xref: /openbsd-src/lib/libcrypto/pem/pem_pkey.c (revision 87978dd930e6b6b96a9730bd9a446d7529f677fc) 
1*87978dd9Stb /* $OpenBSD: pem_pkey.c,v 1.28 2023/11/19 15:46:10 tb Exp $ */
2da347917Sbeck /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3da347917Sbeck  * All rights reserved.
4da347917Sbeck  *
5da347917Sbeck  * This package is an SSL implementation written
6da347917Sbeck  * by Eric Young (eay@cryptsoft.com).
7da347917Sbeck  * The implementation was written so as to conform with Netscapes SSL.
8da347917Sbeck  *
9da347917Sbeck  * This library is free for commercial and non-commercial use as long as
10da347917Sbeck  * the following conditions are aheared to.  The following conditions
11da347917Sbeck  * apply to all code found in this distribution, be it the RC4, RSA,
12da347917Sbeck  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13da347917Sbeck  * included with this distribution is covered by the same copyright terms
14da347917Sbeck  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15da347917Sbeck  *
16da347917Sbeck  * Copyright remains Eric Young's, and as such any Copyright notices in
17da347917Sbeck  * the code are not to be removed.
18da347917Sbeck  * If this package is used in a product, Eric Young should be given attribution
19da347917Sbeck  * as the author of the parts of the library used.
20da347917Sbeck  * This can be in the form of a textual message at program startup or
21da347917Sbeck  * in documentation (online or textual) provided with the package.
22da347917Sbeck  *
23da347917Sbeck  * Redistribution and use in source and binary forms, with or without
24da347917Sbeck  * modification, are permitted provided that the following conditions
25da347917Sbeck  * are met:
26da347917Sbeck  * 1. Redistributions of source code must retain the copyright
27da347917Sbeck  *    notice, this list of conditions and the following disclaimer.
28da347917Sbeck  * 2. Redistributions in binary form must reproduce the above copyright
29da347917Sbeck  *    notice, this list of conditions and the following disclaimer in the
30da347917Sbeck  *    documentation and/or other materials provided with the distribution.
31da347917Sbeck  * 3. All advertising materials mentioning features or use of this software
32da347917Sbeck  *    must display the following acknowledgement:
33da347917Sbeck  *    "This product includes cryptographic software written by
34da347917Sbeck  *     Eric Young (eay@cryptsoft.com)"
35da347917Sbeck  *    The word 'cryptographic' can be left out if the rouines from the library
36da347917Sbeck  *    being used are not cryptographic related :-).
37da347917Sbeck  * 4. If you include any Windows specific code (or a derivative thereof) from
38da347917Sbeck  *    the apps directory (application code) you must include an acknowledgement:
39da347917Sbeck  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40da347917Sbeck  *
41da347917Sbeck  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42da347917Sbeck  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43da347917Sbeck  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44da347917Sbeck  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45da347917Sbeck  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46da347917Sbeck  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47da347917Sbeck  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48da347917Sbeck  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49da347917Sbeck  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50da347917Sbeck  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51da347917Sbeck  * SUCH DAMAGE.
52da347917Sbeck  *
53da347917Sbeck  * The licence and distribution terms for any publically available version or
54da347917Sbeck  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55da347917Sbeck  * copied and put under another distribution licence
56da347917Sbeck  * [including the GNU Public Licence.]
57da347917Sbeck  */
58da347917Sbeck 
59da347917Sbeck #include <stdio.h>
60a8913c44Sjsing #include <string.h>
61a8913c44Sjsing 
628cf4d6a6Sjsing #include <openssl/opensslconf.h>
638cf4d6a6Sjsing 
64da347917Sbeck #include <openssl/buffer.h>
65a7b8f3c1Sdoug #include <openssl/err.h>
66da347917Sbeck #include <openssl/evp.h>
67b6ab114eSjsing #include <openssl/objects.h>
68b6ab114eSjsing #include <openssl/pem.h>
69b6ab114eSjsing #include <openssl/pkcs12.h>
70da347917Sbeck #include <openssl/x509.h>
71b6ab114eSjsing 
72c9675a23Stb #include "asn1_local.h"
73c9675a23Stb #include "evp_local.h"
74da347917Sbeck 
750a5d6edeSdjm int pem_check_suffix(const char *pem_str, const char *suffix);
76da347917Sbeck 
77a8b5ceceSjsing EVP_PKEY *
PEM_read_bio_PrivateKey(BIO * bp,EVP_PKEY ** x,pem_password_cb * cb,void * u)78a8b5ceceSjsing PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
79da347917Sbeck {
80da347917Sbeck 	char *nm = NULL;
814fcf65c5Sdjm 	const unsigned char *p = NULL;
824fcf65c5Sdjm 	unsigned char *data = NULL;
83da347917Sbeck 	long len;
840a5d6edeSdjm 	int slen;
85da347917Sbeck 	EVP_PKEY *ret = NULL;
86da347917Sbeck 
87a8b5ceceSjsing 	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY,
88a8b5ceceSjsing 	    bp, cb, u))
89da347917Sbeck 		return NULL;
90da347917Sbeck 	p = data;
91da347917Sbeck 
920a5d6edeSdjm 	if (strcmp(nm, PEM_STRING_PKCS8INF) == 0) {
93da347917Sbeck 		PKCS8_PRIV_KEY_INFO *p8inf;
94da347917Sbeck 		p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
95a8b5ceceSjsing 		if (!p8inf)
96a8b5ceceSjsing 			goto p8err;
97da347917Sbeck 		ret = EVP_PKCS82PKEY(p8inf);
986278d030Smarkus 		if (x) {
996d04a7b1Smiod 			EVP_PKEY_free(*x);
1006278d030Smarkus 			*x = ret;
1016278d030Smarkus 		}
102da347917Sbeck 		PKCS8_PRIV_KEY_INFO_free(p8inf);
103da347917Sbeck 	} else if (strcmp(nm, PEM_STRING_PKCS8) == 0) {
104da347917Sbeck 		PKCS8_PRIV_KEY_INFO *p8inf;
105da347917Sbeck 		X509_SIG *p8;
106da347917Sbeck 		int klen;
107da347917Sbeck 		char psbuf[PEM_BUFSIZE];
108da347917Sbeck 		p8 = d2i_X509_SIG(NULL, &p, len);
109a8b5ceceSjsing 		if (!p8)
110a8b5ceceSjsing 			goto p8err;
111a8b5ceceSjsing 		if (cb)
112a8b5ceceSjsing 			klen = cb(psbuf, PEM_BUFSIZE, 0, u);
113a8b5ceceSjsing 		else
114a8b5ceceSjsing 			klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
115da347917Sbeck 		if (klen <= 0) {
1165067ae9fSbeck 			PEMerror(PEM_R_BAD_PASSWORD_READ);
11740d8aef3Sdjm 			X509_SIG_free(p8);
118da347917Sbeck 			goto err;
119da347917Sbeck 		}
120da347917Sbeck 		p8inf = PKCS8_decrypt(p8, psbuf, klen);
121da347917Sbeck 		X509_SIG_free(p8);
122a8b5ceceSjsing 		if (!p8inf)
123a8b5ceceSjsing 			goto p8err;
124da347917Sbeck 		ret = EVP_PKCS82PKEY(p8inf);
125da347917Sbeck 		if (x) {
1266d04a7b1Smiod 			EVP_PKEY_free(*x);
127da347917Sbeck 			*x = ret;
128da347917Sbeck 		}
129da347917Sbeck 		PKCS8_PRIV_KEY_INFO_free(p8inf);
130a8b5ceceSjsing 	} else if ((slen = pem_check_suffix(nm, "PRIVATE KEY")) > 0) {
1310a5d6edeSdjm 		const EVP_PKEY_ASN1_METHOD *ameth;
1320a5d6edeSdjm 		ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
1330a5d6edeSdjm 		if (!ameth || !ameth->old_priv_decode)
1340a5d6edeSdjm 			goto p8err;
1350a5d6edeSdjm 		ret = d2i_PrivateKey(ameth->pkey_id, x, &p, len);
136da347917Sbeck 	}
137a8b5ceceSjsing 
138da347917Sbeck p8err:
139da347917Sbeck 	if (ret == NULL)
1405067ae9fSbeck 		PEMerror(ERR_R_ASN1_LIB);
141da347917Sbeck err:
1426f3a6cb1Sbeck 	free(nm);
1437de8a684Sderaadt 	freezero(data, len);
144da347917Sbeck 	return (ret);
145da347917Sbeck }
1464a925a6aSbeck LCRYPTO_ALIAS(PEM_read_bio_PrivateKey);
147da347917Sbeck 
148a8b5ceceSjsing int
PEM_write_bio_PrivateKey(BIO * bp,EVP_PKEY * x,const EVP_CIPHER * enc,unsigned char * kstr,int klen,pem_password_cb * cb,void * u)149a8b5ceceSjsing PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
150a8b5ceceSjsing     unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
1510a5d6edeSdjm {
1526cb0895aStb 	if (x->ameth == NULL || x->ameth->priv_encode != NULL)
1530a5d6edeSdjm 		return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
154a8b5ceceSjsing 		    (char *)kstr, klen, cb, u);
1550a5d6edeSdjm 
1566cb0895aStb 	return PEM_write_bio_PrivateKey_traditional(bp, x, enc, kstr, klen, cb,
1576cb0895aStb 	    u);
1586cb0895aStb }
1594a925a6aSbeck LCRYPTO_ALIAS(PEM_write_bio_PrivateKey);
1606cb0895aStb 
1616cb0895aStb int
PEM_write_bio_PrivateKey_traditional(BIO * bp,EVP_PKEY * x,const EVP_CIPHER * enc,unsigned char * kstr,int klen,pem_password_cb * cb,void * u)1626cb0895aStb PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
1636cb0895aStb     const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb,
1646cb0895aStb     void *u)
1656cb0895aStb {
1666cb0895aStb 	char pem_str[80];
1676cb0895aStb 
168656814a7Sguenther 	(void) snprintf(pem_str, sizeof(pem_str), "%s PRIVATE KEY",
169656814a7Sguenther 	    x->ameth->pem_str);
1700a5d6edeSdjm 	return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
1710a5d6edeSdjm 	    pem_str, bp, x, enc, kstr, klen, cb, u);
1720a5d6edeSdjm }
1734a925a6aSbeck LCRYPTO_ALIAS(PEM_write_bio_PrivateKey_traditional);
1740a5d6edeSdjm 
175a8b5ceceSjsing EVP_PKEY *
PEM_read_bio_Parameters(BIO * bp,EVP_PKEY ** x)176a8b5ceceSjsing PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
1770a5d6edeSdjm {
1780a5d6edeSdjm 	char *nm = NULL;
1790a5d6edeSdjm 	const unsigned char *p = NULL;
1800a5d6edeSdjm 	unsigned char *data = NULL;
1810a5d6edeSdjm 	long len;
1820a5d6edeSdjm 	int slen;
1830a5d6edeSdjm 	EVP_PKEY *ret = NULL;
1840a5d6edeSdjm 
1850a5d6edeSdjm 	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS,
1860a5d6edeSdjm 	    bp, 0, NULL))
1870a5d6edeSdjm 		return NULL;
1880a5d6edeSdjm 	p = data;
1890a5d6edeSdjm 
190a8b5ceceSjsing 	if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0) {
1910a5d6edeSdjm 		ret = EVP_PKEY_new();
1920a5d6edeSdjm 		if (!ret)
1930a5d6edeSdjm 			goto err;
194a8b5ceceSjsing 		if (!EVP_PKEY_set_type_str(ret, nm, slen) ||
195a8b5ceceSjsing 		    !ret->ameth->param_decode ||
196a8b5ceceSjsing 		    !ret->ameth->param_decode(ret, &p, len)) {
1970a5d6edeSdjm 			EVP_PKEY_free(ret);
1980a5d6edeSdjm 			ret = NULL;
1990a5d6edeSdjm 			goto err;
2000a5d6edeSdjm 		}
201a8b5ceceSjsing 		if (x) {
2026d04a7b1Smiod 			EVP_PKEY_free(*x);
2030a5d6edeSdjm 			*x = ret;
2040a5d6edeSdjm 		}
2050a5d6edeSdjm 	}
206a8b5ceceSjsing 
2070a5d6edeSdjm err:
2080a5d6edeSdjm 	if (ret == NULL)
2095067ae9fSbeck 		PEMerror(ERR_R_ASN1_LIB);
2106f3a6cb1Sbeck 	free(nm);
2116f3a6cb1Sbeck 	free(data);
2120a5d6edeSdjm 	return (ret);
2130a5d6edeSdjm }
2144a925a6aSbeck LCRYPTO_ALIAS(PEM_read_bio_Parameters);
2150a5d6edeSdjm 
216a8b5ceceSjsing int
PEM_write_bio_Parameters(BIO * bp,EVP_PKEY * x)217a8b5ceceSjsing PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x)
2180a5d6edeSdjm {
2190a5d6edeSdjm 	char pem_str[80];
220a8b5ceceSjsing 
2210a5d6edeSdjm 	if (!x->ameth || !x->ameth->param_encode)
2220a5d6edeSdjm 		return 0;
2230a5d6edeSdjm 
224656814a7Sguenther 	(void) snprintf(pem_str, sizeof(pem_str), "%s PARAMETERS",
225656814a7Sguenther 	    x->ameth->pem_str);
226a8b5ceceSjsing 	return PEM_ASN1_write_bio((i2d_of_void *)x->ameth->param_encode,
2270a5d6edeSdjm 	    pem_str, bp, x, NULL, NULL, 0, 0, NULL);
2280a5d6edeSdjm }
2294a925a6aSbeck LCRYPTO_ALIAS(PEM_write_bio_Parameters);
2300a5d6edeSdjm 
231a8b5ceceSjsing EVP_PKEY *
PEM_read_PrivateKey(FILE * fp,EVP_PKEY ** x,pem_password_cb * cb,void * u)232a8b5ceceSjsing PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
233da347917Sbeck {
234da347917Sbeck 	BIO *b;
235da347917Sbeck 	EVP_PKEY *ret;
236da347917Sbeck 
237a8b5ceceSjsing 	if ((b = BIO_new(BIO_s_file())) == NULL) {
2385067ae9fSbeck 		PEMerror(ERR_R_BUF_LIB);
239da347917Sbeck 		return (0);
240da347917Sbeck 	}
241da347917Sbeck 	BIO_set_fp(b, fp, BIO_NOCLOSE);
242da347917Sbeck 	ret = PEM_read_bio_PrivateKey(b, x, cb, u);
243da347917Sbeck 	BIO_free(b);
244da347917Sbeck 	return (ret);
245da347917Sbeck }
2464a925a6aSbeck LCRYPTO_ALIAS(PEM_read_PrivateKey);
2470a5d6edeSdjm 
248a8b5ceceSjsing int
PEM_write_PrivateKey(FILE * fp,EVP_PKEY * x,const EVP_CIPHER * enc,unsigned char * kstr,int klen,pem_password_cb * cb,void * u)249a8b5ceceSjsing PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
250a8b5ceceSjsing     unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
2510a5d6edeSdjm {
2520a5d6edeSdjm 	BIO *b;
2530a5d6edeSdjm 	int ret;
2540a5d6edeSdjm 
255a8b5ceceSjsing 	if ((b = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
2565067ae9fSbeck 		PEMerror(ERR_R_BUF_LIB);
2570a5d6edeSdjm 		return 0;
2580a5d6edeSdjm 	}
2590a5d6edeSdjm 	ret = PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u);
2600a5d6edeSdjm 	BIO_free(b);
2610a5d6edeSdjm 	return ret;
2620a5d6edeSdjm }
2634a925a6aSbeck LCRYPTO_ALIAS(PEM_write_PrivateKey);
264