1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2  * All rights reserved.
3  *
4  * This package is an SSL implementation written
5  * by Eric Young (eay@cryptsoft.com).
6  * The implementation was written so as to conform with Netscapes SSL.
7  *
8  * This library is free for commercial and non-commercial use as long as
9  * the following conditions are aheared to.  The following conditions
10  * apply to all code found in this distribution, be it the RC4, RSA,
11  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
12  * included with this distribution is covered by the same copyright terms
13  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14  *
15  * Copyright remains Eric Young's, and as such any Copyright notices in
16  * the code are not to be removed.
17  * If this package is used in a product, Eric Young should be given attribution
18  * as the author of the parts of the library used.
19  * This can be in the form of a textual message at program startup or
20  * in documentation (online or textual) provided with the package.
21  *
22  * Redistribution and use in source and binary forms, with or without
23  * modification, are permitted provided that the following conditions
24  * are met:
25  * 1. Redistributions of source code must retain the copyright
26  *    notice, this list of conditions and the following disclaimer.
27  * 2. Redistributions in binary form must reproduce the above copyright
28  *    notice, this list of conditions and the following disclaimer in the
29  *    documentation and/or other materials provided with the distribution.
30  * 3. All advertising materials mentioning features or use of this software
31  *    must display the following acknowledgement:
32  *    "This product includes cryptographic software written by
33  *     Eric Young (eay@cryptsoft.com)"
34  *    The word 'cryptographic' can be left out if the rouines from the library
35  *    being used are not cryptographic related :-).
36  * 4. If you include any Windows specific code (or a derivative thereof) from
37  *    the apps directory (application code) you must include an acknowledgement:
38  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39  *
40  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50  * SUCH DAMAGE.
51  *
52  * The licence and distribution terms for any publically available version or
53  * derivative of this code cannot be changed.  i.e. this code cannot simply be
54  * copied and put under another distribution licence
55  * [including the GNU Public Licence.] */
56 
57 #include <openssl/evp.h>
58 
59 #include <assert.h>
60 #include <string.h>
61 
62 #include <openssl/bio.h>
63 #include <openssl/dsa.h>
64 #include <openssl/ec.h>
65 #include <openssl/err.h>
66 #include <openssl/mem.h>
67 #include <openssl/obj.h>
68 #include <openssl/rsa.h>
69 #include <openssl/thread.h>
70 
71 #include "internal.h"
72 #include "../internal.h"
73 
74 
EVP_PKEY_new(void)75 EVP_PKEY *EVP_PKEY_new(void) {
76   EVP_PKEY *ret;
77 
78   ret = OPENSSL_malloc(sizeof(EVP_PKEY));
79   if (ret == NULL) {
80     OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
81     return NULL;
82   }
83 
84   memset(ret, 0, sizeof(EVP_PKEY));
85   ret->type = EVP_PKEY_NONE;
86   ret->references = 1;
87 
88   return ret;
89 }
90 
free_it(EVP_PKEY * pkey)91 static void free_it(EVP_PKEY *pkey) {
92   if (pkey->ameth && pkey->ameth->pkey_free) {
93     pkey->ameth->pkey_free(pkey);
94     pkey->pkey.ptr = NULL;
95     pkey->type = EVP_PKEY_NONE;
96   }
97 }
98 
EVP_PKEY_free(EVP_PKEY * pkey)99 void EVP_PKEY_free(EVP_PKEY *pkey) {
100   if (pkey == NULL) {
101     return;
102   }
103 
104   if (!CRYPTO_refcount_dec_and_test_zero(&pkey->references)) {
105     return;
106   }
107 
108   free_it(pkey);
109   OPENSSL_free(pkey);
110 }
111 
EVP_PKEY_up_ref(EVP_PKEY * pkey)112 EVP_PKEY *EVP_PKEY_up_ref(EVP_PKEY *pkey) {
113   CRYPTO_refcount_inc(&pkey->references);
114   return pkey;
115 }
116 
EVP_PKEY_is_opaque(const EVP_PKEY * pkey)117 int EVP_PKEY_is_opaque(const EVP_PKEY *pkey) {
118   if (pkey->ameth && pkey->ameth->pkey_opaque) {
119     return pkey->ameth->pkey_opaque(pkey);
120   }
121   return 0;
122 }
123 
EVP_PKEY_supports_digest(const EVP_PKEY * pkey,const EVP_MD * md)124 int EVP_PKEY_supports_digest(const EVP_PKEY *pkey, const EVP_MD *md) {
125   if (pkey->ameth && pkey->ameth->pkey_supports_digest) {
126     return pkey->ameth->pkey_supports_digest(pkey, md);
127   }
128   return 1;
129 }
130 
EVP_PKEY_cmp(const EVP_PKEY * a,const EVP_PKEY * b)131 int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) {
132   if (a->type != b->type) {
133     return -1;
134   }
135 
136   if (a->ameth) {
137     int ret;
138     /* Compare parameters if the algorithm has them */
139     if (a->ameth->param_cmp) {
140       ret = a->ameth->param_cmp(a, b);
141       if (ret <= 0) {
142         return ret;
143       }
144     }
145 
146     if (a->ameth->pub_cmp) {
147       return a->ameth->pub_cmp(a, b);
148     }
149   }
150 
151   return -2;
152 }
153 
EVP_PKEY_copy_parameters(EVP_PKEY * to,const EVP_PKEY * from)154 int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) {
155   if (to->type != from->type) {
156     OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES);
157     goto err;
158   }
159 
160   if (EVP_PKEY_missing_parameters(from)) {
161     OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS);
162     goto err;
163   }
164 
165   if (from->ameth && from->ameth->param_copy) {
166     return from->ameth->param_copy(to, from);
167   }
168 
169 err:
170   return 0;
171 }
172 
EVP_PKEY_missing_parameters(const EVP_PKEY * pkey)173 int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) {
174   if (pkey->ameth && pkey->ameth->param_missing) {
175     return pkey->ameth->param_missing(pkey);
176   }
177   return 0;
178 }
179 
EVP_PKEY_size(const EVP_PKEY * pkey)180 int EVP_PKEY_size(const EVP_PKEY *pkey) {
181   if (pkey && pkey->ameth && pkey->ameth->pkey_size) {
182     return pkey->ameth->pkey_size(pkey);
183   }
184   return 0;
185 }
186 
EVP_PKEY_bits(EVP_PKEY * pkey)187 int EVP_PKEY_bits(EVP_PKEY *pkey) {
188   if (pkey && pkey->ameth && pkey->ameth->pkey_bits) {
189     return pkey->ameth->pkey_bits(pkey);
190   }
191   return 0;
192 }
193 
EVP_PKEY_id(const EVP_PKEY * pkey)194 int EVP_PKEY_id(const EVP_PKEY *pkey) {
195   return pkey->type;
196 }
197 
198 /* TODO(fork): remove the first argument. */
EVP_PKEY_asn1_find(ENGINE ** pengine,int nid)199 const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pengine, int nid) {
200   switch (nid) {
201     case EVP_PKEY_RSA:
202     case EVP_PKEY_RSA2:
203       return &rsa_asn1_meth;
204     case EVP_PKEY_EC:
205       return &ec_asn1_meth;
206     case EVP_PKEY_DSA:
207       return &dsa_asn1_meth;
208     default:
209       return NULL;
210   }
211 }
212 
EVP_PKEY_type(int nid)213 int EVP_PKEY_type(int nid) {
214   const EVP_PKEY_ASN1_METHOD *meth = EVP_PKEY_asn1_find(NULL, nid);
215   if (meth == NULL) {
216     return NID_undef;
217   }
218   return meth->pkey_id;
219 }
220 
EVP_PKEY_set1_RSA(EVP_PKEY * pkey,RSA * key)221 int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) {
222   if (EVP_PKEY_assign_RSA(pkey, key)) {
223     RSA_up_ref(key);
224     return 1;
225   }
226   return 0;
227 }
228 
EVP_PKEY_assign_RSA(EVP_PKEY * pkey,RSA * key)229 int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key) {
230   return EVP_PKEY_assign(pkey, EVP_PKEY_RSA, key);
231 }
232 
EVP_PKEY_get0_RSA(EVP_PKEY * pkey)233 RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) {
234   if (pkey->type != EVP_PKEY_RSA) {
235     OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_RSA_KEY);
236     return NULL;
237   }
238   return pkey->pkey.rsa;
239 }
240 
EVP_PKEY_get1_RSA(EVP_PKEY * pkey)241 RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) {
242   RSA *rsa = EVP_PKEY_get0_RSA(pkey);
243   if (rsa != NULL) {
244     RSA_up_ref(rsa);
245   }
246   return rsa;
247 }
248 
EVP_PKEY_set1_DSA(EVP_PKEY * pkey,DSA * key)249 int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) {
250   if (EVP_PKEY_assign_DSA(pkey, key)) {
251     DSA_up_ref(key);
252     return 1;
253   }
254   return 0;
255 }
256 
EVP_PKEY_assign_DSA(EVP_PKEY * pkey,DSA * key)257 int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key) {
258   return EVP_PKEY_assign(pkey, EVP_PKEY_DSA, key);
259 }
260 
EVP_PKEY_get0_DSA(EVP_PKEY * pkey)261 DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey) {
262   if (pkey->type != EVP_PKEY_DSA) {
263     OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DSA_KEY);
264     return NULL;
265   }
266   return pkey->pkey.dsa;
267 }
268 
EVP_PKEY_get1_DSA(EVP_PKEY * pkey)269 DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) {
270   DSA *dsa = EVP_PKEY_get0_DSA(pkey);
271   if (dsa != NULL) {
272     DSA_up_ref(dsa);
273   }
274   return dsa;
275 }
276 
EVP_PKEY_set1_EC_KEY(EVP_PKEY * pkey,EC_KEY * key)277 int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) {
278   if (EVP_PKEY_assign_EC_KEY(pkey, key)) {
279     EC_KEY_up_ref(key);
280     return 1;
281   }
282   return 0;
283 }
284 
EVP_PKEY_assign_EC_KEY(EVP_PKEY * pkey,EC_KEY * key)285 int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) {
286   return EVP_PKEY_assign(pkey, EVP_PKEY_EC, key);
287 }
288 
EVP_PKEY_get0_EC_KEY(EVP_PKEY * pkey)289 EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) {
290   if (pkey->type != EVP_PKEY_EC) {
291     OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_EC_KEY_KEY);
292     return NULL;
293   }
294   return pkey->pkey.ec;
295 }
296 
EVP_PKEY_get1_EC_KEY(EVP_PKEY * pkey)297 EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) {
298   EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(pkey);
299   if (ec_key != NULL) {
300     EC_KEY_up_ref(ec_key);
301   }
302   return ec_key;
303 }
304 
EVP_PKEY_assign(EVP_PKEY * pkey,int type,void * key)305 int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) {
306   if (!EVP_PKEY_set_type(pkey, type)) {
307     return 0;
308   }
309   pkey->pkey.ptr = key;
310   return key != NULL;
311 }
312 
EVP_PKEY_asn1_find_str(ENGINE ** pengine,const char * name,size_t len)313 const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pengine,
314                                                    const char *name,
315                                                    size_t len) {
316   if (len == 3 && memcmp(name, "RSA", 3) == 0) {
317     return &rsa_asn1_meth;
318   } if (len == 2 && memcmp(name, "EC", 2) == 0) {
319     return &ec_asn1_meth;
320   } else if (len == 3 && memcmp(name, "DSA", 3) == 0) {
321     return &dsa_asn1_meth;
322   }
323   return NULL;
324 }
325 
EVP_PKEY_set_type(EVP_PKEY * pkey,int type)326 int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) {
327   const EVP_PKEY_ASN1_METHOD *ameth;
328 
329   if (pkey && pkey->pkey.ptr) {
330     free_it(pkey);
331   }
332 
333   ameth = EVP_PKEY_asn1_find(NULL, type);
334   if (ameth == NULL) {
335     OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);
336     ERR_add_error_dataf("algorithm %d (%s)", type, OBJ_nid2sn(type));
337     return 0;
338   }
339 
340   if (pkey) {
341     pkey->ameth = ameth;
342     pkey->type = pkey->ameth->pkey_id;
343   }
344 
345   return 1;
346 }
347 
348 
349 
EVP_PKEY_cmp_parameters(const EVP_PKEY * a,const EVP_PKEY * b)350 int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) {
351   if (a->type != b->type) {
352     return -1;
353   }
354   if (a->ameth && a->ameth->param_cmp) {
355     return a->ameth->param_cmp(a, b);
356   }
357   return -2;
358 }
359 
print_unsupported(BIO * out,const EVP_PKEY * pkey,int indent,const char * kstr)360 static int print_unsupported(BIO *out, const EVP_PKEY *pkey, int indent,
361                              const char *kstr) {
362   BIO_indent(out, indent, 128);
363   BIO_printf(out, "%s algorithm \"%s\" unsupported\n", kstr,
364              OBJ_nid2ln(pkey->type));
365   return 1;
366 }
367 
EVP_PKEY_print_public(BIO * out,const EVP_PKEY * pkey,int indent,ASN1_PCTX * pctx)368 int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent,
369                           ASN1_PCTX *pctx) {
370   if (pkey->ameth && pkey->ameth->pub_print) {
371     return pkey->ameth->pub_print(out, pkey, indent, pctx);
372   }
373 
374   return print_unsupported(out, pkey, indent, "Public Key");
375 }
376 
EVP_PKEY_print_private(BIO * out,const EVP_PKEY * pkey,int indent,ASN1_PCTX * pctx)377 int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent,
378                            ASN1_PCTX *pctx) {
379   if (pkey->ameth && pkey->ameth->priv_print) {
380     return pkey->ameth->priv_print(out, pkey, indent, pctx);
381   }
382 
383   return print_unsupported(out, pkey, indent, "Private Key");
384 }
385 
EVP_PKEY_print_params(BIO * out,const EVP_PKEY * pkey,int indent,ASN1_PCTX * pctx)386 int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent,
387                           ASN1_PCTX *pctx) {
388   if (pkey->ameth && pkey->ameth->param_print) {
389     return pkey->ameth->param_print(out, pkey, indent, pctx);
390   }
391 
392   return print_unsupported(out, pkey, indent, "Parameters");
393 }
394 
EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX * ctx,const EVP_MD * md)395 int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) {
396   return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_MD, 0,
397                            (void *)md);
398 }
399 
EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX * ctx,const EVP_MD ** out_md)400 int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **out_md) {
401   return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_GET_MD,
402                            0, (void *)out_md);
403 }
404 
OpenSSL_add_all_algorithms(void)405 void OpenSSL_add_all_algorithms(void) {}
406 
OpenSSL_add_all_ciphers(void)407 void OpenSSL_add_all_ciphers(void) {}
408 
OpenSSL_add_all_digests(void)409 void OpenSSL_add_all_digests(void) {}
410 
EVP_cleanup(void)411 void EVP_cleanup(void) {}
412