]> git.ipfire.org Git - thirdparty/openssl.git/blob - providers/implementations/serializers/serializer_common.c
projects / thirdparty / openssl.git / blob
? search:


58d7a27e601b4c4c90fbc6b3883a7f2a0095fce8
[thirdparty/openssl.git] / providers / implementations / serializers / serializer_common.c
1 /*
2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <openssl/opensslconf.h> /* SIXTY_FOUR_BIT_LONG, ... */
11 #include <openssl/err.h>
12 #include <openssl/pem.h> /* PEM_BUFSIZE */
13 #include <openssl/pkcs12.h> /* PKCS8_encrypt() */
14 #include <openssl/types.h>
15 #include <openssl/x509.h> /* i2d_X509_PUBKEY_bio() */
16 #include "crypto/bn.h" /* bn_get_words() */
17 #include "crypto/ctype.h"
18 #include "crypto/ecx.h"
19 #include "prov/bio.h" /* ossl_prov_bio_printf() */
20 #include "prov/implementations.h"
21 #include "prov/providercommonerr.h" /* PROV_R_READ_KEY */
22 #include "serializer_local.h"
23
24 static PKCS8_PRIV_KEY_INFO *
25 ossl_prov_p8info_from_obj(const void *obj, int obj_nid,
26 void *params,
27 int params_type,
28 int (*k2d)(const void *obj,
29 unsigned char **pder))
30 {
31 /* der, derlen store the key DER output and its length */
32 unsigned char *der = NULL;
33 int derlen;
34 /* The final PKCS#8 info */
35 PKCS8_PRIV_KEY_INFO *p8info = NULL;
36
37
38 if ((p8info = PKCS8_PRIV_KEY_INFO_new()) == NULL
39 || (derlen = k2d(obj, &der)) <= 0
40 || !PKCS8_pkey_set0(p8info, OBJ_nid2obj(obj_nid), 0,
41 params_type, params, der, derlen)) {
42 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
43 PKCS8_PRIV_KEY_INFO_free(p8info);
44 OPENSSL_free(der);
45 p8info = NULL;
46 }
47
48 return p8info;
49 }
50
51 static X509_SIG *ossl_prov_encp8_from_p8info(PKCS8_PRIV_KEY_INFO *p8info,
52 struct pkcs8_encrypt_ctx_st *ctx)
53 {
54 X509_SIG *p8 = NULL;
55 char buf[PEM_BUFSIZE];
56 const void *kstr = ctx->cipher_pass;
57 size_t klen = ctx->cipher_pass_length;
58
59 if (ctx->cipher == NULL)
60 return NULL;
61
62 if (kstr == NULL) {
63 if (!ctx->cb(buf, sizeof(buf), &klen, NULL, ctx->cbarg)) {
64 ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY);
65 return NULL;
66 }
67 kstr = buf;
68 }
69 /* NID == -1 means "standard" */
70 p8 = PKCS8_encrypt(-1, ctx->cipher, kstr, klen, NULL, 0, 0, p8info);
71 if (kstr == buf)
72 OPENSSL_cleanse(buf, klen);
73 return p8;
74 }
75
76 static X509_SIG *ossl_prov_encp8_from_obj(const void *obj, int obj_nid,
77 void *params,
78 int params_type,
79 int (*k2d)(const void *obj,
80 unsigned char **pder),
81 struct pkcs8_encrypt_ctx_st *ctx)
82 {
83 PKCS8_PRIV_KEY_INFO *p8info =
84 ossl_prov_p8info_from_obj(obj, obj_nid, params, params_type, k2d);
85 X509_SIG *p8 = ossl_prov_encp8_from_p8info(p8info, ctx);
86
87 PKCS8_PRIV_KEY_INFO_free(p8info);
88 return p8;
89 }
90
91 static X509_PUBKEY *ossl_prov_pubkey_from_obj(const void *obj, int obj_nid,
92 void *params,
93 int params_type,
94 int (*k2d)(const void *obj,
95 unsigned char **pder))
96 {
97 /* der, derlen store the key DER output and its length */
98 unsigned char *der = NULL;
99 int derlen;
100 /* The final X509_PUBKEY */
101 X509_PUBKEY *xpk = NULL;
102
103
104 if ((xpk = X509_PUBKEY_new()) == NULL
105 || (derlen = k2d(obj, &der)) <= 0
106 || !X509_PUBKEY_set0_param(xpk, OBJ_nid2obj(obj_nid),
107 params_type, params, der, derlen)) {
108 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
109 X509_PUBKEY_free(xpk);
110 OPENSSL_free(der);
111 xpk = NULL;
112 }
113
114 return xpk;
115 }
116
117 OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_new(const OSSL_DISPATCH *fns)
118 {
119 /* Pilfer the keymgmt dispatch table */
120 for (; fns->function_id != 0; fns++)
121 if (fns->function_id == OSSL_FUNC_KEYMGMT_NEW)
122 return OSSL_FUNC_keymgmt_new(fns);
123
124 return NULL;
125 }
126
127 OSSL_FUNC_keymgmt_free_fn *ossl_prov_get_keymgmt_free(const OSSL_DISPATCH *fns)
128 {
129 /* Pilfer the keymgmt dispatch table */
130 for (; fns->function_id != 0; fns++)
131 if (fns->function_id == OSSL_FUNC_KEYMGMT_FREE)
132 return OSSL_FUNC_keymgmt_free(fns);
133
134 return NULL;
135 }
136
137 OSSL_FUNC_keymgmt_import_fn *ossl_prov_get_keymgmt_import(const OSSL_DISPATCH *fns)
138 {
139 /* Pilfer the keymgmt dispatch table */
140 for (; fns->function_id != 0; fns++)
141 if (fns->function_id == OSSL_FUNC_KEYMGMT_IMPORT)
142 return OSSL_FUNC_keymgmt_import(fns);
143
144 return NULL;
145 }
146
147 OSSL_FUNC_keymgmt_export_fn *ossl_prov_get_keymgmt_export(const OSSL_DISPATCH *fns)
148 {
149 /* Pilfer the keymgmt dispatch table */
150 for (; fns->function_id != 0; fns++)
151 if (fns->function_id == OSSL_FUNC_KEYMGMT_EXPORT)
152 return OSSL_FUNC_keymgmt_export(fns);
153
154 return NULL;
155 }
156
157 # ifdef SIXTY_FOUR_BIT_LONG
158 # define BN_FMTu "%lu"
159 # define BN_FMTx "%lx"
160 # endif
161
162 # ifdef SIXTY_FOUR_BIT
163 # define BN_FMTu "%llu"
164 # define BN_FMTx "%llx"
165 # endif
166
167 # ifdef THIRTY_TWO_BIT
168 # define BN_FMTu "%u"
169 # define BN_FMTx "%x"
170 # endif
171
172 int ossl_prov_print_labeled_bignum(BIO *out, const char *label,
173 const BIGNUM *bn)
174 {
175 int ret = 0, use_sep = 0;
176 char *hex_str = NULL, *p;
177 const char spaces[] = " ";
178 const char *post_label_spc = " ";
179
180 const char *neg = "";
181 int bytes;
182
183 if (bn == NULL)
184 return 0;
185 if (label == NULL) {
186 label = "";
187 post_label_spc = "";
188 }
189
190 if (BN_is_zero(bn))
191 return BIO_printf(out, "%s%s0\n", label, post_label_spc);
192
193 if (BN_num_bytes(bn) <= BN_BYTES) {
194 BN_ULONG *words = bn_get_words(bn);
195
196 if (BN_is_negative(bn))
197 neg = "-";
198
199 return BIO_printf(out, "%s%s%s" BN_FMTu " (%s0x" BN_FMTx ")\n",
200 label, post_label_spc, neg, words[0], neg, words[0]);
201 }
202
203 hex_str = BN_bn2hex(bn);
204 p = hex_str;
205 if (*p == '-') {
206 ++p;
207 neg = " (Negative)";
208 }
209 if (BIO_printf(out, "%s%s\n", label, neg) <= 0)
210 goto err;
211
212 /* Keep track of how many bytes we have printed out so far */
213 bytes = 0;
214
215 if (BIO_printf(out, "%s", spaces) <= 0)
216 goto err;
217
218 /* Add a leading 00 if the top bit is set */
219 if (*p >= '8') {
220 if (BIO_printf(out, "%02x", 0) <= 0)
221 goto err;
222 ++bytes;
223 use_sep = 1;
224 }
225 while (*p != '\0') {
226 /* Do a newline after every 15 hex bytes + add the space indent */
227 if ((bytes % 15) == 0 && bytes > 0) {
228 if (BIO_printf(out, ":\n%s", spaces) <= 0)
229 goto err;
230 use_sep = 0; /* The first byte on the next line doesnt have a : */
231 }
232 if (BIO_printf(out, "%s%c%c", use_sep ? ":" : "",
233 ossl_tolower(p[0]), ossl_tolower(p[1])) <= 0)
234 goto err;
235 ++bytes;
236 p += 2;
237 use_sep = 1;
238 }
239 if (BIO_printf(out, "\n") <= 0)
240 goto err;
241 ret = 1;
242 err:
243 OPENSSL_free(hex_str);
244 return ret;
245 }
246
247 /* Number of octets per line */
248 #define LABELED_BUF_PRINT_WIDTH 15
249
250 int ossl_prov_print_labeled_buf(BIO *out, const char *label,
251 const unsigned char *buf, size_t buflen)
252 {
253 size_t i;
254
255 if (BIO_printf(out, "%s\n", label) <= 0)
256 return 0;
257
258 for (i = 0; i < buflen; i++) {
259 if ((i % LABELED_BUF_PRINT_WIDTH) == 0) {
260 if (i > 0 && BIO_printf(out, "\n") <= 0)
261 return 0;
262 if (BIO_printf(out, " ") <= 0)
263 return 0;
264 }
265
266 if (BIO_printf(out, "%02x%s", buf[i],
267 (i == buflen - 1) ? "" : ":") <= 0)
268 return 0;
269 }
270 if (BIO_printf(out, "\n") <= 0)
271 return 0;
272
273 return 1;
274 }
275
276 /* p2s = param to asn1, k2d = key to der */
277 int ossl_prov_write_priv_der_from_obj(BIO *out, const void *obj, int obj_nid,
278 int (*p2s)(const void *obj, int nid,
279 void **str,
280 int *strtype),
281 int (*k2d)(const void *obj,
282 unsigned char **pder),
283 struct pkcs8_encrypt_ctx_st *ctx)
284 {
285 int ret = 0;
286 void *str = NULL;
287 int strtype = V_ASN1_UNDEF;
288
289 if (p2s != NULL && !p2s(obj, obj_nid, &str, &strtype))
290 return 0;
291
292 if (ctx->cipher_intent) {
293 X509_SIG *p8 =
294 ossl_prov_encp8_from_obj(obj, obj_nid, str, strtype, k2d, ctx);
295
296 if (p8 != NULL)
297 ret = i2d_PKCS8_bio(out, p8);
298
299 X509_SIG_free(p8);
300 } else {
301 PKCS8_PRIV_KEY_INFO *p8info =
302 ossl_prov_p8info_from_obj(obj, obj_nid, str, strtype, k2d);
303
304 if (p8info != NULL)
305 ret = i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8info);
306
307 PKCS8_PRIV_KEY_INFO_free(p8info);
308 }
309
310 return ret;
311 }
312
313 int ossl_prov_write_priv_pem_from_obj(BIO *out, const void *obj, int obj_nid,
314 int (*p2s)(const void *obj, int nid,
315 void **str,
316 int *strtype),
317 int (*k2d)(const void *obj,
318 unsigned char **pder),
319 struct pkcs8_encrypt_ctx_st *ctx)
320 {
321 int ret = 0;
322 void *str = NULL;
323 int strtype = V_ASN1_UNDEF;
324
325 if (p2s != NULL && !p2s(obj, obj_nid, &str, &strtype))
326 return 0;
327
328 if (ctx->cipher_intent) {
329 X509_SIG *p8 = ossl_prov_encp8_from_obj(obj, obj_nid, str, strtype,
330 k2d, ctx);
331
332 if (p8 != NULL)
333 ret = PEM_write_bio_PKCS8(out, p8);
334
335 X509_SIG_free(p8);
336 } else {
337 PKCS8_PRIV_KEY_INFO *p8info =
338 ossl_prov_p8info_from_obj(obj, obj_nid, str, strtype, k2d);
339
340 if (p8info != NULL)
341 ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8info);
342
343 PKCS8_PRIV_KEY_INFO_free(p8info);
344 }
345
346 return ret;
347 }
348
349 int ossl_prov_write_pub_der_from_obj(BIO *out, const void *obj, int obj_nid,
350 int (*p2s)(const void *obj, int nid,
351 void **str,
352 int *strtype),
353 int (*k2d)(const void *obj,
354 unsigned char **pder))
355 {
356 int ret = 0;
357 void *str = NULL;
358 int strtype = V_ASN1_UNDEF;
359 X509_PUBKEY *xpk = NULL;
360
361 if (p2s != NULL && !p2s(obj, obj_nid, &str, &strtype))
362 return 0;
363
364 xpk = ossl_prov_pubkey_from_obj(obj, obj_nid, str, strtype, k2d);
365
366 if (xpk != NULL)
367 ret = i2d_X509_PUBKEY_bio(out, xpk);
368
369 /* Also frees |str| */
370 X509_PUBKEY_free(xpk);
371 return ret;
372 }
373
374 int ossl_prov_write_pub_pem_from_obj(BIO *out, const void *obj, int obj_nid,
375 int (*p2s)(const void *obj, int nid,
376 void **str,
377 int *strtype),
378 int (*k2d)(const void *obj,
379 unsigned char **pder))
380 {
381 int ret = 0;
382 void *str = NULL;
383 int strtype = V_ASN1_UNDEF;
384 X509_PUBKEY *xpk = NULL;
385
386 if (p2s != NULL && !p2s(obj, obj_nid, &str, &strtype))
387 return 0;
388
389 xpk = ossl_prov_pubkey_from_obj(obj, obj_nid, str, strtype, k2d);
390
391 if (xpk != NULL)
392 ret = PEM_write_bio_X509_PUBKEY(out, xpk);
393
394 /* Also frees |str| */
395 X509_PUBKEY_free(xpk);
396 return ret;
397 }
A mirror of the official openssl repository