|
@@ -167,7 +167,6 @@ static X509_PUBKEY *key_to_pubkey(const void *key, int key_nid,
|
|
|
* key_to_epki_* produce encoded output with the private key data in a
|
|
|
* EncryptedPrivateKeyInfo structure (defined by PKCS#8). They require
|
|
|
* that there's an intent to encrypt, anything else is an error.
|
|
|
- * They are currently only called from the corresponding key_to_pki_ function.
|
|
|
*
|
|
|
* key_to_pki_* primarly produce encoded output with the private key data
|
|
|
* in a PrivateKeyInfo structure (also defined by PKCS#8). However, if
|
|
@@ -510,6 +509,8 @@ static int dh_pki_priv_to_der(const void *dh, unsigned char **pder)
|
|
|
return ret;
|
|
|
}
|
|
|
|
|
|
+# define dh_epki_priv_to_der dh_pki_priv_to_der
|
|
|
+
|
|
|
static int dh_type_specific_params_to_der(const void *dh, unsigned char **pder)
|
|
|
{
|
|
|
if (DH_test_flags(dh, DH_FLAG_TYPE_DHX))
|
|
@@ -623,6 +624,8 @@ static int dsa_pki_priv_to_der(const void *dsa, unsigned char **pder)
|
|
|
return ret;
|
|
|
}
|
|
|
|
|
|
+# define dsa_epki_priv_to_der dsa_pki_priv_to_der
|
|
|
+
|
|
|
# define dsa_type_specific_priv_to_der (i2d_of_void *)i2d_DSAPrivateKey
|
|
|
# define dsa_type_specific_pub_to_der (i2d_of_void *)i2d_DSAPublicKey
|
|
|
# define dsa_type_specific_params_to_der (i2d_of_void *)i2d_DSAparams
|
|
@@ -721,6 +724,8 @@ static int ec_pki_priv_to_der(const void *veckey, unsigned char **pder)
|
|
|
return ret; /* return the length of the der encoded data */
|
|
|
}
|
|
|
|
|
|
+# define ec_epki_priv_to_der ec_pki_priv_to_der
|
|
|
+
|
|
|
# define ec_type_specific_params_to_der (i2d_of_void *)i2d_ECParameters
|
|
|
# define ec_type_specific_pub_to_der (i2d_of_void *)i2o_ECPublicKey
|
|
|
# define ec_type_specific_priv_to_der (i2d_of_void *)i2d_ECPrivateKey
|
|
@@ -786,6 +791,8 @@ static int ecx_pki_priv_to_der(const void *vecxkey, unsigned char **pder)
|
|
|
return keybloblen;
|
|
|
}
|
|
|
|
|
|
+# define ecx_epki_priv_to_der ecx_pki_priv_to_der
|
|
|
+
|
|
|
/*
|
|
|
* ED25519, ED448, X25519 and X448 only has PKCS#8 / SubjectPublicKeyInfo
|
|
|
* representation, so we don't define ecx_type_specific_[priv,pub,params]_to_der.
|
|
@@ -889,6 +896,7 @@ static int prepare_rsa_params(const void *rsa, int nid, int save,
|
|
|
* field as well as the SubjectPublicKeyInfo |subjectPublicKey| field.
|
|
|
*/
|
|
|
#define rsa_pki_priv_to_der rsa_type_specific_priv_to_der
|
|
|
+#define rsa_epki_priv_to_der rsa_type_specific_priv_to_der
|
|
|
#define rsa_spki_pub_to_der rsa_type_specific_pub_to_der
|
|
|
#define rsa_type_specific_priv_to_der (i2d_of_void *)i2d_RSAPrivateKey
|
|
|
#define rsa_type_specific_pub_to_der (i2d_of_void *)i2d_RSAPublicKey
|
|
@@ -1116,6 +1124,10 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout,
|
|
|
#define DO_PrivateKeyInfo(impl, type, output) \
|
|
|
DO_PRIVATE_KEY(impl, type, pki, output)
|
|
|
|
|
|
+#define DO_EncryptedPrivateKeyInfo_selection_mask DO_PRIVATE_KEY_selection_mask
|
|
|
+#define DO_EncryptedPrivateKeyInfo(impl, type, output) \
|
|
|
+ DO_PRIVATE_KEY(impl, type, epki, output)
|
|
|
+
|
|
|
/* SubjectPublicKeyInfo is a structure for public keys only */
|
|
|
#define DO_SubjectPublicKeyInfo_selection_mask DO_PUBLIC_KEY_selection_mask
|
|
|
#define DO_SubjectPublicKeyInfo(impl, type, output) \
|
|
@@ -1328,53 +1340,75 @@ MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, type_specific_no_pub, pem);
|
|
|
* For PEM, these are expected to be used by PEM_write_bio_PrivateKey(),
|
|
|
* PEM_write_bio_PUBKEY() and PEM_write_bio_Parameters().
|
|
|
*/
|
|
|
+MAKE_ENCODER(rsa, rsa, EVP_PKEY_RSA, EncryptedPrivateKeyInfo, der);
|
|
|
+MAKE_ENCODER(rsa, rsa, EVP_PKEY_RSA, EncryptedPrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(rsa, rsa, EVP_PKEY_RSA, PrivateKeyInfo, der);
|
|
|
MAKE_ENCODER(rsa, rsa, EVP_PKEY_RSA, PrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(rsa, rsa, EVP_PKEY_RSA, SubjectPublicKeyInfo, der);
|
|
|
MAKE_ENCODER(rsa, rsa, EVP_PKEY_RSA, SubjectPublicKeyInfo, pem);
|
|
|
+MAKE_ENCODER(rsapss, rsa, EVP_PKEY_RSA_PSS, EncryptedPrivateKeyInfo, der);
|
|
|
+MAKE_ENCODER(rsapss, rsa, EVP_PKEY_RSA_PSS, EncryptedPrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(rsapss, rsa, EVP_PKEY_RSA_PSS, PrivateKeyInfo, der);
|
|
|
MAKE_ENCODER(rsapss, rsa, EVP_PKEY_RSA_PSS, PrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(rsapss, rsa, EVP_PKEY_RSA_PSS, SubjectPublicKeyInfo, der);
|
|
|
MAKE_ENCODER(rsapss, rsa, EVP_PKEY_RSA_PSS, SubjectPublicKeyInfo, pem);
|
|
|
#ifndef OPENSSL_NO_DH
|
|
|
+MAKE_ENCODER(dh, dh, EVP_PKEY_DH, EncryptedPrivateKeyInfo, der);
|
|
|
+MAKE_ENCODER(dh, dh, EVP_PKEY_DH, EncryptedPrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(dh, dh, EVP_PKEY_DH, PrivateKeyInfo, der);
|
|
|
MAKE_ENCODER(dh, dh, EVP_PKEY_DH, PrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(dh, dh, EVP_PKEY_DH, SubjectPublicKeyInfo, der);
|
|
|
MAKE_ENCODER(dh, dh, EVP_PKEY_DH, SubjectPublicKeyInfo, pem);
|
|
|
+MAKE_ENCODER(dhx, dh, EVP_PKEY_DHX, EncryptedPrivateKeyInfo, der);
|
|
|
+MAKE_ENCODER(dhx, dh, EVP_PKEY_DHX, EncryptedPrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(dhx, dh, EVP_PKEY_DHX, PrivateKeyInfo, der);
|
|
|
MAKE_ENCODER(dhx, dh, EVP_PKEY_DHX, PrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(dhx, dh, EVP_PKEY_DHX, SubjectPublicKeyInfo, der);
|
|
|
MAKE_ENCODER(dhx, dh, EVP_PKEY_DHX, SubjectPublicKeyInfo, pem);
|
|
|
#endif
|
|
|
#ifndef OPENSSL_NO_DSA
|
|
|
+MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, EncryptedPrivateKeyInfo, der);
|
|
|
+MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, EncryptedPrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, PrivateKeyInfo, der);
|
|
|
MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, PrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, SubjectPublicKeyInfo, der);
|
|
|
MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, SubjectPublicKeyInfo, pem);
|
|
|
#endif
|
|
|
#ifndef OPENSSL_NO_EC
|
|
|
+MAKE_ENCODER(ec, ec, EVP_PKEY_EC, EncryptedPrivateKeyInfo, der);
|
|
|
+MAKE_ENCODER(ec, ec, EVP_PKEY_EC, EncryptedPrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(ec, ec, EVP_PKEY_EC, PrivateKeyInfo, der);
|
|
|
MAKE_ENCODER(ec, ec, EVP_PKEY_EC, PrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(ec, ec, EVP_PKEY_EC, SubjectPublicKeyInfo, der);
|
|
|
MAKE_ENCODER(ec, ec, EVP_PKEY_EC, SubjectPublicKeyInfo, pem);
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
+MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, EncryptedPrivateKeyInfo, der);
|
|
|
+MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, EncryptedPrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, PrivateKeyInfo, der);
|
|
|
MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, PrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, SubjectPublicKeyInfo, der);
|
|
|
MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, SubjectPublicKeyInfo, pem);
|
|
|
# endif
|
|
|
+MAKE_ENCODER(ed25519, ecx, EVP_PKEY_ED25519, EncryptedPrivateKeyInfo, der);
|
|
|
+MAKE_ENCODER(ed25519, ecx, EVP_PKEY_ED25519, EncryptedPrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(ed25519, ecx, EVP_PKEY_ED25519, PrivateKeyInfo, der);
|
|
|
MAKE_ENCODER(ed25519, ecx, EVP_PKEY_ED25519, PrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(ed25519, ecx, EVP_PKEY_ED25519, SubjectPublicKeyInfo, der);
|
|
|
MAKE_ENCODER(ed25519, ecx, EVP_PKEY_ED25519, SubjectPublicKeyInfo, pem);
|
|
|
+MAKE_ENCODER(ed448, ecx, EVP_PKEY_ED448, EncryptedPrivateKeyInfo, der);
|
|
|
+MAKE_ENCODER(ed448, ecx, EVP_PKEY_ED448, EncryptedPrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(ed448, ecx, EVP_PKEY_ED448, PrivateKeyInfo, der);
|
|
|
MAKE_ENCODER(ed448, ecx, EVP_PKEY_ED448, PrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(ed448, ecx, EVP_PKEY_ED448, SubjectPublicKeyInfo, der);
|
|
|
MAKE_ENCODER(ed448, ecx, EVP_PKEY_ED448, SubjectPublicKeyInfo, pem);
|
|
|
+MAKE_ENCODER(x25519, ecx, EVP_PKEY_X25519, EncryptedPrivateKeyInfo, der);
|
|
|
+MAKE_ENCODER(x25519, ecx, EVP_PKEY_X25519, EncryptedPrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(x25519, ecx, EVP_PKEY_X25519, PrivateKeyInfo, der);
|
|
|
MAKE_ENCODER(x25519, ecx, EVP_PKEY_X25519, PrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(x25519, ecx, EVP_PKEY_X25519, SubjectPublicKeyInfo, der);
|
|
|
MAKE_ENCODER(x25519, ecx, EVP_PKEY_X25519, SubjectPublicKeyInfo, pem);
|
|
|
+MAKE_ENCODER(x448, ecx, EVP_PKEY_ED448, EncryptedPrivateKeyInfo, der);
|
|
|
+MAKE_ENCODER(x448, ecx, EVP_PKEY_ED448, EncryptedPrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(x448, ecx, EVP_PKEY_ED448, PrivateKeyInfo, der);
|
|
|
MAKE_ENCODER(x448, ecx, EVP_PKEY_ED448, PrivateKeyInfo, pem);
|
|
|
MAKE_ENCODER(x448, ecx, EVP_PKEY_ED448, SubjectPublicKeyInfo, der);
|