1 /* $OpenBSD: p_lib.c,v 1.47 2023/12/25 21:41:19 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <stdio.h> 60 61 #include <openssl/opensslconf.h> 62 63 #include <openssl/bn.h> 64 #include <openssl/cmac.h> 65 #include <openssl/err.h> 66 #include <openssl/evp.h> 67 #include <openssl/objects.h> 68 #include <openssl/x509.h> 69 70 #ifndef OPENSSL_NO_DH 71 #include <openssl/dh.h> 72 #endif 73 #ifndef OPENSSL_NO_DSA 74 #include <openssl/dsa.h> 75 #endif 76 #ifndef OPENSSL_NO_RSA 77 #include <openssl/rsa.h> 78 #endif 79 80 #include "asn1_local.h" 81 #include "evp_local.h" 82 83 int 84 EVP_PKEY_bits(const EVP_PKEY *pkey) 85 { 86 if (pkey && pkey->ameth && pkey->ameth->pkey_bits) 87 return pkey->ameth->pkey_bits(pkey); 88 return 0; 89 } 90 91 int 92 EVP_PKEY_security_bits(const EVP_PKEY *pkey) 93 { 94 if (pkey == NULL) 95 return 0; 96 if (pkey->ameth == NULL || pkey->ameth->pkey_security_bits == NULL) 97 return -2; 98 99 return pkey->ameth->pkey_security_bits(pkey); 100 } 101 102 int 103 EVP_PKEY_size(const EVP_PKEY *pkey) 104 { 105 if (pkey && pkey->ameth && pkey->ameth->pkey_size) 106 return pkey->ameth->pkey_size(pkey); 107 return 0; 108 } 109 110 int 111 EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 112 { 113 #ifndef OPENSSL_NO_DSA 114 if (pkey->type == EVP_PKEY_DSA) { 115 int ret = pkey->save_parameters; 116 117 if (mode >= 0) 118 pkey->save_parameters = mode; 119 return (ret); 120 } 121 #endif 122 #ifndef OPENSSL_NO_EC 123 if (pkey->type == EVP_PKEY_EC) { 124 int ret = pkey->save_parameters; 125 126 if (mode >= 0) 127 pkey->save_parameters = mode; 128 return (ret); 129 } 130 #endif 131 return (0); 132 } 133 134 int 135 EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 136 { 137 if (to->type != from->type) { 138 EVPerror(EVP_R_DIFFERENT_KEY_TYPES); 139 goto err; 140 } 141 142 if (EVP_PKEY_missing_parameters(from)) { 143 EVPerror(EVP_R_MISSING_PARAMETERS); 144 goto err; 145 } 146 if (from->ameth && from->ameth->param_copy) 147 return from->ameth->param_copy(to, from); 148 149 err: 150 return 0; 151 } 152 153 int 154 EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 155 { 156 if (pkey->ameth && pkey->ameth->param_missing) 157 return pkey->ameth->param_missing(pkey); 158 return 0; 159 } 160 161 int 162 EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 163 { 164 if (a->type != b->type) 165 return -1; 166 if (a->ameth && a->ameth->param_cmp) 167 return a->ameth->param_cmp(a, b); 168 return -2; 169 } 170 171 int 172 EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 173 { 174 if (a->type != b->type) 175 return -1; 176 177 if (a->ameth) { 178 int ret; 179 /* Compare parameters if the algorithm has them */ 180 if (a->ameth->param_cmp) { 181 ret = a->ameth->param_cmp(a, b); 182 if (ret <= 0) 183 return ret; 184 } 185 186 if (a->ameth->pub_cmp) 187 return a->ameth->pub_cmp(a, b); 188 } 189 190 return -2; 191 } 192 193 EVP_PKEY * 194 EVP_PKEY_new(void) 195 { 196 EVP_PKEY *ret; 197 198 if ((ret = calloc(1, sizeof(*ret))) == NULL) { 199 EVPerror(ERR_R_MALLOC_FAILURE); 200 return NULL; 201 } 202 203 ret->type = EVP_PKEY_NONE; 204 ret->save_type = EVP_PKEY_NONE; 205 ret->references = 1; 206 ret->save_parameters = 1; 207 208 return ret; 209 } 210 211 int 212 EVP_PKEY_up_ref(EVP_PKEY *pkey) 213 { 214 return CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY) > 1; 215 } 216 217 static void 218 evp_pkey_free_pkey_ptr(EVP_PKEY *pkey) 219 { 220 if (pkey == NULL || pkey->ameth == NULL || pkey->ameth->pkey_free == NULL) 221 return; 222 223 pkey->ameth->pkey_free(pkey); 224 pkey->pkey.ptr = NULL; 225 } 226 227 void 228 EVP_PKEY_free(EVP_PKEY *pkey) 229 { 230 if (pkey == NULL) 231 return; 232 233 if (CRYPTO_add(&pkey->references, -1, CRYPTO_LOCK_EVP_PKEY) > 0) 234 return; 235 236 evp_pkey_free_pkey_ptr(pkey); 237 sk_X509_ATTRIBUTE_pop_free(pkey->attributes, X509_ATTRIBUTE_free); 238 freezero(pkey, sizeof(*pkey)); 239 } 240 241 /* Setup a public key ASN1 method from a NID or a string. 242 * If pkey is NULL just return 1 or 0 if the algorithm exists. 243 */ 244 245 static int 246 pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len) 247 { 248 const EVP_PKEY_ASN1_METHOD *ameth; 249 250 if (pkey) { 251 if (pkey->pkey.ptr) 252 evp_pkey_free_pkey_ptr(pkey); 253 /* If key type matches and a method exists then this 254 * lookup has succeeded once so just indicate success. 255 */ 256 if ((type == pkey->save_type) && pkey->ameth) 257 return 1; 258 } 259 if (str != NULL) 260 ameth = EVP_PKEY_asn1_find_str(NULL, str, len); 261 else 262 ameth = EVP_PKEY_asn1_find(NULL, type); 263 if (!ameth) { 264 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); 265 return 0; 266 } 267 if (pkey) { 268 pkey->ameth = ameth; 269 270 pkey->type = pkey->ameth->pkey_id; 271 pkey->save_type = type; 272 } 273 return 1; 274 } 275 276 int 277 EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 278 { 279 return pkey_set_type(pkey, type, NULL, -1); 280 } 281 282 EVP_PKEY * 283 EVP_PKEY_new_raw_private_key(int type, ENGINE *engine, 284 const unsigned char *private_key, size_t len) 285 { 286 EVP_PKEY *ret; 287 288 if ((ret = EVP_PKEY_new()) == NULL) 289 goto err; 290 291 if (!pkey_set_type(ret, type, NULL, -1)) 292 goto err; 293 294 if (ret->ameth->set_priv_key == NULL) { 295 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 296 goto err; 297 } 298 if (!ret->ameth->set_priv_key(ret, private_key, len)) { 299 EVPerror(EVP_R_KEY_SETUP_FAILED); 300 goto err; 301 } 302 303 return ret; 304 305 err: 306 EVP_PKEY_free(ret); 307 308 return NULL; 309 } 310 311 EVP_PKEY * 312 EVP_PKEY_new_raw_public_key(int type, ENGINE *engine, 313 const unsigned char *public_key, size_t len) 314 { 315 EVP_PKEY *ret; 316 317 if ((ret = EVP_PKEY_new()) == NULL) 318 goto err; 319 320 if (!pkey_set_type(ret, type, NULL, -1)) 321 goto err; 322 323 if (ret->ameth->set_pub_key == NULL) { 324 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 325 goto err; 326 } 327 if (!ret->ameth->set_pub_key(ret, public_key, len)) { 328 EVPerror(EVP_R_KEY_SETUP_FAILED); 329 goto err; 330 } 331 332 return ret; 333 334 err: 335 EVP_PKEY_free(ret); 336 337 return NULL; 338 } 339 340 int 341 EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, 342 unsigned char *out_private_key, size_t *out_len) 343 { 344 if (pkey->ameth->get_priv_key == NULL) { 345 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 346 return 0; 347 } 348 if (!pkey->ameth->get_priv_key(pkey, out_private_key, out_len)) { 349 EVPerror(EVP_R_GET_RAW_KEY_FAILED); 350 return 0; 351 } 352 353 return 1; 354 } 355 356 int 357 EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, 358 unsigned char *out_public_key, size_t *out_len) 359 { 360 if (pkey->ameth->get_pub_key == NULL) { 361 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 362 return 0; 363 } 364 if (!pkey->ameth->get_pub_key(pkey, out_public_key, out_len)) { 365 EVPerror(EVP_R_GET_RAW_KEY_FAILED); 366 return 0; 367 } 368 369 return 1; 370 } 371 372 EVP_PKEY * 373 EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, 374 const EVP_CIPHER *cipher) 375 { 376 EVP_PKEY *ret = NULL; 377 CMAC_CTX *cmctx = NULL; 378 379 if ((ret = EVP_PKEY_new()) == NULL) 380 goto err; 381 if ((cmctx = CMAC_CTX_new()) == NULL) 382 goto err; 383 384 if (!pkey_set_type(ret, EVP_PKEY_CMAC, NULL, -1)) 385 goto err; 386 387 if (!CMAC_Init(cmctx, priv, len, cipher, NULL)) { 388 EVPerror(EVP_R_KEY_SETUP_FAILED); 389 goto err; 390 } 391 392 ret->pkey.ptr = cmctx; 393 394 return ret; 395 396 err: 397 EVP_PKEY_free(ret); 398 CMAC_CTX_free(cmctx); 399 return NULL; 400 } 401 402 int 403 EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 404 { 405 return pkey_set_type(pkey, EVP_PKEY_NONE, str, len); 406 } 407 408 int 409 EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 410 { 411 if (!EVP_PKEY_set_type(pkey, type)) 412 return 0; 413 pkey->pkey.ptr = key; 414 return (key != NULL); 415 } 416 417 void * 418 EVP_PKEY_get0(const EVP_PKEY *pkey) 419 { 420 return pkey->pkey.ptr; 421 } 422 423 const unsigned char * 424 EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) 425 { 426 ASN1_OCTET_STRING *os; 427 428 if (pkey->type != EVP_PKEY_HMAC) { 429 EVPerror(EVP_R_EXPECTING_AN_HMAC_KEY); 430 return NULL; 431 } 432 433 os = EVP_PKEY_get0(pkey); 434 *len = os->length; 435 436 return os->data; 437 } 438 439 #ifndef OPENSSL_NO_RSA 440 RSA * 441 EVP_PKEY_get0_RSA(EVP_PKEY *pkey) 442 { 443 if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA_PSS) 444 return pkey->pkey.rsa; 445 446 EVPerror(EVP_R_EXPECTING_AN_RSA_KEY); 447 return NULL; 448 } 449 450 RSA * 451 EVP_PKEY_get1_RSA(EVP_PKEY *pkey) 452 { 453 RSA *rsa; 454 455 if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) 456 return NULL; 457 458 RSA_up_ref(rsa); 459 460 return rsa; 461 } 462 463 int 464 EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) 465 { 466 int ret = EVP_PKEY_assign_RSA(pkey, key); 467 if (ret != 0) 468 RSA_up_ref(key); 469 return ret; 470 } 471 #endif 472 473 #ifndef OPENSSL_NO_DSA 474 DSA * 475 EVP_PKEY_get0_DSA(EVP_PKEY *pkey) 476 { 477 if (pkey->type != EVP_PKEY_DSA) { 478 EVPerror(EVP_R_EXPECTING_A_DSA_KEY); 479 return NULL; 480 } 481 return pkey->pkey.dsa; 482 } 483 484 DSA * 485 EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 486 { 487 DSA *dsa; 488 489 if ((dsa = EVP_PKEY_get0_DSA(pkey)) == NULL) 490 return NULL; 491 492 DSA_up_ref(dsa); 493 494 return dsa; 495 } 496 497 int 498 EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 499 { 500 int ret = EVP_PKEY_assign_DSA(pkey, key); 501 if (ret != 0) 502 DSA_up_ref(key); 503 return ret; 504 } 505 #endif 506 507 #ifndef OPENSSL_NO_EC 508 EC_KEY * 509 EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) 510 { 511 if (pkey->type != EVP_PKEY_EC) { 512 EVPerror(EVP_R_EXPECTING_A_EC_KEY); 513 return NULL; 514 } 515 return pkey->pkey.ec; 516 } 517 518 EC_KEY * 519 EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) 520 { 521 EC_KEY *key; 522 523 if ((key = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) 524 return NULL; 525 526 EC_KEY_up_ref(key); 527 528 return key; 529 } 530 531 int 532 EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) 533 { 534 int ret = EVP_PKEY_assign_EC_KEY(pkey, key); 535 if (ret != 0) 536 EC_KEY_up_ref(key); 537 return ret; 538 } 539 #endif 540 541 542 #ifndef OPENSSL_NO_DH 543 DH * 544 EVP_PKEY_get0_DH(EVP_PKEY *pkey) 545 { 546 if (pkey->type != EVP_PKEY_DH) { 547 EVPerror(EVP_R_EXPECTING_A_DH_KEY); 548 return NULL; 549 } 550 return pkey->pkey.dh; 551 } 552 553 DH * 554 EVP_PKEY_get1_DH(EVP_PKEY *pkey) 555 { 556 DH *dh; 557 558 if ((dh = EVP_PKEY_get0_DH(pkey)) == NULL) 559 return NULL; 560 561 DH_up_ref(dh); 562 563 return dh; 564 } 565 566 int 567 EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) 568 { 569 int ret = EVP_PKEY_assign_DH(pkey, key); 570 if (ret != 0) 571 DH_up_ref(key); 572 return ret; 573 } 574 #endif 575 576 int 577 EVP_PKEY_type(int type) 578 { 579 const EVP_PKEY_ASN1_METHOD *ameth; 580 581 if ((ameth = EVP_PKEY_asn1_find(NULL, type)) != NULL) 582 return ameth->pkey_id; 583 584 return NID_undef; 585 } 586 587 int 588 EVP_PKEY_id(const EVP_PKEY *pkey) 589 { 590 return pkey->type; 591 } 592 593 int 594 EVP_PKEY_base_id(const EVP_PKEY *pkey) 595 { 596 return EVP_PKEY_type(pkey->type); 597 } 598 599 static int 600 unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr) 601 { 602 if (!BIO_indent(out, indent, 128)) 603 return 0; 604 BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 605 kstr, OBJ_nid2ln(pkey->type)); 606 return 1; 607 } 608 609 int 610 EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, 611 ASN1_PCTX *pctx) 612 { 613 if (pkey->ameth && pkey->ameth->pub_print) 614 return pkey->ameth->pub_print(out, pkey, indent, pctx); 615 616 return unsup_alg(out, pkey, indent, "Public Key"); 617 } 618 619 int 620 EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, 621 ASN1_PCTX *pctx) 622 { 623 if (pkey->ameth && pkey->ameth->priv_print) 624 return pkey->ameth->priv_print(out, pkey, indent, pctx); 625 626 return unsup_alg(out, pkey, indent, "Private Key"); 627 } 628 629 int 630 EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, 631 ASN1_PCTX *pctx) 632 { 633 if (pkey->ameth && pkey->ameth->param_print) 634 return pkey->ameth->param_print(out, pkey, indent, pctx); 635 return unsup_alg(out, pkey, indent, "Parameters"); 636 } 637 638 int 639 EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 640 { 641 if (!pkey->ameth || !pkey->ameth->pkey_ctrl) 642 return -2; 643 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 644 0, pnid); 645 } 646