diff options
| author | Richard Levitte <levitte@openssl.org> | 2020-08-16 21:25:08 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2020-08-21 09:23:58 +0200 |
| commit | ece9304c96f71277ca95696d9bc49fdec51e9f17 (patch) | |
| tree | 7038f8760e1538754bc67371cb5a466a83935dad /providers/implementations/serializers | |
| parent | f650993f1de3dbb5eda9009ad0c4895a7b1b7fe2 (diff) | |
| download | openssl-new-ece9304c96f71277ca95696d9bc49fdec51e9f17.tar.gz | |
Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
Fixes #12455
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12660)
Diffstat (limited to 'providers/implementations/serializers')
26 files changed, 0 insertions, 5410 deletions
diff --git a/providers/implementations/serializers/build.info b/providers/implementations/serializers/build.info deleted file mode 100644 index 04f230b334..0000000000 --- a/providers/implementations/serializers/build.info +++ /dev/null @@ -1,35 +0,0 @@ -# We make separate GOAL variables for each algorithm, to make it easy to -# switch each to the Legacy provider when needed. - -$SERIALIZER_GOAL=../../libimplementations.a -$DESERIALIZER_GOAL=../../libimplementations.a -$RSA_GOAL=../../libimplementations.a -$FFC_GOAL=../../libimplementations.a -$DH_GOAL=../../libimplementations.a -$DSA_GOAL=../../libimplementations.a -$ECX_GOAL=../../libimplementations.a -$EC_GOAL=../../libimplementations.a - -SOURCE[$SERIALIZER_GOAL]=serializer_common.c deserialize_common.c - -SOURCE[$DESERIALIZER_GOAL]=deserialize_der2key.c deserialize_pem2der.c -IF[{- !$disabled{dsa} -}] - SOURCE[$DESERIALIZER_GOAL]=deserialize_ms2key.c -ENDIF - -SOURCE[$RSA_GOAL]=serializer_rsa.c serializer_rsa_priv.c serializer_rsa_pub.c -DEPEND[serializer_rsa.o]=../../common/include/prov/der_rsa.h - -IF[{- !$disabled{"dh"} || !$disabled{"dsa"} -}] - SOURCE[$FFC_GOAL]=serializer_ffc_params.c -ENDIF -IF[{- !$disabled{dh} -}] - SOURCE[$DH_GOAL]=serializer_dh.c serializer_dh_priv.c serializer_dh_pub.c serializer_dh_param.c -ENDIF -IF[{- !$disabled{dsa} -}] - SOURCE[$DSA_GOAL]=serializer_dsa.c serializer_dsa_priv.c serializer_dsa_pub.c serializer_dsa_param.c -ENDIF -IF[{- !$disabled{ec} -}] - SOURCE[$ECX_GOAL]=serializer_ecx.c serializer_ecx_priv.c serializer_ecx_pub.c - SOURCE[$EC_GOAL]=serializer_ec.c serializer_ec_priv.c serializer_ec_pub.c serializer_ec_param.c -ENDIF diff --git a/providers/implementations/serializers/deserialize_common.c b/providers/implementations/serializers/deserialize_common.c deleted file mode 100644 index 54c63347fd..0000000000 --- a/providers/implementations/serializers/deserialize_common.c +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <openssl/core_names.h> -#include <openssl/bio.h> -#include <openssl/err.h> -#include <openssl/buffer.h> -#include <openssl/pem.h> /* For public PEM and PVK functions */ -#include <openssl/pkcs12.h> -#include "internal/pem.h" /* For internal PVK and "blob" functions */ -#include "internal/cryptlib.h" -#include "crypto/asn1.h" -#include "prov/bio.h" /* ossl_prov_bio_printf() */ -#include "prov/providercommonerr.h" /* PROV_R_READ_KEY */ -#include "serializer_local.h" - -int ossl_prov_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin, - unsigned char **data, long *len) -{ - BUF_MEM *mem = NULL; - BIO *in = bio_new_from_core_bio(provctx, cin); - int ok = (asn1_d2i_read_bio(in, &mem) >= 0); - - if (ok) { - *data = (unsigned char *)mem->data; - *len = (long)mem->length; - OPENSSL_free(mem); - } - BIO_free(in); - return ok; -} - -int ossl_prov_read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin, - char **pem_name, char **pem_header, - unsigned char **data, long *len) -{ - BIO *in = bio_new_from_core_bio(provctx, cin); - int ok = (PEM_read_bio(in, pem_name, pem_header, data, len) > 0); - - BIO_free(in); - return ok; -} - -#ifndef OPENSSL_NO_DSA -EVP_PKEY *ossl_prov_read_msblob(PROV_CTX *provctx, OSSL_CORE_BIO *cin, - int *ispub) -{ - BIO *in = bio_new_from_core_bio(provctx, cin); - EVP_PKEY *pkey = ossl_b2i_bio(in, ispub); - - BIO_free(in); - return pkey; -} - -struct pwdata_st { - OSSL_PASSPHRASE_CALLBACK *pw_cb; - void *pw_cbarg; -}; - -pem_password_cb pw_pem_password_to_ossl_passhrase; -int pw_pem_password_to_ossl_passhrase(char *buf, int size, int rwflag, - void *userdata) -{ - struct pwdata_st *data = userdata; - size_t pw_len = 0; - static char prompt_info[] = "pass phrase"; - OSSL_PARAM params[] = { - OSSL_PARAM_utf8_string(OSSL_PASSPHRASE_PARAM_INFO, prompt_info, - sizeof(prompt_info) - 1), - OSSL_PARAM_END - }; - int ok = data->pw_cb(buf, (size_t)size, &pw_len, params, data->pw_cbarg); - - if (ok) - return (int)pw_len; - else - return -1; -} - -# ifndef OPENSSL_NO_RC4 -EVP_PKEY *ossl_prov_read_pvk(PROV_CTX *provctx, OSSL_CORE_BIO *cin, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) -{ - BIO *in = bio_new_from_core_bio(provctx, cin); - EVP_PKEY *pkey = NULL; - struct pwdata_st pwdata; - - pwdata.pw_cb = pw_cb; - pwdata.pw_cbarg = pw_cbarg; - pkey = b2i_PVK_bio(in, pw_pem_password_to_ossl_passhrase, &pwdata); - - BIO_free(in); - return pkey; -} -# endif -#endif - -int ossl_prov_der_from_p8(unsigned char **new_der, long *new_der_len, - unsigned char *input_der, long input_der_len, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) -{ - const unsigned char *derp; - X509_SIG *p8 = NULL; - int ok = 0; - - if (!ossl_assert(new_der != NULL && *new_der == NULL) - || !ossl_assert(new_der_len != NULL)) - return 0; - - derp = input_der; - if ((p8 = d2i_X509_SIG(NULL, &derp, input_der_len)) != NULL) { - char pbuf[PEM_BUFSIZE]; - size_t plen = 0; - - if (!pw_cb(pbuf, sizeof(pbuf), &plen, NULL, pw_cbarg)) { - ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY); - } else { - const X509_ALGOR *alg = NULL; - const ASN1_OCTET_STRING *oct = NULL; - int len = 0; - - X509_SIG_get0(p8, &alg, &oct); - if (PKCS12_pbe_crypt(alg, pbuf, plen, oct->data, oct->length, - new_der, &len, 0) != NULL) - ok = 1; - *new_der_len = len; - } - } - X509_SIG_free(p8); - return ok; -} diff --git a/providers/implementations/serializers/deserialize_der2key.c b/providers/implementations/serializers/deserialize_der2key.c deleted file mode 100644 index 6975c9ceab..0000000000 --- a/providers/implementations/serializers/deserialize_der2key.c +++ /dev/null @@ -1,240 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/core_dispatch.h> -#include <openssl/core_names.h> -#include <openssl/crypto.h> -#include <openssl/params.h> -#include <openssl/x509.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "serializer_local.h" - -static OSSL_FUNC_deserializer_newctx_fn der2rsa_newctx; - -static OSSL_FUNC_deserializer_freectx_fn der2key_freectx; -static OSSL_FUNC_deserializer_gettable_params_fn der2key_gettable_params; -static OSSL_FUNC_deserializer_get_params_fn der2key_get_params; -static OSSL_FUNC_deserializer_deserialize_fn der2key_deserialize; -static OSSL_FUNC_deserializer_export_object_fn der2key_export_object; - -typedef void *(extract_key_fn)(EVP_PKEY *); -typedef void (free_key_fn)(void *); -struct keytype_desc_st { - int type; /* EVP key type */ - const char *name; /* Keytype */ - const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */ - - /* - * These must be the correct EVP_PKEY_get1_{TYPE}() and {TYPE}_free() - * function for the key. - */ - extract_key_fn *extract_key; - free_key_fn *free_key; -}; - -/* - * Context used for DER to key deserialization. - */ -struct der2key_ctx_st { - PROV_CTX *provctx; - const struct keytype_desc_st *desc; -}; - -static struct der2key_ctx_st * -der2key_newctx(void *provctx, const struct keytype_desc_st *desc) -{ - struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); - - if (ctx != NULL) { - ctx->provctx = provctx; - ctx->desc = desc; - } - return ctx; -} - -static void der2key_freectx(void *vctx) -{ - struct der2key_ctx_st *ctx = vctx; - - OPENSSL_free(ctx); -} - -static const OSSL_PARAM *der2key_gettable_params(void *provctx) -{ - static const OSSL_PARAM gettables[] = { - { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 }, - OSSL_PARAM_END, - }; - - return gettables; -} - -static int der2key_get_params(OSSL_PARAM params[]) -{ - OSSL_PARAM *p; - - p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE); - if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "DER")) - return 0; - - return 1; -} - -static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) -{ - struct der2key_ctx_st *ctx = vctx; - void *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); - unsigned char *der = NULL; - const unsigned char *derp; - long der_len = 0; - unsigned char *new_der = NULL; - long new_der_len; - EVP_PKEY *pkey = NULL; - void *key = NULL; - int ok = 0; - - if (!ossl_prov_read_der(ctx->provctx, cin, &der, &der_len)) - return 0; - - /* - * Opportunistic attempt to decrypt. If it doesn't work, we try to - * decode our input unencrypted. - */ - if (ossl_prov_der_from_p8(&new_der, &new_der_len, der, der_len, - pw_cb, pw_cbarg)) { - OPENSSL_free(der); - der = new_der; - der_len = new_der_len; - } - - derp = der; - pkey = d2i_PrivateKey_ex(ctx->desc->type, NULL, &derp, der_len, - libctx, NULL); - if (pkey == NULL) { - derp = der; - pkey = d2i_PUBKEY_ex(NULL, &derp, der_len, libctx, NULL); - } - - if (pkey == NULL) { - derp = der; - pkey = d2i_KeyParams(ctx->desc->type, NULL, &derp, der_len); - } - - if (pkey != NULL) { - /* - * Tear out the low-level key pointer from the pkey, - * but only if it matches the expected key type. - * - * TODO(3.0): The check should be done with EVP_PKEY_is_a(), but - * as long as we still have #legacy internal keys, it's safer to - * use the type numbers inside the provider. - */ - if (EVP_PKEY_id(pkey) == ctx->desc->type) - key = ctx->desc->extract_key(pkey); - - /* - * ctx->desc->extract_key() is expected to have incremented |key|'s - * reference count, so it should be safe to free |pkey| now. - */ - EVP_PKEY_free(pkey); - } - - OPENSSL_free(der); - - if (key != NULL) { - OSSL_PARAM params[3]; - - params[0] = - OSSL_PARAM_construct_utf8_string(OSSL_DESERIALIZER_PARAM_DATA_TYPE, - (char *)ctx->desc->name, 0); - /* The address of the key becomes the octet string */ - params[1] = - OSSL_PARAM_construct_octet_string(OSSL_DESERIALIZER_PARAM_REFERENCE, - &key, sizeof(key)); - params[2] = OSSL_PARAM_construct_end(); - - ok = data_cb(params, data_cbarg); - } - ctx->desc->free_key(key); - - return ok; -} - -static int der2key_export_object(void *vctx, - const void *reference, size_t reference_sz, - OSSL_CALLBACK *export_cb, void *export_cbarg) -{ - struct der2key_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_export_fn *export = - ossl_prov_get_keymgmt_export(ctx->desc->fns); - void *keydata; - - if (reference_sz == sizeof(keydata) && export != NULL) { - /* The contents of the reference is the address to our object */ - keydata = *(void **)reference; - - return export(keydata, OSSL_KEYMGMT_SELECT_ALL, - export_cb, export_cbarg); - } - return 0; -} - -#define IMPLEMENT_NEWCTX(KEYTYPEstr, KEYTYPE, keytype, extract, free) \ - static const struct keytype_desc_st keytype##_desc = \ - { EVP_PKEY_##KEYTYPE, KEYTYPEstr, keytype##_keymgmt_functions, \ - (extract_key_fn *)extract, \ - (free_key_fn *)free }; \ - static void *der2##keytype##_newctx(void *provctx) \ - { \ - return der2key_newctx(provctx, &keytype##_desc); \ - } \ - const OSSL_DISPATCH der_to_##keytype##_deserializer_functions[] = { \ - { OSSL_FUNC_DESERIALIZER_NEWCTX, \ - (void (*)(void))der2##keytype##_newctx }, \ - { OSSL_FUNC_DESERIALIZER_FREECTX, \ - (void (*)(void))der2key_freectx }, \ - { OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS, \ - (void (*)(void))der2key_gettable_params }, \ - { OSSL_FUNC_DESERIALIZER_GET_PARAMS, \ - (void (*)(void))der2key_get_params }, \ - { OSSL_FUNC_DESERIALIZER_DESERIALIZE, \ - (void (*)(void))der2key_deserialize }, \ - { OSSL_FUNC_DESERIALIZER_EXPORT_OBJECT, \ - (void (*)(void))der2key_export_object }, \ - { 0, NULL } \ - } - -#ifndef OPENSSL_NO_DH -IMPLEMENT_NEWCTX("DH", DH, dh, EVP_PKEY_get1_DH, DH_free); -IMPLEMENT_NEWCTX("DHX", DHX, dhx, EVP_PKEY_get1_DH, DH_free); -#endif -#ifndef OPENSSL_NO_DSA -IMPLEMENT_NEWCTX("DSA", DSA, dsa, EVP_PKEY_get1_DSA, DSA_free); -#endif -#ifndef OPENSSL_NO_EC -IMPLEMENT_NEWCTX("EC", EC, ec, EVP_PKEY_get1_EC_KEY, EC_KEY_free); -IMPLEMENT_NEWCTX("X25519", X25519, x25519, - EVP_PKEY_get1_X25519, ecx_key_free); -IMPLEMENT_NEWCTX("X448", X448, x448, - EVP_PKEY_get1_X448, ecx_key_free); -IMPLEMENT_NEWCTX("ED25519", ED25519, ed25519, - EVP_PKEY_get1_ED25519, ecx_key_free); -IMPLEMENT_NEWCTX("ED448", ED448, ed448, EVP_PKEY_get1_ED448, ecx_key_free); -#endif -IMPLEMENT_NEWCTX("RSA", RSA, rsa, EVP_PKEY_get1_RSA, RSA_free); -IMPLEMENT_NEWCTX("RSA-PSS", RSA_PSS, rsapss, EVP_PKEY_get1_RSA, RSA_free); diff --git a/providers/implementations/serializers/deserialize_ms2key.c b/providers/implementations/serializers/deserialize_ms2key.c deleted file mode 100644 index 8b9ddec6a0..0000000000 --- a/providers/implementations/serializers/deserialize_ms2key.c +++ /dev/null @@ -1,241 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/core_dispatch.h> -#include <openssl/core_names.h> -#include <openssl/crypto.h> -#include <openssl/params.h> -#include <openssl/x509.h> -#include "internal/pem.h" /* For PVK and "blob" PEM headers */ -#include "prov/bio.h" -#include "prov/implementations.h" -#include "serializer_local.h" - -static OSSL_FUNC_deserializer_freectx_fn ms2key_freectx; -static OSSL_FUNC_deserializer_gettable_params_fn ms2key_gettable_params; -static OSSL_FUNC_deserializer_get_params_fn msblob2key_get_params; -#ifndef OPENSSL_NO_RC4 -static OSSL_FUNC_deserializer_get_params_fn pvk2key_get_params; -#endif -static OSSL_FUNC_deserializer_deserialize_fn msblob2key_deserialize; -#ifndef OPENSSL_NO_RC4 -static OSSL_FUNC_deserializer_deserialize_fn pvk2key_deserialize; -#endif -static OSSL_FUNC_deserializer_export_object_fn ms2key_export_object; - -typedef void *(extract_key_fn)(EVP_PKEY *); -typedef void (free_key_fn)(void *); -struct keytype_desc_st { - int type; /* EVP key type */ - const char *name; /* Keytype */ - const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */ - - /* - * These must be the correct EVP_PKEY_get1_{TYPE}() and {TYPE}_free() - * function for the key. - */ - extract_key_fn *extract_key; - free_key_fn *free_key; -}; - -/* - * Context used for DER to key deserialization. - */ -struct ms2key_ctx_st { - PROV_CTX *provctx; - const struct keytype_desc_st *desc; -}; - -static struct ms2key_ctx_st * -ms2key_newctx(void *provctx, const struct keytype_desc_st *desc) -{ - struct ms2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); - - if (ctx != NULL) { - ctx->provctx = provctx; - ctx->desc = desc; - } - return ctx; -} - -static void ms2key_freectx(void *vctx) -{ - struct ms2key_ctx_st *ctx = vctx; - - OPENSSL_free(ctx); -} - -static const OSSL_PARAM *ms2key_gettable_params(ossl_unused void *provctx) -{ - static const OSSL_PARAM gettables[] = { - { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 }, - OSSL_PARAM_END, - }; - - return gettables; -} - -static int msblob2key_get_params(OSSL_PARAM params[]) -{ - OSSL_PARAM *p; - - p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE); - if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "MSBLOB")) - return 0; - - return 1; -} - -#ifndef OPENSSL_NO_RC4 -static int pvk2key_get_params(OSSL_PARAM params[]) -{ - OSSL_PARAM *p; - - p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE); - if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "PVK")) - return 0; - - return 1; -} -#endif - -static int ms2key_post(struct ms2key_ctx_st *ctx, EVP_PKEY *pkey, - OSSL_CALLBACK *data_cb, void *data_cbarg) -{ - void *key = NULL; - int ok = 0; - - if (pkey != NULL) { - /* - * Tear out the low-level key pointer from the pkey, - * but only if it matches the expected key type. - * - * TODO(3.0): The check should be done with EVP_PKEY_is_a(), but - * as long as we still have #legacy internal keys, it's safer to - * use the type numbers in side the provider. - */ - if (EVP_PKEY_id(pkey) == ctx->desc->type) - key = ctx->desc->extract_key(pkey); - } - - if (key != NULL) { - OSSL_PARAM params[3]; - - params[0] = - OSSL_PARAM_construct_utf8_string(OSSL_DESERIALIZER_PARAM_DATA_TYPE, - (char *)ctx->desc->name, 0); - /* The address of the key becomes the octet string */ - params[1] = - OSSL_PARAM_construct_octet_string(OSSL_DESERIALIZER_PARAM_REFERENCE, - &key, sizeof(key)); - params[2] = OSSL_PARAM_construct_end(); - - ok = data_cb(params, data_cbarg); - } - ctx->desc->free_key(key); - - return ok; -} - -static int msblob2key_deserialize(void *vctx, OSSL_CORE_BIO *cin, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, - void *pw_cbarg) -{ - struct ms2key_ctx_st *ctx = vctx; - int ispub = -1; - EVP_PKEY *pkey = ossl_prov_read_msblob(ctx->provctx, cin, &ispub); - int ok = ms2key_post(ctx, pkey, data_cb, data_cbarg); - - EVP_PKEY_free(pkey); - return ok; -} - -#ifndef OPENSSL_NO_RC4 -static int pvk2key_deserialize(void *vctx, OSSL_CORE_BIO *cin, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, - void *pw_cbarg) -{ - struct ms2key_ctx_st *ctx = vctx; - EVP_PKEY *pkey = ossl_prov_read_pvk(ctx->provctx, cin, pw_cb, pw_cbarg); - int ok = ms2key_post(ctx, pkey, data_cb, data_cbarg); - - EVP_PKEY_free(pkey); - return ok; -} -#endif - -static int ms2key_export_object(void *vctx, - const void *reference, size_t reference_sz, - OSSL_CALLBACK *export_cb, void *export_cbarg) -{ - struct ms2key_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_export_fn *export = - ossl_prov_get_keymgmt_export(ctx->desc->fns); - void *keydata; - - if (reference_sz == sizeof(keydata) && export != NULL) { - /* The contents of the reference is the address to our object */ - keydata = *(void **)reference; - - return export(keydata, OSSL_KEYMGMT_SELECT_ALL, - export_cb, export_cbarg); - } - return 0; -} - -#define IMPLEMENT_TYPE(KEYTYPEstr, KEYTYPE, keytype, extract, free) \ - static const struct keytype_desc_st keytype##_desc; \ - static OSSL_FUNC_deserializer_newctx_fn ms2##keytype##_newctx; \ - static void *ms2##keytype##_newctx(void *provctx) \ - { \ - return ms2key_newctx(provctx, &keytype##_desc); \ - } \ - static const struct keytype_desc_st keytype##_desc = \ - { EVP_PKEY_##KEYTYPE, KEYTYPEstr, keytype##_keymgmt_functions, \ - (extract_key_fn *)extract, \ - (free_key_fn *)free } - -#define IMPLEMENT_MS(mstype, keytype) \ - const OSSL_DISPATCH \ - mstype##_to_##keytype##_deserializer_functions[] = { \ - { OSSL_FUNC_DESERIALIZER_NEWCTX, \ - (void (*)(void))ms2##keytype##_newctx }, \ - { OSSL_FUNC_DESERIALIZER_FREECTX, \ - (void (*)(void))ms2key_freectx }, \ - { OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS, \ - (void (*)(void))ms2key_gettable_params }, \ - { OSSL_FUNC_DESERIALIZER_GET_PARAMS, \ - (void (*)(void))mstype##2key_get_params }, \ - { OSSL_FUNC_DESERIALIZER_DESERIALIZE, \ - (void (*)(void))mstype##2key_deserialize }, \ - { OSSL_FUNC_DESERIALIZER_EXPORT_OBJECT, \ - (void (*)(void))ms2key_export_object }, \ - { 0, NULL } \ - } - -#ifndef OPENSSL_NO_DSA -IMPLEMENT_TYPE("DSA", DSA, dsa, EVP_PKEY_get1_DSA, DSA_free); -IMPLEMENT_MS(msblob, dsa); -# ifndef OPENSSL_NO_RC4 -IMPLEMENT_MS(pvk, dsa); -# endif -#endif -IMPLEMENT_TYPE("RSA", RSA, rsa, EVP_PKEY_get1_RSA, RSA_free); -IMPLEMENT_MS(msblob, rsa); -#ifndef OPENSSL_NO_RC4 -IMPLEMENT_MS(pvk, rsa); -#endif diff --git a/providers/implementations/serializers/deserialize_pem2der.c b/providers/implementations/serializers/deserialize_pem2der.c deleted file mode 100644 index ea43bd8319..0000000000 --- a/providers/implementations/serializers/deserialize_pem2der.c +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * RSA low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <string.h> - -#include <openssl/core_dispatch.h> -#include <openssl/core_names.h> -#include <openssl/crypto.h> -#include <openssl/err.h> -#include <openssl/params.h> -#include <openssl/pem.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/providercommonerr.h" -#include "serializer_local.h" - -static OSSL_FUNC_deserializer_newctx_fn pem2der_newctx; -static OSSL_FUNC_deserializer_freectx_fn pem2der_freectx; -static OSSL_FUNC_deserializer_gettable_params_fn pem2der_gettable_params; -static OSSL_FUNC_deserializer_get_params_fn pem2der_get_params; -static OSSL_FUNC_deserializer_deserialize_fn pem2der_deserialize; - -/* - * Context used for PEM to DER deserialization. - */ -struct pem2der_ctx_st { - PROV_CTX *provctx; -}; - -static void *pem2der_newctx(void *provctx) -{ - struct pem2der_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); - - if (ctx != NULL) - ctx->provctx = provctx; - return ctx; -} - -static void pem2der_freectx(void *vctx) -{ - struct pem2der_ctx_st *ctx = vctx; - - OPENSSL_free(ctx); -} - -static const OSSL_PARAM *pem2der_gettable_params(void *provctx) -{ - static const OSSL_PARAM gettables[] = { - { OSSL_DESERIALIZER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 }, - OSSL_PARAM_END, - }; - - return gettables; -} - -static int pem2der_get_params(OSSL_PARAM params[]) -{ - OSSL_PARAM *p; - - p = OSSL_PARAM_locate(params, OSSL_DESERIALIZER_PARAM_INPUT_TYPE); - if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "PEM")) - return 0; - - return 1; -} - -/* pem_password_cb compatible function */ -struct pem2der_pass_data_st { - OSSL_PASSPHRASE_CALLBACK *cb; - void *cbarg; -}; - -static int pem2der_pass_helper(char *buf, int num, int w, void *data) -{ - struct pem2der_pass_data_st *pass_data = data; - size_t plen; - - if (pass_data == NULL - || pass_data->cb == NULL - || !pass_data->cb(buf, num, &plen, NULL, pass_data->cbarg)) - return -1; - return (int)plen; -} - -static int pem2der_deserialize(void *vctx, OSSL_CORE_BIO *cin, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) -{ - struct pem2der_ctx_st *ctx = vctx; - char *pem_name = NULL, *pem_header = NULL; - unsigned char *der = NULL; - long der_len = 0; - int ok = 0; - - if (ossl_prov_read_pem(ctx->provctx, cin, &pem_name, &pem_header, - &der, &der_len) <= 0) - return 0; - - /* - * 10 is the number of characters in "Proc-Type:", which - * PEM_get_EVP_CIPHER_INFO() requires to be present. - * If the PEM header has less characters than that, it's - * not worth spending cycles on it. - */ - if (strlen(pem_header) > 10) { - EVP_CIPHER_INFO cipher; - struct pem2der_pass_data_st pass_data; - - pass_data.cb = pw_cb; - pass_data.cbarg = pw_cbarg; - if (!PEM_get_EVP_CIPHER_INFO(pem_header, &cipher) - || !PEM_do_header(&cipher, der, &der_len, - pem2der_pass_helper, &pass_data)) - goto end; - } - - { - OSSL_PARAM params[3]; - - params[0] = - OSSL_PARAM_construct_utf8_string(OSSL_DESERIALIZER_PARAM_DATA_TYPE, - pem_name, 0); - params[1] = - OSSL_PARAM_construct_octet_string(OSSL_DESERIALIZER_PARAM_DATA, - der, der_len); - params[2] = OSSL_PARAM_construct_end(); - - ok = data_cb(params, data_cbarg); - } - - end: - OPENSSL_free(pem_name); - OPENSSL_free(pem_header); - OPENSSL_free(der); - return ok; -} - -const OSSL_DISPATCH pem_to_der_deserializer_functions[] = { - { OSSL_FUNC_DESERIALIZER_NEWCTX, (void (*)(void))pem2der_newctx }, - { OSSL_FUNC_DESERIALIZER_FREECTX, (void (*)(void))pem2der_freectx }, - { OSSL_FUNC_DESERIALIZER_GETTABLE_PARAMS, - (void (*)(void))pem2der_gettable_params }, - { OSSL_FUNC_DESERIALIZER_GET_PARAMS, - (void (*)(void))pem2der_get_params }, - { OSSL_FUNC_DESERIALIZER_DESERIALIZE, (void (*)(void))pem2der_deserialize }, - { 0, NULL } -}; diff --git a/providers/implementations/serializers/serializer_common.c b/providers/implementations/serializers/serializer_common.c deleted file mode 100644 index 58d7a27e60..0000000000 --- a/providers/implementations/serializers/serializer_common.c +++ /dev/null @@ -1,397 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <openssl/opensslconf.h> /* SIXTY_FOUR_BIT_LONG, ... */ -#include <openssl/err.h> -#include <openssl/pem.h> /* PEM_BUFSIZE */ -#include <openssl/pkcs12.h> /* PKCS8_encrypt() */ -#include <openssl/types.h> -#include <openssl/x509.h> /* i2d_X509_PUBKEY_bio() */ -#include "crypto/bn.h" /* bn_get_words() */ -#include "crypto/ctype.h" -#include "crypto/ecx.h" -#include "prov/bio.h" /* ossl_prov_bio_printf() */ -#include "prov/implementations.h" -#include "prov/providercommonerr.h" /* PROV_R_READ_KEY */ -#include "serializer_local.h" - -static PKCS8_PRIV_KEY_INFO * -ossl_prov_p8info_from_obj(const void *obj, int obj_nid, - void *params, - int params_type, - int (*k2d)(const void *obj, - unsigned char **pder)) -{ - /* der, derlen store the key DER output and its length */ - unsigned char *der = NULL; - int derlen; - /* The final PKCS#8 info */ - PKCS8_PRIV_KEY_INFO *p8info = NULL; - - - if ((p8info = PKCS8_PRIV_KEY_INFO_new()) == NULL - || (derlen = k2d(obj, &der)) <= 0 - || !PKCS8_pkey_set0(p8info, OBJ_nid2obj(obj_nid), 0, - params_type, params, der, derlen)) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - PKCS8_PRIV_KEY_INFO_free(p8info); - OPENSSL_free(der); - p8info = NULL; - } - - return p8info; -} - -static X509_SIG *ossl_prov_encp8_from_p8info(PKCS8_PRIV_KEY_INFO *p8info, - struct pkcs8_encrypt_ctx_st *ctx) -{ - X509_SIG *p8 = NULL; - char buf[PEM_BUFSIZE]; - const void *kstr = ctx->cipher_pass; - size_t klen = ctx->cipher_pass_length; - - if (ctx->cipher == NULL) - return NULL; - - if (kstr == NULL) { - if (!ctx->cb(buf, sizeof(buf), &klen, NULL, ctx->cbarg)) { - ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY); - return NULL; - } - kstr = buf; - } - /* NID == -1 means "standard" */ - p8 = PKCS8_encrypt(-1, ctx->cipher, kstr, klen, NULL, 0, 0, p8info); - if (kstr == buf) - OPENSSL_cleanse(buf, klen); - return p8; -} - -static X509_SIG *ossl_prov_encp8_from_obj(const void *obj, int obj_nid, - void *params, - int params_type, - int (*k2d)(const void *obj, - unsigned char **pder), - struct pkcs8_encrypt_ctx_st *ctx) -{ - PKCS8_PRIV_KEY_INFO *p8info = - ossl_prov_p8info_from_obj(obj, obj_nid, params, params_type, k2d); - X509_SIG *p8 = ossl_prov_encp8_from_p8info(p8info, ctx); - - PKCS8_PRIV_KEY_INFO_free(p8info); - return p8; -} - -static X509_PUBKEY *ossl_prov_pubkey_from_obj(const void *obj, int obj_nid, - void *params, - int params_type, - int (*k2d)(const void *obj, - unsigned char **pder)) -{ - /* der, derlen store the key DER output and its length */ - unsigned char *der = NULL; - int derlen; - /* The final X509_PUBKEY */ - X509_PUBKEY *xpk = NULL; - - - if ((xpk = X509_PUBKEY_new()) == NULL - || (derlen = k2d(obj, &der)) <= 0 - || !X509_PUBKEY_set0_param(xpk, OBJ_nid2obj(obj_nid), - params_type, params, der, derlen)) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - X509_PUBKEY_free(xpk); - OPENSSL_free(der); - xpk = NULL; - } - - return xpk; -} - -OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_new(const OSSL_DISPATCH *fns) -{ - /* Pilfer the keymgmt dispatch table */ - for (; fns->function_id != 0; fns++) - if (fns->function_id == OSSL_FUNC_KEYMGMT_NEW) - return OSSL_FUNC_keymgmt_new(fns); - - return NULL; -} - -OSSL_FUNC_keymgmt_free_fn *ossl_prov_get_keymgmt_free(const OSSL_DISPATCH *fns) -{ - /* Pilfer the keymgmt dispatch table */ - for (; fns->function_id != 0; fns++) - if (fns->function_id == OSSL_FUNC_KEYMGMT_FREE) - return OSSL_FUNC_keymgmt_free(fns); - - return NULL; -} - -OSSL_FUNC_keymgmt_import_fn *ossl_prov_get_keymgmt_import(const OSSL_DISPATCH *fns) -{ - /* Pilfer the keymgmt dispatch table */ - for (; fns->function_id != 0; fns++) - if (fns->function_id == OSSL_FUNC_KEYMGMT_IMPORT) - return OSSL_FUNC_keymgmt_import(fns); - - return NULL; -} - -OSSL_FUNC_keymgmt_export_fn *ossl_prov_get_keymgmt_export(const OSSL_DISPATCH *fns) -{ - /* Pilfer the keymgmt dispatch table */ - for (; fns->function_id != 0; fns++) - if (fns->function_id == OSSL_FUNC_KEYMGMT_EXPORT) - return OSSL_FUNC_keymgmt_export(fns); - - return NULL; -} - -# ifdef SIXTY_FOUR_BIT_LONG -# define BN_FMTu "%lu" -# define BN_FMTx "%lx" -# endif - -# ifdef SIXTY_FOUR_BIT -# define BN_FMTu "%llu" -# define BN_FMTx "%llx" -# endif - -# ifdef THIRTY_TWO_BIT -# define BN_FMTu "%u" -# define BN_FMTx "%x" -# endif - -int ossl_prov_print_labeled_bignum(BIO *out, const char *label, - const BIGNUM *bn) -{ - int ret = 0, use_sep = 0; - char *hex_str = NULL, *p; - const char spaces[] = " "; - const char *post_label_spc = " "; - - const char *neg = ""; - int bytes; - - if (bn == NULL) - return 0; - if (label == NULL) { - label = ""; - post_label_spc = ""; - } - - if (BN_is_zero(bn)) - return BIO_printf(out, "%s%s0\n", label, post_label_spc); - - if (BN_num_bytes(bn) <= BN_BYTES) { - BN_ULONG *words = bn_get_words(bn); - - if (BN_is_negative(bn)) - neg = "-"; - - return BIO_printf(out, "%s%s%s" BN_FMTu " (%s0x" BN_FMTx ")\n", - label, post_label_spc, neg, words[0], neg, words[0]); - } - - hex_str = BN_bn2hex(bn); - p = hex_str; - if (*p == '-') { - ++p; - neg = " (Negative)"; - } - if (BIO_printf(out, "%s%s\n", label, neg) <= 0) - goto err; - - /* Keep track of how many bytes we have printed out so far */ - bytes = 0; - - if (BIO_printf(out, "%s", spaces) <= 0) - goto err; - - /* Add a leading 00 if the top bit is set */ - if (*p >= '8') { - if (BIO_printf(out, "%02x", 0) <= 0) - goto err; - ++bytes; - use_sep = 1; - } - while (*p != '\0') { - /* Do a newline after every 15 hex bytes + add the space indent */ - if ((bytes % 15) == 0 && bytes > 0) { - if (BIO_printf(out, ":\n%s", spaces) <= 0) - goto err; - use_sep = 0; /* The first byte on the next line doesnt have a : */ - } - if (BIO_printf(out, "%s%c%c", use_sep ? ":" : "", - ossl_tolower(p[0]), ossl_tolower(p[1])) <= 0) - goto err; - ++bytes; - p += 2; - use_sep = 1; - } - if (BIO_printf(out, "\n") <= 0) - goto err; - ret = 1; -err: - OPENSSL_free(hex_str); - return ret; -} - -/* Number of octets per line */ -#define LABELED_BUF_PRINT_WIDTH 15 - -int ossl_prov_print_labeled_buf(BIO *out, const char *label, - const unsigned char *buf, size_t buflen) -{ - size_t i; - - if (BIO_printf(out, "%s\n", label) <= 0) - return 0; - - for (i = 0; i < buflen; i++) { - if ((i % LABELED_BUF_PRINT_WIDTH) == 0) { - if (i > 0 && BIO_printf(out, "\n") <= 0) - return 0; - if (BIO_printf(out, " ") <= 0) - return 0; - } - - if (BIO_printf(out, "%02x%s", buf[i], - (i == buflen - 1) ? "" : ":") <= 0) - return 0; - } - if (BIO_printf(out, "\n") <= 0) - return 0; - - return 1; -} - -/* p2s = param to asn1, k2d = key to der */ -int ossl_prov_write_priv_der_from_obj(BIO *out, const void *obj, int obj_nid, - int (*p2s)(const void *obj, int nid, - void **str, - int *strtype), - int (*k2d)(const void *obj, - unsigned char **pder), - struct pkcs8_encrypt_ctx_st *ctx) -{ - int ret = 0; - void *str = NULL; - int strtype = V_ASN1_UNDEF; - - if (p2s != NULL && !p2s(obj, obj_nid, &str, &strtype)) - return 0; - - if (ctx->cipher_intent) { - X509_SIG *p8 = - ossl_prov_encp8_from_obj(obj, obj_nid, str, strtype, k2d, ctx); - - if (p8 != NULL) - ret = i2d_PKCS8_bio(out, p8); - - X509_SIG_free(p8); - } else { - PKCS8_PRIV_KEY_INFO *p8info = - ossl_prov_p8info_from_obj(obj, obj_nid, str, strtype, k2d); - - if (p8info != NULL) - ret = i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8info); - - PKCS8_PRIV_KEY_INFO_free(p8info); - } - - return ret; -} - -int ossl_prov_write_priv_pem_from_obj(BIO *out, const void *obj, int obj_nid, - int (*p2s)(const void *obj, int nid, - void **str, - int *strtype), - int (*k2d)(const void *obj, - unsigned char **pder), - struct pkcs8_encrypt_ctx_st *ctx) -{ - int ret = 0; - void *str = NULL; - int strtype = V_ASN1_UNDEF; - - if (p2s != NULL && !p2s(obj, obj_nid, &str, &strtype)) - return 0; - - if (ctx->cipher_intent) { - X509_SIG *p8 = ossl_prov_encp8_from_obj(obj, obj_nid, str, strtype, - k2d, ctx); - - if (p8 != NULL) - ret = PEM_write_bio_PKCS8(out, p8); - - X509_SIG_free(p8); - } else { - PKCS8_PRIV_KEY_INFO *p8info = - ossl_prov_p8info_from_obj(obj, obj_nid, str, strtype, k2d); - - if (p8info != NULL) - ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8info); - - PKCS8_PRIV_KEY_INFO_free(p8info); - } - - return ret; -} - -int ossl_prov_write_pub_der_from_obj(BIO *out, const void *obj, int obj_nid, - int (*p2s)(const void *obj, int nid, - void **str, - int *strtype), - int (*k2d)(const void *obj, - unsigned char **pder)) -{ - int ret = 0; - void *str = NULL; - int strtype = V_ASN1_UNDEF; - X509_PUBKEY *xpk = NULL; - - if (p2s != NULL && !p2s(obj, obj_nid, &str, &strtype)) - return 0; - - xpk = ossl_prov_pubkey_from_obj(obj, obj_nid, str, strtype, k2d); - - if (xpk != NULL) - ret = i2d_X509_PUBKEY_bio(out, xpk); - - /* Also frees |str| */ - X509_PUBKEY_free(xpk); - return ret; -} - -int ossl_prov_write_pub_pem_from_obj(BIO *out, const void *obj, int obj_nid, - int (*p2s)(const void *obj, int nid, - void **str, - int *strtype), - int (*k2d)(const void *obj, - unsigned char **pder)) -{ - int ret = 0; - void *str = NULL; - int strtype = V_ASN1_UNDEF; - X509_PUBKEY *xpk = NULL; - - if (p2s != NULL && !p2s(obj, obj_nid, &str, &strtype)) - return 0; - - xpk = ossl_prov_pubkey_from_obj(obj, obj_nid, str, strtype, k2d); - - if (xpk != NULL) - ret = PEM_write_bio_X509_PUBKEY(out, xpk); - - /* Also frees |str| */ - X509_PUBKEY_free(xpk); - return ret; -} diff --git a/providers/implementations/serializers/serializer_dh.c b/providers/implementations/serializers/serializer_dh.c deleted file mode 100644 index d1b1d27cf6..0000000000 --- a/providers/implementations/serializers/serializer_dh.c +++ /dev/null @@ -1,166 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * DH low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/err.h> -#include "prov/bio.h" /* ossl_prov_bio_printf() */ -#include "prov/implementations.h" /* rsa_keymgmt_functions */ -#include "prov/providercommonerr.h" /* PROV_R_BN_ERROR */ -#include "internal/ffc.h" -#include "crypto/dh.h" -#include "serializer_local.h" - -OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_dh_new(void) -{ - return ossl_prov_get_keymgmt_new(dh_keymgmt_functions); -} - -OSSL_FUNC_keymgmt_free_fn *ossl_prov_get_keymgmt_dh_free(void) -{ - return ossl_prov_get_keymgmt_free(dh_keymgmt_functions); -} - -OSSL_FUNC_keymgmt_import_fn *ossl_prov_get_keymgmt_dh_import(void) -{ - return ossl_prov_get_keymgmt_import(dh_keymgmt_functions); -} - -int ossl_prov_print_dh(BIO *out, DH *dh, enum dh_print_type type) -{ - const char *type_label = NULL; - const BIGNUM *priv_key = NULL, *pub_key = NULL; - const BIGNUM *p = NULL; - - switch (type) { - case dh_print_priv: - type_label = "DH Private-Key"; - break; - case dh_print_pub: - type_label = "DH Public-Key"; - break; - case dh_print_params: - type_label = "DH Parameters"; - break; - } - - if (type == dh_print_priv) { - priv_key = DH_get0_priv_key(dh); - if (priv_key == NULL) - goto null_err; - } - - if (type == dh_print_priv || type == dh_print_pub) { - pub_key = DH_get0_pub_key(dh); - if (pub_key == NULL) - goto null_err; - } - - p = DH_get0_p(dh); - if (p == NULL) - goto null_err; - - if (BIO_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) - <= 0) - goto err; - if (priv_key != NULL - && !ossl_prov_print_labeled_bignum(out, "private-key:", priv_key)) - goto err; - if (pub_key != NULL - && !ossl_prov_print_labeled_bignum(out, "public-key:", pub_key)) - goto err; - if (!ffc_params_prov_print(out, dh_get0_params(dh))) - goto err; - - return 1; - err: - return 0; - null_err: - ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); - goto err; -} - -int ossl_prov_prepare_dh_params(const void *dh, int nid, - void **pstr, int *pstrtype) -{ - ASN1_STRING *params = ASN1_STRING_new(); - - if (params == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - return 0; - } - - if (nid == EVP_PKEY_DHX) - params->length = i2d_DHxparams(dh, ¶ms->data); - else - params->length = i2d_DHparams(dh, ¶ms->data); - - if (params->length <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(params); - return 0; - } - params->type = V_ASN1_SEQUENCE; - - *pstr = params; - *pstrtype = V_ASN1_SEQUENCE; - return 1; -} - -int ossl_prov_dh_pub_to_der(const void *dh, unsigned char **pder) -{ - const BIGNUM *bn = NULL; - ASN1_INTEGER *pub_key = NULL; - int ret; - - if ((bn = DH_get0_pub_key(dh)) == NULL) { - ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); - return 0; - } - if ((pub_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { - ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); - return 0; - } - - ret = i2d_ASN1_INTEGER(pub_key, pder); - - ASN1_STRING_clear_free(pub_key); - return ret; -} - -int ossl_prov_dh_priv_to_der(const void *dh, unsigned char **pder) -{ - const BIGNUM *bn = NULL; - ASN1_INTEGER *priv_key = NULL; - int ret; - - if ((bn = DH_get0_priv_key(dh)) == NULL) { - ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); - return 0; - } - if ((priv_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { - ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); - return 0; - } - - ret = i2d_ASN1_INTEGER(priv_key, pder); - - ASN1_STRING_clear_free(priv_key); - return ret; -} - - -int ossl_prov_dh_type_to_evp(const DH *dh) -{ - return DH_test_flags(dh, DH_FLAG_TYPE_DHX) ? EVP_PKEY_DHX : EVP_PKEY_DH; -} diff --git a/providers/implementations/serializers/serializer_dh_param.c b/providers/implementations/serializers/serializer_dh_param.c deleted file mode 100644 index 49c0857734..0000000000 --- a/providers/implementations/serializers/serializer_dh_param.c +++ /dev/null @@ -1,186 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * DH low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/core_dispatch.h> -#include <openssl/pem.h> -#include <openssl/dh.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/providercommonerr.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn dh_param_newctx; -static OSSL_FUNC_serializer_freectx_fn dh_param_freectx; -static OSSL_FUNC_serializer_serialize_data_fn dh_param_der_data; -static OSSL_FUNC_serializer_serialize_object_fn dh_param_der; -static OSSL_FUNC_serializer_serialize_data_fn dh_param_pem_data; -static OSSL_FUNC_serializer_serialize_object_fn dh_param_pem; - -static OSSL_FUNC_serializer_serialize_data_fn dh_param_print_data; -static OSSL_FUNC_serializer_serialize_object_fn dh_param_print; - -/* Parameters : context */ - -/* - * There's no specific implementation context, so we use the provider context - */ -static void *dh_param_newctx(void *provctx) -{ - return provctx; -} - -static void dh_param_freectx(void *ctx) -{ -} - -/* Public key : DER */ -static int dh_param_der_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); - OSSL_FUNC_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free(); - OSSL_FUNC_keymgmt_import_fn *dh_import = ossl_prov_get_keymgmt_dh_import(); - int ok = 0; - - if (dh_import != NULL) { - DH *dh; - - /* ctx == provctx */ - if ((dh = dh_new(ctx)) != NULL - && dh_import(dh, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params) - && dh_param_der(ctx, dh, out, cb, cbarg)) - ok = 1; - dh_free(dh); - } - return ok; -} - -static int dh_param_der(void *ctx, void *dh, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - ret = i2d_DHparams_bio(out, dh); - BIO_free(out); - - return ret; -} - -/* Public key : PEM */ -static int dh_param_pem_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); - OSSL_FUNC_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free(); - OSSL_FUNC_keymgmt_import_fn *dh_import = ossl_prov_get_keymgmt_dh_import(); - int ok = 0; - - if (dh_import != NULL) { - DH *dh; - - /* ctx == provctx */ - if ((dh = dh_new(ctx)) != NULL - && dh_import(dh, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params) - && dh_param_pem(ctx, dh, out, cb, cbarg)) - ok = 1; - dh_free(dh); - } - return ok; -} - -static int dh_param_pem(void *ctx, void *dh, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = PEM_write_bio_DHparams(out, dh); - BIO_free(out); - - return ret; -} - -static int dh_param_print_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); - OSSL_FUNC_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free(); - OSSL_FUNC_keymgmt_import_fn *dh_import = ossl_prov_get_keymgmt_dh_import(); - int ok = 0; - - if (dh_import != NULL) { - DH *dh; - - /* ctx == provctx */ - if ((dh = dh_new(ctx)) != NULL - && dh_import(dh, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params) - && dh_param_print(ctx, dh, out, cb, cbarg)) - ok = 1; - dh_free(dh); - } - return ok; -} - -static int dh_param_print(void *ctx, void *dh, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_dh(out, dh, dh_print_params); - BIO_free(out); - - return ret; -} - -const OSSL_DISPATCH dh_param_der_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_param_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_param_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_param_der_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_param_der }, - { 0, NULL } -}; - -const OSSL_DISPATCH dh_param_pem_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_param_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_param_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_param_pem_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_param_pem }, - { 0, NULL } -}; - -const OSSL_DISPATCH dh_param_text_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_param_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_param_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_param_print }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, - (void (*)(void))dh_param_print_data }, - { 0, NULL } -}; diff --git a/providers/implementations/serializers/serializer_dh_priv.c b/providers/implementations/serializers/serializer_dh_priv.c deleted file mode 100644 index 0e974ac401..0000000000 --- a/providers/implementations/serializers/serializer_dh_priv.c +++ /dev/null @@ -1,292 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * DH low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/core_dispatch.h> -#include <openssl/core_names.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include <openssl/dh.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn dh_priv_newctx; -static OSSL_FUNC_serializer_freectx_fn dh_priv_freectx; -static OSSL_FUNC_serializer_set_ctx_params_fn dh_priv_set_ctx_params; -static OSSL_FUNC_serializer_settable_ctx_params_fn dh_priv_settable_ctx_params; -static OSSL_FUNC_serializer_serialize_data_fn dh_priv_der_data; -static OSSL_FUNC_serializer_serialize_object_fn dh_priv_der; -static OSSL_FUNC_serializer_serialize_data_fn dh_pem_priv_data; -static OSSL_FUNC_serializer_serialize_object_fn dh_pem_priv; - -static OSSL_FUNC_serializer_newctx_fn dh_print_newctx; -static OSSL_FUNC_serializer_freectx_fn dh_print_freectx; -static OSSL_FUNC_serializer_serialize_data_fn dh_priv_print_data; -static OSSL_FUNC_serializer_serialize_object_fn dh_priv_print; - - /* - * Context used for private key serialization. - */ -struct dh_priv_ctx_st { - void *provctx; - - struct pkcs8_encrypt_ctx_st sc; -}; - -/* Private key : context */ -static void *dh_priv_newctx(void *provctx) -{ - struct dh_priv_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); - - if (ctx != NULL) { - ctx->provctx = provctx; - - /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ - ctx->sc.pbe_nid = -1; - } - return ctx; -} - -static void dh_priv_freectx(void *vctx) -{ - struct dh_priv_ctx_st *ctx = vctx; - - EVP_CIPHER_free(ctx->sc.cipher); - OPENSSL_free(ctx->sc.cipher_pass); - OPENSSL_free(ctx); -} - -static const OSSL_PARAM *dh_priv_settable_ctx_params(ossl_unused void *provctx) -{ - static const OSSL_PARAM settables[] = { - OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0), - OSSL_PARAM_octet_string(OSSL_SERIALIZER_PARAM_PASS, NULL, 0), - OSSL_PARAM_END, - }; - - return settables; -} - -static int dh_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) -{ - struct dh_priv_ctx_st *ctx = vctx; - const OSSL_PARAM *p; - - if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_CIPHER)) - != NULL) { - const OSSL_PARAM *propsp = - OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PROPERTIES); - const char *props = NULL; - - if (p->data_type != OSSL_PARAM_UTF8_STRING) - return 0; - if (propsp != NULL && propsp->data_type != OSSL_PARAM_UTF8_STRING) - return 0; - props = (propsp != NULL ? propsp->data : NULL); - - EVP_CIPHER_free(ctx->sc.cipher); - ctx->sc.cipher_intent = p->data != NULL; - if (p->data != NULL - && ((ctx->sc.cipher = EVP_CIPHER_fetch(NULL, p->data, props)) - == NULL)) - return 0; - } - if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PASS)) - != NULL) { - OPENSSL_free(ctx->sc.cipher_pass); - ctx->sc.cipher_pass = NULL; - if (!OSSL_PARAM_get_octet_string(p, &ctx->sc.cipher_pass, 0, - &ctx->sc.cipher_pass_length)) - return 0; - } - return 1; -} - -/* Private key : DER */ -static int dh_priv_der_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct dh_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); - OSSL_FUNC_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free(); - OSSL_FUNC_keymgmt_import_fn *dh_import = ossl_prov_get_keymgmt_dh_import(); - int ok = 0; - - if (dh_import != NULL) { - DH *dh; - - if ((dh = dh_new(ctx->provctx)) != NULL - && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dh_priv_der(ctx, dh, out, cb, cbarg)) - ok = 1; - dh_free(dh); - } - return ok; -} - -static int dh_priv_der(void *vctx, void *dh, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct dh_priv_ctx_st *ctx = vctx; - int ret; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - - if (out == NULL) - return 0; - - ctx->sc.cb = cb; - ctx->sc.cbarg = cbarg; - - ret = ossl_prov_write_priv_der_from_obj(out, dh, - ossl_prov_dh_type_to_evp(dh), - ossl_prov_prepare_dh_params, - ossl_prov_dh_priv_to_der, - &ctx->sc); - BIO_free(out); - - return ret; -} - -/* Private key : PEM */ -static int dh_pem_priv_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct dh_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); - OSSL_FUNC_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free(); - OSSL_FUNC_keymgmt_import_fn *dh_import = ossl_prov_get_keymgmt_dh_import(); - int ok = 0; - - if (dh_import != NULL) { - DH *dh; - - if ((dh = dh_new(ctx->provctx)) != NULL - && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dh_pem_priv(ctx->provctx, dh, out, cb, cbarg)) - ok = 1; - dh_free(dh); - } - return ok; -} - -static int dh_pem_priv(void *vctx, void *dh, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct dh_priv_ctx_st *ctx = vctx; - int ret; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - - if (out == NULL) - return 0; - - ctx->sc.cb = cb; - ctx->sc.cbarg = cbarg; - - ret = ossl_prov_write_priv_pem_from_obj(out, dh, - ossl_prov_dh_type_to_evp(dh), - ossl_prov_prepare_dh_params, - ossl_prov_dh_priv_to_der, - &ctx->sc); - BIO_free(out); - - return ret; -} - -/* - * There's no specific print context, so we use the provider context - */ -static void *dh_print_newctx(void *provctx) -{ - return provctx; -} - -static void dh_print_freectx(void *ctx) -{ -} - -static int dh_priv_print_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct dh_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); - OSSL_FUNC_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free(); - OSSL_FUNC_keymgmt_import_fn *dh_import = ossl_prov_get_keymgmt_dh_import(); - int ok = 0; - - if (dh_import != NULL) { - DH *dh; - - if ((dh = dh_new(ctx->provctx)) != NULL - && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dh_priv_print(ctx, dh, out, cb, cbarg)) - ok = 1; - dh_free(dh); - } - return ok; -} - -static int dh_priv_print(void *ctx, void *dh, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_dh(out, dh, dh_print_priv); - BIO_free(out); - - return ret; -} - -const OSSL_DISPATCH dh_priv_der_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_priv_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_priv_freectx }, - { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS, - (void (*)(void))dh_priv_set_ctx_params }, - { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS, - (void (*)(void))dh_priv_settable_ctx_params }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_priv_der_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_priv_der }, - { 0, NULL } -}; - -const OSSL_DISPATCH dh_priv_pem_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_priv_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_priv_freectx }, - { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS, - (void (*)(void))dh_priv_set_ctx_params }, - { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS, - (void (*)(void))dh_priv_settable_ctx_params }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_pem_priv_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_pem_priv }, - { 0, NULL } -}; - -const OSSL_DISPATCH dh_priv_text_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_print_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_print_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_priv_print }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, - (void (*)(void))dh_priv_print_data }, - { 0, NULL } -}; diff --git a/providers/implementations/serializers/serializer_dh_pub.c b/providers/implementations/serializers/serializer_dh_pub.c deleted file mode 100644 index b79f1df216..0000000000 --- a/providers/implementations/serializers/serializer_dh_pub.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * DH low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/core_dispatch.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include <openssl/dh.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn dh_pub_newctx; -static OSSL_FUNC_serializer_freectx_fn dh_pub_freectx; -static OSSL_FUNC_serializer_serialize_data_fn dh_pub_der_data; -static OSSL_FUNC_serializer_serialize_object_fn dh_pub_der; -static OSSL_FUNC_serializer_serialize_data_fn dh_pub_pem_data; -static OSSL_FUNC_serializer_serialize_object_fn dh_pub_pem; - -static OSSL_FUNC_serializer_serialize_data_fn dh_pub_print_data; -static OSSL_FUNC_serializer_serialize_object_fn dh_pub_print; - -/* Public key : context */ - -/* - * There's no specific implementation context, so we use the provider context - */ -static void *dh_pub_newctx(void *provctx) -{ - return provctx; -} - -static void dh_pub_freectx(void *ctx) -{ -} - -/* Public key : DER */ -static int dh_pub_der_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); - OSSL_FUNC_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free(); - OSSL_FUNC_keymgmt_import_fn *dh_import = ossl_prov_get_keymgmt_dh_import(); - int ok = 0; - - if (dh_import != NULL) { - DH *dh; - - /* ctx == provctx */ - if ((dh = dh_new(ctx)) != NULL - && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dh_pub_der(ctx, dh, out, cb, cbarg)) - ok = 1; - dh_free(dh); - } - return ok; -} - -static int dh_pub_der(void *ctx, void *dh, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_write_pub_der_from_obj(out, dh, - ossl_prov_dh_type_to_evp(dh), - ossl_prov_prepare_dh_params, - ossl_prov_dh_pub_to_der); - BIO_free(out); - - return ret; -} - -/* Public key : PEM */ -static int dh_pub_pem_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); - OSSL_FUNC_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free(); - OSSL_FUNC_keymgmt_import_fn *dh_import = ossl_prov_get_keymgmt_dh_import(); - int ok = 0; - - if (dh_import != NULL) { - DH *dh; - - /* ctx == provctx */ - if ((dh = dh_new(ctx)) != NULL - && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dh_pub_pem(ctx, dh, out, cb, cbarg)) - ok = 1; - dh_free(dh); - } - return ok; -} - -static int dh_pub_pem(void *ctx, void *dh, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_write_pub_pem_from_obj(out, dh, - ossl_prov_dh_type_to_evp(dh), - ossl_prov_prepare_dh_params, - ossl_prov_dh_pub_to_der); - BIO_free(out); - - return ret; -} - -static int dh_pub_print_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dh_new = ossl_prov_get_keymgmt_dh_new(); - OSSL_FUNC_keymgmt_free_fn *dh_free = ossl_prov_get_keymgmt_dh_free(); - OSSL_FUNC_keymgmt_import_fn *dh_import = ossl_prov_get_keymgmt_dh_import(); - int ok = 0; - - if (dh_import != NULL) { - DH *dh; - - /* ctx == provctx */ - if ((dh = dh_new(ctx)) != NULL - && dh_import(dh, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dh_pub_print(ctx, dh, out, cb, cbarg)) - ok = 1; - dh_free(dh); - } - return ok; -} - -static int dh_pub_print(void *ctx, void *dh, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_dh(out, dh, dh_print_pub); - BIO_free(out); - - return ret; -} - -const OSSL_DISPATCH dh_pub_der_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_pub_der_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_pub_der }, - { 0, NULL } -}; - -const OSSL_DISPATCH dh_pub_pem_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dh_pub_pem_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_pub_pem }, - { 0, NULL } -}; - -const OSSL_DISPATCH dh_pub_text_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dh_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dh_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dh_pub_print }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, - (void (*)(void))dh_pub_print_data }, - { 0, NULL } -}; diff --git a/providers/implementations/serializers/serializer_dsa.c b/providers/implementations/serializers/serializer_dsa.c deleted file mode 100644 index 1f986b62d5..0000000000 --- a/providers/implementations/serializers/serializer_dsa.c +++ /dev/null @@ -1,173 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * DSA low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/dsa.h> -#include <openssl/err.h> -#include "prov/bio.h" /* ossl_prov_bio_printf() */ -#include "prov/implementations.h" /* rsa_keymgmt_functions */ -#include "prov/providercommonerr.h" /* PROV_R_BN_ERROR */ -#include "serializer_local.h" -#include "internal/ffc.h" -#include "crypto/dsa.h" - -OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_dsa_new(void) -{ - return ossl_prov_get_keymgmt_new(dsa_keymgmt_functions); -} - -OSSL_FUNC_keymgmt_free_fn *ossl_prov_get_keymgmt_dsa_free(void) -{ - return ossl_prov_get_keymgmt_free(dsa_keymgmt_functions); -} - -OSSL_FUNC_keymgmt_import_fn *ossl_prov_get_keymgmt_dsa_import(void) -{ - return ossl_prov_get_keymgmt_import(dsa_keymgmt_functions); -} - -int ossl_prov_print_dsa(BIO *out, DSA *dsa, enum dsa_print_type type) -{ - const char *type_label = NULL; - const BIGNUM *priv_key = NULL, *pub_key = NULL; - const BIGNUM *p = NULL; - - - switch (type) { - case dsa_print_priv: - type_label = "Private-Key"; - break; - case dsa_print_pub: - type_label = "Public-Key"; - break; - case dsa_print_params: - type_label = "DSA-Parameters"; - break; - } - - if (type == dsa_print_priv) { - priv_key = DSA_get0_priv_key(dsa); - if (priv_key == NULL) - goto null_err; - } - - if (type == dsa_print_priv || type == dsa_print_pub) { - pub_key = DSA_get0_pub_key(dsa); - if (pub_key == NULL) - goto null_err; - } - - - p = DSA_get0_p(dsa); - if (p == NULL) - goto null_err; - - if (BIO_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) <= 0) - goto err; - if (priv_key != NULL - && !ossl_prov_print_labeled_bignum(out, "priv:", priv_key)) - goto err; - if (pub_key != NULL - && !ossl_prov_print_labeled_bignum(out, "pub: ", pub_key)) - goto err; - if (!ffc_params_prov_print(out, dsa_get0_params(dsa))) - goto err; - - return 1; - err: - return 0; - null_err: - ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); - goto err; -} - -int ossl_prov_prepare_dsa_params(const void *dsa, int nid, - void **pstr, int *pstrtype) -{ - ASN1_STRING *params = ASN1_STRING_new(); - - if (params == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - return 0; - } - - params->length = i2d_DSAparams(dsa, ¶ms->data); - - if (params->length <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(params); - return 0; - } - - *pstrtype = V_ASN1_SEQUENCE; - *pstr = params; - return 1; -} - -int ossl_prov_prepare_all_dsa_params(const void *dsa, int nid, - void **pstr, int *pstrtype) -{ - const BIGNUM *p = DSA_get0_p(dsa); - const BIGNUM *q = DSA_get0_q(dsa); - const BIGNUM *g = DSA_get0_g(dsa); - - if (p != NULL && q != NULL && g != NULL) - return ossl_prov_prepare_dsa_params(dsa, nid, pstr, pstrtype); - - *pstr = NULL; - *pstrtype = V_ASN1_UNDEF; - return 1; -} - -int ossl_prov_dsa_pub_to_der(const void *dsa, unsigned char **pder) -{ - const BIGNUM *bn = NULL; - ASN1_INTEGER *pub_key = NULL; - int ret; - - if ((bn = DSA_get0_pub_key(dsa)) == NULL) { - ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); - return 0; - } - if ((pub_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { - ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); - return 0; - } - - ret = i2d_ASN1_INTEGER(pub_key, pder); - - ASN1_STRING_clear_free(pub_key); - return ret; -} - -int ossl_prov_dsa_priv_to_der(const void *dsa, unsigned char **pder) -{ - const BIGNUM *bn = NULL; - ASN1_INTEGER *priv_key = NULL; - int ret; - - if ((bn = DSA_get0_priv_key(dsa)) == NULL) { - ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); - return 0; - } - if ((priv_key = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) { - ERR_raise(ERR_LIB_PROV, PROV_R_BN_ERROR); - return 0; - } - - ret = i2d_ASN1_INTEGER(priv_key, pder); - - ASN1_STRING_clear_free(priv_key); - return ret; -} diff --git a/providers/implementations/serializers/serializer_dsa_param.c b/providers/implementations/serializers/serializer_dsa_param.c deleted file mode 100644 index fff577df39..0000000000 --- a/providers/implementations/serializers/serializer_dsa_param.c +++ /dev/null @@ -1,187 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * DSA low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/core_dispatch.h> -#include <openssl/pem.h> -#include <openssl/dsa.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/providercommonerr.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn dsa_param_newctx; -static OSSL_FUNC_serializer_freectx_fn dsa_param_freectx; -static OSSL_FUNC_serializer_serialize_data_fn dsa_param_der_data; -static OSSL_FUNC_serializer_serialize_object_fn dsa_param_der; -static OSSL_FUNC_serializer_serialize_data_fn dsa_param_pem_data; -static OSSL_FUNC_serializer_serialize_object_fn dsa_param_pem; - -static OSSL_FUNC_serializer_serialize_data_fn dsa_param_print_data; -static OSSL_FUNC_serializer_serialize_object_fn dsa_param_print; - -/* Parameters : context */ - -/* - * There's no specific implementation context, so we use the provider context - */ -static void *dsa_param_newctx(void *provctx) -{ - return provctx; -} - -static void dsa_param_freectx(void *ctx) -{ -} - -/* Public key : DER */ -static int dsa_param_der_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); - OSSL_FUNC_keymgmt_free_fn *dsa_free = ossl_prov_get_keymgmt_dsa_free(); - OSSL_FUNC_keymgmt_import_fn *dsa_import = ossl_prov_get_keymgmt_dsa_import(); - int ok = 0; - - if (dsa_import != NULL) { - DSA *dsa; - - /* ctx == provctx */ - if ((dsa = dsa_new(ctx)) != NULL - && dsa_import(dsa, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params) - && dsa_param_der(ctx, dsa, out, cb, cbarg)) - ok = 1; - dsa_free(dsa); - } - return ok; -} - -static int dsa_param_der(void *ctx, void *dsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = i2d_DSAparams_bio(out, dsa); - BIO_free(out); - - return ret; -} - -/* Public key : PEM */ -static int dsa_param_pem_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); - OSSL_FUNC_keymgmt_free_fn *dsa_free = ossl_prov_get_keymgmt_dsa_free(); - OSSL_FUNC_keymgmt_import_fn *dsa_import = ossl_prov_get_keymgmt_dsa_import(); - int ok = 0; - - if (dsa_import != NULL) { - DSA *dsa; - - /* ctx == provctx */ - if ((dsa = dsa_new(ctx)) != NULL - && dsa_import(dsa, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params) - && dsa_param_pem(ctx, dsa, out, cb, cbarg)) - ok = 1; - dsa_free(dsa); - } - return ok; -} - -static int dsa_param_pem(void *ctx, void *dsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = PEM_write_bio_DSAparams(out, dsa); - BIO_free(out); - - return ret; -} - -static int dsa_param_print_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); - OSSL_FUNC_keymgmt_free_fn *dsa_free = ossl_prov_get_keymgmt_dsa_free(); - OSSL_FUNC_keymgmt_import_fn *dsa_import = ossl_prov_get_keymgmt_dsa_import(); - int ok = 0; - - if (dsa_import != NULL) { - DSA *dsa; - - /* ctx == provctx */ - if ((dsa = dsa_new(ctx)) != NULL - && dsa_import(dsa, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params) - && dsa_param_print(ctx, dsa, out, cb, cbarg)) - ok = 1; - dsa_free(dsa); - } - return ok; -} - -static int dsa_param_print(void *ctx, void *dsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_dsa(out, dsa, dsa_print_params); - BIO_free(out); - - return ret; -} - -const OSSL_DISPATCH dsa_param_der_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_param_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_param_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_param_der_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_param_der }, - { 0, NULL } -}; - -const OSSL_DISPATCH dsa_param_pem_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_param_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_param_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_param_pem_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_param_pem }, - { 0, NULL } -}; - -const OSSL_DISPATCH dsa_param_text_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_param_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_param_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_param_print }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, - (void (*)(void))dsa_param_print_data }, - { 0, NULL } -}; diff --git a/providers/implementations/serializers/serializer_dsa_priv.c b/providers/implementations/serializers/serializer_dsa_priv.c deleted file mode 100644 index 0db3ef49e4..0000000000 --- a/providers/implementations/serializers/serializer_dsa_priv.c +++ /dev/null @@ -1,290 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * DSA low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/core_dispatch.h> -#include <openssl/core_names.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include <openssl/dsa.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn dsa_priv_newctx; -static OSSL_FUNC_serializer_freectx_fn dsa_priv_freectx; -static OSSL_FUNC_serializer_set_ctx_params_fn dsa_priv_set_ctx_params; -static OSSL_FUNC_serializer_settable_ctx_params_fn dsa_priv_settable_ctx_params; -static OSSL_FUNC_serializer_serialize_data_fn dsa_priv_der_data; -static OSSL_FUNC_serializer_serialize_object_fn dsa_priv_der; -static OSSL_FUNC_serializer_serialize_data_fn dsa_pem_priv_data; -static OSSL_FUNC_serializer_serialize_object_fn dsa_pem_priv; - -static OSSL_FUNC_serializer_newctx_fn dsa_print_newctx; -static OSSL_FUNC_serializer_freectx_fn dsa_print_freectx; -static OSSL_FUNC_serializer_serialize_data_fn dsa_priv_print_data; -static OSSL_FUNC_serializer_serialize_object_fn dsa_priv_print; - - /* - * Context used for private key serialization. - */ -struct dsa_priv_ctx_st { - void *provctx; - - struct pkcs8_encrypt_ctx_st sc; -}; - -/* Private key : context */ -static void *dsa_priv_newctx(void *provctx) -{ - struct dsa_priv_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); - - if (ctx != NULL) { - ctx->provctx = provctx; - - /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ - ctx->sc.pbe_nid = -1; - } - return ctx; -} - -static void dsa_priv_freectx(void *vctx) -{ - struct dsa_priv_ctx_st *ctx = vctx; - - EVP_CIPHER_free(ctx->sc.cipher); - OPENSSL_free(ctx->sc.cipher_pass); - OPENSSL_free(ctx); -} - -static const OSSL_PARAM *dsa_priv_settable_ctx_params(ossl_unused void *provctx) -{ - static const OSSL_PARAM settables[] = { - OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0), - OSSL_PARAM_octet_string(OSSL_SERIALIZER_PARAM_PASS, NULL, 0), - OSSL_PARAM_END, - }; - - return settables; -} - -static int dsa_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) -{ - struct dsa_priv_ctx_st *ctx = vctx; - const OSSL_PARAM *p; - - if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_CIPHER)) - != NULL) { - const OSSL_PARAM *propsp = - OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PROPERTIES); - const char *props = NULL; - - if (p->data_type != OSSL_PARAM_UTF8_STRING) - return 0; - if (propsp != NULL && propsp->data_type != OSSL_PARAM_UTF8_STRING) - return 0; - props = (propsp != NULL ? propsp->data : NULL); - - EVP_CIPHER_free(ctx->sc.cipher); - ctx->sc.cipher_intent = p->data != NULL; - if (p->data != NULL - && ((ctx->sc.cipher = EVP_CIPHER_fetch(NULL, p->data, props)) - == NULL)) - return 0; - } - if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PASS)) - != NULL) { - OPENSSL_free(ctx->sc.cipher_pass); - ctx->sc.cipher_pass = NULL; - if (!OSSL_PARAM_get_octet_string(p, &ctx->sc.cipher_pass, 0, - &ctx->sc.cipher_pass_length)) - return 0; - } - return 1; -} - -/* Private key : DER */ -static int dsa_priv_der_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct dsa_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); - OSSL_FUNC_keymgmt_free_fn *dsa_free = ossl_prov_get_keymgmt_dsa_free(); - OSSL_FUNC_keymgmt_import_fn *dsa_import = ossl_prov_get_keymgmt_dsa_import(); - int ok = 0; - - if (dsa_import != NULL) { - DSA *dsa; - - if ((dsa = dsa_new(ctx->provctx)) != NULL - && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dsa_priv_der(ctx, dsa, out, cb, cbarg)) - ok = 1; - dsa_free(dsa); - } - return ok; -} - -static int dsa_priv_der(void *vctx, void *dsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct dsa_priv_ctx_st *ctx = vctx; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - int ret; - - if (out == NULL) - return 0; - - ctx->sc.cb = cb; - ctx->sc.cbarg = cbarg; - - ret = ossl_prov_write_priv_der_from_obj(out, dsa, EVP_PKEY_DSA, - ossl_prov_prepare_dsa_params, - ossl_prov_dsa_priv_to_der, - &ctx->sc); - BIO_free(out); - - return ret; -} - -/* Private key : PEM */ -static int dsa_pem_priv_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct dsa_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); - OSSL_FUNC_keymgmt_free_fn *dsa_free = ossl_prov_get_keymgmt_dsa_free(); - OSSL_FUNC_keymgmt_import_fn *dsa_import = ossl_prov_get_keymgmt_dsa_import(); - int ok = 0; - - if (dsa_import != NULL) { - DSA *dsa; - - if ((dsa = dsa_new(ctx->provctx)) != NULL - && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dsa_pem_priv(ctx, dsa, out, cb, cbarg)) - ok = 1; - dsa_free(dsa); - } - return ok; -} - -static int dsa_pem_priv(void *vctx, void *dsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct dsa_priv_ctx_st *ctx = vctx; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - int ret; - - if (out == NULL) - return 0; - - ctx->sc.cb = cb; - ctx->sc.cbarg = cbarg; - - ret = ossl_prov_write_priv_pem_from_obj(out, dsa, EVP_PKEY_DSA, - ossl_prov_prepare_dsa_params, - ossl_prov_dsa_priv_to_der, - &ctx->sc); - BIO_free(out); - - return ret; -} - -/* - * There's no specific print context, so we use the provider context - */ -static void *dsa_print_newctx(void *provctx) -{ - return provctx; -} - -static void dsa_print_freectx(void *ctx) -{ -} - -static int dsa_priv_print_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct dsa_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); - OSSL_FUNC_keymgmt_free_fn *dsa_free = ossl_prov_get_keymgmt_dsa_free(); - OSSL_FUNC_keymgmt_import_fn *dsa_import = ossl_prov_get_keymgmt_dsa_import(); - int ok = 0; - - if (dsa_import != NULL) { - DSA *dsa; - - if ((dsa = dsa_new(ctx->provctx)) != NULL - && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dsa_priv_print(ctx, dsa, out, cb, cbarg)) - ok = 1; - dsa_free(dsa); - } - return ok; -} - -static int dsa_priv_print(void *ctx, void *dsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_dsa(out, dsa, dsa_print_priv); - BIO_free(out); - - return ret; -} - -const OSSL_DISPATCH dsa_priv_der_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_priv_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_priv_freectx }, - { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS, - (void (*)(void))dsa_priv_set_ctx_params }, - { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS, - (void (*)(void))dsa_priv_settable_ctx_params }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_priv_der_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_priv_der }, - { 0, NULL } -}; - -const OSSL_DISPATCH dsa_priv_pem_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_priv_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_priv_freectx }, - { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS, - (void (*)(void))dsa_priv_set_ctx_params }, - { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS, - (void (*)(void))dsa_priv_settable_ctx_params }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_pem_priv_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_pem_priv }, - { 0, NULL } -}; - -const OSSL_DISPATCH dsa_priv_text_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_print_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_print_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_priv_print }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, - (void (*)(void))dsa_priv_print_data }, - { 0, NULL } -}; diff --git a/providers/implementations/serializers/serializer_dsa_pub.c b/providers/implementations/serializers/serializer_dsa_pub.c deleted file mode 100644 index 787bbb541e..0000000000 --- a/providers/implementations/serializers/serializer_dsa_pub.c +++ /dev/null @@ -1,203 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * DSA low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/core_dispatch.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include <openssl/dsa.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn dsa_pub_newctx; -static OSSL_FUNC_serializer_freectx_fn dsa_pub_freectx; -static OSSL_FUNC_serializer_serialize_data_fn dsa_pub_der_data; -static OSSL_FUNC_serializer_serialize_object_fn dsa_pub_der; -static OSSL_FUNC_serializer_serialize_data_fn dsa_pub_pem_data; -static OSSL_FUNC_serializer_serialize_object_fn dsa_pub_pem; - -static OSSL_FUNC_serializer_serialize_data_fn dsa_pub_print_data; -static OSSL_FUNC_serializer_serialize_object_fn dsa_pub_print; - -/* Public key : context */ - -/* - * There's no specific implementation context, so we use the provider context - */ -static void *dsa_pub_newctx(void *provctx) -{ - return provctx; -} - -static void dsa_pub_freectx(void *ctx) -{ -} - -/* Public key : DER */ -static int dsa_pub_der_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); - OSSL_FUNC_keymgmt_free_fn *dsa_free = ossl_prov_get_keymgmt_dsa_free(); - OSSL_FUNC_keymgmt_import_fn *dsa_import = ossl_prov_get_keymgmt_dsa_import(); - int ok = 0; - - if (dsa_import != NULL) { - DSA *dsa; - - /* ctx == provctx */ - if ((dsa = dsa_new(ctx)) != NULL - && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dsa_pub_der(ctx, dsa, out, cb, cbarg)) - ok = 1; - dsa_free(dsa); - } - return ok; -} - -static int dsa_pub_der(void *ctx, void *dsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - /* - * TODO(v3.0) implement setting save_parameters, see dsa_pub_encode() - * in crypto/dsa/dsa_ameth.c - */ - int save_parameters = 1; - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = - save_parameters - ? ossl_prov_write_pub_der_from_obj(out, dsa, EVP_PKEY_DSA, - ossl_prov_prepare_all_dsa_params, - ossl_prov_dsa_pub_to_der) - : ossl_prov_write_pub_der_from_obj(out, dsa, EVP_PKEY_DSA, - ossl_prov_prepare_dsa_params, - ossl_prov_dsa_pub_to_der); - - BIO_free(out); - - return ret; -} - -/* Public key : PEM */ -static int dsa_pub_pem_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); - OSSL_FUNC_keymgmt_free_fn *dsa_free = ossl_prov_get_keymgmt_dsa_free(); - OSSL_FUNC_keymgmt_import_fn *dsa_import = ossl_prov_get_keymgmt_dsa_import(); - int ok = 0; - - if (dsa_import != NULL) { - DSA *dsa; - - /* ctx == provctx */ - if ((dsa = dsa_new(ctx)) != NULL - && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dsa_pub_pem(ctx, dsa, out, cb, cbarg)) - ok = 1; - dsa_free(dsa); - } - return ok; -} - -static int dsa_pub_pem(void *ctx, void *dsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_write_pub_pem_from_obj(out, dsa, EVP_PKEY_DSA, - ossl_prov_prepare_dsa_params, - ossl_prov_dsa_pub_to_der); - - BIO_free(out); - - return ret; -} - -static int dsa_pub_print_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *dsa_new = ossl_prov_get_keymgmt_dsa_new(); - OSSL_FUNC_keymgmt_free_fn *dsa_free = ossl_prov_get_keymgmt_dsa_free(); - OSSL_FUNC_keymgmt_import_fn *dsa_import = ossl_prov_get_keymgmt_dsa_import(); - int ok = 0; - - if (dsa_import != NULL) { - DSA *dsa; - - /* ctx == provctx */ - if ((dsa = dsa_new(ctx)) != NULL - && dsa_import(dsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && dsa_pub_print(ctx, dsa, out, cb, cbarg)) - ok = 1; - dsa_free(dsa); - } - return ok; -} - -static int dsa_pub_print(void *ctx, void *dsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_dsa(out, dsa, 0); - BIO_free(out); - - return ret; -} - -const OSSL_DISPATCH dsa_pub_der_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_pub_der_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_pub_der }, - { 0, NULL } -}; - -const OSSL_DISPATCH dsa_pub_pem_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))dsa_pub_pem_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_pub_pem }, - { 0, NULL } -}; - -const OSSL_DISPATCH dsa_pub_text_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))dsa_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))dsa_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))dsa_pub_print }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, - (void (*)(void))dsa_pub_print_data }, - { 0, NULL } -}; diff --git a/providers/implementations/serializers/serializer_ec.c b/providers/implementations/serializers/serializer_ec.c deleted file mode 100644 index 0dbc889d34..0000000000 --- a/providers/implementations/serializers/serializer_ec.c +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <openssl/err.h> -#include "crypto/ec.h" -#include "prov/bio.h" /* ossl_prov_bio_printf() */ -#include "prov/implementations.h" /* ec_keymgmt_functions */ -#include "prov/providercommonerr.h" /* PROV_R_MISSING_OID */ -#include "serializer_local.h" - -void ec_get_new_free_import(OSSL_FUNC_keymgmt_new_fn **ec_new, - OSSL_FUNC_keymgmt_free_fn **ec_free, - OSSL_FUNC_keymgmt_import_fn **ec_import) -{ - *ec_new = ossl_prov_get_keymgmt_new(ec_keymgmt_functions); - *ec_free = ossl_prov_get_keymgmt_free(ec_keymgmt_functions); - *ec_import = ossl_prov_get_keymgmt_import(ec_keymgmt_functions); -} - -static int ossl_prov_print_ec_param(BIO *out, const EC_GROUP *group) -{ - const char *curve_name; - int curve_nid = EC_GROUP_get_curve_name(group); - - /* TODO(3.0): Explicit parameters are currently not supported */ - if (curve_nid == NID_undef) - return 0; - - if (BIO_printf(out, "%s: %s\n", "ASN1 OID", OBJ_nid2sn(curve_nid)) <= 0) - return 0; - - /* TODO(3.0): Only named curves are currently supported */ - curve_name = EC_curve_nid2nist(curve_nid); - return (curve_name == NULL - || BIO_printf(out, "%s: %s\n", "NIST CURVE", curve_name) > 0); -} - -int ossl_prov_print_eckey(BIO *out, EC_KEY *eckey, enum ec_print_type type) -{ - int ret = 0; - const char *type_label = NULL; - unsigned char *priv = NULL, *pub = NULL; - size_t priv_len = 0, pub_len = 0; - const EC_GROUP *group; - - if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) - goto null_err; - - switch (type) { - case ec_print_priv: - type_label = "Private-Key"; - break; - case ec_print_pub: - type_label = "Public-Key"; - break; - case ec_print_params: - type_label = "EC-Parameters"; - break; - } - - if (type == ec_print_priv) { - const BIGNUM *priv_key = EC_KEY_get0_private_key(eckey); - - if (priv_key == NULL) - goto null_err; - priv_len = EC_KEY_priv2buf(eckey, &priv); - if (priv_len == 0) - goto err; - } - - if (type == ec_print_priv || type == ec_print_pub) { - const EC_POINT *pub_pt = EC_KEY_get0_public_key(eckey); - - if (pub_pt == NULL) - goto null_err; - - pub_len = EC_KEY_key2buf(eckey, EC_KEY_get_conv_form(eckey), &pub, NULL); - if (pub_len == 0) - goto err; - } - - if (BIO_printf(out, "%s: (%d bit)\n", type_label, - EC_GROUP_order_bits(group)) <= 0) - goto err; - if (priv != NULL - && !ossl_prov_print_labeled_buf(out, "priv:", priv, priv_len)) - goto err; - if (pub != NULL - && !ossl_prov_print_labeled_buf(out, "pub:", pub, pub_len)) - goto err; - ret = ossl_prov_print_ec_param(out, group); -err: - OPENSSL_clear_free(priv, priv_len); - OPENSSL_free(pub); - return ret; -null_err: - ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); - goto err; -} - -int ossl_prov_prepare_ec_params(const void *eckey, int nid, - void **pstr, int *pstrtype) -{ - int curve_nid; - const EC_GROUP *group = EC_KEY_get0_group(eckey); - ASN1_OBJECT *params; - - if (group == NULL - || ((curve_nid = EC_GROUP_get_curve_name(group)) == NID_undef) - || ((params = OBJ_nid2obj(curve_nid)) == NULL)) { - /* TODO(3.0): Explicit curves are not supported */ - return 0; - } - - if (OBJ_length(params) == 0) { - /* Some curves might not have an associated OID */ - ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_OID); - ASN1_OBJECT_free(params); - return 0; - } - - *pstr = params; - *pstrtype = V_ASN1_OBJECT; - return 1; -} - -int ossl_prov_ec_pub_to_der(const void *eckey, unsigned char **pder) -{ - return i2o_ECPublicKey(eckey, pder); -} - -int ossl_prov_ec_priv_to_der(const void *veckey, unsigned char **pder) -{ - EC_KEY *eckey = (EC_KEY *)veckey; - unsigned int old_flags; - int ret = 0; - - /* - * For PKCS8 the curve name appears in the PKCS8_PRIV_KEY_INFO object - * as the pkeyalg->parameter field. (For a named curve this is an OID) - * The pkey field is an octet string that holds the encoded - * ECPrivateKey SEQUENCE with the optional parameters field omitted. - * We omit this by setting the EC_PKEY_NO_PARAMETERS flag. - */ - old_flags = EC_KEY_get_enc_flags(eckey); /* save old flags */ - EC_KEY_set_enc_flags(eckey, old_flags | EC_PKEY_NO_PARAMETERS); - ret = i2d_ECPrivateKey(eckey, pder); - EC_KEY_set_enc_flags(eckey, old_flags); /* restore old flags */ - return ret; /* return the length of the der encoded data */ -} diff --git a/providers/implementations/serializers/serializer_ec_param.c b/providers/implementations/serializers/serializer_ec_param.c deleted file mode 100644 index 95fbd555a0..0000000000 --- a/providers/implementations/serializers/serializer_ec_param.c +++ /dev/null @@ -1,184 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <openssl/core_dispatch.h> -#include <openssl/pem.h> -#include <openssl/ec.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/providercommonerr.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn ec_param_newctx; -static OSSL_FUNC_serializer_freectx_fn ec_param_freectx; -static OSSL_FUNC_serializer_serialize_data_fn ec_param_der_data; -static OSSL_FUNC_serializer_serialize_object_fn ec_param_der; -static OSSL_FUNC_serializer_serialize_data_fn ec_param_pem_data; -static OSSL_FUNC_serializer_serialize_object_fn ec_param_pem; - -static OSSL_FUNC_serializer_serialize_data_fn ec_param_print_data; -static OSSL_FUNC_serializer_serialize_object_fn ec_param_print; - - -/* There is no specific implementation context, so use the provider context */ -static void *ec_param_newctx(void *provctx) -{ - return provctx; -} - -static void ec_param_freectx(void *vctx) -{ -} - -/* Public key : DER */ -static int ec_param_der_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *ec_new; - OSSL_FUNC_keymgmt_free_fn *ec_free; - OSSL_FUNC_keymgmt_import_fn *ec_import; - int ok = 0; - - ec_get_new_free_import(&ec_new, &ec_free, &ec_import); - - if (ec_import != NULL) { - EC_KEY *eckey; - - /* vctx == provctx */ - if ((eckey = ec_new(vctx)) != NULL - && ec_import(eckey, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params) - && ec_param_der(vctx, eckey, out, cb, cbarg)) - ok = 1; - ec_free(eckey); - } - return ok; -} - -static int ec_param_der(void *vctx, void *eckey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(vctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = i2d_ECPKParameters_bio(out, EC_KEY_get0_group(eckey)); - BIO_free(out); - - return ret; -} - -/* Public key : PEM */ -static int ec_param_pem_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *ec_new; - OSSL_FUNC_keymgmt_free_fn *ec_free; - OSSL_FUNC_keymgmt_import_fn *ec_import; - int ok = 0; - - ec_get_new_free_import(&ec_new, &ec_free, &ec_import); - - if (ec_import != NULL) { - EC_KEY *eckey; - - /* vctx == provctx */ - if ((eckey = ec_new(vctx)) != NULL - && ec_import(eckey, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params) - && ec_param_pem(vctx, eckey, out, cb, cbarg)) - ok = 1; - ec_free(eckey); - } - return ok; -} - -static int ec_param_pem(void *vctx, void *eckey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(vctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = PEM_write_bio_ECPKParameters(out, EC_KEY_get0_group(eckey)); - BIO_free(out); - - return ret; -} - -static int ec_param_print_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *ec_new; - OSSL_FUNC_keymgmt_free_fn *ec_free; - OSSL_FUNC_keymgmt_import_fn *ec_import; - int ok = 0; - - ec_get_new_free_import(&ec_new, &ec_free, &ec_import); - - if (ec_import != NULL) { - EC_KEY *eckey; - - /* vctx == provctx */ - if ((eckey = ec_new(vctx)) != NULL - && ec_import(eckey, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, params) - && ec_param_print(vctx, eckey, out, cb, cbarg)) - ok = 1; - ec_free(eckey); - } - return ok; -} - -static int ec_param_print(void *vctx, void *eckey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(vctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_eckey(out, eckey, ec_print_params); - BIO_free(out); - - return ret; -} - -const OSSL_DISPATCH ec_param_der_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_param_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_param_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_param_der_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_param_der }, - { 0, NULL } -}; - -const OSSL_DISPATCH ec_param_pem_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_param_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_param_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_param_pem_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_param_pem }, - { 0, NULL } -}; - -const OSSL_DISPATCH ec_param_text_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_param_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_param_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_param_print }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, - (void (*)(void))ec_param_print_data }, - { 0, NULL } -}; diff --git a/providers/implementations/serializers/serializer_ec_priv.c b/providers/implementations/serializers/serializer_ec_priv.c deleted file mode 100644 index 25dc8dbcca..0000000000 --- a/providers/implementations/serializers/serializer_ec_priv.c +++ /dev/null @@ -1,290 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <openssl/core_dispatch.h> -#include <openssl/core_names.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include <openssl/ec.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn ec_priv_newctx; -static OSSL_FUNC_serializer_freectx_fn ec_priv_freectx; -static OSSL_FUNC_serializer_set_ctx_params_fn ec_priv_set_ctx_params; -static OSSL_FUNC_serializer_settable_ctx_params_fn ec_priv_settable_ctx_params; -static OSSL_FUNC_serializer_serialize_data_fn ec_priv_der_data; -static OSSL_FUNC_serializer_serialize_object_fn ec_priv_der; -static OSSL_FUNC_serializer_serialize_data_fn ec_pem_priv_data; -static OSSL_FUNC_serializer_serialize_object_fn ec_pem_priv; - -static OSSL_FUNC_serializer_newctx_fn ec_print_newctx; -static OSSL_FUNC_serializer_freectx_fn ec_print_freectx; -static OSSL_FUNC_serializer_serialize_data_fn ec_priv_print_data; -static OSSL_FUNC_serializer_serialize_object_fn ec_priv_print; - - /* - * Context used for private key serialization. - */ -struct ec_priv_ctx_st { - void *provctx; - - struct pkcs8_encrypt_ctx_st sc; -}; - -/* Private key : context */ -static void *ec_priv_newctx(void *provctx) -{ - struct ec_priv_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); - - if (ctx != NULL) { - ctx->provctx = provctx; - - /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ - ctx->sc.pbe_nid = -1; - } - return ctx; -} - -static void ec_priv_freectx(void *vctx) -{ - struct ec_priv_ctx_st *ctx = vctx; - - EVP_CIPHER_free(ctx->sc.cipher); - OPENSSL_free(ctx->sc.cipher_pass); - OPENSSL_free(ctx); -} - -static const OSSL_PARAM *ec_priv_settable_ctx_params(ossl_unused void *provctx) -{ - static const OSSL_PARAM settables[] = { - OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0), - OSSL_PARAM_octet_string(OSSL_SERIALIZER_PARAM_PASS, NULL, 0), - OSSL_PARAM_END, - }; - - return settables; -} - -static int ec_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) -{ - struct ec_priv_ctx_st *ctx = vctx; - const OSSL_PARAM *p; - - if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_CIPHER)) - != NULL) { - const OSSL_PARAM *propsp = - OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PROPERTIES); - const char *props = NULL; - - if (p->data_type != OSSL_PARAM_UTF8_STRING) - return 0; - if (propsp != NULL && propsp->data_type != OSSL_PARAM_UTF8_STRING) - return 0; - props = (propsp != NULL ? propsp->data : NULL); - - EVP_CIPHER_free(ctx->sc.cipher); - ctx->sc.cipher_intent = p->data != NULL; - if (p->data != NULL - && ((ctx->sc.cipher = EVP_CIPHER_fetch(NULL, p->data, props)) - == NULL)) - return 0; - } - if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PASS)) - != NULL) { - OPENSSL_free(ctx->sc.cipher_pass); - ctx->sc.cipher_pass = NULL; - if (!OSSL_PARAM_get_octet_string(p, &ctx->sc.cipher_pass, 0, - &ctx->sc.cipher_pass_length)) - return 0; - } - return 1; -} - -/* Private key : DER */ -static int ec_priv_der_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ec_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *ec_new; - OSSL_FUNC_keymgmt_free_fn *ec_free; - OSSL_FUNC_keymgmt_import_fn *ec_import; - int ok = 0; - - ec_get_new_free_import(&ec_new, &ec_free, &ec_import); - - if (ec_import != NULL) { - EC_KEY *eckey; - - if ((eckey = ec_new(ctx->provctx)) != NULL - && ec_import(eckey, OSSL_KEYMGMT_SELECT_ALL, params) - && ec_priv_der(ctx, eckey, out, cb, cbarg)) - ok = 1; - ec_free(eckey); - } - return ok; -} - -static int ec_priv_der(void *vctx, void *eckey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ec_priv_ctx_st *ctx = vctx; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - int ret; - - if (out == NULL) - return 0; - - ctx->sc.cb = cb; - ctx->sc.cbarg = cbarg; - - ret = ossl_prov_write_priv_der_from_obj(out, eckey, EVP_PKEY_EC, - ossl_prov_prepare_ec_params, - ossl_prov_ec_priv_to_der, - &ctx->sc); - BIO_free(out); - - return ret; -} - -/* Private key : PEM */ -static int ec_pem_priv_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ec_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *ec_new; - OSSL_FUNC_keymgmt_free_fn *ec_free; - OSSL_FUNC_keymgmt_import_fn *ec_import; - int ok = 0; - - ec_get_new_free_import(&ec_new, &ec_free, &ec_import); - - if (ec_import != NULL) { - EC_KEY *eckey; - - if ((eckey = ec_new(ctx->provctx)) != NULL - && ec_import(eckey, OSSL_KEYMGMT_SELECT_ALL, params) - && ec_pem_priv(ctx, eckey, out, cb, cbarg)) - ok = 1; - ec_free(eckey); - } - return ok; -} - -static int ec_pem_priv(void *vctx, void *eckey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ec_priv_ctx_st *ctx = vctx; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - int ret; - - if (out == NULL) - return 0; - - ctx->sc.cb = cb; - ctx->sc.cbarg = cbarg; - - ret = ossl_prov_write_priv_pem_from_obj(out, eckey, EVP_PKEY_EC, - ossl_prov_prepare_ec_params, - ossl_prov_ec_priv_to_der, - &ctx->sc); - BIO_free(out); - - return ret; -} - -/* - * There's no specific print context, so we use the provider context - */ -static void *ec_print_newctx(void *provctx) -{ - return provctx; -} - -static void ec_print_freectx(void *ctx) -{ -} - -static int ec_priv_print_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ec_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *ec_new; - OSSL_FUNC_keymgmt_free_fn *ec_free; - OSSL_FUNC_keymgmt_import_fn *ec_import; - int ok = 0; - - ec_get_new_free_import(&ec_new, &ec_free, &ec_import); - - if (ec_import != NULL) { - EC_KEY *eckey; - - if ((eckey = ec_new(ctx->provctx)) != NULL - && ec_import(eckey, OSSL_KEYMGMT_SELECT_ALL, params) - && ec_priv_print(ctx, eckey, out, cb, cbarg)) - ok = 1; - ec_free(eckey); - } - return ok; -} - -static int ec_priv_print(void *ctx, void *eckey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_eckey(out, eckey, ec_print_priv); - BIO_free(out); - - return ret; -} - -const OSSL_DISPATCH ec_priv_der_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_priv_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_priv_freectx }, - { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS, - (void (*)(void))ec_priv_set_ctx_params }, - { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS, - (void (*)(void))ec_priv_settable_ctx_params }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_priv_der_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_priv_der }, - { 0, NULL } -}; - -const OSSL_DISPATCH ec_priv_pem_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_priv_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_priv_freectx }, - { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS, - (void (*)(void))ec_priv_set_ctx_params }, - { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS, - (void (*)(void))ec_priv_settable_ctx_params }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_pem_priv_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_pem_priv }, - { 0, NULL } -}; - -const OSSL_DISPATCH ec_priv_text_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_print_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_print_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_priv_print }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, - (void (*)(void))ec_priv_print_data }, - { 0, NULL } -}; diff --git a/providers/implementations/serializers/serializer_ec_pub.c b/providers/implementations/serializers/serializer_ec_pub.c deleted file mode 100644 index 42fb4f96f2..0000000000 --- a/providers/implementations/serializers/serializer_ec_pub.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <openssl/core_dispatch.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -#define EC_SELECT_PUBLIC_IMPORTABLE \ - OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS - -static OSSL_FUNC_serializer_newctx_fn ec_pub_newctx; -static OSSL_FUNC_serializer_freectx_fn ec_pub_freectx; -static OSSL_FUNC_serializer_serialize_data_fn ec_pub_der_data; -static OSSL_FUNC_serializer_serialize_object_fn ec_pub_der; -static OSSL_FUNC_serializer_serialize_data_fn ec_pub_pem_data; -static OSSL_FUNC_serializer_serialize_object_fn ec_pub_pem; - -static OSSL_FUNC_serializer_serialize_data_fn ec_pub_print_data; -static OSSL_FUNC_serializer_serialize_object_fn ec_pub_print; - -/* Public key : context */ - -/* - * There's no specific implementation context, so we use the provider context - */ -static void *ec_pub_newctx(void *provctx) -{ - return provctx; -} - -static void ec_pub_freectx(void *ctx) -{ -} - -/* Public key : DER */ -static int ec_pub_der_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *ec_new; - OSSL_FUNC_keymgmt_free_fn *ec_free; - OSSL_FUNC_keymgmt_import_fn *ec_import; - int ok = 0; - - ec_get_new_free_import(&ec_new, &ec_free, &ec_import); - - if (ec_import != NULL) { - EC_KEY *eckey; - - /* vctx == provctx */ - if ((eckey = ec_new(vctx)) != NULL - && ec_import(eckey, EC_SELECT_PUBLIC_IMPORTABLE, params) - && ec_pub_der(vctx, eckey, out, cb, cbarg)) - ok = 1; - ec_free(eckey); - } - return ok; -} - -static int ec_pub_der(void *ctx, void *eckey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_write_pub_der_from_obj(out, eckey, EVP_PKEY_EC, - ossl_prov_prepare_ec_params, - ossl_prov_ec_pub_to_der); - BIO_free(out); - - return ret; -} - -/* Public key : PEM */ -static int ec_pub_pem_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *ec_new; - OSSL_FUNC_keymgmt_free_fn *ec_free; - OSSL_FUNC_keymgmt_import_fn *ec_import; - int ok = 0; - - ec_get_new_free_import(&ec_new, &ec_free, &ec_import); - - if (ec_import != NULL) { - EC_KEY *eckey; - - /* ctx == provctx */ - if ((eckey = ec_new(vctx)) != NULL - && ec_import(eckey, EC_SELECT_PUBLIC_IMPORTABLE, params) - && ec_pub_pem(vctx, eckey, out, cb, cbarg)) - ok = 1; - ec_free(eckey); - } - return ok; -} - -static int ec_pub_pem(void *vctx, void *eckey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(vctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_write_pub_pem_from_obj(out, eckey, EVP_PKEY_EC, - ossl_prov_prepare_ec_params, - ossl_prov_ec_pub_to_der); - BIO_free(out); - - return ret; -} - -static int ec_pub_print_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *ec_new; - OSSL_FUNC_keymgmt_free_fn *ec_free; - OSSL_FUNC_keymgmt_import_fn *ec_import; - int ok = 0; - - ec_get_new_free_import(&ec_new, &ec_free, &ec_import); - - if (ec_import != NULL) { - EC_KEY *eckey; - - /* ctx == provctx */ - if ((eckey = ec_new(vctx)) != NULL - && ec_import(eckey, EC_SELECT_PUBLIC_IMPORTABLE, params) - && ec_pub_print(vctx, eckey, out, cb, cbarg)) - ok = 1; - ec_free(eckey); - } - return ok; -} - -static int ec_pub_print(void *vctx, void *eckey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(vctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_eckey(out, eckey, ec_print_pub); - BIO_free(out); - - return ret; -} - -const OSSL_DISPATCH ec_pub_der_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_pub_der_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_pub_der }, - { 0, NULL } -}; - -const OSSL_DISPATCH ec_pub_pem_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))ec_pub_pem_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_pub_pem }, - { 0, NULL } -}; - -const OSSL_DISPATCH ec_pub_text_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))ec_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ec_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))ec_pub_print }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, - (void (*)(void))ec_pub_print_data }, - { 0, NULL } -}; diff --git a/providers/implementations/serializers/serializer_ecx.c b/providers/implementations/serializers/serializer_ecx.c deleted file mode 100644 index ef16d97b97..0000000000 --- a/providers/implementations/serializers/serializer_ecx.c +++ /dev/null @@ -1,145 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <openssl/err.h> -#include "crypto/ecx.h" -#include "prov/bio.h" /* ossl_prov_bio_printf() */ -#include "prov/implementations.h" /* ecx_keymgmt_functions */ -#include "serializer_local.h" - -void ecx_get_new_free_import(ECX_KEY_TYPE type, - OSSL_FUNC_keymgmt_new_fn **ecx_new, - OSSL_FUNC_keymgmt_free_fn **ecx_free, - OSSL_FUNC_keymgmt_import_fn **ecx_import) -{ - if (type == ECX_KEY_TYPE_X25519) { - *ecx_new = ossl_prov_get_keymgmt_new(x25519_keymgmt_functions); - *ecx_free = ossl_prov_get_keymgmt_free(x25519_keymgmt_functions); - *ecx_import = ossl_prov_get_keymgmt_import(x25519_keymgmt_functions); - } else if (type == ECX_KEY_TYPE_X448) { - *ecx_new = ossl_prov_get_keymgmt_new(x448_keymgmt_functions); - *ecx_free = ossl_prov_get_keymgmt_free(x448_keymgmt_functions); - *ecx_import = ossl_prov_get_keymgmt_import(x448_keymgmt_functions); - } else if (type == ECX_KEY_TYPE_ED25519) { - *ecx_new = ossl_prov_get_keymgmt_new(ed25519_keymgmt_functions); - *ecx_free = ossl_prov_get_keymgmt_free(ed25519_keymgmt_functions); - *ecx_import = ossl_prov_get_keymgmt_import(ed25519_keymgmt_functions); - } else if (type == ECX_KEY_TYPE_ED448) { - *ecx_new = ossl_prov_get_keymgmt_new(ed448_keymgmt_functions); - *ecx_free = ossl_prov_get_keymgmt_free(ed448_keymgmt_functions); - *ecx_import = ossl_prov_get_keymgmt_import(ed448_keymgmt_functions); - } else { - *ecx_new = NULL; - *ecx_free = NULL; - *ecx_import = NULL; - } -} - - -int ossl_prov_print_ecx(BIO *out, ECX_KEY *ecxkey, enum ecx_print_type type) -{ - const char *type_label = NULL; - - switch (type) { - case ecx_print_priv: - switch (ecxkey->type) { - case ECX_KEY_TYPE_X25519: - type_label = "X25519 Private-Key"; - break; - case ECX_KEY_TYPE_X448: - type_label = "X448 Private-Key"; - break; - case ECX_KEY_TYPE_ED25519: - type_label = "ED25519 Private-Key"; - break; - case ECX_KEY_TYPE_ED448: - type_label = "ED448 Private-Key"; - break; - } - break; - case ecx_print_pub: - switch (ecxkey->type) { - case ECX_KEY_TYPE_X25519: - type_label = "X25519 Public-Key"; - break; - case ECX_KEY_TYPE_X448: - type_label = "X448 Public-Key"; - break; - case ECX_KEY_TYPE_ED25519: - type_label = "ED25519 Public-Key"; - break; - case ECX_KEY_TYPE_ED448: - type_label = "ED448 Public-Key"; - break; - } - break; - } - - if (type == ecx_print_priv && ecxkey->privkey == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - - if (BIO_printf(out, "%s:\n", type_label) <= 0) - return 0; - if (type == ecx_print_priv - && !ossl_prov_print_labeled_buf(out, "priv:", ecxkey->privkey, - ecxkey->keylen)) - return 0; - if (!ossl_prov_print_labeled_buf(out, "pub:", ecxkey->pubkey, - ecxkey->keylen)) - return 0; - - return 1; -} - - -int ossl_prov_ecx_pub_to_der(const void *vecxkey, unsigned char **pder) -{ - const ECX_KEY *ecxkey = vecxkey; - unsigned char *keyblob; - - if (ecxkey == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - - keyblob = OPENSSL_memdup(ecxkey->pubkey, ecxkey->keylen); - if (keyblob == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - return 0; - } - - *pder = keyblob; - return ecxkey->keylen; -} - -int ossl_prov_ecx_priv_to_der(const void *vecxkey, unsigned char **pder) -{ - const ECX_KEY *ecxkey = vecxkey; - ASN1_OCTET_STRING oct; - int keybloblen; - - if (ecxkey == NULL || ecxkey->privkey == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - - oct.data = ecxkey->privkey; - oct.length = ecxkey->keylen; - oct.flags = 0; - - keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder); - if (keybloblen < 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - return 0; - } - - return keybloblen; -} diff --git a/providers/implementations/serializers/serializer_ecx_priv.c b/providers/implementations/serializers/serializer_ecx_priv.c deleted file mode 100644 index 7df1e01fd5..0000000000 --- a/providers/implementations/serializers/serializer_ecx_priv.c +++ /dev/null @@ -1,307 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <openssl/core_dispatch.h> -#include <openssl/core_names.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "crypto/ecx.h" -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn x25519_priv_newctx; -static OSSL_FUNC_serializer_newctx_fn x448_priv_newctx; -static OSSL_FUNC_serializer_newctx_fn ed25519_priv_newctx; -static OSSL_FUNC_serializer_newctx_fn ed448_priv_newctx; -static OSSL_FUNC_serializer_freectx_fn ecx_priv_freectx; -static OSSL_FUNC_serializer_set_ctx_params_fn ecx_priv_set_ctx_params; -static OSSL_FUNC_serializer_settable_ctx_params_fn ecx_priv_settable_ctx_params; -static OSSL_FUNC_serializer_serialize_data_fn ecx_priv_der_data; -static OSSL_FUNC_serializer_serialize_object_fn ecx_priv_der; -static OSSL_FUNC_serializer_serialize_data_fn ecx_priv_pem_data; -static OSSL_FUNC_serializer_serialize_object_fn ecx_priv_pem; - -static OSSL_FUNC_serializer_serialize_data_fn ecx_priv_print_data; -static OSSL_FUNC_serializer_serialize_object_fn ecx_priv_print; - - /* - * Context used for private key serialization. - */ -struct ecx_priv_ctx_st { - void *provctx; - - struct pkcs8_encrypt_ctx_st sc; - ECX_KEY_TYPE type; -}; - -/* Private key : context */ -static void *ecx_priv_newctx(void *provctx, ECX_KEY_TYPE type) -{ - struct ecx_priv_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); - - if (ctx != NULL) { - ctx->provctx = provctx; - - /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ - ctx->sc.pbe_nid = -1; - ctx->type = type; - } - return ctx; -} - -static void *x25519_priv_newctx(void *provctx) -{ - return ecx_priv_newctx(provctx, ECX_KEY_TYPE_X25519); -} - -static void *x448_priv_newctx(void *provctx) -{ - return ecx_priv_newctx(provctx, ECX_KEY_TYPE_X448); -} - -static void *ed25519_priv_newctx(void *provctx) -{ - return ecx_priv_newctx(provctx, ECX_KEY_TYPE_ED25519); -} - -static void *ed448_priv_newctx(void *provctx) -{ - return ecx_priv_newctx(provctx, ECX_KEY_TYPE_ED448); -} - -static void ecx_priv_freectx(void *vctx) -{ - struct ecx_priv_ctx_st *ctx = vctx; - - EVP_CIPHER_free(ctx->sc.cipher); - OPENSSL_free(ctx->sc.cipher_pass); - OPENSSL_free(ctx); -} - -static const OSSL_PARAM *ecx_priv_settable_ctx_params(ossl_unused void *provctx) -{ - static const OSSL_PARAM settables[] = { - OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0), - OSSL_PARAM_octet_string(OSSL_SERIALIZER_PARAM_PASS, NULL, 0), - OSSL_PARAM_END, - }; - - return settables; -} - -static int ecx_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) -{ - struct ecx_priv_ctx_st *ctx = vctx; - const OSSL_PARAM *p; - - p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_CIPHER); - if (p != NULL) { - const OSSL_PARAM *propsp = - OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PROPERTIES); - const char *props; - - if (p->data_type != OSSL_PARAM_UTF8_STRING) - return 0; - if (propsp != NULL && propsp->data_type != OSSL_PARAM_UTF8_STRING) - return 0; - props = (propsp != NULL ? propsp->data : NULL); - - EVP_CIPHER_free(ctx->sc.cipher); - ctx->sc.cipher_intent = p->data != NULL; - if (p->data != NULL - && ((ctx->sc.cipher = EVP_CIPHER_fetch(NULL, p->data, props)) - == NULL)) - return 0; - } - p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PASS); - if (p != NULL) { - OPENSSL_free(ctx->sc.cipher_pass); - ctx->sc.cipher_pass = NULL; - if (!OSSL_PARAM_get_octet_string(p, &ctx->sc.cipher_pass, 0, - &ctx->sc.cipher_pass_length)) - return 0; - } - return 1; -} - -/* Private key : DER */ -static int ecx_priv_der_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *ecx_new; - OSSL_FUNC_keymgmt_free_fn *ecx_free; - OSSL_FUNC_keymgmt_import_fn *ecx_import; - int ok = 0; - - ecx_get_new_free_import(ctx->type, &ecx_new, &ecx_free, &ecx_import); - - if (ecx_import != NULL) { - ECX_KEY *ecxkey; - - if ((ecxkey = ecx_new(ctx->provctx)) != NULL - && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && ecx_priv_der(ctx, ecxkey, out, cb, cbarg)) - ok = 1; - ecx_free(ecxkey); - } - return ok; -} - -static int ecx_priv_der(void *vctx, void *vecxkey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_priv_ctx_st *ctx = vctx; - ECX_KEY *ecxkey = vecxkey; - int ret; - int nid = KEYTYPE2NID(ctx->type); - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - - if (out == NULL) - return 0; - - ctx->sc.cb = cb; - ctx->sc.cbarg = cbarg; - - ret = ossl_prov_write_priv_der_from_obj(out, ecxkey, - nid, - NULL, - ossl_prov_ecx_priv_to_der, - &ctx->sc); - BIO_free(out); - - return ret; -} - -/* Private key : PEM */ -static int ecx_priv_pem_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *ecx_new; - OSSL_FUNC_keymgmt_free_fn *ecx_free; - OSSL_FUNC_keymgmt_import_fn *ecx_import; - int ok = 0; - - ecx_get_new_free_import(ctx->type, &ecx_new, &ecx_free, &ecx_import); - - if (ecx_import != NULL) { - ECX_KEY *ecxkey; - - if ((ecxkey = ecx_new(ctx->provctx)) != NULL - && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && ecx_priv_pem(ctx->provctx, ecxkey, out, cb, cbarg)) - ok = 1; - ecx_free(ecxkey); - } - return ok; -} - -static int ecx_priv_pem(void *vctx, void *ecxkey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_priv_ctx_st *ctx = vctx; - int ret; - int nid = KEYTYPE2NID(ctx->type); - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - - if (out == NULL) - return 0; - - ctx->sc.cb = cb; - ctx->sc.cbarg = cbarg; - - ret = ossl_prov_write_priv_pem_from_obj(out, ecxkey, - nid, - NULL, - ossl_prov_ecx_priv_to_der, - &ctx->sc); - BIO_free(out); - - return ret; -} - -static int ecx_priv_print_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *ecx_new; - OSSL_FUNC_keymgmt_free_fn *ecx_free; - OSSL_FUNC_keymgmt_import_fn *ecx_import; - int ok = 0; - - ecx_get_new_free_import(ctx->type, &ecx_new, &ecx_free, &ecx_import); - - if (ecx_import != NULL) { - ECX_KEY *ecxkey; - - if ((ecxkey = ecx_new(ctx->provctx)) != NULL - && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && ecx_priv_print(ctx, ecxkey, out, cb, cbarg)) - ok = 1; - ecx_free(ecxkey); - } - return ok; -} - -static int ecx_priv_print(void *vctx, void *ecxkey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_priv_ctx_st *ctx = vctx; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_ecx(out, ecxkey, ecx_print_priv); - BIO_free(out); - - return ret; -} - -#define MAKE_SERIALIZER_FUNCTIONS(alg, type) \ - const OSSL_DISPATCH alg##_priv_##type##_serializer_functions[] = { \ - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))alg##_priv_newctx }, \ - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ecx_priv_freectx }, \ - { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS, \ - (void (*)(void))ecx_priv_set_ctx_params }, \ - { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))ecx_priv_settable_ctx_params }, \ - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, \ - (void (*)(void))ecx_priv_##type##_data }, \ - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, \ - (void (*)(void))ecx_priv_##type }, \ - { 0, NULL } \ - }; - -#define MAKE_SERIALIZER_FUNCTIONS_GROUP(alg) \ - MAKE_SERIALIZER_FUNCTIONS(alg, der) \ - MAKE_SERIALIZER_FUNCTIONS(alg, pem) \ - const OSSL_DISPATCH alg##_priv_print_serializer_functions[] = { \ - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))alg##_priv_newctx }, \ - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ecx_priv_freectx }, \ - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, \ - (void (*)(void))ecx_priv_print }, \ - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, \ - (void (*)(void))ecx_priv_print_data }, \ - { 0, NULL } \ - }; - -MAKE_SERIALIZER_FUNCTIONS_GROUP(x25519) -MAKE_SERIALIZER_FUNCTIONS_GROUP(x448) -MAKE_SERIALIZER_FUNCTIONS_GROUP(ed25519) -MAKE_SERIALIZER_FUNCTIONS_GROUP(ed448) diff --git a/providers/implementations/serializers/serializer_ecx_pub.c b/providers/implementations/serializers/serializer_ecx_pub.c deleted file mode 100644 index fa15e5a8c4..0000000000 --- a/providers/implementations/serializers/serializer_ecx_pub.c +++ /dev/null @@ -1,226 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <openssl/core_dispatch.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "crypto/ecx.h" -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn x25519_pub_newctx; -static OSSL_FUNC_serializer_newctx_fn x448_pub_newctx; -static OSSL_FUNC_serializer_newctx_fn ed25519_pub_newctx; -static OSSL_FUNC_serializer_newctx_fn ed448_pub_newctx; -static OSSL_FUNC_serializer_freectx_fn ecx_pub_freectx; -static OSSL_FUNC_serializer_serialize_data_fn ecx_pub_der_data; -static OSSL_FUNC_serializer_serialize_object_fn ecx_pub_der; -static OSSL_FUNC_serializer_serialize_data_fn ecx_pub_pem_data; -static OSSL_FUNC_serializer_serialize_object_fn ecx_pub_pem; - -static OSSL_FUNC_serializer_serialize_data_fn ecx_pub_print_data; -static OSSL_FUNC_serializer_serialize_object_fn ecx_pub_print; - -/* - * Context used for public key serialization. - */ -struct ecx_pub_ctx_st { - void *provctx; - ECX_KEY_TYPE type; -}; - -/* Public key : context */ -static void *ecx_pub_newctx(void *provctx, ECX_KEY_TYPE type) -{ - struct ecx_pub_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); - - if (ctx != NULL) { - ctx->provctx = provctx; - ctx->type = type; - } - return ctx; -} - -static void *x25519_pub_newctx(void *provctx) -{ - return ecx_pub_newctx(provctx, ECX_KEY_TYPE_X25519); -} - -static void *x448_pub_newctx(void *provctx) -{ - return ecx_pub_newctx(provctx, ECX_KEY_TYPE_X448); -} - -static void *ed25519_pub_newctx(void *provctx) -{ - return ecx_pub_newctx(provctx, ECX_KEY_TYPE_ED25519); -} - -static void *ed448_pub_newctx(void *provctx) -{ - return ecx_pub_newctx(provctx, ECX_KEY_TYPE_ED448); -} - -static void ecx_pub_freectx(void *ctx) -{ - OPENSSL_free(ctx); -} - -/* Public key : DER */ -static int ecx_pub_der_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_pub_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *ecx_new; - OSSL_FUNC_keymgmt_free_fn *ecx_free; - OSSL_FUNC_keymgmt_import_fn *ecx_import; - int ok = 0; - - ecx_get_new_free_import(ctx->type, &ecx_new, &ecx_free, &ecx_import); - - if (ecx_import != NULL) { - ECX_KEY *ecxkey; - - if ((ecxkey = ecx_new(ctx->provctx)) != NULL - && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && ecx_pub_der(ctx, ecxkey, out, cb, cbarg)) - ok = 1; - ecx_free(ecxkey); - } - return ok; -} - -static int ecx_pub_der(void *vctx, void *ecxkey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_pub_ctx_st *ctx = vctx; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_write_pub_der_from_obj(out, ecxkey, - KEYTYPE2NID(ctx->type), - NULL, - ossl_prov_ecx_pub_to_der); - BIO_free(out); - - return ret; -} - -/* Public key : PEM */ -static int ecx_pub_pem_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_pub_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *ecx_new; - OSSL_FUNC_keymgmt_free_fn *ecx_free; - OSSL_FUNC_keymgmt_import_fn *ecx_import; - int ok = 0; - - ecx_get_new_free_import(ctx->type, &ecx_new, &ecx_free, &ecx_import); - - if (ecx_import != NULL) { - ECX_KEY *ecxkey; - - if ((ecxkey = ecx_new(ctx->provctx)) != NULL - && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && ecx_pub_pem(ctx, ecxkey, out, cb, cbarg)) - ok = 1; - ecx_free(ecxkey); - } - return ok; -} - -static int ecx_pub_pem(void *vctx, void *ecxkey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_pub_ctx_st *ctx = vctx; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_write_pub_pem_from_obj(out, ecxkey, - KEYTYPE2NID(ctx->type), - NULL, - ossl_prov_ecx_pub_to_der); - BIO_free(out); - - return ret; -} - -static int ecx_pub_print_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_pub_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *ecx_new; - OSSL_FUNC_keymgmt_free_fn *ecx_free; - OSSL_FUNC_keymgmt_import_fn *ecx_import; - int ok = 0; - - ecx_get_new_free_import(ctx->type, &ecx_new, &ecx_free, &ecx_import); - - if (ecx_import != NULL) { - ECX_KEY *ecxkey; - - if ((ecxkey = ecx_new(ctx)) != NULL - && ecx_import(ecxkey, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && ecx_pub_print(ctx, ecxkey, out, cb, cbarg)) - ok = 1; - ecx_free(ecxkey); - } - return ok; -} - -static int ecx_pub_print(void *vctx, void *ecxkey, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct ecx_pub_ctx_st *ctx = vctx; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_ecx(out, ecxkey, ecx_print_pub); - BIO_free(out); - - return ret; -} - -#define MAKE_SERIALIZER_FUNCTIONS(alg, type) \ - const OSSL_DISPATCH alg##_pub_##type##_serializer_functions[] = { \ - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))alg##_pub_newctx }, \ - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))ecx_pub_freectx }, \ - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, \ - (void (*)(void))ecx_pub_##type##_data }, \ - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, \ - (void (*)(void))ecx_pub_##type }, \ - { 0, NULL } \ - }; - -#define MAKE_SERIALIZER_FUNCTIONS_GROUP(alg) \ - MAKE_SERIALIZER_FUNCTIONS(alg, der) \ - MAKE_SERIALIZER_FUNCTIONS(alg, pem) \ - MAKE_SERIALIZER_FUNCTIONS(alg, print) - -MAKE_SERIALIZER_FUNCTIONS_GROUP(x25519) -MAKE_SERIALIZER_FUNCTIONS_GROUP(x448) -MAKE_SERIALIZER_FUNCTIONS_GROUP(ed25519) -MAKE_SERIALIZER_FUNCTIONS_GROUP(ed448) diff --git a/providers/implementations/serializers/serializer_ffc_params.c b/providers/implementations/serializers/serializer_ffc_params.c deleted file mode 100644 index ad96c4ddd0..0000000000 --- a/providers/implementations/serializers/serializer_ffc_params.c +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* Utility function for printing DSA/DH params. */ - -#include "prov/bio.h" -#include "serializer_local.h" - -int ffc_params_prov_print(BIO *out, const FFC_PARAMS *ffc) -{ - if (ffc->nid != NID_undef) { -#ifndef OPENSSL_NO_DH - const char *name = ffc_named_group_from_uid(ffc->nid); - - if (name == NULL) - goto err; - if (BIO_printf(out, "GROUP: %s\n", name) <= 0) - goto err; - return 1; -#else - /* How could this be? We should not have a nid in a no-dh build. */ - goto err; -#endif - } - - if (!ossl_prov_print_labeled_bignum(out, "P: ", ffc->p)) - goto err; - if (ffc->q != NULL) { - if (!ossl_prov_print_labeled_bignum(out, "Q: ", ffc->q)) - goto err; - } - if (!ossl_prov_print_labeled_bignum(out, "G: ", ffc->g)) - goto err; - if (ffc->j != NULL) { - if (!ossl_prov_print_labeled_bignum(out, "J: ", ffc->j)) - goto err; - } - if (ffc->seed != NULL) { - if (!ossl_prov_print_labeled_buf(out, "SEED:", ffc->seed, ffc->seedlen)) - goto err; - } - if (ffc->gindex != -1) { - if (BIO_printf(out, "gindex: %d\n", ffc->gindex) <= 0) - goto err; - } - if (ffc->pcounter != -1) { - if (BIO_printf(out, "pcounter: %d\n", ffc->pcounter) <= 0) - goto err; - } - if (ffc->h != 0) { - if (BIO_printf(out, "h: %d\n", ffc->h) <= 0) - goto err; - } - return 1; -err: - return 0; -} diff --git a/providers/implementations/serializers/serializer_local.h b/providers/implementations/serializers/serializer_local.h deleted file mode 100644 index 14c6073246..0000000000 --- a/providers/implementations/serializers/serializer_local.h +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <openssl/core.h> -#include <openssl/core_dispatch.h> -#include <openssl/bn.h> -#include <openssl/asn1.h> /* i2d_of_void */ -#include <openssl/x509.h> /* X509_SIG */ -#include <openssl/types.h> -#include <crypto/ecx.h> -#include "internal/ffc.h" - -struct pkcs8_encrypt_ctx_st { - /* Set to 1 if intending to encrypt/decrypt, otherwise 0 */ - int cipher_intent; - - EVP_CIPHER *cipher; - int pbe_nid; /* For future variation */ - - /* Passphrase that was passed by the caller */ - void *cipher_pass; - size_t cipher_pass_length; - - /* This callback is only used of |cipher_pass| is NULL */ - OSSL_PASSPHRASE_CALLBACK *cb; - void *cbarg; -}; - -OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_new(const OSSL_DISPATCH *fns); -OSSL_FUNC_keymgmt_free_fn *ossl_prov_get_keymgmt_free(const OSSL_DISPATCH *fns); -OSSL_FUNC_keymgmt_import_fn *ossl_prov_get_keymgmt_import(const OSSL_DISPATCH *fns); -OSSL_FUNC_keymgmt_export_fn *ossl_prov_get_keymgmt_export(const OSSL_DISPATCH *fns); - -OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_rsa_new(void); -OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_rsapss_new(void); -OSSL_FUNC_keymgmt_free_fn *ossl_prov_get_keymgmt_rsa_free(void); -OSSL_FUNC_keymgmt_import_fn *ossl_prov_get_keymgmt_rsa_import(void); -OSSL_FUNC_keymgmt_export_fn *ossl_prov_get_keymgmt_rsa_export(void); -OSSL_FUNC_keymgmt_export_fn *ossl_prov_get_keymgmt_rsapss_export(void); -OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_dh_new(void); -OSSL_FUNC_keymgmt_free_fn *ossl_prov_get_keymgmt_dh_free(void); -OSSL_FUNC_keymgmt_import_fn *ossl_prov_get_keymgmt_dh_import(void); -OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_dsa_new(void); -OSSL_FUNC_keymgmt_free_fn *ossl_prov_get_keymgmt_dsa_free(void); -OSSL_FUNC_keymgmt_import_fn *ossl_prov_get_keymgmt_dsa_import(void); - -void ec_get_new_free_import(OSSL_FUNC_keymgmt_new_fn **ec_new, - OSSL_FUNC_keymgmt_free_fn **ec_free, - OSSL_FUNC_keymgmt_import_fn **ec_import); - -int ossl_prov_prepare_ec_params(const void *eckey, int nid, - void **pstr, int *pstrtype); -int ossl_prov_ec_pub_to_der(const void *eckey, unsigned char **pder); -int ossl_prov_ec_priv_to_der(const void *eckey, unsigned char **pder); - -int ffc_params_prov_print(BIO *out, const FFC_PARAMS *ffc); -int ossl_prov_prepare_dh_params(const void *dh, int nid, - void **pstr, int *pstrtype); -int ossl_prov_dh_pub_to_der(const void *dh, unsigned char **pder); -int ossl_prov_dh_priv_to_der(const void *dh, unsigned char **pder); -int ossl_prov_dh_type_to_evp(const DH *dh); - -#ifndef OPENSSL_NO_EC -void ecx_get_new_free_import(ECX_KEY_TYPE type, - OSSL_FUNC_keymgmt_new_fn **ecx_new, - OSSL_FUNC_keymgmt_free_fn **ecx_free, - OSSL_FUNC_keymgmt_import_fn **ecx_import); -int ossl_prov_ecx_pub_to_der(const void *ecxkey, unsigned char **pder); -int ossl_prov_ecx_priv_to_der(const void *ecxkey, unsigned char **pder); -#endif - -int ossl_prov_prepare_dsa_params(const void *dsa, int nid, - void **pstr, int *pstrtype); -/* - * Special variant of ossl_prov_prepare_dsa_params() that requires all - * three parameters (P, Q and G) to be set. This is used when serializing - * the public key. - */ -int ossl_prov_prepare_all_dsa_params(const void *dsa, int nid, - void **pstr, int *pstrtype); -int ossl_prov_dsa_pub_to_der(const void *dsa, unsigned char **pder); -int ossl_prov_dsa_priv_to_der(const void *dsa, unsigned char **pder); - -/* - * ossl_prov_prepare_rsa_params() is designed to work with the ossl_prov_write_ - * functions, hence 'void *rsa' rather than 'RSA *rsa'. - */ -int ossl_prov_prepare_rsa_params(const void *rsa, int nid, - void **pstr, int *pstrtype); -int ossl_prov_rsa_type_to_evp(const RSA *rsa); - -int ossl_prov_print_labeled_bignum(BIO *out, const char *label, - const BIGNUM *bn); -int ossl_prov_print_labeled_buf(BIO *out, const char *label, - const unsigned char *buf, size_t buflen); -int ossl_prov_print_rsa(BIO *out, RSA *rsa, int priv); - -enum dh_print_type { - dh_print_priv, - dh_print_pub, - dh_print_params -}; - -int ossl_prov_print_dh(BIO *out, DH *dh, enum dh_print_type type); - -#ifndef OPENSSL_NO_EC -enum ec_print_type { - ec_print_priv, - ec_print_pub, - ec_print_params -}; - -int ossl_prov_print_eckey(BIO *out, EC_KEY *eckey, enum ec_print_type type); -#endif /* OPENSSL_NO_EC */ - -enum dsa_print_type { - dsa_print_priv, - dsa_print_pub, - dsa_print_params -}; - -int ossl_prov_print_dsa(BIO *out, DSA *dsa, enum dsa_print_type type); - -enum ecx_print_type { - ecx_print_priv, - ecx_print_pub -}; - -#ifndef OPENSSL_NO_EC -int ossl_prov_print_ecx(BIO *out, ECX_KEY *ecxkey, enum ecx_print_type type); -#endif - -int ossl_prov_write_priv_der_from_obj(BIO *out, const void *obj, int obj_nid, - int (*p2s)(const void *obj, int nid, - void **str, - int *strtype), - int (*k2d)(const void *obj, - unsigned char **pder), - struct pkcs8_encrypt_ctx_st *ctx); -int ossl_prov_write_priv_pem_from_obj(BIO *out, const void *obj, int obj_nid, - int (*p2s)(const void *obj, int nid, - void **str, - int *strtype), - int (*k2d)(const void *obj, - unsigned char **pder), - struct pkcs8_encrypt_ctx_st *ctx); -int ossl_prov_write_pub_der_from_obj(BIO *out, const void *obj, int obj_nid, - int (*p2s)(const void *obj, int nid, - void **str, - int *strtype), - int (*k2d)(const void *obj, - unsigned char **pder)); -int ossl_prov_write_pub_pem_from_obj(BIO *out, const void *obj, int obj_nid, - int (*p2s)(const void *obj, int nid, - void **str, - int *strtype), - int (*k2d)(const void *obj, - unsigned char **pder)); - -int ossl_prov_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin, - unsigned char **data, long *len); -int ossl_prov_read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin, - char **pem_name, char **pem_header, - unsigned char **data, long *len); -#ifndef OPENSSL_NO_DSA -EVP_PKEY *ossl_prov_read_msblob(PROV_CTX *provctx, OSSL_CORE_BIO *cin, - int *ispub); -# ifndef OPENSSL_NO_RC4 -EVP_PKEY *ossl_prov_read_pvk(PROV_CTX *provctx, OSSL_CORE_BIO *cin, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg); -# endif -#endif - -int ossl_prov_der_from_p8(unsigned char **new_der, long *new_der_len, - unsigned char *input_der, long input_der_len, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg); - diff --git a/providers/implementations/serializers/serializer_rsa.c b/providers/implementations/serializers/serializer_rsa.c deleted file mode 100644 index 9250d49735..0000000000 --- a/providers/implementations/serializers/serializer_rsa.c +++ /dev/null @@ -1,277 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * RSA low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include "internal/packet.h" -#include "crypto/rsa.h" /* rsa_get0_all_params() */ -#include "prov/bio.h" /* ossl_prov_bio_printf() */ -#include "prov/der_rsa.h" /* DER_w_RSASSA_PSS_params() */ -#include "prov/implementations.h" /* rsa_keymgmt_functions */ -#include "serializer_local.h" - -DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) - -OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_rsa_new(void) -{ - return ossl_prov_get_keymgmt_new(rsa_keymgmt_functions); -} - -OSSL_FUNC_keymgmt_new_fn *ossl_prov_get_keymgmt_rsapss_new(void) -{ - return ossl_prov_get_keymgmt_new(rsapss_keymgmt_functions); -} - -OSSL_FUNC_keymgmt_free_fn *ossl_prov_get_keymgmt_rsa_free(void) -{ - return ossl_prov_get_keymgmt_free(rsa_keymgmt_functions); -} - -OSSL_FUNC_keymgmt_import_fn *ossl_prov_get_keymgmt_rsa_import(void) -{ - return ossl_prov_get_keymgmt_import(rsa_keymgmt_functions); -} - -OSSL_FUNC_keymgmt_export_fn *ossl_prov_get_keymgmt_rsa_export(void) -{ - return ossl_prov_get_keymgmt_export(rsa_keymgmt_functions); -} - -OSSL_FUNC_keymgmt_export_fn *ossl_prov_get_keymgmt_rsapss_export(void) -{ - return ossl_prov_get_keymgmt_export(rsapss_keymgmt_functions); -} - -int ossl_prov_print_rsa(BIO *out, RSA *rsa, int priv) -{ - const char *modulus_label; - const char *exponent_label; - const BIGNUM *rsa_d = NULL, *rsa_n = NULL, *rsa_e = NULL; - STACK_OF(BIGNUM_const) *factors = sk_BIGNUM_const_new_null(); - STACK_OF(BIGNUM_const) *exps = sk_BIGNUM_const_new_null(); - STACK_OF(BIGNUM_const) *coeffs = sk_BIGNUM_const_new_null(); - RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30(rsa); - int ret = 0; - - if (rsa == NULL || factors == NULL || exps == NULL || coeffs == NULL) - goto err; - - RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); - rsa_get0_all_params(rsa, factors, exps, coeffs); - - if (priv && rsa_d != NULL) { - if (BIO_printf(out, "Private-Key: (%d bit, %d primes)\n", - BN_num_bits(rsa_n), - sk_BIGNUM_const_num(factors)) <= 0) - goto err; - modulus_label = "modulus:"; - exponent_label = "publicExponent:"; - } else { - if (BIO_printf(out, "Public-Key: (%d bit)\n", BN_num_bits(rsa_n)) <= 0) - goto err; - modulus_label = "Modulus:"; - exponent_label = "Exponent:"; - } - if (!ossl_prov_print_labeled_bignum(out, modulus_label, rsa_n)) - goto err; - if (!ossl_prov_print_labeled_bignum(out, exponent_label, rsa_e)) - goto err; - if (priv) { - int i; - - if (!ossl_prov_print_labeled_bignum(out, "privateExponent:", rsa_d)) - goto err; - if (!ossl_prov_print_labeled_bignum(out, "prime1:", - sk_BIGNUM_const_value(factors, 0))) - goto err; - if (!ossl_prov_print_labeled_bignum(out, "prime2:", - sk_BIGNUM_const_value(factors, 1))) - goto err; - if (!ossl_prov_print_labeled_bignum(out, "exponent1:", - sk_BIGNUM_const_value(exps, 0))) - goto err; - if (!ossl_prov_print_labeled_bignum(out, "exponent2:", - sk_BIGNUM_const_value(exps, 1))) - goto err; - if (!ossl_prov_print_labeled_bignum(out, "coefficient:", - sk_BIGNUM_const_value(coeffs, 0))) - goto err; - for (i = 2; i < sk_BIGNUM_const_num(factors); i++) { - if (BIO_printf(out, "prime%d:", i + 1) <= 0) - goto err; - if (!ossl_prov_print_labeled_bignum(out, NULL, - sk_BIGNUM_const_value(factors, - i))) - goto err; - if (BIO_printf(out, "exponent%d:", i + 1) <= 0) - goto err; - if (!ossl_prov_print_labeled_bignum(out, NULL, - sk_BIGNUM_const_value(exps, i))) - goto err; - if (BIO_printf(out, "coefficient%d:", i + 1) <= 0) - goto err; - if (!ossl_prov_print_labeled_bignum(out, NULL, - sk_BIGNUM_const_value(coeffs, - i - 1))) - goto err; - } - } - - switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { - case RSA_FLAG_TYPE_RSA: - if (!rsa_pss_params_30_is_unrestricted(pss_params)) { - if (BIO_printf(out, "(INVALID PSS PARAMETERS)\n") <= 0) - goto err; - } - break; - case RSA_FLAG_TYPE_RSASSAPSS: - if (rsa_pss_params_30_is_unrestricted(pss_params)) { - if (BIO_printf(out, "No PSS parameter restrictions\n") <= 0) - goto err; - } else { - int hashalg_nid = rsa_pss_params_30_hashalg(pss_params); - int maskgenalg_nid = rsa_pss_params_30_maskgenalg(pss_params); - int maskgenhashalg_nid = - rsa_pss_params_30_maskgenhashalg(pss_params); - int saltlen = rsa_pss_params_30_saltlen(pss_params); - int trailerfield = rsa_pss_params_30_trailerfield(pss_params); - - if (BIO_printf(out, "PSS parameter restrictions:\n") <= 0) - goto err; - if (BIO_printf(out, " Hash Algorithm: %s%s\n", - rsa_oaeppss_nid2name(hashalg_nid), - (hashalg_nid == NID_sha1 - ? " (default)" : "")) <= 0) - goto err; - if (BIO_printf(out, " Mask Algorithm: %s with %s%s\n", - rsa_mgf_nid2name(maskgenalg_nid), - rsa_oaeppss_nid2name(maskgenhashalg_nid), - (maskgenalg_nid == NID_mgf1 - && maskgenhashalg_nid == NID_sha1 - ? " (default)" : "")) <= 0) - goto err; - if (BIO_printf(out, " Minimum Salt Length: %d%s\n", - saltlen, - (saltlen == 20 ? " (default)" : "")) <= 0) - goto err; - /* - * TODO(3.0) Should we show the ASN.1 trailerField value, or - * the actual trailerfield byte (i.e. 0xBC for 1)? - * crypto/rsa/rsa_ameth.c isn't very clear on that, as it - * does display 0xBC when the default applies, but the ASN.1 - * trailerField value otherwise... - */ - if (BIO_printf(out, " Trailer Field: 0x%x%s\n", - trailerfield, - (trailerfield == 1 ? " (default)" : "")) - <= 0) - goto err; - } - break; - } - - ret = 1; - err: - sk_BIGNUM_const_free(factors); - sk_BIGNUM_const_free(exps); - sk_BIGNUM_const_free(coeffs); - return ret; -} - -/* - * Helper functions to prepare RSA-PSS params for serialization. We would - * have simply written the whole AlgorithmIdentifier, but existing libcrypto - * functionality doesn't allow that. - */ - -int ossl_prov_prepare_rsa_params(const void *rsa, int nid, - void **pstr, int *pstrtype) -{ - const RSA_PSS_PARAMS_30 *pss = rsa_get0_pss_params_30((RSA *)rsa); - - *pstr = NULL; - - switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { - case RSA_FLAG_TYPE_RSA: - /* If plain RSA, the parameters shall be NULL */ - *pstrtype = V_ASN1_NULL; - return 1; - case RSA_FLAG_TYPE_RSASSAPSS: - if (rsa_pss_params_30_is_unrestricted(pss)) { - *pstrtype = V_ASN1_UNDEF; - return 1; - } else { - ASN1_STRING *astr = NULL; - WPACKET pkt; - unsigned char *str = NULL; - size_t str_sz = 0; - int i; - - for (i = 0; i < 2; i++) { - switch (i) { - case 0: - if (!WPACKET_init_null_der(&pkt)) - goto err; - break; - case 1: - if ((str = OPENSSL_malloc(str_sz)) == NULL - || !WPACKET_init_der(&pkt, str, str_sz)) { - goto err; - } - break; - } - if (!DER_w_RSASSA_PSS_params(&pkt, -1, pss) - || !WPACKET_finish(&pkt) - || !WPACKET_get_total_written(&pkt, &str_sz)) - goto err; - WPACKET_cleanup(&pkt); - - /* - * If no PSS parameters are going to be written, there's no - * point going for another iteration. - * This saves us from getting |str| allocated just to have it - * immediately de-allocated. - */ - if (str_sz == 0) - break; - } - - if ((astr = ASN1_STRING_new()) == NULL) - goto err; - *pstrtype = V_ASN1_SEQUENCE; - ASN1_STRING_set0(astr, str, (int)str_sz); - *pstr = astr; - - return 1; - err: - OPENSSL_free(str); - return 0; - } - } - - /* Currently unsupported RSA key type */ - return 0; -} - -int ossl_prov_rsa_type_to_evp(const RSA *rsa) -{ - switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { - case RSA_FLAG_TYPE_RSA: - return EVP_PKEY_RSA; - case RSA_FLAG_TYPE_RSASSAPSS: - return EVP_PKEY_RSA_PSS; - } - - /* Currently unsupported RSA key type */ - return EVP_PKEY_NONE; -} diff --git a/providers/implementations/serializers/serializer_rsa_priv.c b/providers/implementations/serializers/serializer_rsa_priv.c deleted file mode 100644 index 5a589ae020..0000000000 --- a/providers/implementations/serializers/serializer_rsa_priv.c +++ /dev/null @@ -1,294 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * RSA low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/core_dispatch.h> -#include <openssl/core_names.h> -#include <openssl/err.h> -#include <openssl/pem.h> -#include <openssl/rsa.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include <openssl/safestack.h> -#include "crypto/rsa.h" -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/providercommonerr.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn rsa_priv_newctx; -static OSSL_FUNC_serializer_freectx_fn rsa_priv_freectx; -static OSSL_FUNC_serializer_set_ctx_params_fn rsa_priv_set_ctx_params; -static OSSL_FUNC_serializer_settable_ctx_params_fn rsa_priv_settable_ctx_params; -static OSSL_FUNC_serializer_serialize_data_fn rsa_priv_der_data; -static OSSL_FUNC_serializer_serialize_object_fn rsa_priv_der; -static OSSL_FUNC_serializer_serialize_data_fn rsa_pem_priv_data; -static OSSL_FUNC_serializer_serialize_object_fn rsa_pem_priv; - -static OSSL_FUNC_serializer_newctx_fn rsa_print_newctx; -static OSSL_FUNC_serializer_freectx_fn rsa_print_freectx; -static OSSL_FUNC_serializer_serialize_data_fn rsa_priv_print_data; -static OSSL_FUNC_serializer_serialize_object_fn rsa_priv_print; - - /* - * Context used for private key serialization. - */ -struct rsa_priv_ctx_st { - void *provctx; - - struct pkcs8_encrypt_ctx_st sc; -}; - -/* Private key : context */ -static void *rsa_priv_newctx(void *provctx) -{ - struct rsa_priv_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx)); - - if (ctx != NULL) { - ctx->provctx = provctx; - /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ - ctx->sc.pbe_nid = -1; - } - return ctx; -} - -static void rsa_priv_freectx(void *vctx) -{ - struct rsa_priv_ctx_st *ctx = vctx; - - EVP_CIPHER_free(ctx->sc.cipher); - OPENSSL_free(ctx->sc.cipher_pass); - OPENSSL_free(ctx); -} - -static const OSSL_PARAM *rsa_priv_settable_ctx_params(ossl_unused void *provctx) -{ - static const OSSL_PARAM settables[] = { - OSSL_PARAM_utf8_string(OSSL_SERIALIZER_PARAM_CIPHER, NULL, 0), - OSSL_PARAM_octet_string(OSSL_SERIALIZER_PARAM_PASS, NULL, 0), - OSSL_PARAM_END, - }; - - return settables; -} - -static int rsa_priv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) -{ - struct rsa_priv_ctx_st *ctx = vctx; - const OSSL_PARAM *p; - - if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_CIPHER)) - != NULL) { - const OSSL_PARAM *propsp = - OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PROPERTIES); - const char *props = NULL; - - if (p->data_type != OSSL_PARAM_UTF8_STRING) - return 0; - if (propsp != NULL && propsp->data_type != OSSL_PARAM_UTF8_STRING) - return 0; - props = (propsp != NULL ? propsp->data : NULL); - - EVP_CIPHER_free(ctx->sc.cipher); - ctx->sc.cipher_intent = p->data != NULL; - if (p->data != NULL - && ((ctx->sc.cipher = EVP_CIPHER_fetch(NULL, p->data, props)) - == NULL)) - return 0; - } - if ((p = OSSL_PARAM_locate_const(params, OSSL_SERIALIZER_PARAM_PASS)) - != NULL) { - OPENSSL_free(ctx->sc.cipher_pass); - ctx->sc.cipher_pass = NULL; - if (!OSSL_PARAM_get_octet_string(p, &ctx->sc.cipher_pass, 0, - &ctx->sc.cipher_pass_length)) - return 0; - } - return 1; -} - -/* Private key : DER */ -static int rsa_priv_der_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct rsa_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *rsa_new = ossl_prov_get_keymgmt_rsa_new(); - OSSL_FUNC_keymgmt_free_fn *rsa_free = ossl_prov_get_keymgmt_rsa_free(); - OSSL_FUNC_keymgmt_import_fn *rsa_import = ossl_prov_get_keymgmt_rsa_import(); - int ok = 0; - - if (rsa_import != NULL) { - RSA *rsa; - - if ((rsa = rsa_new(ctx->provctx)) != NULL - && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && rsa_priv_der(ctx, rsa, out, cb, cbarg)) - ok = 1; - rsa_free(rsa); - } - return ok; -} - -static int rsa_priv_der(void *vctx, void *rsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct rsa_priv_ctx_st *ctx = vctx; - int ret; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - - if (out == NULL) - return 0; - - ctx->sc.cb = cb; - ctx->sc.cbarg = cbarg; - - ret = ossl_prov_write_priv_der_from_obj(out, rsa, - ossl_prov_rsa_type_to_evp(rsa), - ossl_prov_prepare_rsa_params, - (i2d_of_void *)i2d_RSAPrivateKey, - &ctx->sc); - BIO_free(out); - - return ret; -} - -/* Private key : PEM */ -static int rsa_pem_priv_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct rsa_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *rsa_new = ossl_prov_get_keymgmt_rsa_new(); - OSSL_FUNC_keymgmt_free_fn *rsa_free = ossl_prov_get_keymgmt_rsa_free(); - OSSL_FUNC_keymgmt_import_fn *rsa_import = ossl_prov_get_keymgmt_rsa_import(); - int ok = 0; - - if (rsa_import != NULL) { - RSA *rsa; - - if ((rsa = rsa_new(ctx->provctx)) != NULL - && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && rsa_pem_priv(ctx, rsa, out, cb, cbarg)) - ok = 1; - rsa_free(rsa); - } - return ok; -} - -static int rsa_pem_priv(void *vctx, void *rsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct rsa_priv_ctx_st *ctx = vctx; - int ret; - BIO *out = bio_new_from_core_bio(ctx->provctx, cout); - - if (out == NULL) - return 0; - - ctx->sc.cb = cb; - ctx->sc.cbarg = cbarg; - - ret = ossl_prov_write_priv_pem_from_obj(out, rsa, - ossl_prov_rsa_type_to_evp(rsa), - ossl_prov_prepare_rsa_params, - (i2d_of_void *)i2d_RSAPrivateKey, - &ctx->sc); - BIO_free(out); - - return ret; -} - -/* - * There's no specific print context, so we use the provider context - */ -static void *rsa_print_newctx(void *provctx) -{ - return provctx; -} - -static void rsa_print_freectx(void *ctx) -{ -} - -static int rsa_priv_print_data(void *vctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - struct rsa_priv_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_new_fn *rsa_new = ossl_prov_get_keymgmt_rsa_new(); - OSSL_FUNC_keymgmt_free_fn *rsa_free = ossl_prov_get_keymgmt_rsa_free(); - OSSL_FUNC_keymgmt_import_fn *rsa_import = ossl_prov_get_keymgmt_rsa_import(); - int ok = 0; - - if (rsa_import != NULL) { - RSA *rsa; - - if ((rsa = rsa_new(ctx->provctx)) != NULL - && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && rsa_priv_print(ctx, rsa, out, cb, cbarg)) - ok = 1; - rsa_free(rsa); - } - return ok; -} - -static int rsa_priv_print(void *ctx, void *rsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_rsa(out, rsa, 1); - BIO_free(out); - - return ret; -} - -const OSSL_DISPATCH rsa_priv_der_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_priv_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_priv_freectx }, - { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS, - (void (*)(void))rsa_priv_set_ctx_params }, - { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS, - (void (*)(void))rsa_priv_settable_ctx_params }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))rsa_priv_der_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_priv_der }, - { 0, NULL } -}; - -const OSSL_DISPATCH rsa_priv_pem_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_priv_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_priv_freectx }, - { OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS, - (void (*)(void))rsa_priv_set_ctx_params }, - { OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS, - (void (*)(void))rsa_priv_settable_ctx_params }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))rsa_pem_priv_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_pem_priv }, - { 0, NULL } -}; - -const OSSL_DISPATCH rsa_priv_text_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_print_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_print_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_priv_print }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, - (void (*)(void))rsa_priv_print_data }, - { 0, NULL } -}; diff --git a/providers/implementations/serializers/serializer_rsa_pub.c b/providers/implementations/serializers/serializer_rsa_pub.c deleted file mode 100644 index 72c290ee44..0000000000 --- a/providers/implementations/serializers/serializer_rsa_pub.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * RSA low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include <openssl/core_dispatch.h> -#include <openssl/pem.h> -#include <openssl/rsa.h> -#include <openssl/types.h> -#include <openssl/params.h> -#include "prov/bio.h" -#include "prov/implementations.h" -#include "prov/providercommonerr.h" -#include "prov/provider_ctx.h" -#include "serializer_local.h" - -static OSSL_FUNC_serializer_newctx_fn rsa_pub_newctx; -static OSSL_FUNC_serializer_freectx_fn rsa_pub_freectx; -static OSSL_FUNC_serializer_serialize_data_fn rsa_pub_der_data; -static OSSL_FUNC_serializer_serialize_object_fn rsa_pub_der; -static OSSL_FUNC_serializer_serialize_data_fn rsa_pub_pem_data; -static OSSL_FUNC_serializer_serialize_object_fn rsa_pub_pem; - -static OSSL_FUNC_serializer_serialize_data_fn rsa_pub_print_data; -static OSSL_FUNC_serializer_serialize_object_fn rsa_pub_print; - -/* Public key : context */ - -/* - * There's no specific implementation context, so we use the provider context - */ -static void *rsa_pub_newctx(void *provctx) -{ - return provctx; -} - -static void rsa_pub_freectx(void *ctx) -{ -} - -/* Public key : DER */ -static int rsa_pub_der_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *rsa_new = ossl_prov_get_keymgmt_rsa_new(); - OSSL_FUNC_keymgmt_free_fn *rsa_free = ossl_prov_get_keymgmt_rsa_free(); - OSSL_FUNC_keymgmt_import_fn *rsa_import = ossl_prov_get_keymgmt_rsa_import(); - int ok = 0; - - if (rsa_import != NULL) { - RSA *rsa; - - /* ctx == provctx */ - if ((rsa = rsa_new(ctx)) != NULL - && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && rsa_pub_der(ctx, rsa, out, cb, cbarg)) - ok = 1; - rsa_free(rsa); - } - return ok; -} - -static int rsa_pub_der(void *ctx, void *rsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_write_pub_der_from_obj(out, rsa, - ossl_prov_rsa_type_to_evp(rsa), - ossl_prov_prepare_rsa_params, - (i2d_of_void *)i2d_RSAPublicKey); - BIO_free(out); - - return ret; -} - -/* Public key : PEM */ -static int rsa_pub_pem_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *rsa_new = ossl_prov_get_keymgmt_rsa_new(); - OSSL_FUNC_keymgmt_free_fn *rsa_free = ossl_prov_get_keymgmt_rsa_free(); - OSSL_FUNC_keymgmt_import_fn *rsa_import = ossl_prov_get_keymgmt_rsa_import(); - int ok = 0; - - if (rsa_import != NULL) { - RSA *rsa; - - /* ctx == provctx */ - if ((rsa = rsa_new(ctx)) != NULL - && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && rsa_pub_pem(ctx, rsa, out, cb, cbarg)) - ok = 1; - rsa_free(rsa); - } - return ok; -} - -static int rsa_pub_pem(void *ctx, void *rsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_write_pub_pem_from_obj(out, rsa, - ossl_prov_rsa_type_to_evp(rsa), - ossl_prov_prepare_rsa_params, - (i2d_of_void *)i2d_RSAPublicKey); - BIO_free(out); - - return ret; -} - -static int rsa_pub_print_data(void *ctx, const OSSL_PARAM params[], - OSSL_CORE_BIO *out, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - OSSL_FUNC_keymgmt_new_fn *rsa_new = ossl_prov_get_keymgmt_rsa_new(); - OSSL_FUNC_keymgmt_free_fn *rsa_free = ossl_prov_get_keymgmt_rsa_free(); - OSSL_FUNC_keymgmt_import_fn *rsa_import = ossl_prov_get_keymgmt_rsa_import(); - int ok = 0; - - if (rsa_import != NULL) { - RSA *rsa; - - /* ctx == provctx */ - if ((rsa = rsa_new(ctx)) != NULL - && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params) - && rsa_pub_print(ctx, rsa, out, cb, cbarg)) - ok = 1; - rsa_free(rsa); - } - return ok; -} - -static int rsa_pub_print(void *ctx, void *rsa, OSSL_CORE_BIO *cout, - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) -{ - BIO *out = bio_new_from_core_bio(ctx, cout); - int ret; - - if (out == NULL) - return 0; - - ret = ossl_prov_print_rsa(out, rsa, 0); - BIO_free(out); - - return ret; -} - -const OSSL_DISPATCH rsa_pub_der_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))rsa_pub_der_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_pub_der }, - { 0, NULL } -}; - -const OSSL_DISPATCH rsa_pub_pem_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, (void (*)(void))rsa_pub_pem_data }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_pub_pem }, - { 0, NULL } -}; - -const OSSL_DISPATCH rsa_pub_text_serializer_functions[] = { - { OSSL_FUNC_SERIALIZER_NEWCTX, (void (*)(void))rsa_pub_newctx }, - { OSSL_FUNC_SERIALIZER_FREECTX, (void (*)(void))rsa_pub_freectx }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT, (void (*)(void))rsa_pub_print }, - { OSSL_FUNC_SERIALIZER_SERIALIZE_DATA, - (void (*)(void))rsa_pub_print_data }, - { 0, NULL } -}; |