* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
+{-
+use OpenSSL::paramnames qw(produce_param_list);
+-}
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include "crypto/ml_kem.h"
#include "internal/fips.h"
#include "internal/param_build_set.h"
+#include "internal/param_names.h"
#include "prov/implementations.h"
#include "prov/providercommon.h"
#include "prov/provider_ctx.h"
return ret;
}
+/* Machine generated by util/perl/OpenSSL/paramnames.pm */
+{- produce_param_list('static', 'ml_kem_key_types',
+ 'static', 'ml_kem_key_types_find_pidx',
+ (['PKEY_PARAM_ML_KEM_SEED', 'octet_string'],
+ ['PKEY_PARAM_PRIV_KEY', 'octet_string'],
+ ['PKEY_PARAM_PUB_KEY', 'octet_string'],
+ )); -}
+/* End of machine generated */
+
static const OSSL_PARAM *ml_kem_imexport_types(int selection)
{
- static const OSSL_PARAM key_types[] = {
- OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ML_KEM_SEED, NULL, 0),
- OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
- OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0),
- OSSL_PARAM_END
- };
-
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
- return key_types;
+ return ml_kem_key_types;
return NULL;
}
* When a private key is provided, without a seed, any public key also
* provided will be ignored (apart from length), just as with the seed.
*/
- if (include_private) {
- /*
- * When a seed is provided, the private and public keys may be ignored,
- * after validating just their lengths. Comparing encodings or hashes
- * when applicable is possible, but not currently implemented.
- */
- p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ML_KEM_SEED);
- if (p != NULL
- && OSSL_PARAM_get_octet_string_ptr(p, &seedenc, &seedlen) != 1)
- return 0;
- if (seedlen != 0 && seedlen != ML_KEM_SEED_BYTES) {
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_SEED_LENGTH);
- return 0;
- }
- p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
- if (p != NULL
- && OSSL_PARAM_get_octet_string_ptr(p, &prvenc, &prvlen) != 1)
- return 0;
- if (prvlen != 0 && prvlen != v->prvkey_bytes) {
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
- return 0;
- }
- }
+ for (p = params; p->key != NULL; p++)
+ switch (ml_kem_key_types_find_pidx(p->key)) {
+ default:
+ break;
+
+ case PIDX_PKEY_PARAM_ML_KEM_SEED:
+ if (include_private) {
+ /*
+ * When a seed is provided, the private and public keys may be ignored,
+ * after validating just their lengths. Comparing encodings or hashes
+ * when applicable is possible, but not currently implemented.
+ */
+ if (OSSL_PARAM_get_octet_string_ptr(p, &seedenc, &seedlen) != 1)
+ return 0;
+ if (seedlen != 0 && seedlen != ML_KEM_SEED_BYTES) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_SEED_LENGTH);
+ return 0;
+ }
+ }
+ break;
+
+ case PIDX_PKEY_PARAM_PRIV_KEY:
+ if (include_private) {
+ if (OSSL_PARAM_get_octet_string_ptr(p, &prvenc, &prvlen) != 1)
+ return 0;
+ if (prvlen != 0 && prvlen != v->prvkey_bytes) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+ }
+ break;
- /* Used only when no seed or private key is provided. */
- p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY);
- if (p != NULL
- && OSSL_PARAM_get_octet_string_ptr(p, &pubenc, &publen) != 1)
- return 0;
- if (publen != 0 && publen != v->pubkey_bytes) {
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
- return 0;
- }
+ /* Used only when no seed or private key is provided. */
+ case PIDX_PKEY_PARAM_PUB_KEY:
+ if (OSSL_PARAM_get_octet_string_ptr(p, &pubenc, &publen) != 1)
+ return 0;
+ if (publen != 0 && publen != v->pubkey_bytes) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+ break;
+ }
/* The caller MUST specify at least one of seed, private or public keys. */
if (seedlen == 0 && publen == 0 && prvlen == 0) {
return res;
}
+/* Machine generated by util/perl/OpenSSL/paramnames.pm */
+{- produce_param_list('static', 'ml_kem_known_gettable_params',
+ 'static', 'ml_kem_get_params_find_pidx',
+ (['PKEY_PARAM_BITS', 'int'],
+ ['PKEY_PARAM_SECURITY_BITS', 'int'],
+ ['PKEY_PARAM_MAX_SIZE', 'int'],
+ ['PKEY_PARAM_SECURITY_CATEGORY', 'int'],
+ ['PKEY_PARAM_ML_KEM_SEED', 'octet_string'],
+ ['PKEY_PARAM_PRIV_KEY', 'octet_string'],
+ ['PKEY_PARAM_PUB_KEY', 'octet_string'],
+ ['PKEY_PARAM_ENCODED_PUBLIC_KEY', 'octet_string'],
+ )); -}
+/* End of machine generated */
+
static const OSSL_PARAM *ml_kem_gettable_params(void *provctx)
{
- static const OSSL_PARAM arr[] = {
- OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
- OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
- OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
- OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_CATEGORY, NULL),
- /* Exported for import */
- OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ML_KEM_SEED, NULL, 0),
- /* Exported to EVP_PKEY_get_raw_private_key() */
- OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
- /* Exported to EVP_PKEY_get_raw_public_key() */
- OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0),
- /* Needed by EVP_PKEY_get1_encoded_public_key() */
- OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
- OSSL_PARAM_END
- };
-
- return arr;
+ return ml_kem_known_gettable_params;
}
#ifndef FIPS_MODULE
ML_KEM_KEY *key = vkey;
const ML_KEM_VINFO *v = ossl_ml_kem_key_vinfo(key);
OSSL_PARAM *p;
- const char *pubparams[] = {
- OSSL_PKEY_PARAM_PUB_KEY,
- OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY
- };
- int i;
+ uint8_t *pubenc = NULL;
- p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_BITS);
- if (p != NULL)
- if (!OSSL_PARAM_set_int(p, v->bits))
- return 0;
+ for (p = params; p->key != NULL; p++)
+ switch (ml_kem_get_params_find_pidx(p->key)) {
+ default:
+ break;
- p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_SECURITY_BITS);
- if (p != NULL)
- if (!OSSL_PARAM_set_int(p, v->secbits))
- return 0;
-
- p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE);
- if (p != NULL)
- if (!OSSL_PARAM_set_int(p, v->ctext_bytes))
- return 0;
- p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_SECURITY_CATEGORY);
- if (p != NULL)
- if (!OSSL_PARAM_set_int(p, v->security_category))
- return 0;
+ case PIDX_PKEY_PARAM_BITS:
+ if (!OSSL_PARAM_set_int(p, v->bits))
+ return 0;
+ break;
- if (ossl_ml_kem_have_pubkey(key)) {
- uint8_t *pubenc = NULL;
+ case PIDX_PKEY_PARAM_SECURITY_BITS:
+ if (!OSSL_PARAM_set_int(p, v->secbits))
+ return 0;
+ break;
- for (i = 0; i < 2; ++i) {
- p = OSSL_PARAM_locate(params, pubparams[i]);
- if (p == NULL)
- continue;
- if (p->data_type != OSSL_PARAM_OCTET_STRING)
+ case PIDX_PKEY_PARAM_MAX_SIZE:
+ if (!OSSL_PARAM_set_int(p, v->ctext_bytes))
return 0;
- p->return_size = v->pubkey_bytes;
- if (p->data == NULL)
- continue;
- if (p->data_size < p->return_size)
+ break;
+
+ case PIDX_PKEY_PARAM_SECURITY_CATEGORY:
+ if (!OSSL_PARAM_set_int(p, v->security_category))
return 0;
- if (pubenc != NULL) {
- memcpy(p->data, pubenc, p->return_size);
- continue;
+ break;
+
+ /* Exported to EVP_PKEY_get_raw_public_key() */
+ case PIDX_PKEY_PARAM_PUB_KEY:
+ /* Needed by EVP_PKEY_get1_encoded_public_key() */
+ case PIDX_PKEY_PARAM_ENCODED_PUBLIC_KEY:
+ if (ossl_ml_kem_have_pubkey(key)) {
+ if (p->data_type != OSSL_PARAM_OCTET_STRING)
+ return 0;
+ p->return_size = v->pubkey_bytes;
+ if (p->data == NULL)
+ break;
+ if (p->data_size < p->return_size)
+ return 0;
+ if (pubenc != NULL) {
+ memcpy(p->data, pubenc, p->return_size);
+ break;
+ }
+ if (!ossl_ml_kem_encode_public_key(p->data, p->return_size, key))
+ return 0;
+ pubenc = p->data;
}
- if (!ossl_ml_kem_encode_public_key(p->data, p->return_size, key))
- return 0;
- pubenc = p->data;
- }
- }
+ break;
- p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_PRIV_KEY);
- if (p != NULL && ossl_ml_kem_have_prvkey(key)) {
- if (p->data_type != OSSL_PARAM_OCTET_STRING)
- return 0;
- p->return_size = v->prvkey_bytes;
- if (p->data != NULL) {
- if (p->data_size < p->return_size)
- return 0;
- if (!ossl_ml_kem_encode_private_key(p->data, p->return_size, key))
- return 0;
- }
- }
+ /* Exported to EVP_PKEY_get_raw_private_key() */
+ case PIDX_PKEY_PARAM_PRIV_KEY:
+ if (ossl_ml_kem_have_prvkey(key)) {
+ if (p->data_type != OSSL_PARAM_OCTET_STRING)
+ return 0;
+ p->return_size = v->prvkey_bytes;
+ if (p->data != NULL) {
+ if (p->data_size < p->return_size)
+ return 0;
+ if (!ossl_ml_kem_encode_private_key(p->data, p->return_size, key))
+ return 0;
+ }
+ }
+ break;
- p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_ML_KEM_SEED);
- if (p != NULL && ossl_ml_kem_have_seed(key)) {
- if (p->data_type != OSSL_PARAM_OCTET_STRING)
- return 0;
- p->return_size = ML_KEM_SEED_BYTES;
- if (p->data != NULL) {
- if (p->data_size < p->return_size)
- return 0;
- if (!ossl_ml_kem_encode_seed(p->data, p->return_size, key))
- return 0;
+ /* Exported for import */
+ case PIDX_PKEY_PARAM_ML_KEM_SEED:
+ if (ossl_ml_kem_have_seed(key)) {
+ if (p->data_type != OSSL_PARAM_OCTET_STRING)
+ return 0;
+ p->return_size = ML_KEM_SEED_BYTES;
+ if (p->data != NULL) {
+ if (p->data_size < p->return_size)
+ return 0;
+ if (!ossl_ml_kem_encode_seed(p->data, p->return_size, key))
+ return 0;
+ }
+ }
+ break;
}
- }
-
return 1;
}
projects / thirdparty / openssl.git / commitdiff
