1 /*
2 * Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * Some ctrls depend on deprecated functionality. We trust that this is
12 * functionality that remains internally even when 'no-deprecated' is
13 * configured. When we drop #legacy EVP_PKEYs, this source should be
14 * possible to drop as well.
15 */
16 #include "internal/deprecated.h"
17
18 #include <string.h>
19
20 /* The following includes get us all the EVP_PKEY_CTRL macros */
21 #include <openssl/dh.h>
22 #include <openssl/dsa.h>
23 #include <openssl/ec.h>
24 #include <openssl/rsa.h>
25 #include <openssl/kdf.h>
26
27 /* This include gets us all the OSSL_PARAM key string macros */
28 #include <openssl/core_names.h>
29
30 #include <openssl/err.h>
31 #include <openssl/evperr.h>
32 #include <openssl/params.h>
33 #include "internal/nelem.h"
34 #include "internal/cryptlib.h"
35 #include "internal/ffc.h"
36 #include "crypto/evp.h"
37 #include "crypto/dh.h"
38 #include "crypto/ec.h"
39
40 struct translation_ctx_st; /* Forwarding */
41 struct translation_st; /* Forwarding */
42
43 /*
44 * The fixup_args functions are called with the following parameters:
45 *
46 * |state| The state we're called in, explained further at the
47 * end of this comment.
48 * |translation| The translation item, to be pilfered for data as
49 * necessary.
50 * |ctx| The translation context, which contains copies of
51 * the following arguments, applicable according to
52 * the caller. All of the attributes in this context
53 * may be freely modified by the fixup_args function.
54 * For cleanup, call cleanup_translation_ctx().
55 *
56 * The |state| tells the fixup_args function something about the caller and
57 * what they may expect:
58 *
59 * PKEY The fixup_args function has been called
60 * from an EVP_PKEY payload getter / setter,
61 * and is fully responsible for getting or
62 * setting the requested data. With this
63 * state, the fixup_args function is expected
64 * to use or modify |*params|, depending on
65 * |action_type|.
66 *
67 * PRE_CTRL_TO_PARAMS The fixup_args function has been called
68 * POST_CTRL_TO_PARAMS from EVP_PKEY_CTX_ctrl(), to help with
69 * translating the ctrl data to an OSSL_PARAM
70 * element or back. The calling sequence is
71 * as follows:
72 *
73 * 1. fixup_args(PRE_CTRL_TO_PARAMS, ...)
74 * 2. EVP_PKEY_CTX_set_params() or
75 * EVP_PKEY_CTX_get_params()
76 * 3. fixup_args(POST_CTRL_TO_PARAMS, ...)
77 *
78 * With the PRE_CTRL_TO_PARAMS state, the
79 * fixup_args function is expected to modify
80 * the passed |*params| in whatever way
81 * necessary, when |action_type == SET|.
82 * With the POST_CTRL_TO_PARAMS state, the
83 * fixup_args function is expected to modify
84 * the passed |p2| in whatever way necessary,
85 * when |action_type == GET|.
86 *
87 * The return value from the fixup_args call
88 * with the POST_CTRL_TO_PARAMS state becomes
89 * the return value back to EVP_PKEY_CTX_ctrl().
90 *
91 * CLEANUP_CTRL_TO_PARAMS The cleanup_args functions has been called
92 * from EVP_PKEY_CTX_ctrl(), to clean up what
93 * the fixup_args function has done, if needed.
94 *
95 *
96 * PRE_CTRL_STR_TO_PARAMS The fixup_args function has been called
97 * POST_CTRL_STR_TO_PARAMS from EVP_PKEY_CTX_ctrl_str(), to help with
98 * translating the ctrl_str data to an
99 * OSSL_PARAM element or back. The calling
100 * sequence is as follows:
101 *
102 * 1. fixup_args(PRE_CTRL_STR_TO_PARAMS, ...)
103 * 2. EVP_PKEY_CTX_set_params() or
104 * EVP_PKEY_CTX_get_params()
105 * 3. fixup_args(POST_CTRL_STR_TO_PARAMS, ...)
106 *
107 * With the PRE_CTRL_STR_TO_PARAMS state,
108 * the fixup_args function is expected to
109 * modify the passed |*params| in whatever
110 * way necessary, when |action_type == SET|.
111 * With the POST_CTRL_STR_TO_PARAMS state,
112 * the fixup_args function is only expected
113 * to return a value.
114 *
115 * CLEANUP_CTRL_STR_TO_PARAMS The cleanup_args functions has been called
116 * from EVP_PKEY_CTX_ctrl_str(), to clean up
117 * what the fixup_args function has done, if
118 * needed.
119 *
120 * PRE_PARAMS_TO_CTRL The fixup_args function has been called
121 * POST_PARAMS_TO_CTRL from EVP_PKEY_CTX_get_params() or
122 * EVP_PKEY_CTX_set_params(), to help with
123 * translating the OSSL_PARAM data to the
124 * corresponding EVP_PKEY_CTX_ctrl() arguments
125 * or the other way around. The calling
126 * sequence is as follows:
127 *
128 * 1. fixup_args(PRE_PARAMS_TO_CTRL, ...)
129 * 2. EVP_PKEY_CTX_ctrl()
130 * 3. fixup_args(POST_PARAMS_TO_CTRL, ...)
131 *
132 * With the PRE_PARAMS_TO_CTRL state, the
133 * fixup_args function is expected to modify
134 * the passed |p1| and |p2| in whatever way
135 * necessary, when |action_type == SET|.
136 * With the POST_PARAMS_TO_CTRL state, the
137 * fixup_args function is expected to
138 * modify the passed |*params| in whatever
139 * way necessary, when |action_type == GET|.
140 *
141 * CLEANUP_PARAMS_TO_CTRL The cleanup_args functions has been called
142 * from EVP_PKEY_CTX_get_params() or
143 * EVP_PKEY_CTX_set_params(), to clean up what
144 * the fixup_args function has done, if needed.
145 */
146 enum state {
147 PKEY,
148 PRE_CTRL_TO_PARAMS, POST_CTRL_TO_PARAMS, CLEANUP_CTRL_TO_PARAMS,
149 PRE_CTRL_STR_TO_PARAMS, POST_CTRL_STR_TO_PARAMS, CLEANUP_CTRL_STR_TO_PARAMS,
150 PRE_PARAMS_TO_CTRL, POST_PARAMS_TO_CTRL, CLEANUP_PARAMS_TO_CTRL
151 };
152 enum action {
153 NONE = 0, GET = 1, SET = 2
154 };
155 typedef int fixup_args_fn(enum state state,
156 const struct translation_st *translation,
157 struct translation_ctx_st *ctx);
158 typedef int cleanup_args_fn(enum state state,
159 const struct translation_st *translation,
160 struct translation_ctx_st *ctx);
161
162 struct translation_ctx_st {
163 /*
164 * The EVP_PKEY_CTX, for calls on that structure, to be pilfered for data
165 * as necessary.
166 */
167 EVP_PKEY_CTX *pctx;
168 /*
169 * The action type (GET or SET). This may be 0 in some cases, and should
170 * be modified by the fixup_args function in the PRE states. It should
171 * otherwise remain untouched once set.
172 */
173 enum action action_type;
174 /*
175 * For ctrl to params translation, the actual ctrl command number used.
176 * For params to ctrl translation, 0.
177 */
178 int ctrl_cmd;
179 /*
180 * For ctrl_str to params translation, the actual ctrl command string
181 * used. In this case, the (string) value is always passed as |p2|.
182 * For params to ctrl translation, this is NULL. Along with it is also
183 * and indicator whether it matched |ctrl_str| or |ctrl_hexstr| in the
184 * translation item.
185 */
186 const char *ctrl_str;
187 int ishex;
188 /* the ctrl-style int argument. */
189 int p1;
190 /* the ctrl-style void* argument. */
191 void *p2;
192 /* a size, for passing back the |p2| size where applicable */
193 size_t sz;
194 /* pointer to the OSSL_PARAM-style params array. */
195 OSSL_PARAM *params;
196
197 /*-
198 * The following are used entirely internally by the fixup_args functions
199 * and should not be touched by the callers, at all.
200 */
201
202 /*
203 * Copy of the ctrl-style void* argument, if the fixup_args function
204 * needs to manipulate |p2| but wants to remember original.
205 */
206 void *orig_p2;
207 /* Diverse types of storage for the needy. */
208 char name_buf[OSSL_MAX_NAME_SIZE];
209 void *allocated_buf;
210 void *bufp;
211 size_t buflen;
212 };
213
214 struct translation_st {
215 /*-
216 * What this table item does.
217 *
218 * If the item has this set to 0, it means that both GET and SET are
219 * supported, and |fixup_args| will determine which it is. This is to
220 * support translations of ctrls where the action type depends on the
221 * value of |p1| or |p2| (ctrls are really bi-directional, but are
222 * seldom used that way).
223 *
224 * This can be also used in the lookup template when it looks up by
225 * OSSL_PARAM key, to indicate if a setter or a getter called.
226 */
227 enum action action_type;
228
229 /*-
230 * Conditions, for params->ctrl translations.
231 *
232 * In table item, |keytype1| and |keytype2| can be set to -1 to indicate
233 * that this item supports all key types (or rather, that |fixup_args|
234 * will check and return an error if it's not supported).
235 * Any of these may be set to 0 to indicate that they are unset.
236 */
237 int keytype1; /* The EVP_PKEY_XXX type, i.e. NIDs. #legacy */
238 int keytype2; /* Another EVP_PKEY_XXX type, used for aliases */
239 int optype; /* The operation type */
240
241 /*
242 * Lookup and translation attributes
243 *
244 * |ctrl_num|, |ctrl_str|, |ctrl_hexstr| and |param_key| are lookup
245 * attributes.
246 *
247 * |ctrl_num| may be 0 or that |param_key| may be NULL in the table item,
248 * but not at the same time. If they are, they are simply not used for
249 * lookup.
250 * When |ctrl_num| == 0, no ctrl will be called. Likewise, when
251 * |param_key| == NULL, no OSSL_PARAM setter/getter will be called.
252 * In that case the treatment of the translation item relies entirely on
253 * |fixup_args|, which is then assumed to have side effects.
254 *
255 * As a special case, it's possible to set |ctrl_hexstr| and assign NULL
256 * to |ctrl_str|. That will signal to default_fixup_args() that the
257 * value must always be interpreted as hex.
258 */
259 int ctrl_num; /* EVP_PKEY_CTRL_xxx */
260 const char *ctrl_str; /* The corresponding ctrl string */
261 const char *ctrl_hexstr; /* The alternative "hex{str}" ctrl string */
262 const char *param_key; /* The corresponding OSSL_PARAM key */
263 /*
264 * The appropriate OSSL_PARAM data type. This may be 0 to indicate that
265 * this OSSL_PARAM may have more than one data type, depending on input
266 * material. In this case, |fixup_args| is expected to check and handle
267 * it.
268 */
269 unsigned int param_data_type;
270
271 /*
272 * Fixer functions
273 *
274 * |fixup_args| is always called before (for SET) or after (for GET)
275 * the actual ctrl / OSSL_PARAM function.
276 */
277 fixup_args_fn *fixup_args;
278 };
279
280 /*-
281 * Fixer function implementations
282 * ==============================
283 */
284
285 /*
286 * default_check isn't a fixer per se, but rather a helper function to
287 * perform certain standard checks.
288 */
default_check(enum state state,const struct translation_st * translation,const struct translation_ctx_st * ctx)289 static int default_check(enum state state,
290 const struct translation_st *translation,
291 const struct translation_ctx_st *ctx)
292 {
293 switch (state) {
294 default:
295 break;
296 case PRE_CTRL_TO_PARAMS:
297 if (!ossl_assert(translation != NULL)) {
298 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
299 return -2;
300 }
301 if (!ossl_assert(translation->param_key != 0)
302 || !ossl_assert(translation->param_data_type != 0)) {
303 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
304 return -1;
305 }
306 break;
307 case PRE_CTRL_STR_TO_PARAMS:
308 /*
309 * For ctrl_str to params translation, we allow direct use of
310 * OSSL_PARAM keys as ctrl_str keys. Therefore, it's possible that
311 * we end up with |translation == NULL|, which is fine. The fixup
312 * function will have to deal with it carefully.
313 */
314 if (translation != NULL) {
315 if (!ossl_assert(translation->action_type != GET)) {
316 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
317 return -2;
318 }
319 if (!ossl_assert(translation->param_key != NULL)
320 || !ossl_assert(translation->param_data_type != 0)) {
321 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
322 return 0;
323 }
324 }
325 break;
326 case PRE_PARAMS_TO_CTRL:
327 case POST_PARAMS_TO_CTRL:
328 if (!ossl_assert(translation != NULL)) {
329 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
330 return -2;
331 }
332 if (!ossl_assert(translation->ctrl_num != 0)
333 || !ossl_assert(translation->param_data_type != 0)) {
334 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
335 return -1;
336 }
337 }
338
339 /* Nothing else to check */
340 return 1;
341 }
342
343 /*-
344 * default_fixup_args fixes up all sorts of arguments, governed by the
345 * diverse attributes in the translation item. It covers all "standard"
346 * base ctrl functionality, meaning it can handle basic conversion of
347 * data between p1+p2 (SET) or return value+p2 (GET) as long as the values
348 * don't have extra semantics (such as NIDs, OIDs, that sort of stuff).
349 * Extra semantics must be handled via specific fixup_args functions.
350 *
351 * The following states and action type combinations have standard handling
352 * done in this function:
353 *
354 * PRE_CTRL_TO_PARAMS, 0 - ERROR. action type must be
355 * determined by a fixup function.
356 * PRE_CTRL_TO_PARAMS, SET | GET - |p1| and |p2| are converted to an
357 * OSSL_PARAM according to the data
358 * type given in |translattion|.
359 * For OSSL_PARAM_UNSIGNED_INTEGER,
360 * a BIGNUM passed as |p2| is accepted.
361 * POST_CTRL_TO_PARAMS, GET - If the OSSL_PARAM data type is a
362 * STRING or PTR type, |p1| is set
363 * to the OSSL_PARAM return size, and
364 * |p2| is set to the string.
365 * PRE_CTRL_STR_TO_PARAMS, !SET - ERROR. That combination is not
366 * supported.
367 * PRE_CTRL_STR_TO_PARAMS, SET - |p2| is taken as a string, and is
368 * converted to an OSSL_PARAM in a
369 * standard manner, guided by the
370 * param key and data type from
371 * |translation|.
372 * PRE_PARAMS_TO_CTRL, SET - the OSSL_PARAM is converted to
373 * |p1| and |p2| according to the
374 * data type given in |translation|
375 * For OSSL_PARAM_UNSIGNED_INTEGER,
376 * if |p2| is non-NULL, then |*p2|
377 * is assigned a BIGNUM, otherwise
378 * |p1| is assigned an unsigned int.
379 * POST_PARAMS_TO_CTRL, GET - |p1| and |p2| are converted to
380 * an OSSL_PARAM, in the same manner
381 * as for the combination of
382 * PRE_CTRL_TO_PARAMS, SET.
383 */
default_fixup_args(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)384 static int default_fixup_args(enum state state,
385 const struct translation_st *translation,
386 struct translation_ctx_st *ctx)
387 {
388 int ret;
389
390 if ((ret = default_check(state, translation, ctx)) <= 0)
391 return ret;
392
393 switch (state) {
394 default:
395 /* For states this function should never have been called with */
396 ERR_raise_data(ERR_LIB_EVP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
397 "[action:%d, state:%d]", ctx->action_type, state);
398 return 0;
399
400 /*
401 * PRE_CTRL_TO_PARAMS and POST_CTRL_TO_PARAMS handle ctrl to params
402 * translations. PRE_CTRL_TO_PARAMS is responsible for preparing
403 * |*params|, and POST_CTRL_TO_PARAMS is responsible for bringing the
404 * result back to |*p2| and the return value.
405 */
406 case PRE_CTRL_TO_PARAMS:
407 /* This is ctrl to params translation, so we need an OSSL_PARAM key */
408 if (ctx->action_type == NONE) {
409 /*
410 * No action type is an error here. That's a case for a
411 * special fixup function.
412 */
413 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
414 "[action:%d, state:%d]", ctx->action_type, state);
415 return 0;
416 }
417
418 if (translation->optype != 0) {
419 if ((EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx)
420 && ctx->pctx->op.sig.algctx == NULL)
421 || (EVP_PKEY_CTX_IS_DERIVE_OP(ctx->pctx)
422 && ctx->pctx->op.kex.algctx == NULL)
423 || (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx->pctx)
424 && ctx->pctx->op.ciph.algctx == NULL)
425 || (EVP_PKEY_CTX_IS_KEM_OP(ctx->pctx)
426 && ctx->pctx->op.encap.algctx == NULL)
427 /*
428 * The following may be unnecessary, but we have them
429 * for good measure...
430 */
431 || (EVP_PKEY_CTX_IS_GEN_OP(ctx->pctx)
432 && ctx->pctx->op.keymgmt.genctx == NULL)
433 || (EVP_PKEY_CTX_IS_FROMDATA_OP(ctx->pctx)
434 && ctx->pctx->op.keymgmt.genctx == NULL)) {
435 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
436 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
437 return -2;
438 }
439 }
440
441 /*
442 * OSSL_PARAM_construct_TYPE() works equally well for both SET and GET.
443 */
444 switch (translation->param_data_type) {
445 case OSSL_PARAM_INTEGER:
446 *ctx->params = OSSL_PARAM_construct_int(translation->param_key,
447 &ctx->p1);
448 break;
449 case OSSL_PARAM_UNSIGNED_INTEGER:
450 /*
451 * BIGNUMs are passed via |p2|. For all ctrl's that just want
452 * to pass a simple integer via |p1|, |p2| is expected to be
453 * NULL.
454 *
455 * Note that this allocates a buffer, which the cleanup function
456 * must deallocate.
457 */
458 if (ctx->p2 != NULL) {
459 if (ctx->action_type == SET) {
460 ctx->buflen = BN_num_bytes(ctx->p2);
461 if ((ctx->allocated_buf
462 = OPENSSL_malloc(ctx->buflen)) == NULL)
463 return 0;
464 if (BN_bn2nativepad(ctx->p2,
465 ctx->allocated_buf, ctx->buflen) < 0) {
466 OPENSSL_free(ctx->allocated_buf);
467 ctx->allocated_buf = NULL;
468 return 0;
469 }
470 *ctx->params =
471 OSSL_PARAM_construct_BN(translation->param_key,
472 ctx->allocated_buf,
473 ctx->buflen);
474 } else {
475 /*
476 * No support for getting a BIGNUM by ctrl, this needs
477 * fixup_args function support.
478 */
479 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
480 "[action:%d, state:%d] trying to get a "
481 "BIGNUM via ctrl call",
482 ctx->action_type, state);
483 return 0;
484 }
485 } else {
486 *ctx->params =
487 OSSL_PARAM_construct_uint(translation->param_key,
488 (unsigned int *)&ctx->p1);
489 }
490 break;
491 case OSSL_PARAM_UTF8_STRING:
492 *ctx->params =
493 OSSL_PARAM_construct_utf8_string(translation->param_key,
494 ctx->p2, (size_t)ctx->p1);
495 break;
496 case OSSL_PARAM_UTF8_PTR:
497 *ctx->params =
498 OSSL_PARAM_construct_utf8_ptr(translation->param_key,
499 ctx->p2, (size_t)ctx->p1);
500 break;
501 case OSSL_PARAM_OCTET_STRING:
502 *ctx->params =
503 OSSL_PARAM_construct_octet_string(translation->param_key,
504 ctx->p2, (size_t)ctx->p1);
505 break;
506 case OSSL_PARAM_OCTET_PTR:
507 *ctx->params =
508 OSSL_PARAM_construct_octet_ptr(translation->param_key,
509 ctx->p2, (size_t)ctx->p1);
510 break;
511 }
512 break;
513 case POST_CTRL_TO_PARAMS:
514 /*
515 * Because EVP_PKEY_CTX_ctrl() returns the length of certain objects
516 * as its return value, we need to ensure that we do it here as well,
517 * for the OSSL_PARAM data types where this makes sense.
518 */
519 if (ctx->action_type == GET) {
520 switch (translation->param_data_type) {
521 case OSSL_PARAM_UTF8_STRING:
522 case OSSL_PARAM_UTF8_PTR:
523 case OSSL_PARAM_OCTET_STRING:
524 case OSSL_PARAM_OCTET_PTR:
525 ctx->p1 = (int)ctx->params[0].return_size;
526 break;
527 }
528 }
529 break;
530
531 /*
532 * PRE_CTRL_STR_TO_PARAMS and POST_CTRL_STR_TO_PARAMS handle ctrl_str to
533 * params translations. PRE_CTRL_TO_PARAMS is responsible for preparing
534 * |*params|, and POST_CTRL_TO_PARAMS currently has nothing to do, since
535 * there's no support for getting data via ctrl_str calls.
536 */
537 case PRE_CTRL_STR_TO_PARAMS:
538 {
539 /* This is ctrl_str to params translation */
540 const char *tmp_ctrl_str = ctx->ctrl_str;
541 const char *orig_ctrl_str = ctx->ctrl_str;
542 const char *orig_value = ctx->p2;
543 const OSSL_PARAM *settable = NULL;
544 int exists = 0;
545
546 /* Only setting is supported here */
547 if (ctx->action_type != SET) {
548 ERR_raise_data(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED,
549 "[action:%d, state:%d] only setting allowed",
550 ctx->action_type, state);
551 return 0;
552 }
553
554 /*
555 * If no translation exists, we simply pass the control string
556 * unmodified.
557 */
558 if (translation != NULL) {
559 tmp_ctrl_str = ctx->ctrl_str = translation->param_key;
560
561 if (ctx->ishex) {
562 strcpy(ctx->name_buf, "hex");
563 if (OPENSSL_strlcat(ctx->name_buf, tmp_ctrl_str,
564 sizeof(ctx->name_buf)) <= 3) {
565 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
566 return -1;
567 }
568 tmp_ctrl_str = ctx->name_buf;
569 }
570 }
571
572 settable = EVP_PKEY_CTX_settable_params(ctx->pctx);
573 if (!OSSL_PARAM_allocate_from_text(ctx->params, settable,
574 tmp_ctrl_str,
575 ctx->p2, strlen(ctx->p2),
576 &exists)) {
577 if (!exists) {
578 ERR_raise_data(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED,
579 "[action:%d, state:%d] name=%s, value=%s",
580 ctx->action_type, state,
581 orig_ctrl_str, orig_value);
582 return -2;
583 }
584 return 0;
585 }
586 ctx->allocated_buf = ctx->params->data;
587 ctx->buflen = ctx->params->data_size;
588 }
589 break;
590 case POST_CTRL_STR_TO_PARAMS:
591 /* Nothing to be done */
592 break;
593
594 /*
595 * PRE_PARAMS_TO_CTRL and POST_PARAMS_TO_CTRL handle params to ctrl
596 * translations. PRE_PARAMS_TO_CTRL is responsible for preparing
597 * |p1| and |p2|, and POST_PARAMS_TO_CTRL is responsible for bringing
598 * the EVP_PKEY_CTX_ctrl() return value (passed as |p1|) and |p2| back
599 * to |*params|.
600 *
601 * PKEY is treated just like POST_PARAMS_TO_CTRL, making it easy
602 * for the related fixup_args functions to just set |p1| and |p2|
603 * appropriately and leave it to this section of code to fix up
604 * |ctx->params| accordingly.
605 */
606 case PKEY:
607 case POST_PARAMS_TO_CTRL:
608 ret = ctx->p1;
609 /* FALLTHRU */
610 case PRE_PARAMS_TO_CTRL:
611 {
612 /* This is params to ctrl translation */
613 if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == SET) {
614 /* For the PRE state, only setting needs some work to be done */
615
616 /* When setting, we populate |p1| and |p2| from |*params| */
617 switch (translation->param_data_type) {
618 case OSSL_PARAM_INTEGER:
619 return OSSL_PARAM_get_int(ctx->params, &ctx->p1);
620 case OSSL_PARAM_UNSIGNED_INTEGER:
621 if (ctx->p2 != NULL) {
622 /* BIGNUM passed down with p2 */
623 if (!OSSL_PARAM_get_BN(ctx->params, ctx->p2))
624 return 0;
625 } else {
626 /* Normal C unsigned int passed down */
627 if (!OSSL_PARAM_get_uint(ctx->params,
628 (unsigned int *)&ctx->p1))
629 return 0;
630 }
631 return 1;
632 case OSSL_PARAM_UTF8_STRING:
633 return OSSL_PARAM_get_utf8_string(ctx->params,
634 ctx->p2, ctx->sz);
635 case OSSL_PARAM_OCTET_STRING:
636 return OSSL_PARAM_get_octet_string(ctx->params,
637 &ctx->p2, ctx->sz,
638 (size_t *)&ctx->p1);
639 case OSSL_PARAM_OCTET_PTR:
640 return OSSL_PARAM_get_octet_ptr(ctx->params,
641 ctx->p2, &ctx->sz);
642 default:
643 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
644 "[action:%d, state:%d] "
645 "unknown OSSL_PARAM data type %d",
646 ctx->action_type, state,
647 translation->param_data_type);
648 return 0;
649 }
650 } else if ((state == POST_PARAMS_TO_CTRL || state == PKEY)
651 && ctx->action_type == GET) {
652 /* For the POST state, only getting needs some work to be done */
653 unsigned int param_data_type = translation->param_data_type;
654 size_t size = (size_t)ctx->p1;
655
656 if (state == PKEY)
657 size = ctx->sz;
658 if (param_data_type == 0) {
659 /* we must have a fixup_args function to work */
660 if (!ossl_assert(translation->fixup_args != NULL)) {
661 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
662 return 0;
663 }
664 param_data_type = ctx->params->data_type;
665 }
666 /* When getting, we populate |*params| from |p1| and |p2| */
667 switch (param_data_type) {
668 case OSSL_PARAM_INTEGER:
669 return OSSL_PARAM_set_int(ctx->params, ctx->p1);
670 case OSSL_PARAM_UNSIGNED_INTEGER:
671 if (ctx->p2 != NULL) {
672 /* BIGNUM passed back */
673 return OSSL_PARAM_set_BN(ctx->params, ctx->p2);
674 } else {
675 /* Normal C unsigned int passed back */
676 return OSSL_PARAM_set_uint(ctx->params,
677 (unsigned int)ctx->p1);
678 }
679 return 0;
680 case OSSL_PARAM_UTF8_STRING:
681 return OSSL_PARAM_set_utf8_string(ctx->params, ctx->p2);
682 case OSSL_PARAM_OCTET_STRING:
683 return OSSL_PARAM_set_octet_string(ctx->params, ctx->p2,
684 size);
685 case OSSL_PARAM_OCTET_PTR:
686 return OSSL_PARAM_set_octet_ptr(ctx->params, *(void **)ctx->p2,
687 size);
688 default:
689 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
690 "[action:%d, state:%d] "
691 "unsupported OSSL_PARAM data type %d",
692 ctx->action_type, state,
693 translation->param_data_type);
694 return 0;
695 }
696 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == GET) {
697 if (translation->param_data_type == OSSL_PARAM_OCTET_PTR)
698 ctx->p2 = &ctx->bufp;
699 }
700 }
701 /* Any other combination is simply pass-through */
702 break;
703 }
704 return ret;
705 }
706
707 static int
cleanup_translation_ctx(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)708 cleanup_translation_ctx(enum state state,
709 const struct translation_st *translation,
710 struct translation_ctx_st *ctx)
711 {
712 if (ctx->allocated_buf != NULL)
713 OPENSSL_free(ctx->allocated_buf);
714 ctx->allocated_buf = NULL;
715 return 1;
716 }
717
718 /*
719 * fix_cipher_md fixes up an EVP_CIPHER / EVP_MD to its name on SET,
720 * and cipher / md name to EVP_MD on GET.
721 */
get_cipher_name(void * cipher)722 static const char *get_cipher_name(void *cipher)
723 {
724 return EVP_CIPHER_get0_name(cipher);
725 }
726
get_md_name(void * md)727 static const char *get_md_name(void *md)
728 {
729 return EVP_MD_get0_name(md);
730 }
731
get_cipher_by_name(OSSL_LIB_CTX * libctx,const char * name)732 static const void *get_cipher_by_name(OSSL_LIB_CTX *libctx, const char *name)
733 {
734 return evp_get_cipherbyname_ex(libctx, name);
735 }
736
get_md_by_name(OSSL_LIB_CTX * libctx,const char * name)737 static const void *get_md_by_name(OSSL_LIB_CTX *libctx, const char *name)
738 {
739 return evp_get_digestbyname_ex(libctx, name);
740 }
741
fix_cipher_md(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const char * (* get_name)(void * algo),const void * (* get_algo_by_name)(OSSL_LIB_CTX * libctx,const char * name))742 static int fix_cipher_md(enum state state,
743 const struct translation_st *translation,
744 struct translation_ctx_st *ctx,
745 const char *(*get_name)(void *algo),
746 const void *(*get_algo_by_name)(OSSL_LIB_CTX *libctx,
747 const char *name))
748 {
749 int ret = 1;
750
751 if ((ret = default_check(state, translation, ctx)) <= 0)
752 return ret;
753
754 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == GET) {
755 /*
756 * |ctx->p2| contains the address to an EVP_CIPHER or EVP_MD pointer
757 * to be filled in. We need to remember it, then make |ctx->p2|
758 * point at a buffer to be filled in with the name, and |ctx->p1|
759 * with its size. default_fixup_args() will take care of the rest
760 * for us.
761 */
762 ctx->orig_p2 = ctx->p2;
763 ctx->p2 = ctx->name_buf;
764 ctx->p1 = sizeof(ctx->name_buf);
765 } else if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == SET) {
766 /*
767 * In different parts of OpenSSL, this ctrl command is used
768 * differently. Some calls pass a NID as p1, others pass an
769 * EVP_CIPHER pointer as p2...
770 */
771 ctx->p2 = (char *)(ctx->p2 == NULL
772 ? OBJ_nid2sn(ctx->p1)
773 : get_name(ctx->p2));
774 ctx->p1 = strlen(ctx->p2);
775 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == GET) {
776 ctx->p2 = (ctx->p2 == NULL ? "" : (char *)get_name(ctx->p2));
777 ctx->p1 = strlen(ctx->p2);
778 }
779
780 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
781 return ret;
782
783 if (state == POST_CTRL_TO_PARAMS && ctx->action_type == GET) {
784 /*
785 * Here's how we reuse |ctx->orig_p2| that was set in the
786 * PRE_CTRL_TO_PARAMS state above.
787 */
788 *(void **)ctx->orig_p2 =
789 (void *)get_algo_by_name(ctx->pctx->libctx, ctx->p2);
790 ctx->p1 = 1;
791 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == SET) {
792 ctx->p2 = (void *)get_algo_by_name(ctx->pctx->libctx, ctx->p2);
793 ctx->p1 = 0;
794 }
795
796 return ret;
797 }
798
fix_cipher(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)799 static int fix_cipher(enum state state,
800 const struct translation_st *translation,
801 struct translation_ctx_st *ctx)
802 {
803 return fix_cipher_md(state, translation, ctx,
804 get_cipher_name, get_cipher_by_name);
805 }
806
fix_md(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)807 static int fix_md(enum state state,
808 const struct translation_st *translation,
809 struct translation_ctx_st *ctx)
810 {
811 return fix_cipher_md(state, translation, ctx,
812 get_md_name, get_md_by_name);
813 }
814
fix_distid_len(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)815 static int fix_distid_len(enum state state,
816 const struct translation_st *translation,
817 struct translation_ctx_st *ctx)
818 {
819 int ret = default_fixup_args(state, translation, ctx);
820
821 if (ret > 0) {
822 ret = 0;
823 if ((state == POST_CTRL_TO_PARAMS
824 || state == POST_CTRL_STR_TO_PARAMS) && ctx->action_type == GET) {
825 *(size_t *)ctx->p2 = ctx->sz;
826 ret = 1;
827 }
828 }
829 return ret;
830 }
831
832 struct kdf_type_map_st {
833 int kdf_type_num;
834 const char *kdf_type_str;
835 };
836
fix_kdf_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const struct kdf_type_map_st * kdf_type_map)837 static int fix_kdf_type(enum state state,
838 const struct translation_st *translation,
839 struct translation_ctx_st *ctx,
840 const struct kdf_type_map_st *kdf_type_map)
841 {
842 /*
843 * The EVP_PKEY_CTRL_DH_KDF_TYPE ctrl command is a bit special, in
844 * that it's used both for setting a value, and for getting it, all
845 * depending on the value if |p1|; if |p1| is -2, the backend is
846 * supposed to place the current kdf type in |p2|, and if not, |p1|
847 * is interpreted as the new kdf type.
848 */
849 int ret = 0;
850
851 if ((ret = default_check(state, translation, ctx)) <= 0)
852 return ret;
853
854 if (state == PRE_CTRL_TO_PARAMS) {
855 /*
856 * In |translations|, the initial value for |ctx->action_type| must
857 * be NONE.
858 */
859 if (!ossl_assert(ctx->action_type == NONE))
860 return 0;
861
862 /* The action type depends on the value of *p1 */
863 if (ctx->p1 == -2) {
864 /*
865 * The OSSL_PARAMS getter needs space to store a copy of the kdf
866 * type string. We use |ctx->name_buf|, which has enough space
867 * allocated.
868 *
869 * (this wouldn't be needed if the OSSL_xxx_PARAM_KDF_TYPE
870 * had the data type OSSL_PARAM_UTF8_PTR)
871 */
872 ctx->p2 = ctx->name_buf;
873 ctx->p1 = sizeof(ctx->name_buf);
874 ctx->action_type = GET;
875 } else {
876 ctx->action_type = SET;
877 }
878 }
879
880 if ((ret = default_check(state, translation, ctx)) <= 0)
881 return ret;
882
883 if ((state == PRE_CTRL_TO_PARAMS && ctx->action_type == SET)
884 || (state == POST_PARAMS_TO_CTRL && ctx->action_type == GET)) {
885 ret = -2;
886 /* Convert KDF type numbers to strings */
887 for (; kdf_type_map->kdf_type_str != NULL; kdf_type_map++)
888 if (ctx->p1 == kdf_type_map->kdf_type_num) {
889 ctx->p2 = (char *)kdf_type_map->kdf_type_str;
890 ret = 1;
891 break;
892 }
893 if (ret <= 0)
894 goto end;
895 ctx->p1 = strlen(ctx->p2);
896 }
897
898 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
899 return ret;
900
901 if ((state == POST_CTRL_TO_PARAMS && ctx->action_type == GET)
902 || (state == PRE_PARAMS_TO_CTRL && ctx->action_type == SET)) {
903 ctx->p1 = ret = -1;
904
905 /* Convert KDF type strings to numbers */
906 for (; kdf_type_map->kdf_type_str != NULL; kdf_type_map++)
907 if (OPENSSL_strcasecmp(ctx->p2, kdf_type_map->kdf_type_str) == 0) {
908 ctx->p1 = kdf_type_map->kdf_type_num;
909 ret = 1;
910 break;
911 }
912 ctx->p2 = NULL;
913 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == GET) {
914 ctx->p1 = -2;
915 }
916 end:
917 return ret;
918 }
919
920 /* EVP_PKEY_CTRL_DH_KDF_TYPE */
fix_dh_kdf_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)921 static int fix_dh_kdf_type(enum state state,
922 const struct translation_st *translation,
923 struct translation_ctx_st *ctx)
924 {
925 static const struct kdf_type_map_st kdf_type_map[] = {
926 { EVP_PKEY_DH_KDF_NONE, "" },
927 { EVP_PKEY_DH_KDF_X9_42, OSSL_KDF_NAME_X942KDF_ASN1 },
928 { 0, NULL }
929 };
930
931 return fix_kdf_type(state, translation, ctx, kdf_type_map);
932 }
933
934 /* EVP_PKEY_CTRL_EC_KDF_TYPE */
fix_ec_kdf_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)935 static int fix_ec_kdf_type(enum state state,
936 const struct translation_st *translation,
937 struct translation_ctx_st *ctx)
938 {
939 static const struct kdf_type_map_st kdf_type_map[] = {
940 { EVP_PKEY_ECDH_KDF_NONE, "" },
941 { EVP_PKEY_ECDH_KDF_X9_63, OSSL_KDF_NAME_X963KDF },
942 { 0, NULL }
943 };
944
945 return fix_kdf_type(state, translation, ctx, kdf_type_map);
946 }
947
948 /* EVP_PKEY_CTRL_DH_KDF_OID, EVP_PKEY_CTRL_GET_DH_KDF_OID, ...??? */
fix_oid(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)949 static int fix_oid(enum state state,
950 const struct translation_st *translation,
951 struct translation_ctx_st *ctx)
952 {
953 int ret;
954
955 if ((ret = default_check(state, translation, ctx)) <= 0)
956 return ret;
957
958 if ((state == PRE_CTRL_TO_PARAMS && ctx->action_type == SET)
959 || (state == POST_PARAMS_TO_CTRL && ctx->action_type == GET)) {
960 /*
961 * We're translating from ctrl to params and setting the OID, or
962 * we're translating from params to ctrl and getting the OID.
963 * Either way, |ctx->p2| points at an ASN1_OBJECT, and needs to have
964 * that replaced with the corresponding name.
965 * default_fixup_args() will then be able to convert that to the
966 * corresponding OSSL_PARAM.
967 */
968 OBJ_obj2txt(ctx->name_buf, sizeof(ctx->name_buf), ctx->p2, 0);
969 ctx->p2 = (char *)ctx->name_buf;
970 ctx->p1 = 0; /* let default_fixup_args() figure out the length */
971 }
972
973 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
974 return ret;
975
976 if ((state == PRE_PARAMS_TO_CTRL && ctx->action_type == SET)
977 || (state == POST_CTRL_TO_PARAMS && ctx->action_type == GET)) {
978 /*
979 * We're translating from ctrl to params and setting the OID name,
980 * or we're translating from params to ctrl and getting the OID
981 * name. Either way, default_fixup_args() has placed the OID name
982 * in |ctx->p2|, all we need to do now is to replace that with the
983 * corresponding ASN1_OBJECT.
984 */
985 ctx->p2 = (ASN1_OBJECT *)OBJ_txt2obj(ctx->p2, 0);
986 }
987
988 return ret;
989 }
990
991 /* EVP_PKEY_CTRL_DH_NID */
fix_dh_nid(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)992 static int fix_dh_nid(enum state state,
993 const struct translation_st *translation,
994 struct translation_ctx_st *ctx)
995 {
996 int ret;
997
998 if ((ret = default_check(state, translation, ctx)) <= 0)
999 return ret;
1000
1001 /* This is only settable */
1002 if (ctx->action_type != SET)
1003 return 0;
1004
1005 if (state == PRE_CTRL_TO_PARAMS) {
1006 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
1007 (ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) {
1008 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1009 return 0;
1010 }
1011 ctx->p1 = 0;
1012 }
1013
1014 return default_fixup_args(state, translation, ctx);
1015 }
1016
1017 /* EVP_PKEY_CTRL_DH_RFC5114 */
fix_dh_nid5114(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1018 static int fix_dh_nid5114(enum state state,
1019 const struct translation_st *translation,
1020 struct translation_ctx_st *ctx)
1021 {
1022 int ret;
1023
1024 if ((ret = default_check(state, translation, ctx)) <= 0)
1025 return ret;
1026
1027 /* This is only settable */
1028 if (ctx->action_type != SET)
1029 return 0;
1030
1031 switch (state) {
1032 case PRE_CTRL_TO_PARAMS:
1033 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
1034 (ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) {
1035 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1036 return 0;
1037 }
1038
1039 ctx->p1 = 0;
1040 break;
1041
1042 case PRE_CTRL_STR_TO_PARAMS:
1043 if (ctx->p2 == NULL)
1044 return 0;
1045 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
1046 (ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2)))) == NULL) {
1047 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1048 return 0;
1049 }
1050
1051 ctx->p1 = 0;
1052 break;
1053
1054 default:
1055 break;
1056 }
1057
1058 return default_fixup_args(state, translation, ctx);
1059 }
1060
1061 /* EVP_PKEY_CTRL_DH_PARAMGEN_TYPE */
fix_dh_paramgen_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1062 static int fix_dh_paramgen_type(enum state state,
1063 const struct translation_st *translation,
1064 struct translation_ctx_st *ctx)
1065 {
1066 int ret;
1067
1068 if ((ret = default_check(state, translation, ctx)) <= 0)
1069 return ret;
1070
1071 /* This is only settable */
1072 if (ctx->action_type != SET)
1073 return 0;
1074
1075 if (state == PRE_CTRL_STR_TO_PARAMS) {
1076 if ((ctx->p2 = (char *)ossl_dh_gen_type_id2name(atoi(ctx->p2)))
1077 == NULL) {
1078 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1079 return 0;
1080 }
1081 ctx->p1 = strlen(ctx->p2);
1082 }
1083
1084 return default_fixup_args(state, translation, ctx);
1085 }
1086
1087 /* EVP_PKEY_CTRL_EC_PARAM_ENC */
fix_ec_param_enc(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1088 static int fix_ec_param_enc(enum state state,
1089 const struct translation_st *translation,
1090 struct translation_ctx_st *ctx)
1091 {
1092 int ret;
1093
1094 if ((ret = default_check(state, translation, ctx)) <= 0)
1095 return ret;
1096
1097 /* This is currently only settable */
1098 if (ctx->action_type != SET)
1099 return 0;
1100
1101 if (state == PRE_CTRL_TO_PARAMS) {
1102 switch (ctx->p1) {
1103 case OPENSSL_EC_EXPLICIT_CURVE:
1104 ctx->p2 = OSSL_PKEY_EC_ENCODING_EXPLICIT;
1105 break;
1106 case OPENSSL_EC_NAMED_CURVE:
1107 ctx->p2 = OSSL_PKEY_EC_ENCODING_GROUP;
1108 break;
1109 default:
1110 ret = -2;
1111 goto end;
1112 }
1113 ctx->p1 = 0;
1114 }
1115
1116 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1117 return ret;
1118
1119 if (state == PRE_PARAMS_TO_CTRL) {
1120 if (strcmp(ctx->p2, OSSL_PKEY_EC_ENCODING_EXPLICIT) == 0)
1121 ctx->p1 = OPENSSL_EC_EXPLICIT_CURVE;
1122 else if (strcmp(ctx->p2, OSSL_PKEY_EC_ENCODING_GROUP) == 0)
1123 ctx->p1 = OPENSSL_EC_NAMED_CURVE;
1124 else
1125 ctx->p1 = ret = -2;
1126 ctx->p2 = NULL;
1127 }
1128
1129 end:
1130 if (ret == -2)
1131 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1132 return ret;
1133 }
1134
1135 /* EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID */
fix_ec_paramgen_curve_nid(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1136 static int fix_ec_paramgen_curve_nid(enum state state,
1137 const struct translation_st *translation,
1138 struct translation_ctx_st *ctx)
1139 {
1140 char *p2 = NULL;
1141 int ret;
1142
1143 if ((ret = default_check(state, translation, ctx)) <= 0)
1144 return ret;
1145
1146 /* This is currently only settable */
1147 if (ctx->action_type != SET)
1148 return 0;
1149
1150 if (state == PRE_CTRL_TO_PARAMS) {
1151 ctx->p2 = (char *)OBJ_nid2sn(ctx->p1);
1152 ctx->p1 = 0;
1153 } else if (state == PRE_PARAMS_TO_CTRL) {
1154 /*
1155 * We're translating from params to ctrl and setting the curve name.
1156 * The ctrl function needs it to be a NID, but meanwhile, we need
1157 * space to get the curve name from the param. |ctx->name_buf| is
1158 * sufficient for that.
1159 * The double indirection is necessary for default_fixup_args()'s
1160 * call of OSSL_PARAM_get_utf8_string() to be done correctly.
1161 */
1162 p2 = ctx->name_buf;
1163 ctx->p2 = &p2;
1164 ctx->sz = sizeof(ctx->name_buf);
1165 }
1166
1167 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1168 return ret;
1169
1170 if (state == PRE_PARAMS_TO_CTRL) {
1171 ctx->p1 = OBJ_sn2nid(p2);
1172 ctx->p2 = NULL;
1173 }
1174
1175 return ret;
1176 }
1177
1178 /* EVP_PKEY_CTRL_EC_ECDH_COFACTOR */
fix_ecdh_cofactor(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1179 static int fix_ecdh_cofactor(enum state state,
1180 const struct translation_st *translation,
1181 struct translation_ctx_st *ctx)
1182 {
1183 /*
1184 * The EVP_PKEY_CTRL_EC_ECDH_COFACTOR ctrl command is a bit special, in
1185 * that it's used both for setting a value, and for getting it, all
1186 * depending on the value if |ctx->p1|; if |ctx->p1| is -2, the backend is
1187 * supposed to place the current cofactor mode in |ctx->p2|, and if not,
1188 * |ctx->p1| is interpreted as the new cofactor mode.
1189 */
1190 int ret = 0;
1191
1192 if (state == PRE_CTRL_TO_PARAMS) {
1193 /*
1194 * The initial value for |ctx->action_type| must be zero.
1195 * evp_pkey_ctrl_to_params() takes it from the translation item.
1196 */
1197 if (!ossl_assert(ctx->action_type == NONE))
1198 return 0;
1199
1200 /* The action type depends on the value of ctx->p1 */
1201 if (ctx->p1 == -2)
1202 ctx->action_type = GET;
1203 else
1204 ctx->action_type = SET;
1205 } else if (state == PRE_CTRL_STR_TO_PARAMS) {
1206 ctx->action_type = SET;
1207 } else if (state == PRE_PARAMS_TO_CTRL) {
1208 /* The initial value for |ctx->action_type| must not be zero. */
1209 if (!ossl_assert(ctx->action_type != NONE))
1210 return 0;
1211 }
1212
1213 if ((ret = default_check(state, translation, ctx)) <= 0)
1214 return ret;
1215
1216 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == SET) {
1217 if (ctx->p1 < -1 || ctx->p1 > 1) {
1218 /* Uses the same return value of pkey_ec_ctrl() */
1219 return -2;
1220 }
1221 }
1222
1223 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1224 return ret;
1225
1226 if (state == POST_CTRL_TO_PARAMS && ctx->action_type == GET) {
1227 if (ctx->p1 < 0 || ctx->p1 > 1) {
1228 /*
1229 * The provider should return either 0 or 1, any other value is a
1230 * provider error.
1231 */
1232 ctx->p1 = ret = -1;
1233 }
1234 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == GET) {
1235 ctx->p1 = -2;
1236 }
1237
1238 return ret;
1239 }
1240
1241 /* EVP_PKEY_CTRL_RSA_PADDING, EVP_PKEY_CTRL_GET_RSA_PADDING */
fix_rsa_padding_mode(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1242 static int fix_rsa_padding_mode(enum state state,
1243 const struct translation_st *translation,
1244 struct translation_ctx_st *ctx)
1245 {
1246 static const OSSL_ITEM str_value_map[] = {
1247 { RSA_PKCS1_PADDING, "pkcs1" },
1248 { RSA_NO_PADDING, "none" },
1249 { RSA_PKCS1_OAEP_PADDING, "oaep" },
1250 { RSA_PKCS1_OAEP_PADDING, "oeap" },
1251 { RSA_X931_PADDING, "x931" },
1252 { RSA_PKCS1_PSS_PADDING, "pss" },
1253 /* Special case, will pass directly as an integer */
1254 { RSA_PKCS1_WITH_TLS_PADDING, NULL }
1255 };
1256 int ret;
1257
1258 if ((ret = default_check(state, translation, ctx)) <= 0)
1259 return ret;
1260
1261 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == GET) {
1262 /*
1263 * EVP_PKEY_CTRL_GET_RSA_PADDING returns the padding mode in the
1264 * weirdest way for a ctrl. Instead of doing like all other ctrls
1265 * that return a simple, i.e. just have that as a return value,
1266 * this particular ctrl treats p2 as the address for the int to be
1267 * returned. We must therefore remember |ctx->p2|, then make
1268 * |ctx->p2| point at a buffer to be filled in with the name, and
1269 * |ctx->p1| with its size. default_fixup_args() will take care
1270 * of the rest for us, along with the POST_CTRL_TO_PARAMS && GET
1271 * code section further down.
1272 */
1273 ctx->orig_p2 = ctx->p2;
1274 ctx->p2 = ctx->name_buf;
1275 ctx->p1 = sizeof(ctx->name_buf);
1276 } else if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == SET) {
1277 /*
1278 * Ideally, we should use utf8 strings for the diverse padding modes.
1279 * We only came here because someone called EVP_PKEY_CTX_ctrl(),
1280 * though, and since that can reasonably be seen as legacy code
1281 * that uses the diverse RSA macros for the padding mode, and we
1282 * know that at least our providers can handle the numeric modes,
1283 * we take the cheap route for now.
1284 *
1285 * The other solution would be to match |ctx->p1| against entries
1286 * in str_value_map and pass the corresponding string. However,
1287 * since we don't have a string for RSA_PKCS1_WITH_TLS_PADDING,
1288 * we have to do this same hack at least for that one.
1289 *
1290 * Since the "official" data type for the RSA padding mode is utf8
1291 * string, we cannot count on default_fixup_args(). Instead, we
1292 * build the OSSL_PARAM item ourselves and return immediately.
1293 */
1294 ctx->params[0] = OSSL_PARAM_construct_int(translation->param_key,
1295 &ctx->p1);
1296 return 1;
1297 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == GET) {
1298 size_t i;
1299
1300 /*
1301 * The EVP_PKEY_CTX_get_params() caller may have asked for a utf8
1302 * string, or may have asked for an integer of some sort. If they
1303 * ask for an integer, we respond directly. If not, we translate
1304 * the response from the ctrl function into a string.
1305 */
1306 switch (ctx->params->data_type) {
1307 case OSSL_PARAM_INTEGER:
1308 return OSSL_PARAM_get_int(ctx->params, &ctx->p1);
1309 case OSSL_PARAM_UNSIGNED_INTEGER:
1310 return OSSL_PARAM_get_uint(ctx->params, (unsigned int *)&ctx->p1);
1311 default:
1312 break;
1313 }
1314
1315 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1316 if (ctx->p1 == (int)str_value_map[i].id)
1317 break;
1318 }
1319 if (i == OSSL_NELEM(str_value_map)) {
1320 ERR_raise_data(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE,
1321 "[action:%d, state:%d] padding number %d",
1322 ctx->action_type, state, ctx->p1);
1323 return -2;
1324 }
1325 /*
1326 * If we don't have a string, we can't do anything. The caller
1327 * should have asked for a number...
1328 */
1329 if (str_value_map[i].ptr == NULL) {
1330 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1331 return -2;
1332 }
1333 ctx->p2 = str_value_map[i].ptr;
1334 ctx->p1 = strlen(ctx->p2);
1335 }
1336
1337 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1338 return ret;
1339
1340 if ((ctx->action_type == SET && state == PRE_PARAMS_TO_CTRL)
1341 || (ctx->action_type == GET && state == POST_CTRL_TO_PARAMS)) {
1342 size_t i;
1343
1344 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1345 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1346 break;
1347 }
1348
1349 if (i == OSSL_NELEM(str_value_map)) {
1350 ERR_raise_data(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE,
1351 "[action:%d, state:%d] padding name %s",
1352 ctx->action_type, state, ctx->p1);
1353 ctx->p1 = ret = -2;
1354 } else if (state == POST_CTRL_TO_PARAMS) {
1355 /* EVP_PKEY_CTRL_GET_RSA_PADDING weirdness explained further up */
1356 *(int *)ctx->orig_p2 = str_value_map[i].id;
1357 } else {
1358 ctx->p1 = str_value_map[i].id;
1359 }
1360 ctx->p2 = NULL;
1361 }
1362
1363 return ret;
1364 }
1365
1366 /* EVP_PKEY_CTRL_RSA_PSS_SALTLEN, EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN */
fix_rsa_pss_saltlen(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1367 static int fix_rsa_pss_saltlen(enum state state,
1368 const struct translation_st *translation,
1369 struct translation_ctx_st *ctx)
1370 {
1371 static const OSSL_ITEM str_value_map[] = {
1372 { (unsigned int)RSA_PSS_SALTLEN_DIGEST, "digest" },
1373 { (unsigned int)RSA_PSS_SALTLEN_MAX, "max" },
1374 { (unsigned int)RSA_PSS_SALTLEN_AUTO, "auto" }
1375 };
1376 int ret;
1377
1378 if ((ret = default_check(state, translation, ctx)) <= 0)
1379 return ret;
1380
1381 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == GET) {
1382 /*
1383 * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN returns the saltlen by filling
1384 * in the int pointed at by p2. This is potentially as weird as
1385 * the way EVP_PKEY_CTRL_GET_RSA_PADDING works, except that saltlen
1386 * might be a negative value, so it wouldn't work as a legitimate
1387 * return value.
1388 * In any case, we must therefore remember |ctx->p2|, then make
1389 * |ctx->p2| point at a buffer to be filled in with the name, and
1390 * |ctx->p1| with its size. default_fixup_args() will take care
1391 * of the rest for us, along with the POST_CTRL_TO_PARAMS && GET
1392 * code section further down.
1393 */
1394 ctx->orig_p2 = ctx->p2;
1395 ctx->p2 = ctx->name_buf;
1396 ctx->p1 = sizeof(ctx->name_buf);
1397 } else if ((ctx->action_type == SET && state == PRE_CTRL_TO_PARAMS)
1398 || (ctx->action_type == GET && state == POST_PARAMS_TO_CTRL)) {
1399 size_t i;
1400
1401 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1402 if (ctx->p1 == (int)str_value_map[i].id)
1403 break;
1404 }
1405 if (i == OSSL_NELEM(str_value_map)) {
1406 BIO_snprintf(ctx->name_buf, sizeof(ctx->name_buf), "%d", ctx->p1);
1407 } else {
1408 /* This won't truncate but it will quiet static analysers */
1409 strncpy(ctx->name_buf, str_value_map[i].ptr, sizeof(ctx->name_buf) - 1);
1410 ctx->name_buf[sizeof(ctx->name_buf) - 1] = '\0';
1411 }
1412 ctx->p2 = ctx->name_buf;
1413 ctx->p1 = strlen(ctx->p2);
1414 }
1415
1416 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1417 return ret;
1418
1419 if ((ctx->action_type == SET && state == PRE_PARAMS_TO_CTRL)
1420 || (ctx->action_type == GET && state == POST_CTRL_TO_PARAMS)) {
1421 size_t i;
1422 int val;
1423
1424 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1425 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1426 break;
1427 }
1428
1429 val = i == OSSL_NELEM(str_value_map) ? atoi(ctx->p2)
1430 : (int)str_value_map[i].id;
1431 if (state == POST_CTRL_TO_PARAMS) {
1432 /*
1433 * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN weirdness explained further
1434 * up
1435 */
1436 *(int *)ctx->orig_p2 = val;
1437 } else {
1438 ctx->p1 = val;
1439 }
1440 ctx->p2 = NULL;
1441 }
1442
1443 return ret;
1444 }
1445
1446 /* EVP_PKEY_CTRL_HKDF_MODE */
fix_hkdf_mode(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1447 static int fix_hkdf_mode(enum state state,
1448 const struct translation_st *translation,
1449 struct translation_ctx_st *ctx)
1450 {
1451 static const OSSL_ITEM str_value_map[] = {
1452 { EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND, "EXTRACT_AND_EXPAND" },
1453 { EVP_KDF_HKDF_MODE_EXTRACT_ONLY, "EXTRACT_ONLY" },
1454 { EVP_KDF_HKDF_MODE_EXPAND_ONLY, "EXPAND_ONLY" }
1455 };
1456 int ret;
1457
1458 if ((ret = default_check(state, translation, ctx)) <= 0)
1459 return ret;
1460
1461 if ((ctx->action_type == SET && state == PRE_CTRL_TO_PARAMS)
1462 || (ctx->action_type == GET && state == POST_PARAMS_TO_CTRL)) {
1463 size_t i;
1464
1465 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1466 if (ctx->p1 == (int)str_value_map[i].id)
1467 break;
1468 }
1469 if (i == OSSL_NELEM(str_value_map))
1470 return 0;
1471 ctx->p2 = str_value_map[i].ptr;
1472 ctx->p1 = strlen(ctx->p2);
1473 }
1474
1475 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1476 return ret;
1477
1478 if ((ctx->action_type == SET && state == PRE_PARAMS_TO_CTRL)
1479 || (ctx->action_type == GET && state == POST_CTRL_TO_PARAMS)) {
1480 size_t i;
1481
1482 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1483 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1484 break;
1485 }
1486 if (i == OSSL_NELEM(str_value_map))
1487 return 0;
1488 if (state == POST_CTRL_TO_PARAMS)
1489 ret = str_value_map[i].id;
1490 else
1491 ctx->p1 = str_value_map[i].id;
1492 ctx->p2 = NULL;
1493 }
1494
1495 return 1;
1496 }
1497
1498 /*-
1499 * Payload getters
1500 * ===============
1501 *
1502 * These all get the data they want, then call default_fixup_args() as
1503 * a post-ctrl GET fixup. They all get NULL ctx, ctrl_cmd, ctrl_str,
1504 * p1, sz
1505 */
1506
1507 /* Pilfering DH, DSA and EC_KEY */
get_payload_group_name(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1508 static int get_payload_group_name(enum state state,
1509 const struct translation_st *translation,
1510 struct translation_ctx_st *ctx)
1511 {
1512 EVP_PKEY *pkey = ctx->p2;
1513
1514 ctx->p2 = NULL;
1515 switch (EVP_PKEY_get_base_id(pkey)) {
1516 #ifndef OPENSSL_NO_DH
1517 case EVP_PKEY_DH:
1518 {
1519 const DH *dh = EVP_PKEY_get0_DH(pkey);
1520 int uid = DH_get_nid(dh);
1521
1522 if (uid != NID_undef) {
1523 const DH_NAMED_GROUP *dh_group =
1524 ossl_ffc_uid_to_dh_named_group(uid);
1525
1526 ctx->p2 = (char *)ossl_ffc_named_group_get_name(dh_group);
1527 }
1528 }
1529 break;
1530 #endif
1531 #ifndef OPENSSL_NO_EC
1532 case EVP_PKEY_EC:
1533 {
1534 const EC_GROUP *grp =
1535 EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey));
1536 int nid = NID_undef;
1537
1538 if (grp != NULL)
1539 nid = EC_GROUP_get_curve_name(grp);
1540 if (nid != NID_undef)
1541 ctx->p2 = (char *)OSSL_EC_curve_nid2name(nid);
1542 }
1543 break;
1544 #endif
1545 default:
1546 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1547 return 0;
1548 }
1549
1550 /*
1551 * Quietly ignoring unknown groups matches the behaviour on the provider
1552 * side.
1553 */
1554 if (ctx->p2 == NULL)
1555 return 1;
1556
1557 ctx->p1 = strlen(ctx->p2);
1558 return default_fixup_args(state, translation, ctx);
1559 }
1560
get_payload_private_key(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1561 static int get_payload_private_key(enum state state,
1562 const struct translation_st *translation,
1563 struct translation_ctx_st *ctx)
1564 {
1565 EVP_PKEY *pkey = ctx->p2;
1566
1567 ctx->p2 = NULL;
1568 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
1569 return 0;
1570
1571 switch (EVP_PKEY_get_base_id(pkey)) {
1572 #ifndef OPENSSL_NO_DH
1573 case EVP_PKEY_DH:
1574 {
1575 const DH *dh = EVP_PKEY_get0_DH(pkey);
1576
1577 ctx->p2 = (BIGNUM *)DH_get0_priv_key(dh);
1578 }
1579 break;
1580 #endif
1581 #ifndef OPENSSL_NO_EC
1582 case EVP_PKEY_EC:
1583 {
1584 const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
1585
1586 ctx->p2 = (BIGNUM *)EC_KEY_get0_private_key(ec);
1587 }
1588 break;
1589 #endif
1590 default:
1591 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1592 return 0;
1593 }
1594
1595 return default_fixup_args(state, translation, ctx);
1596 }
1597
get_payload_public_key(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1598 static int get_payload_public_key(enum state state,
1599 const struct translation_st *translation,
1600 struct translation_ctx_st *ctx)
1601 {
1602 EVP_PKEY *pkey = ctx->p2;
1603 unsigned char *buf = NULL;
1604 int ret;
1605
1606 ctx->p2 = NULL;
1607 switch (EVP_PKEY_get_base_id(pkey)) {
1608 #ifndef OPENSSL_NO_DH
1609 case EVP_PKEY_DHX:
1610 case EVP_PKEY_DH:
1611 switch (ctx->params->data_type) {
1612 case OSSL_PARAM_OCTET_STRING:
1613 ctx->sz = ossl_dh_key2buf(EVP_PKEY_get0_DH(pkey), &buf, 0, 1);
1614 ctx->p2 = buf;
1615 break;
1616 case OSSL_PARAM_UNSIGNED_INTEGER:
1617 ctx->p2 = (void *)DH_get0_pub_key(EVP_PKEY_get0_DH(pkey));
1618 break;
1619 default:
1620 return 0;
1621 }
1622 break;
1623 #endif
1624 #ifndef OPENSSL_NO_DSA
1625 case EVP_PKEY_DSA:
1626 if (ctx->params->data_type == OSSL_PARAM_UNSIGNED_INTEGER) {
1627 ctx->p2 = (void *)DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey));
1628 break;
1629 }
1630 return 0;
1631 #endif
1632 #ifndef OPENSSL_NO_EC
1633 case EVP_PKEY_EC:
1634 if (ctx->params->data_type == OSSL_PARAM_OCTET_STRING) {
1635 const EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(pkey);
1636 BN_CTX *bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eckey));
1637 const EC_GROUP *ecg = EC_KEY_get0_group(eckey);
1638 const EC_POINT *point = EC_KEY_get0_public_key(eckey);
1639
1640 if (bnctx == NULL)
1641 return 0;
1642 ctx->sz = EC_POINT_point2buf(ecg, point,
1643 POINT_CONVERSION_COMPRESSED,
1644 &buf, bnctx);
1645 ctx->p2 = buf;
1646 BN_CTX_free(bnctx);
1647 break;
1648 }
1649 return 0;
1650 #endif
1651 default:
1652 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1653 return 0;
1654 }
1655
1656 ret = default_fixup_args(state, translation, ctx);
1657 OPENSSL_free(buf);
1658 return ret;
1659 }
1660
get_payload_public_key_ec(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1661 static int get_payload_public_key_ec(enum state state,
1662 const struct translation_st *translation,
1663 struct translation_ctx_st *ctx)
1664 {
1665 #ifndef OPENSSL_NO_EC
1666 EVP_PKEY *pkey = ctx->p2;
1667 const EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(pkey);
1668 BN_CTX *bnctx;
1669 const EC_POINT *point;
1670 const EC_GROUP *ecg;
1671 BIGNUM *x = NULL;
1672 BIGNUM *y = NULL;
1673 int ret = 0;
1674
1675 ctx->p2 = NULL;
1676
1677 if (eckey == NULL) {
1678 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1679 return 0;
1680 }
1681
1682 bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eckey));
1683 if (bnctx == NULL)
1684 return 0;
1685
1686 point = EC_KEY_get0_public_key(eckey);
1687 ecg = EC_KEY_get0_group(eckey);
1688
1689 /* Caller should have requested a BN, fail if not */
1690 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
1691 goto out;
1692
1693 x = BN_CTX_get(bnctx);
1694 y = BN_CTX_get(bnctx);
1695 if (y == NULL)
1696 goto out;
1697
1698 if (!EC_POINT_get_affine_coordinates(ecg, point, x, y, bnctx))
1699 goto out;
1700
1701 if (strncmp(ctx->params->key, OSSL_PKEY_PARAM_EC_PUB_X, 2) == 0)
1702 ctx->p2 = x;
1703 else if (strncmp(ctx->params->key, OSSL_PKEY_PARAM_EC_PUB_Y, 2) == 0)
1704 ctx->p2 = y;
1705 else
1706 goto out;
1707
1708 /* Return the payload */
1709 ret = default_fixup_args(state, translation, ctx);
1710 out:
1711 BN_CTX_free(bnctx);
1712 return ret;
1713 #else
1714 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1715 return 0;
1716 #endif
1717 }
1718
get_payload_bn(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const BIGNUM * bn)1719 static int get_payload_bn(enum state state,
1720 const struct translation_st *translation,
1721 struct translation_ctx_st *ctx, const BIGNUM *bn)
1722 {
1723 if (bn == NULL)
1724 return 0;
1725 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
1726 return 0;
1727 ctx->p2 = (BIGNUM *)bn;
1728
1729 return default_fixup_args(state, translation, ctx);
1730 }
1731
get_dh_dsa_payload_p(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1732 static int get_dh_dsa_payload_p(enum state state,
1733 const struct translation_st *translation,
1734 struct translation_ctx_st *ctx)
1735 {
1736 const BIGNUM *bn = NULL;
1737 EVP_PKEY *pkey = ctx->p2;
1738
1739 switch (EVP_PKEY_get_base_id(pkey)) {
1740 #ifndef OPENSSL_NO_DH
1741 case EVP_PKEY_DH:
1742 bn = DH_get0_p(EVP_PKEY_get0_DH(pkey));
1743 break;
1744 #endif
1745 #ifndef OPENSSL_NO_DSA
1746 case EVP_PKEY_DSA:
1747 bn = DSA_get0_p(EVP_PKEY_get0_DSA(pkey));
1748 break;
1749 #endif
1750 default:
1751 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1752 }
1753
1754 return get_payload_bn(state, translation, ctx, bn);
1755 }
1756
get_dh_dsa_payload_q(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1757 static int get_dh_dsa_payload_q(enum state state,
1758 const struct translation_st *translation,
1759 struct translation_ctx_st *ctx)
1760 {
1761 const BIGNUM *bn = NULL;
1762
1763 switch (EVP_PKEY_get_base_id(ctx->p2)) {
1764 #ifndef OPENSSL_NO_DH
1765 case EVP_PKEY_DH:
1766 bn = DH_get0_q(EVP_PKEY_get0_DH(ctx->p2));
1767 break;
1768 #endif
1769 #ifndef OPENSSL_NO_DSA
1770 case EVP_PKEY_DSA:
1771 bn = DSA_get0_q(EVP_PKEY_get0_DSA(ctx->p2));
1772 break;
1773 #endif
1774 }
1775
1776 return get_payload_bn(state, translation, ctx, bn);
1777 }
1778
get_dh_dsa_payload_g(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1779 static int get_dh_dsa_payload_g(enum state state,
1780 const struct translation_st *translation,
1781 struct translation_ctx_st *ctx)
1782 {
1783 const BIGNUM *bn = NULL;
1784
1785 switch (EVP_PKEY_get_base_id(ctx->p2)) {
1786 #ifndef OPENSSL_NO_DH
1787 case EVP_PKEY_DH:
1788 bn = DH_get0_g(EVP_PKEY_get0_DH(ctx->p2));
1789 break;
1790 #endif
1791 #ifndef OPENSSL_NO_DSA
1792 case EVP_PKEY_DSA:
1793 bn = DSA_get0_g(EVP_PKEY_get0_DSA(ctx->p2));
1794 break;
1795 #endif
1796 }
1797
1798 return get_payload_bn(state, translation, ctx, bn);
1799 }
1800
get_payload_int(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const int val)1801 static int get_payload_int(enum state state,
1802 const struct translation_st *translation,
1803 struct translation_ctx_st *ctx,
1804 const int val)
1805 {
1806 if (ctx->params->data_type != OSSL_PARAM_INTEGER)
1807 return 0;
1808 ctx->p1 = val;
1809 ctx->p2 = NULL;
1810
1811 return default_fixup_args(state, translation, ctx);
1812 }
1813
get_ec_decoded_from_explicit_params(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1814 static int get_ec_decoded_from_explicit_params(enum state state,
1815 const struct translation_st *translation,
1816 struct translation_ctx_st *ctx)
1817 {
1818 int val = 0;
1819 EVP_PKEY *pkey = ctx->p2;
1820
1821 switch (EVP_PKEY_base_id(pkey)) {
1822 #ifndef OPENSSL_NO_EC
1823 case EVP_PKEY_EC:
1824 val = EC_KEY_decoded_from_explicit_params(EVP_PKEY_get0_EC_KEY(pkey));
1825 if (val < 0) {
1826 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY);
1827 return 0;
1828 }
1829 break;
1830 #endif
1831 default:
1832 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1833 return 0;
1834 }
1835
1836 return get_payload_int(state, translation, ctx, val);
1837 }
1838
get_rsa_payload_n(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1839 static int get_rsa_payload_n(enum state state,
1840 const struct translation_st *translation,
1841 struct translation_ctx_st *ctx)
1842 {
1843 const BIGNUM *bn = NULL;
1844
1845 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA
1846 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS)
1847 return 0;
1848 bn = RSA_get0_n(EVP_PKEY_get0_RSA(ctx->p2));
1849
1850 return get_payload_bn(state, translation, ctx, bn);
1851 }
1852
get_rsa_payload_e(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1853 static int get_rsa_payload_e(enum state state,
1854 const struct translation_st *translation,
1855 struct translation_ctx_st *ctx)
1856 {
1857 const BIGNUM *bn = NULL;
1858
1859 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA
1860 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS)
1861 return 0;
1862 bn = RSA_get0_e(EVP_PKEY_get0_RSA(ctx->p2));
1863
1864 return get_payload_bn(state, translation, ctx, bn);
1865 }
1866
get_rsa_payload_d(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1867 static int get_rsa_payload_d(enum state state,
1868 const struct translation_st *translation,
1869 struct translation_ctx_st *ctx)
1870 {
1871 const BIGNUM *bn = NULL;
1872
1873 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA
1874 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS)
1875 return 0;
1876 bn = RSA_get0_d(EVP_PKEY_get0_RSA(ctx->p2));
1877
1878 return get_payload_bn(state, translation, ctx, bn);
1879 }
1880
get_rsa_payload_factor(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,size_t factornum)1881 static int get_rsa_payload_factor(enum state state,
1882 const struct translation_st *translation,
1883 struct translation_ctx_st *ctx,
1884 size_t factornum)
1885 {
1886 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1887 const BIGNUM *bn = NULL;
1888
1889 switch (factornum) {
1890 case 0:
1891 bn = RSA_get0_p(r);
1892 break;
1893 case 1:
1894 bn = RSA_get0_q(r);
1895 break;
1896 default:
1897 {
1898 size_t pnum = RSA_get_multi_prime_extra_count(r);
1899 const BIGNUM *factors[10];
1900
1901 if (factornum - 2 < pnum
1902 && RSA_get0_multi_prime_factors(r, factors))
1903 bn = factors[factornum - 2];
1904 }
1905 break;
1906 }
1907
1908 return get_payload_bn(state, translation, ctx, bn);
1909 }
1910
get_rsa_payload_exponent(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,size_t exponentnum)1911 static int get_rsa_payload_exponent(enum state state,
1912 const struct translation_st *translation,
1913 struct translation_ctx_st *ctx,
1914 size_t exponentnum)
1915 {
1916 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1917 const BIGNUM *bn = NULL;
1918
1919 switch (exponentnum) {
1920 case 0:
1921 bn = RSA_get0_dmp1(r);
1922 break;
1923 case 1:
1924 bn = RSA_get0_dmq1(r);
1925 break;
1926 default:
1927 {
1928 size_t pnum = RSA_get_multi_prime_extra_count(r);
1929 const BIGNUM *exps[10], *coeffs[10];
1930
1931 if (exponentnum - 2 < pnum
1932 && RSA_get0_multi_prime_crt_params(r, exps, coeffs))
1933 bn = exps[exponentnum - 2];
1934 }
1935 break;
1936 }
1937
1938 return get_payload_bn(state, translation, ctx, bn);
1939 }
1940
get_rsa_payload_coefficient(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,size_t coefficientnum)1941 static int get_rsa_payload_coefficient(enum state state,
1942 const struct translation_st *translation,
1943 struct translation_ctx_st *ctx,
1944 size_t coefficientnum)
1945 {
1946 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1947 const BIGNUM *bn = NULL;
1948
1949 switch (coefficientnum) {
1950 case 0:
1951 bn = RSA_get0_iqmp(r);
1952 break;
1953 default:
1954 {
1955 size_t pnum = RSA_get_multi_prime_extra_count(r);
1956 const BIGNUM *exps[10], *coeffs[10];
1957
1958 if (coefficientnum - 1 < pnum
1959 && RSA_get0_multi_prime_crt_params(r, exps, coeffs))
1960 bn = coeffs[coefficientnum - 1];
1961 }
1962 break;
1963 }
1964
1965 return get_payload_bn(state, translation, ctx, bn);
1966 }
1967
1968 #define IMPL_GET_RSA_PAYLOAD_FACTOR(n) \
1969 static int \
1970 get_rsa_payload_f##n(enum state state, \
1971 const struct translation_st *translation, \
1972 struct translation_ctx_st *ctx) \
1973 { \
1974 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \
1975 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \
1976 return 0; \
1977 return get_rsa_payload_factor(state, translation, ctx, n - 1); \
1978 }
1979
1980 #define IMPL_GET_RSA_PAYLOAD_EXPONENT(n) \
1981 static int \
1982 get_rsa_payload_e##n(enum state state, \
1983 const struct translation_st *translation, \
1984 struct translation_ctx_st *ctx) \
1985 { \
1986 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \
1987 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \
1988 return 0; \
1989 return get_rsa_payload_exponent(state, translation, ctx, \
1990 n - 1); \
1991 }
1992
1993 #define IMPL_GET_RSA_PAYLOAD_COEFFICIENT(n) \
1994 static int \
1995 get_rsa_payload_c##n(enum state state, \
1996 const struct translation_st *translation, \
1997 struct translation_ctx_st *ctx) \
1998 { \
1999 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \
2000 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \
2001 return 0; \
2002 return get_rsa_payload_coefficient(state, translation, ctx, \
2003 n - 1); \
2004 }
2005
2006 IMPL_GET_RSA_PAYLOAD_FACTOR(1)
2007 IMPL_GET_RSA_PAYLOAD_FACTOR(2)
2008 IMPL_GET_RSA_PAYLOAD_FACTOR(3)
2009 IMPL_GET_RSA_PAYLOAD_FACTOR(4)
2010 IMPL_GET_RSA_PAYLOAD_FACTOR(5)
2011 IMPL_GET_RSA_PAYLOAD_FACTOR(6)
2012 IMPL_GET_RSA_PAYLOAD_FACTOR(7)
2013 IMPL_GET_RSA_PAYLOAD_FACTOR(8)
2014 IMPL_GET_RSA_PAYLOAD_FACTOR(9)
2015 IMPL_GET_RSA_PAYLOAD_FACTOR(10)
2016 IMPL_GET_RSA_PAYLOAD_EXPONENT(1)
2017 IMPL_GET_RSA_PAYLOAD_EXPONENT(2)
2018 IMPL_GET_RSA_PAYLOAD_EXPONENT(3)
2019 IMPL_GET_RSA_PAYLOAD_EXPONENT(4)
2020 IMPL_GET_RSA_PAYLOAD_EXPONENT(5)
2021 IMPL_GET_RSA_PAYLOAD_EXPONENT(6)
2022 IMPL_GET_RSA_PAYLOAD_EXPONENT(7)
2023 IMPL_GET_RSA_PAYLOAD_EXPONENT(8)
2024 IMPL_GET_RSA_PAYLOAD_EXPONENT(9)
2025 IMPL_GET_RSA_PAYLOAD_EXPONENT(10)
2026 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(1)
2027 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(2)
2028 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(3)
2029 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(4)
2030 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(5)
2031 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(6)
2032 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(7)
2033 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(8)
2034 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(9)
2035
fix_group_ecx(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)2036 static int fix_group_ecx(enum state state,
2037 const struct translation_st *translation,
2038 struct translation_ctx_st *ctx)
2039 {
2040 const char *value = NULL;
2041
2042 switch (state) {
2043 case PRE_PARAMS_TO_CTRL:
2044 if (!EVP_PKEY_CTX_IS_GEN_OP(ctx->pctx))
2045 return 0;
2046 ctx->action_type = NONE;
2047 return 1;
2048 case POST_PARAMS_TO_CTRL:
2049 if (OSSL_PARAM_get_utf8_string_ptr(ctx->params, &value) == 0 ||
2050 OPENSSL_strcasecmp(ctx->pctx->keytype, value) != 0) {
2051 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_INVALID_ARGUMENT);
2052 ctx->p1 = 0;
2053 return 0;
2054 }
2055 ctx->p1 = 1;
2056 return 1;
2057 default:
2058 return 0;
2059 }
2060 }
2061
2062 /*-
2063 * The translation table itself
2064 * ============================
2065 */
2066
2067 static const struct translation_st evp_pkey_ctx_translations[] = {
2068 /*
2069 * DistID: we pass it to the backend as an octet string,
2070 * but get it back as a pointer to an octet string.
2071 *
2072 * Note that the EVP_PKEY_CTRL_GET1_ID_LEN is purely for legacy purposes
2073 * that has no separate counterpart in OSSL_PARAM terms, since we get
2074 * the length of the DistID automatically when getting the DistID itself.
2075 */
2076 { SET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2077 EVP_PKEY_CTRL_SET1_ID, "distid", "hexdistid",
2078 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_STRING, NULL },
2079 { GET, -1, -1, -1,
2080 EVP_PKEY_CTRL_GET1_ID, "distid", "hexdistid",
2081 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_PTR, NULL },
2082 { GET, -1, -1, -1,
2083 EVP_PKEY_CTRL_GET1_ID_LEN, NULL, NULL,
2084 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_PTR, fix_distid_len },
2085
2086 /*-
2087 * DH & DHX
2088 * ========
2089 */
2090
2091 /*
2092 * EVP_PKEY_CTRL_DH_KDF_TYPE is used both for setting and getting. The
2093 * fixup function has to handle this...
2094 */
2095 { NONE, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2096 EVP_PKEY_CTRL_DH_KDF_TYPE, NULL, NULL,
2097 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING,
2098 fix_dh_kdf_type },
2099 { SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2100 EVP_PKEY_CTRL_DH_KDF_MD, NULL, NULL,
2101 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2102 { GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2103 EVP_PKEY_CTRL_GET_DH_KDF_MD, NULL, NULL,
2104 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2105 { SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2106 EVP_PKEY_CTRL_DH_KDF_OUTLEN, NULL, NULL,
2107 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2108 { GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2109 EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, NULL, NULL,
2110 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2111 { SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2112 EVP_PKEY_CTRL_DH_KDF_UKM, NULL, NULL,
2113 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL },
2114 { GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2115 EVP_PKEY_CTRL_GET_DH_KDF_UKM, NULL, NULL,
2116 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL },
2117 { SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2118 EVP_PKEY_CTRL_DH_KDF_OID, NULL, NULL,
2119 OSSL_KDF_PARAM_CEK_ALG, OSSL_PARAM_UTF8_STRING, fix_oid },
2120 { GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2121 EVP_PKEY_CTRL_GET_DH_KDF_OID, NULL, NULL,
2122 OSSL_KDF_PARAM_CEK_ALG, OSSL_PARAM_UTF8_STRING, fix_oid },
2123
2124 /* DHX Keygen Parameters that are shared with DH */
2125 { SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN,
2126 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, "dh_paramgen_type", NULL,
2127 OSSL_PKEY_PARAM_FFC_TYPE, OSSL_PARAM_UTF8_STRING, fix_dh_paramgen_type },
2128 { SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN,
2129 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, "dh_paramgen_prime_len", NULL,
2130 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2131 { SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2132 EVP_PKEY_CTRL_DH_NID, "dh_param", NULL,
2133 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, NULL },
2134 { SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2135 EVP_PKEY_CTRL_DH_RFC5114, "dh_rfc5114", NULL,
2136 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid5114 },
2137
2138 /* DH Keygen Parameters that are shared with DHX */
2139 { SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN,
2140 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, "dh_paramgen_type", NULL,
2141 OSSL_PKEY_PARAM_FFC_TYPE, OSSL_PARAM_UTF8_STRING, fix_dh_paramgen_type },
2142 { SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN,
2143 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, "dh_paramgen_prime_len", NULL,
2144 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2145 { SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2146 EVP_PKEY_CTRL_DH_NID, "dh_param", NULL,
2147 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid },
2148 { SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2149 EVP_PKEY_CTRL_DH_RFC5114, "dh_rfc5114", NULL,
2150 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid5114 },
2151
2152 /* DH specific Keygen Parameters */
2153 { SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN,
2154 EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, "dh_paramgen_generator", NULL,
2155 OSSL_PKEY_PARAM_DH_GENERATOR, OSSL_PARAM_INTEGER, NULL },
2156
2157 /* DHX specific Keygen Parameters */
2158 { SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN,
2159 EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, "dh_paramgen_subprime_len", NULL,
2160 OSSL_PKEY_PARAM_FFC_QBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2161
2162 { SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_DERIVE,
2163 EVP_PKEY_CTRL_DH_PAD, "dh_pad", NULL,
2164 OSSL_EXCHANGE_PARAM_PAD, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2165
2166 /*-
2167 * DSA
2168 * ===
2169 */
2170 { SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN,
2171 EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, "dsa_paramgen_bits", NULL,
2172 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2173 { SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN,
2174 EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, "dsa_paramgen_q_bits", NULL,
2175 OSSL_PKEY_PARAM_FFC_QBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2176 { SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN,
2177 EVP_PKEY_CTRL_DSA_PARAMGEN_MD, "dsa_paramgen_md", NULL,
2178 OSSL_PKEY_PARAM_FFC_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2179
2180 /*-
2181 * EC
2182 * ==
2183 */
2184 { SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2185 EVP_PKEY_CTRL_EC_PARAM_ENC, "ec_param_enc", NULL,
2186 OSSL_PKEY_PARAM_EC_ENCODING, OSSL_PARAM_UTF8_STRING, fix_ec_param_enc },
2187 { SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2188 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, "ec_paramgen_curve", NULL,
2189 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING,
2190 fix_ec_paramgen_curve_nid },
2191 /*
2192 * EVP_PKEY_CTRL_EC_ECDH_COFACTOR and EVP_PKEY_CTRL_EC_KDF_TYPE are used
2193 * both for setting and getting. The fixup function has to handle this...
2194 */
2195 { NONE, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2196 EVP_PKEY_CTRL_EC_ECDH_COFACTOR, "ecdh_cofactor_mode", NULL,
2197 OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, OSSL_PARAM_INTEGER,
2198 fix_ecdh_cofactor },
2199 { NONE, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2200 EVP_PKEY_CTRL_EC_KDF_TYPE, NULL, NULL,
2201 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING, fix_ec_kdf_type },
2202 { SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2203 EVP_PKEY_CTRL_EC_KDF_MD, "ecdh_kdf_md", NULL,
2204 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2205 { GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2206 EVP_PKEY_CTRL_GET_EC_KDF_MD, NULL, NULL,
2207 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2208 { SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2209 EVP_PKEY_CTRL_EC_KDF_OUTLEN, NULL, NULL,
2210 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2211 { GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2212 EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, NULL, NULL,
2213 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2214 { SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2215 EVP_PKEY_CTRL_EC_KDF_UKM, NULL, NULL,
2216 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL },
2217 { GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2218 EVP_PKEY_CTRL_GET_EC_KDF_UKM, NULL, NULL,
2219 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL },
2220
2221 /*-
2222 * SM2
2223 * ==
2224 */
2225 { SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2226 EVP_PKEY_CTRL_EC_PARAM_ENC, "ec_param_enc", NULL,
2227 OSSL_PKEY_PARAM_EC_ENCODING, OSSL_PARAM_UTF8_STRING, fix_ec_param_enc },
2228 { SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2229 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, "ec_paramgen_curve", NULL,
2230 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING,
2231 fix_ec_paramgen_curve_nid },
2232 /*
2233 * EVP_PKEY_CTRL_EC_ECDH_COFACTOR and EVP_PKEY_CTRL_EC_KDF_TYPE are used
2234 * both for setting and getting. The fixup function has to handle this...
2235 */
2236 { NONE, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2237 EVP_PKEY_CTRL_EC_ECDH_COFACTOR, "ecdh_cofactor_mode", NULL,
2238 OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, OSSL_PARAM_INTEGER,
2239 fix_ecdh_cofactor },
2240 { NONE, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2241 EVP_PKEY_CTRL_EC_KDF_TYPE, NULL, NULL,
2242 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING, fix_ec_kdf_type },
2243 { SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2244 EVP_PKEY_CTRL_EC_KDF_MD, "ecdh_kdf_md", NULL,
2245 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2246 { GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2247 EVP_PKEY_CTRL_GET_EC_KDF_MD, NULL, NULL,
2248 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2249 { SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2250 EVP_PKEY_CTRL_EC_KDF_OUTLEN, NULL, NULL,
2251 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2252 { GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2253 EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, NULL, NULL,
2254 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2255 { SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2256 EVP_PKEY_CTRL_EC_KDF_UKM, NULL, NULL,
2257 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL },
2258 { GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2259 EVP_PKEY_CTRL_GET_EC_KDF_UKM, NULL, NULL,
2260 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL },
2261 /*-
2262 * RSA
2263 * ===
2264 */
2265
2266 /*
2267 * RSA padding modes are numeric with ctrls, strings with ctrl_strs,
2268 * and can be both with OSSL_PARAM. We standardise on strings here,
2269 * fix_rsa_padding_mode() does the work when the caller has a different
2270 * idea.
2271 */
2272 { SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2273 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2274 EVP_PKEY_CTRL_RSA_PADDING, "rsa_padding_mode", NULL,
2275 OSSL_PKEY_PARAM_PAD_MODE, OSSL_PARAM_UTF8_STRING, fix_rsa_padding_mode },
2276 { GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2277 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2278 EVP_PKEY_CTRL_GET_RSA_PADDING, NULL, NULL,
2279 OSSL_PKEY_PARAM_PAD_MODE, OSSL_PARAM_UTF8_STRING, fix_rsa_padding_mode },
2280
2281 { SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2282 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2283 EVP_PKEY_CTRL_RSA_MGF1_MD, "rsa_mgf1_md", NULL,
2284 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2285 { GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2286 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2287 EVP_PKEY_CTRL_GET_RSA_MGF1_MD, NULL, NULL,
2288 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2289
2290 /*
2291 * RSA-PSS saltlen is essentially numeric, but certain values can be
2292 * expressed as keywords (strings) with ctrl_str. The corresponding
2293 * OSSL_PARAM allows both forms.
2294 * fix_rsa_pss_saltlen() takes care of the distinction.
2295 */
2296 { SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_TYPE_SIG,
2297 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, "rsa_pss_saltlen", NULL,
2298 OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, OSSL_PARAM_UTF8_STRING,
2299 fix_rsa_pss_saltlen },
2300 { GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_TYPE_SIG,
2301 EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, NULL, NULL,
2302 OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, OSSL_PARAM_UTF8_STRING,
2303 fix_rsa_pss_saltlen },
2304
2305 { SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2306 EVP_PKEY_CTRL_RSA_OAEP_MD, "rsa_oaep_md", NULL,
2307 OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2308 { GET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2309 EVP_PKEY_CTRL_GET_RSA_OAEP_MD, NULL, NULL,
2310 OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2311 /*
2312 * The "rsa_oaep_label" ctrl_str expects the value to always be hex.
2313 * This is accommodated by default_fixup_args() above, which mimics that
2314 * expectation for any translation item where |ctrl_str| is NULL and
2315 * |ctrl_hexstr| is non-NULL.
2316 */
2317 { SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2318 EVP_PKEY_CTRL_RSA_OAEP_LABEL, NULL, "rsa_oaep_label",
2319 OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, OSSL_PARAM_OCTET_STRING, NULL },
2320 { GET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2321 EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, NULL, NULL,
2322 OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, OSSL_PARAM_OCTET_PTR, NULL },
2323
2324 { SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2325 EVP_PKEY_CTRL_RSA_IMPLICIT_REJECTION, NULL,
2326 "rsa_pkcs1_implicit_rejection",
2327 OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION, OSSL_PARAM_UNSIGNED_INTEGER,
2328 NULL },
2329
2330 { SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN,
2331 EVP_PKEY_CTRL_MD, "rsa_pss_keygen_md", NULL,
2332 OSSL_ALG_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2333 { SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN,
2334 EVP_PKEY_CTRL_RSA_MGF1_MD, "rsa_pss_keygen_mgf1_md", NULL,
2335 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2336 { SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN,
2337 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, "rsa_pss_keygen_saltlen", NULL,
2338 OSSL_SIGNATURE_PARAM_PSS_SALTLEN, OSSL_PARAM_INTEGER, NULL },
2339 { SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN,
2340 EVP_PKEY_CTRL_RSA_KEYGEN_BITS, "rsa_keygen_bits", NULL,
2341 OSSL_PKEY_PARAM_RSA_BITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2342 { SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN,
2343 EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, "rsa_keygen_pubexp", NULL,
2344 OSSL_PKEY_PARAM_RSA_E, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2345 { SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN,
2346 EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES, "rsa_keygen_primes", NULL,
2347 OSSL_PKEY_PARAM_RSA_PRIMES, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2348
2349 /*-
2350 * SipHash
2351 * ======
2352 */
2353 { SET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2354 EVP_PKEY_CTRL_SET_DIGEST_SIZE, "digestsize", NULL,
2355 OSSL_MAC_PARAM_SIZE, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2356
2357 /*-
2358 * TLS1-PRF
2359 * ========
2360 */
2361 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2362 EVP_PKEY_CTRL_TLS_MD, "md", NULL,
2363 OSSL_KDF_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2364 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2365 EVP_PKEY_CTRL_TLS_SECRET, "secret", "hexsecret",
2366 OSSL_KDF_PARAM_SECRET, OSSL_PARAM_OCTET_STRING, NULL },
2367 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2368 EVP_PKEY_CTRL_TLS_SEED, "seed", "hexseed",
2369 OSSL_KDF_PARAM_SEED, OSSL_PARAM_OCTET_STRING, NULL },
2370
2371 /*-
2372 * HKDF
2373 * ====
2374 */
2375 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2376 EVP_PKEY_CTRL_HKDF_MD, "md", NULL,
2377 OSSL_KDF_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2378 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2379 EVP_PKEY_CTRL_HKDF_SALT, "salt", "hexsalt",
2380 OSSL_KDF_PARAM_SALT, OSSL_PARAM_OCTET_STRING, NULL },
2381 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2382 EVP_PKEY_CTRL_HKDF_KEY, "key", "hexkey",
2383 OSSL_KDF_PARAM_KEY, OSSL_PARAM_OCTET_STRING, NULL },
2384 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2385 EVP_PKEY_CTRL_HKDF_INFO, "info", "hexinfo",
2386 OSSL_KDF_PARAM_INFO, OSSL_PARAM_OCTET_STRING, NULL },
2387 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2388 EVP_PKEY_CTRL_HKDF_MODE, "mode", NULL,
2389 OSSL_KDF_PARAM_MODE, OSSL_PARAM_INTEGER, fix_hkdf_mode },
2390
2391 /*-
2392 * Scrypt
2393 * ======
2394 */
2395 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2396 EVP_PKEY_CTRL_PASS, "pass", "hexpass",
2397 OSSL_KDF_PARAM_PASSWORD, OSSL_PARAM_OCTET_STRING, NULL },
2398 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2399 EVP_PKEY_CTRL_SCRYPT_SALT, "salt", "hexsalt",
2400 OSSL_KDF_PARAM_SALT, OSSL_PARAM_OCTET_STRING, NULL },
2401 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2402 EVP_PKEY_CTRL_SCRYPT_N, "N", NULL,
2403 OSSL_KDF_PARAM_SCRYPT_N, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2404 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2405 EVP_PKEY_CTRL_SCRYPT_R, "r", NULL,
2406 OSSL_KDF_PARAM_SCRYPT_R, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2407 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2408 EVP_PKEY_CTRL_SCRYPT_P, "p", NULL,
2409 OSSL_KDF_PARAM_SCRYPT_P, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2410 { SET, -1, -1, EVP_PKEY_OP_DERIVE,
2411 EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, "maxmem_bytes", NULL,
2412 OSSL_KDF_PARAM_SCRYPT_MAXMEM, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2413
2414 { SET, -1, -1, EVP_PKEY_OP_KEYGEN | EVP_PKEY_OP_TYPE_CRYPT,
2415 EVP_PKEY_CTRL_CIPHER, NULL, NULL,
2416 OSSL_PKEY_PARAM_CIPHER, OSSL_PARAM_UTF8_STRING, fix_cipher },
2417 { SET, -1, -1, EVP_PKEY_OP_KEYGEN,
2418 EVP_PKEY_CTRL_SET_MAC_KEY, "key", "hexkey",
2419 OSSL_PKEY_PARAM_PRIV_KEY, OSSL_PARAM_OCTET_STRING, NULL },
2420
2421 { SET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2422 EVP_PKEY_CTRL_MD, NULL, NULL,
2423 OSSL_SIGNATURE_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2424 { GET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2425 EVP_PKEY_CTRL_GET_MD, NULL, NULL,
2426 OSSL_SIGNATURE_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2427
2428 /*-
2429 * ECX
2430 * ===
2431 */
2432 { SET, EVP_PKEY_X25519, EVP_PKEY_X25519, EVP_PKEY_OP_KEYGEN, -1, NULL, NULL,
2433 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2434 { SET, EVP_PKEY_X25519, EVP_PKEY_X25519, EVP_PKEY_OP_PARAMGEN, -1, NULL, NULL,
2435 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2436 { SET, EVP_PKEY_X448, EVP_PKEY_X448, EVP_PKEY_OP_KEYGEN, -1, NULL, NULL,
2437 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2438 { SET, EVP_PKEY_X448, EVP_PKEY_X448, EVP_PKEY_OP_PARAMGEN, -1, NULL, NULL,
2439 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2440 };
2441
2442 static const struct translation_st evp_pkey_translations[] = {
2443 /*
2444 * The following contain no ctrls, they are exclusively here to extract
2445 * key payloads from legacy keys, using OSSL_PARAMs, and rely entirely
2446 * on |fixup_args| to pass the actual data. The |fixup_args| should
2447 * expect to get the EVP_PKEY pointer through |ctx->p2|.
2448 */
2449
2450 /* DH, DSA & EC */
2451 { GET, -1, -1, -1, 0, NULL, NULL,
2452 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING,
2453 get_payload_group_name },
2454 { GET, -1, -1, -1, 0, NULL, NULL,
2455 OSSL_PKEY_PARAM_PRIV_KEY, OSSL_PARAM_UNSIGNED_INTEGER,
2456 get_payload_private_key },
2457 { GET, -1, -1, -1, 0, NULL, NULL,
2458 OSSL_PKEY_PARAM_PUB_KEY,
2459 0 /* no data type, let get_payload_public_key() handle that */,
2460 get_payload_public_key },
2461 { GET, -1, -1, -1, 0, NULL, NULL,
2462 OSSL_PKEY_PARAM_EC_PUB_X, OSSL_PARAM_UNSIGNED_INTEGER,
2463 get_payload_public_key_ec },
2464 { GET, -1, -1, -1, 0, NULL, NULL,
2465 OSSL_PKEY_PARAM_EC_PUB_Y, OSSL_PARAM_UNSIGNED_INTEGER,
2466 get_payload_public_key_ec },
2467
2468 /* DH and DSA */
2469 { GET, -1, -1, -1, 0, NULL, NULL,
2470 OSSL_PKEY_PARAM_FFC_P, OSSL_PARAM_UNSIGNED_INTEGER,
2471 get_dh_dsa_payload_p },
2472 { GET, -1, -1, -1, 0, NULL, NULL,
2473 OSSL_PKEY_PARAM_FFC_G, OSSL_PARAM_UNSIGNED_INTEGER,
2474 get_dh_dsa_payload_g },
2475 { GET, -1, -1, -1, 0, NULL, NULL,
2476 OSSL_PKEY_PARAM_FFC_Q, OSSL_PARAM_UNSIGNED_INTEGER,
2477 get_dh_dsa_payload_q },
2478
2479 /* RSA */
2480 { GET, -1, -1, -1, 0, NULL, NULL,
2481 OSSL_PKEY_PARAM_RSA_N, OSSL_PARAM_UNSIGNED_INTEGER,
2482 get_rsa_payload_n },
2483 { GET, -1, -1, -1, 0, NULL, NULL,
2484 OSSL_PKEY_PARAM_RSA_E, OSSL_PARAM_UNSIGNED_INTEGER,
2485 get_rsa_payload_e },
2486 { GET, -1, -1, -1, 0, NULL, NULL,
2487 OSSL_PKEY_PARAM_RSA_D, OSSL_PARAM_UNSIGNED_INTEGER,
2488 get_rsa_payload_d },
2489 { GET, -1, -1, -1, 0, NULL, NULL,
2490 OSSL_PKEY_PARAM_RSA_FACTOR1, OSSL_PARAM_UNSIGNED_INTEGER,
2491 get_rsa_payload_f1 },
2492 { GET, -1, -1, -1, 0, NULL, NULL,
2493 OSSL_PKEY_PARAM_RSA_FACTOR2, OSSL_PARAM_UNSIGNED_INTEGER,
2494 get_rsa_payload_f2 },
2495 { GET, -1, -1, -1, 0, NULL, NULL,
2496 OSSL_PKEY_PARAM_RSA_FACTOR3, OSSL_PARAM_UNSIGNED_INTEGER,
2497 get_rsa_payload_f3 },
2498 { GET, -1, -1, -1, 0, NULL, NULL,
2499 OSSL_PKEY_PARAM_RSA_FACTOR4, OSSL_PARAM_UNSIGNED_INTEGER,
2500 get_rsa_payload_f4 },
2501 { GET, -1, -1, -1, 0, NULL, NULL,
2502 OSSL_PKEY_PARAM_RSA_FACTOR5, OSSL_PARAM_UNSIGNED_INTEGER,
2503 get_rsa_payload_f5 },
2504 { GET, -1, -1, -1, 0, NULL, NULL,
2505 OSSL_PKEY_PARAM_RSA_FACTOR6, OSSL_PARAM_UNSIGNED_INTEGER,
2506 get_rsa_payload_f6 },
2507 { GET, -1, -1, -1, 0, NULL, NULL,
2508 OSSL_PKEY_PARAM_RSA_FACTOR7, OSSL_PARAM_UNSIGNED_INTEGER,
2509 get_rsa_payload_f7 },
2510 { GET, -1, -1, -1, 0, NULL, NULL,
2511 OSSL_PKEY_PARAM_RSA_FACTOR8, OSSL_PARAM_UNSIGNED_INTEGER,
2512 get_rsa_payload_f8 },
2513 { GET, -1, -1, -1, 0, NULL, NULL,
2514 OSSL_PKEY_PARAM_RSA_FACTOR9, OSSL_PARAM_UNSIGNED_INTEGER,
2515 get_rsa_payload_f9 },
2516 { GET, -1, -1, -1, 0, NULL, NULL,
2517 OSSL_PKEY_PARAM_RSA_FACTOR10, OSSL_PARAM_UNSIGNED_INTEGER,
2518 get_rsa_payload_f10 },
2519 { GET, -1, -1, -1, 0, NULL, NULL,
2520 OSSL_PKEY_PARAM_RSA_EXPONENT1, OSSL_PARAM_UNSIGNED_INTEGER,
2521 get_rsa_payload_e1 },
2522 { GET, -1, -1, -1, 0, NULL, NULL,
2523 OSSL_PKEY_PARAM_RSA_EXPONENT2, OSSL_PARAM_UNSIGNED_INTEGER,
2524 get_rsa_payload_e2 },
2525 { GET, -1, -1, -1, 0, NULL, NULL,
2526 OSSL_PKEY_PARAM_RSA_EXPONENT3, OSSL_PARAM_UNSIGNED_INTEGER,
2527 get_rsa_payload_e3 },
2528 { GET, -1, -1, -1, 0, NULL, NULL,
2529 OSSL_PKEY_PARAM_RSA_EXPONENT4, OSSL_PARAM_UNSIGNED_INTEGER,
2530 get_rsa_payload_e4 },
2531 { GET, -1, -1, -1, 0, NULL, NULL,
2532 OSSL_PKEY_PARAM_RSA_EXPONENT5, OSSL_PARAM_UNSIGNED_INTEGER,
2533 get_rsa_payload_e5 },
2534 { GET, -1, -1, -1, 0, NULL, NULL,
2535 OSSL_PKEY_PARAM_RSA_EXPONENT6, OSSL_PARAM_UNSIGNED_INTEGER,
2536 get_rsa_payload_e6 },
2537 { GET, -1, -1, -1, 0, NULL, NULL,
2538 OSSL_PKEY_PARAM_RSA_EXPONENT7, OSSL_PARAM_UNSIGNED_INTEGER,
2539 get_rsa_payload_e7 },
2540 { GET, -1, -1, -1, 0, NULL, NULL,
2541 OSSL_PKEY_PARAM_RSA_EXPONENT8, OSSL_PARAM_UNSIGNED_INTEGER,
2542 get_rsa_payload_e8 },
2543 { GET, -1, -1, -1, 0, NULL, NULL,
2544 OSSL_PKEY_PARAM_RSA_EXPONENT9, OSSL_PARAM_UNSIGNED_INTEGER,
2545 get_rsa_payload_e9 },
2546 { GET, -1, -1, -1, 0, NULL, NULL,
2547 OSSL_PKEY_PARAM_RSA_EXPONENT10, OSSL_PARAM_UNSIGNED_INTEGER,
2548 get_rsa_payload_e10 },
2549 { GET, -1, -1, -1, 0, NULL, NULL,
2550 OSSL_PKEY_PARAM_RSA_COEFFICIENT1, OSSL_PARAM_UNSIGNED_INTEGER,
2551 get_rsa_payload_c1 },
2552 { GET, -1, -1, -1, 0, NULL, NULL,
2553 OSSL_PKEY_PARAM_RSA_COEFFICIENT2, OSSL_PARAM_UNSIGNED_INTEGER,
2554 get_rsa_payload_c2 },
2555 { GET, -1, -1, -1, 0, NULL, NULL,
2556 OSSL_PKEY_PARAM_RSA_COEFFICIENT3, OSSL_PARAM_UNSIGNED_INTEGER,
2557 get_rsa_payload_c3 },
2558 { GET, -1, -1, -1, 0, NULL, NULL,
2559 OSSL_PKEY_PARAM_RSA_COEFFICIENT4, OSSL_PARAM_UNSIGNED_INTEGER,
2560 get_rsa_payload_c4 },
2561 { GET, -1, -1, -1, 0, NULL, NULL,
2562 OSSL_PKEY_PARAM_RSA_COEFFICIENT5, OSSL_PARAM_UNSIGNED_INTEGER,
2563 get_rsa_payload_c5 },
2564 { GET, -1, -1, -1, 0, NULL, NULL,
2565 OSSL_PKEY_PARAM_RSA_COEFFICIENT6, OSSL_PARAM_UNSIGNED_INTEGER,
2566 get_rsa_payload_c6 },
2567 { GET, -1, -1, -1, 0, NULL, NULL,
2568 OSSL_PKEY_PARAM_RSA_COEFFICIENT7, OSSL_PARAM_UNSIGNED_INTEGER,
2569 get_rsa_payload_c7 },
2570 { GET, -1, -1, -1, 0, NULL, NULL,
2571 OSSL_PKEY_PARAM_RSA_COEFFICIENT8, OSSL_PARAM_UNSIGNED_INTEGER,
2572 get_rsa_payload_c8 },
2573 { GET, -1, -1, -1, 0, NULL, NULL,
2574 OSSL_PKEY_PARAM_RSA_COEFFICIENT9, OSSL_PARAM_UNSIGNED_INTEGER,
2575 get_rsa_payload_c9 },
2576
2577 /* EC */
2578 { GET, -1, -1, -1, 0, NULL, NULL,
2579 OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS, OSSL_PARAM_INTEGER,
2580 get_ec_decoded_from_explicit_params },
2581 };
2582
2583 static const struct translation_st *
lookup_translation(struct translation_st * tmpl,const struct translation_st * translations,size_t translations_num)2584 lookup_translation(struct translation_st *tmpl,
2585 const struct translation_st *translations,
2586 size_t translations_num)
2587 {
2588 size_t i;
2589
2590 for (i = 0; i < translations_num; i++) {
2591 const struct translation_st *item = &translations[i];
2592
2593 /*
2594 * Sanity check the translation table item.
2595 *
2596 * 1. Either both keytypes are -1, or neither of them are.
2597 * 2. TBA...
2598 */
2599 if (!ossl_assert((item->keytype1 == -1) == (item->keytype2 == -1)))
2600 continue;
2601
2602
2603 /*
2604 * Base search criteria: check that the optype and keytypes match,
2605 * if relevant. All callers must synthesise these bits somehow.
2606 */
2607 if (item->optype != -1 && (tmpl->optype & item->optype) == 0)
2608 continue;
2609 /*
2610 * This expression is stunningly simple thanks to the sanity check
2611 * above.
2612 */
2613 if (item->keytype1 != -1
2614 && tmpl->keytype1 != item->keytype1
2615 && tmpl->keytype2 != item->keytype2)
2616 continue;
2617
2618 /*
2619 * Done with the base search criteria, now we check the criteria for
2620 * the individual types of translations:
2621 * ctrl->params, ctrl_str->params, and params->ctrl
2622 */
2623 if (tmpl->ctrl_num != 0) {
2624 if (tmpl->ctrl_num != item->ctrl_num)
2625 continue;
2626 } else if (tmpl->ctrl_str != NULL) {
2627 const char *ctrl_str = NULL;
2628 const char *ctrl_hexstr = NULL;
2629
2630 /*
2631 * Search criteria that originates from a ctrl_str is only used
2632 * for setting, never for getting. Therefore, we only look at
2633 * the setter items.
2634 */
2635 if (item->action_type != NONE
2636 && item->action_type != SET)
2637 continue;
2638 /*
2639 * At least one of the ctrl cmd names must be match the ctrl
2640 * cmd name in the template.
2641 */
2642 if (item->ctrl_str != NULL
2643 && OPENSSL_strcasecmp(tmpl->ctrl_str, item->ctrl_str) == 0)
2644 ctrl_str = tmpl->ctrl_str;
2645 else if (item->ctrl_hexstr != NULL
2646 && OPENSSL_strcasecmp(tmpl->ctrl_hexstr,
2647 item->ctrl_hexstr) == 0)
2648 ctrl_hexstr = tmpl->ctrl_hexstr;
2649 else
2650 continue;
2651
2652 /* Modify the template to signal which string matched */
2653 tmpl->ctrl_str = ctrl_str;
2654 tmpl->ctrl_hexstr = ctrl_hexstr;
2655 } else if (tmpl->param_key != NULL) {
2656 /*
2657 * Search criteria that originates from an OSSL_PARAM setter or
2658 * getter.
2659 *
2660 * Ctrls were fundamentally bidirectional, with only the ctrl
2661 * command macro name implying direction (if you're lucky).
2662 * A few ctrl commands were even taking advantage of the
2663 * bidirectional nature, making the direction depend in the
2664 * value of the numeric argument.
2665 *
2666 * OSSL_PARAM functions are fundamentally different, in that
2667 * setters and getters are separated, so the data direction is
2668 * implied by the function that's used. The same OSSL_PARAM
2669 * key name can therefore be used in both directions. We must
2670 * therefore take the action type into account in this case.
2671 */
2672 if ((item->action_type != NONE
2673 && tmpl->action_type != item->action_type)
2674 || (item->param_key != NULL
2675 && OPENSSL_strcasecmp(tmpl->param_key,
2676 item->param_key) != 0))
2677 continue;
2678 } else {
2679 return NULL;
2680 }
2681
2682 return item;
2683 }
2684
2685 return NULL;
2686 }
2687
2688 static const struct translation_st *
lookup_evp_pkey_ctx_translation(struct translation_st * tmpl)2689 lookup_evp_pkey_ctx_translation(struct translation_st *tmpl)
2690 {
2691 return lookup_translation(tmpl, evp_pkey_ctx_translations,
2692 OSSL_NELEM(evp_pkey_ctx_translations));
2693 }
2694
2695 static const struct translation_st *
lookup_evp_pkey_translation(struct translation_st * tmpl)2696 lookup_evp_pkey_translation(struct translation_st *tmpl)
2697 {
2698 return lookup_translation(tmpl, evp_pkey_translations,
2699 OSSL_NELEM(evp_pkey_translations));
2700 }
2701
2702 /* This must ONLY be called for provider side operations */
evp_pkey_ctx_ctrl_to_param(EVP_PKEY_CTX * pctx,int keytype,int optype,int cmd,int p1,void * p2)2703 int evp_pkey_ctx_ctrl_to_param(EVP_PKEY_CTX *pctx,
2704 int keytype, int optype,
2705 int cmd, int p1, void *p2)
2706 {
2707 struct translation_ctx_st ctx = { 0, };
2708 struct translation_st tmpl = { 0, };
2709 const struct translation_st *translation = NULL;
2710 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
2711 int ret;
2712 fixup_args_fn *fixup = default_fixup_args;
2713
2714 if (keytype == -1)
2715 keytype = pctx->legacy_keytype;
2716 tmpl.ctrl_num = cmd;
2717 tmpl.keytype1 = tmpl.keytype2 = keytype;
2718 tmpl.optype = optype;
2719 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2720
2721 if (translation == NULL) {
2722 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
2723 return -2;
2724 }
2725
2726 if (pctx->pmeth != NULL
2727 && pctx->pmeth->pkey_id != translation->keytype1
2728 && pctx->pmeth->pkey_id != translation->keytype2)
2729 return -1;
2730
2731 if (translation->fixup_args != NULL)
2732 fixup = translation->fixup_args;
2733 ctx.action_type = translation->action_type;
2734 ctx.ctrl_cmd = cmd;
2735 ctx.p1 = p1;
2736 ctx.p2 = p2;
2737 ctx.pctx = pctx;
2738 ctx.params = params;
2739
2740 ret = fixup(PRE_CTRL_TO_PARAMS, translation, &ctx);
2741
2742 if (ret > 0) {
2743 switch (ctx.action_type) {
2744 default:
2745 /* fixup_args is expected to make sure this is dead code */
2746 break;
2747 case GET:
2748 ret = evp_pkey_ctx_get_params_strict(pctx, ctx.params);
2749 break;
2750 case SET:
2751 ret = evp_pkey_ctx_set_params_strict(pctx, ctx.params);
2752 break;
2753 }
2754 }
2755
2756 /*
2757 * In POST, we pass the return value as p1, allowing the fixup_args
2758 * function to affect it by changing its value.
2759 */
2760 if (ret > 0) {
2761 ctx.p1 = ret;
2762 fixup(POST_CTRL_TO_PARAMS, translation, &ctx);
2763 ret = ctx.p1;
2764 }
2765
2766 cleanup_translation_ctx(POST_CTRL_TO_PARAMS, translation, &ctx);
2767
2768 return ret;
2769 }
2770
2771 /* This must ONLY be called for provider side operations */
evp_pkey_ctx_ctrl_str_to_param(EVP_PKEY_CTX * pctx,const char * name,const char * value)2772 int evp_pkey_ctx_ctrl_str_to_param(EVP_PKEY_CTX *pctx,
2773 const char *name, const char *value)
2774 {
2775 struct translation_ctx_st ctx = { 0, };
2776 struct translation_st tmpl = { 0, };
2777 const struct translation_st *translation = NULL;
2778 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
2779 int keytype = pctx->legacy_keytype;
2780 int optype = pctx->operation == 0 ? -1 : pctx->operation;
2781 int ret;
2782 fixup_args_fn *fixup = default_fixup_args;
2783
2784 tmpl.action_type = SET;
2785 tmpl.keytype1 = tmpl.keytype2 = keytype;
2786 tmpl.optype = optype;
2787 tmpl.ctrl_str = name;
2788 tmpl.ctrl_hexstr = name;
2789 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2790
2791 if (translation != NULL) {
2792 if (translation->fixup_args != NULL)
2793 fixup = translation->fixup_args;
2794 ctx.action_type = translation->action_type;
2795 ctx.ishex = (tmpl.ctrl_hexstr != NULL);
2796 } else {
2797 /* String controls really only support setting */
2798 ctx.action_type = SET;
2799 }
2800 ctx.ctrl_str = name;
2801 ctx.p1 = (int)strlen(value);
2802 ctx.p2 = (char *)value;
2803 ctx.pctx = pctx;
2804 ctx.params = params;
2805
2806 ret = fixup(PRE_CTRL_STR_TO_PARAMS, translation, &ctx);
2807
2808 if (ret > 0) {
2809 switch (ctx.action_type) {
2810 default:
2811 /* fixup_args is expected to make sure this is dead code */
2812 break;
2813 case GET:
2814 /*
2815 * this is dead code, but must be present, or some compilers
2816 * will complain
2817 */
2818 break;
2819 case SET:
2820 ret = evp_pkey_ctx_set_params_strict(pctx, ctx.params);
2821 break;
2822 }
2823 }
2824
2825 if (ret > 0)
2826 ret = fixup(POST_CTRL_STR_TO_PARAMS, translation, &ctx);
2827
2828 cleanup_translation_ctx(CLEANUP_CTRL_STR_TO_PARAMS, translation, &ctx);
2829
2830 return ret;
2831 }
2832
2833 /* This must ONLY be called for legacy operations */
evp_pkey_ctx_setget_params_to_ctrl(EVP_PKEY_CTX * pctx,enum action action_type,OSSL_PARAM * params)2834 static int evp_pkey_ctx_setget_params_to_ctrl(EVP_PKEY_CTX *pctx,
2835 enum action action_type,
2836 OSSL_PARAM *params)
2837 {
2838 int keytype = pctx->legacy_keytype;
2839 int optype = pctx->operation == 0 ? -1 : pctx->operation;
2840
2841 for (; params != NULL && params->key != NULL; params++) {
2842 struct translation_ctx_st ctx = { 0, };
2843 struct translation_st tmpl = { 0, };
2844 const struct translation_st *translation = NULL;
2845 fixup_args_fn *fixup = default_fixup_args;
2846 int ret;
2847
2848 ctx.action_type = tmpl.action_type = action_type;
2849 tmpl.keytype1 = tmpl.keytype2 = keytype;
2850 tmpl.optype = optype;
2851 tmpl.param_key = params->key;
2852 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2853
2854 if (translation != NULL) {
2855 if (translation->fixup_args != NULL)
2856 fixup = translation->fixup_args;
2857 ctx.ctrl_cmd = translation->ctrl_num;
2858 }
2859 ctx.pctx = pctx;
2860 ctx.params = params;
2861
2862 ret = fixup(PRE_PARAMS_TO_CTRL, translation, &ctx);
2863
2864 if (ret > 0 && ctx.action_type != NONE)
2865 ret = EVP_PKEY_CTX_ctrl(pctx, keytype, optype,
2866 ctx.ctrl_cmd, ctx.p1, ctx.p2);
2867
2868 /*
2869 * In POST, we pass the return value as p1, allowing the fixup_args
2870 * function to put it to good use, or maybe affect it.
2871 */
2872 if (ret > 0) {
2873 ctx.p1 = ret;
2874 fixup(POST_PARAMS_TO_CTRL, translation, &ctx);
2875 ret = ctx.p1;
2876 }
2877
2878 cleanup_translation_ctx(CLEANUP_PARAMS_TO_CTRL, translation, &ctx);
2879
2880 if (ret <= 0)
2881 return 0;
2882 }
2883 return 1;
2884 }
2885
evp_pkey_ctx_set_params_to_ctrl(EVP_PKEY_CTX * ctx,const OSSL_PARAM * params)2886 int evp_pkey_ctx_set_params_to_ctrl(EVP_PKEY_CTX *ctx, const OSSL_PARAM *params)
2887 {
2888 return evp_pkey_ctx_setget_params_to_ctrl(ctx, SET, (OSSL_PARAM *)params);
2889 }
2890
evp_pkey_ctx_get_params_to_ctrl(EVP_PKEY_CTX * ctx,OSSL_PARAM * params)2891 int evp_pkey_ctx_get_params_to_ctrl(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
2892 {
2893 return evp_pkey_ctx_setget_params_to_ctrl(ctx, GET, params);
2894 }
2895
2896 /* This must ONLY be called for legacy EVP_PKEYs */
evp_pkey_setget_params_to_ctrl(const EVP_PKEY * pkey,enum action action_type,OSSL_PARAM * params)2897 static int evp_pkey_setget_params_to_ctrl(const EVP_PKEY *pkey,
2898 enum action action_type,
2899 OSSL_PARAM *params)
2900 {
2901 int ret = 1;
2902
2903 for (; params != NULL && params->key != NULL; params++) {
2904 struct translation_ctx_st ctx = { 0, };
2905 struct translation_st tmpl = { 0, };
2906 const struct translation_st *translation = NULL;
2907 fixup_args_fn *fixup = default_fixup_args;
2908
2909 tmpl.action_type = action_type;
2910 tmpl.param_key = params->key;
2911 translation = lookup_evp_pkey_translation(&tmpl);
2912
2913 if (translation != NULL) {
2914 if (translation->fixup_args != NULL)
2915 fixup = translation->fixup_args;
2916 ctx.action_type = translation->action_type;
2917 }
2918 ctx.p2 = (void *)pkey;
2919 ctx.params = params;
2920
2921 /*
2922 * EVP_PKEY doesn't have any ctrl function, so we rely completely
2923 * on fixup_args to do the whole work. Also, we currently only
2924 * support getting.
2925 */
2926 if (!ossl_assert(translation != NULL)
2927 || !ossl_assert(translation->action_type == GET)
2928 || !ossl_assert(translation->fixup_args != NULL)) {
2929 return -2;
2930 }
2931
2932 ret = fixup(PKEY, translation, &ctx);
2933
2934 cleanup_translation_ctx(PKEY, translation, &ctx);
2935 }
2936 return ret;
2937 }
2938
evp_pkey_get_params_to_ctrl(const EVP_PKEY * pkey,OSSL_PARAM * params)2939 int evp_pkey_get_params_to_ctrl(const EVP_PKEY *pkey, OSSL_PARAM *params)
2940 {
2941 return evp_pkey_setget_params_to_ctrl(pkey, GET, params);
2942 }
2943
