providers/implementations/serializers/serializer_ec.c

   1 /*
   2  * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <openssl/err.h>
  11 #include "crypto/ec.h"
  12 #include "prov/bio.h"             /* ossl_prov_bio_printf() */
  13 #include "prov/implementations.h" /* ec_keymgmt_functions */
  14 #include "prov/providercommonerr.h" /* PROV_R_MISSING_OID */
  15 #include "serializer_local.h"
  16
  17 void ec_get_new_free_import(OSSL_FUNC_keymgmt_new_fn **ec_new,
  18                             OSSL_FUNC_keymgmt_free_fn **ec_free,
  19                             OSSL_FUNC_keymgmt_import_fn **ec_import)
  20 {
  21     *ec_new = ossl_prov_get_keymgmt_new(ec_keymgmt_functions);
  22     *ec_free = ossl_prov_get_keymgmt_free(ec_keymgmt_functions);
  23     *ec_import = ossl_prov_get_keymgmt_import(ec_keymgmt_functions);
  24 }
  25
  26 static int ossl_prov_print_ec_param(BIO *out, const EC_GROUP *group)
  27 {
  28     const char *curve_name;
  29     int curve_nid = EC_GROUP_get_curve_name(group);
  30
  31     /* TODO(3.0): Explicit parameters are currently not supported */
  32     if (curve_nid == NID_undef)
  33         return 0;
  34
  35     if (BIO_printf(out, "%s: %s\n", "ASN1 OID", OBJ_nid2sn(curve_nid)) <= 0)
  36         return 0;
  37
  38     /* TODO(3.0): Only named curves are currently supported */
  39     curve_name = EC_curve_nid2nist(curve_nid);
  40     return (curve_name == NULL
  41             || BIO_printf(out, "%s: %s\n", "NIST CURVE", curve_name) > 0);
  42 }
  43
  44 int ossl_prov_print_eckey(BIO *out, EC_KEY *eckey, enum ec_print_type type)
  45 {
  46     int ret = 0;
  47     const char *type_label = NULL;
  48     unsigned char *priv = NULL, *pub = NULL;
  49     size_t priv_len = 0, pub_len = 0;
  50     const EC_GROUP *group;
  51
  52     if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL)
  53         goto null_err;
  54
  55     switch (type) {
  56     case ec_print_priv:
  57         type_label = "Private-Key";
  58         break;
  59     case ec_print_pub:
  60         type_label = "Public-Key";
  61         break;
  62     case ec_print_params:
  63         type_label = "EC-Parameters";
  64         break;
  65     }
  66
  67     if (type == ec_print_priv) {
  68         const BIGNUM *priv_key = EC_KEY_get0_private_key(eckey);
  69
  70         if (priv_key == NULL)
  71             goto null_err;
  72         priv_len = EC_KEY_priv2buf(eckey, &priv);
  73         if (priv_len == 0)
  74             goto err;
  75     }
  76
  77     if (type == ec_print_priv || type == ec_print_pub) {
  78         const EC_POINT *pub_pt = EC_KEY_get0_public_key(eckey);
  79
  80         if (pub_pt == NULL)
  81             goto null_err;
  82
  83         pub_len = EC_KEY_key2buf(eckey, EC_KEY_get_conv_form(eckey), &pub, NULL);
  84         if (pub_len == 0)
  85             goto err;
  86     }
  87
  88     if (BIO_printf(out, "%s: (%d bit)\n", type_label,
  89                    EC_GROUP_order_bits(group)) <= 0)
  90         goto err;
  91     if (priv != NULL
  92         && !ossl_prov_print_labeled_buf(out, "priv:", priv, priv_len))
  93         goto err;
  94     if (pub != NULL
  95         && !ossl_prov_print_labeled_buf(out, "pub:", pub, pub_len))
  96         goto err;
  97     ret = ossl_prov_print_ec_param(out, group);
  98 err:
  99     OPENSSL_clear_free(priv, priv_len);
 100     OPENSSL_free(pub);
 101     return ret;
 102 null_err:
 103     ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER);
 104     goto err;
 105 }
 106
 107 int ossl_prov_prepare_ec_params(const void *eckey, int nid,
 108                                 void **pstr, int *pstrtype)
 109 {
 110     int curve_nid;
 111     const EC_GROUP *group = EC_KEY_get0_group(eckey);
 112     ASN1_OBJECT *params;
 113
 114     if (group == NULL
 115         || ((curve_nid = EC_GROUP_get_curve_name(group)) == NID_undef)
 116         || ((params = OBJ_nid2obj(curve_nid)) == NULL)) {
 117         /* TODO(3.0): Explicit curves are not supported */
 118         return 0;
 119     }
 120
 121     if (OBJ_length(params) == 0) {
 122         /* Some curves might not have an associated OID */
 123         ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_OID);
 124         ASN1_OBJECT_free(params);
 125         return 0;
 126     }
 127
 128     *pstr = params;
 129     *pstrtype = V_ASN1_OBJECT;
 130     return 1;
 131 }
 132
 133 int ossl_prov_ec_pub_to_der(const void *eckey, unsigned char **pder)
 134 {
 135     return i2o_ECPublicKey(eckey, pder);
 136 }
 137
 138 int ossl_prov_ec_priv_to_der(const void *veckey, unsigned char **pder)
 139 {
 140     EC_KEY *eckey = (EC_KEY *)veckey;
 141     unsigned int old_flags;
 142     int ret = 0;
 143
 144     /*
 145      * For PKCS8 the curve name appears in the PKCS8_PRIV_KEY_INFO object
 146      * as the pkeyalg->parameter field. (For a named curve this is an OID)
 147      * The pkey field is an octet string that holds the encoded
 148      * ECPrivateKey SEQUENCE with the optional parameters field omitted.
 149      * We omit this by setting the EC_PKEY_NO_PARAMETERS flag.
 150      */
 151     old_flags = EC_KEY_get_enc_flags(eckey); /* save old flags */
 152     EC_KEY_set_enc_flags(eckey, old_flags | EC_PKEY_NO_PARAMETERS);
 153     ret = i2d_ECPrivateKey(eckey, pder);
 154     EC_KEY_set_enc_flags(eckey, old_flags); /* restore old flags */
 155     return ret; /* return the length of the der encoded data */
 156 }