1 /*
2 * Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 * https://www.openssl.org/source/license.html
8 * or in the file LICENSE in the source distribution.
9 */
10
11 #include <string.h>
12 #include <openssl/asn1.h>
13 #include <openssl/asn1t.h>
14 #include <openssl/core_names.h>
15 #include <openssl/core_object.h>
16 #include <openssl/rand.h>
17 #include <openssl/provider.h>
18 #include "testutil.h"
19 #include "fake_rsaprov.h"
20 #include "internal/asn1.h"
21
22 static OSSL_FUNC_keymgmt_new_fn fake_rsa_keymgmt_new;
23 static OSSL_FUNC_keymgmt_free_fn fake_rsa_keymgmt_free;
24 static OSSL_FUNC_keymgmt_has_fn fake_rsa_keymgmt_has;
25 static OSSL_FUNC_keymgmt_query_operation_name_fn fake_rsa_keymgmt_query;
26 static OSSL_FUNC_keymgmt_import_fn fake_rsa_keymgmt_import;
27 static OSSL_FUNC_keymgmt_import_types_fn fake_rsa_keymgmt_imptypes;
28 static OSSL_FUNC_keymgmt_export_fn fake_rsa_keymgmt_export;
29 static OSSL_FUNC_keymgmt_export_types_fn fake_rsa_keymgmt_exptypes;
30 static OSSL_FUNC_keymgmt_load_fn fake_rsa_keymgmt_load;
31
32 static int has_selection;
33 static int imptypes_selection;
34 static int exptypes_selection;
35 static int query_id;
36 static int key_deleted;
37
38 typedef struct {
39 OSSL_LIB_CTX *libctx;
40 } PROV_FAKE_RSA_CTX;
41
42 #define PROV_FAKE_RSA_LIBCTX_OF(provctx) (((PROV_FAKE_RSA_CTX *)provctx)->libctx)
43
44 #define FAKE_RSA_STATUS_IMPORTED 1
45 #define FAKE_RSA_STATUS_GENERATED 2
46 #define FAKE_RSA_STATUS_DECODED 3
47
48 struct fake_rsa_keydata {
49 int selection;
50 int status;
51 };
52
fake_rsa_restore_store_state(void)53 void fake_rsa_restore_store_state(void)
54 {
55 key_deleted = 0;
56 }
57
fake_rsa_keymgmt_new(void * provctx)58 static void *fake_rsa_keymgmt_new(void *provctx)
59 {
60 struct fake_rsa_keydata *key;
61
62 if (!TEST_ptr(key = OPENSSL_zalloc(sizeof(struct fake_rsa_keydata))))
63 return NULL;
64
65 /* clear test globals */
66 has_selection = 0;
67 imptypes_selection = 0;
68 exptypes_selection = 0;
69 query_id = 0;
70
71 return key;
72 }
73
fake_rsa_keymgmt_free(void * keydata)74 static void fake_rsa_keymgmt_free(void *keydata)
75 {
76 OPENSSL_free(keydata);
77 }
78
fake_rsa_keymgmt_has(const void * key,int selection)79 static int fake_rsa_keymgmt_has(const void *key, int selection)
80 {
81 /* record global for checking */
82 has_selection = selection;
83
84 return 1;
85 }
86
87
fake_rsa_keymgmt_query(int id)88 static const char *fake_rsa_keymgmt_query(int id)
89 {
90 /* record global for checking */
91 query_id = id;
92
93 return "RSA";
94 }
95
fake_rsa_keymgmt_import(void * keydata,int selection,const OSSL_PARAM * p)96 static int fake_rsa_keymgmt_import(void *keydata, int selection,
97 const OSSL_PARAM *p)
98 {
99 struct fake_rsa_keydata *fake_rsa_key = keydata;
100
101 /* key was imported */
102 fake_rsa_key->status = FAKE_RSA_STATUS_IMPORTED;
103
104 return 1;
105 }
106
107 static unsigned char fake_rsa_n[] =
108 "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
109 "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
110 "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
111 "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
112 "\xF5";
113
114 static unsigned char fake_rsa_e[] = "\x11";
115
116 static unsigned char fake_rsa_d[] =
117 "\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
118 "\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
119 "\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
120 "\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
121
122 static unsigned char fake_rsa_p[] =
123 "\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
124 "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
125 "\x0D";
126
127 static unsigned char fake_rsa_q[] =
128 "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
129 "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
130 "\x89";
131
132 static unsigned char fake_rsa_dmp1[] =
133 "\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
134 "\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
135
136 static unsigned char fake_rsa_dmq1[] =
137 "\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
138 "\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
139 "\x51";
140
141 static unsigned char fake_rsa_iqmp[] =
142 "\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
143 "\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
144
fake_rsa_key_params(int priv)145 OSSL_PARAM *fake_rsa_key_params(int priv)
146 {
147 if (priv) {
148 OSSL_PARAM params[] = {
149 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, fake_rsa_n,
150 sizeof(fake_rsa_n) -1),
151 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, fake_rsa_e,
152 sizeof(fake_rsa_e) -1),
153 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, fake_rsa_d,
154 sizeof(fake_rsa_d) -1),
155 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, fake_rsa_p,
156 sizeof(fake_rsa_p) -1),
157 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, fake_rsa_q,
158 sizeof(fake_rsa_q) -1),
159 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, fake_rsa_dmp1,
160 sizeof(fake_rsa_dmp1) -1),
161 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, fake_rsa_dmq1,
162 sizeof(fake_rsa_dmq1) -1),
163 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, fake_rsa_iqmp,
164 sizeof(fake_rsa_iqmp) -1),
165 OSSL_PARAM_END
166 };
167 return OSSL_PARAM_dup(params);
168 } else {
169 OSSL_PARAM params[] = {
170 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, fake_rsa_n,
171 sizeof(fake_rsa_n) -1),
172 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, fake_rsa_e,
173 sizeof(fake_rsa_e) -1),
174 OSSL_PARAM_END
175 };
176 return OSSL_PARAM_dup(params);
177 }
178 }
179
fake_rsa_keymgmt_export(void * keydata,int selection,OSSL_CALLBACK * param_callback,void * cbarg)180 static int fake_rsa_keymgmt_export(void *keydata, int selection,
181 OSSL_CALLBACK *param_callback, void *cbarg)
182 {
183 OSSL_PARAM *params = NULL;
184 int ret;
185
186 if (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY)
187 return 0;
188
189 if (!TEST_ptr(params = fake_rsa_key_params(0)))
190 return 0;
191
192 ret = param_callback(params, cbarg);
193 OSSL_PARAM_free(params);
194 return ret;
195 }
196
197 static const OSSL_PARAM fake_rsa_import_key_types[] = {
198 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0),
199 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0),
200 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, NULL, 0),
201 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0),
202 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0),
203 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0),
204 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0),
205 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0),
206 OSSL_PARAM_END
207 };
208
fake_rsa_keymgmt_imptypes(int selection)209 static const OSSL_PARAM *fake_rsa_keymgmt_imptypes(int selection)
210 {
211 /* record global for checking */
212 imptypes_selection = selection;
213
214 return fake_rsa_import_key_types;
215 }
216
217 static const OSSL_PARAM fake_rsa_export_key_types[] = {
218 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0),
219 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0),
220 OSSL_PARAM_END
221 };
222
fake_rsa_keymgmt_exptypes(int selection)223 static const OSSL_PARAM *fake_rsa_keymgmt_exptypes(int selection)
224 {
225 /* record global for checking */
226 exptypes_selection = selection;
227
228 return fake_rsa_export_key_types;
229 }
230
fake_rsa_keymgmt_load(const void * reference,size_t reference_sz)231 static void *fake_rsa_keymgmt_load(const void *reference, size_t reference_sz)
232 {
233 struct fake_rsa_keydata *key = NULL;
234
235 if (reference_sz != sizeof(key))
236 return NULL;
237
238 key = *(struct fake_rsa_keydata **)reference;
239 if (key->status != FAKE_RSA_STATUS_IMPORTED && key->status != FAKE_RSA_STATUS_DECODED)
240 return NULL;
241
242 /* detach the reference */
243 *(struct fake_rsa_keydata **)reference = NULL;
244
245 return key;
246 }
247
fake_rsa_gen_init(void * provctx,int selection,const OSSL_PARAM params[])248 static void *fake_rsa_gen_init(void *provctx, int selection,
249 const OSSL_PARAM params[])
250 {
251 unsigned char *gctx = NULL;
252
253 if (!TEST_ptr(gctx = OPENSSL_malloc(1)))
254 return NULL;
255
256 *gctx = 1;
257
258 return gctx;
259 }
260
fake_rsa_gen(void * genctx,OSSL_CALLBACK * osslcb,void * cbarg)261 static void *fake_rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
262 {
263 unsigned char *gctx = genctx;
264 static const unsigned char inited[] = { 1 };
265 struct fake_rsa_keydata *keydata;
266
267 if (!TEST_ptr(gctx)
268 || !TEST_mem_eq(gctx, sizeof(*gctx), inited, sizeof(inited)))
269 return NULL;
270
271 if (!TEST_ptr(keydata = fake_rsa_keymgmt_new(NULL)))
272 return NULL;
273
274 keydata->status = FAKE_RSA_STATUS_GENERATED;
275 return keydata;
276 }
277
fake_rsa_gen_cleanup(void * genctx)278 static void fake_rsa_gen_cleanup(void *genctx)
279 {
280 OPENSSL_free(genctx);
281 }
282
283 static const OSSL_DISPATCH fake_rsa_keymgmt_funcs[] = {
284 { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))fake_rsa_keymgmt_new },
285 { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))fake_rsa_keymgmt_free} ,
286 { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))fake_rsa_keymgmt_has },
287 { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME,
288 (void (*)(void))fake_rsa_keymgmt_query },
289 { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))fake_rsa_keymgmt_import },
290 { OSSL_FUNC_KEYMGMT_IMPORT_TYPES,
291 (void (*)(void))fake_rsa_keymgmt_imptypes },
292 { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))fake_rsa_keymgmt_export },
293 { OSSL_FUNC_KEYMGMT_EXPORT_TYPES,
294 (void (*)(void))fake_rsa_keymgmt_exptypes },
295 { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))fake_rsa_keymgmt_load },
296 { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))fake_rsa_gen_init },
297 { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))fake_rsa_gen },
298 { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))fake_rsa_gen_cleanup },
299 OSSL_DISPATCH_END
300 };
301
302 static const OSSL_ALGORITHM fake_rsa_keymgmt_algs[] = {
303 { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_keymgmt_funcs, "Fake RSA Key Management" },
304 { NULL, NULL, NULL, NULL }
305 };
306
307 static OSSL_FUNC_signature_newctx_fn fake_rsa_sig_newctx;
308 static OSSL_FUNC_signature_freectx_fn fake_rsa_sig_freectx;
309 static OSSL_FUNC_signature_sign_init_fn fake_rsa_sig_sign_init;
310 static OSSL_FUNC_signature_sign_fn fake_rsa_sig_sign;
311
fake_rsa_sig_newctx(void * provctx,const char * propq)312 static void *fake_rsa_sig_newctx(void *provctx, const char *propq)
313 {
314 unsigned char *sigctx = OPENSSL_zalloc(1);
315
316 TEST_ptr(sigctx);
317
318 return sigctx;
319 }
320
fake_rsa_sig_freectx(void * sigctx)321 static void fake_rsa_sig_freectx(void *sigctx)
322 {
323 OPENSSL_free(sigctx);
324 }
325
fake_rsa_sig_sign_init(void * ctx,void * provkey,const OSSL_PARAM params[])326 static int fake_rsa_sig_sign_init(void *ctx, void *provkey,
327 const OSSL_PARAM params[])
328 {
329 unsigned char *sigctx = ctx;
330 struct fake_rsa_keydata *keydata = provkey;
331
332 /* we must have a ctx */
333 if (!TEST_ptr(sigctx))
334 return 0;
335
336 /* we must have some initialized key */
337 if (!TEST_ptr(keydata) || !TEST_int_gt(keydata->status, 0))
338 return 0;
339
340 /* record that sign init was called */
341 *sigctx = 1;
342 return 1;
343 }
344
fake_rsa_sig_sign(void * ctx,unsigned char * sig,size_t * siglen,size_t sigsize,const unsigned char * tbs,size_t tbslen)345 static int fake_rsa_sig_sign(void *ctx, unsigned char *sig,
346 size_t *siglen, size_t sigsize,
347 const unsigned char *tbs, size_t tbslen)
348 {
349 unsigned char *sigctx = ctx;
350
351 /* we must have a ctx and init was called upon it */
352 if (!TEST_ptr(sigctx) || !TEST_int_eq(*sigctx, 1))
353 return 0;
354
355 *siglen = 256;
356 /* record that the real sign operation was called */
357 if (sig != NULL) {
358 if (!TEST_size_t_ge(sigsize, *siglen))
359 return 0;
360 *sigctx = 2;
361 /* produce a fake signature */
362 memset(sig, 'a', *siglen);
363 }
364
365 return 1;
366 }
367
368 #define FAKE_DGSTSGN_SIGN 0x01
369 #define FAKE_DGSTSGN_VERIFY 0x02
370 #define FAKE_DGSTSGN_UPDATED 0x04
371 #define FAKE_DGSTSGN_FINALISED 0x08
372 #define FAKE_DGSTSGN_NO_DUP 0xA0
373
fake_rsa_sig_dupctx(void * ctx)374 static void *fake_rsa_sig_dupctx(void *ctx)
375 {
376 unsigned char *sigctx = ctx;
377 unsigned char *newctx;
378
379 if ((*sigctx & FAKE_DGSTSGN_NO_DUP) != 0)
380 return NULL;
381
382 if (!TEST_ptr(newctx = OPENSSL_zalloc(1)))
383 return NULL;
384
385 *newctx = *sigctx;
386 return newctx;
387 }
388
fake_rsa_dgstsgnvfy_init(void * ctx,unsigned char type,void * provkey,const OSSL_PARAM params[])389 static int fake_rsa_dgstsgnvfy_init(void *ctx, unsigned char type,
390 void *provkey, const OSSL_PARAM params[])
391 {
392 unsigned char *sigctx = ctx;
393 struct fake_rsa_keydata *keydata = provkey;
394
395 /* we must have a ctx */
396 if (!TEST_ptr(sigctx))
397 return 0;
398
399 /* we must have some initialized key */
400 if (!TEST_ptr(keydata) || !TEST_int_gt(keydata->status, 0))
401 return 0;
402
403 /* record that sign/verify init was called */
404 *sigctx = type;
405
406 if (params) {
407 const OSSL_PARAM *p;
408 int dup;
409 p = OSSL_PARAM_locate_const(params, "NO_DUP");
410 if (p != NULL) {
411 if (OSSL_PARAM_get_int(p, &dup)) {
412 *sigctx |= FAKE_DGSTSGN_NO_DUP;
413 }
414 }
415 }
416
417 return 1;
418 }
419
fake_rsa_dgstsgn_init(void * ctx,const char * mdname,void * provkey,const OSSL_PARAM params[])420 static int fake_rsa_dgstsgn_init(void *ctx, const char *mdname,
421 void *provkey, const OSSL_PARAM params[])
422 {
423 return fake_rsa_dgstsgnvfy_init(ctx, FAKE_DGSTSGN_SIGN, provkey, params);
424 }
425
fake_rsa_dgstvfy_init(void * ctx,const char * mdname,void * provkey,const OSSL_PARAM params[])426 static int fake_rsa_dgstvfy_init(void *ctx, const char *mdname,
427 void *provkey, const OSSL_PARAM params[])
428 {
429 return fake_rsa_dgstsgnvfy_init(ctx, FAKE_DGSTSGN_VERIFY, provkey, params);
430 }
431
fake_rsa_dgstsgnvfy_update(void * ctx,const unsigned char * data,size_t datalen)432 static int fake_rsa_dgstsgnvfy_update(void *ctx, const unsigned char *data,
433 size_t datalen)
434 {
435 unsigned char *sigctx = ctx;
436
437 /* we must have a ctx */
438 if (!TEST_ptr(sigctx))
439 return 0;
440
441 if (*sigctx == 0 || (*sigctx & FAKE_DGSTSGN_FINALISED) != 0)
442 return 0;
443
444 *sigctx |= FAKE_DGSTSGN_UPDATED;
445 return 1;
446 }
447
fake_rsa_dgstsgnvfy_final(void * ctx,unsigned char * sig,size_t * siglen,size_t sigsize)448 static int fake_rsa_dgstsgnvfy_final(void *ctx, unsigned char *sig,
449 size_t *siglen, size_t sigsize)
450 {
451 unsigned char *sigctx = ctx;
452
453 /* we must have a ctx */
454 if (!TEST_ptr(sigctx))
455 return 0;
456
457 if (*sigctx == 0 || (*sigctx & FAKE_DGSTSGN_FINALISED) != 0)
458 return 0;
459
460 if ((*sigctx & FAKE_DGSTSGN_SIGN) != 0 && (siglen == NULL))
461 return 0;
462
463 if ((*sigctx & FAKE_DGSTSGN_VERIFY) != 0 && (siglen != NULL))
464 return 0;
465
466 /* this is sign op */
467 if (siglen) {
468 *siglen = 256;
469 /* record that the real sign operation was called */
470 if (sig != NULL) {
471 if (!TEST_size_t_ge(sigsize, *siglen))
472 return 0;
473 /* produce a fake signature */
474 memset(sig, 'a', *siglen);
475 }
476 }
477
478 /* simulate inability to duplicate context and finalise it */
479 if ((*sigctx & FAKE_DGSTSGN_NO_DUP) != 0) {
480 *sigctx |= FAKE_DGSTSGN_FINALISED;
481 }
482 return 1;
483 }
484
fake_rsa_dgstvfy_final(void * ctx,unsigned char * sig,size_t siglen)485 static int fake_rsa_dgstvfy_final(void *ctx, unsigned char *sig,
486 size_t siglen)
487 {
488 return fake_rsa_dgstsgnvfy_final(ctx, sig, NULL, siglen);
489 }
490
fake_rsa_dgstsgn(void * ctx,unsigned char * sig,size_t * siglen,size_t sigsize,const unsigned char * tbs,size_t tbslen)491 static int fake_rsa_dgstsgn(void *ctx, unsigned char *sig, size_t *siglen,
492 size_t sigsize, const unsigned char *tbs,
493 size_t tbslen)
494 {
495 if (!fake_rsa_dgstsgnvfy_update(ctx, tbs, tbslen))
496 return 0;
497
498 return fake_rsa_dgstsgnvfy_final(ctx, sig, siglen, sigsize);
499 }
500
fake_rsa_dgstvfy(void * ctx,unsigned char * sig,size_t siglen,const unsigned char * tbv,size_t tbvlen)501 static int fake_rsa_dgstvfy(void *ctx, unsigned char *sig, size_t siglen,
502 const unsigned char *tbv, size_t tbvlen)
503 {
504 if (!fake_rsa_dgstsgnvfy_update(ctx, tbv, tbvlen))
505 return 0;
506
507 return fake_rsa_dgstvfy_final(ctx, sig, siglen);
508 }
509
510 static const OSSL_DISPATCH fake_rsa_sig_funcs[] = {
511 { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))fake_rsa_sig_newctx },
512 { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))fake_rsa_sig_freectx },
513 { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))fake_rsa_sig_sign_init },
514 { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))fake_rsa_sig_sign },
515 { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))fake_rsa_sig_dupctx },
516 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT,
517 (void (*)(void))fake_rsa_dgstsgn_init },
518 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE,
519 (void (*)(void))fake_rsa_dgstsgnvfy_update },
520 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL,
521 (void (*)(void))fake_rsa_dgstsgnvfy_final },
522 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN,
523 (void (*)(void))fake_rsa_dgstsgn },
524 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT,
525 (void (*)(void))fake_rsa_dgstvfy_init },
526 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE,
527 (void (*)(void))fake_rsa_dgstsgnvfy_update },
528 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,
529 (void (*)(void))fake_rsa_dgstvfy_final },
530 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY,
531 (void (*)(void))fake_rsa_dgstvfy },
532 OSSL_DISPATCH_END
533 };
534
535 static const OSSL_ALGORITHM fake_rsa_sig_algs[] = {
536 { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_sig_funcs, "Fake RSA Signature" },
537 { NULL, NULL, NULL, NULL }
538 };
539
540 static OSSL_FUNC_store_open_fn fake_rsa_st_open;
541 static OSSL_FUNC_store_open_ex_fn fake_rsa_st_open_ex;
542 static OSSL_FUNC_store_settable_ctx_params_fn fake_rsa_st_settable_ctx_params;
543 static OSSL_FUNC_store_set_ctx_params_fn fake_rsa_st_set_ctx_params;
544 static OSSL_FUNC_store_load_fn fake_rsa_st_load;
545 static OSSL_FUNC_store_eof_fn fake_rsa_st_eof;
546 static OSSL_FUNC_store_close_fn fake_rsa_st_close;
547 static OSSL_FUNC_store_delete_fn fake_rsa_st_delete;
548
549 static const char fake_rsa_scheme[] = "fake_rsa:";
550 static const char fake_rsa_openpwtest[] = "fake_rsa:openpwtest";
551 static const char fake_rsa_prompt[] = "Fake Prompt Info";
552
fake_rsa_st_open_ex(void * provctx,const char * uri,const OSSL_PARAM params[],OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)553 static void *fake_rsa_st_open_ex(void *provctx, const char *uri,
554 const OSSL_PARAM params[],
555 OSSL_PASSPHRASE_CALLBACK *pw_cb,
556 void *pw_cbarg)
557 {
558 unsigned char *storectx = NULL;
559
560 /* First check whether the uri is ours */
561 if (strncmp(uri, fake_rsa_scheme, sizeof(fake_rsa_scheme) - 1) != 0)
562 return NULL;
563
564 if (strncmp(uri, fake_rsa_openpwtest,
565 sizeof(fake_rsa_openpwtest) - 1) == 0) {
566 const char *pw_check = FAKE_PASSPHRASE;
567 char fakepw[sizeof(FAKE_PASSPHRASE) + 1] = { 0 };
568 size_t fakepw_len = 0;
569 OSSL_PARAM pw_params[2] = {
570 OSSL_PARAM_utf8_string(OSSL_PASSPHRASE_PARAM_INFO,
571 (void *)fake_rsa_prompt,
572 sizeof(fake_rsa_prompt) - 1),
573 OSSL_PARAM_END,
574 };
575
576 if (pw_cb == NULL) {
577 return NULL;
578 }
579
580 if (!pw_cb(fakepw, sizeof(fakepw), &fakepw_len, pw_params, pw_cbarg)) {
581 TEST_info("fake_rsa_open_ex failed passphrase callback");
582 return NULL;
583 }
584 if (strncmp(pw_check, fakepw, sizeof(pw_check) - 1) != 0) {
585 TEST_info("fake_rsa_open_ex failed passphrase check");
586 return NULL;
587 }
588 }
589
590 storectx = OPENSSL_zalloc(1);
591 if (!TEST_ptr(storectx))
592 return NULL;
593
594 TEST_info("fake_rsa_open_ex called");
595
596 return storectx;
597 }
598
fake_rsa_st_open(void * provctx,const char * uri)599 static void *fake_rsa_st_open(void *provctx, const char *uri)
600 {
601 unsigned char *storectx = NULL;
602
603 storectx = fake_rsa_st_open_ex(provctx, uri, NULL, NULL, NULL);
604
605 TEST_info("fake_rsa_open called");
606
607 return storectx;
608 }
609
fake_rsa_st_settable_ctx_params(void * provctx)610 static const OSSL_PARAM *fake_rsa_st_settable_ctx_params(void *provctx)
611 {
612 static const OSSL_PARAM known_settable_ctx_params[] = {
613 OSSL_PARAM_END
614 };
615 return known_settable_ctx_params;
616 }
617
fake_rsa_st_set_ctx_params(void * loaderctx,const OSSL_PARAM params[])618 static int fake_rsa_st_set_ctx_params(void *loaderctx,
619 const OSSL_PARAM params[])
620 {
621 return 1;
622 }
623
fake_rsa_st_load(void * loaderctx,OSSL_CALLBACK * object_cb,void * object_cbarg,OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)624 static int fake_rsa_st_load(void *loaderctx,
625 OSSL_CALLBACK *object_cb, void *object_cbarg,
626 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
627 {
628 unsigned char *storectx = loaderctx;
629 OSSL_PARAM params[4];
630 int object_type = OSSL_OBJECT_PKEY;
631 struct fake_rsa_keydata *key = NULL;
632 int rv = 0;
633
634 switch (*storectx) {
635 case 0:
636 if (key_deleted == 1) {
637 *storectx = 1;
638 break;
639 }
640
641 /* Construct a new key using our keymgmt functions */
642 if (!TEST_ptr(key = fake_rsa_keymgmt_new(NULL)))
643 break;
644 if (!TEST_int_gt(fake_rsa_keymgmt_import(key, 0, NULL), 0))
645 break;
646 params[0] =
647 OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type);
648 params[1] =
649 OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
650 "RSA", 0);
651 /* The address of the key becomes the octet string */
652 params[2] =
653 OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE,
654 &key, sizeof(key));
655 params[3] = OSSL_PARAM_construct_end();
656 rv = object_cb(params, object_cbarg);
657 *storectx = 1;
658 break;
659
660 case 2:
661 TEST_info("fake_rsa_load() called in error state");
662 break;
663
664 default:
665 TEST_info("fake_rsa_load() called in eof state");
666 break;
667 }
668
669 TEST_info("fake_rsa_load called - rv: %d", rv);
670
671 if (rv == 0 && key_deleted == 0) {
672 fake_rsa_keymgmt_free(key);
673 *storectx = 2;
674 }
675 return rv;
676 }
677
fake_rsa_st_delete(void * loaderctx,const char * uri,const OSSL_PARAM params[],OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)678 static int fake_rsa_st_delete(void *loaderctx, const char *uri,
679 const OSSL_PARAM params[],
680 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
681 {
682 key_deleted = 1;
683 return 1;
684 }
685
fake_rsa_st_eof(void * loaderctx)686 static int fake_rsa_st_eof(void *loaderctx)
687 {
688 unsigned char *storectx = loaderctx;
689
690 /* just one key for now in the fake_rsa store */
691 return *storectx != 0;
692 }
693
fake_rsa_st_close(void * loaderctx)694 static int fake_rsa_st_close(void *loaderctx)
695 {
696 OPENSSL_free(loaderctx);
697 return 1;
698 }
699
700 static const OSSL_DISPATCH fake_rsa_store_funcs[] = {
701 { OSSL_FUNC_STORE_OPEN, (void (*)(void))fake_rsa_st_open },
702 { OSSL_FUNC_STORE_OPEN_EX, (void (*)(void))fake_rsa_st_open_ex },
703 { OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS,
704 (void (*)(void))fake_rsa_st_settable_ctx_params },
705 { OSSL_FUNC_STORE_SET_CTX_PARAMS, (void (*)(void))fake_rsa_st_set_ctx_params },
706 { OSSL_FUNC_STORE_LOAD, (void (*)(void))fake_rsa_st_load },
707 { OSSL_FUNC_STORE_EOF, (void (*)(void))fake_rsa_st_eof },
708 { OSSL_FUNC_STORE_CLOSE, (void (*)(void))fake_rsa_st_close },
709 { OSSL_FUNC_STORE_DELETE, (void (*)(void))fake_rsa_st_delete },
710 OSSL_DISPATCH_END,
711 };
712
713 static const OSSL_ALGORITHM fake_rsa_store_algs[] = {
714 { "fake_rsa", "provider=fake-rsa", fake_rsa_store_funcs },
715 { NULL, NULL, NULL }
716 };
717
718 struct der2key_ctx_st; /* Forward declaration */
719 typedef int check_key_fn(void *, struct der2key_ctx_st *ctx);
720 typedef void adjust_key_fn(void *, struct der2key_ctx_st *ctx);
721 typedef void free_key_fn(void *);
722 typedef void *d2i_PKCS8_fn(void **, const unsigned char **, long,
723 struct der2key_ctx_st *);
724 struct keytype_desc_st {
725 const char *keytype_name;
726 const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */
727
728 /* The input structure name */
729 const char *structure_name;
730
731 /*
732 * The EVP_PKEY_xxx type macro. Should be zero for type specific
733 * structures, non-zero when the outermost structure is PKCS#8 or
734 * SubjectPublicKeyInfo. This determines which of the function
735 * pointers below will be used.
736 */
737 int evp_type;
738
739 /* The selection mask for OSSL_FUNC_decoder_does_selection() */
740 int selection_mask;
741
742 /* For type specific decoders, we use the corresponding d2i */
743 d2i_of_void *d2i_private_key; /* From type-specific DER */
744 d2i_of_void *d2i_public_key; /* From type-specific DER */
745 d2i_of_void *d2i_key_params; /* From type-specific DER */
746 d2i_PKCS8_fn *d2i_PKCS8; /* Wrapped in a PrivateKeyInfo */
747 d2i_of_void *d2i_PUBKEY; /* Wrapped in a SubjectPublicKeyInfo */
748
749 /*
750 * For any key, we may need to check that the key meets expectations.
751 * This is useful when the same functions can decode several variants
752 * of a key.
753 */
754 check_key_fn *check_key;
755
756 /*
757 * For any key, we may need to make provider specific adjustments, such
758 * as ensure the key carries the correct library context.
759 */
760 adjust_key_fn *adjust_key;
761 /* {type}_free() */
762 free_key_fn *free_key;
763 };
764
765 /*
766 * Start blatant code steal. Alternative: Open up d2i_X509_PUBKEY_INTERNAL
767 * as per https://github.com/openssl/openssl/issues/16697 (TBD)
768 * Code from openssl/crypto/x509/x_pubkey.c as
769 * ossl_d2i_X509_PUBKEY_INTERNAL is presently not public
770 */
771 struct X509_pubkey_st {
772 X509_ALGOR *algor;
773 ASN1_BIT_STRING *public_key;
774
775 EVP_PKEY *pkey;
776
777 /* extra data for the callback, used by d2i_PUBKEY_ex */
778 OSSL_LIB_CTX *libctx;
779 char *propq;
780 };
781
782 ASN1_SEQUENCE(X509_PUBKEY_INTERNAL) = {
783 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
784 ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
785 } static_ASN1_SEQUENCE_END_name(X509_PUBKEY, X509_PUBKEY_INTERNAL)
786
787 static X509_PUBKEY *fake_rsa_d2i_X509_PUBKEY_INTERNAL(const unsigned char **pp,
788 long len, OSSL_LIB_CTX *libctx)
789 {
790 X509_PUBKEY *xpub = OPENSSL_zalloc(sizeof(*xpub));
791
792 if (xpub == NULL)
793 return NULL;
794 return (X509_PUBKEY *)ASN1_item_d2i_ex((ASN1_VALUE **)&xpub, pp, len,
795 ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL),
796 libctx, NULL);
797 }
798 /* end steal https://github.com/openssl/openssl/issues/16697 */
799
800 /*
801 * Context used for DER to key decoding.
802 */
803 struct der2key_ctx_st {
804 PROV_FAKE_RSA_CTX *provctx;
805 struct keytype_desc_st *desc;
806 /* The selection that is passed to fake_rsa_der2key_decode() */
807 int selection;
808 /* Flag used to signal that a failure is fatal */
809 unsigned int flag_fatal : 1;
810 };
811
fake_rsa_read_der(PROV_FAKE_RSA_CTX * provctx,OSSL_CORE_BIO * cin,unsigned char ** data,long * len)812 static int fake_rsa_read_der(PROV_FAKE_RSA_CTX *provctx, OSSL_CORE_BIO *cin,
813 unsigned char **data, long *len)
814 {
815 BUF_MEM *mem = NULL;
816 BIO *in = BIO_new_from_core_bio(provctx->libctx, cin);
817 int ok = (asn1_d2i_read_bio(in, &mem) >= 0);
818
819 if (ok) {
820 *data = (unsigned char *)mem->data;
821 *len = (long)mem->length;
822 OPENSSL_free(mem);
823 }
824 BIO_free(in);
825 return ok;
826 }
827
828 typedef void *key_from_pkcs8_t(const PKCS8_PRIV_KEY_INFO *p8inf,
829 OSSL_LIB_CTX *libctx, const char *propq);
fake_rsa_der2key_decode_p8(const unsigned char ** input_der,long input_der_len,struct der2key_ctx_st * ctx,key_from_pkcs8_t * key_from_pkcs8)830 static void *fake_rsa_der2key_decode_p8(const unsigned char **input_der,
831 long input_der_len, struct der2key_ctx_st *ctx,
832 key_from_pkcs8_t *key_from_pkcs8)
833 {
834 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
835 const X509_ALGOR *alg = NULL;
836 void *key = NULL;
837
838 if ((p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, input_der, input_der_len)) != NULL
839 && PKCS8_pkey_get0(NULL, NULL, NULL, &alg, p8inf)
840 && OBJ_obj2nid(alg->algorithm) == ctx->desc->evp_type)
841 key = key_from_pkcs8(p8inf, PROV_FAKE_RSA_LIBCTX_OF(ctx->provctx), NULL);
842 PKCS8_PRIV_KEY_INFO_free(p8inf);
843
844 return key;
845 }
846
fake_rsa_d2i_PUBKEY(struct fake_rsa_keydata ** a,const unsigned char ** pp,long length)847 static struct fake_rsa_keydata *fake_rsa_d2i_PUBKEY(struct fake_rsa_keydata **a,
848 const unsigned char **pp, long length)
849 {
850 struct fake_rsa_keydata *key = NULL;
851 X509_PUBKEY *xpk;
852
853 xpk = fake_rsa_d2i_X509_PUBKEY_INTERNAL(pp, length, NULL);
854 if (xpk == NULL)
855 goto err_exit;
856
857 key = fake_rsa_keymgmt_new(NULL);
858 if (key == NULL)
859 goto err_exit;
860
861 key->status = FAKE_RSA_STATUS_DECODED;
862
863 if (a != NULL) {
864 fake_rsa_keymgmt_free(*a);
865 *a = key;
866 }
867
868 err_exit:
869 X509_PUBKEY_free(xpk);
870 return key;
871 }
872
873 /* ---------------------------------------------------------------------- */
874
875 static OSSL_FUNC_decoder_freectx_fn der2key_freectx;
876 static OSSL_FUNC_decoder_decode_fn fake_rsa_der2key_decode;
877 static OSSL_FUNC_decoder_export_object_fn der2key_export_object;
878
879 static struct der2key_ctx_st *
der2key_newctx(void * provctx,struct keytype_desc_st * desc,const char * tls_name)880 der2key_newctx(void *provctx, struct keytype_desc_st *desc, const char *tls_name)
881 {
882 struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx));
883
884 if (ctx != NULL) {
885 ctx->provctx = provctx;
886 ctx->desc = desc;
887 if (desc->evp_type == 0)
888 ctx->desc->evp_type = OBJ_sn2nid(tls_name);
889 }
890 return ctx;
891 }
892
der2key_freectx(void * vctx)893 static void der2key_freectx(void *vctx)
894 {
895 struct der2key_ctx_st *ctx = vctx;
896
897 OPENSSL_free(ctx);
898 }
899
der2key_check_selection(int selection,const struct keytype_desc_st * desc)900 static int der2key_check_selection(int selection,
901 const struct keytype_desc_st *desc)
902 {
903 /*
904 * The selections are kinda sorta "levels", i.e. each selection given
905 * here is assumed to include those following.
906 */
907 int checks[] = {
908 OSSL_KEYMGMT_SELECT_PRIVATE_KEY,
909 OSSL_KEYMGMT_SELECT_PUBLIC_KEY,
910 OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
911 };
912 size_t i;
913
914 /* The decoder implementations made here support guessing */
915 if (selection == 0)
916 return 1;
917
918 for (i = 0; i < OSSL_NELEM(checks); i++) {
919 int check1 = (selection & checks[i]) != 0;
920 int check2 = (desc->selection_mask & checks[i]) != 0;
921
922 /*
923 * If the caller asked for the currently checked bit(s), return
924 * whether the decoder description says it's supported.
925 */
926 if (check1)
927 return check2;
928 }
929
930 /* This should be dead code, but just to be safe... */
931 return 0;
932 }
933
fake_rsa_der2key_decode(void * vctx,OSSL_CORE_BIO * cin,int selection,OSSL_CALLBACK * data_cb,void * data_cbarg,OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)934 static int fake_rsa_der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
935 OSSL_CALLBACK *data_cb, void *data_cbarg,
936 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
937 {
938 struct der2key_ctx_st *ctx = vctx;
939 unsigned char *der = NULL;
940 const unsigned char *derp;
941 long der_len = 0;
942 void *key = NULL;
943 int ok = 0;
944
945 ctx->selection = selection;
946 /*
947 * The caller is allowed to specify 0 as a selection mark, to have the
948 * structure and key type guessed. For type-specific structures, this
949 * is not recommended, as some structures are very similar.
950 * Note that 0 isn't the same as OSSL_KEYMGMT_SELECT_ALL, as the latter
951 * signifies a private key structure, where everything else is assumed
952 * to be present as well.
953 */
954 if (selection == 0)
955 selection = ctx->desc->selection_mask;
956 if ((selection & ctx->desc->selection_mask) == 0) {
957 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
958 return 0;
959 }
960
961 ok = fake_rsa_read_der(ctx->provctx, cin, &der, &der_len);
962 if (!ok)
963 goto next;
964
965 ok = 0; /* Assume that we fail */
966
967 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
968 derp = der;
969 if (ctx->desc->d2i_PKCS8 != NULL) {
970 key = ctx->desc->d2i_PKCS8(NULL, &derp, der_len, ctx);
971 if (ctx->flag_fatal)
972 goto end;
973 } else if (ctx->desc->d2i_private_key != NULL) {
974 key = ctx->desc->d2i_private_key(NULL, &derp, der_len);
975 }
976 if (key == NULL && ctx->selection != 0)
977 goto next;
978 }
979 if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) {
980 derp = der;
981 if (ctx->desc->d2i_PUBKEY != NULL)
982 key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len);
983 else
984 key = ctx->desc->d2i_public_key(NULL, &derp, der_len);
985 if (key == NULL && ctx->selection != 0)
986 goto next;
987 }
988 if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) {
989 derp = der;
990 if (ctx->desc->d2i_key_params != NULL)
991 key = ctx->desc->d2i_key_params(NULL, &derp, der_len);
992 if (key == NULL && ctx->selection != 0)
993 goto next;
994 }
995
996 /*
997 * Last minute check to see if this was the correct type of key. This
998 * should never lead to a fatal error, i.e. the decoding itself was
999 * correct, it was just an unexpected key type. This is generally for
1000 * classes of key types that have subtle variants, like RSA-PSS keys as
1001 * opposed to plain RSA keys.
1002 */
1003 if (key != NULL
1004 && ctx->desc->check_key != NULL
1005 && !ctx->desc->check_key(key, ctx)) {
1006 ctx->desc->free_key(key);
1007 key = NULL;
1008 }
1009
1010 if (key != NULL && ctx->desc->adjust_key != NULL)
1011 ctx->desc->adjust_key(key, ctx);
1012
1013 next:
1014 /*
1015 * Indicated that we successfully decoded something, or not at all.
1016 * Ending up "empty handed" is not an error.
1017 */
1018 ok = 1;
1019
1020 /*
1021 * We free memory here so it's not held up during the callback, because
1022 * we know the process is recursive and the allocated chunks of memory
1023 * add up.
1024 */
1025 OPENSSL_free(der);
1026 der = NULL;
1027
1028 if (key != NULL) {
1029 OSSL_PARAM params[4];
1030 int object_type = OSSL_OBJECT_PKEY;
1031
1032 params[0] =
1033 OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type);
1034 params[1] =
1035 OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
1036 (char *)ctx->desc->keytype_name,
1037 0);
1038 /* The address of the key becomes the octet string */
1039 params[2] =
1040 OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE,
1041 &key, sizeof(key));
1042 params[3] = OSSL_PARAM_construct_end();
1043
1044 ok = data_cb(params, data_cbarg);
1045 }
1046
1047 end:
1048 ctx->desc->free_key(key);
1049 OPENSSL_free(der);
1050
1051 return ok;
1052 }
1053
1054 static OSSL_FUNC_keymgmt_export_fn *
fake_rsa_prov_get_keymgmt_export(const OSSL_DISPATCH * fns)1055 fake_rsa_prov_get_keymgmt_export(const OSSL_DISPATCH *fns)
1056 {
1057 /* Pilfer the keymgmt dispatch table */
1058 for (; fns->function_id != 0; fns++)
1059 if (fns->function_id == OSSL_FUNC_KEYMGMT_EXPORT)
1060 return OSSL_FUNC_keymgmt_export(fns);
1061
1062 return NULL;
1063 }
1064
der2key_export_object(void * vctx,const void * reference,size_t reference_sz,OSSL_CALLBACK * export_cb,void * export_cbarg)1065 static int der2key_export_object(void *vctx,
1066 const void *reference, size_t reference_sz,
1067 OSSL_CALLBACK *export_cb, void *export_cbarg)
1068 {
1069 struct der2key_ctx_st *ctx = vctx;
1070 OSSL_FUNC_keymgmt_export_fn *export = fake_rsa_prov_get_keymgmt_export(ctx->desc->fns);
1071 void *keydata;
1072
1073 if (reference_sz == sizeof(keydata) && export != NULL) {
1074 /* The contents of the reference is the address to our object */
1075 keydata = *(void **)reference;
1076
1077 return export(keydata, ctx->selection, export_cb, export_cbarg);
1078 }
1079 return 0;
1080 }
1081
1082 /* ---------------------------------------------------------------------- */
1083
fake_rsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO * p8inf,OSSL_LIB_CTX * libctx,const char * propq)1084 static struct fake_rsa_keydata *fake_rsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
1085 OSSL_LIB_CTX *libctx, const char *propq)
1086 {
1087 struct fake_rsa_keydata *key = fake_rsa_keymgmt_new(NULL);
1088
1089 if (key)
1090 key->status = FAKE_RSA_STATUS_DECODED;
1091 return key;
1092 }
1093
1094 #define rsa_evp_type EVP_PKEY_RSA
1095
fake_rsa_d2i_PKCS8(void ** key,const unsigned char ** der,long der_len,struct der2key_ctx_st * ctx)1096 static void *fake_rsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len,
1097 struct der2key_ctx_st *ctx)
1098 {
1099 return fake_rsa_der2key_decode_p8(der, der_len, ctx,
1100 (key_from_pkcs8_t *)fake_rsa_key_from_pkcs8);
1101 }
1102
fake_rsa_key_adjust(void * key,struct der2key_ctx_st * ctx)1103 static void fake_rsa_key_adjust(void *key, struct der2key_ctx_st *ctx)
1104 {
1105 }
1106
1107 /* ---------------------------------------------------------------------- */
1108
1109 #define DO_PrivateKeyInfo(keytype) \
1110 "PrivateKeyInfo", keytype##_evp_type, \
1111 (OSSL_KEYMGMT_SELECT_PRIVATE_KEY), \
1112 NULL, \
1113 NULL, \
1114 NULL, \
1115 fake_rsa_d2i_PKCS8, \
1116 NULL, \
1117 NULL, \
1118 fake_rsa_key_adjust, \
1119 (free_key_fn *)fake_rsa_keymgmt_free
1120
1121 #define DO_SubjectPublicKeyInfo(keytype) \
1122 "SubjectPublicKeyInfo", keytype##_evp_type, \
1123 (OSSL_KEYMGMT_SELECT_PUBLIC_KEY), \
1124 NULL, \
1125 NULL, \
1126 NULL, \
1127 NULL, \
1128 (d2i_of_void *)fake_rsa_d2i_PUBKEY, \
1129 NULL, \
1130 fake_rsa_key_adjust, \
1131 (free_key_fn *)fake_rsa_keymgmt_free
1132
1133 /*
1134 * MAKE_DECODER is the single driver for creating OSSL_DISPATCH tables.
1135 * It takes the following arguments:
1136 *
1137 * keytype_name The implementation key type as a string.
1138 * keytype The implementation key type. This must correspond exactly
1139 * to our existing keymgmt keytype names... in other words,
1140 * there must exist an ossl_##keytype##_keymgmt_functions.
1141 * type The type name for the set of functions that implement the
1142 * decoder for the key type. This isn't necessarily the same
1143 * as keytype. For example, the key types ed25519, ed448,
1144 * x25519 and x448 are all handled by the same functions with
1145 * the common type name ecx.
1146 * kind The kind of support to implement. This translates into
1147 * the DO_##kind macros above, to populate the keytype_desc_st
1148 * structure.
1149 */
1150 #define MAKE_DECODER(keytype_name, keytype, type, kind) \
1151 static struct keytype_desc_st kind##_##keytype##_desc = \
1152 { keytype_name, fake_rsa_keymgmt_funcs, \
1153 DO_##kind(keytype) }; \
1154 \
1155 static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \
1156 \
1157 static void *kind##_der2##keytype##_newctx(void *provctx) \
1158 { \
1159 return der2key_newctx(provctx, &kind##_##keytype##_desc, keytype_name);\
1160 } \
1161 static int kind##_der2##keytype##_does_selection(void *provctx, \
1162 int selection) \
1163 { \
1164 return der2key_check_selection(selection, \
1165 &kind##_##keytype##_desc); \
1166 } \
1167 static const OSSL_DISPATCH \
1168 fake_rsa_##kind##_der_to_##keytype##_decoder_functions[] = { \
1169 { OSSL_FUNC_DECODER_NEWCTX, \
1170 (void (*)(void))kind##_der2##keytype##_newctx }, \
1171 { OSSL_FUNC_DECODER_FREECTX, \
1172 (void (*)(void))der2key_freectx }, \
1173 { OSSL_FUNC_DECODER_DOES_SELECTION, \
1174 (void (*)(void))kind##_der2##keytype##_does_selection }, \
1175 { OSSL_FUNC_DECODER_DECODE, \
1176 (void (*)(void))fake_rsa_der2key_decode }, \
1177 { OSSL_FUNC_DECODER_EXPORT_OBJECT, \
1178 (void (*)(void))der2key_export_object }, \
1179 OSSL_DISPATCH_END \
1180 }
1181
1182 MAKE_DECODER("RSA", rsa, rsa, PrivateKeyInfo);
1183 MAKE_DECODER("RSA", rsa, rsa, SubjectPublicKeyInfo);
1184
1185 static const OSSL_ALGORITHM fake_rsa_decoder_algs[] = {
1186 #define DECODER_PROVIDER "fake-rsa"
1187 #define DECODER_STRUCTURE_SubjectPublicKeyInfo "SubjectPublicKeyInfo"
1188 #define DECODER_STRUCTURE_PrivateKeyInfo "PrivateKeyInfo"
1189
1190 /* Arguments are prefixed with '_' to avoid build breaks on certain platforms */
1191 /*
1192 * Obviously this is not FIPS approved, but in order to test in conjunction
1193 * with the FIPS provider we pretend that it is.
1194 */
1195
1196 #define DECODER(_name, _input, _output) \
1197 { _name, \
1198 "provider=" DECODER_PROVIDER ",fips=yes,input=" #_input, \
1199 (fake_rsa_##_input##_to_##_output##_decoder_functions) \
1200 }
1201 #define DECODER_w_structure(_name, _input, _structure, _output) \
1202 { _name, \
1203 "provider=" DECODER_PROVIDER ",fips=yes,input=" #_input \
1204 ",structure=" DECODER_STRUCTURE_##_structure, \
1205 (fake_rsa_##_structure##_##_input##_to_##_output##_decoder_functions) \
1206 }
1207
1208 DECODER_w_structure("RSA:rsaEncryption", der, PrivateKeyInfo, rsa),
1209 DECODER_w_structure("RSA:rsaEncryption", der, SubjectPublicKeyInfo, rsa),
1210 #undef DECODER_PROVIDER
1211 { NULL, NULL, NULL }
1212 };
1213
fake_rsa_query(void * provctx,int operation_id,int * no_cache)1214 static const OSSL_ALGORITHM *fake_rsa_query(void *provctx,
1215 int operation_id,
1216 int *no_cache)
1217 {
1218 *no_cache = 0;
1219 switch (operation_id) {
1220 case OSSL_OP_SIGNATURE:
1221 return fake_rsa_sig_algs;
1222
1223 case OSSL_OP_KEYMGMT:
1224 return fake_rsa_keymgmt_algs;
1225
1226 case OSSL_OP_STORE:
1227 return fake_rsa_store_algs;
1228
1229 case OSSL_OP_DECODER:
1230 return fake_rsa_decoder_algs;
1231 }
1232 return NULL;
1233 }
1234
fake_rsa_prov_teardown(void * provctx)1235 static void fake_rsa_prov_teardown(void *provctx)
1236 {
1237 PROV_FAKE_RSA_CTX *pctx = (PROV_FAKE_RSA_CTX *)provctx;
1238
1239 OSSL_LIB_CTX_free(pctx->libctx);
1240 OPENSSL_free(pctx);
1241 }
1242
1243 /* Functions we provide to the core */
1244 static const OSSL_DISPATCH fake_rsa_method[] = {
1245 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fake_rsa_prov_teardown },
1246 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fake_rsa_query },
1247 OSSL_DISPATCH_END
1248 };
1249
fake_rsa_provider_init(const OSSL_CORE_HANDLE * handle,const OSSL_DISPATCH * in,const OSSL_DISPATCH ** out,void ** provctx)1250 static int fake_rsa_provider_init(const OSSL_CORE_HANDLE *handle,
1251 const OSSL_DISPATCH *in,
1252 const OSSL_DISPATCH **out, void **provctx)
1253 {
1254 OSSL_LIB_CTX *libctx;
1255 PROV_FAKE_RSA_CTX *prov_ctx;
1256
1257 if (!TEST_ptr(libctx = OSSL_LIB_CTX_new_from_dispatch(handle, in)))
1258 return 0;
1259
1260 if (!TEST_ptr(prov_ctx = OPENSSL_malloc(sizeof(*prov_ctx)))) {
1261 OSSL_LIB_CTX_free(libctx);
1262 return 0;
1263 }
1264
1265 prov_ctx->libctx = libctx;
1266
1267 *provctx = prov_ctx;
1268 *out = fake_rsa_method;
1269 return 1;
1270 }
1271
fake_rsa_start(OSSL_LIB_CTX * libctx)1272 OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx)
1273 {
1274 OSSL_PROVIDER *p;
1275
1276 if (!TEST_true(OSSL_PROVIDER_add_builtin(libctx, "fake-rsa",
1277 fake_rsa_provider_init))
1278 || !TEST_ptr(p = OSSL_PROVIDER_try_load(libctx, "fake-rsa", 1)))
1279 return NULL;
1280
1281 return p;
1282 }
1283
fake_rsa_finish(OSSL_PROVIDER * p)1284 void fake_rsa_finish(OSSL_PROVIDER *p)
1285 {
1286 OSSL_PROVIDER_unload(p);
1287 }
1288