xref: /openssl/providers/encoders.inc (revision da1c088f) 
1/*
2 * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License").  You may not use
5 * this file except in compliance with the License.  You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#ifndef ENCODER_PROVIDER
11# error Macro ENCODER_PROVIDER undefined
12#endif
13
14#define ENCODER_STRUCTURE_type_specific_keypair         "type-specific"
15#define ENCODER_STRUCTURE_type_specific_params          "type-specific"
16#define ENCODER_STRUCTURE_type_specific                 "type-specific"
17#define ENCODER_STRUCTURE_type_specific_no_pub          "type-specific"
18#define ENCODER_STRUCTURE_EncryptedPrivateKeyInfo       "EncryptedPrivateKeyInfo"
19#define ENCODER_STRUCTURE_PrivateKeyInfo                "PrivateKeyInfo"
20#define ENCODER_STRUCTURE_SubjectPublicKeyInfo          "SubjectPublicKeyInfo"
21#define ENCODER_STRUCTURE_DH                            "dh"
22#define ENCODER_STRUCTURE_DHX                           "dhx"
23#define ENCODER_STRUCTURE_DSA                           "dsa"
24#define ENCODER_STRUCTURE_EC                            "ec"
25#define ENCODER_STRUCTURE_RSA                           "rsa"
26#define ENCODER_STRUCTURE_PKCS1                         "pkcs1"
27#define ENCODER_STRUCTURE_PKCS3                         "pkcs3"
28#define ENCODER_STRUCTURE_X9_42                         "X9.42"
29#define ENCODER_STRUCTURE_X9_62                         "X9.62"
30
31/* Arguments are prefixed with '_' to avoid build breaks on certain platforms */
32#define ENCODER_TEXT(_name, _sym, _fips)                                \
33    { _name,                                                            \
34      "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=text",      \
35      (ossl_##_sym##_to_text_encoder_functions) }
36#define ENCODER(_name, _sym, _fips, _output)                            \
37    { _name,                                                            \
38      "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=" #_output, \
39      (ossl_##_sym##_to_##_output##_encoder_functions) }
40#define ENCODER_w_structure(_name, _sym, _fips, _output, _structure)    \
41    { _name,                                                            \
42      "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=" #_output  \
43      ",structure=" ENCODER_STRUCTURE_##_structure,                     \
44      (ossl_##_sym##_to_##_structure##_##_output##_encoder_functions) }
45
46/*
47 * Entries for human text "encoders"
48 */
49ENCODER_TEXT("RSA", rsa, yes),
50ENCODER_TEXT("RSA-PSS", rsapss, yes),
51#ifndef OPENSSL_NO_DH
52ENCODER_TEXT("DH", dh, yes),
53ENCODER_TEXT("DHX", dhx, yes),
54#endif
55#ifndef OPENSSL_NO_DSA
56ENCODER_TEXT("DSA", dsa, yes),
57#endif
58#ifndef OPENSSL_NO_EC
59ENCODER_TEXT("EC", ec, yes),
60# ifndef OPENSSL_NO_ECX
61ENCODER_TEXT("ED25519", ed25519, yes),
62ENCODER_TEXT("ED448", ed448, yes),
63ENCODER_TEXT("X25519", x25519, yes),
64ENCODER_TEXT("X448", x448, yes),
65# endif
66# ifndef OPENSSL_NO_SM2
67ENCODER_TEXT("SM2", sm2, no),
68# endif
69#endif
70
71/*
72 * Entries for key type specific output formats.  The structure name on these
73 * is the same as the key type name.  This allows us to say something like:
74 *
75 * To replace i2d_{TYPE}PrivateKey(), i2d_{TYPE}PublicKey() and
76 * i2d_{TYPE}Params(), use OSSL_ENCODER functions with an OSSL_ENCODER_CTX
77 * created like this:
78 *
79 * OSSL_ENCODER_CTX *ctx =
80 *     OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "DER", "type-specific",
81 *                                   NULL, NULL);
82 *
83 * To replace PEM_write_bio_{TYPE}PrivateKey(), PEM_write_bio_{TYPE}PublicKey()
84 * and PEM_write_bio_{TYPE}Params(), use OSSL_ENCODER functions with an
85 * OSSL_ENCODER_CTX created like this:
86 *
87 * OSSL_ENCODER_CTX *ctx =
88 *     OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "PEM", "type-specific",
89 *                                   NULL, NULL);
90 *
91 * We only implement those for which there are current i2d_ and PEM_write_bio
92 * implementations.
93 */
94
95/* The RSA encoders only support private key and public key output */
96ENCODER_w_structure("RSA", rsa, yes, der, type_specific_keypair),
97ENCODER_w_structure("RSA", rsa, yes, pem, type_specific_keypair),
98#ifndef OPENSSL_NO_DH
99/* DH and X9.42 DH only support key parameters output. */
100ENCODER_w_structure("DH", dh, yes, der, type_specific_params),
101ENCODER_w_structure("DH", dh, yes, pem, type_specific_params),
102ENCODER_w_structure("DHX", dhx, yes, der, type_specific_params),
103ENCODER_w_structure("DHX", dhx, yes, pem, type_specific_params),
104#endif
105#ifndef OPENSSL_NO_DSA
106ENCODER_w_structure("DSA", dsa, yes, der, type_specific),
107ENCODER_w_structure("DSA", dsa, yes, pem, type_specific),
108#endif
109#ifndef OPENSSL_NO_EC
110/* EC only supports keypair and parameters DER and PEM output. */
111ENCODER_w_structure("EC", ec, yes, der, type_specific_no_pub),
112ENCODER_w_structure("EC", ec, yes, pem, type_specific_no_pub),
113/* EC supports blob output for the public key */
114ENCODER("EC", ec, yes, blob),
115# ifndef OPENSSL_NO_SM2
116ENCODER_w_structure("SM2", sm2, no, der, type_specific_no_pub),
117ENCODER_w_structure("SM2", sm2, no, pem, type_specific_no_pub),
118ENCODER("SM2", sm2, no, blob),
119# endif
120#endif
121
122/*
123 * Entries for the output formats MSBLOB and PVK
124 */
125ENCODER("RSA", rsa, yes, msblob),
126ENCODER("RSA", rsa, yes, pvk),
127#ifndef OPENSSL_NO_DSA
128ENCODER("DSA", dsa, yes, msblob),
129ENCODER("DSA", dsa, yes, pvk),
130#endif
131
132/*
133 * Entries for encrypted PKCS#8 (EncryptedPrivateKeyInfo), unencrypted PKCS#8
134 * (PrivateKeyInfo) and SubjectPublicKeyInfo.  The "der" ones are added
135 * convenience for any user that wants to use OSSL_ENCODER directly.
136 * The "pem" ones also support PEM_write_bio_PrivateKey() and
137 * PEM_write_bio_PUBKEY().
138 */
139ENCODER_w_structure("RSA", rsa, yes, der, EncryptedPrivateKeyInfo),
140ENCODER_w_structure("RSA", rsa, yes, pem, EncryptedPrivateKeyInfo),
141ENCODER_w_structure("RSA", rsa, yes, der, PrivateKeyInfo),
142ENCODER_w_structure("RSA", rsa, yes, pem, PrivateKeyInfo),
143ENCODER_w_structure("RSA", rsa, yes, der, SubjectPublicKeyInfo),
144ENCODER_w_structure("RSA", rsa, yes, pem, SubjectPublicKeyInfo),
145
146ENCODER_w_structure("RSA-PSS", rsapss, yes, der, EncryptedPrivateKeyInfo),
147ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, EncryptedPrivateKeyInfo),
148ENCODER_w_structure("RSA-PSS", rsapss, yes, der, PrivateKeyInfo),
149ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, PrivateKeyInfo),
150ENCODER_w_structure("RSA-PSS", rsapss, yes, der, SubjectPublicKeyInfo),
151ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, SubjectPublicKeyInfo),
152
153#ifndef OPENSSL_NO_DH
154ENCODER_w_structure("DH", dh, yes, der, EncryptedPrivateKeyInfo),
155ENCODER_w_structure("DH", dh, yes, pem, EncryptedPrivateKeyInfo),
156ENCODER_w_structure("DH", dh, yes, der, PrivateKeyInfo),
157ENCODER_w_structure("DH", dh, yes, pem, PrivateKeyInfo),
158ENCODER_w_structure("DH", dh, yes, der, SubjectPublicKeyInfo),
159ENCODER_w_structure("DH", dh, yes, pem, SubjectPublicKeyInfo),
160
161ENCODER_w_structure("DHX", dhx, yes, der, EncryptedPrivateKeyInfo),
162ENCODER_w_structure("DHX", dhx, yes, pem, EncryptedPrivateKeyInfo),
163ENCODER_w_structure("DHX", dhx, yes, der, PrivateKeyInfo),
164ENCODER_w_structure("DHX", dhx, yes, pem, PrivateKeyInfo),
165ENCODER_w_structure("DHX", dhx, yes, der, SubjectPublicKeyInfo),
166ENCODER_w_structure("DHX", dhx, yes, pem, SubjectPublicKeyInfo),
167#endif
168
169#ifndef OPENSSL_NO_DSA
170ENCODER_w_structure("DSA", dsa, yes, der, EncryptedPrivateKeyInfo),
171ENCODER_w_structure("DSA", dsa, yes, pem, EncryptedPrivateKeyInfo),
172ENCODER_w_structure("DSA", dsa, yes, der, PrivateKeyInfo),
173ENCODER_w_structure("DSA", dsa, yes, pem, PrivateKeyInfo),
174ENCODER_w_structure("DSA", dsa, yes, der, SubjectPublicKeyInfo),
175ENCODER_w_structure("DSA", dsa, yes, pem, SubjectPublicKeyInfo),
176#endif
177
178#ifndef OPENSSL_NO_EC
179ENCODER_w_structure("EC", ec, yes, der, EncryptedPrivateKeyInfo),
180ENCODER_w_structure("EC", ec, yes, pem, EncryptedPrivateKeyInfo),
181ENCODER_w_structure("EC", ec, yes, der, PrivateKeyInfo),
182ENCODER_w_structure("EC", ec, yes, pem, PrivateKeyInfo),
183ENCODER_w_structure("EC", ec, yes, der, SubjectPublicKeyInfo),
184ENCODER_w_structure("EC", ec, yes, pem, SubjectPublicKeyInfo),
185
186#ifndef OPENSSL_NO_ECX
187ENCODER_w_structure("X25519", x25519, yes, der, EncryptedPrivateKeyInfo),
188ENCODER_w_structure("X25519", x25519, yes, pem, EncryptedPrivateKeyInfo),
189ENCODER_w_structure("X25519", x25519, yes, der, PrivateKeyInfo),
190ENCODER_w_structure("X25519", x25519, yes, pem, PrivateKeyInfo),
191ENCODER_w_structure("X25519", x25519, yes, der, SubjectPublicKeyInfo),
192ENCODER_w_structure("X25519", x25519, yes, pem, SubjectPublicKeyInfo),
193
194ENCODER_w_structure("X448", x448, yes, der, EncryptedPrivateKeyInfo),
195ENCODER_w_structure("X448", x448, yes, pem, EncryptedPrivateKeyInfo),
196ENCODER_w_structure("X448", x448, yes, der, PrivateKeyInfo),
197ENCODER_w_structure("X448", x448, yes, pem, PrivateKeyInfo),
198ENCODER_w_structure("X448", x448, yes, der, SubjectPublicKeyInfo),
199ENCODER_w_structure("X448", x448, yes, pem, SubjectPublicKeyInfo),
200
201ENCODER_w_structure("ED25519", ed25519, yes, der, EncryptedPrivateKeyInfo),
202ENCODER_w_structure("ED25519", ed25519, yes, pem, EncryptedPrivateKeyInfo),
203ENCODER_w_structure("ED25519", ed25519, yes, der, PrivateKeyInfo),
204ENCODER_w_structure("ED25519", ed25519, yes, pem, PrivateKeyInfo),
205ENCODER_w_structure("ED25519", ed25519, yes, der, SubjectPublicKeyInfo),
206ENCODER_w_structure("ED25519", ed25519, yes, pem, SubjectPublicKeyInfo),
207
208ENCODER_w_structure("ED448", ed448, yes, der, EncryptedPrivateKeyInfo),
209ENCODER_w_structure("ED448", ed448, yes, pem, EncryptedPrivateKeyInfo),
210ENCODER_w_structure("ED448", ed448, yes, der, PrivateKeyInfo),
211ENCODER_w_structure("ED448", ed448, yes, pem, PrivateKeyInfo),
212ENCODER_w_structure("ED448", ed448, yes, der, SubjectPublicKeyInfo),
213ENCODER_w_structure("ED448", ed448, yes, pem, SubjectPublicKeyInfo),
214# endif
215
216# ifndef OPENSSL_NO_SM2
217ENCODER_w_structure("SM2", sm2, no, der, EncryptedPrivateKeyInfo),
218ENCODER_w_structure("SM2", sm2, no, pem, EncryptedPrivateKeyInfo),
219ENCODER_w_structure("SM2", sm2, no, der, PrivateKeyInfo),
220ENCODER_w_structure("SM2", sm2, no, pem, PrivateKeyInfo),
221ENCODER_w_structure("SM2", sm2, no, der, SubjectPublicKeyInfo),
222ENCODER_w_structure("SM2", sm2, no, pem, SubjectPublicKeyInfo),
223# endif
224#endif
225
226/*
227 * Entries for key type specific output formats.  These are exactly the
228 * same as the type specific above, except that they use the key type
229 * name as structure name instead of "type-specific", in the call on
230 * OSSL_ENCODER_CTX_new_for_pkey().
231 */
232
233/* The RSA encoders only support private key and public key output */
234ENCODER_w_structure("RSA", rsa, yes, der, RSA),
235ENCODER_w_structure("RSA", rsa, yes, pem, RSA),
236#ifndef OPENSSL_NO_DH
237/* DH and X9.42 DH only support key parameters output. */
238ENCODER_w_structure("DH", dh, yes, der, DH),
239ENCODER_w_structure("DH", dh, yes, pem, DH),
240ENCODER_w_structure("DHX", dhx, yes, der, DHX),
241ENCODER_w_structure("DHX", dhx, yes, pem, DHX),
242#endif
243#ifndef OPENSSL_NO_DSA
244ENCODER_w_structure("DSA", dsa, yes, der, DSA),
245ENCODER_w_structure("DSA", dsa, yes, pem, DSA),
246#endif
247#ifndef OPENSSL_NO_EC
248ENCODER_w_structure("EC", ec, yes, der, EC),
249ENCODER_w_structure("EC", ec, yes, pem, EC),
250#endif
251
252/*
253 * Additional entries with structure names being the standard name.
254 * This is entirely for the convenience of the user that wants to use
255 * OSSL_ENCODER directly with names they may fancy.  These do not impact
256 * on libcrypto functionality in any way.
257 */
258/* PKCS#1 is a well known for plain RSA keys, so we add that too */
259ENCODER_w_structure("RSA", rsa, yes, der, PKCS1),
260ENCODER_w_structure("RSA", rsa, yes, pem, PKCS1),
261ENCODER_w_structure("RSA-PSS", rsapss, yes, der, PKCS1),
262ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, PKCS1),
263#ifndef OPENSSL_NO_DH
264/* PKCS#3 defines the format for DH parameters */
265ENCODER_w_structure("DH", dh, yes, der, PKCS3),
266ENCODER_w_structure("DH", dh, yes, pem, PKCS3),
267/* X9.42 defines the format for DHX parameters */
268ENCODER_w_structure("DHX", dhx, yes, der, X9_42),
269ENCODER_w_structure("DHX", dhx, yes, pem, X9_42),
270#endif
271#ifndef OPENSSL_NO_EC
272/* RFC 5915 defines the format for EC keys and parameters */
273ENCODER_w_structure("EC", ec, yes, der, X9_62),
274ENCODER_w_structure("EC", ec, yes, pem, X9_62),
275#endif
276