2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * DH low level APIs are deprecated for public use, but still ok for
14 #include "internal/deprecated.h"
16 #include <openssl/core_dispatch.h>
17 #include <openssl/core_names.h>
18 #include <openssl/err.h>
19 #include <openssl/pem.h>
20 #include <openssl/dh.h>
21 #include <openssl/types.h>
22 #include <openssl/params.h>
24 #include "prov/implementations.h"
25 #include "prov/provider_ctx.h"
26 #include "encoder_local.h"
28 #define DH_SELECT_PRIVATE_IMPORTABLE \
29 (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)
31 static OSSL_FUNC_encoder_newctx_fn dh_priv_newctx
;
32 static OSSL_FUNC_encoder_freectx_fn dh_priv_freectx
;
33 static OSSL_FUNC_encoder_set_ctx_params_fn dh_priv_set_ctx_params
;
34 static OSSL_FUNC_encoder_settable_ctx_params_fn dh_priv_settable_ctx_params
;
35 static OSSL_FUNC_encoder_encode_data_fn dh_priv_der_data
;
36 static OSSL_FUNC_encoder_encode_object_fn dh_priv_der
;
37 static OSSL_FUNC_encoder_encode_data_fn dh_pem_priv_data
;
38 static OSSL_FUNC_encoder_encode_object_fn dh_pem_priv
;
40 static OSSL_FUNC_encoder_newctx_fn dh_print_newctx
;
41 static OSSL_FUNC_encoder_freectx_fn dh_print_freectx
;
42 static OSSL_FUNC_encoder_encode_data_fn dh_priv_print_data
;
43 static OSSL_FUNC_encoder_encode_object_fn dh_priv_print
;
46 * Context used for private key encoding.
48 struct dh_priv_ctx_st
{
51 struct pkcs8_encrypt_ctx_st sc
;
54 /* Private key : context */
55 static void *dh_priv_newctx(void *provctx
)
57 struct dh_priv_ctx_st
*ctx
= OPENSSL_zalloc(sizeof(*ctx
));
60 ctx
->provctx
= provctx
;
62 /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */
68 static void dh_priv_freectx(void *vctx
)
70 struct dh_priv_ctx_st
*ctx
= vctx
;
72 EVP_CIPHER_free(ctx
->sc
.cipher
);
73 OPENSSL_free(ctx
->sc
.cipher_pass
);
77 static const OSSL_PARAM
*dh_priv_settable_ctx_params(ossl_unused
void *provctx
)
79 static const OSSL_PARAM settables
[] = {
80 OSSL_PARAM_utf8_string(OSSL_ENCODER_PARAM_CIPHER
, NULL
, 0),
81 OSSL_PARAM_octet_string(OSSL_ENCODER_PARAM_PASS
, NULL
, 0),
88 static int dh_priv_set_ctx_params(void *vctx
, const OSSL_PARAM params
[])
90 struct dh_priv_ctx_st
*ctx
= vctx
;
93 if ((p
= OSSL_PARAM_locate_const(params
, OSSL_ENCODER_PARAM_CIPHER
))
95 const OSSL_PARAM
*propsp
=
96 OSSL_PARAM_locate_const(params
, OSSL_ENCODER_PARAM_PROPERTIES
);
97 const char *props
= NULL
;
99 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
)
101 if (propsp
!= NULL
&& propsp
->data_type
!= OSSL_PARAM_UTF8_STRING
)
103 props
= (propsp
!= NULL
? propsp
->data
: NULL
);
105 EVP_CIPHER_free(ctx
->sc
.cipher
);
106 ctx
->sc
.cipher_intent
= p
->data
!= NULL
;
108 && ((ctx
->sc
.cipher
= EVP_CIPHER_fetch(NULL
, p
->data
, props
))
112 if ((p
= OSSL_PARAM_locate_const(params
, OSSL_ENCODER_PARAM_PASS
))
114 OPENSSL_free(ctx
->sc
.cipher_pass
);
115 ctx
->sc
.cipher_pass
= NULL
;
116 if (!OSSL_PARAM_get_octet_string(p
, &ctx
->sc
.cipher_pass
, 0,
117 &ctx
->sc
.cipher_pass_length
))
123 /* Private key : DER */
124 static int dh_priv_der_data(void *vctx
, const OSSL_PARAM params
[],
126 OSSL_PASSPHRASE_CALLBACK
*cb
, void *cbarg
)
128 struct dh_priv_ctx_st
*ctx
= vctx
;
129 OSSL_FUNC_keymgmt_new_fn
*dh_new
= ossl_prov_get_keymgmt_dh_new();
130 OSSL_FUNC_keymgmt_free_fn
*dh_free
= ossl_prov_get_keymgmt_dh_free();
131 OSSL_FUNC_keymgmt_import_fn
*dh_import
= ossl_prov_get_keymgmt_dh_import();
134 if (dh_import
!= NULL
) {
137 if ((dh
= dh_new(ctx
->provctx
)) != NULL
138 && dh_import(dh
, DH_SELECT_PRIVATE_IMPORTABLE
, params
)
139 && dh_priv_der(ctx
, dh
, out
, cb
, cbarg
))
146 static int dh_priv_der(void *vctx
, void *dh
, OSSL_CORE_BIO
*cout
,
147 OSSL_PASSPHRASE_CALLBACK
*cb
, void *cbarg
)
149 struct dh_priv_ctx_st
*ctx
= vctx
;
151 BIO
*out
= bio_new_from_core_bio(ctx
->provctx
, cout
);
157 ctx
->sc
.cbarg
= cbarg
;
159 ret
= ossl_prov_write_priv_der_from_obj(out
, dh
,
160 ossl_prov_dh_type_to_evp(dh
),
161 ossl_prov_prepare_dh_params
,
162 ossl_prov_dh_priv_to_der
,
169 /* Private key : PEM */
170 static int dh_pem_priv_data(void *vctx
, const OSSL_PARAM params
[],
172 OSSL_PASSPHRASE_CALLBACK
*cb
, void *cbarg
)
174 struct dh_priv_ctx_st
*ctx
= vctx
;
175 OSSL_FUNC_keymgmt_new_fn
*dh_new
= ossl_prov_get_keymgmt_dh_new();
176 OSSL_FUNC_keymgmt_free_fn
*dh_free
= ossl_prov_get_keymgmt_dh_free();
177 OSSL_FUNC_keymgmt_import_fn
*dh_import
= ossl_prov_get_keymgmt_dh_import();
180 if (dh_import
!= NULL
) {
183 if ((dh
= dh_new(ctx
->provctx
)) != NULL
184 && dh_import(dh
, DH_SELECT_PRIVATE_IMPORTABLE
, params
)
185 && dh_pem_priv(ctx
->provctx
, dh
, out
, cb
, cbarg
))
192 static int dh_pem_priv(void *vctx
, void *dh
, OSSL_CORE_BIO
*cout
,
193 OSSL_PASSPHRASE_CALLBACK
*cb
, void *cbarg
)
195 struct dh_priv_ctx_st
*ctx
= vctx
;
197 BIO
*out
= bio_new_from_core_bio(ctx
->provctx
, cout
);
203 ctx
->sc
.cbarg
= cbarg
;
205 ret
= ossl_prov_write_priv_pem_from_obj(out
, dh
,
206 ossl_prov_dh_type_to_evp(dh
),
207 ossl_prov_prepare_dh_params
,
208 ossl_prov_dh_priv_to_der
,
216 * There's no specific print context, so we use the provider context
218 static void *dh_print_newctx(void *provctx
)
223 static void dh_print_freectx(void *ctx
)
227 static int dh_priv_print_data(void *vctx
, const OSSL_PARAM params
[],
229 OSSL_PASSPHRASE_CALLBACK
*cb
, void *cbarg
)
231 struct dh_priv_ctx_st
*ctx
= vctx
;
232 OSSL_FUNC_keymgmt_new_fn
*dh_new
= ossl_prov_get_keymgmt_dh_new();
233 OSSL_FUNC_keymgmt_free_fn
*dh_free
= ossl_prov_get_keymgmt_dh_free();
234 OSSL_FUNC_keymgmt_import_fn
*dh_import
= ossl_prov_get_keymgmt_dh_import();
237 if (dh_import
!= NULL
) {
240 if ((dh
= dh_new(ctx
->provctx
)) != NULL
241 && dh_import(dh
, DH_SELECT_PRIVATE_IMPORTABLE
, params
)
242 && dh_priv_print(ctx
, dh
, out
, cb
, cbarg
))
249 static int dh_priv_print(void *ctx
, void *dh
, OSSL_CORE_BIO
*cout
,
250 OSSL_PASSPHRASE_CALLBACK
*cb
, void *cbarg
)
252 BIO
*out
= bio_new_from_core_bio(ctx
, cout
);
258 ret
= ossl_prov_print_dh(out
, dh
, dh_print_priv
);
264 const OSSL_DISPATCH dh_priv_der_encoder_functions
[] = {
265 { OSSL_FUNC_ENCODER_NEWCTX
, (void (*)(void))dh_priv_newctx
},
266 { OSSL_FUNC_ENCODER_FREECTX
, (void (*)(void))dh_priv_freectx
},
267 { OSSL_FUNC_ENCODER_SET_CTX_PARAMS
,
268 (void (*)(void))dh_priv_set_ctx_params
},
269 { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS
,
270 (void (*)(void))dh_priv_settable_ctx_params
},
271 { OSSL_FUNC_ENCODER_ENCODE_DATA
, (void (*)(void))dh_priv_der_data
},
272 { OSSL_FUNC_ENCODER_ENCODE_OBJECT
, (void (*)(void))dh_priv_der
},
276 const OSSL_DISPATCH dh_priv_pem_encoder_functions
[] = {
277 { OSSL_FUNC_ENCODER_NEWCTX
, (void (*)(void))dh_priv_newctx
},
278 { OSSL_FUNC_ENCODER_FREECTX
, (void (*)(void))dh_priv_freectx
},
279 { OSSL_FUNC_ENCODER_SET_CTX_PARAMS
,
280 (void (*)(void))dh_priv_set_ctx_params
},
281 { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS
,
282 (void (*)(void))dh_priv_settable_ctx_params
},
283 { OSSL_FUNC_ENCODER_ENCODE_DATA
, (void (*)(void))dh_pem_priv_data
},
284 { OSSL_FUNC_ENCODER_ENCODE_OBJECT
, (void (*)(void))dh_pem_priv
},
288 const OSSL_DISPATCH dh_priv_text_encoder_functions
[] = {
289 { OSSL_FUNC_ENCODER_NEWCTX
, (void (*)(void))dh_print_newctx
},
290 { OSSL_FUNC_ENCODER_FREECTX
, (void (*)(void))dh_print_freectx
},
291 { OSSL_FUNC_ENCODER_ENCODE_OBJECT
, (void (*)(void))dh_priv_print
},
292 { OSSL_FUNC_ENCODER_ENCODE_DATA
,
293 (void (*)(void))dh_priv_print_data
},