diff options
Diffstat (limited to 'providers/implementations/encode_decode/encode_key2text.c')
| -rw-r--r-- | providers/implementations/encode_decode/encode_key2text.c | 342 |
1 files changed, 101 insertions, 241 deletions
diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index 637fcf6a1214..7a564807326f 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,8 +12,6 @@ */ #include "internal/deprecated.h" -#include <ctype.h> - #include <openssl/core.h> #include <openssl/core_dispatch.h> #include <openssl/core_names.h> @@ -21,196 +19,23 @@ #include <openssl/err.h> #include <openssl/safestack.h> #include <openssl/proverr.h> -#include "internal/ffc.h" -#include "crypto/bn.h" /* bn_get_words() */ #include "crypto/dh.h" /* ossl_dh_get0_params() */ #include "crypto/dsa.h" /* ossl_dsa_get0_params() */ #include "crypto/ec.h" /* ossl_ec_key_get_libctx */ #include "crypto/ecx.h" /* ECX_KEY, etc... */ +#include "crypto/ml_kem.h" /* ML_KEM_KEY, etc... */ #include "crypto/rsa.h" /* RSA_PSS_PARAMS_30, etc... */ +#include "crypto/ml_dsa.h" +#include "crypto/slh_dsa.h" #include "prov/bio.h" #include "prov/implementations.h" +#include "internal/encoder.h" #include "endecoder_local.h" +#include "ml_dsa_codecs.h" +#include "ml_kem_codecs.h" DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) -# ifdef SIXTY_FOUR_BIT_LONG -# define BN_FMTu "%lu" -# define BN_FMTx "%lx" -# endif - -# ifdef SIXTY_FOUR_BIT -# define BN_FMTu "%llu" -# define BN_FMTx "%llx" -# endif - -# ifdef THIRTY_TWO_BIT -# define BN_FMTu "%u" -# define BN_FMTx "%x" -# endif - -static int print_labeled_bignum(BIO *out, const char *label, const BIGNUM *bn) -{ - int ret = 0, use_sep = 0; - char *hex_str = NULL, *p; - const char spaces[] = " "; - const char *post_label_spc = " "; - - const char *neg = ""; - int bytes; - - if (bn == NULL) - return 0; - if (label == NULL) { - label = ""; - post_label_spc = ""; - } - - if (BN_is_zero(bn)) - return BIO_printf(out, "%s%s0\n", label, post_label_spc); - - if (BN_num_bytes(bn) <= BN_BYTES) { - BN_ULONG *words = bn_get_words(bn); - - if (BN_is_negative(bn)) - neg = "-"; - - return BIO_printf(out, "%s%s%s" BN_FMTu " (%s0x" BN_FMTx ")\n", - label, post_label_spc, neg, words[0], neg, words[0]); - } - - hex_str = BN_bn2hex(bn); - if (hex_str == NULL) - return 0; - - p = hex_str; - if (*p == '-') { - ++p; - neg = " (Negative)"; - } - if (BIO_printf(out, "%s%s\n", label, neg) <= 0) - goto err; - - /* Keep track of how many bytes we have printed out so far */ - bytes = 0; - - if (BIO_printf(out, "%s", spaces) <= 0) - goto err; - - /* Add a leading 00 if the top bit is set */ - if (*p >= '8') { - if (BIO_printf(out, "%02x", 0) <= 0) - goto err; - ++bytes; - use_sep = 1; - } - while (*p != '\0') { - /* Do a newline after every 15 hex bytes + add the space indent */ - if ((bytes % 15) == 0 && bytes > 0) { - if (BIO_printf(out, ":\n%s", spaces) <= 0) - goto err; - use_sep = 0; /* The first byte on the next line doesnt have a : */ - } - if (BIO_printf(out, "%s%c%c", use_sep ? ":" : "", - tolower((unsigned char)p[0]), - tolower((unsigned char)p[1])) <= 0) - goto err; - ++bytes; - p += 2; - use_sep = 1; - } - if (BIO_printf(out, "\n") <= 0) - goto err; - ret = 1; -err: - OPENSSL_free(hex_str); - return ret; -} - -/* Number of octets per line */ -#define LABELED_BUF_PRINT_WIDTH 15 - -#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) -static int print_labeled_buf(BIO *out, const char *label, - const unsigned char *buf, size_t buflen) -{ - size_t i; - - if (BIO_printf(out, "%s\n", label) <= 0) - return 0; - - for (i = 0; i < buflen; i++) { - if ((i % LABELED_BUF_PRINT_WIDTH) == 0) { - if (i > 0 && BIO_printf(out, "\n") <= 0) - return 0; - if (BIO_printf(out, " ") <= 0) - return 0; - } - - if (BIO_printf(out, "%02x%s", buf[i], - (i == buflen - 1) ? "" : ":") <= 0) - return 0; - } - if (BIO_printf(out, "\n") <= 0) - return 0; - - return 1; -} -#endif - -#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) -static int ffc_params_to_text(BIO *out, const FFC_PARAMS *ffc) -{ - if (ffc->nid != NID_undef) { -#ifndef OPENSSL_NO_DH - const DH_NAMED_GROUP *group = ossl_ffc_uid_to_dh_named_group(ffc->nid); - const char *name = ossl_ffc_named_group_get_name(group); - - if (name == NULL) - goto err; - if (BIO_printf(out, "GROUP: %s\n", name) <= 0) - goto err; - return 1; -#else - /* How could this be? We should not have a nid in a no-dh build. */ - goto err; -#endif - } - - if (!print_labeled_bignum(out, "P: ", ffc->p)) - goto err; - if (ffc->q != NULL) { - if (!print_labeled_bignum(out, "Q: ", ffc->q)) - goto err; - } - if (!print_labeled_bignum(out, "G: ", ffc->g)) - goto err; - if (ffc->j != NULL) { - if (!print_labeled_bignum(out, "J: ", ffc->j)) - goto err; - } - if (ffc->seed != NULL) { - if (!print_labeled_buf(out, "SEED:", ffc->seed, ffc->seedlen)) - goto err; - } - if (ffc->gindex != -1) { - if (BIO_printf(out, "gindex: %d\n", ffc->gindex) <= 0) - goto err; - } - if (ffc->pcounter != -1) { - if (BIO_printf(out, "pcounter: %d\n", ffc->pcounter) <= 0) - goto err; - } - if (ffc->h != 0) { - if (BIO_printf(out, "h: %d\n", ffc->h) <= 0) - goto err; - } - return 1; -err: - return 0; -} -#endif - /* ---------------------------------------------------------------------- */ #ifndef OPENSSL_NO_DH @@ -266,13 +91,13 @@ static int dh_to_text(BIO *out, const void *key, int selection) if (BIO_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) <= 0) return 0; if (priv_key != NULL - && !print_labeled_bignum(out, "private-key:", priv_key)) + && !ossl_bio_print_labeled_bignum(out, "private-key:", priv_key)) return 0; if (pub_key != NULL - && !print_labeled_bignum(out, "public-key:", pub_key)) + && !ossl_bio_print_labeled_bignum(out, "public-key:", pub_key)) return 0; if (params != NULL - && !ffc_params_to_text(out, params)) + && !ossl_bio_print_ffc_params(out, params)) return 0; length = DH_get_length(dh); if (length > 0 @@ -282,9 +107,6 @@ static int dh_to_text(BIO *out, const void *key, int selection) return 1; } - -# define dh_input_type "DH" -# define dhx_input_type "DHX" #endif /* ---------------------------------------------------------------------- */ @@ -341,19 +163,17 @@ static int dsa_to_text(BIO *out, const void *key, int selection) if (BIO_printf(out, "%s: (%d bit)\n", type_label, BN_num_bits(p)) <= 0) return 0; if (priv_key != NULL - && !print_labeled_bignum(out, "priv:", priv_key)) + && !ossl_bio_print_labeled_bignum(out, "priv:", priv_key)) return 0; if (pub_key != NULL - && !print_labeled_bignum(out, "pub: ", pub_key)) + && !ossl_bio_print_labeled_bignum(out, "pub: ", pub_key)) return 0; if (params != NULL - && !ffc_params_to_text(out, params)) + && !ossl_bio_print_ffc_params(out, params)) return 0; return 1; } - -# define dsa_input_type "DSA" #endif /* ---------------------------------------------------------------------- */ @@ -381,9 +201,9 @@ static int ec_param_explicit_curve_to_text(BIO *out, const EC_GROUP *group, return 0; plabel = "Polynomial:"; } - return print_labeled_bignum(out, plabel, p) - && print_labeled_bignum(out, "A: ", a) - && print_labeled_bignum(out, "B: ", b); + return ossl_bio_print_labeled_bignum(out, plabel, p) + && ossl_bio_print_labeled_bignum(out, "A: ", a) + && ossl_bio_print_labeled_bignum(out, "B: ", b); } static int ec_param_explicit_gen_to_text(BIO *out, const EC_GROUP *group, @@ -420,7 +240,7 @@ static int ec_param_explicit_gen_to_text(BIO *out, const EC_GROUP *group, if (buflen == 0) return 0; - ret = print_labeled_buf(out, glabel, buf, buflen); + ret = ossl_bio_print_labeled_buf(out, glabel, buf, buflen); OPENSSL_clear_free(buf, buflen); return ret; } @@ -454,11 +274,11 @@ static int ec_param_explicit_to_text(BIO *out, const EC_GROUP *group, if (BIO_printf(out, "Field Type: %s\n", OBJ_nid2sn(tmp_nid)) <= 0 || !ec_param_explicit_curve_to_text(out, group, ctx) || !ec_param_explicit_gen_to_text(out, group, ctx) - || !print_labeled_bignum(out, "Order: ", order) + || !ossl_bio_print_labeled_bignum(out, "Order: ", order) || (cofactor != NULL - && !print_labeled_bignum(out, "Cofactor: ", cofactor)) + && !ossl_bio_print_labeled_bignum(out, "Cofactor: ", cofactor)) || (seed != NULL - && !print_labeled_buf(out, "Seed:", seed, seed_len))) + && !ossl_bio_print_labeled_buf(out, "Seed:", seed, seed_len))) goto err; ret = 1; err: @@ -513,7 +333,8 @@ static int ec_to_text(BIO *out, const void *key, int selection) else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) type_label = "Public-Key"; else if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) - type_label = "EC-Parameters"; + if (EC_GROUP_get_curve_name(group) != NID_sm2) + type_label = "EC-Parameters"; if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { const BIGNUM *priv_key = EC_KEY_get0_private_key(ec); @@ -539,14 +360,15 @@ static int ec_to_text(BIO *out, const void *key, int selection) goto err; } - if (BIO_printf(out, "%s: (%d bit)\n", type_label, - EC_GROUP_order_bits(group)) <= 0) + if (type_label != NULL + && BIO_printf(out, "%s: (%d bit)\n", type_label, + EC_GROUP_order_bits(group)) <= 0) goto err; if (priv != NULL - && !print_labeled_buf(out, "priv:", priv, priv_len)) + && !ossl_bio_print_labeled_buf(out, "priv:", priv, priv_len)) goto err; if (pub != NULL - && !print_labeled_buf(out, "pub:", pub, pub_len)) + && !ossl_bio_print_labeled_buf(out, "pub:", pub, pub_len)) goto err; if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) ret = ec_param_to_text(out, group, ossl_ec_key_get_libctx(ec)); @@ -555,17 +377,11 @@ err: OPENSSL_free(pub); return ret; } - -# define ec_input_type "EC" - -# ifndef OPENSSL_NO_SM2 -# define sm2_input_type "SM2" -# endif #endif /* ---------------------------------------------------------------------- */ -#ifndef OPENSSL_NO_EC +#ifndef OPENSSL_NO_ECX static int ecx_to_text(BIO *out, const void *key, int selection) { const ECX_KEY *ecx = key; @@ -599,7 +415,7 @@ static int ecx_to_text(BIO *out, const void *key, int selection) if (BIO_printf(out, "%s Private-Key:\n", type_label) <= 0) return 0; - if (!print_labeled_buf(out, "priv:", ecx->privkey, ecx->keylen)) + if (!ossl_bio_print_labeled_buf(out, "priv:", ecx->privkey, ecx->keylen)) return 0; } else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { /* ecx->pubkey is an array, not a pointer... */ @@ -612,20 +428,31 @@ static int ecx_to_text(BIO *out, const void *key, int selection) return 0; } - if (!print_labeled_buf(out, "pub:", ecx->pubkey, ecx->keylen)) + if (!ossl_bio_print_labeled_buf(out, "pub:", ecx->pubkey, ecx->keylen)) return 0; return 1; } +#endif -# define ed25519_input_type "ED25519" -# define ed448_input_type "ED448" -# define x25519_input_type "X25519" -# define x448_input_type "X448" +/* ---------------------------------------------------------------------- */ + +#ifndef OPENSSL_NO_ML_KEM +static int ml_kem_to_text(BIO *out, const void *vkey, int selection) +{ + return ossl_ml_kem_key_to_text(out, (ML_KEM_KEY *)vkey, selection); +} #endif /* ---------------------------------------------------------------------- */ +#ifndef OPENSSL_NO_SLH_DSA +static int slh_dsa_to_text(BIO *out, const void *key, int selection) +{ + return ossl_slh_dsa_key_to_text(out, (SLH_DSA_KEY *)key, selection); +} +#endif /* OPENSSL_NO_SLH_DSA */ + static int rsa_to_text(BIO *out, const void *key, int selection) { const RSA *rsa = key; @@ -650,7 +477,7 @@ static int rsa_to_text(BIO *out, const void *key, int selection) coeffs = sk_BIGNUM_const_new_null(); if (factors == NULL || exps == NULL || coeffs == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_CRYPTO_LIB); goto err; } @@ -678,45 +505,45 @@ static int rsa_to_text(BIO *out, const void *key, int selection) goto err; } - if (!print_labeled_bignum(out, modulus_label, rsa_n)) + if (!ossl_bio_print_labeled_bignum(out, modulus_label, rsa_n)) goto err; - if (!print_labeled_bignum(out, exponent_label, rsa_e)) + if (!ossl_bio_print_labeled_bignum(out, exponent_label, rsa_e)) goto err; if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { int i; - if (!print_labeled_bignum(out, "privateExponent:", rsa_d)) + if (!ossl_bio_print_labeled_bignum(out, "privateExponent:", rsa_d)) goto err; - if (!print_labeled_bignum(out, "prime1:", - sk_BIGNUM_const_value(factors, 0))) + if (!ossl_bio_print_labeled_bignum(out, "prime1:", + sk_BIGNUM_const_value(factors, 0))) goto err; - if (!print_labeled_bignum(out, "prime2:", - sk_BIGNUM_const_value(factors, 1))) + if (!ossl_bio_print_labeled_bignum(out, "prime2:", + sk_BIGNUM_const_value(factors, 1))) goto err; - if (!print_labeled_bignum(out, "exponent1:", - sk_BIGNUM_const_value(exps, 0))) + if (!ossl_bio_print_labeled_bignum(out, "exponent1:", + sk_BIGNUM_const_value(exps, 0))) goto err; - if (!print_labeled_bignum(out, "exponent2:", - sk_BIGNUM_const_value(exps, 1))) + if (!ossl_bio_print_labeled_bignum(out, "exponent2:", + sk_BIGNUM_const_value(exps, 1))) goto err; - if (!print_labeled_bignum(out, "coefficient:", - sk_BIGNUM_const_value(coeffs, 0))) + if (!ossl_bio_print_labeled_bignum(out, "coefficient:", + sk_BIGNUM_const_value(coeffs, 0))) goto err; for (i = 2; i < sk_BIGNUM_const_num(factors); i++) { if (BIO_printf(out, "prime%d:", i + 1) <= 0) goto err; - if (!print_labeled_bignum(out, NULL, - sk_BIGNUM_const_value(factors, i))) + if (!ossl_bio_print_labeled_bignum(out, NULL, + sk_BIGNUM_const_value(factors, i))) goto err; if (BIO_printf(out, "exponent%d:", i + 1) <= 0) goto err; - if (!print_labeled_bignum(out, NULL, - sk_BIGNUM_const_value(exps, i))) + if (!ossl_bio_print_labeled_bignum(out, NULL, + sk_BIGNUM_const_value(exps, i))) goto err; if (BIO_printf(out, "coefficient%d:", i + 1) <= 0) goto err; - if (!print_labeled_bignum(out, NULL, - sk_BIGNUM_const_value(coeffs, i - 1))) + if (!ossl_bio_print_labeled_bignum(out, NULL, + sk_BIGNUM_const_value(coeffs, i - 1))) goto err; } } @@ -778,9 +605,14 @@ static int rsa_to_text(BIO *out, const void *key, int selection) return ret; } -#define rsa_input_type "RSA" -#define rsapss_input_type "RSA-PSS" +/* ---------------------------------------------------------------------- */ +#ifndef OPENSSL_NO_ML_DSA +static int ml_dsa_to_text(BIO *out, const void *key, int selection) +{ + return ossl_ml_dsa_key_to_text(out, (ML_DSA_KEY *)key, selection); +} +#endif /* OPENSSL_NO_ML_DSA */ /* ---------------------------------------------------------------------- */ static void *key2text_newctx(void *provctx) @@ -853,7 +685,7 @@ static int key2text_encode(void *vctx, const void *key, int selection, (void (*)(void))impl##2text_free_object }, \ { OSSL_FUNC_ENCODER_ENCODE, \ (void (*)(void))impl##2text_encode }, \ - { 0, NULL } \ + OSSL_DISPATCH_END \ } #ifndef OPENSSL_NO_DH @@ -868,10 +700,38 @@ MAKE_TEXT_ENCODER(ec, ec); # ifndef OPENSSL_NO_SM2 MAKE_TEXT_ENCODER(sm2, ec); # endif +# ifndef OPENSSL_NO_ECX MAKE_TEXT_ENCODER(ed25519, ecx); MAKE_TEXT_ENCODER(ed448, ecx); MAKE_TEXT_ENCODER(x25519, ecx); MAKE_TEXT_ENCODER(x448, ecx); +# endif +#endif +#ifndef OPENSSL_NO_ML_KEM +MAKE_TEXT_ENCODER(ml_kem_512, ml_kem); +MAKE_TEXT_ENCODER(ml_kem_768, ml_kem); +MAKE_TEXT_ENCODER(ml_kem_1024, ml_kem); #endif MAKE_TEXT_ENCODER(rsa, rsa); MAKE_TEXT_ENCODER(rsapss, rsa); + +#ifndef OPENSSL_NO_ML_DSA +MAKE_TEXT_ENCODER(ml_dsa_44, ml_dsa); +MAKE_TEXT_ENCODER(ml_dsa_65, ml_dsa); +MAKE_TEXT_ENCODER(ml_dsa_87, ml_dsa); +#endif + +#ifndef OPENSSL_NO_SLH_DSA +MAKE_TEXT_ENCODER(slh_dsa_sha2_128s, slh_dsa); +MAKE_TEXT_ENCODER(slh_dsa_sha2_128f, slh_dsa); +MAKE_TEXT_ENCODER(slh_dsa_sha2_192s, slh_dsa); +MAKE_TEXT_ENCODER(slh_dsa_sha2_192f, slh_dsa); +MAKE_TEXT_ENCODER(slh_dsa_sha2_256s, slh_dsa); +MAKE_TEXT_ENCODER(slh_dsa_sha2_256f, slh_dsa); +MAKE_TEXT_ENCODER(slh_dsa_shake_128s, slh_dsa); +MAKE_TEXT_ENCODER(slh_dsa_shake_128f, slh_dsa); +MAKE_TEXT_ENCODER(slh_dsa_shake_192s, slh_dsa); +MAKE_TEXT_ENCODER(slh_dsa_shake_192f, slh_dsa); +MAKE_TEXT_ENCODER(slh_dsa_shake_256s, slh_dsa); +MAKE_TEXT_ENCODER(slh_dsa_shake_256f, slh_dsa); +#endif |