1e1051a39Sopenharmony_ci/* 2e1051a39Sopenharmony_ci * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci * 4e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"). You may not use 5e1051a39Sopenharmony_ci * this file except in compliance with the License. You can obtain a copy 6e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at 7e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html 8e1051a39Sopenharmony_ci */ 9e1051a39Sopenharmony_ci 10e1051a39Sopenharmony_ci/* 11e1051a39Sopenharmony_ci * low level APIs are deprecated for public use, but still ok for 12e1051a39Sopenharmony_ci * internal use. 13e1051a39Sopenharmony_ci */ 14e1051a39Sopenharmony_ci#include "internal/deprecated.h" 15e1051a39Sopenharmony_ci 16e1051a39Sopenharmony_ci#include <openssl/core_dispatch.h> 17e1051a39Sopenharmony_ci#include <openssl/core_names.h> 18e1051a39Sopenharmony_ci#include <openssl/core_object.h> 19e1051a39Sopenharmony_ci#include <openssl/crypto.h> 20e1051a39Sopenharmony_ci#include <openssl/err.h> 21e1051a39Sopenharmony_ci#include <openssl/params.h> 22e1051a39Sopenharmony_ci#include <openssl/pem.h> /* PEM_BUFSIZE and public PEM functions */ 23e1051a39Sopenharmony_ci#include <openssl/pkcs12.h> 24e1051a39Sopenharmony_ci#include <openssl/x509.h> 25e1051a39Sopenharmony_ci#include <openssl/proverr.h> 26e1051a39Sopenharmony_ci#include "internal/cryptlib.h" /* ossl_assert() */ 27e1051a39Sopenharmony_ci#include "internal/asn1.h" 28e1051a39Sopenharmony_ci#include "crypto/dh.h" 29e1051a39Sopenharmony_ci#include "crypto/dsa.h" 30e1051a39Sopenharmony_ci#include "crypto/ec.h" 31e1051a39Sopenharmony_ci#include "crypto/evp.h" 32e1051a39Sopenharmony_ci#include "crypto/ecx.h" 33e1051a39Sopenharmony_ci#include "crypto/rsa.h" 34e1051a39Sopenharmony_ci#include "crypto/x509.h" 35e1051a39Sopenharmony_ci#include "prov/bio.h" 36e1051a39Sopenharmony_ci#include "prov/implementations.h" 37e1051a39Sopenharmony_ci#include "endecoder_local.h" 38e1051a39Sopenharmony_ci 39e1051a39Sopenharmony_cistruct der2key_ctx_st; /* Forward declaration */ 40e1051a39Sopenharmony_citypedef int check_key_fn(void *, struct der2key_ctx_st *ctx); 41e1051a39Sopenharmony_citypedef void adjust_key_fn(void *, struct der2key_ctx_st *ctx); 42e1051a39Sopenharmony_citypedef void free_key_fn(void *); 43e1051a39Sopenharmony_citypedef void *d2i_PKCS8_fn(void **, const unsigned char **, long, 44e1051a39Sopenharmony_ci struct der2key_ctx_st *); 45e1051a39Sopenharmony_cistruct keytype_desc_st { 46e1051a39Sopenharmony_ci const char *keytype_name; 47e1051a39Sopenharmony_ci const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */ 48e1051a39Sopenharmony_ci 49e1051a39Sopenharmony_ci /* The input structure name */ 50e1051a39Sopenharmony_ci const char *structure_name; 51e1051a39Sopenharmony_ci 52e1051a39Sopenharmony_ci /* 53e1051a39Sopenharmony_ci * The EVP_PKEY_xxx type macro. Should be zero for type specific 54e1051a39Sopenharmony_ci * structures, non-zero when the outermost structure is PKCS#8 or 55e1051a39Sopenharmony_ci * SubjectPublicKeyInfo. This determines which of the function 56e1051a39Sopenharmony_ci * pointers below will be used. 57e1051a39Sopenharmony_ci */ 58e1051a39Sopenharmony_ci int evp_type; 59e1051a39Sopenharmony_ci 60e1051a39Sopenharmony_ci /* The selection mask for OSSL_FUNC_decoder_does_selection() */ 61e1051a39Sopenharmony_ci int selection_mask; 62e1051a39Sopenharmony_ci 63e1051a39Sopenharmony_ci /* For type specific decoders, we use the corresponding d2i */ 64e1051a39Sopenharmony_ci d2i_of_void *d2i_private_key; /* From type-specific DER */ 65e1051a39Sopenharmony_ci d2i_of_void *d2i_public_key; /* From type-specific DER */ 66e1051a39Sopenharmony_ci d2i_of_void *d2i_key_params; /* From type-specific DER */ 67e1051a39Sopenharmony_ci d2i_PKCS8_fn *d2i_PKCS8; /* Wrapped in a PrivateKeyInfo */ 68e1051a39Sopenharmony_ci d2i_of_void *d2i_PUBKEY; /* Wrapped in a SubjectPublicKeyInfo */ 69e1051a39Sopenharmony_ci 70e1051a39Sopenharmony_ci /* 71e1051a39Sopenharmony_ci * For any key, we may need to check that the key meets expectations. 72e1051a39Sopenharmony_ci * This is useful when the same functions can decode several variants 73e1051a39Sopenharmony_ci * of a key. 74e1051a39Sopenharmony_ci */ 75e1051a39Sopenharmony_ci check_key_fn *check_key; 76e1051a39Sopenharmony_ci 77e1051a39Sopenharmony_ci /* 78e1051a39Sopenharmony_ci * For any key, we may need to make provider specific adjustments, such 79e1051a39Sopenharmony_ci * as ensure the key carries the correct library context. 80e1051a39Sopenharmony_ci */ 81e1051a39Sopenharmony_ci adjust_key_fn *adjust_key; 82e1051a39Sopenharmony_ci /* {type}_free() */ 83e1051a39Sopenharmony_ci free_key_fn *free_key; 84e1051a39Sopenharmony_ci}; 85e1051a39Sopenharmony_ci 86e1051a39Sopenharmony_ci/* 87e1051a39Sopenharmony_ci * Context used for DER to key decoding. 88e1051a39Sopenharmony_ci */ 89e1051a39Sopenharmony_cistruct der2key_ctx_st { 90e1051a39Sopenharmony_ci PROV_CTX *provctx; 91e1051a39Sopenharmony_ci const struct keytype_desc_st *desc; 92e1051a39Sopenharmony_ci /* The selection that is passed to der2key_decode() */ 93e1051a39Sopenharmony_ci int selection; 94e1051a39Sopenharmony_ci /* Flag used to signal that a failure is fatal */ 95e1051a39Sopenharmony_ci unsigned int flag_fatal : 1; 96e1051a39Sopenharmony_ci}; 97e1051a39Sopenharmony_ci 98e1051a39Sopenharmony_citypedef void *key_from_pkcs8_t(const PKCS8_PRIV_KEY_INFO *p8inf, 99e1051a39Sopenharmony_ci OSSL_LIB_CTX *libctx, const char *propq); 100e1051a39Sopenharmony_cistatic void *der2key_decode_p8(const unsigned char **input_der, 101e1051a39Sopenharmony_ci long input_der_len, struct der2key_ctx_st *ctx, 102e1051a39Sopenharmony_ci key_from_pkcs8_t *key_from_pkcs8) 103e1051a39Sopenharmony_ci{ 104e1051a39Sopenharmony_ci PKCS8_PRIV_KEY_INFO *p8inf = NULL; 105e1051a39Sopenharmony_ci const X509_ALGOR *alg = NULL; 106e1051a39Sopenharmony_ci void *key = NULL; 107e1051a39Sopenharmony_ci 108e1051a39Sopenharmony_ci if ((p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, input_der, input_der_len)) != NULL 109e1051a39Sopenharmony_ci && PKCS8_pkey_get0(NULL, NULL, NULL, &alg, p8inf) 110e1051a39Sopenharmony_ci && OBJ_obj2nid(alg->algorithm) == ctx->desc->evp_type) 111e1051a39Sopenharmony_ci key = key_from_pkcs8(p8inf, PROV_LIBCTX_OF(ctx->provctx), NULL); 112e1051a39Sopenharmony_ci PKCS8_PRIV_KEY_INFO_free(p8inf); 113e1051a39Sopenharmony_ci 114e1051a39Sopenharmony_ci return key; 115e1051a39Sopenharmony_ci} 116e1051a39Sopenharmony_ci 117e1051a39Sopenharmony_ci/* ---------------------------------------------------------------------- */ 118e1051a39Sopenharmony_ci 119e1051a39Sopenharmony_cistatic OSSL_FUNC_decoder_freectx_fn der2key_freectx; 120e1051a39Sopenharmony_cistatic OSSL_FUNC_decoder_decode_fn der2key_decode; 121e1051a39Sopenharmony_cistatic OSSL_FUNC_decoder_export_object_fn der2key_export_object; 122e1051a39Sopenharmony_ci 123e1051a39Sopenharmony_cistatic struct der2key_ctx_st * 124e1051a39Sopenharmony_cider2key_newctx(void *provctx, const struct keytype_desc_st *desc) 125e1051a39Sopenharmony_ci{ 126e1051a39Sopenharmony_ci struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); 127e1051a39Sopenharmony_ci 128e1051a39Sopenharmony_ci if (ctx != NULL) { 129e1051a39Sopenharmony_ci ctx->provctx = provctx; 130e1051a39Sopenharmony_ci ctx->desc = desc; 131e1051a39Sopenharmony_ci } 132e1051a39Sopenharmony_ci return ctx; 133e1051a39Sopenharmony_ci} 134e1051a39Sopenharmony_ci 135e1051a39Sopenharmony_cistatic void der2key_freectx(void *vctx) 136e1051a39Sopenharmony_ci{ 137e1051a39Sopenharmony_ci struct der2key_ctx_st *ctx = vctx; 138e1051a39Sopenharmony_ci 139e1051a39Sopenharmony_ci OPENSSL_free(ctx); 140e1051a39Sopenharmony_ci} 141e1051a39Sopenharmony_ci 142e1051a39Sopenharmony_cistatic int der2key_check_selection(int selection, 143e1051a39Sopenharmony_ci const struct keytype_desc_st *desc) 144e1051a39Sopenharmony_ci{ 145e1051a39Sopenharmony_ci /* 146e1051a39Sopenharmony_ci * The selections are kinda sorta "levels", i.e. each selection given 147e1051a39Sopenharmony_ci * here is assumed to include those following. 148e1051a39Sopenharmony_ci */ 149e1051a39Sopenharmony_ci int checks[] = { 150e1051a39Sopenharmony_ci OSSL_KEYMGMT_SELECT_PRIVATE_KEY, 151e1051a39Sopenharmony_ci OSSL_KEYMGMT_SELECT_PUBLIC_KEY, 152e1051a39Sopenharmony_ci OSSL_KEYMGMT_SELECT_ALL_PARAMETERS 153e1051a39Sopenharmony_ci }; 154e1051a39Sopenharmony_ci size_t i; 155e1051a39Sopenharmony_ci 156e1051a39Sopenharmony_ci /* The decoder implementations made here support guessing */ 157e1051a39Sopenharmony_ci if (selection == 0) 158e1051a39Sopenharmony_ci return 1; 159e1051a39Sopenharmony_ci 160e1051a39Sopenharmony_ci for (i = 0; i < OSSL_NELEM(checks); i++) { 161e1051a39Sopenharmony_ci int check1 = (selection & checks[i]) != 0; 162e1051a39Sopenharmony_ci int check2 = (desc->selection_mask & checks[i]) != 0; 163e1051a39Sopenharmony_ci 164e1051a39Sopenharmony_ci /* 165e1051a39Sopenharmony_ci * If the caller asked for the currently checked bit(s), return 166e1051a39Sopenharmony_ci * whether the decoder description says it's supported. 167e1051a39Sopenharmony_ci */ 168e1051a39Sopenharmony_ci if (check1) 169e1051a39Sopenharmony_ci return check2; 170e1051a39Sopenharmony_ci } 171e1051a39Sopenharmony_ci 172e1051a39Sopenharmony_ci /* This should be dead code, but just to be safe... */ 173e1051a39Sopenharmony_ci return 0; 174e1051a39Sopenharmony_ci} 175e1051a39Sopenharmony_ci 176e1051a39Sopenharmony_cistatic int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, 177e1051a39Sopenharmony_ci OSSL_CALLBACK *data_cb, void *data_cbarg, 178e1051a39Sopenharmony_ci OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) 179e1051a39Sopenharmony_ci{ 180e1051a39Sopenharmony_ci struct der2key_ctx_st *ctx = vctx; 181e1051a39Sopenharmony_ci unsigned char *der = NULL; 182e1051a39Sopenharmony_ci const unsigned char *derp; 183e1051a39Sopenharmony_ci long der_len = 0; 184e1051a39Sopenharmony_ci void *key = NULL; 185e1051a39Sopenharmony_ci int ok = 0; 186e1051a39Sopenharmony_ci 187e1051a39Sopenharmony_ci ctx->selection = selection; 188e1051a39Sopenharmony_ci /* 189e1051a39Sopenharmony_ci * The caller is allowed to specify 0 as a selection mark, to have the 190e1051a39Sopenharmony_ci * structure and key type guessed. For type-specific structures, this 191e1051a39Sopenharmony_ci * is not recommended, as some structures are very similar. 192e1051a39Sopenharmony_ci * Note that 0 isn't the same as OSSL_KEYMGMT_SELECT_ALL, as the latter 193e1051a39Sopenharmony_ci * signifies a private key structure, where everything else is assumed 194e1051a39Sopenharmony_ci * to be present as well. 195e1051a39Sopenharmony_ci */ 196e1051a39Sopenharmony_ci if (selection == 0) 197e1051a39Sopenharmony_ci selection = ctx->desc->selection_mask; 198e1051a39Sopenharmony_ci if ((selection & ctx->desc->selection_mask) == 0) { 199e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); 200e1051a39Sopenharmony_ci return 0; 201e1051a39Sopenharmony_ci } 202e1051a39Sopenharmony_ci 203e1051a39Sopenharmony_ci ok = ossl_read_der(ctx->provctx, cin, &der, &der_len); 204e1051a39Sopenharmony_ci if (!ok) 205e1051a39Sopenharmony_ci goto next; 206e1051a39Sopenharmony_ci 207e1051a39Sopenharmony_ci ok = 0; /* Assume that we fail */ 208e1051a39Sopenharmony_ci 209e1051a39Sopenharmony_ci ERR_set_mark(); 210e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { 211e1051a39Sopenharmony_ci derp = der; 212e1051a39Sopenharmony_ci if (ctx->desc->d2i_PKCS8 != NULL) { 213e1051a39Sopenharmony_ci key = ctx->desc->d2i_PKCS8(NULL, &derp, der_len, ctx); 214e1051a39Sopenharmony_ci if (ctx->flag_fatal) { 215e1051a39Sopenharmony_ci ERR_clear_last_mark(); 216e1051a39Sopenharmony_ci goto end; 217e1051a39Sopenharmony_ci } 218e1051a39Sopenharmony_ci } else if (ctx->desc->d2i_private_key != NULL) { 219e1051a39Sopenharmony_ci key = ctx->desc->d2i_private_key(NULL, &derp, der_len); 220e1051a39Sopenharmony_ci } 221e1051a39Sopenharmony_ci if (key == NULL && ctx->selection != 0) { 222e1051a39Sopenharmony_ci ERR_clear_last_mark(); 223e1051a39Sopenharmony_ci goto next; 224e1051a39Sopenharmony_ci } 225e1051a39Sopenharmony_ci } 226e1051a39Sopenharmony_ci if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { 227e1051a39Sopenharmony_ci derp = der; 228e1051a39Sopenharmony_ci if (ctx->desc->d2i_PUBKEY != NULL) 229e1051a39Sopenharmony_ci key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len); 230e1051a39Sopenharmony_ci else if (ctx->desc->d2i_public_key != NULL) 231e1051a39Sopenharmony_ci key = ctx->desc->d2i_public_key(NULL, &derp, der_len); 232e1051a39Sopenharmony_ci if (key == NULL && ctx->selection != 0) { 233e1051a39Sopenharmony_ci ERR_clear_last_mark(); 234e1051a39Sopenharmony_ci goto next; 235e1051a39Sopenharmony_ci } 236e1051a39Sopenharmony_ci } 237e1051a39Sopenharmony_ci if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) { 238e1051a39Sopenharmony_ci derp = der; 239e1051a39Sopenharmony_ci if (ctx->desc->d2i_key_params != NULL) 240e1051a39Sopenharmony_ci key = ctx->desc->d2i_key_params(NULL, &derp, der_len); 241e1051a39Sopenharmony_ci if (key == NULL && ctx->selection != 0) { 242e1051a39Sopenharmony_ci ERR_clear_last_mark(); 243e1051a39Sopenharmony_ci goto next; 244e1051a39Sopenharmony_ci } 245e1051a39Sopenharmony_ci } 246e1051a39Sopenharmony_ci if (key == NULL) 247e1051a39Sopenharmony_ci ERR_clear_last_mark(); 248e1051a39Sopenharmony_ci else 249e1051a39Sopenharmony_ci ERR_pop_to_mark(); 250e1051a39Sopenharmony_ci 251e1051a39Sopenharmony_ci /* 252e1051a39Sopenharmony_ci * Last minute check to see if this was the correct type of key. This 253e1051a39Sopenharmony_ci * should never lead to a fatal error, i.e. the decoding itself was 254e1051a39Sopenharmony_ci * correct, it was just an unexpected key type. This is generally for 255e1051a39Sopenharmony_ci * classes of key types that have subtle variants, like RSA-PSS keys as 256e1051a39Sopenharmony_ci * opposed to plain RSA keys. 257e1051a39Sopenharmony_ci */ 258e1051a39Sopenharmony_ci if (key != NULL 259e1051a39Sopenharmony_ci && ctx->desc->check_key != NULL 260e1051a39Sopenharmony_ci && !ctx->desc->check_key(key, ctx)) { 261e1051a39Sopenharmony_ci ctx->desc->free_key(key); 262e1051a39Sopenharmony_ci key = NULL; 263e1051a39Sopenharmony_ci } 264e1051a39Sopenharmony_ci 265e1051a39Sopenharmony_ci if (key != NULL && ctx->desc->adjust_key != NULL) 266e1051a39Sopenharmony_ci ctx->desc->adjust_key(key, ctx); 267e1051a39Sopenharmony_ci 268e1051a39Sopenharmony_ci next: 269e1051a39Sopenharmony_ci /* 270e1051a39Sopenharmony_ci * Indicated that we successfully decoded something, or not at all. 271e1051a39Sopenharmony_ci * Ending up "empty handed" is not an error. 272e1051a39Sopenharmony_ci */ 273e1051a39Sopenharmony_ci ok = 1; 274e1051a39Sopenharmony_ci 275e1051a39Sopenharmony_ci /* 276e1051a39Sopenharmony_ci * We free memory here so it's not held up during the callback, because 277e1051a39Sopenharmony_ci * we know the process is recursive and the allocated chunks of memory 278e1051a39Sopenharmony_ci * add up. 279e1051a39Sopenharmony_ci */ 280e1051a39Sopenharmony_ci OPENSSL_free(der); 281e1051a39Sopenharmony_ci der = NULL; 282e1051a39Sopenharmony_ci 283e1051a39Sopenharmony_ci if (key != NULL) { 284e1051a39Sopenharmony_ci OSSL_PARAM params[4]; 285e1051a39Sopenharmony_ci int object_type = OSSL_OBJECT_PKEY; 286e1051a39Sopenharmony_ci 287e1051a39Sopenharmony_ci params[0] = 288e1051a39Sopenharmony_ci OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); 289e1051a39Sopenharmony_ci params[1] = 290e1051a39Sopenharmony_ci OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, 291e1051a39Sopenharmony_ci (char *)ctx->desc->keytype_name, 292e1051a39Sopenharmony_ci 0); 293e1051a39Sopenharmony_ci /* The address of the key becomes the octet string */ 294e1051a39Sopenharmony_ci params[2] = 295e1051a39Sopenharmony_ci OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, 296e1051a39Sopenharmony_ci &key, sizeof(key)); 297e1051a39Sopenharmony_ci params[3] = OSSL_PARAM_construct_end(); 298e1051a39Sopenharmony_ci 299e1051a39Sopenharmony_ci ok = data_cb(params, data_cbarg); 300e1051a39Sopenharmony_ci } 301e1051a39Sopenharmony_ci 302e1051a39Sopenharmony_ci end: 303e1051a39Sopenharmony_ci ctx->desc->free_key(key); 304e1051a39Sopenharmony_ci OPENSSL_free(der); 305e1051a39Sopenharmony_ci 306e1051a39Sopenharmony_ci return ok; 307e1051a39Sopenharmony_ci} 308e1051a39Sopenharmony_ci 309e1051a39Sopenharmony_cistatic int der2key_export_object(void *vctx, 310e1051a39Sopenharmony_ci const void *reference, size_t reference_sz, 311e1051a39Sopenharmony_ci OSSL_CALLBACK *export_cb, void *export_cbarg) 312e1051a39Sopenharmony_ci{ 313e1051a39Sopenharmony_ci struct der2key_ctx_st *ctx = vctx; 314e1051a39Sopenharmony_ci OSSL_FUNC_keymgmt_export_fn *export = 315e1051a39Sopenharmony_ci ossl_prov_get_keymgmt_export(ctx->desc->fns); 316e1051a39Sopenharmony_ci void *keydata; 317e1051a39Sopenharmony_ci 318e1051a39Sopenharmony_ci if (reference_sz == sizeof(keydata) && export != NULL) { 319e1051a39Sopenharmony_ci /* The contents of the reference is the address to our object */ 320e1051a39Sopenharmony_ci keydata = *(void **)reference; 321e1051a39Sopenharmony_ci 322e1051a39Sopenharmony_ci return export(keydata, ctx->selection, export_cb, export_cbarg); 323e1051a39Sopenharmony_ci } 324e1051a39Sopenharmony_ci return 0; 325e1051a39Sopenharmony_ci} 326e1051a39Sopenharmony_ci 327e1051a39Sopenharmony_ci/* ---------------------------------------------------------------------- */ 328e1051a39Sopenharmony_ci 329e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DH 330e1051a39Sopenharmony_ci# define dh_evp_type EVP_PKEY_DH 331e1051a39Sopenharmony_ci# define dh_d2i_private_key NULL 332e1051a39Sopenharmony_ci# define dh_d2i_public_key NULL 333e1051a39Sopenharmony_ci# define dh_d2i_key_params (d2i_of_void *)d2i_DHparams 334e1051a39Sopenharmony_ci 335e1051a39Sopenharmony_cistatic void *dh_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 336e1051a39Sopenharmony_ci struct der2key_ctx_st *ctx) 337e1051a39Sopenharmony_ci{ 338e1051a39Sopenharmony_ci return der2key_decode_p8(der, der_len, ctx, 339e1051a39Sopenharmony_ci (key_from_pkcs8_t *)ossl_dh_key_from_pkcs8); 340e1051a39Sopenharmony_ci} 341e1051a39Sopenharmony_ci 342e1051a39Sopenharmony_ci# define dh_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DH_PUBKEY 343e1051a39Sopenharmony_ci# define dh_free (free_key_fn *)DH_free 344e1051a39Sopenharmony_ci# define dh_check NULL 345e1051a39Sopenharmony_ci 346e1051a39Sopenharmony_cistatic void dh_adjust(void *key, struct der2key_ctx_st *ctx) 347e1051a39Sopenharmony_ci{ 348e1051a39Sopenharmony_ci ossl_dh_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 349e1051a39Sopenharmony_ci} 350e1051a39Sopenharmony_ci 351e1051a39Sopenharmony_ci# define dhx_evp_type EVP_PKEY_DHX 352e1051a39Sopenharmony_ci# define dhx_d2i_private_key NULL 353e1051a39Sopenharmony_ci# define dhx_d2i_public_key NULL 354e1051a39Sopenharmony_ci# define dhx_d2i_key_params (d2i_of_void *)d2i_DHxparams 355e1051a39Sopenharmony_ci# define dhx_d2i_PKCS8 dh_d2i_PKCS8 356e1051a39Sopenharmony_ci# define dhx_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DHx_PUBKEY 357e1051a39Sopenharmony_ci# define dhx_free (free_key_fn *)DH_free 358e1051a39Sopenharmony_ci# define dhx_check NULL 359e1051a39Sopenharmony_ci# define dhx_adjust dh_adjust 360e1051a39Sopenharmony_ci#endif 361e1051a39Sopenharmony_ci 362e1051a39Sopenharmony_ci/* ---------------------------------------------------------------------- */ 363e1051a39Sopenharmony_ci 364e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DSA 365e1051a39Sopenharmony_ci# define dsa_evp_type EVP_PKEY_DSA 366e1051a39Sopenharmony_ci# define dsa_d2i_private_key (d2i_of_void *)d2i_DSAPrivateKey 367e1051a39Sopenharmony_ci# define dsa_d2i_public_key (d2i_of_void *)d2i_DSAPublicKey 368e1051a39Sopenharmony_ci# define dsa_d2i_key_params (d2i_of_void *)d2i_DSAparams 369e1051a39Sopenharmony_ci 370e1051a39Sopenharmony_cistatic void *dsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 371e1051a39Sopenharmony_ci struct der2key_ctx_st *ctx) 372e1051a39Sopenharmony_ci{ 373e1051a39Sopenharmony_ci return der2key_decode_p8(der, der_len, ctx, 374e1051a39Sopenharmony_ci (key_from_pkcs8_t *)ossl_dsa_key_from_pkcs8); 375e1051a39Sopenharmony_ci} 376e1051a39Sopenharmony_ci 377e1051a39Sopenharmony_ci# define dsa_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DSA_PUBKEY 378e1051a39Sopenharmony_ci# define dsa_free (free_key_fn *)DSA_free 379e1051a39Sopenharmony_ci# define dsa_check NULL 380e1051a39Sopenharmony_ci 381e1051a39Sopenharmony_cistatic void dsa_adjust(void *key, struct der2key_ctx_st *ctx) 382e1051a39Sopenharmony_ci{ 383e1051a39Sopenharmony_ci ossl_dsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 384e1051a39Sopenharmony_ci} 385e1051a39Sopenharmony_ci#endif 386e1051a39Sopenharmony_ci 387e1051a39Sopenharmony_ci/* ---------------------------------------------------------------------- */ 388e1051a39Sopenharmony_ci 389e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_EC 390e1051a39Sopenharmony_ci# define ec_evp_type EVP_PKEY_EC 391e1051a39Sopenharmony_ci# define ec_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey 392e1051a39Sopenharmony_ci# define ec_d2i_public_key NULL 393e1051a39Sopenharmony_ci# define ec_d2i_key_params (d2i_of_void *)d2i_ECParameters 394e1051a39Sopenharmony_ci 395e1051a39Sopenharmony_cistatic void *ec_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 396e1051a39Sopenharmony_ci struct der2key_ctx_st *ctx) 397e1051a39Sopenharmony_ci{ 398e1051a39Sopenharmony_ci return der2key_decode_p8(der, der_len, ctx, 399e1051a39Sopenharmony_ci (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); 400e1051a39Sopenharmony_ci} 401e1051a39Sopenharmony_ci 402e1051a39Sopenharmony_ci# define ec_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY 403e1051a39Sopenharmony_ci# define ec_free (free_key_fn *)EC_KEY_free 404e1051a39Sopenharmony_ci 405e1051a39Sopenharmony_cistatic int ec_check(void *key, struct der2key_ctx_st *ctx) 406e1051a39Sopenharmony_ci{ 407e1051a39Sopenharmony_ci /* We're trying to be clever by comparing two truths */ 408e1051a39Sopenharmony_ci 409e1051a39Sopenharmony_ci int sm2 = (EC_KEY_get_flags(key) & EC_FLAG_SM2_RANGE) != 0; 410e1051a39Sopenharmony_ci 411e1051a39Sopenharmony_ci return sm2 == (ctx->desc->evp_type == EVP_PKEY_SM2); 412e1051a39Sopenharmony_ci} 413e1051a39Sopenharmony_ci 414e1051a39Sopenharmony_cistatic void ec_adjust(void *key, struct der2key_ctx_st *ctx) 415e1051a39Sopenharmony_ci{ 416e1051a39Sopenharmony_ci ossl_ec_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 417e1051a39Sopenharmony_ci} 418e1051a39Sopenharmony_ci 419e1051a39Sopenharmony_ci/* 420e1051a39Sopenharmony_ci * ED25519, ED448, X25519, X448 only implement PKCS#8 and SubjectPublicKeyInfo, 421e1051a39Sopenharmony_ci * so no d2i functions to be had. 422e1051a39Sopenharmony_ci */ 423e1051a39Sopenharmony_ci 424e1051a39Sopenharmony_cistatic void *ecx_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 425e1051a39Sopenharmony_ci struct der2key_ctx_st *ctx) 426e1051a39Sopenharmony_ci{ 427e1051a39Sopenharmony_ci return der2key_decode_p8(der, der_len, ctx, 428e1051a39Sopenharmony_ci (key_from_pkcs8_t *)ossl_ecx_key_from_pkcs8); 429e1051a39Sopenharmony_ci} 430e1051a39Sopenharmony_ci 431e1051a39Sopenharmony_cistatic void ecx_key_adjust(void *key, struct der2key_ctx_st *ctx) 432e1051a39Sopenharmony_ci{ 433e1051a39Sopenharmony_ci ossl_ecx_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 434e1051a39Sopenharmony_ci} 435e1051a39Sopenharmony_ci 436e1051a39Sopenharmony_ci# define ed25519_evp_type EVP_PKEY_ED25519 437e1051a39Sopenharmony_ci# define ed25519_d2i_private_key NULL 438e1051a39Sopenharmony_ci# define ed25519_d2i_public_key NULL 439e1051a39Sopenharmony_ci# define ed25519_d2i_key_params NULL 440e1051a39Sopenharmony_ci# define ed25519_d2i_PKCS8 ecx_d2i_PKCS8 441e1051a39Sopenharmony_ci# define ed25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED25519_PUBKEY 442e1051a39Sopenharmony_ci# define ed25519_free (free_key_fn *)ossl_ecx_key_free 443e1051a39Sopenharmony_ci# define ed25519_check NULL 444e1051a39Sopenharmony_ci# define ed25519_adjust ecx_key_adjust 445e1051a39Sopenharmony_ci 446e1051a39Sopenharmony_ci# define ed448_evp_type EVP_PKEY_ED448 447e1051a39Sopenharmony_ci# define ed448_d2i_private_key NULL 448e1051a39Sopenharmony_ci# define ed448_d2i_public_key NULL 449e1051a39Sopenharmony_ci# define ed448_d2i_key_params NULL 450e1051a39Sopenharmony_ci# define ed448_d2i_PKCS8 ecx_d2i_PKCS8 451e1051a39Sopenharmony_ci# define ed448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED448_PUBKEY 452e1051a39Sopenharmony_ci# define ed448_free (free_key_fn *)ossl_ecx_key_free 453e1051a39Sopenharmony_ci# define ed448_check NULL 454e1051a39Sopenharmony_ci# define ed448_adjust ecx_key_adjust 455e1051a39Sopenharmony_ci 456e1051a39Sopenharmony_ci# define x25519_evp_type EVP_PKEY_X25519 457e1051a39Sopenharmony_ci# define x25519_d2i_private_key NULL 458e1051a39Sopenharmony_ci# define x25519_d2i_public_key NULL 459e1051a39Sopenharmony_ci# define x25519_d2i_key_params NULL 460e1051a39Sopenharmony_ci# define x25519_d2i_PKCS8 ecx_d2i_PKCS8 461e1051a39Sopenharmony_ci# define x25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X25519_PUBKEY 462e1051a39Sopenharmony_ci# define x25519_free (free_key_fn *)ossl_ecx_key_free 463e1051a39Sopenharmony_ci# define x25519_check NULL 464e1051a39Sopenharmony_ci# define x25519_adjust ecx_key_adjust 465e1051a39Sopenharmony_ci 466e1051a39Sopenharmony_ci# define x448_evp_type EVP_PKEY_X448 467e1051a39Sopenharmony_ci# define x448_d2i_private_key NULL 468e1051a39Sopenharmony_ci# define x448_d2i_public_key NULL 469e1051a39Sopenharmony_ci# define x448_d2i_key_params NULL 470e1051a39Sopenharmony_ci# define x448_d2i_PKCS8 ecx_d2i_PKCS8 471e1051a39Sopenharmony_ci# define x448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X448_PUBKEY 472e1051a39Sopenharmony_ci# define x448_free (free_key_fn *)ossl_ecx_key_free 473e1051a39Sopenharmony_ci# define x448_check NULL 474e1051a39Sopenharmony_ci# define x448_adjust ecx_key_adjust 475e1051a39Sopenharmony_ci 476e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_SM2 477e1051a39Sopenharmony_ci# define sm2_evp_type EVP_PKEY_SM2 478e1051a39Sopenharmony_ci# define sm2_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey 479e1051a39Sopenharmony_ci# define sm2_d2i_public_key NULL 480e1051a39Sopenharmony_ci# define sm2_d2i_key_params (d2i_of_void *)d2i_ECParameters 481e1051a39Sopenharmony_ci 482e1051a39Sopenharmony_cistatic void *sm2_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 483e1051a39Sopenharmony_ci struct der2key_ctx_st *ctx) 484e1051a39Sopenharmony_ci{ 485e1051a39Sopenharmony_ci return der2key_decode_p8(der, der_len, ctx, 486e1051a39Sopenharmony_ci (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); 487e1051a39Sopenharmony_ci} 488e1051a39Sopenharmony_ci 489e1051a39Sopenharmony_ci# define sm2_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY 490e1051a39Sopenharmony_ci# define sm2_free (free_key_fn *)EC_KEY_free 491e1051a39Sopenharmony_ci# define sm2_check ec_check 492e1051a39Sopenharmony_ci# define sm2_adjust ec_adjust 493e1051a39Sopenharmony_ci# endif 494e1051a39Sopenharmony_ci#endif 495e1051a39Sopenharmony_ci 496e1051a39Sopenharmony_ci/* ---------------------------------------------------------------------- */ 497e1051a39Sopenharmony_ci 498e1051a39Sopenharmony_ci#define rsa_evp_type EVP_PKEY_RSA 499e1051a39Sopenharmony_ci#define rsa_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey 500e1051a39Sopenharmony_ci#define rsa_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey 501e1051a39Sopenharmony_ci#define rsa_d2i_key_params NULL 502e1051a39Sopenharmony_ci 503e1051a39Sopenharmony_cistatic void *rsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len, 504e1051a39Sopenharmony_ci struct der2key_ctx_st *ctx) 505e1051a39Sopenharmony_ci{ 506e1051a39Sopenharmony_ci return der2key_decode_p8(der, der_len, ctx, 507e1051a39Sopenharmony_ci (key_from_pkcs8_t *)ossl_rsa_key_from_pkcs8); 508e1051a39Sopenharmony_ci} 509e1051a39Sopenharmony_ci 510e1051a39Sopenharmony_ci#define rsa_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY 511e1051a39Sopenharmony_ci#define rsa_free (free_key_fn *)RSA_free 512e1051a39Sopenharmony_ci 513e1051a39Sopenharmony_cistatic int rsa_check(void *key, struct der2key_ctx_st *ctx) 514e1051a39Sopenharmony_ci{ 515e1051a39Sopenharmony_ci switch (RSA_test_flags(key, RSA_FLAG_TYPE_MASK)) { 516e1051a39Sopenharmony_ci case RSA_FLAG_TYPE_RSA: 517e1051a39Sopenharmony_ci return ctx->desc->evp_type == EVP_PKEY_RSA; 518e1051a39Sopenharmony_ci case RSA_FLAG_TYPE_RSASSAPSS: 519e1051a39Sopenharmony_ci return ctx->desc->evp_type == EVP_PKEY_RSA_PSS; 520e1051a39Sopenharmony_ci } 521e1051a39Sopenharmony_ci 522e1051a39Sopenharmony_ci /* Currently unsupported RSA key type */ 523e1051a39Sopenharmony_ci return 0; 524e1051a39Sopenharmony_ci} 525e1051a39Sopenharmony_ci 526e1051a39Sopenharmony_cistatic void rsa_adjust(void *key, struct der2key_ctx_st *ctx) 527e1051a39Sopenharmony_ci{ 528e1051a39Sopenharmony_ci ossl_rsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); 529e1051a39Sopenharmony_ci} 530e1051a39Sopenharmony_ci 531e1051a39Sopenharmony_ci#define rsapss_evp_type EVP_PKEY_RSA_PSS 532e1051a39Sopenharmony_ci#define rsapss_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey 533e1051a39Sopenharmony_ci#define rsapss_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey 534e1051a39Sopenharmony_ci#define rsapss_d2i_key_params NULL 535e1051a39Sopenharmony_ci#define rsapss_d2i_PKCS8 rsa_d2i_PKCS8 536e1051a39Sopenharmony_ci#define rsapss_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY 537e1051a39Sopenharmony_ci#define rsapss_free (free_key_fn *)RSA_free 538e1051a39Sopenharmony_ci#define rsapss_check rsa_check 539e1051a39Sopenharmony_ci#define rsapss_adjust rsa_adjust 540e1051a39Sopenharmony_ci 541e1051a39Sopenharmony_ci/* ---------------------------------------------------------------------- */ 542e1051a39Sopenharmony_ci 543e1051a39Sopenharmony_ci/* 544e1051a39Sopenharmony_ci * The DO_ macros help define the selection mask and the method functions 545e1051a39Sopenharmony_ci * for each kind of object we want to decode. 546e1051a39Sopenharmony_ci */ 547e1051a39Sopenharmony_ci#define DO_type_specific_keypair(keytype) \ 548e1051a39Sopenharmony_ci "type-specific", keytype##_evp_type, \ 549e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ 550e1051a39Sopenharmony_ci keytype##_d2i_private_key, \ 551e1051a39Sopenharmony_ci keytype##_d2i_public_key, \ 552e1051a39Sopenharmony_ci NULL, \ 553e1051a39Sopenharmony_ci NULL, \ 554e1051a39Sopenharmony_ci NULL, \ 555e1051a39Sopenharmony_ci keytype##_check, \ 556e1051a39Sopenharmony_ci keytype##_adjust, \ 557e1051a39Sopenharmony_ci keytype##_free 558e1051a39Sopenharmony_ci 559e1051a39Sopenharmony_ci#define DO_type_specific_pub(keytype) \ 560e1051a39Sopenharmony_ci "type-specific", keytype##_evp_type, \ 561e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ 562e1051a39Sopenharmony_ci NULL, \ 563e1051a39Sopenharmony_ci keytype##_d2i_public_key, \ 564e1051a39Sopenharmony_ci NULL, \ 565e1051a39Sopenharmony_ci NULL, \ 566e1051a39Sopenharmony_ci NULL, \ 567e1051a39Sopenharmony_ci keytype##_check, \ 568e1051a39Sopenharmony_ci keytype##_adjust, \ 569e1051a39Sopenharmony_ci keytype##_free 570e1051a39Sopenharmony_ci 571e1051a39Sopenharmony_ci#define DO_type_specific_priv(keytype) \ 572e1051a39Sopenharmony_ci "type-specific", keytype##_evp_type, \ 573e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ 574e1051a39Sopenharmony_ci keytype##_d2i_private_key, \ 575e1051a39Sopenharmony_ci NULL, \ 576e1051a39Sopenharmony_ci NULL, \ 577e1051a39Sopenharmony_ci NULL, \ 578e1051a39Sopenharmony_ci NULL, \ 579e1051a39Sopenharmony_ci keytype##_check, \ 580e1051a39Sopenharmony_ci keytype##_adjust, \ 581e1051a39Sopenharmony_ci keytype##_free 582e1051a39Sopenharmony_ci 583e1051a39Sopenharmony_ci#define DO_type_specific_params(keytype) \ 584e1051a39Sopenharmony_ci "type-specific", keytype##_evp_type, \ 585e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 586e1051a39Sopenharmony_ci NULL, \ 587e1051a39Sopenharmony_ci NULL, \ 588e1051a39Sopenharmony_ci keytype##_d2i_key_params, \ 589e1051a39Sopenharmony_ci NULL, \ 590e1051a39Sopenharmony_ci NULL, \ 591e1051a39Sopenharmony_ci keytype##_check, \ 592e1051a39Sopenharmony_ci keytype##_adjust, \ 593e1051a39Sopenharmony_ci keytype##_free 594e1051a39Sopenharmony_ci 595e1051a39Sopenharmony_ci#define DO_type_specific(keytype) \ 596e1051a39Sopenharmony_ci "type-specific", keytype##_evp_type, \ 597e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_ALL ), \ 598e1051a39Sopenharmony_ci keytype##_d2i_private_key, \ 599e1051a39Sopenharmony_ci keytype##_d2i_public_key, \ 600e1051a39Sopenharmony_ci keytype##_d2i_key_params, \ 601e1051a39Sopenharmony_ci NULL, \ 602e1051a39Sopenharmony_ci NULL, \ 603e1051a39Sopenharmony_ci keytype##_check, \ 604e1051a39Sopenharmony_ci keytype##_adjust, \ 605e1051a39Sopenharmony_ci keytype##_free 606e1051a39Sopenharmony_ci 607e1051a39Sopenharmony_ci#define DO_type_specific_no_pub(keytype) \ 608e1051a39Sopenharmony_ci "type-specific", keytype##_evp_type, \ 609e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ 610e1051a39Sopenharmony_ci | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 611e1051a39Sopenharmony_ci keytype##_d2i_private_key, \ 612e1051a39Sopenharmony_ci NULL, \ 613e1051a39Sopenharmony_ci keytype##_d2i_key_params, \ 614e1051a39Sopenharmony_ci NULL, \ 615e1051a39Sopenharmony_ci NULL, \ 616e1051a39Sopenharmony_ci keytype##_check, \ 617e1051a39Sopenharmony_ci keytype##_adjust, \ 618e1051a39Sopenharmony_ci keytype##_free 619e1051a39Sopenharmony_ci 620e1051a39Sopenharmony_ci#define DO_PrivateKeyInfo(keytype) \ 621e1051a39Sopenharmony_ci "PrivateKeyInfo", keytype##_evp_type, \ 622e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ 623e1051a39Sopenharmony_ci NULL, \ 624e1051a39Sopenharmony_ci NULL, \ 625e1051a39Sopenharmony_ci NULL, \ 626e1051a39Sopenharmony_ci keytype##_d2i_PKCS8, \ 627e1051a39Sopenharmony_ci NULL, \ 628e1051a39Sopenharmony_ci keytype##_check, \ 629e1051a39Sopenharmony_ci keytype##_adjust, \ 630e1051a39Sopenharmony_ci keytype##_free 631e1051a39Sopenharmony_ci 632e1051a39Sopenharmony_ci#define DO_SubjectPublicKeyInfo(keytype) \ 633e1051a39Sopenharmony_ci "SubjectPublicKeyInfo", keytype##_evp_type, \ 634e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ 635e1051a39Sopenharmony_ci NULL, \ 636e1051a39Sopenharmony_ci NULL, \ 637e1051a39Sopenharmony_ci NULL, \ 638e1051a39Sopenharmony_ci NULL, \ 639e1051a39Sopenharmony_ci keytype##_d2i_PUBKEY, \ 640e1051a39Sopenharmony_ci keytype##_check, \ 641e1051a39Sopenharmony_ci keytype##_adjust, \ 642e1051a39Sopenharmony_ci keytype##_free 643e1051a39Sopenharmony_ci 644e1051a39Sopenharmony_ci#define DO_DH(keytype) \ 645e1051a39Sopenharmony_ci "DH", keytype##_evp_type, \ 646e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 647e1051a39Sopenharmony_ci NULL, \ 648e1051a39Sopenharmony_ci NULL, \ 649e1051a39Sopenharmony_ci keytype##_d2i_key_params, \ 650e1051a39Sopenharmony_ci NULL, \ 651e1051a39Sopenharmony_ci NULL, \ 652e1051a39Sopenharmony_ci keytype##_check, \ 653e1051a39Sopenharmony_ci keytype##_adjust, \ 654e1051a39Sopenharmony_ci keytype##_free 655e1051a39Sopenharmony_ci 656e1051a39Sopenharmony_ci#define DO_DHX(keytype) \ 657e1051a39Sopenharmony_ci "DHX", keytype##_evp_type, \ 658e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 659e1051a39Sopenharmony_ci NULL, \ 660e1051a39Sopenharmony_ci NULL, \ 661e1051a39Sopenharmony_ci keytype##_d2i_key_params, \ 662e1051a39Sopenharmony_ci NULL, \ 663e1051a39Sopenharmony_ci NULL, \ 664e1051a39Sopenharmony_ci keytype##_check, \ 665e1051a39Sopenharmony_ci keytype##_adjust, \ 666e1051a39Sopenharmony_ci keytype##_free 667e1051a39Sopenharmony_ci 668e1051a39Sopenharmony_ci#define DO_DSA(keytype) \ 669e1051a39Sopenharmony_ci "DSA", keytype##_evp_type, \ 670e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_ALL ), \ 671e1051a39Sopenharmony_ci keytype##_d2i_private_key, \ 672e1051a39Sopenharmony_ci keytype##_d2i_public_key, \ 673e1051a39Sopenharmony_ci keytype##_d2i_key_params, \ 674e1051a39Sopenharmony_ci NULL, \ 675e1051a39Sopenharmony_ci NULL, \ 676e1051a39Sopenharmony_ci keytype##_check, \ 677e1051a39Sopenharmony_ci keytype##_adjust, \ 678e1051a39Sopenharmony_ci keytype##_free 679e1051a39Sopenharmony_ci 680e1051a39Sopenharmony_ci#define DO_EC(keytype) \ 681e1051a39Sopenharmony_ci "EC", keytype##_evp_type, \ 682e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ 683e1051a39Sopenharmony_ci | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ 684e1051a39Sopenharmony_ci keytype##_d2i_private_key, \ 685e1051a39Sopenharmony_ci NULL, \ 686e1051a39Sopenharmony_ci keytype##_d2i_key_params, \ 687e1051a39Sopenharmony_ci NULL, \ 688e1051a39Sopenharmony_ci NULL, \ 689e1051a39Sopenharmony_ci keytype##_check, \ 690e1051a39Sopenharmony_ci keytype##_adjust, \ 691e1051a39Sopenharmony_ci keytype##_free 692e1051a39Sopenharmony_ci 693e1051a39Sopenharmony_ci#define DO_RSA(keytype) \ 694e1051a39Sopenharmony_ci "RSA", keytype##_evp_type, \ 695e1051a39Sopenharmony_ci ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ 696e1051a39Sopenharmony_ci keytype##_d2i_private_key, \ 697e1051a39Sopenharmony_ci keytype##_d2i_public_key, \ 698e1051a39Sopenharmony_ci NULL, \ 699e1051a39Sopenharmony_ci NULL, \ 700e1051a39Sopenharmony_ci NULL, \ 701e1051a39Sopenharmony_ci keytype##_check, \ 702e1051a39Sopenharmony_ci keytype##_adjust, \ 703e1051a39Sopenharmony_ci keytype##_free 704e1051a39Sopenharmony_ci 705e1051a39Sopenharmony_ci/* 706e1051a39Sopenharmony_ci * MAKE_DECODER is the single driver for creating OSSL_DISPATCH tables. 707e1051a39Sopenharmony_ci * It takes the following arguments: 708e1051a39Sopenharmony_ci * 709e1051a39Sopenharmony_ci * keytype_name The implementation key type as a string. 710e1051a39Sopenharmony_ci * keytype The implementation key type. This must correspond exactly 711e1051a39Sopenharmony_ci * to our existing keymgmt keytype names... in other words, 712e1051a39Sopenharmony_ci * there must exist an ossl_##keytype##_keymgmt_functions. 713e1051a39Sopenharmony_ci * type The type name for the set of functions that implement the 714e1051a39Sopenharmony_ci * decoder for the key type. This isn't necessarily the same 715e1051a39Sopenharmony_ci * as keytype. For example, the key types ed25519, ed448, 716e1051a39Sopenharmony_ci * x25519 and x448 are all handled by the same functions with 717e1051a39Sopenharmony_ci * the common type name ecx. 718e1051a39Sopenharmony_ci * kind The kind of support to implement. This translates into 719e1051a39Sopenharmony_ci * the DO_##kind macros above, to populate the keytype_desc_st 720e1051a39Sopenharmony_ci * structure. 721e1051a39Sopenharmony_ci */ 722e1051a39Sopenharmony_ci#define MAKE_DECODER(keytype_name, keytype, type, kind) \ 723e1051a39Sopenharmony_ci static const struct keytype_desc_st kind##_##keytype##_desc = \ 724e1051a39Sopenharmony_ci { keytype_name, ossl_##keytype##_keymgmt_functions, \ 725e1051a39Sopenharmony_ci DO_##kind(keytype) }; \ 726e1051a39Sopenharmony_ci \ 727e1051a39Sopenharmony_ci static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \ 728e1051a39Sopenharmony_ci \ 729e1051a39Sopenharmony_ci static void *kind##_der2##keytype##_newctx(void *provctx) \ 730e1051a39Sopenharmony_ci { \ 731e1051a39Sopenharmony_ci return der2key_newctx(provctx, &kind##_##keytype##_desc); \ 732e1051a39Sopenharmony_ci } \ 733e1051a39Sopenharmony_ci static int kind##_der2##keytype##_does_selection(void *provctx, \ 734e1051a39Sopenharmony_ci int selection) \ 735e1051a39Sopenharmony_ci { \ 736e1051a39Sopenharmony_ci return der2key_check_selection(selection, \ 737e1051a39Sopenharmony_ci &kind##_##keytype##_desc); \ 738e1051a39Sopenharmony_ci } \ 739e1051a39Sopenharmony_ci const OSSL_DISPATCH \ 740e1051a39Sopenharmony_ci ossl_##kind##_der_to_##keytype##_decoder_functions[] = { \ 741e1051a39Sopenharmony_ci { OSSL_FUNC_DECODER_NEWCTX, \ 742e1051a39Sopenharmony_ci (void (*)(void))kind##_der2##keytype##_newctx }, \ 743e1051a39Sopenharmony_ci { OSSL_FUNC_DECODER_FREECTX, \ 744e1051a39Sopenharmony_ci (void (*)(void))der2key_freectx }, \ 745e1051a39Sopenharmony_ci { OSSL_FUNC_DECODER_DOES_SELECTION, \ 746e1051a39Sopenharmony_ci (void (*)(void))kind##_der2##keytype##_does_selection }, \ 747e1051a39Sopenharmony_ci { OSSL_FUNC_DECODER_DECODE, \ 748e1051a39Sopenharmony_ci (void (*)(void))der2key_decode }, \ 749e1051a39Sopenharmony_ci { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ 750e1051a39Sopenharmony_ci (void (*)(void))der2key_export_object }, \ 751e1051a39Sopenharmony_ci { 0, NULL } \ 752e1051a39Sopenharmony_ci } 753e1051a39Sopenharmony_ci 754e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DH 755e1051a39Sopenharmony_ciMAKE_DECODER("DH", dh, dh, PrivateKeyInfo); 756e1051a39Sopenharmony_ciMAKE_DECODER("DH", dh, dh, SubjectPublicKeyInfo); 757e1051a39Sopenharmony_ciMAKE_DECODER("DH", dh, dh, type_specific_params); 758e1051a39Sopenharmony_ciMAKE_DECODER("DH", dh, dh, DH); 759e1051a39Sopenharmony_ciMAKE_DECODER("DHX", dhx, dhx, PrivateKeyInfo); 760e1051a39Sopenharmony_ciMAKE_DECODER("DHX", dhx, dhx, SubjectPublicKeyInfo); 761e1051a39Sopenharmony_ciMAKE_DECODER("DHX", dhx, dhx, type_specific_params); 762e1051a39Sopenharmony_ciMAKE_DECODER("DHX", dhx, dhx, DHX); 763e1051a39Sopenharmony_ci#endif 764e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DSA 765e1051a39Sopenharmony_ciMAKE_DECODER("DSA", dsa, dsa, PrivateKeyInfo); 766e1051a39Sopenharmony_ciMAKE_DECODER("DSA", dsa, dsa, SubjectPublicKeyInfo); 767e1051a39Sopenharmony_ciMAKE_DECODER("DSA", dsa, dsa, type_specific); 768e1051a39Sopenharmony_ciMAKE_DECODER("DSA", dsa, dsa, DSA); 769e1051a39Sopenharmony_ci#endif 770e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_EC 771e1051a39Sopenharmony_ciMAKE_DECODER("EC", ec, ec, PrivateKeyInfo); 772e1051a39Sopenharmony_ciMAKE_DECODER("EC", ec, ec, SubjectPublicKeyInfo); 773e1051a39Sopenharmony_ciMAKE_DECODER("EC", ec, ec, type_specific_no_pub); 774e1051a39Sopenharmony_ciMAKE_DECODER("EC", ec, ec, EC); 775e1051a39Sopenharmony_ciMAKE_DECODER("X25519", x25519, ecx, PrivateKeyInfo); 776e1051a39Sopenharmony_ciMAKE_DECODER("X25519", x25519, ecx, SubjectPublicKeyInfo); 777e1051a39Sopenharmony_ciMAKE_DECODER("X448", x448, ecx, PrivateKeyInfo); 778e1051a39Sopenharmony_ciMAKE_DECODER("X448", x448, ecx, SubjectPublicKeyInfo); 779e1051a39Sopenharmony_ciMAKE_DECODER("ED25519", ed25519, ecx, PrivateKeyInfo); 780e1051a39Sopenharmony_ciMAKE_DECODER("ED25519", ed25519, ecx, SubjectPublicKeyInfo); 781e1051a39Sopenharmony_ciMAKE_DECODER("ED448", ed448, ecx, PrivateKeyInfo); 782e1051a39Sopenharmony_ciMAKE_DECODER("ED448", ed448, ecx, SubjectPublicKeyInfo); 783e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_SM2 784e1051a39Sopenharmony_ciMAKE_DECODER("SM2", sm2, ec, PrivateKeyInfo); 785e1051a39Sopenharmony_ciMAKE_DECODER("SM2", sm2, ec, SubjectPublicKeyInfo); 786e1051a39Sopenharmony_ci# endif 787e1051a39Sopenharmony_ci#endif 788e1051a39Sopenharmony_ciMAKE_DECODER("RSA", rsa, rsa, PrivateKeyInfo); 789e1051a39Sopenharmony_ciMAKE_DECODER("RSA", rsa, rsa, SubjectPublicKeyInfo); 790e1051a39Sopenharmony_ciMAKE_DECODER("RSA", rsa, rsa, type_specific_keypair); 791e1051a39Sopenharmony_ciMAKE_DECODER("RSA", rsa, rsa, RSA); 792e1051a39Sopenharmony_ciMAKE_DECODER("RSA-PSS", rsapss, rsapss, PrivateKeyInfo); 793e1051a39Sopenharmony_ciMAKE_DECODER("RSA-PSS", rsapss, rsapss, SubjectPublicKeyInfo); 794