Convert EVP_PKEY Parameters to/from binary.
This wraps the low level i2d/d2i calls for DH,DSA and EC key parameters
in a similar way to Public and Private Keys.
The API's can be used by applications (including openssl apps) that only
want to use EVP_PKEY without needing to access low level key API's.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8903)
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_ASN1_UINTEGER, 0), "d2i_ASN1_UINTEGER"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_AUTOPRIVATEKEY, 0),
"d2i_AutoPrivateKey"},
+ {ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_KEYPARAMS, 0), "d2i_KeyParams"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_PRIVATEKEY, 0), "d2i_PrivateKey"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_PUBLICKEY, 0), "d2i_PublicKey"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_BUF, 0), "do_buf"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_ASN1_OBJECT, 0), "i2d_ASN1_OBJECT"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_DSA_PUBKEY, 0), "i2d_DSA_PUBKEY"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_EC_PUBKEY, 0), "i2d_EC_PUBKEY"},
+ {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_KEYPARAMS, 0), "i2d_KeyParams"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_PRIVATEKEY, 0), "i2d_PrivateKey"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_PUBLICKEY, 0), "i2d_PublicKey"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_RSA_PUBKEY, 0), "i2d_RSA_PUBKEY"},
x_pkey.c bio_asn1.c bio_ndef.c asn_mime.c \
asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_strnid.c \
evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p5_scrypt.c p8_pkey.c \
- asn_moid.c asn_mstbl.c asn1_item_list.c
+ asn_moid.c asn_mstbl.c asn1_item_list.c \
+ d2i_param.c i2d_param.c
--- /dev/null
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include "internal/cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include "internal/evp_int.h"
+#include "internal/asn1_int.h"
+
+EVP_PKEY *d2i_KeyParams(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length)
+{
+ EVP_PKEY *ret = NULL;
+ const unsigned char *p = *pp;
+
+ if ((a == NULL) || (*a == NULL)) {
+ if ((ret = EVP_PKEY_new()) == NULL)
+ return NULL;
+ } else
+ ret = *a;
+
+ if (type != EVP_PKEY_id(ret) && !EVP_PKEY_set_type(ret, type))
+ goto err;
+
+ if (ret->ameth == NULL || ret->ameth->param_decode == NULL) {
+ ASN1err(ASN1_F_D2I_KEYPARAMS, ASN1_R_UNSUPPORTED_TYPE);
+ goto err;
+ }
+
+ if (!ret->ameth->param_decode(ret, &p, length))
+ goto err;
+
+ if (a != NULL)
+ (*a) = ret;
+ return ret;
+err:
+ if (a == NULL || *a != ret)
+ EVP_PKEY_free(ret);
+ return NULL;
+}
+
+EVP_PKEY *d2i_KeyParams_bio(int type, EVP_PKEY **a, BIO *in)
+{
+ BUF_MEM *b = NULL;
+ const unsigned char *p;
+ void *ret = NULL;
+ int len;
+
+ len = asn1_d2i_read_bio(in, &b);
+ if (len < 0)
+ goto err;
+
+ p = (unsigned char *)b->data;
+ ret = d2i_KeyParams(type, a, &p, len);
+err:
+ BUF_MEM_free(b);
+ return ret;
+}
--- /dev/null
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include "internal/cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/asn1.h>
+#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
+
+int i2d_KeyParams(const EVP_PKEY *a, unsigned char **pp)
+{
+ if (a->ameth != NULL && a->ameth->param_encode != NULL)
+ return a->ameth->param_encode(a, pp);
+ ASN1err(ASN1_F_I2D_KEYPARAMS, ASN1_R_UNSUPPORTED_TYPE);
+ return -1;
+}
+
+int i2d_KeyParams_bio(BIO *bp, const EVP_PKEY *pkey)
+{
+ return ASN1_i2d_bio_of(EVP_PKEY, i2d_KeyParams, bp, pkey);
+}
+
ASN1_F_D2I_ASN1_OBJECT:147:d2i_ASN1_OBJECT
ASN1_F_D2I_ASN1_UINTEGER:150:d2i_ASN1_UINTEGER
ASN1_F_D2I_AUTOPRIVATEKEY:207:d2i_AutoPrivateKey
+ASN1_F_D2I_KEYPARAMS:144:d2i_KeyParams
ASN1_F_D2I_PRIVATEKEY:154:d2i_PrivateKey
ASN1_F_D2I_PUBLICKEY:155:d2i_PublicKey
ASN1_F_DO_BUF:142:do_buf
ASN1_F_I2D_ASN1_OBJECT:143:i2d_ASN1_OBJECT
ASN1_F_I2D_DSA_PUBKEY:161:i2d_DSA_PUBKEY
ASN1_F_I2D_EC_PUBKEY:181:i2d_EC_PUBKEY
+ASN1_F_I2D_KEYPARAMS:145:i2d_KeyParams
ASN1_F_I2D_PRIVATEKEY:163:i2d_PrivateKey
ASN1_F_I2D_PUBLICKEY:164:i2d_PublicKey
ASN1_F_I2D_RSA_PUBKEY:165:i2d_RSA_PUBKEY
=head1 NAME
-d2i_PrivateKey, d2i_PublicKey, d2i_AutoPrivateKey,
-i2d_PrivateKey, i2d_PublicKey,
-d2i_PrivateKey_bio, d2i_PrivateKey_fp
+d2i_PrivateKey, d2i_PublicKey, d2i_KeyParams, d2i_AutoPrivateKey,
+i2d_PrivateKey, i2d_PublicKey, i2d_KeyParams, i2d_KeyParams_bio,
+d2i_PrivateKey_bio, d2i_PrivateKey_fp, d2i_KeyParams_bio
- decode and encode functions for reading and saving EVP_PKEY structures
=head1 SYNOPSIS
long length);
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length);
+ EVP_PKEY *d2i_KeyParams(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length);
EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
long length);
+
int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp);
int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp);
+ int i2d_KeyParams(const EVP_PKEY *a, unsigned char **pp);
+ int i2d_KeyParams_bio(BIO *bp, const EVP_PKEY *pkey);
EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
+ EVP_PKEY *d2i_KeyParams_bio(int type, EVP_PKEY **a, BIO *in);
=head1 DESCRIPTION
B<type> parameter should be a public key algorithm constant such as
B<EVP_PKEY_RSA>. An error occurs if the decoded key does not match B<type>.
d2i_PublicKey() does the same for public keys.
+d2i_KeyParams() does the same for domain parameter keys.
d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to
automatically detect the private key format.
i2d_PrivateKey() encodes B<key>. It uses a key specific format or, if none is
defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format.
i2d_PublicKey() does the same for public keys.
-
+i2d_KeyParams() does the same for domain parameter keys.
These functions are similar to the d2i_X509() functions; see L<d2i_X509(3)>.
=head1 NOTES
=head1 RETURN VALUES
The d2i_PrivateKey(), d2i_AutoPrivateKey(), d2i_PrivateKey_bio(), d2i_PrivateKey_fp(),
-and d2i_PublicKey() functions return a valid B<EVP_KEY> structure or B<NULL> if an
-error occurs. The error code can be obtained by calling L<ERR_get_error(3)>.
+d2i_PublicKey(), d2i_KeyParams() and d2i_KeyParams_bio() functions return a valid
+B<EVP_KEY> structure or B<NULL> if an error occurs. The error code can be
+obtained by calling L<ERR_get_error(3)>.
-i2d_PrivateKey() and i2d_PublicKey() return the number of bytes successfully
-encoded or a negative value if an error occurs. The error code can be obtained
-by calling L<ERR_get_error(3)>.
+i2d_PrivateKey(), i2d_PublicKey(), i2d_KeyParams() i2d_KeyParams_bio() return
+the number of bytes successfully encoded or a negative value if an error occurs.
+The error code can be obtained by calling L<ERR_get_error(3)>.
=head1 SEE ALSO
# define ASN1_F_D2I_ASN1_OBJECT 147
# define ASN1_F_D2I_ASN1_UINTEGER 150
# define ASN1_F_D2I_AUTOPRIVATEKEY 207
+# define ASN1_F_D2I_KEYPARAMS 144
# define ASN1_F_D2I_PRIVATEKEY 154
# define ASN1_F_D2I_PUBLICKEY 155
# define ASN1_F_DO_BUF 142
# define ASN1_F_I2D_ASN1_OBJECT 143
# define ASN1_F_I2D_DSA_PUBKEY 161
# define ASN1_F_I2D_EC_PUBKEY 181
+# define ASN1_F_I2D_KEYPARAMS 145
# define ASN1_F_I2D_PRIVATEKEY 163
# define ASN1_F_I2D_PUBLICKEY 164
# define ASN1_F_I2D_RSA_PUBKEY 165
long length);
int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp);
+int i2d_KeyParams(const EVP_PKEY *a, unsigned char **pp);
+EVP_PKEY *d2i_KeyParams(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length);
+int i2d_KeyParams_bio(BIO *bp, const EVP_PKEY *pkey);
+EVP_PKEY *d2i_KeyParams_bio(int type, EVP_PKEY **a, BIO *in);
+
int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode);
time_offset_test pemtest ssl_cert_table_internal_test ciphername_test \
servername_test ocspapitest rsa_mp_test fatalerrtest tls13ccstest \
sysdefaulttest errtest gosttest \
- context_internal_test aesgcmtest params_test
+ context_internal_test aesgcmtest params_test evp_pkey_dparams_test
SOURCE[versions]=versions.c
INCLUDE[versions]=../include ../apps/include
INCLUDE[evp_kdf_test]=../include ../apps/include
DEPEND[evp_kdf_test]=../libcrypto libtestutil.a
+ SOURCE[evp_pkey_dparams_test]=evp_pkey_dparams_test.c
+ INCLUDE[evp_pkey_dparams_test]=../include ../apps/include
+ DEPEND[evp_pkey_dparams_test]=../libcrypto libtestutil.a
+
SOURCE[x509_time_test]=x509_time_test.c
INCLUDE[x509_time_test]=../include ../apps/include
DEPEND[x509_time_test]=../libcrypto libtestutil.a
--- /dev/null
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "internal/nelem.h"
+#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/ec.h>
+#include "testutil.h"
+
+static int pkey_param_types[] = {
+#ifndef OPENSSL_NO_DH
+ EVP_PKEY_DH,
+#endif
+#ifndef OPENSSL_NO_DSA
+ EVP_PKEY_DSA,
+#endif
+#ifndef OPENSSL_NO_EC
+ EVP_PKEY_EC
+#endif
+};
+
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
+
+static int params_bio_test(int id)
+{
+ int ret;
+ BIO *mem_bio = NULL;
+ EVP_PKEY_CTX *ctx = NULL;
+ EVP_PKEY *params_key = NULL, *out_key = NULL;
+ int type = pkey_param_types[id];
+
+ ret =
+ TEST_ptr(mem_bio = BIO_new(BIO_s_mem()))
+ && TEST_ptr(ctx = EVP_PKEY_CTX_new_id(type, NULL))
+ && TEST_int_gt(EVP_PKEY_paramgen_init(ctx), 0)
+ && (type != EVP_PKEY_EC
+ || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, NID_secp256k1) > 0)
+ && TEST_int_gt(EVP_PKEY_paramgen(ctx, ¶ms_key), 0)
+ && TEST_int_gt(i2d_KeyParams_bio(mem_bio, params_key), 0)
+ && TEST_ptr(d2i_KeyParams_bio(type, &out_key, mem_bio))
+ && TEST_int_gt(EVP_PKEY_cmp_parameters(out_key, params_key), 0);
+
+ BIO_free(mem_bio);
+ EVP_PKEY_CTX_free(ctx);
+ EVP_PKEY_free(params_key);
+ EVP_PKEY_free(out_key);
+ return ret;
+}
+#endif
+
+int setup_tests(void)
+{
+#if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC)
+ TEST_note("No DH/DSA/EC support");
+#else
+ ADD_ALL_TESTS(params_bio_test, OSSL_NELEM(pkey_param_types));
+#endif
+ return 1;
+}
--- /dev/null
+#! /usr/bin/env perl
+# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use OpenSSL::Test::Simple;
+
+simple_test("test_evp_pkey_dparam", "evp_pkey_dparams_test");
EVP_KDF_CTX_kdf 4752 3_0_0 EXIST::FUNCTION:
EVP_KDF_nid 4753 3_0_0 EXIST::FUNCTION:
EVP_get_kdfbyname 4754 3_0_0 EXIST::FUNCTION:
+i2d_KeyParams 4755 3_0_0 EXIST::FUNCTION:
+d2i_KeyParams 4756 3_0_0 EXIST::FUNCTION:
+i2d_KeyParams_bio 4757 3_0_0 EXIST::FUNCTION:
+d2i_KeyParams_bio 4758 3_0_0 EXIST::FUNCTION: