1/* 2 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10/* 11 * DSA low level APIs are deprecated for public use, but still ok for 12 * internal use. 13 */ 14#include "internal/deprecated.h" 15 16#include <assert.h> 17#include <stdio.h> 18#include "internal/cryptlib.h" 19#include "internal/refcount.h" 20#include "internal/namemap.h" 21#include <openssl/bn.h> 22#include <openssl/err.h> 23#include <openssl/objects.h> 24#include <openssl/evp.h> 25#include <openssl/rsa.h> 26#include <openssl/dsa.h> 27#include <openssl/dh.h> 28#include <openssl/ec.h> 29#include <openssl/cmac.h> 30#ifndef FIPS_MODULE 31# include <openssl/engine.h> 32#endif 33#include <openssl/params.h> 34#include <openssl/param_build.h> 35#include <openssl/encoder.h> 36#include <openssl/core_names.h> 37 38#include "internal/numbers.h" /* includes SIZE_MAX */ 39#include "internal/ffc.h" 40#include "crypto/evp.h" 41#include "crypto/dh.h" 42#include "crypto/dsa.h" 43#include "crypto/ec.h" 44#include "crypto/ecx.h" 45#include "crypto/rsa.h" 46#ifndef FIPS_MODULE 47# include "crypto/asn1.h" 48# include "crypto/x509.h" 49#endif 50#include "internal/provider.h" 51#include "evp_local.h" 52 53static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, 54 int len, EVP_KEYMGMT *keymgmt); 55static void evp_pkey_free_it(EVP_PKEY *key); 56 57#ifndef FIPS_MODULE 58 59/* The type of parameters selected in key parameter functions */ 60# define SELECT_PARAMETERS OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS 61 62int EVP_PKEY_get_bits(const EVP_PKEY *pkey) 63{ 64 int size = 0; 65 66 if (pkey != NULL) { 67 size = pkey->cache.bits; 68 if (pkey->ameth != NULL && pkey->ameth->pkey_bits != NULL) 69 size = pkey->ameth->pkey_bits(pkey); 70 } 71 return size < 0 ? 0 : size; 72} 73 74int EVP_PKEY_get_security_bits(const EVP_PKEY *pkey) 75{ 76 int size = 0; 77 78 if (pkey != NULL) { 79 size = pkey->cache.security_bits; 80 if (pkey->ameth != NULL && pkey->ameth->pkey_security_bits != NULL) 81 size = pkey->ameth->pkey_security_bits(pkey); 82 } 83 return size < 0 ? 0 : size; 84} 85 86int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 87{ 88# ifndef OPENSSL_NO_DSA 89 if (pkey->type == EVP_PKEY_DSA) { 90 int ret = pkey->save_parameters; 91 92 if (mode >= 0) 93 pkey->save_parameters = mode; 94 return ret; 95 } 96# endif 97# ifndef OPENSSL_NO_EC 98 if (pkey->type == EVP_PKEY_EC) { 99 int ret = pkey->save_parameters; 100 101 if (mode >= 0) 102 pkey->save_parameters = mode; 103 return ret; 104 } 105# endif 106 return 0; 107} 108 109int EVP_PKEY_set_ex_data(EVP_PKEY *key, int idx, void *arg) 110{ 111 return CRYPTO_set_ex_data(&key->ex_data, idx, arg); 112} 113 114void *EVP_PKEY_get_ex_data(const EVP_PKEY *key, int idx) 115{ 116 return CRYPTO_get_ex_data(&key->ex_data, idx); 117} 118 119int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 120{ 121 /* 122 * Clean up legacy stuff from this function when legacy support is gone. 123 */ 124 125 EVP_PKEY *downgraded_from = NULL; 126 int ok = 0; 127 128 /* 129 * If |to| is a legacy key and |from| isn't, we must make a downgraded 130 * copy of |from|. If that fails, this function fails. 131 */ 132 if (evp_pkey_is_legacy(to) && evp_pkey_is_provided(from)) { 133 if (!evp_pkey_copy_downgraded(&downgraded_from, from)) 134 goto end; 135 from = downgraded_from; 136 } 137 138 /* 139 * Make sure |to| is typed. Content is less important at this early 140 * stage. 141 * 142 * 1. If |to| is untyped, assign |from|'s key type to it. 143 * 2. If |to| contains a legacy key, compare its |type| to |from|'s. 144 * (|from| was already downgraded above) 145 * 146 * If |to| is a provided key, there's nothing more to do here, functions 147 * like evp_keymgmt_util_copy() and evp_pkey_export_to_provider() called 148 * further down help us find out if they are the same or not. 149 */ 150 if (evp_pkey_is_blank(to)) { 151 if (evp_pkey_is_legacy(from)) { 152 if (EVP_PKEY_set_type(to, from->type) == 0) 153 goto end; 154 } else { 155 if (EVP_PKEY_set_type_by_keymgmt(to, from->keymgmt) == 0) 156 goto end; 157 } 158 } else if (evp_pkey_is_legacy(to)) { 159 if (to->type != from->type) { 160 ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES); 161 goto end; 162 } 163 } 164 165 if (EVP_PKEY_missing_parameters(from)) { 166 ERR_raise(ERR_LIB_EVP, EVP_R_MISSING_PARAMETERS); 167 goto end; 168 } 169 170 if (!EVP_PKEY_missing_parameters(to)) { 171 if (EVP_PKEY_parameters_eq(to, from) == 1) 172 ok = 1; 173 else 174 ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_PARAMETERS); 175 goto end; 176 } 177 178 /* For purely provided keys, we just call the keymgmt utility */ 179 if (to->keymgmt != NULL && from->keymgmt != NULL) { 180 ok = evp_keymgmt_util_copy(to, (EVP_PKEY *)from, SELECT_PARAMETERS); 181 goto end; 182 } 183 184 /* 185 * If |to| is provided, we know that |from| is legacy at this point. 186 * Try exporting |from| to |to|'s keymgmt, then use evp_keymgmt_dup() 187 * to copy the appropriate data to |to|'s keydata. 188 * We cannot override existing data so do it only if there is no keydata 189 * in |to| yet. 190 */ 191 if (to->keymgmt != NULL && to->keydata == NULL) { 192 EVP_KEYMGMT *to_keymgmt = to->keymgmt; 193 void *from_keydata = 194 evp_pkey_export_to_provider((EVP_PKEY *)from, NULL, &to_keymgmt, 195 NULL); 196 197 /* 198 * If we get a NULL, it could be an internal error, or it could be 199 * that there's a key mismatch. We're pretending the latter... 200 */ 201 if (from_keydata == NULL) 202 ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES); 203 else 204 ok = (to->keydata = evp_keymgmt_dup(to->keymgmt, 205 from_keydata, 206 SELECT_PARAMETERS)) != NULL; 207 goto end; 208 } 209 210 /* Both keys are legacy */ 211 if (from->ameth != NULL && from->ameth->param_copy != NULL) 212 ok = from->ameth->param_copy(to, from); 213 end: 214 EVP_PKEY_free(downgraded_from); 215 return ok; 216} 217 218int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 219{ 220 if (pkey != NULL) { 221 if (pkey->keymgmt != NULL) 222 return !evp_keymgmt_util_has((EVP_PKEY *)pkey, SELECT_PARAMETERS); 223 else if (pkey->ameth != NULL && pkey->ameth->param_missing != NULL) 224 return pkey->ameth->param_missing(pkey); 225 } 226 return 0; 227} 228 229/* 230 * This function is called for any mixture of keys except pure legacy pair. 231 * When legacy keys are gone, we replace a call to this functions with 232 * a call to evp_keymgmt_util_match(). 233 */ 234static int evp_pkey_cmp_any(const EVP_PKEY *a, const EVP_PKEY *b, 235 int selection) 236{ 237 EVP_KEYMGMT *keymgmt1 = NULL, *keymgmt2 = NULL; 238 void *keydata1 = NULL, *keydata2 = NULL, *tmp_keydata = NULL; 239 240 /* If none of them are provided, this function shouldn't have been called */ 241 if (!ossl_assert(evp_pkey_is_provided(a) || evp_pkey_is_provided(b))) 242 return -2; 243 244 /* For purely provided keys, we just call the keymgmt utility */ 245 if (evp_pkey_is_provided(a) && evp_pkey_is_provided(b)) 246 return evp_keymgmt_util_match((EVP_PKEY *)a, (EVP_PKEY *)b, selection); 247 248 /* 249 * At this point, one of them is provided, the other not. This allows 250 * us to compare types using legacy NIDs. 251 */ 252 if (evp_pkey_is_legacy(a) 253 && !EVP_KEYMGMT_is_a(b->keymgmt, OBJ_nid2sn(a->type))) 254 return -1; /* not the same key type */ 255 if (evp_pkey_is_legacy(b) 256 && !EVP_KEYMGMT_is_a(a->keymgmt, OBJ_nid2sn(b->type))) 257 return -1; /* not the same key type */ 258 259 /* 260 * We've determined that they both are the same keytype, so the next 261 * step is to do a bit of cross export to ensure we have keydata for 262 * both keys in the same keymgmt. 263 */ 264 keymgmt1 = a->keymgmt; 265 keydata1 = a->keydata; 266 keymgmt2 = b->keymgmt; 267 keydata2 = b->keydata; 268 269 if (keymgmt2 != NULL && keymgmt2->match != NULL) { 270 tmp_keydata = 271 evp_pkey_export_to_provider((EVP_PKEY *)a, NULL, &keymgmt2, NULL); 272 if (tmp_keydata != NULL) { 273 keymgmt1 = keymgmt2; 274 keydata1 = tmp_keydata; 275 } 276 } 277 if (tmp_keydata == NULL && keymgmt1 != NULL && keymgmt1->match != NULL) { 278 tmp_keydata = 279 evp_pkey_export_to_provider((EVP_PKEY *)b, NULL, &keymgmt1, NULL); 280 if (tmp_keydata != NULL) { 281 keymgmt2 = keymgmt1; 282 keydata2 = tmp_keydata; 283 } 284 } 285 286 /* If we still don't have matching keymgmt implementations, we give up */ 287 if (keymgmt1 != keymgmt2) 288 return -2; 289 290 /* If the keymgmt implementations are NULL, the export failed */ 291 if (keymgmt1 == NULL) 292 return -2; 293 294 return evp_keymgmt_match(keymgmt1, keydata1, keydata2, selection); 295} 296 297# ifndef OPENSSL_NO_DEPRECATED_3_0 298int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 299{ 300 return EVP_PKEY_parameters_eq(a, b); 301} 302#endif 303 304int EVP_PKEY_parameters_eq(const EVP_PKEY *a, const EVP_PKEY *b) 305{ 306 /* 307 * This will just call evp_keymgmt_util_match when legacy support 308 * is gone. 309 */ 310 311 if (a->keymgmt != NULL || b->keymgmt != NULL) 312 return evp_pkey_cmp_any(a, b, SELECT_PARAMETERS); 313 314 /* All legacy keys */ 315 if (a->type != b->type) 316 return -1; 317 if (a->ameth != NULL && a->ameth->param_cmp != NULL) 318 return a->ameth->param_cmp(a, b); 319 return -2; 320} 321 322# ifndef OPENSSL_NO_DEPRECATED_3_0 323int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 324{ 325 return EVP_PKEY_eq(a, b); 326} 327#endif 328 329int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b) 330{ 331 /* 332 * This will just call evp_keymgmt_util_match when legacy support 333 * is gone. 334 */ 335 336 /* Trivial shortcuts */ 337 if (a == b) 338 return 1; 339 if (a == NULL || b == NULL) 340 return 0; 341 342 if (a->keymgmt != NULL || b->keymgmt != NULL) { 343 int selection = SELECT_PARAMETERS; 344 345 if (evp_keymgmt_util_has((EVP_PKEY *)a, OSSL_KEYMGMT_SELECT_PUBLIC_KEY) 346 && evp_keymgmt_util_has((EVP_PKEY *)b, OSSL_KEYMGMT_SELECT_PUBLIC_KEY)) 347 selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY; 348 else 349 selection |= OSSL_KEYMGMT_SELECT_KEYPAIR; 350 return evp_pkey_cmp_any(a, b, selection); 351 } 352 353 /* All legacy keys */ 354 if (a->type != b->type) 355 return -1; 356 357 if (a->ameth != NULL) { 358 int ret; 359 /* Compare parameters if the algorithm has them */ 360 if (a->ameth->param_cmp != NULL) { 361 ret = a->ameth->param_cmp(a, b); 362 if (ret <= 0) 363 return ret; 364 } 365 366 if (a->ameth->pub_cmp != NULL) 367 return a->ameth->pub_cmp(a, b); 368 } 369 370 return -2; 371} 372 373 374static EVP_PKEY *new_raw_key_int(OSSL_LIB_CTX *libctx, 375 const char *strtype, 376 const char *propq, 377 int nidtype, 378 ENGINE *e, 379 const unsigned char *key, 380 size_t len, 381 int key_is_priv) 382{ 383 EVP_PKEY *pkey = NULL; 384 EVP_PKEY_CTX *ctx = NULL; 385 const EVP_PKEY_ASN1_METHOD *ameth = NULL; 386 int result = 0; 387 388# ifndef OPENSSL_NO_ENGINE 389 /* Check if there is an Engine for this type */ 390 if (e == NULL) { 391 ENGINE *tmpe = NULL; 392 393 if (strtype != NULL) 394 ameth = EVP_PKEY_asn1_find_str(&tmpe, strtype, -1); 395 else if (nidtype != EVP_PKEY_NONE) 396 ameth = EVP_PKEY_asn1_find(&tmpe, nidtype); 397 398 /* If tmpe is NULL then no engine is claiming to support this type */ 399 if (tmpe == NULL) 400 ameth = NULL; 401 402 ENGINE_finish(tmpe); 403 } 404# endif 405 406 if (e == NULL && ameth == NULL) { 407 /* 408 * No engine is claiming to support this type, so lets see if we have 409 * a provider. 410 */ 411 ctx = EVP_PKEY_CTX_new_from_name(libctx, 412 strtype != NULL ? strtype 413 : OBJ_nid2sn(nidtype), 414 propq); 415 if (ctx == NULL) 416 goto err; 417 /* May fail if no provider available */ 418 ERR_set_mark(); 419 if (EVP_PKEY_fromdata_init(ctx) == 1) { 420 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END }; 421 422 ERR_clear_last_mark(); 423 params[0] = OSSL_PARAM_construct_octet_string( 424 key_is_priv ? OSSL_PKEY_PARAM_PRIV_KEY 425 : OSSL_PKEY_PARAM_PUB_KEY, 426 (void *)key, len); 427 428 if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) != 1) { 429 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 430 goto err; 431 } 432 433 EVP_PKEY_CTX_free(ctx); 434 435 return pkey; 436 } 437 ERR_pop_to_mark(); 438 /* else not supported so fallback to legacy */ 439 } 440 441 /* Legacy code path */ 442 443 pkey = EVP_PKEY_new(); 444 if (pkey == NULL) { 445 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 446 goto err; 447 } 448 449 if (!pkey_set_type(pkey, e, nidtype, strtype, -1, NULL)) { 450 /* EVPerr already called */ 451 goto err; 452 } 453 454 if (!ossl_assert(pkey->ameth != NULL)) 455 goto err; 456 457 if (key_is_priv) { 458 if (pkey->ameth->set_priv_key == NULL) { 459 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 460 goto err; 461 } 462 463 if (!pkey->ameth->set_priv_key(pkey, key, len)) { 464 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 465 goto err; 466 } 467 } else { 468 if (pkey->ameth->set_pub_key == NULL) { 469 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 470 goto err; 471 } 472 473 if (!pkey->ameth->set_pub_key(pkey, key, len)) { 474 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 475 goto err; 476 } 477 } 478 479 result = 1; 480 err: 481 if (!result) { 482 EVP_PKEY_free(pkey); 483 pkey = NULL; 484 } 485 EVP_PKEY_CTX_free(ctx); 486 return pkey; 487} 488 489EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OSSL_LIB_CTX *libctx, 490 const char *keytype, 491 const char *propq, 492 const unsigned char *priv, size_t len) 493{ 494 return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, priv, 495 len, 1); 496} 497 498EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, 499 const unsigned char *priv, 500 size_t len) 501{ 502 return new_raw_key_int(NULL, NULL, NULL, type, e, priv, len, 1); 503} 504 505EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OSSL_LIB_CTX *libctx, 506 const char *keytype, const char *propq, 507 const unsigned char *pub, size_t len) 508{ 509 return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, pub, 510 len, 0); 511} 512 513EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e, 514 const unsigned char *pub, 515 size_t len) 516{ 517 return new_raw_key_int(NULL, NULL, NULL, type, e, pub, len, 0); 518} 519 520struct raw_key_details_st 521{ 522 unsigned char **key; 523 size_t *len; 524 int selection; 525}; 526 527static OSSL_CALLBACK get_raw_key_details; 528static int get_raw_key_details(const OSSL_PARAM params[], void *arg) 529{ 530 const OSSL_PARAM *p = NULL; 531 struct raw_key_details_st *raw_key = arg; 532 533 if (raw_key->selection == OSSL_KEYMGMT_SELECT_PRIVATE_KEY) { 534 if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY)) 535 != NULL) 536 return OSSL_PARAM_get_octet_string(p, (void **)raw_key->key, 537 raw_key->key == NULL ? 0 : *raw_key->len, 538 raw_key->len); 539 } else if (raw_key->selection == OSSL_KEYMGMT_SELECT_PUBLIC_KEY) { 540 if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY)) 541 != NULL) 542 return OSSL_PARAM_get_octet_string(p, (void **)raw_key->key, 543 raw_key->key == NULL ? 0 : *raw_key->len, 544 raw_key->len); 545 } 546 547 return 0; 548} 549 550int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv, 551 size_t *len) 552{ 553 if (pkey->keymgmt != NULL) { 554 struct raw_key_details_st raw_key; 555 556 raw_key.key = priv == NULL ? NULL : &priv; 557 raw_key.len = len; 558 raw_key.selection = OSSL_KEYMGMT_SELECT_PRIVATE_KEY; 559 560 return evp_keymgmt_util_export(pkey, OSSL_KEYMGMT_SELECT_PRIVATE_KEY, 561 get_raw_key_details, &raw_key); 562 } 563 564 if (pkey->ameth == NULL) { 565 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 566 return 0; 567 } 568 569 if (pkey->ameth->get_priv_key == NULL) { 570 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 571 return 0; 572 } 573 574 if (!pkey->ameth->get_priv_key(pkey, priv, len)) { 575 ERR_raise(ERR_LIB_EVP, EVP_R_GET_RAW_KEY_FAILED); 576 return 0; 577 } 578 579 return 1; 580} 581 582int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub, 583 size_t *len) 584{ 585 if (pkey->keymgmt != NULL) { 586 struct raw_key_details_st raw_key; 587 588 raw_key.key = pub == NULL ? NULL : &pub; 589 raw_key.len = len; 590 raw_key.selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY; 591 592 return evp_keymgmt_util_export(pkey, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, 593 get_raw_key_details, &raw_key); 594 } 595 596 if (pkey->ameth == NULL) { 597 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 598 return 0; 599 } 600 601 if (pkey->ameth->get_pub_key == NULL) { 602 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 603 return 0; 604 } 605 606 if (!pkey->ameth->get_pub_key(pkey, pub, len)) { 607 ERR_raise(ERR_LIB_EVP, EVP_R_GET_RAW_KEY_FAILED); 608 return 0; 609 } 610 611 return 1; 612} 613 614static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len, 615 const char *cipher_name, 616 const EVP_CIPHER *cipher, 617 OSSL_LIB_CTX *libctx, 618 const char *propq, ENGINE *e) 619{ 620# ifndef OPENSSL_NO_CMAC 621# ifndef OPENSSL_NO_ENGINE 622 const char *engine_id = e != NULL ? ENGINE_get_id(e) : NULL; 623# endif 624 OSSL_PARAM params[5], *p = params; 625 EVP_PKEY *pkey = NULL; 626 EVP_PKEY_CTX *ctx; 627 628 if (cipher != NULL) 629 cipher_name = EVP_CIPHER_get0_name(cipher); 630 631 if (cipher_name == NULL) { 632 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 633 return NULL; 634 } 635 636 ctx = EVP_PKEY_CTX_new_from_name(libctx, "CMAC", propq); 637 if (ctx == NULL) 638 goto err; 639 640 if (EVP_PKEY_fromdata_init(ctx) <= 0) { 641 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 642 goto err; 643 } 644 645 *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, 646 (void *)priv, len); 647 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_CIPHER, 648 (char *)cipher_name, 0); 649 if (propq != NULL) 650 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_PROPERTIES, 651 (char *)propq, 0); 652# ifndef OPENSSL_NO_ENGINE 653 if (engine_id != NULL) 654 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_ENGINE, 655 (char *)engine_id, 0); 656# endif 657 *p = OSSL_PARAM_construct_end(); 658 659 if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) { 660 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 661 goto err; 662 } 663 664 err: 665 EVP_PKEY_CTX_free(ctx); 666 667 return pkey; 668# else 669 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 670 return NULL; 671# endif 672} 673 674EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, 675 size_t len, const EVP_CIPHER *cipher) 676{ 677 return new_cmac_key_int(priv, len, NULL, cipher, NULL, NULL, e); 678} 679 680int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 681{ 682 return pkey_set_type(pkey, NULL, type, NULL, -1, NULL); 683} 684 685int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 686{ 687 return pkey_set_type(pkey, NULL, EVP_PKEY_NONE, str, len, NULL); 688} 689 690# ifndef OPENSSL_NO_ENGINE 691int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *e) 692{ 693 if (e != NULL) { 694 if (!ENGINE_init(e)) { 695 ERR_raise(ERR_LIB_EVP, ERR_R_ENGINE_LIB); 696 return 0; 697 } 698 if (ENGINE_get_pkey_meth(e, pkey->type) == NULL) { 699 ENGINE_finish(e); 700 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM); 701 return 0; 702 } 703 } 704 ENGINE_finish(pkey->pmeth_engine); 705 pkey->pmeth_engine = e; 706 return 1; 707} 708 709ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey) 710{ 711 return pkey->engine; 712} 713# endif 714 715# ifndef OPENSSL_NO_DEPRECATED_3_0 716static void detect_foreign_key(EVP_PKEY *pkey) 717{ 718 switch (pkey->type) { 719 case EVP_PKEY_RSA: 720 case EVP_PKEY_RSA_PSS: 721 pkey->foreign = pkey->pkey.rsa != NULL 722 && ossl_rsa_is_foreign(pkey->pkey.rsa); 723 break; 724# ifndef OPENSSL_NO_EC 725 case EVP_PKEY_SM2: 726 break; 727 case EVP_PKEY_EC: 728 pkey->foreign = pkey->pkey.ec != NULL 729 && ossl_ec_key_is_foreign(pkey->pkey.ec); 730 break; 731# endif 732# ifndef OPENSSL_NO_DSA 733 case EVP_PKEY_DSA: 734 pkey->foreign = pkey->pkey.dsa != NULL 735 && ossl_dsa_is_foreign(pkey->pkey.dsa); 736 break; 737#endif 738# ifndef OPENSSL_NO_DH 739 case EVP_PKEY_DH: 740 pkey->foreign = pkey->pkey.dh != NULL 741 && ossl_dh_is_foreign(pkey->pkey.dh); 742 break; 743#endif 744 default: 745 pkey->foreign = 0; 746 break; 747 } 748} 749 750int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 751{ 752# ifndef OPENSSL_NO_EC 753 int pktype; 754 755 pktype = EVP_PKEY_type(type); 756 if ((key != NULL) && (pktype == EVP_PKEY_EC || pktype == EVP_PKEY_SM2)) { 757 const EC_GROUP *group = EC_KEY_get0_group(key); 758 759 if (group != NULL) { 760 int curve = EC_GROUP_get_curve_name(group); 761 762 /* 763 * Regardless of what is requested the SM2 curve must be SM2 type, 764 * and non SM2 curves are EC type. 765 */ 766 if (curve == NID_sm2 && pktype == EVP_PKEY_EC) 767 type = EVP_PKEY_SM2; 768 else if(curve != NID_sm2 && pktype == EVP_PKEY_SM2) 769 type = EVP_PKEY_EC; 770 } 771 } 772# endif 773 774 if (pkey == NULL || !EVP_PKEY_set_type(pkey, type)) 775 return 0; 776 777 pkey->pkey.ptr = key; 778 detect_foreign_key(pkey); 779 780 return (key != NULL); 781} 782# endif 783 784void *EVP_PKEY_get0(const EVP_PKEY *pkey) 785{ 786 if (pkey == NULL) 787 return NULL; 788 789 if (!evp_pkey_is_provided(pkey)) 790 return pkey->pkey.ptr; 791 792 return NULL; 793} 794 795const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) 796{ 797 const ASN1_OCTET_STRING *os = NULL; 798 if (pkey->type != EVP_PKEY_HMAC) { 799 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_AN_HMAC_KEY); 800 return NULL; 801 } 802 os = evp_pkey_get_legacy((EVP_PKEY *)pkey); 803 if (os != NULL) { 804 *len = os->length; 805 return os->data; 806 } 807 return NULL; 808} 809 810# ifndef OPENSSL_NO_POLY1305 811const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len) 812{ 813 const ASN1_OCTET_STRING *os = NULL; 814 if (pkey->type != EVP_PKEY_POLY1305) { 815 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_POLY1305_KEY); 816 return NULL; 817 } 818 os = evp_pkey_get_legacy((EVP_PKEY *)pkey); 819 if (os != NULL) { 820 *len = os->length; 821 return os->data; 822 } 823 return NULL; 824} 825# endif 826 827# ifndef OPENSSL_NO_SIPHASH 828const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len) 829{ 830 const ASN1_OCTET_STRING *os = NULL; 831 832 if (pkey->type != EVP_PKEY_SIPHASH) { 833 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_SIPHASH_KEY); 834 return NULL; 835 } 836 os = evp_pkey_get_legacy((EVP_PKEY *)pkey); 837 if (os != NULL) { 838 *len = os->length; 839 return os->data; 840 } 841 return NULL; 842} 843# endif 844 845# ifndef OPENSSL_NO_DSA 846static DSA *evp_pkey_get0_DSA_int(const EVP_PKEY *pkey) 847{ 848 if (pkey->type != EVP_PKEY_DSA) { 849 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_DSA_KEY); 850 return NULL; 851 } 852 return evp_pkey_get_legacy((EVP_PKEY *)pkey); 853} 854 855const DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey) 856{ 857 return evp_pkey_get0_DSA_int(pkey); 858} 859 860int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 861{ 862 int ret = EVP_PKEY_assign_DSA(pkey, key); 863 if (ret) 864 DSA_up_ref(key); 865 return ret; 866} 867DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 868{ 869 DSA *ret = evp_pkey_get0_DSA_int(pkey); 870 871 if (ret != NULL) 872 DSA_up_ref(ret); 873 return ret; 874} 875# endif /* OPENSSL_NO_DSA */ 876 877# ifndef OPENSSL_NO_EC 878static const ECX_KEY *evp_pkey_get0_ECX_KEY(const EVP_PKEY *pkey, int type) 879{ 880 if (EVP_PKEY_get_base_id(pkey) != type) { 881 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_ECX_KEY); 882 return NULL; 883 } 884 return evp_pkey_get_legacy((EVP_PKEY *)pkey); 885} 886 887static ECX_KEY *evp_pkey_get1_ECX_KEY(EVP_PKEY *pkey, int type) 888{ 889 ECX_KEY *ret = (ECX_KEY *)evp_pkey_get0_ECX_KEY(pkey, type); 890 891 if (ret != NULL && !ossl_ecx_key_up_ref(ret)) 892 ret = NULL; 893 return ret; 894} 895 896# define IMPLEMENT_ECX_VARIANT(NAME) \ 897 ECX_KEY *ossl_evp_pkey_get1_##NAME(EVP_PKEY *pkey) \ 898 { \ 899 return evp_pkey_get1_ECX_KEY(pkey, EVP_PKEY_##NAME); \ 900 } 901IMPLEMENT_ECX_VARIANT(X25519) 902IMPLEMENT_ECX_VARIANT(X448) 903IMPLEMENT_ECX_VARIANT(ED25519) 904IMPLEMENT_ECX_VARIANT(ED448) 905 906# endif 907 908# if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0) 909 910int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *dhkey) 911{ 912 int ret, type; 913 914 /* 915 * ossl_dh_is_named_safe_prime_group() returns 1 for named safe prime groups 916 * related to ffdhe and modp (which cache q = (p - 1) / 2), 917 * and returns 0 for all other dh parameter generation types including 918 * RFC5114 named groups. 919 * 920 * The EVP_PKEY_DH type is used for dh parameter generation types: 921 * - named safe prime groups related to ffdhe and modp 922 * - safe prime generator 923 * 924 * The type EVP_PKEY_DHX is used for dh parameter generation types 925 * - fips186-4 and fips186-2 926 * - rfc5114 named groups. 927 * 928 * The EVP_PKEY_DH type is used to save PKCS#3 data than can be stored 929 * without a q value. 930 * The EVP_PKEY_DHX type is used to save X9.42 data that requires the 931 * q value to be stored. 932 */ 933 if (ossl_dh_is_named_safe_prime_group(dhkey)) 934 type = EVP_PKEY_DH; 935 else 936 type = DH_get0_q(dhkey) == NULL ? EVP_PKEY_DH : EVP_PKEY_DHX; 937 938 ret = EVP_PKEY_assign(pkey, type, dhkey); 939 940 if (ret) 941 DH_up_ref(dhkey); 942 return ret; 943} 944 945DH *evp_pkey_get0_DH_int(const EVP_PKEY *pkey) 946{ 947 if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) { 948 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_DH_KEY); 949 return NULL; 950 } 951 return evp_pkey_get_legacy((EVP_PKEY *)pkey); 952} 953 954const DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey) 955{ 956 return evp_pkey_get0_DH_int(pkey); 957} 958 959DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) 960{ 961 DH *ret = evp_pkey_get0_DH_int(pkey); 962 963 if (ret != NULL) 964 DH_up_ref(ret); 965 return ret; 966} 967# endif 968 969int EVP_PKEY_type(int type) 970{ 971 int ret; 972 const EVP_PKEY_ASN1_METHOD *ameth; 973 ENGINE *e; 974 ameth = EVP_PKEY_asn1_find(&e, type); 975 if (ameth) 976 ret = ameth->pkey_id; 977 else 978 ret = NID_undef; 979# ifndef OPENSSL_NO_ENGINE 980 ENGINE_finish(e); 981# endif 982 return ret; 983} 984 985int EVP_PKEY_get_id(const EVP_PKEY *pkey) 986{ 987 return pkey->type; 988} 989 990int EVP_PKEY_get_base_id(const EVP_PKEY *pkey) 991{ 992 return EVP_PKEY_type(pkey->type); 993} 994 995/* 996 * These hard coded cases are pure hackery to get around the fact 997 * that names in crypto/objects/objects.txt are a mess. There is 998 * no "EC", and "RSA" leads to the NID for 2.5.8.1.1, an OID that's 999 * fallen out in favor of { pkcs-1 1 }, i.e. 1.2.840.113549.1.1.1, 1000 * the NID of which is used for EVP_PKEY_RSA. Strangely enough, 1001 * "DSA" is accurate... but still, better be safe and hard-code 1002 * names that we know. 1003 * On a similar topic, EVP_PKEY_type(EVP_PKEY_SM2) will result in 1004 * EVP_PKEY_EC, because of aliasing. 1005 * This should be cleaned away along with all other #legacy support. 1006 */ 1007static const OSSL_ITEM standard_name2type[] = { 1008 { EVP_PKEY_RSA, "RSA" }, 1009 { EVP_PKEY_RSA_PSS, "RSA-PSS" }, 1010 { EVP_PKEY_EC, "EC" }, 1011 { EVP_PKEY_ED25519, "ED25519" }, 1012 { EVP_PKEY_ED448, "ED448" }, 1013 { EVP_PKEY_X25519, "X25519" }, 1014 { EVP_PKEY_X448, "X448" }, 1015 { EVP_PKEY_SM2, "SM2" }, 1016 { EVP_PKEY_DH, "DH" }, 1017 { EVP_PKEY_DHX, "X9.42 DH" }, 1018 { EVP_PKEY_DHX, "DHX" }, 1019 { EVP_PKEY_DSA, "DSA" }, 1020}; 1021 1022int evp_pkey_name2type(const char *name) 1023{ 1024 int type; 1025 size_t i; 1026 1027 for (i = 0; i < OSSL_NELEM(standard_name2type); i++) { 1028 if (OPENSSL_strcasecmp(name, standard_name2type[i].ptr) == 0) 1029 return (int)standard_name2type[i].id; 1030 } 1031 1032 if ((type = EVP_PKEY_type(OBJ_sn2nid(name))) != NID_undef) 1033 return type; 1034 return EVP_PKEY_type(OBJ_ln2nid(name)); 1035} 1036 1037const char *evp_pkey_type2name(int type) 1038{ 1039 size_t i; 1040 1041 for (i = 0; i < OSSL_NELEM(standard_name2type); i++) { 1042 if (type == (int)standard_name2type[i].id) 1043 return standard_name2type[i].ptr; 1044 } 1045 1046 return OBJ_nid2sn(type); 1047} 1048 1049int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name) 1050{ 1051 if (pkey == NULL) 1052 return 0; 1053 if (pkey->keymgmt == NULL) 1054 return pkey->type == evp_pkey_name2type(name); 1055 return EVP_KEYMGMT_is_a(pkey->keymgmt, name); 1056} 1057 1058int EVP_PKEY_type_names_do_all(const EVP_PKEY *pkey, 1059 void (*fn)(const char *name, void *data), 1060 void *data) 1061{ 1062 if (!evp_pkey_is_typed(pkey)) 1063 return 0; 1064 1065 if (!evp_pkey_is_provided(pkey)) { 1066 const char *name = OBJ_nid2sn(EVP_PKEY_get_id(pkey)); 1067 1068 fn(name, data); 1069 return 1; 1070 } 1071 return EVP_KEYMGMT_names_do_all(pkey->keymgmt, fn, data); 1072} 1073 1074int EVP_PKEY_can_sign(const EVP_PKEY *pkey) 1075{ 1076 if (pkey->keymgmt == NULL) { 1077 switch (EVP_PKEY_get_base_id(pkey)) { 1078 case EVP_PKEY_RSA: 1079 case EVP_PKEY_RSA_PSS: 1080 return 1; 1081# ifndef OPENSSL_NO_DSA 1082 case EVP_PKEY_DSA: 1083 return 1; 1084# endif 1085# ifndef OPENSSL_NO_EC 1086 case EVP_PKEY_ED25519: 1087 case EVP_PKEY_ED448: 1088 return 1; 1089 case EVP_PKEY_EC: /* Including SM2 */ 1090 return EC_KEY_can_sign(pkey->pkey.ec); 1091# endif 1092 default: 1093 break; 1094 } 1095 } else { 1096 const OSSL_PROVIDER *prov = EVP_KEYMGMT_get0_provider(pkey->keymgmt); 1097 OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); 1098 const char *supported_sig = 1099 pkey->keymgmt->query_operation_name != NULL 1100 ? pkey->keymgmt->query_operation_name(OSSL_OP_SIGNATURE) 1101 : EVP_KEYMGMT_get0_name(pkey->keymgmt); 1102 EVP_SIGNATURE *signature = NULL; 1103 1104 signature = EVP_SIGNATURE_fetch(libctx, supported_sig, NULL); 1105 if (signature != NULL) { 1106 EVP_SIGNATURE_free(signature); 1107 return 1; 1108 } 1109 } 1110 return 0; 1111} 1112 1113static int print_reset_indent(BIO **out, int pop_f_prefix, long saved_indent) 1114{ 1115 BIO_set_indent(*out, saved_indent); 1116 if (pop_f_prefix) { 1117 BIO *next = BIO_pop(*out); 1118 1119 BIO_free(*out); 1120 *out = next; 1121 } 1122 return 1; 1123} 1124 1125static int print_set_indent(BIO **out, int *pop_f_prefix, long *saved_indent, 1126 long indent) 1127{ 1128 *pop_f_prefix = 0; 1129 *saved_indent = 0; 1130 if (indent > 0) { 1131 long i = BIO_get_indent(*out); 1132 1133 *saved_indent = (i < 0 ? 0 : i); 1134 if (BIO_set_indent(*out, indent) <= 0) { 1135 BIO *prefbio = BIO_new(BIO_f_prefix()); 1136 1137 if (prefbio == NULL) 1138 return 0; 1139 *out = BIO_push(prefbio, *out); 1140 *pop_f_prefix = 1; 1141 } 1142 if (BIO_set_indent(*out, indent) <= 0) { 1143 print_reset_indent(out, *pop_f_prefix, *saved_indent); 1144 return 0; 1145 } 1146 } 1147 return 1; 1148} 1149 1150static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, 1151 const char *kstr) 1152{ 1153 return BIO_indent(out, indent, 128) 1154 && BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 1155 kstr, OBJ_nid2ln(pkey->type)) > 0; 1156} 1157 1158static int print_pkey(const EVP_PKEY *pkey, BIO *out, int indent, 1159 int selection /* For provided encoding */, 1160 const char *propquery /* For provided encoding */, 1161 int (*legacy_print)(BIO *out, const EVP_PKEY *pkey, 1162 int indent, ASN1_PCTX *pctx), 1163 ASN1_PCTX *legacy_pctx /* For legacy print */) 1164{ 1165 int pop_f_prefix; 1166 long saved_indent; 1167 OSSL_ENCODER_CTX *ctx = NULL; 1168 int ret = -2; /* default to unsupported */ 1169 1170 if (!print_set_indent(&out, &pop_f_prefix, &saved_indent, indent)) 1171 return 0; 1172 1173 ctx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "TEXT", NULL, 1174 propquery); 1175 if (OSSL_ENCODER_CTX_get_num_encoders(ctx) != 0) 1176 ret = OSSL_ENCODER_to_bio(ctx, out); 1177 OSSL_ENCODER_CTX_free(ctx); 1178 1179 if (ret != -2) 1180 goto end; 1181 1182 /* legacy fallback */ 1183 if (legacy_print != NULL) 1184 ret = legacy_print(out, pkey, 0, legacy_pctx); 1185 else 1186 ret = unsup_alg(out, pkey, 0, "Public Key"); 1187 1188 end: 1189 print_reset_indent(&out, pop_f_prefix, saved_indent); 1190 return ret; 1191} 1192 1193int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, 1194 int indent, ASN1_PCTX *pctx) 1195{ 1196 return print_pkey(pkey, out, indent, EVP_PKEY_PUBLIC_KEY, NULL, 1197 (pkey->ameth != NULL ? pkey->ameth->pub_print : NULL), 1198 pctx); 1199} 1200 1201int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, 1202 int indent, ASN1_PCTX *pctx) 1203{ 1204 return print_pkey(pkey, out, indent, EVP_PKEY_PRIVATE_KEY, NULL, 1205 (pkey->ameth != NULL ? pkey->ameth->priv_print : NULL), 1206 pctx); 1207} 1208 1209int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, 1210 int indent, ASN1_PCTX *pctx) 1211{ 1212 return print_pkey(pkey, out, indent, EVP_PKEY_KEY_PARAMETERS, NULL, 1213 (pkey->ameth != NULL ? pkey->ameth->param_print : NULL), 1214 pctx); 1215} 1216 1217# ifndef OPENSSL_NO_STDIO 1218int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey, 1219 int indent, ASN1_PCTX *pctx) 1220{ 1221 int ret; 1222 BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); 1223 1224 if (b == NULL) 1225 return 0; 1226 ret = EVP_PKEY_print_public(b, pkey, indent, pctx); 1227 BIO_free(b); 1228 return ret; 1229} 1230 1231int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey, 1232 int indent, ASN1_PCTX *pctx) 1233{ 1234 int ret; 1235 BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); 1236 1237 if (b == NULL) 1238 return 0; 1239 ret = EVP_PKEY_print_private(b, pkey, indent, pctx); 1240 BIO_free(b); 1241 return ret; 1242} 1243 1244int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey, 1245 int indent, ASN1_PCTX *pctx) 1246{ 1247 int ret; 1248 BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); 1249 1250 if (b == NULL) 1251 return 0; 1252 ret = EVP_PKEY_print_params(b, pkey, indent, pctx); 1253 BIO_free(b); 1254 return ret; 1255} 1256# endif 1257 1258static void mdname2nid(const char *mdname, void *data) 1259{ 1260 int *nid = (int *)data; 1261 1262 if (*nid != NID_undef) 1263 return; 1264 1265 *nid = OBJ_sn2nid(mdname); 1266 if (*nid == NID_undef) 1267 *nid = OBJ_ln2nid(mdname); 1268} 1269 1270static int legacy_asn1_ctrl_to_param(EVP_PKEY *pkey, int op, 1271 int arg1, void *arg2) 1272{ 1273 if (pkey->keymgmt == NULL) 1274 return 0; 1275 switch (op) { 1276 case ASN1_PKEY_CTRL_DEFAULT_MD_NID: 1277 { 1278 char mdname[80] = ""; 1279 int rv = EVP_PKEY_get_default_digest_name(pkey, mdname, 1280 sizeof(mdname)); 1281 1282 if (rv > 0) { 1283 int mdnum; 1284 OSSL_LIB_CTX *libctx = ossl_provider_libctx(pkey->keymgmt->prov); 1285 /* Make sure the MD is in the namemap if available */ 1286 EVP_MD *md; 1287 OSSL_NAMEMAP *namemap; 1288 int nid = NID_undef; 1289 1290 (void)ERR_set_mark(); 1291 md = EVP_MD_fetch(libctx, mdname, NULL); 1292 (void)ERR_pop_to_mark(); 1293 namemap = ossl_namemap_stored(libctx); 1294 1295 /* 1296 * The only reason to fetch the MD was to make sure it is in the 1297 * namemap. We can immediately free it. 1298 */ 1299 EVP_MD_free(md); 1300 mdnum = ossl_namemap_name2num(namemap, mdname); 1301 if (mdnum == 0) 1302 return 0; 1303 1304 /* 1305 * We have the namemap number - now we need to find the 1306 * associated nid 1307 */ 1308 if (!ossl_namemap_doall_names(namemap, mdnum, mdname2nid, &nid)) 1309 return 0; 1310 *(int *)arg2 = nid; 1311 } 1312 return rv; 1313 } 1314 default: 1315 return -2; 1316 } 1317} 1318 1319static int evp_pkey_asn1_ctrl(EVP_PKEY *pkey, int op, int arg1, void *arg2) 1320{ 1321 if (pkey->ameth == NULL) 1322 return legacy_asn1_ctrl_to_param(pkey, op, arg1, arg2); 1323 if (pkey->ameth->pkey_ctrl == NULL) 1324 return -2; 1325 return pkey->ameth->pkey_ctrl(pkey, op, arg1, arg2); 1326} 1327 1328int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 1329{ 1330 if (pkey == NULL) 1331 return 0; 1332 return evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 0, pnid); 1333} 1334 1335int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey, 1336 char *mdname, size_t mdname_sz) 1337{ 1338 if (pkey->ameth == NULL) 1339 return evp_keymgmt_util_get_deflt_digest_name(pkey->keymgmt, 1340 pkey->keydata, 1341 mdname, mdname_sz); 1342 1343 { 1344 int nid = NID_undef; 1345 int rv = EVP_PKEY_get_default_digest_nid(pkey, &nid); 1346 const char *name = rv > 0 ? OBJ_nid2sn(nid) : NULL; 1347 1348 if (rv > 0) 1349 OPENSSL_strlcpy(mdname, name, mdname_sz); 1350 return rv; 1351 } 1352} 1353 1354int EVP_PKEY_get_group_name(const EVP_PKEY *pkey, char *gname, size_t gname_sz, 1355 size_t *gname_len) 1356{ 1357 return EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_GROUP_NAME, 1358 gname, gname_sz, gname_len); 1359} 1360 1361int EVP_PKEY_digestsign_supports_digest(EVP_PKEY *pkey, OSSL_LIB_CTX *libctx, 1362 const char *name, const char *propq) 1363{ 1364 int rv; 1365 EVP_MD_CTX *ctx = NULL; 1366 1367 if ((ctx = EVP_MD_CTX_new()) == NULL) 1368 return -1; 1369 1370 ERR_set_mark(); 1371 rv = EVP_DigestSignInit_ex(ctx, NULL, name, libctx, 1372 propq, pkey, NULL); 1373 ERR_pop_to_mark(); 1374 1375 EVP_MD_CTX_free(ctx); 1376 return rv; 1377} 1378 1379int EVP_PKEY_set1_encoded_public_key(EVP_PKEY *pkey, const unsigned char *pub, 1380 size_t publen) 1381{ 1382 if (pkey == NULL) 1383 return 0; 1384 if (evp_pkey_is_provided(pkey)) 1385 return 1386 EVP_PKEY_set_octet_string_param(pkey, 1387 OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, 1388 (unsigned char *)pub, publen); 1389 1390 if (publen > INT_MAX) 1391 return 0; 1392 /* Historically this function was EVP_PKEY_set1_tls_encodedpoint */ 1393 if (evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_SET1_TLS_ENCPT, publen, 1394 (void *)pub) <= 0) 1395 return 0; 1396 return 1; 1397} 1398 1399size_t EVP_PKEY_get1_encoded_public_key(EVP_PKEY *pkey, unsigned char **ppub) 1400{ 1401 int rv; 1402 1403 if (pkey == NULL) 1404 return 0; 1405 if (evp_pkey_is_provided(pkey)) { 1406 size_t return_size = OSSL_PARAM_UNMODIFIED; 1407 unsigned char *buf; 1408 1409 /* 1410 * We know that this is going to fail, but it will give us a size 1411 * to allocate. 1412 */ 1413 EVP_PKEY_get_octet_string_param(pkey, 1414 OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, 1415 NULL, 0, &return_size); 1416 if (return_size == OSSL_PARAM_UNMODIFIED) 1417 return 0; 1418 1419 *ppub = NULL; 1420 buf = OPENSSL_malloc(return_size); 1421 if (buf == NULL) 1422 return 0; 1423 1424 if (!EVP_PKEY_get_octet_string_param(pkey, 1425 OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, 1426 buf, return_size, NULL)) { 1427 OPENSSL_free(buf); 1428 return 0; 1429 } 1430 *ppub = buf; 1431 return return_size; 1432 } 1433 1434 1435 rv = evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_GET1_TLS_ENCPT, 0, ppub); 1436 if (rv <= 0) 1437 return 0; 1438 return rv; 1439} 1440 1441#endif /* FIPS_MODULE */ 1442 1443/*- All methods below can also be used in FIPS_MODULE */ 1444 1445EVP_PKEY *EVP_PKEY_new(void) 1446{ 1447 EVP_PKEY *ret = OPENSSL_zalloc(sizeof(*ret)); 1448 1449 if (ret == NULL) { 1450 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 1451 return NULL; 1452 } 1453 1454 ret->type = EVP_PKEY_NONE; 1455 ret->save_type = EVP_PKEY_NONE; 1456 ret->references = 1; 1457 1458 ret->lock = CRYPTO_THREAD_lock_new(); 1459 if (ret->lock == NULL) { 1460 EVPerr(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 1461 goto err; 1462 } 1463 1464#ifndef FIPS_MODULE 1465 ret->save_parameters = 1; 1466 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, ret, &ret->ex_data)) { 1467 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 1468 goto err; 1469 } 1470#endif 1471 return ret; 1472 1473 err: 1474 CRYPTO_THREAD_lock_free(ret->lock); 1475 OPENSSL_free(ret); 1476 return NULL; 1477} 1478 1479/* 1480 * Setup a public key management method. 1481 * 1482 * For legacy keys, either |type| or |str| is expected to have the type 1483 * information. In this case, the setup consists of finding an ASN1 method 1484 * and potentially an ENGINE, and setting those fields in |pkey|. 1485 * 1486 * For provider side keys, |keymgmt| is expected to be non-NULL. In this 1487 * case, the setup consists of setting the |keymgmt| field in |pkey|. 1488 * 1489 * If pkey is NULL just return 1 or 0 if the key management method exists. 1490 */ 1491 1492static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, 1493 int len, EVP_KEYMGMT *keymgmt) 1494{ 1495#ifndef FIPS_MODULE 1496 const EVP_PKEY_ASN1_METHOD *ameth = NULL; 1497 ENGINE **eptr = (e == NULL) ? &e : NULL; 1498#endif 1499 1500 /* 1501 * The setups can't set both legacy and provider side methods. 1502 * It is forbidden 1503 */ 1504 if (!ossl_assert(type == EVP_PKEY_NONE || keymgmt == NULL) 1505 || !ossl_assert(e == NULL || keymgmt == NULL)) { 1506 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 1507 return 0; 1508 } 1509 1510 if (pkey != NULL) { 1511 int free_it = 0; 1512 1513#ifndef FIPS_MODULE 1514 free_it = free_it || pkey->pkey.ptr != NULL; 1515#endif 1516 free_it = free_it || pkey->keydata != NULL; 1517 if (free_it) 1518 evp_pkey_free_it(pkey); 1519#ifndef FIPS_MODULE 1520 /* 1521 * If key type matches and a method exists then this lookup has 1522 * succeeded once so just indicate success. 1523 */ 1524 if (pkey->type != EVP_PKEY_NONE 1525 && type == pkey->save_type 1526 && pkey->ameth != NULL) 1527 return 1; 1528# ifndef OPENSSL_NO_ENGINE 1529 /* If we have ENGINEs release them */ 1530 ENGINE_finish(pkey->engine); 1531 pkey->engine = NULL; 1532 ENGINE_finish(pkey->pmeth_engine); 1533 pkey->pmeth_engine = NULL; 1534# endif 1535#endif 1536 } 1537#ifndef FIPS_MODULE 1538 if (str != NULL) 1539 ameth = EVP_PKEY_asn1_find_str(eptr, str, len); 1540 else if (type != EVP_PKEY_NONE) 1541 ameth = EVP_PKEY_asn1_find(eptr, type); 1542# ifndef OPENSSL_NO_ENGINE 1543 if (pkey == NULL && eptr != NULL) 1544 ENGINE_finish(e); 1545# endif 1546#endif 1547 1548 1549 { 1550 int check = 1; 1551 1552#ifndef FIPS_MODULE 1553 check = check && ameth == NULL; 1554#endif 1555 check = check && keymgmt == NULL; 1556 if (check) { 1557 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM); 1558 return 0; 1559 } 1560 } 1561 if (pkey != NULL) { 1562 if (keymgmt != NULL && !EVP_KEYMGMT_up_ref(keymgmt)) { 1563 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 1564 return 0; 1565 } 1566 1567 pkey->keymgmt = keymgmt; 1568 1569 pkey->save_type = type; 1570 pkey->type = type; 1571 1572#ifndef FIPS_MODULE 1573 /* 1574 * If the internal "origin" key is provider side, don't save |ameth|. 1575 * The main reason is that |ameth| is one factor to detect that the 1576 * internal "origin" key is a legacy one. 1577 */ 1578 if (keymgmt == NULL) 1579 pkey->ameth = ameth; 1580 1581 /* 1582 * The EVP_PKEY_ASN1_METHOD |pkey_id| retains its legacy key purpose 1583 * for any key type that has a legacy implementation, regardless of 1584 * if the internal key is a legacy or a provider side one. When 1585 * there is no legacy implementation for the key, the type becomes 1586 * EVP_PKEY_KEYMGMT, which indicates that one should be cautious 1587 * with functions that expect legacy internal keys. 1588 */ 1589 if (ameth != NULL) { 1590 if (type == EVP_PKEY_NONE) 1591 pkey->type = ameth->pkey_id; 1592 } else { 1593 pkey->type = EVP_PKEY_KEYMGMT; 1594 } 1595# ifndef OPENSSL_NO_ENGINE 1596 if (eptr == NULL && e != NULL && !ENGINE_init(e)) { 1597 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); 1598 return 0; 1599 } 1600# endif 1601 pkey->engine = e; 1602#endif 1603 } 1604 return 1; 1605} 1606 1607#ifndef FIPS_MODULE 1608static void find_ameth(const char *name, void *data) 1609{ 1610 const char **str = data; 1611 1612 /* 1613 * The error messages from pkey_set_type() are uninteresting here, 1614 * and misleading. 1615 */ 1616 ERR_set_mark(); 1617 1618 if (pkey_set_type(NULL, NULL, EVP_PKEY_NONE, name, strlen(name), 1619 NULL)) { 1620 if (str[0] == NULL) 1621 str[0] = name; 1622 else if (str[1] == NULL) 1623 str[1] = name; 1624 } 1625 1626 ERR_pop_to_mark(); 1627} 1628#endif 1629 1630int EVP_PKEY_set_type_by_keymgmt(EVP_PKEY *pkey, EVP_KEYMGMT *keymgmt) 1631{ 1632#ifndef FIPS_MODULE 1633# define EVP_PKEY_TYPE_STR str[0] 1634# define EVP_PKEY_TYPE_STRLEN (str[0] == NULL ? -1 : (int)strlen(str[0])) 1635 /* 1636 * Find at most two strings that have an associated EVP_PKEY_ASN1_METHOD 1637 * Ideally, only one should be found. If two (or more) are found, the 1638 * match is ambiguous. This should never happen, but... 1639 */ 1640 const char *str[2] = { NULL, NULL }; 1641 1642 if (!EVP_KEYMGMT_names_do_all(keymgmt, find_ameth, &str) 1643 || str[1] != NULL) { 1644 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 1645 return 0; 1646 } 1647#else 1648# define EVP_PKEY_TYPE_STR NULL 1649# define EVP_PKEY_TYPE_STRLEN -1 1650#endif 1651 return pkey_set_type(pkey, NULL, EVP_PKEY_NONE, 1652 EVP_PKEY_TYPE_STR, EVP_PKEY_TYPE_STRLEN, 1653 keymgmt); 1654 1655#undef EVP_PKEY_TYPE_STR 1656#undef EVP_PKEY_TYPE_STRLEN 1657} 1658 1659int EVP_PKEY_up_ref(EVP_PKEY *pkey) 1660{ 1661 int i; 1662 1663 if (CRYPTO_UP_REF(&pkey->references, &i, pkey->lock) <= 0) 1664 return 0; 1665 1666 REF_PRINT_COUNT("EVP_PKEY", pkey); 1667 REF_ASSERT_ISNT(i < 2); 1668 return ((i > 1) ? 1 : 0); 1669} 1670 1671#ifndef FIPS_MODULE 1672EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey) 1673{ 1674 EVP_PKEY *dup_pk; 1675 1676 if (pkey == NULL) { 1677 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER); 1678 return NULL; 1679 } 1680 1681 if ((dup_pk = EVP_PKEY_new()) == NULL) 1682 return NULL; 1683 1684 if (evp_pkey_is_blank(pkey)) 1685 goto done; 1686 1687 if (evp_pkey_is_provided(pkey)) { 1688 if (!evp_keymgmt_util_copy(dup_pk, pkey, 1689 OSSL_KEYMGMT_SELECT_ALL)) 1690 goto err; 1691 goto done; 1692 } 1693 1694 if (evp_pkey_is_legacy(pkey)) { 1695 const EVP_PKEY_ASN1_METHOD *ameth = pkey->ameth; 1696 1697 if (ameth == NULL || ameth->copy == NULL) { 1698 if (pkey->pkey.ptr == NULL /* empty key, just set type */ 1699 && EVP_PKEY_set_type(dup_pk, pkey->type) != 0) 1700 goto done; 1701 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE); 1702 goto err; 1703 } 1704 if (!ameth->copy(dup_pk, pkey)) 1705 goto err; 1706 goto done; 1707 } 1708 1709 goto err; 1710done: 1711 /* copy auxiliary data */ 1712 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, 1713 &dup_pk->ex_data, &pkey->ex_data)) 1714 goto err; 1715 1716 if (pkey->attributes != NULL) { 1717 if ((dup_pk->attributes = ossl_x509at_dup(pkey->attributes)) == NULL) 1718 goto err; 1719 } 1720 return dup_pk; 1721err: 1722 EVP_PKEY_free(dup_pk); 1723 return NULL; 1724} 1725 1726void evp_pkey_free_legacy(EVP_PKEY *x) 1727{ 1728 const EVP_PKEY_ASN1_METHOD *ameth = x->ameth; 1729 ENGINE *tmpe = NULL; 1730 1731 if (ameth == NULL && x->legacy_cache_pkey.ptr != NULL) 1732 ameth = EVP_PKEY_asn1_find(&tmpe, x->type); 1733 1734 if (ameth != NULL) { 1735 if (x->legacy_cache_pkey.ptr != NULL) { 1736 /* 1737 * We should never have both a legacy origin key, and a key in the 1738 * legacy cache. 1739 */ 1740 assert(x->pkey.ptr == NULL); 1741 /* 1742 * For the purposes of freeing we make the legacy cache look like 1743 * a legacy origin key. 1744 */ 1745 x->pkey = x->legacy_cache_pkey; 1746 x->legacy_cache_pkey.ptr = NULL; 1747 } 1748 if (ameth->pkey_free != NULL) 1749 ameth->pkey_free(x); 1750 x->pkey.ptr = NULL; 1751 } 1752# ifndef OPENSSL_NO_ENGINE 1753 ENGINE_finish(tmpe); 1754 ENGINE_finish(x->engine); 1755 x->engine = NULL; 1756 ENGINE_finish(x->pmeth_engine); 1757 x->pmeth_engine = NULL; 1758# endif 1759} 1760#endif /* FIPS_MODULE */ 1761 1762static void evp_pkey_free_it(EVP_PKEY *x) 1763{ 1764 /* internal function; x is never NULL */ 1765 evp_keymgmt_util_clear_operation_cache(x, 1); 1766#ifndef FIPS_MODULE 1767 evp_pkey_free_legacy(x); 1768#endif 1769 1770 if (x->keymgmt != NULL) { 1771 evp_keymgmt_freedata(x->keymgmt, x->keydata); 1772 EVP_KEYMGMT_free(x->keymgmt); 1773 x->keymgmt = NULL; 1774 x->keydata = NULL; 1775 } 1776 x->type = EVP_PKEY_NONE; 1777} 1778 1779void EVP_PKEY_free(EVP_PKEY *x) 1780{ 1781 int i; 1782 1783 if (x == NULL) 1784 return; 1785 1786 CRYPTO_DOWN_REF(&x->references, &i, x->lock); 1787 REF_PRINT_COUNT("EVP_PKEY", x); 1788 if (i > 0) 1789 return; 1790 REF_ASSERT_ISNT(i < 0); 1791 evp_pkey_free_it(x); 1792#ifndef FIPS_MODULE 1793 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, x, &x->ex_data); 1794#endif 1795 CRYPTO_THREAD_lock_free(x->lock); 1796#ifndef FIPS_MODULE 1797 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); 1798#endif 1799 OPENSSL_free(x); 1800} 1801 1802int EVP_PKEY_get_size(const EVP_PKEY *pkey) 1803{ 1804 int size = 0; 1805 1806 if (pkey != NULL) { 1807 size = pkey->cache.size; 1808#ifndef FIPS_MODULE 1809 if (pkey->ameth != NULL && pkey->ameth->pkey_size != NULL) 1810 size = pkey->ameth->pkey_size(pkey); 1811#endif 1812 } 1813 return size < 0 ? 0 : size; 1814} 1815 1816const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey) 1817{ 1818 if (!evp_pkey_is_assigned(pkey)) 1819 return NULL; 1820 1821 if (evp_pkey_is_provided(pkey) && pkey->keymgmt->description != NULL) 1822 return pkey->keymgmt->description; 1823#ifndef FIPS_MODULE 1824 if (pkey->ameth != NULL) 1825 return pkey->ameth->info; 1826#endif 1827 return NULL; 1828} 1829 1830void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, 1831 EVP_KEYMGMT **keymgmt, 1832 const char *propquery) 1833{ 1834 EVP_KEYMGMT *allocated_keymgmt = NULL; 1835 EVP_KEYMGMT *tmp_keymgmt = NULL; 1836 int selection = OSSL_KEYMGMT_SELECT_ALL; 1837 void *keydata = NULL; 1838 int check; 1839 1840 if (pk == NULL) 1841 return NULL; 1842 1843 /* No key data => nothing to export */ 1844 check = 1; 1845#ifndef FIPS_MODULE 1846 check = check && pk->pkey.ptr == NULL; 1847#endif 1848 check = check && pk->keydata == NULL; 1849 if (check) 1850 return NULL; 1851 1852#ifndef FIPS_MODULE 1853 if (pk->pkey.ptr != NULL) { 1854 /* 1855 * If the legacy key doesn't have an dirty counter or export function, 1856 * give up 1857 */ 1858 if (pk->ameth->dirty_cnt == NULL || pk->ameth->export_to == NULL) 1859 return NULL; 1860 } 1861#endif 1862 1863 if (keymgmt != NULL) { 1864 tmp_keymgmt = *keymgmt; 1865 *keymgmt = NULL; 1866 } 1867 1868 /* 1869 * If no keymgmt was given or found, get a default keymgmt. We do so by 1870 * letting EVP_PKEY_CTX_new_from_pkey() do it for us, then we steal it. 1871 */ 1872 if (tmp_keymgmt == NULL) { 1873 EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pk, propquery); 1874 1875 if (ctx == NULL) 1876 goto end; 1877 allocated_keymgmt = tmp_keymgmt = ctx->keymgmt; 1878 ctx->keymgmt = NULL; 1879 EVP_PKEY_CTX_free(ctx); 1880 } 1881 1882 /* If there's still no keymgmt to be had, give up */ 1883 if (tmp_keymgmt == NULL) 1884 goto end; 1885 1886#ifndef FIPS_MODULE 1887 if (pk->pkey.ptr != NULL) { 1888 OP_CACHE_ELEM *op; 1889 1890 /* 1891 * If the legacy "origin" hasn't changed since last time, we try 1892 * to find our keymgmt in the operation cache. If it has changed, 1893 * |i| remains zero, and we will clear the cache further down. 1894 */ 1895 if (pk->ameth->dirty_cnt(pk) == pk->dirty_cnt_copy) { 1896 if (!CRYPTO_THREAD_read_lock(pk->lock)) 1897 goto end; 1898 op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt, 1899 selection); 1900 1901 /* 1902 * If |tmp_keymgmt| is present in the operation cache, it means 1903 * that export doesn't need to be redone. In that case, we take 1904 * token copies of the cached pointers, to have token success 1905 * values to return. It is possible (e.g. in a no-cached-fetch 1906 * build), for op->keymgmt to be a different pointer to tmp_keymgmt 1907 * even though the name/provider must be the same. In other words 1908 * the keymgmt instance may be different but still equivalent, i.e. 1909 * same algorithm/provider instance - but we make the simplifying 1910 * assumption that the keydata can be used with either keymgmt 1911 * instance. Not doing so introduces significant complexity and 1912 * probably requires refactoring - since we would have to ripple 1913 * the change in keymgmt instance up the call chain. 1914 */ 1915 if (op != NULL && op->keymgmt != NULL) { 1916 keydata = op->keydata; 1917 CRYPTO_THREAD_unlock(pk->lock); 1918 goto end; 1919 } 1920 CRYPTO_THREAD_unlock(pk->lock); 1921 } 1922 1923 /* Make sure that the keymgmt key type matches the legacy NID */ 1924 if (!EVP_KEYMGMT_is_a(tmp_keymgmt, OBJ_nid2sn(pk->type))) 1925 goto end; 1926 1927 if ((keydata = evp_keymgmt_newdata(tmp_keymgmt)) == NULL) 1928 goto end; 1929 1930 if (!pk->ameth->export_to(pk, keydata, tmp_keymgmt->import, 1931 libctx, propquery)) { 1932 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1933 keydata = NULL; 1934 goto end; 1935 } 1936 1937 /* 1938 * If the dirty counter changed since last time, then clear the 1939 * operation cache. In that case, we know that |i| is zero. Just 1940 * in case this is a re-export, we increment then decrement the 1941 * keymgmt reference counter. 1942 */ 1943 if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) { /* refcnt++ */ 1944 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1945 keydata = NULL; 1946 goto end; 1947 } 1948 1949 if (!CRYPTO_THREAD_write_lock(pk->lock)) 1950 goto end; 1951 if (pk->ameth->dirty_cnt(pk) != pk->dirty_cnt_copy 1952 && !evp_keymgmt_util_clear_operation_cache(pk, 0)) { 1953 CRYPTO_THREAD_unlock(pk->lock); 1954 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1955 keydata = NULL; 1956 EVP_KEYMGMT_free(tmp_keymgmt); 1957 goto end; 1958 } 1959 EVP_KEYMGMT_free(tmp_keymgmt); /* refcnt-- */ 1960 1961 /* Check to make sure some other thread didn't get there first */ 1962 op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt, selection); 1963 if (op != NULL && op->keymgmt != NULL) { 1964 void *tmp_keydata = op->keydata; 1965 1966 CRYPTO_THREAD_unlock(pk->lock); 1967 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1968 keydata = tmp_keydata; 1969 goto end; 1970 } 1971 1972 /* Add the new export to the operation cache */ 1973 if (!evp_keymgmt_util_cache_keydata(pk, tmp_keymgmt, keydata, 1974 selection)) { 1975 CRYPTO_THREAD_unlock(pk->lock); 1976 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1977 keydata = NULL; 1978 goto end; 1979 } 1980 1981 /* Synchronize the dirty count */ 1982 pk->dirty_cnt_copy = pk->ameth->dirty_cnt(pk); 1983 1984 CRYPTO_THREAD_unlock(pk->lock); 1985 goto end; 1986 } 1987#endif /* FIPS_MODULE */ 1988 1989 keydata = evp_keymgmt_util_export_to_provider(pk, tmp_keymgmt, selection); 1990 1991 end: 1992 /* 1993 * If nothing was exported, |tmp_keymgmt| might point at a freed 1994 * EVP_KEYMGMT, so we clear it to be safe. It shouldn't be useful for 1995 * the caller either way in that case. 1996 */ 1997 if (keydata == NULL) 1998 tmp_keymgmt = NULL; 1999 2000 if (keymgmt != NULL && tmp_keymgmt != NULL) { 2001 *keymgmt = tmp_keymgmt; 2002 allocated_keymgmt = NULL; 2003 } 2004 2005 EVP_KEYMGMT_free(allocated_keymgmt); 2006 return keydata; 2007} 2008 2009#ifndef FIPS_MODULE 2010int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src) 2011{ 2012 EVP_PKEY *allocpkey = NULL; 2013 2014 if (!ossl_assert(dest != NULL)) 2015 return 0; 2016 2017 if (evp_pkey_is_assigned(src) && evp_pkey_is_provided(src)) { 2018 EVP_KEYMGMT *keymgmt = src->keymgmt; 2019 void *keydata = src->keydata; 2020 int type = src->type; 2021 const char *keytype = NULL; 2022 2023 keytype = EVP_KEYMGMT_get0_name(keymgmt); 2024 2025 /* 2026 * If the type is EVP_PKEY_NONE, then we have a problem somewhere 2027 * else in our code. If it's not one of the well known EVP_PKEY_xxx 2028 * values, it should at least be EVP_PKEY_KEYMGMT at this point. 2029 * The check is kept as a safety measure. 2030 */ 2031 if (!ossl_assert(type != EVP_PKEY_NONE)) { 2032 ERR_raise_data(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR, 2033 "keymgmt key type = %s but legacy type = EVP_PKEY_NONE", 2034 keytype); 2035 return 0; 2036 } 2037 2038 /* Prefer the legacy key type name for error reporting */ 2039 if (type != EVP_PKEY_KEYMGMT) 2040 keytype = OBJ_nid2sn(type); 2041 2042 /* Make sure we have a clean slate to copy into */ 2043 if (*dest == NULL) { 2044 allocpkey = *dest = EVP_PKEY_new(); 2045 if (*dest == NULL) { 2046 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 2047 return 0; 2048 } 2049 } else { 2050 evp_pkey_free_it(*dest); 2051 } 2052 2053 if (EVP_PKEY_set_type(*dest, type)) { 2054 /* If the key is typed but empty, we're done */ 2055 if (keydata == NULL) 2056 return 1; 2057 2058 if ((*dest)->ameth->import_from == NULL) { 2059 ERR_raise_data(ERR_LIB_EVP, EVP_R_NO_IMPORT_FUNCTION, 2060 "key type = %s", keytype); 2061 } else { 2062 /* 2063 * We perform the export in the same libctx as the keymgmt 2064 * that we are using. 2065 */ 2066 OSSL_LIB_CTX *libctx = 2067 ossl_provider_libctx(keymgmt->prov); 2068 EVP_PKEY_CTX *pctx = 2069 EVP_PKEY_CTX_new_from_pkey(libctx, *dest, NULL); 2070 2071 if (pctx == NULL) 2072 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 2073 2074 if (pctx != NULL 2075 && evp_keymgmt_export(keymgmt, keydata, 2076 OSSL_KEYMGMT_SELECT_ALL, 2077 (*dest)->ameth->import_from, 2078 pctx)) { 2079 /* Synchronize the dirty count */ 2080 (*dest)->dirty_cnt_copy = (*dest)->ameth->dirty_cnt(*dest); 2081 2082 EVP_PKEY_CTX_free(pctx); 2083 return 1; 2084 } 2085 EVP_PKEY_CTX_free(pctx); 2086 } 2087 2088 ERR_raise_data(ERR_LIB_EVP, EVP_R_KEYMGMT_EXPORT_FAILURE, 2089 "key type = %s", keytype); 2090 } 2091 } 2092 2093 if (allocpkey != NULL) { 2094 EVP_PKEY_free(allocpkey); 2095 *dest = NULL; 2096 } 2097 return 0; 2098} 2099 2100void *evp_pkey_get_legacy(EVP_PKEY *pk) 2101{ 2102 EVP_PKEY *tmp_copy = NULL; 2103 void *ret = NULL; 2104 2105 if (!ossl_assert(pk != NULL)) 2106 return NULL; 2107 2108 /* 2109 * If this isn't an assigned provider side key, we just use any existing 2110 * origin legacy key. 2111 */ 2112 if (!evp_pkey_is_assigned(pk)) 2113 return NULL; 2114 if (!evp_pkey_is_provided(pk)) 2115 return pk->pkey.ptr; 2116 2117 if (!CRYPTO_THREAD_read_lock(pk->lock)) 2118 return NULL; 2119 2120 ret = pk->legacy_cache_pkey.ptr; 2121 2122 if (!CRYPTO_THREAD_unlock(pk->lock)) 2123 return NULL; 2124 2125 if (ret != NULL) 2126 return ret; 2127 2128 if (!evp_pkey_copy_downgraded(&tmp_copy, pk)) 2129 goto err; 2130 2131 if (!CRYPTO_THREAD_write_lock(pk->lock)) 2132 goto err; 2133 2134 /* Check again in case some other thread has updated it in the meantime */ 2135 ret = pk->legacy_cache_pkey.ptr; 2136 if (ret == NULL) { 2137 /* Steal the legacy key reference from the temporary copy */ 2138 ret = pk->legacy_cache_pkey.ptr = tmp_copy->pkey.ptr; 2139 tmp_copy->pkey.ptr = NULL; 2140 } 2141 2142 if (!CRYPTO_THREAD_unlock(pk->lock)) { 2143 ret = NULL; 2144 goto err; 2145 } 2146 2147 err: 2148 EVP_PKEY_free(tmp_copy); 2149 2150 return ret; 2151} 2152#endif /* FIPS_MODULE */ 2153 2154int EVP_PKEY_get_bn_param(const EVP_PKEY *pkey, const char *key_name, 2155 BIGNUM **bn) 2156{ 2157 int ret = 0; 2158 OSSL_PARAM params[2]; 2159 unsigned char buffer[2048]; 2160 unsigned char *buf = NULL; 2161 size_t buf_sz = 0; 2162 2163 if (key_name == NULL 2164 || bn == NULL) 2165 return 0; 2166 2167 memset(buffer, 0, sizeof(buffer)); 2168 params[0] = OSSL_PARAM_construct_BN(key_name, buffer, sizeof(buffer)); 2169 params[1] = OSSL_PARAM_construct_end(); 2170 if (!EVP_PKEY_get_params(pkey, params)) { 2171 if (!OSSL_PARAM_modified(params) || params[0].return_size == 0) 2172 return 0; 2173 buf_sz = params[0].return_size; 2174 /* 2175 * If it failed because the buffer was too small then allocate the 2176 * required buffer size and retry. 2177 */ 2178 buf = OPENSSL_zalloc(buf_sz); 2179 if (buf == NULL) 2180 return 0; 2181 params[0].data = buf; 2182 params[0].data_size = buf_sz; 2183 2184 if (!EVP_PKEY_get_params(pkey, params)) 2185 goto err; 2186 } 2187 /* Fail if the param was not found */ 2188 if (!OSSL_PARAM_modified(params)) 2189 goto err; 2190 ret = OSSL_PARAM_get_BN(params, bn); 2191err: 2192 if (buf != NULL) { 2193 if (OSSL_PARAM_modified(params)) 2194 OPENSSL_clear_free(buf, buf_sz); 2195 else 2196 OPENSSL_free(buf); 2197 } else if (OSSL_PARAM_modified(params)) { 2198 OPENSSL_cleanse(buffer, params[0].data_size); 2199 } 2200 return ret; 2201} 2202 2203int EVP_PKEY_get_octet_string_param(const EVP_PKEY *pkey, const char *key_name, 2204 unsigned char *buf, size_t max_buf_sz, 2205 size_t *out_len) 2206{ 2207 OSSL_PARAM params[2]; 2208 int ret1 = 0, ret2 = 0; 2209 2210 if (key_name == NULL) 2211 return 0; 2212 2213 params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, max_buf_sz); 2214 params[1] = OSSL_PARAM_construct_end(); 2215 if ((ret1 = EVP_PKEY_get_params(pkey, params))) 2216 ret2 = OSSL_PARAM_modified(params); 2217 if (ret2 && out_len != NULL) 2218 *out_len = params[0].return_size; 2219 return ret1 && ret2; 2220} 2221 2222int EVP_PKEY_get_utf8_string_param(const EVP_PKEY *pkey, const char *key_name, 2223 char *str, size_t max_buf_sz, 2224 size_t *out_len) 2225{ 2226 OSSL_PARAM params[2]; 2227 int ret1 = 0, ret2 = 0; 2228 2229 if (key_name == NULL) 2230 return 0; 2231 2232 params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, max_buf_sz); 2233 params[1] = OSSL_PARAM_construct_end(); 2234 if ((ret1 = EVP_PKEY_get_params(pkey, params))) 2235 ret2 = OSSL_PARAM_modified(params); 2236 if (ret2 && out_len != NULL) 2237 *out_len = params[0].return_size; 2238 2239 if (ret2 && params[0].return_size == max_buf_sz) 2240 /* There was no space for a NUL byte */ 2241 return 0; 2242 /* Add a terminating NUL byte for good measure */ 2243 if (ret2 && str != NULL) 2244 str[params[0].return_size] = '\0'; 2245 2246 return ret1 && ret2; 2247} 2248 2249int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name, 2250 int *out) 2251{ 2252 OSSL_PARAM params[2]; 2253 2254 if (key_name == NULL) 2255 return 0; 2256 2257 params[0] = OSSL_PARAM_construct_int(key_name, out); 2258 params[1] = OSSL_PARAM_construct_end(); 2259 return EVP_PKEY_get_params(pkey, params) 2260 && OSSL_PARAM_modified(params); 2261} 2262 2263int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name, 2264 size_t *out) 2265{ 2266 OSSL_PARAM params[2]; 2267 2268 if (key_name == NULL) 2269 return 0; 2270 2271 params[0] = OSSL_PARAM_construct_size_t(key_name, out); 2272 params[1] = OSSL_PARAM_construct_end(); 2273 return EVP_PKEY_get_params(pkey, params) 2274 && OSSL_PARAM_modified(params); 2275} 2276 2277int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in) 2278{ 2279 OSSL_PARAM params[2]; 2280 2281 if (key_name == NULL) 2282 return 0; 2283 2284 params[0] = OSSL_PARAM_construct_int(key_name, &in); 2285 params[1] = OSSL_PARAM_construct_end(); 2286 return EVP_PKEY_set_params(pkey, params); 2287} 2288 2289int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in) 2290{ 2291 OSSL_PARAM params[2]; 2292 2293 if (key_name == NULL) 2294 return 0; 2295 2296 params[0] = OSSL_PARAM_construct_size_t(key_name, &in); 2297 params[1] = OSSL_PARAM_construct_end(); 2298 return EVP_PKEY_set_params(pkey, params); 2299} 2300 2301int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, 2302 const BIGNUM *bn) 2303{ 2304 OSSL_PARAM params[2]; 2305 unsigned char buffer[2048]; 2306 int bsize = 0; 2307 2308 if (key_name == NULL 2309 || bn == NULL 2310 || pkey == NULL 2311 || !evp_pkey_is_assigned(pkey)) 2312 return 0; 2313 2314 bsize = BN_num_bytes(bn); 2315 if (!ossl_assert(bsize <= (int)sizeof(buffer))) 2316 return 0; 2317 2318 if (BN_bn2nativepad(bn, buffer, bsize) < 0) 2319 return 0; 2320 params[0] = OSSL_PARAM_construct_BN(key_name, buffer, bsize); 2321 params[1] = OSSL_PARAM_construct_end(); 2322 return EVP_PKEY_set_params(pkey, params); 2323} 2324 2325int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name, 2326 const char *str) 2327{ 2328 OSSL_PARAM params[2]; 2329 2330 if (key_name == NULL) 2331 return 0; 2332 2333 params[0] = OSSL_PARAM_construct_utf8_string(key_name, (char *)str, 0); 2334 params[1] = OSSL_PARAM_construct_end(); 2335 return EVP_PKEY_set_params(pkey, params); 2336} 2337 2338int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, 2339 const unsigned char *buf, size_t bsize) 2340{ 2341 OSSL_PARAM params[2]; 2342 2343 if (key_name == NULL) 2344 return 0; 2345 2346 params[0] = OSSL_PARAM_construct_octet_string(key_name, 2347 (unsigned char *)buf, bsize); 2348 params[1] = OSSL_PARAM_construct_end(); 2349 return EVP_PKEY_set_params(pkey, params); 2350} 2351 2352const OSSL_PARAM *EVP_PKEY_settable_params(const EVP_PKEY *pkey) 2353{ 2354 return (pkey != NULL && evp_pkey_is_provided(pkey)) 2355 ? EVP_KEYMGMT_settable_params(pkey->keymgmt) 2356 : NULL; 2357} 2358 2359int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]) 2360{ 2361 if (pkey != NULL) { 2362 if (evp_pkey_is_provided(pkey)) { 2363 pkey->dirty_cnt++; 2364 return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); 2365 } 2366#ifndef FIPS_MODULE 2367 /* 2368 * We will hopefully never find the need to set individual data in 2369 * EVP_PKEYs with a legacy internal key, but we can't be entirely 2370 * sure. This bit of code can be enabled if we find the need. If 2371 * not, it can safely be removed when #legacy support is removed. 2372 */ 2373# if 0 2374 else if (evp_pkey_is_legacy(pkey)) { 2375 return evp_pkey_set_params_to_ctrl(pkey, params); 2376 } 2377# endif 2378#endif 2379 } 2380 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY); 2381 return 0; 2382} 2383 2384const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey) 2385{ 2386 return (pkey != NULL && evp_pkey_is_provided(pkey)) 2387 ? EVP_KEYMGMT_gettable_params(pkey->keymgmt) 2388 : NULL; 2389} 2390 2391int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[]) 2392{ 2393 if (pkey != NULL) { 2394 if (evp_pkey_is_provided(pkey)) 2395 return evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params) > 0; 2396#ifndef FIPS_MODULE 2397 else if (evp_pkey_is_legacy(pkey)) 2398 return evp_pkey_get_params_to_ctrl(pkey, params) > 0; 2399#endif 2400 } 2401 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY); 2402 return 0; 2403} 2404 2405#ifndef FIPS_MODULE 2406int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey) 2407{ 2408 char name[80]; 2409 size_t name_len; 2410 2411 if (pkey == NULL) 2412 return 0; 2413 2414 if (pkey->keymgmt == NULL 2415 || pkey->keydata == NULL) { 2416# ifndef OPENSSL_NO_EC 2417 /* Might work through the legacy route */ 2418 const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); 2419 2420 if (ec == NULL) 2421 return 0; 2422 2423 return EC_KEY_get_conv_form(ec); 2424# else 2425 return 0; 2426# endif 2427 } 2428 2429 if (!EVP_PKEY_get_utf8_string_param(pkey, 2430 OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, 2431 name, sizeof(name), &name_len)) 2432 return 0; 2433 2434 if (strcmp(name, "uncompressed") == 0) 2435 return POINT_CONVERSION_UNCOMPRESSED; 2436 2437 if (strcmp(name, "compressed") == 0) 2438 return POINT_CONVERSION_COMPRESSED; 2439 2440 if (strcmp(name, "hybrid") == 0) 2441 return POINT_CONVERSION_HYBRID; 2442 2443 return 0; 2444} 2445 2446int EVP_PKEY_get_field_type(const EVP_PKEY *pkey) 2447{ 2448 char fstr[80]; 2449 size_t fstrlen; 2450 2451 if (pkey == NULL) 2452 return 0; 2453 2454 if (pkey->keymgmt == NULL 2455 || pkey->keydata == NULL) { 2456# ifndef OPENSSL_NO_EC 2457 /* Might work through the legacy route */ 2458 const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); 2459 const EC_GROUP *grp; 2460 2461 if (ec == NULL) 2462 return 0; 2463 grp = EC_KEY_get0_group(ec); 2464 if (grp == NULL) 2465 return 0; 2466 2467 return EC_GROUP_get_field_type(grp); 2468# else 2469 return 0; 2470# endif 2471 } 2472 2473 if (!EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_EC_FIELD_TYPE, 2474 fstr, sizeof(fstr), &fstrlen)) 2475 return 0; 2476 2477 if (strcmp(fstr, SN_X9_62_prime_field) == 0) 2478 return NID_X9_62_prime_field; 2479 else if (strcmp(fstr, SN_X9_62_characteristic_two_field)) 2480 return NID_X9_62_characteristic_two_field; 2481 2482 return 0; 2483} 2484#endif 2485