OLD | NEW |
| (Empty) |
1 /* crypto/evp/p_lib.c */ | |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | |
3 * All rights reserved. | |
4 * | |
5 * This package is an SSL implementation written | |
6 * by Eric Young (eay@cryptsoft.com). | |
7 * The implementation was written so as to conform with Netscapes SSL. | |
8 * | |
9 * This library is free for commercial and non-commercial use as long as | |
10 * the following conditions are aheared to. The following conditions | |
11 * apply to all code found in this distribution, be it the RC4, RSA, | |
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 * included with this distribution is covered by the same copyright terms | |
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
15 * | |
16 * Copyright remains Eric Young's, and as such any Copyright notices in | |
17 * the code are not to be removed. | |
18 * If this package is used in a product, Eric Young should be given attribution | |
19 * as the author of the parts of the library used. | |
20 * This can be in the form of a textual message at program startup or | |
21 * in documentation (online or textual) provided with the package. | |
22 * | |
23 * Redistribution and use in source and binary forms, with or without | |
24 * modification, are permitted provided that the following conditions | |
25 * are met: | |
26 * 1. Redistributions of source code must retain the copyright | |
27 * notice, this list of conditions and the following disclaimer. | |
28 * 2. Redistributions in binary form must reproduce the above copyright | |
29 * notice, this list of conditions and the following disclaimer in the | |
30 * documentation and/or other materials provided with the distribution. | |
31 * 3. All advertising materials mentioning features or use of this software | |
32 * must display the following acknowledgement: | |
33 * "This product includes cryptographic software written by | |
34 * Eric Young (eay@cryptsoft.com)" | |
35 * The word 'cryptographic' can be left out if the rouines from the library | |
36 * being used are not cryptographic related :-). | |
37 * 4. If you include any Windows specific code (or a derivative thereof) from | |
38 * the apps directory (application code) you must include an acknowledgement: | |
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
40 * | |
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 * SUCH DAMAGE. | |
52 * | |
53 * The licence and distribution terms for any publically available version or | |
54 * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 * copied and put under another distribution licence | |
56 * [including the GNU Public Licence.] | |
57 */ | |
58 | |
59 #include <stdio.h> | |
60 #include "cryptlib.h" | |
61 #include <openssl/bn.h> | |
62 #include <openssl/err.h> | |
63 #include <openssl/objects.h> | |
64 #include <openssl/evp.h> | |
65 #include <openssl/asn1_mac.h> | |
66 #include <openssl/x509.h> | |
67 #ifndef OPENSSL_NO_RSA | |
68 #include <openssl/rsa.h> | |
69 #endif | |
70 #ifndef OPENSSL_NO_DSA | |
71 #include <openssl/dsa.h> | |
72 #endif | |
73 #ifndef OPENSSL_NO_DH | |
74 #include <openssl/dh.h> | |
75 #endif | |
76 | |
77 #ifndef OPENSSL_NO_ENGINE | |
78 #include <openssl/engine.h> | |
79 #endif | |
80 | |
81 #include "asn1_locl.h" | |
82 | |
83 static void EVP_PKEY_free_it(EVP_PKEY *x); | |
84 | |
85 int EVP_PKEY_bits(EVP_PKEY *pkey) | |
86 { | |
87 if (pkey && pkey->ameth && pkey->ameth->pkey_bits) | |
88 return pkey->ameth->pkey_bits(pkey); | |
89 return 0; | |
90 } | |
91 | |
92 int EVP_PKEY_size(EVP_PKEY *pkey) | |
93 { | |
94 if (pkey && pkey->ameth && pkey->ameth->pkey_size) | |
95 return pkey->ameth->pkey_size(pkey); | |
96 return 0; | |
97 } | |
98 | |
99 int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) | |
100 { | |
101 #ifndef OPENSSL_NO_DSA | |
102 if (pkey->type == EVP_PKEY_DSA) | |
103 { | |
104 int ret=pkey->save_parameters; | |
105 | |
106 if (mode >= 0) | |
107 pkey->save_parameters=mode; | |
108 return(ret); | |
109 } | |
110 #endif | |
111 #ifndef OPENSSL_NO_EC | |
112 if (pkey->type == EVP_PKEY_EC) | |
113 { | |
114 int ret = pkey->save_parameters; | |
115 | |
116 if (mode >= 0) | |
117 pkey->save_parameters = mode; | |
118 return(ret); | |
119 } | |
120 #endif | |
121 return(0); | |
122 } | |
123 | |
124 int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) | |
125 { | |
126 if (to->type != from->type) | |
127 { | |
128 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES)
; | |
129 goto err; | |
130 } | |
131 | |
132 if (EVP_PKEY_missing_parameters(from)) | |
133 { | |
134 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS); | |
135 goto err; | |
136 } | |
137 if (from->ameth && from->ameth->param_copy) | |
138 return from->ameth->param_copy(to, from); | |
139 err: | |
140 return 0; | |
141 } | |
142 | |
143 int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) | |
144 { | |
145 if (pkey->ameth && pkey->ameth->param_missing) | |
146 return pkey->ameth->param_missing(pkey); | |
147 return 0; | |
148 } | |
149 | |
150 int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) | |
151 { | |
152 if (a->type != b->type) | |
153 return -1; | |
154 if (a->ameth && a->ameth->param_cmp) | |
155 return a->ameth->param_cmp(a, b); | |
156 return -2; | |
157 } | |
158 | |
159 int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) | |
160 { | |
161 if (a->type != b->type) | |
162 return -1; | |
163 | |
164 if (a->ameth) | |
165 { | |
166 int ret; | |
167 /* Compare parameters if the algorithm has them */ | |
168 if (a->ameth->param_cmp) | |
169 { | |
170 ret = a->ameth->param_cmp(a, b); | |
171 if (ret <= 0) | |
172 return ret; | |
173 } | |
174 | |
175 if (a->ameth->pub_cmp) | |
176 return a->ameth->pub_cmp(a, b); | |
177 } | |
178 | |
179 return -2; | |
180 } | |
181 | |
182 EVP_PKEY *EVP_PKEY_new(void) | |
183 { | |
184 EVP_PKEY *ret; | |
185 | |
186 ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY)); | |
187 if (ret == NULL) | |
188 { | |
189 EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE); | |
190 return(NULL); | |
191 } | |
192 ret->type=EVP_PKEY_NONE; | |
193 ret->save_type=EVP_PKEY_NONE; | |
194 ret->references=1; | |
195 ret->ameth=NULL; | |
196 ret->engine=NULL; | |
197 ret->pkey.ptr=NULL; | |
198 ret->attributes=NULL; | |
199 ret->save_parameters=1; | |
200 return(ret); | |
201 } | |
202 | |
203 EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey) | |
204 { | |
205 CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); | |
206 return pkey; | |
207 } | |
208 | |
209 /* Setup a public key ASN1 method and ENGINE from a NID or a string. | |
210 * If pkey is NULL just return 1 or 0 if the algorithm exists. | |
211 */ | |
212 | |
213 static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len) | |
214 { | |
215 const EVP_PKEY_ASN1_METHOD *ameth; | |
216 ENGINE *e = NULL; | |
217 if (pkey) | |
218 { | |
219 if (pkey->pkey.ptr) | |
220 EVP_PKEY_free_it(pkey); | |
221 /* If key type matches and a method exists then this | |
222 * lookup has succeeded once so just indicate success. | |
223 */ | |
224 if ((type == pkey->save_type) && pkey->ameth) | |
225 return 1; | |
226 #ifndef OPENSSL_NO_ENGINE | |
227 /* If we have an ENGINE release it */ | |
228 if (pkey->engine) | |
229 { | |
230 ENGINE_finish(pkey->engine); | |
231 pkey->engine = NULL; | |
232 } | |
233 #endif | |
234 } | |
235 if (str) | |
236 ameth = EVP_PKEY_asn1_find_str(&e, str, len); | |
237 else | |
238 ameth = EVP_PKEY_asn1_find(&e, type); | |
239 #ifndef OPENSSL_NO_ENGINE | |
240 if (!pkey && e) | |
241 ENGINE_finish(e); | |
242 #endif | |
243 if (!ameth) | |
244 { | |
245 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM); | |
246 return 0; | |
247 } | |
248 if (pkey) | |
249 { | |
250 pkey->ameth = ameth; | |
251 pkey->engine = e; | |
252 | |
253 pkey->type = pkey->ameth->pkey_id; | |
254 pkey->save_type=type; | |
255 } | |
256 return 1; | |
257 } | |
258 | |
259 int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) | |
260 { | |
261 return pkey_set_type(pkey, type, NULL, -1); | |
262 } | |
263 | |
264 int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) | |
265 { | |
266 return pkey_set_type(pkey, EVP_PKEY_NONE, str, len); | |
267 } | |
268 | |
269 int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) | |
270 { | |
271 if (!EVP_PKEY_set_type(pkey, type)) | |
272 return 0; | |
273 pkey->pkey.ptr=key; | |
274 return (key != NULL); | |
275 } | |
276 | |
277 void *EVP_PKEY_get0(EVP_PKEY *pkey) | |
278 { | |
279 return pkey->pkey.ptr; | |
280 } | |
281 | |
282 #ifndef OPENSSL_NO_RSA | |
283 int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) | |
284 { | |
285 int ret = EVP_PKEY_assign_RSA(pkey, key); | |
286 if(ret) | |
287 RSA_up_ref(key); | |
288 return ret; | |
289 } | |
290 | |
291 RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) | |
292 { | |
293 if(pkey->type != EVP_PKEY_RSA) { | |
294 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY); | |
295 return NULL; | |
296 } | |
297 RSA_up_ref(pkey->pkey.rsa); | |
298 return pkey->pkey.rsa; | |
299 } | |
300 #endif | |
301 | |
302 #ifndef OPENSSL_NO_DSA | |
303 int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) | |
304 { | |
305 int ret = EVP_PKEY_assign_DSA(pkey, key); | |
306 if(ret) | |
307 DSA_up_ref(key); | |
308 return ret; | |
309 } | |
310 | |
311 DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) | |
312 { | |
313 if(pkey->type != EVP_PKEY_DSA) { | |
314 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY); | |
315 return NULL; | |
316 } | |
317 DSA_up_ref(pkey->pkey.dsa); | |
318 return pkey->pkey.dsa; | |
319 } | |
320 #endif | |
321 | |
322 #ifndef OPENSSL_NO_EC | |
323 | |
324 int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) | |
325 { | |
326 int ret = EVP_PKEY_assign_EC_KEY(pkey,key); | |
327 if (ret) | |
328 EC_KEY_up_ref(key); | |
329 return ret; | |
330 } | |
331 | |
332 EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) | |
333 { | |
334 if (pkey->type != EVP_PKEY_EC) | |
335 { | |
336 EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); | |
337 return NULL; | |
338 } | |
339 EC_KEY_up_ref(pkey->pkey.ec); | |
340 return pkey->pkey.ec; | |
341 } | |
342 #endif | |
343 | |
344 | |
345 #ifndef OPENSSL_NO_DH | |
346 | |
347 int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) | |
348 { | |
349 int ret = EVP_PKEY_assign_DH(pkey, key); | |
350 if(ret) | |
351 DH_up_ref(key); | |
352 return ret; | |
353 } | |
354 | |
355 DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) | |
356 { | |
357 if(pkey->type != EVP_PKEY_DH) { | |
358 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY); | |
359 return NULL; | |
360 } | |
361 DH_up_ref(pkey->pkey.dh); | |
362 return pkey->pkey.dh; | |
363 } | |
364 #endif | |
365 | |
366 int EVP_PKEY_type(int type) | |
367 { | |
368 int ret; | |
369 const EVP_PKEY_ASN1_METHOD *ameth; | |
370 ENGINE *e; | |
371 ameth = EVP_PKEY_asn1_find(&e, type); | |
372 if (ameth) | |
373 ret = ameth->pkey_id; | |
374 else | |
375 ret = NID_undef; | |
376 #ifndef OPENSSL_NO_ENGINE | |
377 if (e) | |
378 ENGINE_finish(e); | |
379 #endif | |
380 return ret; | |
381 } | |
382 | |
383 int EVP_PKEY_id(const EVP_PKEY *pkey) | |
384 { | |
385 return pkey->type; | |
386 } | |
387 | |
388 int EVP_PKEY_base_id(const EVP_PKEY *pkey) | |
389 { | |
390 return EVP_PKEY_type(pkey->type); | |
391 } | |
392 | |
393 void EVP_PKEY_free(EVP_PKEY *x) | |
394 { | |
395 int i; | |
396 | |
397 if (x == NULL) return; | |
398 | |
399 i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY); | |
400 #ifdef REF_PRINT | |
401 REF_PRINT("EVP_PKEY",x); | |
402 #endif | |
403 if (i > 0) return; | |
404 #ifdef REF_CHECK | |
405 if (i < 0) | |
406 { | |
407 fprintf(stderr,"EVP_PKEY_free, bad reference count\n"); | |
408 abort(); | |
409 } | |
410 #endif | |
411 EVP_PKEY_free_it(x); | |
412 if (x->attributes) | |
413 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); | |
414 OPENSSL_free(x); | |
415 } | |
416 | |
417 static void EVP_PKEY_free_it(EVP_PKEY *x) | |
418 { | |
419 if (x->ameth && x->ameth->pkey_free) | |
420 { | |
421 x->ameth->pkey_free(x); | |
422 x->pkey.ptr = NULL; | |
423 } | |
424 #ifndef OPENSSL_NO_ENGINE | |
425 if (x->engine) | |
426 { | |
427 ENGINE_finish(x->engine); | |
428 x->engine = NULL; | |
429 } | |
430 #endif | |
431 } | |
432 | |
433 static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, | |
434 const char *kstr) | |
435 { | |
436 BIO_indent(out, indent, 128); | |
437 BIO_printf(out, "%s algorithm \"%s\" unsupported\n", | |
438 kstr, OBJ_nid2ln(pkey->type)); | |
439 return 1; | |
440 } | |
441 | |
442 int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, | |
443 int indent, ASN1_PCTX *pctx) | |
444 { | |
445 if (pkey->ameth && pkey->ameth->pub_print) | |
446 return pkey->ameth->pub_print(out, pkey, indent, pctx); | |
447 | |
448 return unsup_alg(out, pkey, indent, "Public Key"); | |
449 } | |
450 | |
451 int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, | |
452 int indent, ASN1_PCTX *pctx) | |
453 { | |
454 if (pkey->ameth && pkey->ameth->priv_print) | |
455 return pkey->ameth->priv_print(out, pkey, indent, pctx); | |
456 | |
457 return unsup_alg(out, pkey, indent, "Private Key"); | |
458 } | |
459 | |
460 int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, | |
461 int indent, ASN1_PCTX *pctx) | |
462 { | |
463 if (pkey->ameth && pkey->ameth->param_print) | |
464 return pkey->ameth->param_print(out, pkey, indent, pctx); | |
465 return unsup_alg(out, pkey, indent, "Parameters"); | |
466 } | |
467 | |
468 int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) | |
469 { | |
470 if (!pkey->ameth || !pkey->ameth->pkey_ctrl) | |
471 return -2; | |
472 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, | |
473 0, pnid); | |
474 } | |
475 | |
OLD | NEW |