diff options
author | Matt Caswell <matt@openssl.org> | 2020-09-15 16:20:51 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-09-18 15:26:28 +0100 |
commit | d12a2fe4e73439af46cd545c3e04d80667dc0297 (patch) | |
tree | 6f77778e182aeb1ad1dedb07a0a65421cb79501d /providers/common | |
parent | 991a6bb58182d4d2077a68eb813c897b7de73462 (diff) |
Teach EdDSA signature algorithms about AlgorithmIdentifiers
The other signature algorithms know how to create their own
AlgorithmIdentifiers, but the EdDSA algorithms missed this.
Fixes #11875
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12884)
Diffstat (limited to 'providers/common')
-rw-r--r-- | providers/common/der/ECX.asn1 | 11 | ||||
-rw-r--r-- | providers/common/der/build.info | 17 | ||||
-rw-r--r-- | providers/common/der/der_ecx.h.in | 23 | ||||
-rw-r--r-- | providers/common/der/der_ecx_gen.c.in | 17 | ||||
-rw-r--r-- | providers/common/der/der_ecx_key.c | 48 |
5 files changed, 116 insertions, 0 deletions
diff --git a/providers/common/der/ECX.asn1 b/providers/common/der/ECX.asn1 new file mode 100644 index 0000000000..72d1b451ae --- /dev/null +++ b/providers/common/der/ECX.asn1 @@ -0,0 +1,11 @@ + +-- ------------------------------------------------------------------- +-- Taken from RFC 8410, 9 ASN.1 Module +-- (https://tools.ietf.org/html/rfc8410#section-9) + +id-edwards-curve-algs OBJECT IDENTIFIER ::= { 1 3 101 } + +id-X25519 OBJECT IDENTIFIER ::= { id-edwards-curve-algs 110 } +id-X448 OBJECT IDENTIFIER ::= { id-edwards-curve-algs 111 } +id-Ed25519 OBJECT IDENTIFIER ::= { id-edwards-curve-algs 112 } +id-Ed448 OBJECT IDENTIFIER ::= { id-edwards-curve-algs 113 } diff --git a/providers/common/der/build.info b/providers/common/der/build.info index f7eb86fdfb..60c0d8e66c 100644 --- a/providers/common/der/build.info +++ b/providers/common/der/build.info @@ -50,6 +50,19 @@ DEPEND[${DER_EC_GEN/.c/.o}]=$DER_EC_H GENERATE[$DER_EC_H]=der_ec.h.in DEPEND[$DER_EC_H]=oids_to_c.pm +#----- ECX +$DER_ECX_H=../include/prov/der_ecx.h +$DER_ECX_GEN=der_ecx_gen.c +$DER_ECX_AUX=der_ecx_key.c + +GENERATE[$DER_ECX_GEN]=der_ecx_gen.c.in +DEPEND[$DER_ECX_GEN]=oids_to_c.pm + +DEPEND[${DER_ECX_AUX/.c/.o}]=$DER_ECX_H +DEPEND[${DER_ECX_GEN/.c/.o}]=$DER_ECX_H +GENERATE[$DER_ECX_H]=der_ecx.h.in +DEPEND[$DER_ECX_H]=oids_to_c.pm + #----- KEY WRAP $DER_WRAP_H=../include/prov/der_wrap.h $DER_WRAP_GEN=der_wrap_gen.c @@ -73,5 +86,9 @@ $COMMON=\ $DER_DIGESTS_GEN \ $DER_WRAP_GEN +IF[{- !$disabled{ec} -}] + $COMMON = $COMMON $DER_ECX_GEN $DER_ECX_AUX +ENDIF + SOURCE[../../libfips.a]=$COMMON $DER_RSA_FIPSABLE SOURCE[../../libnonfips.a]=$COMMON $DER_RSA_FIPSABLE diff --git a/providers/common/der/der_ecx.h.in b/providers/common/der/der_ecx.h.in new file mode 100644 index 0000000000..9d9a82e399 --- /dev/null +++ b/providers/common/der/der_ecx.h.in @@ -0,0 +1,23 @@ +/* + * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "internal/der.h" +#include "crypto/ecx.h" + +/* Well known OIDs precompiled */ +{- + $OUT = oids_to_c::process_leaves('providers/common/der/ECX.asn1', + { dir => $config{sourcedir}, + filter => \&oids_to_c::filter_to_H }); +-} + +int DER_w_algorithmIdentifier_ED25519(WPACKET *pkt, int cont, ECX_KEY *ec); +int DER_w_algorithmIdentifier_ED448(WPACKET *pkt, int cont, ECX_KEY *ec); +int DER_w_algorithmIdentifier_X25519(WPACKET *pkt, int cont, ECX_KEY *ec); +int DER_w_algorithmIdentifier_X448(WPACKET *pkt, int cont, ECX_KEY *ec); diff --git a/providers/common/der/der_ecx_gen.c.in b/providers/common/der/der_ecx_gen.c.in new file mode 100644 index 0000000000..a0ed9dd0b2 --- /dev/null +++ b/providers/common/der/der_ecx_gen.c.in @@ -0,0 +1,17 @@ +/* + * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "prov/der_ecx.h" + +/* Well known OIDs precompiled */ +{- + $OUT = oids_to_c::process_leaves('providers/common/der/ECX.asn1', + { dir => $config{sourcedir}, + filter => \&oids_to_c::filter_to_C }); +-} diff --git a/providers/common/der/der_ecx_key.c b/providers/common/der/der_ecx_key.c new file mode 100644 index 0000000000..206795ed93 --- /dev/null +++ b/providers/common/der/der_ecx_key.c @@ -0,0 +1,48 @@ +/* + * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <openssl/obj_mac.h> +#include "internal/packet.h" +#include "prov/der_ecx.h" + +int DER_w_algorithmIdentifier_X25519(WPACKET *pkt, int cont, ECX_KEY *ec) +{ + return DER_w_begin_sequence(pkt, cont) + /* No parameters (yet?) */ + && DER_w_precompiled(pkt, -1, der_oid_id_X25519, + sizeof(der_oid_id_X25519)) + && DER_w_end_sequence(pkt, cont); +} + +int DER_w_algorithmIdentifier_X448(WPACKET *pkt, int cont, ECX_KEY *ec) +{ + return DER_w_begin_sequence(pkt, cont) + /* No parameters (yet?) */ + && DER_w_precompiled(pkt, -1, der_oid_id_X448, + sizeof(der_oid_id_X448)) + && DER_w_end_sequence(pkt, cont); +} + +int DER_w_algorithmIdentifier_ED25519(WPACKET *pkt, int cont, ECX_KEY *ec) +{ + return DER_w_begin_sequence(pkt, cont) + /* No parameters (yet?) */ + && DER_w_precompiled(pkt, -1, der_oid_id_Ed25519, + sizeof(der_oid_id_Ed25519)) + && DER_w_end_sequence(pkt, cont); +} + +int DER_w_algorithmIdentifier_ED448(WPACKET *pkt, int cont, ECX_KEY *ec) +{ + return DER_w_begin_sequence(pkt, cont) + /* No parameters (yet?) */ + && DER_w_precompiled(pkt, -1, der_oid_id_Ed448, + sizeof(der_oid_id_Ed448)) + && DER_w_end_sequence(pkt, cont); +} |