1/* 2 * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10#ifndef ENCODER_PROVIDER 11# error Macro ENCODER_PROVIDER undefined 12#endif 13 14#define ENCODER_STRUCTURE_type_specific_keypair "type-specific" 15#define ENCODER_STRUCTURE_type_specific_params "type-specific" 16#define ENCODER_STRUCTURE_type_specific "type-specific" 17#define ENCODER_STRUCTURE_type_specific_no_pub "type-specific" 18#define ENCODER_STRUCTURE_EncryptedPrivateKeyInfo "EncryptedPrivateKeyInfo" 19#define ENCODER_STRUCTURE_PrivateKeyInfo "PrivateKeyInfo" 20#define ENCODER_STRUCTURE_SubjectPublicKeyInfo "SubjectPublicKeyInfo" 21#define ENCODER_STRUCTURE_DH "dh" 22#define ENCODER_STRUCTURE_DHX "dhx" 23#define ENCODER_STRUCTURE_DSA "dsa" 24#define ENCODER_STRUCTURE_EC "ec" 25#define ENCODER_STRUCTURE_RSA "rsa" 26#define ENCODER_STRUCTURE_PKCS1 "pkcs1" 27#define ENCODER_STRUCTURE_PKCS3 "pkcs3" 28#define ENCODER_STRUCTURE_X9_42 "X9.42" 29#define ENCODER_STRUCTURE_X9_62 "X9.62" 30 31/* Arguments are prefixed with '_' to avoid build breaks on certain platforms */ 32#define ENCODER_TEXT(_name, _sym, _fips) \ 33 { _name, \ 34 "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=text", \ 35 (ossl_##_sym##_to_text_encoder_functions) } 36#define ENCODER(_name, _sym, _fips, _output) \ 37 { _name, \ 38 "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=" #_output, \ 39 (ossl_##_sym##_to_##_output##_encoder_functions) } 40#define ENCODER_w_structure(_name, _sym, _fips, _output, _structure) \ 41 { _name, \ 42 "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=" #_output \ 43 ",structure=" ENCODER_STRUCTURE_##_structure, \ 44 (ossl_##_sym##_to_##_structure##_##_output##_encoder_functions) } 45 46/* 47 * Entries for human text "encoders" 48 */ 49ENCODER_TEXT("RSA", rsa, yes), 50ENCODER_TEXT("RSA-PSS", rsapss, yes), 51#ifndef OPENSSL_NO_DH 52ENCODER_TEXT("DH", dh, yes), 53ENCODER_TEXT("DHX", dhx, yes), 54#endif 55#ifndef OPENSSL_NO_DSA 56ENCODER_TEXT("DSA", dsa, yes), 57#endif 58#ifndef OPENSSL_NO_EC 59ENCODER_TEXT("EC", ec, yes), 60ENCODER_TEXT("ED25519", ed25519, yes), 61ENCODER_TEXT("ED448", ed448, yes), 62ENCODER_TEXT("X25519", x25519, yes), 63ENCODER_TEXT("X448", x448, yes), 64# ifndef OPENSSL_NO_SM2 65ENCODER_TEXT("SM2", sm2, no), 66# endif 67#endif 68 69/* 70 * Entries for key type specific output formats. The structure name on these 71 * is the same as the key type name. This allows us to say something like: 72 * 73 * To replace i2d_{TYPE}PrivateKey(), i2d_{TYPE}PublicKey() and 74 * i2d_{TYPE}Params(), use OSSL_ENCODER functions with an OSSL_ENCODER_CTX 75 * created like this: 76 * 77 * OSSL_ENCODER_CTX *ctx = 78 * OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "DER", "type-specific", 79 * NULL, NULL); 80 * 81 * To replace PEM_write_bio_{TYPE}PrivateKey(), PEM_write_bio_{TYPE}PublicKey() 82 * and PEM_write_bio_{TYPE}Params(), use OSSL_ENCODER functions with an 83 * OSSL_ENCODER_CTX created like this: 84 * 85 * OSSL_ENCODER_CTX *ctx = 86 * OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "PEM", "type-specific", 87 * NULL, NULL); 88 * 89 * We only implement those for which there are current i2d_ and PEM_write_bio 90 * implementations. 91 */ 92 93/* The RSA encoders only support private key and public key output */ 94ENCODER_w_structure("RSA", rsa, yes, der, type_specific_keypair), 95ENCODER_w_structure("RSA", rsa, yes, pem, type_specific_keypair), 96#ifndef OPENSSL_NO_DH 97/* DH and X9.42 DH only support key parameters output. */ 98ENCODER_w_structure("DH", dh, yes, der, type_specific_params), 99ENCODER_w_structure("DH", dh, yes, pem, type_specific_params), 100ENCODER_w_structure("DHX", dhx, yes, der, type_specific_params), 101ENCODER_w_structure("DHX", dhx, yes, pem, type_specific_params), 102#endif 103#ifndef OPENSSL_NO_DSA 104ENCODER_w_structure("DSA", dsa, yes, der, type_specific), 105ENCODER_w_structure("DSA", dsa, yes, pem, type_specific), 106#endif 107#ifndef OPENSSL_NO_EC 108/* EC only supports keypair and parameters DER and PEM output. */ 109ENCODER_w_structure("EC", ec, yes, der, type_specific_no_pub), 110ENCODER_w_structure("EC", ec, yes, pem, type_specific_no_pub), 111/* EC supports blob output for the public key */ 112ENCODER("EC", ec, yes, blob), 113# ifndef OPENSSL_NO_SM2 114ENCODER_w_structure("SM2", sm2, no, der, type_specific_no_pub), 115ENCODER_w_structure("SM2", sm2, no, pem, type_specific_no_pub), 116ENCODER("SM2", sm2, no, blob), 117# endif 118#endif 119 120/* 121 * Entries for the output formats MSBLOB and PVK 122 */ 123ENCODER("RSA", rsa, yes, msblob), 124ENCODER("RSA", rsa, yes, pvk), 125#ifndef OPENSSL_NO_DSA 126ENCODER("DSA", dsa, yes, msblob), 127ENCODER("DSA", dsa, yes, pvk), 128#endif 129 130/* 131 * Entries for encrypted PKCS#8 (EncryptedPrivateKeyInfo), unencrypted PKCS#8 132 * (PrivateKeyInfo) and SubjectPublicKeyInfo. The "der" ones are added 133 * convenience for any user that wants to use OSSL_ENCODER directly. 134 * The "pem" ones also support PEM_write_bio_PrivateKey() and 135 * PEM_write_bio_PUBKEY(). 136 */ 137ENCODER_w_structure("RSA", rsa, yes, der, EncryptedPrivateKeyInfo), 138ENCODER_w_structure("RSA", rsa, yes, pem, EncryptedPrivateKeyInfo), 139ENCODER_w_structure("RSA", rsa, yes, der, PrivateKeyInfo), 140ENCODER_w_structure("RSA", rsa, yes, pem, PrivateKeyInfo), 141ENCODER_w_structure("RSA", rsa, yes, der, SubjectPublicKeyInfo), 142ENCODER_w_structure("RSA", rsa, yes, pem, SubjectPublicKeyInfo), 143 144ENCODER_w_structure("RSA-PSS", rsapss, yes, der, EncryptedPrivateKeyInfo), 145ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, EncryptedPrivateKeyInfo), 146ENCODER_w_structure("RSA-PSS", rsapss, yes, der, PrivateKeyInfo), 147ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, PrivateKeyInfo), 148ENCODER_w_structure("RSA-PSS", rsapss, yes, der, SubjectPublicKeyInfo), 149ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, SubjectPublicKeyInfo), 150 151#ifndef OPENSSL_NO_DH 152ENCODER_w_structure("DH", dh, yes, der, EncryptedPrivateKeyInfo), 153ENCODER_w_structure("DH", dh, yes, pem, EncryptedPrivateKeyInfo), 154ENCODER_w_structure("DH", dh, yes, der, PrivateKeyInfo), 155ENCODER_w_structure("DH", dh, yes, pem, PrivateKeyInfo), 156ENCODER_w_structure("DH", dh, yes, der, SubjectPublicKeyInfo), 157ENCODER_w_structure("DH", dh, yes, pem, SubjectPublicKeyInfo), 158 159ENCODER_w_structure("DHX", dhx, yes, der, EncryptedPrivateKeyInfo), 160ENCODER_w_structure("DHX", dhx, yes, pem, EncryptedPrivateKeyInfo), 161ENCODER_w_structure("DHX", dhx, yes, der, PrivateKeyInfo), 162ENCODER_w_structure("DHX", dhx, yes, pem, PrivateKeyInfo), 163ENCODER_w_structure("DHX", dhx, yes, der, SubjectPublicKeyInfo), 164ENCODER_w_structure("DHX", dhx, yes, pem, SubjectPublicKeyInfo), 165#endif 166 167#ifndef OPENSSL_NO_DSA 168ENCODER_w_structure("DSA", dsa, yes, der, EncryptedPrivateKeyInfo), 169ENCODER_w_structure("DSA", dsa, yes, pem, EncryptedPrivateKeyInfo), 170ENCODER_w_structure("DSA", dsa, yes, der, PrivateKeyInfo), 171ENCODER_w_structure("DSA", dsa, yes, pem, PrivateKeyInfo), 172ENCODER_w_structure("DSA", dsa, yes, der, SubjectPublicKeyInfo), 173ENCODER_w_structure("DSA", dsa, yes, pem, SubjectPublicKeyInfo), 174#endif 175 176#ifndef OPENSSL_NO_EC 177ENCODER_w_structure("EC", ec, yes, der, EncryptedPrivateKeyInfo), 178ENCODER_w_structure("EC", ec, yes, pem, EncryptedPrivateKeyInfo), 179ENCODER_w_structure("EC", ec, yes, der, PrivateKeyInfo), 180ENCODER_w_structure("EC", ec, yes, pem, PrivateKeyInfo), 181ENCODER_w_structure("EC", ec, yes, der, SubjectPublicKeyInfo), 182ENCODER_w_structure("EC", ec, yes, pem, SubjectPublicKeyInfo), 183 184ENCODER_w_structure("X25519", x25519, yes, der, EncryptedPrivateKeyInfo), 185ENCODER_w_structure("X25519", x25519, yes, pem, EncryptedPrivateKeyInfo), 186ENCODER_w_structure("X25519", x25519, yes, der, PrivateKeyInfo), 187ENCODER_w_structure("X25519", x25519, yes, pem, PrivateKeyInfo), 188ENCODER_w_structure("X25519", x25519, yes, der, SubjectPublicKeyInfo), 189ENCODER_w_structure("X25519", x25519, yes, pem, SubjectPublicKeyInfo), 190 191ENCODER_w_structure("X448", x448, yes, der, EncryptedPrivateKeyInfo), 192ENCODER_w_structure("X448", x448, yes, pem, EncryptedPrivateKeyInfo), 193ENCODER_w_structure("X448", x448, yes, der, PrivateKeyInfo), 194ENCODER_w_structure("X448", x448, yes, pem, PrivateKeyInfo), 195ENCODER_w_structure("X448", x448, yes, der, SubjectPublicKeyInfo), 196ENCODER_w_structure("X448", x448, yes, pem, SubjectPublicKeyInfo), 197 198ENCODER_w_structure("ED25519", ed25519, yes, der, EncryptedPrivateKeyInfo), 199ENCODER_w_structure("ED25519", ed25519, yes, pem, EncryptedPrivateKeyInfo), 200ENCODER_w_structure("ED25519", ed25519, yes, der, PrivateKeyInfo), 201ENCODER_w_structure("ED25519", ed25519, yes, pem, PrivateKeyInfo), 202ENCODER_w_structure("ED25519", ed25519, yes, der, SubjectPublicKeyInfo), 203ENCODER_w_structure("ED25519", ed25519, yes, pem, SubjectPublicKeyInfo), 204 205ENCODER_w_structure("ED448", ed448, yes, der, EncryptedPrivateKeyInfo), 206ENCODER_w_structure("ED448", ed448, yes, pem, EncryptedPrivateKeyInfo), 207ENCODER_w_structure("ED448", ed448, yes, der, PrivateKeyInfo), 208ENCODER_w_structure("ED448", ed448, yes, pem, PrivateKeyInfo), 209ENCODER_w_structure("ED448", ed448, yes, der, SubjectPublicKeyInfo), 210ENCODER_w_structure("ED448", ed448, yes, pem, SubjectPublicKeyInfo), 211 212# ifndef OPENSSL_NO_SM2 213ENCODER_w_structure("SM2", sm2, no, der, EncryptedPrivateKeyInfo), 214ENCODER_w_structure("SM2", sm2, no, pem, EncryptedPrivateKeyInfo), 215ENCODER_w_structure("SM2", sm2, no, der, PrivateKeyInfo), 216ENCODER_w_structure("SM2", sm2, no, pem, PrivateKeyInfo), 217ENCODER_w_structure("SM2", sm2, no, der, SubjectPublicKeyInfo), 218ENCODER_w_structure("SM2", sm2, no, pem, SubjectPublicKeyInfo), 219# endif 220#endif 221 222/* 223 * Entries for key type specific output formats. These are exactly the 224 * same as the type specific above, except that they use the key type 225 * name as structure name instead of "type-specific", in the call on 226 * OSSL_ENCODER_CTX_new_for_pkey(). 227 */ 228 229/* The RSA encoders only support private key and public key output */ 230ENCODER_w_structure("RSA", rsa, yes, der, RSA), 231ENCODER_w_structure("RSA", rsa, yes, pem, RSA), 232#ifndef OPENSSL_NO_DH 233/* DH and X9.42 DH only support key parameters output. */ 234ENCODER_w_structure("DH", dh, yes, der, DH), 235ENCODER_w_structure("DH", dh, yes, pem, DH), 236ENCODER_w_structure("DHX", dhx, yes, der, DHX), 237ENCODER_w_structure("DHX", dhx, yes, pem, DHX), 238#endif 239#ifndef OPENSSL_NO_DSA 240ENCODER_w_structure("DSA", dsa, yes, der, DSA), 241ENCODER_w_structure("DSA", dsa, yes, pem, DSA), 242#endif 243#ifndef OPENSSL_NO_EC 244ENCODER_w_structure("EC", ec, yes, der, EC), 245ENCODER_w_structure("EC", ec, yes, pem, EC), 246#endif 247 248/* 249 * Additional entries with structure names being the standard name. 250 * This is entirely for the convenience of the user that wants to use 251 * OSSL_ENCODER directly with names they may fancy. These do not impact 252 * on libcrypto functionality in any way. 253 */ 254/* PKCS#1 is a well known for plain RSA keys, so we add that too */ 255ENCODER_w_structure("RSA", rsa, yes, der, PKCS1), 256ENCODER_w_structure("RSA", rsa, yes, pem, PKCS1), 257ENCODER_w_structure("RSA-PSS", rsapss, yes, der, PKCS1), 258ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, PKCS1), 259#ifndef OPENSSL_NO_DH 260/* PKCS#3 defines the format for DH parameters */ 261ENCODER_w_structure("DH", dh, yes, der, PKCS3), 262ENCODER_w_structure("DH", dh, yes, pem, PKCS3), 263/* X9.42 defines the format for DHX parameters */ 264ENCODER_w_structure("DHX", dhx, yes, der, X9_42), 265ENCODER_w_structure("DHX", dhx, yes, pem, X9_42), 266#endif 267#ifndef OPENSSL_NO_EC 268/* RFC 5915 defines the format for EC keys and parameters */ 269ENCODER_w_structure("EC", ec, yes, der, X9_62), 270ENCODER_w_structure("EC", ec, yes, pem, X9_62), 271#endif 272