x_all.c revision 1.15 
1/* crypto/x509/x_all.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to.  The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 *    notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 *    notice, this list of conditions and the following disclaimer in the
30 *    documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 *    must display the following acknowledgement:
33 *    "This product includes cryptographic software written by
34 *     Eric Young (eay@cryptsoft.com)"
35 *    The word 'cryptographic' can be left out if the rouines from the library
36 *    being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 *    the apps directory (application code) you must include an acknowledgement:
39 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/stack.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include <openssl/asn1.h>
64#include <openssl/evp.h>
65#include <openssl/x509.h>
66#ifndef OPENSSL_NO_RSA
67#include <openssl/rsa.h>
68#endif
69#ifndef OPENSSL_NO_DSA
70#include <openssl/dsa.h>
71#endif
72
73int
74X509_verify(X509 *a, EVP_PKEY *r)
75{
76	return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF), a->sig_alg,
77	    a->signature, a->cert_info, r));
78}
79
80int
81X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
82{
83	return( ASN1_item_verify(ASN1_ITEM_rptr(X509_REQ_INFO),
84	    a->sig_alg, a->signature, a->req_info, r));
85}
86
87int
88NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
89{
90	return(ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
91	    a->sig_algor, a->signature, a->spkac, r));
92}
93
94int
95X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
96{
97	x->cert_info->enc.modified = 1;
98	return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF),
99	    x->cert_info->signature, x->sig_alg, x->signature,
100	    x->cert_info, pkey, md));
101}
102
103int
104X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
105{
106	x->cert_info->enc.modified = 1;
107	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
108	    x->cert_info->signature, x->sig_alg, x->signature,
109	    x->cert_info, ctx);
110}
111
112int
113X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
114{
115	return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO),
116	    x->sig_alg, NULL, x->signature, x->req_info, pkey, md));
117}
118
119int
120X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
121{
122	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
123	    x->sig_alg, NULL, x->signature, x->req_info, ctx);
124}
125
126int
127X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
128{
129	x->crl->enc.modified = 1;
130	return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO), x->crl->sig_alg,
131	    x->sig_alg, x->signature, x->crl, pkey, md));
132}
133
134int
135X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
136{
137	x->crl->enc.modified = 1;
138	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
139	    x->crl->sig_alg, x->sig_alg, x->signature, x->crl, ctx);
140}
141
142int
143NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
144{
145	return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
146	    x->sig_algor, NULL, x->signature, x->spkac, pkey, md));
147}
148
149X509 *
150d2i_X509_fp(FILE *fp, X509 **x509)
151{
152	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
153}
154
155int
156i2d_X509_fp(FILE *fp, X509 *x509)
157{
158	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
159}
160
161X509 *
162d2i_X509_bio(BIO *bp, X509 **x509)
163{
164	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
165}
166
167int
168i2d_X509_bio(BIO *bp, X509 *x509)
169{
170	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
171}
172
173X509_CRL *
174d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
175{
176	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
177}
178
179int
180i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl)
181{
182	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
183}
184
185X509_CRL *
186d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
187{
188	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
189}
190
191int
192i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl)
193{
194	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
195}
196
197PKCS7 *
198d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
199{
200	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
201}
202
203int
204i2d_PKCS7_fp(FILE *fp, PKCS7 *p7)
205{
206	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
207}
208
209PKCS7 *
210d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
211{
212	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
213}
214
215int
216i2d_PKCS7_bio(BIO *bp, PKCS7 *p7)
217{
218	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
219}
220
221X509_REQ *
222d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
223{
224	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
225}
226
227int
228i2d_X509_REQ_fp(FILE *fp, X509_REQ *req)
229{
230	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
231}
232
233X509_REQ *
234d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
235{
236	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
237}
238
239int
240i2d_X509_REQ_bio(BIO *bp, X509_REQ *req)
241{
242	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
243}
244
245#ifndef OPENSSL_NO_RSA
246
247RSA *
248d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
249{
250	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
251}
252
253int
254i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
255{
256	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
257}
258
259RSA *
260d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
261{
262	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
263}
264
265
266RSA *
267d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
268{
269	return ASN1_d2i_fp((void *(*)(void))RSA_new,
270	    (D2I_OF(void))d2i_RSA_PUBKEY, fp, (void **)rsa);
271}
272
273int
274i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
275{
276	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
277}
278
279int
280i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa)
281{
282	return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa);
283}
284
285RSA *
286d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
287{
288	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
289}
290
291int
292i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
293{
294	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
295}
296
297RSA *
298d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
299{
300	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
301}
302
303
304RSA *
305d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
306{
307	return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa);
308}
309
310int
311i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
312{
313	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
314}
315
316int
317i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
318{
319	return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa);
320}
321#endif
322
323#ifndef OPENSSL_NO_DSA
324DSA *
325d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
326{
327	return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSAPrivateKey, fp, dsa);
328}
329
330int
331i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
332{
333	return ASN1_i2d_fp_of_const(DSA, i2d_DSAPrivateKey, fp, dsa);
334}
335
336DSA *
337d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
338{
339	return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa);
340}
341
342int
343i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa)
344{
345	return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa);
346}
347
348DSA *
349d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
350{
351	return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAPrivateKey, bp, dsa);
352}
353
354int
355i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
356{
357	return ASN1_i2d_bio_of_const(DSA, i2d_DSAPrivateKey, bp, dsa);
358}
359
360DSA *
361d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
362{
363	return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa);
364}
365
366int
367i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
368{
369	return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa);
370}
371
372#endif
373
374#ifndef OPENSSL_NO_EC
375EC_KEY *
376d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
377{
378	return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey);
379}
380
381int
382i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey)
383{
384	return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey);
385}
386
387EC_KEY *
388d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
389{
390	return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey);
391}
392
393int
394i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey)
395{
396	return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey);
397}
398EC_KEY *
399d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
400{
401	return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey);
402}
403
404int
405i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa)
406{
407	return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa);
408}
409
410EC_KEY *
411d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
412{
413	return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey);
414}
415
416int
417i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey)
418{
419	return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey);
420}
421#endif
422
423
424int
425X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
426    unsigned int *len)
427{
428	ASN1_BIT_STRING *key;
429	key = X509_get0_pubkey_bitstr(data);
430	if (!key)
431		return 0;
432	return EVP_Digest(key->data, key->length, md, len, type, NULL);
433}
434
435int
436X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
437    unsigned int *len)
438{
439	return (ASN1_item_digest(ASN1_ITEM_rptr(X509), type, (char *)data,
440	    md, len));
441}
442
443int
444X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
445    unsigned int *len)
446{
447	return (ASN1_item_digest(ASN1_ITEM_rptr(X509_CRL), type, (char *)data,
448	    md, len));
449}
450
451int
452X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md,
453    unsigned int *len)
454{
455	return (ASN1_item_digest(ASN1_ITEM_rptr(X509_REQ), type, (char *)data,
456	    md, len));
457}
458
459int
460X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md,
461    unsigned int *len)
462{
463	return (ASN1_item_digest(ASN1_ITEM_rptr(X509_NAME), type, (char *)data,
464	    md, len));
465}
466
467int
468PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
469    const EVP_MD *type, unsigned char *md, unsigned int *len)
470{
471	return(ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL), type,
472	    (char *)data, md, len));
473}
474
475
476X509_SIG *
477d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
478{
479	return ASN1_d2i_fp_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, fp, p8);
480}
481
482int
483i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
484{
485	return ASN1_i2d_fp_of(X509_SIG, i2d_X509_SIG, fp, p8);
486}
487
488X509_SIG *
489d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
490{
491	return ASN1_d2i_bio_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, bp, p8);
492}
493
494int
495i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
496{
497	return ASN1_i2d_bio_of(X509_SIG, i2d_X509_SIG, bp, p8);
498}
499
500PKCS8_PRIV_KEY_INFO *
501d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf)
502{
503	return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
504	    d2i_PKCS8_PRIV_KEY_INFO, fp, p8inf);
505}
506
507int
508i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
509{
510	return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO,
511	    fp, p8inf);
512}
513
514int
515i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
516{
517	PKCS8_PRIV_KEY_INFO *p8inf;
518	int ret;
519	p8inf = EVP_PKEY2PKCS8(key);
520	if (!p8inf)
521		return 0;
522	ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
523	PKCS8_PRIV_KEY_INFO_free(p8inf);
524	return ret;
525}
526
527int
528i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey)
529{
530	return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey);
531}
532
533EVP_PKEY *
534d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
535{
536	return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey,
537	    fp, a);
538}
539
540int
541i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey)
542{
543	return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey);
544}
545
546EVP_PKEY *
547d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
548{
549	return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, fp, a);
550}
551
552
553PKCS8_PRIV_KEY_INFO *
554d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf)
555{
556	return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
557	    d2i_PKCS8_PRIV_KEY_INFO, bp, p8inf);
558}
559
560int
561i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
562{
563	return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO,
564	    bp, p8inf);
565}
566
567int
568i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
569{
570	PKCS8_PRIV_KEY_INFO *p8inf;
571	int ret;
572
573	p8inf = EVP_PKEY2PKCS8(key);
574	if (!p8inf)
575		return 0;
576	ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
577	PKCS8_PRIV_KEY_INFO_free(p8inf);
578	return ret;
579}
580
581int
582i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey)
583{
584	return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey);
585}
586
587EVP_PKEY *
588d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
589{
590	return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey,
591	    bp, a);
592}
593
594int
595i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey)
596{
597	return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey);
598}
599
600EVP_PKEY *
601d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
602{
603	return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, bp, a);
604}
605