Classes | Functions | Variables
ssl_privkey.cc File Reference
#include <openssl/ssl.h>
#include <assert.h>
#include <limits.h>
#include <openssl/ec.h>
#include <openssl/ec_key.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/mem.h>
#include "internal.h"
#include "../crypto/internal.h"
Include dependency graph for ssl_privkey.cc:

Go to the source code of this file.

Classes

struct  SSL_SIGNATURE_ALGORITHM
 

Functions

static int compare_uint16_t (const void *p1, const void *p2)
 
static const SSL_SIGNATURE_ALGORITHMget_signature_algorithm (uint16_t sigalg)
 
static bool parse_sigalg_pairs (Array< uint16_t > *out, const int *values, size_t num_values)
 
static bool parse_sigalgs_list (Array< uint16_t > *out, const char *str)
 
static bool pkey_supports_algorithm (const SSL *ssl, EVP_PKEY *pkey, uint16_t sigalg)
 
static bool setup_ctx (SSL *ssl, EVP_MD_CTX *ctx, EVP_PKEY *pkey, uint16_t sigalg, bool is_verify)
 
static bool sigalgs_unique (Span< const uint16_t > in_sigalgs)
 
int SSL_CTX_set1_sigalgs (SSL_CTX *ctx, const int *values, size_t num_values)
 
int SSL_CTX_set1_sigalgs_list (SSL_CTX *ctx, const char *str)
 
void SSL_CTX_set_private_key_method (SSL_CTX *ctx, const SSL_PRIVATE_KEY_METHOD *key_method)
 
int SSL_CTX_set_signing_algorithm_prefs (SSL_CTX *ctx, const uint16_t *prefs, size_t num_prefs)
 
int SSL_CTX_set_verify_algorithm_prefs (SSL_CTX *ctx, const uint16_t *prefs, size_t num_prefs)
 
int SSL_CTX_use_PrivateKey (SSL_CTX *ctx, EVP_PKEY *pkey)
 
int SSL_CTX_use_PrivateKey_ASN1 (int type, SSL_CTX *ctx, const uint8_t *der, size_t der_len)
 
int SSL_CTX_use_RSAPrivateKey (SSL_CTX *ctx, RSA *rsa)
 
int SSL_CTX_use_RSAPrivateKey_ASN1 (SSL_CTX *ctx, const uint8_t *der, size_t der_len)
 
const EVP_MDSSL_get_signature_algorithm_digest (uint16_t sigalg)
 
int SSL_get_signature_algorithm_key_type (uint16_t sigalg)
 
const char * SSL_get_signature_algorithm_name (uint16_t sigalg, int include_curve)
 
bool ssl_has_private_key (const SSL_HANDSHAKE *hs)
 
BSSL_NAMESPACE_BEGIN bool ssl_is_key_type_supported (int key_type)
 
int SSL_is_signature_algorithm_rsa_pss (uint16_t sigalg)
 
enum ssl_private_key_result_t ssl_private_key_decrypt (SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len, size_t max_out, Span< const uint8_t > in)
 
enum ssl_private_key_result_t ssl_private_key_sign (SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len, size_t max_out, uint16_t sigalg, Span< const uint8_t > in)
 
bool ssl_private_key_supports_signature_algorithm (SSL_HANDSHAKE *hs, uint16_t sigalg)
 
bool ssl_public_key_verify (SSL *ssl, Span< const uint8_t > signature, uint16_t sigalg, EVP_PKEY *pkey, Span< const uint8_t > in)
 
int SSL_set1_sigalgs (SSL *ssl, const int *values, size_t num_values)
 
int SSL_set1_sigalgs_list (SSL *ssl, const char *str)
 
static bool ssl_set_pkey (CERT *cert, EVP_PKEY *pkey)
 
void SSL_set_private_key_method (SSL *ssl, const SSL_PRIVATE_KEY_METHOD *key_method)
 
int SSL_set_signing_algorithm_prefs (SSL *ssl, const uint16_t *prefs, size_t num_prefs)
 
int SSL_set_verify_algorithm_prefs (SSL *ssl, const uint16_t *prefs, size_t num_prefs)
 
int SSL_use_PrivateKey (SSL *ssl, EVP_PKEY *pkey)
 
int SSL_use_PrivateKey_ASN1 (int type, SSL *ssl, const uint8_t *der, size_t der_len)
 
int SSL_use_RSAPrivateKey (SSL *ssl, RSA *rsa)
 
int SSL_use_RSAPrivateKey_ASN1 (SSL *ssl, const uint8_t *der, size_t der_len)
 

Variables

static constexpr size_t kMaxSignatureAlgorithmNameLen = 23
 
struct {
   const char   name [kMaxSignatureAlgorithmNameLen]
 
   uint16_t   signature_algorithm
 
kSignatureAlgorithmNames []
 
static const SSL_SIGNATURE_ALGORITHM kSignatureAlgorithms []
 
struct {
   int   hash_nid
 
   int   pkey_type
 
   uint16_t   signature_algorithm
 
kSignatureAlgorithmsMapping []
 

Function Documentation

◆ compare_uint16_t()

static int compare_uint16_t ( const void *  p1,
const void *  p2 
)
static

Definition at line 563 of file ssl_privkey.cc.

◆ get_signature_algorithm()

static const SSL_SIGNATURE_ALGORITHM* get_signature_algorithm ( uint16_t  sigalg)
static

Definition at line 127 of file ssl_privkey.cc.

◆ parse_sigalg_pairs()

static bool parse_sigalg_pairs ( Array< uint16_t > *  out,
const int values,
size_t  num_values 
)
static

Definition at line 529 of file ssl_privkey.cc.

◆ parse_sigalgs_list()

static bool parse_sigalgs_list ( Array< uint16_t > *  out,
const char *  str 
)
static

Definition at line 633 of file ssl_privkey.cc.

◆ pkey_supports_algorithm()

static bool pkey_supports_algorithm ( const SSL ssl,
EVP_PKEY pkey,
uint16_t  sigalg 
)
static

Definition at line 146 of file ssl_privkey.cc.

◆ setup_ctx()

static bool setup_ctx ( SSL ssl,
EVP_MD_CTX ctx,
EVP_PKEY pkey,
uint16_t  sigalg,
bool  is_verify 
)
static

Definition at line 172 of file ssl_privkey.cc.

◆ sigalgs_unique()

static bool sigalgs_unique ( Span< const uint16_t in_sigalgs)
static

Definition at line 575 of file ssl_privkey.cc.

◆ SSL_CTX_set1_sigalgs()

int SSL_CTX_set1_sigalgs ( SSL_CTX ctx,
const int values,
size_t  num_values 
)

Definition at line 597 of file ssl_privkey.cc.

◆ SSL_CTX_set1_sigalgs_list()

int SSL_CTX_set1_sigalgs_list ( SSL_CTX ctx,
const char *  str 
)

Definition at line 787 of file ssl_privkey.cc.

◆ SSL_CTX_set_private_key_method()

void SSL_CTX_set_private_key_method ( SSL_CTX ctx,
const SSL_PRIVATE_KEY_METHOD key_method 
)

Definition at line 429 of file ssl_privkey.cc.

◆ SSL_CTX_set_signing_algorithm_prefs()

int SSL_CTX_set_signing_algorithm_prefs ( SSL_CTX ctx,
const uint16_t prefs,
size_t  num_prefs 
)

Definition at line 497 of file ssl_privkey.cc.

◆ SSL_CTX_set_verify_algorithm_prefs()

int SSL_CTX_set_verify_algorithm_prefs ( SSL_CTX ctx,
const uint16_t prefs,
size_t  num_prefs 
)

Definition at line 824 of file ssl_privkey.cc.

◆ SSL_CTX_use_PrivateKey()

int SSL_CTX_use_PrivateKey ( SSL_CTX ctx,
EVP_PKEY pkey 
)

Definition at line 395 of file ssl_privkey.cc.

◆ SSL_CTX_use_PrivateKey_ASN1()

int SSL_CTX_use_PrivateKey_ASN1 ( int  type,
SSL_CTX ctx,
const uint8_t der,
size_t  der_len 
)

Definition at line 404 of file ssl_privkey.cc.

◆ SSL_CTX_use_RSAPrivateKey()

int SSL_CTX_use_RSAPrivateKey ( SSL_CTX ctx,
RSA rsa 
)

Definition at line 368 of file ssl_privkey.cc.

◆ SSL_CTX_use_RSAPrivateKey_ASN1()

int SSL_CTX_use_RSAPrivateKey_ASN1 ( SSL_CTX ctx,
const uint8_t der,
size_t  der_len 
)

Definition at line 384 of file ssl_privkey.cc.

◆ SSL_get_signature_algorithm_digest()

const EVP_MD* SSL_get_signature_algorithm_digest ( uint16_t  sigalg)

Definition at line 484 of file ssl_privkey.cc.

◆ SSL_get_signature_algorithm_key_type()

int SSL_get_signature_algorithm_key_type ( uint16_t  sigalg)

Definition at line 479 of file ssl_privkey.cc.

◆ SSL_get_signature_algorithm_name()

const char* SSL_get_signature_algorithm_name ( uint16_t  sigalg,
int  include_curve 
)

Definition at line 457 of file ssl_privkey.cc.

◆ ssl_has_private_key()

bool ssl_has_private_key ( const SSL_HANDSHAKE hs)

Definition at line 136 of file ssl_privkey.cc.

◆ ssl_is_key_type_supported()

BSSL_NAMESPACE_BEGIN bool ssl_is_key_type_supported ( int  key_type)

Definition at line 74 of file ssl_privkey.cc.

◆ SSL_is_signature_algorithm_rsa_pss()

int SSL_is_signature_algorithm_rsa_pss ( uint16_t  sigalg)

Definition at line 492 of file ssl_privkey.cc.

◆ ssl_private_key_decrypt()

enum ssl_private_key_result_t ssl_private_key_decrypt ( SSL_HANDSHAKE hs,
uint8_t out,
size_t *  out_len,
size_t  max_out,
Span< const uint8_t in 
)

Definition at line 252 of file ssl_privkey.cc.

◆ ssl_private_key_sign()

enum ssl_private_key_result_t ssl_private_key_sign ( SSL_HANDSHAKE hs,
uint8_t out,
size_t *  out_len,
size_t  max_out,
uint16_t  sigalg,
Span< const uint8_t in 
)

Definition at line 200 of file ssl_privkey.cc.

◆ ssl_private_key_supports_signature_algorithm()

bool ssl_private_key_supports_signature_algorithm ( SSL_HANDSHAKE hs,
uint16_t  sigalg 
)

Definition at line 290 of file ssl_privkey.cc.

◆ ssl_public_key_verify()

bool ssl_public_key_verify ( SSL ssl,
Span< const uint8_t signature,
uint16_t  sigalg,
EVP_PKEY pkey,
Span< const uint8_t in 
)

Definition at line 236 of file ssl_privkey.cc.

◆ SSL_set1_sigalgs()

int SSL_set1_sigalgs ( SSL ssl,
const int values,
size_t  num_values 
)

Definition at line 613 of file ssl_privkey.cc.

◆ SSL_set1_sigalgs_list()

int SSL_set1_sigalgs_list ( SSL ssl,
const char *  str 
)

Definition at line 804 of file ssl_privkey.cc.

◆ ssl_set_pkey()

static bool ssl_set_pkey ( CERT cert,
EVP_PKEY pkey 
)
static

Definition at line 79 of file ssl_privkey.cc.

◆ SSL_set_private_key_method()

void SSL_set_private_key_method ( SSL ssl,
const SSL_PRIVATE_KEY_METHOD key_method 
)

Definition at line 421 of file ssl_privkey.cc.

◆ SSL_set_signing_algorithm_prefs()

int SSL_set_signing_algorithm_prefs ( SSL ssl,
const uint16_t prefs,
size_t  num_prefs 
)

Definition at line 502 of file ssl_privkey.cc.

◆ SSL_set_verify_algorithm_prefs()

int SSL_set_verify_algorithm_prefs ( SSL ssl,
const uint16_t prefs,
size_t  num_prefs 
)

Definition at line 829 of file ssl_privkey.cc.

◆ SSL_use_PrivateKey()

int SSL_use_PrivateKey ( SSL ssl,
EVP_PKEY pkey 
)

Definition at line 342 of file ssl_privkey.cc.

◆ SSL_use_PrivateKey_ASN1()

int SSL_use_PrivateKey_ASN1 ( int  type,
SSL ssl,
const uint8_t der,
size_t  der_len 
)

Definition at line 351 of file ssl_privkey.cc.

◆ SSL_use_RSAPrivateKey()

int SSL_use_RSAPrivateKey ( SSL ssl,
RSA rsa 
)

Definition at line 316 of file ssl_privkey.cc.

◆ SSL_use_RSAPrivateKey_ASN1()

int SSL_use_RSAPrivateKey_ASN1 ( SSL ssl,
const uint8_t der,
size_t  der_len 
)

Definition at line 332 of file ssl_privkey.cc.

Variable Documentation

◆ hash_nid

int hash_nid

Definition at line 512 of file ssl_privkey.cc.

◆ kMaxSignatureAlgorithmNameLen

constexpr size_t kMaxSignatureAlgorithmNameLen = 23
staticconstexpr

Definition at line 434 of file ssl_privkey.cc.

◆ kSignatureAlgorithmNames

const { ... } kSignatureAlgorithmNames[]
Initial value:
= {
{SSL_SIGN_RSA_PKCS1_MD5_SHA1, "rsa_pkcs1_md5_sha1"},
{SSL_SIGN_RSA_PKCS1_SHA1, "rsa_pkcs1_sha1"},
{SSL_SIGN_RSA_PKCS1_SHA256, "rsa_pkcs1_sha256"},
{SSL_SIGN_RSA_PKCS1_SHA384, "rsa_pkcs1_sha384"},
{SSL_SIGN_RSA_PKCS1_SHA512, "rsa_pkcs1_sha512"},
{SSL_SIGN_ECDSA_SHA1, "ecdsa_sha1"},
{SSL_SIGN_ECDSA_SECP256R1_SHA256, "ecdsa_secp256r1_sha256"},
{SSL_SIGN_ECDSA_SECP384R1_SHA384, "ecdsa_secp384r1_sha384"},
{SSL_SIGN_ECDSA_SECP521R1_SHA512, "ecdsa_secp521r1_sha512"},
{SSL_SIGN_RSA_PSS_RSAE_SHA256, "rsa_pss_rsae_sha256"},
{SSL_SIGN_RSA_PSS_RSAE_SHA384, "rsa_pss_rsae_sha384"},
{SSL_SIGN_RSA_PSS_RSAE_SHA512, "rsa_pss_rsae_sha512"},
{SSL_SIGN_ED25519, "ed25519"},
}

◆ kSignatureAlgorithms

const SSL_SIGNATURE_ALGORITHM kSignatureAlgorithms[]
static
Initial value:
= {
{SSL_SIGN_RSA_PKCS1_MD5_SHA1, EVP_PKEY_RSA, NID_undef, &EVP_md5_sha1,
false},
{SSL_SIGN_RSA_PKCS1_SHA1, EVP_PKEY_RSA, NID_undef, &EVP_sha1, false},
{SSL_SIGN_RSA_PKCS1_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, false},
{SSL_SIGN_RSA_PKCS1_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, false},
{SSL_SIGN_RSA_PKCS1_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, false},
{SSL_SIGN_RSA_PSS_RSAE_SHA256, EVP_PKEY_RSA, NID_undef, &EVP_sha256, true},
{SSL_SIGN_RSA_PSS_RSAE_SHA384, EVP_PKEY_RSA, NID_undef, &EVP_sha384, true},
{SSL_SIGN_RSA_PSS_RSAE_SHA512, EVP_PKEY_RSA, NID_undef, &EVP_sha512, true},
{SSL_SIGN_ECDSA_SHA1, EVP_PKEY_EC, NID_undef, &EVP_sha1, false},
{SSL_SIGN_ECDSA_SECP256R1_SHA256, EVP_PKEY_EC, NID_X9_62_prime256v1,
&EVP_sha256, false},
{SSL_SIGN_ECDSA_SECP384R1_SHA384, EVP_PKEY_EC, NID_secp384r1, &EVP_sha384,
false},
{SSL_SIGN_ECDSA_SECP521R1_SHA512, EVP_PKEY_EC, NID_secp521r1, &EVP_sha512,
false},
{SSL_SIGN_ED25519, EVP_PKEY_ED25519, NID_undef, nullptr, false},
}

Definition at line 104 of file ssl_privkey.cc.

◆ kSignatureAlgorithmsMapping

constexpr { ... } kSignatureAlgorithmsMapping[]
Initial value:
= {
{EVP_PKEY_RSA, NID_sha1, SSL_SIGN_RSA_PKCS1_SHA1},
{EVP_PKEY_RSA, NID_sha256, SSL_SIGN_RSA_PKCS1_SHA256},
{EVP_PKEY_RSA, NID_sha384, SSL_SIGN_RSA_PKCS1_SHA384},
{EVP_PKEY_RSA, NID_sha512, SSL_SIGN_RSA_PKCS1_SHA512},
{EVP_PKEY_RSA_PSS, NID_sha256, SSL_SIGN_RSA_PSS_RSAE_SHA256},
{EVP_PKEY_RSA_PSS, NID_sha384, SSL_SIGN_RSA_PSS_RSAE_SHA384},
{EVP_PKEY_RSA_PSS, NID_sha512, SSL_SIGN_RSA_PSS_RSAE_SHA512},
{EVP_PKEY_EC, NID_sha1, SSL_SIGN_ECDSA_SHA1},
{EVP_PKEY_EC, NID_sha256, SSL_SIGN_ECDSA_SECP256R1_SHA256},
{EVP_PKEY_EC, NID_sha384, SSL_SIGN_ECDSA_SECP384R1_SHA384},
{EVP_PKEY_EC, NID_sha512, SSL_SIGN_ECDSA_SECP521R1_SHA512},
{EVP_PKEY_ED25519, NID_undef, SSL_SIGN_ED25519},
}

◆ name

const char name[kMaxSignatureAlgorithmNameLen]

Definition at line 440 of file ssl_privkey.cc.

◆ pkey_type

int pkey_type

Definition at line 511 of file ssl_privkey.cc.

◆ signature_algorithm

uint16_t signature_algorithm

Definition at line 439 of file ssl_privkey.cc.

SSL_SIGN_RSA_PSS_RSAE_SHA512
#define SSL_SIGN_RSA_PSS_RSAE_SHA512
Definition: ssl.h:1075
EVP_PKEY_EC
#define EVP_PKEY_EC
Definition: evp.h:178
EVP_md5_sha1
const OPENSSL_EXPORT EVP_MD * EVP_md5_sha1(void)
EVP_sha512
const OPENSSL_EXPORT EVP_MD * EVP_sha512(void)
SSL_SIGN_RSA_PSS_RSAE_SHA256
#define SSL_SIGN_RSA_PSS_RSAE_SHA256
Definition: ssl.h:1073
NID_X9_62_prime256v1
#define NID_X9_62_prime256v1
Definition: nid.h:1914
EVP_sha384
const OPENSSL_EXPORT EVP_MD * EVP_sha384(void)
EVP_PKEY_RSA_PSS
#define EVP_PKEY_RSA_PSS
Definition: evp.h:176
SSL_SIGN_RSA_PSS_RSAE_SHA384
#define SSL_SIGN_RSA_PSS_RSAE_SHA384
Definition: ssl.h:1074
EVP_PKEY_RSA
#define EVP_PKEY_RSA
Definition: evp.h:175
SSL_SIGN_ECDSA_SECP521R1_SHA512
#define SSL_SIGN_ECDSA_SECP521R1_SHA512
Definition: ssl.h:1072
NID_sha384
#define NID_sha384
Definition: nid.h:2998
EVP_sha256
const OPENSSL_EXPORT EVP_MD * EVP_sha256(void)
SSL_SIGN_RSA_PKCS1_SHA256
#define SSL_SIGN_RSA_PKCS1_SHA256
Definition: ssl.h:1066
EVP_PKEY_ED25519
#define EVP_PKEY_ED25519
Definition: evp.h:179
SSL_SIGN_RSA_PKCS1_SHA384
#define SSL_SIGN_RSA_PKCS1_SHA384
Definition: ssl.h:1067
SSL_SIGN_RSA_PKCS1_SHA512
#define SSL_SIGN_RSA_PKCS1_SHA512
Definition: ssl.h:1068
NID_secp521r1
#define NID_secp521r1
Definition: nid.h:3172
NID_sha256
#define NID_sha256
Definition: nid.h:2993
SSL_SIGN_RSA_PKCS1_SHA1
#define SSL_SIGN_RSA_PKCS1_SHA1
Definition: ssl.h:1065
NID_undef
#define NID_undef
Definition: nid.h:85
NID_sha1
#define NID_sha1
Definition: nid.h:372
NID_sha512
#define NID_sha512
Definition: nid.h:3003
SSL_SIGN_ED25519
#define SSL_SIGN_ED25519
Definition: ssl.h:1076
SSL_SIGN_RSA_PKCS1_MD5_SHA1
#define SSL_SIGN_RSA_PKCS1_MD5_SHA1
Definition: ssl.h:1081
EVP_sha1
const OPENSSL_EXPORT EVP_MD * EVP_sha1(void)
SSL_SIGN_ECDSA_SHA1
#define SSL_SIGN_ECDSA_SHA1
Definition: ssl.h:1069
NID_secp384r1
#define NID_secp384r1
Definition: nid.h:3168
SSL_SIGN_ECDSA_SECP384R1_SHA384
#define SSL_SIGN_ECDSA_SECP384R1_SHA384
Definition: ssl.h:1071
SSL_SIGN_ECDSA_SECP256R1_SHA256
#define SSL_SIGN_ECDSA_SECP256R1_SHA256
Definition: ssl.h:1070

grpc
Author(s):
autogenerated on Fri May 16 2025 03:01:31