diff options
| author | Richard Levitte <levitte@openssl.org> | 2021-05-27 12:34:03 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2021-06-09 17:00:10 +0200 |
| commit | 6a2b8ff392a304bbb106528653397b864acc53fa (patch) | |
| tree | 75bd836ad9cec6eec65f270fd4db4b893f73b939 /providers/implementations/include | |
| parent | 320fc032b98cc452c5dc96600b16da40b155123b (diff) | |
Decoding PKCS#8: separate decoding of encrypted and unencrypted PKCS#8
This has us switch from the 'structure' "pkcs8" to "PrivateKeyInfo",
which is sensible considering we already have "SubjectPublicKeyInfo".
We also add "EncryptedPrivateKeyInfo", and use it for a special decoder
that detects and decrypts an EncryptedPrivateKeyInfo structured DER
blob into a PrivateKeyInfo structured DER blob and passes that on to
the next decoder implementation.
The result of this change is that PKCS#8 decryption should only happen
once per decoding instead of once for every expected key type.
Furthermore, this new decoder implementation sets the data type to the
OID of the algorithmIdentifier field, thus reducing how many decoder
implementations are tentativaly run further down the call chain.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15498)
Diffstat (limited to 'providers/implementations/include')
| -rw-r--r-- | providers/implementations/include/prov/implementations.h | 67 |
1 files changed, 34 insertions, 33 deletions
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h index ae09ccd506..7b59e7308d 100644 --- a/providers/implementations/include/prov/implementations.h +++ b/providers/implementations/include/prov/implementations.h @@ -323,8 +323,8 @@ extern const OSSL_DISPATCH ossl_rsa_asym_kem_functions[]; /* Encoders */ extern const OSSL_DISPATCH ossl_rsa_to_PKCS1_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_rsa_to_PKCS1_pem_encoder_functions[]; -extern const OSSL_DISPATCH ossl_rsa_to_PKCS8_der_encoder_functions[]; -extern const OSSL_DISPATCH ossl_rsa_to_PKCS8_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_rsa_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_rsa_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_rsa_to_RSA_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_rsa_to_RSA_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_rsa_to_SubjectPublicKeyInfo_der_encoder_functions[]; @@ -337,8 +337,8 @@ extern const OSSL_DISPATCH ossl_rsa_to_type_specific_keypair_pem_encoder_functio extern const OSSL_DISPATCH ossl_rsapss_to_PKCS1_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_rsapss_to_PKCS1_pem_encoder_functions[]; -extern const OSSL_DISPATCH ossl_rsapss_to_PKCS8_der_encoder_functions[]; -extern const OSSL_DISPATCH ossl_rsapss_to_PKCS8_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_rsapss_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_rsapss_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_rsapss_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_rsapss_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_rsapss_to_text_encoder_functions[]; @@ -347,8 +347,8 @@ extern const OSSL_DISPATCH ossl_dh_to_DH_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_dh_to_DH_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_dh_to_PKCS3_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_dh_to_PKCS3_pem_encoder_functions[]; -extern const OSSL_DISPATCH ossl_dh_to_PKCS8_der_encoder_functions[]; -extern const OSSL_DISPATCH ossl_dh_to_PKCS8_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_dh_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_dh_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_dh_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_dh_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_dh_to_type_specific_params_der_encoder_functions[]; @@ -357,8 +357,8 @@ extern const OSSL_DISPATCH ossl_dh_to_text_encoder_functions[]; extern const OSSL_DISPATCH ossl_dhx_to_DHX_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_dhx_to_DHX_pem_encoder_functions[]; -extern const OSSL_DISPATCH ossl_dhx_to_PKCS8_der_encoder_functions[]; -extern const OSSL_DISPATCH ossl_dhx_to_PKCS8_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_dhx_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_dhx_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_dhx_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_dhx_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_dhx_to_X9_42_der_encoder_functions[]; @@ -369,8 +369,8 @@ extern const OSSL_DISPATCH ossl_dhx_to_text_encoder_functions[]; extern const OSSL_DISPATCH ossl_dsa_to_DSA_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_dsa_to_DSA_pem_encoder_functions[]; -extern const OSSL_DISPATCH ossl_dsa_to_PKCS8_der_encoder_functions[]; -extern const OSSL_DISPATCH ossl_dsa_to_PKCS8_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_dsa_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_dsa_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_dsa_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_dsa_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_dsa_to_type_specific_pem_encoder_functions[]; @@ -382,8 +382,8 @@ extern const OSSL_DISPATCH ossl_dsa_to_text_encoder_functions[]; extern const OSSL_DISPATCH ossl_ec_to_EC_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_ec_to_EC_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_ec_to_blob_encoder_functions[]; -extern const OSSL_DISPATCH ossl_ec_to_PKCS8_der_encoder_functions[]; -extern const OSSL_DISPATCH ossl_ec_to_PKCS8_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_ec_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_ec_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_ec_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_ec_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_ec_to_X9_62_der_encoder_functions[]; @@ -396,8 +396,8 @@ extern const OSSL_DISPATCH ossl_ec_to_text_encoder_functions[]; extern const OSSL_DISPATCH ossl_sm2_to_SM2_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_sm2_to_SM2_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_sm2_to_blob_encoder_functions[]; -extern const OSSL_DISPATCH ossl_sm2_to_PKCS8_der_encoder_functions[]; -extern const OSSL_DISPATCH ossl_sm2_to_PKCS8_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_sm2_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_sm2_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_sm2_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_sm2_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_sm2_to_type_specific_no_pub_pem_encoder_functions[]; @@ -405,84 +405,85 @@ extern const OSSL_DISPATCH ossl_sm2_to_type_specific_no_pub_der_encoder_function extern const OSSL_DISPATCH ossl_sm2_to_text_encoder_functions[]; #endif -extern const OSSL_DISPATCH ossl_ed25519_to_PKCS8_der_encoder_functions[]; -extern const OSSL_DISPATCH ossl_ed25519_to_PKCS8_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_ed25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_ed25519_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_ed25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_ed25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_ed25519_to_OSSL_current_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_ed25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH ossl_ed448_to_PKCS8_der_encoder_functions[]; -extern const OSSL_DISPATCH ossl_ed448_to_PKCS8_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_ed448_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_ed448_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_ed448_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_ed448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_ed448_to_OSSL_current_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_ed448_to_text_encoder_functions[]; -extern const OSSL_DISPATCH ossl_x25519_to_PKCS8_der_encoder_functions[]; -extern const OSSL_DISPATCH ossl_x25519_to_PKCS8_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_x25519_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_x25519_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_x25519_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_x25519_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_x25519_to_OSSL_current_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_x25519_to_text_encoder_functions[]; -extern const OSSL_DISPATCH ossl_x448_to_PKCS8_der_encoder_functions[]; -extern const OSSL_DISPATCH ossl_x448_to_PKCS8_pem_encoder_functions[]; +extern const OSSL_DISPATCH ossl_x448_to_PrivateKeyInfo_der_encoder_functions[]; +extern const OSSL_DISPATCH ossl_x448_to_PrivateKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_x448_to_SubjectPublicKeyInfo_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_x448_to_SubjectPublicKeyInfo_pem_encoder_functions[]; extern const OSSL_DISPATCH ossl_x448_to_OSSL_current_der_encoder_functions[]; extern const OSSL_DISPATCH ossl_x448_to_text_encoder_functions[]; /* Decoders */ -extern const OSSL_DISPATCH ossl_PKCS8_der_to_dh_decoder_functions[]; +extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_dh_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_dh_decoder_functions[]; extern const OSSL_DISPATCH ossl_type_specific_params_der_to_dh_decoder_functions[]; extern const OSSL_DISPATCH ossl_DH_der_to_dh_decoder_functions[]; -extern const OSSL_DISPATCH ossl_PKCS8_der_to_dhx_decoder_functions[]; +extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_dhx_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_dhx_decoder_functions[]; extern const OSSL_DISPATCH ossl_type_specific_params_der_to_dhx_decoder_functions[]; extern const OSSL_DISPATCH ossl_DHX_der_to_dhx_decoder_functions[]; -extern const OSSL_DISPATCH ossl_PKCS8_der_to_dsa_decoder_functions[]; +extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_dsa_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_dsa_decoder_functions[]; extern const OSSL_DISPATCH ossl_type_specific_der_to_dsa_decoder_functions[]; extern const OSSL_DISPATCH ossl_DSA_der_to_dsa_decoder_functions[]; extern const OSSL_DISPATCH ossl_msblob_to_dsa_decoder_functions[]; extern const OSSL_DISPATCH ossl_pvk_to_dsa_decoder_functions[]; -extern const OSSL_DISPATCH ossl_PKCS8_der_to_ec_decoder_functions[]; +extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_ec_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_ec_decoder_functions[]; extern const OSSL_DISPATCH ossl_type_specific_no_pub_der_to_ec_decoder_functions[]; extern const OSSL_DISPATCH ossl_EC_der_to_ec_decoder_functions[]; -extern const OSSL_DISPATCH ossl_PKCS8_der_to_x25519_decoder_functions[]; +extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_x25519_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_x25519_decoder_functions[]; -extern const OSSL_DISPATCH ossl_PKCS8_der_to_x448_decoder_functions[]; +extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_x448_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_x448_decoder_functions[]; -extern const OSSL_DISPATCH ossl_PKCS8_der_to_ed25519_decoder_functions[]; +extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_ed25519_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_ed25519_decoder_functions[]; -extern const OSSL_DISPATCH ossl_PKCS8_der_to_ed448_decoder_functions[]; +extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_ed448_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_ed448_decoder_functions[]; #ifndef OPENSSL_NO_SM2 -extern const OSSL_DISPATCH ossl_PKCS8_der_to_sm2_decoder_functions[]; +extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_sm2_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_sm2_decoder_functions[]; #endif -extern const OSSL_DISPATCH ossl_PKCS8_der_to_rsa_decoder_functions[]; +extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_rsa_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_rsa_decoder_functions[]; extern const OSSL_DISPATCH ossl_type_specific_keypair_der_to_rsa_decoder_functions[]; extern const OSSL_DISPATCH ossl_RSA_der_to_rsa_decoder_functions[]; extern const OSSL_DISPATCH ossl_msblob_to_rsa_decoder_functions[]; extern const OSSL_DISPATCH ossl_pvk_to_rsa_decoder_functions[]; -extern const OSSL_DISPATCH ossl_PKCS8_der_to_rsapss_decoder_functions[]; +extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_rsapss_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_rsapss_decoder_functions[]; +extern const OSSL_DISPATCH ossl_EncryptedPrivateKeyInfo_der_to_der_decoder_functions[]; extern const OSSL_DISPATCH ossl_pem_to_der_decoder_functions[]; extern const OSSL_DISPATCH ossl_file_store_functions[]; |