2 * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #ifndef ENCODER_PROVIDER
11 # error Macro ENCODER_PROVIDER undefined
14 #define ENCODER_STRUCTURE_type_specific_keypair "type-specific"
15 #define ENCODER_STRUCTURE_type_specific_params "type-specific"
16 #define ENCODER_STRUCTURE_type_specific "type-specific"
17 #define ENCODER_STRUCTURE_type_specific_no_pub "type-specific"
18 #define ENCODER_STRUCTURE_PKCS8 "pkcs8"
19 #define ENCODER_STRUCTURE_SubjectPublicKeyInfo "SubjectPublicKeyInfo"
20 #define ENCODER_STRUCTURE_DH "dh"
21 #define ENCODER_STRUCTURE_DHX "dhx"
22 #define ENCODER_STRUCTURE_DSA "dsa"
23 #define ENCODER_STRUCTURE_EC "ec"
24 #define ENCODER_STRUCTURE_RSA "rsa"
25 #define ENCODER_STRUCTURE_PKCS1 "pkcs1"
26 #define ENCODER_STRUCTURE_PKCS3 "pkcs3"
27 #define ENCODER_STRUCTURE_X9_42 "X9.42"
28 #define ENCODER_STRUCTURE_X9_62 "X9.62"
30 /* Arguments are prefixed with '_' to avoid build breaks on certain platforms */
31 #define ENCODER_TEXT(_name, _sym, _fips) \
33 "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=text", \
34 (ossl_##_sym##_to_text_encoder_functions) }
35 #define ENCODER(_name, _sym, _fips, _output) \
37 "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=" #_output, \
38 (ossl_##_sym##_to_##_output##_encoder_functions) }
39 #define ENCODER_w_structure(_name, _sym, _fips, _output, _structure) \
41 "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=" #_output \
42 ",structure=" ENCODER_STRUCTURE_##_structure, \
43 (ossl_##_sym##_to_##_structure##_##_output##_encoder_functions) }
46 * Entries for human text "encoders"
48 ENCODER_TEXT("RSA", rsa, yes),
49 ENCODER_TEXT("RSA-PSS", rsapss, yes),
51 ENCODER_TEXT("DH", dh, yes),
52 ENCODER_TEXT("DHX", dhx, yes),
54 #ifndef OPENSSL_NO_DSA
55 ENCODER_TEXT("DSA", dsa, yes),
58 ENCODER_TEXT("EC", ec, yes),
59 ENCODER_TEXT("ED25519", ed25519, yes),
60 ENCODER_TEXT("ED448", ed448, yes),
61 ENCODER_TEXT("X25519", x25519, yes),
62 ENCODER_TEXT("X448", x448, yes),
63 # ifndef OPENSSL_NO_SM2
64 ENCODER_TEXT("SM2", sm2, yes),
69 * Entries for key type specific output formats. The structure name on these
70 * is the same as the key type name. This allows us to say something like:
72 * To replace i2d_{TYPE}PrivateKey(), i2d_{TYPE}PublicKey() and
73 * i2d_{TYPE}Params(), use OSSL_ENCODER functions with an OSSL_ENCODER_CTX
76 * OSSL_ENCODER_CTX *ctx =
77 * OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "DER", "type-specific",
80 * To replace PEM_write_bio_{TYPE}PrivateKey(), PEM_write_bio_{TYPE}PublicKey()
81 * and PEM_write_bio_{TYPE}Params(), use OSSL_ENCODER functions with an
82 * OSSL_ENCODER_CTX created like this:
84 * OSSL_ENCODER_CTX *ctx =
85 * OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "PEM", "type-specific",
88 * We only implement those for which there are current i2d_ and PEM_write_bio
92 /* The RSA encoders only support private key and public key output */
93 ENCODER_w_structure("RSA", rsa, yes, der, type_specific_keypair),
94 ENCODER_w_structure("RSA", rsa, yes, pem, type_specific_keypair),
96 /* DH and X9.42 DH only support key parameters output. */
97 ENCODER_w_structure("DH", dh, yes, der, type_specific_params),
98 ENCODER_w_structure("DH", dh, yes, pem, type_specific_params),
99 ENCODER_w_structure("DHX", dhx, yes, der, type_specific_params),
100 ENCODER_w_structure("DHX", dhx, yes, pem, type_specific_params),
102 #ifndef OPENSSL_NO_DSA
103 ENCODER_w_structure("DSA", dsa, yes, der, type_specific),
104 ENCODER_w_structure("DSA", dsa, yes, pem, type_specific),
106 #ifndef OPENSSL_NO_EC
107 /* EC only supports keypair and parameters output. */
108 ENCODER_w_structure("EC", ec, yes, der, type_specific_no_pub),
109 ENCODER_w_structure("EC", ec, yes, pem, type_specific_no_pub),
110 # ifndef OPENSSL_NO_SM2
111 ENCODER_w_structure("SM2", sm2, yes, der, type_specific_no_pub),
112 ENCODER_w_structure("SM2", sm2, yes, pem, type_specific_no_pub),
117 * Entries for the output formats MSBLOB and PVK
119 ENCODER("RSA", rsa, yes, msblob),
120 ENCODER("RSA", rsa, yes, pvk),
121 #ifndef OPENSSL_NO_DSA
122 ENCODER("DSA", dsa, yes, msblob),
123 ENCODER("DSA", dsa, yes, pvk),
127 * Entries for PKCS#8 and SubjectPublicKeyInfo.
128 * The "der" ones are added convenience for any user that wants to use
129 * OSSL_ENCODER directly.
130 * The "pem" ones also support PEM_write_bio_PrivateKey() and
131 * PEM_write_bio_PUBKEY().
133 ENCODER_w_structure("RSA", rsa, yes, der, PKCS8),
134 ENCODER_w_structure("RSA", rsa, yes, pem, PKCS8),
135 ENCODER_w_structure("RSA", rsa, yes, der, SubjectPublicKeyInfo),
136 ENCODER_w_structure("RSA", rsa, yes, pem, SubjectPublicKeyInfo),
138 ENCODER_w_structure("RSA-PSS", rsapss, yes, der, PKCS8),
139 ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, PKCS8),
140 ENCODER_w_structure("RSA-PSS", rsapss, yes, der, SubjectPublicKeyInfo),
141 ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, SubjectPublicKeyInfo),
143 #ifndef OPENSSL_NO_DH
144 ENCODER_w_structure("DH", dh, yes, der, PKCS8),
145 ENCODER_w_structure("DH", dh, yes, pem, PKCS8),
146 ENCODER_w_structure("DH", dh, yes, der, SubjectPublicKeyInfo),
147 ENCODER_w_structure("DH", dh, yes, pem, SubjectPublicKeyInfo),
149 ENCODER_w_structure("DHX", dhx, yes, der, PKCS8),
150 ENCODER_w_structure("DHX", dhx, yes, pem, PKCS8),
151 ENCODER_w_structure("DHX", dhx, yes, der, SubjectPublicKeyInfo),
152 ENCODER_w_structure("DHX", dhx, yes, pem, SubjectPublicKeyInfo),
155 #ifndef OPENSSL_NO_DSA
156 ENCODER_w_structure("DSA", dsa, yes, der, PKCS8),
157 ENCODER_w_structure("DSA", dsa, yes, pem, PKCS8),
158 ENCODER_w_structure("DSA", dsa, yes, der, SubjectPublicKeyInfo),
159 ENCODER_w_structure("DSA", dsa, yes, pem, SubjectPublicKeyInfo),
162 #ifndef OPENSSL_NO_EC
163 ENCODER_w_structure("EC", ec, yes, der, PKCS8),
164 ENCODER_w_structure("EC", ec, yes, pem, PKCS8),
165 ENCODER_w_structure("EC", ec, yes, der, SubjectPublicKeyInfo),
166 ENCODER_w_structure("EC", ec, yes, pem, SubjectPublicKeyInfo),
168 ENCODER_w_structure("X25519", x25519, yes, der, PKCS8),
169 ENCODER_w_structure("X25519", x25519, yes, pem, PKCS8),
170 ENCODER_w_structure("X25519", x25519, yes, der, SubjectPublicKeyInfo),
171 ENCODER_w_structure("X25519", x25519, yes, pem, SubjectPublicKeyInfo),
173 ENCODER_w_structure("X448", x448, yes, der, PKCS8),
174 ENCODER_w_structure("X448", x448, yes, pem, PKCS8),
175 ENCODER_w_structure("X448", x448, yes, der, SubjectPublicKeyInfo),
176 ENCODER_w_structure("X448", x448, yes, pem, SubjectPublicKeyInfo),
178 ENCODER_w_structure("ED25519", ed25519, yes, der, PKCS8),
179 ENCODER_w_structure("ED25519", ed25519, yes, pem, PKCS8),
180 ENCODER_w_structure("ED25519", ed25519, yes, der, SubjectPublicKeyInfo),
181 ENCODER_w_structure("ED25519", ed25519, yes, pem, SubjectPublicKeyInfo),
183 ENCODER_w_structure("ED448", ed448, yes, der, PKCS8),
184 ENCODER_w_structure("ED448", ed448, yes, pem, PKCS8),
185 ENCODER_w_structure("ED448", ed448, yes, der, SubjectPublicKeyInfo),
186 ENCODER_w_structure("ED448", ed448, yes, pem, SubjectPublicKeyInfo),
188 # ifndef OPENSSL_NO_SM2
189 ENCODER_w_structure("SM2", sm2, yes, der, PKCS8),
190 ENCODER_w_structure("SM2", sm2, yes, pem, PKCS8),
191 ENCODER_w_structure("SM2", sm2, yes, der, SubjectPublicKeyInfo),
192 ENCODER_w_structure("SM2", sm2, yes, pem, SubjectPublicKeyInfo),
197 * Entries for key type specific output formats. These are exactly the
198 * same as the type specific above, except that they use the key type
199 * name as structure name instead of "type-specific", in the call on
200 * OSSL_ENCODER_CTX_new_for_pkey().
203 /* The RSA encoders only support private key and public key output */
204 ENCODER_w_structure("RSA", rsa, yes, der, RSA),
205 ENCODER_w_structure("RSA", rsa, yes, pem, RSA),
206 #ifndef OPENSSL_NO_DH
207 /* DH and X9.42 DH only support key parameters output. */
208 ENCODER_w_structure("DH", dh, yes, der, DH),
209 ENCODER_w_structure("DH", dh, yes, pem, DH),
210 ENCODER_w_structure("DHX", dhx, yes, der, DHX),
211 ENCODER_w_structure("DHX", dhx, yes, pem, DHX),
213 #ifndef OPENSSL_NO_DSA
214 ENCODER_w_structure("DSA", dsa, yes, der, DSA),
215 ENCODER_w_structure("DSA", dsa, yes, pem, DSA),
217 #ifndef OPENSSL_NO_EC
218 ENCODER_w_structure("EC", ec, yes, der, EC),
219 ENCODER_w_structure("EC", ec, yes, pem, EC),
223 * Additional entries with structure names being the standard name.
224 * This is entirely for the convenience of the user that wants to use
225 * OSSL_ENCODER directly with names they may fancy. These do not impact
226 * on libcrypto functionality in any way.
228 /* PKCS#1 is a well known for plain RSA keys, so we add that too */
229 ENCODER_w_structure("RSA", rsa, yes, der, PKCS1),
230 ENCODER_w_structure("RSA", rsa, yes, pem, PKCS1),
231 ENCODER_w_structure("RSA-PSS", rsapss, yes, der, PKCS1),
232 ENCODER_w_structure("RSA-PSS", rsapss, yes, pem, PKCS1),
233 #ifndef OPENSSL_NO_DH
234 /* PKCS#3 defines the format for DH parameters */
235 ENCODER_w_structure("DH", dh, yes, der, PKCS3),
236 ENCODER_w_structure("DH", dh, yes, pem, PKCS3),
237 /* X9.42 defines the format for DHX parameters */
238 ENCODER_w_structure("DHX", dhx, yes, der, X9_42),
239 ENCODER_w_structure("DHX", dhx, yes, pem, X9_42),
241 #ifndef OPENSSL_NO_EC
242 /* RFC 5915 defines the format for EC keys and parameters */
243 ENCODER_w_structure("EC", ec, yes, der, X9_62),
244 ENCODER_w_structure("EC", ec, yes, pem, X9_62),