]>
Commit | Line | Data |
---|---|---|
7c664b1f | 1 | /* |
a28d06f3 | 2 | * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. |
7c664b1f RL |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | /* | |
11 | * low level APIs are deprecated for public use, but still ok for | |
12 | * internal use. | |
13 | */ | |
14 | #include "internal/deprecated.h" | |
15 | ||
16 | #include <openssl/core_dispatch.h> | |
17 | #include <openssl/core_names.h> | |
14c8a3d1 | 18 | #include <openssl/core_object.h> |
7c664b1f | 19 | #include <openssl/crypto.h> |
8ae40cf5 | 20 | #include <openssl/err.h> |
7c664b1f | 21 | #include <openssl/params.h> |
8ae40cf5 RL |
22 | #include <openssl/pem.h> /* PEM_BUFSIZE and public PEM functions */ |
23 | #include <openssl/pkcs12.h> | |
7c664b1f | 24 | #include <openssl/x509.h> |
2741128e | 25 | #include <openssl/proverr.h> |
8ae40cf5 RL |
26 | #include "internal/cryptlib.h" /* ossl_assert() */ |
27 | #include "internal/asn1.h" | |
6963979f RL |
28 | #include "crypto/dh.h" |
29 | #include "crypto/dsa.h" | |
30 | #include "crypto/ec.h" | |
576892d7 | 31 | #include "crypto/evp.h" |
8ae40cf5 | 32 | #include "crypto/ecx.h" |
6963979f | 33 | #include "crypto/rsa.h" |
10315851 | 34 | #include "crypto/x509.h" |
7c664b1f RL |
35 | #include "prov/bio.h" |
36 | #include "prov/implementations.h" | |
8ae40cf5 | 37 | #include "endecoder_local.h" |
7c664b1f | 38 | |
66066e1b DDO |
39 | #define SET_ERR_MARK() ERR_set_mark() |
40 | #define CLEAR_ERR_MARK() \ | |
41 | do { \ | |
42 | int err = ERR_peek_last_error(); \ | |
43 | \ | |
44 | if (ERR_GET_LIB(err) == ERR_LIB_ASN1 \ | |
45 | && (ERR_GET_REASON(err) == ASN1_R_HEADER_TOO_LONG \ | |
46 | || ERR_GET_REASON(err) == ASN1_R_UNSUPPORTED_TYPE \ | |
65ef000e RL |
47 | || ERR_GET_REASON(err) == ERR_R_NESTED_ASN1_ERROR \ |
48 | || ERR_GET_REASON(err) == ASN1_R_NOT_ENOUGH_DATA)) \ | |
66066e1b DDO |
49 | ERR_pop_to_mark(); \ |
50 | else \ | |
51 | ERR_clear_last_mark(); \ | |
52 | } while(0) | |
53 | #define RESET_ERR_MARK() \ | |
54 | do { \ | |
55 | CLEAR_ERR_MARK(); \ | |
56 | SET_ERR_MARK(); \ | |
57 | } while(0) | |
58 | ||
8ae40cf5 RL |
59 | static int read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin, |
60 | unsigned char **data, long *len) | |
61 | { | |
62 | BUF_MEM *mem = NULL; | |
9500c823 | 63 | BIO *in = ossl_bio_new_from_core_bio(provctx, cin); |
8ae40cf5 RL |
64 | int ok = (asn1_d2i_read_bio(in, &mem) >= 0); |
65 | ||
66 | if (ok) { | |
67 | *data = (unsigned char *)mem->data; | |
68 | *len = (long)mem->length; | |
69 | OPENSSL_free(mem); | |
70 | } | |
71 | BIO_free(in); | |
72 | return ok; | |
73 | } | |
74 | ||
75 | static int der_from_p8(unsigned char **new_der, long *new_der_len, | |
76 | unsigned char *input_der, long input_der_len, | |
77 | OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) | |
78 | { | |
79 | const unsigned char *derp; | |
80 | X509_SIG *p8 = NULL; | |
81 | int ok = 0; | |
82 | ||
83 | if (!ossl_assert(new_der != NULL && *new_der == NULL) | |
84 | || !ossl_assert(new_der_len != NULL)) | |
85 | return 0; | |
86 | ||
87 | derp = input_der; | |
88 | if ((p8 = d2i_X509_SIG(NULL, &derp, input_der_len)) != NULL) { | |
89 | char pbuf[PEM_BUFSIZE]; | |
90 | size_t plen = 0; | |
91 | ||
92 | if (!pw_cb(pbuf, sizeof(pbuf), &plen, NULL, pw_cbarg)) { | |
f5f29796 | 93 | ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE); |
8ae40cf5 RL |
94 | } else { |
95 | const X509_ALGOR *alg = NULL; | |
96 | const ASN1_OCTET_STRING *oct = NULL; | |
97 | int len = 0; | |
98 | ||
99 | X509_SIG_get0(p8, &alg, &oct); | |
100 | if (PKCS12_pbe_crypt(alg, pbuf, plen, oct->data, oct->length, | |
101 | new_der, &len, 0) != NULL) | |
102 | ok = 1; | |
103 | *new_der_len = len; | |
104 | } | |
105 | } | |
106 | X509_SIG_free(p8); | |
107 | return ok; | |
108 | } | |
109 | ||
110 | /* ---------------------------------------------------------------------- */ | |
7c664b1f | 111 | |
ece9304c | 112 | static OSSL_FUNC_decoder_freectx_fn der2key_freectx; |
ece9304c RL |
113 | static OSSL_FUNC_decoder_decode_fn der2key_decode; |
114 | static OSSL_FUNC_decoder_export_object_fn der2key_export_object; | |
7c664b1f | 115 | |
6963979f | 116 | struct der2key_ctx_st; /* Forward declaration */ |
65ef000e RL |
117 | typedef void *extract_key_fn(EVP_PKEY *); |
118 | typedef int check_key_fn(void *, struct der2key_ctx_st *ctx); | |
119 | typedef void adjust_key_fn(void *, struct der2key_ctx_st *ctx); | |
120 | typedef void free_key_fn(void *); | |
7c664b1f | 121 | struct keytype_desc_st { |
2c090c1d | 122 | const char *keytype_name; |
7c664b1f RL |
123 | const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */ |
124 | ||
2c090c1d RL |
125 | /* The input structure name */ |
126 | const char *structure_name; | |
127 | ||
128 | /* | |
129 | * The EVP_PKEY_xxx type macro. Should be zero for type specific | |
130 | * structures, non-zero when the outermost structure is PKCS#8 or | |
131 | * SubjectPublicKeyInfo. This determines which of the function | |
132 | * pointers below will be used. | |
133 | */ | |
134 | int evp_type; | |
135 | ||
136 | /* The selection mask for OSSL_FUNC_decoder_does_selection() */ | |
137 | int selection_mask; | |
138 | ||
139 | /* For type specific decoders, we use the corresponding d2i */ | |
06f67612 RL |
140 | d2i_of_void *d2i_private_key; /* From type-specific DER */ |
141 | d2i_of_void *d2i_public_key; /* From type-specific DER */ | |
142 | d2i_of_void *d2i_key_params; /* From type-specific DER */ | |
143 | d2i_of_void *d2i_PUBKEY; /* Wrapped in a SubjectPublicKeyInfo */ | |
6963979f | 144 | |
7c664b1f | 145 | /* |
2c090c1d | 146 | * For PKCS#8 decoders, we use EVP_PKEY extractors, EVP_PKEY_get1_{TYPE}() |
7c664b1f RL |
147 | */ |
148 | extract_key_fn *extract_key; | |
65ef000e RL |
149 | |
150 | /* | |
151 | * For any key, we may need to check that the key meets expectations. | |
152 | * This is useful when the same functions can decode several variants | |
153 | * of a key. | |
154 | */ | |
155 | check_key_fn *check_key; | |
156 | ||
6963979f RL |
157 | /* |
158 | * For any key, we may need to make provider specific adjustments, such | |
159 | * as ensure the key carries the correct library context. | |
160 | */ | |
161 | adjust_key_fn *adjust_key; | |
2c090c1d | 162 | /* {type}_free() */ |
7c664b1f RL |
163 | free_key_fn *free_key; |
164 | }; | |
165 | ||
166 | /* | |
ece9304c | 167 | * Context used for DER to key decoding. |
7c664b1f RL |
168 | */ |
169 | struct der2key_ctx_st { | |
170 | PROV_CTX *provctx; | |
171 | const struct keytype_desc_st *desc; | |
172 | }; | |
173 | ||
174 | static struct der2key_ctx_st * | |
175 | der2key_newctx(void *provctx, const struct keytype_desc_st *desc) | |
176 | { | |
177 | struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); | |
178 | ||
179 | if (ctx != NULL) { | |
180 | ctx->provctx = provctx; | |
181 | ctx->desc = desc; | |
182 | } | |
183 | return ctx; | |
184 | } | |
185 | ||
186 | static void der2key_freectx(void *vctx) | |
187 | { | |
188 | struct der2key_ctx_st *ctx = vctx; | |
189 | ||
190 | OPENSSL_free(ctx); | |
191 | } | |
192 | ||
2c090c1d RL |
193 | static const OSSL_PARAM * |
194 | der2key_gettable_params(void *provctx, const struct keytype_desc_st *desc) | |
7c664b1f RL |
195 | { |
196 | static const OSSL_PARAM gettables[] = { | |
ece9304c | 197 | { OSSL_DECODER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 }, |
7c664b1f RL |
198 | OSSL_PARAM_END, |
199 | }; | |
2c090c1d RL |
200 | static const OSSL_PARAM gettables_w_structure[] = { |
201 | { OSSL_DECODER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 }, | |
202 | { OSSL_DECODER_PARAM_INPUT_STRUCTURE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 }, | |
203 | OSSL_PARAM_END, | |
204 | }; | |
7c664b1f | 205 | |
2c090c1d | 206 | return desc->structure_name != NULL ? gettables_w_structure : gettables; |
7c664b1f RL |
207 | } |
208 | ||
2c090c1d RL |
209 | static int der2key_get_params(OSSL_PARAM params[], |
210 | const struct keytype_desc_st *desc) | |
7c664b1f RL |
211 | { |
212 | OSSL_PARAM *p; | |
213 | ||
ece9304c | 214 | p = OSSL_PARAM_locate(params, OSSL_DECODER_PARAM_INPUT_TYPE); |
7c664b1f RL |
215 | if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "DER")) |
216 | return 0; | |
2c090c1d RL |
217 | if (desc->structure_name != NULL) { |
218 | p = OSSL_PARAM_locate(params, OSSL_DECODER_PARAM_INPUT_STRUCTURE); | |
219 | if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, desc->structure_name)) | |
220 | return 0; | |
221 | } | |
7c664b1f RL |
222 | |
223 | return 1; | |
224 | } | |
225 | ||
2c090c1d RL |
226 | static int der2key_check_selection(int selection, |
227 | const struct keytype_desc_st *desc) | |
228 | { | |
229 | /* | |
230 | * The selections are kinda sorta "levels", i.e. each selection given | |
231 | * here is assumed to include those following. | |
232 | */ | |
233 | int checks[] = { | |
234 | OSSL_KEYMGMT_SELECT_PRIVATE_KEY, | |
235 | OSSL_KEYMGMT_SELECT_PUBLIC_KEY, | |
236 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS | |
237 | }; | |
238 | size_t i; | |
239 | ||
240 | /* The decoder implementations made here support guessing */ | |
241 | if (selection == 0) | |
242 | return 1; | |
243 | ||
244 | for (i = 0; i < OSSL_NELEM(checks); i++) { | |
245 | int check1 = (selection & checks[i]) != 0; | |
246 | int check2 = (desc->selection_mask & checks[i]) != 0; | |
247 | ||
248 | /* | |
249 | * If the caller asked for the currently checked bit(s), return | |
250 | * whether the decoder description says it's supported. | |
251 | */ | |
252 | if (check1) | |
253 | return check2; | |
254 | } | |
255 | ||
256 | /* This should be dead code, but just to be safe... */ | |
257 | return 0; | |
258 | } | |
259 | ||
260 | static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, | |
ece9304c RL |
261 | OSSL_CALLBACK *data_cb, void *data_cbarg, |
262 | OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) | |
7c664b1f RL |
263 | { |
264 | struct der2key_ctx_st *ctx = vctx; | |
a829b735 | 265 | void *libctx = PROV_LIBCTX_OF(ctx->provctx); |
7c664b1f RL |
266 | unsigned char *der = NULL; |
267 | const unsigned char *derp; | |
268 | long der_len = 0; | |
269 | unsigned char *new_der = NULL; | |
270 | long new_der_len; | |
271 | EVP_PKEY *pkey = NULL; | |
272 | void *key = NULL; | |
2c090c1d | 273 | int orig_selection = selection; |
66066e1b | 274 | int ok = 0; |
7c664b1f | 275 | |
7c664b1f | 276 | /* |
2c090c1d RL |
277 | * The caller is allowed to specify 0 as a selection mark, to have the |
278 | * structure and key type guessed. For type-specific structures, this | |
279 | * is not recommended, as some structures are very similar. | |
280 | * Note that 0 isn't the same as OSSL_KEYMGMT_SELECT_ALL, as the latter | |
281 | * signifies a private key structure, where everything else is assumed | |
282 | * to be present as well. | |
7c664b1f | 283 | */ |
2c090c1d RL |
284 | if (selection == 0) |
285 | selection = ctx->desc->selection_mask; | |
286 | if ((selection & ctx->desc->selection_mask) == 0) { | |
287 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); | |
288 | return 0; | |
7c664b1f RL |
289 | } |
290 | ||
2c090c1d RL |
291 | SET_ERR_MARK(); |
292 | if (!read_der(ctx->provctx, cin, &der, &der_len)) | |
65ef000e | 293 | goto next; |
7c664b1f | 294 | |
65ef000e RL |
295 | /* We try the typs specific functions first, if available */ |
296 | if (ctx->desc->d2i_private_key != NULL | |
297 | && (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { | |
298 | RESET_ERR_MARK(); | |
b5b6669f | 299 | derp = der; |
65ef000e RL |
300 | key = ctx->desc->d2i_private_key(NULL, &derp, der_len); |
301 | if (key == NULL && orig_selection != 0) | |
302 | goto next; | |
303 | } | |
304 | if (key == NULL | |
06f67612 | 305 | && (ctx->desc->d2i_PUBKEY != NULL || ctx->desc->d2i_public_key != NULL) |
65ef000e RL |
306 | && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { |
307 | RESET_ERR_MARK(); | |
308 | derp = der; | |
06f67612 RL |
309 | if (ctx->desc->d2i_PUBKEY != NULL) |
310 | key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len); | |
311 | else | |
312 | key = ctx->desc->d2i_public_key(NULL, &derp, der_len); | |
65ef000e RL |
313 | if (key == NULL && orig_selection != 0) |
314 | goto next; | |
315 | } | |
316 | if (key == NULL | |
317 | && ctx->desc->d2i_key_params != NULL | |
318 | && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) { | |
319 | RESET_ERR_MARK(); | |
320 | derp = der; | |
321 | key = ctx->desc->d2i_key_params(NULL, &derp, der_len); | |
322 | } | |
323 | if (key == NULL | |
324 | && ctx->desc->extract_key != NULL) { | |
7c664b1f | 325 | /* |
2c090c1d RL |
326 | * There is a EVP_PKEY extractor, so we use the more generic |
327 | * EVP_PKEY functions, since they know how to unpack PKCS#8 and | |
328 | * SubjectPublicKeyInfo. | |
7c664b1f | 329 | */ |
7c664b1f | 330 | |
2c090c1d | 331 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
65ef000e RL |
332 | /* |
333 | * Opportunistic attempt to decrypt. If it doesn't work, we try | |
334 | * to decode our input unencrypted. | |
335 | */ | |
336 | if (der_from_p8(&new_der, &new_der_len, der, der_len, | |
337 | pw_cb, pw_cbarg)) { | |
338 | OPENSSL_free(der); | |
339 | der = new_der; | |
340 | der_len = new_der_len; | |
341 | } | |
342 | RESET_ERR_MARK(); | |
343 | ||
2c090c1d | 344 | derp = der; |
576892d7 SL |
345 | pkey = evp_privatekey_from_binary(ctx->desc->evp_type, NULL, |
346 | &derp, der_len, libctx, NULL); | |
2c090c1d RL |
347 | } |
348 | ||
06f67612 RL |
349 | /* |
350 | * As long as we have algos without a specific d2i_<TYPE>_PUBKEY, | |
351 | * this code must remain... | |
352 | */ | |
2c090c1d RL |
353 | if (pkey == NULL |
354 | && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { | |
355 | RESET_ERR_MARK(); | |
356 | derp = der; | |
4669015d | 357 | pkey = ossl_d2i_PUBKEY_legacy(NULL, &derp, der_len); |
2c090c1d RL |
358 | } |
359 | ||
360 | if (pkey != NULL) { | |
361 | /* | |
362 | * Tear out the low-level key pointer from the pkey, | |
363 | * but only if it matches the expected key type. | |
364 | * | |
81f9af34 | 365 | * The check should be done with EVP_PKEY_is_a(), but |
2c090c1d RL |
366 | * as long as we still have #legacy internal keys, it's safer |
367 | * to use the type numbers inside the provider. | |
368 | */ | |
369 | if (EVP_PKEY_id(pkey) == ctx->desc->evp_type) | |
370 | key = ctx->desc->extract_key(pkey); | |
371 | ||
372 | /* | |
373 | * ctx->desc->extract_key() is expected to have incremented | |
374 | * |key|'s reference count, so it should be safe to free |pkey| | |
375 | * now. | |
376 | */ | |
377 | EVP_PKEY_free(pkey); | |
378 | } | |
7c664b1f RL |
379 | } |
380 | ||
65ef000e RL |
381 | if (key != NULL |
382 | && ctx->desc->check_key != NULL | |
383 | && !ctx->desc->check_key(key, ctx)) { | |
384 | CLEAR_ERR_MARK(); | |
385 | goto end; | |
386 | } | |
387 | ||
6963979f RL |
388 | if (key != NULL && ctx->desc->adjust_key != NULL) |
389 | ctx->desc->adjust_key(key, ctx); | |
390 | ||
65ef000e | 391 | next: |
2c090c1d RL |
392 | /* |
393 | * Prune low-level ASN.1 parse errors from error queue, assuming | |
394 | * that this is called by decoder_process() in a loop trying several | |
395 | * formats. | |
396 | */ | |
397 | CLEAR_ERR_MARK(); | |
398 | ||
65ef000e RL |
399 | /* |
400 | * We free memory here so it's not held up during the callback, because | |
401 | * we know the process is recursive and the allocated chunks of memory | |
402 | * add up. | |
403 | */ | |
7c664b1f | 404 | OPENSSL_free(der); |
65ef000e | 405 | der = NULL; |
7c664b1f RL |
406 | |
407 | if (key != NULL) { | |
14c8a3d1 RL |
408 | OSSL_PARAM params[4]; |
409 | int object_type = OSSL_OBJECT_PKEY; | |
7c664b1f RL |
410 | |
411 | params[0] = | |
14c8a3d1 RL |
412 | OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); |
413 | params[1] = | |
414 | OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, | |
2c090c1d RL |
415 | (char *)ctx->desc->keytype_name, |
416 | 0); | |
7c664b1f | 417 | /* The address of the key becomes the octet string */ |
14c8a3d1 RL |
418 | params[2] = |
419 | OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, | |
7c664b1f | 420 | &key, sizeof(key)); |
14c8a3d1 | 421 | params[3] = OSSL_PARAM_construct_end(); |
7c664b1f RL |
422 | |
423 | ok = data_cb(params, data_cbarg); | |
424 | } | |
65ef000e RL |
425 | |
426 | end: | |
7c664b1f | 427 | ctx->desc->free_key(key); |
65ef000e | 428 | OPENSSL_free(der); |
7c664b1f RL |
429 | |
430 | return ok; | |
431 | } | |
432 | ||
433 | static int der2key_export_object(void *vctx, | |
434 | const void *reference, size_t reference_sz, | |
435 | OSSL_CALLBACK *export_cb, void *export_cbarg) | |
436 | { | |
437 | struct der2key_ctx_st *ctx = vctx; | |
438 | OSSL_FUNC_keymgmt_export_fn *export = | |
439 | ossl_prov_get_keymgmt_export(ctx->desc->fns); | |
440 | void *keydata; | |
441 | ||
442 | if (reference_sz == sizeof(keydata) && export != NULL) { | |
443 | /* The contents of the reference is the address to our object */ | |
444 | keydata = *(void **)reference; | |
445 | ||
446 | return export(keydata, OSSL_KEYMGMT_SELECT_ALL, | |
447 | export_cb, export_cbarg); | |
448 | } | |
449 | return 0; | |
450 | } | |
451 | ||
2c090c1d RL |
452 | /* ---------------------------------------------------------------------- */ |
453 | ||
454 | #ifndef OPENSSL_NO_DH | |
455 | # define dh_evp_type EVP_PKEY_DH | |
456 | # define dh_evp_extract (extract_key_fn *)EVP_PKEY_get1_DH | |
457 | # define dh_d2i_private_key NULL | |
458 | # define dh_d2i_public_key NULL | |
459 | # define dh_d2i_key_params (d2i_of_void *)d2i_DHparams | |
06f67612 | 460 | # define dh_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DH_PUBKEY |
2c090c1d | 461 | # define dh_free (free_key_fn *)DH_free |
65ef000e | 462 | # define dh_check NULL |
2c090c1d | 463 | |
6963979f RL |
464 | static void dh_adjust(void *key, struct der2key_ctx_st *ctx) |
465 | { | |
466 | ossl_dh_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); | |
467 | } | |
468 | ||
2c090c1d RL |
469 | # define dhx_evp_type EVP_PKEY_DHX |
470 | # define dhx_evp_extract (extract_key_fn *)EVP_PKEY_get1_DH | |
471 | # define dhx_d2i_private_key NULL | |
472 | # define dhx_d2i_public_key NULL | |
473 | # define dhx_d2i_key_params (d2i_of_void *)d2i_DHxparams | |
06f67612 | 474 | # define dhx_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DHx_PUBKEY |
2c090c1d | 475 | # define dhx_free (free_key_fn *)DH_free |
65ef000e | 476 | # define dhx_check NULL |
6963979f | 477 | # define dhx_adjust dh_adjust |
2c090c1d RL |
478 | #endif |
479 | ||
480 | /* ---------------------------------------------------------------------- */ | |
481 | ||
482 | #ifndef OPENSSL_NO_DSA | |
483 | # define dsa_evp_type EVP_PKEY_DSA | |
484 | # define dsa_evp_extract (extract_key_fn *)EVP_PKEY_get1_DSA | |
485 | # define dsa_d2i_private_key (d2i_of_void *)d2i_DSAPrivateKey | |
486 | # define dsa_d2i_public_key (d2i_of_void *)d2i_DSAPublicKey | |
487 | # define dsa_d2i_key_params (d2i_of_void *)d2i_DSAparams | |
06f67612 | 488 | # define dsa_d2i_PUBKEY (d2i_of_void *)d2i_DSA_PUBKEY |
2c090c1d | 489 | # define dsa_free (free_key_fn *)DSA_free |
65ef000e | 490 | # define dsa_check NULL |
6963979f RL |
491 | |
492 | static void dsa_adjust(void *key, struct der2key_ctx_st *ctx) | |
493 | { | |
494 | ossl_dsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); | |
495 | } | |
2c090c1d RL |
496 | #endif |
497 | ||
498 | /* ---------------------------------------------------------------------- */ | |
499 | ||
500 | #ifndef OPENSSL_NO_EC | |
501 | # define ec_evp_type EVP_PKEY_EC | |
502 | # define ec_evp_extract (extract_key_fn *)EVP_PKEY_get1_EC_KEY | |
503 | # define ec_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey | |
504 | # define ec_d2i_public_key NULL | |
505 | # define ec_d2i_key_params (d2i_of_void *)d2i_ECParameters | |
06f67612 | 506 | # define ec_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY |
2c090c1d RL |
507 | # define ec_free (free_key_fn *)EC_KEY_free |
508 | ||
65ef000e RL |
509 | static int ec_check(void *key, struct der2key_ctx_st *ctx) |
510 | { | |
511 | /* We're trying to be clever by comparing two truths */ | |
512 | ||
513 | int sm2 = (EC_KEY_get_flags(key) & EC_FLAG_SM2_RANGE) != 0; | |
514 | ||
515 | return sm2 == (ctx->desc->evp_type == EVP_PKEY_SM2); | |
516 | } | |
517 | ||
6963979f RL |
518 | static void ec_adjust(void *key, struct der2key_ctx_st *ctx) |
519 | { | |
32ab57cb | 520 | ossl_ec_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); |
6963979f RL |
521 | } |
522 | ||
2c090c1d RL |
523 | /* |
524 | * ED25519, ED448, X25519, X448 only implement PKCS#8 and SubjectPublicKeyInfo, | |
525 | * so no d2i functions to be had. | |
526 | */ | |
6963979f RL |
527 | |
528 | static void ecx_key_adjust(void *key, struct der2key_ctx_st *ctx) | |
529 | { | |
32ab57cb | 530 | ossl_ecx_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); |
6963979f RL |
531 | } |
532 | ||
2c090c1d | 533 | # define ed25519_evp_type EVP_PKEY_ED25519 |
32ab57cb | 534 | # define ed25519_evp_extract (extract_key_fn *)ossl_evp_pkey_get1_ED25519 |
2c090c1d RL |
535 | # define ed25519_d2i_private_key NULL |
536 | # define ed25519_d2i_public_key NULL | |
537 | # define ed25519_d2i_key_params NULL | |
06f67612 | 538 | # define ed25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED25519_PUBKEY |
32ab57cb | 539 | # define ed25519_free (free_key_fn *)ossl_ecx_key_free |
65ef000e | 540 | # define ed25519_check NULL |
6963979f | 541 | # define ed25519_adjust ecx_key_adjust |
2c090c1d RL |
542 | |
543 | # define ed448_evp_type EVP_PKEY_ED448 | |
32ab57cb | 544 | # define ed448_evp_extract (extract_key_fn *)ossl_evp_pkey_get1_ED448 |
2c090c1d RL |
545 | # define ed448_d2i_private_key NULL |
546 | # define ed448_d2i_public_key NULL | |
547 | # define ed448_d2i_key_params NULL | |
06f67612 | 548 | # define ed448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED448_PUBKEY |
32ab57cb | 549 | # define ed448_free (free_key_fn *)ossl_ecx_key_free |
65ef000e | 550 | # define ed448_check NULL |
6963979f | 551 | # define ed448_adjust ecx_key_adjust |
2c090c1d RL |
552 | |
553 | # define x25519_evp_type EVP_PKEY_X25519 | |
32ab57cb | 554 | # define x25519_evp_extract (extract_key_fn *)ossl_evp_pkey_get1_X25519 |
2c090c1d RL |
555 | # define x25519_d2i_private_key NULL |
556 | # define x25519_d2i_public_key NULL | |
557 | # define x25519_d2i_key_params NULL | |
06f67612 | 558 | # define x25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X25519_PUBKEY |
32ab57cb | 559 | # define x25519_free (free_key_fn *)ossl_ecx_key_free |
65ef000e | 560 | # define x25519_check NULL |
6963979f | 561 | # define x25519_adjust ecx_key_adjust |
2c090c1d RL |
562 | |
563 | # define x448_evp_type EVP_PKEY_X448 | |
32ab57cb | 564 | # define x448_evp_extract (extract_key_fn *)ossl_evp_pkey_get1_X448 |
2c090c1d RL |
565 | # define x448_d2i_private_key NULL |
566 | # define x448_d2i_public_key NULL | |
567 | # define x448_d2i_key_params NULL | |
06f67612 | 568 | # define x448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X448_PUBKEY |
32ab57cb | 569 | # define x448_free (free_key_fn *)ossl_ecx_key_free |
65ef000e | 570 | # define x448_check NULL |
6963979f | 571 | # define x448_adjust ecx_key_adjust |
f2db0528 RL |
572 | |
573 | # ifndef OPENSSL_NO_SM2 | |
574 | # define sm2_evp_type EVP_PKEY_SM2 | |
575 | # define sm2_evp_extract (extract_key_fn *)EVP_PKEY_get1_EC_KEY | |
576 | # define sm2_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey | |
577 | # define sm2_d2i_public_key NULL | |
578 | # define sm2_d2i_key_params (d2i_of_void *)d2i_ECParameters | |
06f67612 | 579 | # define sm2_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY |
f2db0528 | 580 | # define sm2_free (free_key_fn *)EC_KEY_free |
65ef000e | 581 | # define sm2_check ec_check |
f2db0528 RL |
582 | # define sm2_adjust ec_adjust |
583 | # endif | |
2c090c1d RL |
584 | #endif |
585 | ||
586 | /* ---------------------------------------------------------------------- */ | |
587 | ||
588 | #define rsa_evp_type EVP_PKEY_RSA | |
589 | #define rsa_evp_extract (extract_key_fn *)EVP_PKEY_get1_RSA | |
590 | #define rsa_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey | |
591 | #define rsa_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey | |
592 | #define rsa_d2i_key_params NULL | |
06f67612 | 593 | #define rsa_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY |
2c090c1d RL |
594 | #define rsa_free (free_key_fn *)RSA_free |
595 | ||
65ef000e RL |
596 | static int rsa_check(void *key, struct der2key_ctx_st *ctx) |
597 | { | |
598 | switch (RSA_test_flags(key, RSA_FLAG_TYPE_MASK)) { | |
599 | case RSA_FLAG_TYPE_RSA: | |
600 | return ctx->desc->evp_type == EVP_PKEY_RSA; | |
601 | case RSA_FLAG_TYPE_RSASSAPSS: | |
602 | return ctx->desc->evp_type == EVP_PKEY_RSA_PSS; | |
603 | } | |
604 | ||
605 | /* Currently unsupported RSA key type */ | |
606 | return 0; | |
607 | } | |
608 | ||
6963979f RL |
609 | static void rsa_adjust(void *key, struct der2key_ctx_st *ctx) |
610 | { | |
611 | ossl_rsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); | |
612 | } | |
613 | ||
2c090c1d RL |
614 | #define rsapss_evp_type EVP_PKEY_RSA_PSS |
615 | #define rsapss_evp_extract (extract_key_fn *)EVP_PKEY_get1_RSA | |
616 | #define rsapss_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey | |
617 | #define rsapss_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey | |
618 | #define rsapss_d2i_key_params NULL | |
06f67612 | 619 | #define rsapss_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY |
2c090c1d | 620 | #define rsapss_free (free_key_fn *)RSA_free |
65ef000e | 621 | #define rsapss_check rsa_check |
6963979f | 622 | #define rsapss_adjust rsa_adjust |
2c090c1d RL |
623 | |
624 | /* ---------------------------------------------------------------------- */ | |
625 | ||
626 | /* | |
627 | * The DO_ macros help define the selection mask and the method functions | |
628 | * for each kind of object we want to decode. | |
629 | */ | |
630 | #define DO_type_specific_keypair(keytype) \ | |
65ef000e | 631 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
632 | ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ |
633 | keytype##_d2i_private_key, \ | |
634 | keytype##_d2i_public_key, \ | |
635 | NULL, \ | |
636 | NULL, \ | |
06f67612 | 637 | NULL, \ |
65ef000e | 638 | keytype##_check, \ |
6963979f | 639 | keytype##_adjust, \ |
2c090c1d RL |
640 | keytype##_free |
641 | ||
642 | #define DO_type_specific_pub(keytype) \ | |
65ef000e | 643 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
644 | ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ |
645 | NULL, \ | |
646 | keytype##_d2i_public_key, \ | |
647 | NULL, \ | |
648 | NULL, \ | |
06f67612 | 649 | NULL, \ |
65ef000e | 650 | keytype##_check, \ |
6963979f | 651 | keytype##_adjust, \ |
2c090c1d RL |
652 | keytype##_free |
653 | ||
654 | #define DO_type_specific_priv(keytype) \ | |
65ef000e | 655 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
656 | ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ |
657 | keytype##_d2i_private_key, \ | |
658 | NULL, \ | |
659 | NULL, \ | |
660 | NULL, \ | |
06f67612 | 661 | NULL, \ |
65ef000e | 662 | keytype##_check, \ |
6963979f | 663 | keytype##_adjust, \ |
2c090c1d RL |
664 | keytype##_free |
665 | ||
666 | #define DO_type_specific_params(keytype) \ | |
65ef000e | 667 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
668 | ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ |
669 | NULL, \ | |
670 | NULL, \ | |
671 | keytype##_d2i_key_params, \ | |
672 | NULL, \ | |
06f67612 | 673 | NULL, \ |
65ef000e | 674 | keytype##_check, \ |
6963979f | 675 | keytype##_adjust, \ |
2c090c1d RL |
676 | keytype##_free |
677 | ||
678 | #define DO_type_specific(keytype) \ | |
65ef000e | 679 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
680 | ( OSSL_KEYMGMT_SELECT_ALL ), \ |
681 | keytype##_d2i_private_key, \ | |
682 | keytype##_d2i_public_key, \ | |
683 | keytype##_d2i_key_params, \ | |
684 | NULL, \ | |
06f67612 | 685 | NULL, \ |
65ef000e | 686 | keytype##_check, \ |
6963979f | 687 | keytype##_adjust, \ |
2c090c1d RL |
688 | keytype##_free |
689 | ||
690 | #define DO_type_specific_no_pub(keytype) \ | |
65ef000e | 691 | "type-specific", keytype##_evp_type, \ |
2c090c1d RL |
692 | ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ |
693 | | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ | |
694 | keytype##_d2i_private_key, \ | |
695 | NULL, \ | |
696 | keytype##_d2i_key_params, \ | |
697 | NULL, \ | |
06f67612 | 698 | NULL, \ |
65ef000e | 699 | keytype##_check, \ |
6963979f | 700 | keytype##_adjust, \ |
2c090c1d RL |
701 | keytype##_free |
702 | ||
703 | #define DO_PKCS8(keytype) \ | |
704 | "pkcs8", keytype##_evp_type, \ | |
705 | ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ | |
706 | NULL, \ | |
707 | NULL, \ | |
708 | NULL, \ | |
06f67612 | 709 | NULL, \ |
2c090c1d | 710 | keytype##_evp_extract, \ |
65ef000e | 711 | keytype##_check, \ |
6963979f | 712 | keytype##_adjust, \ |
2c090c1d RL |
713 | keytype##_free |
714 | ||
715 | #define DO_SubjectPublicKeyInfo(keytype) \ | |
716 | "SubjectPublicKeyInfo", keytype##_evp_type, \ | |
717 | ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ | |
718 | NULL, \ | |
719 | NULL, \ | |
720 | NULL, \ | |
06f67612 | 721 | keytype##_d2i_PUBKEY, \ |
2c090c1d | 722 | keytype##_evp_extract, \ |
65ef000e | 723 | keytype##_check, \ |
6963979f | 724 | keytype##_adjust, \ |
2c090c1d RL |
725 | keytype##_free |
726 | ||
727 | #define DO_DH(keytype) \ | |
65ef000e | 728 | "DH", keytype##_evp_type, \ |
2c090c1d RL |
729 | ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ |
730 | NULL, \ | |
731 | NULL, \ | |
732 | keytype##_d2i_key_params, \ | |
733 | NULL, \ | |
06f67612 | 734 | NULL, \ |
65ef000e | 735 | keytype##_check, \ |
6963979f | 736 | keytype##_adjust, \ |
2c090c1d RL |
737 | keytype##_free |
738 | ||
739 | #define DO_DHX(keytype) \ | |
65ef000e | 740 | "DHX", keytype##_evp_type, \ |
2c090c1d RL |
741 | ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ |
742 | NULL, \ | |
743 | NULL, \ | |
744 | keytype##_d2i_key_params, \ | |
745 | NULL, \ | |
06f67612 | 746 | NULL, \ |
65ef000e | 747 | keytype##_check, \ |
6963979f | 748 | keytype##_adjust, \ |
2c090c1d RL |
749 | keytype##_free |
750 | ||
751 | #define DO_DSA(keytype) \ | |
65ef000e | 752 | "DSA", keytype##_evp_type, \ |
2c090c1d RL |
753 | ( OSSL_KEYMGMT_SELECT_ALL ), \ |
754 | keytype##_d2i_private_key, \ | |
755 | keytype##_d2i_public_key, \ | |
756 | keytype##_d2i_key_params, \ | |
757 | NULL, \ | |
06f67612 | 758 | NULL, \ |
65ef000e | 759 | keytype##_check, \ |
6963979f | 760 | keytype##_adjust, \ |
2c090c1d RL |
761 | keytype##_free |
762 | ||
763 | #define DO_EC(keytype) \ | |
65ef000e | 764 | "EC", keytype##_evp_type, \ |
2c090c1d RL |
765 | ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ |
766 | | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ | |
767 | keytype##_d2i_private_key, \ | |
768 | NULL, \ | |
769 | keytype##_d2i_key_params, \ | |
770 | NULL, \ | |
06f67612 | 771 | NULL, \ |
65ef000e | 772 | keytype##_check, \ |
6963979f | 773 | keytype##_adjust, \ |
2c090c1d RL |
774 | keytype##_free |
775 | ||
776 | #define DO_RSA(keytype) \ | |
65ef000e | 777 | "RSA", keytype##_evp_type, \ |
2c090c1d RL |
778 | ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ |
779 | keytype##_d2i_private_key, \ | |
780 | keytype##_d2i_public_key, \ | |
781 | NULL, \ | |
782 | NULL, \ | |
06f67612 | 783 | NULL, \ |
65ef000e | 784 | keytype##_check, \ |
6963979f | 785 | keytype##_adjust, \ |
2c090c1d RL |
786 | keytype##_free |
787 | ||
788 | /* | |
789 | * MAKE_DECODER is the single driver for creating OSSL_DISPATCH tables. | |
790 | * It takes the following arguments: | |
791 | * | |
792 | * keytype_name The implementation key type as a string. | |
793 | * keytype The implementation key type. This must correspond exactly | |
794 | * to our existing keymgmt keytype names... in other words, | |
795 | * there must exist an ossl_##keytype##_keymgmt_functions. | |
796 | * type The type name for the set of functions that implement the | |
797 | * decoder for the key type. This isn't necessarily the same | |
798 | * as keytype. For example, the key types ed25519, ed448, | |
799 | * x25519 and x448 are all handled by the same functions with | |
800 | * the common type name ecx. | |
801 | * kind The kind of support to implement. This translates into | |
802 | * the DO_##kind macros above, to populate the keytype_desc_st | |
803 | * structure. | |
804 | */ | |
805 | #define MAKE_DECODER(keytype_name, keytype, type, kind) \ | |
806 | static const struct keytype_desc_st kind##_##keytype##_desc = \ | |
807 | { keytype_name, ossl_##keytype##_keymgmt_functions, \ | |
808 | DO_##kind(keytype) }; \ | |
809 | \ | |
810 | static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \ | |
811 | static OSSL_FUNC_decoder_gettable_params_fn \ | |
812 | kind##_der2##keytype##_gettable_params; \ | |
813 | static OSSL_FUNC_decoder_get_params_fn \ | |
814 | kind##_der2##keytype##_get_params; \ | |
815 | \ | |
816 | static void *kind##_der2##keytype##_newctx(void *provctx) \ | |
817 | { \ | |
818 | return der2key_newctx(provctx, &kind##_##keytype##_desc); \ | |
819 | } \ | |
820 | static const OSSL_PARAM * \ | |
821 | kind##_der2##keytype##_gettable_params(void *provctx) \ | |
822 | { \ | |
823 | return \ | |
824 | der2key_gettable_params(provctx, &kind##_##keytype##_desc); \ | |
825 | } \ | |
826 | static int kind##_der2##keytype##_get_params(OSSL_PARAM params[]) \ | |
827 | { \ | |
828 | return der2key_get_params(params, &kind##_##keytype##_desc); \ | |
829 | } \ | |
830 | static int kind##_der2##keytype##_does_selection(void *provctx, \ | |
831 | int selection) \ | |
7c664b1f | 832 | { \ |
2c090c1d RL |
833 | return der2key_check_selection(selection, \ |
834 | &kind##_##keytype##_desc); \ | |
7c664b1f | 835 | } \ |
2c090c1d RL |
836 | const OSSL_DISPATCH \ |
837 | ossl_##kind##_der_to_##keytype##_decoder_functions[] = { \ | |
ece9304c | 838 | { OSSL_FUNC_DECODER_NEWCTX, \ |
2c090c1d | 839 | (void (*)(void))kind##_der2##keytype##_newctx }, \ |
ece9304c | 840 | { OSSL_FUNC_DECODER_FREECTX, \ |
7c664b1f | 841 | (void (*)(void))der2key_freectx }, \ |
ece9304c | 842 | { OSSL_FUNC_DECODER_GETTABLE_PARAMS, \ |
2c090c1d | 843 | (void (*)(void))kind##_der2##keytype##_gettable_params }, \ |
ece9304c | 844 | { OSSL_FUNC_DECODER_GET_PARAMS, \ |
2c090c1d RL |
845 | (void (*)(void))kind##_der2##keytype##_get_params }, \ |
846 | { OSSL_FUNC_DECODER_DOES_SELECTION, \ | |
847 | (void (*)(void))kind##_der2##keytype##_does_selection }, \ | |
ece9304c RL |
848 | { OSSL_FUNC_DECODER_DECODE, \ |
849 | (void (*)(void))der2key_decode }, \ | |
850 | { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ | |
7c664b1f RL |
851 | (void (*)(void))der2key_export_object }, \ |
852 | { 0, NULL } \ | |
853 | } | |
854 | ||
855 | #ifndef OPENSSL_NO_DH | |
2c090c1d RL |
856 | MAKE_DECODER("DH", dh, dh, PKCS8); |
857 | MAKE_DECODER("DH", dh, dh, SubjectPublicKeyInfo); | |
858 | MAKE_DECODER("DH", dh, dh, type_specific_params); | |
859 | MAKE_DECODER("DH", dh, dh, DH); | |
860 | MAKE_DECODER("DHX", dhx, dhx, PKCS8); | |
861 | MAKE_DECODER("DHX", dhx, dhx, SubjectPublicKeyInfo); | |
862 | MAKE_DECODER("DHX", dhx, dhx, type_specific_params); | |
863 | MAKE_DECODER("DHX", dhx, dhx, DHX); | |
7c664b1f RL |
864 | #endif |
865 | #ifndef OPENSSL_NO_DSA | |
2c090c1d RL |
866 | MAKE_DECODER("DSA", dsa, dsa, PKCS8); |
867 | MAKE_DECODER("DSA", dsa, dsa, SubjectPublicKeyInfo); | |
868 | MAKE_DECODER("DSA", dsa, dsa, type_specific); | |
869 | MAKE_DECODER("DSA", dsa, dsa, DSA); | |
7c664b1f RL |
870 | #endif |
871 | #ifndef OPENSSL_NO_EC | |
2c090c1d RL |
872 | MAKE_DECODER("EC", ec, ec, PKCS8); |
873 | MAKE_DECODER("EC", ec, ec, SubjectPublicKeyInfo); | |
874 | MAKE_DECODER("EC", ec, ec, type_specific_no_pub); | |
875 | MAKE_DECODER("EC", ec, ec, EC); | |
876 | MAKE_DECODER("X25519", x25519, ecx, PKCS8); | |
877 | MAKE_DECODER("X25519", x25519, ecx, SubjectPublicKeyInfo); | |
878 | MAKE_DECODER("X448", x448, ecx, PKCS8); | |
879 | MAKE_DECODER("X448", x448, ecx, SubjectPublicKeyInfo); | |
880 | MAKE_DECODER("ED25519", ed25519, ecx, PKCS8); | |
881 | MAKE_DECODER("ED25519", ed25519, ecx, SubjectPublicKeyInfo); | |
882 | MAKE_DECODER("ED448", ed448, ecx, PKCS8); | |
883 | MAKE_DECODER("ED448", ed448, ecx, SubjectPublicKeyInfo); | |
f2db0528 RL |
884 | # ifndef OPENSSL_NO_SM2 |
885 | MAKE_DECODER("SM2", sm2, ec, PKCS8); | |
886 | MAKE_DECODER("SM2", sm2, ec, SubjectPublicKeyInfo); | |
887 | # endif | |
7c664b1f | 888 | #endif |
2c090c1d RL |
889 | MAKE_DECODER("RSA", rsa, rsa, PKCS8); |
890 | MAKE_DECODER("RSA", rsa, rsa, SubjectPublicKeyInfo); | |
891 | MAKE_DECODER("RSA", rsa, rsa, type_specific_keypair); | |
892 | MAKE_DECODER("RSA", rsa, rsa, RSA); | |
893 | MAKE_DECODER("RSA-PSS", rsapss, rsapss, PKCS8); | |
894 | MAKE_DECODER("RSA-PSS", rsapss, rsapss, SubjectPublicKeyInfo); |