EVP_PKEY_CTRL_GET1_ID_LEN, 0, (void*)id_len);
}
-static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
- int cmd, int p1, void *p2)
-{
- switch (cmd) {
- case EVP_PKEY_CTRL_SET1_ID:
- return evp_pkey_ctx_set1_id_prov(ctx, p2, p1);
- case EVP_PKEY_CTRL_GET1_ID:
- return evp_pkey_ctx_get1_id_prov(ctx, p2);
- case EVP_PKEY_CTRL_GET1_ID_LEN:
- return evp_pkey_ctx_get1_id_len_prov(ctx, p2);
- }
-
- if (keytype == EVP_PKEY_DHX) {
- switch (cmd) {
- case EVP_PKEY_CTRL_DH_KDF_TYPE:
- return EVP_PKEY_CTX_set_dh_kdf_type(ctx, p1);
- case EVP_PKEY_CTRL_DH_KDF_MD:
- return EVP_PKEY_CTX_set_dh_kdf_md(ctx, p2);
- case EVP_PKEY_CTRL_DH_KDF_OUTLEN:
- return EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, p1);
- case EVP_PKEY_CTRL_DH_KDF_UKM:
- return EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p2, p1);
- case EVP_PKEY_CTRL_DH_KDF_OID:
- return EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, p2);
- case EVP_PKEY_CTRL_GET_DH_KDF_MD:
- return EVP_PKEY_CTX_get_dh_kdf_md(ctx, p2);
- case EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN:
- return EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, p2);
- case EVP_PKEY_CTRL_GET_DH_KDF_UKM:
- return EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p2);
- case EVP_PKEY_CTRL_GET_DH_KDF_OID:
- return EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, p2);
- }
- }
- if (keytype == EVP_PKEY_DH) {
- switch (cmd) {
- case EVP_PKEY_CTRL_DH_PAD:
- return EVP_PKEY_CTX_set_dh_pad(ctx, p1);
- case EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN:
- return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, p1);
- case EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN:
- return EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, p1);
- case EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR:
- return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, p1);
- case EVP_PKEY_CTRL_DH_PARAMGEN_TYPE:
- return EVP_PKEY_CTX_set_dh_paramgen_type(ctx, p1);
- case EVP_PKEY_CTRL_DH_RFC5114:
- return EVP_PKEY_CTX_set_dh_rfc5114(ctx, p1);
- }
- }
- if (keytype == EVP_PKEY_DSA) {
- switch (cmd) {
- case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
- return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, p1);
- case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS:
- return EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, p1);
- case EVP_PKEY_CTRL_DSA_PARAMGEN_MD:
- return EVP_PKEY_CTX_set_dsa_paramgen_md(ctx, p2);
- }
- }
- if (keytype == EVP_PKEY_EC) {
- switch (cmd) {
- case EVP_PKEY_CTRL_EC_PARAM_ENC:
- return evp_pkey_ctx_set_ec_param_enc_prov(ctx, p1);
- case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID:
- return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, p1);
- case EVP_PKEY_CTRL_EC_ECDH_COFACTOR:
- if (p1 == -2) {
- return EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx);
- } else if (p1 < -1 || p1 > 1) {
- /* Uses the same return values as EVP_PKEY_CTX_ctrl */
- return -2;
- } else {
- return EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, p1);
- }
- case EVP_PKEY_CTRL_EC_KDF_TYPE:
- if (p1 == -2) {
- return EVP_PKEY_CTX_get_ecdh_kdf_type(ctx);
- } else {
- return EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, p1);
- }
- case EVP_PKEY_CTRL_GET_EC_KDF_MD:
- return EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, p2);
- case EVP_PKEY_CTRL_EC_KDF_MD:
- return EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, p2);
- case EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN:
- return EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, p2);
- case EVP_PKEY_CTRL_EC_KDF_OUTLEN:
- return EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, p1);
- case EVP_PKEY_CTRL_GET_EC_KDF_UKM:
- return EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p2);
- case EVP_PKEY_CTRL_EC_KDF_UKM:
- return EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p2, p1);
- }
- }
- if (keytype == EVP_PKEY_RSA) {
- switch (cmd) {
- case EVP_PKEY_CTRL_RSA_OAEP_MD:
- return EVP_PKEY_CTX_set_rsa_oaep_md(ctx, p2);
- case EVP_PKEY_CTRL_GET_RSA_OAEP_MD:
- return EVP_PKEY_CTX_get_rsa_oaep_md(ctx, p2);
- case EVP_PKEY_CTRL_RSA_MGF1_MD:
- return EVP_PKEY_CTX_set_rsa_oaep_md(ctx, p2);
- case EVP_PKEY_CTRL_RSA_OAEP_LABEL:
- return EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, p2, p1);
- case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL:
- return EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, (unsigned char **)p2);
- case EVP_PKEY_CTRL_RSA_KEYGEN_BITS:
- return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, p1);
- case EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP:
- return EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, p2);
- case EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES:
- return EVP_PKEY_CTX_set_rsa_keygen_primes(ctx, p1);
- }
- }
-
- if (keytype == EVP_PKEY_RSA_PSS) {
- switch(cmd) {
- case EVP_PKEY_CTRL_MD:
- return EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, p2);
- }
- }
-
- /*
- * keytype == -1 is used when several key types share the same structure,
- * or for generic controls that are the same across multiple key types.
- */
- if (keytype == -1) {
- if (optype == EVP_PKEY_OP_DERIVE) {
- switch (cmd) {
- /* TLS1-PRF */
- case EVP_PKEY_CTRL_TLS_MD:
- return EVP_PKEY_CTX_set_tls1_prf_md(ctx, p2);
- case EVP_PKEY_CTRL_TLS_SECRET:
- return EVP_PKEY_CTX_set1_tls1_prf_secret(ctx, p2, p1);
- case EVP_PKEY_CTRL_TLS_SEED:
- return EVP_PKEY_CTX_add1_tls1_prf_seed(ctx, p2, p1);
-
- /* HKDF */
- case EVP_PKEY_CTRL_HKDF_MD:
- return EVP_PKEY_CTX_set_hkdf_md(ctx, p2);
- case EVP_PKEY_CTRL_HKDF_SALT :
- return EVP_PKEY_CTX_set1_hkdf_salt(ctx, p2, p1);
- case EVP_PKEY_CTRL_HKDF_KEY:
- return EVP_PKEY_CTX_set1_hkdf_key(ctx, p2, p1);
- case EVP_PKEY_CTRL_HKDF_INFO:
- return EVP_PKEY_CTX_add1_hkdf_info(ctx, p2, p1);
- case EVP_PKEY_CTRL_HKDF_MODE:
- return EVP_PKEY_CTX_hkdf_mode(ctx, p1);
-
- /* Scrypt */
- case EVP_PKEY_CTRL_PASS:
- return EVP_PKEY_CTX_set1_pbe_pass(ctx, p2, p1);
- case EVP_PKEY_CTRL_SCRYPT_SALT:
- return EVP_PKEY_CTX_set1_scrypt_salt(ctx, p2, p1);
- case EVP_PKEY_CTRL_SCRYPT_N:
- return EVP_PKEY_CTX_set_scrypt_N(ctx, p1);
- case EVP_PKEY_CTRL_SCRYPT_R:
- return EVP_PKEY_CTX_set_scrypt_r(ctx, p1);
- case EVP_PKEY_CTRL_SCRYPT_P:
- return EVP_PKEY_CTX_set_scrypt_p(ctx, p1);
- case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES:
- return EVP_PKEY_CTX_set_scrypt_maxmem_bytes(ctx, p1);
- }
- } else if (optype == EVP_PKEY_OP_KEYGEN) {
- OSSL_PARAM params[2], *p = params;
-
- switch (cmd) {
- case EVP_PKEY_CTRL_CIPHER:
- {
- char *ciphname = (char *)EVP_CIPHER_name(p2);
-
- *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_CIPHER,
- ciphname, 0);
- *p = OSSL_PARAM_construct_end();
-
- return EVP_PKEY_CTX_set_params(ctx, params);
- }
- case EVP_PKEY_CTRL_SET_MAC_KEY:
- {
- *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
- p2, p1);
- *p = OSSL_PARAM_construct_end();
-
- return EVP_PKEY_CTX_set_params(ctx, params);
- }
- }
- }
- switch (cmd) {
- case EVP_PKEY_CTRL_MD:
- return EVP_PKEY_CTX_set_signature_md(ctx, p2);
- case EVP_PKEY_CTRL_GET_MD:
- return EVP_PKEY_CTX_get_signature_md(ctx, p2);
- case EVP_PKEY_CTRL_RSA_PADDING:
- return EVP_PKEY_CTX_set_rsa_padding(ctx, p1);
- case EVP_PKEY_CTRL_GET_RSA_PADDING:
- return EVP_PKEY_CTX_get_rsa_padding(ctx, p2);
- case EVP_PKEY_CTRL_GET_RSA_MGF1_MD:
- return EVP_PKEY_CTX_get_rsa_oaep_md(ctx, p2);
- case EVP_PKEY_CTRL_RSA_PSS_SALTLEN:
- return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, p1);
- case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN:
- return EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, p2);
- case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
- case EVP_PKEY_CTRL_PKCS7_DECRYPT:
-# ifndef OPENSSL_NO_CMS
- case EVP_PKEY_CTRL_CMS_DECRYPT:
- case EVP_PKEY_CTRL_CMS_ENCRYPT:
-# endif
- /* TODO (3.0) Temporary hack, this should probe */
- if (!EVP_PKEY_is_a(EVP_PKEY_CTX_get0_pkey(ctx), "RSASSA-PSS"))
- return 1;
- ERR_raise(ERR_LIB_EVP,
- EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
- return -2;
- }
- }
-
- /*
- * GOST CMS format is different for different cipher algorithms.
- * Most of other algorithms don't have such a difference
- * so this ctrl is just ignored.
- */
- if (cmd == EVP_PKEY_CTRL_CIPHER)
- return -2;
-
- return 0;
-}
-
static int evp_pkey_ctx_ctrl_int(EVP_PKEY_CTX *ctx, int keytype, int optype,
int cmd, int p1, void *p2)
{
switch (evp_pkey_ctx_state(ctx)) {
case EVP_PKEY_STATE_PROVIDER:
- return legacy_ctrl_to_param(ctx, keytype, optype, cmd, p1, p2);
+ return evp_pkey_ctx_ctrl_to_param(ctx, keytype, optype, cmd, p1, p2);
case EVP_PKEY_STATE_UNKNOWN:
case EVP_PKEY_STATE_LEGACY:
if (ctx->pmeth == NULL || ctx->pmeth->ctrl == NULL) {
return EVP_PKEY_CTX_ctrl(ctx, keytype, optype, cmd, 0, &value);
}
-static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name,
- const char *value)
-{
- if (strcmp(name, "md") == 0)
- name = OSSL_ALG_PARAM_DIGEST;
- else if (strcmp(name, "rsa_padding_mode") == 0)
- name = OSSL_ASYM_CIPHER_PARAM_PAD_MODE;
- else if (strcmp(name, "rsa_mgf1_md") == 0)
- name = OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST;
- else if (strcmp(name, "rsa_oaep_md") == 0)
- name = OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST;
- else if (strcmp(name, "rsa_oaep_label") == 0)
- name = OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL;
- else if (strcmp(name, "rsa_pss_saltlen") == 0)
- name = OSSL_SIGNATURE_PARAM_PSS_SALTLEN;
- else if (strcmp(name, "rsa_keygen_bits") == 0)
- name = OSSL_PKEY_PARAM_RSA_BITS;
- else if (strcmp(name, "rsa_keygen_pubexp") == 0)
- name = OSSL_PKEY_PARAM_RSA_E;
- else if (strcmp(name, "rsa_keygen_primes") == 0)
- name = OSSL_PKEY_PARAM_RSA_PRIMES;
- else if (strcmp(name, "rsa_pss_keygen_md") == 0)
- name = OSSL_PKEY_PARAM_RSA_DIGEST;
- else if (strcmp(name, "rsa_pss_keygen_mgf1_md") == 0)
- name = OSSL_PKEY_PARAM_RSA_MGF1_DIGEST;
- else if (strcmp(name, "rsa_pss_keygen_saltlen") == 0)
- name = OSSL_PKEY_PARAM_RSA_PSS_SALTLEN;
- else if (strcmp(name, "dsa_paramgen_bits") == 0)
- name = OSSL_PKEY_PARAM_FFC_PBITS;
- else if (strcmp(name, "dsa_paramgen_q_bits") == 0)
- name = OSSL_PKEY_PARAM_FFC_QBITS;
- else if (strcmp(name, "dsa_paramgen_md") == 0)
- name = OSSL_PKEY_PARAM_FFC_DIGEST;
- else if (strcmp(name, "dh_paramgen_generator") == 0)
- name = OSSL_PKEY_PARAM_DH_GENERATOR;
- else if (strcmp(name, "dh_paramgen_prime_len") == 0)
- name = OSSL_PKEY_PARAM_FFC_PBITS;
- else if (strcmp(name, "dh_paramgen_subprime_len") == 0)
- name = OSSL_PKEY_PARAM_FFC_QBITS;
- else if (strcmp(name, "dh_paramgen_type") == 0) {
- name = OSSL_PKEY_PARAM_FFC_TYPE;
- value = dh_gen_type_id2name(atoi(value));
- } else if (strcmp(name, "dh_param") == 0)
- name = OSSL_PKEY_PARAM_GROUP_NAME;
- else if (strcmp(name, "dh_rfc5114") == 0) {
- int num = atoi(value);
-
- name = OSSL_PKEY_PARAM_GROUP_NAME;
- value =
- ossl_ffc_named_group_get_name(ossl_ffc_uid_to_dh_named_group(num));
- } else if (strcmp(name, "dh_pad") == 0)
- name = OSSL_EXCHANGE_PARAM_PAD;
- else if (strcmp(name, "ec_paramgen_curve") == 0)
- name = OSSL_PKEY_PARAM_GROUP_NAME;
- else if (strcmp(name, "ecdh_cofactor_mode") == 0)
- name = OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE;
- else if (strcmp(name, "ecdh_kdf_md") == 0)
- name = OSSL_EXCHANGE_PARAM_KDF_DIGEST;
- else if (strcmp(name, "ec_param_enc") == 0)
- name = OSSL_PKEY_PARAM_EC_ENCODING;
- else if (strcmp(name, "N") == 0)
- name = OSSL_KDF_PARAM_SCRYPT_N;
-
- {
- /*
- * TODO(3.0) reduce the code above to only translate known legacy
- * string to the corresponding core name (see core_names.h), but
- * otherwise leave it to this code block to do the actual work.
- */
- const OSSL_PARAM *settable = EVP_PKEY_CTX_settable_params(ctx);
- OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- int rv = 0;
- int exists = 0;
-
- if (!OSSL_PARAM_allocate_from_text(¶ms[0], settable, name, value,
- strlen(value), &exists)) {
- if (!exists) {
- ERR_raise_data(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED,
- "name=%s,value=%s", name, value);
- return -2;
- }
- return 0;
- }
- if (EVP_PKEY_CTX_set_params(ctx, params))
- rv = 1;
- OPENSSL_free(params[0].data);
- return rv;
- }
-}
-
static int evp_pkey_ctx_ctrl_str_int(EVP_PKEY_CTX *ctx,
const char *name, const char *value)
{
switch (evp_pkey_ctx_state(ctx)) {
case EVP_PKEY_STATE_PROVIDER:
- return legacy_ctrl_str_to_param(ctx, name, value);
+ return evp_pkey_ctx_ctrl_str_to_param(ctx, name, value);
case EVP_PKEY_STATE_UNKNOWN:
case EVP_PKEY_STATE_LEGACY:
if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->ctrl_str == NULL) {
projects / thirdparty / openssl.git / blobdiff