_d2i_PKCS8 ecx_d2i_PKCS8 455b077aed3SPierre Pronchery # define ed448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED448_PUBKEY 456b077aed3SPierre Pronchery # define ed448_free (free_key_fn *)ossl_ecx_key_free 457b077aed3SPierre Pronchery # define ed448_check NULL 458b077aed3SPierre Pronchery # define ed448_adjust ecx_key_adjust 459b077aed3SPierre Pronchery 460b077aed3SPierre Pronchery # define x25519_evp_type EVP_PKEY_X25519 461b077aed3SPierre Pronchery # define x25519_d2i_private_key NULL 462b077aed3SPierre Pronchery # define x25519_d2i_public_key NULL 463b077aed3SPierre Pronchery # define x25519_d2i_key_params NULL 464b077aed3SPierre Pronchery # define x25519_d2i_PKCS8 ecx_d2i_PKCS8 465b077aed3SPierre Pronchery # define x25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X25519_PUBKEY 466b077aed3SPierre Pronchery # define x25519_free (free_key_fn *)ossl_ecx_key_free 467b077aed3SPierre Pronchery # define x25519_check NULL 468b077aed3SPierre Pronchery # define x25519_adjust ecx_key_adjust 469b077aed3SPierre Pronchery 470b077aed3SPierre Pronchery # define x448_evp_type EVP_PKEY_X448 471b077aed3SPierre Pronchery # define x448_d2i_private_key NULL 472b077aed3SPierre Pronchery # define x448_d2i_public_key NULL 473b077aed3SPierre Pronchery # define x448_d2i_key_params NULL 474b077aed3SPierre Pronchery # define x448_d2i_PKCS8 ecx_d2i_PKCS8 475b077aed3SPierre Pronchery # define x448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X448_PUBKEY 476b077aed3SPierre Pronchery # define x448_free (free_key_fn *)ossl_ecx_key_free 477b077aed3SPierre Pronchery # define x448_check NULL 478b077aed3SPierre Pronchery # define x448_adjust ecx_key_adjust 479b077aed3SPierre Pronchery 480b077aed3SPierre Pronchery # ifndef OPENSSL_NO_SM2 481b077aed3SPierre Pronchery # define sm2_evp_type EVP_PKEY_SM2 482b077aed3SPierre Pronchery # define sm2_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey 483b077aed3SPierre Pronchery # define sm2_d2i_public_key NULL 484b077aed3SPierre Pronchery # define sm2_d2i_key_params (d2i_of_void *)d2i_ECParameters 485b077aed3SPierre Pronchery 486b077aed3SPierre Pronchery static void *sm2_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 487b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 488b077aed3SPierre Pronchery { 489b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 490b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); 491b077aed3SPierre Pronchery } 492b077aed3SPierre Pronchery 493b077aed3SPierre Pronchery # define sm2_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY 494b077aed3SPierre Pronchery # define sm2_free (free_key_fn *)EC_KEY_free 495b077aed3SPierre Pronchery # define sm2_check ec_check 496b077aed3SPierre Pronchery # define sm2_adjust ec_adjust 497b077aed3SPierre Pronchery # endif 498b077aed3SPierre Pronchery #endif 499b077aed3SPierre Pronchery 500b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 501b077aed3SPierre Pronchery 502b077aed3SPierre Pronchery #define rsa_evp_type EVP_PKEY_RSA 503b077aed3SPierre Pronchery #define rsa_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey 504b077aed3SPierre Pronchery #define rsa_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey 505b077aed3SPierre Pronchery #define rsa_d2i_key_params NULL 506b077aed3SPierre Pronchery 507b077aed3SPierre Pronchery static void *rsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 508b077aed3SPierre Pronchery struct der2key_ctx_st *ctx) 509b077aed3SPierre Pronchery { 510b077aed3SPierre Pronchery return der2key_decode_p8(der, der_len, ctx, 511b077aed3SPierre Pronchery (key_from_pkcs8_t *)ossl_rsa_key_from_pkcs8); 512b077aed3SPierre Pronchery } 513b077aed3SPierre Pronchery 514b077aed3SPierre Pronchery #define rsa_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY 515b077aed3SPierre Pronchery #define rsa_free (free_key_fn *)RSA_free 516b077aed3SPierre Pronchery 517b077aed3SPierre Pronchery static int rsa_check(void *key, struct der2key_ctx_st *ctx) 518b077aed3SPierre Pronchery { 519b077aed3SPierre Pronchery switch (RSA_test_flags(key, RSA_FLAG_TYPE_MASK)) { 520b077aed3SPierre Pronchery case RSA_FLAG_TYPE_RSA: 521b077aed3SPierre Pronchery return ctx->desc->evp_type == EVP_PKEY_RSA; 522b077aed3SPierre Pronchery case RSA_FLAG_TYPE_RSASSAPSS: 523b077aed3SPierre Pronchery return ctx->desc->evp_type == EVP_PKEY_RSA_PSS; 524b077aed3SPierre Pronchery } 525b077aed3SPierre Pronchery 526b077aed3SPierre Pronchery /* Currently unsupported RSA key type */ 527b077aed3SPierre Pronchery return 0; 528b077aed3SPierre Pronchery } 529b077aed3SPierre Pronchery 530b077aed3SPierre Pronchery static void rsa_adjust(void *key, struct der2key_ctx_st *ctx) 531b077aed3SPierre Pronchery { 532b077aed3SPierre Pronchery ossl_rsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 533b077aed3SPierre Pronchery } 534b077aed3SPierre Pronchery 535b077aed3SPierre Pronchery #define rsapss_evp_type EVP_PKEY_RSA_PSS 536b077aed3SPierre Pronchery #define rsapss_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey 537b077aed3SPierre Pronchery #define rsapss_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey 538b077aed3SPierre Pronchery #define rsapss_d2i_key_params NULL 539b077aed3SPierre Pronchery #define rsapss_d2i_PKCS8 rsa_d2i_PKCS8 540b077aed3SPierre Pronchery #define rsapss_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY 541b077aed3SPierre Pronchery #define rsapss_free (free_key_fn *)RSA_free 542b077aed3SPierre Pronchery #define rsapss_check rsa_check 543b077aed3SPierre Pronchery #define rsapss_adjust rsa_adjust 544b077aed3SPierre Pronchery 545b077aed3SPierre Pronchery /* ---------------------------------------------------------------------- */ 546b077aed3SPierre Pronchery 547b077aed3SPierre Pronchery /* 548b077aed3SPierre Pronchery * The DO_ macros help define the selection mask and the method functions 549b077aed3SPierre Pronchery * for each kind of object we want to decode. 550b077aed3SPierre Pronchery */ 551b077aed3SPierre Pronchery #define DO_type_specific_keypair(keytype) \ 552b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 553b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ 554b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 555b077aed3SPierre Pronchery keytype##_d2i_public_key, \ 556b077aed3SPierre Pronchery NULL, \ 557b077aed3SPierre Pronchery NULL, \ 558b077aed3SPierre Pronchery NULL, \ 559b077aed3SPierre Pronchery keytype##_check, \ 560b077aed3SPierre Pronchery keytype##_adjust, \ 561b077aed3SPierre Pronchery keytype##_free 562b077aed3SPierre Pronchery 563b077aed3SPierre Pronchery #define DO_type_specific_pub(keytype) \ 564b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 565b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ 566b077aed3SPierre Pronchery NULL, \ 567b077aed3SPierre Pronchery keytype##_d2i_public_key, \ 568b077aed3SPierre Pronchery NULL, \ 569b077aed3SPierre Pronchery NULL, \ 570b077aed3SPierre Pronchery NULL, \ 571b077aed3SPierre Pronchery keytype##_check, \ 572b077aed3SPierre Pronchery keytype##_adjust, \ 573b077aed3SPierre Pronchery keytype##_free 574b077aed3SPierre Pronchery 575b077aed3SPierre Pronchery #define DO_type_specific_priv(keytype) \ 576b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 577b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ 578b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 579b077aed3SPierre Pronchery NULL, \ 580b077aed3SPierre Pronchery NULL, \ 581b077aed3SPierre Pronchery NULL, \ 582b077aed3SPierre Pronchery NULL, \ 583b077aed3SPierre Pronchery keytype##_check, \ 584b077aed3SPierre Pronchery keytype##_adjust, \ 585b077aed3SPierre Pronchery keytype##_free 586b077aed3SPierre Pronchery 587b077aed3SPierre Pronchery #define DO_type_specific_params(keytype) \ 588b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 589b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 590b077aed3SPierre Pronchery NULL, \ 591b077aed3SPierre Pronchery NULL, \ 592b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 593b077aed3SPierre Pronchery NULL, \ 594b077aed3SPierre Pronchery NULL, \ 595b077aed3SPierre Pronchery keytype##_check, \ 596b077aed3SPierre Pronchery keytype##_adjust, \ 597b077aed3SPierre Pronchery keytype##_free 598b077aed3SPierre Pronchery 599b077aed3SPierre Pronchery #define DO_type_specific(keytype) \ 600b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 601b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_ALL ), \ 602b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 603b077aed3SPierre Pronchery keytype##_d2i_public_key, \ 604b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 605b077aed3SPierre Pronchery NULL, \ 606b077aed3SPierre Pronchery NULL, \ 607b077aed3SPierre Pronchery keytype##_check, \ 608b077aed3SPierre Pronchery keytype##_adjust, \ 609b077aed3SPierre Pronchery keytype##_free 610b077aed3SPierre Pronchery 611b077aed3SPierre Pronchery #define DO_type_specific_no_pub(keytype) \ 612b077aed3SPierre Pronchery "type-specific", keytype##_evp_type, \ 613b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ 614b077aed3SPierre Pronchery | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 615b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 616b077aed3SPierre Pronchery NULL, \ 617b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 618b077aed3SPierre Pronchery NULL, \ 619b077aed3SPierre Pronchery NULL, \ 620b077aed3SPierre Pronchery keytype##_check, \ 621b077aed3SPierre Pronchery keytype##_adjust, \ 622b077aed3SPierre Pronchery keytype##_free 623b077aed3SPierre Pronchery 624b077aed3SPierre Pronchery #define DO_PrivateKeyInfo(keytype) \ 625b077aed3SPierre Pronchery "PrivateKeyInfo", keytype##_evp_type, \ 626b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ 627b077aed3SPierre Pronchery NULL, \ 628b077aed3SPierre Pronchery NULL, \ 629b077aed3SPierre Pronchery NULL, \ 630b077aed3SPierre Pronchery keytype##_d2i_PKCS8, \ 631b077aed3SPierre Pronchery NULL, \ 632b077aed3SPierre Pronchery keytype##_check, \ 633b077aed3SPierre Pronchery keytype##_adjust, \ 634b077aed3SPierre Pronchery keytype##_free 635b077aed3SPierre Pronchery 636b077aed3SPierre Pronchery #define DO_SubjectPublicKeyInfo(keytype) \ 637b077aed3SPierre Pronchery "SubjectPublicKeyInfo", keytype##_evp_type, \ 638b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ 639b077aed3SPierre Pronchery NULL, \ 640b077aed3SPierre Pronchery NULL, \ 641b077aed3SPierre Pronchery NULL, \ 642b077aed3SPierre Pronchery NULL, \ 643b077aed3SPierre Pronchery keytype##_d2i_PUBKEY, \ 644b077aed3SPierre Pronchery keytype##_check, \ 645b077aed3SPierre Pronchery keytype##_adjust, \ 646b077aed3SPierre Pronchery keytype##_free 647b077aed3SPierre Pronchery 648b077aed3SPierre Pronchery #define DO_DH(keytype) \ 649b077aed3SPierre Pronchery "DH", keytype##_evp_type, \ 650b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 651b077aed3SPierre Pronchery NULL, \ 652b077aed3SPierre Pronchery NULL, \ 653b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 654b077aed3SPierre Pronchery NULL, \ 655b077aed3SPierre Pronchery NULL, \ 656b077aed3SPierre Pronchery keytype##_check, \ 657b077aed3SPierre Pronchery keytype##_adjust, \ 658b077aed3SPierre Pronchery keytype##_free 659b077aed3SPierre Pronchery 660b077aed3SPierre Pronchery #define DO_DHX(keytype) \ 661b077aed3SPierre Pronchery "DHX", keytype##_evp_type, \ 662b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 663b077aed3SPierre Pronchery NULL, \ 664b077aed3SPierre Pronchery NULL, \ 665b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 666b077aed3SPierre Pronchery NULL, \ 667b077aed3SPierre Pronchery NULL, \ 668b077aed3SPierre Pronchery keytype##_check, \ 669b077aed3SPierre Pronchery keytype##_adjust, \ 670b077aed3SPierre Pronchery keytype##_free 671b077aed3SPierre Pronchery 672b077aed3SPierre Pronchery #define DO_DSA(keytype) \ 673b077aed3SPierre Pronchery "DSA", keytype##_evp_type, \ 674b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_ALL ), \ 675b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 676b077aed3SPierre Pronchery keytype##_d2i_public_key, \ 677b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 678b077aed3SPierre Pronchery NULL, \ 679b077aed3SPierre Pronchery NULL, \ 680b077aed3SPierre Pronchery keytype##_check, \ 681b077aed3SPierre Pronchery keytype##_adjust, \ 682b077aed3SPierre Pronchery keytype##_free 683b077aed3SPierre Pronchery 684b077aed3SPierre Pronchery #define DO_EC(keytype) \ 685b077aed3SPierre Pronchery "EC", keytype##_evp_type, \ 686b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ 687b077aed3SPierre Pronchery | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 688b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 689b077aed3SPierre Pronchery NULL, \ 690b077aed3SPierre Pronchery keytype##_d2i_key_params, \ 691b077aed3SPierre Pronchery NULL, \ 692b077aed3SPierre Pronchery NULL, \ 693b077aed3SPierre Pronchery keytype##_check, \ 694b077aed3SPierre Pronchery keytype##_adjust, \ 695b077aed3SPierre Pronchery keytype##_free 696b077aed3SPierre Pronchery 697b077aed3SPierre Pronchery #define DO_RSA(keytype) \ 698b077aed3SPierre Pronchery "RSA", keytype##_evp_type, \ 699b077aed3SPierre Pronchery ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ 700b077aed3SPierre Pronchery keytype##_d2i_private_key, \ 701b077aed3SPierre Pronchery keytype##_d2i_public_key, \ 702b077aed3SPierre Pronchery NULL, \ 703b077aed3SPierre Pronchery NULL, \ 704b077aed3SPierre Pronchery NULL, \ 705b077aed3SPierre Pronchery keytype##_check, \ 706b077aed3SPierre Pronchery keytype##_adjust, \ 707b077aed3SPierre Pronchery keytype##_free 708b077aed3SPierre Pronchery 709b077aed3SPierre Pronchery /* 710b077aed3SPierre Pronchery * MAKE_DECODER is the single driver for creating OSSL_DISPATCH tables. 711b077aed3SPierre Pronchery * It takes the following arguments: 712b077aed3SPierre Pronchery * 713b077aed3SPierre Pronchery * keytype_name The implementation key type as a string. 714b077aed3SPierre Pronchery * keytype The implementation key type. This must correspond exactly 715b077aed3SPierre Pronchery * to our existing keymgmt keytype names... in other words, 716b077aed3SPierre Pronchery * there must exist an ossl_##keytype##_keymgmt_functions. 717b077aed3SPierre Pronchery * type The type name for the set of functions that implement the 718b077aed3SPierre Pronchery * decoder for the key type. This isn't necessarily the same 719b077aed3SPierre Pronchery * as keytype. For example, the key types ed25519, ed448, 720b077aed3SPierre Pronchery * x25519 and x448 are all handled by the same functions with 721b077aed3SPierre Pronchery * the common type name ecx. 722b077aed3SPierre Pronchery * kind The kind of support to implement. This translates into 723b077aed3SPierre Pronchery * the DO_##kind macros above, to populate the keytype_desc_st 724b077aed3SPierre Pronchery * structure. 725b077aed3SPierre Pronchery */ 726b077aed3SPierre Pronchery #define MAKE_DECODER(keytype_name, keytype, type, kind) \ 727b077aed3SPierre Pronchery static const struct keytype_desc_st kind##_##keytype##_desc = \ 728b077aed3SPierre Pronchery { keytype_name, ossl_##keytype##_keymgmt_functions, \ 729b077aed3SPierre Pronchery DO_##kind(keytype) }; \ 730b077aed3SPierre Pronchery \ 731b077aed3SPierre Pronchery static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \ 732b077aed3SPierre Pronchery \ 733b077aed3SPierre Pronchery static void *kind##_der2##keytype##_newctx(void *provctx) \ 734b077aed3SPierre Pronchery { \ 735b077aed3SPierre Pronchery return der2key_newctx(provctx, &kind##_##keytype##_desc); \ 736b077aed3SPierre Pronchery } \ 737b077aed3SPierre Pronchery static int kind##_der2##keytype##_does_selection(void *provctx, \ 738b077aed3SPierre Pronchery int selection) \ 739b077aed3SPierre Pronchery { \ 740b077aed3SPierre Pronchery return der2key_check_selection(selection, \ 741b077aed3SPierre Pronchery &kind##_##keytype##_desc); \ 742b077aed3SPierre Pronchery } \ 743b077aed3SPierre Pronchery const OSSL_DISPATCH \ 744b077aed3SPierre Pronchery ossl_##kind##_der_to_##keytype##_decoder_functions[] = { \ 745b077aed3SPierre Pronchery { OSSL_FUNC_DECODER_NEWCTX, \ 746b077aed3SPierre Pronchery (void (*)(void))kind##_der2##keytype##_newctx }, \ 747b077aed3SPierre Pronchery { OSSL_FUNC_DECODER_FREECTX, \ 748b077aed3SPierre Pronchery (void (*)(void))der2key_freectx }, \ 749b077aed3SPierre Pronchery { OSSL_FUNC_DECODER_DOES_SELECTION, \ 750b077aed3SPierre Pronchery (void (*)(void))kind##_der2##keytype##_does_selection }, \ 751b077aed3SPierre Pronchery { OSSL_FUNC_DECODER_DECODE, \ 752b077aed3SPierre Pronchery (void (*)(void))der2key_decode }, \ 753b077aed3SPierre Pronchery { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ 754b077aed3SPierre Pronchery (void (*)(void))der2key_export_object }, \ 755b077aed3SPierre Pronchery { 0, NULL } \ 756b077aed3SPierre Pronchery } 757b077aed3SPierre Pronchery 758b077aed3SPierre Pronchery #ifndef OPENSSL_NO_DH 759b077aed3SPierre Pronchery MAKE_DECODER("DH", dh, dh, PrivateKeyInfo); 760b077aed3SPierre Pronchery MAKE_DECODER("DH", dh, dh, SubjectPublicKeyInfo); 761b077aed3SPierre Pronchery MAKE_DECODER("DH", dh, dh, type_specific_params); 762b077aed3SPierre Pronchery MAKE_DECODER("DH", dh, dh, DH); 763b077aed3SPierre Pronchery MAKE_DECODER("DHX", dhx, dhx, PrivateKeyInfo); 764b077aed3SPierre Pronchery MAKE_DECODER("DHX", dhx, dhx, SubjectPublicKeyInfo); 765b077aed3SPierre Pronchery MAKE_DECODER("DHX", dhx, dhx, type_specific_params); 766b077aed3SPierre Pronchery MAKE_DECODER("DHX", dhx, dhx, DHX); 767b077aed3SPierre Pronchery #endif 768b077aed3SPierre Pronchery #ifndef OPENSSL_NO_DSA 769b077aed3SPierre Pronchery MAKE_DECODER("DSA", dsa, dsa, PrivateKeyInfo); 770b077aed3SPierre Pronchery MAKE_DECODER("DSA", dsa, dsa, SubjectPublicKeyInfo); 771b077aed3SPierre Pronchery MAKE_DECODER("DSA", dsa, dsa, type_specific); 772b077aed3SPierre Pronchery MAKE_DECODER("DSA", dsa, dsa, DSA); 773b077aed3SPierre Pronchery #endif 774b077aed3SPierre Pronchery #ifndef OPENSSL_NO_EC 775b077aed3SPierre Pronchery MAKE_DECODER("EC", ec, ec, PrivateKeyInfo); 776b077aed3SPierre Pronchery MAKE_DECODER("EC", ec, ec, SubjectPublicKeyInfo); 777b077aed3SPierre Pronchery MAKE_DECODER("EC", ec, ec, type_specific_no_pub); 778b077aed3SPierre Pronchery MAKE_DECODER("EC", ec, ec, EC); 779b077aed3SPierre Pronchery MAKE_DECODER("X25519", x25519, ecx, PrivateKeyInfo); 780b077aed3SPierre Pronchery MAKE_DECODER("X25519", x25519, ecx, SubjectPublicKeyInfo); 781b077aed3SPierre Pronchery MAKE_DECODER("X448", x448, ecx, PrivateKeyInfo); 782b077aed3SPierre Pronchery MAKE_DECODER("X448", x448, ecx, SubjectPublicKeyInfo); 783b077aed3SPierre Pronchery MAKE_DECODER("ED25519", ed25519, ecx, PrivateKeyInfo); 784b077aed3SPierre Pronchery MAKE_DECODER("ED25519", ed25519, ecx, SubjectPublicKeyInfo); 785b077aed3SPierre Pronchery MAKE_DECODER("ED448", ed448, ecx, PrivateKeyInfo); 786b077aed3SPierre Pronchery MAKE_DECODER("ED448", ed448, ecx, SubjectPublicKeyInfo); 787b077aed3SPierre Pronchery # ifndef OPENSSL_NO_SM2 788b077aed3SPierre Pronchery MAKE_DECODER("SM2", sm2, ec, PrivateKeyInfo); 789b077aed3SPierre Pronchery MAKE_DECODER("SM2", sm2, ec, SubjectPublicKeyInfo); 790b077aed3SPierre Pronchery # endif 791b077aed3SPierre Pronchery #endif 792b077aed3SPierre Pronchery MAKE_DECODER("RSA", rsa, rsa, PrivateKeyInfo); 793b077aed3SPierre Pronchery MAKE_DECODER("RSA", rsa, rsa, SubjectPublicKeyInfo); 794b077aed3SPierre Pronchery MAKE_DECODER("RSA", rsa, rsa, type_specific_keypair); 795b077aed3SPierre Pronchery MAKE_DECODER("RSA", rsa, rsa, RSA); 796b077aed3SPierre Pronchery MAKE_DECODER("RSA-PSS", rsapss, rsapss, PrivateKeyInfo); 797b077aed3SPierre Pronchery MAKE_DECODER("RSA-PSS", rsapss, rsapss, SubjectPublicKeyInfo); 798