1 /*
2 * Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * Some ctrls depend on deprecated functionality. We trust that this is
12 * functionality that remains internally even when 'no-deprecated' is
13 * configured. When we drop #legacy EVP_PKEYs, this source should be
14 * possible to drop as well.
15 */
16 #include "internal/deprecated.h"
17
18 #include <string.h>
19
20 /* The following includes get us all the EVP_PKEY_CTRL macros */
21 #include <openssl/dh.h>
22 #include <openssl/dsa.h>
23 #include <openssl/ec.h>
24 #include <openssl/rsa.h>
25 #include <openssl/kdf.h>
26
27 /* This include gets us all the OSSL_PARAM key string macros */
28 #include <openssl/core_names.h>
29
30 #include <openssl/err.h>
31 #include <openssl/evperr.h>
32 #include <openssl/params.h>
33 #include "internal/nelem.h"
34 #include "internal/cryptlib.h"
35 #include "internal/ffc.h"
36 #include "crypto/evp.h"
37 #include "crypto/dh.h"
38 #include "crypto/ec.h"
39
40 struct translation_ctx_st; /* Forwarding */
41 struct translation_st; /* Forwarding */
42
43 /*
44 * The fixup_args functions are called with the following parameters:
45 *
46 * |state| The state we're called in, explained further at the
47 * end of this comment.
48 * |translation| The translation item, to be pilfered for data as
49 * necessary.
50 * |ctx| The translation context, which contains copies of
51 * the following arguments, applicable according to
52 * the caller. All of the attributes in this context
53 * may be freely modified by the fixup_args function.
54 * For cleanup, call cleanup_translation_ctx().
55 *
56 * The |state| tells the fixup_args function something about the caller and
57 * what they may expect:
58 *
59 * PKEY The fixup_args function has been called
60 * from an EVP_PKEY payload getter / setter,
61 * and is fully responsible for getting or
62 * setting the requested data. With this
63 * state, the fixup_args function is expected
64 * to use or modify |*params|, depending on
65 * |action_type|.
66 *
67 * PRE_CTRL_TO_PARAMS The fixup_args function has been called
68 * POST_CTRL_TO_PARAMS from EVP_PKEY_CTX_ctrl(), to help with
69 * translating the ctrl data to an OSSL_PARAM
70 * element or back. The calling sequence is
71 * as follows:
72 *
73 * 1. fixup_args(PRE_CTRL_TO_PARAMS, ...)
74 * 2. EVP_PKEY_CTX_set_params() or
75 * EVP_PKEY_CTX_get_params()
76 * 3. fixup_args(POST_CTRL_TO_PARAMS, ...)
77 *
78 * With the PRE_CTRL_TO_PARAMS state, the
79 * fixup_args function is expected to modify
80 * the passed |*params| in whatever way
81 * necessary, when |action_type == OSSL_ACTION_SET|.
82 * With the POST_CTRL_TO_PARAMS state, the
83 * fixup_args function is expected to modify
84 * the passed |p2| in whatever way necessary,
85 * when |action_type == OSSL_ACTION_GET|.
86 *
87 * The return value from the fixup_args call
88 * with the POST_CTRL_TO_PARAMS state becomes
89 * the return value back to EVP_PKEY_CTX_ctrl().
90 *
91 * CLEANUP_CTRL_TO_PARAMS The cleanup_args functions has been called
92 * from EVP_PKEY_CTX_ctrl(), to clean up what
93 * the fixup_args function has done, if needed.
94 *
95 *
96 * PRE_CTRL_STR_TO_PARAMS The fixup_args function has been called
97 * POST_CTRL_STR_TO_PARAMS from EVP_PKEY_CTX_ctrl_str(), to help with
98 * translating the ctrl_str data to an
99 * OSSL_PARAM element or back. The calling
100 * sequence is as follows:
101 *
102 * 1. fixup_args(PRE_CTRL_STR_TO_PARAMS, ...)
103 * 2. EVP_PKEY_CTX_set_params() or
104 * EVP_PKEY_CTX_get_params()
105 * 3. fixup_args(POST_CTRL_STR_TO_PARAMS, ...)
106 *
107 * With the PRE_CTRL_STR_TO_PARAMS state,
108 * the fixup_args function is expected to
109 * modify the passed |*params| in whatever
110 * way necessary, when |action_type == OSSL_ACTION_SET|.
111 * With the POST_CTRL_STR_TO_PARAMS state,
112 * the fixup_args function is only expected
113 * to return a value.
114 *
115 * CLEANUP_CTRL_STR_TO_PARAMS The cleanup_args functions has been called
116 * from EVP_PKEY_CTX_ctrl_str(), to clean up
117 * what the fixup_args function has done, if
118 * needed.
119 *
120 * PRE_PARAMS_TO_CTRL The fixup_args function has been called
121 * POST_PARAMS_TO_CTRL from EVP_PKEY_CTX_get_params() or
122 * EVP_PKEY_CTX_set_params(), to help with
123 * translating the OSSL_PARAM data to the
124 * corresponding EVP_PKEY_CTX_ctrl() arguments
125 * or the other way around. The calling
126 * sequence is as follows:
127 *
128 * 1. fixup_args(PRE_PARAMS_TO_CTRL, ...)
129 * 2. EVP_PKEY_CTX_ctrl()
130 * 3. fixup_args(POST_PARAMS_TO_CTRL, ...)
131 *
132 * With the PRE_PARAMS_TO_CTRL state, the
133 * fixup_args function is expected to modify
134 * the passed |p1| and |p2| in whatever way
135 * necessary, when |action_type == OSSL_ACTION_SET|.
136 * With the POST_PARAMS_TO_CTRL state, the
137 * fixup_args function is expected to
138 * modify the passed |*params| in whatever
139 * way necessary, when |action_type == OSSL_ACTION_GET|.
140 *
141 * CLEANUP_PARAMS_TO_CTRL The cleanup_args functions has been called
142 * from EVP_PKEY_CTX_get_params() or
143 * EVP_PKEY_CTX_set_params(), to clean up what
144 * the fixup_args function has done, if needed.
145 */
146 enum state {
147 PKEY,
148 PRE_CTRL_TO_PARAMS, POST_CTRL_TO_PARAMS, CLEANUP_CTRL_TO_PARAMS,
149 PRE_CTRL_STR_TO_PARAMS, POST_CTRL_STR_TO_PARAMS, CLEANUP_CTRL_STR_TO_PARAMS,
150 PRE_PARAMS_TO_CTRL, POST_PARAMS_TO_CTRL, CLEANUP_PARAMS_TO_CTRL
151 };
152 enum action {
153 OSSL_ACTION_NONE = 0, OSSL_ACTION_GET = 1, OSSL_ACTION_SET = 2
154 };
155 typedef int fixup_args_fn(enum state state,
156 const struct translation_st *translation,
157 struct translation_ctx_st *ctx);
158 typedef int cleanup_args_fn(enum state state,
159 const struct translation_st *translation,
160 struct translation_ctx_st *ctx);
161
162 struct translation_ctx_st {
163 /*
164 * The EVP_PKEY_CTX, for calls on that structure, to be pilfered for data
165 * as necessary.
166 */
167 EVP_PKEY_CTX *pctx;
168 /*
169 * The action type (OSSL_ACTION_GET or OSSL_ACTION_SET). This may be 0 in some cases, and should
170 * be modified by the fixup_args function in the PRE states. It should
171 * otherwise remain untouched once set.
172 */
173 enum action action_type;
174 /*
175 * For ctrl to params translation, the actual ctrl command number used.
176 * For params to ctrl translation, 0.
177 */
178 int ctrl_cmd;
179 /*
180 * For ctrl_str to params translation, the actual ctrl command string
181 * used. In this case, the (string) value is always passed as |p2|.
182 * For params to ctrl translation, this is NULL. Along with it is also
183 * and indicator whether it matched |ctrl_str| or |ctrl_hexstr| in the
184 * translation item.
185 */
186 const char *ctrl_str;
187 int ishex;
188 /* the ctrl-style int argument. */
189 int p1;
190 /* the ctrl-style void* argument. */
191 void *p2;
192 /* a size, for passing back the |p2| size where applicable */
193 size_t sz;
194 /* pointer to the OSSL_PARAM-style params array. */
195 OSSL_PARAM *params;
196
197 /*-
198 * The following are used entirely internally by the fixup_args functions
199 * and should not be touched by the callers, at all.
200 */
201
202 /*
203 * Copy of the ctrl-style void* argument, if the fixup_args function
204 * needs to manipulate |p2| but wants to remember original.
205 */
206 void *orig_p2;
207 /* Diverse types of storage for the needy. */
208 char name_buf[OSSL_MAX_NAME_SIZE];
209 void *allocated_buf;
210 void *bufp;
211 size_t buflen;
212 };
213
214 struct translation_st {
215 /*-
216 * What this table item does.
217 *
218 * If the item has this set to 0, it means that both OSSL_ACTION_GET and OSSL_ACTION_SET are
219 * supported, and |fixup_args| will determine which it is. This is to
220 * support translations of ctrls where the action type depends on the
221 * value of |p1| or |p2| (ctrls are really bi-directional, but are
222 * seldom used that way).
223 *
224 * This can be also used in the lookup template when it looks up by
225 * OSSL_PARAM key, to indicate if a setter or a getter called.
226 */
227 enum action action_type;
228
229 /*-
230 * Conditions, for params->ctrl translations.
231 *
232 * In table item, |keytype1| and |keytype2| can be set to -1 to indicate
233 * that this item supports all key types (or rather, that |fixup_args|
234 * will check and return an error if it's not supported).
235 * Any of these may be set to 0 to indicate that they are unset.
236 */
237 int keytype1; /* The EVP_PKEY_XXX type, i.e. NIDs. #legacy */
238 int keytype2; /* Another EVP_PKEY_XXX type, used for aliases */
239 int optype; /* The operation type */
240
241 /*
242 * Lookup and translation attributes
243 *
244 * |ctrl_num|, |ctrl_str|, |ctrl_hexstr| and |param_key| are lookup
245 * attributes.
246 *
247 * |ctrl_num| may be 0 or that |param_key| may be NULL in the table item,
248 * but not at the same time. If they are, they are simply not used for
249 * lookup.
250 * When |ctrl_num| == 0, no ctrl will be called. Likewise, when
251 * |param_key| == NULL, no OSSL_PARAM setter/getter will be called.
252 * In that case the treatment of the translation item relies entirely on
253 * |fixup_args|, which is then assumed to have side effects.
254 *
255 * As a special case, it's possible to set |ctrl_hexstr| and assign NULL
256 * to |ctrl_str|. That will signal to default_fixup_args() that the
257 * value must always be interpreted as hex.
258 */
259 int ctrl_num; /* EVP_PKEY_CTRL_xxx */
260 const char *ctrl_str; /* The corresponding ctrl string */
261 const char *ctrl_hexstr; /* The alternative "hex{str}" ctrl string */
262 const char *param_key; /* The corresponding OSSL_PARAM key */
263 /*
264 * The appropriate OSSL_PARAM data type. This may be 0 to indicate that
265 * this OSSL_PARAM may have more than one data type, depending on input
266 * material. In this case, |fixup_args| is expected to check and handle
267 * it.
268 */
269 unsigned int param_data_type;
270
271 /*
272 * Fixer functions
273 *
274 * |fixup_args| is always called before (for OSSL_ACTION_SET) or after (for OSSL_ACTION_GET)
275 * the actual ctrl / OSSL_PARAM function.
276 */
277 fixup_args_fn *fixup_args;
278 };
279
280 /*-
281 * Fixer function implementations
282 * ==============================
283 */
284
285 /*
286 * default_check isn't a fixer per se, but rather a helper function to
287 * perform certain standard checks.
288 */
default_check(enum state state,const struct translation_st * translation,const struct translation_ctx_st * ctx)289 static int default_check(enum state state,
290 const struct translation_st *translation,
291 const struct translation_ctx_st *ctx)
292 {
293 switch (state) {
294 default:
295 break;
296 case PRE_CTRL_TO_PARAMS:
297 if (!ossl_assert(translation != NULL)) {
298 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
299 return -2;
300 }
301 if (!ossl_assert(translation->param_key != 0)
302 || !ossl_assert(translation->param_data_type != 0)) {
303 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
304 return -1;
305 }
306 break;
307 case PRE_CTRL_STR_TO_PARAMS:
308 /*
309 * For ctrl_str to params translation, we allow direct use of
310 * OSSL_PARAM keys as ctrl_str keys. Therefore, it's possible that
311 * we end up with |translation == NULL|, which is fine. The fixup
312 * function will have to deal with it carefully.
313 */
314 if (translation != NULL) {
315 if (!ossl_assert(translation->action_type != OSSL_ACTION_GET)) {
316 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
317 return -2;
318 }
319 if (!ossl_assert(translation->param_key != NULL)
320 || !ossl_assert(translation->param_data_type != 0)) {
321 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
322 return 0;
323 }
324 }
325 break;
326 case PRE_PARAMS_TO_CTRL:
327 case POST_PARAMS_TO_CTRL:
328 if (!ossl_assert(translation != NULL)) {
329 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
330 return -2;
331 }
332 if (!ossl_assert(translation->ctrl_num != 0)
333 || !ossl_assert(translation->param_data_type != 0)) {
334 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
335 return -1;
336 }
337 }
338
339 /* Nothing else to check */
340 return 1;
341 }
342
343 /*-
344 * default_fixup_args fixes up all sorts of arguments, governed by the
345 * diverse attributes in the translation item. It covers all "standard"
346 * base ctrl functionality, meaning it can handle basic conversion of
347 * data between p1+p2 (OSSL_ACTION_SET) or return value+p2 (OSSL_ACTION_GET) as long as the values
348 * don't have extra semantics (such as NIDs, OIDs, that sort of stuff).
349 * Extra semantics must be handled via specific fixup_args functions.
350 *
351 * The following states and action type combinations have standard handling
352 * done in this function:
353 *
354 * PRE_CTRL_TO_PARAMS, 0 - ERROR. action type must be
355 * determined by a fixup function.
356 * PRE_CTRL_TO_PARAMS, OSSL_ACTION_SET
357 * | OSSL_ACTION_GET - |p1| and |p2| are converted to an
358 * OSSL_PARAM according to the data
359 * type given in |translattion|.
360 * For OSSL_PARAM_UNSIGNED_INTEGER,
361 * a BIGNUM passed as |p2| is accepted.
362 * POST_CTRL_TO_PARAMS, OSSL_ACTION_GET - If the OSSL_PARAM data type is a
363 * STRING or PTR type, |p1| is set
364 * to the OSSL_PARAM return size, and
365 * |p2| is set to the string.
366 * PRE_CTRL_STR_TO_PARAMS,
367 * !OSSL_ACTION_SET - ERROR. That combination is not
368 * supported.
369 * PRE_CTRL_STR_TO_PARAMS,
370 * OSSL_ACTION_SET - |p2| is taken as a string, and is
371 * converted to an OSSL_PARAM in a
372 * standard manner, guided by the
373 * param key and data type from
374 * |translation|.
375 * PRE_PARAMS_TO_CTRL, OSSL_ACTION_SET - the OSSL_PARAM is converted to
376 * |p1| and |p2| according to the
377 * data type given in |translation|
378 * For OSSL_PARAM_UNSIGNED_INTEGER,
379 * if |p2| is non-NULL, then |*p2|
380 * is assigned a BIGNUM, otherwise
381 * |p1| is assigned an unsigned int.
382 * POST_PARAMS_TO_CTRL, OSSL_ACTION_GET - |p1| and |p2| are converted to
383 * an OSSL_PARAM, in the same manner
384 * as for the combination of
385 * PRE_CTRL_TO_PARAMS, OSSL_ACTION_SET.
386 */
default_fixup_args(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)387 static int default_fixup_args(enum state state,
388 const struct translation_st *translation,
389 struct translation_ctx_st *ctx)
390 {
391 int ret;
392
393 if ((ret = default_check(state, translation, ctx)) <= 0)
394 return ret;
395
396 switch (state) {
397 default:
398 /* For states this function should never have been called with */
399 ERR_raise_data(ERR_LIB_EVP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
400 "[action:%d, state:%d]", ctx->action_type, state);
401 return 0;
402
403 /*
404 * PRE_CTRL_TO_PARAMS and POST_CTRL_TO_PARAMS handle ctrl to params
405 * translations. PRE_CTRL_TO_PARAMS is responsible for preparing
406 * |*params|, and POST_CTRL_TO_PARAMS is responsible for bringing the
407 * result back to |*p2| and the return value.
408 */
409 case PRE_CTRL_TO_PARAMS:
410 /* This is ctrl to params translation, so we need an OSSL_PARAM key */
411 if (ctx->action_type == OSSL_ACTION_NONE) {
412 /*
413 * No action type is an error here. That's a case for a
414 * special fixup function.
415 */
416 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
417 "[action:%d, state:%d]", ctx->action_type, state);
418 return 0;
419 }
420
421 if (translation->optype != 0) {
422 if ((EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx)
423 && ctx->pctx->op.sig.algctx == NULL)
424 || (EVP_PKEY_CTX_IS_DERIVE_OP(ctx->pctx)
425 && ctx->pctx->op.kex.algctx == NULL)
426 || (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx->pctx)
427 && ctx->pctx->op.ciph.algctx == NULL)
428 || (EVP_PKEY_CTX_IS_KEM_OP(ctx->pctx)
429 && ctx->pctx->op.encap.algctx == NULL)
430 /*
431 * The following may be unnecessary, but we have them
432 * for good measure...
433 */
434 || (EVP_PKEY_CTX_IS_GEN_OP(ctx->pctx)
435 && ctx->pctx->op.keymgmt.genctx == NULL)
436 || (EVP_PKEY_CTX_IS_FROMDATA_OP(ctx->pctx)
437 && ctx->pctx->op.keymgmt.genctx == NULL)) {
438 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
439 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
440 return -2;
441 }
442 }
443
444 /*
445 * OSSL_PARAM_construct_TYPE() works equally well for OSSL_ACTION_SET and OSSL_ACTION_GET.
446 */
447 switch (translation->param_data_type) {
448 case OSSL_PARAM_INTEGER:
449 *ctx->params = OSSL_PARAM_construct_int(translation->param_key,
450 &ctx->p1);
451 break;
452 case OSSL_PARAM_UNSIGNED_INTEGER:
453 /*
454 * BIGNUMs are passed via |p2|. For all ctrl's that just want
455 * to pass a simple integer via |p1|, |p2| is expected to be
456 * NULL.
457 *
458 * Note that this allocates a buffer, which the cleanup function
459 * must deallocate.
460 */
461 if (ctx->p2 != NULL) {
462 if (ctx->action_type == OSSL_ACTION_SET) {
463 ctx->buflen = BN_num_bytes(ctx->p2);
464 if ((ctx->allocated_buf
465 = OPENSSL_malloc(ctx->buflen)) == NULL)
466 return 0;
467 if (BN_bn2nativepad(ctx->p2,
468 ctx->allocated_buf, ctx->buflen) < 0) {
469 OPENSSL_free(ctx->allocated_buf);
470 ctx->allocated_buf = NULL;
471 return 0;
472 }
473 *ctx->params =
474 OSSL_PARAM_construct_BN(translation->param_key,
475 ctx->allocated_buf,
476 ctx->buflen);
477 } else {
478 /*
479 * No support for getting a BIGNUM by ctrl, this needs
480 * fixup_args function support.
481 */
482 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
483 "[action:%d, state:%d] trying to get a "
484 "BIGNUM via ctrl call",
485 ctx->action_type, state);
486 return 0;
487 }
488 } else {
489 *ctx->params =
490 OSSL_PARAM_construct_uint(translation->param_key,
491 (unsigned int *)&ctx->p1);
492 }
493 break;
494 case OSSL_PARAM_UTF8_STRING:
495 *ctx->params =
496 OSSL_PARAM_construct_utf8_string(translation->param_key,
497 ctx->p2, (size_t)ctx->p1);
498 break;
499 case OSSL_PARAM_UTF8_PTR:
500 *ctx->params =
501 OSSL_PARAM_construct_utf8_ptr(translation->param_key,
502 ctx->p2, (size_t)ctx->p1);
503 break;
504 case OSSL_PARAM_OCTET_STRING:
505 *ctx->params =
506 OSSL_PARAM_construct_octet_string(translation->param_key,
507 ctx->p2, (size_t)ctx->p1);
508 break;
509 case OSSL_PARAM_OCTET_PTR:
510 *ctx->params =
511 OSSL_PARAM_construct_octet_ptr(translation->param_key,
512 ctx->p2, (size_t)ctx->p1);
513 break;
514 }
515 break;
516 case POST_CTRL_TO_PARAMS:
517 /*
518 * Because EVP_PKEY_CTX_ctrl() returns the length of certain objects
519 * as its return value, we need to ensure that we do it here as well,
520 * for the OSSL_PARAM data types where this makes sense.
521 */
522 if (ctx->action_type == OSSL_ACTION_GET) {
523 switch (translation->param_data_type) {
524 case OSSL_PARAM_UTF8_STRING:
525 case OSSL_PARAM_UTF8_PTR:
526 case OSSL_PARAM_OCTET_STRING:
527 case OSSL_PARAM_OCTET_PTR:
528 ctx->p1 = (int)ctx->params[0].return_size;
529 break;
530 }
531 }
532 break;
533
534 /*
535 * PRE_CTRL_STR_TO_PARAMS and POST_CTRL_STR_TO_PARAMS handle ctrl_str to
536 * params translations. PRE_CTRL_TO_PARAMS is responsible for preparing
537 * |*params|, and POST_CTRL_TO_PARAMS currently has nothing to do, since
538 * there's no support for getting data via ctrl_str calls.
539 */
540 case PRE_CTRL_STR_TO_PARAMS:
541 {
542 /* This is ctrl_str to params translation */
543 const char *tmp_ctrl_str = ctx->ctrl_str;
544 const char *orig_ctrl_str = ctx->ctrl_str;
545 const char *orig_value = ctx->p2;
546 const OSSL_PARAM *settable = NULL;
547 int exists = 0;
548
549 /* Only setting is supported here */
550 if (ctx->action_type != OSSL_ACTION_SET) {
551 ERR_raise_data(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED,
552 "[action:%d, state:%d] only setting allowed",
553 ctx->action_type, state);
554 return 0;
555 }
556
557 /*
558 * If no translation exists, we simply pass the control string
559 * unmodified.
560 */
561 if (translation != NULL) {
562 tmp_ctrl_str = ctx->ctrl_str = translation->param_key;
563
564 if (ctx->ishex) {
565 strcpy(ctx->name_buf, "hex");
566 if (OPENSSL_strlcat(ctx->name_buf, tmp_ctrl_str,
567 sizeof(ctx->name_buf)) <= 3) {
568 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
569 return -1;
570 }
571 tmp_ctrl_str = ctx->name_buf;
572 }
573 }
574
575 settable = EVP_PKEY_CTX_settable_params(ctx->pctx);
576 if (!OSSL_PARAM_allocate_from_text(ctx->params, settable,
577 tmp_ctrl_str,
578 ctx->p2, strlen(ctx->p2),
579 &exists)) {
580 if (!exists) {
581 ERR_raise_data(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED,
582 "[action:%d, state:%d] name=%s, value=%s",
583 ctx->action_type, state,
584 orig_ctrl_str, orig_value);
585 return -2;
586 }
587 return 0;
588 }
589 ctx->allocated_buf = ctx->params->data;
590 ctx->buflen = ctx->params->data_size;
591 }
592 break;
593 case POST_CTRL_STR_TO_PARAMS:
594 /* Nothing to be done */
595 break;
596
597 /*
598 * PRE_PARAMS_TO_CTRL and POST_PARAMS_TO_CTRL handle params to ctrl
599 * translations. PRE_PARAMS_TO_CTRL is responsible for preparing
600 * |p1| and |p2|, and POST_PARAMS_TO_CTRL is responsible for bringing
601 * the EVP_PKEY_CTX_ctrl() return value (passed as |p1|) and |p2| back
602 * to |*params|.
603 *
604 * PKEY is treated just like POST_PARAMS_TO_CTRL, making it easy
605 * for the related fixup_args functions to just set |p1| and |p2|
606 * appropriately and leave it to this section of code to fix up
607 * |ctx->params| accordingly.
608 */
609 case PKEY:
610 case POST_PARAMS_TO_CTRL:
611 ret = ctx->p1;
612 /* FALLTHRU */
613 case PRE_PARAMS_TO_CTRL:
614 {
615 /* This is params to ctrl translation */
616 if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET) {
617 /* For the PRE state, only setting needs some work to be done */
618
619 /* When setting, we populate |p1| and |p2| from |*params| */
620 switch (translation->param_data_type) {
621 case OSSL_PARAM_INTEGER:
622 return OSSL_PARAM_get_int(ctx->params, &ctx->p1);
623 case OSSL_PARAM_UNSIGNED_INTEGER:
624 if (ctx->p2 != NULL) {
625 /* BIGNUM passed down with p2 */
626 if (!OSSL_PARAM_get_BN(ctx->params, ctx->p2))
627 return 0;
628 } else {
629 /* Normal C unsigned int passed down */
630 if (!OSSL_PARAM_get_uint(ctx->params,
631 (unsigned int *)&ctx->p1))
632 return 0;
633 }
634 return 1;
635 case OSSL_PARAM_UTF8_STRING:
636 return OSSL_PARAM_get_utf8_string(ctx->params,
637 ctx->p2, ctx->sz);
638 case OSSL_PARAM_OCTET_STRING:
639 return OSSL_PARAM_get_octet_string(ctx->params,
640 &ctx->p2, ctx->sz,
641 (size_t *)&ctx->p1);
642 case OSSL_PARAM_OCTET_PTR:
643 return OSSL_PARAM_get_octet_ptr(ctx->params,
644 ctx->p2, &ctx->sz);
645 default:
646 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
647 "[action:%d, state:%d] "
648 "unknown OSSL_PARAM data type %d",
649 ctx->action_type, state,
650 translation->param_data_type);
651 return 0;
652 }
653 } else if ((state == POST_PARAMS_TO_CTRL || state == PKEY)
654 && ctx->action_type == OSSL_ACTION_GET) {
655 /* For the POST state, only getting needs some work to be done */
656 unsigned int param_data_type = translation->param_data_type;
657 size_t size = (size_t)ctx->p1;
658
659 if (state == PKEY)
660 size = ctx->sz;
661 if (param_data_type == 0) {
662 /* we must have a fixup_args function to work */
663 if (!ossl_assert(translation->fixup_args != NULL)) {
664 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
665 return 0;
666 }
667 param_data_type = ctx->params->data_type;
668 }
669 /* When getting, we populate |*params| from |p1| and |p2| */
670 switch (param_data_type) {
671 case OSSL_PARAM_INTEGER:
672 return OSSL_PARAM_set_int(ctx->params, ctx->p1);
673 case OSSL_PARAM_UNSIGNED_INTEGER:
674 if (ctx->p2 != NULL) {
675 /* BIGNUM passed back */
676 return OSSL_PARAM_set_BN(ctx->params, ctx->p2);
677 } else {
678 /* Normal C unsigned int passed back */
679 return OSSL_PARAM_set_uint(ctx->params,
680 (unsigned int)ctx->p1);
681 }
682 return 0;
683 case OSSL_PARAM_UTF8_STRING:
684 return OSSL_PARAM_set_utf8_string(ctx->params, ctx->p2);
685 case OSSL_PARAM_OCTET_STRING:
686 return OSSL_PARAM_set_octet_string(ctx->params, ctx->p2,
687 size);
688 case OSSL_PARAM_OCTET_PTR:
689 return OSSL_PARAM_set_octet_ptr(ctx->params, *(void **)ctx->p2,
690 size);
691 default:
692 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
693 "[action:%d, state:%d] "
694 "unsupported OSSL_PARAM data type %d",
695 ctx->action_type, state,
696 translation->param_data_type);
697 return 0;
698 }
699 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
700 if (translation->param_data_type == OSSL_PARAM_OCTET_PTR)
701 ctx->p2 = &ctx->bufp;
702 }
703 }
704 /* Any other combination is simply pass-through */
705 break;
706 }
707 return ret;
708 }
709
710 static int
cleanup_translation_ctx(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)711 cleanup_translation_ctx(enum state state,
712 const struct translation_st *translation,
713 struct translation_ctx_st *ctx)
714 {
715 if (ctx->allocated_buf != NULL)
716 OPENSSL_free(ctx->allocated_buf);
717 ctx->allocated_buf = NULL;
718 return 1;
719 }
720
721 /*
722 * fix_cipher_md fixes up an EVP_CIPHER / EVP_MD to its name on OSSL_ACTION_SET,
723 * and cipher / md name to EVP_MD on OSSL_ACTION_GET.
724 */
get_cipher_name(void * cipher)725 static const char *get_cipher_name(void *cipher)
726 {
727 return EVP_CIPHER_get0_name(cipher);
728 }
729
get_md_name(void * md)730 static const char *get_md_name(void *md)
731 {
732 return EVP_MD_get0_name(md);
733 }
734
get_cipher_by_name(OSSL_LIB_CTX * libctx,const char * name)735 static const void *get_cipher_by_name(OSSL_LIB_CTX *libctx, const char *name)
736 {
737 return evp_get_cipherbyname_ex(libctx, name);
738 }
739
get_md_by_name(OSSL_LIB_CTX * libctx,const char * name)740 static const void *get_md_by_name(OSSL_LIB_CTX *libctx, const char *name)
741 {
742 return evp_get_digestbyname_ex(libctx, name);
743 }
744
fix_cipher_md(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const char * (* get_name)(void * algo),const void * (* get_algo_by_name)(OSSL_LIB_CTX * libctx,const char * name))745 static int fix_cipher_md(enum state state,
746 const struct translation_st *translation,
747 struct translation_ctx_st *ctx,
748 const char *(*get_name)(void *algo),
749 const void *(*get_algo_by_name)(OSSL_LIB_CTX *libctx,
750 const char *name))
751 {
752 int ret = 1;
753
754 if ((ret = default_check(state, translation, ctx)) <= 0)
755 return ret;
756
757 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) {
758 /*
759 * |ctx->p2| contains the address to an EVP_CIPHER or EVP_MD pointer
760 * to be filled in. We need to remember it, then make |ctx->p2|
761 * point at a buffer to be filled in with the name, and |ctx->p1|
762 * with its size. default_fixup_args() will take care of the rest
763 * for us.
764 */
765 ctx->orig_p2 = ctx->p2;
766 ctx->p2 = ctx->name_buf;
767 ctx->p1 = sizeof(ctx->name_buf);
768 } else if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET) {
769 /*
770 * In different parts of OpenSSL, this ctrl command is used
771 * differently. Some calls pass a NID as p1, others pass an
772 * EVP_CIPHER pointer as p2...
773 */
774 ctx->p2 = (char *)(ctx->p2 == NULL
775 ? OBJ_nid2sn(ctx->p1)
776 : get_name(ctx->p2));
777 ctx->p1 = strlen(ctx->p2);
778 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
779 ctx->p2 = (ctx->p2 == NULL ? "" : (char *)get_name(ctx->p2));
780 ctx->p1 = strlen(ctx->p2);
781 }
782
783 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
784 return ret;
785
786 if (state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) {
787 /*
788 * Here's how we reuse |ctx->orig_p2| that was set in the
789 * PRE_CTRL_TO_PARAMS state above.
790 */
791 *(void **)ctx->orig_p2 =
792 (void *)get_algo_by_name(ctx->pctx->libctx, ctx->p2);
793 ctx->p1 = 1;
794 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET) {
795 ctx->p2 = (void *)get_algo_by_name(ctx->pctx->libctx, ctx->p2);
796 ctx->p1 = 0;
797 }
798
799 return ret;
800 }
801
fix_cipher(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)802 static int fix_cipher(enum state state,
803 const struct translation_st *translation,
804 struct translation_ctx_st *ctx)
805 {
806 return fix_cipher_md(state, translation, ctx,
807 get_cipher_name, get_cipher_by_name);
808 }
809
fix_md(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)810 static int fix_md(enum state state,
811 const struct translation_st *translation,
812 struct translation_ctx_st *ctx)
813 {
814 return fix_cipher_md(state, translation, ctx,
815 get_md_name, get_md_by_name);
816 }
817
fix_distid_len(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)818 static int fix_distid_len(enum state state,
819 const struct translation_st *translation,
820 struct translation_ctx_st *ctx)
821 {
822 int ret = default_fixup_args(state, translation, ctx);
823
824 if (ret > 0) {
825 ret = 0;
826 if ((state == POST_CTRL_TO_PARAMS
827 || state == POST_CTRL_STR_TO_PARAMS) && ctx->action_type == OSSL_ACTION_GET) {
828 *(size_t *)ctx->p2 = ctx->sz;
829 ret = 1;
830 }
831 }
832 return ret;
833 }
834
835 struct kdf_type_map_st {
836 int kdf_type_num;
837 const char *kdf_type_str;
838 };
839
fix_kdf_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const struct kdf_type_map_st * kdf_type_map)840 static int fix_kdf_type(enum state state,
841 const struct translation_st *translation,
842 struct translation_ctx_st *ctx,
843 const struct kdf_type_map_st *kdf_type_map)
844 {
845 /*
846 * The EVP_PKEY_CTRL_DH_KDF_TYPE ctrl command is a bit special, in
847 * that it's used both for setting a value, and for getting it, all
848 * depending on the value if |p1|; if |p1| is -2, the backend is
849 * supposed to place the current kdf type in |p2|, and if not, |p1|
850 * is interpreted as the new kdf type.
851 */
852 int ret = 0;
853
854 if ((ret = default_check(state, translation, ctx)) <= 0)
855 return ret;
856
857 if (state == PRE_CTRL_TO_PARAMS) {
858 /*
859 * In |translations|, the initial value for |ctx->action_type| must
860 * be OSSL_ACTION_NONE.
861 */
862 if (!ossl_assert(ctx->action_type == OSSL_ACTION_NONE))
863 return 0;
864
865 /* The action type depends on the value of *p1 */
866 if (ctx->p1 == -2) {
867 /*
868 * The OSSL_PARAMS getter needs space to store a copy of the kdf
869 * type string. We use |ctx->name_buf|, which has enough space
870 * allocated.
871 *
872 * (this wouldn't be needed if the OSSL_xxx_PARAM_KDF_TYPE
873 * had the data type OSSL_PARAM_UTF8_PTR)
874 */
875 ctx->p2 = ctx->name_buf;
876 ctx->p1 = sizeof(ctx->name_buf);
877 ctx->action_type = OSSL_ACTION_GET;
878 } else {
879 ctx->action_type = OSSL_ACTION_SET;
880 }
881 }
882
883 if ((ret = default_check(state, translation, ctx)) <= 0)
884 return ret;
885
886 if ((state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET)
887 || (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET)) {
888 ret = -2;
889 /* Convert KDF type numbers to strings */
890 for (; kdf_type_map->kdf_type_str != NULL; kdf_type_map++)
891 if (ctx->p1 == kdf_type_map->kdf_type_num) {
892 ctx->p2 = (char *)kdf_type_map->kdf_type_str;
893 ret = 1;
894 break;
895 }
896 if (ret <= 0)
897 goto end;
898 ctx->p1 = strlen(ctx->p2);
899 }
900
901 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
902 return ret;
903
904 if ((state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET)
905 || (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET)) {
906 ctx->p1 = ret = -1;
907
908 /* Convert KDF type strings to numbers */
909 for (; kdf_type_map->kdf_type_str != NULL; kdf_type_map++)
910 if (OPENSSL_strcasecmp(ctx->p2, kdf_type_map->kdf_type_str) == 0) {
911 ctx->p1 = kdf_type_map->kdf_type_num;
912 ret = 1;
913 break;
914 }
915 ctx->p2 = NULL;
916 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
917 ctx->p1 = -2;
918 }
919 end:
920 return ret;
921 }
922
923 /* EVP_PKEY_CTRL_DH_KDF_TYPE */
fix_dh_kdf_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)924 static int fix_dh_kdf_type(enum state state,
925 const struct translation_st *translation,
926 struct translation_ctx_st *ctx)
927 {
928 static const struct kdf_type_map_st kdf_type_map[] = {
929 { EVP_PKEY_DH_KDF_NONE, "" },
930 { EVP_PKEY_DH_KDF_X9_42, OSSL_KDF_NAME_X942KDF_ASN1 },
931 { 0, NULL }
932 };
933
934 return fix_kdf_type(state, translation, ctx, kdf_type_map);
935 }
936
937 /* EVP_PKEY_CTRL_EC_KDF_TYPE */
fix_ec_kdf_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)938 static int fix_ec_kdf_type(enum state state,
939 const struct translation_st *translation,
940 struct translation_ctx_st *ctx)
941 {
942 static const struct kdf_type_map_st kdf_type_map[] = {
943 { EVP_PKEY_ECDH_KDF_NONE, "" },
944 { EVP_PKEY_ECDH_KDF_X9_63, OSSL_KDF_NAME_X963KDF },
945 { 0, NULL }
946 };
947
948 return fix_kdf_type(state, translation, ctx, kdf_type_map);
949 }
950
951 /* EVP_PKEY_CTRL_DH_KDF_OID, EVP_PKEY_CTRL_GET_DH_KDF_OID, ...??? */
fix_oid(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)952 static int fix_oid(enum state state,
953 const struct translation_st *translation,
954 struct translation_ctx_st *ctx)
955 {
956 int ret;
957
958 if ((ret = default_check(state, translation, ctx)) <= 0)
959 return ret;
960
961 if ((state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET)
962 || (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET)) {
963 /*
964 * We're translating from ctrl to params and setting the OID, or
965 * we're translating from params to ctrl and getting the OID.
966 * Either way, |ctx->p2| points at an ASN1_OBJECT, and needs to have
967 * that replaced with the corresponding name.
968 * default_fixup_args() will then be able to convert that to the
969 * corresponding OSSL_PARAM.
970 */
971 OBJ_obj2txt(ctx->name_buf, sizeof(ctx->name_buf), ctx->p2, 0);
972 ctx->p2 = (char *)ctx->name_buf;
973 ctx->p1 = 0; /* let default_fixup_args() figure out the length */
974 }
975
976 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
977 return ret;
978
979 if ((state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET)
980 || (state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET)) {
981 /*
982 * We're translating from ctrl to params and setting the OID name,
983 * or we're translating from params to ctrl and getting the OID
984 * name. Either way, default_fixup_args() has placed the OID name
985 * in |ctx->p2|, all we need to do now is to replace that with the
986 * corresponding ASN1_OBJECT.
987 */
988 ctx->p2 = (ASN1_OBJECT *)OBJ_txt2obj(ctx->p2, 0);
989 }
990
991 return ret;
992 }
993
994 /* EVP_PKEY_CTRL_DH_NID */
fix_dh_nid(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)995 static int fix_dh_nid(enum state state,
996 const struct translation_st *translation,
997 struct translation_ctx_st *ctx)
998 {
999 int ret;
1000
1001 if ((ret = default_check(state, translation, ctx)) <= 0)
1002 return ret;
1003
1004 /* This is only settable */
1005 if (ctx->action_type != OSSL_ACTION_SET)
1006 return 0;
1007
1008 if (state == PRE_CTRL_TO_PARAMS) {
1009 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
1010 (ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) {
1011 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1012 return 0;
1013 }
1014 ctx->p1 = 0;
1015 }
1016
1017 return default_fixup_args(state, translation, ctx);
1018 }
1019
1020 /* EVP_PKEY_CTRL_DH_RFC5114 */
fix_dh_nid5114(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1021 static int fix_dh_nid5114(enum state state,
1022 const struct translation_st *translation,
1023 struct translation_ctx_st *ctx)
1024 {
1025 int ret;
1026
1027 if ((ret = default_check(state, translation, ctx)) <= 0)
1028 return ret;
1029
1030 /* This is only settable */
1031 if (ctx->action_type != OSSL_ACTION_SET)
1032 return 0;
1033
1034 switch (state) {
1035 case PRE_CTRL_TO_PARAMS:
1036 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
1037 (ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) {
1038 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1039 return 0;
1040 }
1041
1042 ctx->p1 = 0;
1043 break;
1044
1045 case PRE_CTRL_STR_TO_PARAMS:
1046 if (ctx->p2 == NULL)
1047 return 0;
1048 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
1049 (ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2)))) == NULL) {
1050 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1051 return 0;
1052 }
1053
1054 ctx->p1 = 0;
1055 break;
1056
1057 default:
1058 break;
1059 }
1060
1061 return default_fixup_args(state, translation, ctx);
1062 }
1063
1064 /* EVP_PKEY_CTRL_DH_PARAMGEN_TYPE */
fix_dh_paramgen_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1065 static int fix_dh_paramgen_type(enum state state,
1066 const struct translation_st *translation,
1067 struct translation_ctx_st *ctx)
1068 {
1069 int ret;
1070
1071 if ((ret = default_check(state, translation, ctx)) <= 0)
1072 return ret;
1073
1074 /* This is only settable */
1075 if (ctx->action_type != OSSL_ACTION_SET)
1076 return 0;
1077
1078 if (state == PRE_CTRL_STR_TO_PARAMS) {
1079 if ((ctx->p2 = (char *)ossl_dh_gen_type_id2name(atoi(ctx->p2)))
1080 == NULL) {
1081 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1082 return 0;
1083 }
1084 ctx->p1 = strlen(ctx->p2);
1085 }
1086
1087 return default_fixup_args(state, translation, ctx);
1088 }
1089
1090 /* EVP_PKEY_CTRL_EC_PARAM_ENC */
fix_ec_param_enc(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1091 static int fix_ec_param_enc(enum state state,
1092 const struct translation_st *translation,
1093 struct translation_ctx_st *ctx)
1094 {
1095 int ret;
1096
1097 if ((ret = default_check(state, translation, ctx)) <= 0)
1098 return ret;
1099
1100 /* This is currently only settable */
1101 if (ctx->action_type != OSSL_ACTION_SET)
1102 return 0;
1103
1104 if (state == PRE_CTRL_TO_PARAMS) {
1105 switch (ctx->p1) {
1106 case OPENSSL_EC_EXPLICIT_CURVE:
1107 ctx->p2 = OSSL_PKEY_EC_ENCODING_EXPLICIT;
1108 break;
1109 case OPENSSL_EC_NAMED_CURVE:
1110 ctx->p2 = OSSL_PKEY_EC_ENCODING_GROUP;
1111 break;
1112 default:
1113 ret = -2;
1114 goto end;
1115 }
1116 ctx->p1 = 0;
1117 }
1118
1119 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1120 return ret;
1121
1122 if (state == PRE_PARAMS_TO_CTRL) {
1123 if (strcmp(ctx->p2, OSSL_PKEY_EC_ENCODING_EXPLICIT) == 0)
1124 ctx->p1 = OPENSSL_EC_EXPLICIT_CURVE;
1125 else if (strcmp(ctx->p2, OSSL_PKEY_EC_ENCODING_GROUP) == 0)
1126 ctx->p1 = OPENSSL_EC_NAMED_CURVE;
1127 else
1128 ctx->p1 = ret = -2;
1129 ctx->p2 = NULL;
1130 }
1131
1132 end:
1133 if (ret == -2)
1134 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1135 return ret;
1136 }
1137
1138 /* EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID */
fix_ec_paramgen_curve_nid(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1139 static int fix_ec_paramgen_curve_nid(enum state state,
1140 const struct translation_st *translation,
1141 struct translation_ctx_st *ctx)
1142 {
1143 char *p2 = NULL;
1144 int ret;
1145
1146 if ((ret = default_check(state, translation, ctx)) <= 0)
1147 return ret;
1148
1149 /* This is currently only settable */
1150 if (ctx->action_type != OSSL_ACTION_SET)
1151 return 0;
1152
1153 if (state == PRE_CTRL_TO_PARAMS) {
1154 ctx->p2 = (char *)OBJ_nid2sn(ctx->p1);
1155 ctx->p1 = 0;
1156 } else if (state == PRE_PARAMS_TO_CTRL) {
1157 /*
1158 * We're translating from params to ctrl and setting the curve name.
1159 * The ctrl function needs it to be a NID, but meanwhile, we need
1160 * space to get the curve name from the param. |ctx->name_buf| is
1161 * sufficient for that.
1162 * The double indirection is necessary for default_fixup_args()'s
1163 * call of OSSL_PARAM_get_utf8_string() to be done correctly.
1164 */
1165 p2 = ctx->name_buf;
1166 ctx->p2 = &p2;
1167 ctx->sz = sizeof(ctx->name_buf);
1168 }
1169
1170 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1171 return ret;
1172
1173 if (state == PRE_PARAMS_TO_CTRL) {
1174 ctx->p1 = OBJ_sn2nid(p2);
1175 ctx->p2 = NULL;
1176 }
1177
1178 return ret;
1179 }
1180
1181 /* EVP_PKEY_CTRL_EC_ECDH_COFACTOR */
fix_ecdh_cofactor(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1182 static int fix_ecdh_cofactor(enum state state,
1183 const struct translation_st *translation,
1184 struct translation_ctx_st *ctx)
1185 {
1186 /*
1187 * The EVP_PKEY_CTRL_EC_ECDH_COFACTOR ctrl command is a bit special, in
1188 * that it's used both for setting a value, and for getting it, all
1189 * depending on the value if |ctx->p1|; if |ctx->p1| is -2, the backend is
1190 * supposed to place the current cofactor mode in |ctx->p2|, and if not,
1191 * |ctx->p1| is interpreted as the new cofactor mode.
1192 */
1193 int ret = 0;
1194
1195 if (state == PRE_CTRL_TO_PARAMS) {
1196 /*
1197 * The initial value for |ctx->action_type| must be zero.
1198 * evp_pkey_ctrl_to_params() takes it from the translation item.
1199 */
1200 if (!ossl_assert(ctx->action_type == OSSL_ACTION_NONE))
1201 return 0;
1202
1203 /* The action type depends on the value of ctx->p1 */
1204 if (ctx->p1 == -2)
1205 ctx->action_type = OSSL_ACTION_GET;
1206 else
1207 ctx->action_type = OSSL_ACTION_SET;
1208 } else if (state == PRE_CTRL_STR_TO_PARAMS) {
1209 ctx->action_type = OSSL_ACTION_SET;
1210 } else if (state == PRE_PARAMS_TO_CTRL) {
1211 /* The initial value for |ctx->action_type| must not be zero. */
1212 if (!ossl_assert(ctx->action_type != OSSL_ACTION_NONE))
1213 return 0;
1214 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_NONE) {
1215 ctx->action_type = OSSL_ACTION_GET;
1216 }
1217
1218 if ((ret = default_check(state, translation, ctx)) <= 0)
1219 return ret;
1220
1221 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET) {
1222 if (ctx->p1 < -1 || ctx->p1 > 1) {
1223 /* Uses the same return value of pkey_ec_ctrl() */
1224 return -2;
1225 }
1226 }
1227
1228 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1229 return ret;
1230
1231 if (state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) {
1232 if (ctx->p1 < 0 || ctx->p1 > 1) {
1233 /*
1234 * The provider should return either 0 or 1, any other value is a
1235 * provider error.
1236 */
1237 ctx->p1 = ret = -1;
1238 }
1239 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
1240 ctx->p1 = -2;
1241 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
1242 ctx->p1 = ret;
1243 }
1244
1245 return ret;
1246 }
1247
1248 /* EVP_PKEY_CTRL_RSA_PADDING, EVP_PKEY_CTRL_GET_RSA_PADDING */
fix_rsa_padding_mode(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1249 static int fix_rsa_padding_mode(enum state state,
1250 const struct translation_st *translation,
1251 struct translation_ctx_st *ctx)
1252 {
1253 static const OSSL_ITEM str_value_map[] = {
1254 { RSA_PKCS1_PADDING, "pkcs1" },
1255 { RSA_NO_PADDING, "none" },
1256 { RSA_PKCS1_OAEP_PADDING, "oaep" },
1257 { RSA_PKCS1_OAEP_PADDING, "oeap" },
1258 { RSA_X931_PADDING, "x931" },
1259 { RSA_PKCS1_PSS_PADDING, "pss" },
1260 /* Special case, will pass directly as an integer */
1261 { RSA_PKCS1_WITH_TLS_PADDING, NULL }
1262 };
1263 int ret;
1264
1265 if ((ret = default_check(state, translation, ctx)) <= 0)
1266 return ret;
1267
1268 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) {
1269 /*
1270 * EVP_PKEY_CTRL_GET_RSA_PADDING returns the padding mode in the
1271 * weirdest way for a ctrl. Instead of doing like all other ctrls
1272 * that return a simple, i.e. just have that as a return value,
1273 * this particular ctrl treats p2 as the address for the int to be
1274 * returned. We must therefore remember |ctx->p2|, then make
1275 * |ctx->p2| point at a buffer to be filled in with the name, and
1276 * |ctx->p1| with its size. default_fixup_args() will take care
1277 * of the rest for us, along with the POST_CTRL_TO_PARAMS && OSSL_ACTION_GET
1278 * code section further down.
1279 */
1280 ctx->orig_p2 = ctx->p2;
1281 ctx->p2 = ctx->name_buf;
1282 ctx->p1 = sizeof(ctx->name_buf);
1283 } else if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET) {
1284 /*
1285 * Ideally, we should use utf8 strings for the diverse padding modes.
1286 * We only came here because someone called EVP_PKEY_CTX_ctrl(),
1287 * though, and since that can reasonably be seen as legacy code
1288 * that uses the diverse RSA macros for the padding mode, and we
1289 * know that at least our providers can handle the numeric modes,
1290 * we take the cheap route for now.
1291 *
1292 * The other solution would be to match |ctx->p1| against entries
1293 * in str_value_map and pass the corresponding string. However,
1294 * since we don't have a string for RSA_PKCS1_WITH_TLS_PADDING,
1295 * we have to do this same hack at least for that one.
1296 *
1297 * Since the "official" data type for the RSA padding mode is utf8
1298 * string, we cannot count on default_fixup_args(). Instead, we
1299 * build the OSSL_PARAM item ourselves and return immediately.
1300 */
1301 ctx->params[0] = OSSL_PARAM_construct_int(translation->param_key,
1302 &ctx->p1);
1303 return 1;
1304 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
1305 size_t i;
1306
1307 /*
1308 * The EVP_PKEY_CTX_get_params() caller may have asked for a utf8
1309 * string, or may have asked for an integer of some sort. If they
1310 * ask for an integer, we respond directly. If not, we translate
1311 * the response from the ctrl function into a string.
1312 */
1313 switch (ctx->params->data_type) {
1314 case OSSL_PARAM_INTEGER:
1315 return OSSL_PARAM_get_int(ctx->params, &ctx->p1);
1316 case OSSL_PARAM_UNSIGNED_INTEGER:
1317 return OSSL_PARAM_get_uint(ctx->params, (unsigned int *)&ctx->p1);
1318 default:
1319 break;
1320 }
1321
1322 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1323 if (ctx->p1 == (int)str_value_map[i].id)
1324 break;
1325 }
1326 if (i == OSSL_NELEM(str_value_map)) {
1327 ERR_raise_data(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE,
1328 "[action:%d, state:%d] padding number %d",
1329 ctx->action_type, state, ctx->p1);
1330 return -2;
1331 }
1332 /*
1333 * If we don't have a string, we can't do anything. The caller
1334 * should have asked for a number...
1335 */
1336 if (str_value_map[i].ptr == NULL) {
1337 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1338 return -2;
1339 }
1340 ctx->p2 = str_value_map[i].ptr;
1341 ctx->p1 = strlen(ctx->p2);
1342 }
1343
1344 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1345 return ret;
1346
1347 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_PARAMS_TO_CTRL)
1348 || (ctx->action_type == OSSL_ACTION_GET && state == POST_CTRL_TO_PARAMS)) {
1349 size_t i;
1350
1351 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1352 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1353 break;
1354 }
1355
1356 if (i == OSSL_NELEM(str_value_map)) {
1357 ERR_raise_data(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE,
1358 "[action:%d, state:%d] padding name %s",
1359 ctx->action_type, state, ctx->p1);
1360 ctx->p1 = ret = -2;
1361 } else if (state == POST_CTRL_TO_PARAMS) {
1362 /* EVP_PKEY_CTRL_GET_RSA_PADDING weirdness explained further up */
1363 *(int *)ctx->orig_p2 = str_value_map[i].id;
1364 } else {
1365 ctx->p1 = str_value_map[i].id;
1366 }
1367 ctx->p2 = NULL;
1368 }
1369
1370 return ret;
1371 }
1372
1373 /* EVP_PKEY_CTRL_RSA_PSS_SALTLEN, EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN */
fix_rsa_pss_saltlen(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1374 static int fix_rsa_pss_saltlen(enum state state,
1375 const struct translation_st *translation,
1376 struct translation_ctx_st *ctx)
1377 {
1378 static const OSSL_ITEM str_value_map[] = {
1379 { (unsigned int)RSA_PSS_SALTLEN_DIGEST, "digest" },
1380 { (unsigned int)RSA_PSS_SALTLEN_MAX, "max" },
1381 { (unsigned int)RSA_PSS_SALTLEN_AUTO, "auto" }
1382 };
1383 int ret;
1384
1385 if ((ret = default_check(state, translation, ctx)) <= 0)
1386 return ret;
1387
1388 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) {
1389 /*
1390 * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN returns the saltlen by filling
1391 * in the int pointed at by p2. This is potentially as weird as
1392 * the way EVP_PKEY_CTRL_GET_RSA_PADDING works, except that saltlen
1393 * might be a negative value, so it wouldn't work as a legitimate
1394 * return value.
1395 * In any case, we must therefore remember |ctx->p2|, then make
1396 * |ctx->p2| point at a buffer to be filled in with the name, and
1397 * |ctx->p1| with its size. default_fixup_args() will take care
1398 * of the rest for us, along with the POST_CTRL_TO_PARAMS && OSSL_ACTION_GET
1399 * code section further down.
1400 */
1401 ctx->orig_p2 = ctx->p2;
1402 ctx->p2 = ctx->name_buf;
1403 ctx->p1 = sizeof(ctx->name_buf);
1404 } else if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_CTRL_TO_PARAMS)
1405 || (ctx->action_type == OSSL_ACTION_GET && state == POST_PARAMS_TO_CTRL)) {
1406 size_t i;
1407
1408 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1409 if (ctx->p1 == (int)str_value_map[i].id)
1410 break;
1411 }
1412 if (i == OSSL_NELEM(str_value_map)) {
1413 BIO_snprintf(ctx->name_buf, sizeof(ctx->name_buf), "%d", ctx->p1);
1414 } else {
1415 /* This won't truncate but it will quiet static analysers */
1416 strncpy(ctx->name_buf, str_value_map[i].ptr, sizeof(ctx->name_buf) - 1);
1417 ctx->name_buf[sizeof(ctx->name_buf) - 1] = '\0';
1418 }
1419 ctx->p2 = ctx->name_buf;
1420 ctx->p1 = strlen(ctx->p2);
1421 }
1422
1423 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1424 return ret;
1425
1426 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_PARAMS_TO_CTRL)
1427 || (ctx->action_type == OSSL_ACTION_GET && state == POST_CTRL_TO_PARAMS)) {
1428 size_t i;
1429 int val;
1430
1431 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1432 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1433 break;
1434 }
1435
1436 val = i == OSSL_NELEM(str_value_map) ? atoi(ctx->p2)
1437 : (int)str_value_map[i].id;
1438 if (state == POST_CTRL_TO_PARAMS) {
1439 /*
1440 * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN weirdness explained further
1441 * up
1442 */
1443 *(int *)ctx->orig_p2 = val;
1444 } else {
1445 ctx->p1 = val;
1446 }
1447 ctx->p2 = NULL;
1448 }
1449
1450 return ret;
1451 }
1452
1453 /* EVP_PKEY_CTRL_HKDF_MODE */
fix_hkdf_mode(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1454 static int fix_hkdf_mode(enum state state,
1455 const struct translation_st *translation,
1456 struct translation_ctx_st *ctx)
1457 {
1458 static const OSSL_ITEM str_value_map[] = {
1459 { EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND, "EXTRACT_AND_EXPAND" },
1460 { EVP_KDF_HKDF_MODE_EXTRACT_ONLY, "EXTRACT_ONLY" },
1461 { EVP_KDF_HKDF_MODE_EXPAND_ONLY, "EXPAND_ONLY" }
1462 };
1463 int ret;
1464
1465 if ((ret = default_check(state, translation, ctx)) <= 0)
1466 return ret;
1467
1468 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_CTRL_TO_PARAMS)
1469 || (ctx->action_type == OSSL_ACTION_GET && state == POST_PARAMS_TO_CTRL)) {
1470 size_t i;
1471
1472 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1473 if (ctx->p1 == (int)str_value_map[i].id)
1474 break;
1475 }
1476 if (i == OSSL_NELEM(str_value_map))
1477 return 0;
1478 ctx->p2 = str_value_map[i].ptr;
1479 ctx->p1 = strlen(ctx->p2);
1480 }
1481
1482 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1483 return ret;
1484
1485 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_PARAMS_TO_CTRL)
1486 || (ctx->action_type == OSSL_ACTION_GET && state == POST_CTRL_TO_PARAMS)) {
1487 size_t i;
1488
1489 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1490 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1491 break;
1492 }
1493 if (i == OSSL_NELEM(str_value_map))
1494 return 0;
1495 if (state == POST_CTRL_TO_PARAMS)
1496 ret = str_value_map[i].id;
1497 else
1498 ctx->p1 = str_value_map[i].id;
1499 ctx->p2 = NULL;
1500 }
1501
1502 return 1;
1503 }
1504
1505 /*-
1506 * Payload getters
1507 * ===============
1508 *
1509 * These all get the data they want, then call default_fixup_args() as
1510 * a post-ctrl OSSL_ACTION_GET fixup. They all get NULL ctx, ctrl_cmd, ctrl_str,
1511 * p1, sz
1512 */
1513
1514 /* Pilfering DH, DSA and EC_KEY */
get_payload_group_name(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1515 static int get_payload_group_name(enum state state,
1516 const struct translation_st *translation,
1517 struct translation_ctx_st *ctx)
1518 {
1519 EVP_PKEY *pkey = ctx->p2;
1520
1521 ctx->p2 = NULL;
1522 switch (EVP_PKEY_get_base_id(pkey)) {
1523 #ifndef OPENSSL_NO_DH
1524 case EVP_PKEY_DH:
1525 {
1526 const DH *dh = EVP_PKEY_get0_DH(pkey);
1527 int uid = DH_get_nid(dh);
1528
1529 if (uid != NID_undef) {
1530 const DH_NAMED_GROUP *dh_group =
1531 ossl_ffc_uid_to_dh_named_group(uid);
1532
1533 ctx->p2 = (char *)ossl_ffc_named_group_get_name(dh_group);
1534 }
1535 }
1536 break;
1537 #endif
1538 #ifndef OPENSSL_NO_EC
1539 case EVP_PKEY_EC:
1540 {
1541 const EC_GROUP *grp =
1542 EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey));
1543 int nid = NID_undef;
1544
1545 if (grp != NULL)
1546 nid = EC_GROUP_get_curve_name(grp);
1547 if (nid != NID_undef)
1548 ctx->p2 = (char *)OSSL_EC_curve_nid2name(nid);
1549 }
1550 break;
1551 #endif
1552 default:
1553 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1554 return 0;
1555 }
1556
1557 /*
1558 * Quietly ignoring unknown groups matches the behaviour on the provider
1559 * side.
1560 */
1561 if (ctx->p2 == NULL)
1562 return 1;
1563
1564 ctx->p1 = strlen(ctx->p2);
1565 return default_fixup_args(state, translation, ctx);
1566 }
1567
get_payload_private_key(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1568 static int get_payload_private_key(enum state state,
1569 const struct translation_st *translation,
1570 struct translation_ctx_st *ctx)
1571 {
1572 EVP_PKEY *pkey = ctx->p2;
1573
1574 ctx->p2 = NULL;
1575 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
1576 return 0;
1577
1578 switch (EVP_PKEY_get_base_id(pkey)) {
1579 #ifndef OPENSSL_NO_DH
1580 case EVP_PKEY_DH:
1581 {
1582 const DH *dh = EVP_PKEY_get0_DH(pkey);
1583
1584 ctx->p2 = (BIGNUM *)DH_get0_priv_key(dh);
1585 }
1586 break;
1587 #endif
1588 #ifndef OPENSSL_NO_EC
1589 case EVP_PKEY_EC:
1590 {
1591 const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
1592
1593 ctx->p2 = (BIGNUM *)EC_KEY_get0_private_key(ec);
1594 }
1595 break;
1596 #endif
1597 default:
1598 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1599 return 0;
1600 }
1601
1602 return default_fixup_args(state, translation, ctx);
1603 }
1604
get_payload_public_key(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1605 static int get_payload_public_key(enum state state,
1606 const struct translation_st *translation,
1607 struct translation_ctx_st *ctx)
1608 {
1609 EVP_PKEY *pkey = ctx->p2;
1610 unsigned char *buf = NULL;
1611 int ret;
1612
1613 ctx->p2 = NULL;
1614 switch (EVP_PKEY_get_base_id(pkey)) {
1615 #ifndef OPENSSL_NO_DH
1616 case EVP_PKEY_DHX:
1617 case EVP_PKEY_DH:
1618 switch (ctx->params->data_type) {
1619 case OSSL_PARAM_OCTET_STRING:
1620 ctx->sz = ossl_dh_key2buf(EVP_PKEY_get0_DH(pkey), &buf, 0, 1);
1621 ctx->p2 = buf;
1622 break;
1623 case OSSL_PARAM_UNSIGNED_INTEGER:
1624 ctx->p2 = (void *)DH_get0_pub_key(EVP_PKEY_get0_DH(pkey));
1625 break;
1626 default:
1627 return 0;
1628 }
1629 break;
1630 #endif
1631 #ifndef OPENSSL_NO_DSA
1632 case EVP_PKEY_DSA:
1633 if (ctx->params->data_type == OSSL_PARAM_UNSIGNED_INTEGER) {
1634 ctx->p2 = (void *)DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey));
1635 break;
1636 }
1637 return 0;
1638 #endif
1639 #ifndef OPENSSL_NO_EC
1640 case EVP_PKEY_EC:
1641 if (ctx->params->data_type == OSSL_PARAM_OCTET_STRING) {
1642 const EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(pkey);
1643 BN_CTX *bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eckey));
1644 const EC_GROUP *ecg = EC_KEY_get0_group(eckey);
1645 const EC_POINT *point = EC_KEY_get0_public_key(eckey);
1646
1647 if (bnctx == NULL)
1648 return 0;
1649 ctx->sz = EC_POINT_point2buf(ecg, point,
1650 POINT_CONVERSION_COMPRESSED,
1651 &buf, bnctx);
1652 ctx->p2 = buf;
1653 BN_CTX_free(bnctx);
1654 break;
1655 }
1656 return 0;
1657 #endif
1658 default:
1659 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1660 return 0;
1661 }
1662
1663 ret = default_fixup_args(state, translation, ctx);
1664 OPENSSL_free(buf);
1665 return ret;
1666 }
1667
get_payload_public_key_ec(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1668 static int get_payload_public_key_ec(enum state state,
1669 const struct translation_st *translation,
1670 struct translation_ctx_st *ctx)
1671 {
1672 #ifndef OPENSSL_NO_EC
1673 EVP_PKEY *pkey = ctx->p2;
1674 const EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(pkey);
1675 BN_CTX *bnctx;
1676 const EC_POINT *point;
1677 const EC_GROUP *ecg;
1678 BIGNUM *x = NULL;
1679 BIGNUM *y = NULL;
1680 int ret = 0;
1681
1682 ctx->p2 = NULL;
1683
1684 if (eckey == NULL) {
1685 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1686 return 0;
1687 }
1688
1689 bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eckey));
1690 if (bnctx == NULL)
1691 return 0;
1692
1693 point = EC_KEY_get0_public_key(eckey);
1694 ecg = EC_KEY_get0_group(eckey);
1695
1696 /* Caller should have requested a BN, fail if not */
1697 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
1698 goto out;
1699
1700 x = BN_CTX_get(bnctx);
1701 y = BN_CTX_get(bnctx);
1702 if (y == NULL)
1703 goto out;
1704
1705 if (!EC_POINT_get_affine_coordinates(ecg, point, x, y, bnctx))
1706 goto out;
1707
1708 if (strncmp(ctx->params->key, OSSL_PKEY_PARAM_EC_PUB_X, 2) == 0)
1709 ctx->p2 = x;
1710 else if (strncmp(ctx->params->key, OSSL_PKEY_PARAM_EC_PUB_Y, 2) == 0)
1711 ctx->p2 = y;
1712 else
1713 goto out;
1714
1715 /* Return the payload */
1716 ret = default_fixup_args(state, translation, ctx);
1717 out:
1718 BN_CTX_free(bnctx);
1719 return ret;
1720 #else
1721 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1722 return 0;
1723 #endif
1724 }
1725
get_payload_bn(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const BIGNUM * bn)1726 static int get_payload_bn(enum state state,
1727 const struct translation_st *translation,
1728 struct translation_ctx_st *ctx, const BIGNUM *bn)
1729 {
1730 if (bn == NULL)
1731 return 0;
1732 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
1733 return 0;
1734 ctx->p2 = (BIGNUM *)bn;
1735
1736 return default_fixup_args(state, translation, ctx);
1737 }
1738
get_dh_dsa_payload_p(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1739 static int get_dh_dsa_payload_p(enum state state,
1740 const struct translation_st *translation,
1741 struct translation_ctx_st *ctx)
1742 {
1743 const BIGNUM *bn = NULL;
1744 EVP_PKEY *pkey = ctx->p2;
1745
1746 switch (EVP_PKEY_get_base_id(pkey)) {
1747 #ifndef OPENSSL_NO_DH
1748 case EVP_PKEY_DH:
1749 bn = DH_get0_p(EVP_PKEY_get0_DH(pkey));
1750 break;
1751 #endif
1752 #ifndef OPENSSL_NO_DSA
1753 case EVP_PKEY_DSA:
1754 bn = DSA_get0_p(EVP_PKEY_get0_DSA(pkey));
1755 break;
1756 #endif
1757 default:
1758 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1759 }
1760
1761 return get_payload_bn(state, translation, ctx, bn);
1762 }
1763
get_dh_dsa_payload_q(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1764 static int get_dh_dsa_payload_q(enum state state,
1765 const struct translation_st *translation,
1766 struct translation_ctx_st *ctx)
1767 {
1768 const BIGNUM *bn = NULL;
1769
1770 switch (EVP_PKEY_get_base_id(ctx->p2)) {
1771 #ifndef OPENSSL_NO_DH
1772 case EVP_PKEY_DH:
1773 bn = DH_get0_q(EVP_PKEY_get0_DH(ctx->p2));
1774 break;
1775 #endif
1776 #ifndef OPENSSL_NO_DSA
1777 case EVP_PKEY_DSA:
1778 bn = DSA_get0_q(EVP_PKEY_get0_DSA(ctx->p2));
1779 break;
1780 #endif
1781 }
1782
1783 return get_payload_bn(state, translation, ctx, bn);
1784 }
1785
get_dh_dsa_payload_g(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1786 static int get_dh_dsa_payload_g(enum state state,
1787 const struct translation_st *translation,
1788 struct translation_ctx_st *ctx)
1789 {
1790 const BIGNUM *bn = NULL;
1791
1792 switch (EVP_PKEY_get_base_id(ctx->p2)) {
1793 #ifndef OPENSSL_NO_DH
1794 case EVP_PKEY_DH:
1795 bn = DH_get0_g(EVP_PKEY_get0_DH(ctx->p2));
1796 break;
1797 #endif
1798 #ifndef OPENSSL_NO_DSA
1799 case EVP_PKEY_DSA:
1800 bn = DSA_get0_g(EVP_PKEY_get0_DSA(ctx->p2));
1801 break;
1802 #endif
1803 }
1804
1805 return get_payload_bn(state, translation, ctx, bn);
1806 }
1807
get_payload_int(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const int val)1808 static int get_payload_int(enum state state,
1809 const struct translation_st *translation,
1810 struct translation_ctx_st *ctx,
1811 const int val)
1812 {
1813 if (ctx->params->data_type != OSSL_PARAM_INTEGER)
1814 return 0;
1815 ctx->p1 = val;
1816 ctx->p2 = NULL;
1817
1818 return default_fixup_args(state, translation, ctx);
1819 }
1820
get_ec_decoded_from_explicit_params(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1821 static int get_ec_decoded_from_explicit_params(enum state state,
1822 const struct translation_st *translation,
1823 struct translation_ctx_st *ctx)
1824 {
1825 int val = 0;
1826 EVP_PKEY *pkey = ctx->p2;
1827
1828 switch (EVP_PKEY_base_id(pkey)) {
1829 #ifndef OPENSSL_NO_EC
1830 case EVP_PKEY_EC:
1831 val = EC_KEY_decoded_from_explicit_params(EVP_PKEY_get0_EC_KEY(pkey));
1832 if (val < 0) {
1833 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY);
1834 return 0;
1835 }
1836 break;
1837 #endif
1838 default:
1839 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1840 return 0;
1841 }
1842
1843 return get_payload_int(state, translation, ctx, val);
1844 }
1845
get_rsa_payload_n(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1846 static int get_rsa_payload_n(enum state state,
1847 const struct translation_st *translation,
1848 struct translation_ctx_st *ctx)
1849 {
1850 const BIGNUM *bn = NULL;
1851
1852 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA
1853 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS)
1854 return 0;
1855 bn = RSA_get0_n(EVP_PKEY_get0_RSA(ctx->p2));
1856
1857 return get_payload_bn(state, translation, ctx, bn);
1858 }
1859
get_rsa_payload_e(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1860 static int get_rsa_payload_e(enum state state,
1861 const struct translation_st *translation,
1862 struct translation_ctx_st *ctx)
1863 {
1864 const BIGNUM *bn = NULL;
1865
1866 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA
1867 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS)
1868 return 0;
1869 bn = RSA_get0_e(EVP_PKEY_get0_RSA(ctx->p2));
1870
1871 return get_payload_bn(state, translation, ctx, bn);
1872 }
1873
get_rsa_payload_d(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1874 static int get_rsa_payload_d(enum state state,
1875 const struct translation_st *translation,
1876 struct translation_ctx_st *ctx)
1877 {
1878 const BIGNUM *bn = NULL;
1879
1880 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA
1881 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS)
1882 return 0;
1883 bn = RSA_get0_d(EVP_PKEY_get0_RSA(ctx->p2));
1884
1885 return get_payload_bn(state, translation, ctx, bn);
1886 }
1887
get_rsa_payload_factor(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,size_t factornum)1888 static int get_rsa_payload_factor(enum state state,
1889 const struct translation_st *translation,
1890 struct translation_ctx_st *ctx,
1891 size_t factornum)
1892 {
1893 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1894 const BIGNUM *bn = NULL;
1895
1896 switch (factornum) {
1897 case 0:
1898 bn = RSA_get0_p(r);
1899 break;
1900 case 1:
1901 bn = RSA_get0_q(r);
1902 break;
1903 default:
1904 {
1905 size_t pnum = RSA_get_multi_prime_extra_count(r);
1906 const BIGNUM *factors[10];
1907
1908 if (factornum - 2 < pnum
1909 && RSA_get0_multi_prime_factors(r, factors))
1910 bn = factors[factornum - 2];
1911 }
1912 break;
1913 }
1914
1915 return get_payload_bn(state, translation, ctx, bn);
1916 }
1917
get_rsa_payload_exponent(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,size_t exponentnum)1918 static int get_rsa_payload_exponent(enum state state,
1919 const struct translation_st *translation,
1920 struct translation_ctx_st *ctx,
1921 size_t exponentnum)
1922 {
1923 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1924 const BIGNUM *bn = NULL;
1925
1926 switch (exponentnum) {
1927 case 0:
1928 bn = RSA_get0_dmp1(r);
1929 break;
1930 case 1:
1931 bn = RSA_get0_dmq1(r);
1932 break;
1933 default:
1934 {
1935 size_t pnum = RSA_get_multi_prime_extra_count(r);
1936 const BIGNUM *exps[10], *coeffs[10];
1937
1938 if (exponentnum - 2 < pnum
1939 && RSA_get0_multi_prime_crt_params(r, exps, coeffs))
1940 bn = exps[exponentnum - 2];
1941 }
1942 break;
1943 }
1944
1945 return get_payload_bn(state, translation, ctx, bn);
1946 }
1947
get_rsa_payload_coefficient(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,size_t coefficientnum)1948 static int get_rsa_payload_coefficient(enum state state,
1949 const struct translation_st *translation,
1950 struct translation_ctx_st *ctx,
1951 size_t coefficientnum)
1952 {
1953 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1954 const BIGNUM *bn = NULL;
1955
1956 switch (coefficientnum) {
1957 case 0:
1958 bn = RSA_get0_iqmp(r);
1959 break;
1960 default:
1961 {
1962 size_t pnum = RSA_get_multi_prime_extra_count(r);
1963 const BIGNUM *exps[10], *coeffs[10];
1964
1965 if (coefficientnum - 1 < pnum
1966 && RSA_get0_multi_prime_crt_params(r, exps, coeffs))
1967 bn = coeffs[coefficientnum - 1];
1968 }
1969 break;
1970 }
1971
1972 return get_payload_bn(state, translation, ctx, bn);
1973 }
1974
1975 #define IMPL_GET_RSA_PAYLOAD_FACTOR(n) \
1976 static int \
1977 get_rsa_payload_f##n(enum state state, \
1978 const struct translation_st *translation, \
1979 struct translation_ctx_st *ctx) \
1980 { \
1981 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \
1982 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \
1983 return 0; \
1984 return get_rsa_payload_factor(state, translation, ctx, n - 1); \
1985 }
1986
1987 #define IMPL_GET_RSA_PAYLOAD_EXPONENT(n) \
1988 static int \
1989 get_rsa_payload_e##n(enum state state, \
1990 const struct translation_st *translation, \
1991 struct translation_ctx_st *ctx) \
1992 { \
1993 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \
1994 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \
1995 return 0; \
1996 return get_rsa_payload_exponent(state, translation, ctx, \
1997 n - 1); \
1998 }
1999
2000 #define IMPL_GET_RSA_PAYLOAD_COEFFICIENT(n) \
2001 static int \
2002 get_rsa_payload_c##n(enum state state, \
2003 const struct translation_st *translation, \
2004 struct translation_ctx_st *ctx) \
2005 { \
2006 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \
2007 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \
2008 return 0; \
2009 return get_rsa_payload_coefficient(state, translation, ctx, \
2010 n - 1); \
2011 }
2012
2013 IMPL_GET_RSA_PAYLOAD_FACTOR(1)
2014 IMPL_GET_RSA_PAYLOAD_FACTOR(2)
2015 IMPL_GET_RSA_PAYLOAD_FACTOR(3)
2016 IMPL_GET_RSA_PAYLOAD_FACTOR(4)
2017 IMPL_GET_RSA_PAYLOAD_FACTOR(5)
2018 IMPL_GET_RSA_PAYLOAD_FACTOR(6)
2019 IMPL_GET_RSA_PAYLOAD_FACTOR(7)
2020 IMPL_GET_RSA_PAYLOAD_FACTOR(8)
2021 IMPL_GET_RSA_PAYLOAD_FACTOR(9)
2022 IMPL_GET_RSA_PAYLOAD_FACTOR(10)
2023 IMPL_GET_RSA_PAYLOAD_EXPONENT(1)
2024 IMPL_GET_RSA_PAYLOAD_EXPONENT(2)
2025 IMPL_GET_RSA_PAYLOAD_EXPONENT(3)
2026 IMPL_GET_RSA_PAYLOAD_EXPONENT(4)
2027 IMPL_GET_RSA_PAYLOAD_EXPONENT(5)
2028 IMPL_GET_RSA_PAYLOAD_EXPONENT(6)
2029 IMPL_GET_RSA_PAYLOAD_EXPONENT(7)
2030 IMPL_GET_RSA_PAYLOAD_EXPONENT(8)
2031 IMPL_GET_RSA_PAYLOAD_EXPONENT(9)
2032 IMPL_GET_RSA_PAYLOAD_EXPONENT(10)
2033 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(1)
2034 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(2)
2035 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(3)
2036 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(4)
2037 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(5)
2038 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(6)
2039 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(7)
2040 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(8)
2041 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(9)
2042
fix_group_ecx(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)2043 static int fix_group_ecx(enum state state,
2044 const struct translation_st *translation,
2045 struct translation_ctx_st *ctx)
2046 {
2047 const char *value = NULL;
2048
2049 switch (state) {
2050 case PRE_PARAMS_TO_CTRL:
2051 if (!EVP_PKEY_CTX_IS_GEN_OP(ctx->pctx))
2052 return 0;
2053 ctx->action_type = OSSL_ACTION_NONE;
2054 return 1;
2055 case POST_PARAMS_TO_CTRL:
2056 if (OSSL_PARAM_get_utf8_string_ptr(ctx->params, &value) == 0 ||
2057 OPENSSL_strcasecmp(ctx->pctx->keytype, value) != 0) {
2058 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_INVALID_ARGUMENT);
2059 ctx->p1 = 0;
2060 return 0;
2061 }
2062 ctx->p1 = 1;
2063 return 1;
2064 default:
2065 return 0;
2066 }
2067 }
2068
2069 /*-
2070 * The translation table itself
2071 * ============================
2072 */
2073
2074 static const struct translation_st evp_pkey_ctx_translations[] = {
2075 /*
2076 * DistID: we pass it to the backend as an octet string,
2077 * but get it back as a pointer to an octet string.
2078 *
2079 * Note that the EVP_PKEY_CTRL_GET1_ID_LEN is purely for legacy purposes
2080 * that has no separate counterpart in OSSL_PARAM terms, since we get
2081 * the length of the DistID automatically when getting the DistID itself.
2082 */
2083 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2084 EVP_PKEY_CTRL_SET1_ID, "distid", "hexdistid",
2085 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_STRING, NULL },
2086 { OSSL_ACTION_GET, -1, -1, -1,
2087 EVP_PKEY_CTRL_GET1_ID, "distid", "hexdistid",
2088 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_PTR, NULL },
2089 { OSSL_ACTION_GET, -1, -1, -1,
2090 EVP_PKEY_CTRL_GET1_ID_LEN, NULL, NULL,
2091 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_PTR, fix_distid_len },
2092
2093 /*-
2094 * DH & DHX
2095 * ========
2096 */
2097
2098 /*
2099 * EVP_PKEY_CTRL_DH_KDF_TYPE is used both for setting and getting. The
2100 * fixup function has to handle this...
2101 */
2102 { OSSL_ACTION_NONE, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2103 EVP_PKEY_CTRL_DH_KDF_TYPE, NULL, NULL,
2104 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING,
2105 fix_dh_kdf_type },
2106 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2107 EVP_PKEY_CTRL_DH_KDF_MD, NULL, NULL,
2108 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2109 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2110 EVP_PKEY_CTRL_GET_DH_KDF_MD, NULL, NULL,
2111 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2112 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2113 EVP_PKEY_CTRL_DH_KDF_OUTLEN, NULL, NULL,
2114 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2115 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2116 EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, NULL, NULL,
2117 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2118 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2119 EVP_PKEY_CTRL_DH_KDF_UKM, NULL, NULL,
2120 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL },
2121 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2122 EVP_PKEY_CTRL_GET_DH_KDF_UKM, NULL, NULL,
2123 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL },
2124 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2125 EVP_PKEY_CTRL_DH_KDF_OID, NULL, NULL,
2126 OSSL_KDF_PARAM_CEK_ALG, OSSL_PARAM_UTF8_STRING, fix_oid },
2127 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2128 EVP_PKEY_CTRL_GET_DH_KDF_OID, NULL, NULL,
2129 OSSL_KDF_PARAM_CEK_ALG, OSSL_PARAM_UTF8_STRING, fix_oid },
2130
2131 /* DHX Keygen Parameters that are shared with DH */
2132 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN,
2133 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, "dh_paramgen_type", NULL,
2134 OSSL_PKEY_PARAM_FFC_TYPE, OSSL_PARAM_UTF8_STRING, fix_dh_paramgen_type },
2135 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN,
2136 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, "dh_paramgen_prime_len", NULL,
2137 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2138 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2139 EVP_PKEY_CTRL_DH_NID, "dh_param", NULL,
2140 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, NULL },
2141 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2142 EVP_PKEY_CTRL_DH_RFC5114, "dh_rfc5114", NULL,
2143 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid5114 },
2144
2145 /* DH Keygen Parameters that are shared with DHX */
2146 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN,
2147 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, "dh_paramgen_type", NULL,
2148 OSSL_PKEY_PARAM_FFC_TYPE, OSSL_PARAM_UTF8_STRING, fix_dh_paramgen_type },
2149 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN,
2150 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, "dh_paramgen_prime_len", NULL,
2151 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2152 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2153 EVP_PKEY_CTRL_DH_NID, "dh_param", NULL,
2154 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid },
2155 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2156 EVP_PKEY_CTRL_DH_RFC5114, "dh_rfc5114", NULL,
2157 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid5114 },
2158
2159 /* DH specific Keygen Parameters */
2160 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN,
2161 EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, "dh_paramgen_generator", NULL,
2162 OSSL_PKEY_PARAM_DH_GENERATOR, OSSL_PARAM_INTEGER, NULL },
2163
2164 /* DHX specific Keygen Parameters */
2165 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN,
2166 EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, "dh_paramgen_subprime_len", NULL,
2167 OSSL_PKEY_PARAM_FFC_QBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2168
2169 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_DERIVE,
2170 EVP_PKEY_CTRL_DH_PAD, "dh_pad", NULL,
2171 OSSL_EXCHANGE_PARAM_PAD, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2172
2173 /*-
2174 * DSA
2175 * ===
2176 */
2177 { OSSL_ACTION_SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN,
2178 EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, "dsa_paramgen_bits", NULL,
2179 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2180 { OSSL_ACTION_SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN,
2181 EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, "dsa_paramgen_q_bits", NULL,
2182 OSSL_PKEY_PARAM_FFC_QBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2183 { OSSL_ACTION_SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN,
2184 EVP_PKEY_CTRL_DSA_PARAMGEN_MD, "dsa_paramgen_md", NULL,
2185 OSSL_PKEY_PARAM_FFC_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2186
2187 /*-
2188 * EC
2189 * ==
2190 */
2191 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2192 EVP_PKEY_CTRL_EC_PARAM_ENC, "ec_param_enc", NULL,
2193 OSSL_PKEY_PARAM_EC_ENCODING, OSSL_PARAM_UTF8_STRING, fix_ec_param_enc },
2194 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2195 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, "ec_paramgen_curve", NULL,
2196 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING,
2197 fix_ec_paramgen_curve_nid },
2198 /*
2199 * EVP_PKEY_CTRL_EC_ECDH_COFACTOR and EVP_PKEY_CTRL_EC_KDF_TYPE are used
2200 * both for setting and getting. The fixup function has to handle this...
2201 */
2202 { OSSL_ACTION_NONE, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2203 EVP_PKEY_CTRL_EC_ECDH_COFACTOR, "ecdh_cofactor_mode", NULL,
2204 OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, OSSL_PARAM_INTEGER,
2205 fix_ecdh_cofactor },
2206 { OSSL_ACTION_NONE, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2207 EVP_PKEY_CTRL_EC_KDF_TYPE, NULL, NULL,
2208 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING, fix_ec_kdf_type },
2209 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2210 EVP_PKEY_CTRL_EC_KDF_MD, "ecdh_kdf_md", NULL,
2211 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2212 { OSSL_ACTION_GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2213 EVP_PKEY_CTRL_GET_EC_KDF_MD, NULL, NULL,
2214 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2215 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2216 EVP_PKEY_CTRL_EC_KDF_OUTLEN, NULL, NULL,
2217 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2218 { OSSL_ACTION_GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2219 EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, NULL, NULL,
2220 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2221 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2222 EVP_PKEY_CTRL_EC_KDF_UKM, NULL, NULL,
2223 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL },
2224 { OSSL_ACTION_GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2225 EVP_PKEY_CTRL_GET_EC_KDF_UKM, NULL, NULL,
2226 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL },
2227
2228 /*-
2229 * SM2
2230 * ==
2231 */
2232 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2233 EVP_PKEY_CTRL_EC_PARAM_ENC, "ec_param_enc", NULL,
2234 OSSL_PKEY_PARAM_EC_ENCODING, OSSL_PARAM_UTF8_STRING, fix_ec_param_enc },
2235 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2236 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, "ec_paramgen_curve", NULL,
2237 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING,
2238 fix_ec_paramgen_curve_nid },
2239 /*
2240 * EVP_PKEY_CTRL_EC_ECDH_COFACTOR and EVP_PKEY_CTRL_EC_KDF_TYPE are used
2241 * both for setting and getting. The fixup function has to handle this...
2242 */
2243 { OSSL_ACTION_NONE, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2244 EVP_PKEY_CTRL_EC_ECDH_COFACTOR, "ecdh_cofactor_mode", NULL,
2245 OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, OSSL_PARAM_INTEGER,
2246 fix_ecdh_cofactor },
2247 { OSSL_ACTION_NONE, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2248 EVP_PKEY_CTRL_EC_KDF_TYPE, NULL, NULL,
2249 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING, fix_ec_kdf_type },
2250 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2251 EVP_PKEY_CTRL_EC_KDF_MD, "ecdh_kdf_md", NULL,
2252 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2253 { OSSL_ACTION_GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2254 EVP_PKEY_CTRL_GET_EC_KDF_MD, NULL, NULL,
2255 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2256 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2257 EVP_PKEY_CTRL_EC_KDF_OUTLEN, NULL, NULL,
2258 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2259 { OSSL_ACTION_GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2260 EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, NULL, NULL,
2261 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2262 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2263 EVP_PKEY_CTRL_EC_KDF_UKM, NULL, NULL,
2264 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL },
2265 { OSSL_ACTION_GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2266 EVP_PKEY_CTRL_GET_EC_KDF_UKM, NULL, NULL,
2267 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL },
2268 /*-
2269 * RSA
2270 * ===
2271 */
2272
2273 /*
2274 * RSA padding modes are numeric with ctrls, strings with ctrl_strs,
2275 * and can be both with OSSL_PARAM. We standardise on strings here,
2276 * fix_rsa_padding_mode() does the work when the caller has a different
2277 * idea.
2278 */
2279 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2280 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2281 EVP_PKEY_CTRL_RSA_PADDING, "rsa_padding_mode", NULL,
2282 OSSL_PKEY_PARAM_PAD_MODE, OSSL_PARAM_UTF8_STRING, fix_rsa_padding_mode },
2283 { OSSL_ACTION_GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2284 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2285 EVP_PKEY_CTRL_GET_RSA_PADDING, NULL, NULL,
2286 OSSL_PKEY_PARAM_PAD_MODE, OSSL_PARAM_UTF8_STRING, fix_rsa_padding_mode },
2287
2288 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2289 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2290 EVP_PKEY_CTRL_RSA_MGF1_MD, "rsa_mgf1_md", NULL,
2291 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2292 { OSSL_ACTION_GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2293 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2294 EVP_PKEY_CTRL_GET_RSA_MGF1_MD, NULL, NULL,
2295 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2296
2297 /*
2298 * RSA-PSS saltlen is essentially numeric, but certain values can be
2299 * expressed as keywords (strings) with ctrl_str. The corresponding
2300 * OSSL_PARAM allows both forms.
2301 * fix_rsa_pss_saltlen() takes care of the distinction.
2302 */
2303 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_TYPE_SIG,
2304 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, "rsa_pss_saltlen", NULL,
2305 OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, OSSL_PARAM_UTF8_STRING,
2306 fix_rsa_pss_saltlen },
2307 { OSSL_ACTION_GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_TYPE_SIG,
2308 EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, NULL, NULL,
2309 OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, OSSL_PARAM_UTF8_STRING,
2310 fix_rsa_pss_saltlen },
2311
2312 { OSSL_ACTION_SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2313 EVP_PKEY_CTRL_RSA_OAEP_MD, "rsa_oaep_md", NULL,
2314 OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2315 { OSSL_ACTION_GET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2316 EVP_PKEY_CTRL_GET_RSA_OAEP_MD, NULL, NULL,
2317 OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2318 /*
2319 * The "rsa_oaep_label" ctrl_str expects the value to always be hex.
2320 * This is accommodated by default_fixup_args() above, which mimics that
2321 * expectation for any translation item where |ctrl_str| is NULL and
2322 * |ctrl_hexstr| is non-NULL.
2323 */
2324 { OSSL_ACTION_SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2325 EVP_PKEY_CTRL_RSA_OAEP_LABEL, NULL, "rsa_oaep_label",
2326 OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, OSSL_PARAM_OCTET_STRING, NULL },
2327 { OSSL_ACTION_GET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2328 EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, NULL, NULL,
2329 OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, OSSL_PARAM_OCTET_PTR, NULL },
2330
2331 { OSSL_ACTION_SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2332 EVP_PKEY_CTRL_RSA_IMPLICIT_REJECTION, NULL,
2333 "rsa_pkcs1_implicit_rejection",
2334 OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION, OSSL_PARAM_UNSIGNED_INTEGER,
2335 NULL },
2336
2337 { OSSL_ACTION_SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN,
2338 EVP_PKEY_CTRL_MD, "rsa_pss_keygen_md", NULL,
2339 OSSL_ALG_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2340 { OSSL_ACTION_SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN,
2341 EVP_PKEY_CTRL_RSA_MGF1_MD, "rsa_pss_keygen_mgf1_md", NULL,
2342 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2343 { OSSL_ACTION_SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN,
2344 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, "rsa_pss_keygen_saltlen", NULL,
2345 OSSL_SIGNATURE_PARAM_PSS_SALTLEN, OSSL_PARAM_INTEGER, NULL },
2346 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN,
2347 EVP_PKEY_CTRL_RSA_KEYGEN_BITS, "rsa_keygen_bits", NULL,
2348 OSSL_PKEY_PARAM_RSA_BITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2349 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN,
2350 EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, "rsa_keygen_pubexp", NULL,
2351 OSSL_PKEY_PARAM_RSA_E, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2352 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN,
2353 EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES, "rsa_keygen_primes", NULL,
2354 OSSL_PKEY_PARAM_RSA_PRIMES, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2355
2356 /*-
2357 * SipHash
2358 * ======
2359 */
2360 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2361 EVP_PKEY_CTRL_SET_DIGEST_SIZE, "digestsize", NULL,
2362 OSSL_MAC_PARAM_SIZE, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2363
2364 /*-
2365 * TLS1-PRF
2366 * ========
2367 */
2368 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2369 EVP_PKEY_CTRL_TLS_MD, "md", NULL,
2370 OSSL_KDF_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2371 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2372 EVP_PKEY_CTRL_TLS_SECRET, "secret", "hexsecret",
2373 OSSL_KDF_PARAM_SECRET, OSSL_PARAM_OCTET_STRING, NULL },
2374 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2375 EVP_PKEY_CTRL_TLS_SEED, "seed", "hexseed",
2376 OSSL_KDF_PARAM_SEED, OSSL_PARAM_OCTET_STRING, NULL },
2377
2378 /*-
2379 * HKDF
2380 * ====
2381 */
2382 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2383 EVP_PKEY_CTRL_HKDF_MD, "md", NULL,
2384 OSSL_KDF_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2385 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2386 EVP_PKEY_CTRL_HKDF_SALT, "salt", "hexsalt",
2387 OSSL_KDF_PARAM_SALT, OSSL_PARAM_OCTET_STRING, NULL },
2388 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2389 EVP_PKEY_CTRL_HKDF_KEY, "key", "hexkey",
2390 OSSL_KDF_PARAM_KEY, OSSL_PARAM_OCTET_STRING, NULL },
2391 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2392 EVP_PKEY_CTRL_HKDF_INFO, "info", "hexinfo",
2393 OSSL_KDF_PARAM_INFO, OSSL_PARAM_OCTET_STRING, NULL },
2394 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2395 EVP_PKEY_CTRL_HKDF_MODE, "mode", NULL,
2396 OSSL_KDF_PARAM_MODE, OSSL_PARAM_INTEGER, fix_hkdf_mode },
2397
2398 /*-
2399 * Scrypt
2400 * ======
2401 */
2402 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2403 EVP_PKEY_CTRL_PASS, "pass", "hexpass",
2404 OSSL_KDF_PARAM_PASSWORD, OSSL_PARAM_OCTET_STRING, NULL },
2405 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2406 EVP_PKEY_CTRL_SCRYPT_SALT, "salt", "hexsalt",
2407 OSSL_KDF_PARAM_SALT, OSSL_PARAM_OCTET_STRING, NULL },
2408 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2409 EVP_PKEY_CTRL_SCRYPT_N, "N", NULL,
2410 OSSL_KDF_PARAM_SCRYPT_N, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2411 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2412 EVP_PKEY_CTRL_SCRYPT_R, "r", NULL,
2413 OSSL_KDF_PARAM_SCRYPT_R, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2414 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2415 EVP_PKEY_CTRL_SCRYPT_P, "p", NULL,
2416 OSSL_KDF_PARAM_SCRYPT_P, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2417 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2418 EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, "maxmem_bytes", NULL,
2419 OSSL_KDF_PARAM_SCRYPT_MAXMEM, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2420
2421 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_KEYGEN | EVP_PKEY_OP_TYPE_CRYPT,
2422 EVP_PKEY_CTRL_CIPHER, NULL, NULL,
2423 OSSL_PKEY_PARAM_CIPHER, OSSL_PARAM_UTF8_STRING, fix_cipher },
2424 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_KEYGEN,
2425 EVP_PKEY_CTRL_SET_MAC_KEY, "key", "hexkey",
2426 OSSL_PKEY_PARAM_PRIV_KEY, OSSL_PARAM_OCTET_STRING, NULL },
2427
2428 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2429 EVP_PKEY_CTRL_MD, NULL, NULL,
2430 OSSL_SIGNATURE_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2431 { OSSL_ACTION_GET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2432 EVP_PKEY_CTRL_GET_MD, NULL, NULL,
2433 OSSL_SIGNATURE_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2434
2435 /*-
2436 * ECX
2437 * ===
2438 */
2439 { OSSL_ACTION_SET, EVP_PKEY_X25519, EVP_PKEY_X25519, EVP_PKEY_OP_KEYGEN, -1, NULL, NULL,
2440 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2441 { OSSL_ACTION_SET, EVP_PKEY_X25519, EVP_PKEY_X25519, EVP_PKEY_OP_PARAMGEN, -1, NULL, NULL,
2442 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2443 { OSSL_ACTION_SET, EVP_PKEY_X448, EVP_PKEY_X448, EVP_PKEY_OP_KEYGEN, -1, NULL, NULL,
2444 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2445 { OSSL_ACTION_SET, EVP_PKEY_X448, EVP_PKEY_X448, EVP_PKEY_OP_PARAMGEN, -1, NULL, NULL,
2446 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2447 };
2448
2449 static const struct translation_st evp_pkey_translations[] = {
2450 /*
2451 * The following contain no ctrls, they are exclusively here to extract
2452 * key payloads from legacy keys, using OSSL_PARAMs, and rely entirely
2453 * on |fixup_args| to pass the actual data. The |fixup_args| should
2454 * expect to get the EVP_PKEY pointer through |ctx->p2|.
2455 */
2456
2457 /* DH, DSA & EC */
2458 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2459 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING,
2460 get_payload_group_name },
2461 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2462 OSSL_PKEY_PARAM_PRIV_KEY, OSSL_PARAM_UNSIGNED_INTEGER,
2463 get_payload_private_key },
2464 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2465 OSSL_PKEY_PARAM_PUB_KEY,
2466 0 /* no data type, let get_payload_public_key() handle that */,
2467 get_payload_public_key },
2468 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2469 OSSL_PKEY_PARAM_EC_PUB_X, OSSL_PARAM_UNSIGNED_INTEGER,
2470 get_payload_public_key_ec },
2471 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2472 OSSL_PKEY_PARAM_EC_PUB_Y, OSSL_PARAM_UNSIGNED_INTEGER,
2473 get_payload_public_key_ec },
2474
2475 /* DH and DSA */
2476 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2477 OSSL_PKEY_PARAM_FFC_P, OSSL_PARAM_UNSIGNED_INTEGER,
2478 get_dh_dsa_payload_p },
2479 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2480 OSSL_PKEY_PARAM_FFC_G, OSSL_PARAM_UNSIGNED_INTEGER,
2481 get_dh_dsa_payload_g },
2482 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2483 OSSL_PKEY_PARAM_FFC_Q, OSSL_PARAM_UNSIGNED_INTEGER,
2484 get_dh_dsa_payload_q },
2485
2486 /* RSA */
2487 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2488 OSSL_PKEY_PARAM_RSA_N, OSSL_PARAM_UNSIGNED_INTEGER,
2489 get_rsa_payload_n },
2490 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2491 OSSL_PKEY_PARAM_RSA_E, OSSL_PARAM_UNSIGNED_INTEGER,
2492 get_rsa_payload_e },
2493 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2494 OSSL_PKEY_PARAM_RSA_D, OSSL_PARAM_UNSIGNED_INTEGER,
2495 get_rsa_payload_d },
2496 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2497 OSSL_PKEY_PARAM_RSA_FACTOR1, OSSL_PARAM_UNSIGNED_INTEGER,
2498 get_rsa_payload_f1 },
2499 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2500 OSSL_PKEY_PARAM_RSA_FACTOR2, OSSL_PARAM_UNSIGNED_INTEGER,
2501 get_rsa_payload_f2 },
2502 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2503 OSSL_PKEY_PARAM_RSA_FACTOR3, OSSL_PARAM_UNSIGNED_INTEGER,
2504 get_rsa_payload_f3 },
2505 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2506 OSSL_PKEY_PARAM_RSA_FACTOR4, OSSL_PARAM_UNSIGNED_INTEGER,
2507 get_rsa_payload_f4 },
2508 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2509 OSSL_PKEY_PARAM_RSA_FACTOR5, OSSL_PARAM_UNSIGNED_INTEGER,
2510 get_rsa_payload_f5 },
2511 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2512 OSSL_PKEY_PARAM_RSA_FACTOR6, OSSL_PARAM_UNSIGNED_INTEGER,
2513 get_rsa_payload_f6 },
2514 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2515 OSSL_PKEY_PARAM_RSA_FACTOR7, OSSL_PARAM_UNSIGNED_INTEGER,
2516 get_rsa_payload_f7 },
2517 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2518 OSSL_PKEY_PARAM_RSA_FACTOR8, OSSL_PARAM_UNSIGNED_INTEGER,
2519 get_rsa_payload_f8 },
2520 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2521 OSSL_PKEY_PARAM_RSA_FACTOR9, OSSL_PARAM_UNSIGNED_INTEGER,
2522 get_rsa_payload_f9 },
2523 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2524 OSSL_PKEY_PARAM_RSA_FACTOR10, OSSL_PARAM_UNSIGNED_INTEGER,
2525 get_rsa_payload_f10 },
2526 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2527 OSSL_PKEY_PARAM_RSA_EXPONENT1, OSSL_PARAM_UNSIGNED_INTEGER,
2528 get_rsa_payload_e1 },
2529 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2530 OSSL_PKEY_PARAM_RSA_EXPONENT2, OSSL_PARAM_UNSIGNED_INTEGER,
2531 get_rsa_payload_e2 },
2532 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2533 OSSL_PKEY_PARAM_RSA_EXPONENT3, OSSL_PARAM_UNSIGNED_INTEGER,
2534 get_rsa_payload_e3 },
2535 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2536 OSSL_PKEY_PARAM_RSA_EXPONENT4, OSSL_PARAM_UNSIGNED_INTEGER,
2537 get_rsa_payload_e4 },
2538 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2539 OSSL_PKEY_PARAM_RSA_EXPONENT5, OSSL_PARAM_UNSIGNED_INTEGER,
2540 get_rsa_payload_e5 },
2541 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2542 OSSL_PKEY_PARAM_RSA_EXPONENT6, OSSL_PARAM_UNSIGNED_INTEGER,
2543 get_rsa_payload_e6 },
2544 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2545 OSSL_PKEY_PARAM_RSA_EXPONENT7, OSSL_PARAM_UNSIGNED_INTEGER,
2546 get_rsa_payload_e7 },
2547 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2548 OSSL_PKEY_PARAM_RSA_EXPONENT8, OSSL_PARAM_UNSIGNED_INTEGER,
2549 get_rsa_payload_e8 },
2550 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2551 OSSL_PKEY_PARAM_RSA_EXPONENT9, OSSL_PARAM_UNSIGNED_INTEGER,
2552 get_rsa_payload_e9 },
2553 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2554 OSSL_PKEY_PARAM_RSA_EXPONENT10, OSSL_PARAM_UNSIGNED_INTEGER,
2555 get_rsa_payload_e10 },
2556 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2557 OSSL_PKEY_PARAM_RSA_COEFFICIENT1, OSSL_PARAM_UNSIGNED_INTEGER,
2558 get_rsa_payload_c1 },
2559 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2560 OSSL_PKEY_PARAM_RSA_COEFFICIENT2, OSSL_PARAM_UNSIGNED_INTEGER,
2561 get_rsa_payload_c2 },
2562 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2563 OSSL_PKEY_PARAM_RSA_COEFFICIENT3, OSSL_PARAM_UNSIGNED_INTEGER,
2564 get_rsa_payload_c3 },
2565 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2566 OSSL_PKEY_PARAM_RSA_COEFFICIENT4, OSSL_PARAM_UNSIGNED_INTEGER,
2567 get_rsa_payload_c4 },
2568 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2569 OSSL_PKEY_PARAM_RSA_COEFFICIENT5, OSSL_PARAM_UNSIGNED_INTEGER,
2570 get_rsa_payload_c5 },
2571 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2572 OSSL_PKEY_PARAM_RSA_COEFFICIENT6, OSSL_PARAM_UNSIGNED_INTEGER,
2573 get_rsa_payload_c6 },
2574 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2575 OSSL_PKEY_PARAM_RSA_COEFFICIENT7, OSSL_PARAM_UNSIGNED_INTEGER,
2576 get_rsa_payload_c7 },
2577 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2578 OSSL_PKEY_PARAM_RSA_COEFFICIENT8, OSSL_PARAM_UNSIGNED_INTEGER,
2579 get_rsa_payload_c8 },
2580 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2581 OSSL_PKEY_PARAM_RSA_COEFFICIENT9, OSSL_PARAM_UNSIGNED_INTEGER,
2582 get_rsa_payload_c9 },
2583
2584 /* EC */
2585 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2586 OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS, OSSL_PARAM_INTEGER,
2587 get_ec_decoded_from_explicit_params },
2588 };
2589
2590 static const struct translation_st *
lookup_translation(struct translation_st * tmpl,const struct translation_st * translations,size_t translations_num)2591 lookup_translation(struct translation_st *tmpl,
2592 const struct translation_st *translations,
2593 size_t translations_num)
2594 {
2595 size_t i;
2596
2597 for (i = 0; i < translations_num; i++) {
2598 const struct translation_st *item = &translations[i];
2599
2600 /*
2601 * Sanity check the translation table item.
2602 *
2603 * 1. Either both keytypes are -1, or neither of them are.
2604 * 2. TBA...
2605 */
2606 if (!ossl_assert((item->keytype1 == -1) == (item->keytype2 == -1)))
2607 continue;
2608
2609
2610 /*
2611 * Base search criteria: check that the optype and keytypes match,
2612 * if relevant. All callers must synthesise these bits somehow.
2613 */
2614 if (item->optype != -1 && (tmpl->optype & item->optype) == 0)
2615 continue;
2616 /*
2617 * This expression is stunningly simple thanks to the sanity check
2618 * above.
2619 */
2620 if (item->keytype1 != -1
2621 && tmpl->keytype1 != item->keytype1
2622 && tmpl->keytype2 != item->keytype2)
2623 continue;
2624
2625 /*
2626 * Done with the base search criteria, now we check the criteria for
2627 * the individual types of translations:
2628 * ctrl->params, ctrl_str->params, and params->ctrl
2629 */
2630 if (tmpl->ctrl_num != 0) {
2631 if (tmpl->ctrl_num != item->ctrl_num)
2632 continue;
2633 } else if (tmpl->ctrl_str != NULL) {
2634 const char *ctrl_str = NULL;
2635 const char *ctrl_hexstr = NULL;
2636
2637 /*
2638 * Search criteria that originates from a ctrl_str is only used
2639 * for setting, never for getting. Therefore, we only look at
2640 * the setter items.
2641 */
2642 if (item->action_type != OSSL_ACTION_NONE
2643 && item->action_type != OSSL_ACTION_SET)
2644 continue;
2645 /*
2646 * At least one of the ctrl cmd names must be match the ctrl
2647 * cmd name in the template.
2648 */
2649 if (item->ctrl_str != NULL
2650 && OPENSSL_strcasecmp(tmpl->ctrl_str, item->ctrl_str) == 0)
2651 ctrl_str = tmpl->ctrl_str;
2652 else if (item->ctrl_hexstr != NULL
2653 && OPENSSL_strcasecmp(tmpl->ctrl_hexstr,
2654 item->ctrl_hexstr) == 0)
2655 ctrl_hexstr = tmpl->ctrl_hexstr;
2656 else
2657 continue;
2658
2659 /* Modify the template to signal which string matched */
2660 tmpl->ctrl_str = ctrl_str;
2661 tmpl->ctrl_hexstr = ctrl_hexstr;
2662 } else if (tmpl->param_key != NULL) {
2663 /*
2664 * Search criteria that originates from an OSSL_PARAM setter or
2665 * getter.
2666 *
2667 * Ctrls were fundamentally bidirectional, with only the ctrl
2668 * command macro name implying direction (if you're lucky).
2669 * A few ctrl commands were even taking advantage of the
2670 * bidirectional nature, making the direction depend in the
2671 * value of the numeric argument.
2672 *
2673 * OSSL_PARAM functions are fundamentally different, in that
2674 * setters and getters are separated, so the data direction is
2675 * implied by the function that's used. The same OSSL_PARAM
2676 * key name can therefore be used in both directions. We must
2677 * therefore take the action type into account in this case.
2678 */
2679 if ((item->action_type != OSSL_ACTION_NONE
2680 && tmpl->action_type != item->action_type)
2681 || (item->param_key != NULL
2682 && OPENSSL_strcasecmp(tmpl->param_key,
2683 item->param_key) != 0))
2684 continue;
2685 } else {
2686 return NULL;
2687 }
2688
2689 return item;
2690 }
2691
2692 return NULL;
2693 }
2694
2695 static const struct translation_st *
lookup_evp_pkey_ctx_translation(struct translation_st * tmpl)2696 lookup_evp_pkey_ctx_translation(struct translation_st *tmpl)
2697 {
2698 return lookup_translation(tmpl, evp_pkey_ctx_translations,
2699 OSSL_NELEM(evp_pkey_ctx_translations));
2700 }
2701
2702 static const struct translation_st *
lookup_evp_pkey_translation(struct translation_st * tmpl)2703 lookup_evp_pkey_translation(struct translation_st *tmpl)
2704 {
2705 return lookup_translation(tmpl, evp_pkey_translations,
2706 OSSL_NELEM(evp_pkey_translations));
2707 }
2708
2709 /* This must ONLY be called for provider side operations */
evp_pkey_ctx_ctrl_to_param(EVP_PKEY_CTX * pctx,int keytype,int optype,int cmd,int p1,void * p2)2710 int evp_pkey_ctx_ctrl_to_param(EVP_PKEY_CTX *pctx,
2711 int keytype, int optype,
2712 int cmd, int p1, void *p2)
2713 {
2714 struct translation_ctx_st ctx = { 0, };
2715 struct translation_st tmpl = { 0, };
2716 const struct translation_st *translation = NULL;
2717 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
2718 int ret;
2719 fixup_args_fn *fixup = default_fixup_args;
2720
2721 if (keytype == -1)
2722 keytype = pctx->legacy_keytype;
2723 tmpl.ctrl_num = cmd;
2724 tmpl.keytype1 = tmpl.keytype2 = keytype;
2725 tmpl.optype = optype;
2726 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2727
2728 if (translation == NULL) {
2729 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
2730 return -2;
2731 }
2732
2733 if (pctx->pmeth != NULL
2734 && pctx->pmeth->pkey_id != translation->keytype1
2735 && pctx->pmeth->pkey_id != translation->keytype2)
2736 return -1;
2737
2738 if (translation->fixup_args != NULL)
2739 fixup = translation->fixup_args;
2740 ctx.action_type = translation->action_type;
2741 ctx.ctrl_cmd = cmd;
2742 ctx.p1 = p1;
2743 ctx.p2 = p2;
2744 ctx.pctx = pctx;
2745 ctx.params = params;
2746
2747 ret = fixup(PRE_CTRL_TO_PARAMS, translation, &ctx);
2748
2749 if (ret > 0) {
2750 switch (ctx.action_type) {
2751 default:
2752 /* fixup_args is expected to make sure this is dead code */
2753 break;
2754 case OSSL_ACTION_GET:
2755 ret = evp_pkey_ctx_get_params_strict(pctx, ctx.params);
2756 break;
2757 case OSSL_ACTION_SET:
2758 ret = evp_pkey_ctx_set_params_strict(pctx, ctx.params);
2759 break;
2760 }
2761 }
2762
2763 /*
2764 * In POST, we pass the return value as p1, allowing the fixup_args
2765 * function to affect it by changing its value.
2766 */
2767 if (ret > 0) {
2768 ctx.p1 = ret;
2769 fixup(POST_CTRL_TO_PARAMS, translation, &ctx);
2770 ret = ctx.p1;
2771 }
2772
2773 cleanup_translation_ctx(POST_CTRL_TO_PARAMS, translation, &ctx);
2774
2775 return ret;
2776 }
2777
2778 /* This must ONLY be called for provider side operations */
evp_pkey_ctx_ctrl_str_to_param(EVP_PKEY_CTX * pctx,const char * name,const char * value)2779 int evp_pkey_ctx_ctrl_str_to_param(EVP_PKEY_CTX *pctx,
2780 const char *name, const char *value)
2781 {
2782 struct translation_ctx_st ctx = { 0, };
2783 struct translation_st tmpl = { 0, };
2784 const struct translation_st *translation = NULL;
2785 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
2786 int keytype = pctx->legacy_keytype;
2787 int optype = pctx->operation == 0 ? -1 : pctx->operation;
2788 int ret;
2789 fixup_args_fn *fixup = default_fixup_args;
2790
2791 tmpl.action_type = OSSL_ACTION_SET;
2792 tmpl.keytype1 = tmpl.keytype2 = keytype;
2793 tmpl.optype = optype;
2794 tmpl.ctrl_str = name;
2795 tmpl.ctrl_hexstr = name;
2796 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2797
2798 if (translation != NULL) {
2799 if (translation->fixup_args != NULL)
2800 fixup = translation->fixup_args;
2801 ctx.action_type = translation->action_type;
2802 ctx.ishex = (tmpl.ctrl_hexstr != NULL);
2803 } else {
2804 /* String controls really only support setting */
2805 ctx.action_type = OSSL_ACTION_SET;
2806 }
2807 ctx.ctrl_str = name;
2808 ctx.p1 = (int)strlen(value);
2809 ctx.p2 = (char *)value;
2810 ctx.pctx = pctx;
2811 ctx.params = params;
2812
2813 ret = fixup(PRE_CTRL_STR_TO_PARAMS, translation, &ctx);
2814
2815 if (ret > 0) {
2816 switch (ctx.action_type) {
2817 default:
2818 /* fixup_args is expected to make sure this is dead code */
2819 break;
2820 case OSSL_ACTION_GET:
2821 /*
2822 * this is dead code, but must be present, or some compilers
2823 * will complain
2824 */
2825 break;
2826 case OSSL_ACTION_SET:
2827 ret = evp_pkey_ctx_set_params_strict(pctx, ctx.params);
2828 break;
2829 }
2830 }
2831
2832 if (ret > 0)
2833 ret = fixup(POST_CTRL_STR_TO_PARAMS, translation, &ctx);
2834
2835 cleanup_translation_ctx(CLEANUP_CTRL_STR_TO_PARAMS, translation, &ctx);
2836
2837 return ret;
2838 }
2839
2840 /* This must ONLY be called for legacy operations */
evp_pkey_ctx_setget_params_to_ctrl(EVP_PKEY_CTX * pctx,enum action action_type,OSSL_PARAM * params)2841 static int evp_pkey_ctx_setget_params_to_ctrl(EVP_PKEY_CTX *pctx,
2842 enum action action_type,
2843 OSSL_PARAM *params)
2844 {
2845 int keytype = pctx->legacy_keytype;
2846 int optype = pctx->operation == 0 ? -1 : pctx->operation;
2847
2848 for (; params != NULL && params->key != NULL; params++) {
2849 struct translation_ctx_st ctx = { 0, };
2850 struct translation_st tmpl = { 0, };
2851 const struct translation_st *translation = NULL;
2852 fixup_args_fn *fixup = default_fixup_args;
2853 int ret;
2854
2855 ctx.action_type = tmpl.action_type = action_type;
2856 tmpl.keytype1 = tmpl.keytype2 = keytype;
2857 tmpl.optype = optype;
2858 tmpl.param_key = params->key;
2859 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2860
2861 if (translation != NULL) {
2862 if (translation->fixup_args != NULL)
2863 fixup = translation->fixup_args;
2864 ctx.ctrl_cmd = translation->ctrl_num;
2865 }
2866 ctx.pctx = pctx;
2867 ctx.params = params;
2868
2869 ret = fixup(PRE_PARAMS_TO_CTRL, translation, &ctx);
2870
2871 if (ret > 0 && ctx.action_type != OSSL_ACTION_NONE)
2872 ret = EVP_PKEY_CTX_ctrl(pctx, keytype, optype,
2873 ctx.ctrl_cmd, ctx.p1, ctx.p2);
2874
2875 /*
2876 * In POST, we pass the return value as p1, allowing the fixup_args
2877 * function to put it to good use, or maybe affect it.
2878 *
2879 * NOTE: even though EVP_PKEY_CTX_ctrl return value is documented
2880 * as return positive on Success and 0 or negative on falure. There
2881 * maybe parameters (e.g. ecdh_cofactor), which actually return 0
2882 * as success value. That is why we do POST_PARAMS_TO_CTRL for 0
2883 * value as well
2884 */
2885 if (ret >= 0) {
2886 ctx.p1 = ret;
2887 fixup(POST_PARAMS_TO_CTRL, translation, &ctx);
2888 ret = ctx.p1;
2889 }
2890
2891 cleanup_translation_ctx(CLEANUP_PARAMS_TO_CTRL, translation, &ctx);
2892
2893 if (ret <= 0)
2894 return 0;
2895 }
2896 return 1;
2897 }
2898
evp_pkey_ctx_set_params_to_ctrl(EVP_PKEY_CTX * ctx,const OSSL_PARAM * params)2899 int evp_pkey_ctx_set_params_to_ctrl(EVP_PKEY_CTX *ctx, const OSSL_PARAM *params)
2900 {
2901 if (ctx->keymgmt != NULL)
2902 return 0;
2903 return evp_pkey_ctx_setget_params_to_ctrl(ctx, OSSL_ACTION_SET, (OSSL_PARAM *)params);
2904 }
2905
evp_pkey_ctx_get_params_to_ctrl(EVP_PKEY_CTX * ctx,OSSL_PARAM * params)2906 int evp_pkey_ctx_get_params_to_ctrl(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
2907 {
2908 if (ctx->keymgmt != NULL)
2909 return 0;
2910 return evp_pkey_ctx_setget_params_to_ctrl(ctx, OSSL_ACTION_GET, params);
2911 }
2912
2913 /* This must ONLY be called for legacy EVP_PKEYs */
evp_pkey_setget_params_to_ctrl(const EVP_PKEY * pkey,enum action action_type,OSSL_PARAM * params)2914 static int evp_pkey_setget_params_to_ctrl(const EVP_PKEY *pkey,
2915 enum action action_type,
2916 OSSL_PARAM *params)
2917 {
2918 int ret = 1;
2919
2920 for (; params != NULL && params->key != NULL; params++) {
2921 struct translation_ctx_st ctx = { 0, };
2922 struct translation_st tmpl = { 0, };
2923 const struct translation_st *translation = NULL;
2924 fixup_args_fn *fixup = default_fixup_args;
2925
2926 tmpl.action_type = action_type;
2927 tmpl.param_key = params->key;
2928 translation = lookup_evp_pkey_translation(&tmpl);
2929
2930 if (translation != NULL) {
2931 if (translation->fixup_args != NULL)
2932 fixup = translation->fixup_args;
2933 ctx.action_type = translation->action_type;
2934 }
2935 ctx.p2 = (void *)pkey;
2936 ctx.params = params;
2937
2938 /*
2939 * EVP_PKEY doesn't have any ctrl function, so we rely completely
2940 * on fixup_args to do the whole work. Also, we currently only
2941 * support getting.
2942 */
2943 if (!ossl_assert(translation != NULL)
2944 || !ossl_assert(translation->action_type == OSSL_ACTION_GET)
2945 || !ossl_assert(translation->fixup_args != NULL)) {
2946 return -2;
2947 }
2948
2949 ret = fixup(PKEY, translation, &ctx);
2950
2951 cleanup_translation_ctx(PKEY, translation, &ctx);
2952 }
2953 return ret;
2954 }
2955
evp_pkey_get_params_to_ctrl(const EVP_PKEY * pkey,OSSL_PARAM * params)2956 int evp_pkey_get_params_to_ctrl(const EVP_PKEY *pkey, OSSL_PARAM *params)
2957 {
2958 return evp_pkey_setget_params_to_ctrl(pkey, OSSL_ACTION_GET, params);
2959 }
2960