2 * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #ifndef ENCODER_PROVIDER
11 # error Macro ENCODER_PROVIDER undefined
14 #define ENCODER_STRUCTURE_type_specific_keypair "type-specific"
15 #define ENCODER_STRUCTURE_type_specific_params "type-specific"
16 #define ENCODER_STRUCTURE_type_specific "type-specific"
17 #define ENCODER_STRUCTURE_type_specific_no_pub "type-specific"
18 #define ENCODER_STRUCTURE_EncryptedPrivateKeyInfo "EncryptedPrivateKeyInfo"
19 #define ENCODER_STRUCTURE_PrivateKeyInfo "PrivateKeyInfo"
20 #define ENCODER_STRUCTURE_SubjectPublicKeyInfo "SubjectPublicKeyInfo"
21 #define ENCODER_STRUCTURE_DH "dh"
22 #define ENCODER_STRUCTURE_DHX "dhx"
23 #define ENCODER_STRUCTURE_DSA "dsa"
24 #define ENCODER_STRUCTURE_EC "ec"
25 #define ENCODER_STRUCTURE_RSA "rsa"
26 #define ENCODER_STRUCTURE_PKCS1 "pkcs1"
27 #define ENCODER_STRUCTURE_PKCS3 "pkcs3"
28 #define ENCODER_STRUCTURE_X9_42 "X9.42"
29 #define ENCODER_STRUCTURE_X9_62 "X9.62"
31 /* Arguments are prefixed with '_' to avoid build breaks on certain platforms */
32 #define ENCODER_TEXT(_name, _sym, _fips) \
34 "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=text", \
35 (ossl_##_sym##_to_text_encoder_functions) }
36 #define ENCODER(_name, _sym, _fips, _output) \
38 "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=" #_output, \
39 (ossl_##_sym##_to_##_output##_encoder_functions) }
40 #define ENCODER_w_structure(_name, _sym, _fips, _output, _structure) \
42 "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=" #_output \
43 ",structure=" ENCODER_STRUCTURE_##_structure, \
44 (ossl_##_sym##_to_##_structure##_##_output##_encoder_functions) }
47 * Entries for human text "encoders"
49 ENCODER_TEXT("RSA", rsa, yes),
50 ENCODER_TEXT("RSA-PSS", rsapss, yes),
52 ENCODER_TEXT("DH", dh, yes),
53 ENCODER_TEXT("DHX", dhx, yes),
55 #ifndef OPENSSL_NO_DSA
56 ENCODER_TEXT("DSA", dsa, yes),
59 ENCODER_TEXT("EC", ec, yes),
60 ENCODER_TEXT("ED25519", ed25519, yes),
61 ENCODER_TEXT("ED448", ed448, yes),
62 ENCODER_TEXT("X25519", x25519, yes),
63 ENCODER_TEXT("X448", x448, yes),
64 # ifndef OPENSSL_NO_SM2
65 ENCODER_TEXT("SM2", sm2, no),
70 * Entries for key type specific output formats. The structure name on these
71 * is the same as the key type name. This allows us to say something like:
73 * To replace i2d_{TYPE}PrivateKey(), i2d_{TYPE}PublicKey() and
74 * i2d_{TYPE}Params(), use OSSL_ENCODER functions with an OSSL_ENCODER_CTX
77 * OSSL_ENCODER_CTX *ctx =
78 * OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "DER", "type-specific",
81 * To replace PEM_write_bio_{TYPE}PrivateKey(), PEM_write_bio_{TYPE}PublicKey()
82 * and PEM_write_bio_{TYPE}Params(), use OSSL_ENCODER functions with an
83 * OSSL_ENCODER_CTX created like this:
85 * OSSL_ENCODER_CTX *ctx =
86 * OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "PEM", "type-specific",
89 * We only implement those for which there are current i2d_ and PEM_write_bio
93 /* The RSA encoders only support private key and public key output */
94 ENCODER_w_structure("RSA", rsa, yes, der, type_specific_keypair),
95 ENCODER_w_structure("RSA", rsa, yes, pem, type_specific_keypair),
97 /* DH and X9.42 DH only support key parameters output. */
98 ENCODER_w_structure("DH", dh, yes, der, type_specific_params),
99 ENCODER_w_structure("DH", dh, yes, pem, type_specific_params),
100 ENCODER_w_structure("DHX", dhx, yes, der, type_specific_params),
101 ENCODER_w_structure("DHX", dhx, yes, pem, type_specific_params),
103 #ifndef OPENSSL_NO_DSA
104 ENCODER_w_structure("DSA", dsa, yes, der, type_specific),
105 ENCODER_w_structure("DSA", dsa, yes, pem, type_specific),
107 #ifndef OPENSSL_NO_EC
108 /* EC only supports keypair and parameters DER and PEM output. */
109 ENCODER_w_structure("EC", ec, yes, der, type_specific_no_pub),
110 ENCODER_w_structure("EC", ec, yes, pem, type_specific_no_pub),
111 /* EC supports blob output for the public key */
112 ENCODER("EC", ec, yes, blob),
113 # ifndef OPENSSL_NO_SM2
114 ENCODER_w_structure("SM2", sm2, no, der, type_specific_no_pub),
115 ENCODER_w_structure("SM2", sm2, no, pem, type_specific_no_pub),
116 ENCODER("SM2", sm2, no, blob),
121 * Entries for the output formats MSBLOB and PVK
123 ENCODER("RSA", rsa, yes, msblob),
124 ENCODER("RSA", rsa, yes, pvk),
125 #ifndef OPENSSL_NO_DSA
126 ENCODER("DSA", dsa, yes, msblob),
127 ENCODER("DSA", dsa, yes, pvk),
131 * Entries for encrypted PKCS#8 (EncryptedPrivateKeyInfo), unencrypted PKCS#8
132 * (PrivateKeyInfo) and SubjectPublicKeyInfo. The "der" ones are added
133 * convenience for any user that wants to use OSSL_ENCODER directly.
134 * The "pem" ones also support PEM_write_bio_PrivateKey() and
135 * PEM_write_bio_PUBKEY().
137 ENCODER_w_structure("RSA", rsa, yes, der, EncryptedPrivateKeyInfo),
138 ENCODER_w_structure("RSA", rsa, yes, pem, EncryptedPrivateKeyInfo),
139 ENCODER_w_structure("RSA", rsa, yes, der, PrivateKeyInfo),
140 ENCODER_w_structure("RSA", rsa, yes, pem, PrivateKeyInfo),
141 ENCODER_w_structure("RSA", rsa, yes, der, SubjectPublicKeyInfo),
142 ENCODER_w_structure("RSA", rsa, yes, pem, SubjectPublicKeyInfo),
144 ENCODER_w_structure("RSA-PSS", rsapss, yes, der, EncryptedPrivateKeyInfo),
145 ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, EncryptedPrivateKeyInfo),
146 ENCODER_w_structure("RSA-PSS", rsapss, yes, der, PrivateKeyInfo),
147 ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, PrivateKeyInfo),
148 ENCODER_w_structure("RSA-PSS", rsapss, yes, der, SubjectPublicKeyInfo),
149 ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, SubjectPublicKeyInfo),
151 #ifndef OPENSSL_NO_DH
152 ENCODER_w_structure("DH", dh, yes, der, EncryptedPrivateKeyInfo),
153 ENCODER_w_structure("DH", dh, yes, pem, EncryptedPrivateKeyInfo),
154 ENCODER_w_structure("DH", dh, yes, der, PrivateKeyInfo),
155 ENCODER_w_structure("DH", dh, yes, pem, PrivateKeyInfo),
156 ENCODER_w_structure("DH", dh, yes, der, SubjectPublicKeyInfo),
157 ENCODER_w_structure("DH", dh, yes, pem, SubjectPublicKeyInfo),
159 ENCODER_w_structure("DHX", dhx, yes, der, EncryptedPrivateKeyInfo),
160 ENCODER_w_structure("DHX", dhx, yes, pem, EncryptedPrivateKeyInfo),
161 ENCODER_w_structure("DHX", dhx, yes, der, PrivateKeyInfo),
162 ENCODER_w_structure("DHX", dhx, yes, pem, PrivateKeyInfo),
163 ENCODER_w_structure("DHX", dhx, yes, der, SubjectPublicKeyInfo),
164 ENCODER_w_structure("DHX", dhx, yes, pem, SubjectPublicKeyInfo),
167 #ifndef OPENSSL_NO_DSA
168 ENCODER_w_structure("DSA", dsa, yes, der, EncryptedPrivateKeyInfo),
169 ENCODER_w_structure("DSA", dsa, yes, pem, EncryptedPrivateKeyInfo),
170 ENCODER_w_structure("DSA", dsa, yes, der, PrivateKeyInfo),
171 ENCODER_w_structure("DSA", dsa, yes, pem, PrivateKeyInfo),
172 ENCODER_w_structure("DSA", dsa, yes, der, SubjectPublicKeyInfo),
173 ENCODER_w_structure("DSA", dsa, yes, pem, SubjectPublicKeyInfo),
176 #ifndef OPENSSL_NO_EC
177 ENCODER_w_structure("EC", ec, yes, der, EncryptedPrivateKeyInfo),
178 ENCODER_w_structure("EC", ec, yes, pem, EncryptedPrivateKeyInfo),
179 ENCODER_w_structure("EC", ec, yes, der, PrivateKeyInfo),
180 ENCODER_w_structure("EC", ec, yes, pem, PrivateKeyInfo),
181 ENCODER_w_structure("EC", ec, yes, der, SubjectPublicKeyInfo),
182 ENCODER_w_structure("EC", ec, yes, pem, SubjectPublicKeyInfo),
184 ENCODER_w_structure("X25519", x25519, yes, der, EncryptedPrivateKeyInfo),
185 ENCODER_w_structure("X25519", x25519, yes, pem, EncryptedPrivateKeyInfo),
186 ENCODER_w_structure("X25519", x25519, yes, der, PrivateKeyInfo),
187 ENCODER_w_structure("X25519", x25519, yes, pem, PrivateKeyInfo),
188 ENCODER_w_structure("X25519", x25519, yes, der, SubjectPublicKeyInfo),
189 ENCODER_w_structure("X25519", x25519, yes, pem, SubjectPublicKeyInfo),
191 ENCODER_w_structure("X448", x448, yes, der, EncryptedPrivateKeyInfo),
192 ENCODER_w_structure("X448", x448, yes, pem, EncryptedPrivateKeyInfo),
193 ENCODER_w_structure("X448", x448, yes, der, PrivateKeyInfo),
194 ENCODER_w_structure("X448", x448, yes, pem, PrivateKeyInfo),
195 ENCODER_w_structure("X448", x448, yes, der, SubjectPublicKeyInfo),
196 ENCODER_w_structure("X448", x448, yes, pem, SubjectPublicKeyInfo),
198 ENCODER_w_structure("ED25519", ed25519, yes, der, EncryptedPrivateKeyInfo),
199 ENCODER_w_structure("ED25519", ed25519, yes, pem, EncryptedPrivateKeyInfo),
200 ENCODER_w_structure("ED25519", ed25519, yes, der, PrivateKeyInfo),
201 ENCODER_w_structure("ED25519", ed25519, yes, pem, PrivateKeyInfo),
202 ENCODER_w_structure("ED25519", ed25519, yes, der, SubjectPublicKeyInfo),
203 ENCODER_w_structure("ED25519", ed25519, yes, pem, SubjectPublicKeyInfo),
205 ENCODER_w_structure("ED448", ed448, yes, der, EncryptedPrivateKeyInfo),
206 ENCODER_w_structure("ED448", ed448, yes, pem, EncryptedPrivateKeyInfo),
207 ENCODER_w_structure("ED448", ed448, yes, der, PrivateKeyInfo),
208 ENCODER_w_structure("ED448", ed448, yes, pem, PrivateKeyInfo),
209 ENCODER_w_structure("ED448", ed448, yes, der, SubjectPublicKeyInfo),
210 ENCODER_w_structure("ED448", ed448, yes, pem, SubjectPublicKeyInfo),
212 # ifndef OPENSSL_NO_SM2
213 ENCODER_w_structure("SM2", sm2, no, der, EncryptedPrivateKeyInfo),
214 ENCODER_w_structure("SM2", sm2, no, pem, EncryptedPrivateKeyInfo),
215 ENCODER_w_structure("SM2", sm2, no, der, PrivateKeyInfo),
216 ENCODER_w_structure("SM2", sm2, no, pem, PrivateKeyInfo),
217 ENCODER_w_structure("SM2", sm2, no, der, SubjectPublicKeyInfo),
218 ENCODER_w_structure("SM2", sm2, no, pem, SubjectPublicKeyInfo),
223 * Entries for key type specific output formats. These are exactly the
224 * same as the type specific above, except that they use the key type
225 * name as structure name instead of "type-specific", in the call on
226 * OSSL_ENCODER_CTX_new_for_pkey().
229 /* The RSA encoders only support private key and public key output */
230 ENCODER_w_structure("RSA", rsa, yes, der, RSA),
231 ENCODER_w_structure("RSA", rsa, yes, pem, RSA),
232 #ifndef OPENSSL_NO_DH
233 /* DH and X9.42 DH only support key parameters output. */
234 ENCODER_w_structure("DH", dh, yes, der, DH),
235 ENCODER_w_structure("DH", dh, yes, pem, DH),
236 ENCODER_w_structure("DHX", dhx, yes, der, DHX),
237 ENCODER_w_structure("DHX", dhx, yes, pem, DHX),
239 #ifndef OPENSSL_NO_DSA
240 ENCODER_w_structure("DSA", dsa, yes, der, DSA),
241 ENCODER_w_structure("DSA", dsa, yes, pem, DSA),
243 #ifndef OPENSSL_NO_EC
244 ENCODER_w_structure("EC", ec, yes, der, EC),
245 ENCODER_w_structure("EC", ec, yes, pem, EC),
249 * Additional entries with structure names being the standard name.
250 * This is entirely for the convenience of the user that wants to use
251 * OSSL_ENCODER directly with names they may fancy. These do not impact
252 * on libcrypto functionality in any way.
254 /* PKCS#1 is a well known for plain RSA keys, so we add that too */
255 ENCODER_w_structure("RSA", rsa, yes, der, PKCS1),
256 ENCODER_w_structure("RSA", rsa, yes, pem, PKCS1),
257 ENCODER_w_structure("RSA-PSS", rsapss, yes, der, PKCS1),
258 ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, PKCS1),
259 #ifndef OPENSSL_NO_DH
260 /* PKCS#3 defines the format for DH parameters */
261 ENCODER_w_structure("DH", dh, yes, der, PKCS3),
262 ENCODER_w_structure("DH", dh, yes, pem, PKCS3),
263 /* X9.42 defines the format for DHX parameters */
264 ENCODER_w_structure("DHX", dhx, yes, der, X9_42),
265 ENCODER_w_structure("DHX", dhx, yes, pem, X9_42),
267 #ifndef OPENSSL_NO_EC
268 /* RFC 5915 defines the format for EC keys and parameters */
269 ENCODER_w_structure("EC", ec, yes, der, X9_62),
270 ENCODER_w_structure("EC", ec, yes, pem, X9_62),