2015-06-29 04:36:21 +01:00
|
|
|
EVP,151,BN_DECODE_ERROR
|
|
|
|
|
EVP,100,BUFFER_TOO_SMALL
|
|
|
|
|
EVP,101,COMMAND_NOT_SUPPORTED
|
|
|
|
|
EVP,146,CONTEXT_NOT_INITIALISED
|
|
|
|
|
EVP,143,DECODE_ERROR
|
|
|
|
|
EVP,104,DIFFERENT_KEY_TYPES
|
|
|
|
|
EVP,105,DIFFERENT_PARAMETERS
|
|
|
|
|
EVP,147,DIGEST_AND_KEY_TYPE_NOT_SUPPORTED
|
Implement new SPKI parsers.
Many consumers need SPKI support (X.509, TLS, QUIC, WebCrypto), each
with different ways to set signature parameters. SPKIs themselves can
get complex with id-RSASSA-PSS keys which come with various constraints
in the key parameters. This suggests we want a common in-library
representation of an SPKI.
This adds two new functions EVP_parse_public_key and
EVP_marshal_public_key which converts EVP_PKEY to and from SPKI and
implements X509_PUBKEY functions with them. EVP_PKEY seems to have been
intended to be able to express the supported SPKI types with
full-fidelity, so these APIs will continue this.
This means future support for id-RSASSA-PSS would *not* repurpose
EVP_PKEY_RSA. I'm worried about code assuming EVP_PKEY_RSA implies
acting on the RSA* is legal. Instead, it'd add an EVP_PKEY_RSA_PSS and
the data pointer would be some (exposed, so the caller may still check
key size, etc.) RSA_PSS_KEY struct. Internally, the EVP_PKEY_CTX
implementation would enforce the key constraints. If RSA_PSS_KEY would
later need its own API, that code would move there, but that seems
unlikely.
Ideally we'd have a 1:1 correspondence with key OID, although we may
have to fudge things if mistakes happen in standardization. (Whether or
not X.509 reuses id-ecPublicKey for Ed25519, we'll give it a separate
EVP_PKEY type.)
DSA parsing hooks are still implemented, missing parameters and all for
now. This isn't any worse than before.
Decoupling from the giant crypto/obj OID table will be a later task.
BUG=522228
Change-Id: I0e3964edf20cb795a18b0991d17e5ca8bce3e28c
Reviewed-on: https://boringssl-review.googlesource.com/6861
Reviewed-by: Adam Langley <agl@google.com>
2015-12-31 02:40:40 +00:00
|
|
|
EVP,155,ENCODE_ERROR
|
2015-06-29 04:36:21 +01:00
|
|
|
EVP,107,EXPECTING_AN_EC_KEY_KEY
|
|
|
|
|
EVP,141,EXPECTING_AN_RSA_KEY
|
|
|
|
|
EVP,109,EXPECTING_A_DH_KEY
|
|
|
|
|
EVP,110,EXPECTING_A_DSA_KEY
|
|
|
|
|
EVP,111,ILLEGAL_OR_UNSUPPORTED_PADDING_MODE
|
|
|
|
|
EVP,112,INVALID_CURVE
|
|
|
|
|
EVP,113,INVALID_DIGEST_LENGTH
|
|
|
|
|
EVP,114,INVALID_DIGEST_TYPE
|
|
|
|
|
EVP,115,INVALID_KEYBITS
|
|
|
|
|
EVP,116,INVALID_MGF1_MD
|
|
|
|
|
EVP,142,INVALID_OPERATION
|
|
|
|
|
EVP,118,INVALID_PADDING_MODE
|
|
|
|
|
EVP,119,INVALID_PSS_PARAMETERS
|
|
|
|
|
EVP,144,INVALID_PSS_SALTLEN
|
|
|
|
|
EVP,121,INVALID_SALT_LENGTH
|
|
|
|
|
EVP,122,INVALID_TRAILER
|
|
|
|
|
EVP,123,KEYS_NOT_SET
|
|
|
|
|
EVP,124,MISSING_PARAMETERS
|
|
|
|
|
EVP,125,NO_DEFAULT_DIGEST
|
|
|
|
|
EVP,126,NO_KEY_SET
|
|
|
|
|
EVP,127,NO_MDC2_SUPPORT
|
|
|
|
|
EVP,128,NO_NID_FOR_CURVE
|
|
|
|
|
EVP,129,NO_OPERATION_SET
|
|
|
|
|
EVP,130,NO_PARAMETERS_SET
|
|
|
|
|
EVP,131,OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
|
|
|
|
|
EVP,132,OPERATON_NOT_INITIALIZED
|
|
|
|
|
EVP,152,PARAMETER_ENCODING_ERROR
|
|
|
|
|
EVP,133,UNKNOWN_DIGEST
|
|
|
|
|
EVP,134,UNKNOWN_MASK_DIGEST
|
|
|
|
|
EVP,150,UNKNOWN_MESSAGE_DIGEST_ALGORITHM
|
|
|
|
|
EVP,145,UNKNOWN_PUBLIC_KEY_TYPE
|
|
|
|
|
EVP,149,UNKNOWN_SIGNATURE_ALGORITHM
|
|
|
|
|
EVP,138,UNSUPPORTED_ALGORITHM
|
|
|
|
|
EVP,139,UNSUPPORTED_MASK_ALGORITHM
|
|
|
|
|
EVP,140,UNSUPPORTED_MASK_PARAMETER
|
|
|
|
|
EVP,153,UNSUPPORTED_PUBLIC_KEY_TYPE
|
|
|
|
|
EVP,154,UNSUPPORTED_SIGNATURE_TYPE
|
|
|
|
|
EVP,148,WRONG_PUBLIC_KEY_TYPE
|