ameth_lib.c revision 337982
1/* 2 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project 3 * 2006. 4 */ 5/* ==================================================================== 6 * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 59#include <stdio.h> 60#include "cryptlib.h" 61#include <openssl/asn1t.h> 62#include <openssl/x509.h> 63#ifndef OPENSSL_NO_ENGINE 64# include <openssl/engine.h> 65#endif 66#include "asn1_locl.h" 67 68extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[]; 69extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[]; 70extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; 71extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth; 72extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; 73extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; 74extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth; 75 76/* Keep this sorted in type order !! */ 77static const EVP_PKEY_ASN1_METHOD *standard_methods[] = { 78#ifndef OPENSSL_NO_RSA 79 &rsa_asn1_meths[0], 80 &rsa_asn1_meths[1], 81#endif 82#ifndef OPENSSL_NO_DH 83 &dh_asn1_meth, 84#endif 85#ifndef OPENSSL_NO_DSA 86 &dsa_asn1_meths[0], 87 &dsa_asn1_meths[1], 88 &dsa_asn1_meths[2], 89 &dsa_asn1_meths[3], 90 &dsa_asn1_meths[4], 91#endif 92#ifndef OPENSSL_NO_EC 93 &eckey_asn1_meth, 94#endif 95 &hmac_asn1_meth, 96#ifndef OPENSSL_NO_CMAC 97 &cmac_asn1_meth, 98#endif 99#ifndef OPENSSL_NO_DH 100 &dhx_asn1_meth 101#endif 102}; 103 104typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); 105DECLARE_STACK_OF(EVP_PKEY_ASN1_METHOD) 106static STACK_OF(EVP_PKEY_ASN1_METHOD) *app_methods = NULL; 107 108#ifdef TEST 109void main() 110{ 111 int i; 112 for (i = 0; 113 i < sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *); i++) 114 fprintf(stderr, "Number %d id=%d (%s)\n", i, 115 standard_methods[i]->pkey_id, 116 OBJ_nid2sn(standard_methods[i]->pkey_id)); 117} 118#endif 119 120DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *, 121 const EVP_PKEY_ASN1_METHOD *, ameth); 122 123static int ameth_cmp(const EVP_PKEY_ASN1_METHOD *const *a, 124 const EVP_PKEY_ASN1_METHOD *const *b) 125{ 126 return ((*a)->pkey_id - (*b)->pkey_id); 127} 128 129IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *, 130 const EVP_PKEY_ASN1_METHOD *, ameth); 131 132int EVP_PKEY_asn1_get_count(void) 133{ 134 int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *); 135 if (app_methods) 136 num += sk_EVP_PKEY_ASN1_METHOD_num(app_methods); 137 return num; 138} 139 140const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx) 141{ 142 int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *); 143 if (idx < 0) 144 return NULL; 145 if (idx < num) 146 return standard_methods[idx]; 147 idx -= num; 148 return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx); 149} 150 151static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type) 152{ 153 EVP_PKEY_ASN1_METHOD tmp; 154 const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret; 155 tmp.pkey_id = type; 156 if (app_methods) { 157 int idx; 158 idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp); 159 if (idx >= 0) 160 return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx); 161 } 162 ret = OBJ_bsearch_ameth(&t, standard_methods, sizeof(standard_methods) 163 / sizeof(EVP_PKEY_ASN1_METHOD *)); 164 if (!ret || !*ret) 165 return NULL; 166 return *ret; 167} 168 169/* 170 * Find an implementation of an ASN1 algorithm. If 'pe' is not NULL also 171 * search through engines and set *pe to a functional reference to the engine 172 * implementing 'type' or NULL if no engine implements it. 173 */ 174 175const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type) 176{ 177 const EVP_PKEY_ASN1_METHOD *t; 178 179 for (;;) { 180 t = pkey_asn1_find(type); 181 if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS)) 182 break; 183 type = t->pkey_base_id; 184 } 185 if (pe) { 186#ifndef OPENSSL_NO_ENGINE 187 ENGINE *e; 188 /* type will contain the final unaliased type */ 189 e = ENGINE_get_pkey_asn1_meth_engine(type); 190 if (e) { 191 *pe = e; 192 return ENGINE_get_pkey_asn1_meth(e, type); 193 } 194#endif 195 *pe = NULL; 196 } 197 return t; 198} 199 200const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe, 201 const char *str, int len) 202{ 203 int i; 204 const EVP_PKEY_ASN1_METHOD *ameth; 205 if (len == -1) 206 len = strlen(str); 207 if (pe) { 208#ifndef OPENSSL_NO_ENGINE 209 ENGINE *e; 210 ameth = ENGINE_pkey_asn1_find_str(&e, str, len); 211 if (ameth) { 212 /* 213 * Convert structural into functional reference 214 */ 215 if (!ENGINE_init(e)) 216 ameth = NULL; 217 ENGINE_free(e); 218 *pe = e; 219 return ameth; 220 } 221#endif 222 *pe = NULL; 223 } 224 for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) { 225 ameth = EVP_PKEY_asn1_get0(i); 226 if (ameth->pkey_flags & ASN1_PKEY_ALIAS) 227 continue; 228 if (((int)strlen(ameth->pem_str) == len) && 229 !strncasecmp(ameth->pem_str, str, len)) 230 return ameth; 231 } 232 return NULL; 233} 234 235int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth) 236{ 237 if (app_methods == NULL) { 238 app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp); 239 if (!app_methods) 240 return 0; 241 } 242 if (!sk_EVP_PKEY_ASN1_METHOD_push(app_methods, ameth)) 243 return 0; 244 sk_EVP_PKEY_ASN1_METHOD_sort(app_methods); 245 return 1; 246} 247 248int EVP_PKEY_asn1_add_alias(int to, int from) 249{ 250 EVP_PKEY_ASN1_METHOD *ameth; 251 ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL); 252 if (!ameth) 253 return 0; 254 ameth->pkey_base_id = to; 255 if (!EVP_PKEY_asn1_add0(ameth)) { 256 EVP_PKEY_asn1_free(ameth); 257 return 0; 258 } 259 return 1; 260} 261 262int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, 263 int *ppkey_flags, const char **pinfo, 264 const char **ppem_str, 265 const EVP_PKEY_ASN1_METHOD *ameth) 266{ 267 if (!ameth) 268 return 0; 269 if (ppkey_id) 270 *ppkey_id = ameth->pkey_id; 271 if (ppkey_base_id) 272 *ppkey_base_id = ameth->pkey_base_id; 273 if (ppkey_flags) 274 *ppkey_flags = ameth->pkey_flags; 275 if (pinfo) 276 *pinfo = ameth->info; 277 if (ppem_str) 278 *ppem_str = ameth->pem_str; 279 return 1; 280} 281 282const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey) 283{ 284 return pkey->ameth; 285} 286 287EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, 288 const char *pem_str, const char *info) 289{ 290 EVP_PKEY_ASN1_METHOD *ameth; 291 ameth = OPENSSL_malloc(sizeof(EVP_PKEY_ASN1_METHOD)); 292 if (!ameth) 293 return NULL; 294 295 memset(ameth, 0, sizeof(EVP_PKEY_ASN1_METHOD)); 296 297 ameth->pkey_id = id; 298 ameth->pkey_base_id = id; 299 ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC; 300 301 if (info) { 302 ameth->info = BUF_strdup(info); 303 if (!ameth->info) 304 goto err; 305 } else 306 ameth->info = NULL; 307 308 /* 309 * One of the following must be true: 310 * 311 * pem_str == NULL AND ASN1_PKEY_ALIAS is set 312 * pem_str != NULL AND ASN1_PKEY_ALIAS is clear 313 * 314 * Anything else is an error and may lead to a corrupt ASN1 method table 315 */ 316 if (!((pem_str == NULL && (flags & ASN1_PKEY_ALIAS) != 0) 317 || (pem_str != NULL && (flags & ASN1_PKEY_ALIAS) == 0))) 318 goto err; 319 320 if (pem_str) { 321 ameth->pem_str = BUF_strdup(pem_str); 322 if (!ameth->pem_str) 323 goto err; 324 } else 325 ameth->pem_str = NULL; 326 327 ameth->pub_decode = 0; 328 ameth->pub_encode = 0; 329 ameth->pub_cmp = 0; 330 ameth->pub_print = 0; 331 332 ameth->priv_decode = 0; 333 ameth->priv_encode = 0; 334 ameth->priv_print = 0; 335 336 ameth->old_priv_encode = 0; 337 ameth->old_priv_decode = 0; 338 339 ameth->item_verify = 0; 340 ameth->item_sign = 0; 341 342 ameth->pkey_size = 0; 343 ameth->pkey_bits = 0; 344 345 ameth->param_decode = 0; 346 ameth->param_encode = 0; 347 ameth->param_missing = 0; 348 ameth->param_copy = 0; 349 ameth->param_cmp = 0; 350 ameth->param_print = 0; 351 352 ameth->pkey_free = 0; 353 ameth->pkey_ctrl = 0; 354 355 return ameth; 356 357 err: 358 359 EVP_PKEY_asn1_free(ameth); 360 return NULL; 361 362} 363 364void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, 365 const EVP_PKEY_ASN1_METHOD *src) 366{ 367 368 dst->pub_decode = src->pub_decode; 369 dst->pub_encode = src->pub_encode; 370 dst->pub_cmp = src->pub_cmp; 371 dst->pub_print = src->pub_print; 372 373 dst->priv_decode = src->priv_decode; 374 dst->priv_encode = src->priv_encode; 375 dst->priv_print = src->priv_print; 376 377 dst->old_priv_encode = src->old_priv_encode; 378 dst->old_priv_decode = src->old_priv_decode; 379 380 dst->pkey_size = src->pkey_size; 381 dst->pkey_bits = src->pkey_bits; 382 383 dst->param_decode = src->param_decode; 384 dst->param_encode = src->param_encode; 385 dst->param_missing = src->param_missing; 386 dst->param_copy = src->param_copy; 387 dst->param_cmp = src->param_cmp; 388 dst->param_print = src->param_print; 389 390 dst->pkey_free = src->pkey_free; 391 dst->pkey_ctrl = src->pkey_ctrl; 392 393 dst->item_sign = src->item_sign; 394 dst->item_verify = src->item_verify; 395 396} 397 398void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth) 399{ 400 if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) { 401 if (ameth->pem_str) 402 OPENSSL_free(ameth->pem_str); 403 if (ameth->info) 404 OPENSSL_free(ameth->info); 405 OPENSSL_free(ameth); 406 } 407} 408 409void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, 410 int (*pub_decode) (EVP_PKEY *pk, 411 X509_PUBKEY *pub), 412 int (*pub_encode) (X509_PUBKEY *pub, 413 const EVP_PKEY *pk), 414 int (*pub_cmp) (const EVP_PKEY *a, 415 const EVP_PKEY *b), 416 int (*pub_print) (BIO *out, 417 const EVP_PKEY *pkey, 418 int indent, ASN1_PCTX *pctx), 419 int (*pkey_size) (const EVP_PKEY *pk), 420 int (*pkey_bits) (const EVP_PKEY *pk)) 421{ 422 ameth->pub_decode = pub_decode; 423 ameth->pub_encode = pub_encode; 424 ameth->pub_cmp = pub_cmp; 425 ameth->pub_print = pub_print; 426 ameth->pkey_size = pkey_size; 427 ameth->pkey_bits = pkey_bits; 428} 429 430void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, 431 int (*priv_decode) (EVP_PKEY *pk, 432 PKCS8_PRIV_KEY_INFO 433 *p8inf), 434 int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, 435 const EVP_PKEY *pk), 436 int (*priv_print) (BIO *out, 437 const EVP_PKEY *pkey, 438 int indent, 439 ASN1_PCTX *pctx)) 440{ 441 ameth->priv_decode = priv_decode; 442 ameth->priv_encode = priv_encode; 443 ameth->priv_print = priv_print; 444} 445 446void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, 447 int (*param_decode) (EVP_PKEY *pkey, 448 const unsigned char **pder, 449 int derlen), 450 int (*param_encode) (const EVP_PKEY *pkey, 451 unsigned char **pder), 452 int (*param_missing) (const EVP_PKEY *pk), 453 int (*param_copy) (EVP_PKEY *to, 454 const EVP_PKEY *from), 455 int (*param_cmp) (const EVP_PKEY *a, 456 const EVP_PKEY *b), 457 int (*param_print) (BIO *out, 458 const EVP_PKEY *pkey, 459 int indent, ASN1_PCTX *pctx)) 460{ 461 ameth->param_decode = param_decode; 462 ameth->param_encode = param_encode; 463 ameth->param_missing = param_missing; 464 ameth->param_copy = param_copy; 465 ameth->param_cmp = param_cmp; 466 ameth->param_print = param_print; 467} 468 469void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, 470 void (*pkey_free) (EVP_PKEY *pkey)) 471{ 472 ameth->pkey_free = pkey_free; 473} 474 475void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, 476 int (*pkey_ctrl) (EVP_PKEY *pkey, int op, 477 long arg1, void *arg2)) 478{ 479 ameth->pkey_ctrl = pkey_ctrl; 480} 481 482void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth, 483 int (*item_verify) (EVP_MD_CTX *ctx, 484 const ASN1_ITEM *it, 485 void *asn, 486 X509_ALGOR *a, 487 ASN1_BIT_STRING *sig, 488 EVP_PKEY *pkey), 489 int (*item_sign) (EVP_MD_CTX *ctx, 490 const ASN1_ITEM *it, 491 void *asn, 492 X509_ALGOR *alg1, 493 X509_ALGOR *alg2, 494 ASN1_BIT_STRING *sig)) 495{ 496 ameth->item_sign = item_sign; 497 ameth->item_verify = item_verify; 498} 499