x_all.c revision 160814 
1/* crypto/x509/x_all.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to.  The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 *    notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 *    notice, this list of conditions and the following disclaimer in the
30 *    documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 *    must display the following acknowledgement:
33 *    "This product includes cryptographic software written by
34 *     Eric Young (eay@cryptsoft.com)"
35 *    The word 'cryptographic' can be left out if the rouines from the library
36 *    being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 *    the apps directory (application code) you must include an acknowledgement:
39 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#undef SSLEAY_MACROS
61#include <openssl/stack.h>
62#include "cryptlib.h"
63#include <openssl/buffer.h>
64#include <openssl/asn1.h>
65#include <openssl/evp.h>
66#include <openssl/x509.h>
67#ifndef OPENSSL_NO_RSA
68#include <openssl/rsa.h>
69#endif
70#ifndef OPENSSL_NO_DSA
71#include <openssl/dsa.h>
72#endif
73
74int X509_verify(X509 *a, EVP_PKEY *r)
75	{
76	return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF),a->sig_alg,
77		a->signature,a->cert_info,r));
78	}
79
80int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
81	{
82	return( ASN1_item_verify(ASN1_ITEM_rptr(X509_REQ_INFO),
83		a->sig_alg,a->signature,a->req_info,r));
84	}
85
86int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r)
87	{
88	return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
89		a->sig_alg, a->signature,a->crl,r));
90	}
91
92int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
93	{
94	return(ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
95		a->sig_algor,a->signature,a->spkac,r));
96	}
97
98int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
99	{
100	return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), x->cert_info->signature,
101		x->sig_alg, x->signature, x->cert_info,pkey,md));
102	}
103
104int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
105	{
106	return(ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO),x->sig_alg, NULL,
107		x->signature, x->req_info,pkey,md));
108	}
109
110int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
111	{
112	x->crl->enc.modified = 1;
113	return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO),x->crl->sig_alg,
114		x->sig_alg, x->signature, x->crl,pkey,md));
115	}
116
117int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
118	{
119	return(ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor,NULL,
120		x->signature, x->spkac,pkey,md));
121	}
122
123#ifndef OPENSSL_NO_FP_API
124X509 *d2i_X509_fp(FILE *fp, X509 **x509)
125	{
126	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
127	}
128
129int i2d_X509_fp(FILE *fp, X509 *x509)
130	{
131	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
132	}
133#endif
134
135X509 *d2i_X509_bio(BIO *bp, X509 **x509)
136	{
137	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
138	}
139
140int i2d_X509_bio(BIO *bp, X509 *x509)
141	{
142	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
143	}
144
145#ifndef OPENSSL_NO_FP_API
146X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
147	{
148	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
149	}
150
151int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl)
152	{
153	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
154	}
155#endif
156
157X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
158	{
159	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
160	}
161
162int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl)
163	{
164	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
165	}
166
167#ifndef OPENSSL_NO_FP_API
168PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
169	{
170	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
171	}
172
173int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7)
174	{
175	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
176	}
177#endif
178
179PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
180	{
181	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
182	}
183
184int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7)
185	{
186	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
187	}
188
189#ifndef OPENSSL_NO_FP_API
190X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
191	{
192	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
193	}
194
195int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req)
196	{
197	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
198	}
199#endif
200
201X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
202	{
203	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
204	}
205
206int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req)
207	{
208	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
209	}
210
211#ifndef OPENSSL_NO_RSA
212
213#ifndef OPENSSL_NO_FP_API
214RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
215	{
216	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
217	}
218
219int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
220	{
221	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
222	}
223
224RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
225	{
226	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
227	}
228
229
230RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
231	{
232	return ASN1_d2i_fp((void *(*)(void))
233			   RSA_new,(D2I_OF(void))d2i_RSA_PUBKEY, fp,
234			   (void **)rsa);
235	}
236
237int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
238	{
239	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
240	}
241
242int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa)
243	{
244	return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY,fp,rsa);
245	}
246#endif
247
248RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
249	{
250	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
251	}
252
253int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
254	{
255	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
256	}
257
258RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
259	{
260	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
261	}
262
263
264RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
265	{
266	return ASN1_d2i_bio_of(RSA,RSA_new,d2i_RSA_PUBKEY,bp,rsa);
267	}
268
269int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
270	{
271	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
272	}
273
274int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
275	{
276	return ASN1_i2d_bio_of(RSA,i2d_RSA_PUBKEY,bp,rsa);
277	}
278#endif
279
280#ifndef OPENSSL_NO_DSA
281#ifndef OPENSSL_NO_FP_API
282DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
283	{
284	return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSAPrivateKey,fp,dsa);
285	}
286
287int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
288	{
289	return ASN1_i2d_fp_of_const(DSA,i2d_DSAPrivateKey,fp,dsa);
290	}
291
292DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
293	{
294	return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSA_PUBKEY,fp,dsa);
295	}
296
297int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa)
298	{
299	return ASN1_i2d_fp_of(DSA,i2d_DSA_PUBKEY,fp,dsa);
300	}
301#endif
302
303DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
304	{
305	return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAPrivateKey,bp,dsa
306);
307	}
308
309int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
310	{
311	return ASN1_i2d_bio_of_const(DSA,i2d_DSAPrivateKey,bp,dsa);
312	}
313
314DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
315	{
316	return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSA_PUBKEY,bp,dsa);
317	}
318
319int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
320	{
321	return ASN1_i2d_bio_of(DSA,i2d_DSA_PUBKEY,bp,dsa);
322	}
323
324#endif
325
326#ifndef OPENSSL_NO_EC
327#ifndef OPENSSL_NO_FP_API
328EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
329	{
330	return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,fp,eckey);
331	}
332
333int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey)
334	{
335	return ASN1_i2d_fp_of(EC_KEY,i2d_EC_PUBKEY,fp,eckey);
336	}
337
338EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
339	{
340	return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,fp,eckey);
341	}
342
343int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey)
344	{
345	return ASN1_i2d_fp_of(EC_KEY,i2d_ECPrivateKey,fp,eckey);
346	}
347#endif
348EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
349	{
350	return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,bp,eckey);
351	}
352
353int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa)
354	{
355	return ASN1_i2d_bio_of(EC_KEY,i2d_EC_PUBKEY,bp,ecdsa);
356	}
357
358EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
359	{
360	return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,bp,eckey);
361	}
362
363int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey)
364	{
365	return ASN1_i2d_bio_of(EC_KEY,i2d_ECPrivateKey,bp,eckey);
366	}
367#endif
368
369
370int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
371	     unsigned int *len)
372	{
373	ASN1_BIT_STRING *key;
374	key = X509_get0_pubkey_bitstr(data);
375	if(!key) return 0;
376	return EVP_Digest(key->data, key->length, md, len, type, NULL);
377	}
378
379int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
380	     unsigned int *len)
381	{
382	return(ASN1_item_digest(ASN1_ITEM_rptr(X509),type,(char *)data,md,len));
383	}
384
385int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
386	     unsigned int *len)
387	{
388	return(ASN1_item_digest(ASN1_ITEM_rptr(X509_CRL),type,(char *)data,md,len));
389	}
390
391int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md,
392	     unsigned int *len)
393	{
394	return(ASN1_item_digest(ASN1_ITEM_rptr(X509_REQ),type,(char *)data,md,len));
395	}
396
397int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md,
398	     unsigned int *len)
399	{
400	return(ASN1_item_digest(ASN1_ITEM_rptr(X509_NAME),type,(char *)data,md,len));
401	}
402
403int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *type,
404	     unsigned char *md, unsigned int *len)
405	{
406	return(ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL),type,
407		(char *)data,md,len));
408	}
409
410
411#ifndef OPENSSL_NO_FP_API
412X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
413	{
414	return ASN1_d2i_fp_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,fp,p8);
415	}
416
417int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
418	{
419	return ASN1_i2d_fp_of(X509_SIG,i2d_X509_SIG,fp,p8);
420	}
421#endif
422
423X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
424	{
425	return ASN1_d2i_bio_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,bp,p8);
426	}
427
428int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
429	{
430	return ASN1_i2d_bio_of(X509_SIG,i2d_X509_SIG,bp,p8);
431	}
432
433#ifndef OPENSSL_NO_FP_API
434PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
435						 PKCS8_PRIV_KEY_INFO **p8inf)
436	{
437	return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new,
438			      d2i_PKCS8_PRIV_KEY_INFO,fp,p8inf);
439	}
440
441int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
442	{
443	return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,fp,
444			      p8inf);
445	}
446
447int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
448	{
449	PKCS8_PRIV_KEY_INFO *p8inf;
450	int ret;
451	p8inf = EVP_PKEY2PKCS8(key);
452	if(!p8inf) return 0;
453	ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
454	PKCS8_PRIV_KEY_INFO_free(p8inf);
455	return ret;
456	}
457
458int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey)
459	{
460	return ASN1_i2d_fp_of(EVP_PKEY,i2d_PrivateKey,fp,pkey);
461	}
462
463EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
464{
465	return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,fp,a);
466}
467
468int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey)
469	{
470	return ASN1_i2d_fp_of(EVP_PKEY,i2d_PUBKEY,fp,pkey);
471	}
472
473EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
474{
475	return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,fp,a);
476}
477
478#endif
479
480PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
481						 PKCS8_PRIV_KEY_INFO **p8inf)
482	{
483	return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new,
484			    d2i_PKCS8_PRIV_KEY_INFO,bp,p8inf);
485	}
486
487int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
488	{
489	return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,bp,
490			       p8inf);
491	}
492
493int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
494	{
495	PKCS8_PRIV_KEY_INFO *p8inf;
496	int ret;
497	p8inf = EVP_PKEY2PKCS8(key);
498	if(!p8inf) return 0;
499	ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
500	PKCS8_PRIV_KEY_INFO_free(p8inf);
501	return ret;
502	}
503
504int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey)
505	{
506	return ASN1_i2d_bio_of(EVP_PKEY,i2d_PrivateKey,bp,pkey);
507	}
508
509EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
510	{
511	return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,bp,a);
512	}
513
514int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey)
515	{
516	return ASN1_i2d_bio_of(EVP_PKEY,i2d_PUBKEY,bp,pkey);
517	}
518
519EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
520	{
521	return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,bp,a);
522	}
523