From 4080054b871821ffcc90cd379281fa22a9705ad1 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Thu, 16 Oct 2025 15:48:08 -0400 Subject: [PATCH] kem: Use include file for generated code Signed-off-by: Simo Sorce Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/28838) --- .gitignore | 8 ++--- build.info | 32 +++++++++---------- .../kem/{ec_kem.c.in => ec_kem.c} | 10 +----- providers/implementations/kem/ec_kem.inc.in | 17 ++++++++++ .../kem/{ecx_kem.c.in => ecx_kem.c} | 9 +----- providers/implementations/kem/ecx_kem.inc.in | 17 ++++++++++ .../kem/{ml_kem_kem.c.in => ml_kem_kem.c} | 8 +---- .../implementations/kem/ml_kem_kem.inc.in | 16 ++++++++++ .../kem/{rsa_kem.c.in => rsa_kem.c} | 13 +------- providers/implementations/kem/rsa_kem.inc.in | 21 ++++++++++++ 10 files changed, 95 insertions(+), 56 deletions(-) rename providers/implementations/kem/{ec_kem.c.in => ec_kem.c} (98%) create mode 100644 providers/implementations/kem/ec_kem.inc.in rename providers/implementations/kem/{ecx_kem.c.in => ecx_kem.c} (98%) create mode 100644 providers/implementations/kem/ecx_kem.inc.in rename providers/implementations/kem/{ml_kem_kem.c.in => ml_kem_kem.c} (97%) create mode 100644 providers/implementations/kem/ml_kem_kem.inc.in rename providers/implementations/kem/{rsa_kem.c.in => rsa_kem.c} (96%) create mode 100644 providers/implementations/kem/rsa_kem.inc.in diff --git a/.gitignore b/.gitignore index 6934a9d96e4..f5fd9e77aa1 100644 --- a/.gitignore +++ b/.gitignore @@ -112,10 +112,10 @@ providers/implementations/kdfs/sshkdf.inc providers/implementations/kdfs/sskdf.inc providers/implementations/kdfs/tls1_prf.inc providers/implementations/kdfs/x942kdf.inc -providers/implementations/kem/ec_kem.c -providers/implementations/kem/ecx_kem.c -providers/implementations/kem/ml_kem_kem.c -providers/implementations/kem/rsa_kem.c +providers/implementations/kem/ec_kem.inc +providers/implementations/kem/ecx_kem.inc +providers/implementations/kem/ml_kem_kem.inc +providers/implementations/kem/rsa_kem.inc providers/implementations/keymgmt/ml_dsa_kmgmt.c providers/implementations/keymgmt/ml_kem_kmgmt.c providers/implementations/keymgmt/mlx_kmgmt.c diff --git a/build.info b/build.info index fbea823d905..be9fb3a5298 100644 --- a/build.info +++ b/build.info @@ -74,10 +74,10 @@ DEPEND[]=include/openssl/asn1.h \ providers/implementations/kdfs/sskdf.inc \ providers/implementations/kdfs/tls1_prf.inc \ providers/implementations/kdfs/x942kdf.inc \ - providers/implementations/kem/ec_kem.c \ - providers/implementations/kem/ecx_kem.c \ - providers/implementations/kem/ml_kem_kem.c \ - providers/implementations/kem/rsa_kem.c \ + providers/implementations/kem/ec_kem.inc \ + providers/implementations/kem/ecx_kem.inc \ + providers/implementations/kem/ml_kem_kem.inc \ + providers/implementations/kem/rsa_kem.inc \ providers/implementations/keymgmt/dh_kmgmt.c \ providers/implementations/keymgmt/dsa_kmgmt.c \ providers/implementations/keymgmt/ecx_kmgmt.c \ @@ -192,10 +192,10 @@ DEPEND[providers/implementations/asymciphers/rsa_enc.inc \ providers/implementations/kdfs/sskdf.inc \ providers/implementations/kdfs/tls1_prf.inc \ providers/implementations/kdfs/x942kdf.inc \ - providers/implementations/kem/ec_kem.c \ - providers/implementations/kem/ecx_kem.c \ - providers/implementations/kem/ml_kem_kem.c \ - providers/implementations/kem/rsa_kem.c \ + providers/implementations/kem/ec_kem.inc \ + providers/implementations/kem/ecx_kem.inc \ + providers/implementations/kem/ml_kem_kem.inc \ + providers/implementations/kem/rsa_kem.inc \ providers/implementations/keymgmt/dh_kmgmt.c \ providers/implementations/keymgmt/dsa_kmgmt.c \ providers/implementations/keymgmt/ecx_kmgmt.c \ @@ -303,14 +303,14 @@ GENERATE[providers/implementations/kdfs/tls1_prf.inc]=\ providers/implementations/kdfs/tls1_prf.inc.in GENERATE[providers/implementations/kdfs/x942kdf.inc]=\ providers/implementations/kdfs/x942kdf.inc.in -GENERATE[providers/implementations/kem/ec_kem.c]=\ - providers/implementations/kem/ec_kem.c.in -GENERATE[providers/implementations/kem/ecx_kem.c]=\ - providers/implementations/kem/ecx_kem.c.in -GENERATE[providers/implementations/kem/ml_kem_kem.c]=\ - providers/implementations/kem/ml_kem_kem.c.in -GENERATE[providers/implementations/kem/rsa_kem.c]=\ - providers/implementations/kem/rsa_kem.c.in +GENERATE[providers/implementations/kem/ec_kem.inc]=\ + providers/implementations/kem/ec_kem.inc.in +GENERATE[providers/implementations/kem/ecx_kem.inc]=\ + providers/implementations/kem/ecx_kem.inc.in +GENERATE[providers/implementations/kem/ml_kem_kem.inc]=\ + providers/implementations/kem/ml_kem_kem.inc.in +GENERATE[providers/implementations/kem/rsa_kem.inc]=\ + providers/implementations/kem/rsa_kem.inc.in GENERATE[providers/implementations/keymgmt/dh_kmgmt.c]=\ providers/implementations/keymgmt/dh_kmgmt.c.in GENERATE[providers/implementations/keymgmt/dsa_kmgmt.c]=\ diff --git a/providers/implementations/kem/ec_kem.c.in b/providers/implementations/kem/ec_kem.c similarity index 98% rename from providers/implementations/kem/ec_kem.c.in rename to providers/implementations/kem/ec_kem.c index 370ef833ada..20442b0fc80 100644 --- a/providers/implementations/kem/ec_kem.c.in +++ b/providers/implementations/kem/ec_kem.c @@ -6,9 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -{- -use OpenSSL::paramnames qw(produce_param_decoder); --} /* * The following implementation is part of RFC 9180 related to DHKEM using @@ -39,6 +36,7 @@ use OpenSSL::paramnames qw(produce_param_decoder); #include "crypto/ec.h" #include "prov/ecx.h" #include "prov/eckem.h" +#include "providers/implementations/kem/ec_kem.inc" typedef struct { EC_KEY *recipient_key; @@ -288,12 +286,6 @@ static int eckem_auth_decapsulate_init(void *vctx, void *vecx, void *vauthpub, return eckem_init(vctx, EVP_PKEY_OP_DECAPSULATE, vecx, vauthpub, params); } - -{- produce_param_decoder('eckem_set_ctx_params', - (['OSSL_KEM_PARAM_OPERATION', 'op', 'utf8_string'], - ['OSSL_KEM_PARAM_IKME', 'ikme', 'octet_string'], - )); -} - static int eckem_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_EC_CTX *ctx = (PROV_EC_CTX *)vctx; diff --git a/providers/implementations/kem/ec_kem.inc.in b/providers/implementations/kem/ec_kem.inc.in new file mode 100644 index 00000000000..ae6cd7a63f6 --- /dev/null +++ b/providers/implementations/kem/ec_kem.inc.in @@ -0,0 +1,17 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- produce_param_decoder('eckem_set_ctx_params', + (['OSSL_KEM_PARAM_OPERATION', 'op', 'utf8_string'], + ['OSSL_KEM_PARAM_IKME', 'ikme', 'octet_string'], + )); -} diff --git a/providers/implementations/kem/ecx_kem.c.in b/providers/implementations/kem/ecx_kem.c similarity index 98% rename from providers/implementations/kem/ecx_kem.c.in rename to providers/implementations/kem/ecx_kem.c index bb9037dc4db..b772a45fb43 100644 --- a/providers/implementations/kem/ecx_kem.c.in +++ b/providers/implementations/kem/ecx_kem.c @@ -6,9 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -{- -use OpenSSL::paramnames qw(produce_param_decoder); --} /* * The following implementation is part of RFC 9180 related to DHKEM using @@ -39,6 +36,7 @@ use OpenSSL::paramnames qw(produce_param_decoder); #include #include "internal/hpke_util.h" #include "prov/eckem.h" +#include "providers/implementations/kem/ecx_kem.inc" #define MAX_ECX_KEYLEN X448_KEYLEN @@ -244,11 +242,6 @@ static int ecxkem_auth_decapsulate_init(void *vctx, void *vecx, void *vauthpub, return ecxkem_init(vctx, EVP_PKEY_OP_DECAPSULATE, vecx, vauthpub, params); } -{- produce_param_decoder('ecxkem_set_ctx_params', - (['OSSL_KEM_PARAM_OPERATION', 'op', 'utf8_string'], - ['OSSL_KEM_PARAM_IKME', 'ikme', 'octet_string'], - )); -} - static int ecxkem_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_ECX_CTX *ctx = (PROV_ECX_CTX *)vctx; diff --git a/providers/implementations/kem/ecx_kem.inc.in b/providers/implementations/kem/ecx_kem.inc.in new file mode 100644 index 00000000000..5cd2dda5044 --- /dev/null +++ b/providers/implementations/kem/ecx_kem.inc.in @@ -0,0 +1,17 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- produce_param_decoder('ecxkem_set_ctx_params', + (['OSSL_KEM_PARAM_OPERATION', 'op', 'utf8_string'], + ['OSSL_KEM_PARAM_IKME', 'ikme', 'octet_string'], + )); -} diff --git a/providers/implementations/kem/ml_kem_kem.c.in b/providers/implementations/kem/ml_kem_kem.c similarity index 97% rename from providers/implementations/kem/ml_kem_kem.c.in rename to providers/implementations/kem/ml_kem_kem.c index 1c9a816e02c..bb27c962666 100644 --- a/providers/implementations/kem/ml_kem_kem.c.in +++ b/providers/implementations/kem/ml_kem_kem.c @@ -6,9 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -{- -use OpenSSL::paramnames qw(produce_param_decoder); --} #include #include @@ -24,6 +21,7 @@ use OpenSSL::paramnames qw(produce_param_decoder); #include "prov/implementations.h" #include "prov/securitycheck.h" #include "prov/providercommon.h" +#include "providers/implementations/kem/ml_kem_kem.inc" static OSSL_FUNC_kem_newctx_fn ml_kem_newctx; static OSSL_FUNC_kem_freectx_fn ml_kem_freectx; @@ -99,10 +97,6 @@ static int ml_kem_decapsulate_init(void *vctx, void *vkey, return ml_kem_init(vctx, EVP_PKEY_OP_DECAPSULATE, key, params); } -{- produce_param_decoder('ml_kem_set_ctx_params', - (['OSSL_KEM_PARAM_IKME', 'ikme', 'octet_string'], - )); -} - static int ml_kem_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_ML_KEM_CTX *ctx = vctx; diff --git a/providers/implementations/kem/ml_kem_kem.inc.in b/providers/implementations/kem/ml_kem_kem.inc.in new file mode 100644 index 00000000000..201b1544c46 --- /dev/null +++ b/providers/implementations/kem/ml_kem_kem.inc.in @@ -0,0 +1,16 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- produce_param_decoder('ml_kem_set_ctx_params', + (['OSSL_KEM_PARAM_IKME', 'ikme', 'octet_string'], + )); -} diff --git a/providers/implementations/kem/rsa_kem.c.in b/providers/implementations/kem/rsa_kem.c similarity index 96% rename from providers/implementations/kem/rsa_kem.c.in rename to providers/implementations/kem/rsa_kem.c index 0806cdd43e6..a75460bded7 100644 --- a/providers/implementations/kem/rsa_kem.c.in +++ b/providers/implementations/kem/rsa_kem.c @@ -6,9 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -{- -use OpenSSL::paramnames qw(produce_param_decoder); --} /* * RSA low level APIs are deprecated for public use, but still ok for @@ -30,6 +27,7 @@ use OpenSSL::paramnames qw(produce_param_decoder); #include "prov/providercommon.h" #include "prov/implementations.h" #include "prov/securitycheck.h" +#include "providers/implementations/kem/rsa_kem.inc" static OSSL_FUNC_kem_newctx_fn rsakem_newctx; static OSSL_FUNC_kem_encapsulate_init_fn rsakem_encapsulate_init; @@ -176,10 +174,6 @@ static int rsakem_decapsulate_init(void *vprsactx, void *vrsa, "RSA Decapsulate Init"); } -{- produce_param_decoder('rsakem_get_ctx_params', - (['OSSL_KEM_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], - )); -} - static int rsakem_get_ctx_params(void *vprsactx, OSSL_PARAM *params) { PROV_RSA_CTX *ctx = (PROV_RSA_CTX *)vprsactx; @@ -199,11 +193,6 @@ static const OSSL_PARAM *rsakem_gettable_ctx_params(ossl_unused void *vprsactx, return rsakem_get_ctx_params_list; } -{- produce_param_decoder('rsakem_set_ctx_params', - (['OSSL_KEM_PARAM_OPERATION', 'op', 'utf8_string'], - ['OSSL_KEM_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int', 'fips'], - )); -} - static int rsakem_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; diff --git a/providers/implementations/kem/rsa_kem.inc.in b/providers/implementations/kem/rsa_kem.inc.in new file mode 100644 index 00000000000..0588758ae50 --- /dev/null +++ b/providers/implementations/kem/rsa_kem.inc.in @@ -0,0 +1,21 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- produce_param_decoder('rsakem_get_ctx_params', + (['OSSL_KEM_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], + )); -} + +{- produce_param_decoder('rsakem_set_ctx_params', + (['OSSL_KEM_PARAM_OPERATION', 'op', 'utf8_string'], + ['OSSL_KEM_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int', 'fips'], + )); -} -- 2.47.3