x_all.c revision 1.8 
1/* crypto/x509/x_all.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to.  The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 *    notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 *    notice, this list of conditions and the following disclaimer in the
30 *    documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 *    must display the following acknowledgement:
33 *    "This product includes cryptographic software written by
34 *     Eric Young (eay@cryptsoft.com)"
35 *    The word 'cryptographic' can be left out if the rouines from the library
36 *    being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 *    the apps directory (application code) you must include an acknowledgement:
39 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/stack.h>
61#include "cryptlib.h"
62#include <openssl/buffer.h>
63#include <openssl/asn1.h>
64#include <openssl/evp.h>
65#include <openssl/x509.h>
66#ifndef OPENSSL_NO_RSA
67#include <openssl/rsa.h>
68#endif
69#ifndef OPENSSL_NO_DSA
70#include <openssl/dsa.h>
71#endif
72
73int X509_verify(X509 *a, EVP_PKEY *r)
74	{
75	return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF),a->sig_alg,
76		a->signature,a->cert_info,r));
77	}
78
79int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
80	{
81	return( ASN1_item_verify(ASN1_ITEM_rptr(X509_REQ_INFO),
82		a->sig_alg,a->signature,a->req_info,r));
83	}
84
85int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
86	{
87	return(ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
88		a->sig_algor,a->signature,a->spkac,r));
89	}
90
91int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
92	{
93	return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), x->cert_info->signature,
94		x->sig_alg, x->signature, x->cert_info,pkey,md));
95	}
96
97int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
98	{
99	return(ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO),x->sig_alg, NULL,
100		x->signature, x->req_info,pkey,md));
101	}
102
103int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
104	{
105	x->crl->enc.modified = 1;
106	return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO),x->crl->sig_alg,
107		x->sig_alg, x->signature, x->crl,pkey,md));
108	}
109
110int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
111	{
112	return(ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor,NULL,
113		x->signature, x->spkac,pkey,md));
114	}
115
116#ifndef OPENSSL_NO_FP_API
117X509 *d2i_X509_fp(FILE *fp, X509 **x509)
118	{
119	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
120	}
121
122int i2d_X509_fp(FILE *fp, X509 *x509)
123	{
124	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
125	}
126#endif
127
128X509 *d2i_X509_bio(BIO *bp, X509 **x509)
129	{
130	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
131	}
132
133int i2d_X509_bio(BIO *bp, X509 *x509)
134	{
135	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
136	}
137
138#ifndef OPENSSL_NO_FP_API
139X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
140	{
141	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
142	}
143
144int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl)
145	{
146	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
147	}
148#endif
149
150X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
151	{
152	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
153	}
154
155int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl)
156	{
157	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
158	}
159
160#ifndef OPENSSL_NO_FP_API
161PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
162	{
163	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
164	}
165
166int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7)
167	{
168	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
169	}
170#endif
171
172PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
173	{
174	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
175	}
176
177int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7)
178	{
179	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
180	}
181
182#ifndef OPENSSL_NO_FP_API
183X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
184	{
185	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
186	}
187
188int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req)
189	{
190	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
191	}
192#endif
193
194X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
195	{
196	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
197	}
198
199int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req)
200	{
201	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
202	}
203
204#ifndef OPENSSL_NO_RSA
205
206#ifndef OPENSSL_NO_FP_API
207RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
208	{
209	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
210	}
211
212int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
213	{
214	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
215	}
216
217RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
218	{
219	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
220	}
221
222
223RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
224	{
225	return ASN1_d2i_fp((void *(*)(void))
226			   RSA_new,(D2I_OF(void))d2i_RSA_PUBKEY, fp,
227			   (void **)rsa);
228	}
229
230int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
231	{
232	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
233	}
234
235int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa)
236	{
237	return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY,fp,rsa);
238	}
239#endif
240
241RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
242	{
243	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
244	}
245
246int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
247	{
248	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
249	}
250
251RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
252	{
253	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
254	}
255
256
257RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
258	{
259	return ASN1_d2i_bio_of(RSA,RSA_new,d2i_RSA_PUBKEY,bp,rsa);
260	}
261
262int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
263	{
264	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
265	}
266
267int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
268	{
269	return ASN1_i2d_bio_of(RSA,i2d_RSA_PUBKEY,bp,rsa);
270	}
271#endif
272
273#ifndef OPENSSL_NO_DSA
274#ifndef OPENSSL_NO_FP_API
275DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
276	{
277	return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSAPrivateKey,fp,dsa);
278	}
279
280int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
281	{
282	return ASN1_i2d_fp_of_const(DSA,i2d_DSAPrivateKey,fp,dsa);
283	}
284
285DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
286	{
287	return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSA_PUBKEY,fp,dsa);
288	}
289
290int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa)
291	{
292	return ASN1_i2d_fp_of(DSA,i2d_DSA_PUBKEY,fp,dsa);
293	}
294#endif
295
296DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
297	{
298	return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAPrivateKey,bp,dsa
299);
300	}
301
302int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
303	{
304	return ASN1_i2d_bio_of_const(DSA,i2d_DSAPrivateKey,bp,dsa);
305	}
306
307DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
308	{
309	return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSA_PUBKEY,bp,dsa);
310	}
311
312int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
313	{
314	return ASN1_i2d_bio_of(DSA,i2d_DSA_PUBKEY,bp,dsa);
315	}
316
317#endif
318
319#ifndef OPENSSL_NO_EC
320#ifndef OPENSSL_NO_FP_API
321EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
322	{
323	return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,fp,eckey);
324	}
325
326int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey)
327	{
328	return ASN1_i2d_fp_of(EC_KEY,i2d_EC_PUBKEY,fp,eckey);
329	}
330
331EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
332	{
333	return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,fp,eckey);
334	}
335
336int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey)
337	{
338	return ASN1_i2d_fp_of(EC_KEY,i2d_ECPrivateKey,fp,eckey);
339	}
340#endif
341EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
342	{
343	return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,bp,eckey);
344	}
345
346int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa)
347	{
348	return ASN1_i2d_bio_of(EC_KEY,i2d_EC_PUBKEY,bp,ecdsa);
349	}
350
351EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
352	{
353	return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,bp,eckey);
354	}
355
356int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey)
357	{
358	return ASN1_i2d_bio_of(EC_KEY,i2d_ECPrivateKey,bp,eckey);
359	}
360#endif
361
362
363int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
364	     unsigned int *len)
365	{
366	ASN1_BIT_STRING *key;
367	key = X509_get0_pubkey_bitstr(data);
368	if(!key) return 0;
369	return EVP_Digest(key->data, key->length, md, len, type, NULL);
370	}
371
372int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
373	     unsigned int *len)
374	{
375	return(ASN1_item_digest(ASN1_ITEM_rptr(X509),type,(char *)data,md,len));
376	}
377
378int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
379	     unsigned int *len)
380	{
381	return(ASN1_item_digest(ASN1_ITEM_rptr(X509_CRL),type,(char *)data,md,len));
382	}
383
384int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md,
385	     unsigned int *len)
386	{
387	return(ASN1_item_digest(ASN1_ITEM_rptr(X509_REQ),type,(char *)data,md,len));
388	}
389
390int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md,
391	     unsigned int *len)
392	{
393	return(ASN1_item_digest(ASN1_ITEM_rptr(X509_NAME),type,(char *)data,md,len));
394	}
395
396int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *type,
397	     unsigned char *md, unsigned int *len)
398	{
399	return(ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL),type,
400		(char *)data,md,len));
401	}
402
403
404#ifndef OPENSSL_NO_FP_API
405X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
406	{
407	return ASN1_d2i_fp_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,fp,p8);
408	}
409
410int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
411	{
412	return ASN1_i2d_fp_of(X509_SIG,i2d_X509_SIG,fp,p8);
413	}
414#endif
415
416X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
417	{
418	return ASN1_d2i_bio_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,bp,p8);
419	}
420
421int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
422	{
423	return ASN1_i2d_bio_of(X509_SIG,i2d_X509_SIG,bp,p8);
424	}
425
426#ifndef OPENSSL_NO_FP_API
427PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
428						 PKCS8_PRIV_KEY_INFO **p8inf)
429	{
430	return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new,
431			      d2i_PKCS8_PRIV_KEY_INFO,fp,p8inf);
432	}
433
434int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
435	{
436	return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,fp,
437			      p8inf);
438	}
439
440int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
441	{
442	PKCS8_PRIV_KEY_INFO *p8inf;
443	int ret;
444	p8inf = EVP_PKEY2PKCS8(key);
445	if(!p8inf) return 0;
446	ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
447	PKCS8_PRIV_KEY_INFO_free(p8inf);
448	return ret;
449	}
450
451int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey)
452	{
453	return ASN1_i2d_fp_of(EVP_PKEY,i2d_PrivateKey,fp,pkey);
454	}
455
456EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
457{
458	return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,fp,a);
459}
460
461int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey)
462	{
463	return ASN1_i2d_fp_of(EVP_PKEY,i2d_PUBKEY,fp,pkey);
464	}
465
466EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
467{
468	return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,fp,a);
469}
470
471#endif
472
473PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
474						 PKCS8_PRIV_KEY_INFO **p8inf)
475	{
476	return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new,
477			    d2i_PKCS8_PRIV_KEY_INFO,bp,p8inf);
478	}
479
480int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
481	{
482	return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,bp,
483			       p8inf);
484	}
485
486int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
487	{
488	PKCS8_PRIV_KEY_INFO *p8inf;
489	int ret;
490	p8inf = EVP_PKEY2PKCS8(key);
491	if(!p8inf) return 0;
492	ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
493	PKCS8_PRIV_KEY_INFO_free(p8inf);
494	return ret;
495	}
496
497int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey)
498	{
499	return ASN1_i2d_bio_of(EVP_PKEY,i2d_PrivateKey,bp,pkey);
500	}
501
502EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
503	{
504	return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,bp,a);
505	}
506
507int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey)
508	{
509	return ASN1_i2d_bio_of(EVP_PKEY,i2d_PUBKEY,bp,pkey);
510	}
511
512EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
513	{
514	return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,bp,a);
515	}
516