1 /*
2 * Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * Some ctrls depend on deprecated functionality. We trust that this is
12 * functionality that remains internally even when 'no-deprecated' is
13 * configured. When we drop #legacy EVP_PKEYs, this source should be
14 * possible to drop as well.
15 */
16 #include "internal/deprecated.h"
17
18 #include <string.h>
19
20 /* The following includes get us all the EVP_PKEY_CTRL macros */
21 #include <openssl/dh.h>
22 #include <openssl/dsa.h>
23 #include <openssl/ec.h>
24 #include <openssl/rsa.h>
25 #include <openssl/kdf.h>
26
27 /* This include gets us all the OSSL_PARAM key string macros */
28 #include <openssl/core_names.h>
29
30 #include <openssl/err.h>
31 #include <openssl/evperr.h>
32 #include <openssl/params.h>
33 #include "internal/nelem.h"
34 #include "internal/cryptlib.h"
35 #include "internal/ffc.h"
36 #include "crypto/evp.h"
37 #include "crypto/dh.h"
38 #include "crypto/ec.h"
39
40 struct translation_ctx_st; /* Forwarding */
41 struct translation_st; /* Forwarding */
42
43 /*
44 * The fixup_args functions are called with the following parameters:
45 *
46 * |state| The state we're called in, explained further at the
47 * end of this comment.
48 * |translation| The translation item, to be pilfered for data as
49 * necessary.
50 * |ctx| The translation context, which contains copies of
51 * the following arguments, applicable according to
52 * the caller. All of the attributes in this context
53 * may be freely modified by the fixup_args function.
54 * For cleanup, call cleanup_translation_ctx().
55 *
56 * The |state| tells the fixup_args function something about the caller and
57 * what they may expect:
58 *
59 * PKEY The fixup_args function has been called
60 * from an EVP_PKEY payload getter / setter,
61 * and is fully responsible for getting or
62 * setting the requested data. With this
63 * state, the fixup_args function is expected
64 * to use or modify |*params|, depending on
65 * |action_type|.
66 *
67 * PRE_CTRL_TO_PARAMS The fixup_args function has been called
68 * POST_CTRL_TO_PARAMS from EVP_PKEY_CTX_ctrl(), to help with
69 * translating the ctrl data to an OSSL_PARAM
70 * element or back. The calling sequence is
71 * as follows:
72 *
73 * 1. fixup_args(PRE_CTRL_TO_PARAMS, ...)
74 * 2. EVP_PKEY_CTX_set_params() or
75 * EVP_PKEY_CTX_get_params()
76 * 3. fixup_args(POST_CTRL_TO_PARAMS, ...)
77 *
78 * With the PRE_CTRL_TO_PARAMS state, the
79 * fixup_args function is expected to modify
80 * the passed |*params| in whatever way
81 * necessary, when |action_type == OSSL_ACTION_SET|.
82 * With the POST_CTRL_TO_PARAMS state, the
83 * fixup_args function is expected to modify
84 * the passed |p2| in whatever way necessary,
85 * when |action_type == OSSL_ACTION_GET|.
86 *
87 * The return value from the fixup_args call
88 * with the POST_CTRL_TO_PARAMS state becomes
89 * the return value back to EVP_PKEY_CTX_ctrl().
90 *
91 * CLEANUP_CTRL_TO_PARAMS The cleanup_args functions has been called
92 * from EVP_PKEY_CTX_ctrl(), to clean up what
93 * the fixup_args function has done, if needed.
94 *
95 *
96 * PRE_CTRL_STR_TO_PARAMS The fixup_args function has been called
97 * POST_CTRL_STR_TO_PARAMS from EVP_PKEY_CTX_ctrl_str(), to help with
98 * translating the ctrl_str data to an
99 * OSSL_PARAM element or back. The calling
100 * sequence is as follows:
101 *
102 * 1. fixup_args(PRE_CTRL_STR_TO_PARAMS, ...)
103 * 2. EVP_PKEY_CTX_set_params() or
104 * EVP_PKEY_CTX_get_params()
105 * 3. fixup_args(POST_CTRL_STR_TO_PARAMS, ...)
106 *
107 * With the PRE_CTRL_STR_TO_PARAMS state,
108 * the fixup_args function is expected to
109 * modify the passed |*params| in whatever
110 * way necessary, when |action_type == OSSL_ACTION_SET|.
111 * With the POST_CTRL_STR_TO_PARAMS state,
112 * the fixup_args function is only expected
113 * to return a value.
114 *
115 * CLEANUP_CTRL_STR_TO_PARAMS The cleanup_args functions has been called
116 * from EVP_PKEY_CTX_ctrl_str(), to clean up
117 * what the fixup_args function has done, if
118 * needed.
119 *
120 * PRE_PARAMS_TO_CTRL The fixup_args function has been called
121 * POST_PARAMS_TO_CTRL from EVP_PKEY_CTX_get_params() or
122 * EVP_PKEY_CTX_set_params(), to help with
123 * translating the OSSL_PARAM data to the
124 * corresponding EVP_PKEY_CTX_ctrl() arguments
125 * or the other way around. The calling
126 * sequence is as follows:
127 *
128 * 1. fixup_args(PRE_PARAMS_TO_CTRL, ...)
129 * 2. EVP_PKEY_CTX_ctrl()
130 * 3. fixup_args(POST_PARAMS_TO_CTRL, ...)
131 *
132 * With the PRE_PARAMS_TO_CTRL state, the
133 * fixup_args function is expected to modify
134 * the passed |p1| and |p2| in whatever way
135 * necessary, when |action_type == OSSL_ACTION_SET|.
136 * With the POST_PARAMS_TO_CTRL state, the
137 * fixup_args function is expected to
138 * modify the passed |*params| in whatever
139 * way necessary, when |action_type == OSSL_ACTION_GET|.
140 *
141 * CLEANUP_PARAMS_TO_CTRL The cleanup_args functions has been called
142 * from EVP_PKEY_CTX_get_params() or
143 * EVP_PKEY_CTX_set_params(), to clean up what
144 * the fixup_args function has done, if needed.
145 */
146 enum state {
147 PKEY,
148 PRE_CTRL_TO_PARAMS,
149 POST_CTRL_TO_PARAMS,
150 CLEANUP_CTRL_TO_PARAMS,
151 PRE_CTRL_STR_TO_PARAMS,
152 POST_CTRL_STR_TO_PARAMS,
153 CLEANUP_CTRL_STR_TO_PARAMS,
154 PRE_PARAMS_TO_CTRL,
155 POST_PARAMS_TO_CTRL,
156 CLEANUP_PARAMS_TO_CTRL
157 };
158 enum action {
159 OSSL_ACTION_NONE = 0,
160 OSSL_ACTION_GET = 1,
161 OSSL_ACTION_SET = 2
162 };
163 typedef int fixup_args_fn(enum state state,
164 const struct translation_st *translation,
165 struct translation_ctx_st *ctx);
166 typedef int cleanup_args_fn(enum state state,
167 const struct translation_st *translation,
168 struct translation_ctx_st *ctx);
169
170 struct translation_ctx_st {
171 /*
172 * The EVP_PKEY_CTX, for calls on that structure, to be pilfered for data
173 * as necessary.
174 */
175 EVP_PKEY_CTX *pctx;
176 /*
177 * The action type (OSSL_ACTION_GET or OSSL_ACTION_SET). This may be 0 in some cases, and should
178 * be modified by the fixup_args function in the PRE states. It should
179 * otherwise remain untouched once set.
180 */
181 enum action action_type;
182 /*
183 * For ctrl to params translation, the actual ctrl command number used.
184 * For params to ctrl translation, 0.
185 */
186 int ctrl_cmd;
187 /*
188 * For ctrl_str to params translation, the actual ctrl command string
189 * used. In this case, the (string) value is always passed as |p2|.
190 * For params to ctrl translation, this is NULL. Along with it is also
191 * and indicator whether it matched |ctrl_str| or |ctrl_hexstr| in the
192 * translation item.
193 */
194 const char *ctrl_str;
195 int ishex;
196 /* the ctrl-style int argument. */
197 int p1;
198 /* the ctrl-style void* argument. */
199 void *p2;
200 /* a size, for passing back the |p2| size where applicable */
201 size_t sz;
202 /* pointer to the OSSL_PARAM-style params array. */
203 OSSL_PARAM *params;
204
205 /*-
206 * The following are used entirely internally by the fixup_args functions
207 * and should not be touched by the callers, at all.
208 */
209
210 /*
211 * Copy of the ctrl-style void* argument, if the fixup_args function
212 * needs to manipulate |p2| but wants to remember original.
213 */
214 void *orig_p2;
215 /* Diverse types of storage for the needy. */
216 char name_buf[OSSL_MAX_NAME_SIZE];
217 void *allocated_buf;
218 void *bufp;
219 size_t buflen;
220 };
221
222 struct translation_st {
223 /*-
224 * What this table item does.
225 *
226 * If the item has this set to 0, it means that both OSSL_ACTION_GET and OSSL_ACTION_SET are
227 * supported, and |fixup_args| will determine which it is. This is to
228 * support translations of ctrls where the action type depends on the
229 * value of |p1| or |p2| (ctrls are really bi-directional, but are
230 * seldom used that way).
231 *
232 * This can be also used in the lookup template when it looks up by
233 * OSSL_PARAM key, to indicate if a setter or a getter called.
234 */
235 enum action action_type;
236
237 /*-
238 * Conditions, for params->ctrl translations.
239 *
240 * In table item, |keytype1| and |keytype2| can be set to -1 to indicate
241 * that this item supports all key types (or rather, that |fixup_args|
242 * will check and return an error if it's not supported).
243 * Any of these may be set to 0 to indicate that they are unset.
244 */
245 int keytype1; /* The EVP_PKEY_XXX type, i.e. NIDs. #legacy */
246 int keytype2; /* Another EVP_PKEY_XXX type, used for aliases */
247 int optype; /* The operation type */
248
249 /*
250 * Lookup and translation attributes
251 *
252 * |ctrl_num|, |ctrl_str|, |ctrl_hexstr| and |param_key| are lookup
253 * attributes.
254 *
255 * |ctrl_num| may be 0 or that |param_key| may be NULL in the table item,
256 * but not at the same time. If they are, they are simply not used for
257 * lookup.
258 * When |ctrl_num| == 0, no ctrl will be called. Likewise, when
259 * |param_key| == NULL, no OSSL_PARAM setter/getter will be called.
260 * In that case the treatment of the translation item relies entirely on
261 * |fixup_args|, which is then assumed to have side effects.
262 *
263 * As a special case, it's possible to set |ctrl_hexstr| and assign NULL
264 * to |ctrl_str|. That will signal to default_fixup_args() that the
265 * value must always be interpreted as hex.
266 */
267 int ctrl_num; /* EVP_PKEY_CTRL_xxx */
268 const char *ctrl_str; /* The corresponding ctrl string */
269 const char *ctrl_hexstr; /* The alternative "hex{str}" ctrl string */
270 const char *param_key; /* The corresponding OSSL_PARAM key */
271 /*
272 * The appropriate OSSL_PARAM data type. This may be 0 to indicate that
273 * this OSSL_PARAM may have more than one data type, depending on input
274 * material. In this case, |fixup_args| is expected to check and handle
275 * it.
276 */
277 unsigned int param_data_type;
278
279 /*
280 * Fixer functions
281 *
282 * |fixup_args| is always called before (for OSSL_ACTION_SET) or after (for OSSL_ACTION_GET)
283 * the actual ctrl / OSSL_PARAM function.
284 */
285 fixup_args_fn *fixup_args;
286 };
287
288 /*-
289 * Fixer function implementations
290 * ==============================
291 */
292
293 /*
294 * default_check isn't a fixer per se, but rather a helper function to
295 * perform certain standard checks.
296 */
default_check(enum state state,const struct translation_st * translation,const struct translation_ctx_st * ctx)297 static int default_check(enum state state,
298 const struct translation_st *translation,
299 const struct translation_ctx_st *ctx)
300 {
301 switch (state) {
302 default:
303 break;
304 case PRE_CTRL_TO_PARAMS:
305 if (!ossl_assert(translation != NULL)) {
306 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
307 return -2;
308 }
309 if (!ossl_assert(translation->param_key != 0)
310 || !ossl_assert(translation->param_data_type != 0)) {
311 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
312 return -1;
313 }
314 break;
315 case PRE_CTRL_STR_TO_PARAMS:
316 /*
317 * For ctrl_str to params translation, we allow direct use of
318 * OSSL_PARAM keys as ctrl_str keys. Therefore, it's possible that
319 * we end up with |translation == NULL|, which is fine. The fixup
320 * function will have to deal with it carefully.
321 */
322 if (translation != NULL) {
323 if (!ossl_assert(translation->action_type != OSSL_ACTION_GET)) {
324 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
325 return -2;
326 }
327 if (!ossl_assert(translation->param_key != NULL)
328 || !ossl_assert(translation->param_data_type != 0)) {
329 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
330 return 0;
331 }
332 }
333 break;
334 case PRE_PARAMS_TO_CTRL:
335 case POST_PARAMS_TO_CTRL:
336 if (!ossl_assert(translation != NULL)) {
337 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
338 return -2;
339 }
340 if (!ossl_assert(translation->ctrl_num != 0)
341 || !ossl_assert(translation->param_data_type != 0)) {
342 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
343 return -1;
344 }
345 }
346
347 /* Nothing else to check */
348 return 1;
349 }
350
351 /*-
352 * default_fixup_args fixes up all sorts of arguments, governed by the
353 * diverse attributes in the translation item. It covers all "standard"
354 * base ctrl functionality, meaning it can handle basic conversion of
355 * data between p1+p2 (OSSL_ACTION_SET) or return value+p2 (OSSL_ACTION_GET) as long as the values
356 * don't have extra semantics (such as NIDs, OIDs, that sort of stuff).
357 * Extra semantics must be handled via specific fixup_args functions.
358 *
359 * The following states and action type combinations have standard handling
360 * done in this function:
361 *
362 * PRE_CTRL_TO_PARAMS, 0 - ERROR. action type must be
363 * determined by a fixup function.
364 * PRE_CTRL_TO_PARAMS, OSSL_ACTION_SET
365 * | OSSL_ACTION_GET - |p1| and |p2| are converted to an
366 * OSSL_PARAM according to the data
367 * type given in |translattion|.
368 * For OSSL_PARAM_UNSIGNED_INTEGER,
369 * a BIGNUM passed as |p2| is accepted.
370 * POST_CTRL_TO_PARAMS, OSSL_ACTION_GET - If the OSSL_PARAM data type is a
371 * STRING or PTR type, |p1| is set
372 * to the OSSL_PARAM return size, and
373 * |p2| is set to the string.
374 * PRE_CTRL_STR_TO_PARAMS,
375 * !OSSL_ACTION_SET - ERROR. That combination is not
376 * supported.
377 * PRE_CTRL_STR_TO_PARAMS,
378 * OSSL_ACTION_SET - |p2| is taken as a string, and is
379 * converted to an OSSL_PARAM in a
380 * standard manner, guided by the
381 * param key and data type from
382 * |translation|.
383 * PRE_PARAMS_TO_CTRL, OSSL_ACTION_SET - the OSSL_PARAM is converted to
384 * |p1| and |p2| according to the
385 * data type given in |translation|
386 * For OSSL_PARAM_UNSIGNED_INTEGER,
387 * if |p2| is non-NULL, then |*p2|
388 * is assigned a BIGNUM, otherwise
389 * |p1| is assigned an unsigned int.
390 * POST_PARAMS_TO_CTRL, OSSL_ACTION_GET - |p1| and |p2| are converted to
391 * an OSSL_PARAM, in the same manner
392 * as for the combination of
393 * PRE_CTRL_TO_PARAMS, OSSL_ACTION_SET.
394 */
default_fixup_args(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)395 static int default_fixup_args(enum state state,
396 const struct translation_st *translation,
397 struct translation_ctx_st *ctx)
398 {
399 int ret;
400
401 if ((ret = default_check(state, translation, ctx)) <= 0)
402 return ret;
403
404 switch (state) {
405 default:
406 /* For states this function should never have been called with */
407 ERR_raise_data(ERR_LIB_EVP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
408 "[action:%d, state:%d]", ctx->action_type, state);
409 return 0;
410
411 /*
412 * PRE_CTRL_TO_PARAMS and POST_CTRL_TO_PARAMS handle ctrl to params
413 * translations. PRE_CTRL_TO_PARAMS is responsible for preparing
414 * |*params|, and POST_CTRL_TO_PARAMS is responsible for bringing the
415 * result back to |*p2| and the return value.
416 */
417 case PRE_CTRL_TO_PARAMS:
418 /* This is ctrl to params translation, so we need an OSSL_PARAM key */
419 if (ctx->action_type == OSSL_ACTION_NONE) {
420 /*
421 * No action type is an error here. That's a case for a
422 * special fixup function.
423 */
424 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
425 "[action:%d, state:%d]", ctx->action_type, state);
426 return 0;
427 }
428
429 if (translation->optype != 0) {
430 if ((EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx)
431 && ctx->pctx->op.sig.algctx == NULL)
432 || (EVP_PKEY_CTX_IS_DERIVE_OP(ctx->pctx)
433 && ctx->pctx->op.kex.algctx == NULL)
434 || (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx->pctx)
435 && ctx->pctx->op.ciph.algctx == NULL)
436 || (EVP_PKEY_CTX_IS_KEM_OP(ctx->pctx)
437 && ctx->pctx->op.encap.algctx == NULL)
438 /*
439 * The following may be unnecessary, but we have them
440 * for good measure...
441 */
442 || (EVP_PKEY_CTX_IS_GEN_OP(ctx->pctx)
443 && ctx->pctx->op.keymgmt.genctx == NULL)
444 || (EVP_PKEY_CTX_IS_FROMDATA_OP(ctx->pctx)
445 && ctx->pctx->op.keymgmt.genctx == NULL)) {
446 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
447 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
448 return -2;
449 }
450 }
451
452 /*
453 * OSSL_PARAM_construct_TYPE() works equally well for OSSL_ACTION_SET and OSSL_ACTION_GET.
454 */
455 switch (translation->param_data_type) {
456 case OSSL_PARAM_INTEGER:
457 *ctx->params = OSSL_PARAM_construct_int(translation->param_key,
458 &ctx->p1);
459 break;
460 case OSSL_PARAM_UNSIGNED_INTEGER:
461 /*
462 * BIGNUMs are passed via |p2|. For all ctrl's that just want
463 * to pass a simple integer via |p1|, |p2| is expected to be
464 * NULL.
465 *
466 * Note that this allocates a buffer, which the cleanup function
467 * must deallocate.
468 */
469 if (ctx->p2 != NULL) {
470 if (ctx->action_type == OSSL_ACTION_SET) {
471 ctx->buflen = BN_num_bytes(ctx->p2);
472 if ((ctx->allocated_buf
473 = OPENSSL_malloc(ctx->buflen))
474 == NULL)
475 return 0;
476 if (BN_bn2nativepad(ctx->p2,
477 ctx->allocated_buf, ctx->buflen)
478 < 0) {
479 OPENSSL_free(ctx->allocated_buf);
480 ctx->allocated_buf = NULL;
481 return 0;
482 }
483 *ctx->params = OSSL_PARAM_construct_BN(translation->param_key,
484 ctx->allocated_buf,
485 ctx->buflen);
486 } else {
487 /*
488 * No support for getting a BIGNUM by ctrl, this needs
489 * fixup_args function support.
490 */
491 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
492 "[action:%d, state:%d] trying to get a "
493 "BIGNUM via ctrl call",
494 ctx->action_type, state);
495 return 0;
496 }
497 } else {
498 *ctx->params = OSSL_PARAM_construct_uint(translation->param_key,
499 (unsigned int *)&ctx->p1);
500 }
501 break;
502 case OSSL_PARAM_UTF8_STRING:
503 *ctx->params = OSSL_PARAM_construct_utf8_string(translation->param_key,
504 ctx->p2, (size_t)ctx->p1);
505 break;
506 case OSSL_PARAM_UTF8_PTR:
507 *ctx->params = OSSL_PARAM_construct_utf8_ptr(translation->param_key,
508 ctx->p2, (size_t)ctx->p1);
509 break;
510 case OSSL_PARAM_OCTET_STRING:
511 *ctx->params = OSSL_PARAM_construct_octet_string(translation->param_key,
512 ctx->p2, (size_t)ctx->p1);
513 break;
514 case OSSL_PARAM_OCTET_PTR:
515 *ctx->params = OSSL_PARAM_construct_octet_ptr(translation->param_key,
516 ctx->p2, (size_t)ctx->p1);
517 break;
518 }
519 break;
520 case POST_CTRL_TO_PARAMS:
521 /*
522 * Because EVP_PKEY_CTX_ctrl() returns the length of certain objects
523 * as its return value, we need to ensure that we do it here as well,
524 * for the OSSL_PARAM data types where this makes sense.
525 */
526 if (ctx->action_type == OSSL_ACTION_GET) {
527 switch (translation->param_data_type) {
528 case OSSL_PARAM_UTF8_STRING:
529 case OSSL_PARAM_UTF8_PTR:
530 case OSSL_PARAM_OCTET_STRING:
531 case OSSL_PARAM_OCTET_PTR:
532 ctx->p1 = (int)ctx->params[0].return_size;
533 break;
534 }
535 }
536 break;
537
538 /*
539 * PRE_CTRL_STR_TO_PARAMS and POST_CTRL_STR_TO_PARAMS handle ctrl_str to
540 * params translations. PRE_CTRL_TO_PARAMS is responsible for preparing
541 * |*params|, and POST_CTRL_TO_PARAMS currently has nothing to do, since
542 * there's no support for getting data via ctrl_str calls.
543 */
544 case PRE_CTRL_STR_TO_PARAMS: {
545 /* This is ctrl_str to params translation */
546 const char *tmp_ctrl_str = ctx->ctrl_str;
547 const char *orig_ctrl_str = ctx->ctrl_str;
548 const char *orig_value = ctx->p2;
549 const OSSL_PARAM *settable = NULL;
550 int exists = 0;
551
552 /* Only setting is supported here */
553 if (ctx->action_type != OSSL_ACTION_SET) {
554 ERR_raise_data(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED,
555 "[action:%d, state:%d] only setting allowed",
556 ctx->action_type, state);
557 return 0;
558 }
559
560 /*
561 * If no translation exists, we simply pass the control string
562 * unmodified.
563 */
564 if (translation != NULL) {
565 tmp_ctrl_str = ctx->ctrl_str = translation->param_key;
566
567 if (ctx->ishex) {
568 strcpy(ctx->name_buf, "hex");
569 if (OPENSSL_strlcat(ctx->name_buf, tmp_ctrl_str,
570 sizeof(ctx->name_buf))
571 <= 3) {
572 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
573 return -1;
574 }
575 tmp_ctrl_str = ctx->name_buf;
576 }
577 }
578
579 settable = EVP_PKEY_CTX_settable_params(ctx->pctx);
580 if (!OSSL_PARAM_allocate_from_text(ctx->params, settable,
581 tmp_ctrl_str,
582 ctx->p2, strlen(ctx->p2),
583 &exists)) {
584 if (!exists) {
585 ERR_raise_data(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED,
586 "[action:%d, state:%d] name=%s, value=%s",
587 ctx->action_type, state,
588 orig_ctrl_str, orig_value);
589 return -2;
590 }
591 return 0;
592 }
593 ctx->allocated_buf = ctx->params->data;
594 ctx->buflen = ctx->params->data_size;
595 } break;
596 case POST_CTRL_STR_TO_PARAMS:
597 /* Nothing to be done */
598 break;
599
600 /*
601 * PRE_PARAMS_TO_CTRL and POST_PARAMS_TO_CTRL handle params to ctrl
602 * translations. PRE_PARAMS_TO_CTRL is responsible for preparing
603 * |p1| and |p2|, and POST_PARAMS_TO_CTRL is responsible for bringing
604 * the EVP_PKEY_CTX_ctrl() return value (passed as |p1|) and |p2| back
605 * to |*params|.
606 *
607 * PKEY is treated just like POST_PARAMS_TO_CTRL, making it easy
608 * for the related fixup_args functions to just set |p1| and |p2|
609 * appropriately and leave it to this section of code to fix up
610 * |ctx->params| accordingly.
611 */
612 case PKEY:
613 case POST_PARAMS_TO_CTRL:
614 ret = ctx->p1;
615 /* FALLTHRU */
616 case PRE_PARAMS_TO_CTRL: {
617 /* This is params to ctrl translation */
618 if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET) {
619 /* For the PRE state, only setting needs some work to be done */
620
621 /* When setting, we populate |p1| and |p2| from |*params| */
622 switch (translation->param_data_type) {
623 case OSSL_PARAM_INTEGER:
624 return OSSL_PARAM_get_int(ctx->params, &ctx->p1);
625 case OSSL_PARAM_UNSIGNED_INTEGER:
626 if (ctx->p2 != NULL) {
627 /* BIGNUM passed down with p2 */
628 if (!OSSL_PARAM_get_BN(ctx->params, ctx->p2))
629 return 0;
630 } else {
631 /* Normal C unsigned int passed down */
632 if (!OSSL_PARAM_get_uint(ctx->params,
633 (unsigned int *)&ctx->p1))
634 return 0;
635 }
636 return 1;
637 case OSSL_PARAM_UTF8_STRING:
638 return OSSL_PARAM_get_utf8_string(ctx->params,
639 ctx->p2, ctx->sz);
640 case OSSL_PARAM_OCTET_STRING:
641 return OSSL_PARAM_get_octet_string(ctx->params,
642 &ctx->p2, ctx->sz,
643 (size_t *)&ctx->p1);
644 case OSSL_PARAM_OCTET_PTR:
645 return OSSL_PARAM_get_octet_ptr(ctx->params,
646 ctx->p2, &ctx->sz);
647 default:
648 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
649 "[action:%d, state:%d] "
650 "unknown OSSL_PARAM data type %d",
651 ctx->action_type, state,
652 translation->param_data_type);
653 return 0;
654 }
655 } else if ((state == POST_PARAMS_TO_CTRL || state == PKEY)
656 && ctx->action_type == OSSL_ACTION_GET) {
657 /* For the POST state, only getting needs some work to be done */
658 unsigned int param_data_type = translation->param_data_type;
659 size_t size = (size_t)ctx->p1;
660
661 if (state == PKEY)
662 size = ctx->sz;
663 if (param_data_type == 0) {
664 /* we must have a fixup_args function to work */
665 if (!ossl_assert(translation->fixup_args != NULL)) {
666 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
667 return 0;
668 }
669 param_data_type = ctx->params->data_type;
670 }
671 /* When getting, we populate |*params| from |p1| and |p2| */
672 switch (param_data_type) {
673 case OSSL_PARAM_INTEGER:
674 return OSSL_PARAM_set_int(ctx->params, ctx->p1);
675 case OSSL_PARAM_UNSIGNED_INTEGER:
676 if (ctx->p2 != NULL) {
677 /* BIGNUM passed back */
678 return OSSL_PARAM_set_BN(ctx->params, ctx->p2);
679 } else {
680 /* Normal C unsigned int passed back */
681 return OSSL_PARAM_set_uint(ctx->params,
682 (unsigned int)ctx->p1);
683 }
684 return 0;
685 case OSSL_PARAM_UTF8_STRING:
686 return OSSL_PARAM_set_utf8_string(ctx->params, ctx->p2);
687 case OSSL_PARAM_OCTET_STRING:
688 return OSSL_PARAM_set_octet_string(ctx->params, ctx->p2,
689 size);
690 case OSSL_PARAM_OCTET_PTR:
691 return OSSL_PARAM_set_octet_ptr(ctx->params, *(void **)ctx->p2,
692 size);
693 default:
694 ERR_raise_data(ERR_LIB_EVP, ERR_R_UNSUPPORTED,
695 "[action:%d, state:%d] "
696 "unsupported OSSL_PARAM data type %d",
697 ctx->action_type, state,
698 translation->param_data_type);
699 return 0;
700 }
701 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
702 if (translation->param_data_type == OSSL_PARAM_OCTET_PTR)
703 ctx->p2 = &ctx->bufp;
704 }
705 }
706 /* Any other combination is simply pass-through */
707 break;
708 }
709 return ret;
710 }
711
712 static int
cleanup_translation_ctx(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)713 cleanup_translation_ctx(enum state state,
714 const struct translation_st *translation,
715 struct translation_ctx_st *ctx)
716 {
717 if (ctx->allocated_buf != NULL)
718 OPENSSL_free(ctx->allocated_buf);
719 ctx->allocated_buf = NULL;
720 return 1;
721 }
722
723 /*
724 * fix_cipher_md fixes up an EVP_CIPHER / EVP_MD to its name on OSSL_ACTION_SET,
725 * and cipher / md name to EVP_MD on OSSL_ACTION_GET.
726 */
get_cipher_name(void * cipher)727 static const char *get_cipher_name(void *cipher)
728 {
729 return EVP_CIPHER_get0_name(cipher);
730 }
731
get_md_name(void * md)732 static const char *get_md_name(void *md)
733 {
734 return EVP_MD_get0_name(md);
735 }
736
get_cipher_by_name(OSSL_LIB_CTX * libctx,const char * name)737 static const void *get_cipher_by_name(OSSL_LIB_CTX *libctx, const char *name)
738 {
739 return evp_get_cipherbyname_ex(libctx, name);
740 }
741
get_md_by_name(OSSL_LIB_CTX * libctx,const char * name)742 static const void *get_md_by_name(OSSL_LIB_CTX *libctx, const char *name)
743 {
744 return evp_get_digestbyname_ex(libctx, name);
745 }
746
fix_cipher_md(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const char * (* get_name)(void * algo),const void * (* get_algo_by_name)(OSSL_LIB_CTX * libctx,const char * name))747 static int fix_cipher_md(enum state state,
748 const struct translation_st *translation,
749 struct translation_ctx_st *ctx,
750 const char *(*get_name)(void *algo),
751 const void *(*get_algo_by_name)(OSSL_LIB_CTX *libctx,
752 const char *name))
753 {
754 int ret = 1;
755
756 if ((ret = default_check(state, translation, ctx)) <= 0)
757 return ret;
758
759 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) {
760 /*
761 * |ctx->p2| contains the address to an EVP_CIPHER or EVP_MD pointer
762 * to be filled in. We need to remember it, then make |ctx->p2|
763 * point at a buffer to be filled in with the name, and |ctx->p1|
764 * with its size. default_fixup_args() will take care of the rest
765 * for us.
766 */
767 ctx->orig_p2 = ctx->p2;
768 ctx->p2 = ctx->name_buf;
769 ctx->p1 = sizeof(ctx->name_buf);
770 } else if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET) {
771 /*
772 * In different parts of OpenSSL, this ctrl command is used
773 * differently. Some calls pass a NID as p1, others pass an
774 * EVP_CIPHER pointer as p2...
775 */
776 ctx->p2 = (char *)(ctx->p2 == NULL
777 ? OBJ_nid2sn(ctx->p1)
778 : get_name(ctx->p2));
779 ctx->p1 = strlen(ctx->p2);
780 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
781 ctx->p2 = (ctx->p2 == NULL ? "" : (char *)get_name(ctx->p2));
782 ctx->p1 = strlen(ctx->p2);
783 }
784
785 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
786 return ret;
787
788 if (state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) {
789 /*
790 * Here's how we reuse |ctx->orig_p2| that was set in the
791 * PRE_CTRL_TO_PARAMS state above.
792 */
793 *(void **)ctx->orig_p2 = (void *)get_algo_by_name(ctx->pctx->libctx, ctx->p2);
794 ctx->p1 = 1;
795 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET) {
796 ctx->p2 = (void *)get_algo_by_name(ctx->pctx->libctx, ctx->p2);
797 ctx->p1 = 0;
798 }
799
800 return ret;
801 }
802
fix_cipher(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)803 static int fix_cipher(enum state state,
804 const struct translation_st *translation,
805 struct translation_ctx_st *ctx)
806 {
807 return fix_cipher_md(state, translation, ctx,
808 get_cipher_name, get_cipher_by_name);
809 }
810
fix_md(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)811 static int fix_md(enum state state,
812 const struct translation_st *translation,
813 struct translation_ctx_st *ctx)
814 {
815 return fix_cipher_md(state, translation, ctx,
816 get_md_name, get_md_by_name);
817 }
818
fix_distid_len(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)819 static int fix_distid_len(enum state state,
820 const struct translation_st *translation,
821 struct translation_ctx_st *ctx)
822 {
823 int ret = default_fixup_args(state, translation, ctx);
824
825 if (ret > 0) {
826 ret = 0;
827 if ((state == POST_CTRL_TO_PARAMS
828 || state == POST_CTRL_STR_TO_PARAMS)
829 && ctx->action_type == OSSL_ACTION_GET) {
830 *(size_t *)ctx->p2 = ctx->sz;
831 ret = 1;
832 }
833 }
834 return ret;
835 }
836
837 struct kdf_type_map_st {
838 int kdf_type_num;
839 const char *kdf_type_str;
840 };
841
fix_kdf_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const struct kdf_type_map_st * kdf_type_map)842 static int fix_kdf_type(enum state state,
843 const struct translation_st *translation,
844 struct translation_ctx_st *ctx,
845 const struct kdf_type_map_st *kdf_type_map)
846 {
847 /*
848 * The EVP_PKEY_CTRL_DH_KDF_TYPE ctrl command is a bit special, in
849 * that it's used both for setting a value, and for getting it, all
850 * depending on the value if |p1|; if |p1| is -2, the backend is
851 * supposed to place the current kdf type in |p2|, and if not, |p1|
852 * is interpreted as the new kdf type.
853 */
854 int ret = 0;
855
856 if ((ret = default_check(state, translation, ctx)) <= 0)
857 return ret;
858
859 if (state == PRE_CTRL_TO_PARAMS) {
860 /*
861 * In |translations|, the initial value for |ctx->action_type| must
862 * be OSSL_ACTION_NONE.
863 */
864 if (!ossl_assert(ctx->action_type == OSSL_ACTION_NONE))
865 return 0;
866
867 /* The action type depends on the value of *p1 */
868 if (ctx->p1 == -2) {
869 /*
870 * The OSSL_PARAMS getter needs space to store a copy of the kdf
871 * type string. We use |ctx->name_buf|, which has enough space
872 * allocated.
873 *
874 * (this wouldn't be needed if the OSSL_xxx_PARAM_KDF_TYPE
875 * had the data type OSSL_PARAM_UTF8_PTR)
876 */
877 ctx->p2 = ctx->name_buf;
878 ctx->p1 = sizeof(ctx->name_buf);
879 ctx->action_type = OSSL_ACTION_GET;
880 } else {
881 ctx->action_type = OSSL_ACTION_SET;
882 }
883 }
884
885 if ((ret = default_check(state, translation, ctx)) <= 0)
886 return ret;
887
888 if ((state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET)
889 || (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET)) {
890 ret = -2;
891 /* Convert KDF type numbers to strings */
892 for (; kdf_type_map->kdf_type_str != NULL; kdf_type_map++)
893 if (ctx->p1 == kdf_type_map->kdf_type_num) {
894 ctx->p2 = (char *)kdf_type_map->kdf_type_str;
895 ret = 1;
896 break;
897 }
898 if (ret <= 0)
899 goto end;
900 ctx->p1 = strlen(ctx->p2);
901 }
902
903 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
904 return ret;
905
906 if ((state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET)
907 || (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET)) {
908 ctx->p1 = ret = -1;
909
910 /* Convert KDF type strings to numbers */
911 for (; kdf_type_map->kdf_type_str != NULL; kdf_type_map++)
912 if (OPENSSL_strcasecmp(ctx->p2, kdf_type_map->kdf_type_str) == 0) {
913 ctx->p1 = kdf_type_map->kdf_type_num;
914 ret = 1;
915 break;
916 }
917 ctx->p2 = NULL;
918 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
919 ctx->p1 = -2;
920 }
921 end:
922 return ret;
923 }
924
925 /* EVP_PKEY_CTRL_DH_KDF_TYPE */
fix_dh_kdf_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)926 static int fix_dh_kdf_type(enum state state,
927 const struct translation_st *translation,
928 struct translation_ctx_st *ctx)
929 {
930 static const struct kdf_type_map_st kdf_type_map[] = {
931 { EVP_PKEY_DH_KDF_NONE, "" },
932 { EVP_PKEY_DH_KDF_X9_42, OSSL_KDF_NAME_X942KDF_ASN1 },
933 { 0, NULL }
934 };
935
936 return fix_kdf_type(state, translation, ctx, kdf_type_map);
937 }
938
939 /* EVP_PKEY_CTRL_EC_KDF_TYPE */
fix_ec_kdf_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)940 static int fix_ec_kdf_type(enum state state,
941 const struct translation_st *translation,
942 struct translation_ctx_st *ctx)
943 {
944 static const struct kdf_type_map_st kdf_type_map[] = {
945 { EVP_PKEY_ECDH_KDF_NONE, "" },
946 { EVP_PKEY_ECDH_KDF_X9_63, OSSL_KDF_NAME_X963KDF },
947 { 0, NULL }
948 };
949
950 return fix_kdf_type(state, translation, ctx, kdf_type_map);
951 }
952
953 /* EVP_PKEY_CTRL_DH_KDF_OID, EVP_PKEY_CTRL_GET_DH_KDF_OID, ...??? */
fix_oid(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)954 static int fix_oid(enum state state,
955 const struct translation_st *translation,
956 struct translation_ctx_st *ctx)
957 {
958 int ret;
959
960 if ((ret = default_check(state, translation, ctx)) <= 0)
961 return ret;
962
963 if ((state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET)
964 || (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET)) {
965 /*
966 * We're translating from ctrl to params and setting the OID, or
967 * we're translating from params to ctrl and getting the OID.
968 * Either way, |ctx->p2| points at an ASN1_OBJECT, and needs to have
969 * that replaced with the corresponding name.
970 * default_fixup_args() will then be able to convert that to the
971 * corresponding OSSL_PARAM.
972 */
973 OBJ_obj2txt(ctx->name_buf, sizeof(ctx->name_buf), ctx->p2, 0);
974 ctx->p2 = (char *)ctx->name_buf;
975 ctx->p1 = 0; /* let default_fixup_args() figure out the length */
976 }
977
978 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
979 return ret;
980
981 if ((state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_SET)
982 || (state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET)) {
983 /*
984 * We're translating from ctrl to params and setting the OID name,
985 * or we're translating from params to ctrl and getting the OID
986 * name. Either way, default_fixup_args() has placed the OID name
987 * in |ctx->p2|, all we need to do now is to replace that with the
988 * corresponding ASN1_OBJECT.
989 */
990 ctx->p2 = (ASN1_OBJECT *)OBJ_txt2obj(ctx->p2, 0);
991 }
992
993 return ret;
994 }
995
996 /* EVP_PKEY_CTRL_DH_NID */
fix_dh_nid(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)997 static int fix_dh_nid(enum state state,
998 const struct translation_st *translation,
999 struct translation_ctx_st *ctx)
1000 {
1001 int ret;
1002
1003 if ((ret = default_check(state, translation, ctx)) <= 0)
1004 return ret;
1005
1006 /* This is only settable */
1007 if (ctx->action_type != OSSL_ACTION_SET)
1008 return 0;
1009
1010 if (state == PRE_CTRL_TO_PARAMS) {
1011 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name(ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) {
1012 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1013 return 0;
1014 }
1015 ctx->p1 = 0;
1016 }
1017
1018 return default_fixup_args(state, translation, ctx);
1019 }
1020
1021 /* EVP_PKEY_CTRL_DH_RFC5114 */
fix_dh_nid5114(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1022 static int fix_dh_nid5114(enum state state,
1023 const struct translation_st *translation,
1024 struct translation_ctx_st *ctx)
1025 {
1026 int ret;
1027
1028 if ((ret = default_check(state, translation, ctx)) <= 0)
1029 return ret;
1030
1031 /* This is only settable */
1032 if (ctx->action_type != OSSL_ACTION_SET)
1033 return 0;
1034
1035 switch (state) {
1036 case PRE_CTRL_TO_PARAMS:
1037 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name(ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) {
1038 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1039 return 0;
1040 }
1041
1042 ctx->p1 = 0;
1043 break;
1044
1045 case PRE_CTRL_STR_TO_PARAMS:
1046 if (ctx->p2 == NULL)
1047 return 0;
1048 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name(ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2)))) == NULL) {
1049 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1050 return 0;
1051 }
1052
1053 ctx->p1 = 0;
1054 break;
1055
1056 default:
1057 break;
1058 }
1059
1060 return default_fixup_args(state, translation, ctx);
1061 }
1062
1063 /* EVP_PKEY_CTRL_DH_PARAMGEN_TYPE */
fix_dh_paramgen_type(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1064 static int fix_dh_paramgen_type(enum state state,
1065 const struct translation_st *translation,
1066 struct translation_ctx_st *ctx)
1067 {
1068 int ret;
1069
1070 if ((ret = default_check(state, translation, ctx)) <= 0)
1071 return ret;
1072
1073 /* This is only settable */
1074 if (ctx->action_type != OSSL_ACTION_SET)
1075 return 0;
1076
1077 if (state == PRE_CTRL_STR_TO_PARAMS) {
1078 if ((ctx->p2 = (char *)ossl_dh_gen_type_id2name(atoi(ctx->p2)))
1079 == NULL) {
1080 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
1081 return 0;
1082 }
1083 ctx->p1 = strlen(ctx->p2);
1084 }
1085
1086 return default_fixup_args(state, translation, ctx);
1087 }
1088
1089 /* EVP_PKEY_CTRL_EC_PARAM_ENC */
fix_ec_param_enc(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1090 static int fix_ec_param_enc(enum state state,
1091 const struct translation_st *translation,
1092 struct translation_ctx_st *ctx)
1093 {
1094 int ret;
1095
1096 if ((ret = default_check(state, translation, ctx)) <= 0)
1097 return ret;
1098
1099 /* This is currently only settable */
1100 if (ctx->action_type != OSSL_ACTION_SET)
1101 return 0;
1102
1103 if (state == PRE_CTRL_TO_PARAMS) {
1104 switch (ctx->p1) {
1105 case OPENSSL_EC_EXPLICIT_CURVE:
1106 ctx->p2 = OSSL_PKEY_EC_ENCODING_EXPLICIT;
1107 break;
1108 case OPENSSL_EC_NAMED_CURVE:
1109 ctx->p2 = OSSL_PKEY_EC_ENCODING_GROUP;
1110 break;
1111 default:
1112 ret = -2;
1113 goto end;
1114 }
1115 ctx->p1 = 0;
1116 }
1117
1118 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1119 return ret;
1120
1121 if (state == PRE_PARAMS_TO_CTRL) {
1122 if (strcmp(ctx->p2, OSSL_PKEY_EC_ENCODING_EXPLICIT) == 0)
1123 ctx->p1 = OPENSSL_EC_EXPLICIT_CURVE;
1124 else if (strcmp(ctx->p2, OSSL_PKEY_EC_ENCODING_GROUP) == 0)
1125 ctx->p1 = OPENSSL_EC_NAMED_CURVE;
1126 else
1127 ctx->p1 = ret = -2;
1128 ctx->p2 = NULL;
1129 }
1130
1131 end:
1132 if (ret == -2)
1133 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1134 return ret;
1135 }
1136
1137 /* EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID */
fix_ec_paramgen_curve_nid(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1138 static int fix_ec_paramgen_curve_nid(enum state state,
1139 const struct translation_st *translation,
1140 struct translation_ctx_st *ctx)
1141 {
1142 char *p2 = NULL;
1143 int ret;
1144
1145 if ((ret = default_check(state, translation, ctx)) <= 0)
1146 return ret;
1147
1148 /* This is currently only settable */
1149 if (ctx->action_type != OSSL_ACTION_SET)
1150 return 0;
1151
1152 if (state == PRE_CTRL_TO_PARAMS) {
1153 ctx->p2 = (char *)OBJ_nid2sn(ctx->p1);
1154 ctx->p1 = 0;
1155 } else if (state == PRE_PARAMS_TO_CTRL) {
1156 /*
1157 * We're translating from params to ctrl and setting the curve name.
1158 * The ctrl function needs it to be a NID, but meanwhile, we need
1159 * space to get the curve name from the param. |ctx->name_buf| is
1160 * sufficient for that.
1161 * The double indirection is necessary for default_fixup_args()'s
1162 * call of OSSL_PARAM_get_utf8_string() to be done correctly.
1163 */
1164 p2 = ctx->name_buf;
1165 ctx->p2 = &p2;
1166 ctx->sz = sizeof(ctx->name_buf);
1167 }
1168
1169 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1170 return ret;
1171
1172 if (state == PRE_PARAMS_TO_CTRL) {
1173 ctx->p1 = OBJ_sn2nid(p2);
1174 ctx->p2 = NULL;
1175 }
1176
1177 return ret;
1178 }
1179
1180 /* EVP_PKEY_CTRL_EC_ECDH_COFACTOR */
fix_ecdh_cofactor(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1181 static int fix_ecdh_cofactor(enum state state,
1182 const struct translation_st *translation,
1183 struct translation_ctx_st *ctx)
1184 {
1185 /*
1186 * The EVP_PKEY_CTRL_EC_ECDH_COFACTOR ctrl command is a bit special, in
1187 * that it's used both for setting a value, and for getting it, all
1188 * depending on the value if |ctx->p1|; if |ctx->p1| is -2, the backend is
1189 * supposed to place the current cofactor mode in |ctx->p2|, and if not,
1190 * |ctx->p1| is interpreted as the new cofactor mode.
1191 */
1192 int ret = 0;
1193
1194 if (state == PRE_CTRL_TO_PARAMS) {
1195 /*
1196 * The initial value for |ctx->action_type| must be zero.
1197 * evp_pkey_ctrl_to_params() takes it from the translation item.
1198 */
1199 if (!ossl_assert(ctx->action_type == OSSL_ACTION_NONE))
1200 return 0;
1201
1202 /* The action type depends on the value of ctx->p1 */
1203 if (ctx->p1 == -2)
1204 ctx->action_type = OSSL_ACTION_GET;
1205 else
1206 ctx->action_type = OSSL_ACTION_SET;
1207 } else if (state == PRE_CTRL_STR_TO_PARAMS) {
1208 ctx->action_type = OSSL_ACTION_SET;
1209 } else if (state == PRE_PARAMS_TO_CTRL) {
1210 /* The initial value for |ctx->action_type| must not be zero. */
1211 if (!ossl_assert(ctx->action_type != OSSL_ACTION_NONE))
1212 return 0;
1213 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_NONE) {
1214 ctx->action_type = OSSL_ACTION_GET;
1215 }
1216
1217 if ((ret = default_check(state, translation, ctx)) <= 0)
1218 return ret;
1219
1220 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET) {
1221 if (ctx->p1 < -1 || ctx->p1 > 1) {
1222 /* Uses the same return value of pkey_ec_ctrl() */
1223 return -2;
1224 }
1225 }
1226
1227 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1228 return ret;
1229
1230 if (state == POST_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) {
1231 if (ctx->p1 < 0 || ctx->p1 > 1) {
1232 /*
1233 * The provider should return either 0 or 1, any other value is a
1234 * provider error.
1235 */
1236 ctx->p1 = ret = -1;
1237 }
1238 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
1239 ctx->p1 = -2;
1240 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
1241 ctx->p1 = ret;
1242 }
1243
1244 return ret;
1245 }
1246
1247 /* EVP_PKEY_CTRL_RSA_PADDING, EVP_PKEY_CTRL_GET_RSA_PADDING */
fix_rsa_padding_mode(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1248 static int fix_rsa_padding_mode(enum state state,
1249 const struct translation_st *translation,
1250 struct translation_ctx_st *ctx)
1251 {
1252 static const OSSL_ITEM str_value_map[] = {
1253 { RSA_PKCS1_PADDING, "pkcs1" },
1254 { RSA_NO_PADDING, "none" },
1255 { RSA_PKCS1_OAEP_PADDING, "oaep" },
1256 { RSA_PKCS1_OAEP_PADDING, "oeap" },
1257 { RSA_X931_PADDING, "x931" },
1258 { RSA_PKCS1_PSS_PADDING, "pss" },
1259 /* Special case, will pass directly as an integer */
1260 { RSA_PKCS1_WITH_TLS_PADDING, NULL }
1261 };
1262 int ret;
1263
1264 if ((ret = default_check(state, translation, ctx)) <= 0)
1265 return ret;
1266
1267 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) {
1268 /*
1269 * EVP_PKEY_CTRL_GET_RSA_PADDING returns the padding mode in the
1270 * weirdest way for a ctrl. Instead of doing like all other ctrls
1271 * that return a simple, i.e. just have that as a return value,
1272 * this particular ctrl treats p2 as the address for the int to be
1273 * returned. We must therefore remember |ctx->p2|, then make
1274 * |ctx->p2| point at a buffer to be filled in with the name, and
1275 * |ctx->p1| with its size. default_fixup_args() will take care
1276 * of the rest for us, along with the POST_CTRL_TO_PARAMS && OSSL_ACTION_GET
1277 * code section further down.
1278 */
1279 ctx->orig_p2 = ctx->p2;
1280 ctx->p2 = ctx->name_buf;
1281 ctx->p1 = sizeof(ctx->name_buf);
1282 } else if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_SET) {
1283 /*
1284 * Ideally, we should use utf8 strings for the diverse padding modes.
1285 * We only came here because someone called EVP_PKEY_CTX_ctrl(),
1286 * though, and since that can reasonably be seen as legacy code
1287 * that uses the diverse RSA macros for the padding mode, and we
1288 * know that at least our providers can handle the numeric modes,
1289 * we take the cheap route for now.
1290 *
1291 * The other solution would be to match |ctx->p1| against entries
1292 * in str_value_map and pass the corresponding string. However,
1293 * since we don't have a string for RSA_PKCS1_WITH_TLS_PADDING,
1294 * we have to do this same hack at least for that one.
1295 *
1296 * Since the "official" data type for the RSA padding mode is utf8
1297 * string, we cannot count on default_fixup_args(). Instead, we
1298 * build the OSSL_PARAM item ourselves and return immediately.
1299 */
1300 ctx->params[0] = OSSL_PARAM_construct_int(translation->param_key,
1301 &ctx->p1);
1302 return 1;
1303 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == OSSL_ACTION_GET) {
1304 size_t i;
1305
1306 /*
1307 * The EVP_PKEY_CTX_get_params() caller may have asked for a utf8
1308 * string, or may have asked for an integer of some sort. If they
1309 * ask for an integer, we respond directly. If not, we translate
1310 * the response from the ctrl function into a string.
1311 */
1312 switch (ctx->params->data_type) {
1313 case OSSL_PARAM_INTEGER:
1314 return OSSL_PARAM_get_int(ctx->params, &ctx->p1);
1315 case OSSL_PARAM_UNSIGNED_INTEGER:
1316 return OSSL_PARAM_get_uint(ctx->params, (unsigned int *)&ctx->p1);
1317 default:
1318 break;
1319 }
1320
1321 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1322 if (ctx->p1 == (int)str_value_map[i].id)
1323 break;
1324 }
1325 if (i == OSSL_NELEM(str_value_map)) {
1326 ERR_raise_data(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE,
1327 "[action:%d, state:%d] padding number %d",
1328 ctx->action_type, state, ctx->p1);
1329 return -2;
1330 }
1331 /*
1332 * If we don't have a string, we can't do anything. The caller
1333 * should have asked for a number...
1334 */
1335 if (str_value_map[i].ptr == NULL) {
1336 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1337 return -2;
1338 }
1339 ctx->p2 = str_value_map[i].ptr;
1340 ctx->p1 = strlen(ctx->p2);
1341 }
1342
1343 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1344 return ret;
1345
1346 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_PARAMS_TO_CTRL)
1347 || (ctx->action_type == OSSL_ACTION_GET && state == POST_CTRL_TO_PARAMS)) {
1348 size_t i;
1349
1350 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1351 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1352 break;
1353 }
1354
1355 if (i == OSSL_NELEM(str_value_map)) {
1356 ERR_raise_data(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE,
1357 "[action:%d, state:%d] padding name %s",
1358 ctx->action_type, state, (const char *)ctx->p2);
1359 ctx->p1 = ret = -2;
1360 } else if (state == POST_CTRL_TO_PARAMS) {
1361 /* EVP_PKEY_CTRL_GET_RSA_PADDING weirdness explained further up */
1362 *(int *)ctx->orig_p2 = str_value_map[i].id;
1363 } else {
1364 ctx->p1 = str_value_map[i].id;
1365 }
1366 ctx->p2 = NULL;
1367 }
1368
1369 return ret;
1370 }
1371
1372 /* EVP_PKEY_CTRL_RSA_PSS_SALTLEN, EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN */
fix_rsa_pss_saltlen(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1373 static int fix_rsa_pss_saltlen(enum state state,
1374 const struct translation_st *translation,
1375 struct translation_ctx_st *ctx)
1376 {
1377 static const OSSL_ITEM str_value_map[] = {
1378 { (unsigned int)RSA_PSS_SALTLEN_DIGEST, "digest" },
1379 { (unsigned int)RSA_PSS_SALTLEN_MAX, "max" },
1380 { (unsigned int)RSA_PSS_SALTLEN_AUTO, "auto" }
1381 };
1382 int ret;
1383
1384 if ((ret = default_check(state, translation, ctx)) <= 0)
1385 return ret;
1386
1387 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == OSSL_ACTION_GET) {
1388 /*
1389 * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN returns the saltlen by filling
1390 * in the int pointed at by p2. This is potentially as weird as
1391 * the way EVP_PKEY_CTRL_GET_RSA_PADDING works, except that saltlen
1392 * might be a negative value, so it wouldn't work as a legitimate
1393 * return value.
1394 * In any case, we must therefore remember |ctx->p2|, then make
1395 * |ctx->p2| point at a buffer to be filled in with the name, and
1396 * |ctx->p1| with its size. default_fixup_args() will take care
1397 * of the rest for us, along with the POST_CTRL_TO_PARAMS && OSSL_ACTION_GET
1398 * code section further down.
1399 */
1400 ctx->orig_p2 = ctx->p2;
1401 ctx->p2 = ctx->name_buf;
1402 ctx->p1 = sizeof(ctx->name_buf);
1403 } else if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_CTRL_TO_PARAMS)
1404 || (ctx->action_type == OSSL_ACTION_GET && state == POST_PARAMS_TO_CTRL)) {
1405 size_t i;
1406
1407 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1408 if (ctx->p1 == (int)str_value_map[i].id)
1409 break;
1410 }
1411 if (i == OSSL_NELEM(str_value_map)) {
1412 BIO_snprintf(ctx->name_buf, sizeof(ctx->name_buf), "%d", ctx->p1);
1413 } else {
1414 /* This won't truncate but it will quiet static analysers */
1415 strncpy(ctx->name_buf, str_value_map[i].ptr, sizeof(ctx->name_buf) - 1);
1416 ctx->name_buf[sizeof(ctx->name_buf) - 1] = '\0';
1417 }
1418 ctx->p2 = ctx->name_buf;
1419 ctx->p1 = strlen(ctx->p2);
1420 }
1421
1422 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1423 return ret;
1424
1425 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_PARAMS_TO_CTRL)
1426 || (ctx->action_type == OSSL_ACTION_GET && state == POST_CTRL_TO_PARAMS)) {
1427 size_t i;
1428 int val;
1429
1430 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1431 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1432 break;
1433 }
1434
1435 val = i == OSSL_NELEM(str_value_map) ? atoi(ctx->p2)
1436 : (int)str_value_map[i].id;
1437 if (state == POST_CTRL_TO_PARAMS) {
1438 /*
1439 * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN weirdness explained further
1440 * up
1441 */
1442 *(int *)ctx->orig_p2 = val;
1443 } else {
1444 ctx->p1 = val;
1445 }
1446 ctx->p2 = NULL;
1447 }
1448
1449 return ret;
1450 }
1451
1452 /* EVP_PKEY_CTRL_HKDF_MODE */
fix_hkdf_mode(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1453 static int fix_hkdf_mode(enum state state,
1454 const struct translation_st *translation,
1455 struct translation_ctx_st *ctx)
1456 {
1457 static const OSSL_ITEM str_value_map[] = {
1458 { EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND, "EXTRACT_AND_EXPAND" },
1459 { EVP_KDF_HKDF_MODE_EXTRACT_ONLY, "EXTRACT_ONLY" },
1460 { EVP_KDF_HKDF_MODE_EXPAND_ONLY, "EXPAND_ONLY" }
1461 };
1462 int ret;
1463
1464 if ((ret = default_check(state, translation, ctx)) <= 0)
1465 return ret;
1466
1467 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_CTRL_TO_PARAMS)
1468 || (ctx->action_type == OSSL_ACTION_GET && state == POST_PARAMS_TO_CTRL)) {
1469 size_t i;
1470
1471 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1472 if (ctx->p1 == (int)str_value_map[i].id)
1473 break;
1474 }
1475 if (i == OSSL_NELEM(str_value_map))
1476 return 0;
1477 ctx->p2 = str_value_map[i].ptr;
1478 ctx->p1 = strlen(ctx->p2);
1479 }
1480
1481 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1482 return ret;
1483
1484 if ((ctx->action_type == OSSL_ACTION_SET && state == PRE_PARAMS_TO_CTRL)
1485 || (ctx->action_type == OSSL_ACTION_GET && state == POST_CTRL_TO_PARAMS)) {
1486 size_t i;
1487
1488 for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
1489 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1490 break;
1491 }
1492 if (i == OSSL_NELEM(str_value_map))
1493 return 0;
1494 if (state == POST_CTRL_TO_PARAMS)
1495 ret = str_value_map[i].id;
1496 else
1497 ctx->p1 = str_value_map[i].id;
1498 ctx->p2 = NULL;
1499 }
1500
1501 return 1;
1502 }
1503
1504 /*-
1505 * Payload getters
1506 * ===============
1507 *
1508 * These all get the data they want, then call default_fixup_args() as
1509 * a post-ctrl OSSL_ACTION_GET fixup. They all get NULL ctx, ctrl_cmd, ctrl_str,
1510 * p1, sz
1511 */
1512
1513 /* Pilfering DH, DSA and EC_KEY */
get_payload_group_name(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1514 static int get_payload_group_name(enum state state,
1515 const struct translation_st *translation,
1516 struct translation_ctx_st *ctx)
1517 {
1518 EVP_PKEY *pkey = ctx->p2;
1519
1520 ctx->p2 = NULL;
1521 switch (EVP_PKEY_get_base_id(pkey)) {
1522 #ifndef OPENSSL_NO_DH
1523 case EVP_PKEY_DH: {
1524 const DH *dh = EVP_PKEY_get0_DH(pkey);
1525 int uid = DH_get_nid(dh);
1526
1527 if (uid != NID_undef) {
1528 const DH_NAMED_GROUP *dh_group = ossl_ffc_uid_to_dh_named_group(uid);
1529
1530 ctx->p2 = (char *)ossl_ffc_named_group_get_name(dh_group);
1531 }
1532 } break;
1533 #endif
1534 #ifndef OPENSSL_NO_EC
1535 case EVP_PKEY_EC: {
1536 const EC_GROUP *grp = EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey));
1537 int nid = NID_undef;
1538
1539 if (grp != NULL)
1540 nid = EC_GROUP_get_curve_name(grp);
1541 if (nid != NID_undef)
1542 ctx->p2 = (char *)OSSL_EC_curve_nid2name(nid);
1543 } break;
1544 #endif
1545 default:
1546 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1547 return 0;
1548 }
1549
1550 /*
1551 * Quietly ignoring unknown groups matches the behaviour on the provider
1552 * side.
1553 */
1554 if (ctx->p2 == NULL)
1555 return 1;
1556
1557 ctx->p1 = strlen(ctx->p2);
1558 return default_fixup_args(state, translation, ctx);
1559 }
1560
get_payload_private_key(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1561 static int get_payload_private_key(enum state state,
1562 const struct translation_st *translation,
1563 struct translation_ctx_st *ctx)
1564 {
1565 EVP_PKEY *pkey = ctx->p2;
1566
1567 ctx->p2 = NULL;
1568 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
1569 return 0;
1570
1571 switch (EVP_PKEY_get_base_id(pkey)) {
1572 #ifndef OPENSSL_NO_DH
1573 case EVP_PKEY_DH: {
1574 const DH *dh = EVP_PKEY_get0_DH(pkey);
1575
1576 ctx->p2 = (BIGNUM *)DH_get0_priv_key(dh);
1577 } break;
1578 #endif
1579 #ifndef OPENSSL_NO_EC
1580 case EVP_PKEY_EC: {
1581 const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
1582
1583 ctx->p2 = (BIGNUM *)EC_KEY_get0_private_key(ec);
1584 } break;
1585 #endif
1586 default:
1587 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1588 return 0;
1589 }
1590
1591 return default_fixup_args(state, translation, ctx);
1592 }
1593
get_payload_public_key(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1594 static int get_payload_public_key(enum state state,
1595 const struct translation_st *translation,
1596 struct translation_ctx_st *ctx)
1597 {
1598 EVP_PKEY *pkey = ctx->p2;
1599 unsigned char *buf = NULL;
1600 int ret;
1601
1602 ctx->p2 = NULL;
1603 switch (EVP_PKEY_get_base_id(pkey)) {
1604 #ifndef OPENSSL_NO_DH
1605 case EVP_PKEY_DHX:
1606 case EVP_PKEY_DH:
1607 switch (ctx->params->data_type) {
1608 case OSSL_PARAM_OCTET_STRING:
1609 ctx->sz = ossl_dh_key2buf(EVP_PKEY_get0_DH(pkey), &buf, 0, 1);
1610 ctx->p2 = buf;
1611 break;
1612 case OSSL_PARAM_UNSIGNED_INTEGER:
1613 ctx->p2 = (void *)DH_get0_pub_key(EVP_PKEY_get0_DH(pkey));
1614 break;
1615 default:
1616 return 0;
1617 }
1618 break;
1619 #endif
1620 #ifndef OPENSSL_NO_DSA
1621 case EVP_PKEY_DSA:
1622 if (ctx->params->data_type == OSSL_PARAM_UNSIGNED_INTEGER) {
1623 ctx->p2 = (void *)DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey));
1624 break;
1625 }
1626 return 0;
1627 #endif
1628 #ifndef OPENSSL_NO_EC
1629 case EVP_PKEY_EC:
1630 if (ctx->params->data_type == OSSL_PARAM_OCTET_STRING) {
1631 const EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(pkey);
1632 BN_CTX *bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eckey));
1633 const EC_GROUP *ecg = EC_KEY_get0_group(eckey);
1634 const EC_POINT *point = EC_KEY_get0_public_key(eckey);
1635
1636 if (bnctx == NULL)
1637 return 0;
1638 ctx->sz = EC_POINT_point2buf(ecg, point,
1639 POINT_CONVERSION_COMPRESSED,
1640 &buf, bnctx);
1641 ctx->p2 = buf;
1642 BN_CTX_free(bnctx);
1643 break;
1644 }
1645 return 0;
1646 #endif
1647 default:
1648 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1649 return 0;
1650 }
1651
1652 ret = default_fixup_args(state, translation, ctx);
1653 OPENSSL_free(buf);
1654 return ret;
1655 }
1656
get_payload_public_key_ec(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1657 static int get_payload_public_key_ec(enum state state,
1658 const struct translation_st *translation,
1659 struct translation_ctx_st *ctx)
1660 {
1661 #ifndef OPENSSL_NO_EC
1662 EVP_PKEY *pkey = ctx->p2;
1663 const EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(pkey);
1664 BN_CTX *bnctx;
1665 const EC_POINT *point;
1666 const EC_GROUP *ecg;
1667 BIGNUM *x = NULL;
1668 BIGNUM *y = NULL;
1669 int ret = 0;
1670
1671 ctx->p2 = NULL;
1672
1673 if (eckey == NULL) {
1674 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1675 return 0;
1676 }
1677
1678 bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eckey));
1679 if (bnctx == NULL)
1680 return 0;
1681
1682 point = EC_KEY_get0_public_key(eckey);
1683 ecg = EC_KEY_get0_group(eckey);
1684
1685 /* Caller should have requested a BN, fail if not */
1686 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
1687 goto out;
1688
1689 x = BN_CTX_get(bnctx);
1690 y = BN_CTX_get(bnctx);
1691 if (y == NULL)
1692 goto out;
1693
1694 if (!EC_POINT_get_affine_coordinates(ecg, point, x, y, bnctx))
1695 goto out;
1696
1697 if (strncmp(ctx->params->key, OSSL_PKEY_PARAM_EC_PUB_X, 2) == 0)
1698 ctx->p2 = x;
1699 else if (strncmp(ctx->params->key, OSSL_PKEY_PARAM_EC_PUB_Y, 2) == 0)
1700 ctx->p2 = y;
1701 else
1702 goto out;
1703
1704 /* Return the payload */
1705 ret = default_fixup_args(state, translation, ctx);
1706 out:
1707 BN_CTX_free(bnctx);
1708 return ret;
1709 #else
1710 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1711 return 0;
1712 #endif
1713 }
1714
get_payload_bn(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const BIGNUM * bn)1715 static int get_payload_bn(enum state state,
1716 const struct translation_st *translation,
1717 struct translation_ctx_st *ctx, const BIGNUM *bn)
1718 {
1719 if (bn == NULL)
1720 return 0;
1721 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER)
1722 return 0;
1723 ctx->p2 = (BIGNUM *)bn;
1724
1725 return default_fixup_args(state, translation, ctx);
1726 }
1727
get_dh_dsa_payload_p(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1728 static int get_dh_dsa_payload_p(enum state state,
1729 const struct translation_st *translation,
1730 struct translation_ctx_st *ctx)
1731 {
1732 const BIGNUM *bn = NULL;
1733 EVP_PKEY *pkey = ctx->p2;
1734
1735 switch (EVP_PKEY_get_base_id(pkey)) {
1736 #ifndef OPENSSL_NO_DH
1737 case EVP_PKEY_DH:
1738 bn = DH_get0_p(EVP_PKEY_get0_DH(pkey));
1739 break;
1740 #endif
1741 #ifndef OPENSSL_NO_DSA
1742 case EVP_PKEY_DSA:
1743 bn = DSA_get0_p(EVP_PKEY_get0_DSA(pkey));
1744 break;
1745 #endif
1746 default:
1747 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1748 }
1749
1750 return get_payload_bn(state, translation, ctx, bn);
1751 }
1752
get_dh_dsa_payload_q(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1753 static int get_dh_dsa_payload_q(enum state state,
1754 const struct translation_st *translation,
1755 struct translation_ctx_st *ctx)
1756 {
1757 const BIGNUM *bn = NULL;
1758
1759 switch (EVP_PKEY_get_base_id(ctx->p2)) {
1760 #ifndef OPENSSL_NO_DH
1761 case EVP_PKEY_DH:
1762 bn = DH_get0_q(EVP_PKEY_get0_DH(ctx->p2));
1763 break;
1764 #endif
1765 #ifndef OPENSSL_NO_DSA
1766 case EVP_PKEY_DSA:
1767 bn = DSA_get0_q(EVP_PKEY_get0_DSA(ctx->p2));
1768 break;
1769 #endif
1770 }
1771
1772 return get_payload_bn(state, translation, ctx, bn);
1773 }
1774
get_dh_dsa_payload_g(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1775 static int get_dh_dsa_payload_g(enum state state,
1776 const struct translation_st *translation,
1777 struct translation_ctx_st *ctx)
1778 {
1779 const BIGNUM *bn = NULL;
1780
1781 switch (EVP_PKEY_get_base_id(ctx->p2)) {
1782 #ifndef OPENSSL_NO_DH
1783 case EVP_PKEY_DH:
1784 bn = DH_get0_g(EVP_PKEY_get0_DH(ctx->p2));
1785 break;
1786 #endif
1787 #ifndef OPENSSL_NO_DSA
1788 case EVP_PKEY_DSA:
1789 bn = DSA_get0_g(EVP_PKEY_get0_DSA(ctx->p2));
1790 break;
1791 #endif
1792 }
1793
1794 return get_payload_bn(state, translation, ctx, bn);
1795 }
1796
get_payload_int(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,const int val)1797 static int get_payload_int(enum state state,
1798 const struct translation_st *translation,
1799 struct translation_ctx_st *ctx,
1800 const int val)
1801 {
1802 if (ctx->params->data_type != OSSL_PARAM_INTEGER)
1803 return 0;
1804 ctx->p1 = val;
1805 ctx->p2 = NULL;
1806
1807 return default_fixup_args(state, translation, ctx);
1808 }
1809
get_ec_decoded_from_explicit_params(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1810 static int get_ec_decoded_from_explicit_params(enum state state,
1811 const struct translation_st *translation,
1812 struct translation_ctx_st *ctx)
1813 {
1814 int val = 0;
1815 EVP_PKEY *pkey = ctx->p2;
1816
1817 switch (EVP_PKEY_base_id(pkey)) {
1818 #ifndef OPENSSL_NO_EC
1819 case EVP_PKEY_EC:
1820 val = EC_KEY_decoded_from_explicit_params(EVP_PKEY_get0_EC_KEY(pkey));
1821 if (val < 0) {
1822 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY);
1823 return 0;
1824 }
1825 break;
1826 #endif
1827 default:
1828 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
1829 return 0;
1830 }
1831
1832 return get_payload_int(state, translation, ctx, val);
1833 }
1834
get_rsa_payload_n(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1835 static int get_rsa_payload_n(enum state state,
1836 const struct translation_st *translation,
1837 struct translation_ctx_st *ctx)
1838 {
1839 const BIGNUM *bn = NULL;
1840
1841 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA
1842 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS)
1843 return 0;
1844 bn = RSA_get0_n(EVP_PKEY_get0_RSA(ctx->p2));
1845
1846 return get_payload_bn(state, translation, ctx, bn);
1847 }
1848
get_rsa_payload_e(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1849 static int get_rsa_payload_e(enum state state,
1850 const struct translation_st *translation,
1851 struct translation_ctx_st *ctx)
1852 {
1853 const BIGNUM *bn = NULL;
1854
1855 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA
1856 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS)
1857 return 0;
1858 bn = RSA_get0_e(EVP_PKEY_get0_RSA(ctx->p2));
1859
1860 return get_payload_bn(state, translation, ctx, bn);
1861 }
1862
get_rsa_payload_d(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)1863 static int get_rsa_payload_d(enum state state,
1864 const struct translation_st *translation,
1865 struct translation_ctx_st *ctx)
1866 {
1867 const BIGNUM *bn = NULL;
1868
1869 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA
1870 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS)
1871 return 0;
1872 bn = RSA_get0_d(EVP_PKEY_get0_RSA(ctx->p2));
1873
1874 return get_payload_bn(state, translation, ctx, bn);
1875 }
1876
get_rsa_payload_factor(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,size_t factornum)1877 static int get_rsa_payload_factor(enum state state,
1878 const struct translation_st *translation,
1879 struct translation_ctx_st *ctx,
1880 size_t factornum)
1881 {
1882 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1883 const BIGNUM *bn = NULL;
1884
1885 switch (factornum) {
1886 case 0:
1887 bn = RSA_get0_p(r);
1888 break;
1889 case 1:
1890 bn = RSA_get0_q(r);
1891 break;
1892 default: {
1893 size_t pnum = RSA_get_multi_prime_extra_count(r);
1894 const BIGNUM *factors[10];
1895
1896 if (factornum - 2 < pnum
1897 && RSA_get0_multi_prime_factors(r, factors))
1898 bn = factors[factornum - 2];
1899 } break;
1900 }
1901
1902 return get_payload_bn(state, translation, ctx, bn);
1903 }
1904
get_rsa_payload_exponent(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,size_t exponentnum)1905 static int get_rsa_payload_exponent(enum state state,
1906 const struct translation_st *translation,
1907 struct translation_ctx_st *ctx,
1908 size_t exponentnum)
1909 {
1910 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1911 const BIGNUM *bn = NULL;
1912
1913 switch (exponentnum) {
1914 case 0:
1915 bn = RSA_get0_dmp1(r);
1916 break;
1917 case 1:
1918 bn = RSA_get0_dmq1(r);
1919 break;
1920 default: {
1921 size_t pnum = RSA_get_multi_prime_extra_count(r);
1922 const BIGNUM *exps[10], *coeffs[10];
1923
1924 if (exponentnum - 2 < pnum
1925 && RSA_get0_multi_prime_crt_params(r, exps, coeffs))
1926 bn = exps[exponentnum - 2];
1927 } break;
1928 }
1929
1930 return get_payload_bn(state, translation, ctx, bn);
1931 }
1932
get_rsa_payload_coefficient(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx,size_t coefficientnum)1933 static int get_rsa_payload_coefficient(enum state state,
1934 const struct translation_st *translation,
1935 struct translation_ctx_st *ctx,
1936 size_t coefficientnum)
1937 {
1938 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1939 const BIGNUM *bn = NULL;
1940
1941 switch (coefficientnum) {
1942 case 0:
1943 bn = RSA_get0_iqmp(r);
1944 break;
1945 default: {
1946 size_t pnum = RSA_get_multi_prime_extra_count(r);
1947 const BIGNUM *exps[10], *coeffs[10];
1948
1949 if (coefficientnum - 1 < pnum
1950 && RSA_get0_multi_prime_crt_params(r, exps, coeffs))
1951 bn = coeffs[coefficientnum - 1];
1952 } break;
1953 }
1954
1955 return get_payload_bn(state, translation, ctx, bn);
1956 }
1957
1958 #define IMPL_GET_RSA_PAYLOAD_FACTOR(n) \
1959 static int \
1960 get_rsa_payload_f##n(enum state state, \
1961 const struct translation_st *translation, \
1962 struct translation_ctx_st *ctx) \
1963 { \
1964 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \
1965 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \
1966 return 0; \
1967 return get_rsa_payload_factor(state, translation, ctx, n - 1); \
1968 }
1969
1970 #define IMPL_GET_RSA_PAYLOAD_EXPONENT(n) \
1971 static int \
1972 get_rsa_payload_e##n(enum state state, \
1973 const struct translation_st *translation, \
1974 struct translation_ctx_st *ctx) \
1975 { \
1976 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \
1977 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \
1978 return 0; \
1979 return get_rsa_payload_exponent(state, translation, ctx, \
1980 n - 1); \
1981 }
1982
1983 #define IMPL_GET_RSA_PAYLOAD_COEFFICIENT(n) \
1984 static int \
1985 get_rsa_payload_c##n(enum state state, \
1986 const struct translation_st *translation, \
1987 struct translation_ctx_st *ctx) \
1988 { \
1989 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA \
1990 && EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA_PSS) \
1991 return 0; \
1992 return get_rsa_payload_coefficient(state, translation, ctx, \
1993 n - 1); \
1994 }
1995
1996 IMPL_GET_RSA_PAYLOAD_FACTOR(1)
1997 IMPL_GET_RSA_PAYLOAD_FACTOR(2)
1998 IMPL_GET_RSA_PAYLOAD_FACTOR(3)
1999 IMPL_GET_RSA_PAYLOAD_FACTOR(4)
2000 IMPL_GET_RSA_PAYLOAD_FACTOR(5)
2001 IMPL_GET_RSA_PAYLOAD_FACTOR(6)
2002 IMPL_GET_RSA_PAYLOAD_FACTOR(7)
2003 IMPL_GET_RSA_PAYLOAD_FACTOR(8)
2004 IMPL_GET_RSA_PAYLOAD_FACTOR(9)
2005 IMPL_GET_RSA_PAYLOAD_FACTOR(10)
2006 IMPL_GET_RSA_PAYLOAD_EXPONENT(1)
2007 IMPL_GET_RSA_PAYLOAD_EXPONENT(2)
2008 IMPL_GET_RSA_PAYLOAD_EXPONENT(3)
2009 IMPL_GET_RSA_PAYLOAD_EXPONENT(4)
2010 IMPL_GET_RSA_PAYLOAD_EXPONENT(5)
2011 IMPL_GET_RSA_PAYLOAD_EXPONENT(6)
2012 IMPL_GET_RSA_PAYLOAD_EXPONENT(7)
2013 IMPL_GET_RSA_PAYLOAD_EXPONENT(8)
2014 IMPL_GET_RSA_PAYLOAD_EXPONENT(9)
2015 IMPL_GET_RSA_PAYLOAD_EXPONENT(10)
2016 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(1)
2017 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(2)
2018 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(3)
2019 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(4)
2020 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(5)
2021 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(6)
2022 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(7)
2023 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(8)
2024 IMPL_GET_RSA_PAYLOAD_COEFFICIENT(9)
2025
fix_group_ecx(enum state state,const struct translation_st * translation,struct translation_ctx_st * ctx)2026 static int fix_group_ecx(enum state state,
2027 const struct translation_st *translation,
2028 struct translation_ctx_st *ctx)
2029 {
2030 const char *value = NULL;
2031
2032 switch (state) {
2033 case PRE_PARAMS_TO_CTRL:
2034 if (!EVP_PKEY_CTX_IS_GEN_OP(ctx->pctx))
2035 return 0;
2036 ctx->action_type = OSSL_ACTION_NONE;
2037 return 1;
2038 case POST_PARAMS_TO_CTRL:
2039 if (OSSL_PARAM_get_utf8_string_ptr(ctx->params, &value) == 0 || OPENSSL_strcasecmp(ctx->pctx->keytype, value) != 0) {
2040 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_INVALID_ARGUMENT);
2041 ctx->p1 = 0;
2042 return 0;
2043 }
2044 ctx->p1 = 1;
2045 return 1;
2046 default:
2047 return 0;
2048 }
2049 }
2050
2051 /*-
2052 * The translation table itself
2053 * ============================
2054 */
2055
2056 static const struct translation_st evp_pkey_ctx_translations[] = {
2057 /*
2058 * DistID: we pass it to the backend as an octet string,
2059 * but get it back as a pointer to an octet string.
2060 *
2061 * Note that the EVP_PKEY_CTRL_GET1_ID_LEN is purely for legacy purposes
2062 * that has no separate counterpart in OSSL_PARAM terms, since we get
2063 * the length of the DistID automatically when getting the DistID itself.
2064 */
2065 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2066 EVP_PKEY_CTRL_SET1_ID, "distid", "hexdistid",
2067 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_STRING, NULL },
2068 { OSSL_ACTION_GET, -1, -1, -1,
2069 EVP_PKEY_CTRL_GET1_ID, "distid", "hexdistid",
2070 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_PTR, NULL },
2071 { OSSL_ACTION_GET, -1, -1, -1,
2072 EVP_PKEY_CTRL_GET1_ID_LEN, NULL, NULL,
2073 OSSL_PKEY_PARAM_DIST_ID, OSSL_PARAM_OCTET_PTR, fix_distid_len },
2074
2075 /*-
2076 * DH & DHX
2077 * ========
2078 */
2079
2080 /*
2081 * EVP_PKEY_CTRL_DH_KDF_TYPE is used both for setting and getting. The
2082 * fixup function has to handle this...
2083 */
2084 { OSSL_ACTION_NONE, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2085 EVP_PKEY_CTRL_DH_KDF_TYPE, NULL, NULL,
2086 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING,
2087 fix_dh_kdf_type },
2088 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2089 EVP_PKEY_CTRL_DH_KDF_MD, NULL, NULL,
2090 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2091 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2092 EVP_PKEY_CTRL_GET_DH_KDF_MD, NULL, NULL,
2093 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2094 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2095 EVP_PKEY_CTRL_DH_KDF_OUTLEN, NULL, NULL,
2096 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2097 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2098 EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, NULL, NULL,
2099 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2100 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2101 EVP_PKEY_CTRL_DH_KDF_UKM, NULL, NULL,
2102 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL },
2103 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2104 EVP_PKEY_CTRL_GET_DH_KDF_UKM, NULL, NULL,
2105 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL },
2106 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2107 EVP_PKEY_CTRL_DH_KDF_OID, NULL, NULL,
2108 OSSL_KDF_PARAM_CEK_ALG, OSSL_PARAM_UTF8_STRING, fix_oid },
2109 { OSSL_ACTION_GET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_DERIVE,
2110 EVP_PKEY_CTRL_GET_DH_KDF_OID, NULL, NULL,
2111 OSSL_KDF_PARAM_CEK_ALG, OSSL_PARAM_UTF8_STRING, fix_oid },
2112
2113 /* DHX Keygen Parameters that are shared with DH */
2114 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN,
2115 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, "dh_paramgen_type", NULL,
2116 OSSL_PKEY_PARAM_FFC_TYPE, OSSL_PARAM_UTF8_STRING, fix_dh_paramgen_type },
2117 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN,
2118 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, "dh_paramgen_prime_len", NULL,
2119 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2120 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2121 EVP_PKEY_CTRL_DH_NID, "dh_param", NULL,
2122 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, NULL },
2123 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2124 EVP_PKEY_CTRL_DH_RFC5114, "dh_rfc5114", NULL,
2125 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid5114 },
2126
2127 /* DH Keygen Parameters that are shared with DHX */
2128 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN,
2129 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, "dh_paramgen_type", NULL,
2130 OSSL_PKEY_PARAM_FFC_TYPE, OSSL_PARAM_UTF8_STRING, fix_dh_paramgen_type },
2131 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN,
2132 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, "dh_paramgen_prime_len", NULL,
2133 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2134 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2135 EVP_PKEY_CTRL_DH_NID, "dh_param", NULL,
2136 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid },
2137 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2138 EVP_PKEY_CTRL_DH_RFC5114, "dh_rfc5114", NULL,
2139 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_dh_nid5114 },
2140
2141 /* DH specific Keygen Parameters */
2142 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_PARAMGEN,
2143 EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, "dh_paramgen_generator", NULL,
2144 OSSL_PKEY_PARAM_DH_GENERATOR, OSSL_PARAM_INTEGER, NULL },
2145
2146 /* DHX specific Keygen Parameters */
2147 { OSSL_ACTION_SET, EVP_PKEY_DHX, 0, EVP_PKEY_OP_PARAMGEN,
2148 EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, "dh_paramgen_subprime_len", NULL,
2149 OSSL_PKEY_PARAM_FFC_QBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2150
2151 { OSSL_ACTION_SET, EVP_PKEY_DH, 0, EVP_PKEY_OP_DERIVE,
2152 EVP_PKEY_CTRL_DH_PAD, "dh_pad", NULL,
2153 OSSL_EXCHANGE_PARAM_PAD, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2154
2155 /*-
2156 * DSA
2157 * ===
2158 */
2159 { OSSL_ACTION_SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN,
2160 EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, "dsa_paramgen_bits", NULL,
2161 OSSL_PKEY_PARAM_FFC_PBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2162 { OSSL_ACTION_SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN,
2163 EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, "dsa_paramgen_q_bits", NULL,
2164 OSSL_PKEY_PARAM_FFC_QBITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2165 { OSSL_ACTION_SET, EVP_PKEY_DSA, 0, EVP_PKEY_OP_PARAMGEN,
2166 EVP_PKEY_CTRL_DSA_PARAMGEN_MD, "dsa_paramgen_md", NULL,
2167 OSSL_PKEY_PARAM_FFC_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2168
2169 /*-
2170 * EC
2171 * ==
2172 */
2173 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2174 EVP_PKEY_CTRL_EC_PARAM_ENC, "ec_param_enc", NULL,
2175 OSSL_PKEY_PARAM_EC_ENCODING, OSSL_PARAM_UTF8_STRING, fix_ec_param_enc },
2176 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2177 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, "ec_paramgen_curve", NULL,
2178 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING,
2179 fix_ec_paramgen_curve_nid },
2180 /*
2181 * EVP_PKEY_CTRL_EC_ECDH_COFACTOR and EVP_PKEY_CTRL_EC_KDF_TYPE are used
2182 * both for setting and getting. The fixup function has to handle this...
2183 */
2184 { OSSL_ACTION_NONE, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2185 EVP_PKEY_CTRL_EC_ECDH_COFACTOR, "ecdh_cofactor_mode", NULL,
2186 OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, OSSL_PARAM_INTEGER,
2187 fix_ecdh_cofactor },
2188 { OSSL_ACTION_NONE, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2189 EVP_PKEY_CTRL_EC_KDF_TYPE, NULL, NULL,
2190 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING, fix_ec_kdf_type },
2191 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2192 EVP_PKEY_CTRL_EC_KDF_MD, "ecdh_kdf_md", NULL,
2193 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2194 { OSSL_ACTION_GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2195 EVP_PKEY_CTRL_GET_EC_KDF_MD, NULL, NULL,
2196 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2197 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2198 EVP_PKEY_CTRL_EC_KDF_OUTLEN, NULL, NULL,
2199 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2200 { OSSL_ACTION_GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2201 EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, NULL, NULL,
2202 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2203 { OSSL_ACTION_SET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2204 EVP_PKEY_CTRL_EC_KDF_UKM, NULL, NULL,
2205 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL },
2206 { OSSL_ACTION_GET, EVP_PKEY_EC, 0, EVP_PKEY_OP_DERIVE,
2207 EVP_PKEY_CTRL_GET_EC_KDF_UKM, NULL, NULL,
2208 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL },
2209
2210 /*-
2211 * SM2
2212 * ==
2213 */
2214 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2215 EVP_PKEY_CTRL_EC_PARAM_ENC, "ec_param_enc", NULL,
2216 OSSL_PKEY_PARAM_EC_ENCODING, OSSL_PARAM_UTF8_STRING, fix_ec_param_enc },
2217 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
2218 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, "ec_paramgen_curve", NULL,
2219 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING,
2220 fix_ec_paramgen_curve_nid },
2221 /*
2222 * EVP_PKEY_CTRL_EC_ECDH_COFACTOR and EVP_PKEY_CTRL_EC_KDF_TYPE are used
2223 * both for setting and getting. The fixup function has to handle this...
2224 */
2225 { OSSL_ACTION_NONE, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2226 EVP_PKEY_CTRL_EC_ECDH_COFACTOR, "ecdh_cofactor_mode", NULL,
2227 OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, OSSL_PARAM_INTEGER,
2228 fix_ecdh_cofactor },
2229 { OSSL_ACTION_NONE, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2230 EVP_PKEY_CTRL_EC_KDF_TYPE, NULL, NULL,
2231 OSSL_EXCHANGE_PARAM_KDF_TYPE, OSSL_PARAM_UTF8_STRING, fix_ec_kdf_type },
2232 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2233 EVP_PKEY_CTRL_EC_KDF_MD, "ecdh_kdf_md", NULL,
2234 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2235 { OSSL_ACTION_GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2236 EVP_PKEY_CTRL_GET_EC_KDF_MD, NULL, NULL,
2237 OSSL_EXCHANGE_PARAM_KDF_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2238 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2239 EVP_PKEY_CTRL_EC_KDF_OUTLEN, NULL, NULL,
2240 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2241 { OSSL_ACTION_GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2242 EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, NULL, NULL,
2243 OSSL_EXCHANGE_PARAM_KDF_OUTLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2244 { OSSL_ACTION_SET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2245 EVP_PKEY_CTRL_EC_KDF_UKM, NULL, NULL,
2246 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_STRING, NULL },
2247 { OSSL_ACTION_GET, EVP_PKEY_SM2, 0, EVP_PKEY_OP_DERIVE,
2248 EVP_PKEY_CTRL_GET_EC_KDF_UKM, NULL, NULL,
2249 OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, NULL },
2250 /*-
2251 * RSA
2252 * ===
2253 */
2254
2255 /*
2256 * RSA padding modes are numeric with ctrls, strings with ctrl_strs,
2257 * and can be both with OSSL_PARAM. We standardise on strings here,
2258 * fix_rsa_padding_mode() does the work when the caller has a different
2259 * idea.
2260 */
2261 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2262 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2263 EVP_PKEY_CTRL_RSA_PADDING, "rsa_padding_mode", NULL,
2264 OSSL_PKEY_PARAM_PAD_MODE, OSSL_PARAM_UTF8_STRING, fix_rsa_padding_mode },
2265 { OSSL_ACTION_GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2266 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2267 EVP_PKEY_CTRL_GET_RSA_PADDING, NULL, NULL,
2268 OSSL_PKEY_PARAM_PAD_MODE, OSSL_PARAM_UTF8_STRING, fix_rsa_padding_mode },
2269
2270 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2271 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2272 EVP_PKEY_CTRL_RSA_MGF1_MD, "rsa_mgf1_md", NULL,
2273 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2274 { OSSL_ACTION_GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS,
2275 EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
2276 EVP_PKEY_CTRL_GET_RSA_MGF1_MD, NULL, NULL,
2277 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2278
2279 /*
2280 * RSA-PSS saltlen is essentially numeric, but certain values can be
2281 * expressed as keywords (strings) with ctrl_str. The corresponding
2282 * OSSL_PARAM allows both forms.
2283 * fix_rsa_pss_saltlen() takes care of the distinction.
2284 */
2285 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_TYPE_SIG,
2286 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, "rsa_pss_saltlen", NULL,
2287 OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, OSSL_PARAM_UTF8_STRING,
2288 fix_rsa_pss_saltlen },
2289 { OSSL_ACTION_GET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_TYPE_SIG,
2290 EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, NULL, NULL,
2291 OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, OSSL_PARAM_UTF8_STRING,
2292 fix_rsa_pss_saltlen },
2293
2294 { OSSL_ACTION_SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2295 EVP_PKEY_CTRL_RSA_OAEP_MD, "rsa_oaep_md", NULL,
2296 OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2297 { OSSL_ACTION_GET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2298 EVP_PKEY_CTRL_GET_RSA_OAEP_MD, NULL, NULL,
2299 OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2300 /*
2301 * The "rsa_oaep_label" ctrl_str expects the value to always be hex.
2302 * This is accommodated by default_fixup_args() above, which mimics that
2303 * expectation for any translation item where |ctrl_str| is NULL and
2304 * |ctrl_hexstr| is non-NULL.
2305 */
2306 { OSSL_ACTION_SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2307 EVP_PKEY_CTRL_RSA_OAEP_LABEL, NULL, "rsa_oaep_label",
2308 OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, OSSL_PARAM_OCTET_STRING, NULL },
2309 { OSSL_ACTION_GET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2310 EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, NULL, NULL,
2311 OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, OSSL_PARAM_OCTET_PTR, NULL },
2312
2313 { OSSL_ACTION_SET, EVP_PKEY_RSA, 0, EVP_PKEY_OP_TYPE_CRYPT,
2314 EVP_PKEY_CTRL_RSA_IMPLICIT_REJECTION, NULL,
2315 "rsa_pkcs1_implicit_rejection",
2316 OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION, OSSL_PARAM_UNSIGNED_INTEGER,
2317 NULL },
2318
2319 { OSSL_ACTION_SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN,
2320 EVP_PKEY_CTRL_MD, "rsa_pss_keygen_md", NULL,
2321 OSSL_ALG_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2322 { OSSL_ACTION_SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN,
2323 EVP_PKEY_CTRL_RSA_MGF1_MD, "rsa_pss_keygen_mgf1_md", NULL,
2324 OSSL_PKEY_PARAM_MGF1_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2325 { OSSL_ACTION_SET, EVP_PKEY_RSA_PSS, 0, EVP_PKEY_OP_TYPE_GEN,
2326 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, "rsa_pss_keygen_saltlen", NULL,
2327 OSSL_SIGNATURE_PARAM_PSS_SALTLEN, OSSL_PARAM_INTEGER, NULL },
2328 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN,
2329 EVP_PKEY_CTRL_RSA_KEYGEN_BITS, "rsa_keygen_bits", NULL,
2330 OSSL_PKEY_PARAM_RSA_BITS, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2331 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN,
2332 EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, "rsa_keygen_pubexp", NULL,
2333 OSSL_PKEY_PARAM_RSA_E, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2334 { OSSL_ACTION_SET, EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN,
2335 EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES, "rsa_keygen_primes", NULL,
2336 OSSL_PKEY_PARAM_RSA_PRIMES, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2337
2338 /*-
2339 * SipHash
2340 * ======
2341 */
2342 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2343 EVP_PKEY_CTRL_SET_DIGEST_SIZE, "digestsize", NULL,
2344 OSSL_MAC_PARAM_SIZE, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2345
2346 /*-
2347 * TLS1-PRF
2348 * ========
2349 */
2350 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2351 EVP_PKEY_CTRL_TLS_MD, "md", NULL,
2352 OSSL_KDF_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2353 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2354 EVP_PKEY_CTRL_TLS_SECRET, "secret", "hexsecret",
2355 OSSL_KDF_PARAM_SECRET, OSSL_PARAM_OCTET_STRING, NULL },
2356 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2357 EVP_PKEY_CTRL_TLS_SEED, "seed", "hexseed",
2358 OSSL_KDF_PARAM_SEED, OSSL_PARAM_OCTET_STRING, NULL },
2359
2360 /*-
2361 * HKDF
2362 * ====
2363 */
2364 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2365 EVP_PKEY_CTRL_HKDF_MD, "md", NULL,
2366 OSSL_KDF_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2367 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2368 EVP_PKEY_CTRL_HKDF_SALT, "salt", "hexsalt",
2369 OSSL_KDF_PARAM_SALT, OSSL_PARAM_OCTET_STRING, NULL },
2370 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2371 EVP_PKEY_CTRL_HKDF_KEY, "key", "hexkey",
2372 OSSL_KDF_PARAM_KEY, OSSL_PARAM_OCTET_STRING, NULL },
2373 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2374 EVP_PKEY_CTRL_HKDF_INFO, "info", "hexinfo",
2375 OSSL_KDF_PARAM_INFO, OSSL_PARAM_OCTET_STRING, NULL },
2376 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2377 EVP_PKEY_CTRL_HKDF_MODE, "mode", NULL,
2378 OSSL_KDF_PARAM_MODE, OSSL_PARAM_INTEGER, fix_hkdf_mode },
2379
2380 /*-
2381 * Scrypt
2382 * ======
2383 */
2384 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2385 EVP_PKEY_CTRL_PASS, "pass", "hexpass",
2386 OSSL_KDF_PARAM_PASSWORD, OSSL_PARAM_OCTET_STRING, NULL },
2387 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2388 EVP_PKEY_CTRL_SCRYPT_SALT, "salt", "hexsalt",
2389 OSSL_KDF_PARAM_SALT, OSSL_PARAM_OCTET_STRING, NULL },
2390 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2391 EVP_PKEY_CTRL_SCRYPT_N, "N", NULL,
2392 OSSL_KDF_PARAM_SCRYPT_N, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2393 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2394 EVP_PKEY_CTRL_SCRYPT_R, "r", NULL,
2395 OSSL_KDF_PARAM_SCRYPT_R, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2396 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2397 EVP_PKEY_CTRL_SCRYPT_P, "p", NULL,
2398 OSSL_KDF_PARAM_SCRYPT_P, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2399 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_DERIVE,
2400 EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, "maxmem_bytes", NULL,
2401 OSSL_KDF_PARAM_SCRYPT_MAXMEM, OSSL_PARAM_UNSIGNED_INTEGER, NULL },
2402
2403 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_KEYGEN | EVP_PKEY_OP_TYPE_CRYPT,
2404 EVP_PKEY_CTRL_CIPHER, NULL, NULL,
2405 OSSL_PKEY_PARAM_CIPHER, OSSL_PARAM_UTF8_STRING, fix_cipher },
2406 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_KEYGEN,
2407 EVP_PKEY_CTRL_SET_MAC_KEY, "key", "hexkey",
2408 OSSL_PKEY_PARAM_PRIV_KEY, OSSL_PARAM_OCTET_STRING, NULL },
2409
2410 { OSSL_ACTION_SET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2411 EVP_PKEY_CTRL_MD, NULL, NULL,
2412 OSSL_SIGNATURE_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2413 { OSSL_ACTION_GET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2414 EVP_PKEY_CTRL_GET_MD, NULL, NULL,
2415 OSSL_SIGNATURE_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
2416
2417 /*-
2418 * ECX
2419 * ===
2420 */
2421 { OSSL_ACTION_SET, EVP_PKEY_X25519, EVP_PKEY_X25519, EVP_PKEY_OP_KEYGEN, -1, NULL, NULL,
2422 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2423 { OSSL_ACTION_SET, EVP_PKEY_X25519, EVP_PKEY_X25519, EVP_PKEY_OP_PARAMGEN, -1, NULL, NULL,
2424 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2425 { OSSL_ACTION_SET, EVP_PKEY_X448, EVP_PKEY_X448, EVP_PKEY_OP_KEYGEN, -1, NULL, NULL,
2426 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2427 { OSSL_ACTION_SET, EVP_PKEY_X448, EVP_PKEY_X448, EVP_PKEY_OP_PARAMGEN, -1, NULL, NULL,
2428 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2429 };
2430
2431 static const struct translation_st evp_pkey_translations[] = {
2432 /*
2433 * The following contain no ctrls, they are exclusively here to extract
2434 * key payloads from legacy keys, using OSSL_PARAMs, and rely entirely
2435 * on |fixup_args| to pass the actual data. The |fixup_args| should
2436 * expect to get the EVP_PKEY pointer through |ctx->p2|.
2437 */
2438
2439 /* DH, DSA & EC */
2440 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2441 OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING,
2442 get_payload_group_name },
2443 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2444 OSSL_PKEY_PARAM_PRIV_KEY, OSSL_PARAM_UNSIGNED_INTEGER,
2445 get_payload_private_key },
2446 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2447 OSSL_PKEY_PARAM_PUB_KEY,
2448 0 /* no data type, let get_payload_public_key() handle that */,
2449 get_payload_public_key },
2450 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2451 OSSL_PKEY_PARAM_EC_PUB_X, OSSL_PARAM_UNSIGNED_INTEGER,
2452 get_payload_public_key_ec },
2453 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2454 OSSL_PKEY_PARAM_EC_PUB_Y, OSSL_PARAM_UNSIGNED_INTEGER,
2455 get_payload_public_key_ec },
2456
2457 /* DH and DSA */
2458 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2459 OSSL_PKEY_PARAM_FFC_P, OSSL_PARAM_UNSIGNED_INTEGER,
2460 get_dh_dsa_payload_p },
2461 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2462 OSSL_PKEY_PARAM_FFC_G, OSSL_PARAM_UNSIGNED_INTEGER,
2463 get_dh_dsa_payload_g },
2464 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2465 OSSL_PKEY_PARAM_FFC_Q, OSSL_PARAM_UNSIGNED_INTEGER,
2466 get_dh_dsa_payload_q },
2467
2468 /* RSA */
2469 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2470 OSSL_PKEY_PARAM_RSA_N, OSSL_PARAM_UNSIGNED_INTEGER,
2471 get_rsa_payload_n },
2472 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2473 OSSL_PKEY_PARAM_RSA_E, OSSL_PARAM_UNSIGNED_INTEGER,
2474 get_rsa_payload_e },
2475 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2476 OSSL_PKEY_PARAM_RSA_D, OSSL_PARAM_UNSIGNED_INTEGER,
2477 get_rsa_payload_d },
2478 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2479 OSSL_PKEY_PARAM_RSA_FACTOR1, OSSL_PARAM_UNSIGNED_INTEGER,
2480 get_rsa_payload_f1 },
2481 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2482 OSSL_PKEY_PARAM_RSA_FACTOR2, OSSL_PARAM_UNSIGNED_INTEGER,
2483 get_rsa_payload_f2 },
2484 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2485 OSSL_PKEY_PARAM_RSA_FACTOR3, OSSL_PARAM_UNSIGNED_INTEGER,
2486 get_rsa_payload_f3 },
2487 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2488 OSSL_PKEY_PARAM_RSA_FACTOR4, OSSL_PARAM_UNSIGNED_INTEGER,
2489 get_rsa_payload_f4 },
2490 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2491 OSSL_PKEY_PARAM_RSA_FACTOR5, OSSL_PARAM_UNSIGNED_INTEGER,
2492 get_rsa_payload_f5 },
2493 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2494 OSSL_PKEY_PARAM_RSA_FACTOR6, OSSL_PARAM_UNSIGNED_INTEGER,
2495 get_rsa_payload_f6 },
2496 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2497 OSSL_PKEY_PARAM_RSA_FACTOR7, OSSL_PARAM_UNSIGNED_INTEGER,
2498 get_rsa_payload_f7 },
2499 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2500 OSSL_PKEY_PARAM_RSA_FACTOR8, OSSL_PARAM_UNSIGNED_INTEGER,
2501 get_rsa_payload_f8 },
2502 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2503 OSSL_PKEY_PARAM_RSA_FACTOR9, OSSL_PARAM_UNSIGNED_INTEGER,
2504 get_rsa_payload_f9 },
2505 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2506 OSSL_PKEY_PARAM_RSA_FACTOR10, OSSL_PARAM_UNSIGNED_INTEGER,
2507 get_rsa_payload_f10 },
2508 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2509 OSSL_PKEY_PARAM_RSA_EXPONENT1, OSSL_PARAM_UNSIGNED_INTEGER,
2510 get_rsa_payload_e1 },
2511 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2512 OSSL_PKEY_PARAM_RSA_EXPONENT2, OSSL_PARAM_UNSIGNED_INTEGER,
2513 get_rsa_payload_e2 },
2514 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2515 OSSL_PKEY_PARAM_RSA_EXPONENT3, OSSL_PARAM_UNSIGNED_INTEGER,
2516 get_rsa_payload_e3 },
2517 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2518 OSSL_PKEY_PARAM_RSA_EXPONENT4, OSSL_PARAM_UNSIGNED_INTEGER,
2519 get_rsa_payload_e4 },
2520 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2521 OSSL_PKEY_PARAM_RSA_EXPONENT5, OSSL_PARAM_UNSIGNED_INTEGER,
2522 get_rsa_payload_e5 },
2523 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2524 OSSL_PKEY_PARAM_RSA_EXPONENT6, OSSL_PARAM_UNSIGNED_INTEGER,
2525 get_rsa_payload_e6 },
2526 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2527 OSSL_PKEY_PARAM_RSA_EXPONENT7, OSSL_PARAM_UNSIGNED_INTEGER,
2528 get_rsa_payload_e7 },
2529 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2530 OSSL_PKEY_PARAM_RSA_EXPONENT8, OSSL_PARAM_UNSIGNED_INTEGER,
2531 get_rsa_payload_e8 },
2532 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2533 OSSL_PKEY_PARAM_RSA_EXPONENT9, OSSL_PARAM_UNSIGNED_INTEGER,
2534 get_rsa_payload_e9 },
2535 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2536 OSSL_PKEY_PARAM_RSA_EXPONENT10, OSSL_PARAM_UNSIGNED_INTEGER,
2537 get_rsa_payload_e10 },
2538 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2539 OSSL_PKEY_PARAM_RSA_COEFFICIENT1, OSSL_PARAM_UNSIGNED_INTEGER,
2540 get_rsa_payload_c1 },
2541 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2542 OSSL_PKEY_PARAM_RSA_COEFFICIENT2, OSSL_PARAM_UNSIGNED_INTEGER,
2543 get_rsa_payload_c2 },
2544 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2545 OSSL_PKEY_PARAM_RSA_COEFFICIENT3, OSSL_PARAM_UNSIGNED_INTEGER,
2546 get_rsa_payload_c3 },
2547 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2548 OSSL_PKEY_PARAM_RSA_COEFFICIENT4, OSSL_PARAM_UNSIGNED_INTEGER,
2549 get_rsa_payload_c4 },
2550 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2551 OSSL_PKEY_PARAM_RSA_COEFFICIENT5, OSSL_PARAM_UNSIGNED_INTEGER,
2552 get_rsa_payload_c5 },
2553 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2554 OSSL_PKEY_PARAM_RSA_COEFFICIENT6, OSSL_PARAM_UNSIGNED_INTEGER,
2555 get_rsa_payload_c6 },
2556 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2557 OSSL_PKEY_PARAM_RSA_COEFFICIENT7, OSSL_PARAM_UNSIGNED_INTEGER,
2558 get_rsa_payload_c7 },
2559 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2560 OSSL_PKEY_PARAM_RSA_COEFFICIENT8, OSSL_PARAM_UNSIGNED_INTEGER,
2561 get_rsa_payload_c8 },
2562 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2563 OSSL_PKEY_PARAM_RSA_COEFFICIENT9, OSSL_PARAM_UNSIGNED_INTEGER,
2564 get_rsa_payload_c9 },
2565
2566 /* EC */
2567 { OSSL_ACTION_GET, -1, -1, -1, 0, NULL, NULL,
2568 OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS, OSSL_PARAM_INTEGER,
2569 get_ec_decoded_from_explicit_params },
2570 };
2571
2572 static const struct translation_st *
lookup_translation(struct translation_st * tmpl,const struct translation_st * translations,size_t translations_num)2573 lookup_translation(struct translation_st *tmpl,
2574 const struct translation_st *translations,
2575 size_t translations_num)
2576 {
2577 size_t i;
2578
2579 for (i = 0; i < translations_num; i++) {
2580 const struct translation_st *item = &translations[i];
2581
2582 /*
2583 * Sanity check the translation table item.
2584 *
2585 * 1. Either both keytypes are -1, or neither of them are.
2586 * 2. TBA...
2587 */
2588 if (!ossl_assert((item->keytype1 == -1) == (item->keytype2 == -1)))
2589 continue;
2590
2591 /*
2592 * Base search criteria: check that the optype and keytypes match,
2593 * if relevant. All callers must synthesise these bits somehow.
2594 */
2595 if (item->optype != -1 && (tmpl->optype & item->optype) == 0)
2596 continue;
2597 /*
2598 * This expression is stunningly simple thanks to the sanity check
2599 * above.
2600 */
2601 if (item->keytype1 != -1
2602 && tmpl->keytype1 != item->keytype1
2603 && tmpl->keytype2 != item->keytype2)
2604 continue;
2605
2606 /*
2607 * Done with the base search criteria, now we check the criteria for
2608 * the individual types of translations:
2609 * ctrl->params, ctrl_str->params, and params->ctrl
2610 */
2611 if (tmpl->ctrl_num != 0) {
2612 if (tmpl->ctrl_num != item->ctrl_num)
2613 continue;
2614 } else if (tmpl->ctrl_str != NULL) {
2615 const char *ctrl_str = NULL;
2616 const char *ctrl_hexstr = NULL;
2617
2618 /*
2619 * Search criteria that originates from a ctrl_str is only used
2620 * for setting, never for getting. Therefore, we only look at
2621 * the setter items.
2622 */
2623 if (item->action_type != OSSL_ACTION_NONE
2624 && item->action_type != OSSL_ACTION_SET)
2625 continue;
2626 /*
2627 * At least one of the ctrl cmd names must be match the ctrl
2628 * cmd name in the template.
2629 */
2630 if (item->ctrl_str != NULL
2631 && OPENSSL_strcasecmp(tmpl->ctrl_str, item->ctrl_str) == 0)
2632 ctrl_str = tmpl->ctrl_str;
2633 else if (item->ctrl_hexstr != NULL
2634 && OPENSSL_strcasecmp(tmpl->ctrl_hexstr,
2635 item->ctrl_hexstr)
2636 == 0)
2637 ctrl_hexstr = tmpl->ctrl_hexstr;
2638 else
2639 continue;
2640
2641 /* Modify the template to signal which string matched */
2642 tmpl->ctrl_str = ctrl_str;
2643 tmpl->ctrl_hexstr = ctrl_hexstr;
2644 } else if (tmpl->param_key != NULL) {
2645 /*
2646 * Search criteria that originates from an OSSL_PARAM setter or
2647 * getter.
2648 *
2649 * Ctrls were fundamentally bidirectional, with only the ctrl
2650 * command macro name implying direction (if you're lucky).
2651 * A few ctrl commands were even taking advantage of the
2652 * bidirectional nature, making the direction depend in the
2653 * value of the numeric argument.
2654 *
2655 * OSSL_PARAM functions are fundamentally different, in that
2656 * setters and getters are separated, so the data direction is
2657 * implied by the function that's used. The same OSSL_PARAM
2658 * key name can therefore be used in both directions. We must
2659 * therefore take the action type into account in this case.
2660 */
2661 if ((item->action_type != OSSL_ACTION_NONE
2662 && tmpl->action_type != item->action_type)
2663 || (item->param_key != NULL
2664 && OPENSSL_strcasecmp(tmpl->param_key,
2665 item->param_key)
2666 != 0))
2667 continue;
2668 } else {
2669 return NULL;
2670 }
2671
2672 return item;
2673 }
2674
2675 return NULL;
2676 }
2677
2678 static const struct translation_st *
lookup_evp_pkey_ctx_translation(struct translation_st * tmpl)2679 lookup_evp_pkey_ctx_translation(struct translation_st *tmpl)
2680 {
2681 return lookup_translation(tmpl, evp_pkey_ctx_translations,
2682 OSSL_NELEM(evp_pkey_ctx_translations));
2683 }
2684
2685 static const struct translation_st *
lookup_evp_pkey_translation(struct translation_st * tmpl)2686 lookup_evp_pkey_translation(struct translation_st *tmpl)
2687 {
2688 return lookup_translation(tmpl, evp_pkey_translations,
2689 OSSL_NELEM(evp_pkey_translations));
2690 }
2691
2692 /* This must ONLY be called for provider side operations */
evp_pkey_ctx_ctrl_to_param(EVP_PKEY_CTX * pctx,int keytype,int optype,int cmd,int p1,void * p2)2693 int evp_pkey_ctx_ctrl_to_param(EVP_PKEY_CTX *pctx,
2694 int keytype, int optype,
2695 int cmd, int p1, void *p2)
2696 {
2697 struct translation_ctx_st ctx = {
2698 0,
2699 };
2700 struct translation_st tmpl = {
2701 0,
2702 };
2703 const struct translation_st *translation = NULL;
2704 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
2705 int ret;
2706 fixup_args_fn *fixup = default_fixup_args;
2707
2708 if (keytype == -1)
2709 keytype = pctx->legacy_keytype;
2710 tmpl.ctrl_num = cmd;
2711 tmpl.keytype1 = tmpl.keytype2 = keytype;
2712 tmpl.optype = optype;
2713 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2714
2715 if (translation == NULL) {
2716 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
2717 return -2;
2718 }
2719
2720 if (pctx->pmeth != NULL
2721 && pctx->pmeth->pkey_id != translation->keytype1
2722 && pctx->pmeth->pkey_id != translation->keytype2)
2723 return -1;
2724
2725 if (translation->fixup_args != NULL)
2726 fixup = translation->fixup_args;
2727 ctx.action_type = translation->action_type;
2728 ctx.ctrl_cmd = cmd;
2729 ctx.p1 = p1;
2730 ctx.p2 = p2;
2731 ctx.pctx = pctx;
2732 ctx.params = params;
2733
2734 ret = fixup(PRE_CTRL_TO_PARAMS, translation, &ctx);
2735
2736 if (ret > 0) {
2737 switch (ctx.action_type) {
2738 default:
2739 /* fixup_args is expected to make sure this is dead code */
2740 break;
2741 case OSSL_ACTION_GET:
2742 ret = evp_pkey_ctx_get_params_strict(pctx, ctx.params);
2743 break;
2744 case OSSL_ACTION_SET:
2745 ret = evp_pkey_ctx_set_params_strict(pctx, ctx.params);
2746 break;
2747 }
2748 }
2749
2750 /*
2751 * In POST, we pass the return value as p1, allowing the fixup_args
2752 * function to affect it by changing its value.
2753 */
2754 if (ret > 0) {
2755 ctx.p1 = ret;
2756 fixup(POST_CTRL_TO_PARAMS, translation, &ctx);
2757 ret = ctx.p1;
2758 }
2759
2760 cleanup_translation_ctx(POST_CTRL_TO_PARAMS, translation, &ctx);
2761
2762 return ret;
2763 }
2764
2765 /* This must ONLY be called for provider side operations */
evp_pkey_ctx_ctrl_str_to_param(EVP_PKEY_CTX * pctx,const char * name,const char * value)2766 int evp_pkey_ctx_ctrl_str_to_param(EVP_PKEY_CTX *pctx,
2767 const char *name, const char *value)
2768 {
2769 struct translation_ctx_st ctx = {
2770 0,
2771 };
2772 struct translation_st tmpl = {
2773 0,
2774 };
2775 const struct translation_st *translation = NULL;
2776 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
2777 int keytype = pctx->legacy_keytype;
2778 int optype = pctx->operation == 0 ? -1 : pctx->operation;
2779 int ret;
2780 fixup_args_fn *fixup = default_fixup_args;
2781
2782 tmpl.action_type = OSSL_ACTION_SET;
2783 tmpl.keytype1 = tmpl.keytype2 = keytype;
2784 tmpl.optype = optype;
2785 tmpl.ctrl_str = name;
2786 tmpl.ctrl_hexstr = name;
2787 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2788
2789 if (translation != NULL) {
2790 if (translation->fixup_args != NULL)
2791 fixup = translation->fixup_args;
2792 ctx.action_type = translation->action_type;
2793 ctx.ishex = (tmpl.ctrl_hexstr != NULL);
2794 } else {
2795 /* String controls really only support setting */
2796 ctx.action_type = OSSL_ACTION_SET;
2797 }
2798 ctx.ctrl_str = name;
2799 ctx.p1 = (int)strlen(value);
2800 ctx.p2 = (char *)value;
2801 ctx.pctx = pctx;
2802 ctx.params = params;
2803
2804 ret = fixup(PRE_CTRL_STR_TO_PARAMS, translation, &ctx);
2805
2806 if (ret > 0) {
2807 switch (ctx.action_type) {
2808 default:
2809 /* fixup_args is expected to make sure this is dead code */
2810 break;
2811 case OSSL_ACTION_GET:
2812 /*
2813 * this is dead code, but must be present, or some compilers
2814 * will complain
2815 */
2816 break;
2817 case OSSL_ACTION_SET:
2818 ret = evp_pkey_ctx_set_params_strict(pctx, ctx.params);
2819 break;
2820 }
2821 }
2822
2823 if (ret > 0)
2824 ret = fixup(POST_CTRL_STR_TO_PARAMS, translation, &ctx);
2825
2826 cleanup_translation_ctx(CLEANUP_CTRL_STR_TO_PARAMS, translation, &ctx);
2827
2828 return ret;
2829 }
2830
2831 /* This must ONLY be called for legacy operations */
evp_pkey_ctx_setget_params_to_ctrl(EVP_PKEY_CTX * pctx,enum action action_type,OSSL_PARAM * params)2832 static int evp_pkey_ctx_setget_params_to_ctrl(EVP_PKEY_CTX *pctx,
2833 enum action action_type,
2834 OSSL_PARAM *params)
2835 {
2836 int keytype = pctx->legacy_keytype;
2837 int optype = pctx->operation == 0 ? -1 : pctx->operation;
2838
2839 for (; params != NULL && params->key != NULL; params++) {
2840 struct translation_ctx_st ctx = {
2841 0,
2842 };
2843 struct translation_st tmpl = {
2844 0,
2845 };
2846 const struct translation_st *translation = NULL;
2847 fixup_args_fn *fixup = default_fixup_args;
2848 int ret;
2849
2850 ctx.action_type = tmpl.action_type = action_type;
2851 tmpl.keytype1 = tmpl.keytype2 = keytype;
2852 tmpl.optype = optype;
2853 tmpl.param_key = params->key;
2854 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2855
2856 if (translation != NULL) {
2857 if (translation->fixup_args != NULL)
2858 fixup = translation->fixup_args;
2859 ctx.ctrl_cmd = translation->ctrl_num;
2860 }
2861 ctx.pctx = pctx;
2862 ctx.params = params;
2863
2864 ret = fixup(PRE_PARAMS_TO_CTRL, translation, &ctx);
2865
2866 if (ret > 0 && ctx.action_type != OSSL_ACTION_NONE)
2867 ret = EVP_PKEY_CTX_ctrl(pctx, keytype, optype,
2868 ctx.ctrl_cmd, ctx.p1, ctx.p2);
2869
2870 /*
2871 * In POST, we pass the return value as p1, allowing the fixup_args
2872 * function to put it to good use, or maybe affect it.
2873 *
2874 * NOTE: even though EVP_PKEY_CTX_ctrl return value is documented
2875 * as return positive on Success and 0 or negative on failure. There
2876 * maybe parameters (e.g. ecdh_cofactor), which actually return 0
2877 * as success value. That is why we do POST_PARAMS_TO_CTRL for 0
2878 * value as well
2879 */
2880 if (ret >= 0) {
2881 ctx.p1 = ret;
2882 fixup(POST_PARAMS_TO_CTRL, translation, &ctx);
2883 ret = ctx.p1;
2884 }
2885
2886 cleanup_translation_ctx(CLEANUP_PARAMS_TO_CTRL, translation, &ctx);
2887
2888 if (ret <= 0)
2889 return 0;
2890 }
2891 return 1;
2892 }
2893
evp_pkey_ctx_set_params_to_ctrl(EVP_PKEY_CTX * ctx,const OSSL_PARAM * params)2894 int evp_pkey_ctx_set_params_to_ctrl(EVP_PKEY_CTX *ctx, const OSSL_PARAM *params)
2895 {
2896 if (ctx->keymgmt != NULL)
2897 return 0;
2898 return evp_pkey_ctx_setget_params_to_ctrl(ctx, OSSL_ACTION_SET, (OSSL_PARAM *)params);
2899 }
2900
evp_pkey_ctx_get_params_to_ctrl(EVP_PKEY_CTX * ctx,OSSL_PARAM * params)2901 int evp_pkey_ctx_get_params_to_ctrl(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
2902 {
2903 if (ctx->keymgmt != NULL)
2904 return 0;
2905 return evp_pkey_ctx_setget_params_to_ctrl(ctx, OSSL_ACTION_GET, params);
2906 }
2907
2908 /* This must ONLY be called for legacy EVP_PKEYs */
evp_pkey_setget_params_to_ctrl(const EVP_PKEY * pkey,enum action action_type,OSSL_PARAM * params)2909 static int evp_pkey_setget_params_to_ctrl(const EVP_PKEY *pkey,
2910 enum action action_type,
2911 OSSL_PARAM *params)
2912 {
2913 int ret = 1;
2914
2915 for (; params != NULL && params->key != NULL; params++) {
2916 struct translation_ctx_st ctx = {
2917 0,
2918 };
2919 struct translation_st tmpl = {
2920 0,
2921 };
2922 const struct translation_st *translation = NULL;
2923 fixup_args_fn *fixup = default_fixup_args;
2924
2925 tmpl.action_type = action_type;
2926 tmpl.param_key = params->key;
2927 translation = lookup_evp_pkey_translation(&tmpl);
2928
2929 if (translation != NULL) {
2930 if (translation->fixup_args != NULL)
2931 fixup = translation->fixup_args;
2932 ctx.action_type = translation->action_type;
2933 }
2934 ctx.p2 = (void *)pkey;
2935 ctx.params = params;
2936
2937 /*
2938 * EVP_PKEY doesn't have any ctrl function, so we rely completely
2939 * on fixup_args to do the whole work. Also, we currently only
2940 * support getting.
2941 */
2942 if (!ossl_assert(translation != NULL)
2943 || !ossl_assert(translation->action_type == OSSL_ACTION_GET)
2944 || !ossl_assert(translation->fixup_args != NULL)) {
2945 return -2;
2946 }
2947
2948 ret = fixup(PKEY, translation, &ctx);
2949
2950 cleanup_translation_ctx(PKEY, translation, &ctx);
2951 }
2952 return ret;
2953 }
2954
evp_pkey_get_params_to_ctrl(const EVP_PKEY * pkey,OSSL_PARAM * params)2955 int evp_pkey_get_params_to_ctrl(const EVP_PKEY *pkey, OSSL_PARAM *params)
2956 {
2957 return evp_pkey_setget_params_to_ctrl(pkey, OSSL_ACTION_GET, params);
2958 }
2959