1 /* 2 * Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* 11 * Some ctrls depend on deprecated functionality. We trust that this is 12 * functionality that remains internally even when 'no-deprecated' is 13 * configured. When we drop #legacy EVP_PKEYs, this source should be 14 * possible to drop as well. 15 */ 16 #include "internal/deprecated.h" 17 18 #include <string.h> 19 20 /* The following includes get us all the EVP_PKEY_CTRL macros */ 21 #include <openssl/dh.h> 22 #include <openssl/dsa.h> 23 #include <openssl/ec.h> 24 #include <openssl/rsa.h> 25 #include <openssl/kdf.h> 26 27 /* This include gets us all the OSSL_PARAM key string macros */ 28 #include <openssl/core_names.h> 29 30 #include <openssl/err.h> 31 #include <openssl/evperr.h> 32 #include <openssl/params.h> 33 #include "internal/nelem.h" 34 #include "internal/cryptlib.h" 35 #include "internal/ffc.h" 36 #include "crypto/evp.h" 37 #include "crypto/dh.h" 38 #include "crypto/ec.h" 39 40 struct translation_ctx_st; /* Forwarding */ 41 struct translation_st; /* Forwarding */ 42 43 /* 44 * The fixup_args functions are called with the following parameters: 45 * 46 * |state| The state we're called in, explained further at the 47 * end of this comment. 48 * |translation| The translation item, to be pilfered for data as 49 * necessary. 50 * |ctx| The translation context, which contains copies of 51 * the following arguments, applicable according to 52 * the caller. All of the attributes in this context 53 * may be freely modified by the fixup_args function. 54 * For cleanup, call cleanup_translation_ctx(). 55 * 56 * The |state| tells the fixup_args function something about the caller and 57 * what they may expect: 58 * 59 * PKEY The fixup_args function has been called 60 * from an EVP_PKEY payload getter / setter, 61 * and is fully responsible for getting or 62 * setting the requested data. With this 63 * state, the fixup_args function is expected 64 * to use or modify |*params|, depending on 65 * |action_type|. 66 * 67 * PRE_CTRL_TO_PARAMS The fixup_args function has been called 68 * POST_CTRL_TO_PARAMS from EVP_PKEY_CTX_ctrl(), to help with 69 * translating the ctrl data to an OSSL_PARAM 70 * element or back. The calling sequence is 71 * as follows: 72 * 73 * 1. fixup_args(PRE_CTRL_TO_PARAMS, ...) 74 * 2. EVP_PKEY_CTX_set_params() or 75 * EVP_PKEY_CTX_get_params() 76 * 3. fixup_args(POST_CTRL_TO_PARAMS, ...) 77 * 78 * With the PRE_CTRL_TO_PARAMS state, the 79 * fixup_args function is expected to modify 80 * the passed |*params| in whatever way 81 * necessary, when |action_type == OSSL_ACTION_SET|. 82 * With the POST_CTRL_TO_PARAMS state, the 83 * fixup_args function is expected to modify 84 * the passed |p2| in whatever way necessary, 85 * when |action_type == OSSL_ACTION_GET|. 86 * 87 * The return value from the fixup_args call 88 * with the POST_CTRL_TO_PARAMS state becomes 89 * the return value back to EVP_PKEY_CTX_ctrl(). 90 * 91 * CLEANUP_CTRL_TO_PARAMS The cleanup_args functions has been called 92 * from EVP_PKEY_CTX_ctrl(), to clean up what 93 * the fixup_args function has done, if needed. 94 * 95 * 96 * PRE_CTRL_STR_TO_PARAMS The fixup_args function has been called 97 * POST_CTRL_STR_TO_PARAMS from EVP_PKEY_CTX_ctrl_str(), to help with 98 * translating the ctrl_str data to an 99 * OSSL_PARAM element or back. The calling 100 * sequence is as follows: 101 * 102 * 1. fixup_args(PRE_CTRL_STR_TO_PARAMS, ...) 103 * 2. EVP_PKEY_CTX_set_params() or 104 * EVP_PKEY_CTX_get_params() 105 * 3. fixup_args(POST_CTRL_STR_TO_PARAMS, ...) 106 * 107 * With the PRE_CTRL_STR_TO_PARAMS state, 108 * the fixup_args function is expected to 109 * modify the passed |*params| in whatever 110 * way necessary, when |action_type == OSSL_ACTION_SET|. 111 * With the POST_CTRL_STR_TO_PARAMS state, 112 * the fixup_args function is only expected 113 * to return a value. 114 * 115 * CLEANUP_CTRL_STR_TO_PARAMS The cleanup_args functions has been called 116 * from EVP_PKEY_CTX_ctrl_str(), to clean up 117 * what the fixup_args function has done, if 118 * needed. 119 * 120 * PRE_PARAMS_TO_CTRL The fixup_args function has been called 121 * POST_PARAMS_TO_CTRL from EVP_PKEY_CTX_get_params() or 122 * EVP_PKEY_CTX_set_params(), to help with 123 * translating the OSSL_PARAM data to the 124 * corresponding EVP_PKEY_CTX_ctrl() arguments 125 * or the other way around. The calling 126 * sequence is as follows: 127 * 128 * 1. fixup_args(PRE_PARAMS_TO_CTRL, ...) 129 * 2. EVP_PKEY_CTX_ctrl() 130 * 3. fixup_args(POST_PARAMS_TO_CTRL, ...) 131 * 132 * With the PRE_PARAMS_TO_CTRL state, the 133 * fixup_args function is expected to modify 134 * the passed |p1| and |p2| in whatever way 135 * necessary, when |action_type == OSSL_ACTION_SET|. 136 * With the POST_PARAMS_TO_CTRL state, the 137 * fixup_args function is expected to 138 * modify the passed |*params| in whatever 139 * way necessary, when |action_type == OSSL_ACTION_GET|. 140 * 141 * CLEANUP_PARAMS_TO_CTRL The cleanup_args functions has been called 142 * from EVP_PKEY_CTX_get_params() or 143 * EVP_PKEY_CTX_set_params(), to clean up what 144 * the fixup_args function has done, if needed. 145 */ 146 enum state { 147 PKEY, 148 PRE_CTRL_TO_PARAMS, 149 POST_CTRL_TO_PARAMS, 150 CLEANUP_CTRL_TO_PARAMS, 151 PRE_CTRL_STR_TO_PARAMS, 152 POST_CTRL_STR_TO_PARAMS, 153 CLEANUP_CTRL_STR_TO_PARAMS, 154 PRE_PARAMS_TO_CTRL, 155 POST_PARAMS_TO_CTRL, 156 CLEANUP_PARAMS_TO_CTRL 157 }; 158 enum action { 159 OSSL_ACTION_NONE = 0, 160 OSSL_ACTION_GET = 1, 161 OSSL_ACTION_SET = 2 162 }; 163 typedef int fixup_args_fn(enum state state, 164 const struct translation_st *translation, 165 struct translation_ctx_st *ctx); 166 typedef int cleanup_args_fn(enum state state, 167 const struct translation_st *translation, 168 struct translation_ctx_st *ctx); 169 170 struct translation_ctx_st { 171 /* 172 * The EVP_PKEY_CTX, for calls on that structure, to be pilfered for data 173 * as necessary. 174 */ 175 EVP_PKEY_CTX *pctx; 176 /* 177 * The action type (OSSL_ACTION_GET or OSSL_ACTION_SET). This may be 0 in some cases, and should 178 * be modified by the fixup_args function in the PRE states. It should 179 * otherwise remain untouched once set. 180 */ 181 enum action action_type; 182 /* 183 * For ctrl to params translation, the actual ctrl command number used. 184 * For params to ctrl translation, 0. 185 */ 186 int ctrl_cmd; 187 /* 188 * For ctrl_str to params translation, the actual ctrl command string 189 * used. In this case, the (string) value is always passed as |p2|. 190 * For params to ctrl translation, this is NULL. Along with it is also 191 * and indicator whether it matched |ctrl_str| or |ctrl_hexstr| in the 192 * translation item. 193 */ 194 const char *ctrl_str; 195 int ishex; 196 /* the ctrl-style int argument. */ 197 int p1; 198 /* the ctrl-style void* argument. */ 199 void *p2; 200 /* a size, for passing back the |p2| size where applicable */ 201 size_t sz; 202 /* pointer to the OSSL_PARAM-style params array. */ 203 OSSL_PARAM *params; 204 205 /*- 206 * The following are used entirely internally by the fixup_args functions 207 * and should not be touched by the callers, at all. 208 */ 209 210 /* 211 * Copy of the ctrl-style void* argument, if the fixup_args function 212 * needs to manipulate |p2| but wants to remember original. 213 */ 214 void *orig_p2; 215 /* Diverse types of storage for the needy. */ 216 char name_buf[OSSL_MAX_NAME_SIZE]; 217 void *allocated_buf; 218 void *bufp; 219 size_t buflen; 220 }; 221 222 struct translation_st { 223 /*- 224 * What this table item does. 225 * 226 * If the item has this set to 0, it means that both OSSL_ACTION_GET and OSSL_ACTION_SET are 227 * supported, and |fixup_args| will determine which it is. This is to 228 * support translations of ctrls where the action type depends on the 229 * value of |p1| or |p2| (ctrls are really bi-directional, but are 230 * seldom used that way). 231 * 232 * This can be also used in the lookup template when it looks up by 233 * OSSL_PARAM key, to indicate if a setter or a getter called. 234 */ 235 enum action action_type; 236 237 /*- 238 * Conditions, for params->ctrl translations. 239 * 240 * In table item, |keytype1| and |keytype2| can be set to -1 to indicate 241 * that this item supports all key types (or rather, that |fixup_args| 242 * will check and return an error if it's not supported). 243 * Any of these may be set to 0 to indicate that they are unset. 244 */ 245 int keytype1; /* The EVP_PKEY_XXX type, i.e. NIDs. #legacy */ 246 int keytype2; /* Another EVP_PKEY_XXX type, used for aliases */ 247 int optype; /* The operation type */ 248 249 /* 250 * Lookup and translation attributes 251 * 252 * |ctrl_num|, |ctrl_str|, |ctrl_hexstr| and |param_key| are lookup 253 * attributes. 254 * 255 * |ctrl_num| may be 0 or that |param_key| may be NULL in the table item, 256 * but not at the same time. If they are, they are simply not used for 257 * lookup. 258 * When |ctrl_num| == 0, no ctrl will be called. Likewise, when 259 * |param_key| == NULL, no OSSL_PARAM setter/getter will be called. 260 * In that case the treatment of the translation item relies entirely on 261 * |fixup_args|, which is then assumed to have side effects. 262 * 263 * As a special case, it's possible to set |ctrl_hexstr| and assign NULL 264 * to |ctrl_str|. That will signal to default_fixup_args() that the 265 * value must always be interpreted as hex. 266 */ 267 int ctrl_num; /* EVP_PKEY_CTRL_xxx */ 268 const char *ctrl_str; /* The corresponding ctrl string */ 269 const char *ctrl_hexstr; /* The alternative "hex{str}" ctrl string */ 270 const char *param_key; /* The corresponding OSSL_PARAM key */ 271 /* 272 * The appropriate OSSL_PARAM data type. This may be 0 to indicate that 273 * this OSSL_PARAM may have more than one data type, depending on input 274 * material. In this case, |fixup_args| is expected to check and handle 275 * it. 276 */ 277 unsigned int param_data_type; 278 279 /* 280 * Fixer functions 281 * 282 * |fixup_args| is always called before (for OSSL_ACTION_SET) or after (for OSSL_ACTION_GET) 283 * the actual ctrl / OSSL_PARAM function. 284 */ 285 fixup_args_fn *fixup_args; 286 }; 287 288 /*- 289 * Fixer function implementations 290 * ============================== 291 */ 292 293 /* 294 * default_check isn't a fixer per se, but rather a helper function to 295 * perform certain standard checks. 296 */ 297 static int default_check(enum state state, 298 const struct translation_st *translation, 299 const struct translation_ctx_st *ctx) 300 { 301 switch (state) { 302 default: 303 break; 304 case PRE_CTRL_TO_PARAMS: 305 if (!ossl_assert(translation != NULL)) { 306 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); 307 return -2; 308 } 309 if (!ossl_assert(translation->param_key != 0) 310 || !ossl_assert(translation->param_data_type != 0)) { 311 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 312 return -1; 313 } 314 break; 315 case PRE_CTRL_STR_TO_PARAMS: 316 /* 317 * For ctrl_str to params translation, we allow direct use of 318 * OSSL_PARAM keys as ctrl_str keys. Therefore, it's possible that 319 * we end up with |translation == NULL|, which is fine. The fixup 320 * function will have to deal with it carefully. 321 */ 322 if (translation != NULL) { 323 if (!ossl_assert(translation->action_type != OSSL_ACTION_GET)) { 324 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); 325 return -2; 326 } 327 if (!ossl_assert(translation->param_key != NULL) 328 || !ossl_assert(translation->param_data_type != 0)) { 329 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 330 return 0; 331 } 332 } 333 break; 334 case PRE_PARAMS_TO_CTRL: 335 case POST_PARAMS_TO_CTRL: 336 if (!ossl_assert(translation != NULL)) { 337 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); 338 return -2; 339 } 340 if (!ossl_assert(translation->ctrl_num != 0) 341 || !ossl_assert(translation->param_data_type != 0)) { 342 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 343 return -1; 344 } 345 } 346 347 /* Nothing else to check */ 348 return 1; 349 } 350 351 /*- 352 * default_fixup_args fixes up all sorts of arguments, governed by the 353 * diverse attributes in the translation item. It covers all "standard" 354 * base ctrl functionality, meaning it can handle basic conversion of 355 * data between p1+p2 (OSSL_ACTION_SET) or return value+p2 (OSSL_ACTION_GET) as long as the values 356 * don't have extra semantics (such as NIDs, OIDs, that sort of stuff). 357 * Extra semantics must be handled via specific fixup_args functions. 358 * 359 * The following states and action type combinations have standard handling 360 * done in this function: 361 * 362 * PRE_CTRL_TO_PARAMS, 0 - ERROR. action type must be 363 * determined by a fixup function. 364 * PRE_CTRL_TO_PARAMS, OSSL_ACTION_SET 365 * | OSSL_ACTION_GET - |p1| and |p2| are converted to an 366 * OSSL_PARAM according to the data 367 * type given in |translattion|. 368 * For OSSL_PARAM_UNSIGNED_INTEGER, 369 * a BIGNUM passed as |p2| is accepted. 370 * POST_CTRL_TO_PARAMS, OSSL_ACTION_GET - If the OSSL_PARAM data type is a 371 * STRING or PTR type, |p1| is set 372 * to the OSSL_PARAM return size, and 373 * |p2| is set to the string. 374 * PRE_CTRL_STR_TO_PARAMS, 375 * !OSSL_ACTION_SET - ERROR. That combination is not 376 * supported. 377 * PRE_CTRL_STR_TO_PARAMS, 378 * OSSL_ACTION_SET - |p2| is taken as a string, and is 379 * converted to an OSSL_PARAM in a 380 * standard manner, guided by the 381 * param key and data type from 382 * |translation|. 383 * PRE_PARAMS_TO_CTRL, OSSL_ACTION_SET - the OSSL_PARAM is converted to 384 * |p1| and |p2| according to the 385 * data type given in |translation| 386 * For OSSL_PARAM_UNSIGNED_INTEGER, 387 * if |p2| is non-NULL, then |*p2| 388 * is assigned a BIGNUM, otherwise 389 * |p1| is assigned an unsigned int. 390 * POST_PARAMS_TO_CTRL, OSSL_ACTION_GET - |p1| and |p2| are converted to 391 * an OSSL_PARAM, in the same manner 392 * as for the combination of 393 * PRE_CTRL_TO_PARAMS, OSSL_ACTION_SET. 394 */ 395 static int default_fixup_args(enum state state, 396 const struct translation_st *translation, 397 struct translation_ctx_st *ctx) 398 { 399 int ret; 400 401 if ((ret = default_check(state, translation, ctx)) <= 0) 402 return ret; 403 404 switch (state) { 405 default: 406 /* For states this function should never have been called with */ 407 ERR_raise_data(ERR_LIB_EVP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, 408 "[action:%d, state:%d]", ctx->action_type, state); 409 return 0; 410 411 /* 412 * PRE_CTRL_TO_PARAMS and POST_CTRL_TO_PARAMS handle ctrl to params 413 * translations. PRE_CTRL_TO_PARAMS is responsible for preparing 414 * |*params|, and POST_CTRL_TO_PARAMS is responsible for bringing the 415 * result back to |*p2| and the return value. 416 */ 417 case PRE_CTRL_TO_PARAMS: 418 /* This is ctrl to params translation, so we need an OSSL_PARAM key */ 419 if (ctx->action_type == OSSL_ACTION_NONE) { 420 /* 421 * No action type is an error here. That's a case for a 422 * special fixup function. 423 */ 424 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED, 425 "[action:%d, state:%d]", ctx->action_type, state); 426 return 0; 427 } 428 429 if (translation->optype != 0) { 430 if ((EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx) 431 && ctx->pctx->op.sig.algctx == NULL) 432 || (EVP_PKEY_CTX_IS_DERIVE_OP(ctx->pctx) 433 && ctx->pctx->op.kex.algctx == NULL) 434 || (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx->pctx) 435 && ctx->pctx->op.ciph.algctx == NULL) 436 || (EVP_PKEY_CTX_IS_KEM_OP(ctx->pctx) 437 && ctx->pctx->op.encap.algctx == NULL) 438 /* 439 * The following may be unnecessary, but we have them 440 * for good measure... 441 */ 442 || (EVP_PKEY_CTX_IS_GEN_OP(ctx->pctx) 443 && ctx->pctx->op.keymgmt.genctx == NULL) 444 || (EVP_PKEY_CTX_IS_FROMDATA_OP(ctx->pctx) 445 && ctx->pctx->op.keymgmt.genctx == NULL)) { 446 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); 447 /* Uses the same return values as EVP_PKEY_CTX_ctrl */ 448 return -2; 449 } 450 } 451 452 /* 453 * OSSL_PARAM_construct_TYPE() works equally well for OSSL_ACTION_SET and OSSL_ACTION_GET. 454 */ 455 switch (translation->param_data_type) { 456 case OSSL_PARAM_INTEGER: 457 *ctx->params = OSSL_PARAM_construct_int(translation->param_key, 458 &ctx->p1); 459 break; 460 case OSSL_PARAM_UNSIGNED_INTEGER: 461 /* 462 * BIGNUMs are passed via |p2|. For all ctrl's that just want 463 * to pass a simple integer via |p1|, |p2| is expected to be 464 * NULL. 465 * 466 * Note that this allocates a buffer, which the cleanup function 467 * must deallocate. 468 */ 469 if (ctx->p2 != NULL) { 470 if (ctx->action_type == OSSL_ACTION_SET) { 471 ctx->buflen = BN_num_bytes(ctx->p2); 472 if ((ctx->allocated_buf 473 = OPENSSL_malloc(ctx->buflen)) 474 == NULL) 475 return 0; 476 if (BN_bn2nativepad(ctx->p2, 477 ctx->allocated_buf, ctx->buflen) 478 < 0) { 479 OPENSSL_free(ctx->allocated_buf); 480 ctx->allocated_buf = NULL; 481 return 0; 482 } 483 *ctx->params = OSSL_PARAM_construct_BN(translation->param_key, 484 ctx->allocated_buf, 485 ctx->buflen); 486 } else { 487 /* 488 * No support for getting a BIGNUM by ctrl, this needs 489 * fixup_args function support. 490 */ 491 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED, 492 "[action:%d, state:%d] trying to get a " 493 "BIGNUM via ctrl call", 494 ctx->action_type, state); 495 return 0; 496 } 497 } else { 498 *ctx->params = OSSL_PARAM_construct_uint(translation->param_key, 499 (unsigned int *)&ctx->p1); 500 } 501 break; 502 case OSSL_PARAM_UTF8_STRING: 503 *ctx->params = OSSL_PARAM_construct_utf8_string(translation->param_key, 504 ctx->p2, (size_t)ctx->p1); 505 break; 506 case OSSL_PARAM_UTF8_PTR: 507 *ctx->params = OSSL_PARAM_construct_utf8_ptr(translation->param_key, 508 ctx->p2, (size_t)ctx->p1); 509 break; 510 case OSSL_PARAM_OCTET_STRING: 511 *ctx->params = OSSL_PARAM_construct_octet_string(translation->param_key, 512 ctx->p2, (size_t)ctx->p1); 513 break; 514 case OSSL_PARAM_OCTET_PTR: 515 *ctx->params = OSSL_PARAM_construct_octet_ptr(translation->param_key, 516 ctx->p2, (size_t)ctx->p1); 517 break; 518 } 519 break; 520 case POST_CTRL_TO_PARAMS: 521 /* 522 * Because EVP_PKEY_CTX_ctrl() returns the length of certain objects 523 * as its return value, we need to ensure that we do it here as well, 524 * for the OSSL_PARAM data types where this makes sense. 525 */ 526 if (ctx->action_type == OSSL_ACTION_GET) { 527 switch (translation->param_data_type) { 528 case OSSL_PARAM_UTF8_STRING: 529 case OSSL_PARAM_UTF8_PTR: 530 case OSSL_PARAM_OCTET_STRING: 531 case OSSL_PARAM_OCTET_PTR: 532 ctx->p1 = (int)ctx->params[0].return_size; 533 break; 534 } 535 } 536 break; 537 538 /* 539 * PRE_CTRL_STR_TO_PARAMS and POST_CTRL_STR_TO_PARAMS handle ctrl_str to 540 * params translations. PRE_CTRL_TO_PARAMS is responsible for preparing 541 * |*params|, and POST_CTRL_TO_PARAMS currently has nothing to do, since 542 * there's no support for getting data via ctrl_str calls. 543 */ 544 case PRE_CTRL_STR_TO_PARAMS: { 545 /* This is ctrl_str to params translation */ 546 const char *tmp_ctrl_str = ctx->ctrl_str; 547 const char *orig_ctrl_str = ctx->ctrl_str; 548 const char *orig_value = ctx->p2; 549 const OSSL_PARAM *settable = NULL; 550 int exists = 0; 551 552 /* Only setting is supported here */ 553 if (ctx->action_type != OSSL_ACTION_SET) { 554 ERR_raise_data(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED, 555 "[action:%d, state:%d] only setting allowed", 556 ctx->action_type, state); 557 return 0; 558 } 559 560 /* 561 * If no translation exists, we simply pass the control string 562 * unmodified. 563 */ 564 if (translation != NULL) { 565 tmp_ctrl_str = ctx->ctrl_str = translation->param_key; 566 567 if (ctx->ishex) { 568 strcpy(ctx->name_buf, "hex"); 569 if (OPENSSL_strlcat(ctx->name_buf, tmp_ctrl_str, 570 sizeof(ctx->name_buf)) 571 <= 3) { 572 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 573 return -1; 574 } 575 tmp_ctrl_str = ctx->name_buf; 576 } 577 } 578 579 settable = EVP_PKEY_CTX_settable_params(ctx->pctx); 580 if (!OSSL_PARAM_allocate_from_text(ctx->params, settable, 581 tmp_ctrl_str, 582 ctx->p2, strlen(ctx->p2), 583 &exists)) { 584 if (!exists) { 585 ERR_raise_data(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED, 586 "[action:%d, state:%d] name=%s, value=%s", 587 ctx->action_type, state, 588 orig_ctrl_str, orig_value); 589 return -2; 590 } 591 return 0; 592 } 593 ctx->allocated_buf = ctx->params->data; 594 ctx->buflen = ctx->params->data_size; 595 } break; 596 case POST_CTRL_STR_TO_PARAMS: 597 /* Nothing to be done */ 598 break; 599 600 /* 601 * PRE_PARAMS_TO_CTRL and POST_PARAMS_TO_CTRL handle params to ctrl 602 * translations. PRE_PARAMS_TO_CTRL is responsible for preparing 603 * |p1| and |p2|, and POST_PARAMS_TO_CTRL is responsible for bringing 604 * the EVP_PKEY_CTX_ctrl() return value (passed as |p1|) and |p2| back 605 * to |*params|. 606 * 607 * PKEY is treated just like POST_PARAMS_TO_CTRL, making it easy 608 * for the related fixup_args functions to just set |p1| and |p2| 609 * appropriately and leave it to this section of code to fix up 610 * |ctx->params| accordingly. 611 */ 612 case PKEY: 613 case POST_PARAMS_TO_CTRL: 614 ret = ctx->p1; 615 /* FALLTHRU */ 616 case PRE_PARAMS_TO_CTRL: { 617 /* This is params to ctrl translation */ 618 if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET) { 619 /* For the PRE state, only setting needs some work to be done */ 620 621 /* When setting, we populate |p1| and |p2| from |*params| */ 622 switch (translation->param_data_type) { 623 case OSSL_PARAM_INTEGER: 624 return OSSL_PARAM_get_int(ctx->params, &ctx->p1); 625 case OSSL_PARAM_UNSIGNED_INTEGER: 626 if (ctx->p2 != NULL) { 627 /* BIGNUM passed down with p2 */ 628 if (!OSSL_PARAM_get_BN(ctx->params, ctx->p2)) 629 return 0; 630 } else { 631 /* Normal C unsigned int passed down */ 632 if (!OSSL_PARAM_get_uint(ctx->params, 633 (unsigned int *)&ctx->p1)) 634 return 0; 635 } 636 return 1; 637 case OSSL_PARAM_UTF8_STRING: 638 return OSSL_PARAM_get_utf8_string(ctx->params, 639 ctx->p2, ctx->sz); 640 case OSSL_PARAM_OCTET_STRING: 641 return OSSL_PARAM_get_octet_string(ctx->params, 642 &ctx->p2, ctx->sz, 643 (size_t *)&ctx->p1); 644 case OSSL_PARAM_OCTET_PTR: 645 return OSSL_PARAM_get_octet_ptr(ctx->params, 646 ctx->p2, &ctx->sz); 647 default: 648 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED, 649 "[action:%d, state:%d] " 650 "unknown OSSL_PARAM data type %d", 651 ctx->action_type, state, 652 translation->param_data_type); 653 return 0; 654 } 655 } else if ((state == POST_PARAMS_TO_CTRL || state == PKEY) 656 && ctx->action_type == OSSL_ACTION_GET) { 657 /* For the POST state, only getting needs some work to be done */ 658 unsigned int param_data_type = translation->param_data_type; 659 size_t size = (size_t)ctx->p1; 660 661 if (state == PKEY) 662 size = ctx->sz; 663 if (param_data_type == 0) { 664 /* we must have a fixup_args function to work */ 665 if (!ossl_assert(translation->fixup_args != NULL)) { 666 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 667 return 0; 668 } 669 param_data_type = ctx->params->data_type; 670 } 671 /* When getting, we populate |*params| from |p1| and |p2| */ 672 switch (param_data_type) { 673 case OSSL_PARAM_INTEGER: 674 return OSSL_PARAM_set_int(ctx->params, ctx->p1); 675 case OSSL_PARAM_UNSIGNED_INTEGER: 676 if (ctx->p2 != NULL) { 677 /* BIGNUM passed back */ 678 return OSSL_PARAM_set_BN(ctx->params, ctx->p2); 679 } else { 680 /* Normal C unsigned int passed back */ 681 return OSSL_PARAM_set_uint(ctx->params, 682 (unsigned int)ctx->p1); 683 } 684 return 0; 685 case OSSL_PARAM_UTF8_STRING: 686 return OSSL_PARAM_set_utf8_string(ctx->params, ctx->p2); 687 case OSSL_PARAM_OCTET_STRING: 688 return OSSL_PARAM_set_octet_string(ctx->params, ctx->p2, 689 size); 690 case OSSL_PARAM_OCTET_PTR: 691 return OSSL_PARAM_set_octet_ptr(ctx->params, *(void **)ctx->p2, 692 size); 693 default: 694 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED, 695 "[action:%d, state:%d] " 696 "unsupported OSSL_PARAM data type %d", 697 ctx->action_type, state, 698 translation->param_data_type); 699 return 0; 700 } 701 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) { 702 if (translation->param_data_type == OSSL_PARAM_OCTET_PTR) 703 ctx->p2 = &ctx->bufp; 704 } 705 } 706 /* Any other combination is simply pass-through */ 707 break; 708 } 709 return ret; 710 } 711 712 static int 713 cleanup_translation_ctx(enum state state, 714 const struct translation_st *translation, 715 struct translation_ctx_st *ctx) 716 { 717 if (ctx->allocated_buf != NULL) 718 OPENSSL_free(ctx->allocated_buf); 719 ctx->allocated_buf = NULL; 720 return 1; 721 } 722 723 /* 724 * fix_cipher_md fixes up an EVP_CIPHER / EVP_MD to its name on OSSL_ACTION_SET, 725 * and cipher / md name to EVP_MD on OSSL_ACTION_GET. 726 */ 727 static const char *get_cipher_name(void *cipher) 728 { 729 return EVP_CIPHER_get0_name(cipher); 730 } 731 732 static const char *get_md_name(void *md) 733 { 734 return EVP_MD_get0_name(md); 735 } 736 737 static const void *get_cipher_by_name(OSSL_LIB_CTX *libctx, const char *name) 738 { 739 return evp_get_cipherbyname_ex(libctx, name); 740 } 741 742 static const void *get_md_by_name(OSSL_LIB_CTX *libctx, const char *name) 743 { 744 return evp_get_digestbyname_ex(libctx, name); 745 } 746 747 static int fix_cipher_md(enum state state, 748 const struct translation_st *translation, 749 struct translation_ctx_st *ctx, 750 const char *(*get_name)(void *algo), 751 const void *(*get_algo_by_name)(OSSL_LIB_CTX *libctx, 752 const char *name)) 753 { 754 int ret = 1; 755 756 if ((ret = default_check(state, translation, ctx)) <= 0) 757 return ret; 758 759 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) { 760 /* 761 * |ctx->p2| contains the address to an EVP_CIPHER or EVP_MD pointer 762 * to be filled in. We need to remember it, then make |ctx->p2| 763 * point at a buffer to be filled in with the name, and |ctx->p1| 764 * with its size. default_fixup_args() will take care of the rest 765 * for us. 766 */ 767 ctx->orig_p2 = ctx->p2; 768 ctx->p2 = ctx->name_buf; 769 ctx->p1 = sizeof(ctx->name_buf); 770 } else if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET) { 771 /* 772 * In different parts of OpenSSL, this ctrl command is used 773 * differently. Some calls pass a NID as p1, others pass an 774 * EVP_CIPHER pointer as p2... 775 */ 776 ctx->p2 = (char *)(ctx->p2 == NULL 777 ? OBJ_nid2sn(ctx->p1) 778 : get_name(ctx->p2)); 779 ctx->p1 = strlen(ctx->p2); 780 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) { 781 ctx->p2 = (ctx->p2 == NULL ? "" : (char *)get_name(ctx->p2)); 782 ctx->p1 = strlen(ctx->p2); 783 } 784 785 if ((ret = default_fixup_args(state, translation, ctx)) <= 0) 786 return ret; 787 788 if (state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) { 789 /* 790 * Here's how we reuse |ctx->orig_p2| that was set in the 791 * PRE_CTRL_TO_PARAMS state above. 792 */ 793 *(void **)ctx->orig_p2 = (void *)get_algo_by_name(ctx->pctx->libctx, ctx->p2); 794 ctx->p1 = 1; 795 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET) { 796 ctx->p2 = (void *)get_algo_by_name(ctx->pctx->libctx, ctx->p2); 797 ctx->p1 = 0; 798 } 799 800 return ret; 801 } 802 803 static int fix_cipher(enum state state, 804 const struct translation_st *translation, 805 struct translation_ctx_st *ctx) 806 { 807 return fix_cipher_md(state, translation, ctx, 808 get_cipher_name, get_cipher_by_name); 809 } 810 811 static int fix_md(enum state state, 812 const struct translation_st *translation, 813 struct translation_ctx_st *ctx) 814 { 815 return fix_cipher_md(state, translation, ctx, 816 get_md_name, get_md_by_name); 817 } 818 819 static int fix_distid_len(enum state state, 820 const struct translation_st *translation, 821 struct translation_ctx_st *ctx) 822 { 823 int ret = default_fixup_args(state, translation, ctx); 824 825 if (ret > 0) { 826 ret = 0; 827 if ((state == POST_CTRL_TO_PARAMS 828 || state == POST_CTRL_STR_TO_PARAMS) 829 && ctx->action_type == OSSL_ACTION_GET) { 830 *(size_t *)ctx->p2 = ctx->sz; 831 ret = 1; 832 } 833 } 834 return ret; 835 } 836 837 struct kdf_type_map_st { 838 int kdf_type_num; 839 const char *kdf_type_str; 840 }; 841 842 static int fix_kdf_type(enum state state, 843 const struct translation_st *translation, 844 struct translation_ctx_st *ctx, 845 const struct kdf_type_map_st *kdf_type_map) 846 { 847 /* 848 * The EVP_PKEY_CTRL_DH_KDF_TYPE ctrl command is a bit special, in 849 * that it's used both for setting a value, and for getting it, all 850 * depending on the value if |p1|; if |p1| is -2, the backend is 851 * supposed to place the current kdf type in |p2|, and if not, |p1| 852 * is interpreted as the new kdf type. 853 */ 854 int ret = 0; 855 856 if ((ret = default_check(state, translation, ctx)) <= 0) 857 return ret; 858 859 if (state == PRE_CTRL_TO_PARAMS) { 860 /* 861 * In |translations|, the initial value for |ctx->action_type| must 862 * be OSSL_ACTION_NONE. 863 */ 864 if (!ossl_assert(ctx->action_type == OSSL_ACTION_NONE)) 865 return 0; 866 867 /* The action type depends on the value of *p1 */ 868 if (ctx->p1 == -2) { 869 /* 870 * The OSSL_PARAMS getter needs space to store a copy of the kdf 871 * type string. We use |ctx->name_buf|, which has enough space 872 * allocated. 873 * 874 * (this wouldn't be needed if the OSSL_xxx_PARAM_KDF_TYPE 875 * had the data type OSSL_PARAM_UTF8_PTR) 876 */ 877 ctx->p2 = ctx->name_buf; 878 ctx->p1 = sizeof(ctx->name_buf); 879 ctx->action_type = OSSL_ACTION_GET; 880 } else { 881 ctx->action_type = OSSL_ACTION_SET; 882 } 883 } 884 885 if ((ret = default_check(state, translation, ctx)) <= 0) 886 return ret; 887 888 if ((state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET) 889 || (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET)) { 890 ret = -2; 891 /* Convert KDF type numbers to strings */ 892 for (; kdf_type_map->kdf_type_str != NULL; kdf_type_map++) 893 if (ctx->p1 == kdf_type_map->kdf_type_num) { 894 ctx->p2 = (char *)kdf_type_map->kdf_type_str; 895 ret = 1; 896 break; 897 } 898 if (ret <= 0) 899 goto end; 900 ctx->p1 = strlen(ctx->p2); 901 } 902 903 if ((ret = default_fixup_args(state, translation, ctx)) <= 0) 904 return ret; 905 906 if ((state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) 907 || (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET)) { 908 ctx->p1 = ret = -1; 909 910 /* Convert KDF type strings to numbers */ 911 for (; kdf_type_map->kdf_type_str != NULL; kdf_type_map++) 912 if (OPENSSL_strcasecmp(ctx->p2, kdf_type_map->kdf_type_str) == 0) { 913 ctx->p1 = kdf_type_map->kdf_type_num; 914 ret = 1; 915 break; 916 } 917 ctx->p2 = NULL; 918 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) { 919 ctx->p1 = -2; 920 } 921 end: 922 return ret; 923 } 924 925 /* EVP_PKEY_CTRL_DH_KDF_TYPE */ 926 static int fix_dh_kdf_type(enum state state, 927 const struct translation_st *translation, 928 struct translation_ctx_st *ctx) 929 { 930 static const struct kdf_type_map_st kdf_type_map[] = { 931 { EVP_PKEY_DH_KDF_NONE, "" }, 932 { EVP_PKEY_DH_KDF_X9_42, OSSL_KDF_NAME_X942KDF_ASN1 }, 933 { 0, NULL } 934 }; 935 936 return fix_kdf_type(state, translation, ctx, kdf_type_map); 937 } 938 939 /* EVP_PKEY_CTRL_EC_KDF_TYPE */ 940 static int fix_ec_kdf_type(enum state state, 941 const struct translation_st *translation, 942 struct translation_ctx_st *ctx) 943 { 944 static const struct kdf_type_map_st kdf_type_map[] = { 945 { EVP_PKEY_ECDH_KDF_NONE, "" }, 946 { EVP_PKEY_ECDH_KDF_X9_63, OSSL_KDF_NAME_X963KDF }, 947 { 0, NULL } 948 }; 949 950 return fix_kdf_type(state, translation, ctx, kdf_type_map); 951 } 952 953 /* EVP_PKEY_CTRL_DH_KDF_OID, EVP_PKEY_CTRL_GET_DH_KDF_OID, ...??? */ 954 static int fix_oid(enum state state, 955 const struct translation_st *translation, 956 struct translation_ctx_st *ctx) 957 { 958 int ret; 959 960 if ((ret = default_check(state, translation, ctx)) <= 0) 961 return ret; 962 963 if ((state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET) 964 || (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET)) { 965 /* 966 * We're translating from ctrl to params and setting the OID, or 967 * we're translating from params to ctrl and getting the OID. 968 * Either way, |ctx->p2| points at an ASN1_OBJECT, and needs to have 969 * that replaced with the corresponding name. 970 * default_fixup_args() will then be able to convert that to the 971 * corresponding OSSL_PARAM. 972 */ 973 OBJ_obj2txt(ctx->name_buf, sizeof(ctx->name_buf), ctx->p2, 0); 974 ctx->p2 = (char *)ctx->name_buf; 975 ctx->p1 = 0; /* let default_fixup_args() figure out the length */ 976 } 977 978 if ((ret = default_fixup_args(state, translation, ctx)) <= 0) 979 return ret; 980 981 if ((state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET) 982 || (state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET)) { 983 /* 984 * We're translating from ctrl to params and setting the OID name, 985 * or we're translating from params to ctrl and getting the OID 986 * name. Either way, default_fixup_args() has placed the OID name 987 * in |ctx->p2|, all we need to do now is to replace that with the 988 * corresponding ASN1_OBJECT. 989 */ 990 ctx->p2 = (ASN1_OBJECT *)OBJ_txt2obj(ctx->p2, 0); 991 } 992 993 return ret; 994 } 995 996 /* EVP_PKEY_CTRL_DH_NID */ 997 static int fix_dh_nid(enum state state, 998 const struct translation_st *translation, 999 struct translation_ctx_st *ctx) 1000 { 1001 int ret; 1002 1003 if ((ret = default_check(state, translation, ctx)) <= 0) 1004 return ret; 1005 1006 /* This is only settable */ 1007 if (ctx->action_type != OSSL_ACTION_SET) 1008 return 0; 1009 1010 if (state == PRE_CTRL_TO_PARAMS) { 1011 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name(ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) { 1012 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE); 1013 return 0; 1014 } 1015 ctx->p1 = 0; 1016 } 1017 1018 return default_fixup_args(state, translation, ctx); 1019 } 1020 1021 /* EVP_PKEY_CTRL_DH_RFC5114 */ 1022 static int fix_dh_nid5114(enum state state, 1023 const struct translation_st *translation, 1024 struct translation_ctx_st *ctx) 1025 { 1026 int ret; 1027 1028 if ((ret = default_check(state, translation, ctx)) <= 0) 1029 return ret; 1030 1031 /* This is only settable */ 1032 if (ctx->action_type != OSSL_ACTION_SET) 1033 return 0; 1034 1035 switch (state) { 1036 case PRE_CTRL_TO_PARAMS: 1037 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name(ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) { 1038 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE); 1039 return 0; 1040 } 1041 1042 ctx->p1 = 0; 1043 break; 1044 1045 case PRE_CTRL_STR_TO_PARAMS: 1046 if (ctx->p2 == NULL) 1047 return 0; 1048 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name(ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2)))) == NULL) { 1049 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE); 1050 return 0; 1051 } 1052 1053 ctx->p1 = 0; 1054 break; 1055 1056 default: 1057 break; 1058 } 1059 1060 return default_fixup_args(state, translation, ctx); 1061 } 1062 1063 /* EVP_PKEY_CTRL_DH_PARAMGEN_TYPE */ 1064 static int fix_dh_paramgen_type(enum state state, 1065 const struct translation_st *translation, 1066 struct translation_ctx_st *ctx) 1067 { 1068 int ret; 1069 1070 if ((ret = default_check(state, translation, ctx)) <= 0) 1071 return ret; 1072 1073 /* This is only settable */ 1074 if (ctx->action_type != OSSL_ACTION_SET) 1075 return 0; 1076 1077 if (state == PRE_CTRL_STR_TO_PARAMS) { 1078 if ((ctx->p2 = (char *)ossl_dh_gen_type_id2name(atoi(ctx->p2))) 1079 == NULL) { 1080 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE); 1081 return 0; 1082 } 1083 ctx->p1 = strlen(ctx->p2); 1084 } 1085 1086 return default_fixup_args(state, translation, ctx); 1087 } 1088 1089 /* EVP_PKEY_CTRL_EC_PARAM_ENC */ 1090 static int fix_ec_param_enc(enum state state, 1091 const struct translation_st *translation, 1092 struct translation_ctx_st *ctx) 1093 { 1094 int ret; 1095 1096 if ((ret = default_check(state, translation, ctx)) <= 0) 1097 return ret; 1098 1099 /* This is currently only settable */ 1100 if (ctx->action_type != OSSL_ACTION_SET) 1101 return 0; 1102 1103 if (state == PRE_CTRL_TO_PARAMS) { 1104 switch (ctx->p1) { 1105 case OPENSSL_EC_EXPLICIT_CURVE: 1106 ctx->p2 = OSSL_PKEY_EC_ENCODING_EXPLICIT; 1107 break; 1108 case OPENSSL_EC_NAMED_CURVE: 1109 ctx->p2 = OSSL_PKEY_EC_ENCODING_GROUP; 1110 break; 1111 default: 1112 ret = -2; 1113 goto end; 1114 } 1115 ctx->p1 = 0; 1116 } 1117 1118 if ((ret = default_fixup_args(state, translation, ctx)) <= 0) 1119 return ret; 1120 1121 if (state == PRE_PARAMS_TO_CTRL) { 1122 if (strcmp(ctx->p2, OSSL_PKEY_EC_ENCODING_EXPLICIT) == 0) 1123 ctx->p1 = OPENSSL_EC_EXPLICIT_CURVE; 1124 else if (strcmp(ctx->p2, OSSL_PKEY_EC_ENCODING_GROUP) == 0) 1125 ctx->p1 = OPENSSL_EC_NAMED_CURVE; 1126 else 1127 ctx->p1 = ret = -2; 1128 ctx->p2 = NULL; 1129 } 1130 1131 end: 1132 if (ret == -2) 1133 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); 1134 return ret; 1135 } 1136 1137 /* EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID */ 1138 static int fix_ec_paramgen_curve_nid(enum state state, 1139 const struct translation_st *translation, 1140 struct translation_ctx_st *ctx) 1141 { 1142 char *p2 = NULL; 1143 int ret; 1144 1145 if ((ret = default_check(state, translation, ctx)) <= 0) 1146 return ret; 1147 1148 /* This is currently only settable */ 1149 if (ctx->action_type != OSSL_ACTION_SET) 1150 return 0; 1151 1152 if (state == PRE_CTRL_TO_PARAMS) { 1153 ctx->p2 = (char *)OBJ_nid2sn(ctx->p1); 1154 ctx->p1 = 0; 1155 } else if (state == PRE_PARAMS_TO_CTRL) { 1156 /* 1157 * We're translating from params to ctrl and setting the curve name. 1158 * The ctrl function needs it to be a NID, but meanwhile, we need 1159 * space to get the curve name from the param. |ctx->name_buf| is 1160 * sufficient for that. 1161 * The double indirection is necessary for default_fixup_args()'s 1162 * call of OSSL_PARAM_get_utf8_string() to be done correctly. 1163 */ 1164 p2 = ctx->name_buf; 1165 ctx->p2 = &p2; 1166 ctx->sz = sizeof(ctx->name_buf); 1167 } 1168 1169 if ((ret = default_fixup_args(state, translation, ctx)) <= 0) 1170 return ret; 1171 1172 if (state == PRE_PARAMS_TO_CTRL) { 1173 ctx->p1 = OBJ_sn2nid(p2); 1174 ctx->p2 = NULL; 1175 } 1176 1177 return ret; 1178 } 1179 1180 /* EVP_PKEY_CTRL_EC_ECDH_COFACTOR */ 1181 static int fix_ecdh_cofactor(enum state state, 1182 const struct translation_st *translation, 1183 struct translation_ctx_st *ctx) 1184 { 1185 /* 1186 * The EVP_PKEY_CTRL_EC_ECDH_COFACTOR ctrl command is a bit special, in 1187 * that it's used both for setting a value, and for getting it, all 1188 * depending on the value if |ctx->p1|; if |ctx->p1| is -2, the backend is 1189 * supposed to place the current cofactor mode in |ctx->p2|, and if not, 1190 * |ctx->p1| is interpreted as the new cofactor mode. 1191 */ 1192 int ret = 0; 1193 1194 if (state == PRE_CTRL_TO_PARAMS) { 1195 /* 1196 * The initial value for |ctx->action_type| must be zero. 1197 * evp_pkey_ctrl_to_params() takes it from the translation item. 1198 */ 1199 if (!ossl_assert(ctx->action_type == OSSL_ACTION_NONE)) 1200 return 0; 1201 1202 /* The action type depends on the value of ctx->p1 */ 1203 if (ctx->p1 == -2) 1204 ctx->action_type = OSSL_ACTION_GET; 1205 else 1206 ctx->action_type = OSSL_ACTION_SET; 1207 } else if (state == PRE_CTRL_STR_TO_PARAMS) { 1208 ctx->action_type = OSSL_ACTION_SET; 1209 } else if (state == PRE_PARAMS_TO_CTRL) { 1210 /* The initial value for |ctx->action_type| must not be zero. */ 1211 if (!ossl_assert(ctx->action_type != OSSL_ACTION_NONE)) 1212 return 0; 1213 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_NONE) { 1214 ctx->action_type = OSSL_ACTION_GET; 1215 } 1216 1217 if ((ret = default_check(state, translation, ctx)) <= 0) 1218 return ret; 1219 1220 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET) { 1221 if (ctx->p1 < -1 || ctx->p1 > 1) { 1222 /* Uses the same return value of pkey_ec_ctrl() */ 1223 return -2; 1224 } 1225 } 1226 1227 if ((ret = default_fixup_args(state, translation, ctx)) <= 0) 1228 return ret; 1229 1230 if (state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) { 1231 if (ctx->p1 < 0 || ctx->p1 > 1) { 1232 /* 1233 * The provider should return either 0 or 1, any other value is a 1234 * provider error. 1235 */ 1236 ctx->p1 = ret = -1; 1237 } 1238 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) { 1239 ctx->p1 = -2; 1240 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) { 1241 ctx->p1 = ret; 1242 } 1243 1244 return ret; 1245 } 1246 1247 /* EVP_PKEY_CTRL_RSA_PADDING, EVP_PKEY_CTRL_GET_RSA_PADDING */ 1248 static int fix_rsa_padding_mode(enum state state, 1249 const struct translation_st *translation, 1250 struct translation_ctx_st *ctx) 1251 { 1252 static const OSSL_ITEM str_value_map[] = { 1253 { RSA_PKCS1_PADDING, "pkcs1" }, 1254 { RSA_NO_PADDING, "none" }, 1255 { RSA_PKCS1_OAEP_PADDING, "oaep" }, 1256 { RSA_PKCS1_OAEP_PADDING, "oeap" }, 1257 { RSA_X931_PADDING, "x931" }, 1258 { RSA_PKCS1_PSS_PADDING, "pss" }, 1259 /* Special case, will pass directly as an integer */ 1260 { RSA_PKCS1_WITH_TLS_PADDING, NULL } 1261 }; 1262 int ret; 1263 1264 if ((ret = default_check(state, translation, ctx)) <= 0) 1265 return ret; 1266 1267 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) { 1268 /* 1269 * EVP_PKEY_CTRL_GET_RSA_PADDING returns the padding mode in the 1270 * weirdest way for a ctrl. Instead of doing like all other ctrls 1271 * that return a simple, i.e. just have that as a return value, 1272 * this particular ctrl treats p2 as the address for the int to be 1273 * returned. We must therefore remember |ctx->p2|, then make 1274 * |ctx->p2| point at a buffer to be filled in with the name, and 1275 * |ctx->p1| with its size. default_fixup_args() will take care 1276 * of the rest for us, along with the POST_CTRL_TO_PARAMS && OSSL_ACTION_GET 1277 * code section further down. 1278 */ 1279 ctx->orig_p2 = ctx->p2; 1280 ctx->p2 = ctx->name_buf; 1281 ctx->p1 = sizeof(ctx->name_buf); 1282 } else if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET) { 1283 /* 1284 * Ideally, we should use utf8 strings for the diverse padding modes. 1285 * We only came here because someone called EVP_PKEY_CTX_ctrl(), 1286 * though, and since that can reasonably be seen as legacy code 1287 * that uses the diverse RSA macros for the padding mode, and we 1288 * know that at least our providers can handle the numeric modes, 1289 * we take the cheap route for now. 1290 * 1291 * The other solution would be to match |ctx->p1| against entries 1292 * in str_value_map and pass the corresponding string. However, 1293 * since we don't have a string for RSA_PKCS1_WITH_TLS_PADDING, 1294 * we have to do this same hack at least for that one. 1295 * 1296 * Since the "official" data type for the RSA padding mode is utf8 1297 * string, we cannot count on default_fixup_args(). Instead, we 1298 * build the OSSL_PARAM item ourselves and return immediately. 1299 */ 1300 ctx->params[0] = OSSL_PARAM_construct_int(translation->param_key, 1301 &ctx->p1); 1302 return 1; 1303 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) { 1304 size_t i; 1305 1306 /* 1307 * The EVP_PKEY_CTX_get_params() caller may have asked for a utf8 1308 * string, or may have asked for an integer of some sort. If they 1309 * ask for an integer, we respond directly. If not, we translate 1310 * the response from the ctrl function into a string. 1311 */ 1312 switch (ctx->params->data_type) { 1313 case OSSL_PARAM_INTEGER: 1314 return OSSL_PARAM_get_int(ctx->params, &ctx->p1); 1315 case OSSL_PARAM_UNSIGNED_INTEGER: 1316 return OSSL_PARAM_get_uint(ctx->params, (unsigned int *)&ctx->p1); 1317 default: 1318 break; 1319 } 1320 1321 for (i = 0; i < OSSL_NELEM(str_value_map); i++) { 1322 if (ctx->p1 == (int)str_value_map[i].id) 1323 break; 1324 } 1325 if (i == OSSL_NELEM(str_value_map)) { 1326 ERR_raise_data(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE, 1327 "[action:%d, state:%d] padding number %d", 1328 ctx->action_type, state, ctx->p1); 1329 return -2; 1330 } 1331 /* 1332 * If we don't have a string, we can't do anything. The caller 1333 * should have asked for a number... 1334 */ 1335 if (str_value_map[i].ptr == NULL) { 1336 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); 1337 return -2; 1338 } 1339 ctx->p2 = str_value_map[i].ptr; 1340 ctx->p1 = strlen(ctx->p2); 1341 } 1342 1343 if ((ret = default_fixup_args(state, translation, ctx)) <= 0) 1344 return ret; 1345 1346 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_PARAMS_TO_CTRL) 1347 || (ctx->action_type == OSSL_ACTION_GET && state == POST_CTRL_TO_PARAMS)) { 1348 size_t i; 1349 1350 for (i = 0; i < OSSL_NELEM(str_value_map); i++) { 1351 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0) 1352 break; 1353 } 1354 1355 if (i == OSSL_NELEM(str_value_map)) { 1356 ERR_raise_data(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE, 1357 "[action:%d, state:%d] padding name %s", 1358 ctx->action_type, state, (const char *)ctx->p2); 1359 ctx->p1 = ret = -2; 1360 } else if (state == POST_CTRL_TO_PARAMS) { 1361 /* EVP_PKEY_CTRL_GET_RSA_PADDING weirdness explained further up */ 1362 *(int *)ctx->orig_p2 = str_value_map[i].id; 1363 } else { 1364 ctx->p1 = str_value_map[i].id; 1365 } 1366 ctx->p2 = NULL; 1367 } 1368 1369 return ret; 1370 } 1371 1372 /* EVP_PKEY_CTRL_RSA_PSS_SALTLEN, EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN */ 1373 static int fix_rsa_pss_saltlen(enum state state, 1374 const struct translation_st *translation, 1375 struct translation_ctx_st *ctx) 1376 { 1377 static const OSSL_ITEM str_value_map[] = { 1378 { (unsigned int)RSA_PSS_SALTLEN_DIGEST, "digest" }, 1379 { (unsigned int)RSA_PSS_SALTLEN_MAX, "max" }, 1380 { (unsigned int)RSA_PSS_SALTLEN_AUTO, "auto" } 1381 }; 1382 int ret; 1383 1384 if ((ret = default_check(state, translation, ctx)) <= 0) 1385 return ret; 1386 1387 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) { 1388 /* 1389 * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN returns the saltlen by filling 1390 * in the int pointed at by p2. This is potentially as weird as 1391 * the way EVP_PKEY_CTRL_GET_RSA_PADDING works, except that saltlen 1392 * might be a negative value, so it wouldn't work as a legitimate 1393 * return value. 1394 * In any case, we must therefore remember |ctx->p2|, then make 1395 * |ctx->p2| point at a buffer to be filled in with the name, and 1396 * |ctx->p1| with its size. default_fixup_args() will take care 1397 * of the rest for us, along with the POST_CTRL_TO_PARAMS && OSSL_ACTION_GET 1398 * code section further down. 1399 */ 1400 ctx->orig_p2 = ctx->p2; 1401 ctx->p2 = ctx->name_buf; 1402 ctx->p1 = sizeof(ctx->name_buf); 1403 } else if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_CTRL_TO_PARAMS) 1404 || (ctx->action_type == OSSL_ACTION_GET && state == POST_PARAMS_TO_CTRL)) { 1405 size_t i; 1406 1407 for (i = 0; i < OSSL_NELEM(str_value_map); i++) { 1408 if (ctx->p1 == (int)str_value_map[i].id) 1409 break; 1410 } 1411 if (i == OSSL_NELEM(str_value_map)) { 1412 BIO_snprintf(ctx->name_buf, sizeof(ctx->name_buf), "%d", ctx->p1); 1413 } else { 1414 /* This won't truncate but it will quiet static analysers */ 1415 strncpy(ctx->name_buf, str_value_map[i].ptr, sizeof(ctx->name_buf) - 1); 1416 ctx->name_buf[sizeof(ctx->name_buf) - 1] = '\0'; 1417 } 1418 ctx->p2 = ctx->name_buf; 1419 ctx->p1 = strlen(ctx->p2); 1420 } 1421 1422 if ((ret = default_fixup_args(state, translation, ctx)) <= 0) 1423 return ret; 1424 1425 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_PARAMS_TO_CTRL) 1426 || (ctx->action_type == OSSL_ACTION_GET && state == POST_CTRL_TO_PARAMS)) { 1427 size_t i; 1428 int val; 1429 1430 for (i = 0; i < OSSL_NELEM(str_value_map); i++) { 1431 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0) 1432 break; 1433 } 1434 1435 val = i == OSSL_NELEM(str_value_map) ? atoi(ctx->p2) 1436 : (int)str_value_map[i].id; 1437 if (state == POST_CTRL_TO_PARAMS) { 1438 /* 1439 * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN weirdness explained further 1440 * up 1441 */ 1442 *(int *)ctx->orig_p2 = val; 1443 } else { 1444 ctx->p1 = val; 1445 } 1446 ctx->p2 = NULL; 1447 } 1448 1449 return ret; 1450 } 1451 1452 /* EVP_PKEY_CTRL_HKDF_MODE */ 1453 static int fix_hkdf_mode(enum state state, 1454 const struct translation_st *translation, 1455 struct translation_ctx_st *ctx) 1456 { 1457 static const OSSL_ITEM str_value_map[] = { 1458 { EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND, "EXTRACT_AND_EXPAND" }, 1459 { EVP_KDF_HKDF_MODE_EXTRACT_ONLY, "EXTRACT_ONLY" }, 1460 { EVP_KDF_HKDF_MODE_EXPAND_ONLY, "EXPAND_ONLY" } 1461 }; 1462 int ret; 1463 1464 if ((ret = default_check(state, translation, ctx)) <= 0) 1465 return ret; 1466 1467 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_CTRL_TO_PARAMS) 1468 || (ctx->action_type == OSSL_ACTION_GET && state == POST_PARAMS_TO_CTRL)) { 1469 size_t i; 1470 1471 for (i = 0; i < OSSL_NELEM(str_value_map); i++) { 1472 if (ctx->p1 == (int)str_value_map[i].id) 1473 break; 1474 } 1475 if (i == OSSL_NELEM(str_value_map)) 1476 return 0; 1477 ctx->p2 = str_value_map[i].ptr; 1478 ctx->p1 = strlen(ctx->p2); 1479 } 1480 1481 if ((ret = default_fixup_args(state, translation, ctx)) <= 0) 1482 return ret; 1483 1484 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_PARAMS_TO_CTRL) 1485 || (ctx->action_type == OSSL_ACTION_GET && state == POST_CTRL_TO_PARAMS)) { 1486 size_t i; 1487 1488 for (i = 0; i < OSSL_NELEM(str_value_map); i++) { 1489 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0) 1490 break; 1491 } 1492 if (i == OSSL_NELEM(str_value_map)) 1493 return 0; 1494 if (state == POST_CTRL_TO_PARAMS) 1495 ret = str_value_map[i].id; 1496 else 1497 ctx->p1 = str_value_map[i].id; 1498 ctx->p2 = NULL; 1499 } 1500 1501 return 1; 1502 } 1503 1504 /*- 1505 * Payload getters 1506 * =============== 1507 * 1508 * These all get the data they want, then call default_fixup_args() as 1509 * a post-ctrl OSSL_ACTION_GET fixup. They all get NULL ctx, ctrl_cmd, ctrl_str, 1510 * p1, sz 1511 */ 1512 1513 /* Pilfering DH, DSA and EC_KEY */ 1514 static int get_payload_group_name(enum state state, 1515 const struct translation_st *translation, 1516 struct translation_ctx_st *ctx) 1517 { 1518 EVP_PKEY *pkey = ctx->p2; 1519 1520 ctx->p2 = NULL; 1521 switch (EVP_PKEY_get_base_id(pkey)) { 1522 #ifndef OPENSSL_NO_DH 1523 case EVP_PKEY_DH: { 1524 const DH *dh = EVP_PKEY_get0_DH(pkey); 1525 int uid = DH_get_nid(dh); 1526 1527 if (uid != NID_undef) { 1528 const DH_NAMED_GROUP *dh_group = ossl_ffc_uid_to_dh_named_group(uid); 1529 1530 ctx->p2 = (char *)ossl_ffc_named_group_get_name(dh_group); 1531 } 1532 } break; 1533 #endif 1534 #ifndef OPENSSL_NO_EC 1535 case EVP_PKEY_EC: { 1536 const EC_GROUP *grp = EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey)); 1537 int nid = NID_undef; 1538 1539 if (grp != NULL) 1540 nid = EC_GROUP_get_curve_name(grp); 1541 if (nid != NID_undef) 1542 ctx->p2 = (char *)OSSL_EC_curve_nid2name(nid); 1543 } break; 1544 #endif 1545 default: 1546 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE); 1547 return 0; 1548 } 1549 1550 /* 1551 * Quietly ignoring unknown groups matches the behaviour on the provider 1552 * side. 1553 */ 1554 if (ctx->p2 == NULL) 1555 return 1; 1556 1557 ctx->p1 = strlen(ctx->p2); 1558 return default_fixup_args(state, translation, ctx); 1559 } 1560 1561 static int get_payload_private_key(enum state state, 1562 const struct translation_st *translation, 1563 struct translation_ctx_st *ctx) 1564 { 1565 EVP_PKEY *pkey = ctx->p2; 1566 1567 ctx->p2 = NULL; 1568 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER) 1569 return 0; 1570 1571 switch (EVP_PKEY_get_base_id(pkey)) { 1572 #ifndef OPENSSL_NO_DH 1573 case EVP_PKEY_DH: { 1574 const DH *dh = EVP_PKEY_get0_DH(pkey); 1575 1576 ctx->p2 = (BIGNUM *)DH_get0_priv_key(dh); 1577 } break; 1578 #endif 1579 #ifndef OPENSSL_NO_EC 1580 case EVP_PKEY_EC: { 1581 const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); 1582 1583 ctx->p2 = (BIGNUM *)EC_KEY_get0_private_key(ec); 1584 } break; 1585 #endif 1586 default: 1587 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE); 1588 return 0; 1589 } 1590 1591 return default_fixup_args(state, translation, ctx); 1592 } 1593 1594 static int get_payload_public_key(enum state state, 1595 const struct translation_st *translation, 1596 struct translation_ctx_st *ctx) 1597 { 1598 EVP_PKEY *pkey = ctx->p2; 1599 unsigned char *buf = NULL; 1600 int ret; 1601 1602 ctx->p2 = NULL; 1603 switch (EVP_PKEY_get_base_id(pkey)) { 1604 #ifndef OPENSSL_NO_DH 1605 case EVP_PKEY_DHX: 1606 case EVP_PKEY_DH: 1607 switch (ctx->params->data_type) { 1608 case OSSL_PARAM_OCTET_STRING: 1609 ctx->sz = ossl_dh_key2buf(EVP_PKEY_get0_DH(pkey), &buf, 0, 1); 1610 ctx->p2 = buf; 1611 break; 1612 case OSSL_PARAM_UNSIGNED_INTEGER: 1613 ctx->p2 = (void *)DH_get0_pub_key(EVP_PKEY_get0_DH(pkey)); 1614 break; 1615 default: 1616 return 0; 1617 } 1618 break; 1619 #endif 1620 #ifndef OPENSSL_NO_DSA 1621 case EVP_PKEY_DSA: 1622 if (ctx->params->data_type == OSSL_PARAM_UNSIGNED_INTEGER) { 1623 ctx->p2 = (void *)DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey)); 1624 break; 1625 } 1626 return 0; 1627 #endif 1628 #ifndef OPENSSL_NO_EC 1629 case EVP_PKEY_EC: 1630 if (ctx->params->data_type == OSSL_PARAM_OCTET_STRING) { 1631 const EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(pkey); 1632 BN_CTX *bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eckey)); 1633 const EC_GROUP *ecg = EC_KEY_get0_group(eckey); 1634 const EC_POINT *point = EC_KEY_get0_public_key(eckey); 1635 1636 if (bnctx == NULL) 1637 return 0; 1638 ctx->sz = EC_POINT_point2buf(ecg, point, 1639 POINT_CONVERSION_COMPRESSED, 1640 &buf, bnctx); 1641 ctx->p2 = buf; 1642 BN_CTX_free(bnctx); 1643 break; 1644 } 1645 return 0; 1646 #endif 1647 default: 1648 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE); 1649 return 0; 1650 } 1651 1652 ret = default_fixup_args(state, translation, ctx); 1653 OPENSSL_free(buf); 1654 return ret; 1655 } 1656 1657 static int get_payload_public_key_ec(enum state state, 1658 const struct translation_st *translation, 1659 struct translation_ctx_st *ctx) 1660 { 1661 #ifndef OPENSSL_NO_EC 1662 EVP_PKEY *pkey = ctx->p2; 1663 const EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(pkey); 1664 BN_CTX *bnctx; 1665 const EC_POINT *point; 1666 const EC_GROUP *ecg; 1667 BIGNUM *x = NULL; 1668 BIGNUM *y = NULL; 1669 int ret = 0; 1670 1671 ctx->p2 = NULL; 1672 1673 if (eckey == NULL) { 1674 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE); 1675 return 0; 1676 } 1677 1678 bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eckey)); 1679 if (bnctx == NULL) 1680 return 0; 1681 1682 point = EC_KEY_get0_public_key(eckey); 1683 ecg = EC_KEY_get0_group(eckey); 1684 1685 /* Caller should have requested a BN, fail if not */ 1686 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER) 1687 goto out; 1688 1689 x = BN_CTX_get(bnctx); 1690 y = BN_CTX_get(bnctx); 1691 if (y == NULL) 1692 goto out; 1693 1694 if (!EC_POINT_get_affine_coordinates(ecg, point, x, y, bnctx)) 1695 goto out; 1696 1697 if (strncmp(ctx->params->key, OSSL_PKEY_PARAM_EC_PUB_X, 2) == 0) 1698 ctx->p2 = x; 1699 else if (strncmp(ctx->params->key, OSSL_PKEY_PARAM_EC_PUB_Y, 2) == 0) 1700 ctx->p2 = y; 1701 else 1702 goto out; 1703 1704 /* Return the payload */ 1705 ret = default_fixup_args(state, translation, ctx); 1706 out: 1707 BN_CTX_free(bnctx); 1708 return ret; 1709 #else 1710 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE); 1711 return 0; 1712 #endif 1713 } 1714 1715 static int get_payload_bn(enum state state, 1716 const struct translation_st *translation, 1717 struct translation_ctx_st *ctx, const BIGNUM *bn) 1718 { 1719 if (bn == NULL) 1720 return 0; 1721 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER) 1722 return 0; 1723 ctx->p2 = (BIGNUM *)bn; 1724 1725 return default_fixup_args(state, translation, ctx); 1726 } 1727 1728 static int get_dh_dsa_payload_p(enum state state, 1729 const struct translation_st *translation, 1730 struct translation_ctx_st *ctx) 1731 { 1732 const BIGNUM *bn = NULL; 1733 EVP_PKEY *pkey = ctx->p2; 1734 1735 switch (EVP_PKEY_get_base_id(pkey)) { 1736 #ifndef OPENSSL_NO_DH 1737 case EVP_PKEY_DH: 1738 bn = DH_get0_p(EVP_PKEY_get0_DH(pkey)); 1739 break; 1740 #endif 1741 #ifndef OPENSSL_NO_DSA 1742 case EVP_PKEY_DSA: 1743 bn = DSA_get0_p(EVP_PKEY_get0_DSA(pkey)); 1744 break; 1745 #endif 1746 default: 1747 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE); 1748 } 1749 1750 return get_payload_bn(state, translation, ctx, bn); 1751 } 1752 1753 static int get_dh_dsa_payload_q(enum state state, 1754 const struct translation_st *translation, 1755 struct translation_ctx_st *ctx) 1756 { 1757 const BIGNUM *bn = NULL; 1758 1759 switch (EVP_PKEY_get_base_id(ctx->p2)) { 1760 #ifndef OPENSSL_NO_DH 1761 case EVP_PKEY_DH: 1762 bn = DH_get0_q(EVP_PKEY_get0_DH(ctx->p2)); 1763 break; 1764 #endif 1765 #ifndef OPENSSL_NO_DSA 1766 case EVP_PKEY_DSA: 1767 bn = DSA_get0_q(EVP_PKEY_get0_DSA(ctx->p2)); 1768 break; 1769 #endif 1770 } 1771 1772 return get_payload_bn(state, translation, ctx, bn); 1773 } 1774 1775 static int get_dh_dsa_payload_g(enum state state, 1776 const struct translation_st *translation, 1777 struct translation_ctx_st *ctx) 1778 { 1779 const BIGNUM *bn = NULL; 1780 1781 switch (EVP_PKEY_get_base_id(ctx->p2)) { 1782 #ifndef OPENSSL_NO_DH 1783 case EVP_PKEY_DH: 1784 bn = DH_get0_g(EVP_PKEY_get0_DH(ctx->p2)); 1785 break; 1786 #endif 1787 #ifndef OPENSSL_NO_DSA 1788 case EVP_PKEY_DSA: 1789 bn = DSA_get0_g(EVP_PKEY_get0_DSA(ctx->p2)); 1790 break; 1791 #endif 1792 } 1793 1794 return get_payload_bn(state, translation, ctx, bn); 1795 } 1796 1797 static int get_payload_int(enum state state, 1798 const struct translation_st *translation, 1799 struct translation_ctx_st *ctx, 1800 const int val) 1801 { 1802 if (ctx->params->data_type != OSSL_PARAM_INTEGER) 1803 return 0; 1804 ctx->p1 = val; 1805 ctx->p2 = NULL; 1806 1807 return default_fixup_args(state, translation, ctx); 1808 } 1809 1810 static int get_ec_decoded_from_explicit_params(enum state state, 1811 const struct translation_st *translation, 1812 struct translation_ctx_st *ctx) 1813 { 1814 int val = 0; 1815 EVP_PKEY *pkey = ctx->p2; 1816 1817 switch (EVP_PKEY_base_id(pkey)) { 1818 #ifndef OPENSSL_NO_EC 1819 case EVP_PKEY_EC: 1820 val = EC_KEY_decoded_from_explicit_params(EVP_PKEY_get0_EC_KEY(pkey)); 1821 if (val < 0) { 1822 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY); 1823 return 0; 1824 } 1825 break; 1826 #endif 1827 default: 1828 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE); 1829 return 0; 1830 } 1831 1832 return get_payload_int(state, translation, ctx, val); 1833 } 1834 1835 static int get_rsa_payload_n(enum state state, 1836 const struct translation_st *translation, 1837 struct translation_ctx_st *ctx) 1838 { 1839 const BIGNUM *bn = NULL; 1840 1841 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA 1842 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) 1843 return 0; 1844 bn = RSA_get0_n(EVP_PKEY_get0_RSA(ctx->p2)); 1845 1846 return get_payload_bn(state, translation, ctx, bn); 1847 } 1848 1849 static int get_rsa_payload_e(enum state state, 1850 const struct translation_st *translation, 1851 struct translation_ctx_st *ctx) 1852 { 1853 const BIGNUM *bn = NULL; 1854 1855 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA 1856 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) 1857 return 0; 1858 bn = RSA_get0_e(EVP_PKEY_get0_RSA(ctx->p2)); 1859 1860 return get_payload_bn(state, translation, ctx, bn); 1861 } 1862 1863 static int get_rsa_payload_d(enum state state, 1864 const struct translation_st *translation, 1865 struct translation_ctx_st *ctx) 1866 { 1867 const BIGNUM *bn = NULL; 1868 1869 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA 1870 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) 1871 return 0; 1872 bn = RSA_get0_d(EVP_PKEY_get0_RSA(ctx->p2)); 1873 1874 return get_payload_bn(state, translation, ctx, bn); 1875 } 1876 1877 static int get_rsa_payload_factor(enum state state, 1878 const struct translation_st *translation, 1879 struct translation_ctx_st *ctx, 1880 size_t factornum) 1881 { 1882 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2); 1883 const BIGNUM *bn = NULL; 1884 1885 switch (factornum) { 1886 case 0: 1887 bn = RSA_get0_p(r); 1888 break; 1889 case 1: 1890 bn = RSA_get0_q(r); 1891 break; 1892 default: { 1893 size_t pnum = RSA_get_multi_prime_extra_count(r); 1894 const BIGNUM *factors[10]; 1895 1896 if (factornum - 2 < pnum 1897 && RSA_get0_multi_prime_factors(r, factors)) 1898 bn = factors[factornum - 2]; 1899 } break; 1900 } 1901 1902 return get_payload_bn(state, translation, ctx, bn); 1903 } 1904 1905 static int get_rsa_payload_exponent(enum state state, 1906 const struct translation_st *translation, 1907 struct translation_ctx_st *ctx, 1908 size_t exponentnum) 1909 { 1910 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2); 1911 const BIGNUM *bn = NULL; 1912 1913 switch (exponentnum) { 1914 case 0: 1915 bn = RSA_get0_dmp1(r); 1916 break; 1917 case 1: 1918 bn = RSA_get0_dmq1(r); 1919 break; 1920 default: { 1921 size_t pnum = RSA_get_multi_prime_extra_count(r); 1922 const BIGNUM *exps[10], *coeffs[10]; 1923 1924 if (exponentnum - 2 < pnum 1925 && RSA_get0_multi_prime_crt_params(r, exps, coeffs)) 1926 bn = exps[exponentnum - 2]; 1927 } break; 1928 } 1929 1930 return get_payload_bn(state, translation, ctx, bn); 1931 } 1932 1933 static int get_rsa_payload_coefficient(enum state state, 1934 const struct translation_st *translation, 1935 struct translation_ctx_st *ctx, 1936 size_t coefficientnum) 1937 { 1938 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2); 1939 const BIGNUM *bn = NULL; 1940 1941 switch (coefficientnum) { 1942 case 0: 1943 bn = RSA_get0_iqmp(r); 1944 break; 1945 default: { 1946 size_t pnum = RSA_get_multi_prime_extra_count(r); 1947 const BIGNUM *exps[10], *coeffs[10]; 1948 1949 if (coefficientnum - 1 < pnum 1950 && RSA_get0_multi_prime_crt_params(r, exps, coeffs)) 1951 bn = coeffs[coefficientnum - 1]; 1952 } break; 1953 } 1954 1955 return get_payload_bn(state, translation, ctx, bn); 1956 } 1957 1958 #define IMPL_GET_RSA_PAYLOAD_FACTOR(n) \ 1959 static int \ 1960 get_rsa_payload_f##n(enum state state, \ 1961 const struct translation_st *translation, \ 1962 struct translation_ctx_st *ctx) \ 1963 { \ 1964 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \ 1965 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \ 1966 return 0; \ 1967 return get_rsa_payload_factor(state, translation, ctx, n - 1); \ 1968 } 1969 1970 #define IMPL_GET_RSA_PAYLOAD_EXPONENT(n) \ 1971 static int \ 1972 get_rsa_payload_e##n(enum state state, \ 1973 const struct translation_st *translation, \ 1974 struct translation_ctx_st *ctx) \ 1975 { \ 1976 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \ 1977 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \ 1978 return 0; \ 1979 return get_rsa_payload_exponent(state, translation, ctx, \ 1980 n - 1); \ 1981 } 1982 1983 #define IMPL_GET_RSA_PAYLOAD_COEFFICIENT(n) \ 1984 static int \ 1985 get_rsa_payload_c##n(enum state state, \ 1986 const struct translation_st *translation, \ 1987 struct translation_ctx_st *ctx) \ 1988 { \ 1989 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \ 1990 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \ 1991 return 0; \ 1992 return get_rsa_payload_coefficient(state, translation, ctx, \ 1993 n - 1); \ 1994 } 1995 1996 IMPL_GET_RSA_PAYLOAD_FACTOR(1) 1997 IMPL_GET_RSA_PAYLOAD_FACTOR(2) 1998 IMPL_GET_RSA_PAYLOAD_FACTOR(3) 1999 IMPL_GET_RSA_PAYLOAD_FACTOR(4) 2000 IMPL_GET_RSA_PAYLOAD_FACTOR(5) 2001 IMPL_GET_RSA_PAYLOAD_FACTOR(6) 2002 IMPL_GET_RSA_PAYLOAD_FACTOR(7) 2003 IMPL_GET_RSA_PAYLOAD_FACTOR(8) 2004 IMPL_GET_RSA_PAYLOAD_FACTOR(9) 2005 IMPL_GET_RSA_PAYLOAD_FACTOR(10) 2006 IMPL_GET_RSA_PAYLOAD_EXPONENT(1) 2007 IMPL_GET_RSA_PAYLOAD_EXPONENT(2) 2008 IMPL_GET_RSA_PAYLOAD_EXPONENT(3) 2009 IMPL_GET_RSA_PAYLOAD_EXPONENT(4) 2010 IMPL_GET_RSA_PAYLOAD_EXPONENT(5) 2011 IMPL_GET_RSA_PAYLOAD_EXPONENT(6) 2012 IMPL_GET_RSA_PAYLOAD_EXPONENT(7) 2013 IMPL_GET_RSA_PAYLOAD_EXPONENT(8) 2014 IMPL_GET_RSA_PAYLOAD_EXPONENT(9) 2015 IMPL_GET_RSA_PAYLOAD_EXPONENT(10) 2016 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(1) 2017 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(2) 2018 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(3) 2019 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(4) 2020 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(5) 2021 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(6) 2022 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(7) 2023 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(8) 2024 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(9) 2025 2026 static int fix_group_ecx(enum state state, 2027 const struct translation_st *translation, 2028 struct translation_ctx_st *ctx) 2029 { 2030 const char *value = NULL; 2031 2032 switch (state) { 2033 case PRE_PARAMS_TO_CTRL: 2034 if (!EVP_PKEY_CTX_IS_GEN_OP(ctx->pctx)) 2035 return 0; 2036 ctx->action_type = OSSL_ACTION_NONE; 2037 return 1; 2038 case POST_PARAMS_TO_CTRL: 2039 if (OSSL_PARAM_get_utf8_string_ptr(ctx->params, &value) == 0 || OPENSSL_strcasecmp(ctx->pctx->keytype, value) != 0) { 2040 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_INVALID_ARGUMENT); 2041 ctx->p1 = 0; 2042 return 0; 2043 } 2044 ctx->p1 = 1; 2045 return 1; 2046 default: 2047 return 0; 2048 } 2049 } 2050 2051 /*- 2052 * The translation table itself 2053 * ============================ 2054 */ 2055 2056 static const struct translation_st evp_pkey_ctx_translations[] = { 2057 /* 2058 * DistID: we pass it to the backend as an octet string, 2059 * but get it back as a pointer to an octet string. 2060 * 2061 * Note that the EVP_PKEY_CTRL_GET1_ID_LEN is purely for legacy purposes 2062 * that has no separate counterpart in OSSL_PARAM terms, since we get 2063 * the length of the DistID automatically when getting the DistID itself. 2064 */ 2065 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_TYPE_SIG, 2066 EVP_PKEY_CTRL_SET1_ID, "distid", "hexdistid", 2067 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_STRING, NULL }, 2068 { OSSL_ACTION_GET, -1, -1, -1, 2069 EVP_PKEY_CTRL_GET1_ID, "distid", "hexdistid", 2070 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_PTR, NULL }, 2071 { OSSL_ACTION_GET, -1, -1, -1, 2072 EVP_PKEY_CTRL_GET1_ID_LEN, NULL, NULL, 2073 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_PTR, fix_distid_len }, 2074 2075 /*- 2076 * DH & DHX 2077 * ======== 2078 */ 2079 2080 /* 2081 * EVP_PKEY_CTRL_DH_KDF_TYPE is used both for setting and getting. The 2082 * fixup function has to handle this... 2083 */ 2084 { OSSL_ACTION_NONE, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE, 2085 EVP_PKEY_CTRL_DH_KDF_TYPE, NULL, NULL, 2086 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING, 2087 fix_dh_kdf_type }, 2088 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE, 2089 EVP_PKEY_CTRL_DH_KDF_MD, NULL, NULL, 2090 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2091 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE, 2092 EVP_PKEY_CTRL_GET_DH_KDF_MD, NULL, NULL, 2093 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2094 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE, 2095 EVP_PKEY_CTRL_DH_KDF_OUTLEN, NULL, NULL, 2096 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2097 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE, 2098 EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, NULL, NULL, 2099 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2100 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE, 2101 EVP_PKEY_CTRL_DH_KDF_UKM, NULL, NULL, 2102 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL }, 2103 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE, 2104 EVP_PKEY_CTRL_GET_DH_KDF_UKM, NULL, NULL, 2105 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL }, 2106 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE, 2107 EVP_PKEY_CTRL_DH_KDF_OID, NULL, NULL, 2108 OSSL_KDF_PARAM_CEK_ALG, OSSL_PARAM_UTF8_STRING, fix_oid }, 2109 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE, 2110 EVP_PKEY_CTRL_GET_DH_KDF_OID, NULL, NULL, 2111 OSSL_KDF_PARAM_CEK_ALG, OSSL_PARAM_UTF8_STRING, fix_oid }, 2112 2113 /* DHX Keygen Parameters that are shared with DH */ 2114 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN, 2115 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, "dh_paramgen_type", NULL, 2116 OSSL_PKEY_PARAM_FFC_TYPE, OSSL_PARAM_UTF8_STRING, fix_dh_paramgen_type }, 2117 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN, 2118 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, "dh_paramgen_prime_len", NULL, 2119 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2120 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, 2121 EVP_PKEY_CTRL_DH_NID, "dh_param", NULL, 2122 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, NULL }, 2123 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, 2124 EVP_PKEY_CTRL_DH_RFC5114, "dh_rfc5114", NULL, 2125 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid5114 }, 2126 2127 /* DH Keygen Parameters that are shared with DHX */ 2128 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN, 2129 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, "dh_paramgen_type", NULL, 2130 OSSL_PKEY_PARAM_FFC_TYPE, OSSL_PARAM_UTF8_STRING, fix_dh_paramgen_type }, 2131 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN, 2132 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, "dh_paramgen_prime_len", NULL, 2133 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2134 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, 2135 EVP_PKEY_CTRL_DH_NID, "dh_param", NULL, 2136 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid }, 2137 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, 2138 EVP_PKEY_CTRL_DH_RFC5114, "dh_rfc5114", NULL, 2139 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid5114 }, 2140 2141 /* DH specific Keygen Parameters */ 2142 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN, 2143 EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, "dh_paramgen_generator", NULL, 2144 OSSL_PKEY_PARAM_DH_GENERATOR, OSSL_PARAM_INTEGER, NULL }, 2145 2146 /* DHX specific Keygen Parameters */ 2147 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN, 2148 EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, "dh_paramgen_subprime_len", NULL, 2149 OSSL_PKEY_PARAM_FFC_QBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2150 2151 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_DERIVE, 2152 EVP_PKEY_CTRL_DH_PAD, "dh_pad", NULL, 2153 OSSL_EXCHANGE_PARAM_PAD, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2154 2155 /*- 2156 * DSA 2157 * === 2158 */ 2159 { OSSL_ACTION_SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN, 2160 EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, "dsa_paramgen_bits", NULL, 2161 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2162 { OSSL_ACTION_SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN, 2163 EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, "dsa_paramgen_q_bits", NULL, 2164 OSSL_PKEY_PARAM_FFC_QBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2165 { OSSL_ACTION_SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN, 2166 EVP_PKEY_CTRL_DSA_PARAMGEN_MD, "dsa_paramgen_md", NULL, 2167 OSSL_PKEY_PARAM_FFC_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2168 2169 /*- 2170 * EC 2171 * == 2172 */ 2173 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, 2174 EVP_PKEY_CTRL_EC_PARAM_ENC, "ec_param_enc", NULL, 2175 OSSL_PKEY_PARAM_EC_ENCODING, OSSL_PARAM_UTF8_STRING, fix_ec_param_enc }, 2176 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, 2177 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, "ec_paramgen_curve", NULL, 2178 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, 2179 fix_ec_paramgen_curve_nid }, 2180 /* 2181 * EVP_PKEY_CTRL_EC_ECDH_COFACTOR and EVP_PKEY_CTRL_EC_KDF_TYPE are used 2182 * both for setting and getting. The fixup function has to handle this... 2183 */ 2184 { OSSL_ACTION_NONE, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE, 2185 EVP_PKEY_CTRL_EC_ECDH_COFACTOR, "ecdh_cofactor_mode", NULL, 2186 OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, OSSL_PARAM_INTEGER, 2187 fix_ecdh_cofactor }, 2188 { OSSL_ACTION_NONE, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE, 2189 EVP_PKEY_CTRL_EC_KDF_TYPE, NULL, NULL, 2190 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING, fix_ec_kdf_type }, 2191 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE, 2192 EVP_PKEY_CTRL_EC_KDF_MD, "ecdh_kdf_md", NULL, 2193 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2194 { OSSL_ACTION_GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE, 2195 EVP_PKEY_CTRL_GET_EC_KDF_MD, NULL, NULL, 2196 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2197 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE, 2198 EVP_PKEY_CTRL_EC_KDF_OUTLEN, NULL, NULL, 2199 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2200 { OSSL_ACTION_GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE, 2201 EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, NULL, NULL, 2202 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2203 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE, 2204 EVP_PKEY_CTRL_EC_KDF_UKM, NULL, NULL, 2205 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL }, 2206 { OSSL_ACTION_GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE, 2207 EVP_PKEY_CTRL_GET_EC_KDF_UKM, NULL, NULL, 2208 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL }, 2209 2210 /*- 2211 * SM2 2212 * == 2213 */ 2214 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, 2215 EVP_PKEY_CTRL_EC_PARAM_ENC, "ec_param_enc", NULL, 2216 OSSL_PKEY_PARAM_EC_ENCODING, OSSL_PARAM_UTF8_STRING, fix_ec_param_enc }, 2217 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, 2218 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, "ec_paramgen_curve", NULL, 2219 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, 2220 fix_ec_paramgen_curve_nid }, 2221 /* 2222 * EVP_PKEY_CTRL_EC_ECDH_COFACTOR and EVP_PKEY_CTRL_EC_KDF_TYPE are used 2223 * both for setting and getting. The fixup function has to handle this... 2224 */ 2225 { OSSL_ACTION_NONE, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE, 2226 EVP_PKEY_CTRL_EC_ECDH_COFACTOR, "ecdh_cofactor_mode", NULL, 2227 OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, OSSL_PARAM_INTEGER, 2228 fix_ecdh_cofactor }, 2229 { OSSL_ACTION_NONE, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE, 2230 EVP_PKEY_CTRL_EC_KDF_TYPE, NULL, NULL, 2231 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING, fix_ec_kdf_type }, 2232 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE, 2233 EVP_PKEY_CTRL_EC_KDF_MD, "ecdh_kdf_md", NULL, 2234 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2235 { OSSL_ACTION_GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE, 2236 EVP_PKEY_CTRL_GET_EC_KDF_MD, NULL, NULL, 2237 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2238 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE, 2239 EVP_PKEY_CTRL_EC_KDF_OUTLEN, NULL, NULL, 2240 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2241 { OSSL_ACTION_GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE, 2242 EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, NULL, NULL, 2243 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2244 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE, 2245 EVP_PKEY_CTRL_EC_KDF_UKM, NULL, NULL, 2246 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL }, 2247 { OSSL_ACTION_GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE, 2248 EVP_PKEY_CTRL_GET_EC_KDF_UKM, NULL, NULL, 2249 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL }, 2250 /*- 2251 * RSA 2252 * === 2253 */ 2254 2255 /* 2256 * RSA padding modes are numeric with ctrls, strings with ctrl_strs, 2257 * and can be both with OSSL_PARAM. We standardise on strings here, 2258 * fix_rsa_padding_mode() does the work when the caller has a different 2259 * idea. 2260 */ 2261 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, 2262 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG, 2263 EVP_PKEY_CTRL_RSA_PADDING, "rsa_padding_mode", NULL, 2264 OSSL_PKEY_PARAM_PAD_MODE, OSSL_PARAM_UTF8_STRING, fix_rsa_padding_mode }, 2265 { OSSL_ACTION_GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, 2266 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG, 2267 EVP_PKEY_CTRL_GET_RSA_PADDING, NULL, NULL, 2268 OSSL_PKEY_PARAM_PAD_MODE, OSSL_PARAM_UTF8_STRING, fix_rsa_padding_mode }, 2269 2270 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, 2271 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG, 2272 EVP_PKEY_CTRL_RSA_MGF1_MD, "rsa_mgf1_md", NULL, 2273 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2274 { OSSL_ACTION_GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, 2275 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG, 2276 EVP_PKEY_CTRL_GET_RSA_MGF1_MD, NULL, NULL, 2277 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2278 2279 /* 2280 * RSA-PSS saltlen is essentially numeric, but certain values can be 2281 * expressed as keywords (strings) with ctrl_str. The corresponding 2282 * OSSL_PARAM allows both forms. 2283 * fix_rsa_pss_saltlen() takes care of the distinction. 2284 */ 2285 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_TYPE_SIG, 2286 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, "rsa_pss_saltlen", NULL, 2287 OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, OSSL_PARAM_UTF8_STRING, 2288 fix_rsa_pss_saltlen }, 2289 { OSSL_ACTION_GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_TYPE_SIG, 2290 EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, NULL, NULL, 2291 OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, OSSL_PARAM_UTF8_STRING, 2292 fix_rsa_pss_saltlen }, 2293 2294 { OSSL_ACTION_SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT, 2295 EVP_PKEY_CTRL_RSA_OAEP_MD, "rsa_oaep_md", NULL, 2296 OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2297 { OSSL_ACTION_GET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT, 2298 EVP_PKEY_CTRL_GET_RSA_OAEP_MD, NULL, NULL, 2299 OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2300 /* 2301 * The "rsa_oaep_label" ctrl_str expects the value to always be hex. 2302 * This is accommodated by default_fixup_args() above, which mimics that 2303 * expectation for any translation item where |ctrl_str| is NULL and 2304 * |ctrl_hexstr| is non-NULL. 2305 */ 2306 { OSSL_ACTION_SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT, 2307 EVP_PKEY_CTRL_RSA_OAEP_LABEL, NULL, "rsa_oaep_label", 2308 OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, OSSL_PARAM_OCTET_STRING, NULL }, 2309 { OSSL_ACTION_GET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT, 2310 EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, NULL, NULL, 2311 OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, OSSL_PARAM_OCTET_PTR, NULL }, 2312 2313 { OSSL_ACTION_SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT, 2314 EVP_PKEY_CTRL_RSA_IMPLICIT_REJECTION, NULL, 2315 "rsa_pkcs1_implicit_rejection", 2316 OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION, OSSL_PARAM_UNSIGNED_INTEGER, 2317 NULL }, 2318 2319 { OSSL_ACTION_SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN, 2320 EVP_PKEY_CTRL_MD, "rsa_pss_keygen_md", NULL, 2321 OSSL_ALG_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2322 { OSSL_ACTION_SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN, 2323 EVP_PKEY_CTRL_RSA_MGF1_MD, "rsa_pss_keygen_mgf1_md", NULL, 2324 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2325 { OSSL_ACTION_SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN, 2326 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, "rsa_pss_keygen_saltlen", NULL, 2327 OSSL_SIGNATURE_PARAM_PSS_SALTLEN, OSSL_PARAM_INTEGER, NULL }, 2328 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, 2329 EVP_PKEY_CTRL_RSA_KEYGEN_BITS, "rsa_keygen_bits", NULL, 2330 OSSL_PKEY_PARAM_RSA_BITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2331 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, 2332 EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, "rsa_keygen_pubexp", NULL, 2333 OSSL_PKEY_PARAM_RSA_E, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2334 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, 2335 EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES, "rsa_keygen_primes", NULL, 2336 OSSL_PKEY_PARAM_RSA_PRIMES, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2337 2338 /*- 2339 * SipHash 2340 * ====== 2341 */ 2342 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_TYPE_SIG, 2343 EVP_PKEY_CTRL_SET_DIGEST_SIZE, "digestsize", NULL, 2344 OSSL_MAC_PARAM_SIZE, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2345 2346 /*- 2347 * TLS1-PRF 2348 * ======== 2349 */ 2350 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2351 EVP_PKEY_CTRL_TLS_MD, "md", NULL, 2352 OSSL_KDF_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2353 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2354 EVP_PKEY_CTRL_TLS_SECRET, "secret", "hexsecret", 2355 OSSL_KDF_PARAM_SECRET, OSSL_PARAM_OCTET_STRING, NULL }, 2356 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2357 EVP_PKEY_CTRL_TLS_SEED, "seed", "hexseed", 2358 OSSL_KDF_PARAM_SEED, OSSL_PARAM_OCTET_STRING, NULL }, 2359 2360 /*- 2361 * HKDF 2362 * ==== 2363 */ 2364 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2365 EVP_PKEY_CTRL_HKDF_MD, "md", NULL, 2366 OSSL_KDF_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2367 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2368 EVP_PKEY_CTRL_HKDF_SALT, "salt", "hexsalt", 2369 OSSL_KDF_PARAM_SALT, OSSL_PARAM_OCTET_STRING, NULL }, 2370 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2371 EVP_PKEY_CTRL_HKDF_KEY, "key", "hexkey", 2372 OSSL_KDF_PARAM_KEY, OSSL_PARAM_OCTET_STRING, NULL }, 2373 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2374 EVP_PKEY_CTRL_HKDF_INFO, "info", "hexinfo", 2375 OSSL_KDF_PARAM_INFO, OSSL_PARAM_OCTET_STRING, NULL }, 2376 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2377 EVP_PKEY_CTRL_HKDF_MODE, "mode", NULL, 2378 OSSL_KDF_PARAM_MODE, OSSL_PARAM_INTEGER, fix_hkdf_mode }, 2379 2380 /*- 2381 * Scrypt 2382 * ====== 2383 */ 2384 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2385 EVP_PKEY_CTRL_PASS, "pass", "hexpass", 2386 OSSL_KDF_PARAM_PASSWORD, OSSL_PARAM_OCTET_STRING, NULL }, 2387 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2388 EVP_PKEY_CTRL_SCRYPT_SALT, "salt", "hexsalt", 2389 OSSL_KDF_PARAM_SALT, OSSL_PARAM_OCTET_STRING, NULL }, 2390 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2391 EVP_PKEY_CTRL_SCRYPT_N, "N", NULL, 2392 OSSL_KDF_PARAM_SCRYPT_N, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2393 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2394 EVP_PKEY_CTRL_SCRYPT_R, "r", NULL, 2395 OSSL_KDF_PARAM_SCRYPT_R, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2396 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2397 EVP_PKEY_CTRL_SCRYPT_P, "p", NULL, 2398 OSSL_KDF_PARAM_SCRYPT_P, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2399 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE, 2400 EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, "maxmem_bytes", NULL, 2401 OSSL_KDF_PARAM_SCRYPT_MAXMEM, OSSL_PARAM_UNSIGNED_INTEGER, NULL }, 2402 2403 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_KEYGEN | EVP_PKEY_OP_TYPE_CRYPT, 2404 EVP_PKEY_CTRL_CIPHER, NULL, NULL, 2405 OSSL_PKEY_PARAM_CIPHER, OSSL_PARAM_UTF8_STRING, fix_cipher }, 2406 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_KEYGEN, 2407 EVP_PKEY_CTRL_SET_MAC_KEY, "key", "hexkey", 2408 OSSL_PKEY_PARAM_PRIV_KEY, OSSL_PARAM_OCTET_STRING, NULL }, 2409 2410 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_TYPE_SIG, 2411 EVP_PKEY_CTRL_MD, NULL, NULL, 2412 OSSL_SIGNATURE_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2413 { OSSL_ACTION_GET, -1, -1, EVP_PKEY_OP_TYPE_SIG, 2414 EVP_PKEY_CTRL_GET_MD, NULL, NULL, 2415 OSSL_SIGNATURE_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md }, 2416 2417 /*- 2418 * ECX 2419 * === 2420 */ 2421 { OSSL_ACTION_SET, EVP_PKEY_X25519, EVP_PKEY_X25519, EVP_PKEY_OP_KEYGEN, -1, NULL, NULL, 2422 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx }, 2423 { OSSL_ACTION_SET, EVP_PKEY_X25519, EVP_PKEY_X25519, EVP_PKEY_OP_PARAMGEN, -1, NULL, NULL, 2424 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx }, 2425 { OSSL_ACTION_SET, EVP_PKEY_X448, EVP_PKEY_X448, EVP_PKEY_OP_KEYGEN, -1, NULL, NULL, 2426 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx }, 2427 { OSSL_ACTION_SET, EVP_PKEY_X448, EVP_PKEY_X448, EVP_PKEY_OP_PARAMGEN, -1, NULL, NULL, 2428 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx }, 2429 }; 2430 2431 static const struct translation_st evp_pkey_translations[] = { 2432 /* 2433 * The following contain no ctrls, they are exclusively here to extract 2434 * key payloads from legacy keys, using OSSL_PARAMs, and rely entirely 2435 * on |fixup_args| to pass the actual data. The |fixup_args| should 2436 * expect to get the EVP_PKEY pointer through |ctx->p2|. 2437 */ 2438 2439 /* DH, DSA & EC */ 2440 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2441 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, 2442 get_payload_group_name }, 2443 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2444 OSSL_PKEY_PARAM_PRIV_KEY, OSSL_PARAM_UNSIGNED_INTEGER, 2445 get_payload_private_key }, 2446 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2447 OSSL_PKEY_PARAM_PUB_KEY, 2448 0 /* no data type, let get_payload_public_key() handle that */, 2449 get_payload_public_key }, 2450 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2451 OSSL_PKEY_PARAM_EC_PUB_X, OSSL_PARAM_UNSIGNED_INTEGER, 2452 get_payload_public_key_ec }, 2453 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2454 OSSL_PKEY_PARAM_EC_PUB_Y, OSSL_PARAM_UNSIGNED_INTEGER, 2455 get_payload_public_key_ec }, 2456 2457 /* DH and DSA */ 2458 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2459 OSSL_PKEY_PARAM_FFC_P, OSSL_PARAM_UNSIGNED_INTEGER, 2460 get_dh_dsa_payload_p }, 2461 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2462 OSSL_PKEY_PARAM_FFC_G, OSSL_PARAM_UNSIGNED_INTEGER, 2463 get_dh_dsa_payload_g }, 2464 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2465 OSSL_PKEY_PARAM_FFC_Q, OSSL_PARAM_UNSIGNED_INTEGER, 2466 get_dh_dsa_payload_q }, 2467 2468 /* RSA */ 2469 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2470 OSSL_PKEY_PARAM_RSA_N, OSSL_PARAM_UNSIGNED_INTEGER, 2471 get_rsa_payload_n }, 2472 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2473 OSSL_PKEY_PARAM_RSA_E, OSSL_PARAM_UNSIGNED_INTEGER, 2474 get_rsa_payload_e }, 2475 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2476 OSSL_PKEY_PARAM_RSA_D, OSSL_PARAM_UNSIGNED_INTEGER, 2477 get_rsa_payload_d }, 2478 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2479 OSSL_PKEY_PARAM_RSA_FACTOR1, OSSL_PARAM_UNSIGNED_INTEGER, 2480 get_rsa_payload_f1 }, 2481 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2482 OSSL_PKEY_PARAM_RSA_FACTOR2, OSSL_PARAM_UNSIGNED_INTEGER, 2483 get_rsa_payload_f2 }, 2484 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2485 OSSL_PKEY_PARAM_RSA_FACTOR3, OSSL_PARAM_UNSIGNED_INTEGER, 2486 get_rsa_payload_f3 }, 2487 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2488 OSSL_PKEY_PARAM_RSA_FACTOR4, OSSL_PARAM_UNSIGNED_INTEGER, 2489 get_rsa_payload_f4 }, 2490 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2491 OSSL_PKEY_PARAM_RSA_FACTOR5, OSSL_PARAM_UNSIGNED_INTEGER, 2492 get_rsa_payload_f5 }, 2493 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2494 OSSL_PKEY_PARAM_RSA_FACTOR6, OSSL_PARAM_UNSIGNED_INTEGER, 2495 get_rsa_payload_f6 }, 2496 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2497 OSSL_PKEY_PARAM_RSA_FACTOR7, OSSL_PARAM_UNSIGNED_INTEGER, 2498 get_rsa_payload_f7 }, 2499 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2500 OSSL_PKEY_PARAM_RSA_FACTOR8, OSSL_PARAM_UNSIGNED_INTEGER, 2501 get_rsa_payload_f8 }, 2502 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2503 OSSL_PKEY_PARAM_RSA_FACTOR9, OSSL_PARAM_UNSIGNED_INTEGER, 2504 get_rsa_payload_f9 }, 2505 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2506 OSSL_PKEY_PARAM_RSA_FACTOR10, OSSL_PARAM_UNSIGNED_INTEGER, 2507 get_rsa_payload_f10 }, 2508 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2509 OSSL_PKEY_PARAM_RSA_EXPONENT1, OSSL_PARAM_UNSIGNED_INTEGER, 2510 get_rsa_payload_e1 }, 2511 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2512 OSSL_PKEY_PARAM_RSA_EXPONENT2, OSSL_PARAM_UNSIGNED_INTEGER, 2513 get_rsa_payload_e2 }, 2514 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2515 OSSL_PKEY_PARAM_RSA_EXPONENT3, OSSL_PARAM_UNSIGNED_INTEGER, 2516 get_rsa_payload_e3 }, 2517 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2518 OSSL_PKEY_PARAM_RSA_EXPONENT4, OSSL_PARAM_UNSIGNED_INTEGER, 2519 get_rsa_payload_e4 }, 2520 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2521 OSSL_PKEY_PARAM_RSA_EXPONENT5, OSSL_PARAM_UNSIGNED_INTEGER, 2522 get_rsa_payload_e5 }, 2523 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2524 OSSL_PKEY_PARAM_RSA_EXPONENT6, OSSL_PARAM_UNSIGNED_INTEGER, 2525 get_rsa_payload_e6 }, 2526 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2527 OSSL_PKEY_PARAM_RSA_EXPONENT7, OSSL_PARAM_UNSIGNED_INTEGER, 2528 get_rsa_payload_e7 }, 2529 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2530 OSSL_PKEY_PARAM_RSA_EXPONENT8, OSSL_PARAM_UNSIGNED_INTEGER, 2531 get_rsa_payload_e8 }, 2532 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2533 OSSL_PKEY_PARAM_RSA_EXPONENT9, OSSL_PARAM_UNSIGNED_INTEGER, 2534 get_rsa_payload_e9 }, 2535 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2536 OSSL_PKEY_PARAM_RSA_EXPONENT10, OSSL_PARAM_UNSIGNED_INTEGER, 2537 get_rsa_payload_e10 }, 2538 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2539 OSSL_PKEY_PARAM_RSA_COEFFICIENT1, OSSL_PARAM_UNSIGNED_INTEGER, 2540 get_rsa_payload_c1 }, 2541 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2542 OSSL_PKEY_PARAM_RSA_COEFFICIENT2, OSSL_PARAM_UNSIGNED_INTEGER, 2543 get_rsa_payload_c2 }, 2544 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2545 OSSL_PKEY_PARAM_RSA_COEFFICIENT3, OSSL_PARAM_UNSIGNED_INTEGER, 2546 get_rsa_payload_c3 }, 2547 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2548 OSSL_PKEY_PARAM_RSA_COEFFICIENT4, OSSL_PARAM_UNSIGNED_INTEGER, 2549 get_rsa_payload_c4 }, 2550 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2551 OSSL_PKEY_PARAM_RSA_COEFFICIENT5, OSSL_PARAM_UNSIGNED_INTEGER, 2552 get_rsa_payload_c5 }, 2553 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2554 OSSL_PKEY_PARAM_RSA_COEFFICIENT6, OSSL_PARAM_UNSIGNED_INTEGER, 2555 get_rsa_payload_c6 }, 2556 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2557 OSSL_PKEY_PARAM_RSA_COEFFICIENT7, OSSL_PARAM_UNSIGNED_INTEGER, 2558 get_rsa_payload_c7 }, 2559 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2560 OSSL_PKEY_PARAM_RSA_COEFFICIENT8, OSSL_PARAM_UNSIGNED_INTEGER, 2561 get_rsa_payload_c8 }, 2562 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2563 OSSL_PKEY_PARAM_RSA_COEFFICIENT9, OSSL_PARAM_UNSIGNED_INTEGER, 2564 get_rsa_payload_c9 }, 2565 2566 /* EC */ 2567 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL, 2568 OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS, OSSL_PARAM_INTEGER, 2569 get_ec_decoded_from_explicit_params }, 2570 }; 2571 2572 static const struct translation_st * 2573 lookup_translation(struct translation_st *tmpl, 2574 const struct translation_st *translations, 2575 size_t translations_num) 2576 { 2577 size_t i; 2578 2579 for (i = 0; i < translations_num; i++) { 2580 const struct translation_st *item = &translations[i]; 2581 2582 /* 2583 * Sanity check the translation table item. 2584 * 2585 * 1. Either both keytypes are -1, or neither of them are. 2586 * 2. TBA... 2587 */ 2588 if (!ossl_assert((item->keytype1 == -1) == (item->keytype2 == -1))) 2589 continue; 2590 2591 /* 2592 * Base search criteria: check that the optype and keytypes match, 2593 * if relevant. All callers must synthesise these bits somehow. 2594 */ 2595 if (item->optype != -1 && (tmpl->optype & item->optype) == 0) 2596 continue; 2597 /* 2598 * This expression is stunningly simple thanks to the sanity check 2599 * above. 2600 */ 2601 if (item->keytype1 != -1 2602 && tmpl->keytype1 != item->keytype1 2603 && tmpl->keytype2 != item->keytype2) 2604 continue; 2605 2606 /* 2607 * Done with the base search criteria, now we check the criteria for 2608 * the individual types of translations: 2609 * ctrl->params, ctrl_str->params, and params->ctrl 2610 */ 2611 if (tmpl->ctrl_num != 0) { 2612 if (tmpl->ctrl_num != item->ctrl_num) 2613 continue; 2614 } else if (tmpl->ctrl_str != NULL) { 2615 const char *ctrl_str = NULL; 2616 const char *ctrl_hexstr = NULL; 2617 2618 /* 2619 * Search criteria that originates from a ctrl_str is only used 2620 * for setting, never for getting. Therefore, we only look at 2621 * the setter items. 2622 */ 2623 if (item->action_type != OSSL_ACTION_NONE 2624 && item->action_type != OSSL_ACTION_SET) 2625 continue; 2626 /* 2627 * At least one of the ctrl cmd names must be match the ctrl 2628 * cmd name in the template. 2629 */ 2630 if (item->ctrl_str != NULL 2631 && OPENSSL_strcasecmp(tmpl->ctrl_str, item->ctrl_str) == 0) 2632 ctrl_str = tmpl->ctrl_str; 2633 else if (item->ctrl_hexstr != NULL 2634 && OPENSSL_strcasecmp(tmpl->ctrl_hexstr, 2635 item->ctrl_hexstr) 2636 == 0) 2637 ctrl_hexstr = tmpl->ctrl_hexstr; 2638 else 2639 continue; 2640 2641 /* Modify the template to signal which string matched */ 2642 tmpl->ctrl_str = ctrl_str; 2643 tmpl->ctrl_hexstr = ctrl_hexstr; 2644 } else if (tmpl->param_key != NULL) { 2645 /* 2646 * Search criteria that originates from an OSSL_PARAM setter or 2647 * getter. 2648 * 2649 * Ctrls were fundamentally bidirectional, with only the ctrl 2650 * command macro name implying direction (if you're lucky). 2651 * A few ctrl commands were even taking advantage of the 2652 * bidirectional nature, making the direction depend in the 2653 * value of the numeric argument. 2654 * 2655 * OSSL_PARAM functions are fundamentally different, in that 2656 * setters and getters are separated, so the data direction is 2657 * implied by the function that's used. The same OSSL_PARAM 2658 * key name can therefore be used in both directions. We must 2659 * therefore take the action type into account in this case. 2660 */ 2661 if ((item->action_type != OSSL_ACTION_NONE 2662 && tmpl->action_type != item->action_type) 2663 || (item->param_key != NULL 2664 && OPENSSL_strcasecmp(tmpl->param_key, 2665 item->param_key) 2666 != 0)) 2667 continue; 2668 } else { 2669 return NULL; 2670 } 2671 2672 return item; 2673 } 2674 2675 return NULL; 2676 } 2677 2678 static const struct translation_st * 2679 lookup_evp_pkey_ctx_translation(struct translation_st *tmpl) 2680 { 2681 return lookup_translation(tmpl, evp_pkey_ctx_translations, 2682 OSSL_NELEM(evp_pkey_ctx_translations)); 2683 } 2684 2685 static const struct translation_st * 2686 lookup_evp_pkey_translation(struct translation_st *tmpl) 2687 { 2688 return lookup_translation(tmpl, evp_pkey_translations, 2689 OSSL_NELEM(evp_pkey_translations)); 2690 } 2691 2692 /* This must ONLY be called for provider side operations */ 2693 int evp_pkey_ctx_ctrl_to_param(EVP_PKEY_CTX *pctx, 2694 int keytype, int optype, 2695 int cmd, int p1, void *p2) 2696 { 2697 struct translation_ctx_st ctx = { 2698 0, 2699 }; 2700 struct translation_st tmpl = { 2701 0, 2702 }; 2703 const struct translation_st *translation = NULL; 2704 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 2705 int ret; 2706 fixup_args_fn *fixup = default_fixup_args; 2707 2708 if (keytype == -1) 2709 keytype = pctx->legacy_keytype; 2710 tmpl.ctrl_num = cmd; 2711 tmpl.keytype1 = tmpl.keytype2 = keytype; 2712 tmpl.optype = optype; 2713 translation = lookup_evp_pkey_ctx_translation(&tmpl); 2714 2715 if (translation == NULL) { 2716 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); 2717 return -2; 2718 } 2719 2720 if (pctx->pmeth != NULL 2721 && pctx->pmeth->pkey_id != translation->keytype1 2722 && pctx->pmeth->pkey_id != translation->keytype2) 2723 return -1; 2724 2725 if (translation->fixup_args != NULL) 2726 fixup = translation->fixup_args; 2727 ctx.action_type = translation->action_type; 2728 ctx.ctrl_cmd = cmd; 2729 ctx.p1 = p1; 2730 ctx.p2 = p2; 2731 ctx.pctx = pctx; 2732 ctx.params = params; 2733 2734 ret = fixup(PRE_CTRL_TO_PARAMS, translation, &ctx); 2735 2736 if (ret > 0) { 2737 switch (ctx.action_type) { 2738 default: 2739 /* fixup_args is expected to make sure this is dead code */ 2740 break; 2741 case OSSL_ACTION_GET: 2742 ret = evp_pkey_ctx_get_params_strict(pctx, ctx.params); 2743 break; 2744 case OSSL_ACTION_SET: 2745 ret = evp_pkey_ctx_set_params_strict(pctx, ctx.params); 2746 break; 2747 } 2748 } 2749 2750 /* 2751 * In POST, we pass the return value as p1, allowing the fixup_args 2752 * function to affect it by changing its value. 2753 */ 2754 if (ret > 0) { 2755 ctx.p1 = ret; 2756 fixup(POST_CTRL_TO_PARAMS, translation, &ctx); 2757 ret = ctx.p1; 2758 } 2759 2760 cleanup_translation_ctx(POST_CTRL_TO_PARAMS, translation, &ctx); 2761 2762 return ret; 2763 } 2764 2765 /* This must ONLY be called for provider side operations */ 2766 int evp_pkey_ctx_ctrl_str_to_param(EVP_PKEY_CTX *pctx, 2767 const char *name, const char *value) 2768 { 2769 struct translation_ctx_st ctx = { 2770 0, 2771 }; 2772 struct translation_st tmpl = { 2773 0, 2774 }; 2775 const struct translation_st *translation = NULL; 2776 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 2777 int keytype = pctx->legacy_keytype; 2778 int optype = pctx->operation == 0 ? -1 : pctx->operation; 2779 int ret; 2780 fixup_args_fn *fixup = default_fixup_args; 2781 2782 tmpl.action_type = OSSL_ACTION_SET; 2783 tmpl.keytype1 = tmpl.keytype2 = keytype; 2784 tmpl.optype = optype; 2785 tmpl.ctrl_str = name; 2786 tmpl.ctrl_hexstr = name; 2787 translation = lookup_evp_pkey_ctx_translation(&tmpl); 2788 2789 if (translation != NULL) { 2790 if (translation->fixup_args != NULL) 2791 fixup = translation->fixup_args; 2792 ctx.action_type = translation->action_type; 2793 ctx.ishex = (tmpl.ctrl_hexstr != NULL); 2794 } else { 2795 /* String controls really only support setting */ 2796 ctx.action_type = OSSL_ACTION_SET; 2797 } 2798 ctx.ctrl_str = name; 2799 ctx.p1 = (int)strlen(value); 2800 ctx.p2 = (char *)value; 2801 ctx.pctx = pctx; 2802 ctx.params = params; 2803 2804 ret = fixup(PRE_CTRL_STR_TO_PARAMS, translation, &ctx); 2805 2806 if (ret > 0) { 2807 switch (ctx.action_type) { 2808 default: 2809 /* fixup_args is expected to make sure this is dead code */ 2810 break; 2811 case OSSL_ACTION_GET: 2812 /* 2813 * this is dead code, but must be present, or some compilers 2814 * will complain 2815 */ 2816 break; 2817 case OSSL_ACTION_SET: 2818 ret = evp_pkey_ctx_set_params_strict(pctx, ctx.params); 2819 break; 2820 } 2821 } 2822 2823 if (ret > 0) 2824 ret = fixup(POST_CTRL_STR_TO_PARAMS, translation, &ctx); 2825 2826 cleanup_translation_ctx(CLEANUP_CTRL_STR_TO_PARAMS, translation, &ctx); 2827 2828 return ret; 2829 } 2830 2831 /* This must ONLY be called for legacy operations */ 2832 static int evp_pkey_ctx_setget_params_to_ctrl(EVP_PKEY_CTX *pctx, 2833 enum action action_type, 2834 OSSL_PARAM *params) 2835 { 2836 int keytype = pctx->legacy_keytype; 2837 int optype = pctx->operation == 0 ? -1 : pctx->operation; 2838 2839 for (; params != NULL && params->key != NULL; params++) { 2840 struct translation_ctx_st ctx = { 2841 0, 2842 }; 2843 struct translation_st tmpl = { 2844 0, 2845 }; 2846 const struct translation_st *translation = NULL; 2847 fixup_args_fn *fixup = default_fixup_args; 2848 int ret; 2849 2850 ctx.action_type = tmpl.action_type = action_type; 2851 tmpl.keytype1 = tmpl.keytype2 = keytype; 2852 tmpl.optype = optype; 2853 tmpl.param_key = params->key; 2854 translation = lookup_evp_pkey_ctx_translation(&tmpl); 2855 2856 if (translation != NULL) { 2857 if (translation->fixup_args != NULL) 2858 fixup = translation->fixup_args; 2859 ctx.ctrl_cmd = translation->ctrl_num; 2860 } 2861 ctx.pctx = pctx; 2862 ctx.params = params; 2863 2864 ret = fixup(PRE_PARAMS_TO_CTRL, translation, &ctx); 2865 2866 if (ret > 0 && ctx.action_type != OSSL_ACTION_NONE) 2867 ret = EVP_PKEY_CTX_ctrl(pctx, keytype, optype, 2868 ctx.ctrl_cmd, ctx.p1, ctx.p2); 2869 2870 /* 2871 * In POST, we pass the return value as p1, allowing the fixup_args 2872 * function to put it to good use, or maybe affect it. 2873 * 2874 * NOTE: even though EVP_PKEY_CTX_ctrl return value is documented 2875 * as return positive on Success and 0 or negative on failure. There 2876 * maybe parameters (e.g. ecdh_cofactor), which actually return 0 2877 * as success value. That is why we do POST_PARAMS_TO_CTRL for 0 2878 * value as well 2879 */ 2880 if (ret >= 0) { 2881 ctx.p1 = ret; 2882 fixup(POST_PARAMS_TO_CTRL, translation, &ctx); 2883 ret = ctx.p1; 2884 } 2885 2886 cleanup_translation_ctx(CLEANUP_PARAMS_TO_CTRL, translation, &ctx); 2887 2888 if (ret <= 0) 2889 return 0; 2890 } 2891 return 1; 2892 } 2893 2894 int evp_pkey_ctx_set_params_to_ctrl(EVP_PKEY_CTX *ctx, const OSSL_PARAM *params) 2895 { 2896 if (ctx->keymgmt != NULL) 2897 return 0; 2898 return evp_pkey_ctx_setget_params_to_ctrl(ctx, OSSL_ACTION_SET, (OSSL_PARAM *)params); 2899 } 2900 2901 int evp_pkey_ctx_get_params_to_ctrl(EVP_PKEY_CTX *ctx, OSSL_PARAM *params) 2902 { 2903 if (ctx->keymgmt != NULL) 2904 return 0; 2905 return evp_pkey_ctx_setget_params_to_ctrl(ctx, OSSL_ACTION_GET, params); 2906 } 2907 2908 /* This must ONLY be called for legacy EVP_PKEYs */ 2909 static int evp_pkey_setget_params_to_ctrl(const EVP_PKEY *pkey, 2910 enum action action_type, 2911 OSSL_PARAM *params) 2912 { 2913 int ret = 1; 2914 2915 for (; params != NULL && params->key != NULL; params++) { 2916 struct translation_ctx_st ctx = { 2917 0, 2918 }; 2919 struct translation_st tmpl = { 2920 0, 2921 }; 2922 const struct translation_st *translation = NULL; 2923 fixup_args_fn *fixup = default_fixup_args; 2924 2925 tmpl.action_type = action_type; 2926 tmpl.param_key = params->key; 2927 translation = lookup_evp_pkey_translation(&tmpl); 2928 2929 if (translation != NULL) { 2930 if (translation->fixup_args != NULL) 2931 fixup = translation->fixup_args; 2932 ctx.action_type = translation->action_type; 2933 } 2934 ctx.p2 = (void *)pkey; 2935 ctx.params = params; 2936 2937 /* 2938 * EVP_PKEY doesn't have any ctrl function, so we rely completely 2939 * on fixup_args to do the whole work. Also, we currently only 2940 * support getting. 2941 */ 2942 if (!ossl_assert(translation != NULL) 2943 || !ossl_assert(translation->action_type == OSSL_ACTION_GET) 2944 || !ossl_assert(translation->fixup_args != NULL)) { 2945 return -2; 2946 } 2947 2948 ret = fixup(PKEY, translation, &ctx); 2949 2950 cleanup_translation_ctx(PKEY, translation, &ctx); 2951 } 2952 return ret; 2953 } 2954 2955 int evp_pkey_get_params_to_ctrl(const EVP_PKEY *pkey, OSSL_PARAM *params) 2956 { 2957 return evp_pkey_setget_params_to_ctrl(pkey, OSSL_ACTION_GET, params); 2958 } 2959
Indexes created Sat Feb 28 05:31:39 UTC 2026