/src/openssl/providers/implementations/encode_decode/encode_key2text.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* |
11 | | * Low level APIs are deprecated for public use, but still ok for internal use. |
12 | | */ |
13 | | #include "internal/deprecated.h" |
14 | | |
15 | | #include <ctype.h> |
16 | | |
17 | | #include <openssl/core.h> |
18 | | #include <openssl/core_dispatch.h> |
19 | | #include <openssl/core_names.h> |
20 | | #include <openssl/bn.h> |
21 | | #include <openssl/err.h> |
22 | | #include <openssl/safestack.h> |
23 | | #include <openssl/proverr.h> |
24 | | #include "internal/ffc.h" |
25 | | #include "crypto/bn.h" /* bn_get_words() */ |
26 | | #include "crypto/dh.h" /* ossl_dh_get0_params() */ |
27 | | #include "crypto/dsa.h" /* ossl_dsa_get0_params() */ |
28 | | #include "crypto/ec.h" /* ossl_ec_key_get_libctx */ |
29 | | #include "crypto/ecx.h" /* ECX_KEY, etc... */ |
30 | | #include "crypto/rsa.h" /* RSA_PSS_PARAMS_30, etc... */ |
31 | | #include "prov/bio.h" |
32 | | #include "prov/implementations.h" |
33 | | #include "endecoder_local.h" |
34 | | |
35 | | DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) |
36 | | |
37 | | # ifdef SIXTY_FOUR_BIT_LONG |
38 | | # define BN_FMTu "%lu" |
39 | | # define BN_FMTx "%lx" |
40 | | # endif |
41 | | |
42 | | # ifdef SIXTY_FOUR_BIT |
43 | | # define BN_FMTu "%llu" |
44 | | # define BN_FMTx "%llx" |
45 | | # endif |
46 | | |
47 | | # ifdef THIRTY_TWO_BIT |
48 | | # define BN_FMTu "%u" |
49 | | # define BN_FMTx "%x" |
50 | | # endif |
51 | | |
52 | | static int print_labeled_bignum(BIO *out, const char *label, const BIGNUM *bn) |
53 | 0 | { |
54 | 0 | int ret = 0, use_sep = 0; |
55 | 0 | char *hex_str = NULL, *p; |
56 | 0 | const char spaces[] = " "; |
57 | 0 | const char *post_label_spc = " "; |
58 | |
|
59 | 0 | const char *neg = ""; |
60 | 0 | int bytes; |
61 | |
|
62 | 0 | if (bn == NULL) |
63 | 0 | return 0; |
64 | 0 | if (label == NULL) { |
65 | 0 | label = ""; |
66 | 0 | post_label_spc = ""; |
67 | 0 | } |
68 | |
|
69 | 0 | if (BN_is_zero(bn)) |
70 | 0 | return BIO_printf(out, "%s%s0\n", label, post_label_spc); |
71 | | |
72 | 0 | if (BN_num_bytes(bn) <= BN_BYTES) { |
73 | 0 | BN_ULONG *words = bn_get_words(bn); |
74 | |
|
75 | 0 | if (BN_is_negative(bn)) |
76 | 0 | neg = "-"; |
77 | |
|
78 | 0 | return BIO_printf(out, "%s%s%s" BN_FMTu " (%s0x" BN_FMTx ")\n", |
79 | 0 | label, post_label_spc, neg, words[0], neg, words[0]); |
80 | 0 | } |
81 | | |
82 | 0 | hex_str = BN_bn2hex(bn); |
83 | 0 | if (hex_str == NULL) |
84 | 0 | return 0; |
85 | | |
86 | 0 | p = hex_str; |
87 | 0 | if (*p == '-') { |
88 | 0 | ++p; |
89 | 0 | neg = " (Negative)"; |
90 | 0 | } |
91 | 0 | if (BIO_printf(out, "%s%s\n", label, neg) <= 0) |
92 | 0 | goto err; |
93 | | |
94 | | /* Keep track of how many bytes we have printed out so far */ |
95 | 0 | bytes = 0; |
96 | |
|
97 | 0 | if (BIO_printf(out, "%s", spaces) <= 0) |
98 | 0 | goto err; |
99 | | |
100 | | /* Add a leading 00 if the top bit is set */ |
101 | 0 | if (*p >= '8') { |
102 | 0 | if (BIO_printf(out, "%02x", 0) <= 0) |
103 | 0 | goto err; |
104 | 0 | ++bytes; |
105 | 0 | use_sep = 1; |
106 | 0 | } |
107 | 0 | while (*p != '\0') { |
108 | | /* Do a newline after every 15 hex bytes + add the space indent */ |
109 | 0 | if ((bytes % 15) == 0 && bytes > 0) { |
110 | 0 | if (BIO_printf(out, ":\n%s", spaces) <= 0) |
111 | 0 | goto err; |
112 | 0 | use_sep = 0; /* The first byte on the next line doesn't have a : */ |
113 | 0 | } |
114 | 0 | if (BIO_printf(out, "%s%c%c", use_sep ? ":" : "", |
115 | 0 | tolower(p[0]), tolower(p[1])) <= 0) |
116 | 0 | goto err; |
117 | 0 | ++bytes; |
118 | 0 | p += 2; |
119 | 0 | use_sep = 1; |
120 | 0 | } |
121 | 0 | if (BIO_printf(out, "\n") <= 0) |
122 | 0 | goto err; |
123 | 0 | ret = 1; |
124 | 0 | err: |
125 | 0 | OPENSSL_free(hex_str); |
126 | 0 | return ret; |
127 | 0 | } |
128 | | |
129 | | /* Number of octets per line */ |
130 | 0 | #define LABELED_BUF_PRINT_WIDTH 15 |
131 | | |
132 | | #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) |
133 | | static int print_labeled_buf(BIO *out, const char *label, |
134 | | const unsigned char *buf, size_t buflen) |
135 | 0 | { |
136 | 0 | size_t i; |
137 | |
|
138 | 0 | if (BIO_printf(out, "%s\n", label) <= 0) |
139 | 0 | return 0; |
140 | | |
141 | 0 | for (i = 0; i < buflen; i++) { |
142 | 0 | if ((i % LABELED_BUF_PRINT_WIDTH) == 0) { |
143 | 0 | if (i > 0 && BIO_printf(out, "\n") <= 0) |
144 | 0 | return 0; |
145 | 0 | if (BIO_printf(out, " ") <= 0) |
146 | 0 | return 0; |
147 | 0 | } |
148 | | |
149 | 0 | if (BIO_printf(out, "%02x%s", buf[i], |
150 | 0 | (i == buflen - 1) ? "" : ":") <= 0) |
151 | 0 | return 0; |
152 | 0 | } |
153 | 0 | if (BIO_printf(out, "\n") <= 0) |
154 | 0 | return 0; |
155 | | |
156 | 0 | return 1; |
157 | 0 | } |
158 | | #endif |
159 | | |
160 | | #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) |
161 | | static int ffc_params_to_text(BIO *out, const FFC_PARAMS *ffc) |
162 | 0 | { |
163 | 0 | if (ffc->nid != NID_undef) { |
164 | 0 | #ifndef OPENSSL_NO_DH |
165 | 0 | const DH_NAMED_GROUP *group = ossl_ffc_uid_to_dh_named_group(ffc->nid); |
166 | 0 | const char *name = ossl_ffc_named_group_get_name(group); |
167 | |
|
168 | 0 | if (name == NULL) |
169 | 0 | goto err; |
170 | 0 | if (BIO_printf(out, "GROUP: %s\n", name) <= 0) |
171 | 0 | goto err; |
172 | 0 | return 1; |
173 | | #else |
174 | | /* How could this be? We should not have a nid in a no-dh build. */ |
175 | | goto err; |
176 | | #endif |
177 | 0 | } |
178 | | |
179 | 0 | if (!print_labeled_bignum(out, "P: ", ffc->p)) |
180 | 0 | goto err; |
181 | 0 | if (ffc->q != NULL) { |
182 | 0 | if (!print_labeled_bignum(out, "Q: ", ffc->q)) |
183 | 0 | goto err; |
184 | 0 | } |
185 | 0 | if (!print_labeled_bignum(out, "G: ", ffc->g)) |
186 | 0 | goto err; |
187 | 0 | if (ffc->j != NULL) { |
188 | 0 | if (!print_labeled_bignum(out, "J: ", ffc->j)) |
189 | 0 | goto err; |
190 | 0 | } |
191 | 0 | if (ffc->seed != NULL) { |
192 | 0 | if (!print_labeled_buf(out, "SEED:", ffc->seed, ffc->seedlen)) |
193 | 0 | goto err; |
194 | 0 | } |
195 | 0 | if (ffc->gindex != -1) { |
196 | 0 | if (BIO_printf(out, "gindex: %d\n", ffc->gindex) <= 0) |
197 | 0 | goto err; |
198 | 0 | } |
199 | 0 | if (ffc->pcounter != -1) { |
200 | 0 | if (BIO_printf(out, "pcounter: %d\n", ffc->pcounter) <= 0) |
201 | 0 | goto err; |
202 | 0 | } |
203 | 0 | if (ffc->h != 0) { |
204 | 0 | if (BIO_printf(out, "h: %d\n", ffc->h) <= 0) |
205 | 0 | goto err; |
206 | 0 | } |
207 | 0 | return 1; |
208 | 0 | err: |
209 | 0 | return 0; |
210 | 0 | } |
211 | | #endif |
212 | | |
213 | | /* ---------------------------------------------------------------------- */ |
214 | | |
215 | | #ifndef OPENSSL_NO_DH |
216 | | static int dh_to_text(BIO *out, const void *key, int selection) |
217 | 0 | { |
218 | 0 | const DH *dh = key; |
219 | 0 | const char *type_label = NULL; |
220 | 0 | const BIGNUM *priv_key = NULL, *pub_key = NULL; |
221 | 0 | const FFC_PARAMS *params = NULL; |
222 | 0 | const BIGNUM *p = NULL; |
223 | 0 | long length; |
224 | |
|
225 | 0 | if (out == NULL || dh == NULL) { |
226 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); |
227 | 0 | return 0; |
228 | 0 | } |
229 | | |
230 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) |
231 | 0 | type_label = "DH Private-Key"; |
232 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) |
233 | 0 | type_label = "DH Public-Key"; |
234 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) |
235 | 0 | type_label = "DH Parameters"; |
236 | |
|
237 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
238 | 0 | priv_key = DH_get0_priv_key(dh); |
239 | 0 | if (priv_key == NULL) { |
240 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); |
241 | 0 | return 0; |
242 | 0 | } |
243 | 0 | } |
244 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { |
245 | 0 | pub_key = DH_get0_pub_key(dh); |
246 | 0 | if (pub_key == NULL) { |
247 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); |
248 | 0 | return 0; |
249 | 0 | } |
250 | 0 | } |
251 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) { |
252 | 0 | params = ossl_dh_get0_params((DH *)dh); |
253 | 0 | if (params == NULL) { |
254 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_PARAMETERS); |
255 | 0 | return 0; |
256 | 0 | } |
257 | 0 | } |
258 | | |
259 | 0 | p = DH_get0_p(dh); |
260 | 0 | if (p == NULL) { |
261 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY); |
262 | 0 | return 0; |
263 | 0 | } |
264 | | |
265 | 0 | if (BIO_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) <= 0) |
266 | 0 | return 0; |
267 | 0 | if (priv_key != NULL |
268 | 0 | && !print_labeled_bignum(out, "private-key:", priv_key)) |
269 | 0 | return 0; |
270 | 0 | if (pub_key != NULL |
271 | 0 | && !print_labeled_bignum(out, "public-key:", pub_key)) |
272 | 0 | return 0; |
273 | 0 | if (params != NULL |
274 | 0 | && !ffc_params_to_text(out, params)) |
275 | 0 | return 0; |
276 | 0 | length = DH_get_length(dh); |
277 | 0 | if (length > 0 |
278 | 0 | && BIO_printf(out, "recommended-private-length: %ld bits\n", |
279 | 0 | length) <= 0) |
280 | 0 | return 0; |
281 | | |
282 | 0 | return 1; |
283 | 0 | } |
284 | | |
285 | | # define dh_input_type "DH" |
286 | | # define dhx_input_type "DHX" |
287 | | #endif |
288 | | |
289 | | /* ---------------------------------------------------------------------- */ |
290 | | |
291 | | #ifndef OPENSSL_NO_DSA |
292 | | static int dsa_to_text(BIO *out, const void *key, int selection) |
293 | 0 | { |
294 | 0 | const DSA *dsa = key; |
295 | 0 | const char *type_label = NULL; |
296 | 0 | const BIGNUM *priv_key = NULL, *pub_key = NULL; |
297 | 0 | const FFC_PARAMS *params = NULL; |
298 | 0 | const BIGNUM *p = NULL; |
299 | |
|
300 | 0 | if (out == NULL || dsa == NULL) { |
301 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); |
302 | 0 | return 0; |
303 | 0 | } |
304 | | |
305 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) |
306 | 0 | type_label = "Private-Key"; |
307 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) |
308 | 0 | type_label = "Public-Key"; |
309 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) |
310 | 0 | type_label = "DSA-Parameters"; |
311 | |
|
312 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
313 | 0 | priv_key = DSA_get0_priv_key(dsa); |
314 | 0 | if (priv_key == NULL) { |
315 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); |
316 | 0 | return 0; |
317 | 0 | } |
318 | 0 | } |
319 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { |
320 | 0 | pub_key = DSA_get0_pub_key(dsa); |
321 | 0 | if (pub_key == NULL) { |
322 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); |
323 | 0 | return 0; |
324 | 0 | } |
325 | 0 | } |
326 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) { |
327 | 0 | params = ossl_dsa_get0_params((DSA *)dsa); |
328 | 0 | if (params == NULL) { |
329 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_PARAMETERS); |
330 | 0 | return 0; |
331 | 0 | } |
332 | 0 | } |
333 | | |
334 | 0 | p = DSA_get0_p(dsa); |
335 | 0 | if (p == NULL) { |
336 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY); |
337 | 0 | return 0; |
338 | 0 | } |
339 | | |
340 | 0 | if (BIO_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) <= 0) |
341 | 0 | return 0; |
342 | 0 | if (priv_key != NULL |
343 | 0 | && !print_labeled_bignum(out, "priv:", priv_key)) |
344 | 0 | return 0; |
345 | 0 | if (pub_key != NULL |
346 | 0 | && !print_labeled_bignum(out, "pub: ", pub_key)) |
347 | 0 | return 0; |
348 | 0 | if (params != NULL |
349 | 0 | && !ffc_params_to_text(out, params)) |
350 | 0 | return 0; |
351 | | |
352 | 0 | return 1; |
353 | 0 | } |
354 | | |
355 | | # define dsa_input_type "DSA" |
356 | | #endif |
357 | | |
358 | | /* ---------------------------------------------------------------------- */ |
359 | | |
360 | | #ifndef OPENSSL_NO_EC |
361 | | static int ec_param_explicit_curve_to_text(BIO *out, const EC_GROUP *group, |
362 | | BN_CTX *ctx) |
363 | 0 | { |
364 | 0 | const char *plabel = "Prime:"; |
365 | 0 | BIGNUM *p = NULL, *a = NULL, *b = NULL; |
366 | |
|
367 | 0 | p = BN_CTX_get(ctx); |
368 | 0 | a = BN_CTX_get(ctx); |
369 | 0 | b = BN_CTX_get(ctx); |
370 | 0 | if (b == NULL |
371 | 0 | || !EC_GROUP_get_curve(group, p, a, b, ctx)) |
372 | 0 | return 0; |
373 | | |
374 | 0 | if (EC_GROUP_get_field_type(group) == NID_X9_62_characteristic_two_field) { |
375 | 0 | int basis_type = EC_GROUP_get_basis_type(group); |
376 | | |
377 | | /* print the 'short name' of the base type OID */ |
378 | 0 | if (basis_type == NID_undef |
379 | 0 | || BIO_printf(out, "Basis Type: %s\n", OBJ_nid2sn(basis_type)) <= 0) |
380 | 0 | return 0; |
381 | 0 | plabel = "Polynomial:"; |
382 | 0 | } |
383 | 0 | return print_labeled_bignum(out, plabel, p) |
384 | 0 | && print_labeled_bignum(out, "A: ", a) |
385 | 0 | && print_labeled_bignum(out, "B: ", b); |
386 | 0 | } |
387 | | |
388 | | static int ec_param_explicit_gen_to_text(BIO *out, const EC_GROUP *group, |
389 | | BN_CTX *ctx) |
390 | 0 | { |
391 | 0 | int ret; |
392 | 0 | size_t buflen; |
393 | 0 | point_conversion_form_t form; |
394 | 0 | const EC_POINT *point = NULL; |
395 | 0 | const char *glabel = NULL; |
396 | 0 | unsigned char *buf = NULL; |
397 | |
|
398 | 0 | form = EC_GROUP_get_point_conversion_form(group); |
399 | 0 | point = EC_GROUP_get0_generator(group); |
400 | |
|
401 | 0 | if (point == NULL) |
402 | 0 | return 0; |
403 | | |
404 | 0 | switch (form) { |
405 | 0 | case POINT_CONVERSION_COMPRESSED: |
406 | 0 | glabel = "Generator (compressed):"; |
407 | 0 | break; |
408 | 0 | case POINT_CONVERSION_UNCOMPRESSED: |
409 | 0 | glabel = "Generator (uncompressed):"; |
410 | 0 | break; |
411 | 0 | case POINT_CONVERSION_HYBRID: |
412 | 0 | glabel = "Generator (hybrid):"; |
413 | 0 | break; |
414 | 0 | default: |
415 | 0 | return 0; |
416 | 0 | } |
417 | | |
418 | 0 | buflen = EC_POINT_point2buf(group, point, form, &buf, ctx); |
419 | 0 | if (buflen == 0) |
420 | 0 | return 0; |
421 | | |
422 | 0 | ret = print_labeled_buf(out, glabel, buf, buflen); |
423 | 0 | OPENSSL_clear_free(buf, buflen); |
424 | 0 | return ret; |
425 | 0 | } |
426 | | |
427 | | /* Print explicit parameters */ |
428 | | static int ec_param_explicit_to_text(BIO *out, const EC_GROUP *group, |
429 | | OSSL_LIB_CTX *libctx) |
430 | 0 | { |
431 | 0 | int ret = 0, tmp_nid; |
432 | 0 | BN_CTX *ctx = NULL; |
433 | 0 | const BIGNUM *order = NULL, *cofactor = NULL; |
434 | 0 | const unsigned char *seed; |
435 | 0 | size_t seed_len = 0; |
436 | |
|
437 | 0 | ctx = BN_CTX_new_ex(libctx); |
438 | 0 | if (ctx == NULL) |
439 | 0 | return 0; |
440 | 0 | BN_CTX_start(ctx); |
441 | |
|
442 | 0 | tmp_nid = EC_GROUP_get_field_type(group); |
443 | 0 | order = EC_GROUP_get0_order(group); |
444 | 0 | if (order == NULL) |
445 | 0 | goto err; |
446 | | |
447 | 0 | seed = EC_GROUP_get0_seed(group); |
448 | 0 | if (seed != NULL) |
449 | 0 | seed_len = EC_GROUP_get_seed_len(group); |
450 | 0 | cofactor = EC_GROUP_get0_cofactor(group); |
451 | | |
452 | | /* print the 'short name' of the field type */ |
453 | 0 | if (BIO_printf(out, "Field Type: %s\n", OBJ_nid2sn(tmp_nid)) <= 0 |
454 | 0 | || !ec_param_explicit_curve_to_text(out, group, ctx) |
455 | 0 | || !ec_param_explicit_gen_to_text(out, group, ctx) |
456 | 0 | || !print_labeled_bignum(out, "Order: ", order) |
457 | 0 | || (cofactor != NULL |
458 | 0 | && !print_labeled_bignum(out, "Cofactor: ", cofactor)) |
459 | 0 | || (seed != NULL |
460 | 0 | && !print_labeled_buf(out, "Seed:", seed, seed_len))) |
461 | 0 | goto err; |
462 | 0 | ret = 1; |
463 | 0 | err: |
464 | 0 | BN_CTX_end(ctx); |
465 | 0 | BN_CTX_free(ctx); |
466 | 0 | return ret; |
467 | 0 | } |
468 | | |
469 | | static int ec_param_to_text(BIO *out, const EC_GROUP *group, |
470 | | OSSL_LIB_CTX *libctx) |
471 | 0 | { |
472 | 0 | if (EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE) { |
473 | 0 | const char *curve_name; |
474 | 0 | int curve_nid = EC_GROUP_get_curve_name(group); |
475 | | |
476 | | /* Explicit parameters */ |
477 | 0 | if (curve_nid == NID_undef) |
478 | 0 | return 0; |
479 | | |
480 | 0 | if (BIO_printf(out, "%s: %s\n", "ASN1 OID", OBJ_nid2sn(curve_nid)) <= 0) |
481 | 0 | return 0; |
482 | | |
483 | 0 | curve_name = EC_curve_nid2nist(curve_nid); |
484 | 0 | return (curve_name == NULL |
485 | 0 | || BIO_printf(out, "%s: %s\n", "NIST CURVE", curve_name) > 0); |
486 | 0 | } else { |
487 | 0 | return ec_param_explicit_to_text(out, group, libctx); |
488 | 0 | } |
489 | 0 | } |
490 | | |
491 | | static int ec_to_text(BIO *out, const void *key, int selection) |
492 | 0 | { |
493 | 0 | const EC_KEY *ec = key; |
494 | 0 | const char *type_label = NULL; |
495 | 0 | unsigned char *priv = NULL, *pub = NULL; |
496 | 0 | size_t priv_len = 0, pub_len = 0; |
497 | 0 | const EC_GROUP *group; |
498 | 0 | int ret = 0; |
499 | |
|
500 | 0 | if (out == NULL || ec == NULL) { |
501 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); |
502 | 0 | return 0; |
503 | 0 | } |
504 | | |
505 | 0 | if ((group = EC_KEY_get0_group(ec)) == NULL) { |
506 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY); |
507 | 0 | return 0; |
508 | 0 | } |
509 | | |
510 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) |
511 | 0 | type_label = "Private-Key"; |
512 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) |
513 | 0 | type_label = "Public-Key"; |
514 | 0 | else if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) |
515 | 0 | if (EC_GROUP_get_curve_name(group) != NID_sm2) |
516 | 0 | type_label = "EC-Parameters"; |
517 | |
|
518 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
519 | 0 | const BIGNUM *priv_key = EC_KEY_get0_private_key(ec); |
520 | |
|
521 | 0 | if (priv_key == NULL) { |
522 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); |
523 | 0 | goto err; |
524 | 0 | } |
525 | 0 | priv_len = EC_KEY_priv2buf(ec, &priv); |
526 | 0 | if (priv_len == 0) |
527 | 0 | goto err; |
528 | 0 | } |
529 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { |
530 | 0 | const EC_POINT *pub_pt = EC_KEY_get0_public_key(ec); |
531 | |
|
532 | 0 | if (pub_pt == NULL) { |
533 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); |
534 | 0 | goto err; |
535 | 0 | } |
536 | | |
537 | 0 | pub_len = EC_KEY_key2buf(ec, EC_KEY_get_conv_form(ec), &pub, NULL); |
538 | 0 | if (pub_len == 0) |
539 | 0 | goto err; |
540 | 0 | } |
541 | | |
542 | 0 | if (type_label != NULL |
543 | 0 | && BIO_printf(out, "%s: (%d bit)\n", type_label, |
544 | 0 | EC_GROUP_order_bits(group)) <= 0) |
545 | 0 | goto err; |
546 | 0 | if (priv != NULL |
547 | 0 | && !print_labeled_buf(out, "priv:", priv, priv_len)) |
548 | 0 | goto err; |
549 | 0 | if (pub != NULL |
550 | 0 | && !print_labeled_buf(out, "pub:", pub, pub_len)) |
551 | 0 | goto err; |
552 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) |
553 | 0 | ret = ec_param_to_text(out, group, ossl_ec_key_get_libctx(ec)); |
554 | 0 | err: |
555 | 0 | OPENSSL_clear_free(priv, priv_len); |
556 | 0 | OPENSSL_free(pub); |
557 | 0 | return ret; |
558 | 0 | } |
559 | | |
560 | | # define ec_input_type "EC" |
561 | | |
562 | | # ifndef OPENSSL_NO_SM2 |
563 | | # define sm2_input_type "SM2" |
564 | | # endif |
565 | | #endif |
566 | | |
567 | | /* ---------------------------------------------------------------------- */ |
568 | | |
569 | | #ifndef OPENSSL_NO_ECX |
570 | | static int ecx_to_text(BIO *out, const void *key, int selection) |
571 | 0 | { |
572 | 0 | const ECX_KEY *ecx = key; |
573 | 0 | const char *type_label = NULL; |
574 | |
|
575 | 0 | if (out == NULL || ecx == NULL) { |
576 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); |
577 | 0 | return 0; |
578 | 0 | } |
579 | | |
580 | 0 | switch (ecx->type) { |
581 | 0 | case ECX_KEY_TYPE_X25519: |
582 | 0 | type_label = "X25519"; |
583 | 0 | break; |
584 | 0 | case ECX_KEY_TYPE_X448: |
585 | 0 | type_label = "X448"; |
586 | 0 | break; |
587 | 0 | case ECX_KEY_TYPE_ED25519: |
588 | 0 | type_label = "ED25519"; |
589 | 0 | break; |
590 | 0 | case ECX_KEY_TYPE_ED448: |
591 | 0 | type_label = "ED448"; |
592 | 0 | break; |
593 | 0 | } |
594 | | |
595 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
596 | 0 | if (ecx->privkey == NULL) { |
597 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PRIVATE_KEY); |
598 | 0 | return 0; |
599 | 0 | } |
600 | | |
601 | 0 | if (BIO_printf(out, "%s Private-Key:\n", type_label) <= 0) |
602 | 0 | return 0; |
603 | 0 | if (!print_labeled_buf(out, "priv:", ecx->privkey, ecx->keylen)) |
604 | 0 | return 0; |
605 | 0 | } else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { |
606 | | /* ecx->pubkey is an array, not a pointer... */ |
607 | 0 | if (!ecx->haspubkey) { |
608 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); |
609 | 0 | return 0; |
610 | 0 | } |
611 | | |
612 | 0 | if (BIO_printf(out, "%s Public-Key:\n", type_label) <= 0) |
613 | 0 | return 0; |
614 | 0 | } |
615 | | |
616 | 0 | if (!print_labeled_buf(out, "pub:", ecx->pubkey, ecx->keylen)) |
617 | 0 | return 0; |
618 | | |
619 | 0 | return 1; |
620 | 0 | } |
621 | | |
622 | | # define ed25519_input_type "ED25519" |
623 | | # define ed448_input_type "ED448" |
624 | | # define x25519_input_type "X25519" |
625 | | # define x448_input_type "X448" |
626 | | #endif |
627 | | |
628 | | /* ---------------------------------------------------------------------- */ |
629 | | |
630 | | static int rsa_to_text(BIO *out, const void *key, int selection) |
631 | 0 | { |
632 | 0 | const RSA *rsa = key; |
633 | 0 | const char *type_label = "RSA key"; |
634 | 0 | const char *modulus_label = NULL; |
635 | 0 | const char *exponent_label = NULL; |
636 | 0 | const BIGNUM *rsa_d = NULL, *rsa_n = NULL, *rsa_e = NULL; |
637 | 0 | STACK_OF(BIGNUM_const) *factors = NULL; |
638 | 0 | STACK_OF(BIGNUM_const) *exps = NULL; |
639 | 0 | STACK_OF(BIGNUM_const) *coeffs = NULL; |
640 | 0 | int primes; |
641 | 0 | const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30((RSA *)rsa); |
642 | 0 | int ret = 0; |
643 | |
|
644 | 0 | if (out == NULL || rsa == NULL) { |
645 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); |
646 | 0 | goto err; |
647 | 0 | } |
648 | | |
649 | 0 | factors = sk_BIGNUM_const_new_null(); |
650 | 0 | exps = sk_BIGNUM_const_new_null(); |
651 | 0 | coeffs = sk_BIGNUM_const_new_null(); |
652 | |
|
653 | 0 | if (factors == NULL || exps == NULL || coeffs == NULL) { |
654 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_CRYPTO_LIB); |
655 | 0 | goto err; |
656 | 0 | } |
657 | | |
658 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
659 | 0 | type_label = "Private-Key"; |
660 | 0 | modulus_label = "modulus:"; |
661 | 0 | exponent_label = "publicExponent:"; |
662 | 0 | } else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { |
663 | 0 | type_label = "Public-Key"; |
664 | 0 | modulus_label = "Modulus:"; |
665 | 0 | exponent_label = "Exponent:"; |
666 | 0 | } |
667 | |
|
668 | 0 | RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); |
669 | 0 | ossl_rsa_get0_all_params((RSA *)rsa, factors, exps, coeffs); |
670 | 0 | primes = sk_BIGNUM_const_num(factors); |
671 | |
|
672 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
673 | 0 | if (BIO_printf(out, "%s: (%d bit, %d primes)\n", |
674 | 0 | type_label, BN_num_bits(rsa_n), primes) <= 0) |
675 | 0 | goto err; |
676 | 0 | } else { |
677 | 0 | if (BIO_printf(out, "%s: (%d bit)\n", |
678 | 0 | type_label, BN_num_bits(rsa_n)) <= 0) |
679 | 0 | goto err; |
680 | 0 | } |
681 | | |
682 | 0 | if (!print_labeled_bignum(out, modulus_label, rsa_n)) |
683 | 0 | goto err; |
684 | 0 | if (!print_labeled_bignum(out, exponent_label, rsa_e)) |
685 | 0 | goto err; |
686 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
687 | 0 | int i; |
688 | |
|
689 | 0 | if (!print_labeled_bignum(out, "privateExponent:", rsa_d)) |
690 | 0 | goto err; |
691 | 0 | if (!print_labeled_bignum(out, "prime1:", |
692 | 0 | sk_BIGNUM_const_value(factors, 0))) |
693 | 0 | goto err; |
694 | 0 | if (!print_labeled_bignum(out, "prime2:", |
695 | 0 | sk_BIGNUM_const_value(factors, 1))) |
696 | 0 | goto err; |
697 | 0 | if (!print_labeled_bignum(out, "exponent1:", |
698 | 0 | sk_BIGNUM_const_value(exps, 0))) |
699 | 0 | goto err; |
700 | 0 | if (!print_labeled_bignum(out, "exponent2:", |
701 | 0 | sk_BIGNUM_const_value(exps, 1))) |
702 | 0 | goto err; |
703 | 0 | if (!print_labeled_bignum(out, "coefficient:", |
704 | 0 | sk_BIGNUM_const_value(coeffs, 0))) |
705 | 0 | goto err; |
706 | 0 | for (i = 2; i < sk_BIGNUM_const_num(factors); i++) { |
707 | 0 | if (BIO_printf(out, "prime%d:", i + 1) <= 0) |
708 | 0 | goto err; |
709 | 0 | if (!print_labeled_bignum(out, NULL, |
710 | 0 | sk_BIGNUM_const_value(factors, i))) |
711 | 0 | goto err; |
712 | 0 | if (BIO_printf(out, "exponent%d:", i + 1) <= 0) |
713 | 0 | goto err; |
714 | 0 | if (!print_labeled_bignum(out, NULL, |
715 | 0 | sk_BIGNUM_const_value(exps, i))) |
716 | 0 | goto err; |
717 | 0 | if (BIO_printf(out, "coefficient%d:", i + 1) <= 0) |
718 | 0 | goto err; |
719 | 0 | if (!print_labeled_bignum(out, NULL, |
720 | 0 | sk_BIGNUM_const_value(coeffs, i - 1))) |
721 | 0 | goto err; |
722 | 0 | } |
723 | 0 | } |
724 | | |
725 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) { |
726 | 0 | switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { |
727 | 0 | case RSA_FLAG_TYPE_RSA: |
728 | 0 | if (!ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { |
729 | 0 | if (BIO_printf(out, "(INVALID PSS PARAMETERS)\n") <= 0) |
730 | 0 | goto err; |
731 | 0 | } |
732 | 0 | break; |
733 | 0 | case RSA_FLAG_TYPE_RSASSAPSS: |
734 | 0 | if (ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { |
735 | 0 | if (BIO_printf(out, "No PSS parameter restrictions\n") <= 0) |
736 | 0 | goto err; |
737 | 0 | } else { |
738 | 0 | int hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss_params); |
739 | 0 | int maskgenalg_nid = |
740 | 0 | ossl_rsa_pss_params_30_maskgenalg(pss_params); |
741 | 0 | int maskgenhashalg_nid = |
742 | 0 | ossl_rsa_pss_params_30_maskgenhashalg(pss_params); |
743 | 0 | int saltlen = ossl_rsa_pss_params_30_saltlen(pss_params); |
744 | 0 | int trailerfield = |
745 | 0 | ossl_rsa_pss_params_30_trailerfield(pss_params); |
746 | |
|
747 | 0 | if (BIO_printf(out, "PSS parameter restrictions:\n") <= 0) |
748 | 0 | goto err; |
749 | 0 | if (BIO_printf(out, " Hash Algorithm: %s%s\n", |
750 | 0 | ossl_rsa_oaeppss_nid2name(hashalg_nid), |
751 | 0 | (hashalg_nid == NID_sha1 |
752 | 0 | ? " (default)" : "")) <= 0) |
753 | 0 | goto err; |
754 | 0 | if (BIO_printf(out, " Mask Algorithm: %s with %s%s\n", |
755 | 0 | ossl_rsa_mgf_nid2name(maskgenalg_nid), |
756 | 0 | ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid), |
757 | 0 | (maskgenalg_nid == NID_mgf1 |
758 | 0 | && maskgenhashalg_nid == NID_sha1 |
759 | 0 | ? " (default)" : "")) <= 0) |
760 | 0 | goto err; |
761 | 0 | if (BIO_printf(out, " Minimum Salt Length: %d%s\n", |
762 | 0 | saltlen, |
763 | 0 | (saltlen == 20 ? " (default)" : "")) <= 0) |
764 | 0 | goto err; |
765 | 0 | if (BIO_printf(out, " Trailer Field: 0x%x%s\n", |
766 | 0 | trailerfield, |
767 | 0 | (trailerfield == 1 ? " (default)" : "")) <= 0) |
768 | 0 | goto err; |
769 | 0 | } |
770 | 0 | break; |
771 | 0 | } |
772 | 0 | } |
773 | | |
774 | 0 | ret = 1; |
775 | 0 | err: |
776 | 0 | sk_BIGNUM_const_free(factors); |
777 | 0 | sk_BIGNUM_const_free(exps); |
778 | 0 | sk_BIGNUM_const_free(coeffs); |
779 | 0 | return ret; |
780 | 0 | } |
781 | | |
782 | | #define rsa_input_type "RSA" |
783 | | #define rsapss_input_type "RSA-PSS" |
784 | | |
785 | | /* ---------------------------------------------------------------------- */ |
786 | | |
787 | | static void *key2text_newctx(void *provctx) |
788 | 0 | { |
789 | 0 | return provctx; |
790 | 0 | } |
791 | | |
792 | | static void key2text_freectx(ossl_unused void *vctx) |
793 | 0 | { |
794 | 0 | } |
795 | | |
796 | | static int key2text_encode(void *vctx, const void *key, int selection, |
797 | | OSSL_CORE_BIO *cout, |
798 | | int (*key2text)(BIO *out, const void *key, |
799 | | int selection), |
800 | | OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) |
801 | 0 | { |
802 | 0 | BIO *out = ossl_bio_new_from_core_bio(vctx, cout); |
803 | 0 | int ret; |
804 | |
|
805 | 0 | if (out == NULL) |
806 | 0 | return 0; |
807 | | |
808 | 0 | ret = key2text(out, key, selection); |
809 | 0 | BIO_free(out); |
810 | |
|
811 | 0 | return ret; |
812 | 0 | } |
813 | | |
814 | | #define MAKE_TEXT_ENCODER(impl, type) \ |
815 | | static OSSL_FUNC_encoder_import_object_fn \ |
816 | | impl##2text_import_object; \ |
817 | | static OSSL_FUNC_encoder_free_object_fn \ |
818 | | impl##2text_free_object; \ |
819 | | static OSSL_FUNC_encoder_encode_fn impl##2text_encode; \ |
820 | | \ |
821 | | static void *impl##2text_import_object(void *ctx, int selection, \ |
822 | | const OSSL_PARAM params[]) \ |
823 | 0 | { \ |
824 | 0 | return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \ |
825 | 0 | ctx, selection, params); \ |
826 | 0 | } \ Unexecuted instantiation: encode_key2text.c:dh2text_import_object Unexecuted instantiation: encode_key2text.c:dhx2text_import_object Unexecuted instantiation: encode_key2text.c:dsa2text_import_object Unexecuted instantiation: encode_key2text.c:ec2text_import_object Unexecuted instantiation: encode_key2text.c:sm22text_import_object Unexecuted instantiation: encode_key2text.c:ed255192text_import_object Unexecuted instantiation: encode_key2text.c:ed4482text_import_object Unexecuted instantiation: encode_key2text.c:x255192text_import_object Unexecuted instantiation: encode_key2text.c:x4482text_import_object Unexecuted instantiation: encode_key2text.c:rsa2text_import_object Unexecuted instantiation: encode_key2text.c:rsapss2text_import_object |
827 | | static void impl##2text_free_object(void *key) \ |
828 | 0 | { \ |
829 | 0 | ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \ |
830 | 0 | } \ Unexecuted instantiation: encode_key2text.c:dh2text_free_object Unexecuted instantiation: encode_key2text.c:dhx2text_free_object Unexecuted instantiation: encode_key2text.c:dsa2text_free_object Unexecuted instantiation: encode_key2text.c:ec2text_free_object Unexecuted instantiation: encode_key2text.c:sm22text_free_object Unexecuted instantiation: encode_key2text.c:ed255192text_free_object Unexecuted instantiation: encode_key2text.c:ed4482text_free_object Unexecuted instantiation: encode_key2text.c:x255192text_free_object Unexecuted instantiation: encode_key2text.c:x4482text_free_object Unexecuted instantiation: encode_key2text.c:rsa2text_free_object Unexecuted instantiation: encode_key2text.c:rsapss2text_free_object |
831 | | static int impl##2text_encode(void *vctx, OSSL_CORE_BIO *cout, \ |
832 | | const void *key, \ |
833 | | const OSSL_PARAM key_abstract[], \ |
834 | | int selection, \ |
835 | | OSSL_PASSPHRASE_CALLBACK *cb, \ |
836 | | void *cbarg) \ |
837 | 0 | { \ |
838 | 0 | /* We don't deal with abstract objects */ \ |
839 | 0 | if (key_abstract != NULL) { \ |
840 | 0 | ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ |
841 | 0 | return 0; \ |
842 | 0 | } \ |
843 | 0 | return key2text_encode(vctx, key, selection, cout, \ |
844 | 0 | type##_to_text, cb, cbarg); \ |
845 | 0 | } \ Unexecuted instantiation: encode_key2text.c:dh2text_encode Unexecuted instantiation: encode_key2text.c:dhx2text_encode Unexecuted instantiation: encode_key2text.c:dsa2text_encode Unexecuted instantiation: encode_key2text.c:ec2text_encode Unexecuted instantiation: encode_key2text.c:sm22text_encode Unexecuted instantiation: encode_key2text.c:ed255192text_encode Unexecuted instantiation: encode_key2text.c:ed4482text_encode Unexecuted instantiation: encode_key2text.c:x255192text_encode Unexecuted instantiation: encode_key2text.c:x4482text_encode Unexecuted instantiation: encode_key2text.c:rsa2text_encode Unexecuted instantiation: encode_key2text.c:rsapss2text_encode |
846 | | const OSSL_DISPATCH ossl_##impl##_to_text_encoder_functions[] = { \ |
847 | | { OSSL_FUNC_ENCODER_NEWCTX, \ |
848 | | (void (*)(void))key2text_newctx }, \ |
849 | | { OSSL_FUNC_ENCODER_FREECTX, \ |
850 | | (void (*)(void))key2text_freectx }, \ |
851 | | { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \ |
852 | | (void (*)(void))impl##2text_import_object }, \ |
853 | | { OSSL_FUNC_ENCODER_FREE_OBJECT, \ |
854 | | (void (*)(void))impl##2text_free_object }, \ |
855 | | { OSSL_FUNC_ENCODER_ENCODE, \ |
856 | | (void (*)(void))impl##2text_encode }, \ |
857 | | OSSL_DISPATCH_END \ |
858 | | } |
859 | | |
860 | | #ifndef OPENSSL_NO_DH |
861 | | MAKE_TEXT_ENCODER(dh, dh); |
862 | | MAKE_TEXT_ENCODER(dhx, dh); |
863 | | #endif |
864 | | #ifndef OPENSSL_NO_DSA |
865 | | MAKE_TEXT_ENCODER(dsa, dsa); |
866 | | #endif |
867 | | #ifndef OPENSSL_NO_EC |
868 | | MAKE_TEXT_ENCODER(ec, ec); |
869 | | # ifndef OPENSSL_NO_SM2 |
870 | | MAKE_TEXT_ENCODER(sm2, ec); |
871 | | # endif |
872 | | # ifndef OPENSSL_NO_ECX |
873 | | MAKE_TEXT_ENCODER(ed25519, ecx); |
874 | | MAKE_TEXT_ENCODER(ed448, ecx); |
875 | | MAKE_TEXT_ENCODER(x25519, ecx); |
876 | | MAKE_TEXT_ENCODER(x448, ecx); |
877 | | # endif |
878 | | #endif |
879 | | MAKE_TEXT_ENCODER(rsa, rsa); |
880 | | MAKE_TEXT_ENCODER(rsapss, rsa); |