2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #ifndef ENCODER_PROVIDER
11 # error Macro ENCODER_PROVIDER undefined
14 #define ENCODER_STRUCTURE_type_specific_keypair "type-specific"
15 #define ENCODER_STRUCTURE_type_specific_params "type-specific"
16 #define ENCODER_STRUCTURE_type_specific "type-specific"
17 #define ENCODER_STRUCTURE_type_specific_no_pub "type-specific"
18 #define ENCODER_STRUCTURE_PKCS8 "pkcs8"
19 #define ENCODER_STRUCTURE_SubjectPublicKeyInfo "SubjectPublicKeyInfo"
20 #define ENCODER_STRUCTURE_DH "dh"
21 #define ENCODER_STRUCTURE_DHX "dhx"
22 #define ENCODER_STRUCTURE_DSA "dsa"
23 #define ENCODER_STRUCTURE_EC "ec"
24 #define ENCODER_STRUCTURE_RSA "rsa"
25 #define ENCODER_STRUCTURE_PKCS1 "pkcs1"
26 #define ENCODER_STRUCTURE_PKCS3 "pkcs3"
27 #define ENCODER_STRUCTURE_X9_42 "X9.42"
28 #define ENCODER_STRUCTURE_X9_62 "X9.62"
30 /* Arguments are prefixed with '_' to avoid build breaks on certain platforms */
31 #define ENCODER_TEXT(_name, _sym, _fips) \
33 "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=text", \
34 (ossl_##_sym##_to_text_encoder_functions) }
35 #define ENCODER(_name, _sym, _fips, _output, _structure) \
37 "provider=" ENCODER_PROVIDER ",fips=" #_fips ",output=" #_output \
38 ",structure=" ENCODER_STRUCTURE_##_structure, \
39 (ossl_##_sym##_to_##_structure##_##_output##_encoder_functions) }
42 * Entries for human text "encoders"
44 ENCODER_TEXT("RSA", rsa, yes),
45 ENCODER_TEXT("RSA-PSS", rsapss, yes),
47 ENCODER_TEXT("DH", dh, yes),
48 ENCODER_TEXT("DHX", dhx, yes),
50 #ifndef OPENSSL_NO_DSA
51 ENCODER_TEXT("DSA", dsa, yes),
54 ENCODER_TEXT("EC", ec, yes),
55 ENCODER_TEXT("ED25519", ed25519, yes),
56 ENCODER_TEXT("ED448", ed448, yes),
57 ENCODER_TEXT("X25519", x25519, yes),
58 ENCODER_TEXT("X448", x448, yes),
62 * Entries for key type specific output formats. The structure name on these
63 * is the same as the key type name. This allows us to say something like:
65 * To replace i2d_{TYPE}PrivateKey(), i2d_{TYPE}PublicKey() and
66 * i2d_{TYPE}Params(), use OSSL_ENCODER functions with an OSSL_ENCODER_CTX
69 * OSSL_ENCODER_CTX *ctx =
70 * OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, selection, "DER", "type-specific",
73 * To replace PEM_write_bio_{TYPE}PrivateKey(), PEM_write_bio_{TYPE}PublicKey()
74 * and PEM_write_bio_{TYPE}Params(), use OSSL_ENCODER functions with an
75 * OSSL_ENCODER_CTX created like this:
77 * OSSL_ENCODER_CTX *ctx =
78 * OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, selection, "PEM", "type-specific",
81 * We only implement those for which there are current i2d_ and PEM_write_bio
85 /* The RSA encoders only support private key and public key output */
86 ENCODER("RSA", rsa, yes, der, type_specific_keypair),
87 ENCODER("RSA", rsa, yes, pem, type_specific_keypair),
89 /* DH and X9.42 DH only support key parameters output. */
90 ENCODER("DH", dh, yes, der, type_specific_params),
91 ENCODER("DH", dh, yes, pem, type_specific_params),
92 ENCODER("DHX", dhx, yes, der, type_specific_params),
93 ENCODER("DHX", dhx, yes, pem, type_specific_params),
95 #ifndef OPENSSL_NO_DSA
96 ENCODER("DSA", dsa, yes, der, type_specific),
97 ENCODER("DSA", dsa, yes, pem, type_specific),
100 /* EC only supports keypair and parameters output. */
101 ENCODER("EC", ec, yes, der, type_specific_no_pub),
102 ENCODER("EC", ec, yes, pem, type_specific_no_pub),
106 * Entries for PKCS#8 and SubjectPublicKeyInfo.
107 * The "der" ones are added convenience for any user that wants to use
108 * OSSL_ENCODER directly.
109 * The "pem" ones also support PEM_write_bio_PrivateKey() and
110 * PEM_write_bio_PUBKEY().
112 ENCODER("RSA", rsa, yes, der, PKCS8),
113 ENCODER("RSA", rsa, yes, pem, PKCS8),
114 ENCODER("RSA", rsa, yes, der, SubjectPublicKeyInfo),
115 ENCODER("RSA", rsa, yes, pem, SubjectPublicKeyInfo),
117 ENCODER("RSA-PSS", rsapss, yes, der, PKCS8),
118 ENCODER("RSA-PSS", rsapss, yes, pem, PKCS8),
119 ENCODER("RSA-PSS", rsapss, yes, der, SubjectPublicKeyInfo),
120 ENCODER("RSA-PSS", rsapss, yes, pem, SubjectPublicKeyInfo),
122 #ifndef OPENSSL_NO_DH
123 ENCODER("DH", dh, yes, der, PKCS8),
124 ENCODER("DH", dh, yes, pem, PKCS8),
125 ENCODER("DH", dh, yes, der, SubjectPublicKeyInfo),
126 ENCODER("DH", dh, yes, pem, SubjectPublicKeyInfo),
128 ENCODER("DHX", dhx, yes, der, PKCS8),
129 ENCODER("DHX", dhx, yes, pem, PKCS8),
130 ENCODER("DHX", dhx, yes, der, SubjectPublicKeyInfo),
131 ENCODER("DHX", dhx, yes, pem, SubjectPublicKeyInfo),
134 #ifndef OPENSSL_NO_DSA
135 ENCODER("DSA", dsa, yes, der, PKCS8),
136 ENCODER("DSA", dsa, yes, pem, PKCS8),
137 ENCODER("DSA", dsa, yes, der, SubjectPublicKeyInfo),
138 ENCODER("DSA", dsa, yes, pem, SubjectPublicKeyInfo),
141 #ifndef OPENSSL_NO_EC
142 ENCODER("EC", ec, yes, der, PKCS8),
143 ENCODER("EC", ec, yes, pem, PKCS8),
144 ENCODER("EC", ec, yes, der, SubjectPublicKeyInfo),
145 ENCODER("EC", ec, yes, pem, SubjectPublicKeyInfo),
147 ENCODER("X25519", x25519, yes, der, PKCS8),
148 ENCODER("X25519", x25519, yes, pem, PKCS8),
149 ENCODER("X25519", x25519, yes, der, SubjectPublicKeyInfo),
150 ENCODER("X25519", x25519, yes, pem, SubjectPublicKeyInfo),
152 ENCODER("X448", x448, yes, der, PKCS8),
153 ENCODER("X448", x448, yes, pem, PKCS8),
154 ENCODER("X448", x448, yes, der, SubjectPublicKeyInfo),
155 ENCODER("X448", x448, yes, pem, SubjectPublicKeyInfo),
157 ENCODER("ED25519", ed25519, yes, der, PKCS8),
158 ENCODER("ED25519", ed25519, yes, pem, PKCS8),
159 ENCODER("ED25519", ed25519, yes, der, SubjectPublicKeyInfo),
160 ENCODER("ED25519", ed25519, yes, pem, SubjectPublicKeyInfo),
162 ENCODER("ED448", ed448, yes, der, PKCS8),
163 ENCODER("ED448", ed448, yes, pem, PKCS8),
164 ENCODER("ED448", ed448, yes, der, SubjectPublicKeyInfo),
165 ENCODER("ED448", ed448, yes, pem, SubjectPublicKeyInfo),
169 * Entries for key type specific output formats. These are exactly the
170 * same as the type specific above, except that they use the key type
171 * name as structure name instead of "type-specific", in the call on
172 * OSSL_ENCODER_CTX_new_by_EVP_PKEY().
175 /* The RSA encoders only support private key and public key output */
176 ENCODER("RSA", rsa, yes, der, RSA),
177 ENCODER("RSA", rsa, yes, pem, RSA),
178 #ifndef OPENSSL_NO_DH
179 /* DH and X9.42 DH only support key parameters output. */
180 ENCODER("DH", dh, yes, der, DH),
181 ENCODER("DH", dh, yes, pem, DH),
182 ENCODER("DHX", dhx, yes, der, DHX),
183 ENCODER("DHX", dhx, yes, pem, DHX),
185 #ifndef OPENSSL_NO_DSA
186 ENCODER("DSA", dsa, yes, der, DSA),
187 ENCODER("DSA", dsa, yes, pem, DSA),
189 #ifndef OPENSSL_NO_EC
190 ENCODER("EC", ec, yes, der, EC),
191 ENCODER("EC", ec, yes, pem, EC),
195 * Additional entries with structure names being the standard name.
196 * This is entirely for the convenience of the user that wants to use
197 * OSSL_ENCODER directly with names they may fancy. These do not impact
198 * on libcrypto functionality in any way.
200 /* PKCS#1 is a well known for plain RSA keys, so we add that too */
201 ENCODER("RSA", rsa, yes, der, PKCS1),
202 ENCODER("RSA", rsa, yes, pem, PKCS1),
203 ENCODER("RSA-PSS", rsapss, yes, der, PKCS1),
204 ENCODER("RSA-PSS", rsapss, yes, pem, PKCS1),
205 #ifndef OPENSSL_NO_DH
206 /* PKCS#3 defines the format for DH parameters */
207 ENCODER("DH", dh, yes, der, PKCS3),
208 ENCODER("DH", dh, yes, pem, PKCS3),
209 /* X9.42 defines the format for DHX parameters */
210 ENCODER("DHX", dhx, yes, der, X9_42),
211 ENCODER("DHX", dhx, yes, pem, X9_42),
213 #ifndef OPENSSL_NO_EC
214 /* RFC 5915 defines the format for EC keys and parameters */
215 ENCODER("EC", ec, yes, der, X9_62),
216 ENCODER("EC", ec, yes, pem, X9_62),