#include "internal/deprecated.h"
#include <openssl/byteorder.h>
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/core_object.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/params.h>
#include <openssl/pem.h>
#include <openssl/pkcs12.h>
#include <openssl/provider.h>
#include <openssl/x509.h>
#include <openssl/proverr.h>
#include <openssl/asn1t.h>
#include "internal/cryptlib.h"
#include "crypto/dh.h"
#include "crypto/dsa.h"
#include "crypto/ec.h"
#include "crypto/evp.h"
#include "crypto/ecx.h"
#include "crypto/rsa.h"
#include "crypto/ml_dsa.h"
#include "crypto/slh_dsa.h"
#include "crypto/x509.h"
#include "crypto/ml_kem.h"
#include "openssl/obj_mac.h"
#include "prov/bio.h"
#include "prov/implementations.h"
#include "endecoder_local.h"
#include "internal/nelem.h"
#include "ml_dsa_codecs.h"
#include "ml_kem_codecs.h"
#ifndef OPENSSL_NO_SLH_DSA
typedef struct {
ASN1_OBJECT *oid;
} BARE_ALGOR;
typedef struct {
BARE_ALGOR algor;
ASN1_BIT_STRING *pubkey;
} BARE_PUBKEY;
ASN1_SEQUENCE(BARE_ALGOR) = {
ASN1_SIMPLE(BARE_ALGOR, oid, ASN1_OBJECT),
} static_ASN1_SEQUENCE_END(BARE_ALGOR)
ASN1_SEQUENCE(BARE_PUBKEY) = {
ASN1_EMBED(BARE_PUBKEY, algor, BARE_ALGOR),
ASN1_SIMPLE(BARE_PUBKEY, pubkey, ASN1_BIT_STRING)
} static_ASN1_SEQUENCE_END(BARE_PUBKEY)
#endif
struct der2key_ctx_st;
typedef int check_key_fn(void *, struct der2key_ctx_st *ctx);
typedef void adjust_key_fn(void *, struct der2key_ctx_st *ctx);
typedef void free_key_fn(void *);
typedef void *d2i_PKCS8_fn(const unsigned char **, long,
struct der2key_ctx_st *);
typedef void *d2i_PUBKEY_fn(const unsigned char **, long,
struct der2key_ctx_st *);
struct keytype_desc_st {
const char *keytype_name;
const OSSL_DISPATCH *fns;
const char *structure_name;
int evp_type;
int selection_mask;
d2i_of_void *d2i_private_key;
d2i_of_void *d2i_public_key;
d2i_of_void *d2i_key_params;
d2i_PKCS8_fn *d2i_PKCS8;
d2i_PUBKEY_fn *d2i_PUBKEY;
check_key_fn *check_key;
adjust_key_fn *adjust_key;
free_key_fn *free_key;
};
struct der2key_ctx_st {
PROV_CTX *provctx;
char propq[OSSL_MAX_PROPQUERY_SIZE];
const struct keytype_desc_st *desc;
int selection;
unsigned int flag_fatal : 1;
};
typedef void *key_from_pkcs8_t(const PKCS8_PRIV_KEY_INFO *p8inf,
OSSL_LIB_CTX *libctx, const char *propq);
static void *der2key_decode_p8(const unsigned char **input_der,
long input_der_len, struct der2key_ctx_st *ctx,
key_from_pkcs8_t *key_from_pkcs8)
{
PKCS8_PRIV_KEY_INFO *p8inf = NULL;
const X509_ALGOR *alg = NULL;
void *key = NULL;
if ((p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, input_der, input_der_len)) != NULL
&& PKCS8_pkey_get0(NULL, NULL, NULL, &alg, p8inf)
&& (OBJ_obj2nid(alg->algorithm) == ctx->desc->evp_type
|| (OBJ_obj2nid(alg->algorithm) == NID_X9_62_id_ecPublicKey
&& ctx->desc->evp_type == NID_sm2)))
key = key_from_pkcs8(p8inf, PROV_LIBCTX_OF(ctx->provctx), ctx->propq);
PKCS8_PRIV_KEY_INFO_free(p8inf);
return key;
}
static OSSL_FUNC_decoder_freectx_fn der2key_freectx;
static OSSL_FUNC_decoder_decode_fn der2key_decode;
static OSSL_FUNC_decoder_export_object_fn der2key_export_object;
static OSSL_FUNC_decoder_settable_ctx_params_fn der2key_settable_ctx_params;
static OSSL_FUNC_decoder_set_ctx_params_fn der2key_set_ctx_params;
static struct der2key_ctx_st *
der2key_newctx(void *provctx, const struct keytype_desc_st *desc)
{
struct der2key_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx));
if (ctx != NULL) {
ctx->provctx = provctx;
ctx->desc = desc;
}
return ctx;
}
static const OSSL_PARAM *der2key_settable_ctx_params(ossl_unused void *provctx)
{
static const OSSL_PARAM settables[] = {
OSSL_PARAM_utf8_string(OSSL_DECODER_PARAM_PROPERTIES, NULL, 0),
OSSL_PARAM_END
};
return settables;
}
static int der2key_set_ctx_params(void *vctx, const OSSL_PARAM params[])
{
struct der2key_ctx_st *ctx = vctx;
const OSSL_PARAM *p;
char *str = ctx->propq;
p = OSSL_PARAM_locate_const(params, OSSL_DECODER_PARAM_PROPERTIES);
if (p != NULL && !OSSL_PARAM_get_utf8_string(p, &str, sizeof(ctx->propq)))
return 0;
return 1;
}
static void der2key_freectx(void *vctx)
{
struct der2key_ctx_st *ctx = vctx;
OPENSSL_free(ctx);
}
static int der2key_check_selection(int selection,
const struct keytype_desc_st *desc)
{
int checks[] = {
OSSL_KEYMGMT_SELECT_PRIVATE_KEY,
OSSL_KEYMGMT_SELECT_PUBLIC_KEY,
OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
};
size_t i;
if (selection == 0)
return 1;
for (i = 0; i < OSSL_NELEM(checks); i++) {
int check1 = (selection & checks[i]) != 0;
int check2 = (desc->selection_mask & checks[i]) != 0;
if (check1)
return check2;
}
return 0;
}
static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
OSSL_CALLBACK *data_cb, void *data_cbarg,
OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
{
struct der2key_ctx_st *ctx = vctx;
unsigned char *der = NULL;
const unsigned char *derp;
long der_len = 0;
void *key = NULL;
int ok = 0;
ctx->selection = selection;
if (selection == 0)
selection = ctx->desc->selection_mask;
if ((selection & ctx->desc->selection_mask) == 0) {
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
return 0;
}
ok = ossl_read_der(ctx->provctx, cin, &der, &der_len);
if (!ok)
goto next;
ok = 0;
ERR_set_mark();
if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
derp = der;
if (ctx->desc->d2i_PKCS8 != NULL) {
key = ctx->desc->d2i_PKCS8(&derp, der_len, ctx);
if (ctx->flag_fatal) {
ERR_clear_last_mark();
goto end;
}
} else if (ctx->desc->d2i_private_key != NULL) {
key = ctx->desc->d2i_private_key(NULL, &derp, der_len);
}
if (key == NULL && ctx->selection != 0) {
ERR_clear_last_mark();
goto next;
}
}
if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) {
derp = der;
if (ctx->desc->d2i_PUBKEY != NULL)
key = ctx->desc->d2i_PUBKEY(&derp, der_len, ctx);
else if (ctx->desc->d2i_public_key != NULL)
key = ctx->desc->d2i_public_key(NULL, &derp, der_len);
if (key == NULL && ctx->selection != 0) {
ERR_clear_last_mark();
goto next;
}
}
if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) {
derp = der;
if (ctx->desc->d2i_key_params != NULL)
key = ctx->desc->d2i_key_params(NULL, &derp, der_len);
if (key == NULL && ctx->selection != 0) {
ERR_clear_last_mark();
goto next;
}
}
if (key == NULL)
ERR_clear_last_mark();
else
ERR_pop_to_mark();
if (key != NULL
&& ctx->desc->check_key != NULL
&& !ctx->desc->check_key(key, ctx)) {
ctx->desc->free_key(key);
key = NULL;
}
if (key != NULL && ctx->desc->adjust_key != NULL)
ctx->desc->adjust_key(key, ctx);
next:
ok = 1;
OPENSSL_free(der);
der = NULL;
if (key != NULL) {
OSSL_PARAM params[4];
int object_type = OSSL_OBJECT_PKEY;
params[0] = OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type);
#ifndef OPENSSL_NO_SM2
if (strcmp(ctx->desc->keytype_name, "EC") == 0
&& (EC_KEY_get_flags(key) & EC_FLAG_SM2_RANGE) != 0)
params[1] = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
"SM2", 0);
else
#endif
params[1] = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
(char *)ctx->desc->keytype_name,
0);
params[2] = OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE,
&key, sizeof(key));
params[3] = OSSL_PARAM_construct_end();
ok = data_cb(params, data_cbarg);
}
end:
ctx->desc->free_key(key);
OPENSSL_free(der);
return ok;
}
static int der2key_export_object(void *vctx,
const void *reference, size_t reference_sz,
OSSL_CALLBACK *export_cb, void *export_cbarg)
{
struct der2key_ctx_st *ctx = vctx;
OSSL_FUNC_keymgmt_export_fn *export = ossl_prov_get_keymgmt_export(ctx->desc->fns);
void *keydata;
if (reference_sz == sizeof(keydata) && export != NULL) {
int selection = ctx->selection;
if (selection == 0)
selection = OSSL_KEYMGMT_SELECT_ALL;
keydata = *(void **)reference;
return export(keydata, selection, export_cb, export_cbarg);
}
return 0;
}
#define D2I_PUBKEY_NOCTX(n, f) \
static void * \
n##_d2i_PUBKEY(const unsigned char **der, long der_len, \
ossl_unused struct der2key_ctx_st *ctx) \
{ \
return f(NULL, der, der_len); \
}
#ifndef OPENSSL_NO_DH
#define dh_evp_type EVP_PKEY_DH
#define dh_d2i_private_key NULL
#define dh_d2i_public_key NULL
#define dh_d2i_key_params (d2i_of_void *)d2i_DHparams
#define dh_free (free_key_fn *)DH_free
#define dh_check NULL
static void *dh_d2i_PKCS8(const unsigned char **der, long der_len,
struct der2key_ctx_st *ctx)
{
return der2key_decode_p8(der, der_len, ctx,
(key_from_pkcs8_t *)ossl_dh_key_from_pkcs8);
}
D2I_PUBKEY_NOCTX(dh, ossl_d2i_DH_PUBKEY)
D2I_PUBKEY_NOCTX(dhx, ossl_d2i_DHx_PUBKEY)
static void dh_adjust(void *key, struct der2key_ctx_st *ctx)
{
ossl_dh_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx));
}
#define dhx_evp_type EVP_PKEY_DHX
#define dhx_d2i_private_key NULL
#define dhx_d2i_public_key NULL
#define dhx_d2i_key_params (d2i_of_void *)d2i_DHxparams
#define dhx_d2i_PKCS8 dh_d2i_PKCS8
#define dhx_free (free_key_fn *)DH_free
#define dhx_check NULL
#define dhx_adjust dh_adjust
#endif
#ifndef OPENSSL_NO_DSA
#define dsa_evp_type EVP_PKEY_DSA
#define dsa_d2i_private_key (d2i_of_void *)d2i_DSAPrivateKey
#define dsa_d2i_public_key (d2i_of_void *)d2i_DSAPublicKey
#define dsa_d2i_key_params (d2i_of_void *)d2i_DSAparams
#define dsa_free (free_key_fn *)DSA_free
#define dsa_check NULL
static void *dsa_d2i_PKCS8(const unsigned char **der, long der_len,
struct der2key_ctx_st *ctx)
{
return der2key_decode_p8(der, der_len, ctx,
(key_from_pkcs8_t *)ossl_dsa_key_from_pkcs8);
}
D2I_PUBKEY_NOCTX(dsa, ossl_d2i_DSA_PUBKEY)
static void dsa_adjust(void *key, struct der2key_ctx_st *ctx)
{
ossl_dsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx));
}
#endif
#ifndef OPENSSL_NO_EC
#define ec_evp_type EVP_PKEY_EC
#define ec_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey
#define ec_d2i_public_key NULL
#define ec_d2i_key_params (d2i_of_void *)d2i_ECParameters
#define ec_free (free_key_fn *)EC_KEY_free
static void *ec_d2i_PKCS8(const unsigned char **der, long der_len,
struct der2key_ctx_st *ctx)
{
return der2key_decode_p8(der, der_len, ctx,
(key_from_pkcs8_t *)ossl_ec_key_from_pkcs8);
}
D2I_PUBKEY_NOCTX(ec, d2i_EC_PUBKEY)
static int ec_check(void *key, struct der2key_ctx_st *ctx)
{
int ret = 0;
int sm2 = (EC_KEY_get_flags(key) & EC_FLAG_SM2_RANGE) != 0;
if (sm2)
ret = ctx->desc->evp_type == EVP_PKEY_SM2
|| ctx->desc->evp_type == NID_X9_62_id_ecPublicKey;
else
ret = ctx->desc->evp_type != EVP_PKEY_SM2;
return ret;
}
static void ec_adjust(void *key, struct der2key_ctx_st *ctx)
{
ossl_ec_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx));
}
#ifndef OPENSSL_NO_ECX
static void *ecx_d2i_PKCS8(const unsigned char **der, long der_len,
struct der2key_ctx_st *ctx)
{
return der2key_decode_p8(der, der_len, ctx,
(key_from_pkcs8_t *)ossl_ecx_key_from_pkcs8);
}
D2I_PUBKEY_NOCTX(ed25519, ossl_d2i_ED25519_PUBKEY)
D2I_PUBKEY_NOCTX(ed448, ossl_d2i_ED448_PUBKEY)
D2I_PUBKEY_NOCTX(x25519, ossl_d2i_X25519_PUBKEY)
D2I_PUBKEY_NOCTX(x448, ossl_d2i_X448_PUBKEY)
static void ecx_key_adjust(void *key, struct der2key_ctx_st *ctx)
{
ossl_ecx_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx));
}
#define ed25519_evp_type EVP_PKEY_ED25519
#define ed25519_d2i_private_key NULL
#define ed25519_d2i_public_key NULL
#define ed25519_d2i_key_params NULL
#define ed25519_d2i_PKCS8 ecx_d2i_PKCS8
#define ed25519_free (free_key_fn *)ossl_ecx_key_free
#define ed25519_check NULL
#define ed25519_adjust ecx_key_adjust
#define ed448_evp_type EVP_PKEY_ED448
#define ed448_d2i_private_key NULL
#define ed448_d2i_public_key NULL
#define ed448_d2i_key_params NULL
#define ed448_d2i_PKCS8 ecx_d2i_PKCS8
#define ed448_free (free_key_fn *)ossl_ecx_key_free
#define ed448_check NULL
#define ed448_adjust ecx_key_adjust
#define x25519_evp_type EVP_PKEY_X25519
#define x25519_d2i_private_key NULL
#define x25519_d2i_public_key NULL
#define x25519_d2i_key_params NULL
#define x25519_d2i_PKCS8 ecx_d2i_PKCS8
#define x25519_free (free_key_fn *)ossl_ecx_key_free
#define x25519_check NULL
#define x25519_adjust ecx_key_adjust
#define x448_evp_type EVP_PKEY_X448
#define x448_d2i_private_key NULL
#define x448_d2i_public_key NULL
#define x448_d2i_key_params NULL
#define x448_d2i_PKCS8 ecx_d2i_PKCS8
#define x448_free (free_key_fn *)ossl_ecx_key_free
#define x448_check NULL
#define x448_adjust ecx_key_adjust
#endif
#ifndef OPENSSL_NO_SM2
#define sm2_evp_type EVP_PKEY_SM2
#define sm2_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey
#define sm2_d2i_public_key NULL
#define sm2_d2i_key_params (d2i_of_void *)d2i_ECParameters
#define sm2_d2i_PUBKEY ec_d2i_PUBKEY
#define sm2_free (free_key_fn *)EC_KEY_free
#define sm2_check ec_check
#define sm2_adjust ec_adjust
static void *sm2_d2i_PKCS8(const unsigned char **der, long der_len,
struct der2key_ctx_st *ctx)
{
return der2key_decode_p8(der, der_len, ctx,
(key_from_pkcs8_t *)ossl_ec_key_from_pkcs8);
}
#endif
#endif
#ifndef OPENSSL_NO_ML_KEM
static void *
ml_kem_d2i_PKCS8(const uint8_t **der, long der_len, struct der2key_ctx_st *ctx)
{
ML_KEM_KEY *key;
key = ossl_ml_kem_d2i_PKCS8(*der, der_len, ctx->desc->evp_type,
ctx->provctx, ctx->propq);
if (key != NULL)
*der += der_len;
return key;
}
static ossl_inline void *
ml_kem_d2i_PUBKEY(const uint8_t **der, long der_len,
struct der2key_ctx_st *ctx)
{
ML_KEM_KEY *key;
key = ossl_ml_kem_d2i_PUBKEY(*der, der_len, ctx->desc->evp_type,
ctx->provctx, ctx->propq);
if (key != NULL)
*der += der_len;
return key;
}
#define ml_kem_512_evp_type EVP_PKEY_ML_KEM_512
#define ml_kem_512_d2i_private_key NULL
#define ml_kem_512_d2i_public_key NULL
#define ml_kem_512_d2i_key_params NULL
#define ml_kem_512_d2i_PUBKEY ml_kem_d2i_PUBKEY
#define ml_kem_512_d2i_PKCS8 ml_kem_d2i_PKCS8
#define ml_kem_512_free (free_key_fn *)ossl_ml_kem_key_free
#define ml_kem_512_check NULL
#define ml_kem_512_adjust NULL
#define ml_kem_768_evp_type EVP_PKEY_ML_KEM_768
#define ml_kem_768_d2i_private_key NULL
#define ml_kem_768_d2i_public_key NULL
#define ml_kem_768_d2i_key_params NULL
#define ml_kem_768_d2i_PUBKEY ml_kem_d2i_PUBKEY
#define ml_kem_768_d2i_PKCS8 ml_kem_d2i_PKCS8
#define ml_kem_768_free (free_key_fn *)ossl_ml_kem_key_free
#define ml_kem_768_check NULL
#define ml_kem_768_adjust NULL
#define ml_kem_1024_evp_type EVP_PKEY_ML_KEM_1024
#define ml_kem_1024_d2i_private_key NULL
#define ml_kem_1024_d2i_public_key NULL
#define ml_kem_1024_d2i_PUBKEY ml_kem_d2i_PUBKEY
#define ml_kem_1024_d2i_PKCS8 ml_kem_d2i_PKCS8
#define ml_kem_1024_d2i_key_params NULL
#define ml_kem_1024_free (free_key_fn *)ossl_ml_kem_key_free
#define ml_kem_1024_check NULL
#define ml_kem_1024_adjust NULL
#endif
#ifndef OPENSSL_NO_SLH_DSA
static void *
slh_dsa_d2i_PKCS8(const uint8_t **der, long der_len, struct der2key_ctx_st *ctx)
{
SLH_DSA_KEY *key = NULL, *ret = NULL;
OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
PKCS8_PRIV_KEY_INFO *p8inf = NULL;
const unsigned char *p;
const X509_ALGOR *alg = NULL;
int plen, ptype;
if ((p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, der, der_len)) == NULL
|| !PKCS8_pkey_get0(NULL, &p, &plen, &alg, p8inf))
goto end;
if ((X509_ALGOR_get0(NULL, &ptype, NULL, alg), ptype != V_ASN1_UNDEF)) {
ERR_raise_data(ERR_LIB_PROV, PROV_R_UNEXPECTED_KEY_PARAMETERS,
"unexpected parameters with a PKCS#8 %s private key",
ctx->desc->keytype_name);
goto end;
}
if (OBJ_obj2nid(alg->algorithm) != ctx->desc->evp_type)
goto end;
if ((key = ossl_slh_dsa_key_new(libctx, ctx->propq,
ctx->desc->keytype_name))
== NULL)
goto end;
if (!ossl_slh_dsa_set_priv(key, p, plen))
goto end;
ret = key;
end:
PKCS8_PRIV_KEY_INFO_free(p8inf);
if (ret == NULL)
ossl_slh_dsa_key_free(key);
return ret;
}
static ossl_inline void *slh_dsa_d2i_PUBKEY(const uint8_t **der, long der_len,
struct der2key_ctx_st *ctx)
{
int ok = 0;
OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
SLH_DSA_KEY *ret = NULL;
BARE_PUBKEY *spki = NULL;
const uint8_t *end = *der;
size_t len;
ret = ossl_slh_dsa_key_new(libctx, ctx->propq, ctx->desc->keytype_name);
if (ret == NULL)
return NULL;
len = ossl_slh_dsa_key_get_pub_len(ret);
if (der_len != 18 + (long)len) {
ERR_raise_data(ERR_LIB_PROV, PROV_R_BAD_ENCODING,
"unexpected %s public key length: %ld != %ld",
ctx->desc->keytype_name, der_len,
18 + (long)len);
goto err;
}
if ((spki = OPENSSL_zalloc(sizeof(*spki))) == NULL)
goto err;
if (ASN1_item_d2i_ex((ASN1_VALUE **)&spki, &end, der_len,
ASN1_ITEM_rptr(BARE_PUBKEY), NULL, NULL)
== NULL) {
ERR_raise_data(ERR_LIB_PROV, PROV_R_BAD_ENCODING,
"malformed %s public key ASN.1 encoding",
ossl_slh_dsa_key_get_name(ret));
goto err;
}
if ((spki->pubkey->flags & 0x7) != 0 || end != *der + der_len) {
ERR_raise_data(ERR_LIB_PROV, PROV_R_BAD_ENCODING,
"malformed %s public key ASN.1 encoding",
ossl_slh_dsa_key_get_name(ret));
goto err;
}
if (OBJ_cmp(OBJ_nid2obj(ctx->desc->evp_type), spki->algor.oid) != 0) {
ERR_raise_data(ERR_LIB_PROV, PROV_R_BAD_ENCODING,
"unexpected algorithm OID for an %s public key",
ossl_slh_dsa_key_get_name(ret));
goto err;
}
if (!ossl_slh_dsa_set_pub(ret, spki->pubkey->data, spki->pubkey->length)) {
ERR_raise_data(ERR_LIB_PROV, PROV_R_BAD_ENCODING,
"failed to parse %s public key from the input data",
ossl_slh_dsa_key_get_name(ret));
goto err;
}
ok = 1;
err:
if (spki != NULL) {
ASN1_OBJECT_free(spki->algor.oid);
ASN1_BIT_STRING_free(spki->pubkey);
OPENSSL_free(spki);
}
if (!ok) {
ossl_slh_dsa_key_free(ret);
ret = NULL;
}
return ret;
}
#define slh_dsa_sha2_128s_evp_type EVP_PKEY_SLH_DSA_SHA2_128S
#define slh_dsa_sha2_128s_d2i_private_key NULL
#define slh_dsa_sha2_128s_d2i_public_key NULL
#define slh_dsa_sha2_128s_d2i_key_params NULL
#define slh_dsa_sha2_128s_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_sha2_128s_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_sha2_128s_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_sha2_128s_check NULL
#define slh_dsa_sha2_128s_adjust NULL
#define slh_dsa_sha2_128f_evp_type EVP_PKEY_SLH_DSA_SHA2_128F
#define slh_dsa_sha2_128f_d2i_private_key NULL
#define slh_dsa_sha2_128f_d2i_public_key NULL
#define slh_dsa_sha2_128f_d2i_key_params NULL
#define slh_dsa_sha2_128f_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_sha2_128f_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_sha2_128f_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_sha2_128f_check NULL
#define slh_dsa_sha2_128f_adjust NULL
#define slh_dsa_sha2_192s_evp_type EVP_PKEY_SLH_DSA_SHA2_192S
#define slh_dsa_sha2_192s_d2i_private_key NULL
#define slh_dsa_sha2_192s_d2i_public_key NULL
#define slh_dsa_sha2_192s_d2i_key_params NULL
#define slh_dsa_sha2_192s_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_sha2_192s_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_sha2_192s_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_sha2_192s_check NULL
#define slh_dsa_sha2_192s_adjust NULL
#define slh_dsa_sha2_192f_evp_type EVP_PKEY_SLH_DSA_SHA2_192F
#define slh_dsa_sha2_192f_d2i_private_key NULL
#define slh_dsa_sha2_192f_d2i_public_key NULL
#define slh_dsa_sha2_192f_d2i_key_params NULL
#define slh_dsa_sha2_192f_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_sha2_192f_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_sha2_192f_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_sha2_192f_check NULL
#define slh_dsa_sha2_192f_adjust NULL
#define slh_dsa_sha2_256s_evp_type EVP_PKEY_SLH_DSA_SHA2_256S
#define slh_dsa_sha2_256s_d2i_private_key NULL
#define slh_dsa_sha2_256s_d2i_public_key NULL
#define slh_dsa_sha2_256s_d2i_key_params NULL
#define slh_dsa_sha2_256s_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_sha2_256s_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_sha2_256s_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_sha2_256s_check NULL
#define slh_dsa_sha2_256s_adjust NULL
#define slh_dsa_sha2_256f_evp_type EVP_PKEY_SLH_DSA_SHA2_256F
#define slh_dsa_sha2_256f_d2i_private_key NULL
#define slh_dsa_sha2_256f_d2i_public_key NULL
#define slh_dsa_sha2_256f_d2i_key_params NULL
#define slh_dsa_sha2_256f_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_sha2_256f_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_sha2_256f_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_sha2_256f_check NULL
#define slh_dsa_sha2_256f_adjust NULL
#define slh_dsa_shake_128s_evp_type EVP_PKEY_SLH_DSA_SHAKE_128S
#define slh_dsa_shake_128s_d2i_private_key NULL
#define slh_dsa_shake_128s_d2i_public_key NULL
#define slh_dsa_shake_128s_d2i_key_params NULL
#define slh_dsa_shake_128s_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_shake_128s_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_shake_128s_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_shake_128s_check NULL
#define slh_dsa_shake_128s_adjust NULL
#define slh_dsa_shake_128f_evp_type EVP_PKEY_SLH_DSA_SHAKE_128F
#define slh_dsa_shake_128f_d2i_private_key NULL
#define slh_dsa_shake_128f_d2i_public_key NULL
#define slh_dsa_shake_128f_d2i_key_params NULL
#define slh_dsa_shake_128f_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_shake_128f_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_shake_128f_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_shake_128f_check NULL
#define slh_dsa_shake_128f_adjust NULL
#define slh_dsa_shake_192s_evp_type EVP_PKEY_SLH_DSA_SHAKE_192S
#define slh_dsa_shake_192s_d2i_private_key NULL
#define slh_dsa_shake_192s_d2i_public_key NULL
#define slh_dsa_shake_192s_d2i_key_params NULL
#define slh_dsa_shake_192s_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_shake_192s_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_shake_192s_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_shake_192s_check NULL
#define slh_dsa_shake_192s_adjust NULL
#define slh_dsa_shake_192f_evp_type EVP_PKEY_SLH_DSA_SHAKE_192F
#define slh_dsa_shake_192f_d2i_private_key NULL
#define slh_dsa_shake_192f_d2i_public_key NULL
#define slh_dsa_shake_192f_d2i_key_params NULL
#define slh_dsa_shake_192f_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_shake_192f_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_shake_192f_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_shake_192f_check NULL
#define slh_dsa_shake_192f_adjust NULL
#define slh_dsa_shake_256s_evp_type EVP_PKEY_SLH_DSA_SHAKE_256S
#define slh_dsa_shake_256s_d2i_private_key NULL
#define slh_dsa_shake_256s_d2i_public_key NULL
#define slh_dsa_shake_256s_d2i_key_params NULL
#define slh_dsa_shake_256s_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_shake_256s_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_shake_256s_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_shake_256s_check NULL
#define slh_dsa_shake_256s_adjust NULL
#define slh_dsa_shake_256f_evp_type EVP_PKEY_SLH_DSA_SHAKE_256F
#define slh_dsa_shake_256f_d2i_private_key NULL
#define slh_dsa_shake_256f_d2i_public_key NULL
#define slh_dsa_shake_256f_d2i_key_params NULL
#define slh_dsa_shake_256f_d2i_PKCS8 slh_dsa_d2i_PKCS8
#define slh_dsa_shake_256f_d2i_PUBKEY slh_dsa_d2i_PUBKEY
#define slh_dsa_shake_256f_free (free_key_fn *)ossl_slh_dsa_key_free
#define slh_dsa_shake_256f_check NULL
#define slh_dsa_shake_256f_adjust NULL
#endif
#define rsa_evp_type EVP_PKEY_RSA
#define rsa_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey
#define rsa_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey
#define rsa_d2i_key_params NULL
#define rsa_free (free_key_fn *)RSA_free
static void *rsa_d2i_PKCS8(const unsigned char **der, long der_len,
struct der2key_ctx_st *ctx)
{
return der2key_decode_p8(der, der_len, ctx,
(key_from_pkcs8_t *)ossl_rsa_key_from_pkcs8);
}
static void *
rsa_d2i_PUBKEY(const unsigned char **der, long der_len,
ossl_unused struct der2key_ctx_st *ctx)
{
return d2i_RSA_PUBKEY(NULL, der, der_len);
}
static int rsa_check(void *key, struct der2key_ctx_st *ctx)
{
int valid;
switch (RSA_test_flags(key, RSA_FLAG_TYPE_MASK)) {
case RSA_FLAG_TYPE_RSA:
valid = (ctx->desc->evp_type == EVP_PKEY_RSA);
break;
case RSA_FLAG_TYPE_RSASSAPSS:
valid = (ctx->desc->evp_type == EVP_PKEY_RSA_PSS);
break;
default:
valid = 0;
}
valid = (valid && ossl_rsa_check_factors(key));
return valid;
}
static void rsa_adjust(void *key, struct der2key_ctx_st *ctx)
{
ossl_rsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx));
}
#define rsapss_evp_type EVP_PKEY_RSA_PSS
#define rsapss_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey
#define rsapss_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey
#define rsapss_d2i_key_params NULL
#define rsapss_d2i_PKCS8 rsa_d2i_PKCS8
#define rsapss_d2i_PUBKEY rsa_d2i_PUBKEY
#define rsapss_free (free_key_fn *)RSA_free
#define rsapss_check rsa_check
#define rsapss_adjust rsa_adjust
#ifndef OPENSSL_NO_ML_DSA
static void *
ml_dsa_d2i_PKCS8(const uint8_t **der, long der_len, struct der2key_ctx_st *ctx)
{
ML_DSA_KEY *key;
key = ossl_ml_dsa_d2i_PKCS8(*der, der_len, ctx->desc->evp_type,
ctx->provctx, ctx->propq);
if (key != NULL)
*der += der_len;
return key;
}
static ossl_inline void *ml_dsa_d2i_PUBKEY(const uint8_t **der, long der_len,
struct der2key_ctx_st *ctx)
{
ML_DSA_KEY *key;
key = ossl_ml_dsa_d2i_PUBKEY(*der, der_len, ctx->desc->evp_type,
ctx->provctx, ctx->propq);
if (key != NULL)
*der += der_len;
return key;
}
#define ml_dsa_44_evp_type EVP_PKEY_ML_DSA_44
#define ml_dsa_44_d2i_private_key NULL
#define ml_dsa_44_d2i_public_key NULL
#define ml_dsa_44_d2i_key_params NULL
#define ml_dsa_44_d2i_PUBKEY ml_dsa_d2i_PUBKEY
#define ml_dsa_44_d2i_PKCS8 ml_dsa_d2i_PKCS8
#define ml_dsa_44_free (free_key_fn *)ossl_ml_dsa_key_free
#define ml_dsa_44_check NULL
#define ml_dsa_44_adjust NULL
#define ml_dsa_65_evp_type EVP_PKEY_ML_DSA_65
#define ml_dsa_65_d2i_private_key NULL
#define ml_dsa_65_d2i_public_key NULL
#define ml_dsa_65_d2i_key_params NULL
#define ml_dsa_65_d2i_PUBKEY ml_dsa_d2i_PUBKEY
#define ml_dsa_65_d2i_PKCS8 ml_dsa_d2i_PKCS8
#define ml_dsa_65_free (free_key_fn *)ossl_ml_dsa_key_free
#define ml_dsa_65_check NULL
#define ml_dsa_65_adjust NULL
#define ml_dsa_87_evp_type EVP_PKEY_ML_DSA_87
#define ml_dsa_87_d2i_private_key NULL
#define ml_dsa_87_d2i_public_key NULL
#define ml_dsa_87_d2i_PUBKEY ml_dsa_d2i_PUBKEY
#define ml_dsa_87_d2i_PKCS8 ml_dsa_d2i_PKCS8
#define ml_dsa_87_d2i_key_params NULL
#define ml_dsa_87_free (free_key_fn *)ossl_ml_dsa_key_free
#define ml_dsa_87_check NULL
#define ml_dsa_87_adjust NULL
#endif
#define DO_type_specific_keypair(keytype) \
"type-specific", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_KEYPAIR), \
keytype##_d2i_private_key, \
keytype##_d2i_public_key, \
NULL, \
NULL, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_type_specific_pub(keytype) \
"type-specific", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_PUBLIC_KEY), \
NULL, \
keytype##_d2i_public_key, \
NULL, \
NULL, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_type_specific_priv(keytype) \
"type-specific", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_PRIVATE_KEY), \
keytype##_d2i_private_key, \
NULL, \
NULL, \
NULL, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_type_specific_params(keytype) \
"type-specific", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_ALL_PARAMETERS), \
NULL, \
NULL, \
keytype##_d2i_key_params, \
NULL, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_type_specific(keytype) \
"type-specific", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_ALL), \
keytype##_d2i_private_key, \
keytype##_d2i_public_key, \
keytype##_d2i_key_params, \
NULL, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_type_specific_no_pub(keytype) \
"type-specific", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_PRIVATE_KEY \
| OSSL_KEYMGMT_SELECT_ALL_PARAMETERS), \
keytype##_d2i_private_key, \
NULL, \
keytype##_d2i_key_params, \
NULL, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_PrivateKeyInfo(keytype) \
"PrivateKeyInfo", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_PRIVATE_KEY), \
NULL, \
NULL, \
NULL, \
keytype##_d2i_PKCS8, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_SubjectPublicKeyInfo(keytype) \
"SubjectPublicKeyInfo", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_PUBLIC_KEY), \
NULL, \
NULL, \
NULL, \
NULL, \
keytype##_d2i_PUBKEY, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_DH(keytype) \
"DH", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_ALL_PARAMETERS), \
NULL, \
NULL, \
keytype##_d2i_key_params, \
NULL, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_DHX(keytype) \
"DHX", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_ALL_PARAMETERS), \
NULL, \
NULL, \
keytype##_d2i_key_params, \
NULL, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_DSA(keytype) \
"DSA", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_ALL), \
keytype##_d2i_private_key, \
keytype##_d2i_public_key, \
keytype##_d2i_key_params, \
NULL, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_EC(keytype) \
"EC", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_PRIVATE_KEY \
| OSSL_KEYMGMT_SELECT_ALL_PARAMETERS), \
keytype##_d2i_private_key, \
NULL, \
keytype##_d2i_key_params, \
NULL, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define DO_RSA(keytype) \
"RSA", keytype##_evp_type, \
(OSSL_KEYMGMT_SELECT_KEYPAIR), \
keytype##_d2i_private_key, \
keytype##_d2i_public_key, \
NULL, \
NULL, \
NULL, \
keytype##_check, \
keytype##_adjust, \
keytype##_free
#define MAKE_DECODER(keytype_name, keytype, type, kind) \
static const struct keytype_desc_st kind##_##keytype##_desc = { keytype_name, ossl_##keytype##_keymgmt_functions, \
DO_##kind(keytype) }; \
\
static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \
\
static void *kind##_der2##keytype##_newctx(void *provctx) \
{ \
return der2key_newctx(provctx, &kind##_##keytype##_desc); \
} \
static int kind##_der2##keytype##_does_selection(void *provctx, \
int selection) \
{ \
return der2key_check_selection(selection, \
&kind##_##keytype##_desc); \
} \
const OSSL_DISPATCH \
ossl_##kind##_der_to_##keytype##_decoder_functions[] \
= { \
{ OSSL_FUNC_DECODER_NEWCTX, \
(void (*)(void))kind##_der2##keytype##_newctx }, \
{ OSSL_FUNC_DECODER_FREECTX, \
(void (*)(void))der2key_freectx }, \
{ OSSL_FUNC_DECODER_DOES_SELECTION, \
(void (*)(void))kind##_der2##keytype##_does_selection }, \
{ OSSL_FUNC_DECODER_DECODE, \
(void (*)(void))der2key_decode }, \
{ OSSL_FUNC_DECODER_EXPORT_OBJECT, \
(void (*)(void))der2key_export_object }, \
{ OSSL_FUNC_DECODER_SETTABLE_CTX_PARAMS, \
(void (*)(void))der2key_settable_ctx_params }, \
{ OSSL_FUNC_DECODER_SET_CTX_PARAMS, \
(void (*)(void))der2key_set_ctx_params }, \
OSSL_DISPATCH_END \
}
#ifndef OPENSSL_NO_DH
MAKE_DECODER("DH", dh, dh, PrivateKeyInfo);
MAKE_DECODER("DH", dh, dh, SubjectPublicKeyInfo);
MAKE_DECODER("DH", dh, dh, type_specific_params);
MAKE_DECODER("DH", dh, dh, DH);
MAKE_DECODER("DHX", dhx, dhx, PrivateKeyInfo);
MAKE_DECODER("DHX", dhx, dhx, SubjectPublicKeyInfo);
MAKE_DECODER("DHX", dhx, dhx, type_specific_params);
MAKE_DECODER("DHX", dhx, dhx, DHX);
#endif
#ifndef OPENSSL_NO_DSA
MAKE_DECODER("DSA", dsa, dsa, PrivateKeyInfo);
MAKE_DECODER("DSA", dsa, dsa, SubjectPublicKeyInfo);
MAKE_DECODER("DSA", dsa, dsa, type_specific);
MAKE_DECODER("DSA", dsa, dsa, DSA);
#endif
#ifndef OPENSSL_NO_EC
MAKE_DECODER("EC", ec, ec, PrivateKeyInfo);
MAKE_DECODER("EC", ec, ec, SubjectPublicKeyInfo);
MAKE_DECODER("EC", ec, ec, type_specific_no_pub);
MAKE_DECODER("EC", ec, ec, EC);
#ifndef OPENSSL_NO_ECX
MAKE_DECODER("X25519", x25519, ecx, PrivateKeyInfo);
MAKE_DECODER("X25519", x25519, ecx, SubjectPublicKeyInfo);
MAKE_DECODER("X448", x448, ecx, PrivateKeyInfo);
MAKE_DECODER("X448", x448, ecx, SubjectPublicKeyInfo);
MAKE_DECODER("ED25519", ed25519, ecx, PrivateKeyInfo);
MAKE_DECODER("ED25519", ed25519, ecx, SubjectPublicKeyInfo);
MAKE_DECODER("ED448", ed448, ecx, PrivateKeyInfo);
MAKE_DECODER("ED448", ed448, ecx, SubjectPublicKeyInfo);
#endif
#ifndef OPENSSL_NO_SM2
MAKE_DECODER("SM2", sm2, ec, PrivateKeyInfo);
MAKE_DECODER("SM2", sm2, ec, SubjectPublicKeyInfo);
MAKE_DECODER("SM2", sm2, sm2, type_specific_no_pub);
#endif
#endif
#ifndef OPENSSL_NO_ML_KEM
MAKE_DECODER("ML-KEM-512", ml_kem_512, ml_kem_512, PrivateKeyInfo);
MAKE_DECODER("ML-KEM-512", ml_kem_512, ml_kem_512, SubjectPublicKeyInfo);
MAKE_DECODER("ML-KEM-768", ml_kem_768, ml_kem_768, PrivateKeyInfo);
MAKE_DECODER("ML-KEM-768", ml_kem_768, ml_kem_768, SubjectPublicKeyInfo);
MAKE_DECODER("ML-KEM-1024", ml_kem_1024, ml_kem_1024, PrivateKeyInfo);
MAKE_DECODER("ML-KEM-1024", ml_kem_1024, ml_kem_1024, SubjectPublicKeyInfo);
#endif
#ifndef OPENSSL_NO_SLH_DSA
MAKE_DECODER("SLH-DSA-SHA2-128s", slh_dsa_sha2_128s, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHA2-128f", slh_dsa_sha2_128f, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHA2-192s", slh_dsa_sha2_192s, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHA2-192f", slh_dsa_sha2_192f, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHA2-256s", slh_dsa_sha2_256s, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHA2-256f", slh_dsa_sha2_256f, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-128s", slh_dsa_shake_128s, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-128f", slh_dsa_shake_128f, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-192s", slh_dsa_shake_192s, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-192f", slh_dsa_shake_192f, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-256s", slh_dsa_shake_256s, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-256f", slh_dsa_shake_256f, slh_dsa, PrivateKeyInfo);
MAKE_DECODER("SLH-DSA-SHA2-128s", slh_dsa_sha2_128s, slh_dsa, SubjectPublicKeyInfo);
MAKE_DECODER("SLH-DSA-SHA2-128f", slh_dsa_sha2_128f, slh_dsa, SubjectPublicKeyInfo);
MAKE_DECODER("SLH-DSA-SHA2-192s", slh_dsa_sha2_192s, slh_dsa, SubjectPublicKeyInfo);
MAKE_DECODER("SLH-DSA-SHA2-192f", slh_dsa_sha2_192f, slh_dsa, SubjectPublicKeyInfo);
MAKE_DECODER("SLH-DSA-SHA2-256s", slh_dsa_sha2_256s, slh_dsa, SubjectPublicKeyInfo);
MAKE_DECODER("SLH-DSA-SHA2-256f", slh_dsa_sha2_256f, slh_dsa, SubjectPublicKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-128s", slh_dsa_shake_128s, slh_dsa, SubjectPublicKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-128f", slh_dsa_shake_128f, slh_dsa, SubjectPublicKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-192s", slh_dsa_shake_192s, slh_dsa, SubjectPublicKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-192f", slh_dsa_shake_192f, slh_dsa, SubjectPublicKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-256s", slh_dsa_shake_256s, slh_dsa, SubjectPublicKeyInfo);
MAKE_DECODER("SLH-DSA-SHAKE-256f", slh_dsa_shake_256f, slh_dsa, SubjectPublicKeyInfo);
#endif
MAKE_DECODER("RSA", rsa, rsa, PrivateKeyInfo);
MAKE_DECODER("RSA", rsa, rsa, SubjectPublicKeyInfo);
MAKE_DECODER("RSA", rsa, rsa, type_specific_keypair);
MAKE_DECODER("RSA", rsa, rsa, RSA);
MAKE_DECODER("RSA-PSS", rsapss, rsapss, PrivateKeyInfo);
MAKE_DECODER("RSA-PSS", rsapss, rsapss, SubjectPublicKeyInfo);
#ifndef OPENSSL_NO_ML_DSA
MAKE_DECODER("ML-DSA-44", ml_dsa_44, ml_dsa_44, PrivateKeyInfo);
MAKE_DECODER("ML-DSA-44", ml_dsa_44, ml_dsa_44, SubjectPublicKeyInfo);
MAKE_DECODER("ML-DSA-65", ml_dsa_65, ml_dsa_65, PrivateKeyInfo);
MAKE_DECODER("ML-DSA-65", ml_dsa_65, ml_dsa_65, SubjectPublicKeyInfo);
MAKE_DECODER("ML-DSA-87", ml_dsa_87, ml_dsa_87, PrivateKeyInfo);
MAKE_DECODER("ML-DSA-87", ml_dsa_87, ml_dsa_87, SubjectPublicKeyInfo);
#endif
