x_pubkey.c revision 109998
1/* crypto/asn1/x_pubkey.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59#include <stdio.h> 60#include "cryptlib.h" 61#include <openssl/asn1t.h> 62#include <openssl/x509.h> 63 64/* Minor tweak to operation: free up EVP_PKEY */ 65static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) 66{ 67 if(operation == ASN1_OP_FREE_POST) { 68 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; 69 EVP_PKEY_free(pubkey->pkey); 70 } 71 return 1; 72} 73 74ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { 75 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR), 76 ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING) 77} ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY) 78 79IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY) 80 81int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) 82 { 83 int ok=0; 84 X509_PUBKEY *pk; 85 X509_ALGOR *a; 86 ASN1_OBJECT *o; 87 unsigned char *s,*p = NULL; 88 int i; 89 90 if (x == NULL) return(0); 91 92 if ((pk=X509_PUBKEY_new()) == NULL) goto err; 93 a=pk->algor; 94 95 /* set the algorithm id */ 96 if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err; 97 ASN1_OBJECT_free(a->algorithm); 98 a->algorithm=o; 99 100 /* Set the parameter list */ 101 if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA)) 102 { 103 if ((a->parameter == NULL) || 104 (a->parameter->type != V_ASN1_NULL)) 105 { 106 ASN1_TYPE_free(a->parameter); 107 a->parameter=ASN1_TYPE_new(); 108 a->parameter->type=V_ASN1_NULL; 109 } 110 } 111 else 112#ifndef OPENSSL_NO_DSA 113 if (pkey->type == EVP_PKEY_DSA) 114 { 115 unsigned char *pp; 116 DSA *dsa; 117 118 dsa=pkey->pkey.dsa; 119 dsa->write_params=0; 120 ASN1_TYPE_free(a->parameter); 121 i=i2d_DSAparams(dsa,NULL); 122 if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err; 123 pp=p; 124 i2d_DSAparams(dsa,&pp); 125 a->parameter=ASN1_TYPE_new(); 126 a->parameter->type=V_ASN1_SEQUENCE; 127 a->parameter->value.sequence=ASN1_STRING_new(); 128 ASN1_STRING_set(a->parameter->value.sequence,p,i); 129 OPENSSL_free(p); 130 } 131 else 132#endif 133 { 134 X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM); 135 goto err; 136 } 137 138 if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err; 139 if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) 140 { 141 X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); 142 goto err; 143 } 144 p=s; 145 i2d_PublicKey(pkey,&p); 146 if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err; 147 /* Set number of unused bits to zero */ 148 pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); 149 pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; 150 151 OPENSSL_free(s); 152 153#if 0 154 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); 155 pk->pkey=pkey; 156#endif 157 158 if (*x != NULL) 159 X509_PUBKEY_free(*x); 160 161 *x=pk; 162 pk=NULL; 163 164 ok=1; 165err: 166 if (pk != NULL) X509_PUBKEY_free(pk); 167 return(ok); 168 } 169 170EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) 171 { 172 EVP_PKEY *ret=NULL; 173 long j; 174 int type; 175 unsigned char *p; 176#ifndef OPENSSL_NO_DSA 177 const unsigned char *cp; 178 X509_ALGOR *a; 179#endif 180 181 if (key == NULL) goto err; 182 183 if (key->pkey != NULL) 184 { 185 CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY); 186 return(key->pkey); 187 } 188 189 if (key->public_key == NULL) goto err; 190 191 type=OBJ_obj2nid(key->algor->algorithm); 192 p=key->public_key->data; 193 j=key->public_key->length; 194 if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL) 195 { 196 X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB); 197 goto err; 198 } 199 ret->save_parameters=0; 200 201#ifndef OPENSSL_NO_DSA 202 a=key->algor; 203 if (ret->type == EVP_PKEY_DSA) 204 { 205 if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) 206 { 207 ret->pkey.dsa->write_params=0; 208 cp=p=a->parameter->value.sequence->data; 209 j=a->parameter->value.sequence->length; 210 if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j)) 211 goto err; 212 } 213 ret->save_parameters=1; 214 } 215#endif 216 key->pkey=ret; 217 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY); 218 return(ret); 219err: 220 if (ret != NULL) 221 EVP_PKEY_free(ret); 222 return(NULL); 223 } 224 225/* Now two pseudo ASN1 routines that take an EVP_PKEY structure 226 * and encode or decode as X509_PUBKEY 227 */ 228 229EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp, 230 long length) 231{ 232 X509_PUBKEY *xpk; 233 EVP_PKEY *pktmp; 234 xpk = d2i_X509_PUBKEY(NULL, pp, length); 235 if(!xpk) return NULL; 236 pktmp = X509_PUBKEY_get(xpk); 237 X509_PUBKEY_free(xpk); 238 if(!pktmp) return NULL; 239 if(a) { 240 EVP_PKEY_free(*a); 241 *a = pktmp; 242 } 243 return pktmp; 244} 245 246int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) 247{ 248 X509_PUBKEY *xpk=NULL; 249 int ret; 250 if(!a) return 0; 251 if(!X509_PUBKEY_set(&xpk, a)) return 0; 252 ret = i2d_X509_PUBKEY(xpk, pp); 253 X509_PUBKEY_free(xpk); 254 return ret; 255} 256 257/* The following are equivalents but which return RSA and DSA 258 * keys 259 */ 260#ifndef OPENSSL_NO_RSA 261RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, 262 long length) 263{ 264 EVP_PKEY *pkey; 265 RSA *key; 266 unsigned char *q; 267 q = *pp; 268 pkey = d2i_PUBKEY(NULL, &q, length); 269 if(!pkey) return NULL; 270 key = EVP_PKEY_get1_RSA(pkey); 271 EVP_PKEY_free(pkey); 272 if(!key) return NULL; 273 *pp = q; 274 if(a) { 275 RSA_free(*a); 276 *a = key; 277 } 278 return key; 279} 280 281int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) 282{ 283 EVP_PKEY *pktmp; 284 int ret; 285 if(!a) return 0; 286 pktmp = EVP_PKEY_new(); 287 if(!pktmp) { 288 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); 289 return 0; 290 } 291 EVP_PKEY_set1_RSA(pktmp, a); 292 ret = i2d_PUBKEY(pktmp, pp); 293 EVP_PKEY_free(pktmp); 294 return ret; 295} 296#endif 297 298#ifndef OPENSSL_NO_DSA 299DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp, 300 long length) 301{ 302 EVP_PKEY *pkey; 303 DSA *key; 304 unsigned char *q; 305 q = *pp; 306 pkey = d2i_PUBKEY(NULL, &q, length); 307 if(!pkey) return NULL; 308 key = EVP_PKEY_get1_DSA(pkey); 309 EVP_PKEY_free(pkey); 310 if(!key) return NULL; 311 *pp = q; 312 if(a) { 313 DSA_free(*a); 314 *a = key; 315 } 316 return key; 317} 318 319int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) 320{ 321 EVP_PKEY *pktmp; 322 int ret; 323 if(!a) return 0; 324 pktmp = EVP_PKEY_new(); 325 if(!pktmp) { 326 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); 327 return 0; 328 } 329 EVP_PKEY_set1_DSA(pktmp, a); 330 ret = i2d_PUBKEY(pktmp, pp); 331 EVP_PKEY_free(pktmp); 332 return ret; 333} 334#endif 335