]>
Commit | Line | Data |
---|---|---|
8ae40cf5 RL |
1 | /* |
2 | * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | /* | |
11 | * Low level APIs are deprecated for public use, but still ok for internal use. | |
12 | */ | |
13 | #include "internal/deprecated.h" | |
14 | ||
15 | #include <openssl/core.h> | |
16 | #include <openssl/core_dispatch.h> | |
17 | #include <openssl/core_names.h> | |
18 | #include <openssl/crypto.h> | |
19 | #include <openssl/params.h> | |
20 | #include <openssl/asn1.h> | |
21 | #include <openssl/err.h> | |
22 | #include <openssl/pem.h> | |
23 | #include <openssl/x509.h> | |
24 | #include <openssl/pkcs12.h> /* PKCS8_encrypt() */ | |
25 | #include <openssl/dh.h> | |
26 | #include <openssl/dsa.h> | |
27 | #include <openssl/ec.h> | |
28 | #include "internal/passphrase.h" | |
29 | #include "internal/cryptlib.h" | |
30 | #include "crypto/ecx.h" | |
31 | #include "crypto/rsa.h" | |
32 | #include "prov/implementations.h" | |
33 | #include "prov/providercommonerr.h" | |
34 | #include "prov/bio.h" | |
35 | #include "prov/provider_ctx.h" | |
36 | #include "prov/der_rsa.h" | |
37 | #include "endecoder_local.h" | |
38 | ||
39 | struct key2any_ctx_st { | |
40 | PROV_CTX *provctx; | |
41 | ||
42 | /* Set to 1 if intending to encrypt/decrypt, otherwise 0 */ | |
43 | int cipher_intent; | |
44 | ||
45 | EVP_CIPHER *cipher; | |
46 | ||
47 | struct ossl_passphrase_data_st pwdata; | |
48 | }; | |
49 | ||
50 | typedef int key_to_paramstring_fn(const void *key, int nid, | |
51 | void **str, int *strtype); | |
52 | typedef int key_to_der_fn(BIO *out, const void *key, int key_nid, | |
53 | key_to_paramstring_fn *p2s, i2d_of_void *k2d, | |
54 | struct key2any_ctx_st *ctx); | |
55 | typedef int write_bio_of_void_fn(BIO *bp, const void *x); | |
56 | ||
57 | static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid, | |
58 | void *params, int params_type, | |
59 | i2d_of_void *k2d) | |
60 | { | |
61 | /* der, derlen store the key DER output and its length */ | |
62 | unsigned char *der = NULL; | |
63 | int derlen; | |
64 | /* The final PKCS#8 info */ | |
65 | PKCS8_PRIV_KEY_INFO *p8info = NULL; | |
66 | ||
67 | ||
68 | if ((p8info = PKCS8_PRIV_KEY_INFO_new()) == NULL | |
69 | || (derlen = k2d(key, &der)) <= 0 | |
70 | || !PKCS8_pkey_set0(p8info, OBJ_nid2obj(key_nid), 0, | |
71 | params_type, params, der, derlen)) { | |
72 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
73 | PKCS8_PRIV_KEY_INFO_free(p8info); | |
74 | OPENSSL_free(der); | |
75 | p8info = NULL; | |
76 | } | |
77 | ||
78 | return p8info; | |
79 | } | |
80 | ||
81 | static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info, | |
82 | struct key2any_ctx_st *ctx) | |
83 | { | |
84 | X509_SIG *p8 = NULL; | |
85 | char kstr[PEM_BUFSIZE]; | |
86 | size_t klen = 0; | |
87 | ||
88 | if (ctx->cipher == NULL) | |
89 | return NULL; | |
90 | ||
91 | if (!ossl_pw_get_passphrase(kstr, sizeof(kstr), &klen, NULL, 1, | |
92 | &ctx->pwdata)) { | |
93 | ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY); | |
94 | return NULL; | |
95 | } | |
96 | /* First argument == -1 means "standard" */ | |
97 | p8 = PKCS8_encrypt(-1, ctx->cipher, kstr, klen, NULL, 0, 0, p8info); | |
98 | OPENSSL_cleanse(kstr, klen); | |
99 | return p8; | |
100 | } | |
101 | ||
102 | static X509_SIG *key_to_encp8(const void *key, int key_nid, | |
103 | void *params, int params_type, | |
104 | i2d_of_void *k2d, struct key2any_ctx_st *ctx) | |
105 | { | |
106 | PKCS8_PRIV_KEY_INFO *p8info = | |
107 | key_to_p8info(key, key_nid, params, params_type, k2d); | |
108 | X509_SIG *p8 = p8info_to_encp8(p8info, ctx); | |
109 | ||
110 | PKCS8_PRIV_KEY_INFO_free(p8info); | |
111 | return p8; | |
112 | } | |
113 | ||
114 | static X509_PUBKEY *key_to_pubkey(const void *key, int key_nid, | |
115 | void *params, int params_type, | |
116 | i2d_of_void k2d) | |
117 | { | |
118 | /* der, derlen store the key DER output and its length */ | |
119 | unsigned char *der = NULL; | |
120 | int derlen; | |
121 | /* The final X509_PUBKEY */ | |
122 | X509_PUBKEY *xpk = NULL; | |
123 | ||
124 | ||
125 | if ((xpk = X509_PUBKEY_new()) == NULL | |
126 | || (derlen = k2d(key, &der)) <= 0 | |
127 | || !X509_PUBKEY_set0_param(xpk, OBJ_nid2obj(key_nid), | |
128 | params_type, params, der, derlen)) { | |
129 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
130 | X509_PUBKEY_free(xpk); | |
131 | OPENSSL_free(der); | |
132 | xpk = NULL; | |
133 | } | |
134 | ||
135 | return xpk; | |
136 | } | |
137 | ||
138 | static int key_to_der_pkcs8_bio(BIO *out, const void *key, int key_nid, | |
139 | key_to_paramstring_fn *p2s, i2d_of_void *k2d, | |
140 | struct key2any_ctx_st *ctx) | |
141 | { | |
142 | int ret = 0; | |
143 | void *str = NULL; | |
144 | int strtype = V_ASN1_UNDEF; | |
145 | ||
146 | if (p2s != NULL && !p2s(key, key_nid, &str, &strtype)) | |
147 | return 0; | |
148 | ||
149 | if (ctx->cipher_intent) { | |
150 | X509_SIG *p8 = key_to_encp8(key, key_nid, str, strtype, k2d, ctx); | |
151 | ||
152 | if (p8 != NULL) | |
153 | ret = i2d_PKCS8_bio(out, p8); | |
154 | ||
155 | X509_SIG_free(p8); | |
156 | } else { | |
157 | PKCS8_PRIV_KEY_INFO *p8info = | |
158 | key_to_p8info(key, key_nid, str, strtype, k2d); | |
159 | ||
160 | if (p8info != NULL) | |
161 | ret = i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8info); | |
162 | ||
163 | PKCS8_PRIV_KEY_INFO_free(p8info); | |
164 | } | |
165 | ||
166 | return ret; | |
167 | } | |
168 | ||
169 | static int key_to_pem_pkcs8_bio(BIO *out, const void *key, int key_nid, | |
170 | key_to_paramstring_fn *p2s, i2d_of_void *k2d, | |
171 | struct key2any_ctx_st *ctx) | |
172 | { | |
173 | int ret = 0; | |
174 | void *str = NULL; | |
175 | int strtype = V_ASN1_UNDEF; | |
176 | ||
177 | if (p2s != NULL && !p2s(key, key_nid, &str, &strtype)) | |
178 | return 0; | |
179 | ||
180 | if (ctx->cipher_intent) { | |
181 | X509_SIG *p8 = key_to_encp8(key, key_nid, str, strtype, k2d, ctx); | |
182 | ||
183 | if (p8 != NULL) | |
184 | ret = PEM_write_bio_PKCS8(out, p8); | |
185 | ||
186 | X509_SIG_free(p8); | |
187 | } else { | |
188 | PKCS8_PRIV_KEY_INFO *p8info = | |
189 | key_to_p8info(key, key_nid, str, strtype, k2d); | |
190 | ||
191 | if (p8info != NULL) | |
192 | ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8info); | |
193 | ||
194 | PKCS8_PRIV_KEY_INFO_free(p8info); | |
195 | } | |
196 | ||
197 | return ret; | |
198 | } | |
199 | ||
200 | static int key_to_der_pubkey_bio(BIO *out, const void *key, int key_nid, | |
201 | key_to_paramstring_fn *p2s, i2d_of_void *k2d, | |
202 | struct key2any_ctx_st *ctx) | |
203 | { | |
204 | int ret = 0; | |
205 | void *str = NULL; | |
206 | int strtype = V_ASN1_UNDEF; | |
207 | X509_PUBKEY *xpk = NULL; | |
208 | ||
209 | if (p2s != NULL && !p2s(key, key_nid, &str, &strtype)) | |
210 | return 0; | |
211 | ||
212 | xpk = key_to_pubkey(key, key_nid, str, strtype, k2d); | |
213 | ||
214 | if (xpk != NULL) | |
215 | ret = i2d_X509_PUBKEY_bio(out, xpk); | |
216 | ||
217 | /* Also frees |str| */ | |
218 | X509_PUBKEY_free(xpk); | |
219 | return ret; | |
220 | } | |
221 | ||
222 | static int key_to_pem_pubkey_bio(BIO *out, const void *key, int key_nid, | |
223 | key_to_paramstring_fn *p2s, i2d_of_void *k2d, | |
224 | struct key2any_ctx_st *ctx) | |
225 | { | |
226 | int ret = 0; | |
227 | void *str = NULL; | |
228 | int strtype = V_ASN1_UNDEF; | |
229 | X509_PUBKEY *xpk = NULL; | |
230 | ||
231 | if (p2s != NULL && !p2s(key, key_nid, &str, &strtype)) | |
232 | return 0; | |
233 | ||
234 | xpk = key_to_pubkey(key, key_nid, str, strtype, k2d); | |
235 | ||
236 | if (xpk != NULL) | |
237 | ret = PEM_write_bio_X509_PUBKEY(out, xpk); | |
238 | ||
239 | /* Also frees |str| */ | |
240 | X509_PUBKEY_free(xpk); | |
241 | return ret; | |
242 | } | |
243 | ||
244 | /* ---------------------------------------------------------------------- */ | |
245 | ||
246 | #ifndef OPENSSL_NO_DH | |
247 | # define dh_param_selection OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS | |
248 | # define dh_pub_selection (OSSL_KEYMGMT_SELECT_PUBLIC_KEY \ | |
249 | | dh_param_selection) | |
250 | # define dh_priv_selection (OSSL_KEYMGMT_SELECT_KEYPAIR \ | |
251 | | dh_param_selection) | |
252 | ||
253 | static int dh_type_to_evp(const DH *dh) | |
254 | { | |
255 | return DH_test_flags(dh, DH_FLAG_TYPE_DHX) ? EVP_PKEY_DHX : EVP_PKEY_DH; | |
256 | } | |
257 | ||
258 | static int prepare_dh_params(const void *dh, int nid, | |
259 | void **pstr, int *pstrtype) | |
260 | { | |
261 | ASN1_STRING *params = ASN1_STRING_new(); | |
262 | ||
263 | if (params == NULL) { | |
264 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
265 | return 0; | |
266 | } | |
267 | ||
268 | if (nid == EVP_PKEY_DHX) | |
269 | params->length = i2d_DHxparams(dh, ¶ms->data); | |
270 | else | |
271 | params->length = i2d_DHparams(dh, ¶ms->data); | |
272 | ||
273 | if (params->length <= 0) { | |
274 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
275 | ASN1_STRING_free(params); | |
276 | return 0; | |
277 | } | |
278 | params->type = V_ASN1_SEQUENCE; | |
279 | ||
280 | *pstr = params; | |
281 | *pstrtype = V_ASN1_SEQUENCE; | |
282 | return 1; | |
283 | } | |
284 | ||
285 | static int dh_pub_to_der(const void *dh, unsigned char **pder) | |
286 | { | |
287 | const BIGNUM *bn = NULL; | |
288 | ASN1_INTEGER *pub_key = NULL; | |
289 | int ret; | |
290 | ||
291 | if ((bn = DH_get0_pub_key(dh)) == NULL) { | |
292 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); | |
293 | return 0; | |
294 | } | |
295 | if ((pub_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { | |
296 | ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); | |
297 | return 0; | |
298 | } | |
299 | ||
300 | ret = i2d_ASN1_INTEGER(pub_key, pder); | |
301 | ||
302 | ASN1_STRING_clear_free(pub_key); | |
303 | return ret; | |
304 | } | |
305 | ||
306 | static int dh_priv_to_der(const void *dh, unsigned char **pder) | |
307 | { | |
308 | const BIGNUM *bn = NULL; | |
309 | ASN1_INTEGER *priv_key = NULL; | |
310 | int ret; | |
311 | ||
312 | if ((bn = DH_get0_priv_key(dh)) == NULL) { | |
313 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); | |
314 | return 0; | |
315 | } | |
316 | if ((priv_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { | |
317 | ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); | |
318 | return 0; | |
319 | } | |
320 | ||
321 | ret = i2d_ASN1_INTEGER(priv_key, pder); | |
322 | ||
323 | ASN1_STRING_clear_free(priv_key); | |
324 | return ret; | |
325 | } | |
326 | ||
327 | static int dh_params_to_der_bio(BIO *out, const void *key) | |
328 | { | |
329 | return i2d_DHparams_bio(out, key); | |
330 | } | |
331 | ||
332 | static int dh_params_to_pem_bio(BIO *out, const void *key) | |
333 | { | |
334 | return PEM_write_bio_DHparams(out, key); | |
335 | } | |
336 | #endif | |
337 | ||
338 | /* ---------------------------------------------------------------------- */ | |
339 | ||
340 | #ifndef OPENSSL_NO_DSA | |
341 | # define dsa_param_selection OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS | |
342 | # define dsa_pub_selection (OSSL_KEYMGMT_SELECT_PUBLIC_KEY \ | |
343 | | dsa_param_selection) | |
344 | # define dsa_priv_selection (OSSL_KEYMGMT_SELECT_KEYPAIR \ | |
345 | | dsa_param_selection) | |
346 | ||
347 | # define dsa_type_to_evp(key) EVP_PKEY_DSA | |
348 | ||
349 | static int prepare_some_dsa_params(const void *dsa, int nid, | |
350 | void **pstr, int *pstrtype) | |
351 | { | |
352 | ASN1_STRING *params = ASN1_STRING_new(); | |
353 | ||
354 | if (params == NULL) { | |
355 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
356 | return 0; | |
357 | } | |
358 | ||
359 | params->length = i2d_DSAparams(dsa, ¶ms->data); | |
360 | ||
361 | if (params->length <= 0) { | |
362 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
363 | ASN1_STRING_free(params); | |
364 | return 0; | |
365 | } | |
366 | ||
367 | *pstrtype = V_ASN1_SEQUENCE; | |
368 | *pstr = params; | |
369 | return 1; | |
370 | } | |
371 | ||
372 | static int prepare_all_dsa_params(const void *dsa, int nid, | |
373 | void **pstr, int *pstrtype) | |
374 | { | |
375 | const BIGNUM *p = DSA_get0_p(dsa); | |
376 | const BIGNUM *q = DSA_get0_q(dsa); | |
377 | const BIGNUM *g = DSA_get0_g(dsa); | |
378 | ||
379 | if (p != NULL && q != NULL && g != NULL) | |
380 | return prepare_some_dsa_params(dsa, nid, pstr, pstrtype); | |
381 | ||
382 | *pstr = NULL; | |
383 | *pstrtype = V_ASN1_UNDEF; | |
384 | return 1; | |
385 | } | |
386 | ||
387 | static int prepare_dsa_params(const void *dsa, int nid, | |
388 | void **pstr, int *pstrtype) | |
389 | { | |
390 | /* | |
391 | * TODO(v3.0) implement setting save_parameters, see dsa_pub_encode() | |
392 | * in crypto/dsa/dsa_ameth.c | |
393 | */ | |
394 | int save_parameters = 1; | |
395 | ||
396 | return save_parameters | |
397 | ? prepare_all_dsa_params(dsa, nid, pstr, pstrtype) | |
398 | : prepare_some_dsa_params(dsa, nid, pstr, pstrtype); | |
399 | } | |
400 | ||
401 | static int dsa_pub_to_der(const void *dsa, unsigned char **pder) | |
402 | { | |
403 | const BIGNUM *bn = NULL; | |
404 | ASN1_INTEGER *pub_key = NULL; | |
405 | int ret; | |
406 | ||
407 | if ((bn = DSA_get0_pub_key(dsa)) == NULL) { | |
408 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); | |
409 | return 0; | |
410 | } | |
411 | if ((pub_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { | |
412 | ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); | |
413 | return 0; | |
414 | } | |
415 | ||
416 | ret = i2d_ASN1_INTEGER(pub_key, pder); | |
417 | ||
418 | ASN1_STRING_clear_free(pub_key); | |
419 | return ret; | |
420 | } | |
421 | ||
422 | static int dsa_priv_to_der(const void *dsa, unsigned char **pder) | |
423 | { | |
424 | const BIGNUM *bn = NULL; | |
425 | ASN1_INTEGER *priv_key = NULL; | |
426 | int ret; | |
427 | ||
428 | if ((bn = DSA_get0_priv_key(dsa)) == NULL) { | |
429 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); | |
430 | return 0; | |
431 | } | |
432 | if ((priv_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { | |
433 | ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); | |
434 | return 0; | |
435 | } | |
436 | ||
437 | ret = i2d_ASN1_INTEGER(priv_key, pder); | |
438 | ||
439 | ASN1_STRING_clear_free(priv_key); | |
440 | return ret; | |
441 | } | |
442 | ||
443 | static int dsa_params_to_der_bio(BIO *out, const void *key) | |
444 | { | |
445 | return i2d_DSAparams_bio(out, key); | |
446 | } | |
447 | ||
448 | static int dsa_params_to_pem_bio(BIO *out, const void *key) | |
449 | { | |
450 | return PEM_write_bio_DSAparams(out, key); | |
451 | } | |
452 | #endif | |
453 | ||
454 | /* ---------------------------------------------------------------------- */ | |
455 | ||
456 | #ifndef OPENSSL_NO_EC | |
457 | # define ec_param_selection OSSL_KEYMGMT_SELECT_ALL_PARAMETERS | |
458 | # define ec_pub_selection (OSSL_KEYMGMT_SELECT_PUBLIC_KEY \ | |
459 | | ec_param_selection) | |
460 | # define ec_priv_selection (OSSL_KEYMGMT_SELECT_KEYPAIR \ | |
461 | | ec_param_selection) | |
462 | ||
463 | # define ec_type_to_evp(key) EVP_PKEY_EC | |
464 | ||
465 | static int prepare_ec_explicit_params(const void *eckey, | |
466 | void **pstr, int *pstrtype) | |
467 | { | |
468 | ASN1_STRING *params = ASN1_STRING_new(); | |
469 | ||
470 | if (params == NULL) { | |
471 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
472 | return 0; | |
473 | } | |
474 | ||
475 | params->length = i2d_ECParameters(eckey, ¶ms->data); | |
476 | if (params->length <= 0) { | |
477 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
478 | ASN1_STRING_free(params); | |
479 | return 0; | |
480 | } | |
481 | ||
482 | *pstrtype = V_ASN1_SEQUENCE; | |
483 | *pstr = params; | |
484 | return 1; | |
485 | } | |
486 | ||
487 | static int prepare_ec_params(const void *eckey, int nid, | |
488 | void **pstr, int *pstrtype) | |
489 | { | |
490 | int curve_nid; | |
491 | const EC_GROUP *group = EC_KEY_get0_group(eckey); | |
492 | ASN1_OBJECT *params = NULL; | |
493 | ||
494 | if (group == NULL) | |
495 | return 0; | |
496 | curve_nid = EC_GROUP_get_curve_name(group); | |
497 | if (curve_nid != NID_undef) { | |
498 | params = OBJ_nid2obj(curve_nid); | |
499 | if (params == NULL) | |
500 | return 0; | |
501 | } | |
502 | ||
503 | if (curve_nid != NID_undef | |
504 | && (EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE)) { | |
505 | if (OBJ_length(params) == 0) { | |
506 | /* Some curves might not have an associated OID */ | |
507 | ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_OID); | |
508 | ASN1_OBJECT_free(params); | |
509 | return 0; | |
510 | } | |
511 | *pstr = params; | |
512 | *pstrtype = V_ASN1_OBJECT; | |
513 | return 1; | |
514 | } else { | |
515 | return prepare_ec_explicit_params(eckey, pstr, pstrtype); | |
516 | } | |
517 | } | |
518 | ||
519 | static int ec_params_to_der_bio(BIO *out, const void *eckey) | |
520 | { | |
521 | return i2d_ECPKParameters_bio(out, EC_KEY_get0_group(eckey)); | |
522 | } | |
523 | ||
524 | static int ec_params_to_pem_bio(BIO *out, const void *eckey) | |
525 | { | |
526 | return PEM_write_bio_ECPKParameters(out, EC_KEY_get0_group(eckey)); | |
527 | } | |
528 | ||
529 | static int ec_pub_to_der(const void *eckey, unsigned char **pder) | |
530 | { | |
531 | return i2o_ECPublicKey(eckey, pder); | |
532 | } | |
533 | ||
534 | static int ec_priv_to_der(const void *veckey, unsigned char **pder) | |
535 | { | |
536 | EC_KEY *eckey = (EC_KEY *)veckey; | |
537 | unsigned int old_flags; | |
538 | int ret = 0; | |
539 | ||
540 | /* | |
541 | * For PKCS8 the curve name appears in the PKCS8_PRIV_KEY_INFO object | |
542 | * as the pkeyalg->parameter field. (For a named curve this is an OID) | |
543 | * The pkey field is an octet string that holds the encoded | |
544 | * ECPrivateKey SEQUENCE with the optional parameters field omitted. | |
545 | * We omit this by setting the EC_PKEY_NO_PARAMETERS flag. | |
546 | */ | |
547 | old_flags = EC_KEY_get_enc_flags(eckey); /* save old flags */ | |
548 | EC_KEY_set_enc_flags(eckey, old_flags | EC_PKEY_NO_PARAMETERS); | |
549 | ret = i2d_ECPrivateKey(eckey, pder); | |
550 | EC_KEY_set_enc_flags(eckey, old_flags); /* restore old flags */ | |
551 | return ret; /* return the length of the der encoded data */ | |
552 | } | |
553 | #endif | |
554 | ||
555 | /* ---------------------------------------------------------------------- */ | |
556 | ||
557 | #ifndef OPENSSL_NO_EC | |
558 | # define ecx_pub_selection OSSL_KEYMGMT_SELECT_PUBLIC_KEY | |
559 | # define ecx_priv_selection OSSL_KEYMGMT_SELECT_KEYPAIR | |
560 | ||
561 | # define ed25519_type_to_evp(key) EVP_PKEY_ED25519 | |
562 | # define ed448_type_to_evp(key) EVP_PKEY_ED448 | |
563 | # define x25519_type_to_evp(key) EVP_PKEY_X25519 | |
564 | # define x448_type_to_evp(key) EVP_PKEY_X448 | |
565 | ||
566 | # define prepare_ecx_params NULL | |
567 | ||
568 | static int ecx_pub_to_der(const void *vecxkey, unsigned char **pder) | |
569 | { | |
570 | const ECX_KEY *ecxkey = vecxkey; | |
571 | unsigned char *keyblob; | |
572 | ||
573 | if (ecxkey == NULL) { | |
574 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); | |
575 | return 0; | |
576 | } | |
577 | ||
578 | keyblob = OPENSSL_memdup(ecxkey->pubkey, ecxkey->keylen); | |
579 | if (keyblob == NULL) { | |
580 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
581 | return 0; | |
582 | } | |
583 | ||
584 | *pder = keyblob; | |
585 | return ecxkey->keylen; | |
586 | } | |
587 | ||
588 | static int ecx_priv_to_der(const void *vecxkey, unsigned char **pder) | |
589 | { | |
590 | const ECX_KEY *ecxkey = vecxkey; | |
591 | ASN1_OCTET_STRING oct; | |
592 | int keybloblen; | |
593 | ||
594 | if (ecxkey == NULL || ecxkey->privkey == NULL) { | |
595 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); | |
596 | return 0; | |
597 | } | |
598 | ||
599 | oct.data = ecxkey->privkey; | |
600 | oct.length = ecxkey->keylen; | |
601 | oct.flags = 0; | |
602 | ||
603 | keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder); | |
604 | if (keybloblen < 0) { | |
605 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
606 | return 0; | |
607 | } | |
608 | ||
609 | return keybloblen; | |
610 | } | |
611 | ||
612 | # define ecx_params_to_der_bio NULL | |
613 | # define ecx_params_to_pem_bio NULL | |
614 | #endif | |
615 | ||
616 | /* ---------------------------------------------------------------------- */ | |
617 | ||
618 | #define rsa_param_selection OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS | |
619 | #define rsa_pub_selection (OSSL_KEYMGMT_SELECT_PUBLIC_KEY \ | |
620 | | rsa_param_selection) | |
621 | #define rsa_priv_selection (OSSL_KEYMGMT_SELECT_KEYPAIR \ | |
622 | | rsa_param_selection) | |
623 | ||
624 | static int rsa_type_to_evp(const RSA *rsa) | |
625 | { | |
626 | switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { | |
627 | case RSA_FLAG_TYPE_RSA: | |
628 | return EVP_PKEY_RSA; | |
629 | case RSA_FLAG_TYPE_RSASSAPSS: | |
630 | return EVP_PKEY_RSA_PSS; | |
631 | } | |
632 | ||
633 | /* Currently unsupported RSA key type */ | |
634 | return EVP_PKEY_NONE; | |
635 | } | |
636 | ||
637 | /* | |
638 | * Helper functions to prepare RSA-PSS params for encoding. We would | |
639 | * have simply written the whole AlgorithmIdentifier, but existing libcrypto | |
640 | * functionality doesn't allow that. | |
641 | */ | |
642 | ||
643 | static int prepare_rsa_params(const void *rsa, int nid, | |
644 | void **pstr, int *pstrtype) | |
645 | { | |
646 | const RSA_PSS_PARAMS_30 *pss = rsa_get0_pss_params_30((RSA *)rsa); | |
647 | ||
648 | *pstr = NULL; | |
649 | ||
650 | switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { | |
651 | case RSA_FLAG_TYPE_RSA: | |
652 | /* If plain RSA, the parameters shall be NULL */ | |
653 | *pstrtype = V_ASN1_NULL; | |
654 | return 1; | |
655 | case RSA_FLAG_TYPE_RSASSAPSS: | |
656 | if (rsa_pss_params_30_is_unrestricted(pss)) { | |
657 | *pstrtype = V_ASN1_UNDEF; | |
658 | return 1; | |
659 | } else { | |
660 | ASN1_STRING *astr = NULL; | |
661 | WPACKET pkt; | |
662 | unsigned char *str = NULL; | |
663 | size_t str_sz = 0; | |
664 | int i; | |
665 | ||
666 | for (i = 0; i < 2; i++) { | |
667 | switch (i) { | |
668 | case 0: | |
669 | if (!WPACKET_init_null_der(&pkt)) | |
670 | goto err; | |
671 | break; | |
672 | case 1: | |
673 | if ((str = OPENSSL_malloc(str_sz)) == NULL | |
674 | || !WPACKET_init_der(&pkt, str, str_sz)) { | |
675 | goto err; | |
676 | } | |
677 | break; | |
678 | } | |
679 | if (!DER_w_RSASSA_PSS_params(&pkt, -1, pss) | |
680 | || !WPACKET_finish(&pkt) | |
681 | || !WPACKET_get_total_written(&pkt, &str_sz)) | |
682 | goto err; | |
683 | WPACKET_cleanup(&pkt); | |
684 | ||
685 | /* | |
686 | * If no PSS parameters are going to be written, there's no | |
687 | * point going for another iteration. | |
688 | * This saves us from getting |str| allocated just to have it | |
689 | * immediately de-allocated. | |
690 | */ | |
691 | if (str_sz == 0) | |
692 | break; | |
693 | } | |
694 | ||
695 | if ((astr = ASN1_STRING_new()) == NULL) | |
696 | goto err; | |
697 | *pstrtype = V_ASN1_SEQUENCE; | |
698 | ASN1_STRING_set0(astr, str, (int)str_sz); | |
699 | *pstr = astr; | |
700 | ||
701 | return 1; | |
702 | err: | |
703 | OPENSSL_free(str); | |
704 | return 0; | |
705 | } | |
706 | } | |
707 | ||
708 | /* Currently unsupported RSA key type */ | |
709 | return 0; | |
710 | } | |
711 | ||
712 | #define rsa_params_to_der_bio NULL | |
713 | #define rsa_params_to_pem_bio NULL | |
714 | #define rsa_priv_to_der (i2d_of_void *)i2d_RSAPrivateKey | |
715 | #define rsa_pub_to_der (i2d_of_void *)i2d_RSAPublicKey | |
716 | ||
717 | /* ---------------------------------------------------------------------- */ | |
718 | ||
719 | static OSSL_FUNC_decoder_newctx_fn key2any_newctx; | |
720 | static OSSL_FUNC_decoder_freectx_fn key2any_freectx; | |
721 | ||
722 | static void *key2any_newctx(void *provctx) | |
723 | { | |
724 | struct key2any_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); | |
725 | ||
726 | if (ctx != NULL) | |
727 | ctx->provctx = provctx; | |
728 | ||
729 | return ctx; | |
730 | } | |
731 | ||
732 | static void key2any_freectx(void *vctx) | |
733 | { | |
734 | struct key2any_ctx_st *ctx = vctx; | |
735 | ||
736 | ossl_pw_clear_passphrase_data(&ctx->pwdata); | |
737 | EVP_CIPHER_free(ctx->cipher); | |
738 | OPENSSL_free(ctx); | |
739 | } | |
740 | ||
741 | static const OSSL_PARAM *key2any_settable_ctx_params(ossl_unused void *provctx) | |
742 | { | |
743 | static const OSSL_PARAM settables[] = { | |
744 | OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_CIPHER, NULL, 0), | |
745 | OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_PROPERTIES, NULL, 0), | |
746 | OSSL_PARAM_END, | |
747 | }; | |
748 | ||
749 | return settables; | |
750 | } | |
751 | ||
752 | static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[]) | |
753 | { | |
754 | struct key2any_ctx_st *ctx = vctx; | |
755 | OPENSSL_CTX *libctx = PROV_CTX_get0_library_context(ctx->provctx); | |
756 | const OSSL_PARAM *cipherp = | |
757 | OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_CIPHER); | |
758 | const OSSL_PARAM *propsp = | |
759 | OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PROPERTIES); | |
760 | ||
761 | if (cipherp != NULL) { | |
762 | const char *ciphername = NULL; | |
763 | const char *props = NULL; | |
764 | ||
765 | if (!OSSL_PARAM_get_utf8_string_ptr(cipherp, &ciphername)) | |
766 | return 0; | |
767 | if (propsp != NULL && !OSSL_PARAM_get_utf8_string_ptr(propsp, &props)) | |
768 | return 0; | |
769 | ||
770 | EVP_CIPHER_free(ctx->cipher); | |
771 | ctx->cipher_intent = ciphername != NULL; | |
772 | if (ciphername != NULL | |
773 | && ((ctx->cipher = | |
774 | EVP_CIPHER_fetch(libctx, ciphername, props)) == NULL)) | |
775 | return 0; | |
776 | } | |
777 | return 1; | |
778 | } | |
779 | ||
780 | static int key2any_encode(struct key2any_ctx_st *ctx, | |
781 | const void *key, int type, | |
782 | OSSL_CORE_BIO *cout, key_to_der_fn *writer, | |
783 | OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg, | |
784 | key_to_paramstring_fn *key2paramstring, | |
785 | i2d_of_void *key2der) | |
786 | { | |
787 | BIO *out = bio_new_from_core_bio(ctx->provctx, cout); | |
788 | int ret = 0; | |
789 | ||
790 | if (out != NULL | |
791 | && writer != NULL | |
792 | && ossl_pw_set_ossl_passphrase_cb(&ctx->pwdata, cb, cbarg)) | |
793 | ret = writer(out, key, type, key2paramstring, key2der, ctx); | |
794 | ||
795 | BIO_free(out); | |
796 | return ret; | |
797 | } | |
798 | ||
799 | static int key2any_encode_params(struct key2any_ctx_st *ctx, const void *key, | |
800 | OSSL_CORE_BIO *cout, | |
801 | write_bio_of_void_fn *writer) | |
802 | { | |
803 | int ret = 0; | |
804 | BIO *out = bio_new_from_core_bio(ctx->provctx, cout); | |
805 | ||
806 | if (out != NULL && writer != NULL) | |
807 | ret = writer(out, key); | |
808 | ||
809 | BIO_free(out); | |
810 | ||
811 | return ret; | |
812 | } | |
813 | ||
814 | #define ALLOWED_SELECTORS \ | |
815 | (OSSL_KEYMGMT_SELECT_ALL_PARAMETERS | OSSL_KEYMGMT_SELECT_KEYPAIR) | |
816 | ||
817 | #define MAKE_ENCODER_KIND(impl, kind, type, evp_type, output) \ | |
818 | static OSSL_FUNC_encoder_encode_data_fn \ | |
819 | impl##_##kind##2##output##_encode_d; \ | |
820 | static OSSL_FUNC_encoder_encode_object_fn \ | |
821 | impl##_##kind##2##output##_encode_o; \ | |
822 | static int \ | |
823 | impl##_##kind##2##output##_encode_d(void *vctx, \ | |
824 | const OSSL_PARAM params[], \ | |
825 | OSSL_CORE_BIO *cout, \ | |
826 | OSSL_PASSPHRASE_CALLBACK *cb, \ | |
827 | void *cbarg) \ | |
828 | { \ | |
829 | struct key2any_ctx_st *ctx = vctx; \ | |
830 | int selection = type##_##kind##_selection; \ | |
831 | void *key = ossl_prov_import_key(impl##_keymgmt_functions, \ | |
832 | ctx->provctx, selection, \ | |
833 | params); \ | |
834 | int ret; \ | |
835 | \ | |
836 | if (key == NULL) \ | |
837 | return 0; \ | |
838 | \ | |
839 | ret = impl##_##kind##2##output##_encode_o(ctx, key, cout, \ | |
840 | cb, cbarg); \ | |
841 | ossl_prov_free_key(impl##_keymgmt_functions, key); \ | |
842 | return ret; \ | |
843 | } \ | |
844 | static int \ | |
845 | impl##_##kind##2##output##_encode_o(void *vctx, const void *key, \ | |
846 | OSSL_CORE_BIO *cout, \ | |
847 | OSSL_PASSPHRASE_CALLBACK *cb, \ | |
848 | void *cbarg) \ | |
849 | { \ | |
850 | int selection = type##_##kind##_selection; \ | |
851 | \ | |
852 | if (!ossl_assert(selection != 0) \ | |
853 | || !ossl_assert((selection & ~ALLOWED_SELECTORS) == 0)) { \ | |
854 | ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); \ | |
855 | return 0; \ | |
856 | } \ | |
857 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) \ | |
858 | return key2any_encode(vctx, key, impl##_type_to_evp(key), \ | |
859 | cout, key_to_##output##_pkcs8_bio, \ | |
860 | cb, cbarg, \ | |
861 | prepare_##type##_params, \ | |
862 | type##_priv_to_der); \ | |
863 | if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) \ | |
864 | return key2any_encode(vctx, key, impl##_type_to_evp(key), \ | |
865 | cout, key_to_##output##_pubkey_bio, \ | |
866 | cb, cbarg, \ | |
867 | prepare_##type##_params, \ | |
868 | type##_pub_to_der); \ | |
869 | return key2any_encode_params(vctx, key, cout, \ | |
870 | type##_params_to_##output##_bio); \ | |
871 | } \ | |
872 | const OSSL_DISPATCH \ | |
873 | impl##_##kind##_to_##output##_encoder_functions[] = { \ | |
874 | { OSSL_FUNC_ENCODER_NEWCTX, \ | |
875 | (void (*)(void))key2any_newctx }, \ | |
876 | { OSSL_FUNC_ENCODER_FREECTX, \ | |
877 | (void (*)(void))key2any_freectx }, \ | |
878 | { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS, \ | |
879 | (void (*)(void))key2any_settable_ctx_params }, \ | |
880 | { OSSL_FUNC_ENCODER_SET_CTX_PARAMS, \ | |
881 | (void (*)(void))key2any_set_ctx_params }, \ | |
882 | { OSSL_FUNC_ENCODER_ENCODE_DATA, \ | |
883 | (void (*)(void))impl##_##kind##2##output##_encode_d }, \ | |
884 | { OSSL_FUNC_ENCODER_ENCODE_OBJECT, \ | |
885 | (void (*)(void))impl##_##kind##2##output##_encode_o }, \ | |
886 | { 0, NULL } \ | |
887 | } | |
888 | ||
889 | #define MAKE_ENCODER(impl, type, evp_type, output) \ | |
890 | MAKE_ENCODER_KIND(impl, param, type, evp_type, output); \ | |
891 | MAKE_ENCODER_KIND(impl, pub, type, evp_type, output); \ | |
892 | MAKE_ENCODER_KIND(impl, priv, type, evp_type, output) | |
893 | ||
894 | #define MAKE_ENCODER_NOPARAM(impl, type, evp_type, output) \ | |
895 | MAKE_ENCODER_KIND(impl, pub, type, evp_type, output); \ | |
896 | MAKE_ENCODER_KIND(impl, priv, type, evp_type, output) | |
897 | ||
898 | #ifndef OPENSSL_NO_DH | |
899 | MAKE_ENCODER(dh, dh, EVP_PKEY_DH, der); | |
900 | MAKE_ENCODER(dh, dh, EVP_PKEY_DH, pem); | |
901 | #endif | |
902 | #ifndef OPENSSL_NO_DSA | |
903 | MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, der); | |
904 | MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, pem); | |
905 | #endif | |
906 | #ifndef OPENSSL_NO_EC | |
907 | MAKE_ENCODER(ec, ec, EVP_PKEY_EC, der); | |
908 | MAKE_ENCODER(ec, ec, EVP_PKEY_EC, pem); | |
909 | MAKE_ENCODER_NOPARAM(ed25519, ecx, EVP_PKEY_ED25519, der); | |
910 | MAKE_ENCODER_NOPARAM(ed25519, ecx, EVP_PKEY_ED25519, pem); | |
911 | MAKE_ENCODER_NOPARAM(ed448, ecx, EVP_PKEY_ED448, der); | |
912 | MAKE_ENCODER_NOPARAM(ed448, ecx, EVP_PKEY_ED448, pem); | |
913 | MAKE_ENCODER_NOPARAM(x25519, ecx, EVP_PKEY_X25519, der); | |
914 | MAKE_ENCODER_NOPARAM(x25519, ecx, EVP_PKEY_X25519, pem); | |
915 | MAKE_ENCODER_NOPARAM(x448, ecx, EVP_PKEY_ED448, der); | |
916 | MAKE_ENCODER_NOPARAM(x448, ecx, EVP_PKEY_ED448, pem); | |
917 | #endif | |
918 | /* | |
919 | * RSA-PSS does have parameters, but we don't have a separate output for them, | |
920 | * so we don't pretend we do. Parameter handling remains internal within the | |
921 | * RSA helper functions. | |
922 | */ | |
923 | MAKE_ENCODER_NOPARAM(rsa, rsa, EVP_PKEY_RSA, der); | |
924 | MAKE_ENCODER_NOPARAM(rsa, rsa, EVP_PKEY_RSA, pem); |