Teach EdDSA signature algorithms about AlgorithmIdentifiers

The other signature algorithms know how to create their own
AlgorithmIdentifiers, but the EdDSA algorithms missed this.

Fixes #11875

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12884)

5 files changed, 116 insertions, 0 deletions

diff --git a/providers/common/der/ECX.asn1 b/providers/common/der/ECX.asn1
new file mode 100644
index 0000000000..72d1b451ae
--- /dev/null
+++ b/providers/common/der/ECX.asn1
@@ -0,0 +1,11 @@
+
+-- -------------------------------------------------------------------
+-- Taken from RFC 8410, 9  ASN.1 Module
+-- (https://tools.ietf.org/html/rfc8410#section-9)
+
+id-edwards-curve-algs OBJECT IDENTIFIER ::= { 1 3 101 }
+
+id-X25519        OBJECT IDENTIFIER ::= { id-edwards-curve-algs 110 }
+id-X448          OBJECT IDENTIFIER ::= { id-edwards-curve-algs 111 }
+id-Ed25519       OBJECT IDENTIFIER ::= { id-edwards-curve-algs 112 }
+id-Ed448         OBJECT IDENTIFIER ::= { id-edwards-curve-algs 113 }
diff --git a/providers/common/der/build.info b/providers/common/der/build.info
index f7eb86fdfb..60c0d8e66c 100644
--- a/providers/common/der/build.info
+++ b/providers/common/der/build.info
@@ -50,6 +50,19 @@ DEPEND[${DER_EC_GEN/.c/.o}]=$DER_EC_H
 GENERATE[$DER_EC_H]=der_ec.h.in
 DEPEND[$DER_EC_H]=oids_to_c.pm
 
+#----- ECX
+$DER_ECX_H=../include/prov/der_ecx.h
+$DER_ECX_GEN=der_ecx_gen.c
+$DER_ECX_AUX=der_ecx_key.c
+
+GENERATE[$DER_ECX_GEN]=der_ecx_gen.c.in
+DEPEND[$DER_ECX_GEN]=oids_to_c.pm
+
+DEPEND[${DER_ECX_AUX/.c/.o}]=$DER_ECX_H
+DEPEND[${DER_ECX_GEN/.c/.o}]=$DER_ECX_H
+GENERATE[$DER_ECX_H]=der_ecx.h.in
+DEPEND[$DER_ECX_H]=oids_to_c.pm
+
 #----- KEY WRAP
 $DER_WRAP_H=../include/prov/der_wrap.h
 $DER_WRAP_GEN=der_wrap_gen.c
@@ -73,5 +86,9 @@ $COMMON=\
         $DER_DIGESTS_GEN \
         $DER_WRAP_GEN
 
+IF[{- !$disabled{ec} -}]
+  $COMMON = $COMMON $DER_ECX_GEN $DER_ECX_AUX
+ENDIF
+
 SOURCE[../../libfips.a]=$COMMON $DER_RSA_FIPSABLE
 SOURCE[../../libnonfips.a]=$COMMON $DER_RSA_FIPSABLE
diff --git a/providers/common/der/der_ecx.h.in b/providers/common/der/der_ecx.h.in
new file mode 100644
index 0000000000..9d9a82e399
--- /dev/null
+++ b/providers/common/der/der_ecx.h.in
@@ -0,0 +1,23 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "internal/der.h"
+#include "crypto/ecx.h"
+
+/* Well known OIDs precompiled */
+{-
+    $OUT = oids_to_c::process_leaves('providers/common/der/ECX.asn1',
+                                     { dir => $config{sourcedir},
+                                       filter => \&oids_to_c::filter_to_H });
+-}
+
+int DER_w_algorithmIdentifier_ED25519(WPACKET *pkt, int cont, ECX_KEY *ec);
+int DER_w_algorithmIdentifier_ED448(WPACKET *pkt, int cont, ECX_KEY *ec);
+int DER_w_algorithmIdentifier_X25519(WPACKET *pkt, int cont, ECX_KEY *ec);
+int DER_w_algorithmIdentifier_X448(WPACKET *pkt, int cont, ECX_KEY *ec);
diff --git a/providers/common/der/der_ecx_gen.c.in b/providers/common/der/der_ecx_gen.c.in
new file mode 100644
index 0000000000..a0ed9dd0b2
--- /dev/null
+++ b/providers/common/der/der_ecx_gen.c.in
@@ -0,0 +1,17 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "prov/der_ecx.h"
+
+/* Well known OIDs precompiled */
+{-
+    $OUT = oids_to_c::process_leaves('providers/common/der/ECX.asn1',
+                                     { dir => $config{sourcedir},
+                                       filter => \&oids_to_c::filter_to_C });
+-}
diff --git a/providers/common/der/der_ecx_key.c b/providers/common/der/der_ecx_key.c
new file mode 100644
index 0000000000..206795ed93
--- /dev/null
+++ b/providers/common/der/der_ecx_key.c
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/obj_mac.h>
+#include "internal/packet.h"
+#include "prov/der_ecx.h"
+
+int DER_w_algorithmIdentifier_X25519(WPACKET *pkt, int cont, ECX_KEY *ec)
+{
+    return DER_w_begin_sequence(pkt, cont)
+        /* No parameters (yet?) */
+        && DER_w_precompiled(pkt, -1, der_oid_id_X25519,
+                             sizeof(der_oid_id_X25519))
+        && DER_w_end_sequence(pkt, cont);
+}
+
+int DER_w_algorithmIdentifier_X448(WPACKET *pkt, int cont, ECX_KEY *ec)
+{
+    return DER_w_begin_sequence(pkt, cont)
+        /* No parameters (yet?) */
+        && DER_w_precompiled(pkt, -1, der_oid_id_X448,
+                             sizeof(der_oid_id_X448))
+        && DER_w_end_sequence(pkt, cont);
+}
+
+int DER_w_algorithmIdentifier_ED25519(WPACKET *pkt, int cont, ECX_KEY *ec)
+{
+    return DER_w_begin_sequence(pkt, cont)
+        /* No parameters (yet?) */
+        && DER_w_precompiled(pkt, -1, der_oid_id_Ed25519,
+                             sizeof(der_oid_id_Ed25519))
+        && DER_w_end_sequence(pkt, cont);
+}
+
+int DER_w_algorithmIdentifier_ED448(WPACKET *pkt, int cont, ECX_KEY *ec)
+{
+    return DER_w_begin_sequence(pkt, cont)
+        /* No parameters (yet?) */
+        && DER_w_precompiled(pkt, -1, der_oid_id_Ed448,
+                             sizeof(der_oid_id_Ed448))
+        && DER_w_end_sequence(pkt, cont);
+}