diff options
| author | David Benjamin <davidben@chromium.org> | 2015-12-31 05:40:40 +0300 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2016-02-17 19:28:07 +0300 |
| commit | 68772b31b07827793827e45ea81e8035269774c1 (patch) | |
| tree | f9f661c29a375dfd4586e847b2a5ece92733de5f /include | |
| parent | 2dc469e06655be3a761ee25b1d89b4f6ebfc29a4 (diff) | |
Implement new SPKI parsers.
Many consumers need SPKI support (X.509, TLS, QUIC, WebCrypto), each
with different ways to set signature parameters. SPKIs themselves can
get complex with id-RSASSA-PSS keys which come with various constraints
in the key parameters. This suggests we want a common in-library
representation of an SPKI.
This adds two new functions EVP_parse_public_key and
EVP_marshal_public_key which converts EVP_PKEY to and from SPKI and
implements X509_PUBKEY functions with them. EVP_PKEY seems to have been
intended to be able to express the supported SPKI types with
full-fidelity, so these APIs will continue this.
This means future support for id-RSASSA-PSS would *not* repurpose
EVP_PKEY_RSA. I'm worried about code assuming EVP_PKEY_RSA implies
acting on the RSA* is legal. Instead, it'd add an EVP_PKEY_RSA_PSS and
the data pointer would be some (exposed, so the caller may still check
key size, etc.) RSA_PSS_KEY struct. Internally, the EVP_PKEY_CTX
implementation would enforce the key constraints. If RSA_PSS_KEY would
later need its own API, that code would move there, but that seems
unlikely.
Ideally we'd have a 1:1 correspondence with key OID, although we may
have to fudge things if mistakes happen in standardization. (Whether or
not X.509 reuses id-ecPublicKey for Ed25519, we'll give it a separate
EVP_PKEY type.)
DSA parsing hooks are still implemented, missing parameters and all for
now. This isn't any worse than before.
Decoupling from the giant crypto/obj OID table will be a later task.
BUG=522228
Change-Id: I0e3964edf20cb795a18b0991d17e5ca8bce3e28c
Reviewed-on: https://boringssl-review.googlesource.com/6861
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'include')
| -rw-r--r-- | include/openssl/evp.h | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 4f9426fd..ec143e23 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -188,6 +188,20 @@ OPENSSL_EXPORT int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, /* ASN.1 functions */ +/* EVP_parse_public_key decodes a DER-encoded SubjectPublicKeyInfo structure + * (RFC 5280) from |cbs| and advances |cbs|. It returns a newly-allocated + * |EVP_PKEY| or NULL on error. + * + * The caller must check the type of the parsed public key to ensure it is + * suitable and validate other desired key properties such as RSA modulus size + * or EC curve. */ +OPENSSL_EXPORT EVP_PKEY *EVP_parse_public_key(CBS *cbs); + +/* EVP_marshal_public_key marshals |key| as a DER-encoded SubjectPublicKeyInfo + * structure (RFC 5280) and appends the result to |cbb|. It returns one on + * success and zero on error. */ +OPENSSL_EXPORT int EVP_marshal_public_key(CBB *cbb, const EVP_PKEY *key); + /* d2i_PrivateKey parses an ASN.1, DER-encoded, private key from |len| bytes at * |*inp|. If |out| is not NULL then, on exit, a pointer to the result is in * |*out|. If |*out| is already non-NULL on entry then the result is written @@ -780,5 +794,6 @@ struct evp_pkey_st { #define EVP_R_PARAMETER_ENCODING_ERROR 152 #define EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE 153 #define EVP_R_UNSUPPORTED_SIGNATURE_TYPE 154 +#define EVP_R_ENCODE_ERROR 155 #endif /* OPENSSL_HEADER_EVP_H */ |