1 /*
2 * Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 * https://www.openssl.org/source/license.html
8 * or in the file LICENSE in the source distribution.
9 */
10
11 #include <string.h>
12 #include <openssl/asn1.h>
13 #include <openssl/asn1t.h>
14 #include <openssl/core_names.h>
15 #include <openssl/core_object.h>
16 #include <openssl/rand.h>
17 #include <openssl/provider.h>
18 #include "testutil.h"
19 #include "fake_rsaprov.h"
20 #include "internal/asn1.h"
21
22 static OSSL_FUNC_keymgmt_new_fn fake_rsa_keymgmt_new;
23 static OSSL_FUNC_keymgmt_free_fn fake_rsa_keymgmt_free;
24 static OSSL_FUNC_keymgmt_has_fn fake_rsa_keymgmt_has;
25 static OSSL_FUNC_keymgmt_query_operation_name_fn fake_rsa_keymgmt_query;
26 static OSSL_FUNC_keymgmt_import_fn fake_rsa_keymgmt_import;
27 static OSSL_FUNC_keymgmt_import_types_fn fake_rsa_keymgmt_imptypes;
28 static OSSL_FUNC_keymgmt_export_fn fake_rsa_keymgmt_export;
29 static OSSL_FUNC_keymgmt_export_types_fn fake_rsa_keymgmt_exptypes;
30 static OSSL_FUNC_keymgmt_load_fn fake_rsa_keymgmt_load;
31
32 static int has_selection;
33 static int imptypes_selection;
34 static int exptypes_selection;
35 static int query_id;
36 static int key_deleted;
37
38 unsigned fake_rsa_query_operation_name = 0;
39
40 typedef struct {
41 OSSL_LIB_CTX *libctx;
42 } PROV_FAKE_RSA_CTX;
43
44 #define PROV_FAKE_RSA_LIBCTX_OF(provctx) (((PROV_FAKE_RSA_CTX *)provctx)->libctx)
45
46 #define FAKE_RSA_STATUS_IMPORTED 1
47 #define FAKE_RSA_STATUS_GENERATED 2
48 #define FAKE_RSA_STATUS_DECODED 3
49
50 struct fake_rsa_keydata {
51 int selection;
52 int status;
53 };
54
fake_rsa_restore_store_state(void)55 void fake_rsa_restore_store_state(void)
56 {
57 key_deleted = 0;
58 }
59
fake_rsa_keymgmt_new(void * provctx)60 static void *fake_rsa_keymgmt_new(void *provctx)
61 {
62 struct fake_rsa_keydata *key;
63
64 if (!TEST_ptr(key = OPENSSL_zalloc(sizeof(struct fake_rsa_keydata))))
65 return NULL;
66
67 /* clear test globals */
68 has_selection = 0;
69 imptypes_selection = 0;
70 exptypes_selection = 0;
71 query_id = 0;
72
73 return key;
74 }
75
fake_rsa_keymgmt_free(void * keydata)76 static void fake_rsa_keymgmt_free(void *keydata)
77 {
78 OPENSSL_free(keydata);
79 }
80
fake_rsa_keymgmt_has(const void * key,int selection)81 static int fake_rsa_keymgmt_has(const void *key, int selection)
82 {
83 /* record global for checking */
84 has_selection = selection;
85
86 return 1;
87 }
88
fake_rsa_keymgmt_query(int id)89 static const char *fake_rsa_keymgmt_query(int id)
90 {
91 /* record global for checking */
92 query_id = id;
93
94 return fake_rsa_query_operation_name ? NULL : "RSA";
95 }
96
fake_rsa_keymgmt_import(void * keydata,int selection,const OSSL_PARAM * p)97 static int fake_rsa_keymgmt_import(void *keydata, int selection,
98 const OSSL_PARAM *p)
99 {
100 struct fake_rsa_keydata *fake_rsa_key = keydata;
101
102 /* key was imported */
103 fake_rsa_key->status = FAKE_RSA_STATUS_IMPORTED;
104
105 return 1;
106 }
107
108 static unsigned char fake_rsa_n[] = "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
109 "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
110 "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
111 "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
112 "\xF5";
113
114 static unsigned char fake_rsa_e[] = "\x11";
115
116 static unsigned char fake_rsa_d[] = "\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
117 "\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
118 "\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
119 "\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
120
121 static unsigned char fake_rsa_p[] = "\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
122 "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
123 "\x0D";
124
125 static unsigned char fake_rsa_q[] = "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
126 "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
127 "\x89";
128
129 static unsigned char fake_rsa_dmp1[] = "\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
130 "\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
131
132 static unsigned char fake_rsa_dmq1[] = "\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
133 "\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
134 "\x51";
135
136 static unsigned char fake_rsa_iqmp[] = "\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
137 "\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
138
fake_rsa_key_params(int priv)139 OSSL_PARAM *fake_rsa_key_params(int priv)
140 {
141 if (priv) {
142 OSSL_PARAM params[] = {
143 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, fake_rsa_n,
144 sizeof(fake_rsa_n) - 1),
145 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, fake_rsa_e,
146 sizeof(fake_rsa_e) - 1),
147 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, fake_rsa_d,
148 sizeof(fake_rsa_d) - 1),
149 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, fake_rsa_p,
150 sizeof(fake_rsa_p) - 1),
151 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, fake_rsa_q,
152 sizeof(fake_rsa_q) - 1),
153 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, fake_rsa_dmp1,
154 sizeof(fake_rsa_dmp1) - 1),
155 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, fake_rsa_dmq1,
156 sizeof(fake_rsa_dmq1) - 1),
157 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, fake_rsa_iqmp,
158 sizeof(fake_rsa_iqmp) - 1),
159 OSSL_PARAM_END
160 };
161 return OSSL_PARAM_dup(params);
162 } else {
163 OSSL_PARAM params[] = {
164 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, fake_rsa_n,
165 sizeof(fake_rsa_n) - 1),
166 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, fake_rsa_e,
167 sizeof(fake_rsa_e) - 1),
168 OSSL_PARAM_END
169 };
170 return OSSL_PARAM_dup(params);
171 }
172 }
173
fake_rsa_keymgmt_export(void * keydata,int selection,OSSL_CALLBACK * param_callback,void * cbarg)174 static int fake_rsa_keymgmt_export(void *keydata, int selection,
175 OSSL_CALLBACK *param_callback, void *cbarg)
176 {
177 OSSL_PARAM *params = NULL;
178 int ret;
179
180 if (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY)
181 return 0;
182
183 if (!TEST_ptr(params = fake_rsa_key_params(0)))
184 return 0;
185
186 ret = param_callback(params, cbarg);
187 OSSL_PARAM_free(params);
188 return ret;
189 }
190
191 static const OSSL_PARAM fake_rsa_import_key_types[] = {
192 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0),
193 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0),
194 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, NULL, 0),
195 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0),
196 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0),
197 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0),
198 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0),
199 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0),
200 OSSL_PARAM_END
201 };
202
fake_rsa_keymgmt_imptypes(int selection)203 static const OSSL_PARAM *fake_rsa_keymgmt_imptypes(int selection)
204 {
205 /* record global for checking */
206 imptypes_selection = selection;
207
208 return fake_rsa_import_key_types;
209 }
210
211 static const OSSL_PARAM fake_rsa_export_key_types[] = {
212 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0),
213 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0),
214 OSSL_PARAM_END
215 };
216
fake_rsa_keymgmt_exptypes(int selection)217 static const OSSL_PARAM *fake_rsa_keymgmt_exptypes(int selection)
218 {
219 /* record global for checking */
220 exptypes_selection = selection;
221
222 return fake_rsa_export_key_types;
223 }
224
fake_rsa_keymgmt_load(const void * reference,size_t reference_sz)225 static void *fake_rsa_keymgmt_load(const void *reference, size_t reference_sz)
226 {
227 struct fake_rsa_keydata *key = NULL;
228
229 if (reference_sz != sizeof(key))
230 return NULL;
231
232 key = *(struct fake_rsa_keydata **)reference;
233 if (key->status != FAKE_RSA_STATUS_IMPORTED && key->status != FAKE_RSA_STATUS_DECODED)
234 return NULL;
235
236 /* detach the reference */
237 *(struct fake_rsa_keydata **)reference = NULL;
238
239 return key;
240 }
241
fake_rsa_gen_init(void * provctx,int selection,const OSSL_PARAM params[])242 static void *fake_rsa_gen_init(void *provctx, int selection,
243 const OSSL_PARAM params[])
244 {
245 unsigned char *gctx = NULL;
246
247 if (!TEST_ptr(gctx = OPENSSL_malloc(1)))
248 return NULL;
249
250 *gctx = 1;
251
252 return gctx;
253 }
254
fake_rsa_gen(void * genctx,OSSL_CALLBACK * osslcb,void * cbarg)255 static void *fake_rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
256 {
257 unsigned char *gctx = genctx;
258 static const unsigned char inited[] = { 1 };
259 struct fake_rsa_keydata *keydata;
260
261 if (!TEST_ptr(gctx)
262 || !TEST_mem_eq(gctx, sizeof(*gctx), inited, sizeof(inited)))
263 return NULL;
264
265 if (!TEST_ptr(keydata = fake_rsa_keymgmt_new(NULL)))
266 return NULL;
267
268 keydata->status = FAKE_RSA_STATUS_GENERATED;
269 return keydata;
270 }
271
fake_rsa_gen_cleanup(void * genctx)272 static void fake_rsa_gen_cleanup(void *genctx)
273 {
274 OPENSSL_free(genctx);
275 }
276
277 static const OSSL_DISPATCH fake_rsa_keymgmt_funcs[] = {
278 { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))fake_rsa_keymgmt_new },
279 { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))fake_rsa_keymgmt_free },
280 { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))fake_rsa_keymgmt_has },
281 { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME,
282 (void (*)(void))fake_rsa_keymgmt_query },
283 { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))fake_rsa_keymgmt_import },
284 { OSSL_FUNC_KEYMGMT_IMPORT_TYPES,
285 (void (*)(void))fake_rsa_keymgmt_imptypes },
286 { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))fake_rsa_keymgmt_export },
287 { OSSL_FUNC_KEYMGMT_EXPORT_TYPES,
288 (void (*)(void))fake_rsa_keymgmt_exptypes },
289 { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))fake_rsa_keymgmt_load },
290 { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))fake_rsa_gen_init },
291 { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))fake_rsa_gen },
292 { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))fake_rsa_gen_cleanup },
293 OSSL_DISPATCH_END
294 };
295
296 static const OSSL_ALGORITHM fake_rsa_keymgmt_algs[] = {
297 { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_keymgmt_funcs, "Fake RSA Key Management" },
298 { NULL, NULL, NULL, NULL }
299 };
300
301 static OSSL_FUNC_signature_newctx_fn fake_rsa_sig_newctx;
302 static OSSL_FUNC_signature_freectx_fn fake_rsa_sig_freectx;
303 static OSSL_FUNC_signature_sign_init_fn fake_rsa_sig_sign_init;
304 static OSSL_FUNC_signature_sign_fn fake_rsa_sig_sign;
305
fake_rsa_sig_newctx(void * provctx,const char * propq)306 static void *fake_rsa_sig_newctx(void *provctx, const char *propq)
307 {
308 unsigned char *sigctx = OPENSSL_zalloc(1);
309
310 TEST_ptr(sigctx);
311
312 return sigctx;
313 }
314
fake_rsa_sig_freectx(void * sigctx)315 static void fake_rsa_sig_freectx(void *sigctx)
316 {
317 OPENSSL_free(sigctx);
318 }
319
fake_rsa_sig_sign_init(void * ctx,void * provkey,const OSSL_PARAM params[])320 static int fake_rsa_sig_sign_init(void *ctx, void *provkey,
321 const OSSL_PARAM params[])
322 {
323 unsigned char *sigctx = ctx;
324 struct fake_rsa_keydata *keydata = provkey;
325
326 /* we must have a ctx */
327 if (!TEST_ptr(sigctx))
328 return 0;
329
330 /* we must have some initialized key */
331 if (!TEST_ptr(keydata) || !TEST_int_gt(keydata->status, 0))
332 return 0;
333
334 /* record that sign init was called */
335 *sigctx = 1;
336 return 1;
337 }
338
fake_rsa_sig_sign(void * ctx,unsigned char * sig,size_t * siglen,size_t sigsize,const unsigned char * tbs,size_t tbslen)339 static int fake_rsa_sig_sign(void *ctx, unsigned char *sig,
340 size_t *siglen, size_t sigsize,
341 const unsigned char *tbs, size_t tbslen)
342 {
343 unsigned char *sigctx = ctx;
344
345 /* we must have a ctx and init was called upon it */
346 if (!TEST_ptr(sigctx) || !TEST_int_eq(*sigctx, 1))
347 return 0;
348
349 *siglen = 256;
350 /* record that the real sign operation was called */
351 if (sig != NULL) {
352 if (!TEST_int_ge(sigsize, *siglen))
353 return 0;
354 *sigctx = 2;
355 /* produce a fake signature */
356 memset(sig, 'a', *siglen);
357 }
358
359 return 1;
360 }
361
362 #define FAKE_DGSTSGN_SIGN 0x01
363 #define FAKE_DGSTSGN_VERIFY 0x02
364 #define FAKE_DGSTSGN_UPDATED 0x04
365 #define FAKE_DGSTSGN_FINALISED 0x08
366 #define FAKE_DGSTSGN_NO_DUP 0xA0
367
fake_rsa_sig_dupctx(void * ctx)368 static void *fake_rsa_sig_dupctx(void *ctx)
369 {
370 unsigned char *sigctx = ctx;
371 unsigned char *newctx;
372
373 if ((*sigctx & FAKE_DGSTSGN_NO_DUP) != 0)
374 return NULL;
375
376 if (!TEST_ptr(newctx = OPENSSL_zalloc(1)))
377 return NULL;
378
379 *newctx = *sigctx;
380 return newctx;
381 }
382
fake_rsa_dgstsgnvfy_init(void * ctx,unsigned char type,void * provkey,const OSSL_PARAM params[])383 static int fake_rsa_dgstsgnvfy_init(void *ctx, unsigned char type,
384 void *provkey, const OSSL_PARAM params[])
385 {
386 unsigned char *sigctx = ctx;
387 struct fake_rsa_keydata *keydata = provkey;
388
389 /* we must have a ctx */
390 if (!TEST_ptr(sigctx))
391 return 0;
392
393 /* we must have some initialized key */
394 if (!TEST_ptr(keydata) || !TEST_int_gt(keydata->status, 0))
395 return 0;
396
397 /* record that sign/verify init was called */
398 *sigctx = type;
399
400 if (params) {
401 const OSSL_PARAM *p;
402 int dup;
403 p = OSSL_PARAM_locate_const(params, "NO_DUP");
404 if (p != NULL) {
405 if (OSSL_PARAM_get_int(p, &dup)) {
406 *sigctx |= FAKE_DGSTSGN_NO_DUP;
407 }
408 }
409 }
410
411 return 1;
412 }
413
fake_rsa_dgstsgn_init(void * ctx,const char * mdname,void * provkey,const OSSL_PARAM params[])414 static int fake_rsa_dgstsgn_init(void *ctx, const char *mdname,
415 void *provkey, const OSSL_PARAM params[])
416 {
417 return fake_rsa_dgstsgnvfy_init(ctx, FAKE_DGSTSGN_SIGN, provkey, params);
418 }
419
fake_rsa_dgstvfy_init(void * ctx,const char * mdname,void * provkey,const OSSL_PARAM params[])420 static int fake_rsa_dgstvfy_init(void *ctx, const char *mdname,
421 void *provkey, const OSSL_PARAM params[])
422 {
423 return fake_rsa_dgstsgnvfy_init(ctx, FAKE_DGSTSGN_VERIFY, provkey, params);
424 }
425
fake_rsa_dgstsgnvfy_update(void * ctx,const unsigned char * data,size_t datalen)426 static int fake_rsa_dgstsgnvfy_update(void *ctx, const unsigned char *data,
427 size_t datalen)
428 {
429 unsigned char *sigctx = ctx;
430
431 /* we must have a ctx */
432 if (!TEST_ptr(sigctx))
433 return 0;
434
435 if (*sigctx == 0 || (*sigctx & FAKE_DGSTSGN_FINALISED) != 0)
436 return 0;
437
438 *sigctx |= FAKE_DGSTSGN_UPDATED;
439 return 1;
440 }
441
fake_rsa_dgstsgnvfy_final(void * ctx,unsigned char * sig,size_t * siglen,size_t sigsize)442 static int fake_rsa_dgstsgnvfy_final(void *ctx, unsigned char *sig,
443 size_t *siglen, size_t sigsize)
444 {
445 unsigned char *sigctx = ctx;
446
447 /* we must have a ctx */
448 if (!TEST_ptr(sigctx))
449 return 0;
450
451 if (*sigctx == 0 || (*sigctx & FAKE_DGSTSGN_FINALISED) != 0)
452 return 0;
453
454 if ((*sigctx & FAKE_DGSTSGN_SIGN) != 0 && (siglen == NULL))
455 return 0;
456
457 if ((*sigctx & FAKE_DGSTSGN_VERIFY) != 0 && (siglen != NULL))
458 return 0;
459
460 /* this is sign op */
461 if (siglen) {
462 *siglen = 256;
463 /* record that the real sign operation was called */
464 if (sig != NULL) {
465 if (!TEST_int_ge(sigsize, *siglen))
466 return 0;
467 /* produce a fake signature */
468 memset(sig, 'a', *siglen);
469 }
470 }
471
472 /* simulate inability to duplicate context and finalise it */
473 if ((*sigctx & FAKE_DGSTSGN_NO_DUP) != 0) {
474 *sigctx |= FAKE_DGSTSGN_FINALISED;
475 }
476 return 1;
477 }
478
fake_rsa_dgstvfy_final(void * ctx,unsigned char * sig,size_t siglen)479 static int fake_rsa_dgstvfy_final(void *ctx, unsigned char *sig,
480 size_t siglen)
481 {
482 return fake_rsa_dgstsgnvfy_final(ctx, sig, NULL, siglen);
483 }
484
fake_rsa_dgstsgn(void * ctx,unsigned char * sig,size_t * siglen,size_t sigsize,const unsigned char * tbs,size_t tbslen)485 static int fake_rsa_dgstsgn(void *ctx, unsigned char *sig, size_t *siglen,
486 size_t sigsize, const unsigned char *tbs,
487 size_t tbslen)
488 {
489 if (!fake_rsa_dgstsgnvfy_update(ctx, tbs, tbslen))
490 return 0;
491
492 return fake_rsa_dgstsgnvfy_final(ctx, sig, siglen, sigsize);
493 }
494
fake_rsa_dgstvfy(void * ctx,unsigned char * sig,size_t siglen,const unsigned char * tbv,size_t tbvlen)495 static int fake_rsa_dgstvfy(void *ctx, unsigned char *sig, size_t siglen,
496 const unsigned char *tbv, size_t tbvlen)
497 {
498 if (!fake_rsa_dgstsgnvfy_update(ctx, tbv, tbvlen))
499 return 0;
500
501 return fake_rsa_dgstvfy_final(ctx, sig, siglen);
502 }
503
504 static const OSSL_DISPATCH fake_rsa_sig_funcs[] = {
505 { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))fake_rsa_sig_newctx },
506 { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))fake_rsa_sig_freectx },
507 { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))fake_rsa_sig_sign_init },
508 { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))fake_rsa_sig_sign },
509 { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))fake_rsa_sig_dupctx },
510 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT,
511 (void (*)(void))fake_rsa_dgstsgn_init },
512 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE,
513 (void (*)(void))fake_rsa_dgstsgnvfy_update },
514 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL,
515 (void (*)(void))fake_rsa_dgstsgnvfy_final },
516 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN,
517 (void (*)(void))fake_rsa_dgstsgn },
518 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT,
519 (void (*)(void))fake_rsa_dgstvfy_init },
520 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE,
521 (void (*)(void))fake_rsa_dgstsgnvfy_update },
522 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,
523 (void (*)(void))fake_rsa_dgstvfy_final },
524 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY,
525 (void (*)(void))fake_rsa_dgstvfy },
526 OSSL_DISPATCH_END
527 };
528
529 static const OSSL_ALGORITHM fake_rsa_sig_algs[] = {
530 { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_sig_funcs, "Fake RSA Signature" },
531 { NULL, NULL, NULL, NULL }
532 };
533
534 static OSSL_FUNC_store_open_fn fake_rsa_st_open;
535 static OSSL_FUNC_store_open_ex_fn fake_rsa_st_open_ex;
536 static OSSL_FUNC_store_settable_ctx_params_fn fake_rsa_st_settable_ctx_params;
537 static OSSL_FUNC_store_set_ctx_params_fn fake_rsa_st_set_ctx_params;
538 static OSSL_FUNC_store_load_fn fake_rsa_st_load;
539 static OSSL_FUNC_store_eof_fn fake_rsa_st_eof;
540 static OSSL_FUNC_store_close_fn fake_rsa_st_close;
541 static OSSL_FUNC_store_delete_fn fake_rsa_st_delete;
542
543 static const char fake_rsa_scheme[] = "fake_rsa:";
544 static const char fake_rsa_openpwtest[] = "fake_rsa:openpwtest";
545 static const char fake_rsa_prompt[] = "Fake Prompt Info";
546
fake_rsa_st_open_ex(void * provctx,const char * uri,const OSSL_PARAM params[],OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)547 static void *fake_rsa_st_open_ex(void *provctx, const char *uri,
548 const OSSL_PARAM params[],
549 OSSL_PASSPHRASE_CALLBACK *pw_cb,
550 void *pw_cbarg)
551 {
552 unsigned char *storectx = NULL;
553
554 /* First check whether the uri is ours */
555 if (strncmp(uri, fake_rsa_scheme, sizeof(fake_rsa_scheme) - 1) != 0)
556 return NULL;
557
558 if (strncmp(uri, fake_rsa_openpwtest,
559 sizeof(fake_rsa_openpwtest) - 1)
560 == 0) {
561 const char *pw_check = FAKE_PASSPHRASE;
562 char fakepw[sizeof(FAKE_PASSPHRASE) + 1] = { 0 };
563 size_t fakepw_len = 0;
564 OSSL_PARAM pw_params[2] = {
565 OSSL_PARAM_utf8_string(OSSL_PASSPHRASE_PARAM_INFO,
566 (void *)fake_rsa_prompt,
567 sizeof(fake_rsa_prompt) - 1),
568 OSSL_PARAM_END,
569 };
570
571 if (pw_cb == NULL) {
572 return NULL;
573 }
574
575 if (!pw_cb(fakepw, sizeof(fakepw), &fakepw_len, pw_params, pw_cbarg)) {
576 TEST_info("fake_rsa_open_ex failed passphrase callback");
577 return NULL;
578 }
579 if (strncmp(pw_check, fakepw, sizeof(pw_check) - 1) != 0) {
580 TEST_info("fake_rsa_open_ex failed passphrase check");
581 return NULL;
582 }
583 }
584
585 storectx = OPENSSL_zalloc(1);
586 if (!TEST_ptr(storectx))
587 return NULL;
588
589 TEST_info("fake_rsa_open_ex called");
590
591 return storectx;
592 }
593
fake_rsa_st_open(void * provctx,const char * uri)594 static void *fake_rsa_st_open(void *provctx, const char *uri)
595 {
596 unsigned char *storectx = NULL;
597
598 storectx = fake_rsa_st_open_ex(provctx, uri, NULL, NULL, NULL);
599
600 TEST_info("fake_rsa_open called");
601
602 return storectx;
603 }
604
fake_rsa_st_settable_ctx_params(void * provctx)605 static const OSSL_PARAM *fake_rsa_st_settable_ctx_params(void *provctx)
606 {
607 static const OSSL_PARAM known_settable_ctx_params[] = {
608 OSSL_PARAM_END
609 };
610 return known_settable_ctx_params;
611 }
612
fake_rsa_st_set_ctx_params(void * loaderctx,const OSSL_PARAM params[])613 static int fake_rsa_st_set_ctx_params(void *loaderctx,
614 const OSSL_PARAM params[])
615 {
616 return 1;
617 }
618
fake_rsa_st_load(void * loaderctx,OSSL_CALLBACK * object_cb,void * object_cbarg,OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)619 static int fake_rsa_st_load(void *loaderctx,
620 OSSL_CALLBACK *object_cb, void *object_cbarg,
621 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
622 {
623 unsigned char *storectx = loaderctx;
624 OSSL_PARAM params[4];
625 int object_type = OSSL_OBJECT_PKEY;
626 struct fake_rsa_keydata *key = NULL;
627 int rv = 0;
628
629 switch (*storectx) {
630 case 0:
631 if (key_deleted == 1) {
632 *storectx = 1;
633 break;
634 }
635
636 /* Construct a new key using our keymgmt functions */
637 if (!TEST_ptr(key = fake_rsa_keymgmt_new(NULL)))
638 break;
639 if (!TEST_int_gt(fake_rsa_keymgmt_import(key, 0, NULL), 0))
640 break;
641 params[0] = OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type);
642 params[1] = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
643 "RSA", 0);
644 /* The address of the key becomes the octet string */
645 params[2] = OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE,
646 &key, sizeof(key));
647 params[3] = OSSL_PARAM_construct_end();
648 rv = object_cb(params, object_cbarg);
649 *storectx = 1;
650 break;
651
652 case 2:
653 TEST_info("fake_rsa_load() called in error state");
654 break;
655
656 default:
657 TEST_info("fake_rsa_load() called in eof state");
658 break;
659 }
660
661 TEST_info("fake_rsa_load called - rv: %d", rv);
662
663 if (rv == 0 && key_deleted == 0) {
664 fake_rsa_keymgmt_free(key);
665 *storectx = 2;
666 }
667 return rv;
668 }
669
fake_rsa_st_delete(void * loaderctx,const char * uri,const OSSL_PARAM params[],OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)670 static int fake_rsa_st_delete(void *loaderctx, const char *uri,
671 const OSSL_PARAM params[],
672 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
673 {
674 key_deleted = 1;
675 return 1;
676 }
677
fake_rsa_st_eof(void * loaderctx)678 static int fake_rsa_st_eof(void *loaderctx)
679 {
680 unsigned char *storectx = loaderctx;
681
682 /* just one key for now in the fake_rsa store */
683 return *storectx != 0;
684 }
685
fake_rsa_st_close(void * loaderctx)686 static int fake_rsa_st_close(void *loaderctx)
687 {
688 OPENSSL_free(loaderctx);
689 return 1;
690 }
691
692 static const OSSL_DISPATCH fake_rsa_store_funcs[] = {
693 { OSSL_FUNC_STORE_OPEN, (void (*)(void))fake_rsa_st_open },
694 { OSSL_FUNC_STORE_OPEN_EX, (void (*)(void))fake_rsa_st_open_ex },
695 { OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS,
696 (void (*)(void))fake_rsa_st_settable_ctx_params },
697 { OSSL_FUNC_STORE_SET_CTX_PARAMS, (void (*)(void))fake_rsa_st_set_ctx_params },
698 { OSSL_FUNC_STORE_LOAD, (void (*)(void))fake_rsa_st_load },
699 { OSSL_FUNC_STORE_EOF, (void (*)(void))fake_rsa_st_eof },
700 { OSSL_FUNC_STORE_CLOSE, (void (*)(void))fake_rsa_st_close },
701 { OSSL_FUNC_STORE_DELETE, (void (*)(void))fake_rsa_st_delete },
702 OSSL_DISPATCH_END,
703 };
704
705 static const OSSL_ALGORITHM fake_rsa_store_algs[] = {
706 { "fake_rsa", "provider=fake-rsa", fake_rsa_store_funcs },
707 { NULL, NULL, NULL }
708 };
709
710 struct der2key_ctx_st; /* Forward declaration */
711 typedef int check_key_fn(void *, struct der2key_ctx_st *ctx);
712 typedef void adjust_key_fn(void *, struct der2key_ctx_st *ctx);
713 typedef void free_key_fn(void *);
714 typedef void *d2i_PKCS8_fn(void **, const unsigned char **, long,
715 struct der2key_ctx_st *);
716 struct keytype_desc_st {
717 const char *keytype_name;
718 const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */
719
720 /* The input structure name */
721 const char *structure_name;
722
723 /*
724 * The EVP_PKEY_xxx type macro. Should be zero for type specific
725 * structures, non-zero when the outermost structure is PKCS#8 or
726 * SubjectPublicKeyInfo. This determines which of the function
727 * pointers below will be used.
728 */
729 int evp_type;
730
731 /* The selection mask for OSSL_FUNC_decoder_does_selection() */
732 int selection_mask;
733
734 /* For type specific decoders, we use the corresponding d2i */
735 d2i_of_void *d2i_private_key; /* From type-specific DER */
736 d2i_of_void *d2i_public_key; /* From type-specific DER */
737 d2i_of_void *d2i_key_params; /* From type-specific DER */
738 d2i_PKCS8_fn *d2i_PKCS8; /* Wrapped in a PrivateKeyInfo */
739 d2i_of_void *d2i_PUBKEY; /* Wrapped in a SubjectPublicKeyInfo */
740
741 /*
742 * For any key, we may need to check that the key meets expectations.
743 * This is useful when the same functions can decode several variants
744 * of a key.
745 */
746 check_key_fn *check_key;
747
748 /*
749 * For any key, we may need to make provider specific adjustments, such
750 * as ensure the key carries the correct library context.
751 */
752 adjust_key_fn *adjust_key;
753 /* {type}_free() */
754 free_key_fn *free_key;
755 };
756
757 /*
758 * Start blatant code steal. Alternative: Open up d2i_X509_PUBKEY_INTERNAL
759 * as per https://github.com/openssl/openssl/issues/16697 (TBD)
760 * Code from openssl/crypto/x509/x_pubkey.c as
761 * ossl_d2i_X509_PUBKEY_INTERNAL is presently not public
762 */
763 struct X509_pubkey_st {
764 X509_ALGOR *algor;
765 ASN1_BIT_STRING *public_key;
766
767 EVP_PKEY *pkey;
768
769 /* extra data for the callback, used by d2i_PUBKEY_ex */
770 OSSL_LIB_CTX *libctx;
771 char *propq;
772 };
773
774 ASN1_SEQUENCE(X509_PUBKEY_INTERNAL) = {
775 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
776 ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
777 } static_ASN1_SEQUENCE_END_name(X509_PUBKEY, X509_PUBKEY_INTERNAL)
778
779 static X509_PUBKEY
780 * fake_rsa_d2i_X509_PUBKEY_INTERNAL(const unsigned char **pp, long len, OSSL_LIB_CTX *libctx)
781 {
782 X509_PUBKEY *xpub = OPENSSL_zalloc(sizeof(*xpub));
783
784 if (xpub == NULL)
785 return NULL;
786 return (X509_PUBKEY *)ASN1_item_d2i_ex((ASN1_VALUE **)&xpub, pp, len,
787 ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL),
788 libctx, NULL);
789 }
790 /* end steal https://github.com/openssl/openssl/issues/16697 */
791
792 /*
793 * Context used for DER to key decoding.
794 */
795 struct der2key_ctx_st {
796 PROV_FAKE_RSA_CTX *provctx;
797 struct keytype_desc_st *desc;
798 /* The selection that is passed to fake_rsa_der2key_decode() */
799 int selection;
800 /* Flag used to signal that a failure is fatal */
801 unsigned int flag_fatal : 1;
802 };
803
fake_rsa_read_der(PROV_FAKE_RSA_CTX * provctx,OSSL_CORE_BIO * cin,unsigned char ** data,long * len)804 static int fake_rsa_read_der(PROV_FAKE_RSA_CTX *provctx, OSSL_CORE_BIO *cin,
805 unsigned char **data, long *len)
806 {
807 BUF_MEM *mem = NULL;
808 BIO *in = BIO_new_from_core_bio(provctx->libctx, cin);
809 int ok = (asn1_d2i_read_bio(in, &mem) >= 0);
810
811 if (ok) {
812 *data = (unsigned char *)mem->data;
813 *len = (long)mem->length;
814 OPENSSL_free(mem);
815 }
816 BIO_free(in);
817 return ok;
818 }
819
820 typedef void *key_from_pkcs8_t(const PKCS8_PRIV_KEY_INFO *p8inf,
821 OSSL_LIB_CTX *libctx, const char *propq);
fake_rsa_der2key_decode_p8(const unsigned char ** input_der,long input_der_len,struct der2key_ctx_st * ctx,key_from_pkcs8_t * key_from_pkcs8)822 static void *fake_rsa_der2key_decode_p8(const unsigned char **input_der,
823 long input_der_len, struct der2key_ctx_st *ctx,
824 key_from_pkcs8_t *key_from_pkcs8)
825 {
826 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
827 const X509_ALGOR *alg = NULL;
828 void *key = NULL;
829
830 if ((p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, input_der, input_der_len)) != NULL
831 && PKCS8_pkey_get0(NULL, NULL, NULL, &alg, p8inf)
832 && OBJ_obj2nid(alg->algorithm) == ctx->desc->evp_type)
833 key = key_from_pkcs8(p8inf, PROV_FAKE_RSA_LIBCTX_OF(ctx->provctx), NULL);
834 PKCS8_PRIV_KEY_INFO_free(p8inf);
835
836 return key;
837 }
838
fake_rsa_d2i_PUBKEY(struct fake_rsa_keydata ** a,const unsigned char ** pp,long length)839 static struct fake_rsa_keydata *fake_rsa_d2i_PUBKEY(struct fake_rsa_keydata **a,
840 const unsigned char **pp, long length)
841 {
842 struct fake_rsa_keydata *key = NULL;
843 X509_PUBKEY *xpk;
844
845 xpk = fake_rsa_d2i_X509_PUBKEY_INTERNAL(pp, length, NULL);
846 if (xpk == NULL)
847 goto err_exit;
848
849 key = fake_rsa_keymgmt_new(NULL);
850 if (key == NULL)
851 goto err_exit;
852
853 key->status = FAKE_RSA_STATUS_DECODED;
854
855 if (a != NULL) {
856 fake_rsa_keymgmt_free(*a);
857 *a = key;
858 }
859
860 err_exit:
861 X509_PUBKEY_free(xpk);
862 return key;
863 }
864
865 /* ---------------------------------------------------------------------- */
866
867 static OSSL_FUNC_decoder_freectx_fn der2key_freectx;
868 static OSSL_FUNC_decoder_decode_fn fake_rsa_der2key_decode;
869 static OSSL_FUNC_decoder_export_object_fn der2key_export_object;
870
871 static struct der2key_ctx_st *
der2key_newctx(void * provctx,struct keytype_desc_st * desc,const char * tls_name)872 der2key_newctx(void *provctx, struct keytype_desc_st *desc, const char *tls_name)
873 {
874 struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx));
875
876 if (ctx != NULL) {
877 ctx->provctx = provctx;
878 ctx->desc = desc;
879 if (desc->evp_type == 0)
880 ctx->desc->evp_type = OBJ_sn2nid(tls_name);
881 }
882 return ctx;
883 }
884
der2key_freectx(void * vctx)885 static void der2key_freectx(void *vctx)
886 {
887 struct der2key_ctx_st *ctx = vctx;
888
889 OPENSSL_free(ctx);
890 }
891
der2key_check_selection(int selection,const struct keytype_desc_st * desc)892 static int der2key_check_selection(int selection,
893 const struct keytype_desc_st *desc)
894 {
895 /*
896 * The selections are kinda sorta "levels", i.e. each selection given
897 * here is assumed to include those following.
898 */
899 int checks[] = {
900 OSSL_KEYMGMT_SELECT_PRIVATE_KEY,
901 OSSL_KEYMGMT_SELECT_PUBLIC_KEY,
902 OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
903 };
904 size_t i;
905
906 /* The decoder implementations made here support guessing */
907 if (selection == 0)
908 return 1;
909
910 for (i = 0; i < OSSL_NELEM(checks); i++) {
911 int check1 = (selection & checks[i]) != 0;
912 int check2 = (desc->selection_mask & checks[i]) != 0;
913
914 /*
915 * If the caller asked for the currently checked bit(s), return
916 * whether the decoder description says it's supported.
917 */
918 if (check1)
919 return check2;
920 }
921
922 /* This should be dead code, but just to be safe... */
923 return 0;
924 }
925
fake_rsa_der2key_decode(void * vctx,OSSL_CORE_BIO * cin,int selection,OSSL_CALLBACK * data_cb,void * data_cbarg,OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)926 static int fake_rsa_der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
927 OSSL_CALLBACK *data_cb, void *data_cbarg,
928 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
929 {
930 struct der2key_ctx_st *ctx = vctx;
931 unsigned char *der = NULL;
932 const unsigned char *derp;
933 long der_len = 0;
934 void *key = NULL;
935 int ok = 0;
936
937 ctx->selection = selection;
938 /*
939 * The caller is allowed to specify 0 as a selection mark, to have the
940 * structure and key type guessed. For type-specific structures, this
941 * is not recommended, as some structures are very similar.
942 * Note that 0 isn't the same as OSSL_KEYMGMT_SELECT_ALL, as the latter
943 * signifies a private key structure, where everything else is assumed
944 * to be present as well.
945 */
946 if (selection == 0)
947 selection = ctx->desc->selection_mask;
948 if ((selection & ctx->desc->selection_mask) == 0) {
949 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
950 return 0;
951 }
952
953 ok = fake_rsa_read_der(ctx->provctx, cin, &der, &der_len);
954 if (!ok)
955 goto next;
956
957 ok = 0; /* Assume that we fail */
958
959 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
960 derp = der;
961 if (ctx->desc->d2i_PKCS8 != NULL) {
962 key = ctx->desc->d2i_PKCS8(NULL, &derp, der_len, ctx);
963 if (ctx->flag_fatal)
964 goto end;
965 } else if (ctx->desc->d2i_private_key != NULL) {
966 key = ctx->desc->d2i_private_key(NULL, &derp, der_len);
967 }
968 if (key == NULL && ctx->selection != 0)
969 goto next;
970 }
971 if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) {
972 derp = der;
973 if (ctx->desc->d2i_PUBKEY != NULL)
974 key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len);
975 else
976 key = ctx->desc->d2i_public_key(NULL, &derp, der_len);
977 if (key == NULL && ctx->selection != 0)
978 goto next;
979 }
980 if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) {
981 derp = der;
982 if (ctx->desc->d2i_key_params != NULL)
983 key = ctx->desc->d2i_key_params(NULL, &derp, der_len);
984 if (key == NULL && ctx->selection != 0)
985 goto next;
986 }
987
988 /*
989 * Last minute check to see if this was the correct type of key. This
990 * should never lead to a fatal error, i.e. the decoding itself was
991 * correct, it was just an unexpected key type. This is generally for
992 * classes of key types that have subtle variants, like RSA-PSS keys as
993 * opposed to plain RSA keys.
994 */
995 if (key != NULL
996 && ctx->desc->check_key != NULL
997 && !ctx->desc->check_key(key, ctx)) {
998 ctx->desc->free_key(key);
999 key = NULL;
1000 }
1001
1002 if (key != NULL && ctx->desc->adjust_key != NULL)
1003 ctx->desc->adjust_key(key, ctx);
1004
1005 next:
1006 /*
1007 * Indicated that we successfully decoded something, or not at all.
1008 * Ending up "empty handed" is not an error.
1009 */
1010 ok = 1;
1011
1012 /*
1013 * We free memory here so it's not held up during the callback, because
1014 * we know the process is recursive and the allocated chunks of memory
1015 * add up.
1016 */
1017 OPENSSL_free(der);
1018 der = NULL;
1019
1020 if (key != NULL) {
1021 OSSL_PARAM params[4];
1022 int object_type = OSSL_OBJECT_PKEY;
1023
1024 params[0] = OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type);
1025 params[1] = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
1026 (char *)ctx->desc->keytype_name,
1027 0);
1028 /* The address of the key becomes the octet string */
1029 params[2] = OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE,
1030 &key, sizeof(key));
1031 params[3] = OSSL_PARAM_construct_end();
1032
1033 ok = data_cb(params, data_cbarg);
1034 }
1035
1036 end:
1037 ctx->desc->free_key(key);
1038 OPENSSL_free(der);
1039
1040 return ok;
1041 }
1042
1043 static OSSL_FUNC_keymgmt_export_fn *
fake_rsa_prov_get_keymgmt_export(const OSSL_DISPATCH * fns)1044 fake_rsa_prov_get_keymgmt_export(const OSSL_DISPATCH *fns)
1045 {
1046 /* Pilfer the keymgmt dispatch table */
1047 for (; fns->function_id != 0; fns++)
1048 if (fns->function_id == OSSL_FUNC_KEYMGMT_EXPORT)
1049 return OSSL_FUNC_keymgmt_export(fns);
1050
1051 return NULL;
1052 }
1053
der2key_export_object(void * vctx,const void * reference,size_t reference_sz,OSSL_CALLBACK * export_cb,void * export_cbarg)1054 static int der2key_export_object(void *vctx,
1055 const void *reference, size_t reference_sz,
1056 OSSL_CALLBACK *export_cb, void *export_cbarg)
1057 {
1058 struct der2key_ctx_st *ctx = vctx;
1059 OSSL_FUNC_keymgmt_export_fn *export = fake_rsa_prov_get_keymgmt_export(ctx->desc->fns);
1060 void *keydata;
1061
1062 if (reference_sz == sizeof(keydata) && export != NULL) {
1063 /* The contents of the reference is the address to our object */
1064 keydata = *(void **)reference;
1065
1066 return export(keydata, ctx->selection, export_cb, export_cbarg);
1067 }
1068 return 0;
1069 }
1070
1071 /* ---------------------------------------------------------------------- */
1072
fake_rsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO * p8inf,OSSL_LIB_CTX * libctx,const char * propq)1073 static struct fake_rsa_keydata *fake_rsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
1074 OSSL_LIB_CTX *libctx, const char *propq)
1075 {
1076 struct fake_rsa_keydata *key = fake_rsa_keymgmt_new(NULL);
1077
1078 if (key)
1079 key->status = FAKE_RSA_STATUS_DECODED;
1080 return key;
1081 }
1082
1083 #define rsa_evp_type EVP_PKEY_RSA
1084
fake_rsa_d2i_PKCS8(void ** key,const unsigned char ** der,long der_len,struct der2key_ctx_st * ctx)1085 static void *fake_rsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len,
1086 struct der2key_ctx_st *ctx)
1087 {
1088 return fake_rsa_der2key_decode_p8(der, der_len, ctx,
1089 (key_from_pkcs8_t *)fake_rsa_key_from_pkcs8);
1090 }
1091
fake_rsa_key_adjust(void * key,struct der2key_ctx_st * ctx)1092 static void fake_rsa_key_adjust(void *key, struct der2key_ctx_st *ctx)
1093 {
1094 }
1095
1096 /* ---------------------------------------------------------------------- */
1097
1098 #define DO_PrivateKeyInfo(keytype) \
1099 "PrivateKeyInfo", keytype##_evp_type, \
1100 (OSSL_KEYMGMT_SELECT_PRIVATE_KEY), \
1101 NULL, \
1102 NULL, \
1103 NULL, \
1104 fake_rsa_d2i_PKCS8, \
1105 NULL, \
1106 NULL, \
1107 fake_rsa_key_adjust, \
1108 (free_key_fn *)fake_rsa_keymgmt_free
1109
1110 #define DO_SubjectPublicKeyInfo(keytype) \
1111 "SubjectPublicKeyInfo", keytype##_evp_type, \
1112 (OSSL_KEYMGMT_SELECT_PUBLIC_KEY), \
1113 NULL, \
1114 NULL, \
1115 NULL, \
1116 NULL, \
1117 (d2i_of_void *)fake_rsa_d2i_PUBKEY, \
1118 NULL, \
1119 fake_rsa_key_adjust, \
1120 (free_key_fn *)fake_rsa_keymgmt_free
1121
1122 /*
1123 * MAKE_DECODER is the single driver for creating OSSL_DISPATCH tables.
1124 * It takes the following arguments:
1125 *
1126 * keytype_name The implementation key type as a string.
1127 * keytype The implementation key type. This must correspond exactly
1128 * to our existing keymgmt keytype names... in other words,
1129 * there must exist an ossl_##keytype##_keymgmt_functions.
1130 * type The type name for the set of functions that implement the
1131 * decoder for the key type. This isn't necessarily the same
1132 * as keytype. For example, the key types ed25519, ed448,
1133 * x25519 and x448 are all handled by the same functions with
1134 * the common type name ecx.
1135 * kind The kind of support to implement. This translates into
1136 * the DO_##kind macros above, to populate the keytype_desc_st
1137 * structure.
1138 */
1139 #define MAKE_DECODER(keytype_name, keytype, type, kind) \
1140 static struct keytype_desc_st kind##_##keytype##_desc = { keytype_name, fake_rsa_keymgmt_funcs, \
1141 DO_##kind(keytype) }; \
1142 \
1143 static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \
1144 \
1145 static void *kind##_der2##keytype##_newctx(void *provctx) \
1146 { \
1147 return der2key_newctx(provctx, &kind##_##keytype##_desc, keytype_name); \
1148 } \
1149 static int kind##_der2##keytype##_does_selection(void *provctx, \
1150 int selection) \
1151 { \
1152 return der2key_check_selection(selection, \
1153 &kind##_##keytype##_desc); \
1154 } \
1155 static const OSSL_DISPATCH \
1156 fake_rsa_##kind##_der_to_##keytype##_decoder_functions[] \
1157 = { \
1158 { OSSL_FUNC_DECODER_NEWCTX, \
1159 (void (*)(void))kind##_der2##keytype##_newctx }, \
1160 { OSSL_FUNC_DECODER_FREECTX, \
1161 (void (*)(void))der2key_freectx }, \
1162 { OSSL_FUNC_DECODER_DOES_SELECTION, \
1163 (void (*)(void))kind##_der2##keytype##_does_selection }, \
1164 { OSSL_FUNC_DECODER_DECODE, \
1165 (void (*)(void))fake_rsa_der2key_decode }, \
1166 { OSSL_FUNC_DECODER_EXPORT_OBJECT, \
1167 (void (*)(void))der2key_export_object }, \
1168 OSSL_DISPATCH_END \
1169 }
1170
1171 MAKE_DECODER("RSA", rsa, rsa, PrivateKeyInfo);
1172 MAKE_DECODER("RSA", rsa, rsa, SubjectPublicKeyInfo);
1173
1174 static const OSSL_ALGORITHM fake_rsa_decoder_algs[] = {
1175 #define DECODER_PROVIDER "fake-rsa"
1176 #define DECODER_STRUCTURE_SubjectPublicKeyInfo "SubjectPublicKeyInfo"
1177 #define DECODER_STRUCTURE_PrivateKeyInfo "PrivateKeyInfo"
1178
1179 /* Arguments are prefixed with '_' to avoid build breaks on certain platforms */
1180 /*
1181 * Obviously this is not FIPS approved, but in order to test in conjunction
1182 * with the FIPS provider we pretend that it is.
1183 */
1184
1185 #define DECODER(_name, _input, _output) \
1186 { _name, \
1187 "provider=" DECODER_PROVIDER ",fips=yes,input=" #_input, \
1188 (fake_rsa_##_input##_to_##_output##_decoder_functions) }
1189 #define DECODER_w_structure(_name, _input, _structure, _output) \
1190 { _name, \
1191 "provider=" DECODER_PROVIDER ",fips=yes,input=" #_input \
1192 ",structure=" DECODER_STRUCTURE_##_structure, \
1193 (fake_rsa_##_structure##_##_input##_to_##_output##_decoder_functions) }
1194
1195 DECODER_w_structure("RSA:rsaEncryption", der, PrivateKeyInfo, rsa),
1196 DECODER_w_structure("RSA:rsaEncryption", der, SubjectPublicKeyInfo, rsa),
1197 #undef DECODER_PROVIDER
1198 { NULL, NULL, NULL }
1199 };
1200
fake_rsa_query(void * provctx,int operation_id,int * no_cache)1201 static const OSSL_ALGORITHM *fake_rsa_query(void *provctx,
1202 int operation_id,
1203 int *no_cache)
1204 {
1205 *no_cache = 0;
1206 switch (operation_id) {
1207 case OSSL_OP_SIGNATURE:
1208 return fake_rsa_sig_algs;
1209
1210 case OSSL_OP_KEYMGMT:
1211 return fake_rsa_keymgmt_algs;
1212
1213 case OSSL_OP_STORE:
1214 return fake_rsa_store_algs;
1215
1216 case OSSL_OP_DECODER:
1217 return fake_rsa_decoder_algs;
1218 }
1219 return NULL;
1220 }
1221
fake_rsa_prov_teardown(void * provctx)1222 static void fake_rsa_prov_teardown(void *provctx)
1223 {
1224 PROV_FAKE_RSA_CTX *pctx = (PROV_FAKE_RSA_CTX *)provctx;
1225
1226 OSSL_LIB_CTX_free(pctx->libctx);
1227 OPENSSL_free(pctx);
1228 }
1229
1230 /* Functions we provide to the core */
1231 static const OSSL_DISPATCH fake_rsa_method[] = {
1232 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fake_rsa_prov_teardown },
1233 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fake_rsa_query },
1234 OSSL_DISPATCH_END
1235 };
1236
fake_rsa_provider_init(const OSSL_CORE_HANDLE * handle,const OSSL_DISPATCH * in,const OSSL_DISPATCH ** out,void ** provctx)1237 static int fake_rsa_provider_init(const OSSL_CORE_HANDLE *handle,
1238 const OSSL_DISPATCH *in,
1239 const OSSL_DISPATCH **out, void **provctx)
1240 {
1241 OSSL_LIB_CTX *libctx;
1242 PROV_FAKE_RSA_CTX *prov_ctx;
1243
1244 if (!TEST_ptr(libctx = OSSL_LIB_CTX_new_from_dispatch(handle, in)))
1245 return 0;
1246
1247 if (!TEST_ptr(prov_ctx = OPENSSL_malloc(sizeof(*prov_ctx)))) {
1248 OSSL_LIB_CTX_free(libctx);
1249 return 0;
1250 }
1251
1252 prov_ctx->libctx = libctx;
1253
1254 *provctx = prov_ctx;
1255 *out = fake_rsa_method;
1256 return 1;
1257 }
1258
fake_rsa_start(OSSL_LIB_CTX * libctx)1259 OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx)
1260 {
1261 OSSL_PROVIDER *p;
1262
1263 if (!TEST_true(OSSL_PROVIDER_add_builtin(libctx, "fake-rsa",
1264 fake_rsa_provider_init))
1265 || !TEST_ptr(p = OSSL_PROVIDER_try_load(libctx, "fake-rsa", 1)))
1266 return NULL;
1267
1268 return p;
1269 }
1270
fake_rsa_finish(OSSL_PROVIDER * p)1271 void fake_rsa_finish(OSSL_PROVIDER *p)
1272 {
1273 OSSL_PROVIDER_unload(p);
1274 }
1275