]>
Commit | Line | Data |
---|---|---|
7c664b1f | 1 | /* |
a28d06f3 | 2 | * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. |
7c664b1f RL |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | /* | |
11 | * low level APIs are deprecated for public use, but still ok for | |
12 | * internal use. | |
13 | */ | |
14 | #include "internal/deprecated.h" | |
15 | ||
16 | #include <openssl/core_dispatch.h> | |
17 | #include <openssl/core_names.h> | |
14c8a3d1 | 18 | #include <openssl/core_object.h> |
7c664b1f | 19 | #include <openssl/crypto.h> |
8ae40cf5 | 20 | #include <openssl/err.h> |
7c664b1f | 21 | #include <openssl/params.h> |
8ae40cf5 RL |
22 | #include <openssl/pem.h> /* PEM_BUFSIZE and public PEM functions */ |
23 | #include <openssl/pkcs12.h> | |
7c664b1f | 24 | #include <openssl/x509.h> |
2741128e | 25 | #include <openssl/proverr.h> |
8ae40cf5 RL |
26 | #include "internal/cryptlib.h" /* ossl_assert() */ |
27 | #include "internal/asn1.h" | |
6963979f RL |
28 | #include "crypto/dh.h" |
29 | #include "crypto/dsa.h" | |
30 | #include "crypto/ec.h" | |
576892d7 | 31 | #include "crypto/evp.h" |
8ae40cf5 | 32 | #include "crypto/ecx.h" |
6963979f | 33 | #include "crypto/rsa.h" |
10315851 | 34 | #include "crypto/x509.h" |
7c664b1f RL |
35 | #include "prov/bio.h" |
36 | #include "prov/implementations.h" | |
8ae40cf5 | 37 | #include "endecoder_local.h" |
7c664b1f | 38 | |
6963979f | 39 | struct der2key_ctx_st; /* Forward declaration */ |
65ef000e RL |
40 | typedef int check_key_fn(void *, struct der2key_ctx_st *ctx); |
41 | typedef void adjust_key_fn(void *, struct der2key_ctx_st *ctx); | |
42 | typedef void free_key_fn(void *); | |
cf333799 RL |
43 | typedef void *d2i_PKCS8_fn(void **, const unsigned char **, long, |
44 | struct der2key_ctx_st *, | |
45 | OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg); | |
7c664b1f | 46 | struct keytype_desc_st { |
2c090c1d | 47 | const char *keytype_name; |
7c664b1f RL |
48 | const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */ |
49 | ||
2c090c1d RL |
50 | /* The input structure name */ |
51 | const char *structure_name; | |
52 | ||
53 | /* | |
54 | * The EVP_PKEY_xxx type macro. Should be zero for type specific | |
55 | * structures, non-zero when the outermost structure is PKCS#8 or | |
56 | * SubjectPublicKeyInfo. This determines which of the function | |
57 | * pointers below will be used. | |
58 | */ | |
59 | int evp_type; | |
60 | ||
61 | /* The selection mask for OSSL_FUNC_decoder_does_selection() */ | |
62 | int selection_mask; | |
63 | ||
64 | /* For type specific decoders, we use the corresponding d2i */ | |
06f67612 RL |
65 | d2i_of_void *d2i_private_key; /* From type-specific DER */ |
66 | d2i_of_void *d2i_public_key; /* From type-specific DER */ | |
67 | d2i_of_void *d2i_key_params; /* From type-specific DER */ | |
cf333799 | 68 | d2i_PKCS8_fn *d2i_PKCS8; /* Wrapped in a PKCS#8, possibly encrypted */ |
06f67612 | 69 | d2i_of_void *d2i_PUBKEY; /* Wrapped in a SubjectPublicKeyInfo */ |
6963979f | 70 | |
65ef000e RL |
71 | /* |
72 | * For any key, we may need to check that the key meets expectations. | |
73 | * This is useful when the same functions can decode several variants | |
74 | * of a key. | |
75 | */ | |
76 | check_key_fn *check_key; | |
77 | ||
6963979f RL |
78 | /* |
79 | * For any key, we may need to make provider specific adjustments, such | |
80 | * as ensure the key carries the correct library context. | |
81 | */ | |
82 | adjust_key_fn *adjust_key; | |
2c090c1d | 83 | /* {type}_free() */ |
7c664b1f RL |
84 | free_key_fn *free_key; |
85 | }; | |
86 | ||
87 | /* | |
ece9304c | 88 | * Context used for DER to key decoding. |
7c664b1f RL |
89 | */ |
90 | struct der2key_ctx_st { | |
91 | PROV_CTX *provctx; | |
92 | const struct keytype_desc_st *desc; | |
cf333799 RL |
93 | /* Flag used to signal that a failure is fatal */ |
94 | unsigned int flag_fatal : 1; | |
7c664b1f RL |
95 | }; |
96 | ||
cf333799 RL |
97 | static int read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin, |
98 | unsigned char **data, long *len) | |
99 | { | |
100 | BUF_MEM *mem = NULL; | |
101 | BIO *in = ossl_bio_new_from_core_bio(provctx, cin); | |
102 | int ok = (asn1_d2i_read_bio(in, &mem) >= 0); | |
103 | ||
104 | if (ok) { | |
105 | *data = (unsigned char *)mem->data; | |
106 | *len = (long)mem->length; | |
107 | OPENSSL_free(mem); | |
108 | } | |
109 | BIO_free(in); | |
110 | return ok; | |
111 | } | |
112 | ||
113 | typedef void *key_from_pkcs8_t(const PKCS8_PRIV_KEY_INFO *p8inf, | |
114 | OSSL_LIB_CTX *libctx, const char *propq); | |
115 | static void *der2key_decode_p8(const unsigned char **input_der, | |
116 | long input_der_len, struct der2key_ctx_st *ctx, | |
117 | OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg, | |
118 | key_from_pkcs8_t *key_from_pkcs8) | |
119 | { | |
120 | X509_SIG *p8 = NULL; | |
121 | PKCS8_PRIV_KEY_INFO *p8inf = NULL; | |
122 | const X509_ALGOR *alg = NULL; | |
123 | void *key = NULL; | |
124 | ||
125 | ctx->flag_fatal = 0; | |
9cc97ddf | 126 | |
8be513ae | 127 | ERR_set_mark(); |
cf333799 RL |
128 | if ((p8 = d2i_X509_SIG(NULL, input_der, input_der_len)) != NULL) { |
129 | char pbuf[PEM_BUFSIZE]; | |
130 | size_t plen = 0; | |
131 | ||
8be513ae DB |
132 | ERR_clear_last_mark(); |
133 | ||
cf333799 RL |
134 | if (!pw_cb(pbuf, sizeof(pbuf), &plen, NULL, pw_cbarg)) |
135 | ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE); | |
136 | else | |
137 | p8inf = PKCS8_decrypt(p8, pbuf, plen); | |
138 | if (p8inf == NULL) | |
139 | ctx->flag_fatal = 1; | |
140 | X509_SIG_free(p8); | |
141 | } else { | |
8be513ae DB |
142 | /* Pop any errors that might have been raised by d2i_X509_SIG. */ |
143 | ERR_pop_to_mark(); | |
cf333799 RL |
144 | p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, input_der, input_der_len); |
145 | } | |
146 | if (p8inf != NULL | |
147 | && PKCS8_pkey_get0(NULL, NULL, NULL, &alg, p8inf) | |
148 | && OBJ_obj2nid(alg->algorithm) == ctx->desc->evp_type) | |
149 | key = key_from_pkcs8(p8inf, PROV_LIBCTX_OF(ctx->provctx), NULL); | |
150 | PKCS8_PRIV_KEY_INFO_free(p8inf); | |
9cc97ddf | 151 | |
cf333799 RL |
152 | return key; |
153 | } | |
154 | ||
155 | /* ---------------------------------------------------------------------- */ | |
156 | ||
157 | static OSSL_FUNC_decoder_freectx_fn der2key_freectx; | |
158 | static OSSL_FUNC_decoder_decode_fn der2key_decode; | |
159 | static OSSL_FUNC_decoder_export_object_fn der2key_export_object; | |
160 | ||
7c664b1f RL |
161 | static struct der2key_ctx_st * |
162 | der2key_newctx(void *provctx, const struct keytype_desc_st *desc) | |
163 | { | |
164 | struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); | |
165 | ||
166 | if (ctx != NULL) { | |
167 | ctx->provctx = provctx; | |
168 | ctx->desc = desc; | |
169 | } | |
170 | return ctx; | |
171 | } | |
172 | ||
173 | static void der2key_freectx(void *vctx) | |
174 | { | |
175 | struct der2key_ctx_st *ctx = vctx; | |
176 | ||
177 | OPENSSL_free(ctx); | |
178 | } | |
179 | ||
2c090c1d RL |
180 | static const OSSL_PARAM * |
181 | der2key_gettable_params(void *provctx, const struct keytype_desc_st *desc) | |
7c664b1f RL |
182 | { |
183 | static const OSSL_PARAM gettables[] = { | |
ece9304c | 184 | { OSSL_DECODER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 }, |
7c664b1f RL |
185 | OSSL_PARAM_END, |
186 | }; | |
2c090c1d RL |
187 | static const OSSL_PARAM gettables_w_structure[] = { |
188 | { OSSL_DECODER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 }, | |
189 | { OSSL_DECODER_PARAM_INPUT_STRUCTURE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 }, | |
190 | OSSL_PARAM_END, | |
191 | }; | |
7c664b1f | 192 | |
2c090c1d | 193 | return desc->structure_name != NULL ? gettables_w_structure : gettables; |
7c664b1f RL |
194 | } |
195 | ||
2c090c1d RL |
196 | static int der2key_get_params(OSSL_PARAM params[], |
197 | const struct keytype_desc_st *desc) | |
7c664b1f RL |
198 | { |
199 | OSSL_PARAM *p; | |
200 | ||
ece9304c | 201 | p = OSSL_PARAM_locate(params, OSSL_DECODER_PARAM_INPUT_TYPE); |
7c664b1f RL |
202 | if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "DER")) |
203 | return 0; | |
2c090c1d RL |
204 | if (desc->structure_name != NULL) { |
205 | p = OSSL_PARAM_locate(params, OSSL_DECODER_PARAM_INPUT_STRUCTURE); | |
206 | if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, desc->structure_name)) | |
207 | return 0; | |
208 | } | |
7c664b1f RL |
209 | |
210 | return 1; | |
211 | } | |
212 | ||
2c090c1d RL |
213 | static int der2key_check_selection(int selection, |
214 | const struct keytype_desc_st *desc) | |
215 | { | |
216 | /* | |
217 | * The selections are kinda sorta "levels", i.e. each selection given | |
218 | * here is assumed to include those following. | |
219 | */ | |
220 | int checks[] = { | |
221 | OSSL_KEYMGMT_SELECT_PRIVATE_KEY, | |
222 | OSSL_KEYMGMT_SELECT_PUBLIC_KEY, | |
223 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS | |
224 | }; | |
225 | size_t i; | |
226 | ||
227 | /* The decoder implementations made here support guessing */ | |
228 | if (selection == 0) | |
229 | return 1; | |
230 | ||
231 | for (i = 0; i < OSSL_NELEM(checks); i++) { | |
232 | int check1 = (selection & checks[i]) != 0; | |
233 | int check2 = (desc->selection_mask & checks[i]) != 0; | |
234 | ||
235 | /* | |
236 | * If the caller asked for the currently checked bit(s), return | |
237 | * whether the decoder description says it's supported. | |
238 | */ | |
239 | if (check1) | |
240 | return check2; | |
241 | } | |
242 | ||
243 | /* This should be dead code, but just to be safe... */ | |
244 | return 0; | |
245 | } | |
246 | ||
247 | static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, | |
ece9304c RL |
248 | OSSL_CALLBACK *data_cb, void *data_cbarg, |
249 | OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) | |
7c664b1f RL |
250 | { |
251 | struct der2key_ctx_st *ctx = vctx; | |
7c664b1f RL |
252 | unsigned char *der = NULL; |
253 | const unsigned char *derp; | |
254 | long der_len = 0; | |
7c664b1f | 255 | void *key = NULL; |
2c090c1d | 256 | int orig_selection = selection; |
66066e1b | 257 | int ok = 0; |
7c664b1f | 258 | |
7c664b1f | 259 | /* |
2c090c1d RL |
260 | * The caller is allowed to specify 0 as a selection mark, to have the |
261 | * structure and key type guessed. For type-specific structures, this | |
262 | * is not recommended, as some structures are very similar. | |
263 | * Note that 0 isn't the same as OSSL_KEYMGMT_SELECT_ALL, as the latter | |
264 | * signifies a private key structure, where everything else is assumed | |
265 | * to be present as well. | |
7c664b1f | 266 | */ |
2c090c1d RL |
267 | if (selection == 0) |
268 | selection = ctx->desc->selection_mask; | |
269 | if ((selection & ctx->desc->selection_mask) == 0) { | |
270 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); | |
271 | return 0; | |
7c664b1f RL |
272 | } |
273 | ||
9cc97ddf RL |
274 | ok = read_der(ctx->provctx, cin, &der, &der_len); |
275 | if (!ok) | |
65ef000e | 276 | goto next; |
7c664b1f | 277 | |
9cc97ddf RL |
278 | ok = 0; /* Assume that we fail */ |
279 | ||
cf333799 | 280 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
b5b6669f | 281 | derp = der; |
cf333799 RL |
282 | if (ctx->desc->d2i_PKCS8 != NULL) { |
283 | key = ctx->desc->d2i_PKCS8(NULL, &derp, der_len, ctx, | |
284 | pw_cb, pw_cbarg); | |
285 | if (ctx->flag_fatal) | |
286 | goto end; | |
287 | } else if (ctx->desc->d2i_private_key != NULL) { | |
288 | key = ctx->desc->d2i_private_key(NULL, &derp, der_len); | |
289 | } | |
65ef000e RL |
290 | if (key == NULL && orig_selection != 0) |
291 | goto next; | |
292 | } | |
cf333799 | 293 | if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { |
65ef000e | 294 | derp = der; |
06f67612 RL |
295 | if (ctx->desc->d2i_PUBKEY != NULL) |
296 | key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len); | |
297 | else | |
298 | key = ctx->desc->d2i_public_key(NULL, &derp, der_len); | |
65ef000e RL |
299 | if (key == NULL && orig_selection != 0) |
300 | goto next; | |
301 | } | |
cf333799 | 302 | if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) { |
65ef000e | 303 | derp = der; |
cf333799 RL |
304 | if (ctx->desc->d2i_key_params != NULL) |
305 | key = ctx->desc->d2i_key_params(NULL, &derp, der_len); | |
306 | if (key == NULL && orig_selection != 0) | |
307 | goto next; | |
7c664b1f | 308 | } |
9cc97ddf RL |
309 | |
310 | /* | |
311 | * Last minute check to see if this was the correct type of key. This | |
312 | * should never lead to a fatal error, i.e. the decoding itself was | |
313 | * correct, it was just an unexpected key type. This is generally for | |
314 | * classes of key types that have subtle variants, like RSA-PSS keys as | |
315 | * opposed to plain RSA keys. | |
316 | */ | |
65ef000e RL |
317 | if (key != NULL |
318 | && ctx->desc->check_key != NULL | |
319 | && !ctx->desc->check_key(key, ctx)) { | |
9cc97ddf RL |
320 | ctx->desc->free_key(key); |
321 | key = NULL; | |
65ef000e RL |
322 | } |
323 | ||
6963979f RL |
324 | if (key != NULL && ctx->desc->adjust_key != NULL) |
325 | ctx->desc->adjust_key(key, ctx); | |
326 | ||
65ef000e | 327 | next: |
2c090c1d | 328 | /* |
9cc97ddf RL |
329 | * Indicated that we successfully decoded something, or not at all. |
330 | * Ending up "empty handed" is not an error. | |
2c090c1d | 331 | */ |
9cc97ddf | 332 | ok = 1; |
2c090c1d | 333 | |
65ef000e RL |
334 | /* |
335 | * We free memory here so it's not held up during the callback, because | |
336 | * we know the process is recursive and the allocated chunks of memory | |
337 | * add up. | |
338 | */ | |
7c664b1f | 339 | OPENSSL_free(der); |
65ef000e | 340 | der = NULL; |
7c664b1f RL |
341 | |
342 | if (key != NULL) { | |
14c8a3d1 RL |
343 | OSSL_PARAM params[4]; |
344 | int object_type = OSSL_OBJECT_PKEY; | |
7c664b1f RL |
345 | |
346 | params[0] = | |
14c8a3d1 RL |
347 | OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); |
348 | params[1] = | |
349 | OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, | |
2c090c1d RL |
350 | (char *)ctx->desc->keytype_name, |
351 | 0); | |
7c664b1f | 352 | /* The address of the key becomes the octet string */ |
14c8a3d1 RL |
353 | params[2] = |
354 | OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, | |
7c664b1f | 355 | &key, sizeof(key)); |
14c8a3d1 | 356 | params[3] = OSSL_PARAM_construct_end(); |
7c664b1f RL |
357 | |
358 | ok = data_cb(params, data_cbarg); | |
359 | } | |
65ef000e RL |
360 | |
361 | end: | |
7c664b1f | 362 | ctx->desc->free_key(key); |
65ef000e | 363 | OPENSSL_free(der); |
7c664b1f RL |
364 | |
365 | return ok; | |
366 | } | |
367 | ||
368 | static int der2key_export_object(void *vctx, | |
369 | const void *reference, size_t reference_sz, | |
370 | OSSL_CALLBACK *export_cb, void *export_cbarg) | |
371 | { | |
372 | struct der2key_ctx_st *ctx = vctx; | |
373 | OSSL_FUNC_keymgmt_export_fn *export = | |
374 | ossl_prov_get_keymgmt_export(ctx->desc->fns); | |
375 | void *keydata; | |
376 | ||
377 | if (reference_sz == sizeof(keydata) && export != NULL) { | |
378 | /* The contents of the reference is the address to our object */ | |
379 | keydata = *(void **)reference; | |
380 | ||
381 | return export(keydata, OSSL_KEYMGMT_SELECT_ALL, | |
382 | export_cb, export_cbarg); | |
383 | } | |
384 | return 0; | |
385 | } | |
386 | ||
2c090c1d RL |
387 | /* ---------------------------------------------------------------------- */ |
388 | ||
389 | #ifndef OPENSSL_NO_DH | |
390 | # define dh_evp_type EVP_PKEY_DH | |
2c090c1d RL |
391 | # define dh_d2i_private_key NULL |
392 | # define dh_d2i_public_key NULL | |
393 | # define dh_d2i_key_params (d2i_of_void *)d2i_DHparams | |
cf333799 RL |
394 | |
395 | static void *dh_d2i_PKCS8(void **key, const unsigned char **der, long der_len, | |
396 | struct der2key_ctx_st *ctx, | |
397 | OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) | |
398 | { | |
399 | return der2key_decode_p8(der, der_len, ctx, pw_cb, pw_cbarg, | |
400 | (key_from_pkcs8_t *)ossl_dh_key_from_pkcs8); | |
401 | } | |
402 | ||
06f67612 | 403 | # define dh_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DH_PUBKEY |
2c090c1d | 404 | # define dh_free (free_key_fn *)DH_free |
65ef000e | 405 | # define dh_check NULL |
2c090c1d | 406 | |
6963979f RL |
407 | static void dh_adjust(void *key, struct der2key_ctx_st *ctx) |
408 | { | |
409 | ossl_dh_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); | |
410 | } | |
411 | ||
2c090c1d | 412 | # define dhx_evp_type EVP_PKEY_DHX |
2c090c1d RL |
413 | # define dhx_d2i_private_key NULL |
414 | # define dhx_d2i_public_key NULL | |
415 | # define dhx_d2i_key_params (d2i_of_void *)d2i_DHxparams | |
cf333799 | 416 | # define dhx_d2i_PKCS8 dh_d2i_PKCS8 |
06f67612 | 417 | # define dhx_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DHx_PUBKEY |
2c090c1d | 418 | # define dhx_free (free_key_fn *)DH_free |
65ef000e | 419 | # define dhx_check NULL |
6963979f | 420 | # define dhx_adjust dh_adjust |
2c090c1d RL |
421 | #endif |
422 | ||
423 | /* ---------------------------------------------------------------------- */ | |
424 | ||
425 | #ifndef OPENSSL_NO_DSA | |
426 | # define dsa_evp_type EVP_PKEY_DSA | |
2c090c1d RL |
427 | # define dsa_d2i_private_key (d2i_of_void *)d2i_DSAPrivateKey |
428 | # define dsa_d2i_public_key (d2i_of_void *)d2i_DSAPublicKey | |
429 | # define dsa_d2i_key_params (d2i_of_void *)d2i_DSAparams | |
cf333799 RL |
430 | |
431 | static void *dsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len, | |
432 | struct der2key_ctx_st *ctx, | |
433 | OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) | |
434 | { | |
435 | return der2key_decode_p8(der, der_len, ctx, pw_cb, pw_cbarg, | |
436 | (key_from_pkcs8_t *)ossl_dsa_key_from_pkcs8); | |
437 | } | |
438 | ||
06f67612 | 439 | # define dsa_d2i_PUBKEY (d2i_of_void *)d2i_DSA_PUBKEY |
2c090c1d | 440 | # define dsa_free (free_key_fn *)DSA_free |
65ef000e | 441 | # define dsa_check NULL |
6963979f RL |
442 | |
443 | static void dsa_adjust(void *key, struct der2key_ctx_st *ctx) | |
444 | { | |
445 | ossl_dsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); | |
446 | } | |
2c090c1d RL |
447 | #endif |
448 | ||
449 | /* ---------------------------------------------------------------------- */ | |
450 | ||
451 | #ifndef OPENSSL_NO_EC | |
452 | # define ec_evp_type EVP_PKEY_EC | |
2c090c1d RL |
453 | # define ec_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey |
454 | # define ec_d2i_public_key NULL | |
455 | # define ec_d2i_key_params (d2i_of_void *)d2i_ECParameters | |
cf333799 RL |
456 | |
457 | static void *ec_d2i_PKCS8(void **key, const unsigned char **der, long der_len, | |
458 | struct der2key_ctx_st *ctx, | |
459 | OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) | |
460 | { | |
461 | return der2key_decode_p8(der, der_len, ctx, pw_cb, pw_cbarg, | |
462 | (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); | |
463 | } | |
464 | ||
06f67612 | 465 | # define ec_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY |
2c090c1d RL |
466 | # define ec_free (free_key_fn *)EC_KEY_free |
467 | ||
65ef000e RL |
468 | static int ec_check(void *key, struct der2key_ctx_st *ctx) |
469 | { | |
470 | /* We're trying to be clever by comparing two truths */ | |
471 | ||
472 | int sm2 = (EC_KEY_get_flags(key) & EC_FLAG_SM2_RANGE) != 0; | |
473 | ||
474 | return sm2 == (ctx->desc->evp_type == EVP_PKEY_SM2); | |
475 | } | |
476 | ||
6963979f RL |
477 | static void ec_adjust(void *key, struct der2key_ctx_st *ctx) |
478 | { | |
32ab57cb | 479 | ossl_ec_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); |
6963979f RL |
480 | } |
481 | ||
2c090c1d RL |
482 | /* |
483 | * ED25519, ED448, X25519, X448 only implement PKCS#8 and SubjectPublicKeyInfo, | |
484 | * so no d2i functions to be had. | |
485 | */ | |
6963979f | 486 | |
cf333799 RL |
487 | static void *ecx_d2i_PKCS8(void **key, const unsigned char **der, long der_len, |
488 | struct der2key_ctx_st *ctx, | |
489 | OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) | |
490 | { | |
491 | return der2key_decode_p8(der, der_len, ctx, pw_cb, pw_cbarg, | |
492 | (key_from_pkcs8_t *)ossl_ecx_key_from_pkcs8); | |
493 | } | |
494 | ||
6963979f RL |
495 | static void ecx_key_adjust(void *key, struct der2key_ctx_st *ctx) |
496 | { | |
32ab57cb | 497 | ossl_ecx_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); |
6963979f RL |
498 | } |
499 | ||
2c090c1d | 500 | # define ed25519_evp_type EVP_PKEY_ED25519 |
2c090c1d RL |
501 | # define ed25519_d2i_private_key NULL |
502 | # define ed25519_d2i_public_key NULL | |
503 | # define ed25519_d2i_key_params NULL | |
cf333799 | 504 | # define ed25519_d2i_PKCS8 ecx_d2i_PKCS8 |
06f67612 | 505 | # define ed25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED25519_PUBKEY |
32ab57cb | 506 | # define ed25519_free (free_key_fn *)ossl_ecx_key_free |
65ef000e | 507 | # define ed25519_check NULL |
6963979f | 508 | # define ed25519_adjust ecx_key_adjust |
2c090c1d RL |
509 | |
510 | # define ed448_evp_type EVP_PKEY_ED448 | |
2c090c1d RL |
511 | # define ed448_d2i_private_key NULL |
512 | # define ed448_d2i_public_key NULL | |
513 | # define ed448_d2i_key_params NULL | |
cf333799 | 514 | # define ed448_d2i_PKCS8 ecx_d2i_PKCS8 |
06f67612 | 515 | # define ed448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED448_PUBKEY |
32ab57cb | 516 | # define ed448_free (free_key_fn *)ossl_ecx_key_free |
65ef000e | 517 | # define ed448_check NULL |
6963979f | 518 | # define ed448_adjust ecx_key_adjust |
2c090c1d RL |
519 | |
520 | # define x25519_evp_type EVP_PKEY_X25519 | |
2c090c1d RL |
521 | # define x25519_d2i_private_key NULL |
522 | # define x25519_d2i_public_key NULL | |
523 | # define x25519_d2i_key_params NULL | |
cf333799 | 524 | # define x25519_d2i_PKCS8 ecx_d2i_PKCS8 |
06f67612 | 525 | # define x25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X25519_PUBKEY |
32ab57cb | 526 | # define x25519_free (free_key_fn *)ossl_ecx_key_free |
65ef000e | 527 | # define x25519_check NULL |
6963979f | 528 | # define x25519_adjust ecx_key_adjust |
2c090c1d RL |
529 | |
530 | # define x448_evp_type EVP_PKEY_X448 | |
2c090c1d RL |
531 | # define x448_d2i_private_key NULL |
532 | # define x448_d2i_public_key NULL | |
533 | # define x448_d2i_key_params NULL | |
cf333799 | 534 | # define x448_d2i_PKCS8 ecx_d2i_PKCS8 |
06f67612 | 535 | # define x448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X448_PUBKEY |
32ab57cb | 536 | # define x448_free (free_key_fn *)ossl_ecx_key_free |
65ef000e | 537 | # define x448_check NULL |
6963979f | 538 | # define x448_adjust ecx_key_adjust |
f2db0528 RL |
539 | |
540 | # ifndef OPENSSL_NO_SM2 | |
541 | # define sm2_evp_type EVP_PKEY_SM2 | |
f2db0528 RL |
542 | # define sm2_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey |
543 | # define sm2_d2i_public_key NULL | |
544 | # define sm2_d2i_key_params (d2i_of_void *)d2i_ECParameters | |
cf333799 RL |
545 | |
546 | static void *sm2_d2i_PKCS8(void **key, const unsigned char **der, long der_len, | |
547 | struct der2key_ctx_st *ctx, | |
548 | OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) | |
549 | { | |
550 | return der2key_decode_p8(der, der_len, ctx, pw_cb, pw_cbarg, | |
551 | (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); | |
552 | } | |
553 | ||
06f67612 | 554 | # define sm2_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY |
f2db0528 | 555 | # define sm2_free (free_key_fn *)EC_KEY_free |
65ef000e | 556 | # define sm2_check ec_check |
f2db0528 RL |
557 | # define sm2_adjust ec_adjust |
558 | # endif | |
2c090c1d RL |
559 | #endif |
560 | ||
561 | /* ---------------------------------------------------------------------- */ | |
562 | ||
563 | #define rsa_evp_type EVP_PKEY_RSA | |
2c090c1d RL |
564 | #define rsa_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey |
565 | #define rsa_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey | |
566 | #define rsa_d2i_key_params NULL | |
cf333799 RL |
567 | |
568 | static void *rsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len, | |
569 | struct der2key_ctx_st *ctx, | |
570 | OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) | |
571 | { | |
572 | return der2key_decode_p8(der, der_len, ctx, pw_cb, pw_cbarg, | |
573 | (key_from_pkcs8_t *)ossl_rsa_key_from_pkcs8); | |
574 | } | |
575 | ||
06f67612 | 576 | #define rsa_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY |
2c090c1d RL |
577 | #define rsa_free (free_key_fn *)RSA_free |
578 | ||
65ef000e RL |
579 | static int rsa_check(void *key, struct der2key_ctx_st *ctx) |
580 | { | |
581 | switch (RSA_test_flags(key, RSA_FLAG_TYPE_MASK)) { | |
582 | case RSA_FLAG_TYPE_RSA: | |
583 | return ctx->desc->evp_type == EVP_PKEY_RSA; | |
584 | case RSA_FLAG_TYPE_RSASSAPSS: | |
585 | return ctx->desc->evp_type == EVP_PKEY_RSA_PSS; | |
586 | } | |
587 | ||
588 | /* Currently unsupported RSA key type */ | |
589 | return 0; | |
590 | } | |
591 | ||
6963979f RL |
592 | static void rsa_adjust(void *key, struct der2key_ctx_st *ctx) |
593 | { | |
594 | ossl_rsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); | |
595 | } | |
596 | ||
2c090c1d | 597 | #define rsapss_evp_type EVP_PKEY_RSA_PSS |
2c090c1d RL |
598 | #define rsapss_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey |
599 | #define rsapss_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey | |
600 | #define rsapss_d2i_key_params NULL | |
cf333799 | 601 | #define rsapss_d2i_PKCS8 rsa_d2i_PKCS8 |
06f67612 | 602 | #define rsapss_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY |
2c090c1d | 603 | #define rsapss_free (free_key_fn *)RSA_free |
65ef000e | 604 | #define rsapss_check rsa_check |
6963979f | 605 | #define rsapss_adjust rsa_adjust |
2c090c1d RL |
606 | |
607 | /* ---------------------------------------------------------------------- */ | |
608 | ||
609 | /* | |
610 | * The DO_ macros help define the selection mask and the method functions | |
611 | * for each kind of object we want to decode. | |
612 | */ | |
613 | #define DO_type_specific_keypair(keytype) \ | |
65ef000e | 614 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
615 | ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ |
616 | keytype##_d2i_private_key, \ | |
617 | keytype##_d2i_public_key, \ | |
618 | NULL, \ | |
619 | NULL, \ | |
06f67612 | 620 | NULL, \ |
65ef000e | 621 | keytype##_check, \ |
6963979f | 622 | keytype##_adjust, \ |
2c090c1d RL |
623 | keytype##_free |
624 | ||
625 | #define DO_type_specific_pub(keytype) \ | |
65ef000e | 626 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
627 | ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ |
628 | NULL, \ | |
629 | keytype##_d2i_public_key, \ | |
630 | NULL, \ | |
631 | NULL, \ | |
06f67612 | 632 | NULL, \ |
65ef000e | 633 | keytype##_check, \ |
6963979f | 634 | keytype##_adjust, \ |
2c090c1d RL |
635 | keytype##_free |
636 | ||
637 | #define DO_type_specific_priv(keytype) \ | |
65ef000e | 638 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
639 | ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ |
640 | keytype##_d2i_private_key, \ | |
641 | NULL, \ | |
642 | NULL, \ | |
643 | NULL, \ | |
06f67612 | 644 | NULL, \ |
65ef000e | 645 | keytype##_check, \ |
6963979f | 646 | keytype##_adjust, \ |
2c090c1d RL |
647 | keytype##_free |
648 | ||
649 | #define DO_type_specific_params(keytype) \ | |
65ef000e | 650 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
651 | ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ |
652 | NULL, \ | |
653 | NULL, \ | |
654 | keytype##_d2i_key_params, \ | |
655 | NULL, \ | |
06f67612 | 656 | NULL, \ |
65ef000e | 657 | keytype##_check, \ |
6963979f | 658 | keytype##_adjust, \ |
2c090c1d RL |
659 | keytype##_free |
660 | ||
661 | #define DO_type_specific(keytype) \ | |
65ef000e | 662 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
663 | ( OSSL_KEYMGMT_SELECT_ALL ), \ |
664 | keytype##_d2i_private_key, \ | |
665 | keytype##_d2i_public_key, \ | |
666 | keytype##_d2i_key_params, \ | |
667 | NULL, \ | |
06f67612 | 668 | NULL, \ |
65ef000e | 669 | keytype##_check, \ |
6963979f | 670 | keytype##_adjust, \ |
2c090c1d RL |
671 | keytype##_free |
672 | ||
673 | #define DO_type_specific_no_pub(keytype) \ | |
65ef000e | 674 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
675 | ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ |
676 | | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ | |
677 | keytype##_d2i_private_key, \ | |
678 | NULL, \ | |
679 | keytype##_d2i_key_params, \ | |
680 | NULL, \ | |
06f67612 | 681 | NULL, \ |
65ef000e | 682 | keytype##_check, \ |
6963979f | 683 | keytype##_adjust, \ |
2c090c1d RL |
684 | keytype##_free |
685 | ||
686 | #define DO_PKCS8(keytype) \ | |
687 | "pkcs8", keytype##_evp_type, \ | |
688 | ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ | |
689 | NULL, \ | |
690 | NULL, \ | |
691 | NULL, \ | |
cf333799 | 692 | keytype##_d2i_PKCS8, \ |
06f67612 | 693 | NULL, \ |
65ef000e | 694 | keytype##_check, \ |
6963979f | 695 | keytype##_adjust, \ |
2c090c1d RL |
696 | keytype##_free |
697 | ||
698 | #define DO_SubjectPublicKeyInfo(keytype) \ | |
699 | "SubjectPublicKeyInfo", keytype##_evp_type, \ | |
700 | ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ | |
701 | NULL, \ | |
702 | NULL, \ | |
703 | NULL, \ | |
cf333799 | 704 | NULL, \ |
06f67612 | 705 | keytype##_d2i_PUBKEY, \ |
65ef000e | 706 | keytype##_check, \ |
6963979f | 707 | keytype##_adjust, \ |
2c090c1d RL |
708 | keytype##_free |
709 | ||
710 | #define DO_DH(keytype) \ | |
65ef000e | 711 | "DH", keytype##_evp_type, \ |
2c090c1d RL |
712 | ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ |
713 | NULL, \ | |
714 | NULL, \ | |
715 | keytype##_d2i_key_params, \ | |
716 | NULL, \ | |
06f67612 | 717 | NULL, \ |
65ef000e | 718 | keytype##_check, \ |
6963979f | 719 | keytype##_adjust, \ |
2c090c1d RL |
720 | keytype##_free |
721 | ||
722 | #define DO_DHX(keytype) \ | |
65ef000e | 723 | "DHX", keytype##_evp_type, \ |
2c090c1d RL |
724 | ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ |
725 | NULL, \ | |
726 | NULL, \ | |
727 | keytype##_d2i_key_params, \ | |
728 | NULL, \ | |
06f67612 | 729 | NULL, \ |
65ef000e | 730 | keytype##_check, \ |
6963979f | 731 | keytype##_adjust, \ |
2c090c1d RL |
732 | keytype##_free |
733 | ||
734 | #define DO_DSA(keytype) \ | |
65ef000e | 735 | "DSA", keytype##_evp_type, \ |
2c090c1d RL |
736 | ( OSSL_KEYMGMT_SELECT_ALL ), \ |
737 | keytype##_d2i_private_key, \ | |
738 | keytype##_d2i_public_key, \ | |
739 | keytype##_d2i_key_params, \ | |
740 | NULL, \ | |
06f67612 | 741 | NULL, \ |
65ef000e | 742 | keytype##_check, \ |
6963979f | 743 | keytype##_adjust, \ |
2c090c1d RL |
744 | keytype##_free |
745 | ||
746 | #define DO_EC(keytype) \ | |
65ef000e | 747 | "EC", keytype##_evp_type, \ |
2c090c1d RL |
748 | ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ |
749 | | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ | |
750 | keytype##_d2i_private_key, \ | |
751 | NULL, \ | |
752 | keytype##_d2i_key_params, \ | |
753 | NULL, \ | |
06f67612 | 754 | NULL, \ |
65ef000e | 755 | keytype##_check, \ |
6963979f | 756 | keytype##_adjust, \ |
2c090c1d RL |
757 | keytype##_free |
758 | ||
759 | #define DO_RSA(keytype) \ | |
65ef000e | 760 | "RSA", keytype##_evp_type, \ |
2c090c1d RL |
761 | ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ |
762 | keytype##_d2i_private_key, \ | |
763 | keytype##_d2i_public_key, \ | |
764 | NULL, \ | |
765 | NULL, \ | |
06f67612 | 766 | NULL, \ |
65ef000e | 767 | keytype##_check, \ |
6963979f | 768 | keytype##_adjust, \ |
2c090c1d RL |
769 | keytype##_free |
770 | ||
771 | /* | |
772 | * MAKE_DECODER is the single driver for creating OSSL_DISPATCH tables. | |
773 | * It takes the following arguments: | |
774 | * | |
775 | * keytype_name The implementation key type as a string. | |
776 | * keytype The implementation key type. This must correspond exactly | |
777 | * to our existing keymgmt keytype names... in other words, | |
778 | * there must exist an ossl_##keytype##_keymgmt_functions. | |
779 | * type The type name for the set of functions that implement the | |
780 | * decoder for the key type. This isn't necessarily the same | |
781 | * as keytype. For example, the key types ed25519, ed448, | |
782 | * x25519 and x448 are all handled by the same functions with | |
783 | * the common type name ecx. | |
784 | * kind The kind of support to implement. This translates into | |
785 | * the DO_##kind macros above, to populate the keytype_desc_st | |
786 | * structure. | |
787 | */ | |
788 | #define MAKE_DECODER(keytype_name, keytype, type, kind) \ | |
789 | static const struct keytype_desc_st kind##_##keytype##_desc = \ | |
790 | { keytype_name, ossl_##keytype##_keymgmt_functions, \ | |
791 | DO_##kind(keytype) }; \ | |
792 | \ | |
793 | static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \ | |
794 | static OSSL_FUNC_decoder_gettable_params_fn \ | |
795 | kind##_der2##keytype##_gettable_params; \ | |
796 | static OSSL_FUNC_decoder_get_params_fn \ | |
797 | kind##_der2##keytype##_get_params; \ | |
798 | \ | |
799 | static void *kind##_der2##keytype##_newctx(void *provctx) \ | |
800 | { \ | |
801 | return der2key_newctx(provctx, &kind##_##keytype##_desc); \ | |
802 | } \ | |
803 | static const OSSL_PARAM * \ | |
804 | kind##_der2##keytype##_gettable_params(void *provctx) \ | |
805 | { \ | |
806 | return \ | |
807 | der2key_gettable_params(provctx, &kind##_##keytype##_desc); \ | |
808 | } \ | |
809 | static int kind##_der2##keytype##_get_params(OSSL_PARAM params[]) \ | |
810 | { \ | |
811 | return der2key_get_params(params, &kind##_##keytype##_desc); \ | |
812 | } \ | |
813 | static int kind##_der2##keytype##_does_selection(void *provctx, \ | |
814 | int selection) \ | |
7c664b1f | 815 | { \ |
2c090c1d RL |
816 | return der2key_check_selection(selection, \ |
817 | &kind##_##keytype##_desc); \ | |
7c664b1f | 818 | } \ |
2c090c1d RL |
819 | const OSSL_DISPATCH \ |
820 | ossl_##kind##_der_to_##keytype##_decoder_functions[] = { \ | |
ece9304c | 821 | { OSSL_FUNC_DECODER_NEWCTX, \ |
2c090c1d | 822 | (void (*)(void))kind##_der2##keytype##_newctx }, \ |
ece9304c | 823 | { OSSL_FUNC_DECODER_FREECTX, \ |
7c664b1f | 824 | (void (*)(void))der2key_freectx }, \ |
ece9304c | 825 | { OSSL_FUNC_DECODER_GETTABLE_PARAMS, \ |
2c090c1d | 826 | (void (*)(void))kind##_der2##keytype##_gettable_params }, \ |
ece9304c | 827 | { OSSL_FUNC_DECODER_GET_PARAMS, \ |
2c090c1d RL |
828 | (void (*)(void))kind##_der2##keytype##_get_params }, \ |
829 | { OSSL_FUNC_DECODER_DOES_SELECTION, \ | |
830 | (void (*)(void))kind##_der2##keytype##_does_selection }, \ | |
ece9304c RL |
831 | { OSSL_FUNC_DECODER_DECODE, \ |
832 | (void (*)(void))der2key_decode }, \ | |
833 | { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ | |
7c664b1f RL |
834 | (void (*)(void))der2key_export_object }, \ |
835 | { 0, NULL } \ | |
836 | } | |
837 | ||
838 | #ifndef OPENSSL_NO_DH | |
2c090c1d RL |
839 | MAKE_DECODER("DH", dh, dh, PKCS8); |
840 | MAKE_DECODER("DH", dh, dh, SubjectPublicKeyInfo); | |
841 | MAKE_DECODER("DH", dh, dh, type_specific_params); | |
842 | MAKE_DECODER("DH", dh, dh, DH); | |
843 | MAKE_DECODER("DHX", dhx, dhx, PKCS8); | |
844 | MAKE_DECODER("DHX", dhx, dhx, SubjectPublicKeyInfo); | |
845 | MAKE_DECODER("DHX", dhx, dhx, type_specific_params); | |
846 | MAKE_DECODER("DHX", dhx, dhx, DHX); | |
7c664b1f RL |
847 | #endif |
848 | #ifndef OPENSSL_NO_DSA | |
2c090c1d RL |
849 | MAKE_DECODER("DSA", dsa, dsa, PKCS8); |
850 | MAKE_DECODER("DSA", dsa, dsa, SubjectPublicKeyInfo); | |
851 | MAKE_DECODER("DSA", dsa, dsa, type_specific); | |
852 | MAKE_DECODER("DSA", dsa, dsa, DSA); | |
7c664b1f RL |
853 | #endif |
854 | #ifndef OPENSSL_NO_EC | |
2c090c1d RL |
855 | MAKE_DECODER("EC", ec, ec, PKCS8); |
856 | MAKE_DECODER("EC", ec, ec, SubjectPublicKeyInfo); | |
857 | MAKE_DECODER("EC", ec, ec, type_specific_no_pub); | |
858 | MAKE_DECODER("EC", ec, ec, EC); | |
859 | MAKE_DECODER("X25519", x25519, ecx, PKCS8); | |
860 | MAKE_DECODER("X25519", x25519, ecx, SubjectPublicKeyInfo); | |
861 | MAKE_DECODER("X448", x448, ecx, PKCS8); | |
862 | MAKE_DECODER("X448", x448, ecx, SubjectPublicKeyInfo); | |
863 | MAKE_DECODER("ED25519", ed25519, ecx, PKCS8); | |
864 | MAKE_DECODER("ED25519", ed25519, ecx, SubjectPublicKeyInfo); | |
865 | MAKE_DECODER("ED448", ed448, ecx, PKCS8); | |
866 | MAKE_DECODER("ED448", ed448, ecx, SubjectPublicKeyInfo); | |
f2db0528 RL |
867 | # ifndef OPENSSL_NO_SM2 |
868 | MAKE_DECODER("SM2", sm2, ec, PKCS8); | |
869 | MAKE_DECODER("SM2", sm2, ec, SubjectPublicKeyInfo); | |
870 | # endif | |
7c664b1f | 871 | #endif |
2c090c1d RL |
872 | MAKE_DECODER("RSA", rsa, rsa, PKCS8); |
873 | MAKE_DECODER("RSA", rsa, rsa, SubjectPublicKeyInfo); | |
874 | MAKE_DECODER("RSA", rsa, rsa, type_specific_keypair); | |
875 | MAKE_DECODER("RSA", rsa, rsa, RSA); | |
876 | MAKE_DECODER("RSA-PSS", rsapss, rsapss, PKCS8); | |
877 | MAKE_DECODER("RSA-PSS", rsapss, rsapss, SubjectPublicKeyInfo); |