Add new provider encoders implementations for more output standards, take 2 #13167
Conversation
levitte
added
branch: master
|
A note on #13140: Without that PR, the new test The explanation is that the DH parameter generation in |
levitte
changed the title
|
Since I had commented on #13095 I felt obligated to take at least a quick look. The overall approach seems reasonable (i.e., better than 13095), though I didn't look in terribly close detail. I agree with Tomáš that OSSL_ENCODER_CTX_prune_encoders() should probably be an implementation detail -- furthermore, is there any case where ending up with n>1 encoders left is a success case? I will leave with one potentially controversial thought: the "type-specific" output structure seems to be organized solely by the legacy of historic openssl behavior. Perhaps "legacy" would be appropriate to include as part of the name, since we want to try to normalize on pkcs8 usage going forward? |
In the end? Yes, the idea is that it should be possible to get a chain, i.e. key_to_DER -> DER_to_PEM. We currently don't have that in our encoders, but I do plan to refactor that, in a separate PR. |
The "old", "historic" and "legacy" terms have been argued against, with the argument that standards like PKCS#1 aren't legacy, so I'm trying hard to not ruffle those feathers yet again. "type-specific" is the best I could come up with as a general mnemonic that doesn't imply lesser validity. As for enforcing PKCS#8, you'll note that PEM_write_bio_PrivateKey() does that unconditionally. For OSSL_ENCODER and OSSL_DECODER, this is much more in the hands of the caller, i.e. they are in control no matter what. We can encourage them to use PKCS#8 (or whatever we fancy in the future), but we can't force anything. Let's not forget that since this depends on the providers, the user may use whatever provider they want with whatever structures that one supports. All we can control is how we use OSSL_ENCODER and OSSL_DECODER internally and in our apps. |
Ah, thanks. The "chain" part didn't make it through my thick skull, and I was naively assume some kind of parallel outputs, which obviously doesn't work well with the API surface in question. |
|
The CI failure is relevant |
Some of it yeah... some of it is because #13140 needs to go in first |
levitte
force-pushed
the
more-encoders-2
branch
4 times, most recently
from
297d25d
to
4e20ebe
Compare
levitte
changed the title
levitte
force-pushed
the
more-encoders-2
branch
from
4e20ebe
to
1539dd6
Compare
levitte
changed the title
|
Back to WIP to work on removing OSSL_ENCODER_CTX_prune_encoders() |
slontis
added
approval: done
|
Do the following things need to be tracked for 3.0.0 or even beta1?
|
|
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
paulidale
added
approval: ready to merge
|
These items should be tracked for beta 1. |
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #13167)
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #13167)
OSSL_FUNC_encoder_does_selection() is a dispatchable encoder implementation function that should return 1 if the given |selection| is supported by an encoder implementation and 0 if not. This can be used by libcrypto functionality to figure out if an encoder implementation should be considered or not. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #13167)
OSSL_ENCODER_CTX_new_by_EVP_PKEY() takes one more argument to express the desired outermost structure for the output. This also adds OSSL_ENCODER_CTX_prune_encoders(), which is used to reduce the stack of encoders found according to criteria formed from the combination of desired selection, output type and output structure. squash! ENCODER: Add output structure support for EVP_PKEY encoding Replace the paragraph talking about OSSL_ENCODER_CTX_prune_encoders() with: The encoding processor encoder_process() is enhanced with better analysis of the stack of encoder implementations. To avoid having to keep an on the side array of information, it uses recursion. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #13167)
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #13167)
The base functionality to implement the keypair encoders doesn't
change much, but this results in a more massive amount of
OSSL_DISPATCH and OSSL_ALGORITHM arrays, to support a fine grained
selection of implementation based on what parts of the keypair
structure (combinations of key parameters, public key and private key)
should be output, the output type ("TEXT", "DER" or "PEM") and the
outermost output structure ("pkcs8", "SubjectPublicKeyInfo", key
type specific structures, ...).
We add support for the generic structure name "type-specific", to
allow selecting that without knowing the exact name of that structure.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from #13167)
This also modifies i2d_PublicKey() and i2d_KeyParams() to support provided keys. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #13167)
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #13167)
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #13167)
The FIPS provider module doesn't have any encoders, the base provider is needed for that. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #13167)
|
Merged 45da4a0 CORE: Add support for specifying the outermost object structure |
The current encoder implementations only supported PKCS#8 output for private keys and SubjectPublicKeyInfo for public keys. However, if we are to deprecate key type specific i2d_ and PEM_write_ functions in favor of using OSSL_ENCODER, the users need an easy enough migration path to do what they've done so far.
The encoders are now enhanced to cover most of those cases, and are classified like this (visible in the OSSL_DISPATCH array names):
Corresponding entries are added to the appropriate OSSL_ALGORITHM tables.
To make it possible for the user as well is libcrypto internals to specify precisely what kind of structure is desired, the OSSL_ENCODER API has been enhanced to handle an output structure parameter alongside the output type. OSSL_ENCODER_CTX_new_by_EVP_PKEY() has been modified to reflect this.
It is permitted to use NULL for the output structure for the cases where that's not relevant (which is the case for MSBLOB and PVK output types), or the caller doesn't care.
For our internal uses, the output structure types "type-specific", "pkcs8" and "SubjectPublicKeyInfo" are used uniformly. That allows us to map deprecated functionality to the corresponding OSSL_ENCODER calls without having to have special knowledge of the more standardised structure names for each key type in libcrypto. Additional structure names are only added for the convenience of the users that may wish to use OSSL_ENCODER directly and use structure names that suit them better.
NOTES:
This PR replaces #13095, and depends on #13166 and #13140
This PR does not implement MSBLOB and PVK encoders, that's left to be done in another PR.
This PR does not implement a separate DER->PEM encoder, that's left to be done in another PR.