1 /* $OpenBSD: p_lib.c,v 1.58 2024/01/05 21:22:01 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * licensing@OpenSSL.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 */ 105 106 #include <stdio.h> 107 #include <stdlib.h> 108 #include <string.h> 109 110 #include <openssl/asn1.h> 111 #include <openssl/bio.h> 112 #include <openssl/cmac.h> 113 #include <openssl/crypto.h> 114 #include <openssl/err.h> 115 #include <openssl/evp.h> 116 #include <openssl/objects.h> 117 #include <openssl/x509.h> 118 119 #ifndef OPENSSL_NO_DH 120 #include <openssl/dh.h> 121 #endif 122 #ifndef OPENSSL_NO_DSA 123 #include <openssl/dsa.h> 124 #endif 125 #ifndef OPENSSL_NO_EC 126 #include <openssl/ec.h> 127 #endif 128 #ifndef OPENSSL_NO_RSA 129 #include <openssl/rsa.h> 130 #endif 131 132 #include "evp_local.h" 133 134 extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth; 135 extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; 136 extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth; 137 extern const EVP_PKEY_ASN1_METHOD dsa1_asn1_meth; 138 extern const EVP_PKEY_ASN1_METHOD dsa2_asn1_meth; 139 extern const EVP_PKEY_ASN1_METHOD dsa3_asn1_meth; 140 extern const EVP_PKEY_ASN1_METHOD dsa4_asn1_meth; 141 extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; 142 extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth; 143 extern const EVP_PKEY_ASN1_METHOD gostimit_asn1_meth; 144 extern const EVP_PKEY_ASN1_METHOD gostr01_asn1_meth; 145 extern const EVP_PKEY_ASN1_METHOD gostr12_256_asn1_meth; 146 extern const EVP_PKEY_ASN1_METHOD gostr12_512_asn1_meth; 147 extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; 148 extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; 149 extern const EVP_PKEY_ASN1_METHOD rsa2_asn1_meth; 150 extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth; 151 extern const EVP_PKEY_ASN1_METHOD x25519_asn1_meth; 152 153 static const EVP_PKEY_ASN1_METHOD *asn1_methods[] = { 154 &cmac_asn1_meth, 155 &dh_asn1_meth, 156 &dsa_asn1_meth, 157 &dsa1_asn1_meth, 158 &dsa2_asn1_meth, 159 &dsa3_asn1_meth, 160 &dsa4_asn1_meth, 161 &eckey_asn1_meth, 162 &ed25519_asn1_meth, 163 &gostimit_asn1_meth, 164 &gostr01_asn1_meth, 165 &gostr12_256_asn1_meth, 166 &gostr12_512_asn1_meth, 167 &hmac_asn1_meth, 168 &rsa_asn1_meth, 169 &rsa2_asn1_meth, 170 &rsa_pss_asn1_meth, 171 &x25519_asn1_meth, 172 }; 173 174 #define N_ASN1_METHODS (sizeof(asn1_methods) / sizeof(asn1_methods[0])) 175 176 int 177 EVP_PKEY_asn1_get_count(void) 178 { 179 return N_ASN1_METHODS; 180 } 181 182 const EVP_PKEY_ASN1_METHOD * 183 EVP_PKEY_asn1_get0(int idx) 184 { 185 if (idx < 0 || idx >= N_ASN1_METHODS) 186 return NULL; 187 188 return asn1_methods[idx]; 189 } 190 191 const EVP_PKEY_ASN1_METHOD * 192 EVP_PKEY_asn1_find(ENGINE **engine, int pkey_id) 193 { 194 size_t i; 195 196 if (engine != NULL) 197 *engine = NULL; 198 199 for (i = 0; i < N_ASN1_METHODS; i++) { 200 if (asn1_methods[i]->pkey_id == pkey_id) 201 return asn1_methods[i]->base_method; 202 } 203 204 return NULL; 205 } 206 207 const EVP_PKEY_ASN1_METHOD * 208 EVP_PKEY_asn1_find_str(ENGINE **engine, const char *str, int len) 209 { 210 const EVP_PKEY_ASN1_METHOD *ameth; 211 size_t i, str_len; 212 213 if (engine != NULL) 214 *engine = NULL; 215 216 if (len < -1) 217 return NULL; 218 if (len == -1) 219 str_len = strlen(str); 220 else 221 str_len = len; 222 223 for (i = 0; i < N_ASN1_METHODS; i++) { 224 ameth = asn1_methods[i]; 225 if ((ameth->pkey_flags & ASN1_PKEY_ALIAS) != 0) 226 continue; 227 if (strlen(ameth->pem_str) != str_len) 228 continue; 229 if (strncasecmp(ameth->pem_str, str, str_len) == 0) 230 return ameth; 231 } 232 233 return NULL; 234 } 235 236 int 237 EVP_PKEY_asn1_get0_info(int *pkey_id, int *pkey_base_id, int *pkey_flags, 238 const char **info, const char **pem_str, 239 const EVP_PKEY_ASN1_METHOD *ameth) 240 { 241 if (ameth == NULL) 242 return 0; 243 244 if (pkey_id != NULL) 245 *pkey_id = ameth->pkey_id; 246 if (pkey_base_id != NULL) 247 *pkey_base_id = ameth->base_method->pkey_id; 248 if (pkey_flags != NULL) 249 *pkey_flags = ameth->pkey_flags; 250 if (info != NULL) 251 *info = ameth->info; 252 if (pem_str != NULL) 253 *pem_str = ameth->pem_str; 254 255 return 1; 256 } 257 258 const EVP_PKEY_ASN1_METHOD* 259 EVP_PKEY_get0_asn1(const EVP_PKEY *pkey) 260 { 261 return pkey->ameth; 262 } 263 264 int 265 EVP_PKEY_bits(const EVP_PKEY *pkey) 266 { 267 if (pkey && pkey->ameth && pkey->ameth->pkey_bits) 268 return pkey->ameth->pkey_bits(pkey); 269 return 0; 270 } 271 272 int 273 EVP_PKEY_security_bits(const EVP_PKEY *pkey) 274 { 275 if (pkey == NULL) 276 return 0; 277 if (pkey->ameth == NULL || pkey->ameth->pkey_security_bits == NULL) 278 return -2; 279 280 return pkey->ameth->pkey_security_bits(pkey); 281 } 282 283 int 284 EVP_PKEY_size(const EVP_PKEY *pkey) 285 { 286 if (pkey && pkey->ameth && pkey->ameth->pkey_size) 287 return pkey->ameth->pkey_size(pkey); 288 return 0; 289 } 290 291 int 292 EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 293 { 294 #ifndef OPENSSL_NO_DSA 295 if (pkey->type == EVP_PKEY_DSA) { 296 int ret = pkey->save_parameters; 297 298 if (mode >= 0) 299 pkey->save_parameters = mode; 300 return (ret); 301 } 302 #endif 303 #ifndef OPENSSL_NO_EC 304 if (pkey->type == EVP_PKEY_EC) { 305 int ret = pkey->save_parameters; 306 307 if (mode >= 0) 308 pkey->save_parameters = mode; 309 return (ret); 310 } 311 #endif 312 return (0); 313 } 314 315 int 316 EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 317 { 318 if (to->type != from->type) { 319 EVPerror(EVP_R_DIFFERENT_KEY_TYPES); 320 goto err; 321 } 322 323 if (EVP_PKEY_missing_parameters(from)) { 324 EVPerror(EVP_R_MISSING_PARAMETERS); 325 goto err; 326 } 327 if (from->ameth && from->ameth->param_copy) 328 return from->ameth->param_copy(to, from); 329 330 err: 331 return 0; 332 } 333 334 int 335 EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 336 { 337 if (pkey->ameth && pkey->ameth->param_missing) 338 return pkey->ameth->param_missing(pkey); 339 return 0; 340 } 341 342 int 343 EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 344 { 345 if (a->type != b->type) 346 return -1; 347 if (a->ameth && a->ameth->param_cmp) 348 return a->ameth->param_cmp(a, b); 349 return -2; 350 } 351 352 int 353 EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 354 { 355 if (a->type != b->type) 356 return -1; 357 358 if (a->ameth) { 359 int ret; 360 /* Compare parameters if the algorithm has them */ 361 if (a->ameth->param_cmp) { 362 ret = a->ameth->param_cmp(a, b); 363 if (ret <= 0) 364 return ret; 365 } 366 367 if (a->ameth->pub_cmp) 368 return a->ameth->pub_cmp(a, b); 369 } 370 371 return -2; 372 } 373 374 EVP_PKEY * 375 EVP_PKEY_new(void) 376 { 377 EVP_PKEY *pkey; 378 379 if ((pkey = calloc(1, sizeof(*pkey))) == NULL) { 380 EVPerror(ERR_R_MALLOC_FAILURE); 381 return NULL; 382 } 383 384 pkey->type = EVP_PKEY_NONE; 385 pkey->references = 1; 386 pkey->save_parameters = 1; 387 388 return pkey; 389 } 390 391 int 392 EVP_PKEY_up_ref(EVP_PKEY *pkey) 393 { 394 return CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY) > 1; 395 } 396 397 static void 398 evp_pkey_free_pkey_ptr(EVP_PKEY *pkey) 399 { 400 if (pkey == NULL || pkey->ameth == NULL || pkey->ameth->pkey_free == NULL) 401 return; 402 403 pkey->ameth->pkey_free(pkey); 404 pkey->pkey.ptr = NULL; 405 } 406 407 void 408 EVP_PKEY_free(EVP_PKEY *pkey) 409 { 410 if (pkey == NULL) 411 return; 412 413 if (CRYPTO_add(&pkey->references, -1, CRYPTO_LOCK_EVP_PKEY) > 0) 414 return; 415 416 evp_pkey_free_pkey_ptr(pkey); 417 sk_X509_ATTRIBUTE_pop_free(pkey->attributes, X509_ATTRIBUTE_free); 418 freezero(pkey, sizeof(*pkey)); 419 } 420 421 int 422 EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 423 { 424 const EVP_PKEY_ASN1_METHOD *ameth; 425 426 evp_pkey_free_pkey_ptr(pkey); 427 428 if ((ameth = EVP_PKEY_asn1_find(NULL, type)) == NULL) { 429 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); 430 return 0; 431 } 432 if (pkey != NULL) { 433 pkey->ameth = ameth; 434 pkey->type = pkey->ameth->pkey_id; 435 } 436 437 return 1; 438 } 439 440 int 441 EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 442 { 443 const EVP_PKEY_ASN1_METHOD *ameth; 444 445 evp_pkey_free_pkey_ptr(pkey); 446 447 if ((ameth = EVP_PKEY_asn1_find_str(NULL, str, len)) == NULL) { 448 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); 449 return 0; 450 } 451 if (pkey != NULL) { 452 pkey->ameth = ameth; 453 pkey->type = pkey->ameth->pkey_id; 454 } 455 456 return 1; 457 } 458 459 int 460 EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 461 { 462 if (!EVP_PKEY_set_type(pkey, type)) 463 return 0; 464 465 return (pkey->pkey.ptr = key) != NULL; 466 } 467 468 EVP_PKEY * 469 EVP_PKEY_new_raw_private_key(int type, ENGINE *engine, 470 const unsigned char *private_key, size_t len) 471 { 472 EVP_PKEY *pkey; 473 474 if ((pkey = EVP_PKEY_new()) == NULL) 475 goto err; 476 477 if (!EVP_PKEY_set_type(pkey, type)) 478 goto err; 479 480 if (pkey->ameth->set_priv_key == NULL) { 481 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 482 goto err; 483 } 484 if (!pkey->ameth->set_priv_key(pkey, private_key, len)) { 485 EVPerror(EVP_R_KEY_SETUP_FAILED); 486 goto err; 487 } 488 489 return pkey; 490 491 err: 492 EVP_PKEY_free(pkey); 493 494 return NULL; 495 } 496 497 EVP_PKEY * 498 EVP_PKEY_new_raw_public_key(int type, ENGINE *engine, 499 const unsigned char *public_key, size_t len) 500 { 501 EVP_PKEY *pkey; 502 503 if ((pkey = EVP_PKEY_new()) == NULL) 504 goto err; 505 506 if (!EVP_PKEY_set_type(pkey, type)) 507 goto err; 508 509 if (pkey->ameth->set_pub_key == NULL) { 510 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 511 goto err; 512 } 513 if (!pkey->ameth->set_pub_key(pkey, public_key, len)) { 514 EVPerror(EVP_R_KEY_SETUP_FAILED); 515 goto err; 516 } 517 518 return pkey; 519 520 err: 521 EVP_PKEY_free(pkey); 522 523 return NULL; 524 } 525 526 int 527 EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, 528 unsigned char *out_private_key, size_t *out_len) 529 { 530 if (pkey->ameth->get_priv_key == NULL) { 531 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 532 return 0; 533 } 534 if (!pkey->ameth->get_priv_key(pkey, out_private_key, out_len)) { 535 EVPerror(EVP_R_GET_RAW_KEY_FAILED); 536 return 0; 537 } 538 539 return 1; 540 } 541 542 int 543 EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, 544 unsigned char *out_public_key, size_t *out_len) 545 { 546 if (pkey->ameth->get_pub_key == NULL) { 547 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 548 return 0; 549 } 550 if (!pkey->ameth->get_pub_key(pkey, out_public_key, out_len)) { 551 EVPerror(EVP_R_GET_RAW_KEY_FAILED); 552 return 0; 553 } 554 555 return 1; 556 } 557 558 EVP_PKEY * 559 EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, 560 const EVP_CIPHER *cipher) 561 { 562 EVP_PKEY *pkey = NULL; 563 CMAC_CTX *cmctx = NULL; 564 565 if ((pkey = EVP_PKEY_new()) == NULL) 566 goto err; 567 if ((cmctx = CMAC_CTX_new()) == NULL) 568 goto err; 569 570 if (!EVP_PKEY_set_type(pkey, EVP_PKEY_CMAC)) 571 goto err; 572 573 if (!CMAC_Init(cmctx, priv, len, cipher, NULL)) { 574 EVPerror(EVP_R_KEY_SETUP_FAILED); 575 goto err; 576 } 577 578 pkey->pkey.ptr = cmctx; 579 580 return pkey; 581 582 err: 583 EVP_PKEY_free(pkey); 584 CMAC_CTX_free(cmctx); 585 586 return NULL; 587 } 588 589 void * 590 EVP_PKEY_get0(const EVP_PKEY *pkey) 591 { 592 return pkey->pkey.ptr; 593 } 594 595 const unsigned char * 596 EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) 597 { 598 ASN1_OCTET_STRING *os; 599 600 if (pkey->type != EVP_PKEY_HMAC) { 601 EVPerror(EVP_R_EXPECTING_AN_HMAC_KEY); 602 return NULL; 603 } 604 605 os = EVP_PKEY_get0(pkey); 606 *len = os->length; 607 608 return os->data; 609 } 610 611 #ifndef OPENSSL_NO_RSA 612 RSA * 613 EVP_PKEY_get0_RSA(EVP_PKEY *pkey) 614 { 615 if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA_PSS) 616 return pkey->pkey.rsa; 617 618 EVPerror(EVP_R_EXPECTING_AN_RSA_KEY); 619 return NULL; 620 } 621 622 RSA * 623 EVP_PKEY_get1_RSA(EVP_PKEY *pkey) 624 { 625 RSA *rsa; 626 627 if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) 628 return NULL; 629 630 RSA_up_ref(rsa); 631 632 return rsa; 633 } 634 635 int 636 EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) 637 { 638 int ret = EVP_PKEY_assign_RSA(pkey, key); 639 if (ret != 0) 640 RSA_up_ref(key); 641 return ret; 642 } 643 #endif 644 645 #ifndef OPENSSL_NO_DSA 646 DSA * 647 EVP_PKEY_get0_DSA(EVP_PKEY *pkey) 648 { 649 if (pkey->type != EVP_PKEY_DSA) { 650 EVPerror(EVP_R_EXPECTING_A_DSA_KEY); 651 return NULL; 652 } 653 return pkey->pkey.dsa; 654 } 655 656 DSA * 657 EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 658 { 659 DSA *dsa; 660 661 if ((dsa = EVP_PKEY_get0_DSA(pkey)) == NULL) 662 return NULL; 663 664 DSA_up_ref(dsa); 665 666 return dsa; 667 } 668 669 int 670 EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 671 { 672 int ret = EVP_PKEY_assign_DSA(pkey, key); 673 if (ret != 0) 674 DSA_up_ref(key); 675 return ret; 676 } 677 #endif 678 679 #ifndef OPENSSL_NO_EC 680 EC_KEY * 681 EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) 682 { 683 if (pkey->type != EVP_PKEY_EC) { 684 EVPerror(EVP_R_EXPECTING_A_EC_KEY); 685 return NULL; 686 } 687 return pkey->pkey.ec; 688 } 689 690 EC_KEY * 691 EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) 692 { 693 EC_KEY *key; 694 695 if ((key = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) 696 return NULL; 697 698 EC_KEY_up_ref(key); 699 700 return key; 701 } 702 703 int 704 EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) 705 { 706 int ret = EVP_PKEY_assign_EC_KEY(pkey, key); 707 if (ret != 0) 708 EC_KEY_up_ref(key); 709 return ret; 710 } 711 #endif 712 713 714 #ifndef OPENSSL_NO_DH 715 DH * 716 EVP_PKEY_get0_DH(EVP_PKEY *pkey) 717 { 718 if (pkey->type != EVP_PKEY_DH) { 719 EVPerror(EVP_R_EXPECTING_A_DH_KEY); 720 return NULL; 721 } 722 return pkey->pkey.dh; 723 } 724 725 DH * 726 EVP_PKEY_get1_DH(EVP_PKEY *pkey) 727 { 728 DH *dh; 729 730 if ((dh = EVP_PKEY_get0_DH(pkey)) == NULL) 731 return NULL; 732 733 DH_up_ref(dh); 734 735 return dh; 736 } 737 738 int 739 EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) 740 { 741 int ret = EVP_PKEY_assign_DH(pkey, key); 742 if (ret != 0) 743 DH_up_ref(key); 744 return ret; 745 } 746 #endif 747 748 int 749 EVP_PKEY_type(int type) 750 { 751 const EVP_PKEY_ASN1_METHOD *ameth; 752 753 if ((ameth = EVP_PKEY_asn1_find(NULL, type)) != NULL) 754 return ameth->pkey_id; 755 756 return NID_undef; 757 } 758 759 int 760 EVP_PKEY_id(const EVP_PKEY *pkey) 761 { 762 return pkey->type; 763 } 764 765 int 766 EVP_PKEY_base_id(const EVP_PKEY *pkey) 767 { 768 return EVP_PKEY_type(pkey->type); 769 } 770 771 static int 772 unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr) 773 { 774 if (!BIO_indent(out, indent, 128)) 775 return 0; 776 BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 777 kstr, OBJ_nid2ln(pkey->type)); 778 return 1; 779 } 780 781 int 782 EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, 783 ASN1_PCTX *pctx) 784 { 785 if (pkey->ameth && pkey->ameth->pub_print) 786 return pkey->ameth->pub_print(out, pkey, indent, pctx); 787 788 return unsup_alg(out, pkey, indent, "Public Key"); 789 } 790 791 int 792 EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, 793 ASN1_PCTX *pctx) 794 { 795 if (pkey->ameth && pkey->ameth->priv_print) 796 return pkey->ameth->priv_print(out, pkey, indent, pctx); 797 798 return unsup_alg(out, pkey, indent, "Private Key"); 799 } 800 801 int 802 EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, 803 ASN1_PCTX *pctx) 804 { 805 if (pkey->ameth && pkey->ameth->param_print) 806 return pkey->ameth->param_print(out, pkey, indent, pctx); 807 return unsup_alg(out, pkey, indent, "Parameters"); 808 } 809 810 int 811 EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 812 { 813 if (!pkey->ameth || !pkey->ameth->pkey_ctrl) 814 return -2; 815 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 816 0, pnid); 817 } 818