1 /*
2 * Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 * https://www.openssl.org/source/license.html
8 * or in the file LICENSE in the source distribution.
9 */
10
11 #include <string.h>
12 #include <openssl/asn1.h>
13 #include <openssl/asn1t.h>
14 #include <openssl/core_names.h>
15 #include <openssl/core_object.h>
16 #include <openssl/rand.h>
17 #include <openssl/provider.h>
18 #include "testutil.h"
19 #include "fake_rsaprov.h"
20 #include "internal/asn1.h"
21
22 static OSSL_FUNC_keymgmt_new_fn fake_rsa_keymgmt_new;
23 static OSSL_FUNC_keymgmt_free_fn fake_rsa_keymgmt_free;
24 static OSSL_FUNC_keymgmt_has_fn fake_rsa_keymgmt_has;
25 static OSSL_FUNC_keymgmt_query_operation_name_fn fake_rsa_keymgmt_query;
26 static OSSL_FUNC_keymgmt_import_fn fake_rsa_keymgmt_import;
27 static OSSL_FUNC_keymgmt_import_types_fn fake_rsa_keymgmt_imptypes;
28 static OSSL_FUNC_keymgmt_export_fn fake_rsa_keymgmt_export;
29 static OSSL_FUNC_keymgmt_export_types_fn fake_rsa_keymgmt_exptypes;
30 static OSSL_FUNC_keymgmt_load_fn fake_rsa_keymgmt_load;
31
32 static int has_selection;
33 static int imptypes_selection;
34 static int exptypes_selection;
35 static int query_id;
36 static int key_deleted;
37
38 unsigned fake_rsa_query_operation_name = 0;
39
40 typedef struct {
41 OSSL_LIB_CTX *libctx;
42 } PROV_FAKE_RSA_CTX;
43
44 #define PROV_FAKE_RSA_LIBCTX_OF(provctx) (((PROV_FAKE_RSA_CTX *)provctx)->libctx)
45
46 #define FAKE_RSA_STATUS_IMPORTED 1
47 #define FAKE_RSA_STATUS_GENERATED 2
48 #define FAKE_RSA_STATUS_DECODED 3
49
50 struct fake_rsa_keydata {
51 int selection;
52 int status;
53 };
54
fake_rsa_restore_store_state(void)55 void fake_rsa_restore_store_state(void)
56 {
57 key_deleted = 0;
58 }
59
fake_rsa_keymgmt_new(void * provctx)60 static void *fake_rsa_keymgmt_new(void *provctx)
61 {
62 struct fake_rsa_keydata *key;
63
64 if (!TEST_ptr(key = OPENSSL_zalloc(sizeof(struct fake_rsa_keydata))))
65 return NULL;
66
67 /* clear test globals */
68 has_selection = 0;
69 imptypes_selection = 0;
70 exptypes_selection = 0;
71 query_id = 0;
72
73 return key;
74 }
75
fake_rsa_keymgmt_free(void * keydata)76 static void fake_rsa_keymgmt_free(void *keydata)
77 {
78 OPENSSL_free(keydata);
79 }
80
fake_rsa_keymgmt_has(const void * key,int selection)81 static int fake_rsa_keymgmt_has(const void *key, int selection)
82 {
83 /* record global for checking */
84 has_selection = selection;
85
86 return 1;
87 }
88
89
fake_rsa_keymgmt_query(int id)90 static const char *fake_rsa_keymgmt_query(int id)
91 {
92 /* record global for checking */
93 query_id = id;
94
95 return fake_rsa_query_operation_name ? NULL: "RSA";
96 }
97
fake_rsa_keymgmt_import(void * keydata,int selection,const OSSL_PARAM * p)98 static int fake_rsa_keymgmt_import(void *keydata, int selection,
99 const OSSL_PARAM *p)
100 {
101 struct fake_rsa_keydata *fake_rsa_key = keydata;
102
103 /* key was imported */
104 fake_rsa_key->status = FAKE_RSA_STATUS_IMPORTED;
105
106 return 1;
107 }
108
109 static unsigned char fake_rsa_n[] =
110 "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
111 "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
112 "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
113 "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
114 "\xF5";
115
116 static unsigned char fake_rsa_e[] = "\x11";
117
118 static unsigned char fake_rsa_d[] =
119 "\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
120 "\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
121 "\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
122 "\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
123
124 static unsigned char fake_rsa_p[] =
125 "\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
126 "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
127 "\x0D";
128
129 static unsigned char fake_rsa_q[] =
130 "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
131 "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
132 "\x89";
133
134 static unsigned char fake_rsa_dmp1[] =
135 "\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
136 "\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
137
138 static unsigned char fake_rsa_dmq1[] =
139 "\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
140 "\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
141 "\x51";
142
143 static unsigned char fake_rsa_iqmp[] =
144 "\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
145 "\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
146
fake_rsa_key_params(int priv)147 OSSL_PARAM *fake_rsa_key_params(int priv)
148 {
149 if (priv) {
150 OSSL_PARAM params[] = {
151 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, fake_rsa_n,
152 sizeof(fake_rsa_n) -1),
153 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, fake_rsa_e,
154 sizeof(fake_rsa_e) -1),
155 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, fake_rsa_d,
156 sizeof(fake_rsa_d) -1),
157 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, fake_rsa_p,
158 sizeof(fake_rsa_p) -1),
159 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, fake_rsa_q,
160 sizeof(fake_rsa_q) -1),
161 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, fake_rsa_dmp1,
162 sizeof(fake_rsa_dmp1) -1),
163 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, fake_rsa_dmq1,
164 sizeof(fake_rsa_dmq1) -1),
165 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, fake_rsa_iqmp,
166 sizeof(fake_rsa_iqmp) -1),
167 OSSL_PARAM_END
168 };
169 return OSSL_PARAM_dup(params);
170 } else {
171 OSSL_PARAM params[] = {
172 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, fake_rsa_n,
173 sizeof(fake_rsa_n) -1),
174 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, fake_rsa_e,
175 sizeof(fake_rsa_e) -1),
176 OSSL_PARAM_END
177 };
178 return OSSL_PARAM_dup(params);
179 }
180 }
181
fake_rsa_keymgmt_export(void * keydata,int selection,OSSL_CALLBACK * param_callback,void * cbarg)182 static int fake_rsa_keymgmt_export(void *keydata, int selection,
183 OSSL_CALLBACK *param_callback, void *cbarg)
184 {
185 OSSL_PARAM *params = NULL;
186 int ret;
187
188 if (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY)
189 return 0;
190
191 if (!TEST_ptr(params = fake_rsa_key_params(0)))
192 return 0;
193
194 ret = param_callback(params, cbarg);
195 OSSL_PARAM_free(params);
196 return ret;
197 }
198
199 static const OSSL_PARAM fake_rsa_import_key_types[] = {
200 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0),
201 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0),
202 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, NULL, 0),
203 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0),
204 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0),
205 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0),
206 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0),
207 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0),
208 OSSL_PARAM_END
209 };
210
fake_rsa_keymgmt_imptypes(int selection)211 static const OSSL_PARAM *fake_rsa_keymgmt_imptypes(int selection)
212 {
213 /* record global for checking */
214 imptypes_selection = selection;
215
216 return fake_rsa_import_key_types;
217 }
218
219 static const OSSL_PARAM fake_rsa_export_key_types[] = {
220 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0),
221 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0),
222 OSSL_PARAM_END
223 };
224
fake_rsa_keymgmt_exptypes(int selection)225 static const OSSL_PARAM *fake_rsa_keymgmt_exptypes(int selection)
226 {
227 /* record global for checking */
228 exptypes_selection = selection;
229
230 return fake_rsa_export_key_types;
231 }
232
fake_rsa_keymgmt_load(const void * reference,size_t reference_sz)233 static void *fake_rsa_keymgmt_load(const void *reference, size_t reference_sz)
234 {
235 struct fake_rsa_keydata *key = NULL;
236
237 if (reference_sz != sizeof(key))
238 return NULL;
239
240 key = *(struct fake_rsa_keydata **)reference;
241 if (key->status != FAKE_RSA_STATUS_IMPORTED && key->status != FAKE_RSA_STATUS_DECODED)
242 return NULL;
243
244 /* detach the reference */
245 *(struct fake_rsa_keydata **)reference = NULL;
246
247 return key;
248 }
249
fake_rsa_gen_init(void * provctx,int selection,const OSSL_PARAM params[])250 static void *fake_rsa_gen_init(void *provctx, int selection,
251 const OSSL_PARAM params[])
252 {
253 unsigned char *gctx = NULL;
254
255 if (!TEST_ptr(gctx = OPENSSL_malloc(1)))
256 return NULL;
257
258 *gctx = 1;
259
260 return gctx;
261 }
262
fake_rsa_gen(void * genctx,OSSL_CALLBACK * osslcb,void * cbarg)263 static void *fake_rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
264 {
265 unsigned char *gctx = genctx;
266 static const unsigned char inited[] = { 1 };
267 struct fake_rsa_keydata *keydata;
268
269 if (!TEST_ptr(gctx)
270 || !TEST_mem_eq(gctx, sizeof(*gctx), inited, sizeof(inited)))
271 return NULL;
272
273 if (!TEST_ptr(keydata = fake_rsa_keymgmt_new(NULL)))
274 return NULL;
275
276 keydata->status = FAKE_RSA_STATUS_GENERATED;
277 return keydata;
278 }
279
fake_rsa_gen_cleanup(void * genctx)280 static void fake_rsa_gen_cleanup(void *genctx)
281 {
282 OPENSSL_free(genctx);
283 }
284
285 static const OSSL_DISPATCH fake_rsa_keymgmt_funcs[] = {
286 { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))fake_rsa_keymgmt_new },
287 { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))fake_rsa_keymgmt_free} ,
288 { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))fake_rsa_keymgmt_has },
289 { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME,
290 (void (*)(void))fake_rsa_keymgmt_query },
291 { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))fake_rsa_keymgmt_import },
292 { OSSL_FUNC_KEYMGMT_IMPORT_TYPES,
293 (void (*)(void))fake_rsa_keymgmt_imptypes },
294 { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))fake_rsa_keymgmt_export },
295 { OSSL_FUNC_KEYMGMT_EXPORT_TYPES,
296 (void (*)(void))fake_rsa_keymgmt_exptypes },
297 { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))fake_rsa_keymgmt_load },
298 { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))fake_rsa_gen_init },
299 { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))fake_rsa_gen },
300 { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))fake_rsa_gen_cleanup },
301 OSSL_DISPATCH_END
302 };
303
304 static const OSSL_ALGORITHM fake_rsa_keymgmt_algs[] = {
305 { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_keymgmt_funcs, "Fake RSA Key Management" },
306 { NULL, NULL, NULL, NULL }
307 };
308
309 static OSSL_FUNC_signature_newctx_fn fake_rsa_sig_newctx;
310 static OSSL_FUNC_signature_freectx_fn fake_rsa_sig_freectx;
311 static OSSL_FUNC_signature_sign_init_fn fake_rsa_sig_sign_init;
312 static OSSL_FUNC_signature_sign_fn fake_rsa_sig_sign;
313
fake_rsa_sig_newctx(void * provctx,const char * propq)314 static void *fake_rsa_sig_newctx(void *provctx, const char *propq)
315 {
316 unsigned char *sigctx = OPENSSL_zalloc(1);
317
318 TEST_ptr(sigctx);
319
320 return sigctx;
321 }
322
fake_rsa_sig_freectx(void * sigctx)323 static void fake_rsa_sig_freectx(void *sigctx)
324 {
325 OPENSSL_free(sigctx);
326 }
327
fake_rsa_sig_sign_init(void * ctx,void * provkey,const OSSL_PARAM params[])328 static int fake_rsa_sig_sign_init(void *ctx, void *provkey,
329 const OSSL_PARAM params[])
330 {
331 unsigned char *sigctx = ctx;
332 struct fake_rsa_keydata *keydata = provkey;
333
334 /* we must have a ctx */
335 if (!TEST_ptr(sigctx))
336 return 0;
337
338 /* we must have some initialized key */
339 if (!TEST_ptr(keydata) || !TEST_int_gt(keydata->status, 0))
340 return 0;
341
342 /* record that sign init was called */
343 *sigctx = 1;
344 return 1;
345 }
346
fake_rsa_sig_sign(void * ctx,unsigned char * sig,size_t * siglen,size_t sigsize,const unsigned char * tbs,size_t tbslen)347 static int fake_rsa_sig_sign(void *ctx, unsigned char *sig,
348 size_t *siglen, size_t sigsize,
349 const unsigned char *tbs, size_t tbslen)
350 {
351 unsigned char *sigctx = ctx;
352
353 /* we must have a ctx and init was called upon it */
354 if (!TEST_ptr(sigctx) || !TEST_int_eq(*sigctx, 1))
355 return 0;
356
357 *siglen = 256;
358 /* record that the real sign operation was called */
359 if (sig != NULL) {
360 if (!TEST_int_ge(sigsize, *siglen))
361 return 0;
362 *sigctx = 2;
363 /* produce a fake signature */
364 memset(sig, 'a', *siglen);
365 }
366
367 return 1;
368 }
369
370 #define FAKE_DGSTSGN_SIGN 0x01
371 #define FAKE_DGSTSGN_VERIFY 0x02
372 #define FAKE_DGSTSGN_UPDATED 0x04
373 #define FAKE_DGSTSGN_FINALISED 0x08
374 #define FAKE_DGSTSGN_NO_DUP 0xA0
375
fake_rsa_sig_dupctx(void * ctx)376 static void *fake_rsa_sig_dupctx(void *ctx)
377 {
378 unsigned char *sigctx = ctx;
379 unsigned char *newctx;
380
381 if ((*sigctx & FAKE_DGSTSGN_NO_DUP) != 0)
382 return NULL;
383
384 if (!TEST_ptr(newctx = OPENSSL_zalloc(1)))
385 return NULL;
386
387 *newctx = *sigctx;
388 return newctx;
389 }
390
fake_rsa_dgstsgnvfy_init(void * ctx,unsigned char type,void * provkey,const OSSL_PARAM params[])391 static int fake_rsa_dgstsgnvfy_init(void *ctx, unsigned char type,
392 void *provkey, const OSSL_PARAM params[])
393 {
394 unsigned char *sigctx = ctx;
395 struct fake_rsa_keydata *keydata = provkey;
396
397 /* we must have a ctx */
398 if (!TEST_ptr(sigctx))
399 return 0;
400
401 /* we must have some initialized key */
402 if (!TEST_ptr(keydata) || !TEST_int_gt(keydata->status, 0))
403 return 0;
404
405 /* record that sign/verify init was called */
406 *sigctx = type;
407
408 if (params) {
409 const OSSL_PARAM *p;
410 int dup;
411 p = OSSL_PARAM_locate_const(params, "NO_DUP");
412 if (p != NULL) {
413 if (OSSL_PARAM_get_int(p, &dup)) {
414 *sigctx |= FAKE_DGSTSGN_NO_DUP;
415 }
416 }
417 }
418
419 return 1;
420 }
421
fake_rsa_dgstsgn_init(void * ctx,const char * mdname,void * provkey,const OSSL_PARAM params[])422 static int fake_rsa_dgstsgn_init(void *ctx, const char *mdname,
423 void *provkey, const OSSL_PARAM params[])
424 {
425 return fake_rsa_dgstsgnvfy_init(ctx, FAKE_DGSTSGN_SIGN, provkey, params);
426 }
427
fake_rsa_dgstvfy_init(void * ctx,const char * mdname,void * provkey,const OSSL_PARAM params[])428 static int fake_rsa_dgstvfy_init(void *ctx, const char *mdname,
429 void *provkey, const OSSL_PARAM params[])
430 {
431 return fake_rsa_dgstsgnvfy_init(ctx, FAKE_DGSTSGN_VERIFY, provkey, params);
432 }
433
fake_rsa_dgstsgnvfy_update(void * ctx,const unsigned char * data,size_t datalen)434 static int fake_rsa_dgstsgnvfy_update(void *ctx, const unsigned char *data,
435 size_t datalen)
436 {
437 unsigned char *sigctx = ctx;
438
439 /* we must have a ctx */
440 if (!TEST_ptr(sigctx))
441 return 0;
442
443 if (*sigctx == 0 || (*sigctx & FAKE_DGSTSGN_FINALISED) != 0)
444 return 0;
445
446 *sigctx |= FAKE_DGSTSGN_UPDATED;
447 return 1;
448 }
449
fake_rsa_dgstsgnvfy_final(void * ctx,unsigned char * sig,size_t * siglen,size_t sigsize)450 static int fake_rsa_dgstsgnvfy_final(void *ctx, unsigned char *sig,
451 size_t *siglen, size_t sigsize)
452 {
453 unsigned char *sigctx = ctx;
454
455 /* we must have a ctx */
456 if (!TEST_ptr(sigctx))
457 return 0;
458
459 if (*sigctx == 0 || (*sigctx & FAKE_DGSTSGN_FINALISED) != 0)
460 return 0;
461
462 if ((*sigctx & FAKE_DGSTSGN_SIGN) != 0 && (siglen == NULL))
463 return 0;
464
465 if ((*sigctx & FAKE_DGSTSGN_VERIFY) != 0 && (siglen != NULL))
466 return 0;
467
468 /* this is sign op */
469 if (siglen) {
470 *siglen = 256;
471 /* record that the real sign operation was called */
472 if (sig != NULL) {
473 if (!TEST_int_ge(sigsize, *siglen))
474 return 0;
475 /* produce a fake signature */
476 memset(sig, 'a', *siglen);
477 }
478 }
479
480 /* simulate inability to duplicate context and finalise it */
481 if ((*sigctx & FAKE_DGSTSGN_NO_DUP) != 0) {
482 *sigctx |= FAKE_DGSTSGN_FINALISED;
483 }
484 return 1;
485 }
486
fake_rsa_dgstvfy_final(void * ctx,unsigned char * sig,size_t siglen)487 static int fake_rsa_dgstvfy_final(void *ctx, unsigned char *sig,
488 size_t siglen)
489 {
490 return fake_rsa_dgstsgnvfy_final(ctx, sig, NULL, siglen);
491 }
492
fake_rsa_dgstsgn(void * ctx,unsigned char * sig,size_t * siglen,size_t sigsize,const unsigned char * tbs,size_t tbslen)493 static int fake_rsa_dgstsgn(void *ctx, unsigned char *sig, size_t *siglen,
494 size_t sigsize, const unsigned char *tbs,
495 size_t tbslen)
496 {
497 if (!fake_rsa_dgstsgnvfy_update(ctx, tbs, tbslen))
498 return 0;
499
500 return fake_rsa_dgstsgnvfy_final(ctx, sig, siglen, sigsize);
501 }
502
fake_rsa_dgstvfy(void * ctx,unsigned char * sig,size_t siglen,const unsigned char * tbv,size_t tbvlen)503 static int fake_rsa_dgstvfy(void *ctx, unsigned char *sig, size_t siglen,
504 const unsigned char *tbv, size_t tbvlen)
505 {
506 if (!fake_rsa_dgstsgnvfy_update(ctx, tbv, tbvlen))
507 return 0;
508
509 return fake_rsa_dgstvfy_final(ctx, sig, siglen);
510 }
511
512 static const OSSL_DISPATCH fake_rsa_sig_funcs[] = {
513 { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))fake_rsa_sig_newctx },
514 { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))fake_rsa_sig_freectx },
515 { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))fake_rsa_sig_sign_init },
516 { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))fake_rsa_sig_sign },
517 { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))fake_rsa_sig_dupctx },
518 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT,
519 (void (*)(void))fake_rsa_dgstsgn_init },
520 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE,
521 (void (*)(void))fake_rsa_dgstsgnvfy_update },
522 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL,
523 (void (*)(void))fake_rsa_dgstsgnvfy_final },
524 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN,
525 (void (*)(void))fake_rsa_dgstsgn },
526 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT,
527 (void (*)(void))fake_rsa_dgstvfy_init },
528 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE,
529 (void (*)(void))fake_rsa_dgstsgnvfy_update },
530 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,
531 (void (*)(void))fake_rsa_dgstvfy_final },
532 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY,
533 (void (*)(void))fake_rsa_dgstvfy },
534 OSSL_DISPATCH_END
535 };
536
537 static const OSSL_ALGORITHM fake_rsa_sig_algs[] = {
538 { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_sig_funcs, "Fake RSA Signature" },
539 { NULL, NULL, NULL, NULL }
540 };
541
542 static OSSL_FUNC_store_open_fn fake_rsa_st_open;
543 static OSSL_FUNC_store_open_ex_fn fake_rsa_st_open_ex;
544 static OSSL_FUNC_store_settable_ctx_params_fn fake_rsa_st_settable_ctx_params;
545 static OSSL_FUNC_store_set_ctx_params_fn fake_rsa_st_set_ctx_params;
546 static OSSL_FUNC_store_load_fn fake_rsa_st_load;
547 static OSSL_FUNC_store_eof_fn fake_rsa_st_eof;
548 static OSSL_FUNC_store_close_fn fake_rsa_st_close;
549 static OSSL_FUNC_store_delete_fn fake_rsa_st_delete;
550
551 static const char fake_rsa_scheme[] = "fake_rsa:";
552 static const char fake_rsa_openpwtest[] = "fake_rsa:openpwtest";
553 static const char fake_rsa_prompt[] = "Fake Prompt Info";
554
fake_rsa_st_open_ex(void * provctx,const char * uri,const OSSL_PARAM params[],OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)555 static void *fake_rsa_st_open_ex(void *provctx, const char *uri,
556 const OSSL_PARAM params[],
557 OSSL_PASSPHRASE_CALLBACK *pw_cb,
558 void *pw_cbarg)
559 {
560 unsigned char *storectx = NULL;
561
562 /* First check whether the uri is ours */
563 if (strncmp(uri, fake_rsa_scheme, sizeof(fake_rsa_scheme) - 1) != 0)
564 return NULL;
565
566 if (strncmp(uri, fake_rsa_openpwtest,
567 sizeof(fake_rsa_openpwtest) - 1) == 0) {
568 const char *pw_check = FAKE_PASSPHRASE;
569 char fakepw[sizeof(FAKE_PASSPHRASE) + 1] = { 0 };
570 size_t fakepw_len = 0;
571 OSSL_PARAM pw_params[2] = {
572 OSSL_PARAM_utf8_string(OSSL_PASSPHRASE_PARAM_INFO,
573 (void *)fake_rsa_prompt,
574 sizeof(fake_rsa_prompt) - 1),
575 OSSL_PARAM_END,
576 };
577
578 if (pw_cb == NULL) {
579 return NULL;
580 }
581
582 if (!pw_cb(fakepw, sizeof(fakepw), &fakepw_len, pw_params, pw_cbarg)) {
583 TEST_info("fake_rsa_open_ex failed passphrase callback");
584 return NULL;
585 }
586 if (strncmp(pw_check, fakepw, sizeof(pw_check) - 1) != 0) {
587 TEST_info("fake_rsa_open_ex failed passphrase check");
588 return NULL;
589 }
590 }
591
592 storectx = OPENSSL_zalloc(1);
593 if (!TEST_ptr(storectx))
594 return NULL;
595
596 TEST_info("fake_rsa_open_ex called");
597
598 return storectx;
599 }
600
fake_rsa_st_open(void * provctx,const char * uri)601 static void *fake_rsa_st_open(void *provctx, const char *uri)
602 {
603 unsigned char *storectx = NULL;
604
605 storectx = fake_rsa_st_open_ex(provctx, uri, NULL, NULL, NULL);
606
607 TEST_info("fake_rsa_open called");
608
609 return storectx;
610 }
611
fake_rsa_st_settable_ctx_params(void * provctx)612 static const OSSL_PARAM *fake_rsa_st_settable_ctx_params(void *provctx)
613 {
614 static const OSSL_PARAM known_settable_ctx_params[] = {
615 OSSL_PARAM_END
616 };
617 return known_settable_ctx_params;
618 }
619
fake_rsa_st_set_ctx_params(void * loaderctx,const OSSL_PARAM params[])620 static int fake_rsa_st_set_ctx_params(void *loaderctx,
621 const OSSL_PARAM params[])
622 {
623 return 1;
624 }
625
fake_rsa_st_load(void * loaderctx,OSSL_CALLBACK * object_cb,void * object_cbarg,OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)626 static int fake_rsa_st_load(void *loaderctx,
627 OSSL_CALLBACK *object_cb, void *object_cbarg,
628 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
629 {
630 unsigned char *storectx = loaderctx;
631 OSSL_PARAM params[4];
632 int object_type = OSSL_OBJECT_PKEY;
633 struct fake_rsa_keydata *key = NULL;
634 int rv = 0;
635
636 switch (*storectx) {
637 case 0:
638 if (key_deleted == 1) {
639 *storectx = 1;
640 break;
641 }
642
643 /* Construct a new key using our keymgmt functions */
644 if (!TEST_ptr(key = fake_rsa_keymgmt_new(NULL)))
645 break;
646 if (!TEST_int_gt(fake_rsa_keymgmt_import(key, 0, NULL), 0))
647 break;
648 params[0] =
649 OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type);
650 params[1] =
651 OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
652 "RSA", 0);
653 /* The address of the key becomes the octet string */
654 params[2] =
655 OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE,
656 &key, sizeof(key));
657 params[3] = OSSL_PARAM_construct_end();
658 rv = object_cb(params, object_cbarg);
659 *storectx = 1;
660 break;
661
662 case 2:
663 TEST_info("fake_rsa_load() called in error state");
664 break;
665
666 default:
667 TEST_info("fake_rsa_load() called in eof state");
668 break;
669 }
670
671 TEST_info("fake_rsa_load called - rv: %d", rv);
672
673 if (rv == 0 && key_deleted == 0) {
674 fake_rsa_keymgmt_free(key);
675 *storectx = 2;
676 }
677 return rv;
678 }
679
fake_rsa_st_delete(void * loaderctx,const char * uri,const OSSL_PARAM params[],OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)680 static int fake_rsa_st_delete(void *loaderctx, const char *uri,
681 const OSSL_PARAM params[],
682 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
683 {
684 key_deleted = 1;
685 return 1;
686 }
687
fake_rsa_st_eof(void * loaderctx)688 static int fake_rsa_st_eof(void *loaderctx)
689 {
690 unsigned char *storectx = loaderctx;
691
692 /* just one key for now in the fake_rsa store */
693 return *storectx != 0;
694 }
695
fake_rsa_st_close(void * loaderctx)696 static int fake_rsa_st_close(void *loaderctx)
697 {
698 OPENSSL_free(loaderctx);
699 return 1;
700 }
701
702 static const OSSL_DISPATCH fake_rsa_store_funcs[] = {
703 { OSSL_FUNC_STORE_OPEN, (void (*)(void))fake_rsa_st_open },
704 { OSSL_FUNC_STORE_OPEN_EX, (void (*)(void))fake_rsa_st_open_ex },
705 { OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS,
706 (void (*)(void))fake_rsa_st_settable_ctx_params },
707 { OSSL_FUNC_STORE_SET_CTX_PARAMS, (void (*)(void))fake_rsa_st_set_ctx_params },
708 { OSSL_FUNC_STORE_LOAD, (void (*)(void))fake_rsa_st_load },
709 { OSSL_FUNC_STORE_EOF, (void (*)(void))fake_rsa_st_eof },
710 { OSSL_FUNC_STORE_CLOSE, (void (*)(void))fake_rsa_st_close },
711 { OSSL_FUNC_STORE_DELETE, (void (*)(void))fake_rsa_st_delete },
712 OSSL_DISPATCH_END,
713 };
714
715 static const OSSL_ALGORITHM fake_rsa_store_algs[] = {
716 { "fake_rsa", "provider=fake-rsa", fake_rsa_store_funcs },
717 { NULL, NULL, NULL }
718 };
719
720 struct der2key_ctx_st; /* Forward declaration */
721 typedef int check_key_fn(void *, struct der2key_ctx_st *ctx);
722 typedef void adjust_key_fn(void *, struct der2key_ctx_st *ctx);
723 typedef void free_key_fn(void *);
724 typedef void *d2i_PKCS8_fn(void **, const unsigned char **, long,
725 struct der2key_ctx_st *);
726 struct keytype_desc_st {
727 const char *keytype_name;
728 const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */
729
730 /* The input structure name */
731 const char *structure_name;
732
733 /*
734 * The EVP_PKEY_xxx type macro. Should be zero for type specific
735 * structures, non-zero when the outermost structure is PKCS#8 or
736 * SubjectPublicKeyInfo. This determines which of the function
737 * pointers below will be used.
738 */
739 int evp_type;
740
741 /* The selection mask for OSSL_FUNC_decoder_does_selection() */
742 int selection_mask;
743
744 /* For type specific decoders, we use the corresponding d2i */
745 d2i_of_void *d2i_private_key; /* From type-specific DER */
746 d2i_of_void *d2i_public_key; /* From type-specific DER */
747 d2i_of_void *d2i_key_params; /* From type-specific DER */
748 d2i_PKCS8_fn *d2i_PKCS8; /* Wrapped in a PrivateKeyInfo */
749 d2i_of_void *d2i_PUBKEY; /* Wrapped in a SubjectPublicKeyInfo */
750
751 /*
752 * For any key, we may need to check that the key meets expectations.
753 * This is useful when the same functions can decode several variants
754 * of a key.
755 */
756 check_key_fn *check_key;
757
758 /*
759 * For any key, we may need to make provider specific adjustments, such
760 * as ensure the key carries the correct library context.
761 */
762 adjust_key_fn *adjust_key;
763 /* {type}_free() */
764 free_key_fn *free_key;
765 };
766
767 /*
768 * Start blatant code steal. Alternative: Open up d2i_X509_PUBKEY_INTERNAL
769 * as per https://github.com/openssl/openssl/issues/16697 (TBD)
770 * Code from openssl/crypto/x509/x_pubkey.c as
771 * ossl_d2i_X509_PUBKEY_INTERNAL is presently not public
772 */
773 struct X509_pubkey_st {
774 X509_ALGOR *algor;
775 ASN1_BIT_STRING *public_key;
776
777 EVP_PKEY *pkey;
778
779 /* extra data for the callback, used by d2i_PUBKEY_ex */
780 OSSL_LIB_CTX *libctx;
781 char *propq;
782 };
783
784 ASN1_SEQUENCE(X509_PUBKEY_INTERNAL) = {
785 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
786 ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
787 } static_ASN1_SEQUENCE_END_name(X509_PUBKEY, X509_PUBKEY_INTERNAL)
788
789 static X509_PUBKEY *fake_rsa_d2i_X509_PUBKEY_INTERNAL(const unsigned char **pp,
790 long len, OSSL_LIB_CTX *libctx)
791 {
792 X509_PUBKEY *xpub = OPENSSL_zalloc(sizeof(*xpub));
793
794 if (xpub == NULL)
795 return NULL;
796 return (X509_PUBKEY *)ASN1_item_d2i_ex((ASN1_VALUE **)&xpub, pp, len,
797 ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL),
798 libctx, NULL);
799 }
800 /* end steal https://github.com/openssl/openssl/issues/16697 */
801
802 /*
803 * Context used for DER to key decoding.
804 */
805 struct der2key_ctx_st {
806 PROV_FAKE_RSA_CTX *provctx;
807 struct keytype_desc_st *desc;
808 /* The selection that is passed to fake_rsa_der2key_decode() */
809 int selection;
810 /* Flag used to signal that a failure is fatal */
811 unsigned int flag_fatal : 1;
812 };
813
fake_rsa_read_der(PROV_FAKE_RSA_CTX * provctx,OSSL_CORE_BIO * cin,unsigned char ** data,long * len)814 static int fake_rsa_read_der(PROV_FAKE_RSA_CTX *provctx, OSSL_CORE_BIO *cin,
815 unsigned char **data, long *len)
816 {
817 BUF_MEM *mem = NULL;
818 BIO *in = BIO_new_from_core_bio(provctx->libctx, cin);
819 int ok = (asn1_d2i_read_bio(in, &mem) >= 0);
820
821 if (ok) {
822 *data = (unsigned char *)mem->data;
823 *len = (long)mem->length;
824 OPENSSL_free(mem);
825 }
826 BIO_free(in);
827 return ok;
828 }
829
830 typedef void *key_from_pkcs8_t(const PKCS8_PRIV_KEY_INFO *p8inf,
831 OSSL_LIB_CTX *libctx, const char *propq);
fake_rsa_der2key_decode_p8(const unsigned char ** input_der,long input_der_len,struct der2key_ctx_st * ctx,key_from_pkcs8_t * key_from_pkcs8)832 static void *fake_rsa_der2key_decode_p8(const unsigned char **input_der,
833 long input_der_len, struct der2key_ctx_st *ctx,
834 key_from_pkcs8_t *key_from_pkcs8)
835 {
836 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
837 const X509_ALGOR *alg = NULL;
838 void *key = NULL;
839
840 if ((p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, input_der, input_der_len)) != NULL
841 && PKCS8_pkey_get0(NULL, NULL, NULL, &alg, p8inf)
842 && OBJ_obj2nid(alg->algorithm) == ctx->desc->evp_type)
843 key = key_from_pkcs8(p8inf, PROV_FAKE_RSA_LIBCTX_OF(ctx->provctx), NULL);
844 PKCS8_PRIV_KEY_INFO_free(p8inf);
845
846 return key;
847 }
848
fake_rsa_d2i_PUBKEY(struct fake_rsa_keydata ** a,const unsigned char ** pp,long length)849 static struct fake_rsa_keydata *fake_rsa_d2i_PUBKEY(struct fake_rsa_keydata **a,
850 const unsigned char **pp, long length)
851 {
852 struct fake_rsa_keydata *key = NULL;
853 X509_PUBKEY *xpk;
854
855 xpk = fake_rsa_d2i_X509_PUBKEY_INTERNAL(pp, length, NULL);
856 if (xpk == NULL)
857 goto err_exit;
858
859 key = fake_rsa_keymgmt_new(NULL);
860 if (key == NULL)
861 goto err_exit;
862
863 key->status = FAKE_RSA_STATUS_DECODED;
864
865 if (a != NULL) {
866 fake_rsa_keymgmt_free(*a);
867 *a = key;
868 }
869
870 err_exit:
871 X509_PUBKEY_free(xpk);
872 return key;
873 }
874
875 /* ---------------------------------------------------------------------- */
876
877 static OSSL_FUNC_decoder_freectx_fn der2key_freectx;
878 static OSSL_FUNC_decoder_decode_fn fake_rsa_der2key_decode;
879 static OSSL_FUNC_decoder_export_object_fn der2key_export_object;
880
881 static struct der2key_ctx_st *
der2key_newctx(void * provctx,struct keytype_desc_st * desc,const char * tls_name)882 der2key_newctx(void *provctx, struct keytype_desc_st *desc, const char *tls_name)
883 {
884 struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx));
885
886 if (ctx != NULL) {
887 ctx->provctx = provctx;
888 ctx->desc = desc;
889 if (desc->evp_type == 0)
890 ctx->desc->evp_type = OBJ_sn2nid(tls_name);
891 }
892 return ctx;
893 }
894
der2key_freectx(void * vctx)895 static void der2key_freectx(void *vctx)
896 {
897 struct der2key_ctx_st *ctx = vctx;
898
899 OPENSSL_free(ctx);
900 }
901
der2key_check_selection(int selection,const struct keytype_desc_st * desc)902 static int der2key_check_selection(int selection,
903 const struct keytype_desc_st *desc)
904 {
905 /*
906 * The selections are kinda sorta "levels", i.e. each selection given
907 * here is assumed to include those following.
908 */
909 int checks[] = {
910 OSSL_KEYMGMT_SELECT_PRIVATE_KEY,
911 OSSL_KEYMGMT_SELECT_PUBLIC_KEY,
912 OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
913 };
914 size_t i;
915
916 /* The decoder implementations made here support guessing */
917 if (selection == 0)
918 return 1;
919
920 for (i = 0; i < OSSL_NELEM(checks); i++) {
921 int check1 = (selection & checks[i]) != 0;
922 int check2 = (desc->selection_mask & checks[i]) != 0;
923
924 /*
925 * If the caller asked for the currently checked bit(s), return
926 * whether the decoder description says it's supported.
927 */
928 if (check1)
929 return check2;
930 }
931
932 /* This should be dead code, but just to be safe... */
933 return 0;
934 }
935
fake_rsa_der2key_decode(void * vctx,OSSL_CORE_BIO * cin,int selection,OSSL_CALLBACK * data_cb,void * data_cbarg,OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)936 static int fake_rsa_der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
937 OSSL_CALLBACK *data_cb, void *data_cbarg,
938 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
939 {
940 struct der2key_ctx_st *ctx = vctx;
941 unsigned char *der = NULL;
942 const unsigned char *derp;
943 long der_len = 0;
944 void *key = NULL;
945 int ok = 0;
946
947 ctx->selection = selection;
948 /*
949 * The caller is allowed to specify 0 as a selection mark, to have the
950 * structure and key type guessed. For type-specific structures, this
951 * is not recommended, as some structures are very similar.
952 * Note that 0 isn't the same as OSSL_KEYMGMT_SELECT_ALL, as the latter
953 * signifies a private key structure, where everything else is assumed
954 * to be present as well.
955 */
956 if (selection == 0)
957 selection = ctx->desc->selection_mask;
958 if ((selection & ctx->desc->selection_mask) == 0) {
959 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
960 return 0;
961 }
962
963 ok = fake_rsa_read_der(ctx->provctx, cin, &der, &der_len);
964 if (!ok)
965 goto next;
966
967 ok = 0; /* Assume that we fail */
968
969 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
970 derp = der;
971 if (ctx->desc->d2i_PKCS8 != NULL) {
972 key = ctx->desc->d2i_PKCS8(NULL, &derp, der_len, ctx);
973 if (ctx->flag_fatal)
974 goto end;
975 } else if (ctx->desc->d2i_private_key != NULL) {
976 key = ctx->desc->d2i_private_key(NULL, &derp, der_len);
977 }
978 if (key == NULL && ctx->selection != 0)
979 goto next;
980 }
981 if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) {
982 derp = der;
983 if (ctx->desc->d2i_PUBKEY != NULL)
984 key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len);
985 else
986 key = ctx->desc->d2i_public_key(NULL, &derp, der_len);
987 if (key == NULL && ctx->selection != 0)
988 goto next;
989 }
990 if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) {
991 derp = der;
992 if (ctx->desc->d2i_key_params != NULL)
993 key = ctx->desc->d2i_key_params(NULL, &derp, der_len);
994 if (key == NULL && ctx->selection != 0)
995 goto next;
996 }
997
998 /*
999 * Last minute check to see if this was the correct type of key. This
1000 * should never lead to a fatal error, i.e. the decoding itself was
1001 * correct, it was just an unexpected key type. This is generally for
1002 * classes of key types that have subtle variants, like RSA-PSS keys as
1003 * opposed to plain RSA keys.
1004 */
1005 if (key != NULL
1006 && ctx->desc->check_key != NULL
1007 && !ctx->desc->check_key(key, ctx)) {
1008 ctx->desc->free_key(key);
1009 key = NULL;
1010 }
1011
1012 if (key != NULL && ctx->desc->adjust_key != NULL)
1013 ctx->desc->adjust_key(key, ctx);
1014
1015 next:
1016 /*
1017 * Indicated that we successfully decoded something, or not at all.
1018 * Ending up "empty handed" is not an error.
1019 */
1020 ok = 1;
1021
1022 /*
1023 * We free memory here so it's not held up during the callback, because
1024 * we know the process is recursive and the allocated chunks of memory
1025 * add up.
1026 */
1027 OPENSSL_free(der);
1028 der = NULL;
1029
1030 if (key != NULL) {
1031 OSSL_PARAM params[4];
1032 int object_type = OSSL_OBJECT_PKEY;
1033
1034 params[0] =
1035 OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type);
1036 params[1] =
1037 OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
1038 (char *)ctx->desc->keytype_name,
1039 0);
1040 /* The address of the key becomes the octet string */
1041 params[2] =
1042 OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE,
1043 &key, sizeof(key));
1044 params[3] = OSSL_PARAM_construct_end();
1045
1046 ok = data_cb(params, data_cbarg);
1047 }
1048
1049 end:
1050 ctx->desc->free_key(key);
1051 OPENSSL_free(der);
1052
1053 return ok;
1054 }
1055
1056 static OSSL_FUNC_keymgmt_export_fn *
fake_rsa_prov_get_keymgmt_export(const OSSL_DISPATCH * fns)1057 fake_rsa_prov_get_keymgmt_export(const OSSL_DISPATCH *fns)
1058 {
1059 /* Pilfer the keymgmt dispatch table */
1060 for (; fns->function_id != 0; fns++)
1061 if (fns->function_id == OSSL_FUNC_KEYMGMT_EXPORT)
1062 return OSSL_FUNC_keymgmt_export(fns);
1063
1064 return NULL;
1065 }
1066
der2key_export_object(void * vctx,const void * reference,size_t reference_sz,OSSL_CALLBACK * export_cb,void * export_cbarg)1067 static int der2key_export_object(void *vctx,
1068 const void *reference, size_t reference_sz,
1069 OSSL_CALLBACK *export_cb, void *export_cbarg)
1070 {
1071 struct der2key_ctx_st *ctx = vctx;
1072 OSSL_FUNC_keymgmt_export_fn *export = fake_rsa_prov_get_keymgmt_export(ctx->desc->fns);
1073 void *keydata;
1074
1075 if (reference_sz == sizeof(keydata) && export != NULL) {
1076 /* The contents of the reference is the address to our object */
1077 keydata = *(void **)reference;
1078
1079 return export(keydata, ctx->selection, export_cb, export_cbarg);
1080 }
1081 return 0;
1082 }
1083
1084 /* ---------------------------------------------------------------------- */
1085
fake_rsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO * p8inf,OSSL_LIB_CTX * libctx,const char * propq)1086 static struct fake_rsa_keydata *fake_rsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
1087 OSSL_LIB_CTX *libctx, const char *propq)
1088 {
1089 struct fake_rsa_keydata *key = fake_rsa_keymgmt_new(NULL);
1090
1091 if (key)
1092 key->status = FAKE_RSA_STATUS_DECODED;
1093 return key;
1094 }
1095
1096 #define rsa_evp_type EVP_PKEY_RSA
1097
fake_rsa_d2i_PKCS8(void ** key,const unsigned char ** der,long der_len,struct der2key_ctx_st * ctx)1098 static void *fake_rsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len,
1099 struct der2key_ctx_st *ctx)
1100 {
1101 return fake_rsa_der2key_decode_p8(der, der_len, ctx,
1102 (key_from_pkcs8_t *)fake_rsa_key_from_pkcs8);
1103 }
1104
fake_rsa_key_adjust(void * key,struct der2key_ctx_st * ctx)1105 static void fake_rsa_key_adjust(void *key, struct der2key_ctx_st *ctx)
1106 {
1107 }
1108
1109 /* ---------------------------------------------------------------------- */
1110
1111 #define DO_PrivateKeyInfo(keytype) \
1112 "PrivateKeyInfo", keytype##_evp_type, \
1113 (OSSL_KEYMGMT_SELECT_PRIVATE_KEY), \
1114 NULL, \
1115 NULL, \
1116 NULL, \
1117 fake_rsa_d2i_PKCS8, \
1118 NULL, \
1119 NULL, \
1120 fake_rsa_key_adjust, \
1121 (free_key_fn *)fake_rsa_keymgmt_free
1122
1123 #define DO_SubjectPublicKeyInfo(keytype) \
1124 "SubjectPublicKeyInfo", keytype##_evp_type, \
1125 (OSSL_KEYMGMT_SELECT_PUBLIC_KEY), \
1126 NULL, \
1127 NULL, \
1128 NULL, \
1129 NULL, \
1130 (d2i_of_void *)fake_rsa_d2i_PUBKEY, \
1131 NULL, \
1132 fake_rsa_key_adjust, \
1133 (free_key_fn *)fake_rsa_keymgmt_free
1134
1135 /*
1136 * MAKE_DECODER is the single driver for creating OSSL_DISPATCH tables.
1137 * It takes the following arguments:
1138 *
1139 * keytype_name The implementation key type as a string.
1140 * keytype The implementation key type. This must correspond exactly
1141 * to our existing keymgmt keytype names... in other words,
1142 * there must exist an ossl_##keytype##_keymgmt_functions.
1143 * type The type name for the set of functions that implement the
1144 * decoder for the key type. This isn't necessarily the same
1145 * as keytype. For example, the key types ed25519, ed448,
1146 * x25519 and x448 are all handled by the same functions with
1147 * the common type name ecx.
1148 * kind The kind of support to implement. This translates into
1149 * the DO_##kind macros above, to populate the keytype_desc_st
1150 * structure.
1151 */
1152 #define MAKE_DECODER(keytype_name, keytype, type, kind) \
1153 static struct keytype_desc_st kind##_##keytype##_desc = \
1154 { keytype_name, fake_rsa_keymgmt_funcs, \
1155 DO_##kind(keytype) }; \
1156 \
1157 static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \
1158 \
1159 static void *kind##_der2##keytype##_newctx(void *provctx) \
1160 { \
1161 return der2key_newctx(provctx, &kind##_##keytype##_desc, keytype_name);\
1162 } \
1163 static int kind##_der2##keytype##_does_selection(void *provctx, \
1164 int selection) \
1165 { \
1166 return der2key_check_selection(selection, \
1167 &kind##_##keytype##_desc); \
1168 } \
1169 static const OSSL_DISPATCH \
1170 fake_rsa_##kind##_der_to_##keytype##_decoder_functions[] = { \
1171 { OSSL_FUNC_DECODER_NEWCTX, \
1172 (void (*)(void))kind##_der2##keytype##_newctx }, \
1173 { OSSL_FUNC_DECODER_FREECTX, \
1174 (void (*)(void))der2key_freectx }, \
1175 { OSSL_FUNC_DECODER_DOES_SELECTION, \
1176 (void (*)(void))kind##_der2##keytype##_does_selection }, \
1177 { OSSL_FUNC_DECODER_DECODE, \
1178 (void (*)(void))fake_rsa_der2key_decode }, \
1179 { OSSL_FUNC_DECODER_EXPORT_OBJECT, \
1180 (void (*)(void))der2key_export_object }, \
1181 OSSL_DISPATCH_END \
1182 }
1183
1184 MAKE_DECODER("RSA", rsa, rsa, PrivateKeyInfo);
1185 MAKE_DECODER("RSA", rsa, rsa, SubjectPublicKeyInfo);
1186
1187 static const OSSL_ALGORITHM fake_rsa_decoder_algs[] = {
1188 #define DECODER_PROVIDER "fake-rsa"
1189 #define DECODER_STRUCTURE_SubjectPublicKeyInfo "SubjectPublicKeyInfo"
1190 #define DECODER_STRUCTURE_PrivateKeyInfo "PrivateKeyInfo"
1191
1192 /* Arguments are prefixed with '_' to avoid build breaks on certain platforms */
1193 /*
1194 * Obviously this is not FIPS approved, but in order to test in conjunction
1195 * with the FIPS provider we pretend that it is.
1196 */
1197
1198 #define DECODER(_name, _input, _output) \
1199 { _name, \
1200 "provider=" DECODER_PROVIDER ",fips=yes,input=" #_input, \
1201 (fake_rsa_##_input##_to_##_output##_decoder_functions) \
1202 }
1203 #define DECODER_w_structure(_name, _input, _structure, _output) \
1204 { _name, \
1205 "provider=" DECODER_PROVIDER ",fips=yes,input=" #_input \
1206 ",structure=" DECODER_STRUCTURE_##_structure, \
1207 (fake_rsa_##_structure##_##_input##_to_##_output##_decoder_functions) \
1208 }
1209
1210 DECODER_w_structure("RSA:rsaEncryption", der, PrivateKeyInfo, rsa),
1211 DECODER_w_structure("RSA:rsaEncryption", der, SubjectPublicKeyInfo, rsa),
1212 #undef DECODER_PROVIDER
1213 { NULL, NULL, NULL }
1214 };
1215
fake_rsa_query(void * provctx,int operation_id,int * no_cache)1216 static const OSSL_ALGORITHM *fake_rsa_query(void *provctx,
1217 int operation_id,
1218 int *no_cache)
1219 {
1220 *no_cache = 0;
1221 switch (operation_id) {
1222 case OSSL_OP_SIGNATURE:
1223 return fake_rsa_sig_algs;
1224
1225 case OSSL_OP_KEYMGMT:
1226 return fake_rsa_keymgmt_algs;
1227
1228 case OSSL_OP_STORE:
1229 return fake_rsa_store_algs;
1230
1231 case OSSL_OP_DECODER:
1232 return fake_rsa_decoder_algs;
1233 }
1234 return NULL;
1235 }
1236
fake_rsa_prov_teardown(void * provctx)1237 static void fake_rsa_prov_teardown(void *provctx)
1238 {
1239 PROV_FAKE_RSA_CTX *pctx = (PROV_FAKE_RSA_CTX *)provctx;
1240
1241 OSSL_LIB_CTX_free(pctx->libctx);
1242 OPENSSL_free(pctx);
1243 }
1244
1245 /* Functions we provide to the core */
1246 static const OSSL_DISPATCH fake_rsa_method[] = {
1247 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fake_rsa_prov_teardown },
1248 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fake_rsa_query },
1249 OSSL_DISPATCH_END
1250 };
1251
fake_rsa_provider_init(const OSSL_CORE_HANDLE * handle,const OSSL_DISPATCH * in,const OSSL_DISPATCH ** out,void ** provctx)1252 static int fake_rsa_provider_init(const OSSL_CORE_HANDLE *handle,
1253 const OSSL_DISPATCH *in,
1254 const OSSL_DISPATCH **out, void **provctx)
1255 {
1256 OSSL_LIB_CTX *libctx;
1257 PROV_FAKE_RSA_CTX *prov_ctx;
1258
1259 if (!TEST_ptr(libctx = OSSL_LIB_CTX_new_from_dispatch(handle, in)))
1260 return 0;
1261
1262 if (!TEST_ptr(prov_ctx = OPENSSL_malloc(sizeof(*prov_ctx)))) {
1263 OSSL_LIB_CTX_free(libctx);
1264 return 0;
1265 }
1266
1267 prov_ctx->libctx = libctx;
1268
1269 *provctx = prov_ctx;
1270 *out = fake_rsa_method;
1271 return 1;
1272 }
1273
fake_rsa_start(OSSL_LIB_CTX * libctx)1274 OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx)
1275 {
1276 OSSL_PROVIDER *p;
1277
1278 if (!TEST_true(OSSL_PROVIDER_add_builtin(libctx, "fake-rsa",
1279 fake_rsa_provider_init))
1280 || !TEST_ptr(p = OSSL_PROVIDER_try_load(libctx, "fake-rsa", 1)))
1281 return NULL;
1282
1283 return p;
1284 }
1285
fake_rsa_finish(OSSL_PROVIDER * p)1286 void fake_rsa_finish(OSSL_PROVIDER *p)
1287 {
1288 OSSL_PROVIDER_unload(p);
1289 }
1290