1 /* $OpenBSD: p_lib.c,v 1.59 2024/03/02 11:17:27 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * licensing@OpenSSL.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 */ 105 106 #include <stdio.h> 107 #include <stdlib.h> 108 #include <string.h> 109 110 #include <openssl/asn1.h> 111 #include <openssl/bio.h> 112 #include <openssl/cmac.h> 113 #include <openssl/crypto.h> 114 #include <openssl/err.h> 115 #include <openssl/evp.h> 116 #include <openssl/objects.h> 117 #include <openssl/x509.h> 118 119 #ifndef OPENSSL_NO_DH 120 #include <openssl/dh.h> 121 #endif 122 #ifndef OPENSSL_NO_DSA 123 #include <openssl/dsa.h> 124 #endif 125 #ifndef OPENSSL_NO_EC 126 #include <openssl/ec.h> 127 #endif 128 #ifndef OPENSSL_NO_RSA 129 #include <openssl/rsa.h> 130 #endif 131 132 #include "evp_local.h" 133 134 extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth; 135 extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; 136 extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth; 137 extern const EVP_PKEY_ASN1_METHOD dsa1_asn1_meth; 138 extern const EVP_PKEY_ASN1_METHOD dsa2_asn1_meth; 139 extern const EVP_PKEY_ASN1_METHOD dsa3_asn1_meth; 140 extern const EVP_PKEY_ASN1_METHOD dsa4_asn1_meth; 141 extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; 142 extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth; 143 extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; 144 extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; 145 extern const EVP_PKEY_ASN1_METHOD rsa2_asn1_meth; 146 extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth; 147 extern const EVP_PKEY_ASN1_METHOD x25519_asn1_meth; 148 149 static const EVP_PKEY_ASN1_METHOD *asn1_methods[] = { 150 &cmac_asn1_meth, 151 &dh_asn1_meth, 152 &dsa_asn1_meth, 153 &dsa1_asn1_meth, 154 &dsa2_asn1_meth, 155 &dsa3_asn1_meth, 156 &dsa4_asn1_meth, 157 &eckey_asn1_meth, 158 &ed25519_asn1_meth, 159 &hmac_asn1_meth, 160 &rsa_asn1_meth, 161 &rsa2_asn1_meth, 162 &rsa_pss_asn1_meth, 163 &x25519_asn1_meth, 164 }; 165 166 #define N_ASN1_METHODS (sizeof(asn1_methods) / sizeof(asn1_methods[0])) 167 168 int 169 EVP_PKEY_asn1_get_count(void) 170 { 171 return N_ASN1_METHODS; 172 } 173 174 const EVP_PKEY_ASN1_METHOD * 175 EVP_PKEY_asn1_get0(int idx) 176 { 177 if (idx < 0 || idx >= N_ASN1_METHODS) 178 return NULL; 179 180 return asn1_methods[idx]; 181 } 182 183 const EVP_PKEY_ASN1_METHOD * 184 EVP_PKEY_asn1_find(ENGINE **engine, int pkey_id) 185 { 186 size_t i; 187 188 if (engine != NULL) 189 *engine = NULL; 190 191 for (i = 0; i < N_ASN1_METHODS; i++) { 192 if (asn1_methods[i]->pkey_id == pkey_id) 193 return asn1_methods[i]->base_method; 194 } 195 196 return NULL; 197 } 198 199 const EVP_PKEY_ASN1_METHOD * 200 EVP_PKEY_asn1_find_str(ENGINE **engine, const char *str, int len) 201 { 202 const EVP_PKEY_ASN1_METHOD *ameth; 203 size_t i, str_len; 204 205 if (engine != NULL) 206 *engine = NULL; 207 208 if (len < -1) 209 return NULL; 210 if (len == -1) 211 str_len = strlen(str); 212 else 213 str_len = len; 214 215 for (i = 0; i < N_ASN1_METHODS; i++) { 216 ameth = asn1_methods[i]; 217 if ((ameth->pkey_flags & ASN1_PKEY_ALIAS) != 0) 218 continue; 219 if (strlen(ameth->pem_str) != str_len) 220 continue; 221 if (strncasecmp(ameth->pem_str, str, str_len) == 0) 222 return ameth; 223 } 224 225 return NULL; 226 } 227 228 int 229 EVP_PKEY_asn1_get0_info(int *pkey_id, int *pkey_base_id, int *pkey_flags, 230 const char **info, const char **pem_str, 231 const EVP_PKEY_ASN1_METHOD *ameth) 232 { 233 if (ameth == NULL) 234 return 0; 235 236 if (pkey_id != NULL) 237 *pkey_id = ameth->pkey_id; 238 if (pkey_base_id != NULL) 239 *pkey_base_id = ameth->base_method->pkey_id; 240 if (pkey_flags != NULL) 241 *pkey_flags = ameth->pkey_flags; 242 if (info != NULL) 243 *info = ameth->info; 244 if (pem_str != NULL) 245 *pem_str = ameth->pem_str; 246 247 return 1; 248 } 249 250 const EVP_PKEY_ASN1_METHOD* 251 EVP_PKEY_get0_asn1(const EVP_PKEY *pkey) 252 { 253 return pkey->ameth; 254 } 255 256 int 257 EVP_PKEY_bits(const EVP_PKEY *pkey) 258 { 259 if (pkey && pkey->ameth && pkey->ameth->pkey_bits) 260 return pkey->ameth->pkey_bits(pkey); 261 return 0; 262 } 263 264 int 265 EVP_PKEY_security_bits(const EVP_PKEY *pkey) 266 { 267 if (pkey == NULL) 268 return 0; 269 if (pkey->ameth == NULL || pkey->ameth->pkey_security_bits == NULL) 270 return -2; 271 272 return pkey->ameth->pkey_security_bits(pkey); 273 } 274 275 int 276 EVP_PKEY_size(const EVP_PKEY *pkey) 277 { 278 if (pkey && pkey->ameth && pkey->ameth->pkey_size) 279 return pkey->ameth->pkey_size(pkey); 280 return 0; 281 } 282 283 int 284 EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 285 { 286 #ifndef OPENSSL_NO_DSA 287 if (pkey->type == EVP_PKEY_DSA) { 288 int ret = pkey->save_parameters; 289 290 if (mode >= 0) 291 pkey->save_parameters = mode; 292 return (ret); 293 } 294 #endif 295 #ifndef OPENSSL_NO_EC 296 if (pkey->type == EVP_PKEY_EC) { 297 int ret = pkey->save_parameters; 298 299 if (mode >= 0) 300 pkey->save_parameters = mode; 301 return (ret); 302 } 303 #endif 304 return (0); 305 } 306 307 int 308 EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 309 { 310 if (to->type != from->type) { 311 EVPerror(EVP_R_DIFFERENT_KEY_TYPES); 312 goto err; 313 } 314 315 if (EVP_PKEY_missing_parameters(from)) { 316 EVPerror(EVP_R_MISSING_PARAMETERS); 317 goto err; 318 } 319 if (from->ameth && from->ameth->param_copy) 320 return from->ameth->param_copy(to, from); 321 322 err: 323 return 0; 324 } 325 326 int 327 EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 328 { 329 if (pkey->ameth && pkey->ameth->param_missing) 330 return pkey->ameth->param_missing(pkey); 331 return 0; 332 } 333 334 int 335 EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 336 { 337 if (a->type != b->type) 338 return -1; 339 if (a->ameth && a->ameth->param_cmp) 340 return a->ameth->param_cmp(a, b); 341 return -2; 342 } 343 344 int 345 EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 346 { 347 if (a->type != b->type) 348 return -1; 349 350 if (a->ameth) { 351 int ret; 352 /* Compare parameters if the algorithm has them */ 353 if (a->ameth->param_cmp) { 354 ret = a->ameth->param_cmp(a, b); 355 if (ret <= 0) 356 return ret; 357 } 358 359 if (a->ameth->pub_cmp) 360 return a->ameth->pub_cmp(a, b); 361 } 362 363 return -2; 364 } 365 366 EVP_PKEY * 367 EVP_PKEY_new(void) 368 { 369 EVP_PKEY *pkey; 370 371 if ((pkey = calloc(1, sizeof(*pkey))) == NULL) { 372 EVPerror(ERR_R_MALLOC_FAILURE); 373 return NULL; 374 } 375 376 pkey->type = EVP_PKEY_NONE; 377 pkey->references = 1; 378 pkey->save_parameters = 1; 379 380 return pkey; 381 } 382 383 int 384 EVP_PKEY_up_ref(EVP_PKEY *pkey) 385 { 386 return CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY) > 1; 387 } 388 389 static void 390 evp_pkey_free_pkey_ptr(EVP_PKEY *pkey) 391 { 392 if (pkey == NULL || pkey->ameth == NULL || pkey->ameth->pkey_free == NULL) 393 return; 394 395 pkey->ameth->pkey_free(pkey); 396 pkey->pkey.ptr = NULL; 397 } 398 399 void 400 EVP_PKEY_free(EVP_PKEY *pkey) 401 { 402 if (pkey == NULL) 403 return; 404 405 if (CRYPTO_add(&pkey->references, -1, CRYPTO_LOCK_EVP_PKEY) > 0) 406 return; 407 408 evp_pkey_free_pkey_ptr(pkey); 409 sk_X509_ATTRIBUTE_pop_free(pkey->attributes, X509_ATTRIBUTE_free); 410 freezero(pkey, sizeof(*pkey)); 411 } 412 413 int 414 EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 415 { 416 const EVP_PKEY_ASN1_METHOD *ameth; 417 418 evp_pkey_free_pkey_ptr(pkey); 419 420 if ((ameth = EVP_PKEY_asn1_find(NULL, type)) == NULL) { 421 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); 422 return 0; 423 } 424 if (pkey != NULL) { 425 pkey->ameth = ameth; 426 pkey->type = pkey->ameth->pkey_id; 427 } 428 429 return 1; 430 } 431 432 int 433 EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 434 { 435 const EVP_PKEY_ASN1_METHOD *ameth; 436 437 evp_pkey_free_pkey_ptr(pkey); 438 439 if ((ameth = EVP_PKEY_asn1_find_str(NULL, str, len)) == NULL) { 440 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); 441 return 0; 442 } 443 if (pkey != NULL) { 444 pkey->ameth = ameth; 445 pkey->type = pkey->ameth->pkey_id; 446 } 447 448 return 1; 449 } 450 451 int 452 EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 453 { 454 if (!EVP_PKEY_set_type(pkey, type)) 455 return 0; 456 457 return (pkey->pkey.ptr = key) != NULL; 458 } 459 460 EVP_PKEY * 461 EVP_PKEY_new_raw_private_key(int type, ENGINE *engine, 462 const unsigned char *private_key, size_t len) 463 { 464 EVP_PKEY *pkey; 465 466 if ((pkey = EVP_PKEY_new()) == NULL) 467 goto err; 468 469 if (!EVP_PKEY_set_type(pkey, type)) 470 goto err; 471 472 if (pkey->ameth->set_priv_key == NULL) { 473 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 474 goto err; 475 } 476 if (!pkey->ameth->set_priv_key(pkey, private_key, len)) { 477 EVPerror(EVP_R_KEY_SETUP_FAILED); 478 goto err; 479 } 480 481 return pkey; 482 483 err: 484 EVP_PKEY_free(pkey); 485 486 return NULL; 487 } 488 489 EVP_PKEY * 490 EVP_PKEY_new_raw_public_key(int type, ENGINE *engine, 491 const unsigned char *public_key, size_t len) 492 { 493 EVP_PKEY *pkey; 494 495 if ((pkey = EVP_PKEY_new()) == NULL) 496 goto err; 497 498 if (!EVP_PKEY_set_type(pkey, type)) 499 goto err; 500 501 if (pkey->ameth->set_pub_key == NULL) { 502 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 503 goto err; 504 } 505 if (!pkey->ameth->set_pub_key(pkey, public_key, len)) { 506 EVPerror(EVP_R_KEY_SETUP_FAILED); 507 goto err; 508 } 509 510 return pkey; 511 512 err: 513 EVP_PKEY_free(pkey); 514 515 return NULL; 516 } 517 518 int 519 EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, 520 unsigned char *out_private_key, size_t *out_len) 521 { 522 if (pkey->ameth->get_priv_key == NULL) { 523 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 524 return 0; 525 } 526 if (!pkey->ameth->get_priv_key(pkey, out_private_key, out_len)) { 527 EVPerror(EVP_R_GET_RAW_KEY_FAILED); 528 return 0; 529 } 530 531 return 1; 532 } 533 534 int 535 EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, 536 unsigned char *out_public_key, size_t *out_len) 537 { 538 if (pkey->ameth->get_pub_key == NULL) { 539 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 540 return 0; 541 } 542 if (!pkey->ameth->get_pub_key(pkey, out_public_key, out_len)) { 543 EVPerror(EVP_R_GET_RAW_KEY_FAILED); 544 return 0; 545 } 546 547 return 1; 548 } 549 550 EVP_PKEY * 551 EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, 552 const EVP_CIPHER *cipher) 553 { 554 EVP_PKEY *pkey = NULL; 555 CMAC_CTX *cmctx = NULL; 556 557 if ((pkey = EVP_PKEY_new()) == NULL) 558 goto err; 559 if ((cmctx = CMAC_CTX_new()) == NULL) 560 goto err; 561 562 if (!EVP_PKEY_set_type(pkey, EVP_PKEY_CMAC)) 563 goto err; 564 565 if (!CMAC_Init(cmctx, priv, len, cipher, NULL)) { 566 EVPerror(EVP_R_KEY_SETUP_FAILED); 567 goto err; 568 } 569 570 pkey->pkey.ptr = cmctx; 571 572 return pkey; 573 574 err: 575 EVP_PKEY_free(pkey); 576 CMAC_CTX_free(cmctx); 577 578 return NULL; 579 } 580 581 void * 582 EVP_PKEY_get0(const EVP_PKEY *pkey) 583 { 584 return pkey->pkey.ptr; 585 } 586 587 const unsigned char * 588 EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) 589 { 590 ASN1_OCTET_STRING *os; 591 592 if (pkey->type != EVP_PKEY_HMAC) { 593 EVPerror(EVP_R_EXPECTING_AN_HMAC_KEY); 594 return NULL; 595 } 596 597 os = EVP_PKEY_get0(pkey); 598 *len = os->length; 599 600 return os->data; 601 } 602 603 #ifndef OPENSSL_NO_RSA 604 RSA * 605 EVP_PKEY_get0_RSA(EVP_PKEY *pkey) 606 { 607 if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA_PSS) 608 return pkey->pkey.rsa; 609 610 EVPerror(EVP_R_EXPECTING_AN_RSA_KEY); 611 return NULL; 612 } 613 614 RSA * 615 EVP_PKEY_get1_RSA(EVP_PKEY *pkey) 616 { 617 RSA *rsa; 618 619 if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) 620 return NULL; 621 622 RSA_up_ref(rsa); 623 624 return rsa; 625 } 626 627 int 628 EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) 629 { 630 int ret = EVP_PKEY_assign_RSA(pkey, key); 631 if (ret != 0) 632 RSA_up_ref(key); 633 return ret; 634 } 635 #endif 636 637 #ifndef OPENSSL_NO_DSA 638 DSA * 639 EVP_PKEY_get0_DSA(EVP_PKEY *pkey) 640 { 641 if (pkey->type != EVP_PKEY_DSA) { 642 EVPerror(EVP_R_EXPECTING_A_DSA_KEY); 643 return NULL; 644 } 645 return pkey->pkey.dsa; 646 } 647 648 DSA * 649 EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 650 { 651 DSA *dsa; 652 653 if ((dsa = EVP_PKEY_get0_DSA(pkey)) == NULL) 654 return NULL; 655 656 DSA_up_ref(dsa); 657 658 return dsa; 659 } 660 661 int 662 EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 663 { 664 int ret = EVP_PKEY_assign_DSA(pkey, key); 665 if (ret != 0) 666 DSA_up_ref(key); 667 return ret; 668 } 669 #endif 670 671 #ifndef OPENSSL_NO_EC 672 EC_KEY * 673 EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) 674 { 675 if (pkey->type != EVP_PKEY_EC) { 676 EVPerror(EVP_R_EXPECTING_A_EC_KEY); 677 return NULL; 678 } 679 return pkey->pkey.ec; 680 } 681 682 EC_KEY * 683 EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) 684 { 685 EC_KEY *key; 686 687 if ((key = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) 688 return NULL; 689 690 EC_KEY_up_ref(key); 691 692 return key; 693 } 694 695 int 696 EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) 697 { 698 int ret = EVP_PKEY_assign_EC_KEY(pkey, key); 699 if (ret != 0) 700 EC_KEY_up_ref(key); 701 return ret; 702 } 703 #endif 704 705 706 #ifndef OPENSSL_NO_DH 707 DH * 708 EVP_PKEY_get0_DH(EVP_PKEY *pkey) 709 { 710 if (pkey->type != EVP_PKEY_DH) { 711 EVPerror(EVP_R_EXPECTING_A_DH_KEY); 712 return NULL; 713 } 714 return pkey->pkey.dh; 715 } 716 717 DH * 718 EVP_PKEY_get1_DH(EVP_PKEY *pkey) 719 { 720 DH *dh; 721 722 if ((dh = EVP_PKEY_get0_DH(pkey)) == NULL) 723 return NULL; 724 725 DH_up_ref(dh); 726 727 return dh; 728 } 729 730 int 731 EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) 732 { 733 int ret = EVP_PKEY_assign_DH(pkey, key); 734 if (ret != 0) 735 DH_up_ref(key); 736 return ret; 737 } 738 #endif 739 740 int 741 EVP_PKEY_type(int type) 742 { 743 const EVP_PKEY_ASN1_METHOD *ameth; 744 745 if ((ameth = EVP_PKEY_asn1_find(NULL, type)) != NULL) 746 return ameth->pkey_id; 747 748 return NID_undef; 749 } 750 751 int 752 EVP_PKEY_id(const EVP_PKEY *pkey) 753 { 754 return pkey->type; 755 } 756 757 int 758 EVP_PKEY_base_id(const EVP_PKEY *pkey) 759 { 760 return EVP_PKEY_type(pkey->type); 761 } 762 763 static int 764 unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr) 765 { 766 if (!BIO_indent(out, indent, 128)) 767 return 0; 768 BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 769 kstr, OBJ_nid2ln(pkey->type)); 770 return 1; 771 } 772 773 int 774 EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, 775 ASN1_PCTX *pctx) 776 { 777 if (pkey->ameth && pkey->ameth->pub_print) 778 return pkey->ameth->pub_print(out, pkey, indent, pctx); 779 780 return unsup_alg(out, pkey, indent, "Public Key"); 781 } 782 783 int 784 EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, 785 ASN1_PCTX *pctx) 786 { 787 if (pkey->ameth && pkey->ameth->priv_print) 788 return pkey->ameth->priv_print(out, pkey, indent, pctx); 789 790 return unsup_alg(out, pkey, indent, "Private Key"); 791 } 792 793 int 794 EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, 795 ASN1_PCTX *pctx) 796 { 797 if (pkey->ameth && pkey->ameth->param_print) 798 return pkey->ameth->param_print(out, pkey, indent, pctx); 799 return unsup_alg(out, pkey, indent, "Parameters"); 800 } 801 802 int 803 EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 804 { 805 if (!pkey->ameth || !pkey->ameth->pkey_ctrl) 806 return -2; 807 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 808 0, pnid); 809 } 810