From: Pauli Date: Mon, 27 Jul 2020 04:47:59 +0000 (+1000) Subject: deserialisation: add deserialisation to the base provider X-Git-Tag: openssl-3.0.0-alpha6~35 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a3f15e237c0325718f488ebf9a242c031f4f864e;p=thirdparty%2Fopenssl.git deserialisation: add deserialisation to the base provider Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/12104) --- diff --git a/apps/list.c b/apps/list.c index 5b93f7dfed..69a516763c 100644 --- a/apps/list.c +++ b/apps/list.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include "apps.h" #include "app_params.h" @@ -413,6 +414,67 @@ static void list_serializers(void) sk_OSSL_SERIALIZER_pop_free(serializers, OSSL_SERIALIZER_free); } +/* + * Deserializers + */ +DEFINE_STACK_OF(OSSL_DESERIALIZER) +static int deserializer_cmp(const OSSL_DESERIALIZER * const *a, + const OSSL_DESERIALIZER * const *b) +{ + int ret = OSSL_DESERIALIZER_number(*a) - OSSL_DESERIALIZER_number(*b); + + if (ret == 0) + ret = strcmp(OSSL_PROVIDER_name(OSSL_DESERIALIZER_provider(*a)), + OSSL_PROVIDER_name(OSSL_DESERIALIZER_provider(*b))); + return ret; +} + +static void collect_deserializers(OSSL_DESERIALIZER *deserializer, void *stack) +{ + STACK_OF(OSSL_DESERIALIZER) *deserializer_stack = stack; + + sk_OSSL_DESERIALIZER_push(deserializer_stack, deserializer); + OSSL_DESERIALIZER_up_ref(deserializer); +} + +static void list_deserializers(void) +{ + STACK_OF(OSSL_DESERIALIZER) *deserializers; + int i; + + deserializers = sk_OSSL_DESERIALIZER_new(deserializer_cmp); + if (deserializers == NULL) { + BIO_printf(bio_err, "ERROR: Memory allocation\n"); + return; + } + BIO_printf(bio_out, "Provided DESERIALIZERs:\n"); + OSSL_DESERIALIZER_do_all_provided(NULL, collect_deserializers, + deserializers); + sk_OSSL_DESERIALIZER_sort(deserializers); + + for (i = 0; i < sk_OSSL_DESERIALIZER_num(deserializers); i++) { + OSSL_DESERIALIZER *k = sk_OSSL_DESERIALIZER_value(deserializers, i); + STACK_OF(OPENSSL_CSTRING) *names = + sk_OPENSSL_CSTRING_new(name_cmp); + + OSSL_DESERIALIZER_names_do_all(k, collect_names, names); + + BIO_printf(bio_out, " "); + print_names(bio_out, names); + BIO_printf(bio_out, " @ %s (%s)\n", + OSSL_PROVIDER_name(OSSL_DESERIALIZER_provider(k)), + OSSL_DESERIALIZER_properties(k)); + + sk_OPENSSL_CSTRING_free(names); + + if (verbose) { + print_param_types("settable operation parameters", + OSSL_DESERIALIZER_settable_ctx_params(k), 4); + } + } + sk_OSSL_DESERIALIZER_pop_free(deserializers, OSSL_DESERIALIZER_free); +} + static void list_missing_help(void) { const FUNCTION *fp; @@ -760,6 +822,7 @@ typedef enum HELPLIST_CHOICE { OPT_DIGEST_ALGORITHMS, OPT_CIPHER_COMMANDS, OPT_CIPHER_ALGORITHMS, OPT_PK_ALGORITHMS, OPT_PK_METHOD, OPT_DISABLED, OPT_KDF_ALGORITHMS, OPT_RANDOM_GENERATORS, OPT_SERIALIZERS, + OPT_DESERIALIZERS, OPT_MISSING_HELP, OPT_OBJECTS, #ifndef OPENSSL_NO_DEPRECATED_3_0 OPT_ENGINES, @@ -791,6 +854,8 @@ const OPTIONS list_options[] = { {"cipher-algorithms", OPT_CIPHER_ALGORITHMS, '-', "List of cipher algorithms"}, {"serializers", OPT_SERIALIZERS, '-', "List of serialization methods" }, + {"deserializers", OPT_DESERIALIZERS, '-', + "List of deserialization methods" }, {"public-key-algorithms", OPT_PK_ALGORITHMS, '-', "List of public key algorithms"}, #ifndef OPENSSL_NO_DEPRECATED_3_0 @@ -826,6 +891,7 @@ int list_main(int argc, char **argv) unsigned int cipher_commands:1; unsigned int cipher_algorithms:1; unsigned int serializer_algorithms:1; + unsigned int deserializer_algorithms:1; unsigned int pk_algorithms:1; unsigned int pk_method:1; #ifndef OPENSSL_NO_DEPRECATED_3_0 @@ -880,6 +946,9 @@ opthelp: case OPT_SERIALIZERS: todo.serializer_algorithms = 1; break; + case OPT_DESERIALIZERS: + todo.deserializer_algorithms = 1; + break; case OPT_PK_ALGORITHMS: todo.pk_algorithms = 1; break; @@ -936,6 +1005,8 @@ opthelp: list_ciphers(); if (todo.serializer_algorithms) list_serializers(); + if (todo.deserializer_algorithms) + list_deserializers(); if (todo.pk_algorithms) list_pkey(); #ifndef OPENSSL_NO_DEPRECATED_3_0 diff --git a/doc/man1/openssl-list.pod.in b/doc/man1/openssl-list.pod.in index 89116888f4..df970a0959 100644 --- a/doc/man1/openssl-list.pod.in +++ b/doc/man1/openssl-list.pod.in @@ -20,6 +20,7 @@ B [B<-cipher-commands>] [B<-cipher-algorithms>] [B<-serializers>] +[B<-deserializers>] [B<-public-key-algorithms>] {- output_off() if $disabled{"deprecated-3.0"}; "" -}[B<-public-key-methods>] @@ -92,6 +93,15 @@ displayed. In verbose mode, the algorithms provided by a provider will get additional information on what parameters each implementation supports. +=item B<-deserializers> + +Display a list of deserializers. +See L for a description of how names are +displayed. + +In verbose mode, the algorithms provided by a provider will get additional +information on what parameters each implementation supports. + =item B<-public-key-algorithms> Display a list of public key algorithms, with each algorithm as diff --git a/providers/baseprov.c b/providers/baseprov.c index d40535bafa..917bf680d4 100644 --- a/providers/baseprov.c +++ b/providers/baseprov.c @@ -75,11 +75,28 @@ static const OSSL_ALGORITHM base_serializer[] = { }; #undef SER +static const OSSL_ALGORITHM base_deserializer[] = { +#define DESER(name, fips, input, func_table) \ + { name, \ + "provider=base,fips=" fips ",input=" input, \ + (func_table) } + +#include "deserializers.inc" + { NULL, NULL, NULL } +}; +#undef DESER + static const OSSL_ALGORITHM *base_query(void *provctx, int operation_id, int *no_cache) { *no_cache = 0; - return operation_id == OSSL_OP_SERIALIZER ? base_serializer : NULL; + switch (operation_id) { + case OSSL_OP_SERIALIZER: + return base_serializer; + case OSSL_OP_DESERIALIZER: + return base_deserializer; + } + return NULL; } static void base_teardown(void *provctx) diff --git a/providers/defltprov.c b/providers/defltprov.c index fa6e18fdca..fa2fadbc95 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -388,7 +388,7 @@ static const OSSL_ALGORITHM deflt_keymgmt[] = { static const OSSL_ALGORITHM deflt_serializer[] = { #define SER(name, fips, format, type, func_table) \ { name, \ - "provider=default,fips=" fips ",format=" format ",type=" type, \ + "provider=default,fips=" fips ",format=" format ",type=" type, \ (func_table) } #include "serializers.inc" @@ -397,16 +397,15 @@ static const OSSL_ALGORITHM deflt_serializer[] = { #undef SER static const OSSL_ALGORITHM deflt_deserializer[] = { - { "RSA", "provider=default,fips=yes,input=der", - der_to_rsa_deserializer_functions }, - { "RSA-PSS", "provider=default,fips=yes,input=der", - der_to_rsapss_deserializer_functions }, - - { "DER", "provider=default,fips=yes,input=pem", - pem_to_der_deserializer_functions }, +#define DESER(name, fips, input, func_table) \ + { name, \ + "provider=default,fips=" fips ",input=" input, \ + (func_table) } +#include "deserializers.inc" { NULL, NULL, NULL } }; +#undef DESER static const OSSL_ALGORITHM *deflt_query(void *provctx, int operation_id, int *no_cache) diff --git a/providers/deserializers.inc b/providers/deserializers.inc new file mode 100644 index 0000000000..bab709d31d --- /dev/null +++ b/providers/deserializers.inc @@ -0,0 +1,16 @@ +/* + * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef DESER +# error Macro DESER undefined +#endif + + DESER("RSA", "yes", "der", der_to_rsa_deserializer_functions), + DESER("RSA-PSS", "yes", "der", der_to_rsapss_deserializer_functions), + DESER("DER", "yes", "pem", pem_to_der_deserializer_functions),