2 * Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * Low level APIs are deprecated for public use, but still ok for internal use.
13 #include "internal/deprecated.h"
15 #include <openssl/core.h>
16 #include <openssl/core_dispatch.h>
17 #include <openssl/core_names.h>
18 #include <openssl/crypto.h>
19 #include <openssl/params.h>
20 #include <openssl/asn1.h>
21 #include <openssl/err.h>
22 #include <openssl/pem.h>
23 #include <openssl/x509.h>
24 #include <openssl/pkcs12.h> /* PKCS8_encrypt() */
25 #include <openssl/dh.h>
26 #include <openssl/dsa.h>
27 #include <openssl/ec.h>
28 #include <openssl/proverr.h>
29 #include "internal/passphrase.h"
30 #include "internal/cryptlib.h"
31 #include "crypto/ecx.h"
32 #include "crypto/rsa.h"
33 #include "prov/implementations.h"
35 #include "prov/provider_ctx.h"
36 #include "prov/der_rsa.h"
37 #include "endecoder_local.h"
39 #if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC)
40 # define OPENSSL_NO_KEYPARAMS
43 struct key2any_ctx_st
{
46 /* Set to 0 if parameters should not be saved (dsa only) */
49 /* Set to 1 if intending to encrypt/decrypt, otherwise 0 */
54 struct ossl_passphrase_data_st pwdata
;
57 typedef int check_key_type_fn(const void *key
, int nid
);
58 typedef int key_to_paramstring_fn(const void *key
, int nid
, int save
,
59 void **str
, int *strtype
);
60 typedef int key_to_der_fn(BIO
*out
, const void *key
,
61 int key_nid
, const char *pemname
,
62 key_to_paramstring_fn
*p2s
, i2d_of_void
*k2d
,
63 struct key2any_ctx_st
*ctx
);
64 typedef int write_bio_of_void_fn(BIO
*bp
, const void *x
);
67 /* Free the blob allocated during key_to_paramstring_fn */
68 static void free_asn1_data(int type
, void *data
)
72 ASN1_OBJECT_free(data
);
75 ASN1_STRING_free(data
);
80 static PKCS8_PRIV_KEY_INFO
*key_to_p8info(const void *key
, int key_nid
,
81 void *params
, int params_type
,
84 /* der, derlen store the key DER output and its length */
85 unsigned char *der
= NULL
;
87 /* The final PKCS#8 info */
88 PKCS8_PRIV_KEY_INFO
*p8info
= NULL
;
90 if ((p8info
= PKCS8_PRIV_KEY_INFO_new()) == NULL
91 || (derlen
= k2d(key
, &der
)) <= 0
92 || !PKCS8_pkey_set0(p8info
, OBJ_nid2obj(key_nid
), 0,
93 params_type
, params
, der
, derlen
)) {
94 ERR_raise(ERR_LIB_PROV
, ERR_R_ASN1_LIB
);
95 PKCS8_PRIV_KEY_INFO_free(p8info
);
103 static X509_SIG
*p8info_to_encp8(PKCS8_PRIV_KEY_INFO
*p8info
,
104 struct key2any_ctx_st
*ctx
)
107 char kstr
[PEM_BUFSIZE
];
109 OSSL_LIB_CTX
*libctx
= PROV_LIBCTX_OF(ctx
->provctx
);
111 if (ctx
->cipher
== NULL
)
114 if (!ossl_pw_get_passphrase(kstr
, sizeof(kstr
), &klen
, NULL
, 1,
116 ERR_raise(ERR_LIB_PROV
, PROV_R_UNABLE_TO_GET_PASSPHRASE
);
119 /* First argument == -1 means "standard" */
120 p8
= PKCS8_encrypt_ex(-1, ctx
->cipher
, kstr
, klen
, NULL
, 0, 0, p8info
, libctx
, NULL
);
121 OPENSSL_cleanse(kstr
, klen
);
125 static X509_SIG
*key_to_encp8(const void *key
, int key_nid
,
126 void *params
, int params_type
,
127 i2d_of_void
*k2d
, struct key2any_ctx_st
*ctx
)
129 PKCS8_PRIV_KEY_INFO
*p8info
=
130 key_to_p8info(key
, key_nid
, params
, params_type
, k2d
);
133 if (p8info
== NULL
) {
134 free_asn1_data(params_type
, params
);
136 p8
= p8info_to_encp8(p8info
, ctx
);
137 PKCS8_PRIV_KEY_INFO_free(p8info
);
142 static X509_PUBKEY
*key_to_pubkey(const void *key
, int key_nid
,
143 void *params
, int params_type
,
146 /* der, derlen store the key DER output and its length */
147 unsigned char *der
= NULL
;
149 /* The final X509_PUBKEY */
150 X509_PUBKEY
*xpk
= NULL
;
153 if ((xpk
= X509_PUBKEY_new()) == NULL
154 || (derlen
= k2d(key
, &der
)) <= 0
155 || !X509_PUBKEY_set0_param(xpk
, OBJ_nid2obj(key_nid
),
156 params_type
, params
, der
, derlen
)) {
157 ERR_raise(ERR_LIB_PROV
, ERR_R_X509_LIB
);
158 X509_PUBKEY_free(xpk
);
167 * key_to_epki_* produce encoded output with the private key data in a
168 * EncryptedPrivateKeyInfo structure (defined by PKCS#8). They require
169 * that there's an intent to encrypt, anything else is an error.
171 * key_to_pki_* primarily produce encoded output with the private key data
172 * in a PrivateKeyInfo structure (also defined by PKCS#8). However, if
173 * there is an intent to encrypt the data, the corresponding key_to_epki_*
174 * function is used instead.
176 * key_to_spki_* produce encoded output with the public key data in an
177 * X.509 SubjectPublicKeyInfo.
179 * Key parameters don't have any defined envelopment of this kind, but are
180 * included in some manner in the output from the functions described above,
181 * either in the AlgorithmIdentifier's parameter field, or as part of the
185 static int key_to_epki_der_priv_bio(BIO
*out
, const void *key
,
187 ossl_unused
const char *pemname
,
188 key_to_paramstring_fn
*p2s
,
190 struct key2any_ctx_st
*ctx
)
194 int strtype
= V_ASN1_UNDEF
;
197 if (!ctx
->cipher_intent
)
200 if (p2s
!= NULL
&& !p2s(key
, key_nid
, ctx
->save_parameters
,
204 p8
= key_to_encp8(key
, key_nid
, str
, strtype
, k2d
, ctx
);
206 ret
= i2d_PKCS8_bio(out
, p8
);
213 static int key_to_epki_pem_priv_bio(BIO
*out
, const void *key
,
215 ossl_unused
const char *pemname
,
216 key_to_paramstring_fn
*p2s
,
218 struct key2any_ctx_st
*ctx
)
222 int strtype
= V_ASN1_UNDEF
;
225 if (!ctx
->cipher_intent
)
228 if (p2s
!= NULL
&& !p2s(key
, key_nid
, ctx
->save_parameters
,
232 p8
= key_to_encp8(key
, key_nid
, str
, strtype
, k2d
, ctx
);
234 ret
= PEM_write_bio_PKCS8(out
, p8
);
241 static int key_to_pki_der_priv_bio(BIO
*out
, const void *key
,
243 ossl_unused
const char *pemname
,
244 key_to_paramstring_fn
*p2s
,
246 struct key2any_ctx_st
*ctx
)
250 int strtype
= V_ASN1_UNDEF
;
251 PKCS8_PRIV_KEY_INFO
*p8info
;
253 if (ctx
->cipher_intent
)
254 return key_to_epki_der_priv_bio(out
, key
, key_nid
, pemname
,
257 if (p2s
!= NULL
&& !p2s(key
, key_nid
, ctx
->save_parameters
,
261 p8info
= key_to_p8info(key
, key_nid
, str
, strtype
, k2d
);
264 ret
= i2d_PKCS8_PRIV_KEY_INFO_bio(out
, p8info
);
266 free_asn1_data(strtype
, str
);
268 PKCS8_PRIV_KEY_INFO_free(p8info
);
273 static int key_to_pki_pem_priv_bio(BIO
*out
, const void *key
,
275 ossl_unused
const char *pemname
,
276 key_to_paramstring_fn
*p2s
,
278 struct key2any_ctx_st
*ctx
)
282 int strtype
= V_ASN1_UNDEF
;
283 PKCS8_PRIV_KEY_INFO
*p8info
;
285 if (ctx
->cipher_intent
)
286 return key_to_epki_pem_priv_bio(out
, key
, key_nid
, pemname
,
289 if (p2s
!= NULL
&& !p2s(key
, key_nid
, ctx
->save_parameters
,
293 p8info
= key_to_p8info(key
, key_nid
, str
, strtype
, k2d
);
296 ret
= PEM_write_bio_PKCS8_PRIV_KEY_INFO(out
, p8info
);
298 free_asn1_data(strtype
, str
);
300 PKCS8_PRIV_KEY_INFO_free(p8info
);
305 static int key_to_spki_der_pub_bio(BIO
*out
, const void *key
,
307 ossl_unused
const char *pemname
,
308 key_to_paramstring_fn
*p2s
,
310 struct key2any_ctx_st
*ctx
)
314 int strtype
= V_ASN1_UNDEF
;
315 X509_PUBKEY
*xpk
= NULL
;
317 if (p2s
!= NULL
&& !p2s(key
, key_nid
, ctx
->save_parameters
,
321 xpk
= key_to_pubkey(key
, key_nid
, str
, strtype
, k2d
);
324 ret
= i2d_X509_PUBKEY_bio(out
, xpk
);
326 /* Also frees |str| */
327 X509_PUBKEY_free(xpk
);
331 static int key_to_spki_pem_pub_bio(BIO
*out
, const void *key
,
333 ossl_unused
const char *pemname
,
334 key_to_paramstring_fn
*p2s
,
336 struct key2any_ctx_st
*ctx
)
340 int strtype
= V_ASN1_UNDEF
;
341 X509_PUBKEY
*xpk
= NULL
;
343 if (p2s
!= NULL
&& !p2s(key
, key_nid
, ctx
->save_parameters
,
347 xpk
= key_to_pubkey(key
, key_nid
, str
, strtype
, k2d
);
350 ret
= PEM_write_bio_X509_PUBKEY(out
, xpk
);
352 free_asn1_data(strtype
, str
);
354 /* Also frees |str| */
355 X509_PUBKEY_free(xpk
);
360 * key_to_type_specific_* produce encoded output with type specific key data,
361 * no envelopment; the same kind of output as the type specific i2d_ and
362 * PEM_write_ functions, which is often a simple SEQUENCE of INTEGER.
364 * OpenSSL tries to discourage production of new keys in this form, because
365 * of the ambiguity when trying to recognise them, but can't deny that PKCS#1
366 * et al still are live standards.
368 * Note that these functions completely ignore p2s, and rather rely entirely
369 * on k2d to do the complete work.
371 static int key_to_type_specific_der_bio(BIO
*out
, const void *key
,
373 ossl_unused
const char *pemname
,
374 key_to_paramstring_fn
*p2s
,
376 struct key2any_ctx_st
*ctx
)
378 unsigned char *der
= NULL
;
382 if ((derlen
= k2d(key
, &der
)) <= 0) {
383 ERR_raise(ERR_LIB_PROV
, ERR_R_PROV_LIB
);
387 ret
= BIO_write(out
, der
, derlen
);
391 #define key_to_type_specific_der_priv_bio key_to_type_specific_der_bio
392 #define key_to_type_specific_der_pub_bio key_to_type_specific_der_bio
393 #define key_to_type_specific_der_param_bio key_to_type_specific_der_bio
395 static int key_to_type_specific_pem_bio_cb(BIO
*out
, const void *key
,
396 int key_nid
, const char *pemname
,
397 key_to_paramstring_fn
*p2s
,
399 struct key2any_ctx_st
*ctx
,
400 pem_password_cb
*cb
, void *cbarg
)
403 PEM_ASN1_write_bio(k2d
, pemname
, out
, key
, ctx
->cipher
,
404 NULL
, 0, cb
, cbarg
) > 0;
407 static int key_to_type_specific_pem_priv_bio(BIO
*out
, const void *key
,
408 int key_nid
, const char *pemname
,
409 key_to_paramstring_fn
*p2s
,
411 struct key2any_ctx_st
*ctx
)
413 return key_to_type_specific_pem_bio_cb(out
, key
, key_nid
, pemname
,
415 ossl_pw_pem_password
, &ctx
->pwdata
);
418 static int key_to_type_specific_pem_pub_bio(BIO
*out
, const void *key
,
419 int key_nid
, const char *pemname
,
420 key_to_paramstring_fn
*p2s
,
422 struct key2any_ctx_st
*ctx
)
424 return key_to_type_specific_pem_bio_cb(out
, key
, key_nid
, pemname
,
425 p2s
, k2d
, ctx
, NULL
, NULL
);
428 #ifndef OPENSSL_NO_KEYPARAMS
429 static int key_to_type_specific_pem_param_bio(BIO
*out
, const void *key
,
430 int key_nid
, const char *pemname
,
431 key_to_paramstring_fn
*p2s
,
433 struct key2any_ctx_st
*ctx
)
435 return key_to_type_specific_pem_bio_cb(out
, key
, key_nid
, pemname
,
436 p2s
, k2d
, ctx
, NULL
, NULL
);
440 /* ---------------------------------------------------------------------- */
442 #ifndef OPENSSL_NO_DH
443 static int prepare_dh_params(const void *dh
, int nid
, int save
,
444 void **pstr
, int *pstrtype
)
446 ASN1_STRING
*params
= ASN1_STRING_new();
448 if (params
== NULL
) {
449 ERR_raise(ERR_LIB_PROV
, ERR_R_ASN1_LIB
);
453 if (nid
== EVP_PKEY_DHX
)
454 params
->length
= i2d_DHxparams(dh
, ¶ms
->data
);
456 params
->length
= i2d_DHparams(dh
, ¶ms
->data
);
458 if (params
->length
<= 0) {
459 ERR_raise(ERR_LIB_PROV
, ERR_R_ASN1_LIB
);
460 ASN1_STRING_free(params
);
463 params
->type
= V_ASN1_SEQUENCE
;
466 *pstrtype
= V_ASN1_SEQUENCE
;
470 static int dh_spki_pub_to_der(const void *dh
, unsigned char **pder
)
472 const BIGNUM
*bn
= NULL
;
473 ASN1_INTEGER
*pub_key
= NULL
;
476 if ((bn
= DH_get0_pub_key(dh
)) == NULL
) {
477 ERR_raise(ERR_LIB_PROV
, PROV_R_NOT_A_PUBLIC_KEY
);
480 if ((pub_key
= BN_to_ASN1_INTEGER(bn
, NULL
)) == NULL
) {
481 ERR_raise(ERR_LIB_PROV
, PROV_R_BN_ERROR
);
485 ret
= i2d_ASN1_INTEGER(pub_key
, pder
);
487 ASN1_STRING_clear_free(pub_key
);
491 static int dh_pki_priv_to_der(const void *dh
, unsigned char **pder
)
493 const BIGNUM
*bn
= NULL
;
494 ASN1_INTEGER
*priv_key
= NULL
;
497 if ((bn
= DH_get0_priv_key(dh
)) == NULL
) {
498 ERR_raise(ERR_LIB_PROV
, PROV_R_NOT_A_PRIVATE_KEY
);
501 if ((priv_key
= BN_to_ASN1_INTEGER(bn
, NULL
)) == NULL
) {
502 ERR_raise(ERR_LIB_PROV
, PROV_R_BN_ERROR
);
506 ret
= i2d_ASN1_INTEGER(priv_key
, pder
);
508 ASN1_STRING_clear_free(priv_key
);
512 # define dh_epki_priv_to_der dh_pki_priv_to_der
514 static int dh_type_specific_params_to_der(const void *dh
, unsigned char **pder
)
516 if (DH_test_flags(dh
, DH_FLAG_TYPE_DHX
))
517 return i2d_DHxparams(dh
, pder
);
518 return i2d_DHparams(dh
, pder
);
522 * DH doesn't have i2d_DHPrivateKey or i2d_DHPublicKey, so we can't make
523 * corresponding functions here.
525 # define dh_type_specific_priv_to_der NULL
526 # define dh_type_specific_pub_to_der NULL
528 static int dh_check_key_type(const void *dh
, int expected_type
)
531 DH_test_flags(dh
, DH_FLAG_TYPE_DHX
) ? EVP_PKEY_DHX
: EVP_PKEY_DH
;
533 return type
== expected_type
;
536 # define dh_evp_type EVP_PKEY_DH
537 # define dhx_evp_type EVP_PKEY_DHX
538 # define dh_input_type "DH"
539 # define dhx_input_type "DHX"
540 # define dh_pem_type "DH"
541 # define dhx_pem_type "X9.42 DH"
544 /* ---------------------------------------------------------------------- */
546 #ifndef OPENSSL_NO_DSA
547 static int encode_dsa_params(const void *dsa
, int nid
,
548 void **pstr
, int *pstrtype
)
550 ASN1_STRING
*params
= ASN1_STRING_new();
552 if (params
== NULL
) {
553 ERR_raise(ERR_LIB_PROV
, ERR_R_ASN1_LIB
);
557 params
->length
= i2d_DSAparams(dsa
, ¶ms
->data
);
559 if (params
->length
<= 0) {
560 ERR_raise(ERR_LIB_PROV
, ERR_R_ASN1_LIB
);
561 ASN1_STRING_free(params
);
565 *pstrtype
= V_ASN1_SEQUENCE
;
570 static int prepare_dsa_params(const void *dsa
, int nid
, int save
,
571 void **pstr
, int *pstrtype
)
573 const BIGNUM
*p
= DSA_get0_p(dsa
);
574 const BIGNUM
*q
= DSA_get0_q(dsa
);
575 const BIGNUM
*g
= DSA_get0_g(dsa
);
577 if (save
&& p
!= NULL
&& q
!= NULL
&& g
!= NULL
)
578 return encode_dsa_params(dsa
, nid
, pstr
, pstrtype
);
581 *pstrtype
= V_ASN1_UNDEF
;
585 static int dsa_spki_pub_to_der(const void *dsa
, unsigned char **pder
)
587 const BIGNUM
*bn
= NULL
;
588 ASN1_INTEGER
*pub_key
= NULL
;
591 if ((bn
= DSA_get0_pub_key(dsa
)) == NULL
) {
592 ERR_raise(ERR_LIB_PROV
, PROV_R_NOT_A_PUBLIC_KEY
);
595 if ((pub_key
= BN_to_ASN1_INTEGER(bn
, NULL
)) == NULL
) {
596 ERR_raise(ERR_LIB_PROV
, PROV_R_BN_ERROR
);
600 ret
= i2d_ASN1_INTEGER(pub_key
, pder
);
602 ASN1_STRING_clear_free(pub_key
);
606 static int dsa_pki_priv_to_der(const void *dsa
, unsigned char **pder
)
608 const BIGNUM
*bn
= NULL
;
609 ASN1_INTEGER
*priv_key
= NULL
;
612 if ((bn
= DSA_get0_priv_key(dsa
)) == NULL
) {
613 ERR_raise(ERR_LIB_PROV
, PROV_R_NOT_A_PRIVATE_KEY
);
616 if ((priv_key
= BN_to_ASN1_INTEGER(bn
, NULL
)) == NULL
) {
617 ERR_raise(ERR_LIB_PROV
, PROV_R_BN_ERROR
);
621 ret
= i2d_ASN1_INTEGER(priv_key
, pder
);
623 ASN1_STRING_clear_free(priv_key
);
627 # define dsa_epki_priv_to_der dsa_pki_priv_to_der
629 # define dsa_type_specific_priv_to_der (i2d_of_void *)i2d_DSAPrivateKey
630 # define dsa_type_specific_pub_to_der (i2d_of_void *)i2d_DSAPublicKey
631 # define dsa_type_specific_params_to_der (i2d_of_void *)i2d_DSAparams
633 # define dsa_check_key_type NULL
634 # define dsa_evp_type EVP_PKEY_DSA
635 # define dsa_input_type "DSA"
636 # define dsa_pem_type "DSA"
639 /* ---------------------------------------------------------------------- */
641 #ifndef OPENSSL_NO_EC
642 static int prepare_ec_explicit_params(const void *eckey
,
643 void **pstr
, int *pstrtype
)
645 ASN1_STRING
*params
= ASN1_STRING_new();
647 if (params
== NULL
) {
648 ERR_raise(ERR_LIB_PROV
, ERR_R_ASN1_LIB
);
652 params
->length
= i2d_ECParameters(eckey
, ¶ms
->data
);
653 if (params
->length
<= 0) {
654 ERR_raise(ERR_LIB_PROV
, ERR_R_ASN1_LIB
);
655 ASN1_STRING_free(params
);
659 *pstrtype
= V_ASN1_SEQUENCE
;
665 * This implements EcpkParameters, where the CHOICE is based on whether there
666 * is a curve name (curve nid) to be found or not. See RFC 3279 for details.
668 static int prepare_ec_params(const void *eckey
, int nid
, int save
,
669 void **pstr
, int *pstrtype
)
672 const EC_GROUP
*group
= EC_KEY_get0_group(eckey
);
673 ASN1_OBJECT
*params
= NULL
;
677 curve_nid
= EC_GROUP_get_curve_name(group
);
678 if (curve_nid
!= NID_undef
) {
679 params
= OBJ_nid2obj(curve_nid
);
684 if (curve_nid
!= NID_undef
685 && (EC_GROUP_get_asn1_flag(group
) & OPENSSL_EC_NAMED_CURVE
)) {
686 /* The CHOICE came to namedCurve */
687 if (OBJ_length(params
) == 0) {
688 /* Some curves might not have an associated OID */
689 ERR_raise(ERR_LIB_PROV
, PROV_R_MISSING_OID
);
690 ASN1_OBJECT_free(params
);
694 *pstrtype
= V_ASN1_OBJECT
;
697 /* The CHOICE came to ecParameters */
698 return prepare_ec_explicit_params(eckey
, pstr
, pstrtype
);
702 static int ec_spki_pub_to_der(const void *eckey
, unsigned char **pder
)
704 if (EC_KEY_get0_public_key(eckey
) == NULL
) {
705 ERR_raise(ERR_LIB_PROV
, PROV_R_NOT_A_PUBLIC_KEY
);
708 return i2o_ECPublicKey(eckey
, pder
);
711 static int ec_pki_priv_to_der(const void *veckey
, unsigned char **pder
)
713 EC_KEY
*eckey
= (EC_KEY
*)veckey
;
714 unsigned int old_flags
;
718 * For PKCS8 the curve name appears in the PKCS8_PRIV_KEY_INFO object
719 * as the pkeyalg->parameter field. (For a named curve this is an OID)
720 * The pkey field is an octet string that holds the encoded
721 * ECPrivateKey SEQUENCE with the optional parameters field omitted.
722 * We omit this by setting the EC_PKEY_NO_PARAMETERS flag.
724 old_flags
= EC_KEY_get_enc_flags(eckey
); /* save old flags */
725 EC_KEY_set_enc_flags(eckey
, old_flags
| EC_PKEY_NO_PARAMETERS
);
726 ret
= i2d_ECPrivateKey(eckey
, pder
);
727 EC_KEY_set_enc_flags(eckey
, old_flags
); /* restore old flags */
728 return ret
; /* return the length of the der encoded data */
731 # define ec_epki_priv_to_der ec_pki_priv_to_der
733 # define ec_type_specific_params_to_der (i2d_of_void *)i2d_ECParameters
734 /* No ec_type_specific_pub_to_der, there simply is no such thing */
735 # define ec_type_specific_priv_to_der (i2d_of_void *)i2d_ECPrivateKey
737 # define ec_check_key_type NULL
738 # define ec_evp_type EVP_PKEY_EC
739 # define ec_input_type "EC"
740 # define ec_pem_type "EC"
742 # ifndef OPENSSL_NO_SM2
744 * Albeit SM2 is a slightly different algorithm than ECDSA, the key type
745 * encoding (in all places where an AlgorithmIdentifier is produced, such
746 * as PrivateKeyInfo and SubjectPublicKeyInfo) is the same as for ECC keys
747 * according to the example in GM/T 0015-2012, appendix D.2.
748 * This leaves the distinction of SM2 keys to the EC group (which is found
749 * in AlgorithmIdentified.params).
751 # define sm2_evp_type ec_evp_type
752 # define sm2_input_type "SM2"
753 # define sm2_pem_type "SM2"
757 /* ---------------------------------------------------------------------- */
759 #ifndef OPENSSL_NO_ECX
760 # define prepare_ecx_params NULL
762 static int ecx_spki_pub_to_der(const void *vecxkey
, unsigned char **pder
)
764 const ECX_KEY
*ecxkey
= vecxkey
;
765 unsigned char *keyblob
;
767 if (ecxkey
== NULL
) {
768 ERR_raise(ERR_LIB_PROV
, ERR_R_PASSED_NULL_PARAMETER
);
772 keyblob
= OPENSSL_memdup(ecxkey
->pubkey
, ecxkey
->keylen
);
777 return ecxkey
->keylen
;
780 static int ecx_pki_priv_to_der(const void *vecxkey
, unsigned char **pder
)
782 const ECX_KEY
*ecxkey
= vecxkey
;
783 ASN1_OCTET_STRING oct
;
786 if (ecxkey
== NULL
|| ecxkey
->privkey
== NULL
) {
787 ERR_raise(ERR_LIB_PROV
, ERR_R_PASSED_NULL_PARAMETER
);
791 oct
.data
= ecxkey
->privkey
;
792 oct
.length
= ecxkey
->keylen
;
795 keybloblen
= i2d_ASN1_OCTET_STRING(&oct
, pder
);
796 if (keybloblen
< 0) {
797 ERR_raise(ERR_LIB_PROV
, ERR_R_ASN1_LIB
);
804 # define ecx_epki_priv_to_der ecx_pki_priv_to_der
807 * ED25519, ED448, X25519 and X448 only has PKCS#8 / SubjectPublicKeyInfo
808 * representation, so we don't define ecx_type_specific_[priv,pub,params]_to_der.
811 # define ecx_check_key_type NULL
813 # define ed25519_evp_type EVP_PKEY_ED25519
814 # define ed448_evp_type EVP_PKEY_ED448
815 # define x25519_evp_type EVP_PKEY_X25519
816 # define x448_evp_type EVP_PKEY_X448
817 # define ed25519_input_type "ED25519"
818 # define ed448_input_type "ED448"
819 # define x25519_input_type "X25519"
820 # define x448_input_type "X448"
821 # define ed25519_pem_type "ED25519"
822 # define ed448_pem_type "ED448"
823 # define x25519_pem_type "X25519"
824 # define x448_pem_type "X448"
827 /* ---------------------------------------------------------------------- */
830 * Helper functions to prepare RSA-PSS params for encoding. We would
831 * have simply written the whole AlgorithmIdentifier, but existing libcrypto
832 * functionality doesn't allow that.
835 static int prepare_rsa_params(const void *rsa
, int nid
, int save
,
836 void **pstr
, int *pstrtype
)
838 const RSA_PSS_PARAMS_30
*pss
= ossl_rsa_get0_pss_params_30((RSA
*)rsa
);
842 switch (RSA_test_flags(rsa
, RSA_FLAG_TYPE_MASK
)) {
843 case RSA_FLAG_TYPE_RSA
:
844 /* If plain RSA, the parameters shall be NULL */
845 *pstrtype
= V_ASN1_NULL
;
847 case RSA_FLAG_TYPE_RSASSAPSS
:
848 if (ossl_rsa_pss_params_30_is_unrestricted(pss
)) {
849 *pstrtype
= V_ASN1_UNDEF
;
852 ASN1_STRING
*astr
= NULL
;
854 unsigned char *str
= NULL
;
858 for (i
= 0; i
< 2; i
++) {
861 if (!WPACKET_init_null_der(&pkt
))
865 if ((str
= OPENSSL_malloc(str_sz
)) == NULL
866 || !WPACKET_init_der(&pkt
, str
, str_sz
)) {
867 WPACKET_cleanup(&pkt
);
872 if (!ossl_DER_w_RSASSA_PSS_params(&pkt
, -1, pss
)
873 || !WPACKET_finish(&pkt
)
874 || !WPACKET_get_total_written(&pkt
, &str_sz
)) {
875 WPACKET_cleanup(&pkt
);
878 WPACKET_cleanup(&pkt
);
881 * If no PSS parameters are going to be written, there's no
882 * point going for another iteration.
883 * This saves us from getting |str| allocated just to have it
884 * immediately de-allocated.
890 if ((astr
= ASN1_STRING_new()) == NULL
)
892 *pstrtype
= V_ASN1_SEQUENCE
;
893 ASN1_STRING_set0(astr
, str
, (int)str_sz
);
903 /* Currently unsupported RSA key type */
908 * RSA is extremely simple, as PKCS#1 is used for the PKCS#8 |privateKey|
909 * field as well as the SubjectPublicKeyInfo |subjectPublicKey| field.
911 #define rsa_pki_priv_to_der rsa_type_specific_priv_to_der
912 #define rsa_epki_priv_to_der rsa_type_specific_priv_to_der
913 #define rsa_spki_pub_to_der rsa_type_specific_pub_to_der
914 #define rsa_type_specific_priv_to_der (i2d_of_void *)i2d_RSAPrivateKey
915 #define rsa_type_specific_pub_to_der (i2d_of_void *)i2d_RSAPublicKey
916 #define rsa_type_specific_params_to_der NULL
918 static int rsa_check_key_type(const void *rsa
, int expected_type
)
920 switch (RSA_test_flags(rsa
, RSA_FLAG_TYPE_MASK
)) {
921 case RSA_FLAG_TYPE_RSA
:
922 return expected_type
== EVP_PKEY_RSA
;
923 case RSA_FLAG_TYPE_RSASSAPSS
:
924 return expected_type
== EVP_PKEY_RSA_PSS
;
927 /* Currently unsupported RSA key type */
928 return EVP_PKEY_NONE
;
931 #define rsa_evp_type EVP_PKEY_RSA
932 #define rsapss_evp_type EVP_PKEY_RSA_PSS
933 #define rsa_input_type "RSA"
934 #define rsapss_input_type "RSA-PSS"
935 #define rsa_pem_type "RSA"
936 #define rsapss_pem_type "RSA-PSS"
938 /* ---------------------------------------------------------------------- */
940 static OSSL_FUNC_decoder_newctx_fn key2any_newctx
;
941 static OSSL_FUNC_decoder_freectx_fn key2any_freectx
;
943 static void *key2any_newctx(void *provctx
)
945 struct key2any_ctx_st
*ctx
= OPENSSL_zalloc(sizeof(*ctx
));
948 ctx
->provctx
= provctx
;
949 ctx
->save_parameters
= 1;
955 static void key2any_freectx(void *vctx
)
957 struct key2any_ctx_st
*ctx
= vctx
;
959 ossl_pw_clear_passphrase_data(&ctx
->pwdata
);
960 EVP_CIPHER_free(ctx
->cipher
);
964 static const OSSL_PARAM
*key2any_settable_ctx_params(ossl_unused
void *provctx
)
966 static const OSSL_PARAM settables
[] = {
967 OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_CIPHER
, NULL
, 0),
968 OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_PROPERTIES
, NULL
, 0),
975 static int key2any_set_ctx_params(void *vctx
, const OSSL_PARAM params
[])
977 struct key2any_ctx_st
*ctx
= vctx
;
978 OSSL_LIB_CTX
*libctx
= ossl_prov_ctx_get0_libctx(ctx
->provctx
);
979 const OSSL_PARAM
*cipherp
=
980 OSSL_PARAM_locate_const(params
, OSSL_ENCODER_PARAM_CIPHER
);
981 const OSSL_PARAM
*propsp
=
982 OSSL_PARAM_locate_const(params
, OSSL_ENCODER_PARAM_PROPERTIES
);
983 const OSSL_PARAM
*save_paramsp
=
984 OSSL_PARAM_locate_const(params
, OSSL_ENCODER_PARAM_SAVE_PARAMETERS
);
986 if (cipherp
!= NULL
) {
987 const char *ciphername
= NULL
;
988 const char *props
= NULL
;
990 if (!OSSL_PARAM_get_utf8_string_ptr(cipherp
, &ciphername
))
992 if (propsp
!= NULL
&& !OSSL_PARAM_get_utf8_string_ptr(propsp
, &props
))
995 EVP_CIPHER_free(ctx
->cipher
);
997 ctx
->cipher_intent
= ciphername
!= NULL
;
998 if (ciphername
!= NULL
1000 EVP_CIPHER_fetch(libctx
, ciphername
, props
)) == NULL
))
1004 if (save_paramsp
!= NULL
) {
1005 if (!OSSL_PARAM_get_int(save_paramsp
, &ctx
->save_parameters
))
1011 static int key2any_check_selection(int selection
, int selection_mask
)
1014 * The selections are kinda sorta "levels", i.e. each selection given
1015 * here is assumed to include those following.
1018 OSSL_KEYMGMT_SELECT_PRIVATE_KEY
,
1019 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
,
1020 OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
1024 /* The decoder implementations made here support guessing */
1028 for (i
= 0; i
< OSSL_NELEM(checks
); i
++) {
1029 int check1
= (selection
& checks
[i
]) != 0;
1030 int check2
= (selection_mask
& checks
[i
]) != 0;
1033 * If the caller asked for the currently checked bit(s), return
1034 * whether the decoder description says it's supported.
1040 /* This should be dead code, but just to be safe... */
1044 static int key2any_encode(struct key2any_ctx_st
*ctx
, OSSL_CORE_BIO
*cout
,
1045 const void *key
, int type
, const char *pemname
,
1046 check_key_type_fn
*checker
,
1047 key_to_der_fn
*writer
,
1048 OSSL_PASSPHRASE_CALLBACK
*pwcb
, void *pwcbarg
,
1049 key_to_paramstring_fn
*key2paramstring
,
1050 i2d_of_void
*key2der
)
1055 ERR_raise(ERR_LIB_PROV
, ERR_R_PASSED_NULL_PARAMETER
);
1056 } else if (writer
!= NULL
1057 && (checker
== NULL
|| checker(key
, type
))) {
1058 BIO
*out
= ossl_bio_new_from_core_bio(ctx
->provctx
, cout
);
1062 || ossl_pw_set_ossl_passphrase_cb(&ctx
->pwdata
, pwcb
, pwcbarg
)))
1064 writer(out
, key
, type
, pemname
, key2paramstring
, key2der
, ctx
);
1068 ERR_raise(ERR_LIB_PROV
, ERR_R_PASSED_INVALID_ARGUMENT
);
1073 #define DO_PRIVATE_KEY_selection_mask OSSL_KEYMGMT_SELECT_PRIVATE_KEY
1074 #define DO_PRIVATE_KEY(impl, type, kind, output) \
1075 if ((selection & DO_PRIVATE_KEY_selection_mask) != 0) \
1076 return key2any_encode(ctx, cout, key, impl##_evp_type, \
1077 impl##_pem_type " PRIVATE KEY", \
1078 type##_check_key_type, \
1079 key_to_##kind##_##output##_priv_bio, \
1080 cb, cbarg, prepare_##type##_params, \
1081 type##_##kind##_priv_to_der);
1083 #define DO_PUBLIC_KEY_selection_mask OSSL_KEYMGMT_SELECT_PUBLIC_KEY
1084 #define DO_PUBLIC_KEY(impl, type, kind, output) \
1085 if ((selection & DO_PUBLIC_KEY_selection_mask) != 0) \
1086 return key2any_encode(ctx, cout, key, impl##_evp_type, \
1087 impl##_pem_type " PUBLIC KEY", \
1088 type##_check_key_type, \
1089 key_to_##kind##_##output##_pub_bio, \
1090 cb, cbarg, prepare_##type##_params, \
1091 type##_##kind##_pub_to_der);
1093 #define DO_PARAMETERS_selection_mask OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
1094 #define DO_PARAMETERS(impl, type, kind, output) \
1095 if ((selection & DO_PARAMETERS_selection_mask) != 0) \
1096 return key2any_encode(ctx, cout, key, impl##_evp_type, \
1097 impl##_pem_type " PARAMETERS", \
1098 type##_check_key_type, \
1099 key_to_##kind##_##output##_param_bio, \
1101 type##_##kind##_params_to_der);
1104 * Implement the kinds of output structure that can be produced. They are
1105 * referred to by name, and for each name, the following macros are defined
1106 * (braces not included):
1108 * DO_{kind}_selection_mask
1110 * A mask of selection bits that must not be zero. This is used as a
1111 * selection criterion for each implementation.
1112 * This mask must never be zero.
1116 * The performing macro. It must use the DO_ macros defined above,
1117 * always in this order:
1123 * Any of those may be omitted, but the relative order must still be
1128 * PKCS#8 defines two structures for private keys only:
1129 * - PrivateKeyInfo (raw unencrypted form)
1130 * - EncryptedPrivateKeyInfo (encrypted wrapping)
1132 * To allow a certain amount of flexibility, we allow the routines
1133 * for PrivateKeyInfo to also produce EncryptedPrivateKeyInfo if a
1134 * passphrase callback has been passed to them.
1136 #define DO_PrivateKeyInfo_selection_mask DO_PRIVATE_KEY_selection_mask
1137 #define DO_PrivateKeyInfo(impl, type, output) \
1138 DO_PRIVATE_KEY(impl, type, pki, output)
1140 #define DO_EncryptedPrivateKeyInfo_selection_mask DO_PRIVATE_KEY_selection_mask
1141 #define DO_EncryptedPrivateKeyInfo(impl, type, output) \
1142 DO_PRIVATE_KEY(impl, type, epki, output)
1144 /* SubjectPublicKeyInfo is a structure for public keys only */
1145 #define DO_SubjectPublicKeyInfo_selection_mask DO_PUBLIC_KEY_selection_mask
1146 #define DO_SubjectPublicKeyInfo(impl, type, output) \
1147 DO_PUBLIC_KEY(impl, type, spki, output)
1150 * "type-specific" is a uniform name for key type specific output for private
1151 * and public keys as well as key parameters. This is used internally in
1152 * libcrypto so it doesn't have to have special knowledge about select key
1153 * types, but also when no better name has been found. If there are more
1154 * expressive DO_ names above, those are preferred.
1156 * Three forms exist:
1158 * - type_specific_keypair Only supports private and public key
1159 * - type_specific_params Only supports parameters
1160 * - type_specific Supports all parts of an EVP_PKEY
1161 * - type_specific_no_pub Supports all parts of an EVP_PKEY
1164 #define DO_type_specific_params_selection_mask DO_PARAMETERS_selection_mask
1165 #define DO_type_specific_params(impl, type, output) \
1166 DO_PARAMETERS(impl, type, type_specific, output)
1167 #define DO_type_specific_keypair_selection_mask \
1168 ( DO_PRIVATE_KEY_selection_mask | DO_PUBLIC_KEY_selection_mask )
1169 #define DO_type_specific_keypair(impl, type, output) \
1170 DO_PRIVATE_KEY(impl, type, type_specific, output) \
1171 DO_PUBLIC_KEY(impl, type, type_specific, output)
1172 #define DO_type_specific_selection_mask \
1173 ( DO_type_specific_keypair_selection_mask \
1174 | DO_type_specific_params_selection_mask )
1175 #define DO_type_specific(impl, type, output) \
1176 DO_type_specific_keypair(impl, type, output) \
1177 DO_type_specific_params(impl, type, output)
1178 #define DO_type_specific_no_pub_selection_mask \
1179 ( DO_PRIVATE_KEY_selection_mask | DO_PARAMETERS_selection_mask)
1180 #define DO_type_specific_no_pub(impl, type, output) \
1181 DO_PRIVATE_KEY(impl, type, type_specific, output) \
1182 DO_type_specific_params(impl, type, output)
1185 * Type specific aliases for the cases where we need to refer to them by
1187 * This only covers key types that are represented with i2d_{TYPE}PrivateKey,
1188 * i2d_{TYPE}PublicKey and i2d_{TYPE}params / i2d_{TYPE}Parameters.
1190 #define DO_RSA_selection_mask DO_type_specific_keypair_selection_mask
1191 #define DO_RSA(impl, type, output) DO_type_specific_keypair(impl, type, output)
1193 #define DO_DH_selection_mask DO_type_specific_params_selection_mask
1194 #define DO_DH(impl, type, output) DO_type_specific_params(impl, type, output)
1196 #define DO_DHX_selection_mask DO_type_specific_params_selection_mask
1197 #define DO_DHX(impl, type, output) DO_type_specific_params(impl, type, output)
1199 #define DO_DSA_selection_mask DO_type_specific_selection_mask
1200 #define DO_DSA(impl, type, output) DO_type_specific(impl, type, output)
1202 #define DO_EC_selection_mask DO_type_specific_no_pub_selection_mask
1203 #define DO_EC(impl, type, output) DO_type_specific_no_pub(impl, type, output)
1205 #define DO_SM2_selection_mask DO_type_specific_no_pub_selection_mask
1206 #define DO_SM2(impl, type, output) DO_type_specific_no_pub(impl, type, output)
1208 /* PKCS#1 defines a structure for RSA private and public keys */
1209 #define DO_PKCS1_selection_mask DO_RSA_selection_mask
1210 #define DO_PKCS1(impl, type, output) DO_RSA(impl, type, output)
1212 /* PKCS#3 defines a structure for DH parameters */
1213 #define DO_PKCS3_selection_mask DO_DH_selection_mask
1214 #define DO_PKCS3(impl, type, output) DO_DH(impl, type, output)
1215 /* X9.42 defines a structure for DHx parameters */
1216 #define DO_X9_42_selection_mask DO_DHX_selection_mask
1217 #define DO_X9_42(impl, type, output) DO_DHX(impl, type, output)
1219 /* X9.62 defines a structure for EC keys and parameters */
1220 #define DO_X9_62_selection_mask DO_EC_selection_mask
1221 #define DO_X9_62(impl, type, output) DO_EC(impl, type, output)
1224 * MAKE_ENCODER is the single driver for creating OSSL_DISPATCH tables.
1225 * It takes the following arguments:
1227 * impl This is the key type name that's being implemented.
1228 * type This is the type name for the set of functions that implement
1229 * the key type. For example, ed25519, ed448, x25519 and x448
1230 * are all implemented with the exact same set of functions.
1231 * evp_type The corresponding EVP_PKEY_xxx type macro for each key.
1232 * Necessary because we currently use EVP_PKEY with legacy
1233 * native keys internally. This will need to be refactored
1234 * when that legacy support goes away.
1235 * kind What kind of support to implement. These translate into
1236 * the DO_##kind macros above.
1237 * output The output type to implement. may be der or pem.
1239 * The resulting OSSL_DISPATCH array gets the following name (expressed in
1240 * C preprocessor terms) from those arguments:
1242 * ossl_##impl##_to_##kind##_##output##_encoder_functions
1244 #define MAKE_ENCODER(impl, type, evp_type, kind, output) \
1245 static OSSL_FUNC_encoder_import_object_fn \
1246 impl##_to_##kind##_##output##_import_object; \
1247 static OSSL_FUNC_encoder_free_object_fn \
1248 impl##_to_##kind##_##output##_free_object; \
1249 static OSSL_FUNC_encoder_encode_fn \
1250 impl##_to_##kind##_##output##_encode; \
1253 impl##_to_##kind##_##output##_import_object(void *vctx, int selection, \
1254 const OSSL_PARAM params[]) \
1256 struct key2any_ctx_st *ctx = vctx; \
1258 return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \
1259 ctx->provctx, selection, params); \
1261 static void impl##_to_##kind##_##output##_free_object(void *key) \
1263 ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \
1265 static int impl##_to_##kind##_##output##_does_selection(void *ctx, \
1268 return key2any_check_selection(selection, \
1269 DO_##kind##_selection_mask); \
1272 impl##_to_##kind##_##output##_encode(void *ctx, OSSL_CORE_BIO *cout, \
1274 const OSSL_PARAM key_abstract[], \
1276 OSSL_PASSPHRASE_CALLBACK *cb, \
1279 /* We don't deal with abstract objects */ \
1280 if (key_abstract != NULL) { \
1281 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \
1284 DO_##kind(impl, type, output) \
1286 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \
1289 const OSSL_DISPATCH \
1290 ossl_##impl##_to_##kind##_##output##_encoder_functions[] = { \
1291 { OSSL_FUNC_ENCODER_NEWCTX, \
1292 (void (*)(void))key2any_newctx }, \
1293 { OSSL_FUNC_ENCODER_FREECTX, \
1294 (void (*)(void))key2any_freectx }, \
1295 { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS, \
1296 (void (*)(void))key2any_settable_ctx_params }, \
1297 { OSSL_FUNC_ENCODER_SET_CTX_PARAMS, \
1298 (void (*)(void))key2any_set_ctx_params }, \
1299 { OSSL_FUNC_ENCODER_DOES_SELECTION, \
1300 (void (*)(void))impl##_to_##kind##_##output##_does_selection }, \
1301 { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \
1302 (void (*)(void))impl##_to_##kind##_##output##_import_object }, \
1303 { OSSL_FUNC_ENCODER_FREE_OBJECT, \
1304 (void (*)(void))impl##_to_##kind##_##output##_free_object }, \
1305 { OSSL_FUNC_ENCODER_ENCODE, \
1306 (void (*)(void))impl##_to_##kind##_##output##_encode }, \
1311 * Replacements for i2d_{TYPE}PrivateKey, i2d_{TYPE}PublicKey,
1312 * i2d_{TYPE}params, as they exist.
1314 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, type_specific_keypair
, der
);
1315 #ifndef OPENSSL_NO_DH
1316 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, type_specific_params
, der
);
1317 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, type_specific_params
, der
);
1319 #ifndef OPENSSL_NO_DSA
1320 MAKE_ENCODER(dsa
, dsa
, EVP_PKEY_DSA
, type_specific
, der
);
1322 #ifndef OPENSSL_NO_EC
1323 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, type_specific_no_pub
, der
);
1324 # ifndef OPENSSL_NO_SM2
1325 MAKE_ENCODER(sm2
, ec
, EVP_PKEY_EC
, type_specific_no_pub
, der
);
1330 * Replacements for PEM_write_bio_{TYPE}PrivateKey,
1331 * PEM_write_bio_{TYPE}PublicKey, PEM_write_bio_{TYPE}params, as they exist.
1333 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, type_specific_keypair
, pem
);
1334 #ifndef OPENSSL_NO_DH
1335 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, type_specific_params
, pem
);
1336 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, type_specific_params
, pem
);
1338 #ifndef OPENSSL_NO_DSA
1339 MAKE_ENCODER(dsa
, dsa
, EVP_PKEY_DSA
, type_specific
, pem
);
1341 #ifndef OPENSSL_NO_EC
1342 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, type_specific_no_pub
, pem
);
1343 # ifndef OPENSSL_NO_SM2
1344 MAKE_ENCODER(sm2
, ec
, EVP_PKEY_EC
, type_specific_no_pub
, pem
);
1349 * PKCS#8 and SubjectPublicKeyInfo support. This may duplicate some of the
1350 * implementations specified above, but are more specific.
1351 * The SubjectPublicKeyInfo implementations also replace the
1352 * PEM_write_bio_{TYPE}_PUBKEY functions.
1353 * For PEM, these are expected to be used by PEM_write_bio_PrivateKey(),
1354 * PEM_write_bio_PUBKEY() and PEM_write_bio_Parameters().
1356 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, EncryptedPrivateKeyInfo
, der
);
1357 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, EncryptedPrivateKeyInfo
, pem
);
1358 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, PrivateKeyInfo
, der
);
1359 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, PrivateKeyInfo
, pem
);
1360 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, SubjectPublicKeyInfo
, der
);
1361 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, SubjectPublicKeyInfo
, pem
);
1362 MAKE_ENCODER(rsapss
, rsa
, EVP_PKEY_RSA_PSS
, EncryptedPrivateKeyInfo
, der
);
1363 MAKE_ENCODER(rsapss
, rsa
, EVP_PKEY_RSA_PSS
, EncryptedPrivateKeyInfo
, pem
);
1364 MAKE_ENCODER(rsapss
, rsa
, EVP_PKEY_RSA_PSS
, PrivateKeyInfo
, der
);
1365 MAKE_ENCODER(rsapss
, rsa
, EVP_PKEY_RSA_PSS
, PrivateKeyInfo
, pem
);
1366 MAKE_ENCODER(rsapss
, rsa
, EVP_PKEY_RSA_PSS
, SubjectPublicKeyInfo
, der
);
1367 MAKE_ENCODER(rsapss
, rsa
, EVP_PKEY_RSA_PSS
, SubjectPublicKeyInfo
, pem
);
1368 #ifndef OPENSSL_NO_DH
1369 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, EncryptedPrivateKeyInfo
, der
);
1370 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, EncryptedPrivateKeyInfo
, pem
);
1371 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, PrivateKeyInfo
, der
);
1372 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, PrivateKeyInfo
, pem
);
1373 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, SubjectPublicKeyInfo
, der
);
1374 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, SubjectPublicKeyInfo
, pem
);
1375 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, EncryptedPrivateKeyInfo
, der
);
1376 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, EncryptedPrivateKeyInfo
, pem
);
1377 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, PrivateKeyInfo
, der
);
1378 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, PrivateKeyInfo
, pem
);
1379 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, SubjectPublicKeyInfo
, der
);
1380 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, SubjectPublicKeyInfo
, pem
);
1382 #ifndef OPENSSL_NO_DSA
1383 MAKE_ENCODER(dsa
, dsa
, EVP_PKEY_DSA
, EncryptedPrivateKeyInfo
, der
);
1384 MAKE_ENCODER(dsa
, dsa
, EVP_PKEY_DSA
, EncryptedPrivateKeyInfo
, pem
);
1385 MAKE_ENCODER(dsa
, dsa
, EVP_PKEY_DSA
, PrivateKeyInfo
, der
);
1386 MAKE_ENCODER(dsa
, dsa
, EVP_PKEY_DSA
, PrivateKeyInfo
, pem
);
1387 MAKE_ENCODER(dsa
, dsa
, EVP_PKEY_DSA
, SubjectPublicKeyInfo
, der
);
1388 MAKE_ENCODER(dsa
, dsa
, EVP_PKEY_DSA
, SubjectPublicKeyInfo
, pem
);
1390 #ifndef OPENSSL_NO_EC
1391 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, EncryptedPrivateKeyInfo
, der
);
1392 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, EncryptedPrivateKeyInfo
, pem
);
1393 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, PrivateKeyInfo
, der
);
1394 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, PrivateKeyInfo
, pem
);
1395 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, SubjectPublicKeyInfo
, der
);
1396 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, SubjectPublicKeyInfo
, pem
);
1397 # ifndef OPENSSL_NO_SM2
1398 MAKE_ENCODER(sm2
, ec
, EVP_PKEY_EC
, EncryptedPrivateKeyInfo
, der
);
1399 MAKE_ENCODER(sm2
, ec
, EVP_PKEY_EC
, EncryptedPrivateKeyInfo
, pem
);
1400 MAKE_ENCODER(sm2
, ec
, EVP_PKEY_EC
, PrivateKeyInfo
, der
);
1401 MAKE_ENCODER(sm2
, ec
, EVP_PKEY_EC
, PrivateKeyInfo
, pem
);
1402 MAKE_ENCODER(sm2
, ec
, EVP_PKEY_EC
, SubjectPublicKeyInfo
, der
);
1403 MAKE_ENCODER(sm2
, ec
, EVP_PKEY_EC
, SubjectPublicKeyInfo
, pem
);
1405 # ifndef OPENSSL_NO_ECX
1406 MAKE_ENCODER(ed25519
, ecx
, EVP_PKEY_ED25519
, EncryptedPrivateKeyInfo
, der
);
1407 MAKE_ENCODER(ed25519
, ecx
, EVP_PKEY_ED25519
, EncryptedPrivateKeyInfo
, pem
);
1408 MAKE_ENCODER(ed25519
, ecx
, EVP_PKEY_ED25519
, PrivateKeyInfo
, der
);
1409 MAKE_ENCODER(ed25519
, ecx
, EVP_PKEY_ED25519
, PrivateKeyInfo
, pem
);
1410 MAKE_ENCODER(ed25519
, ecx
, EVP_PKEY_ED25519
, SubjectPublicKeyInfo
, der
);
1411 MAKE_ENCODER(ed25519
, ecx
, EVP_PKEY_ED25519
, SubjectPublicKeyInfo
, pem
);
1412 MAKE_ENCODER(ed448
, ecx
, EVP_PKEY_ED448
, EncryptedPrivateKeyInfo
, der
);
1413 MAKE_ENCODER(ed448
, ecx
, EVP_PKEY_ED448
, EncryptedPrivateKeyInfo
, pem
);
1414 MAKE_ENCODER(ed448
, ecx
, EVP_PKEY_ED448
, PrivateKeyInfo
, der
);
1415 MAKE_ENCODER(ed448
, ecx
, EVP_PKEY_ED448
, PrivateKeyInfo
, pem
);
1416 MAKE_ENCODER(ed448
, ecx
, EVP_PKEY_ED448
, SubjectPublicKeyInfo
, der
);
1417 MAKE_ENCODER(ed448
, ecx
, EVP_PKEY_ED448
, SubjectPublicKeyInfo
, pem
);
1418 MAKE_ENCODER(x25519
, ecx
, EVP_PKEY_X25519
, EncryptedPrivateKeyInfo
, der
);
1419 MAKE_ENCODER(x25519
, ecx
, EVP_PKEY_X25519
, EncryptedPrivateKeyInfo
, pem
);
1420 MAKE_ENCODER(x25519
, ecx
, EVP_PKEY_X25519
, PrivateKeyInfo
, der
);
1421 MAKE_ENCODER(x25519
, ecx
, EVP_PKEY_X25519
, PrivateKeyInfo
, pem
);
1422 MAKE_ENCODER(x25519
, ecx
, EVP_PKEY_X25519
, SubjectPublicKeyInfo
, der
);
1423 MAKE_ENCODER(x25519
, ecx
, EVP_PKEY_X25519
, SubjectPublicKeyInfo
, pem
);
1424 MAKE_ENCODER(x448
, ecx
, EVP_PKEY_ED448
, EncryptedPrivateKeyInfo
, der
);
1425 MAKE_ENCODER(x448
, ecx
, EVP_PKEY_ED448
, EncryptedPrivateKeyInfo
, pem
);
1426 MAKE_ENCODER(x448
, ecx
, EVP_PKEY_ED448
, PrivateKeyInfo
, der
);
1427 MAKE_ENCODER(x448
, ecx
, EVP_PKEY_ED448
, PrivateKeyInfo
, pem
);
1428 MAKE_ENCODER(x448
, ecx
, EVP_PKEY_ED448
, SubjectPublicKeyInfo
, der
);
1429 MAKE_ENCODER(x448
, ecx
, EVP_PKEY_ED448
, SubjectPublicKeyInfo
, pem
);
1434 * Support for key type specific output formats. Not all key types have
1435 * this, we only aim to duplicate what is available in 1.1.1 as
1436 * i2d_TYPEPrivateKey(), i2d_TYPEPublicKey() and i2d_TYPEparams().
1437 * For example, there are no publicly available i2d_ function for
1438 * ED25519, ED448, X25519 or X448, and they therefore only have PKCS#8
1439 * and SubjectPublicKeyInfo implementations as implemented above.
1441 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, RSA
, der
);
1442 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, RSA
, pem
);
1443 #ifndef OPENSSL_NO_DH
1444 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, DH
, der
);
1445 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, DH
, pem
);
1446 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, DHX
, der
);
1447 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, DHX
, pem
);
1449 #ifndef OPENSSL_NO_DSA
1450 MAKE_ENCODER(dsa
, dsa
, EVP_PKEY_DSA
, DSA
, der
);
1451 MAKE_ENCODER(dsa
, dsa
, EVP_PKEY_DSA
, DSA
, pem
);
1453 #ifndef OPENSSL_NO_EC
1454 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, EC
, der
);
1455 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, EC
, pem
);
1456 # ifndef OPENSSL_NO_SM2
1457 MAKE_ENCODER(sm2
, ec
, EVP_PKEY_EC
, SM2
, der
);
1458 MAKE_ENCODER(sm2
, ec
, EVP_PKEY_EC
, SM2
, pem
);
1462 /* Convenience structure names */
1463 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, PKCS1
, der
);
1464 MAKE_ENCODER(rsa
, rsa
, EVP_PKEY_RSA
, PKCS1
, pem
);
1465 MAKE_ENCODER(rsapss
, rsa
, EVP_PKEY_RSA_PSS
, PKCS1
, der
);
1466 MAKE_ENCODER(rsapss
, rsa
, EVP_PKEY_RSA_PSS
, PKCS1
, pem
);
1467 #ifndef OPENSSL_NO_DH
1468 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, PKCS3
, der
); /* parameters only */
1469 MAKE_ENCODER(dh
, dh
, EVP_PKEY_DH
, PKCS3
, pem
); /* parameters only */
1470 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, X9_42
, der
); /* parameters only */
1471 MAKE_ENCODER(dhx
, dh
, EVP_PKEY_DHX
, X9_42
, pem
); /* parameters only */
1473 #ifndef OPENSSL_NO_EC
1474 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, X9_62
, der
);
1475 MAKE_ENCODER(ec
, ec
, EVP_PKEY_EC
, X9_62
, pem
);