Bug Summary

File:out/../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c
Warning:line 1475, column 13
Value stored to 'ret' is never read

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-unknown-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name ctrl_params_translate.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/home/maurizio/node-v18.6.0/out -resource-dir /usr/local/lib/clang/16.0.0 -D V8_DEPRECATION_WARNINGS -D V8_IMMINENT_DEPRECATION_WARNINGS -D _GLIBCXX_USE_CXX11_ABI=1 -D NODE_OPENSSL_CONF_NAME=nodejs_conf -D NODE_OPENSSL_HAS_QUIC -D __STDC_FORMAT_MACROS -D OPENSSL_NO_PINSHARED -D OPENSSL_THREADS -D OPENSSL_NO_HW -D OPENSSL_API_COMPAT=0x10100001L -D STATIC_LEGACY -D NDEBUG -D OPENSSL_USE_NODELETE -D L_ENDIAN -D OPENSSL_BUILDING_OPENSSL -D AES_ASM -D BSAES_ASM -D CMLL_ASM -D ECP_NISTZ256_ASM -D GHASH_ASM -D KECCAK1600_ASM -D MD5_ASM -D OPENSSL_BN_ASM_GF2m -D OPENSSL_BN_ASM_MONT -D OPENSSL_BN_ASM_MONT5 -D OPENSSL_CPUID_OBJ -D OPENSSL_IA32_SSE2 -D PADLOCK_ASM -D POLY1305_ASM -D SHA1_ASM -D SHA256_ASM -D SHA512_ASM -D VPAES_ASM -D WHIRLPOOL_ASM -D X25519_ASM -D OPENSSL_PIC -D MODULESDIR="/home/maurizio/node-v18.6.0/out/Release/obj.target/deps/openssl/lib/openssl-modules" -D OPENSSLDIR="/home/maurizio/node-v18.6.0/out/Release/obj.target/deps/openssl" -D OPENSSLDIR="/etc/ssl" -D ENGINESDIR="/dev/null" -D TERMIOS -I ../deps/openssl/openssl -I ../deps/openssl/openssl/include -I ../deps/openssl/openssl/crypto -I ../deps/openssl/openssl/crypto/include -I ../deps/openssl/openssl/crypto/modes -I ../deps/openssl/openssl/crypto/ec/curve448 -I ../deps/openssl/openssl/crypto/ec/curve448/arch_32 -I ../deps/openssl/openssl/providers/common/include -I ../deps/openssl/openssl/providers/implementations/include -I ../deps/openssl/config -I ../deps/openssl/config/archs/linux-x86_64/asm -I ../deps/openssl/config/archs/linux-x86_64/asm/include -I ../deps/openssl/config/archs/linux-x86_64/asm/crypto -I ../deps/openssl/config/archs/linux-x86_64/asm/crypto/include/internal -I ../deps/openssl/config/archs/linux-x86_64/asm/providers/common/include -internal-isystem /usr/local/lib/clang/16.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-redhat-linux/8/../../../../x86_64-redhat-linux/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -O3 -Wno-unused-parameter -Wno-missing-field-initializers -Wno-old-style-declaration -fdebug-compilation-dir=/home/maurizio/node-v18.6.0/out -ferror-limit 19 -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2022-08-22-142216-507842-1 -x c ../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c
1/*
2 * Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10/*
11 * Some ctrls depend on deprecated functionality. We trust that this is
12 * functionality that remains internally even when 'no-deprecated' is
13 * configured. When we drop #legacy EVP_PKEYs, this source should be
14 * possible to drop as well.
15 */
16#include "internal/deprecated.h"
17
18#include <string.h>
19
20/* The following includes get us all the EVP_PKEY_CTRL macros */
21#include <openssl/dh.h>
22#include <openssl/dsa.h>
23#include <openssl/ec.h>
24#include <openssl/rsa.h>
25#include <openssl/kdf.h>
26
27/* This include gets us all the OSSL_PARAM key string macros */
28#include <openssl/core_names.h>
29
30#include <openssl/err.h>
31#include <openssl/evperr.h>
32#include <openssl/params.h>
33#include "internal/nelem.h"
34#include "internal/cryptlib.h"
35#include "internal/ffc.h"
36#include "crypto/evp.h"
37#include "crypto/dh.h"
38#include "crypto/ec.h"
39
40struct translation_ctx_st; /* Forwarding */
41struct translation_st; /* Forwarding */
42
43/*
44 * The fixup_args functions are called with the following parameters:
45 *
46 * |state| The state we're called in, explained further at the
47 * end of this comment.
48 * |translation| The translation item, to be pilfered for data as
49 * necessary.
50 * |ctx| The translation context, which contains copies of
51 * the following arguments, applicable according to
52 * the caller. All of the attributes in this context
53 * may be freely modified by the fixup_args function.
54 * For cleanup, call cleanup_translation_ctx().
55 *
56 * The |state| tells the fixup_args function something about the caller and
57 * what they may expect:
58 *
59 * PKEY The fixup_args function has been called
60 * from an EVP_PKEY payload getter / setter,
61 * and is fully responsible for getting or
62 * setting the requested data. With this
63 * state, the fixup_args function is expected
64 * to use or modify |*params|, depending on
65 * |action_type|.
66 *
67 * PRE_CTRL_TO_PARAMS The fixup_args function has been called
68 * POST_CTRL_TO_PARAMS from EVP_PKEY_CTX_ctrl(), to help with
69 * translating the ctrl data to an OSSL_PARAM
70 * element or back. The calling sequence is
71 * as follows:
72 *
73 * 1. fixup_args(PRE_CTRL_TO_PARAMS, ...)
74 * 2. EVP_PKEY_CTX_set_params() or
75 * EVP_PKEY_CTX_get_params()
76 * 3. fixup_args(POST_CTRL_TO_PARAMS, ...)
77 *
78 * With the PRE_CTRL_TO_PARAMS state, the
79 * fixup_args function is expected to modify
80 * the passed |*params| in whatever way
81 * necessary, when |action_type == SET|.
82 * With the POST_CTRL_TO_PARAMS state, the
83 * fixup_args function is expected to modify
84 * the passed |p2| in whatever way necessary,
85 * when |action_type == GET|.
86 *
87 * The return value from the fixup_args call
88 * with the POST_CTRL_TO_PARAMS state becomes
89 * the return value back to EVP_PKEY_CTX_ctrl().
90 *
91 * CLEANUP_CTRL_TO_PARAMS The cleanup_args functions has been called
92 * from EVP_PKEY_CTX_ctrl(), to clean up what
93 * the fixup_args function has done, if needed.
94 *
95 *
96 * PRE_CTRL_STR_TO_PARAMS The fixup_args function has been called
97 * POST_CTRL_STR_TO_PARAMS from EVP_PKEY_CTX_ctrl_str(), to help with
98 * translating the ctrl_str data to an
99 * OSSL_PARAM element or back. The calling
100 * sequence is as follows:
101 *
102 * 1. fixup_args(PRE_CTRL_STR_TO_PARAMS, ...)
103 * 2. EVP_PKEY_CTX_set_params() or
104 * EVP_PKEY_CTX_get_params()
105 * 3. fixup_args(POST_CTRL_STR_TO_PARAMS, ...)
106 *
107 * With the PRE_CTRL_STR_TO_PARAMS state,
108 * the fixup_args function is expected to
109 * modify the passed |*params| in whatever
110 * way necessary, when |action_type == SET|.
111 * With the POST_CTRL_STR_TO_PARAMS state,
112 * the fixup_args function is only expected
113 * to return a value.
114 *
115 * CLEANUP_CTRL_STR_TO_PARAMS The cleanup_args functions has been called
116 * from EVP_PKEY_CTX_ctrl_str(), to clean up
117 * what the fixup_args function has done, if
118 * needed.
119 *
120 * PRE_PARAMS_TO_CTRL The fixup_args function has been called
121 * POST_PARAMS_TO_CTRL from EVP_PKEY_CTX_get_params() or
122 * EVP_PKEY_CTX_set_params(), to help with
123 * translating the OSSL_PARAM data to the
124 * corresponding EVP_PKEY_CTX_ctrl() arguments
125 * or the other way around. The calling
126 * sequence is as follows:
127 *
128 * 1. fixup_args(PRE_PARAMS_TO_CTRL, ...)
129 * 2. EVP_PKEY_CTX_ctrl()
130 * 3. fixup_args(POST_PARAMS_TO_CTRL, ...)
131 *
132 * With the PRE_PARAMS_TO_CTRL state, the
133 * fixup_args function is expected to modify
134 * the passed |p1| and |p2| in whatever way
135 * necessary, when |action_type == SET|.
136 * With the POST_PARAMS_TO_CTRL state, the
137 * fixup_args function is expected to
138 * modify the passed |*params| in whatever
139 * way necessary, when |action_type == GET|.
140 *
141 * CLEANUP_PARAMS_TO_CTRL The cleanup_args functions has been called
142 * from EVP_PKEY_CTX_get_params() or
143 * EVP_PKEY_CTX_set_params(), to clean up what
144 * the fixup_args function has done, if needed.
145 */
146enum state {
147 PKEY,
148 PRE_CTRL_TO_PARAMS, POST_CTRL_TO_PARAMS, CLEANUP_CTRL_TO_PARAMS,
149 PRE_CTRL_STR_TO_PARAMS, POST_CTRL_STR_TO_PARAMS, CLEANUP_CTRL_STR_TO_PARAMS,
150 PRE_PARAMS_TO_CTRL, POST_PARAMS_TO_CTRL, CLEANUP_PARAMS_TO_CTRL
151};
152enum action {
153 NONE = 0, GET = 1, SET = 2
154};
155typedef int fixup_args_fn(enum state state,
156 const struct translation_st *translation,
157 struct translation_ctx_st *ctx);
158typedef int cleanup_args_fn(enum state state,
159 const struct translation_st *translation,
160 struct translation_ctx_st *ctx);
161
162struct translation_ctx_st {
163 /*
164 * The EVP_PKEY_CTX, for calls on that structure, to be pilfered for data
165 * as necessary.
166 */
167 EVP_PKEY_CTX *pctx;
168 /*
169 * The action type (GET or SET). This may be 0 in some cases, and should
170 * be modified by the fixup_args function in the PRE states. It should
171 * otherwise remain untouched once set.
172 */
173 enum action action_type;
174 /*
175 * For ctrl to params translation, the actual ctrl command number used.
176 * For params to ctrl translation, 0.
177 */
178 int ctrl_cmd;
179 /*
180 * For ctrl_str to params translation, the actual ctrl command string
181 * used. In this case, the (string) value is always passed as |p2|.
182 * For params to ctrl translation, this is NULL. Along with it is also
183 * and indicator whether it matched |ctrl_str| or |ctrl_hexstr| in the
184 * translation item.
185 */
186 const char *ctrl_str;
187 int ishex;
188 /* the ctrl-style int argument. */
189 int p1;
190 /* the ctrl-style void* argument. */
191 void *p2;
192 /* a size, for passing back the |p2| size where applicable */
193 size_t sz;
194 /* pointer to the OSSL_PARAM-style params array. */
195 OSSL_PARAM *params;
196
197 /*-
198 * The following are used entirely internally by the fixup_args functions
199 * and should not be touched by the callers, at all.
200 */
201
202 /*
203 * Copy of the ctrl-style void* argument, if the fixup_args function
204 * needs to manipulate |p2| but wants to remember original.
205 */
206 void *orig_p2;
207 /* Diverse types of storage for the needy. */
208 char name_buf[OSSL_MAX_NAME_SIZE50];
209 void *allocated_buf;
210 void *bufp;
211 size_t buflen;
212};
213
214struct translation_st {
215 /*-
216 * What this table item does.
217 *
218 * If the item has this set to 0, it means that both GET and SET are
219 * supported, and |fixup_args| will determine which it is. This is to
220 * support translations of ctrls where the action type depends on the
221 * value of |p1| or |p2| (ctrls are really bi-directional, but are
222 * seldom used that way).
223 *
224 * This can be also used in the lookup template when it looks up by
225 * OSSL_PARAM key, to indicate if a setter or a getter called.
226 */
227 enum action action_type;
228
229 /*-
230 * Conditions, for params->ctrl translations.
231 *
232 * In table item, |keytype1| and |keytype2| can be set to -1 to indicate
233 * that this item supports all key types (or rather, that |fixup_args|
234 * will check and return an error if it's not supported).
235 * Any of these may be set to 0 to indicate that they are unset.
236 */
237 int keytype1; /* The EVP_PKEY_XXX type, i.e. NIDs. #legacy */
238 int keytype2; /* Another EVP_PKEY_XXX type, used for aliases */
239 int optype; /* The operation type */
240
241 /*
242 * Lookup and translation attributes
243 *
244 * |ctrl_num|, |ctrl_str|, |ctrl_hexstr| and |param_key| are lookup
245 * attributes.
246 *
247 * |ctrl_num| may be 0 or that |param_key| may be NULL in the table item,
248 * but not at the same time. If they are, they are simply not used for
249 * lookup.
250 * When |ctrl_num| == 0, no ctrl will be called. Likewise, when
251 * |param_key| == NULL, no OSSL_PARAM setter/getter will be called.
252 * In that case the treatment of the translation item relies entirely on
253 * |fixup_args|, which is then assumed to have side effects.
254 *
255 * As a special case, it's possible to set |ctrl_hexstr| and assign NULL
256 * to |ctrl_str|. That will signal to default_fixup_args() that the
257 * value must always be interpreted as hex.
258 */
259 int ctrl_num; /* EVP_PKEY_CTRL_xxx */
260 const char *ctrl_str; /* The corresponding ctrl string */
261 const char *ctrl_hexstr; /* The alternative "hex{str}" ctrl string */
262 const char *param_key; /* The corresponding OSSL_PARAM key */
263 /*
264 * The appropriate OSSL_PARAM data type. This may be 0 to indicate that
265 * this OSSL_PARAM may have more than one data type, depending on input
266 * material. In this case, |fixup_args| is expected to check and handle
267 * it.
268 */
269 unsigned int param_data_type;
270
271 /*
272 * Fixer functions
273 *
274 * |fixup_args| is always called before (for SET) or after (for GET)
275 * the actual ctrl / OSSL_PARAM function.
276 */
277 fixup_args_fn *fixup_args;
278};
279
280/*-
281 * Fixer function implementations
282 * ==============================
283 */
284
285/*
286 * default_check isn't a fixer per se, but rather a helper function to
287 * perform certain standard checks.
288 */
289static int default_check(enum state state,
290 const struct translation_st *translation,
291 const struct translation_ctx_st *ctx)
292{
293 switch (state) {
294 default:
295 break;
296 case PRE_CTRL_TO_PARAMS:
297 if (!ossl_assert(translation != NULL)((translation != ((void*)0)) != 0)) {
298 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,298,__func__), ERR_set_error)((6),(147),((void*)0));
299 return -2;
300 }
301 if (!ossl_assert(translation->param_key != 0)((translation->param_key != 0) != 0)
302 || !ossl_assert(translation->param_data_type != 0)((translation->param_data_type != 0) != 0)) {
303 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,303,__func__), ERR_set_error)((6),((259|((0x1 << 18L)|
(0x2 << 18L)))),((void*)0));
304 return -1;
305 }
306 break;
307 case PRE_CTRL_STR_TO_PARAMS:
308 /*
309 * For ctrl_str to params translation, we allow direct use of
310 * OSSL_PARAM keys as ctrl_str keys. Therefore, it's possible that
311 * we end up with |translation == NULL|, which is fine. The fixup
312 * function will have to deal with it carefully.
313 */
314 if (translation != NULL((void*)0)) {
315 if (!ossl_assert(translation->action_type != GET)((translation->action_type != GET) != 0)) {
316 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,316,__func__), ERR_set_error)((6),(147),((void*)0));
317 return -2;
318 }
319 if (!ossl_assert(translation->param_key != NULL)((translation->param_key != ((void*)0)) != 0)
320 || !ossl_assert(translation->param_data_type != 0)((translation->param_data_type != 0) != 0)) {
321 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,321,__func__), ERR_set_error)((6),((259|((0x1 << 18L)|
(0x2 << 18L)))),((void*)0));
322 return 0;
323 }
324 }
325 break;
326 case PRE_PARAMS_TO_CTRL:
327 case POST_PARAMS_TO_CTRL:
328 if (!ossl_assert(translation != NULL)((translation != ((void*)0)) != 0)) {
329 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,329,__func__), ERR_set_error)((6),(147),((void*)0));
330 return -2;
331 }
332 if (!ossl_assert(translation->ctrl_num != 0)((translation->ctrl_num != 0) != 0)
333 || !ossl_assert(translation->param_data_type != 0)((translation->param_data_type != 0) != 0)) {
334 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,334,__func__), ERR_set_error)((6),((259|((0x1 << 18L)|
(0x2 << 18L)))),((void*)0));
335 return -1;
336 }
337 }
338
339 /* Nothing else to check */
340 return 1;
341}
342
343/*-
344 * default_fixup_args fixes up all sorts of arguments, governed by the
345 * diverse attributes in the translation item. It covers all "standard"
346 * base ctrl functionality, meaning it can handle basic conversion of
347 * data between p1+p2 (SET) or return value+p2 (GET) as long as the values
348 * don't have extra semantics (such as NIDs, OIDs, that sort of stuff).
349 * Extra semantics must be handled via specific fixup_args functions.
350 *
351 * The following states and action type combinations have standard handling
352 * done in this function:
353 *
354 * PRE_CTRL_TO_PARAMS, 0 - ERROR. action type must be
355 * determined by a fixup function.
356 * PRE_CTRL_TO_PARAMS, SET | GET - |p1| and |p2| are converted to an
357 * OSSL_PARAM according to the data
358 * type given in |translattion|.
359 * For OSSL_PARAM_UNSIGNED_INTEGER,
360 * a BIGNUM passed as |p2| is accepted.
361 * POST_CTRL_TO_PARAMS, GET - If the OSSL_PARAM data type is a
362 * STRING or PTR type, |p1| is set
363 * to the OSSL_PARAM return size, and
364 * |p2| is set to the string.
365 * PRE_CTRL_STR_TO_PARAMS, !SET - ERROR. That combination is not
366 * supported.
367 * PRE_CTRL_STR_TO_PARAMS, SET - |p2| is taken as a string, and is
368 * converted to an OSSL_PARAM in a
369 * standard manner, guided by the
370 * param key and data type from
371 * |translation|.
372 * PRE_PARAMS_TO_CTRL, SET - the OSSL_PARAM is converted to
373 * |p1| and |p2| according to the
374 * data type given in |translation|
375 * For OSSL_PARAM_UNSIGNED_INTEGER,
376 * if |p2| is non-NULL, then |*p2|
377 * is assigned a BIGNUM, otherwise
378 * |p1| is assigned an unsigned int.
379 * POST_PARAMS_TO_CTRL, GET - |p1| and |p2| are converted to
380 * an OSSL_PARAM, in the same manner
381 * as for the combination of
382 * PRE_CTRL_TO_PARAMS, SET.
383 */
384static int default_fixup_args(enum state state,
385 const struct translation_st *translation,
386 struct translation_ctx_st *ctx)
387{
388 int ret;
389
390 if ((ret = default_check(state, translation, ctx)) < 0)
391 return ret;
392
393 switch (state) {
394 default:
395 /* For states this function should never have been called with */
396 ERR_raise_data(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,396,__func__), ERR_set_error)(ERR_LIB_EVP6, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED(257|((0x1 << 18L)|(0x2 << 18L))),
397 "[action:%d, state:%d]", ctx->action_type, state);
398 return 0;
399
400 /*
401 * PRE_CTRL_TO_PARAMS and POST_CTRL_TO_PARAMS handle ctrl to params
402 * translations. PRE_CTRL_TO_PARAMS is responsible for preparing
403 * |*params|, and POST_CTRL_TO_PARAMS is responsible for bringing the
404 * result back to |*p2| and the return value.
405 */
406 case PRE_CTRL_TO_PARAMS:
407 /* This is ctrl to params translation, so we need an OSSL_PARAM key */
408 if (ctx->action_type == NONE) {
409 /*
410 * No action type is an error here. That's a case for a
411 * special fixup function.
412 */
413 ERR_raise_data(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,413,__func__), ERR_set_error)(ERR_LIB_EVP6, ERR_R_UNSUPPORTED(268|(0x2 << 18L)),
414 "[action:%d, state:%d]", ctx->action_type, state);
415 return 0;
416 }
417
418 if (translation->optype != 0) {
419 if ((EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx)((ctx->pctx)->operation == (1<<4) || (ctx->pctx
)->operation == (1<<7) || (ctx->pctx)->operation
== (1<<5) || (ctx->pctx)->operation == (1<<
8) || (ctx->pctx)->operation == (1<<6))
420 && ctx->pctx->op.sig.algctx == NULL((void*)0))
421 || (EVP_PKEY_CTX_IS_DERIVE_OP(ctx->pctx)((ctx->pctx)->operation == (1<<11))
422 && ctx->pctx->op.kex.algctx == NULL((void*)0))
423 || (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx->pctx)((ctx->pctx)->operation == (1<<9) || (ctx->pctx
)->operation == (1<<10))
424 && ctx->pctx->op.ciph.algctx == NULL((void*)0))
425 || (EVP_PKEY_CTX_IS_KEM_OP(ctx->pctx)((ctx->pctx)->operation == (1<<12) || (ctx->pctx
)->operation == (1<<13))
426 && ctx->pctx->op.encap.algctx == NULL((void*)0))
427 /*
428 * The following may be unnecessary, but we have them
429 * for good measure...
430 */
431 || (EVP_PKEY_CTX_IS_GEN_OP(ctx->pctx)((ctx->pctx)->operation == (1<<1) || (ctx->pctx
)->operation == (1<<2))
432 && ctx->pctx->op.keymgmt.genctx == NULL((void*)0))
433 || (EVP_PKEY_CTX_IS_FROMDATA_OP(ctx->pctx)((ctx->pctx)->operation == (1<<3))
434 && ctx->pctx->op.keymgmt.genctx == NULL((void*)0))) {
435 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,435,__func__), ERR_set_error)((6),(147),((void*)0));
436 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
437 return -2;
438 }
439 }
440
441 /*
442 * OSSL_PARAM_construct_TYPE() works equally well for both SET and GET.
443 */
444 switch (translation->param_data_type) {
445 case OSSL_PARAM_INTEGER1:
446 *ctx->params = OSSL_PARAM_construct_int(translation->param_key,
447 &ctx->p1);
448 break;
449 case OSSL_PARAM_UNSIGNED_INTEGER2:
450 /*
451 * BIGNUMs are passed via |p2|. For all ctrl's that just want
452 * to pass a simple integer via |p1|, |p2| is expected to be
453 * NULL.
454 *
455 * Note that this allocates a buffer, which the cleanup function
456 * must deallocate.
457 */
458 if (ctx->p2 != NULL((void*)0)) {
459 if (ctx->action_type == SET) {
460 ctx->buflen = BN_num_bytes(ctx->p2)((BN_num_bits(ctx->p2)+7)/8);
461 if ((ctx->allocated_buf =
462 OPENSSL_malloc(ctx->buflen)CRYPTO_malloc(ctx->buflen, "../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
, 462)) == NULL((void*)0)) {
463 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,463,__func__), ERR_set_error)((6),((256|((0x1 << 18L)|
(0x2 << 18L)))),((void*)0));
464 return 0;
465 }
466 if (BN_bn2nativepad(ctx->p2,
467 ctx->allocated_buf, ctx->buflen) < 0) {
468 OPENSSL_free(ctx->allocated_buf)CRYPTO_free(ctx->allocated_buf, "../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
, 468);
469 ctx->allocated_buf = NULL((void*)0);
470 return 0;
471 }
472 *ctx->params =
473 OSSL_PARAM_construct_BN(translation->param_key,
474 ctx->allocated_buf,
475 ctx->buflen);
476 } else {
477 /*
478 * No support for getting a BIGNUM by ctrl, this needs
479 * fixup_args function support.
480 */
481 ERR_raise_data(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,481,__func__), ERR_set_error)(ERR_LIB_EVP6, ERR_R_UNSUPPORTED(268|(0x2 << 18L)),
482 "[action:%d, state:%d] trying to get a "
483 "BIGNUM via ctrl call",
484 ctx->action_type, state);
485 return 0;
486 }
487 } else {
488 *ctx->params =
489 OSSL_PARAM_construct_uint(translation->param_key,
490 (unsigned int *)&ctx->p1);
491 }
492 break;
493 case OSSL_PARAM_UTF8_STRING4:
494 *ctx->params =
495 OSSL_PARAM_construct_utf8_string(translation->param_key,
496 ctx->p2, (size_t)ctx->p1);
497 break;
498 case OSSL_PARAM_UTF8_PTR6:
499 *ctx->params =
500 OSSL_PARAM_construct_utf8_ptr(translation->param_key,
501 ctx->p2, (size_t)ctx->p1);
502 break;
503 case OSSL_PARAM_OCTET_STRING5:
504 *ctx->params =
505 OSSL_PARAM_construct_octet_string(translation->param_key,
506 ctx->p2, (size_t)ctx->p1);
507 break;
508 case OSSL_PARAM_OCTET_PTR7:
509 *ctx->params =
510 OSSL_PARAM_construct_octet_ptr(translation->param_key,
511 ctx->p2, (size_t)ctx->p1);
512 break;
513 }
514 break;
515 case POST_CTRL_TO_PARAMS:
516 /*
517 * Because EVP_PKEY_CTX_ctrl() returns the length of certain objects
518 * as its return value, we need to ensure that we do it here as well,
519 * for the OSSL_PARAM data types where this makes sense.
520 */
521 if (ctx->action_type == GET) {
522 switch (translation->param_data_type) {
523 case OSSL_PARAM_UTF8_STRING4:
524 case OSSL_PARAM_UTF8_PTR6:
525 case OSSL_PARAM_OCTET_STRING5:
526 case OSSL_PARAM_OCTET_PTR7:
527 ctx->p1 = (int)ctx->params[0].return_size;
528 break;
529 }
530 }
531 break;
532
533 /*
534 * PRE_CTRL_STR_TO_PARAMS and POST_CTRL_STR_TO_PARAMS handle ctrl_str to
535 * params translations. PRE_CTRL_TO_PARAMS is responsible for preparing
536 * |*params|, and POST_CTRL_TO_PARAMS currently has nothing to do, since
537 * there's no support for getting data via ctrl_str calls.
538 */
539 case PRE_CTRL_STR_TO_PARAMS:
540 {
541 /* This is ctrl_str to params translation */
542 const char *tmp_ctrl_str = ctx->ctrl_str;
543 const char *orig_ctrl_str = ctx->ctrl_str;
544 const char *orig_value = ctx->p2;
545 const OSSL_PARAM *settable = NULL((void*)0);
546 int exists = 0;
547
548 /* Only setting is supported here */
549 if (ctx->action_type != SET) {
550 ERR_raise_data(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,550,__func__), ERR_set_error)(ERR_LIB_EVP6, EVP_R_COMMAND_NOT_SUPPORTED147,
551 "[action:%d, state:%d] only setting allowed",
552 ctx->action_type, state);
553 return 0;
554 }
555
556 /*
557 * If no translation exists, we simply pass the control string
558 * unmodified.
559 */
560 if (translation != NULL((void*)0)) {
561 tmp_ctrl_str = ctx->ctrl_str = translation->param_key;
562
563 if (ctx->ishex) {
564 strcpy(ctx->name_buf, "hex");
565 if (OPENSSL_strlcat(ctx->name_buf, tmp_ctrl_str,
566 sizeof(ctx->name_buf)) <= 3) {
567 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,567,__func__), ERR_set_error)((6),((259|((0x1 << 18L)|
(0x2 << 18L)))),((void*)0));
568 return -1;
569 }
570 tmp_ctrl_str = ctx->name_buf;
571 }
572 }
573
574 settable = EVP_PKEY_CTX_settable_params(ctx->pctx);
575 if (!OSSL_PARAM_allocate_from_text(ctx->params, settable,
576 tmp_ctrl_str,
577 ctx->p2, strlen(ctx->p2),
578 &exists)) {
579 if (!exists) {
580 ERR_raise_data(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,580,__func__), ERR_set_error)(ERR_LIB_EVP6, EVP_R_COMMAND_NOT_SUPPORTED147,
581 "[action:%d, state:%d] name=%s, value=%s",
582 ctx->action_type, state,
583 orig_ctrl_str, orig_value);
584 return -2;
585 }
586 return 0;
587 }
588 ctx->allocated_buf = ctx->params->data;
589 ctx->buflen = ctx->params->data_size;
590 }
591 break;
592 case POST_CTRL_STR_TO_PARAMS:
593 /* Nothing to be done */
594 break;
595
596 /*
597 * PRE_PARAMS_TO_CTRL and POST_PARAMS_TO_CTRL handle params to ctrl
598 * translations. PRE_PARAMS_TO_CTRL is responsible for preparing
599 * |p1| and |p2|, and POST_PARAMS_TO_CTRL is responsible for bringing
600 * the EVP_PKEY_CTX_ctrl() return value (passed as |p1|) and |p2| back
601 * to |*params|.
602 *
603 * PKEY is treated just like POST_PARAMS_TO_CTRL, making it easy
604 * for the related fixup_args functions to just set |p1| and |p2|
605 * appropriately and leave it to this section of code to fix up
606 * |ctx->params| accordingly.
607 */
608 case PKEY:
609 case POST_PARAMS_TO_CTRL:
610 ret = ctx->p1;
611 /* FALLTHRU */
612 case PRE_PARAMS_TO_CTRL:
613 {
614 /* This is params to ctrl translation */
615 if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == SET) {
616 /* For the PRE state, only setting needs some work to be done */
617
618 /* When setting, we populate |p1| and |p2| from |*params| */
619 switch (translation->param_data_type) {
620 case OSSL_PARAM_INTEGER1:
621 return OSSL_PARAM_get_int(ctx->params, &ctx->p1);
622 case OSSL_PARAM_UNSIGNED_INTEGER2:
623 if (ctx->p2 != NULL((void*)0)) {
624 /* BIGNUM passed down with p2 */
625 if (!OSSL_PARAM_get_BN(ctx->params, ctx->p2))
626 return 0;
627 } else {
628 /* Normal C unsigned int passed down */
629 if (!OSSL_PARAM_get_uint(ctx->params,
630 (unsigned int *)&ctx->p1))
631 return 0;
632 }
633 return 1;
634 case OSSL_PARAM_UTF8_STRING4:
635 return OSSL_PARAM_get_utf8_string(ctx->params,
636 ctx->p2, ctx->sz);
637 case OSSL_PARAM_OCTET_STRING5:
638 return OSSL_PARAM_get_octet_string(ctx->params,
639 ctx->p2, ctx->sz,
640 &ctx->sz);
641 case OSSL_PARAM_OCTET_PTR7:
642 return OSSL_PARAM_get_octet_ptr(ctx->params,
643 ctx->p2, &ctx->sz);
644 default:
645 ERR_raise_data(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,645,__func__), ERR_set_error)(ERR_LIB_EVP6, ERR_R_UNSUPPORTED(268|(0x2 << 18L)),
646 "[action:%d, state:%d] "
647 "unknown OSSL_PARAM data type %d",
648 ctx->action_type, state,
649 translation->param_data_type);
650 return 0;
651 }
652 } else if ((state == POST_PARAMS_TO_CTRL || state == PKEY)
653 && ctx->action_type == GET) {
654 /* For the POST state, only getting needs some work to be done */
655 unsigned int param_data_type = translation->param_data_type;
656 size_t size = (size_t)ctx->p1;
657
658 if (state == PKEY)
659 size = ctx->sz;
660 if (param_data_type == 0) {
661 /* we must have a fixup_args function to work */
662 if (!ossl_assert(translation->fixup_args != NULL)((translation->fixup_args != ((void*)0)) != 0)) {
663 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,663,__func__), ERR_set_error)((6),((259|((0x1 << 18L)|
(0x2 << 18L)))),((void*)0));
664 return 0;
665 }
666 param_data_type = ctx->params->data_type;
667 }
668 /* When getting, we populate |*params| from |p1| and |p2| */
669 switch (param_data_type) {
670 case OSSL_PARAM_INTEGER1:
671 return OSSL_PARAM_set_int(ctx->params, ctx->p1);
672 case OSSL_PARAM_UNSIGNED_INTEGER2:
673 if (ctx->p2 != NULL((void*)0)) {
674 /* BIGNUM passed back */
675 return OSSL_PARAM_set_BN(ctx->params, ctx->p2);
676 } else {
677 /* Normal C unsigned int passed back */
678 return OSSL_PARAM_set_uint(ctx->params,
679 (unsigned int)ctx->p1);
680 }
681 return 0;
682 case OSSL_PARAM_UTF8_STRING4:
683 return OSSL_PARAM_set_utf8_string(ctx->params, ctx->p2);
684 case OSSL_PARAM_OCTET_STRING5:
685 return OSSL_PARAM_set_octet_string(ctx->params, ctx->p2,
686 size);
687 case OSSL_PARAM_OCTET_PTR7:
688 return OSSL_PARAM_set_octet_ptr(ctx->params, ctx->p2,
689 size);
690 default:
691 ERR_raise_data(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,691,__func__), ERR_set_error)(ERR_LIB_EVP6, ERR_R_UNSUPPORTED(268|(0x2 << 18L)),
692 "[action:%d, state:%d] "
693 "unsupported OSSL_PARAM data type %d",
694 ctx->action_type, state,
695 translation->param_data_type);
696 return 0;
697 }
698 }
699 }
700 /* Any other combination is simply pass-through */
701 break;
702 }
703 return ret;
704}
705
706static int
707cleanup_translation_ctx(enum state state,
708 const struct translation_st *translation,
709 struct translation_ctx_st *ctx)
710{
711 if (ctx->allocated_buf != NULL((void*)0))
712 OPENSSL_free(ctx->allocated_buf)CRYPTO_free(ctx->allocated_buf, "../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
, 712);
713 ctx->allocated_buf = NULL((void*)0);
714 return 1;
715}
716
717/*
718 * fix_cipher_md fixes up an EVP_CIPHER / EVP_MD to its name on SET,
719 * and cipher / md name to EVP_MD on GET.
720 */
721static const char *get_cipher_name(void *cipher)
722{
723 return EVP_CIPHER_get0_name(cipher);
724}
725
726static const char *get_md_name(void *md)
727{
728 return EVP_MD_get0_name(md);
729}
730
731static const void *get_cipher_by_name(OSSL_LIB_CTX *libctx, const char *name)
732{
733 return evp_get_cipherbyname_ex(libctx, name);
734}
735
736static const void *get_md_by_name(OSSL_LIB_CTX *libctx, const char *name)
737{
738 return evp_get_digestbyname_ex(libctx, name);
739}
740
741static int fix_cipher_md(enum state state,
742 const struct translation_st *translation,
743 struct translation_ctx_st *ctx,
744 const char *(*get_name)(void *algo),
745 const void *(*get_algo_by_name)(OSSL_LIB_CTX *libctx,
746 const char *name))
747{
748 int ret = 1;
749
750 if ((ret = default_check(state, translation, ctx)) <= 0)
751 return ret;
752
753 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == GET) {
754 /*
755 * |ctx->p2| contains the address to an EVP_CIPHER or EVP_MD pointer
756 * to be filled in. We need to remember it, then make |ctx->p2|
757 * point at a buffer to be filled in with the name, and |ctx->p1|
758 * with its size. default_fixup_args() will take care of the rest
759 * for us.
760 */
761 ctx->orig_p2 = ctx->p2;
762 ctx->p2 = ctx->name_buf;
763 ctx->p1 = sizeof(ctx->name_buf);
764 } else if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == SET) {
765 /*
766 * In different parts of OpenSSL, this ctrl command is used
767 * differently. Some calls pass a NID as p1, others pass an
768 * EVP_CIPHER pointer as p2...
769 */
770 ctx->p2 = (char *)(ctx->p2 == NULL((void*)0)
771 ? OBJ_nid2sn(ctx->p1)
772 : get_name(ctx->p2));
773 ctx->p1 = strlen(ctx->p2);
774 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == GET) {
775 ctx->p2 = (ctx->p2 == NULL((void*)0) ? "" : (char *)get_name(ctx->p2));
776 ctx->p1 = strlen(ctx->p2);
777 }
778
779 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
780 return ret;
781
782 if (state == POST_CTRL_TO_PARAMS && ctx->action_type == GET) {
783 /*
784 * Here's how we re-use |ctx->orig_p2| that was set in the
785 * PRE_CTRL_TO_PARAMS state above.
786 */
787 *(void **)ctx->orig_p2 =
788 (void *)get_algo_by_name(ctx->pctx->libctx, ctx->p2);
789 ctx->p1 = 1;
790 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == SET) {
791 ctx->p2 = (void *)get_algo_by_name(ctx->pctx->libctx, ctx->p2);
792 ctx->p1 = 0;
793 }
794
795 return ret;
796}
797
798static int fix_cipher(enum state state,
799 const struct translation_st *translation,
800 struct translation_ctx_st *ctx)
801{
802 return fix_cipher_md(state, translation, ctx,
803 get_cipher_name, get_cipher_by_name);
804}
805
806static int fix_md(enum state state,
807 const struct translation_st *translation,
808 struct translation_ctx_st *ctx)
809{
810 return fix_cipher_md(state, translation, ctx,
811 get_md_name, get_md_by_name);
812}
813
814static int fix_distid_len(enum state state,
815 const struct translation_st *translation,
816 struct translation_ctx_st *ctx)
817{
818 int ret = default_fixup_args(state, translation, ctx);
819
820 if (ret > 0) {
821 ret = 0;
822 if ((state == POST_CTRL_TO_PARAMS
823 || state == POST_CTRL_STR_TO_PARAMS) && ctx->action_type == GET) {
824 *(size_t *)ctx->p2 = ctx->sz;
825 ret = 1;
826 }
827 }
828 return ret;
829}
830
831struct kdf_type_map_st {
832 int kdf_type_num;
833 const char *kdf_type_str;
834};
835
836static int fix_kdf_type(enum state state,
837 const struct translation_st *translation,
838 struct translation_ctx_st *ctx,
839 const struct kdf_type_map_st *kdf_type_map)
840{
841 /*
842 * The EVP_PKEY_CTRL_DH_KDF_TYPE ctrl command is a bit special, in
843 * that it's used both for setting a value, and for getting it, all
844 * depending on the value if |p1|; if |p1| is -2, the backend is
845 * supposed to place the current kdf type in |p2|, and if not, |p1|
846 * is interpreted as the new kdf type.
847 */
848 int ret = 0;
849
850 if ((ret = default_check(state, translation, ctx)) <= 0)
851 return ret;
852
853 if (state == PRE_CTRL_TO_PARAMS) {
854 /*
855 * In |translations|, the initial value for |ctx->action_type| must
856 * be NONE.
857 */
858 if (!ossl_assert(ctx->action_type == NONE)((ctx->action_type == NONE) != 0))
859 return 0;
860
861 /* The action type depends on the value of *p1 */
862 if (ctx->p1 == -2) {
863 /*
864 * The OSSL_PARAMS getter needs space to store a copy of the kdf
865 * type string. We use |ctx->name_buf|, which has enough space
866 * allocated.
867 *
868 * (this wouldn't be needed if the OSSL_xxx_PARAM_KDF_TYPE
869 * had the data type OSSL_PARAM_UTF8_PTR)
870 */
871 ctx->p2 = ctx->name_buf;
872 ctx->p1 = sizeof(ctx->name_buf);
873 ctx->action_type = GET;
874 } else {
875 ctx->action_type = SET;
876 }
877 }
878
879 if ((ret = default_check(state, translation, ctx)) <= 0)
880 return ret;
881
882 if ((state == PRE_CTRL_TO_PARAMS && ctx->action_type == SET)
883 || (state == POST_PARAMS_TO_CTRL && ctx->action_type == GET)) {
884 ret = -2;
885 /* Convert KDF type numbers to strings */
886 for (; kdf_type_map->kdf_type_str != NULL((void*)0); kdf_type_map++)
887 if (ctx->p1 == kdf_type_map->kdf_type_num) {
888 ctx->p2 = (char *)kdf_type_map->kdf_type_str;
889 ret = 1;
890 break;
891 }
892 if (ret <= 0)
893 goto end;
894 ctx->p1 = strlen(ctx->p2);
895 }
896
897 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
898 return ret;
899
900 if ((state == POST_CTRL_TO_PARAMS && ctx->action_type == GET)
901 || (state == PRE_PARAMS_TO_CTRL && ctx->action_type == SET)) {
902 ctx->p1 = ret = -1;
903
904 /* Convert KDF type strings to numbers */
905 for (; kdf_type_map->kdf_type_str != NULL((void*)0); kdf_type_map++)
906 if (OPENSSL_strcasecmp(ctx->p2, kdf_type_map->kdf_type_str) == 0) {
907 ctx->p1 = kdf_type_map->kdf_type_num;
908 ret = 1;
909 break;
910 }
911 ctx->p2 = NULL((void*)0);
912 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == GET) {
913 ctx->p1 = -2;
914 }
915 end:
916 return ret;
917}
918
919/* EVP_PKEY_CTRL_DH_KDF_TYPE */
920static int fix_dh_kdf_type(enum state state,
921 const struct translation_st *translation,
922 struct translation_ctx_st *ctx)
923{
924 static const struct kdf_type_map_st kdf_type_map[] = {
925 { EVP_PKEY_DH_KDF_NONE1, "" },
926 { EVP_PKEY_DH_KDF_X9_422, OSSL_KDF_NAME_X942KDF_ASN1"X942KDF-ASN1" },
927 { 0, NULL((void*)0) }
928 };
929
930 return fix_kdf_type(state, translation, ctx, kdf_type_map);
931}
932
933/* EVP_PKEY_CTRL_EC_KDF_TYPE */
934static int fix_ec_kdf_type(enum state state,
935 const struct translation_st *translation,
936 struct translation_ctx_st *ctx)
937{
938 static const struct kdf_type_map_st kdf_type_map[] = {
939 { EVP_PKEY_ECDH_KDF_NONE1, "" },
940 { EVP_PKEY_ECDH_KDF_X9_632, OSSL_KDF_NAME_X963KDF"X963KDF" },
941 { 0, NULL((void*)0) }
942 };
943
944 return fix_kdf_type(state, translation, ctx, kdf_type_map);
945}
946
947/* EVP_PKEY_CTRL_DH_KDF_OID, EVP_PKEY_CTRL_GET_DH_KDF_OID, ...??? */
948static int fix_oid(enum state state,
949 const struct translation_st *translation,
950 struct translation_ctx_st *ctx)
951{
952 int ret;
953
954 if ((ret = default_check(state, translation, ctx)) <= 0)
955 return ret;
956
957 if ((state == PRE_CTRL_TO_PARAMS && ctx->action_type == SET)
958 || (state == POST_PARAMS_TO_CTRL && ctx->action_type == GET)) {
959 /*
960 * We're translating from ctrl to params and setting the OID, or
961 * we're translating from params to ctrl and getting the OID.
962 * Either way, |ctx->p2| points at an ASN1_OBJECT, and needs to have
963 * that replaced with the corresponding name.
964 * default_fixup_args() will then be able to convert that to the
965 * corresponding OSSL_PARAM.
966 */
967 OBJ_obj2txt(ctx->name_buf, sizeof(ctx->name_buf), ctx->p2, 0);
968 ctx->p2 = (char *)ctx->name_buf;
969 ctx->p1 = 0; /* let default_fixup_args() figure out the length */
970 }
971
972 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
973 return ret;
974
975 if ((state == PRE_PARAMS_TO_CTRL && ctx->action_type == SET)
976 || (state == POST_CTRL_TO_PARAMS && ctx->action_type == GET)) {
977 /*
978 * We're translating from ctrl to params and setting the OID name,
979 * or we're translating from params to ctrl and getting the OID
980 * name. Either way, default_fixup_args() has placed the OID name
981 * in |ctx->p2|, all we need to do now is to replace that with the
982 * corresponding ASN1_OBJECT.
983 */
984 ctx->p2 = (ASN1_OBJECT *)OBJ_txt2obj(ctx->p2, 0);
985 }
986
987 return ret;
988}
989
990/* EVP_PKEY_CTRL_DH_NID */
991static int fix_dh_nid(enum state state,
992 const struct translation_st *translation,
993 struct translation_ctx_st *ctx)
994{
995 int ret;
996
997 if ((ret = default_check(state, translation, ctx)) <= 0)
998 return ret;
999
1000 /* This is only settable */
1001 if (ctx->action_type != SET)
1002 return 0;
1003
1004 if (state == PRE_CTRL_TO_PARAMS) {
1005 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
1006 (ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL((void*)0)) {
1007 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1007,__func__), ERR_set_error)((6),(222),((void*)0));
1008 return 0;
1009 }
1010 ctx->p1 = 0;
1011 }
1012
1013 return default_fixup_args(state, translation, ctx);
1014}
1015
1016/* EVP_PKEY_CTRL_DH_RFC5114 */
1017static int fix_dh_nid5114(enum state state,
1018 const struct translation_st *translation,
1019 struct translation_ctx_st *ctx)
1020{
1021 int ret;
1022
1023 if ((ret = default_check(state, translation, ctx)) <= 0)
1024 return ret;
1025
1026 /* This is only settable */
1027 if (ctx->action_type != SET)
1028 return 0;
1029
1030 switch (state) {
1031 case PRE_CTRL_TO_PARAMS:
1032 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
1033 (ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL((void*)0)) {
1034 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1034,__func__), ERR_set_error)((6),(222),((void*)0));
1035 return 0;
1036 }
1037
1038 ctx->p1 = 0;
1039 break;
1040
1041 case PRE_CTRL_STR_TO_PARAMS:
1042 if (ctx->p2 == NULL((void*)0))
1043 return 0;
1044 if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
1045 (ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2)))) == NULL((void*)0)) {
1046 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1046,__func__), ERR_set_error)((6),(222),((void*)0));
1047 return 0;
1048 }
1049
1050 ctx->p1 = 0;
1051 break;
1052
1053 default:
1054 break;
1055 }
1056
1057 return default_fixup_args(state, translation, ctx);
1058}
1059
1060/* EVP_PKEY_CTRL_DH_PARAMGEN_TYPE */
1061static int fix_dh_paramgen_type(enum state state,
1062 const struct translation_st *translation,
1063 struct translation_ctx_st *ctx)
1064{
1065 int ret;
1066
1067 if ((ret = default_check(state, translation, ctx)) <= 0)
1068 return ret;
1069
1070 /* This is only settable */
1071 if (ctx->action_type != SET)
1072 return 0;
1073
1074 if (state == PRE_CTRL_STR_TO_PARAMS) {
1075 if ((ctx->p2 = (char *)ossl_dh_gen_type_id2name(atoi(ctx->p2)))
1076 == NULL((void*)0)) {
1077 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1077,__func__), ERR_set_error)((6),(222),((void*)0));
1078 return 0;
1079 }
1080 ctx->p1 = strlen(ctx->p2);
1081 }
1082
1083 return default_fixup_args(state, translation, ctx);
1084}
1085
1086/* EVP_PKEY_CTRL_EC_PARAM_ENC */
1087static int fix_ec_param_enc(enum state state,
1088 const struct translation_st *translation,
1089 struct translation_ctx_st *ctx)
1090{
1091 int ret;
1092
1093 if ((ret = default_check(state, translation, ctx)) <= 0)
1094 return ret;
1095
1096 /* This is currently only settable */
1097 if (ctx->action_type != SET)
1098 return 0;
1099
1100 if (state == PRE_CTRL_TO_PARAMS) {
1101 switch (ctx->p1) {
1102 case OPENSSL_EC_EXPLICIT_CURVE0x000:
1103 ctx->p2 = OSSL_PKEY_EC_ENCODING_EXPLICIT"explicit";
1104 break;
1105 case OPENSSL_EC_NAMED_CURVE0x001:
1106 ctx->p2 = OSSL_PKEY_EC_ENCODING_GROUP"named_curve";
1107 break;
1108 default:
1109 ret = -2;
1110 goto end;
1111 }
1112 ctx->p1 = 0;
1113 }
1114
1115 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1116 return ret;
1117
1118 if (state == PRE_PARAMS_TO_CTRL) {
1119 if (strcmp(ctx->p2, OSSL_PKEY_EC_ENCODING_EXPLICIT"explicit") == 0)
1120 ctx->p1 = OPENSSL_EC_EXPLICIT_CURVE0x000;
1121 else if (strcmp(ctx->p2, OSSL_PKEY_EC_ENCODING_GROUP"named_curve") == 0)
1122 ctx->p1 = OPENSSL_EC_NAMED_CURVE0x001;
1123 else
1124 ctx->p1 = ret = -2;
1125 ctx->p2 = NULL((void*)0);
1126 }
1127
1128 end:
1129 if (ret == -2)
1130 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1130,__func__), ERR_set_error)((6),(147),((void*)0));
1131 return ret;
1132}
1133
1134/* EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID */
1135static int fix_ec_paramgen_curve_nid(enum state state,
1136 const struct translation_st *translation,
1137 struct translation_ctx_st *ctx)
1138{
1139 int ret;
1140
1141 if ((ret = default_check(state, translation, ctx)) <= 0)
1142 return ret;
1143
1144 /* This is currently only settable */
1145 if (ctx->action_type != SET)
1146 return 0;
1147
1148 if (state == PRE_CTRL_TO_PARAMS) {
1149 ctx->p2 = (char *)OBJ_nid2sn(ctx->p1);
1150 ctx->p1 = 0;
1151 }
1152
1153 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1154 return ret;
1155
1156 if (state == PRE_PARAMS_TO_CTRL) {
1157 ctx->p1 = OBJ_sn2nid(ctx->p2);
1158 ctx->p2 = NULL((void*)0);
1159 }
1160
1161 return ret;
1162}
1163
1164/* EVP_PKEY_CTRL_EC_ECDH_COFACTOR */
1165static int fix_ecdh_cofactor(enum state state,
1166 const struct translation_st *translation,
1167 struct translation_ctx_st *ctx)
1168{
1169 /*
1170 * The EVP_PKEY_CTRL_EC_ECDH_COFACTOR ctrl command is a bit special, in
1171 * that it's used both for setting a value, and for getting it, all
1172 * depending on the value if |ctx->p1|; if |ctx->p1| is -2, the backend is
1173 * supposed to place the current cofactor mode in |ctx->p2|, and if not,
1174 * |ctx->p1| is interpreted as the new cofactor mode.
1175 */
1176 int ret = 0;
1177
1178 if (state == PRE_CTRL_TO_PARAMS) {
1179 /*
1180 * The initial value for |ctx->action_type| must be zero.
1181 * evp_pkey_ctrl_to_params() takes it from the translation item.
1182 */
1183 if (!ossl_assert(ctx->action_type == NONE)((ctx->action_type == NONE) != 0))
1184 return 0;
1185
1186 /* The action type depends on the value of ctx->p1 */
1187 if (ctx->p1 == -2)
1188 ctx->action_type = GET;
1189 else
1190 ctx->action_type = SET;
1191 } else if (state == PRE_CTRL_STR_TO_PARAMS) {
1192 ctx->action_type = SET;
1193 } else if (state == PRE_PARAMS_TO_CTRL) {
1194 /* The initial value for |ctx->action_type| must not be zero. */
1195 if (!ossl_assert(ctx->action_type != NONE)((ctx->action_type != NONE) != 0))
1196 return 0;
1197 }
1198
1199 if ((ret = default_check(state, translation, ctx)) <= 0)
1200 return ret;
1201
1202 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == SET) {
1203 if (ctx->p1 < -1 || ctx->p1 > 1) {
1204 /* Uses the same return value of pkey_ec_ctrl() */
1205 return -2;
1206 }
1207 }
1208
1209 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1210 return ret;
1211
1212 if (state == POST_CTRL_TO_PARAMS && ctx->action_type == GET) {
1213 if (ctx->p1 < 0 || ctx->p1 > 1) {
1214 /*
1215 * The provider should return either 0 or 1, any other value is a
1216 * provider error.
1217 */
1218 ctx->p1 = ret = -1;
1219 }
1220 } else if (state == PRE_PARAMS_TO_CTRL && ctx->action_type == GET) {
1221 ctx->p1 = -2;
1222 }
1223
1224 return ret;
1225}
1226
1227/* EVP_PKEY_CTRL_RSA_PADDING, EVP_PKEY_CTRL_GET_RSA_PADDING */
1228static int fix_rsa_padding_mode(enum state state,
1229 const struct translation_st *translation,
1230 struct translation_ctx_st *ctx)
1231{
1232 static const OSSL_ITEM str_value_map[] = {
1233 { RSA_PKCS1_PADDING1, "pkcs1" },
1234 { RSA_NO_PADDING3, "none" },
1235 { RSA_PKCS1_OAEP_PADDING4, "oaep" },
1236 { RSA_PKCS1_OAEP_PADDING4, "oeap" },
1237 { RSA_X931_PADDING5, "x931" },
1238 { RSA_PKCS1_PSS_PADDING6, "pss" },
1239 /* Special case, will pass directly as an integer */
1240 { RSA_PKCS1_WITH_TLS_PADDING7, NULL((void*)0) }
1241 };
1242 int ret;
1243
1244 if ((ret = default_check(state, translation, ctx)) <= 0)
1245 return ret;
1246
1247 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == GET) {
1248 /*
1249 * EVP_PKEY_CTRL_GET_RSA_PADDING returns the padding mode in the
1250 * weirdest way for a ctrl. Instead of doing like all other ctrls
1251 * that return a simple, i.e. just have that as a return value,
1252 * this particular ctrl treats p2 as the address for the int to be
1253 * returned. We must therefore remember |ctx->p2|, then make
1254 * |ctx->p2| point at a buffer to be filled in with the name, and
1255 * |ctx->p1| with its size. default_fixup_args() will take care
1256 * of the rest for us, along with the POST_CTRL_TO_PARAMS && GET
1257 * code section further down.
1258 */
1259 ctx->orig_p2 = ctx->p2;
1260 ctx->p2 = ctx->name_buf;
1261 ctx->p1 = sizeof(ctx->name_buf);
1262 } else if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == SET) {
1263 /*
1264 * Ideally, we should use utf8 strings for the diverse padding modes.
1265 * We only came here because someone called EVP_PKEY_CTX_ctrl(),
1266 * though, and since that can reasonably be seen as legacy code
1267 * that uses the diverse RSA macros for the padding mode, and we
1268 * know that at least our providers can handle the numeric modes,
1269 * we take the cheap route for now.
1270 *
1271 * The other solution would be to match |ctx->p1| against entries
1272 * in str_value_map and pass the corresponding string. However,
1273 * since we don't have a string for RSA_PKCS1_WITH_TLS_PADDING,
1274 * we have to do this same hack at least for that one.
1275 *
1276 * Since the "official" data type for the RSA padding mode is utf8
1277 * string, we cannot count on default_fixup_args(). Instead, we
1278 * build the OSSL_PARAM item ourselves and return immediately.
1279 */
1280 ctx->params[0] = OSSL_PARAM_construct_int(translation->param_key,
1281 &ctx->p1);
1282 return 1;
1283 } else if (state == POST_PARAMS_TO_CTRL && ctx->action_type == GET) {
1284 size_t i;
1285
1286 /*
1287 * The EVP_PKEY_CTX_get_params() caller may have asked for a utf8
1288 * string, or may have asked for an integer of some sort. If they
1289 * ask for an integer, we respond directly. If not, we translate
1290 * the response from the ctrl function into a string.
1291 */
1292 switch (ctx->params->data_type) {
1293 case OSSL_PARAM_INTEGER1:
1294 return OSSL_PARAM_get_int(ctx->params, &ctx->p1);
1295 case OSSL_PARAM_UNSIGNED_INTEGER2:
1296 return OSSL_PARAM_get_uint(ctx->params, (unsigned int *)&ctx->p1);
1297 default:
1298 break;
1299 }
1300
1301 for (i = 0; i < OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0])); i++) {
1302 if (ctx->p1 == (int)str_value_map[i].id)
1303 break;
1304 }
1305 if (i == OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0]))) {
1306 ERR_raise_data(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1306,__func__), ERR_set_error)(ERR_LIB_RSA4, RSA_R_UNKNOWN_PADDING_TYPE118,
1307 "[action:%d, state:%d] padding number %d",
1308 ctx->action_type, state, ctx->p1);
1309 return -2;
1310 }
1311 /*
1312 * If we don't have a string, we can't do anything. The caller
1313 * should have asked for a number...
1314 */
1315 if (str_value_map[i].ptr == NULL((void*)0)) {
1316 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1316,__func__), ERR_set_error)((6),(147),((void*)0));
1317 return -2;
1318 }
1319 ctx->p2 = str_value_map[i].ptr;
1320 ctx->p1 = strlen(ctx->p2);
1321 }
1322
1323 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1324 return ret;
1325
1326 if ((ctx->action_type == SET && state == PRE_PARAMS_TO_CTRL)
1327 || (ctx->action_type == GET && state == POST_CTRL_TO_PARAMS)) {
1328 size_t i;
1329
1330 for (i = 0; i < OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0])); i++) {
1331 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1332 break;
1333 }
1334
1335 if (i == OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0]))) {
1336 ERR_raise_data(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1336,__func__), ERR_set_error)(ERR_LIB_RSA4, RSA_R_UNKNOWN_PADDING_TYPE118,
1337 "[action:%d, state:%d] padding name %s",
1338 ctx->action_type, state, ctx->p1);
1339 ctx->p1 = ret = -2;
1340 } else if (state == POST_CTRL_TO_PARAMS) {
1341 /* EVP_PKEY_CTRL_GET_RSA_PADDING weirdness explained further up */
1342 *(int *)ctx->orig_p2 = str_value_map[i].id;
1343 } else {
1344 ctx->p1 = str_value_map[i].id;
1345 }
1346 ctx->p2 = NULL((void*)0);
1347 }
1348
1349 return ret;
1350}
1351
1352/* EVP_PKEY_CTRL_RSA_PSS_SALTLEN, EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN */
1353static int fix_rsa_pss_saltlen(enum state state,
1354 const struct translation_st *translation,
1355 struct translation_ctx_st *ctx)
1356{
1357 static const OSSL_ITEM str_value_map[] = {
1358 { (unsigned int)RSA_PSS_SALTLEN_DIGEST-1, "digest" },
1359 { (unsigned int)RSA_PSS_SALTLEN_MAX-3, "max" },
1360 { (unsigned int)RSA_PSS_SALTLEN_AUTO-2, "auto" }
1361 };
1362 int ret;
1363
1364 if ((ret = default_check(state, translation, ctx)) <= 0)
1365 return ret;
1366
1367 if (state == PRE_CTRL_TO_PARAMS && ctx->action_type == GET) {
1368 /*
1369 * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN returns the saltlen by filling
1370 * in the int pointed at by p2. This is potentially as weird as
1371 * the way EVP_PKEY_CTRL_GET_RSA_PADDING works, except that saltlen
1372 * might be a negative value, so it wouldn't work as a legitimate
1373 * return value.
1374 * In any case, we must therefore remember |ctx->p2|, then make
1375 * |ctx->p2| point at a buffer to be filled in with the name, and
1376 * |ctx->p1| with its size. default_fixup_args() will take care
1377 * of the rest for us, along with the POST_CTRL_TO_PARAMS && GET
1378 * code section further down.
1379 */
1380 ctx->orig_p2 = ctx->p2;
1381 ctx->p2 = ctx->name_buf;
1382 ctx->p1 = sizeof(ctx->name_buf);
1383 } else if ((ctx->action_type == SET && state == PRE_CTRL_TO_PARAMS)
1384 || (ctx->action_type == GET && state == POST_PARAMS_TO_CTRL)) {
1385 size_t i;
1386
1387 for (i = 0; i < OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0])); i++) {
1388 if (ctx->p1 == (int)str_value_map[i].id)
1389 break;
1390 }
1391 if (i == OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0]))) {
1392 BIO_snprintf(ctx->name_buf, sizeof(ctx->name_buf), "%d", ctx->p1);
1393 } else {
1394 /* This won't truncate but it will quiet static analysers */
1395 strncpy(ctx->name_buf, str_value_map[i].ptr, sizeof(ctx->name_buf) - 1);
1396 ctx->name_buf[sizeof(ctx->name_buf) - 1] = '\0';
1397 }
1398 ctx->p2 = ctx->name_buf;
1399 ctx->p1 = strlen(ctx->p2);
1400 }
1401
1402 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1403 return ret;
1404
1405 if ((ctx->action_type == SET && state == PRE_PARAMS_TO_CTRL)
1406 || (ctx->action_type == GET && state == POST_CTRL_TO_PARAMS)) {
1407 size_t i;
1408 int val;
1409
1410 for (i = 0; i < OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0])); i++) {
1411 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1412 break;
1413 }
1414
1415 val = i == OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0])) ? atoi(ctx->p2)
1416 : (int)str_value_map[i].id;
1417 if (state == POST_CTRL_TO_PARAMS) {
1418 /*
1419 * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN weirdness explained further
1420 * up
1421 */
1422 *(int *)ctx->orig_p2 = val;
1423 } else {
1424 ctx->p1 = val;
1425 }
1426 ctx->p2 = NULL((void*)0);
1427 }
1428
1429 return ret;
1430}
1431
1432/* EVP_PKEY_CTRL_HKDF_MODE */
1433static int fix_hkdf_mode(enum state state,
1434 const struct translation_st *translation,
1435 struct translation_ctx_st *ctx)
1436{
1437 static const OSSL_ITEM str_value_map[] = {
1438 { EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND0, "EXTRACT_AND_EXPAND" },
1439 { EVP_KDF_HKDF_MODE_EXTRACT_ONLY1, "EXTRACT_ONLY" },
1440 { EVP_KDF_HKDF_MODE_EXPAND_ONLY2, "EXPAND_ONLY" }
1441 };
1442 int ret;
1443
1444 if ((ret = default_check(state, translation, ctx)) <= 0)
1445 return ret;
1446
1447 if ((ctx->action_type == SET && state == PRE_CTRL_TO_PARAMS)
1448 || (ctx->action_type == GET && state == POST_PARAMS_TO_CTRL)) {
1449 size_t i;
1450
1451 for (i = 0; i < OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0])); i++) {
1452 if (ctx->p1 == (int)str_value_map[i].id)
1453 break;
1454 }
1455 if (i == OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0])))
1456 return 0;
1457 ctx->p2 = str_value_map[i].ptr;
1458 ctx->p1 = strlen(ctx->p2);
1459 }
1460
1461 if ((ret = default_fixup_args(state, translation, ctx)) <= 0)
1462 return ret;
1463
1464 if ((ctx->action_type == SET && state == PRE_PARAMS_TO_CTRL)
1465 || (ctx->action_type == GET && state == POST_CTRL_TO_PARAMS)) {
1466 size_t i;
1467
1468 for (i = 0; i < OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0])); i++) {
1469 if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
1470 break;
1471 }
1472 if (i == OSSL_NELEM(str_value_map)(sizeof(str_value_map)/sizeof((str_value_map)[0])))
1473 return 0;
1474 if (state == POST_CTRL_TO_PARAMS)
1475 ret = str_value_map[i].id;
Value stored to 'ret' is never read
1476 else
1477 ctx->p1 = str_value_map[i].id;
1478 ctx->p2 = NULL((void*)0);
1479 }
1480
1481 return 1;
1482}
1483
1484/*-
1485 * Payload getters
1486 * ===============
1487 *
1488 * These all get the data they want, then call default_fixup_args() as
1489 * a post-ctrl GET fixup. They all get NULL ctx, ctrl_cmd, ctrl_str,
1490 * p1, sz
1491 */
1492
1493/* Pilfering DH, DSA and EC_KEY */
1494static int get_payload_group_name(enum state state,
1495 const struct translation_st *translation,
1496 struct translation_ctx_st *ctx)
1497{
1498 EVP_PKEY *pkey = ctx->p2;
1499
1500 ctx->p2 = NULL((void*)0);
1501 switch (EVP_PKEY_get_base_id(pkey)) {
1502#ifndef OPENSSL_NO_DH
1503 case EVP_PKEY_DH28:
1504 {
1505 const DH *dh = EVP_PKEY_get0_DH(pkey);
1506 int uid = DH_get_nid(dh);
1507
1508 if (uid != NID_undef0) {
1509 const DH_NAMED_GROUP *dh_group =
1510 ossl_ffc_uid_to_dh_named_group(uid);
1511
1512 ctx->p2 = (char *)ossl_ffc_named_group_get_name(dh_group);
1513 }
1514 }
1515 break;
1516#endif
1517#ifndef OPENSSL_NO_EC
1518 case EVP_PKEY_EC408:
1519 {
1520 const EC_GROUP *grp =
1521 EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey));
1522 int nid = NID_undef0;
1523
1524 if (grp != NULL((void*)0))
1525 nid = EC_GROUP_get_curve_name(grp);
1526 if (nid != NID_undef0)
1527 ctx->p2 = (char *)OSSL_EC_curve_nid2name(nid);
1528 }
1529 break;
1530#endif
1531 default:
1532 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1532,__func__), ERR_set_error)((6),(224),((void*)0));
1533 return 0;
1534 }
1535
1536 /*
1537 * Quietly ignoring unknown groups matches the behaviour on the provider
1538 * side.
1539 */
1540 if (ctx->p2 == NULL((void*)0))
1541 return 1;
1542
1543 ctx->p1 = strlen(ctx->p2);
1544 return default_fixup_args(state, translation, ctx);
1545}
1546
1547static int get_payload_private_key(enum state state,
1548 const struct translation_st *translation,
1549 struct translation_ctx_st *ctx)
1550{
1551 EVP_PKEY *pkey = ctx->p2;
1552
1553 ctx->p2 = NULL((void*)0);
1554 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER2)
1555 return 0;
1556
1557 switch (EVP_PKEY_get_base_id(pkey)) {
1558#ifndef OPENSSL_NO_DH
1559 case EVP_PKEY_DH28:
1560 {
1561 const DH *dh = EVP_PKEY_get0_DH(pkey);
1562
1563 ctx->p2 = (BIGNUM *)DH_get0_priv_key(dh);
1564 }
1565 break;
1566#endif
1567#ifndef OPENSSL_NO_EC
1568 case EVP_PKEY_EC408:
1569 {
1570 const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
1571
1572 ctx->p2 = (BIGNUM *)EC_KEY_get0_private_key(ec);
1573 }
1574 break;
1575#endif
1576 default:
1577 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1577,__func__), ERR_set_error)((6),(224),((void*)0));
1578 return 0;
1579 }
1580
1581 return default_fixup_args(state, translation, ctx);
1582}
1583
1584static int get_payload_public_key(enum state state,
1585 const struct translation_st *translation,
1586 struct translation_ctx_st *ctx)
1587{
1588 EVP_PKEY *pkey = ctx->p2;
1589 unsigned char *buf = NULL((void*)0);
1590 int ret;
1591
1592 ctx->p2 = NULL((void*)0);
1593 switch (EVP_PKEY_get_base_id(pkey)) {
1594#ifndef OPENSSL_NO_DH
1595 case EVP_PKEY_DHX920:
1596 case EVP_PKEY_DH28:
1597 switch (ctx->params->data_type) {
1598 case OSSL_PARAM_OCTET_STRING5:
1599 ctx->sz = ossl_dh_key2buf(EVP_PKEY_get0_DH(pkey), &buf, 0, 1);
1600 ctx->p2 = buf;
1601 break;
1602 case OSSL_PARAM_UNSIGNED_INTEGER2:
1603 ctx->p2 = (void *)DH_get0_pub_key(EVP_PKEY_get0_DH(pkey));
1604 break;
1605 default:
1606 return 0;
1607 }
1608 break;
1609#endif
1610#ifndef OPENSSL_NO_DSA
1611 case EVP_PKEY_DSA116:
1612 if (ctx->params->data_type == OSSL_PARAM_UNSIGNED_INTEGER2) {
1613 ctx->p2 = (void *)DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey));
1614 break;
1615 }
1616 return 0;
1617#endif
1618#ifndef OPENSSL_NO_EC
1619 case EVP_PKEY_EC408:
1620 if (ctx->params->data_type == OSSL_PARAM_OCTET_STRING5) {
1621 const EC_KEY *eckey = EVP_PKEY_get0_EC_KEY(pkey);
1622 BN_CTX *bnctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eckey));
1623 const EC_GROUP *ecg = EC_KEY_get0_group(eckey);
1624 const EC_POINT *point = EC_KEY_get0_public_key(eckey);
1625
1626 if (bnctx == NULL((void*)0))
1627 return 0;
1628 ctx->sz = EC_POINT_point2buf(ecg, point,
1629 POINT_CONVERSION_COMPRESSED,
1630 &buf, bnctx);
1631 ctx->p2 = buf;
1632 BN_CTX_free(bnctx);
1633 break;
1634 }
1635 return 0;
1636#endif
1637 default:
1638 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1638,__func__), ERR_set_error)((6),(224),((void*)0));
1639 return 0;
1640 }
1641
1642 ret = default_fixup_args(state, translation, ctx);
1643 OPENSSL_free(buf)CRYPTO_free(buf, "../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
, 1643);
1644 return ret;
1645}
1646
1647static int get_payload_bn(enum state state,
1648 const struct translation_st *translation,
1649 struct translation_ctx_st *ctx, const BIGNUM *bn)
1650{
1651 if (bn == NULL((void*)0))
1652 return 0;
1653 if (ctx->params->data_type != OSSL_PARAM_UNSIGNED_INTEGER2)
1654 return 0;
1655 ctx->p2 = (BIGNUM *)bn;
1656
1657 return default_fixup_args(state, translation, ctx);
1658}
1659
1660static int get_dh_dsa_payload_p(enum state state,
1661 const struct translation_st *translation,
1662 struct translation_ctx_st *ctx)
1663{
1664 const BIGNUM *bn = NULL((void*)0);
1665 EVP_PKEY *pkey = ctx->p2;
1666
1667 switch (EVP_PKEY_get_base_id(pkey)) {
1668#ifndef OPENSSL_NO_DH
1669 case EVP_PKEY_DH28:
1670 bn = DH_get0_p(EVP_PKEY_get0_DH(pkey));
1671 break;
1672#endif
1673#ifndef OPENSSL_NO_DSA
1674 case EVP_PKEY_DSA116:
1675 bn = DSA_get0_p(EVP_PKEY_get0_DSA(pkey));
1676 break;
1677#endif
1678 default:
1679 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1679,__func__), ERR_set_error)((6),(224),((void*)0));
1680 }
1681
1682 return get_payload_bn(state, translation, ctx, bn);
1683}
1684
1685static int get_dh_dsa_payload_q(enum state state,
1686 const struct translation_st *translation,
1687 struct translation_ctx_st *ctx)
1688{
1689 const BIGNUM *bn = NULL((void*)0);
1690
1691 switch (EVP_PKEY_get_base_id(ctx->p2)) {
1692#ifndef OPENSSL_NO_DH
1693 case EVP_PKEY_DH28:
1694 bn = DH_get0_q(EVP_PKEY_get0_DH(ctx->p2));
1695 break;
1696#endif
1697#ifndef OPENSSL_NO_DSA
1698 case EVP_PKEY_DSA116:
1699 bn = DSA_get0_q(EVP_PKEY_get0_DSA(ctx->p2));
1700 break;
1701#endif
1702 }
1703
1704 return get_payload_bn(state, translation, ctx, bn);
1705}
1706
1707static int get_dh_dsa_payload_g(enum state state,
1708 const struct translation_st *translation,
1709 struct translation_ctx_st *ctx)
1710{
1711 const BIGNUM *bn = NULL((void*)0);
1712
1713 switch (EVP_PKEY_get_base_id(ctx->p2)) {
1714#ifndef OPENSSL_NO_DH
1715 case EVP_PKEY_DH28:
1716 bn = DH_get0_g(EVP_PKEY_get0_DH(ctx->p2));
1717 break;
1718#endif
1719#ifndef OPENSSL_NO_DSA
1720 case EVP_PKEY_DSA116:
1721 bn = DSA_get0_g(EVP_PKEY_get0_DSA(ctx->p2));
1722 break;
1723#endif
1724 }
1725
1726 return get_payload_bn(state, translation, ctx, bn);
1727}
1728
1729static int get_payload_int(enum state state,
1730 const struct translation_st *translation,
1731 struct translation_ctx_st *ctx,
1732 const int val)
1733{
1734 if (ctx->params->data_type != OSSL_PARAM_INTEGER1)
1735 return 0;
1736 ctx->p1 = val;
1737 ctx->p2 = NULL((void*)0);
1738
1739 return default_fixup_args(state, translation, ctx);
1740}
1741
1742static int get_ec_decoded_from_explicit_params(enum state state,
1743 const struct translation_st *translation,
1744 struct translation_ctx_st *ctx)
1745{
1746 int val = 0;
1747 EVP_PKEY *pkey = ctx->p2;
1748
1749 switch (EVP_PKEY_base_idEVP_PKEY_get_base_id(pkey)) {
1750#ifndef OPENSSL_NO_EC
1751 case EVP_PKEY_EC408:
1752 val = EC_KEY_decoded_from_explicit_params(EVP_PKEY_get0_EC_KEY(pkey));
1753 if (val < 0) {
1754 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1754,__func__), ERR_set_error)((6),(163),((void*)0));
1755 return 0;
1756 }
1757 break;
1758#endif
1759 default:
1760 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,1760,__func__), ERR_set_error)((6),(224),((void*)0));
1761 return 0;
1762 }
1763
1764 return get_payload_int(state, translation, ctx, val);
1765}
1766
1767static int get_rsa_payload_n(enum state state,
1768 const struct translation_st *translation,
1769 struct translation_ctx_st *ctx)
1770{
1771 const BIGNUM *bn = NULL((void*)0);
1772
1773 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA6)
1774 return 0;
1775 bn = RSA_get0_n(EVP_PKEY_get0_RSA(ctx->p2));
1776
1777 return get_payload_bn(state, translation, ctx, bn);
1778}
1779
1780static int get_rsa_payload_e(enum state state,
1781 const struct translation_st *translation,
1782 struct translation_ctx_st *ctx)
1783{
1784 const BIGNUM *bn = NULL((void*)0);
1785
1786 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA6)
1787 return 0;
1788 bn = RSA_get0_e(EVP_PKEY_get0_RSA(ctx->p2));
1789
1790 return get_payload_bn(state, translation, ctx, bn);
1791}
1792
1793static int get_rsa_payload_d(enum state state,
1794 const struct translation_st *translation,
1795 struct translation_ctx_st *ctx)
1796{
1797 const BIGNUM *bn = NULL((void*)0);
1798
1799 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA6)
1800 return 0;
1801 bn = RSA_get0_d(EVP_PKEY_get0_RSA(ctx->p2));
1802
1803 return get_payload_bn(state, translation, ctx, bn);
1804}
1805
1806static int get_rsa_payload_factor(enum state state,
1807 const struct translation_st *translation,
1808 struct translation_ctx_st *ctx,
1809 size_t factornum)
1810{
1811 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1812 const BIGNUM *bn = NULL((void*)0);
1813
1814 switch (factornum) {
1815 case 0:
1816 bn = RSA_get0_p(r);
1817 break;
1818 case 1:
1819 bn = RSA_get0_q(r);
1820 break;
1821 default:
1822 {
1823 size_t pnum = RSA_get_multi_prime_extra_count(r);
1824 const BIGNUM *factors[10];
1825
1826 if (factornum - 2 < pnum
1827 && RSA_get0_multi_prime_factors(r, factors))
1828 bn = factors[factornum - 2];
1829 }
1830 break;
1831 }
1832
1833 return get_payload_bn(state, translation, ctx, bn);
1834}
1835
1836static int get_rsa_payload_exponent(enum state state,
1837 const struct translation_st *translation,
1838 struct translation_ctx_st *ctx,
1839 size_t exponentnum)
1840{
1841 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1842 const BIGNUM *bn = NULL((void*)0);
1843
1844 switch (exponentnum) {
1845 case 0:
1846 bn = RSA_get0_dmp1(r);
1847 break;
1848 case 1:
1849 bn = RSA_get0_dmq1(r);
1850 break;
1851 default:
1852 {
1853 size_t pnum = RSA_get_multi_prime_extra_count(r);
1854 const BIGNUM *exps[10], *coeffs[10];
1855
1856 if (exponentnum - 2 < pnum
1857 && RSA_get0_multi_prime_crt_params(r, exps, coeffs))
1858 bn = exps[exponentnum - 2];
1859 }
1860 break;
1861 }
1862
1863 return get_payload_bn(state, translation, ctx, bn);
1864}
1865
1866static int get_rsa_payload_coefficient(enum state state,
1867 const struct translation_st *translation,
1868 struct translation_ctx_st *ctx,
1869 size_t coefficientnum)
1870{
1871 const RSA *r = EVP_PKEY_get0_RSA(ctx->p2);
1872 const BIGNUM *bn = NULL((void*)0);
1873
1874 switch (coefficientnum) {
1875 case 0:
1876 bn = RSA_get0_iqmp(r);
1877 break;
1878 default:
1879 {
1880 size_t pnum = RSA_get_multi_prime_extra_count(r);
1881 const BIGNUM *exps[10], *coeffs[10];
1882
1883 if (coefficientnum - 1 < pnum
1884 && RSA_get0_multi_prime_crt_params(r, exps, coeffs))
1885 bn = coeffs[coefficientnum - 1];
1886 }
1887 break;
1888 }
1889
1890 return get_payload_bn(state, translation, ctx, bn);
1891}
1892
1893#define IMPL_GET_RSA_PAYLOAD_FACTOR(n)static int get_rsa_payload_fn(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_factor(state
, translation, ctx, n - 1); } \
1894 static int \
1895 get_rsa_payload_f##n(enum state state, \
1896 const struct translation_st *translation, \
1897 struct translation_ctx_st *ctx) \
1898 { \
1899 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA6) \
1900 return 0; \
1901 return get_rsa_payload_factor(state, translation, ctx, n - 1); \
1902 }
1903
1904#define IMPL_GET_RSA_PAYLOAD_EXPONENT(n)static int get_rsa_payload_en(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_exponent(
state, translation, ctx, n - 1); } \
1905 static int \
1906 get_rsa_payload_e##n(enum state state, \
1907 const struct translation_st *translation, \
1908 struct translation_ctx_st *ctx) \
1909 { \
1910 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA6) \
1911 return 0; \
1912 return get_rsa_payload_exponent(state, translation, ctx, \
1913 n - 1); \
1914 }
1915
1916#define IMPL_GET_RSA_PAYLOAD_COEFFICIENT(n)static int get_rsa_payload_cn(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_coefficient
(state, translation, ctx, n - 1); } \
1917 static int \
1918 get_rsa_payload_c##n(enum state state, \
1919 const struct translation_st *translation, \
1920 struct translation_ctx_st *ctx) \
1921 { \
1922 if (EVP_PKEY_get_base_id(ctx->p2) != EVP_PKEY_RSA6) \
1923 return 0; \
1924 return get_rsa_payload_coefficient(state, translation, ctx, \
1925 n - 1); \
1926 }
1927
1928IMPL_GET_RSA_PAYLOAD_FACTOR(1)static int get_rsa_payload_f1(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_factor(state
, translation, ctx, 1 - 1); }
1929IMPL_GET_RSA_PAYLOAD_FACTOR(2)static int get_rsa_payload_f2(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_factor(state
, translation, ctx, 2 - 1); }
1930IMPL_GET_RSA_PAYLOAD_FACTOR(3)static int get_rsa_payload_f3(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_factor(state
, translation, ctx, 3 - 1); }
1931IMPL_GET_RSA_PAYLOAD_FACTOR(4)static int get_rsa_payload_f4(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_factor(state
, translation, ctx, 4 - 1); }
1932IMPL_GET_RSA_PAYLOAD_FACTOR(5)static int get_rsa_payload_f5(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_factor(state
, translation, ctx, 5 - 1); }
1933IMPL_GET_RSA_PAYLOAD_FACTOR(6)static int get_rsa_payload_f6(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_factor(state
, translation, ctx, 6 - 1); }
1934IMPL_GET_RSA_PAYLOAD_FACTOR(7)static int get_rsa_payload_f7(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_factor(state
, translation, ctx, 7 - 1); }
1935IMPL_GET_RSA_PAYLOAD_FACTOR(8)static int get_rsa_payload_f8(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_factor(state
, translation, ctx, 8 - 1); }
1936IMPL_GET_RSA_PAYLOAD_FACTOR(9)static int get_rsa_payload_f9(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_factor(state
, translation, ctx, 9 - 1); }
1937IMPL_GET_RSA_PAYLOAD_FACTOR(10)static int get_rsa_payload_f10(enum state state, const struct
translation_st *translation, struct translation_ctx_st *ctx)
{ if (EVP_PKEY_get_base_id(ctx->p2) != 6) return 0; return
get_rsa_payload_factor(state, translation, ctx, 10 - 1); }
1938IMPL_GET_RSA_PAYLOAD_EXPONENT(1)static int get_rsa_payload_e1(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_exponent(
state, translation, ctx, 1 - 1); }
1939IMPL_GET_RSA_PAYLOAD_EXPONENT(2)static int get_rsa_payload_e2(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_exponent(
state, translation, ctx, 2 - 1); }
1940IMPL_GET_RSA_PAYLOAD_EXPONENT(3)static int get_rsa_payload_e3(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_exponent(
state, translation, ctx, 3 - 1); }
1941IMPL_GET_RSA_PAYLOAD_EXPONENT(4)static int get_rsa_payload_e4(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_exponent(
state, translation, ctx, 4 - 1); }
1942IMPL_GET_RSA_PAYLOAD_EXPONENT(5)static int get_rsa_payload_e5(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_exponent(
state, translation, ctx, 5 - 1); }
1943IMPL_GET_RSA_PAYLOAD_EXPONENT(6)static int get_rsa_payload_e6(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_exponent(
state, translation, ctx, 6 - 1); }
1944IMPL_GET_RSA_PAYLOAD_EXPONENT(7)static int get_rsa_payload_e7(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_exponent(
state, translation, ctx, 7 - 1); }
1945IMPL_GET_RSA_PAYLOAD_EXPONENT(8)static int get_rsa_payload_e8(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_exponent(
state, translation, ctx, 8 - 1); }
1946IMPL_GET_RSA_PAYLOAD_EXPONENT(9)static int get_rsa_payload_e9(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_exponent(
state, translation, ctx, 9 - 1); }
1947IMPL_GET_RSA_PAYLOAD_EXPONENT(10)static int get_rsa_payload_e10(enum state state, const struct
translation_st *translation, struct translation_ctx_st *ctx)
{ if (EVP_PKEY_get_base_id(ctx->p2) != 6) return 0; return
get_rsa_payload_exponent(state, translation, ctx, 10 - 1); }
1948IMPL_GET_RSA_PAYLOAD_COEFFICIENT(1)static int get_rsa_payload_c1(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_coefficient
(state, translation, ctx, 1 - 1); }
1949IMPL_GET_RSA_PAYLOAD_COEFFICIENT(2)static int get_rsa_payload_c2(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_coefficient
(state, translation, ctx, 2 - 1); }
1950IMPL_GET_RSA_PAYLOAD_COEFFICIENT(3)static int get_rsa_payload_c3(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_coefficient
(state, translation, ctx, 3 - 1); }
1951IMPL_GET_RSA_PAYLOAD_COEFFICIENT(4)static int get_rsa_payload_c4(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_coefficient
(state, translation, ctx, 4 - 1); }
1952IMPL_GET_RSA_PAYLOAD_COEFFICIENT(5)static int get_rsa_payload_c5(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_coefficient
(state, translation, ctx, 5 - 1); }
1953IMPL_GET_RSA_PAYLOAD_COEFFICIENT(6)static int get_rsa_payload_c6(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_coefficient
(state, translation, ctx, 6 - 1); }
1954IMPL_GET_RSA_PAYLOAD_COEFFICIENT(7)static int get_rsa_payload_c7(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_coefficient
(state, translation, ctx, 7 - 1); }
1955IMPL_GET_RSA_PAYLOAD_COEFFICIENT(8)static int get_rsa_payload_c8(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_coefficient
(state, translation, ctx, 8 - 1); }
1956IMPL_GET_RSA_PAYLOAD_COEFFICIENT(9)static int get_rsa_payload_c9(enum state state, const struct translation_st
*translation, struct translation_ctx_st *ctx) { if (EVP_PKEY_get_base_id
(ctx->p2) != 6) return 0; return get_rsa_payload_coefficient
(state, translation, ctx, 9 - 1); }
1957
1958/*-
1959 * The translation table itself
1960 * ============================
1961 */
1962
1963static const struct translation_st evp_pkey_ctx_translations[] = {
1964 /*
1965 * DistID: we pass it to the backend as an octet string,
1966 * but get it back as a pointer to an octet string.
1967 *
1968 * Note that the EVP_PKEY_CTRL_GET1_ID_LEN is purely for legacy purposes
1969 * that has no separate counterpart in OSSL_PARAM terms, since we get
1970 * the length of the DistID automatically when getting the DistID itself.
1971 */
1972 { SET, -1, -1, EVP_PKEY_OP_TYPE_SIG((1<<4) | (1<<5) | (1<<6) | (1<<7) | (
1<<8)),
1973 EVP_PKEY_CTRL_SET1_ID15, "distid", "hexdistid",
1974 OSSL_PKEY_PARAM_DIST_ID"distid", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
1975 { GET, -1, -1, -1,
1976 EVP_PKEY_CTRL_GET1_ID16, "distid", "hexdistid",
1977 OSSL_PKEY_PARAM_DIST_ID"distid", OSSL_PARAM_OCTET_PTR7, NULL((void*)0) },
1978 { GET, -1, -1, -1,
1979 EVP_PKEY_CTRL_GET1_ID_LEN17, NULL((void*)0), NULL((void*)0),
1980 OSSL_PKEY_PARAM_DIST_ID"distid", OSSL_PARAM_OCTET_PTR7, fix_distid_len },
1981
1982 /*-
1983 * DH & DHX
1984 * ========
1985 */
1986
1987 /*
1988 * EVP_PKEY_CTRL_DH_KDF_TYPE is used both for setting and getting. The
1989 * fixup function has to handle this...
1990 */
1991 { NONE, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_DERIVE(1<<11),
1992 EVP_PKEY_CTRL_DH_KDF_TYPE(0x1000 + 6), NULL((void*)0), NULL((void*)0),
1993 OSSL_EXCHANGE_PARAM_KDF_TYPE"kdf-type", OSSL_PARAM_UTF8_STRING4,
1994 fix_dh_kdf_type },
1995 { SET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_DERIVE(1<<11),
1996 EVP_PKEY_CTRL_DH_KDF_MD(0x1000 + 7), NULL((void*)0), NULL((void*)0),
1997 OSSL_EXCHANGE_PARAM_KDF_DIGEST"kdf-digest", OSSL_PARAM_UTF8_STRING4, fix_md },
1998 { GET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_DERIVE(1<<11),
1999 EVP_PKEY_CTRL_GET_DH_KDF_MD(0x1000 + 8), NULL((void*)0), NULL((void*)0),
2000 OSSL_EXCHANGE_PARAM_KDF_DIGEST"kdf-digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2001 { SET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_DERIVE(1<<11),
2002 EVP_PKEY_CTRL_DH_KDF_OUTLEN(0x1000 + 9), NULL((void*)0), NULL((void*)0),
2003 OSSL_EXCHANGE_PARAM_KDF_OUTLEN"kdf-outlen", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2004 { GET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_DERIVE(1<<11),
2005 EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN(0x1000 + 10), NULL((void*)0), NULL((void*)0),
2006 OSSL_EXCHANGE_PARAM_KDF_OUTLEN"kdf-outlen", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2007 { SET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_DERIVE(1<<11),
2008 EVP_PKEY_CTRL_DH_KDF_UKM(0x1000 + 11), NULL((void*)0), NULL((void*)0),
2009 OSSL_EXCHANGE_PARAM_KDF_UKM"kdf-ukm", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2010 { GET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_DERIVE(1<<11),
2011 EVP_PKEY_CTRL_GET_DH_KDF_UKM(0x1000 + 12), NULL((void*)0), NULL((void*)0),
2012 OSSL_EXCHANGE_PARAM_KDF_UKM"kdf-ukm", OSSL_PARAM_OCTET_PTR7, NULL((void*)0) },
2013 { SET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_DERIVE(1<<11),
2014 EVP_PKEY_CTRL_DH_KDF_OID(0x1000 + 13), NULL((void*)0), NULL((void*)0),
2015 OSSL_KDF_PARAM_CEK_ALG"cekalg", OSSL_PARAM_UTF8_STRING4, fix_oid },
2016 { GET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_DERIVE(1<<11),
2017 EVP_PKEY_CTRL_GET_DH_KDF_OID(0x1000 + 14), NULL((void*)0), NULL((void*)0),
2018 OSSL_KDF_PARAM_CEK_ALG"cekalg", OSSL_PARAM_UTF8_STRING4, fix_oid },
2019
2020 /* DHX Keygen Parameters that are shared with DH */
2021 { SET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_PARAMGEN(1<<1),
2022 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE(0x1000 + 5), "dh_paramgen_type", NULL((void*)0),
2023 OSSL_PKEY_PARAM_FFC_TYPE"type", OSSL_PARAM_UTF8_STRING4, fix_dh_paramgen_type },
2024 { SET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_PARAMGEN(1<<1),
2025 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN(0x1000 + 1), "dh_paramgen_prime_len", NULL((void*)0),
2026 OSSL_PKEY_PARAM_FFC_PBITS"pbits", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2027 { SET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_PARAMGEN(1<<1) | EVP_PKEY_OP_KEYGEN(1<<2),
2028 EVP_PKEY_CTRL_DH_NID(0x1000 + 15), "dh_param", NULL((void*)0),
2029 OSSL_PKEY_PARAM_GROUP_NAME"group", OSSL_PARAM_UTF8_STRING4, NULL((void*)0) },
2030 { SET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_PARAMGEN(1<<1) | EVP_PKEY_OP_KEYGEN(1<<2),
2031 EVP_PKEY_CTRL_DH_RFC5114(0x1000 + 3), "dh_rfc5114", NULL((void*)0),
2032 OSSL_PKEY_PARAM_GROUP_NAME"group", OSSL_PARAM_UTF8_STRING4, fix_dh_nid5114 },
2033
2034 /* DH Keygen Parameters that are shared with DHX */
2035 { SET, EVP_PKEY_DH28, 0, EVP_PKEY_OP_PARAMGEN(1<<1),
2036 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE(0x1000 + 5), "dh_paramgen_type", NULL((void*)0),
2037 OSSL_PKEY_PARAM_FFC_TYPE"type", OSSL_PARAM_UTF8_STRING4, fix_dh_paramgen_type },
2038 { SET, EVP_PKEY_DH28, 0, EVP_PKEY_OP_PARAMGEN(1<<1),
2039 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN(0x1000 + 1), "dh_paramgen_prime_len", NULL((void*)0),
2040 OSSL_PKEY_PARAM_FFC_PBITS"pbits", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2041 { SET, EVP_PKEY_DH28, 0, EVP_PKEY_OP_PARAMGEN(1<<1) | EVP_PKEY_OP_KEYGEN(1<<2),
2042 EVP_PKEY_CTRL_DH_NID(0x1000 + 15), "dh_param", NULL((void*)0),
2043 OSSL_PKEY_PARAM_GROUP_NAME"group", OSSL_PARAM_UTF8_STRING4, fix_dh_nid },
2044 { SET, EVP_PKEY_DH28, 0, EVP_PKEY_OP_PARAMGEN(1<<1) | EVP_PKEY_OP_KEYGEN(1<<2),
2045 EVP_PKEY_CTRL_DH_RFC5114(0x1000 + 3), "dh_rfc5114", NULL((void*)0),
2046 OSSL_PKEY_PARAM_GROUP_NAME"group", OSSL_PARAM_UTF8_STRING4, fix_dh_nid5114 },
2047
2048 /* DH specific Keygen Parameters */
2049 { SET, EVP_PKEY_DH28, 0, EVP_PKEY_OP_PARAMGEN(1<<1),
2050 EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR(0x1000 + 2), "dh_paramgen_generator", NULL((void*)0),
2051 OSSL_PKEY_PARAM_DH_GENERATOR"safeprime-generator", OSSL_PARAM_INTEGER1, NULL((void*)0) },
2052
2053 /* DHX specific Keygen Parameters */
2054 { SET, EVP_PKEY_DHX920, 0, EVP_PKEY_OP_PARAMGEN(1<<1),
2055 EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN(0x1000 + 4), "dh_paramgen_subprime_len", NULL((void*)0),
2056 OSSL_PKEY_PARAM_FFC_QBITS"qbits", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2057
2058 { SET, EVP_PKEY_DH28, 0, EVP_PKEY_OP_DERIVE(1<<11),
2059 EVP_PKEY_CTRL_DH_PAD(0x1000 + 16), "dh_pad", NULL((void*)0),
2060 OSSL_EXCHANGE_PARAM_PAD"pad", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2061
2062 /*-
2063 * DSA
2064 * ===
2065 */
2066 { SET, EVP_PKEY_DSA116, 0, EVP_PKEY_OP_PARAMGEN(1<<1),
2067 EVP_PKEY_CTRL_DSA_PARAMGEN_BITS(0x1000 + 1), "dsa_paramgen_bits", NULL((void*)0),
2068 OSSL_PKEY_PARAM_FFC_PBITS"pbits", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2069 { SET, EVP_PKEY_DSA116, 0, EVP_PKEY_OP_PARAMGEN(1<<1),
2070 EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS(0x1000 + 2), "dsa_paramgen_q_bits", NULL((void*)0),
2071 OSSL_PKEY_PARAM_FFC_QBITS"qbits", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2072 { SET, EVP_PKEY_DSA116, 0, EVP_PKEY_OP_PARAMGEN(1<<1),
2073 EVP_PKEY_CTRL_DSA_PARAMGEN_MD(0x1000 + 3), "dsa_paramgen_md", NULL((void*)0),
2074 OSSL_PKEY_PARAM_FFC_DIGEST"digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2075
2076 /*-
2077 * EC
2078 * ==
2079 */
2080 { SET, EVP_PKEY_EC408, 0, EVP_PKEY_OP_PARAMGEN(1<<1) | EVP_PKEY_OP_KEYGEN(1<<2),
2081 EVP_PKEY_CTRL_EC_PARAM_ENC(0x1000 + 2), "ec_param_enc", NULL((void*)0),
2082 OSSL_PKEY_PARAM_EC_ENCODING"encoding", OSSL_PARAM_UTF8_STRING4, fix_ec_param_enc },
2083 { SET, EVP_PKEY_EC408, 0, EVP_PKEY_OP_PARAMGEN(1<<1) | EVP_PKEY_OP_KEYGEN(1<<2),
2084 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID(0x1000 + 1), "ec_paramgen_curve", NULL((void*)0),
2085 OSSL_PKEY_PARAM_GROUP_NAME"group", OSSL_PARAM_UTF8_STRING4,
2086 fix_ec_paramgen_curve_nid },
2087 /*
2088 * EVP_PKEY_CTRL_EC_ECDH_COFACTOR and EVP_PKEY_CTRL_EC_KDF_TYPE are used
2089 * both for setting and getting. The fixup function has to handle this...
2090 */
2091 { NONE, EVP_PKEY_EC408, 0, EVP_PKEY_OP_DERIVE(1<<11),
2092 EVP_PKEY_CTRL_EC_ECDH_COFACTOR(0x1000 + 3), "ecdh_cofactor_mode", NULL((void*)0),
2093 OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE"ecdh-cofactor-mode", OSSL_PARAM_INTEGER1,
2094 fix_ecdh_cofactor },
2095 { NONE, EVP_PKEY_EC408, 0, EVP_PKEY_OP_DERIVE(1<<11),
2096 EVP_PKEY_CTRL_EC_KDF_TYPE(0x1000 + 4), NULL((void*)0), NULL((void*)0),
2097 OSSL_EXCHANGE_PARAM_KDF_TYPE"kdf-type", OSSL_PARAM_UTF8_STRING4, fix_ec_kdf_type },
2098 { SET, EVP_PKEY_EC408, 0, EVP_PKEY_OP_DERIVE(1<<11),
2099 EVP_PKEY_CTRL_EC_KDF_MD(0x1000 + 5), "ecdh_kdf_md", NULL((void*)0),
2100 OSSL_EXCHANGE_PARAM_KDF_DIGEST"kdf-digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2101 { GET, EVP_PKEY_EC408, 0, EVP_PKEY_OP_DERIVE(1<<11),
2102 EVP_PKEY_CTRL_GET_EC_KDF_MD(0x1000 + 6), NULL((void*)0), NULL((void*)0),
2103 OSSL_EXCHANGE_PARAM_KDF_DIGEST"kdf-digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2104 { SET, EVP_PKEY_EC408, 0, EVP_PKEY_OP_DERIVE(1<<11),
2105 EVP_PKEY_CTRL_EC_KDF_OUTLEN(0x1000 + 7), NULL((void*)0), NULL((void*)0),
2106 OSSL_EXCHANGE_PARAM_KDF_OUTLEN"kdf-outlen", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2107 { GET, EVP_PKEY_EC408, 0, EVP_PKEY_OP_DERIVE(1<<11),
2108 EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN(0x1000 + 8), NULL((void*)0), NULL((void*)0),
2109 OSSL_EXCHANGE_PARAM_KDF_OUTLEN"kdf-outlen", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2110 { SET, EVP_PKEY_EC408, 0, EVP_PKEY_OP_DERIVE(1<<11),
2111 EVP_PKEY_CTRL_EC_KDF_UKM(0x1000 + 9), NULL((void*)0), NULL((void*)0),
2112 OSSL_EXCHANGE_PARAM_KDF_UKM"kdf-ukm", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2113 { GET, EVP_PKEY_EC408, 0, EVP_PKEY_OP_DERIVE(1<<11),
2114 EVP_PKEY_CTRL_GET_EC_KDF_UKM(0x1000 + 10), NULL((void*)0), NULL((void*)0),
2115 OSSL_EXCHANGE_PARAM_KDF_UKM"kdf-ukm", OSSL_PARAM_OCTET_PTR7, NULL((void*)0) },
2116
2117 /*-
2118 * RSA
2119 * ===
2120 */
2121
2122 /*
2123 * RSA padding modes are numeric with ctrls, strings with ctrl_strs,
2124 * and can be both with OSSL_PARAM. We standardise on strings here,
2125 * fix_rsa_padding_mode() does the work when the caller has a different
2126 * idea.
2127 */
2128 { SET, EVP_PKEY_RSA6, EVP_PKEY_RSA_PSS912,
2129 EVP_PKEY_OP_TYPE_CRYPT((1<<9) | (1<<10)) | EVP_PKEY_OP_TYPE_SIG((1<<4) | (1<<5) | (1<<6) | (1<<7) | (
1<<8)),
2130 EVP_PKEY_CTRL_RSA_PADDING(0x1000 + 1), "rsa_padding_mode", NULL((void*)0),
2131 OSSL_PKEY_PARAM_PAD_MODE"pad-mode", OSSL_PARAM_UTF8_STRING4, fix_rsa_padding_mode },
2132 { GET, EVP_PKEY_RSA6, EVP_PKEY_RSA_PSS912,
2133 EVP_PKEY_OP_TYPE_CRYPT((1<<9) | (1<<10)) | EVP_PKEY_OP_TYPE_SIG((1<<4) | (1<<5) | (1<<6) | (1<<7) | (
1<<8)),
2134 EVP_PKEY_CTRL_GET_RSA_PADDING(0x1000 + 6), NULL((void*)0), NULL((void*)0),
2135 OSSL_PKEY_PARAM_PAD_MODE"pad-mode", OSSL_PARAM_UTF8_STRING4, fix_rsa_padding_mode },
2136
2137 { SET, EVP_PKEY_RSA6, EVP_PKEY_RSA_PSS912,
2138 EVP_PKEY_OP_TYPE_CRYPT((1<<9) | (1<<10)) | EVP_PKEY_OP_TYPE_SIG((1<<4) | (1<<5) | (1<<6) | (1<<7) | (
1<<8)),
2139 EVP_PKEY_CTRL_RSA_MGF1_MD(0x1000 + 5), "rsa_mgf1_md", NULL((void*)0),
2140 OSSL_PKEY_PARAM_MGF1_DIGEST"mgf1-digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2141 { GET, EVP_PKEY_RSA6, EVP_PKEY_RSA_PSS912,
2142 EVP_PKEY_OP_TYPE_CRYPT((1<<9) | (1<<10)) | EVP_PKEY_OP_TYPE_SIG((1<<4) | (1<<5) | (1<<6) | (1<<7) | (
1<<8)),
2143 EVP_PKEY_CTRL_GET_RSA_MGF1_MD(0x1000 + 8), NULL((void*)0), NULL((void*)0),
2144 OSSL_PKEY_PARAM_MGF1_DIGEST"mgf1-digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2145
2146 /*
2147 * RSA-PSS saltlen is essentially numeric, but certain values can be
2148 * expressed as keywords (strings) with ctrl_str. The corresponding
2149 * OSSL_PARAM allows both forms.
2150 * fix_rsa_pss_saltlen() takes care of the distinction.
2151 */
2152 { SET, EVP_PKEY_RSA6, EVP_PKEY_RSA_PSS912, EVP_PKEY_OP_TYPE_SIG((1<<4) | (1<<5) | (1<<6) | (1<<7) | (
1<<8)),
2153 EVP_PKEY_CTRL_RSA_PSS_SALTLEN(0x1000 + 2), "rsa_pss_saltlen", NULL((void*)0),
2154 OSSL_PKEY_PARAM_RSA_PSS_SALTLEN"saltlen", OSSL_PARAM_UTF8_STRING4,
2155 fix_rsa_pss_saltlen },
2156 { GET, EVP_PKEY_RSA6, EVP_PKEY_RSA_PSS912, EVP_PKEY_OP_TYPE_SIG((1<<4) | (1<<5) | (1<<6) | (1<<7) | (
1<<8)),
2157 EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN(0x1000 + 7), NULL((void*)0), NULL((void*)0),
2158 OSSL_PKEY_PARAM_RSA_PSS_SALTLEN"saltlen", OSSL_PARAM_UTF8_STRING4,
2159 fix_rsa_pss_saltlen },
2160
2161 { SET, EVP_PKEY_RSA6, 0, EVP_PKEY_OP_TYPE_CRYPT((1<<9) | (1<<10)),
2162 EVP_PKEY_CTRL_RSA_OAEP_MD(0x1000 + 9), "rsa_oaep_md", NULL((void*)0),
2163 OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST"digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2164 { GET, EVP_PKEY_RSA6, 0, EVP_PKEY_OP_TYPE_CRYPT((1<<9) | (1<<10)),
2165 EVP_PKEY_CTRL_GET_RSA_OAEP_MD(0x1000 + 11), NULL((void*)0), NULL((void*)0),
2166 OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST"digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2167 /*
2168 * The "rsa_oaep_label" ctrl_str expects the value to always be hex.
2169 * This is accomodated by default_fixup_args() above, which mimics that
2170 * expectation for any translation item where |ctrl_str| is NULL and
2171 * |ctrl_hexstr| is non-NULL.
2172 */
2173 { SET, EVP_PKEY_RSA6, 0, EVP_PKEY_OP_TYPE_CRYPT((1<<9) | (1<<10)),
2174 EVP_PKEY_CTRL_RSA_OAEP_LABEL(0x1000 + 10), NULL((void*)0), "rsa_oaep_label",
2175 OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL"oaep-label", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2176 { GET, EVP_PKEY_RSA6, 0, EVP_PKEY_OP_TYPE_CRYPT((1<<9) | (1<<10)),
2177 EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL(0x1000 + 12), NULL((void*)0), NULL((void*)0),
2178 OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL"oaep-label", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2179
2180 { SET, EVP_PKEY_RSA_PSS912, 0, EVP_PKEY_OP_TYPE_GEN((1<<1) | (1<<2)),
2181 EVP_PKEY_CTRL_MD1, "rsa_pss_keygen_md", NULL((void*)0),
2182 OSSL_ALG_PARAM_DIGEST"digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2183 { SET, EVP_PKEY_RSA_PSS912, 0, EVP_PKEY_OP_TYPE_GEN((1<<1) | (1<<2)),
2184 EVP_PKEY_CTRL_RSA_MGF1_MD(0x1000 + 5), "rsa_pss_keygen_mgf1_md", NULL((void*)0),
2185 OSSL_PKEY_PARAM_MGF1_DIGEST"mgf1-digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2186 { SET, EVP_PKEY_RSA_PSS912, 0, EVP_PKEY_OP_TYPE_GEN((1<<1) | (1<<2)),
2187 EVP_PKEY_CTRL_RSA_PSS_SALTLEN(0x1000 + 2), "rsa_pss_keygen_saltlen", NULL((void*)0),
2188 OSSL_SIGNATURE_PARAM_PSS_SALTLEN"saltlen", OSSL_PARAM_INTEGER1, NULL((void*)0) },
2189 { SET, EVP_PKEY_RSA6, EVP_PKEY_RSA_PSS912, EVP_PKEY_OP_KEYGEN(1<<2),
2190 EVP_PKEY_CTRL_RSA_KEYGEN_BITS(0x1000 + 3), "rsa_keygen_bits", NULL((void*)0),
2191 OSSL_PKEY_PARAM_RSA_BITS"bits", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2192 { SET, EVP_PKEY_RSA6, 0, EVP_PKEY_OP_KEYGEN(1<<2),
2193 EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP(0x1000 + 4), "rsa_keygen_pubexp", NULL((void*)0),
2194 OSSL_PKEY_PARAM_RSA_E"e", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2195 { SET, EVP_PKEY_RSA6, 0, EVP_PKEY_OP_KEYGEN(1<<2),
2196 EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES(0x1000 + 13), "rsa_keygen_primes", NULL((void*)0),
2197 OSSL_PKEY_PARAM_RSA_PRIMES"primes", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2198
2199 /*-
2200 * SipHash
2201 * ======
2202 */
2203 { SET, -1, -1, EVP_PKEY_OP_TYPE_SIG((1<<4) | (1<<5) | (1<<6) | (1<<7) | (
1<<8)),
2204 EVP_PKEY_CTRL_SET_DIGEST_SIZE14, "digestsize", NULL((void*)0),
2205 OSSL_MAC_PARAM_SIZE"size", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2206
2207 /*-
2208 * TLS1-PRF
2209 * ========
2210 */
2211 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2212 EVP_PKEY_CTRL_TLS_MD(0x1000), "md", NULL((void*)0),
2213 OSSL_KDF_PARAM_DIGEST"digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2214 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2215 EVP_PKEY_CTRL_TLS_SECRET(0x1000 + 1), "secret", "hexsecret",
2216 OSSL_KDF_PARAM_SECRET"secret", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2217 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2218 EVP_PKEY_CTRL_TLS_SEED(0x1000 + 2), "seed", "hexseed",
2219 OSSL_KDF_PARAM_SEED"seed", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2220
2221 /*-
2222 * HKDF
2223 * ====
2224 */
2225 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2226 EVP_PKEY_CTRL_HKDF_MD(0x1000 + 3), "md", NULL((void*)0),
2227 OSSL_KDF_PARAM_DIGEST"digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2228 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2229 EVP_PKEY_CTRL_HKDF_SALT(0x1000 + 4), "salt", "hexsalt",
2230 OSSL_KDF_PARAM_SALT"salt", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2231 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2232 EVP_PKEY_CTRL_HKDF_KEY(0x1000 + 5), "key", "hexkey",
2233 OSSL_KDF_PARAM_KEY"key", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2234 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2235 EVP_PKEY_CTRL_HKDF_INFO(0x1000 + 6), "info", "hexinfo",
2236 OSSL_KDF_PARAM_INFO"info", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2237 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2238 EVP_PKEY_CTRL_HKDF_MODE(0x1000 + 7), "mode", NULL((void*)0),
2239 OSSL_KDF_PARAM_MODE"mode", OSSL_PARAM_INTEGER1, fix_hkdf_mode },
2240
2241 /*-
2242 * Scrypt
2243 * ======
2244 */
2245 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2246 EVP_PKEY_CTRL_PASS(0x1000 + 8), "pass", "hexpass",
2247 OSSL_KDF_PARAM_PASSWORD"pass", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2248 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2249 EVP_PKEY_CTRL_SCRYPT_SALT(0x1000 + 9), "salt", "hexsalt",
2250 OSSL_KDF_PARAM_SALT"salt", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2251 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2252 EVP_PKEY_CTRL_SCRYPT_N(0x1000 + 10), "N", NULL((void*)0),
2253 OSSL_KDF_PARAM_SCRYPT_N"n", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2254 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2255 EVP_PKEY_CTRL_SCRYPT_R(0x1000 + 11), "r", NULL((void*)0),
2256 OSSL_KDF_PARAM_SCRYPT_R"r", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2257 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2258 EVP_PKEY_CTRL_SCRYPT_P(0x1000 + 12), "p", NULL((void*)0),
2259 OSSL_KDF_PARAM_SCRYPT_P"p", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2260 { SET, -1, -1, EVP_PKEY_OP_DERIVE(1<<11),
2261 EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES(0x1000 + 13), "maxmem_bytes", NULL((void*)0),
2262 OSSL_KDF_PARAM_SCRYPT_MAXMEM"maxmem_bytes", OSSL_PARAM_UNSIGNED_INTEGER2, NULL((void*)0) },
2263
2264 { SET, -1, -1, EVP_PKEY_OP_KEYGEN(1<<2) | EVP_PKEY_OP_TYPE_CRYPT((1<<9) | (1<<10)),
2265 EVP_PKEY_CTRL_CIPHER12, NULL((void*)0), NULL((void*)0),
2266 OSSL_PKEY_PARAM_CIPHER"cipher", OSSL_PARAM_UTF8_STRING4, fix_cipher },
2267 { SET, -1, -1, EVP_PKEY_OP_KEYGEN(1<<2),
2268 EVP_PKEY_CTRL_SET_MAC_KEY6, "key", "hexkey",
2269 OSSL_PKEY_PARAM_PRIV_KEY"priv", OSSL_PARAM_OCTET_STRING5, NULL((void*)0) },
2270
2271 { SET, -1, -1, EVP_PKEY_OP_TYPE_SIG((1<<4) | (1<<5) | (1<<6) | (1<<7) | (
1<<8)),
2272 EVP_PKEY_CTRL_MD1, NULL((void*)0), NULL((void*)0),
2273 OSSL_SIGNATURE_PARAM_DIGEST"digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2274 { GET, -1, -1, EVP_PKEY_OP_TYPE_SIG((1<<4) | (1<<5) | (1<<6) | (1<<7) | (
1<<8)),
2275 EVP_PKEY_CTRL_GET_MD13, NULL((void*)0), NULL((void*)0),
2276 OSSL_SIGNATURE_PARAM_DIGEST"digest", OSSL_PARAM_UTF8_STRING4, fix_md },
2277};
2278
2279static const struct translation_st evp_pkey_translations[] = {
2280 /*
2281 * The following contain no ctrls, they are exclusively here to extract
2282 * key payloads from legacy keys, using OSSL_PARAMs, and rely entirely
2283 * on |fixup_args| to pass the actual data. The |fixup_args| should
2284 * expect to get the EVP_PKEY pointer through |ctx->p2|.
2285 */
2286
2287 /* DH, DSA & EC */
2288 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2289 OSSL_PKEY_PARAM_GROUP_NAME"group", OSSL_PARAM_UTF8_STRING4,
2290 get_payload_group_name },
2291 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2292 OSSL_PKEY_PARAM_PRIV_KEY"priv", OSSL_PARAM_UNSIGNED_INTEGER2,
2293 get_payload_private_key },
2294 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2295 OSSL_PKEY_PARAM_PUB_KEY"pub",
2296 0 /* no data type, let get_payload_public_key() handle that */,
2297 get_payload_public_key },
2298
2299 /* DH and DSA */
2300 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2301 OSSL_PKEY_PARAM_FFC_P"p", OSSL_PARAM_UNSIGNED_INTEGER2,
2302 get_dh_dsa_payload_p },
2303 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2304 OSSL_PKEY_PARAM_FFC_G"g", OSSL_PARAM_UNSIGNED_INTEGER2,
2305 get_dh_dsa_payload_g },
2306 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2307 OSSL_PKEY_PARAM_FFC_Q"q", OSSL_PARAM_UNSIGNED_INTEGER2,
2308 get_dh_dsa_payload_q },
2309
2310 /* RSA */
2311 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2312 OSSL_PKEY_PARAM_RSA_N"n", OSSL_PARAM_UNSIGNED_INTEGER2,
2313 get_rsa_payload_n },
2314 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2315 OSSL_PKEY_PARAM_RSA_E"e", OSSL_PARAM_UNSIGNED_INTEGER2,
2316 get_rsa_payload_e },
2317 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2318 OSSL_PKEY_PARAM_RSA_D"d", OSSL_PARAM_UNSIGNED_INTEGER2,
2319 get_rsa_payload_d },
2320 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2321 OSSL_PKEY_PARAM_RSA_FACTOR1"rsa-factor""1", OSSL_PARAM_UNSIGNED_INTEGER2,
2322 get_rsa_payload_f1 },
2323 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2324 OSSL_PKEY_PARAM_RSA_FACTOR2"rsa-factor""2", OSSL_PARAM_UNSIGNED_INTEGER2,
2325 get_rsa_payload_f2 },
2326 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2327 OSSL_PKEY_PARAM_RSA_FACTOR3"rsa-factor""3", OSSL_PARAM_UNSIGNED_INTEGER2,
2328 get_rsa_payload_f3 },
2329 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2330 OSSL_PKEY_PARAM_RSA_FACTOR4"rsa-factor""4", OSSL_PARAM_UNSIGNED_INTEGER2,
2331 get_rsa_payload_f4 },
2332 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2333 OSSL_PKEY_PARAM_RSA_FACTOR5"rsa-factor""5", OSSL_PARAM_UNSIGNED_INTEGER2,
2334 get_rsa_payload_f5 },
2335 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2336 OSSL_PKEY_PARAM_RSA_FACTOR6"rsa-factor""6", OSSL_PARAM_UNSIGNED_INTEGER2,
2337 get_rsa_payload_f6 },
2338 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2339 OSSL_PKEY_PARAM_RSA_FACTOR7"rsa-factor""7", OSSL_PARAM_UNSIGNED_INTEGER2,
2340 get_rsa_payload_f7 },
2341 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2342 OSSL_PKEY_PARAM_RSA_FACTOR8"rsa-factor""8", OSSL_PARAM_UNSIGNED_INTEGER2,
2343 get_rsa_payload_f8 },
2344 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2345 OSSL_PKEY_PARAM_RSA_FACTOR9"rsa-factor""9", OSSL_PARAM_UNSIGNED_INTEGER2,
2346 get_rsa_payload_f9 },
2347 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2348 OSSL_PKEY_PARAM_RSA_FACTOR10"rsa-factor""10", OSSL_PARAM_UNSIGNED_INTEGER2,
2349 get_rsa_payload_f10 },
2350 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2351 OSSL_PKEY_PARAM_RSA_EXPONENT1"rsa-exponent""1", OSSL_PARAM_UNSIGNED_INTEGER2,
2352 get_rsa_payload_e1 },
2353 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2354 OSSL_PKEY_PARAM_RSA_EXPONENT2"rsa-exponent""2", OSSL_PARAM_UNSIGNED_INTEGER2,
2355 get_rsa_payload_e2 },
2356 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2357 OSSL_PKEY_PARAM_RSA_EXPONENT3"rsa-exponent""3", OSSL_PARAM_UNSIGNED_INTEGER2,
2358 get_rsa_payload_e3 },
2359 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2360 OSSL_PKEY_PARAM_RSA_EXPONENT4"rsa-exponent""4", OSSL_PARAM_UNSIGNED_INTEGER2,
2361 get_rsa_payload_e4 },
2362 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2363 OSSL_PKEY_PARAM_RSA_EXPONENT5"rsa-exponent""5", OSSL_PARAM_UNSIGNED_INTEGER2,
2364 get_rsa_payload_e5 },
2365 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2366 OSSL_PKEY_PARAM_RSA_EXPONENT6"rsa-exponent""6", OSSL_PARAM_UNSIGNED_INTEGER2,
2367 get_rsa_payload_e6 },
2368 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2369 OSSL_PKEY_PARAM_RSA_EXPONENT7"rsa-exponent""7", OSSL_PARAM_UNSIGNED_INTEGER2,
2370 get_rsa_payload_e7 },
2371 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2372 OSSL_PKEY_PARAM_RSA_EXPONENT8"rsa-exponent""8", OSSL_PARAM_UNSIGNED_INTEGER2,
2373 get_rsa_payload_e8 },
2374 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2375 OSSL_PKEY_PARAM_RSA_EXPONENT9"rsa-exponent""9", OSSL_PARAM_UNSIGNED_INTEGER2,
2376 get_rsa_payload_e9 },
2377 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2378 OSSL_PKEY_PARAM_RSA_EXPONENT10"rsa-exponent""10", OSSL_PARAM_UNSIGNED_INTEGER2,
2379 get_rsa_payload_e10 },
2380 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2381 OSSL_PKEY_PARAM_RSA_COEFFICIENT1"rsa-coefficient""1", OSSL_PARAM_UNSIGNED_INTEGER2,
2382 get_rsa_payload_c1 },
2383 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2384 OSSL_PKEY_PARAM_RSA_COEFFICIENT2"rsa-coefficient""2", OSSL_PARAM_UNSIGNED_INTEGER2,
2385 get_rsa_payload_c2 },
2386 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2387 OSSL_PKEY_PARAM_RSA_COEFFICIENT3"rsa-coefficient""3", OSSL_PARAM_UNSIGNED_INTEGER2,
2388 get_rsa_payload_c3 },
2389 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2390 OSSL_PKEY_PARAM_RSA_COEFFICIENT4"rsa-coefficient""4", OSSL_PARAM_UNSIGNED_INTEGER2,
2391 get_rsa_payload_c4 },
2392 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2393 OSSL_PKEY_PARAM_RSA_COEFFICIENT5"rsa-coefficient""5", OSSL_PARAM_UNSIGNED_INTEGER2,
2394 get_rsa_payload_c5 },
2395 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2396 OSSL_PKEY_PARAM_RSA_COEFFICIENT6"rsa-coefficient""6", OSSL_PARAM_UNSIGNED_INTEGER2,
2397 get_rsa_payload_c6 },
2398 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2399 OSSL_PKEY_PARAM_RSA_COEFFICIENT7"rsa-coefficient""7", OSSL_PARAM_UNSIGNED_INTEGER2,
2400 get_rsa_payload_c7 },
2401 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2402 OSSL_PKEY_PARAM_RSA_COEFFICIENT8"rsa-coefficient""8", OSSL_PARAM_UNSIGNED_INTEGER2,
2403 get_rsa_payload_c8 },
2404 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2405 OSSL_PKEY_PARAM_RSA_COEFFICIENT9"rsa-coefficient""9", OSSL_PARAM_UNSIGNED_INTEGER2,
2406 get_rsa_payload_c9 },
2407
2408 /* EC */
2409 { GET, -1, -1, -1, 0, NULL((void*)0), NULL((void*)0),
2410 OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS"decoded-from-explicit", OSSL_PARAM_INTEGER1,
2411 get_ec_decoded_from_explicit_params },
2412};
2413
2414static const struct translation_st *
2415lookup_translation(struct translation_st *tmpl,
2416 const struct translation_st *translations,
2417 size_t translations_num)
2418{
2419 size_t i;
2420
2421 for (i = 0; i < translations_num; i++) {
2422 const struct translation_st *item = &translations[i];
2423
2424 /*
2425 * Sanity check the translation table item.
2426 *
2427 * 1. Either both keytypes are -1, or neither of them are.
2428 * 2. TBA...
2429 */
2430 if (!ossl_assert((item->keytype1 == -1) == (item->keytype2 == -1))(((item->keytype1 == -1) == (item->keytype2 == -1)) != 0
))
2431 continue;
2432
2433
2434 /*
2435 * Base search criteria: check that the optype and keytypes match,
2436 * if relevant. All callers must synthesise these bits somehow.
2437 */
2438 if (item->optype != -1 && (tmpl->optype & item->optype) == 0)
2439 continue;
2440 /*
2441 * This expression is stunningly simple thanks to the sanity check
2442 * above.
2443 */
2444 if (item->keytype1 != -1
2445 && tmpl->keytype1 != item->keytype1
2446 && tmpl->keytype2 != item->keytype2)
2447 continue;
2448
2449 /*
2450 * Done with the base search criteria, now we check the criteria for
2451 * the individual types of translations:
2452 * ctrl->params, ctrl_str->params, and params->ctrl
2453 */
2454 if (tmpl->ctrl_num != 0) {
2455 if (tmpl->ctrl_num != item->ctrl_num)
2456 continue;
2457 } else if (tmpl->ctrl_str != NULL((void*)0)) {
2458 const char *ctrl_str = NULL((void*)0);
2459 const char *ctrl_hexstr = NULL((void*)0);
2460
2461 /*
2462 * Search criteria that originates from a ctrl_str is only used
2463 * for setting, never for getting. Therefore, we only look at
2464 * the setter items.
2465 */
2466 if (item->action_type != NONE
2467 && item->action_type != SET)
2468 continue;
2469 /*
2470 * At least one of the ctrl cmd names must be match the ctrl
2471 * cmd name in the template.
2472 */
2473 if (item->ctrl_str != NULL((void*)0)
2474 && OPENSSL_strcasecmp(tmpl->ctrl_str, item->ctrl_str) == 0)
2475 ctrl_str = tmpl->ctrl_str;
2476 else if (item->ctrl_hexstr != NULL((void*)0)
2477 && OPENSSL_strcasecmp(tmpl->ctrl_hexstr,
2478 item->ctrl_hexstr) == 0)
2479 ctrl_hexstr = tmpl->ctrl_hexstr;
2480 else
2481 continue;
2482
2483 /* Modify the template to signal which string matched */
2484 tmpl->ctrl_str = ctrl_str;
2485 tmpl->ctrl_hexstr = ctrl_hexstr;
2486 } else if (tmpl->param_key != NULL((void*)0)) {
2487 /*
2488 * Search criteria that originates from a OSSL_PARAM setter or
2489 * getter.
2490 *
2491 * Ctrls were fundamentally bidirectional, with only the ctrl
2492 * command macro name implying direction (if you're lucky).
2493 * A few ctrl commands were even taking advantage of the
2494 * bidirectional nature, making the direction depend in the
2495 * value of the numeric argument.
2496 *
2497 * OSSL_PARAM functions are fundamentally different, in that
2498 * setters and getters are separated, so the data direction is
2499 * implied by the function that's used. The same OSSL_PARAM
2500 * key name can therefore be used in both directions. We must
2501 * therefore take the action type into account in this case.
2502 */
2503 if ((item->action_type != NONE
2504 && tmpl->action_type != item->action_type)
2505 || (item->param_key != NULL((void*)0)
2506 && OPENSSL_strcasecmp(tmpl->param_key,
2507 item->param_key) != 0))
2508 continue;
2509 } else {
2510 return NULL((void*)0);
2511 }
2512
2513 return item;
2514 }
2515
2516 return NULL((void*)0);
2517}
2518
2519static const struct translation_st *
2520lookup_evp_pkey_ctx_translation(struct translation_st *tmpl)
2521{
2522 return lookup_translation(tmpl, evp_pkey_ctx_translations,
2523 OSSL_NELEM(evp_pkey_ctx_translations)(sizeof(evp_pkey_ctx_translations)/sizeof((evp_pkey_ctx_translations
)[0])));
2524}
2525
2526static const struct translation_st *
2527lookup_evp_pkey_translation(struct translation_st *tmpl)
2528{
2529 return lookup_translation(tmpl, evp_pkey_translations,
2530 OSSL_NELEM(evp_pkey_translations)(sizeof(evp_pkey_translations)/sizeof((evp_pkey_translations)
[0])));
2531}
2532
2533/* This must ONLY be called for provider side operations */
2534int evp_pkey_ctx_ctrl_to_param(EVP_PKEY_CTX *pctx,
2535 int keytype, int optype,
2536 int cmd, int p1, void *p2)
2537{
2538 struct translation_ctx_st ctx = { 0, };
2539 struct translation_st tmpl = { 0, };
2540 const struct translation_st *translation = NULL((void*)0);
2541 OSSL_PARAM params[2] = { OSSL_PARAM_END{ ((void*)0), 0, ((void*)0), 0, 0 }, OSSL_PARAM_END{ ((void*)0), 0, ((void*)0), 0, 0 } };
2542 int ret;
2543 fixup_args_fn *fixup = default_fixup_args;
2544
2545 if (keytype == -1)
2546 keytype = pctx->legacy_keytype;
2547 tmpl.ctrl_num = cmd;
2548 tmpl.keytype1 = tmpl.keytype2 = keytype;
2549 tmpl.optype = optype;
2550 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2551
2552 if (translation == NULL((void*)0)) {
2553 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED)(ERR_new(), ERR_set_debug("../deps/openssl/openssl/crypto/evp/ctrl_params_translate.c"
,2553,__func__), ERR_set_error)((6),(147),((void*)0));
2554 return -2;
2555 }
2556
2557 if (pctx->pmeth != NULL((void*)0)
2558 && pctx->pmeth->pkey_id != translation->keytype1
2559 && pctx->pmeth->pkey_id != translation->keytype2)
2560 return -1;
2561
2562 if (translation->fixup_args != NULL((void*)0))
2563 fixup = translation->fixup_args;
2564 ctx.action_type = translation->action_type;
2565 ctx.ctrl_cmd = cmd;
2566 ctx.p1 = p1;
2567 ctx.p2 = p2;
2568 ctx.pctx = pctx;
2569 ctx.params = params;
2570
2571 ret = fixup(PRE_CTRL_TO_PARAMS, translation, &ctx);
2572
2573 if (ret > 0) {
2574 switch (ctx.action_type) {
2575 default:
2576 /* fixup_args is expected to make sure this is dead code */
2577 break;
2578 case GET:
2579 ret = evp_pkey_ctx_get_params_strict(pctx, ctx.params);
2580 break;
2581 case SET:
2582 ret = evp_pkey_ctx_set_params_strict(pctx, ctx.params);
2583 break;
2584 }
2585 }
2586
2587 /*
2588 * In POST, we pass the return value as p1, allowing the fixup_args
2589 * function to affect it by changing its value.
2590 */
2591 if (ret > 0) {
2592 ctx.p1 = ret;
2593 fixup(POST_CTRL_TO_PARAMS, translation, &ctx);
2594 ret = ctx.p1;
2595 }
2596
2597 cleanup_translation_ctx(POST_CTRL_TO_PARAMS, translation, &ctx);
2598
2599 return ret;
2600}
2601
2602/* This must ONLY be called for provider side operations */
2603int evp_pkey_ctx_ctrl_str_to_param(EVP_PKEY_CTX *pctx,
2604 const char *name, const char *value)
2605{
2606 struct translation_ctx_st ctx = { 0, };
2607 struct translation_st tmpl = { 0, };
2608 const struct translation_st *translation = NULL((void*)0);
2609 OSSL_PARAM params[2] = { OSSL_PARAM_END{ ((void*)0), 0, ((void*)0), 0, 0 }, OSSL_PARAM_END{ ((void*)0), 0, ((void*)0), 0, 0 } };
2610 int keytype = pctx->legacy_keytype;
2611 int optype = pctx->operation == 0 ? -1 : pctx->operation;
2612 int ret;
2613 fixup_args_fn *fixup = default_fixup_args;
2614
2615 tmpl.action_type = SET;
2616 tmpl.keytype1 = tmpl.keytype2 = keytype;
2617 tmpl.optype = optype;
2618 tmpl.ctrl_str = name;
2619 tmpl.ctrl_hexstr = name;
2620 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2621
2622 if (translation != NULL((void*)0)) {
2623 if (translation->fixup_args != NULL((void*)0))
2624 fixup = translation->fixup_args;
2625 ctx.action_type = translation->action_type;
2626 ctx.ishex = (tmpl.ctrl_hexstr != NULL((void*)0));
2627 } else {
2628 /* String controls really only support setting */
2629 ctx.action_type = SET;
2630 }
2631 ctx.ctrl_str = name;
2632 ctx.p1 = (int)strlen(value);
2633 ctx.p2 = (char *)value;
2634 ctx.pctx = pctx;
2635 ctx.params = params;
2636
2637 ret = fixup(PRE_CTRL_STR_TO_PARAMS, translation, &ctx);
2638
2639 if (ret > 0) {
2640 switch (ctx.action_type) {
2641 default:
2642 /* fixup_args is expected to make sure this is dead code */
2643 break;
2644 case GET:
2645 /*
2646 * this is dead code, but must be present, or some compilers
2647 * will complain
2648 */
2649 break;
2650 case SET:
2651 ret = evp_pkey_ctx_set_params_strict(pctx, ctx.params);
2652 break;
2653 }
2654 }
2655
2656 if (ret > 0)
2657 ret = fixup(POST_CTRL_STR_TO_PARAMS, translation, &ctx);
2658
2659 cleanup_translation_ctx(CLEANUP_CTRL_STR_TO_PARAMS, translation, &ctx);
2660
2661 return ret;
2662}
2663
2664/* This must ONLY be called for legacy operations */
2665static int evp_pkey_ctx_setget_params_to_ctrl(EVP_PKEY_CTX *pctx,
2666 enum action action_type,
2667 OSSL_PARAM *params)
2668{
2669 int keytype = pctx->legacy_keytype;
2670 int optype = pctx->operation == 0 ? -1 : pctx->operation;
2671
2672 for (; params != NULL((void*)0) && params->key != NULL((void*)0); params++) {
2673 struct translation_ctx_st ctx = { 0, };
2674 struct translation_st tmpl = { 0, };
2675 const struct translation_st *translation = NULL((void*)0);
2676 fixup_args_fn *fixup = default_fixup_args;
2677 int ret;
2678
2679 tmpl.action_type = action_type;
2680 tmpl.keytype1 = tmpl.keytype2 = keytype;
2681 tmpl.optype = optype;
2682 tmpl.param_key = params->key;
2683 translation = lookup_evp_pkey_ctx_translation(&tmpl);
2684
2685 if (translation != NULL((void*)0)) {
2686 if (translation->fixup_args != NULL((void*)0))
2687 fixup = translation->fixup_args;
2688 ctx.action_type = translation->action_type;
2689 }
2690 ctx.pctx = pctx;
2691 ctx.params = params;
2692
2693 ret = fixup(PRE_PARAMS_TO_CTRL, translation, &ctx);
2694
2695 if (ret > 0 && action_type != NONE)
2696 ret = EVP_PKEY_CTX_ctrl(pctx, keytype, optype,
2697 ctx.ctrl_cmd, ctx.p1, ctx.p2);
2698
2699 /*
2700 * In POST, we pass the return value as p1, allowing the fixup_args
2701 * function to put it to good use, or maybe affect it.
2702 */
2703 if (ret > 0) {
2704 ctx.p1 = ret;
2705 fixup(POST_PARAMS_TO_CTRL, translation, &ctx);
2706 ret = ctx.p1;
2707 }
2708
2709 cleanup_translation_ctx(CLEANUP_PARAMS_TO_CTRL, translation, &ctx);
2710
2711 if (ret <= 0)
2712 return 0;
2713 }
2714 return 1;
2715}
2716
2717int evp_pkey_ctx_set_params_to_ctrl(EVP_PKEY_CTX *ctx, const OSSL_PARAM *params)
2718{
2719 return evp_pkey_ctx_setget_params_to_ctrl(ctx, SET, (OSSL_PARAM *)params);
2720}
2721
2722int evp_pkey_ctx_get_params_to_ctrl(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
2723{
2724 return evp_pkey_ctx_setget_params_to_ctrl(ctx, GET, params);
2725}
2726
2727/* This must ONLY be called for legacy EVP_PKEYs */
2728static int evp_pkey_setget_params_to_ctrl(const EVP_PKEY *pkey,
2729 enum action action_type,
2730 OSSL_PARAM *params)
2731{
2732 int ret = 1;
2733
2734 for (; params != NULL((void*)0) && params->key != NULL((void*)0); params++) {
2735 struct translation_ctx_st ctx = { 0, };
2736 struct translation_st tmpl = { 0, };
2737 const struct translation_st *translation = NULL((void*)0);
2738 fixup_args_fn *fixup = default_fixup_args;
2739
2740 tmpl.action_type = action_type;
2741 tmpl.param_key = params->key;
2742 translation = lookup_evp_pkey_translation(&tmpl);
2743
2744 if (translation != NULL((void*)0)) {
2745 if (translation->fixup_args != NULL((void*)0))
2746 fixup = translation->fixup_args;
2747 ctx.action_type = translation->action_type;
2748 }
2749 ctx.p2 = (void *)pkey;
2750 ctx.params = params;
2751
2752 /*
2753 * EVP_PKEY doesn't have any ctrl function, so we rely completely
2754 * on fixup_args to do the whole work. Also, we currently only
2755 * support getting.
2756 */
2757 if (!ossl_assert(translation != NULL)((translation != ((void*)0)) != 0)
2758 || !ossl_assert(translation->action_type == GET)((translation->action_type == GET) != 0)
2759 || !ossl_assert(translation->fixup_args != NULL)((translation->fixup_args != ((void*)0)) != 0)) {
2760 return -2;
2761 }
2762
2763 ret = fixup(PKEY, translation, &ctx);
2764
2765 cleanup_translation_ctx(PKEY, translation, &ctx);
2766 }
2767 return ret;
2768}
2769
2770int evp_pkey_get_params_to_ctrl(const EVP_PKEY *pkey, OSSL_PARAM *params)
2771{
2772 return evp_pkey_setget_params_to_ctrl(pkey, GET, params);
2773}