1 /* $OpenBSD: p_lib.c,v 1.60 2024/04/09 13:52:41 beck Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * licensing@OpenSSL.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 */ 105 106 #include <stdio.h> 107 #include <stdlib.h> 108 #include <string.h> 109 110 #include <openssl/asn1.h> 111 #include <openssl/bio.h> 112 #include <openssl/cmac.h> 113 #include <openssl/crypto.h> 114 #include <openssl/err.h> 115 #include <openssl/evp.h> 116 #include <openssl/objects.h> 117 #include <openssl/x509.h> 118 119 #ifndef OPENSSL_NO_DH 120 #include <openssl/dh.h> 121 #endif 122 #ifndef OPENSSL_NO_DSA 123 #include <openssl/dsa.h> 124 #endif 125 #ifndef OPENSSL_NO_EC 126 #include <openssl/ec.h> 127 #endif 128 #ifndef OPENSSL_NO_RSA 129 #include <openssl/rsa.h> 130 #endif 131 132 #include "evp_local.h" 133 134 extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth; 135 extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; 136 extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth; 137 extern const EVP_PKEY_ASN1_METHOD dsa1_asn1_meth; 138 extern const EVP_PKEY_ASN1_METHOD dsa2_asn1_meth; 139 extern const EVP_PKEY_ASN1_METHOD dsa3_asn1_meth; 140 extern const EVP_PKEY_ASN1_METHOD dsa4_asn1_meth; 141 extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; 142 extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth; 143 extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; 144 extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; 145 extern const EVP_PKEY_ASN1_METHOD rsa2_asn1_meth; 146 extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth; 147 extern const EVP_PKEY_ASN1_METHOD x25519_asn1_meth; 148 149 static const EVP_PKEY_ASN1_METHOD *asn1_methods[] = { 150 &cmac_asn1_meth, 151 &dh_asn1_meth, 152 &dsa_asn1_meth, 153 &dsa1_asn1_meth, 154 &dsa2_asn1_meth, 155 &dsa3_asn1_meth, 156 &dsa4_asn1_meth, 157 &eckey_asn1_meth, 158 &ed25519_asn1_meth, 159 &hmac_asn1_meth, 160 &rsa_asn1_meth, 161 &rsa2_asn1_meth, 162 &rsa_pss_asn1_meth, 163 &x25519_asn1_meth, 164 }; 165 166 #define N_ASN1_METHODS (sizeof(asn1_methods) / sizeof(asn1_methods[0])) 167 168 int 169 EVP_PKEY_asn1_get_count(void) 170 { 171 return N_ASN1_METHODS; 172 } 173 LCRYPTO_ALIAS(EVP_PKEY_asn1_get_count); 174 175 const EVP_PKEY_ASN1_METHOD * 176 EVP_PKEY_asn1_get0(int idx) 177 { 178 if (idx < 0 || idx >= N_ASN1_METHODS) 179 return NULL; 180 181 return asn1_methods[idx]; 182 } 183 LCRYPTO_ALIAS(EVP_PKEY_asn1_get0); 184 185 const EVP_PKEY_ASN1_METHOD * 186 EVP_PKEY_asn1_find(ENGINE **engine, int pkey_id) 187 { 188 size_t i; 189 190 if (engine != NULL) 191 *engine = NULL; 192 193 for (i = 0; i < N_ASN1_METHODS; i++) { 194 if (asn1_methods[i]->pkey_id == pkey_id) 195 return asn1_methods[i]->base_method; 196 } 197 198 return NULL; 199 } 200 LCRYPTO_ALIAS(EVP_PKEY_asn1_find); 201 202 const EVP_PKEY_ASN1_METHOD * 203 EVP_PKEY_asn1_find_str(ENGINE **engine, const char *str, int len) 204 { 205 const EVP_PKEY_ASN1_METHOD *ameth; 206 size_t i, str_len; 207 208 if (engine != NULL) 209 *engine = NULL; 210 211 if (len < -1) 212 return NULL; 213 if (len == -1) 214 str_len = strlen(str); 215 else 216 str_len = len; 217 218 for (i = 0; i < N_ASN1_METHODS; i++) { 219 ameth = asn1_methods[i]; 220 if ((ameth->pkey_flags & ASN1_PKEY_ALIAS) != 0) 221 continue; 222 if (strlen(ameth->pem_str) != str_len) 223 continue; 224 if (strncasecmp(ameth->pem_str, str, str_len) == 0) 225 return ameth; 226 } 227 228 return NULL; 229 } 230 LCRYPTO_ALIAS(EVP_PKEY_asn1_find_str); 231 232 int 233 EVP_PKEY_asn1_get0_info(int *pkey_id, int *pkey_base_id, int *pkey_flags, 234 const char **info, const char **pem_str, 235 const EVP_PKEY_ASN1_METHOD *ameth) 236 { 237 if (ameth == NULL) 238 return 0; 239 240 if (pkey_id != NULL) 241 *pkey_id = ameth->pkey_id; 242 if (pkey_base_id != NULL) 243 *pkey_base_id = ameth->base_method->pkey_id; 244 if (pkey_flags != NULL) 245 *pkey_flags = ameth->pkey_flags; 246 if (info != NULL) 247 *info = ameth->info; 248 if (pem_str != NULL) 249 *pem_str = ameth->pem_str; 250 251 return 1; 252 } 253 LCRYPTO_ALIAS(EVP_PKEY_asn1_get0_info); 254 255 const EVP_PKEY_ASN1_METHOD* 256 EVP_PKEY_get0_asn1(const EVP_PKEY *pkey) 257 { 258 return pkey->ameth; 259 } 260 LCRYPTO_ALIAS(EVP_PKEY_get0_asn1); 261 262 int 263 EVP_PKEY_bits(const EVP_PKEY *pkey) 264 { 265 if (pkey && pkey->ameth && pkey->ameth->pkey_bits) 266 return pkey->ameth->pkey_bits(pkey); 267 return 0; 268 } 269 LCRYPTO_ALIAS(EVP_PKEY_bits); 270 271 int 272 EVP_PKEY_security_bits(const EVP_PKEY *pkey) 273 { 274 if (pkey == NULL) 275 return 0; 276 if (pkey->ameth == NULL || pkey->ameth->pkey_security_bits == NULL) 277 return -2; 278 279 return pkey->ameth->pkey_security_bits(pkey); 280 } 281 LCRYPTO_ALIAS(EVP_PKEY_security_bits); 282 283 int 284 EVP_PKEY_size(const EVP_PKEY *pkey) 285 { 286 if (pkey && pkey->ameth && pkey->ameth->pkey_size) 287 return pkey->ameth->pkey_size(pkey); 288 return 0; 289 } 290 LCRYPTO_ALIAS(EVP_PKEY_size); 291 292 int 293 EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 294 { 295 #ifndef OPENSSL_NO_DSA 296 if (pkey->type == EVP_PKEY_DSA) { 297 int ret = pkey->save_parameters; 298 299 if (mode >= 0) 300 pkey->save_parameters = mode; 301 return (ret); 302 } 303 #endif 304 #ifndef OPENSSL_NO_EC 305 if (pkey->type == EVP_PKEY_EC) { 306 int ret = pkey->save_parameters; 307 308 if (mode >= 0) 309 pkey->save_parameters = mode; 310 return (ret); 311 } 312 #endif 313 return (0); 314 } 315 LCRYPTO_ALIAS(EVP_PKEY_save_parameters); 316 317 int 318 EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 319 { 320 if (to->type != from->type) { 321 EVPerror(EVP_R_DIFFERENT_KEY_TYPES); 322 goto err; 323 } 324 325 if (EVP_PKEY_missing_parameters(from)) { 326 EVPerror(EVP_R_MISSING_PARAMETERS); 327 goto err; 328 } 329 if (from->ameth && from->ameth->param_copy) 330 return from->ameth->param_copy(to, from); 331 332 err: 333 return 0; 334 } 335 LCRYPTO_ALIAS(EVP_PKEY_copy_parameters); 336 337 int 338 EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 339 { 340 if (pkey->ameth && pkey->ameth->param_missing) 341 return pkey->ameth->param_missing(pkey); 342 return 0; 343 } 344 LCRYPTO_ALIAS(EVP_PKEY_missing_parameters); 345 346 int 347 EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 348 { 349 if (a->type != b->type) 350 return -1; 351 if (a->ameth && a->ameth->param_cmp) 352 return a->ameth->param_cmp(a, b); 353 return -2; 354 } 355 LCRYPTO_ALIAS(EVP_PKEY_cmp_parameters); 356 357 int 358 EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 359 { 360 if (a->type != b->type) 361 return -1; 362 363 if (a->ameth) { 364 int ret; 365 /* Compare parameters if the algorithm has them */ 366 if (a->ameth->param_cmp) { 367 ret = a->ameth->param_cmp(a, b); 368 if (ret <= 0) 369 return ret; 370 } 371 372 if (a->ameth->pub_cmp) 373 return a->ameth->pub_cmp(a, b); 374 } 375 376 return -2; 377 } 378 LCRYPTO_ALIAS(EVP_PKEY_cmp); 379 380 EVP_PKEY * 381 EVP_PKEY_new(void) 382 { 383 EVP_PKEY *pkey; 384 385 if ((pkey = calloc(1, sizeof(*pkey))) == NULL) { 386 EVPerror(ERR_R_MALLOC_FAILURE); 387 return NULL; 388 } 389 390 pkey->type = EVP_PKEY_NONE; 391 pkey->references = 1; 392 pkey->save_parameters = 1; 393 394 return pkey; 395 } 396 LCRYPTO_ALIAS(EVP_PKEY_new); 397 398 int 399 EVP_PKEY_up_ref(EVP_PKEY *pkey) 400 { 401 return CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY) > 1; 402 } 403 LCRYPTO_ALIAS(EVP_PKEY_up_ref); 404 405 static void 406 evp_pkey_free_pkey_ptr(EVP_PKEY *pkey) 407 { 408 if (pkey == NULL || pkey->ameth == NULL || pkey->ameth->pkey_free == NULL) 409 return; 410 411 pkey->ameth->pkey_free(pkey); 412 pkey->pkey.ptr = NULL; 413 } 414 415 void 416 EVP_PKEY_free(EVP_PKEY *pkey) 417 { 418 if (pkey == NULL) 419 return; 420 421 if (CRYPTO_add(&pkey->references, -1, CRYPTO_LOCK_EVP_PKEY) > 0) 422 return; 423 424 evp_pkey_free_pkey_ptr(pkey); 425 sk_X509_ATTRIBUTE_pop_free(pkey->attributes, X509_ATTRIBUTE_free); 426 freezero(pkey, sizeof(*pkey)); 427 } 428 LCRYPTO_ALIAS(EVP_PKEY_free); 429 430 int 431 EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 432 { 433 const EVP_PKEY_ASN1_METHOD *ameth; 434 435 evp_pkey_free_pkey_ptr(pkey); 436 437 if ((ameth = EVP_PKEY_asn1_find(NULL, type)) == NULL) { 438 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); 439 return 0; 440 } 441 if (pkey != NULL) { 442 pkey->ameth = ameth; 443 pkey->type = pkey->ameth->pkey_id; 444 } 445 446 return 1; 447 } 448 LCRYPTO_ALIAS(EVP_PKEY_set_type); 449 450 int 451 EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 452 { 453 const EVP_PKEY_ASN1_METHOD *ameth; 454 455 evp_pkey_free_pkey_ptr(pkey); 456 457 if ((ameth = EVP_PKEY_asn1_find_str(NULL, str, len)) == NULL) { 458 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); 459 return 0; 460 } 461 if (pkey != NULL) { 462 pkey->ameth = ameth; 463 pkey->type = pkey->ameth->pkey_id; 464 } 465 466 return 1; 467 } 468 LCRYPTO_ALIAS(EVP_PKEY_set_type_str); 469 470 int 471 EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 472 { 473 if (!EVP_PKEY_set_type(pkey, type)) 474 return 0; 475 476 return (pkey->pkey.ptr = key) != NULL; 477 } 478 LCRYPTO_ALIAS(EVP_PKEY_assign); 479 480 EVP_PKEY * 481 EVP_PKEY_new_raw_private_key(int type, ENGINE *engine, 482 const unsigned char *private_key, size_t len) 483 { 484 EVP_PKEY *pkey; 485 486 if ((pkey = EVP_PKEY_new()) == NULL) 487 goto err; 488 489 if (!EVP_PKEY_set_type(pkey, type)) 490 goto err; 491 492 if (pkey->ameth->set_priv_key == NULL) { 493 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 494 goto err; 495 } 496 if (!pkey->ameth->set_priv_key(pkey, private_key, len)) { 497 EVPerror(EVP_R_KEY_SETUP_FAILED); 498 goto err; 499 } 500 501 return pkey; 502 503 err: 504 EVP_PKEY_free(pkey); 505 506 return NULL; 507 } 508 LCRYPTO_ALIAS(EVP_PKEY_new_raw_private_key); 509 510 EVP_PKEY * 511 EVP_PKEY_new_raw_public_key(int type, ENGINE *engine, 512 const unsigned char *public_key, size_t len) 513 { 514 EVP_PKEY *pkey; 515 516 if ((pkey = EVP_PKEY_new()) == NULL) 517 goto err; 518 519 if (!EVP_PKEY_set_type(pkey, type)) 520 goto err; 521 522 if (pkey->ameth->set_pub_key == NULL) { 523 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 524 goto err; 525 } 526 if (!pkey->ameth->set_pub_key(pkey, public_key, len)) { 527 EVPerror(EVP_R_KEY_SETUP_FAILED); 528 goto err; 529 } 530 531 return pkey; 532 533 err: 534 EVP_PKEY_free(pkey); 535 536 return NULL; 537 } 538 LCRYPTO_ALIAS(EVP_PKEY_new_raw_public_key); 539 540 int 541 EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, 542 unsigned char *out_private_key, size_t *out_len) 543 { 544 if (pkey->ameth->get_priv_key == NULL) { 545 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 546 return 0; 547 } 548 if (!pkey->ameth->get_priv_key(pkey, out_private_key, out_len)) { 549 EVPerror(EVP_R_GET_RAW_KEY_FAILED); 550 return 0; 551 } 552 553 return 1; 554 } 555 LCRYPTO_ALIAS(EVP_PKEY_get_raw_private_key); 556 557 int 558 EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, 559 unsigned char *out_public_key, size_t *out_len) 560 { 561 if (pkey->ameth->get_pub_key == NULL) { 562 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 563 return 0; 564 } 565 if (!pkey->ameth->get_pub_key(pkey, out_public_key, out_len)) { 566 EVPerror(EVP_R_GET_RAW_KEY_FAILED); 567 return 0; 568 } 569 570 return 1; 571 } 572 LCRYPTO_ALIAS(EVP_PKEY_get_raw_public_key); 573 574 EVP_PKEY * 575 EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, 576 const EVP_CIPHER *cipher) 577 { 578 EVP_PKEY *pkey = NULL; 579 CMAC_CTX *cmctx = NULL; 580 581 if ((pkey = EVP_PKEY_new()) == NULL) 582 goto err; 583 if ((cmctx = CMAC_CTX_new()) == NULL) 584 goto err; 585 586 if (!EVP_PKEY_set_type(pkey, EVP_PKEY_CMAC)) 587 goto err; 588 589 if (!CMAC_Init(cmctx, priv, len, cipher, NULL)) { 590 EVPerror(EVP_R_KEY_SETUP_FAILED); 591 goto err; 592 } 593 594 pkey->pkey.ptr = cmctx; 595 596 return pkey; 597 598 err: 599 EVP_PKEY_free(pkey); 600 CMAC_CTX_free(cmctx); 601 602 return NULL; 603 } 604 LCRYPTO_ALIAS(EVP_PKEY_new_CMAC_key); 605 606 void * 607 EVP_PKEY_get0(const EVP_PKEY *pkey) 608 { 609 return pkey->pkey.ptr; 610 } 611 LCRYPTO_ALIAS(EVP_PKEY_get0); 612 613 const unsigned char * 614 EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) 615 { 616 ASN1_OCTET_STRING *os; 617 618 if (pkey->type != EVP_PKEY_HMAC) { 619 EVPerror(EVP_R_EXPECTING_AN_HMAC_KEY); 620 return NULL; 621 } 622 623 os = EVP_PKEY_get0(pkey); 624 *len = os->length; 625 626 return os->data; 627 } 628 LCRYPTO_ALIAS(EVP_PKEY_get0_hmac); 629 630 #ifndef OPENSSL_NO_RSA 631 RSA * 632 EVP_PKEY_get0_RSA(EVP_PKEY *pkey) 633 { 634 if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA_PSS) 635 return pkey->pkey.rsa; 636 637 EVPerror(EVP_R_EXPECTING_AN_RSA_KEY); 638 return NULL; 639 } 640 LCRYPTO_ALIAS(EVP_PKEY_get0_RSA); 641 642 RSA * 643 EVP_PKEY_get1_RSA(EVP_PKEY *pkey) 644 { 645 RSA *rsa; 646 647 if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) 648 return NULL; 649 650 RSA_up_ref(rsa); 651 652 return rsa; 653 } 654 LCRYPTO_ALIAS(EVP_PKEY_get1_RSA); 655 656 int 657 EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) 658 { 659 int ret = EVP_PKEY_assign_RSA(pkey, key); 660 if (ret != 0) 661 RSA_up_ref(key); 662 return ret; 663 } 664 LCRYPTO_ALIAS(EVP_PKEY_set1_RSA); 665 #endif 666 667 #ifndef OPENSSL_NO_DSA 668 DSA * 669 EVP_PKEY_get0_DSA(EVP_PKEY *pkey) 670 { 671 if (pkey->type != EVP_PKEY_DSA) { 672 EVPerror(EVP_R_EXPECTING_A_DSA_KEY); 673 return NULL; 674 } 675 return pkey->pkey.dsa; 676 } 677 LCRYPTO_ALIAS(EVP_PKEY_get0_DSA); 678 679 DSA * 680 EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 681 { 682 DSA *dsa; 683 684 if ((dsa = EVP_PKEY_get0_DSA(pkey)) == NULL) 685 return NULL; 686 687 DSA_up_ref(dsa); 688 689 return dsa; 690 } 691 LCRYPTO_ALIAS(EVP_PKEY_get1_DSA); 692 693 int 694 EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 695 { 696 int ret = EVP_PKEY_assign_DSA(pkey, key); 697 if (ret != 0) 698 DSA_up_ref(key); 699 return ret; 700 } 701 LCRYPTO_ALIAS(EVP_PKEY_set1_DSA); 702 #endif 703 704 #ifndef OPENSSL_NO_EC 705 EC_KEY * 706 EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) 707 { 708 if (pkey->type != EVP_PKEY_EC) { 709 EVPerror(EVP_R_EXPECTING_A_EC_KEY); 710 return NULL; 711 } 712 return pkey->pkey.ec; 713 } 714 LCRYPTO_ALIAS(EVP_PKEY_get0_EC_KEY); 715 716 EC_KEY * 717 EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) 718 { 719 EC_KEY *key; 720 721 if ((key = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) 722 return NULL; 723 724 EC_KEY_up_ref(key); 725 726 return key; 727 } 728 LCRYPTO_ALIAS(EVP_PKEY_get1_EC_KEY); 729 730 int 731 EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) 732 { 733 int ret = EVP_PKEY_assign_EC_KEY(pkey, key); 734 if (ret != 0) 735 EC_KEY_up_ref(key); 736 return ret; 737 } 738 LCRYPTO_ALIAS(EVP_PKEY_set1_EC_KEY); 739 #endif 740 741 742 #ifndef OPENSSL_NO_DH 743 DH * 744 EVP_PKEY_get0_DH(EVP_PKEY *pkey) 745 { 746 if (pkey->type != EVP_PKEY_DH) { 747 EVPerror(EVP_R_EXPECTING_A_DH_KEY); 748 return NULL; 749 } 750 return pkey->pkey.dh; 751 } 752 LCRYPTO_ALIAS(EVP_PKEY_get0_DH); 753 754 DH * 755 EVP_PKEY_get1_DH(EVP_PKEY *pkey) 756 { 757 DH *dh; 758 759 if ((dh = EVP_PKEY_get0_DH(pkey)) == NULL) 760 return NULL; 761 762 DH_up_ref(dh); 763 764 return dh; 765 } 766 LCRYPTO_ALIAS(EVP_PKEY_get1_DH); 767 768 int 769 EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) 770 { 771 int ret = EVP_PKEY_assign_DH(pkey, key); 772 if (ret != 0) 773 DH_up_ref(key); 774 return ret; 775 } 776 LCRYPTO_ALIAS(EVP_PKEY_set1_DH); 777 #endif 778 779 int 780 EVP_PKEY_type(int type) 781 { 782 const EVP_PKEY_ASN1_METHOD *ameth; 783 784 if ((ameth = EVP_PKEY_asn1_find(NULL, type)) != NULL) 785 return ameth->pkey_id; 786 787 return NID_undef; 788 } 789 LCRYPTO_ALIAS(EVP_PKEY_type); 790 791 int 792 EVP_PKEY_id(const EVP_PKEY *pkey) 793 { 794 return pkey->type; 795 } 796 LCRYPTO_ALIAS(EVP_PKEY_id); 797 798 int 799 EVP_PKEY_base_id(const EVP_PKEY *pkey) 800 { 801 return EVP_PKEY_type(pkey->type); 802 } 803 LCRYPTO_ALIAS(EVP_PKEY_base_id); 804 805 static int 806 unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr) 807 { 808 if (!BIO_indent(out, indent, 128)) 809 return 0; 810 BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 811 kstr, OBJ_nid2ln(pkey->type)); 812 return 1; 813 } 814 815 int 816 EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, 817 ASN1_PCTX *pctx) 818 { 819 if (pkey->ameth && pkey->ameth->pub_print) 820 return pkey->ameth->pub_print(out, pkey, indent, pctx); 821 822 return unsup_alg(out, pkey, indent, "Public Key"); 823 } 824 LCRYPTO_ALIAS(EVP_PKEY_print_public); 825 826 int 827 EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, 828 ASN1_PCTX *pctx) 829 { 830 if (pkey->ameth && pkey->ameth->priv_print) 831 return pkey->ameth->priv_print(out, pkey, indent, pctx); 832 833 return unsup_alg(out, pkey, indent, "Private Key"); 834 } 835 LCRYPTO_ALIAS(EVP_PKEY_print_private); 836 837 int 838 EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, 839 ASN1_PCTX *pctx) 840 { 841 if (pkey->ameth && pkey->ameth->param_print) 842 return pkey->ameth->param_print(out, pkey, indent, pctx); 843 return unsup_alg(out, pkey, indent, "Parameters"); 844 } 845 LCRYPTO_ALIAS(EVP_PKEY_print_params); 846 847 int 848 EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 849 { 850 if (!pkey->ameth || !pkey->ameth->pkey_ctrl) 851 return -2; 852 return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 853 0, pnid); 854 } 855 LCRYPTO_ALIAS(EVP_PKEY_get_default_digest_nid); 856