60
60
#include "cryptlib.h"
61
61
#include <openssl/asn1t.h>
62
62
#include <openssl/x509.h>
63
#ifndef OPENSSL_NO_RSA
64
#include <openssl/rsa.h>
66
#ifndef OPENSSL_NO_DSA
67
#include <openssl/dsa.h>
64
70
/* Minor tweak to operation: free up EVP_PKEY */
65
71
static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
67
if(operation == ASN1_OP_FREE_POST) {
73
if (operation == ASN1_OP_FREE_POST)
68
75
X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
69
76
EVP_PKEY_free(pubkey->pkey);
74
81
ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
75
82
ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
104
110
(a->parameter->type != V_ASN1_NULL))
106
112
ASN1_TYPE_free(a->parameter);
107
a->parameter=ASN1_TYPE_new();
113
if (!(a->parameter=ASN1_TYPE_new()))
115
X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
108
118
a->parameter->type=V_ASN1_NULL;
112
121
#ifndef OPENSSL_NO_DSA
113
if (pkey->type == EVP_PKEY_DSA)
122
else if (pkey->type == EVP_PKEY_DSA)
115
124
unsigned char *pp;
118
127
dsa=pkey->pkey.dsa;
119
128
dsa->write_params=0;
120
129
ASN1_TYPE_free(a->parameter);
121
i=i2d_DSAparams(dsa,NULL);
122
if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err;
130
if ((i=i2d_DSAparams(dsa,NULL)) <= 0)
132
if (!(p=(unsigned char *)OPENSSL_malloc(i)))
134
X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
124
138
i2d_DSAparams(dsa,&pp);
125
a->parameter=ASN1_TYPE_new();
139
if (!(a->parameter=ASN1_TYPE_new()))
142
X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
126
145
a->parameter->type=V_ASN1_SEQUENCE;
127
a->parameter->value.sequence=ASN1_STRING_new();
128
ASN1_STRING_set(a->parameter->value.sequence,p,i);
146
if (!(a->parameter->value.sequence=ASN1_STRING_new()))
149
X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
152
if (!ASN1_STRING_set(a->parameter->value.sequence,p,i))
155
X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
161
#ifndef OPENSSL_NO_EC
162
else if (pkey->type == EVP_PKEY_EC)
167
const EC_GROUP *group;
169
ec_key = pkey->pkey.ec;
170
ASN1_TYPE_free(a->parameter);
172
if ((a->parameter = ASN1_TYPE_new()) == NULL)
174
X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
178
group = EC_KEY_get0_group(ec_key);
179
if (EC_GROUP_get_asn1_flag(group)
180
&& (nid = EC_GROUP_get_curve_name(group)))
182
/* just set the OID */
183
a->parameter->type = V_ASN1_OBJECT;
184
a->parameter->value.object = OBJ_nid2obj(nid);
186
else /* explicit parameters */
188
if ((i = i2d_ECParameters(ec_key, NULL)) == 0)
190
X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
193
if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
195
X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
199
if (!i2d_ECParameters(ec_key, &pp))
201
X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
205
a->parameter->type = V_ASN1_SEQUENCE;
206
if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL)
208
X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
212
ASN1_STRING_set(a->parameter->value.sequence, p, i);
134
219
X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
145
230
i2d_PublicKey(pkey,&p);
146
if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
147
/* Set number of unused bits to zero */
231
if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i))
233
X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
236
/* Set number of unused bits to zero */
148
237
pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
149
238
pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
181
269
if (key == NULL) goto err;
183
271
if (key->pkey != NULL)
185
CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
273
CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
189
277
if (key->public_key == NULL) goto err;
191
279
type=OBJ_obj2nid(key->algor->algorithm);
192
p=key->public_key->data;
193
j=key->public_key->length;
194
if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL)
280
if ((ret = EVP_PKEY_new()) == NULL)
196
X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB);
282
X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
199
ret->save_parameters=0;
285
ret->type = EVP_PKEY_type(type);
201
#ifndef OPENSSL_NO_DSA
287
/* the parameters must be extracted before the public key (ECDSA!) */
289
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
203
if (ret->type == EVP_PKEY_DSA)
295
#ifndef OPENSSL_NO_DSA
296
else if (ret->type == EVP_PKEY_DSA)
205
298
if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
300
if ((ret->pkey.dsa = DSA_new()) == NULL)
302
X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
207
305
ret->pkey.dsa->write_params=0;
208
306
cp=p=a->parameter->value.sequence->data;
209
307
j=a->parameter->value.sequence->length;
210
if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j))
308
if (!d2i_DSAparams(&ret->pkey.dsa, &cp, (long)j))
213
311
ret->save_parameters=1;
217
CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY);
314
#ifndef OPENSSL_NO_EC
315
else if (ret->type == EVP_PKEY_EC)
317
if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
319
/* type == V_ASN1_SEQUENCE => we have explicit parameters
320
* (e.g. parameters in the X9_62_EC_PARAMETERS-structure )
322
if ((ret->pkey.ec= EC_KEY_new()) == NULL)
324
X509err(X509_F_X509_PUBKEY_GET,
325
ERR_R_MALLOC_FAILURE);
328
cp = p = a->parameter->value.sequence->data;
329
j = a->parameter->value.sequence->length;
330
if (!d2i_ECParameters(&ret->pkey.ec, &cp, (long)j))
332
X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB);
336
else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT))
338
/* type == V_ASN1_OBJECT => the parameters are given
344
if (ret->pkey.ec == NULL)
345
ret->pkey.ec = EC_KEY_new();
346
ec_key = ret->pkey.ec;
349
group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object));
352
EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
353
if (EC_KEY_set_group(ec_key, group) == 0)
355
EC_GROUP_free(group);
357
/* the case implicitlyCA is currently not implemented */
358
ret->save_parameters = 1;
362
p=key->public_key->data;
363
j=key->public_key->length;
364
if (!d2i_PublicKey(type, &ret, &p, (long)j))
366
X509err(X509_F_X509_PUBKEY_GET, X509_R_ERR_ASN1_LIB);
371
CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
252
407
ret = i2d_X509_PUBKEY(xpk, pp);
253
408
X509_PUBKEY_free(xpk);
257
412
/* The following are equivalents but which return RSA and DSA
260
415
#ifndef OPENSSL_NO_RSA
261
RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp,
416
RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp,
421
const unsigned char *q;
268
423
pkey = d2i_PUBKEY(NULL, &q, length);
269
if(!pkey) return NULL;
424
if (!pkey) return NULL;
270
425
key = EVP_PKEY_get1_RSA(pkey);
271
426
EVP_PKEY_free(pkey);
272
if(!key) return NULL;
427
if (!key) return NULL;
281
437
int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
286
442
pktmp = EVP_PKEY_new();
288
445
ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
291
448
EVP_PKEY_set1_RSA(pktmp, a);
292
449
ret = i2d_PUBKEY(pktmp, pp);
293
450
EVP_PKEY_free(pktmp);
298
455
#ifndef OPENSSL_NO_DSA
299
DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp,
456
DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp,
461
const unsigned char *q;
306
463
pkey = d2i_PUBKEY(NULL, &q, length);
307
if(!pkey) return NULL;
464
if (!pkey) return NULL;
308
465
key = EVP_PKEY_get1_DSA(pkey);
309
466
EVP_PKEY_free(pkey);
310
if(!key) return NULL;
467
if (!key) return NULL;
319
477
int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
324
482
pktmp = EVP_PKEY_new();
326
485
ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
329
488
EVP_PKEY_set1_DSA(pktmp, a);
330
489
ret = i2d_PUBKEY(pktmp, pp);
331
490
EVP_PKEY_free(pktmp);
495
#ifndef OPENSSL_NO_EC
496
EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
500
const unsigned char *q;
502
pkey = d2i_PUBKEY(NULL, &q, length);
503
if (!pkey) return(NULL);
504
key = EVP_PKEY_get1_EC_KEY(pkey);
506
if (!key) return(NULL);
516
int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
521
if ((pktmp = EVP_PKEY_new()) == NULL)
523
ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
526
EVP_PKEY_set1_EC_KEY(pktmp, a);
527
ret = i2d_PUBKEY(pktmp, pp);
528
EVP_PKEY_free(pktmp);