pmeth_gn.c 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461
  1. /*
  2. * Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <stdlib.h>
  11. #include <openssl/core.h>
  12. #include <openssl/core_names.h>
  13. #include "internal/cryptlib.h"
  14. #include "internal/core.h"
  15. #include <openssl/objects.h>
  16. #include <openssl/evp.h>
  17. #include "crypto/bn.h"
  18. #ifndef FIPS_MODULE
  19. # include "crypto/asn1.h"
  20. #endif
  21. #include "crypto/evp.h"
  22. #include "evp_local.h"
  23. static int gen_init(EVP_PKEY_CTX *ctx, int operation)
  24. {
  25. int ret = 0;
  26. if (ctx == NULL)
  27. goto not_supported;
  28. evp_pkey_ctx_free_old_ops(ctx);
  29. ctx->operation = operation;
  30. if (ctx->keymgmt == NULL || ctx->keymgmt->gen_init == NULL)
  31. goto legacy;
  32. switch (operation) {
  33. case EVP_PKEY_OP_PARAMGEN:
  34. ctx->op.keymgmt.genctx =
  35. evp_keymgmt_gen_init(ctx->keymgmt,
  36. OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, NULL);
  37. break;
  38. case EVP_PKEY_OP_KEYGEN:
  39. ctx->op.keymgmt.genctx =
  40. evp_keymgmt_gen_init(ctx->keymgmt, OSSL_KEYMGMT_SELECT_KEYPAIR,
  41. NULL);
  42. break;
  43. }
  44. if (ctx->op.keymgmt.genctx == NULL)
  45. ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
  46. else
  47. ret = 1;
  48. goto end;
  49. legacy:
  50. #ifdef FIPS_MODULE
  51. goto not_supported;
  52. #else
  53. if (ctx->pmeth == NULL
  54. || (operation == EVP_PKEY_OP_PARAMGEN
  55. && ctx->pmeth->paramgen == NULL)
  56. || (operation == EVP_PKEY_OP_KEYGEN
  57. && ctx->pmeth->keygen == NULL))
  58. goto not_supported;
  59. ret = 1;
  60. switch (operation) {
  61. case EVP_PKEY_OP_PARAMGEN:
  62. if (ctx->pmeth->paramgen_init != NULL)
  63. ret = ctx->pmeth->paramgen_init(ctx);
  64. break;
  65. case EVP_PKEY_OP_KEYGEN:
  66. if (ctx->pmeth->keygen_init != NULL)
  67. ret = ctx->pmeth->keygen_init(ctx);
  68. break;
  69. }
  70. #endif
  71. end:
  72. if (ret <= 0 && ctx != NULL) {
  73. evp_pkey_ctx_free_old_ops(ctx);
  74. ctx->operation = EVP_PKEY_OP_UNDEFINED;
  75. }
  76. return ret;
  77. not_supported:
  78. ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
  79. ret = -2;
  80. goto end;
  81. }
  82. int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
  83. {
  84. return gen_init(ctx, EVP_PKEY_OP_PARAMGEN);
  85. }
  86. int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
  87. {
  88. return gen_init(ctx, EVP_PKEY_OP_KEYGEN);
  89. }
  90. static int ossl_callback_to_pkey_gencb(const OSSL_PARAM params[], void *arg)
  91. {
  92. EVP_PKEY_CTX *ctx = arg;
  93. const OSSL_PARAM *param = NULL;
  94. int p = -1, n = -1;
  95. if (ctx->pkey_gencb == NULL)
  96. return 1; /* No callback? That's fine */
  97. if ((param = OSSL_PARAM_locate_const(params, OSSL_GEN_PARAM_POTENTIAL))
  98. == NULL
  99. || !OSSL_PARAM_get_int(param, &p))
  100. return 0;
  101. if ((param = OSSL_PARAM_locate_const(params, OSSL_GEN_PARAM_ITERATION))
  102. == NULL
  103. || !OSSL_PARAM_get_int(param, &n))
  104. return 0;
  105. ctx->keygen_info[0] = p;
  106. ctx->keygen_info[1] = n;
  107. return ctx->pkey_gencb(ctx);
  108. }
  109. int EVP_PKEY_generate(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
  110. {
  111. int ret = 0;
  112. EVP_PKEY *allocated_pkey = NULL;
  113. /* Legacy compatible keygen callback info, only used with provider impls */
  114. int gentmp[2];
  115. if (ppkey == NULL)
  116. return -1;
  117. if (ctx == NULL)
  118. goto not_supported;
  119. if ((ctx->operation & EVP_PKEY_OP_TYPE_GEN) == 0)
  120. goto not_initialized;
  121. if (*ppkey == NULL)
  122. *ppkey = allocated_pkey = EVP_PKEY_new();
  123. if (*ppkey == NULL) {
  124. ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
  125. return -1;
  126. }
  127. if (ctx->op.keymgmt.genctx == NULL)
  128. goto legacy;
  129. /*
  130. * Asssigning gentmp to ctx->keygen_info is something our legacy
  131. * implementations do. Because the provider implementations aren't
  132. * allowed to reach into our EVP_PKEY_CTX, we need to provide similar
  133. * space for backward compatibility. It's ok that we attach a local
  134. * variable, as it should only be useful in the calls down from here.
  135. * This is cleared as soon as it isn't useful any more, i.e. directly
  136. * after the evp_keymgmt_util_gen() call.
  137. */
  138. ctx->keygen_info = gentmp;
  139. ctx->keygen_info_count = 2;
  140. ret = 1;
  141. if (ctx->pkey != NULL) {
  142. EVP_KEYMGMT *tmp_keymgmt = ctx->keymgmt;
  143. void *keydata =
  144. evp_pkey_export_to_provider(ctx->pkey, ctx->libctx,
  145. &tmp_keymgmt, ctx->propquery);
  146. if (tmp_keymgmt == NULL)
  147. goto not_supported;
  148. /*
  149. * It's ok if keydata is NULL here. The backend is expected to deal
  150. * with that as it sees fit.
  151. */
  152. ret = evp_keymgmt_gen_set_template(ctx->keymgmt,
  153. ctx->op.keymgmt.genctx, keydata);
  154. }
  155. /*
  156. * the returned value from evp_keymgmt_util_gen() is cached in *ppkey,
  157. * so we do not need to save it, just check it.
  158. */
  159. ret = ret
  160. && (evp_keymgmt_util_gen(*ppkey, ctx->keymgmt, ctx->op.keymgmt.genctx,
  161. ossl_callback_to_pkey_gencb, ctx)
  162. != NULL);
  163. ctx->keygen_info = NULL;
  164. #ifndef FIPS_MODULE
  165. /* In case |*ppkey| was originally a legacy key */
  166. if (ret)
  167. evp_pkey_free_legacy(*ppkey);
  168. #endif
  169. /*
  170. * Because we still have legacy keys
  171. */
  172. (*ppkey)->type = ctx->legacy_keytype;
  173. goto end;
  174. legacy:
  175. #ifdef FIPS_MODULE
  176. goto not_supported;
  177. #else
  178. /*
  179. * If we get here then we're using legacy paramgen/keygen. In that case
  180. * the pkey in ctx (if there is one) had better not be provided (because the
  181. * legacy methods may not know how to handle it). However we can only get
  182. * here if ctx->op.keymgmt.genctx == NULL, but that should never be the case
  183. * if ctx->pkey is provided because we don't allow this when we initialise
  184. * the ctx.
  185. */
  186. if (ctx->pkey != NULL && !ossl_assert(!evp_pkey_is_provided(ctx->pkey)))
  187. goto not_accessible;
  188. switch (ctx->operation) {
  189. case EVP_PKEY_OP_PARAMGEN:
  190. ret = ctx->pmeth->paramgen(ctx, *ppkey);
  191. break;
  192. case EVP_PKEY_OP_KEYGEN:
  193. ret = ctx->pmeth->keygen(ctx, *ppkey);
  194. break;
  195. default:
  196. goto not_supported;
  197. }
  198. #endif
  199. end:
  200. if (ret <= 0) {
  201. if (allocated_pkey != NULL)
  202. *ppkey = NULL;
  203. EVP_PKEY_free(allocated_pkey);
  204. }
  205. return ret;
  206. not_supported:
  207. ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
  208. ret = -2;
  209. goto end;
  210. not_initialized:
  211. ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
  212. ret = -1;
  213. goto end;
  214. #ifndef FIPS_MODULE
  215. not_accessible:
  216. ERR_raise(ERR_LIB_EVP, EVP_R_INACCESSIBLE_DOMAIN_PARAMETERS);
  217. ret = -1;
  218. goto end;
  219. #endif
  220. }
  221. int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
  222. {
  223. if (ctx->operation != EVP_PKEY_OP_PARAMGEN) {
  224. ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
  225. return -1;
  226. }
  227. return EVP_PKEY_generate(ctx, ppkey);
  228. }
  229. int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
  230. {
  231. if (ctx->operation != EVP_PKEY_OP_KEYGEN) {
  232. ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
  233. return -1;
  234. }
  235. return EVP_PKEY_generate(ctx, ppkey);
  236. }
  237. void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb)
  238. {
  239. ctx->pkey_gencb = cb;
  240. }
  241. EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
  242. {
  243. return ctx->pkey_gencb;
  244. }
  245. /*
  246. * "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB style
  247. * callbacks.
  248. */
  249. static int trans_cb(int a, int b, BN_GENCB *gcb)
  250. {
  251. EVP_PKEY_CTX *ctx = BN_GENCB_get_arg(gcb);
  252. ctx->keygen_info[0] = a;
  253. ctx->keygen_info[1] = b;
  254. return ctx->pkey_gencb(ctx);
  255. }
  256. void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
  257. {
  258. BN_GENCB_set(cb, trans_cb, ctx);
  259. }
  260. int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
  261. {
  262. if (idx == -1)
  263. return ctx->keygen_info_count;
  264. if (idx < 0 || idx > ctx->keygen_info_count)
  265. return 0;
  266. return ctx->keygen_info[idx];
  267. }
  268. #ifndef FIPS_MODULE
  269. EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
  270. const unsigned char *key, int keylen)
  271. {
  272. EVP_PKEY_CTX *mac_ctx = NULL;
  273. EVP_PKEY *mac_key = NULL;
  274. mac_ctx = EVP_PKEY_CTX_new_id(type, e);
  275. if (!mac_ctx)
  276. return NULL;
  277. if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
  278. goto merr;
  279. if (EVP_PKEY_CTX_set_mac_key(mac_ctx, key, keylen) <= 0)
  280. goto merr;
  281. if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
  282. goto merr;
  283. merr:
  284. EVP_PKEY_CTX_free(mac_ctx);
  285. return mac_key;
  286. }
  287. #endif /* FIPS_MODULE */
  288. /*- All methods below can also be used in FIPS_MODULE */
  289. static int fromdata_init(EVP_PKEY_CTX *ctx, int operation)
  290. {
  291. if (ctx == NULL || ctx->keytype == NULL)
  292. goto not_supported;
  293. evp_pkey_ctx_free_old_ops(ctx);
  294. if (ctx->keymgmt == NULL)
  295. goto not_supported;
  296. ctx->operation = operation;
  297. return 1;
  298. not_supported:
  299. if (ctx != NULL)
  300. ctx->operation = EVP_PKEY_OP_UNDEFINED;
  301. ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
  302. return -2;
  303. }
  304. int EVP_PKEY_fromdata_init(EVP_PKEY_CTX *ctx)
  305. {
  306. return fromdata_init(ctx, EVP_PKEY_OP_FROMDATA);
  307. }
  308. int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, int selection,
  309. OSSL_PARAM params[])
  310. {
  311. void *keydata = NULL;
  312. EVP_PKEY *allocated_pkey = NULL;
  313. if (ctx == NULL || (ctx->operation & EVP_PKEY_OP_FROMDATA) == 0) {
  314. ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
  315. return -2;
  316. }
  317. if (ppkey == NULL)
  318. return -1;
  319. if (*ppkey == NULL)
  320. allocated_pkey = *ppkey = EVP_PKEY_new();
  321. if (*ppkey == NULL) {
  322. ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
  323. return -1;
  324. }
  325. keydata = evp_keymgmt_util_fromdata(*ppkey, ctx->keymgmt, selection, params);
  326. if (keydata == NULL) {
  327. if (allocated_pkey != NULL) {
  328. *ppkey = NULL;
  329. EVP_PKEY_free(allocated_pkey);
  330. }
  331. return 0;
  332. }
  333. /* keydata is cached in *ppkey, so we need not bother with it further */
  334. return 1;
  335. }
  336. const OSSL_PARAM *EVP_PKEY_fromdata_settable(EVP_PKEY_CTX *ctx, int selection)
  337. {
  338. /* We call fromdata_init to get ctx->keymgmt populated */
  339. if (fromdata_init(ctx, EVP_PKEY_OP_UNDEFINED) == 1)
  340. return evp_keymgmt_import_types(ctx->keymgmt, selection);
  341. return NULL;
  342. }
  343. static OSSL_CALLBACK ossl_pkey_todata_cb;
  344. static int ossl_pkey_todata_cb(const OSSL_PARAM params[], void *arg)
  345. {
  346. OSSL_PARAM **ret = arg;
  347. *ret = OSSL_PARAM_dup(params);
  348. return 1;
  349. }
  350. int EVP_PKEY_todata(const EVP_PKEY *pkey, int selection, OSSL_PARAM **params)
  351. {
  352. if (params == NULL)
  353. return 0;
  354. return EVP_PKEY_export(pkey, selection, ossl_pkey_todata_cb, params);
  355. }
  356. #ifndef FIPS_MODULE
  357. struct fake_import_data_st {
  358. OSSL_CALLBACK *export_cb;
  359. void *export_cbarg;
  360. };
  361. static OSSL_FUNC_keymgmt_import_fn pkey_fake_import;
  362. static int pkey_fake_import(void *fake_keydata, int ignored_selection,
  363. const OSSL_PARAM params[])
  364. {
  365. struct fake_import_data_st *data = fake_keydata;
  366. return data->export_cb(params, data->export_cbarg);
  367. }
  368. #endif
  369. int EVP_PKEY_export(const EVP_PKEY *pkey, int selection,
  370. OSSL_CALLBACK *export_cb, void *export_cbarg)
  371. {
  372. if (pkey == NULL) {
  373. ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
  374. return 0;
  375. }
  376. #ifndef FIPS_MODULE
  377. if (evp_pkey_is_legacy(pkey)) {
  378. struct fake_import_data_st data;
  379. data.export_cb = export_cb;
  380. data.export_cbarg = export_cbarg;
  381. /*
  382. * We don't need to care about libctx or propq here, as we're only
  383. * interested in the resulting OSSL_PARAM array.
  384. */
  385. return pkey->ameth->export_to(pkey, &data, pkey_fake_import,
  386. NULL, NULL);
  387. }
  388. #endif
  389. return evp_keymgmt_util_export(pkey, selection, export_cb, export_cbarg);
  390. }