/src/openssl/providers/implementations/encode_decode/encode_key2text.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* |
11 | | * Low level APIs are deprecated for public use, but still ok for internal use. |
12 | | */ |
13 | | #include "internal/deprecated.h" |
14 | | |
15 | | #include <ctype.h> |
16 | | |
17 | | #include <openssl/core.h> |
18 | | #include <openssl/core_dispatch.h> |
19 | | #include <openssl/core_names.h> |
20 | | #include <openssl/bn.h> |
21 | | #include <openssl/err.h> |
22 | | #include <openssl/safestack.h> |
23 | | #include <openssl/proverr.h> |
24 | | #include "internal/ffc.h" |
25 | | #include "crypto/bn.h" /* bn_get_words() */ |
26 | | #include "crypto/dh.h" /* ossl_dh_get0_params() */ |
27 | | #include "crypto/dsa.h" /* ossl_dsa_get0_params() */ |
28 | | #include "crypto/ec.h" /* ossl_ec_key_get_libctx */ |
29 | | #include "crypto/ecx.h" /* ECX_KEY, etc... */ |
30 | | #include "crypto/rsa.h" /* RSA_PSS_PARAMS_30, etc... */ |
31 | | #include "prov/bio.h" |
32 | | #include "prov/implementations.h" |
33 | | #include "endecoder_local.h" |
34 | | |
35 | | DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) |
36 | | |
37 | | # ifdef SIXTY_FOUR_BIT_LONG |
38 | | # define BN_FMTu "%lu" |
39 | | # define BN_FMTx "%lx" |
40 | | # endif |
41 | | |
42 | | # ifdef SIXTY_FOUR_BIT |
43 | | # define BN_FMTu "%llu" |
44 | | # define BN_FMTx "%llx" |
45 | | # endif |
46 | | |
47 | | # ifdef THIRTY_TWO_BIT |
48 | | # define BN_FMTu "%u" |
49 | | # define BN_FMTx "%x" |
50 | | # endif |
51 | | |
52 | | static int print_labeled_bignum(BIO *out, const char *label, const BIGNUM *bn) |
53 | 0 | { |
54 | 0 | int ret = 0, use_sep = 0; |
55 | 0 | char *hex_str = NULL, *p; |
56 | 0 | const char spaces[] = " "; |
57 | 0 | const char *post_label_spc = " "; |
58 | |
|
59 | 0 | const char *neg = ""; |
60 | 0 | int bytes; |
61 | |
|
62 | 0 | if (bn == NULL) |
63 | 0 | return 0; |
64 | 0 | if (label == NULL) { |
65 | 0 | label = ""; |
66 | 0 | post_label_spc = ""; |
67 | 0 | } |
68 | |
|
69 | 0 | if (BN_is_zero(bn)) |
70 | 0 | return BIO_printf(out, "%s%s0\n", label, post_label_spc); |
71 | | |
72 | 0 | if (BN_num_bytes(bn) <= BN_BYTES) { |
73 | 0 | BN_ULONG *words = bn_get_words(bn); |
74 | |
|
75 | 0 | if (BN_is_negative(bn)) |
76 | 0 | neg = "-"; |
77 | |
|
78 | 0 | return BIO_printf(out, "%s%s%s" BN_FMTu " (%s0x" BN_FMTx ")\n", |
79 | 0 | label, post_label_spc, neg, words[0], neg, words[0]); |
80 | 0 | } |
81 | | |
82 | 0 | hex_str = BN_bn2hex(bn); |
83 | 0 | if (hex_str == NULL) |
84 | 0 | return 0; |
85 | | |
86 | 0 | p = hex_str; |
87 | 0 | if (*p == '-') { |
88 | 0 | ++p; |
89 | 0 | neg = " (Negative)"; |
90 | 0 | } |
91 | 0 | if (BIO_printf(out, "%s%s\n", label, neg) <= 0) |
92 | 0 | goto err; |
93 | | |
94 | | /* Keep track of how many bytes we have printed out so far */ |
95 | 0 | bytes = 0; |
96 | |
|
97 | 0 | if (BIO_printf(out, "%s", spaces) <= 0) |
98 | 0 | goto err; |
99 | | |
100 | | /* Add a leading 00 if the top bit is set */ |
101 | 0 | if (*p >= '8') { |
102 | 0 | if (BIO_printf(out, "%02x", 0) <= 0) |
103 | 0 | goto err; |
104 | 0 | ++bytes; |
105 | 0 | use_sep = 1; |
106 | 0 | } |
107 | 0 | while (*p != '\0') { |
108 | | /* Do a newline after every 15 hex bytes + add the space indent */ |
109 | 0 | if ((bytes % 15) == 0 && bytes > 0) { |
110 | 0 | if (BIO_printf(out, ":\n%s", spaces) <= 0) |
111 | 0 | goto err; |
112 | 0 | use_sep = 0; /* The first byte on the next line doesn't have a : */ |
113 | 0 | } |
114 | 0 | if (BIO_printf(out, "%s%c%c", use_sep ? ":" : "", |
115 | 0 | tolower((unsigned char)p[0]), |
116 | 0 | tolower((unsigned char)p[1])) <= 0) |
117 | 0 | goto err; |
118 | 0 | ++bytes; |
119 | 0 | p += 2; |
120 | 0 | use_sep = 1; |
121 | 0 | } |
122 | 0 | if (BIO_printf(out, "\n") <= 0) |
123 | 0 | goto err; |
124 | 0 | ret = 1; |
125 | 0 | err: |
126 | 0 | OPENSSL_free(hex_str); |
127 | 0 | return ret; |
128 | 0 | } |
129 | | |
130 | | /* Number of octets per line */ |
131 | 0 | #define LABELED_BUF_PRINT_WIDTH 15 |
132 | | |
133 | | #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) |
134 | | static int print_labeled_buf(BIO *out, const char *label, |
135 | | const unsigned char *buf, size_t buflen) |
136 | 0 | { |
137 | 0 | size_t i; |
138 | |
|
139 | 0 | if (BIO_printf(out, "%s\n", label) <= 0) |
140 | 0 | return 0; |
141 | | |
142 | 0 | for (i = 0; i < buflen; i++) { |
143 | 0 | if ((i % LABELED_BUF_PRINT_WIDTH) == 0) { |
144 | 0 | if (i > 0 && BIO_printf(out, "\n") <= 0) |
145 | 0 | return 0; |
146 | 0 | if (BIO_printf(out, " ") <= 0) |
147 | 0 | return 0; |
148 | 0 | } |
149 | | |
150 | 0 | if (BIO_printf(out, "%02x%s", buf[i], |
151 | 0 | (i == buflen - 1) ? "" : ":") <= 0) |
152 | 0 | return 0; |
153 | 0 | } |
154 | 0 | if (BIO_printf(out, "\n") <= 0) |
155 | 0 | return 0; |
156 | | |
157 | 0 | return 1; |
158 | 0 | } |
159 | | #endif |
160 | | |
161 | | #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) |
162 | | static int ffc_params_to_text(BIO *out, const FFC_PARAMS *ffc) |
163 | 0 | { |
164 | 0 | if (ffc->nid != NID_undef) { |
165 | 0 | #ifndef OPENSSL_NO_DH |
166 | 0 | const DH_NAMED_GROUP *group = ossl_ffc_uid_to_dh_named_group(ffc->nid); |
167 | 0 | const char *name = ossl_ffc_named_group_get_name(group); |
168 | |
|
169 | 0 | if (name == NULL) |
170 | 0 | goto err; |
171 | 0 | if (BIO_printf(out, "GROUP: %s\n", name) <= 0) |
172 | 0 | goto err; |
173 | 0 | return 1; |
174 | | #else |
175 | | /* How could this be? We should not have a nid in a no-dh build. */ |
176 | | goto err; |
177 | | #endif |
178 | 0 | } |
179 | | |
180 | 0 | if (!print_labeled_bignum(out, "P: ", ffc->p)) |
181 | 0 | goto err; |
182 | 0 | if (ffc->q != NULL) { |
183 | 0 | if (!print_labeled_bignum(out, "Q: ", ffc->q)) |
184 | 0 | goto err; |
185 | 0 | } |
186 | 0 | if (!print_labeled_bignum(out, "G: ", ffc->g)) |
187 | 0 | goto err; |
188 | 0 | if (ffc->j != NULL) { |
189 | 0 | if (!print_labeled_bignum(out, "J: ", ffc->j)) |
190 | 0 | goto err; |
191 | 0 | } |
192 | 0 | if (ffc->seed != NULL) { |
193 | 0 | if (!print_labeled_buf(out, "SEED:", ffc->seed, ffc->seedlen)) |
194 | 0 | goto err; |
195 | 0 | } |
196 | 0 | if (ffc->gindex != -1) { |
197 | 0 | if (BIO_printf(out, "gindex: %d\n", ffc->gindex) <= 0) |
198 | 0 | goto err; |
199 | 0 | } |
200 | 0 | if (ffc->pcounter != -1) { |
201 | 0 | if (BIO_printf(out, "pcounter: %d\n", ffc->pcounter) <= 0) |
202 | 0 | goto err; |
203 | 0 | } |
204 | 0 | if (ffc->h != 0) { |
205 | 0 | if (BIO_printf(out, "h: %d\n", ffc->h) <= 0) |
206 | 0 | goto err; |
207 | 0 | } |
208 | 0 | return 1; |
209 | 0 | err: |
210 | 0 | return 0; |
211 | 0 | } |
212 | | #endif |
213 | | |
214 | | /* ---------------------------------------------------------------------- */ |
215 | | |
216 | | #ifndef OPENSSL_NO_DH |
217 | | static int dh_to_text(BIO *out, const void *key, int selection) |
218 | 0 | { |
219 | 0 | const DH *dh = key; |
220 | 0 | const char *type_label = NULL; |
221 | 0 | const BIGNUM *priv_key = NULL, *pub_key = NULL; |
222 | 0 | const FFC_PARAMS *params = NULL; |
223 | 0 | const BIGNUM *p = NULL; |
224 | 0 | long length; |
225 | |
|
226 | 0 | if (out == NULL || dh == NULL) { |
227 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); |
228 | 0 | return 0; |
229 | 0 | } |
230 | | |
231 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) |
232 | 0 | type_label = "DH Private-Key"; |
233 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) |
234 | 0 | type_label = "DH Public-Key"; |
235 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) |
236 | 0 | type_label = "DH Parameters"; |
237 | |
|
238 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
239 | 0 | priv_key = DH_get0_priv_key(dh); |
240 | 0 | if (priv_key == NULL) { |
241 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); |
242 | 0 | return 0; |
243 | 0 | } |
244 | 0 | } |
245 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { |
246 | 0 | pub_key = DH_get0_pub_key(dh); |
247 | 0 | if (pub_key == NULL) { |
248 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); |
249 | 0 | return 0; |
250 | 0 | } |
251 | 0 | } |
252 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) { |
253 | 0 | params = ossl_dh_get0_params((DH *)dh); |
254 | 0 | if (params == NULL) { |
255 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_PARAMETERS); |
256 | 0 | return 0; |
257 | 0 | } |
258 | 0 | } |
259 | | |
260 | 0 | p = DH_get0_p(dh); |
261 | 0 | if (p == NULL) { |
262 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY); |
263 | 0 | return 0; |
264 | 0 | } |
265 | | |
266 | 0 | if (BIO_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) <= 0) |
267 | 0 | return 0; |
268 | 0 | if (priv_key != NULL |
269 | 0 | && !print_labeled_bignum(out, "private-key:", priv_key)) |
270 | 0 | return 0; |
271 | 0 | if (pub_key != NULL |
272 | 0 | && !print_labeled_bignum(out, "public-key:", pub_key)) |
273 | 0 | return 0; |
274 | 0 | if (params != NULL |
275 | 0 | && !ffc_params_to_text(out, params)) |
276 | 0 | return 0; |
277 | 0 | length = DH_get_length(dh); |
278 | 0 | if (length > 0 |
279 | 0 | && BIO_printf(out, "recommended-private-length: %ld bits\n", |
280 | 0 | length) <= 0) |
281 | 0 | return 0; |
282 | | |
283 | 0 | return 1; |
284 | 0 | } |
285 | | |
286 | | # define dh_input_type "DH" |
287 | | # define dhx_input_type "DHX" |
288 | | #endif |
289 | | |
290 | | /* ---------------------------------------------------------------------- */ |
291 | | |
292 | | #ifndef OPENSSL_NO_DSA |
293 | | static int dsa_to_text(BIO *out, const void *key, int selection) |
294 | 0 | { |
295 | 0 | const DSA *dsa = key; |
296 | 0 | const char *type_label = NULL; |
297 | 0 | const BIGNUM *priv_key = NULL, *pub_key = NULL; |
298 | 0 | const FFC_PARAMS *params = NULL; |
299 | 0 | const BIGNUM *p = NULL; |
300 | |
|
301 | 0 | if (out == NULL || dsa == NULL) { |
302 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); |
303 | 0 | return 0; |
304 | 0 | } |
305 | | |
306 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) |
307 | 0 | type_label = "Private-Key"; |
308 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) |
309 | 0 | type_label = "Public-Key"; |
310 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) |
311 | 0 | type_label = "DSA-Parameters"; |
312 | |
|
313 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
314 | 0 | priv_key = DSA_get0_priv_key(dsa); |
315 | 0 | if (priv_key == NULL) { |
316 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); |
317 | 0 | return 0; |
318 | 0 | } |
319 | 0 | } |
320 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { |
321 | 0 | pub_key = DSA_get0_pub_key(dsa); |
322 | 0 | if (pub_key == NULL) { |
323 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); |
324 | 0 | return 0; |
325 | 0 | } |
326 | 0 | } |
327 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) { |
328 | 0 | params = ossl_dsa_get0_params((DSA *)dsa); |
329 | 0 | if (params == NULL) { |
330 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_PARAMETERS); |
331 | 0 | return 0; |
332 | 0 | } |
333 | 0 | } |
334 | | |
335 | 0 | p = DSA_get0_p(dsa); |
336 | 0 | if (p == NULL) { |
337 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY); |
338 | 0 | return 0; |
339 | 0 | } |
340 | | |
341 | 0 | if (BIO_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) <= 0) |
342 | 0 | return 0; |
343 | 0 | if (priv_key != NULL |
344 | 0 | && !print_labeled_bignum(out, "priv:", priv_key)) |
345 | 0 | return 0; |
346 | 0 | if (pub_key != NULL |
347 | 0 | && !print_labeled_bignum(out, "pub: ", pub_key)) |
348 | 0 | return 0; |
349 | 0 | if (params != NULL |
350 | 0 | && !ffc_params_to_text(out, params)) |
351 | 0 | return 0; |
352 | | |
353 | 0 | return 1; |
354 | 0 | } |
355 | | |
356 | | # define dsa_input_type "DSA" |
357 | | #endif |
358 | | |
359 | | /* ---------------------------------------------------------------------- */ |
360 | | |
361 | | #ifndef OPENSSL_NO_EC |
362 | | static int ec_param_explicit_curve_to_text(BIO *out, const EC_GROUP *group, |
363 | | BN_CTX *ctx) |
364 | 0 | { |
365 | 0 | const char *plabel = "Prime:"; |
366 | 0 | BIGNUM *p = NULL, *a = NULL, *b = NULL; |
367 | |
|
368 | 0 | p = BN_CTX_get(ctx); |
369 | 0 | a = BN_CTX_get(ctx); |
370 | 0 | b = BN_CTX_get(ctx); |
371 | 0 | if (b == NULL |
372 | 0 | || !EC_GROUP_get_curve(group, p, a, b, ctx)) |
373 | 0 | return 0; |
374 | | |
375 | 0 | if (EC_GROUP_get_field_type(group) == NID_X9_62_characteristic_two_field) { |
376 | 0 | int basis_type = EC_GROUP_get_basis_type(group); |
377 | | |
378 | | /* print the 'short name' of the base type OID */ |
379 | 0 | if (basis_type == NID_undef |
380 | 0 | || BIO_printf(out, "Basis Type: %s\n", OBJ_nid2sn(basis_type)) <= 0) |
381 | 0 | return 0; |
382 | 0 | plabel = "Polynomial:"; |
383 | 0 | } |
384 | 0 | return print_labeled_bignum(out, plabel, p) |
385 | 0 | && print_labeled_bignum(out, "A: ", a) |
386 | 0 | && print_labeled_bignum(out, "B: ", b); |
387 | 0 | } |
388 | | |
389 | | static int ec_param_explicit_gen_to_text(BIO *out, const EC_GROUP *group, |
390 | | BN_CTX *ctx) |
391 | 0 | { |
392 | 0 | int ret; |
393 | 0 | size_t buflen; |
394 | 0 | point_conversion_form_t form; |
395 | 0 | const EC_POINT *point = NULL; |
396 | 0 | const char *glabel = NULL; |
397 | 0 | unsigned char *buf = NULL; |
398 | |
|
399 | 0 | form = EC_GROUP_get_point_conversion_form(group); |
400 | 0 | point = EC_GROUP_get0_generator(group); |
401 | |
|
402 | 0 | if (point == NULL) |
403 | 0 | return 0; |
404 | | |
405 | 0 | switch (form) { |
406 | 0 | case POINT_CONVERSION_COMPRESSED: |
407 | 0 | glabel = "Generator (compressed):"; |
408 | 0 | break; |
409 | 0 | case POINT_CONVERSION_UNCOMPRESSED: |
410 | 0 | glabel = "Generator (uncompressed):"; |
411 | 0 | break; |
412 | 0 | case POINT_CONVERSION_HYBRID: |
413 | 0 | glabel = "Generator (hybrid):"; |
414 | 0 | break; |
415 | 0 | default: |
416 | 0 | return 0; |
417 | 0 | } |
418 | | |
419 | 0 | buflen = EC_POINT_point2buf(group, point, form, &buf, ctx); |
420 | 0 | if (buflen == 0) |
421 | 0 | return 0; |
422 | | |
423 | 0 | ret = print_labeled_buf(out, glabel, buf, buflen); |
424 | 0 | OPENSSL_clear_free(buf, buflen); |
425 | 0 | return ret; |
426 | 0 | } |
427 | | |
428 | | /* Print explicit parameters */ |
429 | | static int ec_param_explicit_to_text(BIO *out, const EC_GROUP *group, |
430 | | OSSL_LIB_CTX *libctx) |
431 | 0 | { |
432 | 0 | int ret = 0, tmp_nid; |
433 | 0 | BN_CTX *ctx = NULL; |
434 | 0 | const BIGNUM *order = NULL, *cofactor = NULL; |
435 | 0 | const unsigned char *seed; |
436 | 0 | size_t seed_len = 0; |
437 | |
|
438 | 0 | ctx = BN_CTX_new_ex(libctx); |
439 | 0 | if (ctx == NULL) |
440 | 0 | return 0; |
441 | 0 | BN_CTX_start(ctx); |
442 | |
|
443 | 0 | tmp_nid = EC_GROUP_get_field_type(group); |
444 | 0 | order = EC_GROUP_get0_order(group); |
445 | 0 | if (order == NULL) |
446 | 0 | goto err; |
447 | | |
448 | 0 | seed = EC_GROUP_get0_seed(group); |
449 | 0 | if (seed != NULL) |
450 | 0 | seed_len = EC_GROUP_get_seed_len(group); |
451 | 0 | cofactor = EC_GROUP_get0_cofactor(group); |
452 | | |
453 | | /* print the 'short name' of the field type */ |
454 | 0 | if (BIO_printf(out, "Field Type: %s\n", OBJ_nid2sn(tmp_nid)) <= 0 |
455 | 0 | || !ec_param_explicit_curve_to_text(out, group, ctx) |
456 | 0 | || !ec_param_explicit_gen_to_text(out, group, ctx) |
457 | 0 | || !print_labeled_bignum(out, "Order: ", order) |
458 | 0 | || (cofactor != NULL |
459 | 0 | && !print_labeled_bignum(out, "Cofactor: ", cofactor)) |
460 | 0 | || (seed != NULL |
461 | 0 | && !print_labeled_buf(out, "Seed:", seed, seed_len))) |
462 | 0 | goto err; |
463 | 0 | ret = 1; |
464 | 0 | err: |
465 | 0 | BN_CTX_end(ctx); |
466 | 0 | BN_CTX_free(ctx); |
467 | 0 | return ret; |
468 | 0 | } |
469 | | |
470 | | static int ec_param_to_text(BIO *out, const EC_GROUP *group, |
471 | | OSSL_LIB_CTX *libctx) |
472 | 0 | { |
473 | 0 | if (EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE) { |
474 | 0 | const char *curve_name; |
475 | 0 | int curve_nid = EC_GROUP_get_curve_name(group); |
476 | | |
477 | | /* Explicit parameters */ |
478 | 0 | if (curve_nid == NID_undef) |
479 | 0 | return 0; |
480 | | |
481 | 0 | if (BIO_printf(out, "%s: %s\n", "ASN1 OID", OBJ_nid2sn(curve_nid)) <= 0) |
482 | 0 | return 0; |
483 | | |
484 | 0 | curve_name = EC_curve_nid2nist(curve_nid); |
485 | 0 | return (curve_name == NULL |
486 | 0 | || BIO_printf(out, "%s: %s\n", "NIST CURVE", curve_name) > 0); |
487 | 0 | } else { |
488 | 0 | return ec_param_explicit_to_text(out, group, libctx); |
489 | 0 | } |
490 | 0 | } |
491 | | |
492 | | static int ec_to_text(BIO *out, const void *key, int selection) |
493 | 0 | { |
494 | 0 | const EC_KEY *ec = key; |
495 | 0 | const char *type_label = NULL; |
496 | 0 | unsigned char *priv = NULL, *pub = NULL; |
497 | 0 | size_t priv_len = 0, pub_len = 0; |
498 | 0 | const EC_GROUP *group; |
499 | 0 | int ret = 0; |
500 | |
|
501 | 0 | if (out == NULL || ec == NULL) { |
502 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); |
503 | 0 | return 0; |
504 | 0 | } |
505 | | |
506 | 0 | if ((group = EC_KEY_get0_group(ec)) == NULL) { |
507 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY); |
508 | 0 | return 0; |
509 | 0 | } |
510 | | |
511 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) |
512 | 0 | type_label = "Private-Key"; |
513 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) |
514 | 0 | type_label = "Public-Key"; |
515 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) |
516 | 0 | if (EC_GROUP_get_curve_name(group) != NID_sm2) |
517 | 0 | type_label = "EC-Parameters"; |
518 | |
|
519 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
520 | 0 | const BIGNUM *priv_key = EC_KEY_get0_private_key(ec); |
521 | |
|
522 | 0 | if (priv_key == NULL) { |
523 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); |
524 | 0 | goto err; |
525 | 0 | } |
526 | 0 | priv_len = EC_KEY_priv2buf(ec, &priv); |
527 | 0 | if (priv_len == 0) |
528 | 0 | goto err; |
529 | 0 | } |
530 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { |
531 | 0 | const EC_POINT *pub_pt = EC_KEY_get0_public_key(ec); |
532 | |
|
533 | 0 | if (pub_pt == NULL) { |
534 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); |
535 | 0 | goto err; |
536 | 0 | } |
537 | | |
538 | 0 | pub_len = EC_KEY_key2buf(ec, EC_KEY_get_conv_form(ec), &pub, NULL); |
539 | 0 | if (pub_len == 0) |
540 | 0 | goto err; |
541 | 0 | } |
542 | | |
543 | 0 | if (type_label != NULL |
544 | 0 | && BIO_printf(out, "%s: (%d bit)\n", type_label, |
545 | 0 | EC_GROUP_order_bits(group)) <= 0) |
546 | 0 | goto err; |
547 | 0 | if (priv != NULL |
548 | 0 | && !print_labeled_buf(out, "priv:", priv, priv_len)) |
549 | 0 | goto err; |
550 | 0 | if (pub != NULL |
551 | 0 | && !print_labeled_buf(out, "pub:", pub, pub_len)) |
552 | 0 | goto err; |
553 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) |
554 | 0 | ret = ec_param_to_text(out, group, ossl_ec_key_get_libctx(ec)); |
555 | 0 | err: |
556 | 0 | OPENSSL_clear_free(priv, priv_len); |
557 | 0 | OPENSSL_free(pub); |
558 | 0 | return ret; |
559 | 0 | } |
560 | | |
561 | | # define ec_input_type "EC" |
562 | | |
563 | | # ifndef OPENSSL_NO_SM2 |
564 | | # define sm2_input_type "SM2" |
565 | | # endif |
566 | | #endif |
567 | | |
568 | | /* ---------------------------------------------------------------------- */ |
569 | | |
570 | | #ifndef OPENSSL_NO_ECX |
571 | | static int ecx_to_text(BIO *out, const void *key, int selection) |
572 | 0 | { |
573 | 0 | const ECX_KEY *ecx = key; |
574 | 0 | const char *type_label = NULL; |
575 | |
|
576 | 0 | if (out == NULL || ecx == NULL) { |
577 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); |
578 | 0 | return 0; |
579 | 0 | } |
580 | | |
581 | 0 | switch (ecx->type) { |
582 | 0 | case ECX_KEY_TYPE_X25519: |
583 | 0 | type_label = "X25519"; |
584 | 0 | break; |
585 | 0 | case ECX_KEY_TYPE_X448: |
586 | 0 | type_label = "X448"; |
587 | 0 | break; |
588 | 0 | case ECX_KEY_TYPE_ED25519: |
589 | 0 | type_label = "ED25519"; |
590 | 0 | break; |
591 | 0 | case ECX_KEY_TYPE_ED448: |
592 | 0 | type_label = "ED448"; |
593 | 0 | break; |
594 | 0 | } |
595 | | |
596 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
597 | 0 | if (ecx->privkey == NULL) { |
598 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); |
599 | 0 | return 0; |
600 | 0 | } |
601 | | |
602 | 0 | if (BIO_printf(out, "%s Private-Key:\n", type_label) <= 0) |
603 | 0 | return 0; |
604 | 0 | if (!print_labeled_buf(out, "priv:", ecx->privkey, ecx->keylen)) |
605 | 0 | return 0; |
606 | 0 | } else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { |
607 | | /* ecx->pubkey is an array, not a pointer... */ |
608 | 0 | if (!ecx->haspubkey) { |
609 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); |
610 | 0 | return 0; |
611 | 0 | } |
612 | | |
613 | 0 | if (BIO_printf(out, "%s Public-Key:\n", type_label) <= 0) |
614 | 0 | return 0; |
615 | 0 | } |
616 | | |
617 | 0 | if (!print_labeled_buf(out, "pub:", ecx->pubkey, ecx->keylen)) |
618 | 0 | return 0; |
619 | | |
620 | 0 | return 1; |
621 | 0 | } |
622 | | |
623 | | # define ed25519_input_type "ED25519" |
624 | | # define ed448_input_type "ED448" |
625 | | # define x25519_input_type "X25519" |
626 | | # define x448_input_type "X448" |
627 | | #endif |
628 | | |
629 | | /* ---------------------------------------------------------------------- */ |
630 | | |
631 | | static int rsa_to_text(BIO *out, const void *key, int selection) |
632 | 0 | { |
633 | 0 | const RSA *rsa = key; |
634 | 0 | const char *type_label = "RSA key"; |
635 | 0 | const char *modulus_label = NULL; |
636 | 0 | const char *exponent_label = NULL; |
637 | 0 | const BIGNUM *rsa_d = NULL, *rsa_n = NULL, *rsa_e = NULL; |
638 | 0 | STACK_OF(BIGNUM_const) *factors = NULL; |
639 | 0 | STACK_OF(BIGNUM_const) *exps = NULL; |
640 | 0 | STACK_OF(BIGNUM_const) *coeffs = NULL; |
641 | 0 | int primes; |
642 | 0 | const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30((RSA *)rsa); |
643 | 0 | int ret = 0; |
644 | |
|
645 | 0 | if (out == NULL || rsa == NULL) { |
646 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); |
647 | 0 | goto err; |
648 | 0 | } |
649 | | |
650 | 0 | factors = sk_BIGNUM_const_new_null(); |
651 | 0 | exps = sk_BIGNUM_const_new_null(); |
652 | 0 | coeffs = sk_BIGNUM_const_new_null(); |
653 | |
|
654 | 0 | if (factors == NULL || exps == NULL || coeffs == NULL) { |
655 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_CRYPTO_LIB); |
656 | 0 | goto err; |
657 | 0 | } |
658 | | |
659 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
660 | 0 | type_label = "Private-Key"; |
661 | 0 | modulus_label = "modulus:"; |
662 | 0 | exponent_label = "publicExponent:"; |
663 | 0 | } else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { |
664 | 0 | type_label = "Public-Key"; |
665 | 0 | modulus_label = "Modulus:"; |
666 | 0 | exponent_label = "Exponent:"; |
667 | 0 | } |
668 | |
|
669 | 0 | RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); |
670 | 0 | ossl_rsa_get0_all_params((RSA *)rsa, factors, exps, coeffs); |
671 | 0 | primes = sk_BIGNUM_const_num(factors); |
672 | |
|
673 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
674 | 0 | if (BIO_printf(out, "%s: (%d bit, %d primes)\n", |
675 | 0 | type_label, BN_num_bits(rsa_n), primes) <= 0) |
676 | 0 | goto err; |
677 | 0 | } else { |
678 | 0 | if (BIO_printf(out, "%s: (%d bit)\n", |
679 | 0 | type_label, BN_num_bits(rsa_n)) <= 0) |
680 | 0 | goto err; |
681 | 0 | } |
682 | | |
683 | 0 | if (!print_labeled_bignum(out, modulus_label, rsa_n)) |
684 | 0 | goto err; |
685 | 0 | if (!print_labeled_bignum(out, exponent_label, rsa_e)) |
686 | 0 | goto err; |
687 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
688 | 0 | int i; |
689 | |
|
690 | 0 | if (!print_labeled_bignum(out, "privateExponent:", rsa_d)) |
691 | 0 | goto err; |
692 | 0 | if (!print_labeled_bignum(out, "prime1:", |
693 | 0 | sk_BIGNUM_const_value(factors, 0))) |
694 | 0 | goto err; |
695 | 0 | if (!print_labeled_bignum(out, "prime2:", |
696 | 0 | sk_BIGNUM_const_value(factors, 1))) |
697 | 0 | goto err; |
698 | 0 | if (!print_labeled_bignum(out, "exponent1:", |
699 | 0 | sk_BIGNUM_const_value(exps, 0))) |
700 | 0 | goto err; |
701 | 0 | if (!print_labeled_bignum(out, "exponent2:", |
702 | 0 | sk_BIGNUM_const_value(exps, 1))) |
703 | 0 | goto err; |
704 | 0 | if (!print_labeled_bignum(out, "coefficient:", |
705 | 0 | sk_BIGNUM_const_value(coeffs, 0))) |
706 | 0 | goto err; |
707 | 0 | for (i = 2; i < sk_BIGNUM_const_num(factors); i++) { |
708 | 0 | if (BIO_printf(out, "prime%d:", i + 1) <= 0) |
709 | 0 | goto err; |
710 | 0 | if (!print_labeled_bignum(out, NULL, |
711 | 0 | sk_BIGNUM_const_value(factors, i))) |
712 | 0 | goto err; |
713 | 0 | if (BIO_printf(out, "exponent%d:", i + 1) <= 0) |
714 | 0 | goto err; |
715 | 0 | if (!print_labeled_bignum(out, NULL, |
716 | 0 | sk_BIGNUM_const_value(exps, i))) |
717 | 0 | goto err; |
718 | 0 | if (BIO_printf(out, "coefficient%d:", i + 1) <= 0) |
719 | 0 | goto err; |
720 | 0 | if (!print_labeled_bignum(out, NULL, |
721 | 0 | sk_BIGNUM_const_value(coeffs, i - 1))) |
722 | 0 | goto err; |
723 | 0 | } |
724 | 0 | } |
725 | | |
726 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) { |
727 | 0 | switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { |
728 | 0 | case RSA_FLAG_TYPE_RSA: |
729 | 0 | if (!ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { |
730 | 0 | if (BIO_printf(out, "(INVALID PSS PARAMETERS)\n") <= 0) |
731 | 0 | goto err; |
732 | 0 | } |
733 | 0 | break; |
734 | 0 | case RSA_FLAG_TYPE_RSASSAPSS: |
735 | 0 | if (ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { |
736 | 0 | if (BIO_printf(out, "No PSS parameter restrictions\n") <= 0) |
737 | 0 | goto err; |
738 | 0 | } else { |
739 | 0 | int hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss_params); |
740 | 0 | int maskgenalg_nid = |
741 | 0 | ossl_rsa_pss_params_30_maskgenalg(pss_params); |
742 | 0 | int maskgenhashalg_nid = |
743 | 0 | ossl_rsa_pss_params_30_maskgenhashalg(pss_params); |
744 | 0 | int saltlen = ossl_rsa_pss_params_30_saltlen(pss_params); |
745 | 0 | int trailerfield = |
746 | 0 | ossl_rsa_pss_params_30_trailerfield(pss_params); |
747 | |
|
748 | 0 | if (BIO_printf(out, "PSS parameter restrictions:\n") <= 0) |
749 | 0 | goto err; |
750 | 0 | if (BIO_printf(out, " Hash Algorithm: %s%s\n", |
751 | 0 | ossl_rsa_oaeppss_nid2name(hashalg_nid), |
752 | 0 | (hashalg_nid == NID_sha1 |
753 | 0 | ? " (default)" : "")) <= 0) |
754 | 0 | goto err; |
755 | 0 | if (BIO_printf(out, " Mask Algorithm: %s with %s%s\n", |
756 | 0 | ossl_rsa_mgf_nid2name(maskgenalg_nid), |
757 | 0 | ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid), |
758 | 0 | (maskgenalg_nid == NID_mgf1 |
759 | 0 | && maskgenhashalg_nid == NID_sha1 |
760 | 0 | ? " (default)" : "")) <= 0) |
761 | 0 | goto err; |
762 | 0 | if (BIO_printf(out, " Minimum Salt Length: %d%s\n", |
763 | 0 | saltlen, |
764 | 0 | (saltlen == 20 ? " (default)" : "")) <= 0) |
765 | 0 | goto err; |
766 | 0 | if (BIO_printf(out, " Trailer Field: 0x%x%s\n", |
767 | 0 | trailerfield, |
768 | 0 | (trailerfield == 1 ? " (default)" : "")) <= 0) |
769 | 0 | goto err; |
770 | 0 | } |
771 | 0 | break; |
772 | 0 | } |
773 | 0 | } |
774 | | |
775 | 0 | ret = 1; |
776 | 0 | err: |
777 | 0 | sk_BIGNUM_const_free(factors); |
778 | 0 | sk_BIGNUM_const_free(exps); |
779 | 0 | sk_BIGNUM_const_free(coeffs); |
780 | 0 | return ret; |
781 | 0 | } |
782 | | |
783 | | #define rsa_input_type "RSA" |
784 | | #define rsapss_input_type "RSA-PSS" |
785 | | |
786 | | /* ---------------------------------------------------------------------- */ |
787 | | |
788 | | static void *key2text_newctx(void *provctx) |
789 | 0 | { |
790 | 0 | return provctx; |
791 | 0 | } |
792 | | |
793 | | static void key2text_freectx(ossl_unused void *vctx) |
794 | 0 | { |
795 | 0 | } |
796 | | |
797 | | static int key2text_encode(void *vctx, const void *key, int selection, |
798 | | OSSL_CORE_BIO *cout, |
799 | | int (*key2text)(BIO *out, const void *key, |
800 | | int selection), |
801 | | OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) |
802 | 0 | { |
803 | 0 | BIO *out = ossl_bio_new_from_core_bio(vctx, cout); |
804 | 0 | int ret; |
805 | |
|
806 | 0 | if (out == NULL) |
807 | 0 | return 0; |
808 | | |
809 | 0 | ret = key2text(out, key, selection); |
810 | 0 | BIO_free(out); |
811 | |
|
812 | 0 | return ret; |
813 | 0 | } |
814 | | |
815 | | #define MAKE_TEXT_ENCODER(impl, type) \ |
816 | | static OSSL_FUNC_encoder_import_object_fn \ |
817 | | impl##2text_import_object; \ |
818 | | static OSSL_FUNC_encoder_free_object_fn \ |
819 | | impl##2text_free_object; \ |
820 | | static OSSL_FUNC_encoder_encode_fn impl##2text_encode; \ |
821 | | \ |
822 | | static void *impl##2text_import_object(void *ctx, int selection, \ |
823 | | const OSSL_PARAM params[]) \ |
824 | 0 | { \ |
825 | 0 | return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \ |
826 | 0 | ctx, selection, params); \ |
827 | 0 | } \ Unexecuted instantiation: encode_key2text.c:dh2text_import_object Unexecuted instantiation: encode_key2text.c:dhx2text_import_object Unexecuted instantiation: encode_key2text.c:dsa2text_import_object Unexecuted instantiation: encode_key2text.c:ec2text_import_object Unexecuted instantiation: encode_key2text.c:sm22text_import_object Unexecuted instantiation: encode_key2text.c:ed255192text_import_object Unexecuted instantiation: encode_key2text.c:ed4482text_import_object Unexecuted instantiation: encode_key2text.c:x255192text_import_object Unexecuted instantiation: encode_key2text.c:x4482text_import_object Unexecuted instantiation: encode_key2text.c:rsa2text_import_object Unexecuted instantiation: encode_key2text.c:rsapss2text_import_object |
828 | | static void impl##2text_free_object(void *key) \ |
829 | 0 | { \ |
830 | 0 | ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \ |
831 | 0 | } \ Unexecuted instantiation: encode_key2text.c:dh2text_free_object Unexecuted instantiation: encode_key2text.c:dhx2text_free_object Unexecuted instantiation: encode_key2text.c:dsa2text_free_object Unexecuted instantiation: encode_key2text.c:ec2text_free_object Unexecuted instantiation: encode_key2text.c:sm22text_free_object Unexecuted instantiation: encode_key2text.c:ed255192text_free_object Unexecuted instantiation: encode_key2text.c:ed4482text_free_object Unexecuted instantiation: encode_key2text.c:x255192text_free_object Unexecuted instantiation: encode_key2text.c:x4482text_free_object Unexecuted instantiation: encode_key2text.c:rsa2text_free_object Unexecuted instantiation: encode_key2text.c:rsapss2text_free_object |
832 | | static int impl##2text_encode(void *vctx, OSSL_CORE_BIO *cout, \ |
833 | | const void *key, \ |
834 | | const OSSL_PARAM key_abstract[], \ |
835 | | int selection, \ |
836 | | OSSL_PASSPHRASE_CALLBACK *cb, \ |
837 | | void *cbarg) \ |
838 | 0 | { \ |
839 | 0 | /* We don't deal with abstract objects */ \ |
840 | 0 | if (key_abstract != NULL) { \ |
841 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ |
842 | 0 | return 0; \ |
843 | 0 | } \ |
844 | 0 | return key2text_encode(vctx, key, selection, cout, \ |
845 | 0 | type##_to_text, cb, cbarg); \ |
846 | 0 | } \ Unexecuted instantiation: encode_key2text.c:dh2text_encode Unexecuted instantiation: encode_key2text.c:dhx2text_encode Unexecuted instantiation: encode_key2text.c:dsa2text_encode Unexecuted instantiation: encode_key2text.c:ec2text_encode Unexecuted instantiation: encode_key2text.c:sm22text_encode Unexecuted instantiation: encode_key2text.c:ed255192text_encode Unexecuted instantiation: encode_key2text.c:ed4482text_encode Unexecuted instantiation: encode_key2text.c:x255192text_encode Unexecuted instantiation: encode_key2text.c:x4482text_encode Unexecuted instantiation: encode_key2text.c:rsa2text_encode Unexecuted instantiation: encode_key2text.c:rsapss2text_encode |
847 | | const OSSL_DISPATCH ossl_##impl##_to_text_encoder_functions[] = { \ |
848 | | { OSSL_FUNC_ENCODER_NEWCTX, \ |
849 | | (void (*)(void))key2text_newctx }, \ |
850 | | { OSSL_FUNC_ENCODER_FREECTX, \ |
851 | | (void (*)(void))key2text_freectx }, \ |
852 | | { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \ |
853 | | (void (*)(void))impl##2text_import_object }, \ |
854 | | { OSSL_FUNC_ENCODER_FREE_OBJECT, \ |
855 | | (void (*)(void))impl##2text_free_object }, \ |
856 | | { OSSL_FUNC_ENCODER_ENCODE, \ |
857 | | (void (*)(void))impl##2text_encode }, \ |
858 | | OSSL_DISPATCH_END \ |
859 | | } |
860 | | |
861 | | #ifndef OPENSSL_NO_DH |
862 | | MAKE_TEXT_ENCODER(dh, dh); |
863 | | MAKE_TEXT_ENCODER(dhx, dh); |
864 | | #endif |
865 | | #ifndef OPENSSL_NO_DSA |
866 | | MAKE_TEXT_ENCODER(dsa, dsa); |
867 | | #endif |
868 | | #ifndef OPENSSL_NO_EC |
869 | | MAKE_TEXT_ENCODER(ec, ec); |
870 | | # ifndef OPENSSL_NO_SM2 |
871 | | MAKE_TEXT_ENCODER(sm2, ec); |
872 | | # endif |
873 | | # ifndef OPENSSL_NO_ECX |
874 | | MAKE_TEXT_ENCODER(ed25519, ecx); |
875 | | MAKE_TEXT_ENCODER(ed448, ecx); |
876 | | MAKE_TEXT_ENCODER(x25519, ecx); |
877 | | MAKE_TEXT_ENCODER(x448, ecx); |
878 | | # endif |
879 | | #endif |
880 | | MAKE_TEXT_ENCODER(rsa, rsa); |
881 | | MAKE_TEXT_ENCODER(rsapss, rsa); |