1/* 2 * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9{- 10use OpenSSL::paramnames qw(produce_param_decoder); 11-} 12 13/* 14 * Low level APIs are deprecated for public use, but still ok for internal use. 15 */ 16#include "internal/deprecated.h" 17 18#include <openssl/byteorder.h> 19#include <openssl/core.h> 20#include <openssl/core_dispatch.h> 21#include <openssl/core_names.h> 22#include <openssl/crypto.h> 23#include <openssl/params.h> 24#include <openssl/asn1.h> 25#include <openssl/err.h> 26#include <openssl/pem.h> 27#include <openssl/x509.h> 28#include <openssl/pkcs12.h> /* PKCS8_encrypt() */ 29#include <openssl/dh.h> 30#include <openssl/dsa.h> 31#include <openssl/ec.h> 32#include <openssl/proverr.h> 33#include "internal/passphrase.h" 34#include "internal/cryptlib.h" 35#include "crypto/ecx.h" 36#include "crypto/ml_kem.h" 37#include "crypto/rsa.h" 38#include "crypto/ml_dsa.h" 39#include "crypto/slh_dsa.h" 40#include "prov/implementations.h" 41#include "prov/bio.h" 42#include "prov/provider_ctx.h" 43#include "prov/der_rsa.h" 44#include "prov/endecoder_local.h" 45#include "prov/ml_dsa_codecs.h" 46#include "prov/ml_kem_codecs.h" 47 48#if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC) 49# define OPENSSL_NO_KEYPARAMS 50#endif 51 52typedef struct key2any_ctx_st { 53 PROV_CTX *provctx; 54 55 /* Set to 0 if parameters should not be saved (dsa only) */ 56 int save_parameters; 57 58 /* Set to 1 if intending to encrypt/decrypt, otherwise 0 */ 59 int cipher_intent; 60 61 EVP_CIPHER *cipher; 62 63 struct ossl_passphrase_data_st pwdata; 64} KEY2ANY_CTX; 65 66typedef int check_key_type_fn(const void *key, int nid); 67typedef int key_to_paramstring_fn(const void *key, int nid, int save, 68 void **str, int *strtype); 69typedef int key_to_der_fn(BIO *out, const void *key, 70 int key_nid, const char *pemname, 71 key_to_paramstring_fn *p2s, 72 OSSL_i2d_of_void_ctx *k2d, KEY2ANY_CTX *ctx); 73typedef int write_bio_of_void_fn(BIO *bp, const void *x); 74 75 76/* Free the blob allocated during key_to_paramstring_fn */ 77static void free_asn1_data(int type, void *data) 78{ 79 switch (type) { 80 case V_ASN1_OBJECT: 81 ASN1_OBJECT_free(data); 82 break; 83 case V_ASN1_SEQUENCE: 84 ASN1_STRING_free(data); 85 break; 86 } 87} 88 89static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid, 90 void *params, int params_type, 91 OSSL_i2d_of_void_ctx *k2d, 92 KEY2ANY_CTX *ctx) 93{ 94 /* der, derlen store the key DER output and its length */ 95 unsigned char *der = NULL; 96 int derlen; 97 /* The final PKCS#8 info */ 98 PKCS8_PRIV_KEY_INFO *p8info = NULL; 99 100 if ((p8info = PKCS8_PRIV_KEY_INFO_new()) == NULL 101 || (derlen = k2d(key, &der, (void *)ctx)) <= 0 102 || !PKCS8_pkey_set0(p8info, OBJ_nid2obj(key_nid), 0, 103 params_type, params, der, derlen)) { 104 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); 105 PKCS8_PRIV_KEY_INFO_free(p8info); 106 OPENSSL_free(der); 107 p8info = NULL; 108 } 109 110 return p8info; 111} 112 113static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info, 114 KEY2ANY_CTX *ctx) 115{ 116 X509_SIG *p8 = NULL; 117 char kstr[PEM_BUFSIZE]; 118 size_t klen = 0; 119 OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); 120 121 if (ctx->cipher == NULL) 122 return NULL; 123 124 if (!ossl_pw_get_passphrase(kstr, sizeof(kstr), &klen, NULL, 1, 125 &ctx->pwdata)) { 126 ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE); 127 return NULL; 128 } 129 /* First argument == -1 means "standard" */ 130 p8 = PKCS8_encrypt_ex(-1, ctx->cipher, kstr, (int)klen, NULL, 0, 0, p8info, 131 libctx, NULL); 132 OPENSSL_cleanse(kstr, klen); 133 return p8; 134} 135 136static X509_SIG *key_to_encp8(const void *key, int key_nid, 137 void *params, int params_type, 138 OSSL_i2d_of_void_ctx *k2d, 139 KEY2ANY_CTX *ctx) 140{ 141 PKCS8_PRIV_KEY_INFO *p8info = 142 key_to_p8info(key, key_nid, params, params_type, k2d, ctx); 143 X509_SIG *p8 = NULL; 144 145 if (p8info == NULL) { 146 free_asn1_data(params_type, params); 147 } else { 148 p8 = p8info_to_encp8(p8info, ctx); 149 PKCS8_PRIV_KEY_INFO_free(p8info); 150 } 151 return p8; 152} 153 154static X509_PUBKEY *key_to_pubkey(const void *key, int key_nid, 155 void *params, int params_type, 156 OSSL_i2d_of_void_ctx *k2d, 157 KEY2ANY_CTX *ctx) 158{ 159 /* der, derlen store the key DER output and its length */ 160 unsigned char *der = NULL; 161 int derlen; 162 /* The final X509_PUBKEY */ 163 X509_PUBKEY *xpk = NULL; 164 165 166 if ((xpk = X509_PUBKEY_new()) == NULL 167 || (derlen = k2d(key, &der, (void *)ctx)) <= 0 168 || !X509_PUBKEY_set0_param(xpk, OBJ_nid2obj(key_nid), 169 params_type, params, der, derlen)) { 170 ERR_raise(ERR_LIB_PROV, ERR_R_X509_LIB); 171 X509_PUBKEY_free(xpk); 172 OPENSSL_free(der); 173 xpk = NULL; 174 } 175 176 return xpk; 177} 178 179/* 180 * key_to_epki_* produce encoded output with the private key data in a 181 * EncryptedPrivateKeyInfo structure (defined by PKCS#8). They require 182 * that there's an intent to encrypt, anything else is an error. 183 * 184 * key_to_pki_* primarily produce encoded output with the private key data 185 * in a PrivateKeyInfo structure (also defined by PKCS#8). However, if 186 * there is an intent to encrypt the data, the corresponding key_to_epki_* 187 * function is used instead. 188 * 189 * key_to_spki_* produce encoded output with the public key data in an 190 * X.509 SubjectPublicKeyInfo. 191 * 192 * Key parameters don't have any defined envelopment of this kind, but are 193 * included in some manner in the output from the functions described above, 194 * either in the AlgorithmIdentifier's parameter field, or as part of the 195 * key data itself. 196 */ 197 198static int key_to_epki_der_priv_bio(BIO *out, const void *key, 199 int key_nid, 200 ossl_unused const char *pemname, 201 key_to_paramstring_fn *p2s, 202 OSSL_i2d_of_void_ctx *k2d, 203 KEY2ANY_CTX *ctx) 204{ 205 int ret = 0; 206 void *str = NULL; 207 int strtype = V_ASN1_UNDEF; 208 X509_SIG *p8; 209 210 if (!ctx->cipher_intent) 211 return 0; 212 213 if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, 214 &str, &strtype)) 215 return 0; 216 217 p8 = key_to_encp8(key, key_nid, str, strtype, k2d, ctx); 218 if (p8 != NULL) 219 ret = i2d_PKCS8_bio(out, p8); 220 221 X509_SIG_free(p8); 222 223 return ret; 224} 225 226static int key_to_epki_pem_priv_bio(BIO *out, const void *key, 227 int key_nid, 228 ossl_unused const char *pemname, 229 key_to_paramstring_fn *p2s, 230 OSSL_i2d_of_void_ctx *k2d, 231 KEY2ANY_CTX *ctx) 232{ 233 int ret = 0; 234 void *str = NULL; 235 int strtype = V_ASN1_UNDEF; 236 X509_SIG *p8; 237 238 if (!ctx->cipher_intent) 239 return 0; 240 241 if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, 242 &str, &strtype)) 243 return 0; 244 245 p8 = key_to_encp8(key, key_nid, str, strtype, k2d, ctx); 246 if (p8 != NULL) 247 ret = PEM_write_bio_PKCS8(out, p8); 248 249 X509_SIG_free(p8); 250 251 return ret; 252} 253 254static int key_to_pki_der_priv_bio(BIO *out, const void *key, 255 int key_nid, 256 ossl_unused const char *pemname, 257 key_to_paramstring_fn *p2s, 258 OSSL_i2d_of_void_ctx *k2d, 259 KEY2ANY_CTX *ctx) 260{ 261 int ret = 0; 262 void *str = NULL; 263 int strtype = V_ASN1_UNDEF; 264 PKCS8_PRIV_KEY_INFO *p8info; 265 266 if (ctx->cipher_intent) 267 return key_to_epki_der_priv_bio(out, key, key_nid, pemname, 268 p2s, k2d, ctx); 269 270 if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, 271 &str, &strtype)) 272 return 0; 273 274 p8info = key_to_p8info(key, key_nid, str, strtype, k2d, ctx); 275 276 if (p8info != NULL) 277 ret = i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8info); 278 else 279 free_asn1_data(strtype, str); 280 281 PKCS8_PRIV_KEY_INFO_free(p8info); 282 283 return ret; 284} 285 286static int key_to_pki_pem_priv_bio(BIO *out, const void *key, 287 int key_nid, 288 ossl_unused const char *pemname, 289 key_to_paramstring_fn *p2s, 290 OSSL_i2d_of_void_ctx *k2d, 291 KEY2ANY_CTX *ctx) 292{ 293 int ret = 0; 294 void *str = NULL; 295 int strtype = V_ASN1_UNDEF; 296 PKCS8_PRIV_KEY_INFO *p8info; 297 298 if (ctx->cipher_intent) 299 return key_to_epki_pem_priv_bio(out, key, key_nid, pemname, 300 p2s, k2d, ctx); 301 302 if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, 303 &str, &strtype)) 304 return 0; 305 306 p8info = key_to_p8info(key, key_nid, str, strtype, k2d, ctx); 307 308 if (p8info != NULL) 309 ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8info); 310 else 311 free_asn1_data(strtype, str); 312 313 PKCS8_PRIV_KEY_INFO_free(p8info); 314 315 return ret; 316} 317 318static int key_to_spki_der_pub_bio(BIO *out, const void *key, 319 int key_nid, 320 ossl_unused const char *pemname, 321 key_to_paramstring_fn *p2s, 322 OSSL_i2d_of_void_ctx *k2d, 323 KEY2ANY_CTX *ctx) 324{ 325 int ret = 0; 326 void *str = NULL; 327 int strtype = V_ASN1_UNDEF; 328 X509_PUBKEY *xpk = NULL; 329 330 if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, 331 &str, &strtype)) 332 return 0; 333 334 xpk = key_to_pubkey(key, key_nid, str, strtype, k2d, ctx); 335 336 if (xpk != NULL) 337 ret = i2d_X509_PUBKEY_bio(out, xpk); 338 339 /* Also frees |str| */ 340 X509_PUBKEY_free(xpk); 341 return ret; 342} 343 344static int key_to_spki_pem_pub_bio(BIO *out, const void *key, 345 int key_nid, 346 ossl_unused const char *pemname, 347 key_to_paramstring_fn *p2s, 348 OSSL_i2d_of_void_ctx *k2d, 349 KEY2ANY_CTX *ctx) 350{ 351 int ret = 0; 352 void *str = NULL; 353 int strtype = V_ASN1_UNDEF; 354 X509_PUBKEY *xpk = NULL; 355 356 if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, 357 &str, &strtype)) 358 return 0; 359 360 xpk = key_to_pubkey(key, key_nid, str, strtype, k2d, ctx); 361 362 if (xpk != NULL) 363 ret = PEM_write_bio_X509_PUBKEY(out, xpk); 364 else 365 free_asn1_data(strtype, str); 366 367 /* Also frees |str| */ 368 X509_PUBKEY_free(xpk); 369 return ret; 370} 371 372/* 373 * key_to_type_specific_* produce encoded output with type specific key data, 374 * no envelopment; the same kind of output as the type specific i2d_ and 375 * PEM_write_ functions, which is often a simple SEQUENCE of INTEGER. 376 * 377 * OpenSSL tries to discourage production of new keys in this form, because 378 * of the ambiguity when trying to recognise them, but can't deny that PKCS#1 379 * et al still are live standards. 380 * 381 * Note that these functions completely ignore p2s, and rather rely entirely 382 * on k2d to do the complete work. 383 */ 384static int key_to_type_specific_der_bio(BIO *out, const void *key, 385 int key_nid, 386 ossl_unused const char *pemname, 387 key_to_paramstring_fn *p2s, 388 OSSL_i2d_of_void_ctx *k2d, 389 KEY2ANY_CTX *ctx) 390{ 391 unsigned char *der = NULL; 392 int derlen; 393 int ret; 394 395 if ((derlen = k2d(key, &der, (void *)ctx)) <= 0) { 396 ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB); 397 return 0; 398 } 399 400 ret = BIO_write(out, der, derlen); 401 OPENSSL_free(der); 402 return ret > 0; 403} 404#define key_to_type_specific_der_priv_bio key_to_type_specific_der_bio 405#define key_to_type_specific_der_pub_bio key_to_type_specific_der_bio 406#define key_to_type_specific_der_param_bio key_to_type_specific_der_bio 407 408static int key_to_type_specific_pem_bio_cb(BIO *out, const void *key, 409 int key_nid, const char *pemname, 410 key_to_paramstring_fn *p2s, 411 OSSL_i2d_of_void_ctx *k2d, 412 KEY2ANY_CTX *ctx, 413 pem_password_cb *cb, void *cbarg) 414{ 415 return PEM_ASN1_write_bio_ctx(k2d, (void *)ctx, pemname, out, key, 416 ctx->cipher, NULL, 0, cb, cbarg) > 0; 417} 418 419static int key_to_type_specific_pem_priv_bio(BIO *out, const void *key, 420 int key_nid, const char *pemname, 421 key_to_paramstring_fn *p2s, 422 OSSL_i2d_of_void_ctx *k2d, 423 KEY2ANY_CTX *ctx) 424{ 425 return key_to_type_specific_pem_bio_cb(out, key, key_nid, pemname, 426 p2s, k2d, ctx, 427 ossl_pw_pem_password, &ctx->pwdata); 428} 429 430static int key_to_type_specific_pem_pub_bio(BIO *out, const void *key, 431 int key_nid, const char *pemname, 432 key_to_paramstring_fn *p2s, 433 OSSL_i2d_of_void_ctx *k2d, 434 KEY2ANY_CTX *ctx) 435{ 436 return key_to_type_specific_pem_bio_cb(out, key, key_nid, pemname, 437 p2s, k2d, ctx, NULL, NULL); 438} 439 440#ifndef OPENSSL_NO_KEYPARAMS 441static int key_to_type_specific_pem_param_bio(BIO *out, const void *key, 442 int key_nid, const char *pemname, 443 key_to_paramstring_fn *p2s, 444 OSSL_i2d_of_void_ctx *k2d, 445 KEY2ANY_CTX *ctx) 446{ 447 return key_to_type_specific_pem_bio_cb(out, key, key_nid, pemname, 448 p2s, k2d, ctx, NULL, NULL); 449} 450#endif 451 452/* ---------------------------------------------------------------------- */ 453 454#define k2d_NOCTX(n, f) \ 455 static int \ 456 n##_k2d(const void *key, unsigned char **pder, \ 457 ossl_unused void *ctx) \ 458 { \ 459 return f(key, pder); \ 460 } 461 462/* ---------------------------------------------------------------------- */ 463 464#ifndef OPENSSL_NO_DH 465static int prepare_dh_params(const void *dh, int nid, int save, 466 void **pstr, int *pstrtype) 467{ 468 ASN1_STRING *params = ASN1_STRING_new(); 469 470 if (params == NULL) { 471 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); 472 return 0; 473 } 474 475 if (nid == EVP_PKEY_DHX) 476 params->length = i2d_DHxparams(dh, ¶ms->data); 477 else 478 params->length = i2d_DHparams(dh, ¶ms->data); 479 480 if (params->length <= 0) { 481 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); 482 ASN1_STRING_free(params); 483 return 0; 484 } 485 params->type = V_ASN1_SEQUENCE; 486 487 *pstr = params; 488 *pstrtype = V_ASN1_SEQUENCE; 489 return 1; 490} 491 492static int dh_spki_pub_to_der(const void *dh, unsigned char **pder, 493 ossl_unused void *ctx) 494{ 495 const BIGNUM *bn = NULL; 496 ASN1_INTEGER *pub_key = NULL; 497 int ret; 498 499 if ((bn = DH_get0_pub_key(dh)) == NULL) { 500 ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); 501 return 0; 502 } 503 if ((pub_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { 504 ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); 505 return 0; 506 } 507 508 ret = i2d_ASN1_INTEGER(pub_key, pder); 509 510 ASN1_STRING_clear_free(pub_key); 511 return ret; 512} 513 514static int dh_pki_priv_to_der(const void *dh, unsigned char **pder, 515 ossl_unused void *ctx) 516{ 517 const BIGNUM *bn = NULL; 518 ASN1_INTEGER *priv_key = NULL; 519 int ret; 520 521 if ((bn = DH_get0_priv_key(dh)) == NULL) { 522 ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); 523 return 0; 524 } 525 if ((priv_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { 526 ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); 527 return 0; 528 } 529 530 ret = i2d_ASN1_INTEGER(priv_key, pder); 531 532 ASN1_STRING_clear_free(priv_key); 533 return ret; 534} 535 536# define dh_epki_priv_to_der dh_pki_priv_to_der 537 538static int 539dh_type_specific_params_to_der(const void *dh, unsigned char **pder, 540 ossl_unused void *ctx) 541{ 542 if (DH_test_flags(dh, DH_FLAG_TYPE_DHX)) 543 return i2d_DHxparams(dh, pder); 544 return i2d_DHparams(dh, pder); 545} 546 547/* 548 * DH doesn't have i2d_DHPrivateKey or i2d_DHPublicKey, so we can't make 549 * corresponding functions here. 550 */ 551# define dh_type_specific_priv_to_der NULL 552# define dh_type_specific_pub_to_der NULL 553 554static int dh_check_key_type(const void *dh, int expected_type) 555{ 556 int type = 557 DH_test_flags(dh, DH_FLAG_TYPE_DHX) ? EVP_PKEY_DHX : EVP_PKEY_DH; 558 559 return type == expected_type; 560} 561 562# define dh_evp_type EVP_PKEY_DH 563# define dhx_evp_type EVP_PKEY_DHX 564# define dh_pem_type "DH" 565# define dhx_pem_type "X9.42 DH" 566#endif 567 568/* ---------------------------------------------------------------------- */ 569 570#ifndef OPENSSL_NO_DSA 571static int encode_dsa_params(const void *dsa, int nid, 572 void **pstr, int *pstrtype) 573{ 574 ASN1_STRING *params = ASN1_STRING_new(); 575 576 if (params == NULL) { 577 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); 578 return 0; 579 } 580 581 params->length = i2d_DSAparams(dsa, ¶ms->data); 582 583 if (params->length <= 0) { 584 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); 585 ASN1_STRING_free(params); 586 return 0; 587 } 588 589 *pstrtype = V_ASN1_SEQUENCE; 590 *pstr = params; 591 return 1; 592} 593 594static int prepare_dsa_params(const void *dsa, int nid, int save, 595 void **pstr, int *pstrtype) 596{ 597 const BIGNUM *p = DSA_get0_p(dsa); 598 const BIGNUM *q = DSA_get0_q(dsa); 599 const BIGNUM *g = DSA_get0_g(dsa); 600 601 if (save && p != NULL && q != NULL && g != NULL) 602 return encode_dsa_params(dsa, nid, pstr, pstrtype); 603 604 *pstr = NULL; 605 *pstrtype = V_ASN1_UNDEF; 606 return 1; 607} 608 609static int dsa_spki_pub_to_der(const void *dsa, unsigned char **pder, 610 ossl_unused void *ctx) 611{ 612 const BIGNUM *bn = NULL; 613 ASN1_INTEGER *pub_key = NULL; 614 int ret; 615 616 if ((bn = DSA_get0_pub_key(dsa)) == NULL) { 617 ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); 618 return 0; 619 } 620 if ((pub_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { 621 ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); 622 return 0; 623 } 624 625 ret = i2d_ASN1_INTEGER(pub_key, pder); 626 627 ASN1_STRING_clear_free(pub_key); 628 return ret; 629} 630 631static int dsa_pki_priv_to_der(const void *dsa, unsigned char **pder, 632 ossl_unused void *ctx) 633{ 634 const BIGNUM *bn = NULL; 635 ASN1_INTEGER *priv_key = NULL; 636 int ret; 637 638 if ((bn = DSA_get0_priv_key(dsa)) == NULL) { 639 ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); 640 return 0; 641 } 642 if ((priv_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { 643 ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); 644 return 0; 645 } 646 647 ret = i2d_ASN1_INTEGER(priv_key, pder); 648 649 ASN1_STRING_clear_free(priv_key); 650 return ret; 651} 652 653k2d_NOCTX(dsa_prv, i2d_DSAPrivateKey) 654k2d_NOCTX(dsa_pub, i2d_DSAPublicKey) 655k2d_NOCTX(dsa_param, i2d_DSAparams) 656 657# define dsa_epki_priv_to_der dsa_pki_priv_to_der 658 659# define dsa_type_specific_priv_to_der dsa_prv_k2d 660# define dsa_type_specific_pub_to_der dsa_pub_k2d 661# define dsa_type_specific_params_to_der dsa_param_k2d 662 663# define dsa_check_key_type NULL 664# define dsa_evp_type EVP_PKEY_DSA 665# define dsa_pem_type "DSA" 666#endif 667 668/* ---------------------------------------------------------------------- */ 669 670#ifndef OPENSSL_NO_EC 671static int prepare_ec_explicit_params(const void *eckey, 672 void **pstr, int *pstrtype) 673{ 674 ASN1_STRING *params = ASN1_STRING_new(); 675 676 if (params == NULL) { 677 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); 678 return 0; 679 } 680 681 params->length = i2d_ECParameters(eckey, ¶ms->data); 682 if (params->length <= 0) { 683 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); 684 ASN1_STRING_free(params); 685 return 0; 686 } 687 688 *pstrtype = V_ASN1_SEQUENCE; 689 *pstr = params; 690 return 1; 691} 692 693/* 694 * This implements EcpkParameters, where the CHOICE is based on whether there 695 * is a curve name (curve nid) to be found or not. See RFC 3279 for details. 696 */ 697static int prepare_ec_params(const void *eckey, int nid, int save, 698 void **pstr, int *pstrtype) 699{ 700 int curve_nid; 701 const EC_GROUP *group = EC_KEY_get0_group(eckey); 702 ASN1_OBJECT *params = NULL; 703 704 if (group == NULL) 705 return 0; 706 curve_nid = EC_GROUP_get_curve_name(group); 707 if (curve_nid != NID_undef) { 708 params = OBJ_nid2obj(curve_nid); 709 if (params == NULL) 710 return 0; 711 } 712 713 if (curve_nid != NID_undef 714 && (EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE)) { 715 /* The CHOICE came to namedCurve */ 716 if (OBJ_length(params) == 0) { 717 /* Some curves might not have an associated OID */ 718 ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_OID); 719 ASN1_OBJECT_free(params); 720 return 0; 721 } 722 *pstr = params; 723 *pstrtype = V_ASN1_OBJECT; 724 return 1; 725 } else { 726 /* The CHOICE came to ecParameters */ 727 return prepare_ec_explicit_params(eckey, pstr, pstrtype); 728 } 729} 730 731static int ec_spki_pub_to_der(const void *eckey, unsigned char **pder, 732 ossl_unused void *ctx) 733{ 734 if (EC_KEY_get0_public_key(eckey) == NULL) { 735 ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); 736 return 0; 737 } 738 return i2o_ECPublicKey(eckey, pder); 739} 740 741static int ec_pki_priv_to_der(const void *veckey, unsigned char **pder, 742 ossl_unused void *ctx) 743{ 744 EC_KEY *eckey = (EC_KEY *)veckey; 745 unsigned int old_flags; 746 int ret = 0; 747 748 /* 749 * For PKCS8 the curve name appears in the PKCS8_PRIV_KEY_INFO object 750 * as the pkeyalg->parameter field. (For a named curve this is an OID) 751 * The pkey field is an octet string that holds the encoded 752 * ECPrivateKey SEQUENCE with the optional parameters field omitted. 753 * We omit this by setting the EC_PKEY_NO_PARAMETERS flag. 754 */ 755 old_flags = EC_KEY_get_enc_flags(eckey); /* save old flags */ 756 EC_KEY_set_enc_flags(eckey, old_flags | EC_PKEY_NO_PARAMETERS); 757 ret = i2d_ECPrivateKey(eckey, pder); 758 EC_KEY_set_enc_flags(eckey, old_flags); /* restore old flags */ 759 return ret; /* return the length of the der encoded data */ 760} 761 762k2d_NOCTX(ec_param, i2d_ECParameters) 763k2d_NOCTX(ec_prv, i2d_ECPrivateKey) 764 765# define ec_epki_priv_to_der ec_pki_priv_to_der 766 767# define ec_type_specific_params_to_der ec_param_k2d 768/* No ec_type_specific_pub_to_der, there simply is no such thing */ 769# define ec_type_specific_priv_to_der ec_prv_k2d 770 771# define ec_check_key_type NULL 772# define ec_evp_type EVP_PKEY_EC 773# define ec_pem_type "EC" 774 775# ifndef OPENSSL_NO_SM2 776/* 777 * Albeit SM2 is a slightly different algorithm than ECDSA, the key type 778 * encoding (in all places where an AlgorithmIdentifier is produced, such 779 * as PrivateKeyInfo and SubjectPublicKeyInfo) is the same as for ECC keys 780 * according to the example in GM/T 0015-2012, appendix D.2. 781 * This leaves the distinction of SM2 keys to the EC group (which is found 782 * in AlgorithmIdentified.params). 783 */ 784# define sm2_evp_type ec_evp_type 785# define sm2_pem_type "SM2" 786# endif 787#endif 788 789/* ---------------------------------------------------------------------- */ 790 791#ifndef OPENSSL_NO_ECX 792# define prepare_ecx_params NULL 793 794static int ecx_spki_pub_to_der(const void *vecxkey, unsigned char **pder, 795 ossl_unused void *ctx) 796{ 797 const ECX_KEY *ecxkey = vecxkey; 798 unsigned char *keyblob; 799 800 if (ecxkey == NULL) { 801 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); 802 return 0; 803 } 804 805 keyblob = OPENSSL_memdup(ecxkey->pubkey, ecxkey->keylen); 806 if (keyblob == NULL) 807 return 0; 808 809 *pder = keyblob; 810 return (int)ecxkey->keylen; 811} 812 813static int ecx_pki_priv_to_der(const void *vecxkey, unsigned char **pder, 814 ossl_unused void *ctx) 815{ 816 const ECX_KEY *ecxkey = vecxkey; 817 ASN1_OCTET_STRING oct; 818 int keybloblen; 819 820 if (ecxkey == NULL || ecxkey->privkey == NULL) { 821 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); 822 return 0; 823 } 824 825 oct.data = ecxkey->privkey; 826 oct.length = (int)ecxkey->keylen; 827 oct.flags = 0; 828 829 keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder); 830 if (keybloblen < 0) { 831 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); 832 return 0; 833 } 834 835 return keybloblen; 836} 837 838# define ecx_epki_priv_to_der ecx_pki_priv_to_der 839 840/* 841 * ED25519, ED448, X25519 and X448 only has PKCS#8 / SubjectPublicKeyInfo 842 * representation, so we don't define ecx_type_specific_[priv,pub,params]_to_der. 843 */ 844 845# define ecx_check_key_type NULL 846 847# define ed25519_evp_type EVP_PKEY_ED25519 848# define ed448_evp_type EVP_PKEY_ED448 849# define x25519_evp_type EVP_PKEY_X25519 850# define x448_evp_type EVP_PKEY_X448 851# define ed25519_pem_type "ED25519" 852# define ed448_pem_type "ED448" 853# define x25519_pem_type "X25519" 854# define x448_pem_type "X448" 855#endif 856 857/* ---------------------------------------------------------------------- */ 858 859#ifndef OPENSSL_NO_ML_DSA 860static int ml_dsa_spki_pub_to_der(const void *vkey, unsigned char **pder, 861 ossl_unused void *ctx) 862{ 863 return ossl_ml_dsa_i2d_pubkey(vkey, pder); 864} 865 866static int ml_dsa_pki_priv_to_der(const void *vkey, unsigned char **pder, 867 void *vctx) 868{ 869 KEY2ANY_CTX *ctx = vctx; 870 871 return ossl_ml_dsa_i2d_prvkey(vkey, pder, ctx->provctx); 872} 873 874# define ml_dsa_epki_priv_to_der ml_dsa_pki_priv_to_der 875# define prepare_ml_dsa_params NULL 876# define ml_dsa_check_key_type NULL 877 878# define ml_dsa_44_evp_type EVP_PKEY_ML_DSA_44 879# define ml_dsa_44_pem_type "ML-DSA-44" 880# define ml_dsa_65_evp_type EVP_PKEY_ML_DSA_65 881# define ml_dsa_65_pem_type "ML-DSA-65" 882# define ml_dsa_87_evp_type EVP_PKEY_ML_DSA_87 883# define ml_dsa_87_pem_type "ML-DSA-87" 884#endif /* OPENSSL_NO_ML_DSA */ 885 886/* ---------------------------------------------------------------------- */ 887 888#ifndef OPENSSL_NO_ML_KEM 889 890static int ml_kem_spki_pub_to_der(const void *vkey, unsigned char **pder, 891 ossl_unused void *ctx) 892{ 893 return ossl_ml_kem_i2d_pubkey(vkey, pder); 894} 895 896static int ml_kem_pki_priv_to_der(const void *vkey, unsigned char **pder, 897 void *vctx) 898{ 899 KEY2ANY_CTX *ctx = vctx; 900 901 return ossl_ml_kem_i2d_prvkey(vkey, pder, ctx->provctx); 902} 903 904# define ml_kem_epki_priv_to_der ml_kem_pki_priv_to_der 905# define prepare_ml_kem_params NULL 906# define ml_kem_check_key_type NULL 907 908# define ml_kem_512_evp_type EVP_PKEY_ML_KEM_512 909# define ml_kem_512_pem_type "ML-KEM-512" 910# define ml_kem_768_evp_type EVP_PKEY_ML_KEM_768 911# define ml_kem_768_pem_type "ML-KEM-768" 912# define ml_kem_1024_evp_type EVP_PKEY_ML_KEM_1024 913# define ml_kem_1024_pem_type "ML-KEM-1024" 914#endif 915 916/* ---------------------------------------------------------------------- */ 917 918/* 919 * Helper functions to prepare RSA-PSS params for encoding. We would 920 * have simply written the whole AlgorithmIdentifier, but existing libcrypto 921 * functionality doesn't allow that. 922 */ 923 924static int prepare_rsa_params(const void *rsa, int nid, int save, 925 void **pstr, int *pstrtype) 926{ 927 const RSA_PSS_PARAMS_30 *pss = ossl_rsa_get0_pss_params_30((RSA *)rsa); 928 929 *pstr = NULL; 930 931 switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { 932 case RSA_FLAG_TYPE_RSA: 933 /* If plain RSA, the parameters shall be NULL */ 934 *pstrtype = V_ASN1_NULL; 935 return 1; 936 case RSA_FLAG_TYPE_RSASSAPSS: 937 if (ossl_rsa_pss_params_30_is_unrestricted(pss)) { 938 *pstrtype = V_ASN1_UNDEF; 939 return 1; 940 } else { 941 ASN1_STRING *astr = NULL; 942 WPACKET pkt; 943 unsigned char *str = NULL; 944 size_t str_sz = 0; 945 int i; 946 947 for (i = 0; i < 2; i++) { 948 switch (i) { 949 case 0: 950 if (!WPACKET_init_null_der(&pkt)) 951 goto err; 952 break; 953 case 1: 954 if ((str = OPENSSL_malloc(str_sz)) == NULL 955 || !WPACKET_init_der(&pkt, str, str_sz)) { 956 WPACKET_cleanup(&pkt); 957 goto err; 958 } 959 break; 960 } 961 if (!ossl_DER_w_RSASSA_PSS_params(&pkt, -1, pss) 962 || !WPACKET_finish(&pkt) 963 || !WPACKET_get_total_written(&pkt, &str_sz)) { 964 WPACKET_cleanup(&pkt); 965 goto err; 966 } 967 WPACKET_cleanup(&pkt); 968 969 /* 970 * If no PSS parameters are going to be written, there's no 971 * point going for another iteration. 972 * This saves us from getting |str| allocated just to have it 973 * immediately de-allocated. 974 */ 975 if (str_sz == 0) 976 break; 977 } 978 979 if ((astr = ASN1_STRING_new()) == NULL) 980 goto err; 981 *pstrtype = V_ASN1_SEQUENCE; 982 ASN1_STRING_set0(astr, str, (int)str_sz); 983 *pstr = astr; 984 985 return 1; 986 err: 987 OPENSSL_free(str); 988 return 0; 989 } 990 } 991 992 /* Currently unsupported RSA key type */ 993 return 0; 994} 995 996k2d_NOCTX(rsa_prv, i2d_RSAPrivateKey) 997k2d_NOCTX(rsa_pub, i2d_RSAPublicKey) 998 999/* 1000 * RSA is extremely simple, as PKCS#1 is used for the PKCS#8 |privateKey| 1001 * field as well as the SubjectPublicKeyInfo |subjectPublicKey| field. 1002 */ 1003#define rsa_pki_priv_to_der rsa_type_specific_priv_to_der 1004#define rsa_epki_priv_to_der rsa_type_specific_priv_to_der 1005#define rsa_spki_pub_to_der rsa_type_specific_pub_to_der 1006#define rsa_type_specific_priv_to_der rsa_prv_k2d 1007#define rsa_type_specific_pub_to_der rsa_pub_k2d 1008#define rsa_type_specific_params_to_der NULL 1009 1010static int rsa_check_key_type(const void *rsa, int expected_type) 1011{ 1012 switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { 1013 case RSA_FLAG_TYPE_RSA: 1014 return expected_type == EVP_PKEY_RSA; 1015 case RSA_FLAG_TYPE_RSASSAPSS: 1016 return expected_type == EVP_PKEY_RSA_PSS; 1017 } 1018 1019 /* Currently unsupported RSA key type */ 1020 return EVP_PKEY_NONE; 1021} 1022 1023#define rsa_evp_type EVP_PKEY_RSA 1024#define rsapss_evp_type EVP_PKEY_RSA_PSS 1025#define rsa_pem_type "RSA" 1026#define rsapss_pem_type "RSA-PSS" 1027 1028/* ---------------------------------------------------------------------- */ 1029 1030#ifndef OPENSSL_NO_SLH_DSA 1031# define prepare_slh_dsa_params NULL 1032 1033static int slh_dsa_spki_pub_to_der(const void *vkey, unsigned char **pder, 1034 ossl_unused void *ctx) 1035{ 1036 const SLH_DSA_KEY *key = vkey; 1037 uint8_t *key_blob; 1038 size_t key_len; 1039 1040 if (key == NULL) { 1041 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); 1042 return 0; 1043 } 1044 key_len = ossl_slh_dsa_key_get_pub_len(key); 1045 key_blob = OPENSSL_memdup(ossl_slh_dsa_key_get_pub(key), key_len); 1046 if (key_blob == NULL) 1047 return 0; 1048 1049 *pder = key_blob; 1050 return (int)key_len; 1051} 1052 1053static int slh_dsa_pki_priv_to_der(const void *vkey, unsigned char **pder, 1054 ossl_unused void *ctx) 1055{ 1056 const SLH_DSA_KEY *key = vkey; 1057 size_t len; 1058 1059 if (ossl_slh_dsa_key_get_priv(key) == NULL) { 1060 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); 1061 return 0; 1062 } 1063 len = ossl_slh_dsa_key_get_priv_len(key); 1064 1065 if (pder != NULL 1066 && ((*pder = OPENSSL_memdup(ossl_slh_dsa_key_get_priv(key), len)) == NULL)) 1067 return 0; 1068 1069 return (int)len; 1070} 1071# define slh_dsa_epki_priv_to_der slh_dsa_pki_priv_to_der 1072 1073/* SLH_DSA only has PKCS#8 / SubjectPublicKeyInfo representations. */ 1074 1075# define slh_dsa_check_key_type NULL 1076# define slh_dsa_sha2_128s_evp_type EVP_PKEY_SLH_DSA_SHA2_128S 1077# define slh_dsa_sha2_128f_evp_type EVP_PKEY_SLH_DSA_SHA2_128F 1078# define slh_dsa_sha2_192s_evp_type EVP_PKEY_SLH_DSA_SHA2_192S 1079# define slh_dsa_sha2_192f_evp_type EVP_PKEY_SLH_DSA_SHA2_192F 1080# define slh_dsa_sha2_256s_evp_type EVP_PKEY_SLH_DSA_SHA2_256S 1081# define slh_dsa_sha2_256f_evp_type EVP_PKEY_SLH_DSA_SHA2_256F 1082# define slh_dsa_shake_128s_evp_type EVP_PKEY_SLH_DSA_SHAKE_128S 1083# define slh_dsa_shake_128f_evp_type EVP_PKEY_SLH_DSA_SHAKE_128F 1084# define slh_dsa_shake_192s_evp_type EVP_PKEY_SLH_DSA_SHAKE_192S 1085# define slh_dsa_shake_192f_evp_type EVP_PKEY_SLH_DSA_SHAKE_192F 1086# define slh_dsa_shake_256s_evp_type EVP_PKEY_SLH_DSA_SHAKE_256S 1087# define slh_dsa_shake_256f_evp_type EVP_PKEY_SLH_DSA_SHAKE_256F 1088# define slh_dsa_sha2_128s_input_type "SLH-DSA-SHA2-128s" 1089# define slh_dsa_sha2_128f_input_type "SLH-DSA-SHA2-128f" 1090# define slh_dsa_sha2_192s_input_type "SLH-DSA-SHA2-192s" 1091# define slh_dsa_sha2_192f_input_type "SLH-DSA-SHA2-192f" 1092# define slh_dsa_sha2_256s_input_type "SLH-DSA-SHA2-256s" 1093# define slh_dsa_sha2_256f_input_type "SLH-DSA-SHA2-256f" 1094# define slh_dsa_shake_128s_input_type "SLH-DSA-SHAKE-128s" 1095# define slh_dsa_shake_128f_input_type "SLH-DSA-SHAKE-128f" 1096# define slh_dsa_shake_192s_input_type "SLH-DSA-SHAKE-192s" 1097# define slh_dsa_shake_192f_input_type "SLH-DSA-SHAKE-192f" 1098# define slh_dsa_shake_256s_input_type "SLH-DSA-SHAKE-256s" 1099# define slh_dsa_shake_256f_input_type "SLH-DSA-SHAKE-256f" 1100# define slh_dsa_sha2_128s_pem_type "SLH-DSA-SHA2-128s" 1101# define slh_dsa_sha2_128f_pem_type "SLH-DSA-SHA2-128f" 1102# define slh_dsa_sha2_192s_pem_type "SLH-DSA-SHA2-192s" 1103# define slh_dsa_sha2_192f_pem_type "SLH-DSA-SHA2-192f" 1104# define slh_dsa_sha2_256s_pem_type "SLH-DSA-SHA2-256s" 1105# define slh_dsa_sha2_256f_pem_type "SLH-DSA-SHA2-256f" 1106# define slh_dsa_shake_128s_pem_type "SLH-DSA-SHAKE-128s" 1107# define slh_dsa_shake_128f_pem_type "SLH-DSA-SHAKE-128f" 1108# define slh_dsa_shake_192s_pem_type "SLH-DSA-SHAKE-192s" 1109# define slh_dsa_shake_192f_pem_type "SLH-DSA-SHAKE-192f" 1110# define slh_dsa_shake_256s_pem_type "SLH-DSA-SHAKE-256s" 1111# define slh_dsa_shake_256f_pem_type "SLH-DSA-SHAKE-256f" 1112#endif /* OPENSSL_NO_SLH_DSA */ 1113 1114/* ---------------------------------------------------------------------- */ 1115 1116static OSSL_FUNC_decoder_newctx_fn key2any_newctx; 1117static OSSL_FUNC_decoder_freectx_fn key2any_freectx; 1118 1119static void *key2any_newctx(void *provctx) 1120{ 1121 KEY2ANY_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); 1122 1123 if (ctx != NULL) { 1124 ctx->provctx = provctx; 1125 ctx->save_parameters = 1; 1126 } 1127 1128 return ctx; 1129} 1130 1131static void key2any_freectx(void *vctx) 1132{ 1133 KEY2ANY_CTX *ctx = vctx; 1134 1135 ossl_pw_clear_passphrase_data(&ctx->pwdata); 1136 EVP_CIPHER_free(ctx->cipher); 1137 OPENSSL_free(ctx); 1138} 1139 1140{- produce_param_decoder('key2any_set_ctx_params', 1141 (['ENCODER_PARAM_CIPHER', 'cipher', 'utf8_string'], 1142 ['ENCODER_PARAM_PROPERTIES', 'propq', 'utf8_string'], 1143 ['ENCODER_PARAM_SAVE_PARAMETERS', 'svprm', 'int'], 1144 )); -} 1145 1146static const OSSL_PARAM *key2any_settable_ctx_params(ossl_unused void *provctx) 1147{ 1148 return key2any_set_ctx_params_list; 1149} 1150 1151static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[]) 1152{ 1153 KEY2ANY_CTX *ctx = vctx; 1154 struct key2any_set_ctx_params_st p; 1155 1156 if (ctx == NULL || !key2any_set_ctx_params_decoder(params, &p)) 1157 return 0; 1158 1159 if (p.cipher != NULL) { 1160 const char *ciphername = NULL; 1161 const char *props = NULL; 1162 OSSL_LIB_CTX *libctx; 1163 1164 if (!OSSL_PARAM_get_utf8_string_ptr(p.cipher, &ciphername)) 1165 return 0; 1166 if (p.propq != NULL && !OSSL_PARAM_get_utf8_string_ptr(p.propq, &props)) 1167 return 0; 1168 1169 libctx = ossl_prov_ctx_get0_libctx(ctx->provctx); 1170 EVP_CIPHER_free(ctx->cipher); 1171 ctx->cipher = NULL; 1172 ctx->cipher_intent = ciphername != NULL; 1173 if (ciphername != NULL 1174 && ((ctx->cipher = 1175 EVP_CIPHER_fetch(libctx, ciphername, props)) == NULL)) 1176 return 0; 1177 } 1178 1179 if (p.svprm != NULL && !OSSL_PARAM_get_int(p.svprm, &ctx->save_parameters)) 1180 return 0; 1181 1182 return 1; 1183} 1184 1185static int key2any_check_selection(int selection, int selection_mask) 1186{ 1187 /* 1188 * The selections are kinda sorta "levels", i.e. each selection given 1189 * here is assumed to include those following. 1190 */ 1191 int checks[] = { 1192 OSSL_KEYMGMT_SELECT_PRIVATE_KEY, 1193 OSSL_KEYMGMT_SELECT_PUBLIC_KEY, 1194 OSSL_KEYMGMT_SELECT_ALL_PARAMETERS 1195 }; 1196 size_t i; 1197 1198 /* The decoder implementations made here support guessing */ 1199 if (selection == 0) 1200 return 1; 1201 1202 for (i = 0; i < OSSL_NELEM(checks); i++) { 1203 int check1 = (selection & checks[i]) != 0; 1204 int check2 = (selection_mask & checks[i]) != 0; 1205 1206 /* 1207 * If the caller asked for the currently checked bit(s), return 1208 * whether the decoder description says it's supported. 1209 */ 1210 if (check1) 1211 return check2; 1212 } 1213 1214 /* This should be dead code, but just to be safe... */ 1215 return 0; 1216} 1217 1218static int key2any_encode(KEY2ANY_CTX *ctx, OSSL_CORE_BIO *cout, 1219 const void *key, int type, const char *pemname, 1220 check_key_type_fn *checker, 1221 key_to_der_fn *writer, 1222 OSSL_PASSPHRASE_CALLBACK *pwcb, void *pwcbarg, 1223 key_to_paramstring_fn *key2paramstring, 1224 OSSL_i2d_of_void_ctx *key2der) 1225{ 1226 int ret = 0; 1227 1228 if (key == NULL) { 1229 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); 1230 } else if (writer != NULL 1231 && (checker == NULL || checker(key, type))) { 1232 BIO *out = ossl_bio_new_from_core_bio(ctx->provctx, cout); 1233 1234 if (out != NULL 1235 && (pwcb == NULL 1236 || ossl_pw_set_ossl_passphrase_cb(&ctx->pwdata, pwcb, pwcbarg))) 1237 ret = 1238 writer(out, key, type, pemname, key2paramstring, key2der, ctx); 1239 1240 BIO_free(out); 1241 } else { 1242 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); 1243 } 1244 return ret; 1245} 1246 1247#define DO_PRIVATE_KEY_selection_mask OSSL_KEYMGMT_SELECT_PRIVATE_KEY 1248#define DO_PRIVATE_KEY(impl, type, kind, output) \ 1249 if ((selection & DO_PRIVATE_KEY_selection_mask) != 0) \ 1250 return key2any_encode(ctx, cout, key, impl##_evp_type, \ 1251 impl##_pem_type " PRIVATE KEY", \ 1252 type##_check_key_type, \ 1253 key_to_##kind##_##output##_priv_bio, \ 1254 cb, cbarg, prepare_##type##_params, \ 1255 type##_##kind##_priv_to_der); 1256 1257#define DO_PUBLIC_KEY_selection_mask OSSL_KEYMGMT_SELECT_PUBLIC_KEY 1258#define DO_PUBLIC_KEY(impl, type, kind, output) \ 1259 if ((selection & DO_PUBLIC_KEY_selection_mask) != 0) \ 1260 return key2any_encode(ctx, cout, key, impl##_evp_type, \ 1261 impl##_pem_type " PUBLIC KEY", \ 1262 type##_check_key_type, \ 1263 key_to_##kind##_##output##_pub_bio, \ 1264 cb, cbarg, prepare_##type##_params, \ 1265 type##_##kind##_pub_to_der); 1266 1267#define DO_PARAMETERS_selection_mask OSSL_KEYMGMT_SELECT_ALL_PARAMETERS 1268#define DO_PARAMETERS(impl, type, kind, output) \ 1269 if ((selection & DO_PARAMETERS_selection_mask) != 0) \ 1270 return key2any_encode(ctx, cout, key, impl##_evp_type, \ 1271 impl##_pem_type " PARAMETERS", \ 1272 type##_check_key_type, \ 1273 key_to_##kind##_##output##_param_bio, \ 1274 NULL, NULL, NULL, \ 1275 type##_##kind##_params_to_der); 1276 1277/*- 1278 * Implement the kinds of output structure that can be produced. They are 1279 * referred to by name, and for each name, the following macros are defined 1280 * (braces not included): 1281 * 1282 * DO_{kind}_selection_mask 1283 * 1284 * A mask of selection bits that must not be zero. This is used as a 1285 * selection criterion for each implementation. 1286 * This mask must never be zero. 1287 * 1288 * DO_{kind} 1289 * 1290 * The performing macro. It must use the DO_ macros defined above, 1291 * always in this order: 1292 * 1293 * - DO_PRIVATE_KEY 1294 * - DO_PUBLIC_KEY 1295 * - DO_PARAMETERS 1296 * 1297 * Any of those may be omitted, but the relative order must still be 1298 * the same. 1299 */ 1300 1301/* 1302 * PKCS#8 defines two structures for private keys only: 1303 * - PrivateKeyInfo (raw unencrypted form) 1304 * - EncryptedPrivateKeyInfo (encrypted wrapping) 1305 * 1306 * To allow a certain amount of flexibility, we allow the routines 1307 * for PrivateKeyInfo to also produce EncryptedPrivateKeyInfo if a 1308 * passphrase callback has been passed to them. 1309 */ 1310#define DO_PrivateKeyInfo_selection_mask DO_PRIVATE_KEY_selection_mask 1311#define DO_PrivateKeyInfo(impl, type, output) \ 1312 DO_PRIVATE_KEY(impl, type, pki, output) 1313 1314#define DO_EncryptedPrivateKeyInfo_selection_mask DO_PRIVATE_KEY_selection_mask 1315#define DO_EncryptedPrivateKeyInfo(impl, type, output) \ 1316 DO_PRIVATE_KEY(impl, type, epki, output) 1317 1318/* SubjectPublicKeyInfo is a structure for public keys only */ 1319#define DO_SubjectPublicKeyInfo_selection_mask DO_PUBLIC_KEY_selection_mask 1320#define DO_SubjectPublicKeyInfo(impl, type, output) \ 1321 DO_PUBLIC_KEY(impl, type, spki, output) 1322 1323/* 1324 * "type-specific" is a uniform name for key type specific output for private 1325 * and public keys as well as key parameters. This is used internally in 1326 * libcrypto so it doesn't have to have special knowledge about select key 1327 * types, but also when no better name has been found. If there are more 1328 * expressive DO_ names above, those are preferred. 1329 * 1330 * Three forms exist: 1331 * 1332 * - type_specific_keypair Only supports private and public key 1333 * - type_specific_params Only supports parameters 1334 * - type_specific Supports all parts of an EVP_PKEY 1335 * - type_specific_no_pub Supports all parts of an EVP_PKEY 1336 * except public key 1337 */ 1338#define DO_type_specific_params_selection_mask DO_PARAMETERS_selection_mask 1339#define DO_type_specific_params(impl, type, output) \ 1340 DO_PARAMETERS(impl, type, type_specific, output) 1341#define DO_type_specific_keypair_selection_mask \ 1342 ( DO_PRIVATE_KEY_selection_mask | DO_PUBLIC_KEY_selection_mask ) 1343#define DO_type_specific_keypair(impl, type, output) \ 1344 DO_PRIVATE_KEY(impl, type, type_specific, output) \ 1345 DO_PUBLIC_KEY(impl, type, type_specific, output) 1346#define DO_type_specific_selection_mask \ 1347 ( DO_type_specific_keypair_selection_mask \ 1348 | DO_type_specific_params_selection_mask ) 1349#define DO_type_specific(impl, type, output) \ 1350 DO_type_specific_keypair(impl, type, output) \ 1351 DO_type_specific_params(impl, type, output) 1352#define DO_type_specific_no_pub_selection_mask \ 1353 ( DO_PRIVATE_KEY_selection_mask | DO_PARAMETERS_selection_mask) 1354#define DO_type_specific_no_pub(impl, type, output) \ 1355 DO_PRIVATE_KEY(impl, type, type_specific, output) \ 1356 DO_type_specific_params(impl, type, output) 1357 1358/* 1359 * Type specific aliases for the cases where we need to refer to them by 1360 * type name. 1361 * This only covers key types that are represented with i2d_{TYPE}PrivateKey, 1362 * i2d_{TYPE}PublicKey and i2d_{TYPE}params / i2d_{TYPE}Parameters. 1363 */ 1364#define DO_RSA_selection_mask DO_type_specific_keypair_selection_mask 1365#define DO_RSA(impl, type, output) DO_type_specific_keypair(impl, type, output) 1366 1367#define DO_DH_selection_mask DO_type_specific_params_selection_mask 1368#define DO_DH(impl, type, output) DO_type_specific_params(impl, type, output) 1369 1370#define DO_DHX_selection_mask DO_type_specific_params_selection_mask 1371#define DO_DHX(impl, type, output) DO_type_specific_params(impl, type, output) 1372 1373#define DO_DSA_selection_mask DO_type_specific_selection_mask 1374#define DO_DSA(impl, type, output) DO_type_specific(impl, type, output) 1375 1376#define DO_EC_selection_mask DO_type_specific_no_pub_selection_mask 1377#define DO_EC(impl, type, output) DO_type_specific_no_pub(impl, type, output) 1378 1379#define DO_SM2_selection_mask DO_type_specific_no_pub_selection_mask 1380#define DO_SM2(impl, type, output) DO_type_specific_no_pub(impl, type, output) 1381 1382/* PKCS#1 defines a structure for RSA private and public keys */ 1383#define DO_PKCS1_selection_mask DO_RSA_selection_mask 1384#define DO_PKCS1(impl, type, output) DO_RSA(impl, type, output) 1385 1386/* PKCS#3 defines a structure for DH parameters */ 1387#define DO_PKCS3_selection_mask DO_DH_selection_mask 1388#define DO_PKCS3(impl, type, output) DO_DH(impl, type, output) 1389/* X9.42 defines a structure for DHx parameters */ 1390#define DO_X9_42_selection_mask DO_DHX_selection_mask 1391#define DO_X9_42(impl, type, output) DO_DHX(impl, type, output) 1392 1393/* X9.62 defines a structure for EC keys and parameters */ 1394#define DO_X9_62_selection_mask DO_EC_selection_mask 1395#define DO_X9_62(impl, type, output) DO_EC(impl, type, output) 1396 1397/* 1398 * MAKE_ENCODER is the single driver for creating OSSL_DISPATCH tables. 1399 * It takes the following arguments: 1400 * 1401 * impl This is the key type name that's being implemented. 1402 * type This is the type name for the set of functions that implement 1403 * the key type. For example, ed25519, ed448, x25519 and x448 1404 * are all implemented with the exact same set of functions. 1405 * kind What kind of support to implement. These translate into 1406 * the DO_##kind macros above. 1407 * output The output type to implement. may be der or pem. 1408 * 1409 * The resulting OSSL_DISPATCH array gets the following name (expressed in 1410 * C preprocessor terms) from those arguments: 1411 * 1412 * ossl_##impl##_to_##kind##_##output##_encoder_functions 1413 */ 1414#define MAKE_ENCODER(impl, type, kind, output) \ 1415 static OSSL_FUNC_encoder_import_object_fn \ 1416 impl##_to_##kind##_##output##_import_object; \ 1417 static OSSL_FUNC_encoder_free_object_fn \ 1418 impl##_to_##kind##_##output##_free_object; \ 1419 static OSSL_FUNC_encoder_encode_fn \ 1420 impl##_to_##kind##_##output##_encode; \ 1421 \ 1422 static void * \ 1423 impl##_to_##kind##_##output##_import_object(void *vctx, int selection, \ 1424 const OSSL_PARAM params[]) \ 1425 { \ 1426 KEY2ANY_CTX *ctx = vctx; \ 1427 \ 1428 return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \ 1429 ctx->provctx, selection, params); \ 1430 } \ 1431 static void impl##_to_##kind##_##output##_free_object(void *key) \ 1432 { \ 1433 ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \ 1434 } \ 1435 static int impl##_to_##kind##_##output##_does_selection(void *ctx, \ 1436 int selection) \ 1437 { \ 1438 return key2any_check_selection(selection, \ 1439 DO_##kind##_selection_mask); \ 1440 } \ 1441 static int \ 1442 impl##_to_##kind##_##output##_encode(void *ctx, OSSL_CORE_BIO *cout, \ 1443 const void *key, \ 1444 const OSSL_PARAM key_abstract[], \ 1445 int selection, \ 1446 OSSL_PASSPHRASE_CALLBACK *cb, \ 1447 void *cbarg) \ 1448 { \ 1449 /* We don't deal with abstract objects */ \ 1450 if (key_abstract != NULL) { \ 1451 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ 1452 return 0; \ 1453 } \ 1454 DO_##kind(impl, type, output) \ 1455 \ 1456 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ 1457 return 0; \ 1458 } \ 1459 const OSSL_DISPATCH \ 1460 ossl_##impl##_to_##kind##_##output##_encoder_functions[] = { \ 1461 { OSSL_FUNC_ENCODER_NEWCTX, \ 1462 (void (*)(void))key2any_newctx }, \ 1463 { OSSL_FUNC_ENCODER_FREECTX, \ 1464 (void (*)(void))key2any_freectx }, \ 1465 { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS, \ 1466 (void (*)(void))key2any_settable_ctx_params }, \ 1467 { OSSL_FUNC_ENCODER_SET_CTX_PARAMS, \ 1468 (void (*)(void))key2any_set_ctx_params }, \ 1469 { OSSL_FUNC_ENCODER_DOES_SELECTION, \ 1470 (void (*)(void))impl##_to_##kind##_##output##_does_selection }, \ 1471 { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \ 1472 (void (*)(void))impl##_to_##kind##_##output##_import_object }, \ 1473 { OSSL_FUNC_ENCODER_FREE_OBJECT, \ 1474 (void (*)(void))impl##_to_##kind##_##output##_free_object }, \ 1475 { OSSL_FUNC_ENCODER_ENCODE, \ 1476 (void (*)(void))impl##_to_##kind##_##output##_encode }, \ 1477 OSSL_DISPATCH_END \ 1478 } 1479 1480/* 1481 * Replacements for i2d_{TYPE}PrivateKey, i2d_{TYPE}PublicKey, 1482 * i2d_{TYPE}params, as they exist. 1483 */ 1484MAKE_ENCODER(rsa, rsa, type_specific_keypair, der); 1485#ifndef OPENSSL_NO_DH 1486MAKE_ENCODER(dh, dh, type_specific_params, der); 1487MAKE_ENCODER(dhx, dh, type_specific_params, der); 1488#endif 1489#ifndef OPENSSL_NO_DSA 1490MAKE_ENCODER(dsa, dsa, type_specific, der); 1491#endif 1492#ifndef OPENSSL_NO_EC 1493MAKE_ENCODER(ec, ec, type_specific_no_pub, der); 1494# ifndef OPENSSL_NO_SM2 1495MAKE_ENCODER(sm2, ec, type_specific_no_pub, der); 1496# endif 1497#endif 1498 1499/* 1500 * Replacements for PEM_write_bio_{TYPE}PrivateKey, 1501 * PEM_write_bio_{TYPE}PublicKey, PEM_write_bio_{TYPE}params, as they exist. 1502 */ 1503MAKE_ENCODER(rsa, rsa, type_specific_keypair, pem); 1504#ifndef OPENSSL_NO_DH 1505MAKE_ENCODER(dh, dh, type_specific_params, pem); 1506MAKE_ENCODER(dhx, dh, type_specific_params, pem); 1507#endif 1508#ifndef OPENSSL_NO_DSA 1509MAKE_ENCODER(dsa, dsa, type_specific, pem); 1510#endif 1511#ifndef OPENSSL_NO_EC 1512MAKE_ENCODER(ec, ec, type_specific_no_pub, pem); 1513# ifndef OPENSSL_NO_SM2 1514MAKE_ENCODER(sm2, ec, type_specific_no_pub, pem); 1515# endif 1516#endif 1517 1518/* 1519 * PKCS#8 and SubjectPublicKeyInfo support. This may duplicate some of the 1520 * implementations specified above, but are more specific. 1521 * The SubjectPublicKeyInfo implementations also replace the 1522 * PEM_write_bio_{TYPE}_PUBKEY functions. 1523 * For PEM, these are expected to be used by PEM_write_bio_PrivateKey(), 1524 * PEM_write_bio_PUBKEY() and PEM_write_bio_Parameters(). 1525 */ 1526MAKE_ENCODER(rsa, rsa, EncryptedPrivateKeyInfo, der); 1527MAKE_ENCODER(rsa, rsa, EncryptedPrivateKeyInfo, pem); 1528MAKE_ENCODER(rsa, rsa, PrivateKeyInfo, der); 1529MAKE_ENCODER(rsa, rsa, PrivateKeyInfo, pem); 1530MAKE_ENCODER(rsa, rsa, SubjectPublicKeyInfo, der); 1531MAKE_ENCODER(rsa, rsa, SubjectPublicKeyInfo, pem); 1532MAKE_ENCODER(rsapss, rsa, EncryptedPrivateKeyInfo, der); 1533MAKE_ENCODER(rsapss, rsa, EncryptedPrivateKeyInfo, pem); 1534MAKE_ENCODER(rsapss, rsa, PrivateKeyInfo, der); 1535MAKE_ENCODER(rsapss, rsa, PrivateKeyInfo, pem); 1536MAKE_ENCODER(rsapss, rsa, SubjectPublicKeyInfo, der); 1537MAKE_ENCODER(rsapss, rsa, SubjectPublicKeyInfo, pem); 1538#ifndef OPENSSL_NO_DH 1539MAKE_ENCODER(dh, dh, EncryptedPrivateKeyInfo, der); 1540MAKE_ENCODER(dh, dh, EncryptedPrivateKeyInfo, pem); 1541MAKE_ENCODER(dh, dh, PrivateKeyInfo, der); 1542MAKE_ENCODER(dh, dh, PrivateKeyInfo, pem); 1543MAKE_ENCODER(dh, dh, SubjectPublicKeyInfo, der); 1544MAKE_ENCODER(dh, dh, SubjectPublicKeyInfo, pem); 1545MAKE_ENCODER(dhx, dh, EncryptedPrivateKeyInfo, der); 1546MAKE_ENCODER(dhx, dh, EncryptedPrivateKeyInfo, pem); 1547MAKE_ENCODER(dhx, dh, PrivateKeyInfo, der); 1548MAKE_ENCODER(dhx, dh, PrivateKeyInfo, pem); 1549MAKE_ENCODER(dhx, dh, SubjectPublicKeyInfo, der); 1550MAKE_ENCODER(dhx, dh, SubjectPublicKeyInfo, pem); 1551#endif 1552#ifndef OPENSSL_NO_DSA 1553MAKE_ENCODER(dsa, dsa, EncryptedPrivateKeyInfo, der); 1554MAKE_ENCODER(dsa, dsa, EncryptedPrivateKeyInfo, pem); 1555MAKE_ENCODER(dsa, dsa, PrivateKeyInfo, der); 1556MAKE_ENCODER(dsa, dsa, PrivateKeyInfo, pem); 1557MAKE_ENCODER(dsa, dsa, SubjectPublicKeyInfo, der); 1558MAKE_ENCODER(dsa, dsa, SubjectPublicKeyInfo, pem); 1559#endif 1560#ifndef OPENSSL_NO_EC 1561MAKE_ENCODER(ec, ec, EncryptedPrivateKeyInfo, der); 1562MAKE_ENCODER(ec, ec, EncryptedPrivateKeyInfo, pem); 1563MAKE_ENCODER(ec, ec, PrivateKeyInfo, der); 1564MAKE_ENCODER(ec, ec, PrivateKeyInfo, pem); 1565MAKE_ENCODER(ec, ec, SubjectPublicKeyInfo, der); 1566MAKE_ENCODER(ec, ec, SubjectPublicKeyInfo, pem); 1567# ifndef OPENSSL_NO_SM2 1568MAKE_ENCODER(sm2, ec, EncryptedPrivateKeyInfo, der); 1569MAKE_ENCODER(sm2, ec, EncryptedPrivateKeyInfo, pem); 1570MAKE_ENCODER(sm2, ec, PrivateKeyInfo, der); 1571MAKE_ENCODER(sm2, ec, PrivateKeyInfo, pem); 1572MAKE_ENCODER(sm2, ec, SubjectPublicKeyInfo, der); 1573MAKE_ENCODER(sm2, ec, SubjectPublicKeyInfo, pem); 1574# endif 1575# ifndef OPENSSL_NO_ECX 1576MAKE_ENCODER(ed25519, ecx, EncryptedPrivateKeyInfo, der); 1577MAKE_ENCODER(ed25519, ecx, EncryptedPrivateKeyInfo, pem); 1578MAKE_ENCODER(ed25519, ecx, PrivateKeyInfo, der); 1579MAKE_ENCODER(ed25519, ecx, PrivateKeyInfo, pem); 1580MAKE_ENCODER(ed25519, ecx, SubjectPublicKeyInfo, der); 1581MAKE_ENCODER(ed25519, ecx, SubjectPublicKeyInfo, pem); 1582MAKE_ENCODER(ed448, ecx, EncryptedPrivateKeyInfo, der); 1583MAKE_ENCODER(ed448, ecx, EncryptedPrivateKeyInfo, pem); 1584MAKE_ENCODER(ed448, ecx, PrivateKeyInfo, der); 1585MAKE_ENCODER(ed448, ecx, PrivateKeyInfo, pem); 1586MAKE_ENCODER(ed448, ecx, SubjectPublicKeyInfo, der); 1587MAKE_ENCODER(ed448, ecx, SubjectPublicKeyInfo, pem); 1588MAKE_ENCODER(x25519, ecx, EncryptedPrivateKeyInfo, der); 1589MAKE_ENCODER(x25519, ecx, EncryptedPrivateKeyInfo, pem); 1590MAKE_ENCODER(x25519, ecx, PrivateKeyInfo, der); 1591MAKE_ENCODER(x25519, ecx, PrivateKeyInfo, pem); 1592MAKE_ENCODER(x25519, ecx, SubjectPublicKeyInfo, der); 1593MAKE_ENCODER(x25519, ecx, SubjectPublicKeyInfo, pem); 1594MAKE_ENCODER(x448, ecx, EncryptedPrivateKeyInfo, der); 1595MAKE_ENCODER(x448, ecx, EncryptedPrivateKeyInfo, pem); 1596MAKE_ENCODER(x448, ecx, PrivateKeyInfo, der); 1597MAKE_ENCODER(x448, ecx, PrivateKeyInfo, pem); 1598MAKE_ENCODER(x448, ecx, SubjectPublicKeyInfo, der); 1599MAKE_ENCODER(x448, ecx, SubjectPublicKeyInfo, pem); 1600# endif 1601#endif 1602#ifndef OPENSSL_NO_SLH_DSA 1603MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, EncryptedPrivateKeyInfo, der); 1604MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, EncryptedPrivateKeyInfo, der); 1605MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, EncryptedPrivateKeyInfo, der); 1606MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, EncryptedPrivateKeyInfo, der); 1607MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, EncryptedPrivateKeyInfo, der); 1608MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, EncryptedPrivateKeyInfo, der); 1609MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, EncryptedPrivateKeyInfo, pem); 1610MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, EncryptedPrivateKeyInfo, pem); 1611MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, EncryptedPrivateKeyInfo, pem); 1612MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, EncryptedPrivateKeyInfo, pem); 1613MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, EncryptedPrivateKeyInfo, pem); 1614MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, EncryptedPrivateKeyInfo, pem); 1615MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, EncryptedPrivateKeyInfo, der); 1616MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, EncryptedPrivateKeyInfo, der); 1617MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, EncryptedPrivateKeyInfo, der); 1618MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, EncryptedPrivateKeyInfo, der); 1619MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, EncryptedPrivateKeyInfo, der); 1620MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, EncryptedPrivateKeyInfo, der); 1621MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, EncryptedPrivateKeyInfo, pem); 1622MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, EncryptedPrivateKeyInfo, pem); 1623MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, EncryptedPrivateKeyInfo, pem); 1624MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, EncryptedPrivateKeyInfo, pem); 1625MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, EncryptedPrivateKeyInfo, pem); 1626MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, EncryptedPrivateKeyInfo, pem); 1627MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, PrivateKeyInfo, der); 1628MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, PrivateKeyInfo, der); 1629MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, PrivateKeyInfo, der); 1630MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, PrivateKeyInfo, der); 1631MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, PrivateKeyInfo, der); 1632MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, PrivateKeyInfo, der); 1633MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, PrivateKeyInfo, pem); 1634MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, PrivateKeyInfo, pem); 1635MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, PrivateKeyInfo, pem); 1636MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, PrivateKeyInfo, pem); 1637MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, PrivateKeyInfo, pem); 1638MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, PrivateKeyInfo, pem); 1639MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, PrivateKeyInfo, der); 1640MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, PrivateKeyInfo, der); 1641MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, PrivateKeyInfo, der); 1642MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, PrivateKeyInfo, der); 1643MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, PrivateKeyInfo, der); 1644MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, PrivateKeyInfo, der); 1645MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, PrivateKeyInfo, pem); 1646MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, PrivateKeyInfo, pem); 1647MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, PrivateKeyInfo, pem); 1648MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, PrivateKeyInfo, pem); 1649MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, PrivateKeyInfo, pem); 1650MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, PrivateKeyInfo, pem); 1651MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, SubjectPublicKeyInfo, der); 1652MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, SubjectPublicKeyInfo, der); 1653MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, SubjectPublicKeyInfo, der); 1654MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, SubjectPublicKeyInfo, der); 1655MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, SubjectPublicKeyInfo, der); 1656MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, SubjectPublicKeyInfo, der); 1657MAKE_ENCODER(slh_dsa_sha2_128s, slh_dsa, SubjectPublicKeyInfo, pem); 1658MAKE_ENCODER(slh_dsa_sha2_128f, slh_dsa, SubjectPublicKeyInfo, pem); 1659MAKE_ENCODER(slh_dsa_sha2_192s, slh_dsa, SubjectPublicKeyInfo, pem); 1660MAKE_ENCODER(slh_dsa_sha2_192f, slh_dsa, SubjectPublicKeyInfo, pem); 1661MAKE_ENCODER(slh_dsa_sha2_256s, slh_dsa, SubjectPublicKeyInfo, pem); 1662MAKE_ENCODER(slh_dsa_sha2_256f, slh_dsa, SubjectPublicKeyInfo, pem); 1663MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, SubjectPublicKeyInfo, der); 1664MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, SubjectPublicKeyInfo, der); 1665MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, SubjectPublicKeyInfo, der); 1666MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, SubjectPublicKeyInfo, der); 1667MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, SubjectPublicKeyInfo, der); 1668MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, SubjectPublicKeyInfo, der); 1669MAKE_ENCODER(slh_dsa_shake_128s, slh_dsa, SubjectPublicKeyInfo, pem); 1670MAKE_ENCODER(slh_dsa_shake_128f, slh_dsa, SubjectPublicKeyInfo, pem); 1671MAKE_ENCODER(slh_dsa_shake_192s, slh_dsa, SubjectPublicKeyInfo, pem); 1672MAKE_ENCODER(slh_dsa_shake_192f, slh_dsa, SubjectPublicKeyInfo, pem); 1673MAKE_ENCODER(slh_dsa_shake_256s, slh_dsa, SubjectPublicKeyInfo, pem); 1674MAKE_ENCODER(slh_dsa_shake_256f, slh_dsa, SubjectPublicKeyInfo, pem); 1675#endif /* OPENSSL_NO_SLH_DSA */ 1676 1677#ifndef OPENSSL_NO_ML_KEM 1678MAKE_ENCODER(ml_kem_512, ml_kem, EncryptedPrivateKeyInfo, der); 1679MAKE_ENCODER(ml_kem_512, ml_kem, EncryptedPrivateKeyInfo, pem); 1680MAKE_ENCODER(ml_kem_512, ml_kem, PrivateKeyInfo, der); 1681MAKE_ENCODER(ml_kem_512, ml_kem, PrivateKeyInfo, pem); 1682MAKE_ENCODER(ml_kem_512, ml_kem, SubjectPublicKeyInfo, der); 1683MAKE_ENCODER(ml_kem_512, ml_kem, SubjectPublicKeyInfo, pem); 1684 1685MAKE_ENCODER(ml_kem_768, ml_kem, EncryptedPrivateKeyInfo, der); 1686MAKE_ENCODER(ml_kem_768, ml_kem, EncryptedPrivateKeyInfo, pem); 1687MAKE_ENCODER(ml_kem_768, ml_kem, PrivateKeyInfo, der); 1688MAKE_ENCODER(ml_kem_768, ml_kem, PrivateKeyInfo, pem); 1689MAKE_ENCODER(ml_kem_768, ml_kem, SubjectPublicKeyInfo, der); 1690MAKE_ENCODER(ml_kem_768, ml_kem, SubjectPublicKeyInfo, pem); 1691 1692MAKE_ENCODER(ml_kem_1024, ml_kem, EncryptedPrivateKeyInfo, der); 1693MAKE_ENCODER(ml_kem_1024, ml_kem, EncryptedPrivateKeyInfo, pem); 1694MAKE_ENCODER(ml_kem_1024, ml_kem, PrivateKeyInfo, der); 1695MAKE_ENCODER(ml_kem_1024, ml_kem, PrivateKeyInfo, pem); 1696MAKE_ENCODER(ml_kem_1024, ml_kem, SubjectPublicKeyInfo, der); 1697MAKE_ENCODER(ml_kem_1024, ml_kem, SubjectPublicKeyInfo, pem); 1698#endif 1699 1700/* 1701 * Support for key type specific output formats. Not all key types have 1702 * this, we only aim to duplicate what is available in 1.1.1 as 1703 * i2d_TYPEPrivateKey(), i2d_TYPEPublicKey() and i2d_TYPEparams(). 1704 * For example, there are no publicly available i2d_ function for 1705 * ED25519, ED448, X25519 or X448, and they therefore only have PKCS#8 1706 * and SubjectPublicKeyInfo implementations as implemented above. 1707 */ 1708MAKE_ENCODER(rsa, rsa, RSA, der); 1709MAKE_ENCODER(rsa, rsa, RSA, pem); 1710#ifndef OPENSSL_NO_DH 1711MAKE_ENCODER(dh, dh, DH, der); 1712MAKE_ENCODER(dh, dh, DH, pem); 1713MAKE_ENCODER(dhx, dh, DHX, der); 1714MAKE_ENCODER(dhx, dh, DHX, pem); 1715#endif 1716#ifndef OPENSSL_NO_DSA 1717MAKE_ENCODER(dsa, dsa, DSA, der); 1718MAKE_ENCODER(dsa, dsa, DSA, pem); 1719#endif 1720#ifndef OPENSSL_NO_EC 1721MAKE_ENCODER(ec, ec, EC, der); 1722MAKE_ENCODER(ec, ec, EC, pem); 1723# ifndef OPENSSL_NO_SM2 1724MAKE_ENCODER(sm2, ec, SM2, der); 1725MAKE_ENCODER(sm2, ec, SM2, pem); 1726# endif 1727#endif 1728 1729/* Convenience structure names */ 1730MAKE_ENCODER(rsa, rsa, PKCS1, der); 1731MAKE_ENCODER(rsa, rsa, PKCS1, pem); 1732MAKE_ENCODER(rsapss, rsa, PKCS1, der); 1733MAKE_ENCODER(rsapss, rsa, PKCS1, pem); 1734#ifndef OPENSSL_NO_DH 1735MAKE_ENCODER(dh, dh, PKCS3, der); /* parameters only */ 1736MAKE_ENCODER(dh, dh, PKCS3, pem); /* parameters only */ 1737MAKE_ENCODER(dhx, dh, X9_42, der); /* parameters only */ 1738MAKE_ENCODER(dhx, dh, X9_42, pem); /* parameters only */ 1739#endif 1740#ifndef OPENSSL_NO_EC 1741MAKE_ENCODER(ec, ec, X9_62, der); 1742MAKE_ENCODER(ec, ec, X9_62, pem); 1743#endif 1744 1745#ifndef OPENSSL_NO_ML_DSA 1746MAKE_ENCODER(ml_dsa_44, ml_dsa, EncryptedPrivateKeyInfo, der); 1747MAKE_ENCODER(ml_dsa_44, ml_dsa, EncryptedPrivateKeyInfo, pem); 1748MAKE_ENCODER(ml_dsa_44, ml_dsa, PrivateKeyInfo, der); 1749MAKE_ENCODER(ml_dsa_44, ml_dsa, PrivateKeyInfo, pem); 1750MAKE_ENCODER(ml_dsa_44, ml_dsa, SubjectPublicKeyInfo, der); 1751MAKE_ENCODER(ml_dsa_44, ml_dsa, SubjectPublicKeyInfo, pem); 1752 1753MAKE_ENCODER(ml_dsa_65, ml_dsa, EncryptedPrivateKeyInfo, der); 1754MAKE_ENCODER(ml_dsa_65, ml_dsa, EncryptedPrivateKeyInfo, pem); 1755MAKE_ENCODER(ml_dsa_65, ml_dsa, PrivateKeyInfo, der); 1756MAKE_ENCODER(ml_dsa_65, ml_dsa, PrivateKeyInfo, pem); 1757MAKE_ENCODER(ml_dsa_65, ml_dsa, SubjectPublicKeyInfo, der); 1758MAKE_ENCODER(ml_dsa_65, ml_dsa, SubjectPublicKeyInfo, pem); 1759 1760MAKE_ENCODER(ml_dsa_87, ml_dsa, EncryptedPrivateKeyInfo, der); 1761MAKE_ENCODER(ml_dsa_87, ml_dsa, EncryptedPrivateKeyInfo, pem); 1762MAKE_ENCODER(ml_dsa_87, ml_dsa, PrivateKeyInfo, der); 1763MAKE_ENCODER(ml_dsa_87, ml_dsa, PrivateKeyInfo, pem); 1764MAKE_ENCODER(ml_dsa_87, ml_dsa, SubjectPublicKeyInfo, der); 1765MAKE_ENCODER(ml_dsa_87, ml_dsa, SubjectPublicKeyInfo, pem); 1766#endif /* OPENSSL_NO_ML_DSA */ 1767