x_all.c revision 277195
1/* crypto/x509/x_all.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59#include <stdio.h> 60#undef SSLEAY_MACROS 61#include <openssl/stack.h> 62#include "cryptlib.h" 63#include <openssl/buffer.h> 64#include <openssl/asn1.h> 65#include <openssl/evp.h> 66#include <openssl/x509.h> 67#ifndef OPENSSL_NO_RSA 68#include <openssl/rsa.h> 69#endif 70#ifndef OPENSSL_NO_DSA 71#include <openssl/dsa.h> 72#endif 73 74int X509_verify(X509 *a, EVP_PKEY *r) 75 { 76 if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature)) 77 return 0; 78 return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF),a->sig_alg, 79 a->signature,a->cert_info,r)); 80 } 81 82int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r) 83 { 84 return( ASN1_item_verify(ASN1_ITEM_rptr(X509_REQ_INFO), 85 a->sig_alg,a->signature,a->req_info,r)); 86 } 87 88int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r) 89 { 90 return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO), 91 a->sig_alg, a->signature,a->crl,r)); 92 } 93 94int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) 95 { 96 return(ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC), 97 a->sig_algor,a->signature,a->spkac,r)); 98 } 99 100int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) 101 { 102 x->cert_info->enc.modified = 1; 103 return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), x->cert_info->signature, 104 x->sig_alg, x->signature, x->cert_info,pkey,md)); 105 } 106 107int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) 108 { 109 return(ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO),x->sig_alg, NULL, 110 x->signature, x->req_info,pkey,md)); 111 } 112 113int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md) 114 { 115 x->crl->enc.modified = 1; 116 return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO),x->crl->sig_alg, 117 x->sig_alg, x->signature, x->crl,pkey,md)); 118 } 119 120int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) 121 { 122 return(ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor,NULL, 123 x->signature, x->spkac,pkey,md)); 124 } 125 126#ifndef OPENSSL_NO_FP_API 127X509 *d2i_X509_fp(FILE *fp, X509 **x509) 128 { 129 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509); 130 } 131 132int i2d_X509_fp(FILE *fp, X509 *x509) 133 { 134 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509); 135 } 136#endif 137 138X509 *d2i_X509_bio(BIO *bp, X509 **x509) 139 { 140 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509); 141 } 142 143int i2d_X509_bio(BIO *bp, X509 *x509) 144 { 145 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509); 146 } 147 148#ifndef OPENSSL_NO_FP_API 149X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl) 150 { 151 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl); 152 } 153 154int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl) 155 { 156 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl); 157 } 158#endif 159 160X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl) 161 { 162 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl); 163 } 164 165int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl) 166 { 167 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl); 168 } 169 170#ifndef OPENSSL_NO_FP_API 171PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7) 172 { 173 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7); 174 } 175 176int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7) 177 { 178 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7); 179 } 180#endif 181 182PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7) 183 { 184 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7); 185 } 186 187int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7) 188 { 189 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7); 190 } 191 192#ifndef OPENSSL_NO_FP_API 193X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req) 194 { 195 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req); 196 } 197 198int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req) 199 { 200 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req); 201 } 202#endif 203 204X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req) 205 { 206 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req); 207 } 208 209int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req) 210 { 211 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req); 212 } 213 214#ifndef OPENSSL_NO_RSA 215 216#ifndef OPENSSL_NO_FP_API 217RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) 218 { 219 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); 220 } 221 222int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa) 223 { 224 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); 225 } 226 227RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) 228 { 229 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); 230 } 231 232 233RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) 234 { 235 return ASN1_d2i_fp((void *(*)(void)) 236 RSA_new,(D2I_OF(void))d2i_RSA_PUBKEY, fp, 237 (void **)rsa); 238 } 239 240int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) 241 { 242 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); 243 } 244 245int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) 246 { 247 return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY,fp,rsa); 248 } 249#endif 250 251RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) 252 { 253 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); 254 } 255 256int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa) 257 { 258 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); 259 } 260 261RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) 262 { 263 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); 264 } 265 266 267RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) 268 { 269 return ASN1_d2i_bio_of(RSA,RSA_new,d2i_RSA_PUBKEY,bp,rsa); 270 } 271 272int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) 273 { 274 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); 275 } 276 277int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) 278 { 279 return ASN1_i2d_bio_of(RSA,i2d_RSA_PUBKEY,bp,rsa); 280 } 281#endif 282 283#ifndef OPENSSL_NO_DSA 284#ifndef OPENSSL_NO_FP_API 285DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) 286 { 287 return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSAPrivateKey,fp,dsa); 288 } 289 290int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa) 291 { 292 return ASN1_i2d_fp_of_const(DSA,i2d_DSAPrivateKey,fp,dsa); 293 } 294 295DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa) 296 { 297 return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSA_PUBKEY,fp,dsa); 298 } 299 300int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa) 301 { 302 return ASN1_i2d_fp_of(DSA,i2d_DSA_PUBKEY,fp,dsa); 303 } 304#endif 305 306DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) 307 { 308 return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAPrivateKey,bp,dsa 309); 310 } 311 312int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa) 313 { 314 return ASN1_i2d_bio_of_const(DSA,i2d_DSAPrivateKey,bp,dsa); 315 } 316 317DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa) 318 { 319 return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSA_PUBKEY,bp,dsa); 320 } 321 322int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa) 323 { 324 return ASN1_i2d_bio_of(DSA,i2d_DSA_PUBKEY,bp,dsa); 325 } 326 327#endif 328 329#ifndef OPENSSL_NO_EC 330#ifndef OPENSSL_NO_FP_API 331EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey) 332 { 333 return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,fp,eckey); 334 } 335 336int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey) 337 { 338 return ASN1_i2d_fp_of(EC_KEY,i2d_EC_PUBKEY,fp,eckey); 339 } 340 341EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey) 342 { 343 return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,fp,eckey); 344 } 345 346int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey) 347 { 348 return ASN1_i2d_fp_of(EC_KEY,i2d_ECPrivateKey,fp,eckey); 349 } 350#endif 351EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey) 352 { 353 return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,bp,eckey); 354 } 355 356int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa) 357 { 358 return ASN1_i2d_bio_of(EC_KEY,i2d_EC_PUBKEY,bp,ecdsa); 359 } 360 361EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey) 362 { 363 return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,bp,eckey); 364 } 365 366int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey) 367 { 368 return ASN1_i2d_bio_of(EC_KEY,i2d_ECPrivateKey,bp,eckey); 369 } 370#endif 371 372 373int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md, 374 unsigned int *len) 375 { 376 ASN1_BIT_STRING *key; 377 key = X509_get0_pubkey_bitstr(data); 378 if(!key) return 0; 379 return EVP_Digest(key->data, key->length, md, len, type, NULL); 380 } 381 382int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, 383 unsigned int *len) 384 { 385 return(ASN1_item_digest(ASN1_ITEM_rptr(X509),type,(char *)data,md,len)); 386 } 387 388int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md, 389 unsigned int *len) 390 { 391 return(ASN1_item_digest(ASN1_ITEM_rptr(X509_CRL),type,(char *)data,md,len)); 392 } 393 394int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md, 395 unsigned int *len) 396 { 397 return(ASN1_item_digest(ASN1_ITEM_rptr(X509_REQ),type,(char *)data,md,len)); 398 } 399 400int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md, 401 unsigned int *len) 402 { 403 return(ASN1_item_digest(ASN1_ITEM_rptr(X509_NAME),type,(char *)data,md,len)); 404 } 405 406int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *type, 407 unsigned char *md, unsigned int *len) 408 { 409 return(ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL),type, 410 (char *)data,md,len)); 411 } 412 413 414#ifndef OPENSSL_NO_FP_API 415X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) 416 { 417 return ASN1_d2i_fp_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,fp,p8); 418 } 419 420int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8) 421 { 422 return ASN1_i2d_fp_of(X509_SIG,i2d_X509_SIG,fp,p8); 423 } 424#endif 425 426X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) 427 { 428 return ASN1_d2i_bio_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,bp,p8); 429 } 430 431int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8) 432 { 433 return ASN1_i2d_bio_of(X509_SIG,i2d_X509_SIG,bp,p8); 434 } 435 436#ifndef OPENSSL_NO_FP_API 437PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, 438 PKCS8_PRIV_KEY_INFO **p8inf) 439 { 440 return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new, 441 d2i_PKCS8_PRIV_KEY_INFO,fp,p8inf); 442 } 443 444int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf) 445 { 446 return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,fp, 447 p8inf); 448 } 449 450int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) 451 { 452 PKCS8_PRIV_KEY_INFO *p8inf; 453 int ret; 454 p8inf = EVP_PKEY2PKCS8(key); 455 if(!p8inf) return 0; 456 ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf); 457 PKCS8_PRIV_KEY_INFO_free(p8inf); 458 return ret; 459 } 460 461int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey) 462 { 463 return ASN1_i2d_fp_of(EVP_PKEY,i2d_PrivateKey,fp,pkey); 464 } 465 466EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) 467{ 468 return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,fp,a); 469} 470 471int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey) 472 { 473 return ASN1_i2d_fp_of(EVP_PKEY,i2d_PUBKEY,fp,pkey); 474 } 475 476EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a) 477{ 478 return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,fp,a); 479} 480 481#endif 482 483PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, 484 PKCS8_PRIV_KEY_INFO **p8inf) 485 { 486 return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new, 487 d2i_PKCS8_PRIV_KEY_INFO,bp,p8inf); 488 } 489 490int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf) 491 { 492 return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,bp, 493 p8inf); 494 } 495 496int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) 497 { 498 PKCS8_PRIV_KEY_INFO *p8inf; 499 int ret; 500 p8inf = EVP_PKEY2PKCS8(key); 501 if(!p8inf) return 0; 502 ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf); 503 PKCS8_PRIV_KEY_INFO_free(p8inf); 504 return ret; 505 } 506 507int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey) 508 { 509 return ASN1_i2d_bio_of(EVP_PKEY,i2d_PrivateKey,bp,pkey); 510 } 511 512EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a) 513 { 514 return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,bp,a); 515 } 516 517int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey) 518 { 519 return ASN1_i2d_bio_of(EVP_PKEY,i2d_PUBKEY,bp,pkey); 520 } 521 522EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a) 523 { 524 return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,bp,a); 525 } 526