1 /* $OpenBSD: p_lib.c,v 1.54 2024/01/04 17:01:26 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * licensing@OpenSSL.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 */ 105 106 #include <stdio.h> 107 #include <stdlib.h> 108 #include <string.h> 109 110 #include <openssl/asn1.h> 111 #include <openssl/bio.h> 112 #include <openssl/cmac.h> 113 #include <openssl/crypto.h> 114 #include <openssl/err.h> 115 #include <openssl/evp.h> 116 #include <openssl/objects.h> 117 #include <openssl/x509.h> 118 119 #ifndef OPENSSL_NO_DH 120 #include <openssl/dh.h> 121 #endif 122 #ifndef OPENSSL_NO_DSA 123 #include <openssl/dsa.h> 124 #endif 125 #ifndef OPENSSL_NO_EC 126 #include <openssl/ec.h> 127 #endif 128 #ifndef OPENSSL_NO_RSA 129 #include <openssl/rsa.h> 130 #endif 131 132 #include "evp_local.h" 133 134 extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth; 135 extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; 136 extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth; 137 extern const EVP_PKEY_ASN1_METHOD dsa1_asn1_meth; 138 extern const EVP_PKEY_ASN1_METHOD dsa2_asn1_meth; 139 extern const EVP_PKEY_ASN1_METHOD dsa3_asn1_meth; 140 extern const EVP_PKEY_ASN1_METHOD dsa4_asn1_meth; 141 extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; 142 extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth; 143 extern const EVP_PKEY_ASN1_METHOD gostimit_asn1_meth; 144 extern const EVP_PKEY_ASN1_METHOD gostr01_asn1_meth; 145 extern const EVP_PKEY_ASN1_METHOD gostr12_256_asn1_meth; 146 extern const EVP_PKEY_ASN1_METHOD gostr12_512_asn1_meth; 147 extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; 148 extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; 149 extern const EVP_PKEY_ASN1_METHOD rsa2_asn1_meth; 150 extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth; 151 extern const EVP_PKEY_ASN1_METHOD x25519_asn1_meth; 152 153 static const EVP_PKEY_ASN1_METHOD *asn1_methods[] = { 154 &cmac_asn1_meth, 155 &dh_asn1_meth, 156 &dsa_asn1_meth, 157 &dsa1_asn1_meth, 158 &dsa2_asn1_meth, 159 &dsa3_asn1_meth, 160 &dsa4_asn1_meth, 161 &eckey_asn1_meth, 162 &ed25519_asn1_meth, 163 &gostimit_asn1_meth, 164 &gostr01_asn1_meth, 165 &gostr12_256_asn1_meth, 166 &gostr12_512_asn1_meth, 167 &hmac_asn1_meth, 168 &rsa_asn1_meth, 169 &rsa2_asn1_meth, 170 &rsa_pss_asn1_meth, 171 &x25519_asn1_meth, 172 }; 173 174 #define N_ASN1_METHODS (sizeof(asn1_methods) / sizeof(asn1_methods[0])) 175 176 int 177 EVP_PKEY_asn1_get_count(void) 178 { 179 return N_ASN1_METHODS; 180 } 181 182 const EVP_PKEY_ASN1_METHOD * 183 EVP_PKEY_asn1_get0(int idx) 184 { 185 if (idx < 0 || idx >= N_ASN1_METHODS) 186 return NULL; 187 188 return asn1_methods[idx]; 189 } 190 191 static const EVP_PKEY_ASN1_METHOD * 192 pkey_asn1_find(int pkey_id) 193 { 194 const EVP_PKEY_ASN1_METHOD *ameth; 195 int i; 196 197 for (i = EVP_PKEY_asn1_get_count() - 1; i >= 0; i--) { 198 ameth = EVP_PKEY_asn1_get0(i); 199 if (ameth->pkey_id == pkey_id) 200 return ameth; 201 } 202 203 return NULL; 204 } 205 206 /* 207 * XXX - fix this. In what looks like an infinite loop, this API only makes two 208 * calls to pkey_asn1_find(): If the type resolves to an aliased ASN.1 method, 209 * the second call will find the method it aliases. Codify this in regress and 210 * make this explicit in code. 211 */ 212 const EVP_PKEY_ASN1_METHOD * 213 EVP_PKEY_asn1_find(ENGINE **pe, int type) 214 { 215 const EVP_PKEY_ASN1_METHOD *mp; 216 217 if (pe != NULL) 218 *pe = NULL; 219 220 for (;;) { 221 if ((mp = pkey_asn1_find(type)) == NULL) 222 break; 223 if ((mp->pkey_flags & ASN1_PKEY_ALIAS) == 0) 224 break; 225 type = mp->base_method->pkey_id; 226 } 227 228 return mp; 229 } 230 231 const EVP_PKEY_ASN1_METHOD * 232 EVP_PKEY_asn1_find_str(ENGINE **pe, const char *str, int len) 233 { 234 const EVP_PKEY_ASN1_METHOD *ameth; 235 int i; 236 237 if (len == -1) 238 len = strlen(str); 239 if (pe != NULL) 240 *pe = NULL; 241 for (i = EVP_PKEY_asn1_get_count() - 1; i >= 0; i--) { 242 ameth = EVP_PKEY_asn1_get0(i); 243 if (ameth->pkey_flags & ASN1_PKEY_ALIAS) 244 continue; 245 if (((int)strlen(ameth->pem_str) == len) && 246 !strncasecmp(ameth->pem_str, str, len)) 247 return ameth; 248 } 249 return NULL; 250 } 251 252 int 253 EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, int *ppkey_flags, 254 const char **pinfo, const char **ppem_str, 255 const EVP_PKEY_ASN1_METHOD *ameth) 256 { 257 if (!ameth) 258 return 0; 259 if (ppkey_id) 260 *ppkey_id = ameth->pkey_id; 261 if (ppkey_base_id) 262 *ppkey_base_id = ameth->base_method->pkey_id; 263 if (ppkey_flags) 264 *ppkey_flags = ameth->pkey_flags; 265 if (pinfo) 266 *pinfo = ameth->info; 267 if (ppem_str) 268 *ppem_str = ameth->pem_str; 269 return 1; 270 } 271 272 const EVP_PKEY_ASN1_METHOD* 273 EVP_PKEY_get0_asn1(const EVP_PKEY *pkey) 274 { 275 return pkey->ameth; 276 } 277 278 int 279 EVP_PKEY_bits(const EVP_PKEY *pkey) 280 { 281 if (pkey && pkey->ameth && pkey->ameth->pkey_bits) 282 return pkey->ameth->pkey_bits(pkey); 283 return 0; 284 } 285 286 int 287 EVP_PKEY_security_bits(const EVP_PKEY *pkey) 288 { 289 if (pkey == NULL) 290 return 0; 291 if (pkey->ameth == NULL || pkey->ameth->pkey_security_bits == NULL) 292 return -2; 293 294 return pkey->ameth->pkey_security_bits(pkey); 295 } 296 297 int 298 EVP_PKEY_size(const EVP_PKEY *pkey) 299 { 300 if (pkey && pkey->ameth && pkey->ameth->pkey_size) 301 return pkey->ameth->pkey_size(pkey); 302 return 0; 303 } 304 305 int 306 EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 307 { 308 #ifndef OPENSSL_NO_DSA 309 if (pkey->type == EVP_PKEY_DSA) { 310 int ret = pkey->save_parameters; 311 312 if (mode >= 0) 313 pkey->save_parameters = mode; 314 return (ret); 315 } 316 #endif 317 #ifndef OPENSSL_NO_EC 318 if (pkey->type == EVP_PKEY_EC) { 319 int ret = pkey->save_parameters; 320 321 if (mode >= 0) 322 pkey->save_parameters = mode; 323 return (ret); 324 } 325 #endif 326 return (0); 327 } 328 329 int 330 EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 331 { 332 if (to->type != from->type) { 333 EVPerror(EVP_R_DIFFERENT_KEY_TYPES); 334 goto err; 335 } 336 337 if (EVP_PKEY_missing_parameters(from)) { 338 EVPerror(EVP_R_MISSING_PARAMETERS); 339 goto err; 340 } 341 if (from->ameth && from->ameth->param_copy) 342 return from->ameth->param_copy(to, from); 343 344 err: 345 return 0; 346 } 347 348 int 349 EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 350 { 351 if (pkey->ameth && pkey->ameth->param_missing) 352 return pkey->ameth->param_missing(pkey); 353 return 0; 354 } 355 356 int 357 EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 358 { 359 if (a->type != b->type) 360 return -1; 361 if (a->ameth && a->ameth->param_cmp) 362 return a->ameth->param_cmp(a, b); 363 return -2; 364 } 365 366 int 367 EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 368 { 369 if (a->type != b->type) 370 return -1; 371 372 if (a->ameth) { 373 int ret; 374 /* Compare parameters if the algorithm has them */ 375 if (a->ameth->param_cmp) { 376 ret = a->ameth->param_cmp(a, b); 377 if (ret <= 0) 378 return ret; 379 } 380 381 if (a->ameth->pub_cmp) 382 return a->ameth->pub_cmp(a, b); 383 } 384 385 return -2; 386 } 387 388 EVP_PKEY * 389 EVP_PKEY_new(void) 390 { 391 EVP_PKEY *pkey; 392 393 if ((pkey = calloc(1, sizeof(*pkey))) == NULL) { 394 EVPerror(ERR_R_MALLOC_FAILURE); 395 return NULL; 396 } 397 398 pkey->type = EVP_PKEY_NONE; 399 pkey->references = 1; 400 pkey->save_parameters = 1; 401 402 return pkey; 403 } 404 405 int 406 EVP_PKEY_up_ref(EVP_PKEY *pkey) 407 { 408 return CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY) > 1; 409 } 410 411 static void 412 evp_pkey_free_pkey_ptr(EVP_PKEY *pkey) 413 { 414 if (pkey == NULL || pkey->ameth == NULL || pkey->ameth->pkey_free == NULL) 415 return; 416 417 pkey->ameth->pkey_free(pkey); 418 pkey->pkey.ptr = NULL; 419 } 420 421 void 422 EVP_PKEY_free(EVP_PKEY *pkey) 423 { 424 if (pkey == NULL) 425 return; 426 427 if (CRYPTO_add(&pkey->references, -1, CRYPTO_LOCK_EVP_PKEY) > 0) 428 return; 429 430 evp_pkey_free_pkey_ptr(pkey); 431 sk_X509_ATTRIBUTE_pop_free(pkey->attributes, X509_ATTRIBUTE_free); 432 freezero(pkey, sizeof(*pkey)); 433 } 434 435 int 436 EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 437 { 438 const EVP_PKEY_ASN1_METHOD *ameth; 439 440 evp_pkey_free_pkey_ptr(pkey); 441 442 if ((ameth = EVP_PKEY_asn1_find(NULL, type)) == NULL) { 443 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); 444 return 0; 445 } 446 if (pkey != NULL) { 447 pkey->ameth = ameth; 448 pkey->type = pkey->ameth->pkey_id; 449 } 450 451 return 1; 452 } 453 454 int 455 EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 456 { 457 const EVP_PKEY_ASN1_METHOD *ameth; 458 459 evp_pkey_free_pkey_ptr(pkey); 460 461 if ((ameth = EVP_PKEY_asn1_find_str(NULL, str, len)) == NULL) { 462 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); 463 return 0; 464 } 465 if (pkey != NULL) { 466 pkey->ameth = ameth; 467 pkey->type = pkey->ameth->pkey_id; 468 } 469 470 return 1; 471 } 472 473 int 474 EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 475 { 476 if (!EVP_PKEY_set_type(pkey, type)) 477 return 0; 478 479 return (pkey->pkey.ptr = key) != NULL; 480 } 481 482 EVP_PKEY * 483 EVP_PKEY_new_raw_private_key(int type, ENGINE *engine, 484 const unsigned char *private_key, size_t len) 485 { 486 EVP_PKEY *pkey; 487 488 if ((pkey = EVP_PKEY_new()) == NULL) 489 goto err; 490 491 if (!EVP_PKEY_set_type(pkey, type)) 492 goto err; 493 494 if (pkey->ameth->set_priv_key == NULL) { 495 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 496 goto err; 497 } 498 if (!pkey->ameth->set_priv_key(pkey, private_key, len)) { 499 EVPerror(EVP_R_KEY_SETUP_FAILED); 500 goto err; 501 } 502 503 return pkey; 504 505 err: 506 EVP_PKEY_free(pkey); 507 508 return NULL; 509 } 510 511 EVP_PKEY * 512 EVP_PKEY_new_raw_public_key(int type, ENGINE *engine, 513 const unsigned char *public_key, size_t len) 514 { 515 EVP_PKEY *pkey; 516 517 if ((pkey = EVP_PKEY_new()) == NULL) 518 goto err; 519 520 if (!EVP_PKEY_set_type(pkey, type)) 521 goto err; 522 523 if (pkey->ameth->set_pub_key == NULL) { 524 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 525 goto err; 526 } 527 if (!pkey->ameth->set_pub_key(pkey, public_key, len)) { 528 EVPerror(EVP_R_KEY_SETUP_FAILED); 529 goto err; 530 } 531 532 return pkey; 533 534 err: 535 EVP_PKEY_free(pkey); 536 537 return NULL; 538 } 539 540 int 541 EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, 542 unsigned char *out_private_key, size_t *out_len) 543 { 544 if (pkey->ameth->get_priv_key == NULL) { 545 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 546 return 0; 547 } 548 if (!pkey->ameth->get_priv_key(pkey, out_private_key, out_len)) { 549 EVPerror(EVP_R_GET_RAW_KEY_FAILED); 550 return 0; 551 } 552 553 return 1; 554 } 555 556 int 557 EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, 558 unsigned char *out_public_key, size_t *out_len) 559 { 560 if (pkey->ameth->get_pub_key == NULL) { 561 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 562 return 0; 563 } 564 if (!pkey->ameth->get_pub_key(pkey, out_public_key, out_len)) { 565 EVPerror(EVP_R_GET_RAW_KEY_FAILED); 566 return 0; 567 } 568 569 return 1; 570 } 571 572 EVP_PKEY * 573 EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, 574 const EVP_CIPHER *cipher) 575 { 576 EVP_PKEY *pkey = NULL; 577 CMAC_CTX *cmctx = NULL; 578 579 if ((pkey = EVP_PKEY_new()) == NULL) 580 goto err; 581 if ((cmctx = CMAC_CTX_new()) == NULL) 582 goto err; 583 584 if (!EVP_PKEY_set_type(pkey, EVP_PKEY_CMAC)) 585 goto err; 586 587 if (!CMAC_Init(cmctx, priv, len, cipher, NULL)) { 588 EVPerror(EVP_R_KEY_SETUP_FAILED); 589 goto err; 590 } 591 592 pkey->pkey.ptr = cmctx; 593 594 return pkey; 595 596 err: 597 EVP_PKEY_free(pkey); 598 CMAC_CTX_free(cmctx); 599 600 return NULL; 601 } 602 603 void * 604 EVP_PKEY_get0(const EVP_PKEY *pkey) 605 { 606 return pkey->pkey.ptr; 607 } 608 609 const unsigned char * 610 EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) 611 { 612 ASN1_OCTET_STRING *os; 613 614 if (pkey->type != EVP_PKEY_HMAC) { 615 EVPerror(EVP_R_EXPECTING_AN_HMAC_KEY); 616 return NULL; 617 } 618 619 os = EVP_PKEY_get0(pkey); 620 *len = os->length; 621 622 return os->data; 623 } 624 625 #ifndef OPENSSL_NO_RSA 626 RSA * 627 EVP_PKEY_get0_RSA(EVP_PKEY *pkey) 628 { 629 if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA_PSS) 630 return pkey->pkey.rsa; 631 632 EVPerror(EVP_R_EXPECTING_AN_RSA_KEY); 633 return NULL; 634 } 635 636 RSA * 637 EVP_PKEY_get1_RSA(EVP_PKEY *pkey) 638 { 639 RSA *rsa; 640 641 if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) 642 return NULL; 643 644 RSA_up_ref(rsa); 645 646 return rsa; 647 } 648 649 int 650 EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) 651 { 652 int ret = EVP_PKEY_assign_RSA(pkey, key); 653 if (ret != 0) 654 RSA_up_ref(key); 655 return ret; 656 } 657 #endif 658 659 #ifndef OPENSSL_NO_DSA 660 DSA * 661 EVP_PKEY_get0_DSA(EVP_PKEY *pkey) 662 { 663 if (pkey->type != EVP_PKEY_DSA) { 664 EVPerror(EVP_R_EXPECTING_A_DSA_KEY); 665 return NULL; 666 } 667 return pkey->pkey.dsa; 668 } 669 670 DSA * 671 EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 672 { 673 DSA *dsa; 674 675 if ((dsa = EVP_PKEY_get0_DSA(pkey)) == NULL) 676 return NULL; 677 678 DSA_up_ref(dsa); 679 680 return dsa; 681 } 682 683 int 684 EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 685 { 686 int ret = EVP_PKEY_assign_DSA(pkey, key); 687 if (ret != 0) 688 DSA_up_ref(key); 689 return ret; 690 } 691 #endif 692 693 #ifndef OPENSSL_NO_EC 694 EC_KEY * 695 EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) 696 { 697 if (pkey->type != EVP_PKEY_EC) { 698 EVPerror(EVP_R_EXPECTING_A_EC_KEY); 699 return NULL; 700 } 701 return pkey->pkey.ec; 702 } 703 704 EC_KEY * 705 EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) 706 { 707 EC_KEY *key; 708 709 if ((key = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) 710 return NULL; 711 712 EC_KEY_up_ref(key); 713 714 return key; 715 } 716 717 int 718 EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) 719 { 720 int ret = EVP_PKEY_assign_EC_KEY(pkey, key); 721 if (ret != 0) 722 EC_KEY_up_ref(key); 723 return ret; 724 } 725 #endif 726 727 728 #ifndef OPENSSL_NO_DH 729 DH * 730 EVP_PKEY_get0_DH(EVP_PKEY *pkey) 731 { 732 if (pkey->type != EVP_PKEY_DH) { 733 EVPerror(EVP_R_EXPECTING_A_DH_KEY); 734 return NULL; 735 } 736 return pkey->pkey.dh; 737 } 738 739 DH * 740 EVP_PKEY_get1_DH(EVP_PKEY *pkey) 741 { 742 DH *dh; 743 744 if ((dh = EVP_PKEY_get0_DH(pkey)) == NULL) 745 return NULL; 746 747 DH_up_ref(dh); 748 749 return dh; 750 } 751 752 int 753 EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) 754 { 755 int ret = EVP_PKEY_assign_DH(pkey, key); 756 if (ret != 0) 757 DH_up_ref(key); 758 return ret; 759 } 760 #endif 761 762 int 763 EVP_PKEY_type(int type) 764 { 765 const EVP_PKEY_ASN1_METHOD *ameth; 766 767 if ((ameth = EVP_PKEY_asn1_find(NULL, type)) != NULL) 768 return ameth->pkey_id; 769 770 return NID_undef; 771 } 772 773 int 774 EVP_PKEY_id(const EVP_PKEY *pkey) 775 { 776 return pkey->type; 777 } 778 779 int 780 EVP_PKEY_base_id(const EVP_PKEY *pkey) 781 { 782 return EVP_PKEY_type(pkey->type); 783 } 784 785 static int 786 unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr) 787 { 788 if (!BIO_indent(out, indent, 128)) 789 return 0; 790 BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 791 kstr, OBJ_nid2ln(pkey->type)); 792 return 1; 793 } 794 795 int 796 EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, 797 ASN1_PCTX *pctx) 798 { 799 if (pkey->ameth && pkey->ameth->pub_print) 800 return pkey->ameth->pub_print(out, pkey, indent, pctx); 801 802 return unsup_alg(out, pkey, indent, "Public Key"); 803 } 804 805 int 806 EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, 807 ASN1_PCTX *pctx) 808 { 809 if (pkey->ameth && pkey->ameth->priv_print) 810 return pkey->ameth->priv_print(out, pkey, indent, pctx); 811 812 return unsup_alg(out, pkey, indent, "Private Key"); 813 } 814 815 int 816 EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, 817 ASN1_PCTX *pctx) 818 { 819 if (pkey->ameth && pkey->ameth->param_print) 820 return pkey->ameth->param_print(out, pkey, indent, pctx); 821 return unsup_alg(out, pkey, indent, "Parameters"); 822 } 823 824 int 825 EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 826 { 827 if (!pkey->ameth || !pkey->ameth->pkey_ctrl) 828 return -2; 829 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 830 0, pnid); 831 } 832