← Back to branch summary

~ubuntu-branches/ubuntu/maverick/openssl/maverick

« back to all changes in this revision

Viewing changes to crypto/asn1/x_pubkey.c

  • Committer: Bazaar Package Importer
  • Author(s): Kurt Roeckx
  • Date: 2005-12-13 21:37:42 UTC
  • mto: (11.1.1 lenny)
  • mto: This revision was merged to the branch mainline in revision 4.
  • Revision ID: james.westby@ubuntu.com-20051213213742-d0ydaylf80l16bj1
Tags: upstream-0.9.8a
ImportĀ upstreamĀ versionĀ 0.9.8a

Show diffs side-by-side

added added

removed removed

Lines of Context:
crypto/asn1/x_pubkey.c
60
60
#include "cryptlib.h"
61
61
#include <openssl/asn1t.h>
62
62
#include <openssl/x509.h>
 
63
#ifndef OPENSSL_NO_RSA
 
64
#include <openssl/rsa.h>
 
65
#endif
 
66
#ifndef OPENSSL_NO_DSA
 
67
#include <openssl/dsa.h>
 
68
#endif
63
69
 
64
70
/* Minor tweak to operation: free up EVP_PKEY */
65
71
static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
66
 
{
67
 
        if(operation == ASN1_OP_FREE_POST) {
 
72
        {
 
73
        if (operation == ASN1_OP_FREE_POST)
 
74
                {
68
75
                X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
69
76
                EVP_PKEY_free(pubkey->pkey);
 
77
                }
 
78
        return 1;
70
79
        }
71
 
        return 1;
72
 
}
73
80
 
74
81
ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
75
82
        ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
80
87
 
81
88
int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
82
89
        {
83
 
        int ok=0;
84
 
        X509_PUBKEY *pk;
 
90
        X509_PUBKEY *pk=NULL;
85
91
        X509_ALGOR *a;
86
92
        ASN1_OBJECT *o;
87
93
        unsigned char *s,*p = NULL;
104
110
                        (a->parameter->type != V_ASN1_NULL))
105
111
                        {
106
112
                        ASN1_TYPE_free(a->parameter);
107
 
                        a->parameter=ASN1_TYPE_new();
 
113
                        if (!(a->parameter=ASN1_TYPE_new()))
 
114
                                {
 
115
                                X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
 
116
                                goto err;
 
117
                                }
108
118
                        a->parameter->type=V_ASN1_NULL;
109
119
                        }
110
120
                }
111
 
        else
112
121
#ifndef OPENSSL_NO_DSA
113
 
                if (pkey->type == EVP_PKEY_DSA)
 
122
        else if (pkey->type == EVP_PKEY_DSA)
114
123
                {
115
124
                unsigned char *pp;
116
125
                DSA *dsa;
117
 
 
 
126
                
118
127
                dsa=pkey->pkey.dsa;
119
128
                dsa->write_params=0;
120
129
                ASN1_TYPE_free(a->parameter);
121
 
                i=i2d_DSAparams(dsa,NULL);
122
 
                if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err;
 
130
                if ((i=i2d_DSAparams(dsa,NULL)) <= 0)
 
131
                        goto err;
 
132
                if (!(p=(unsigned char *)OPENSSL_malloc(i)))
 
133
                        {
 
134
                        X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
 
135
                        goto err;
 
136
                        }
123
137
                pp=p;
124
138
                i2d_DSAparams(dsa,&pp);
125
 
                a->parameter=ASN1_TYPE_new();
 
139
                if (!(a->parameter=ASN1_TYPE_new()))
 
140
                        {
 
141
                        OPENSSL_free(p);
 
142
                        X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
 
143
                        goto err;
 
144
                        }
126
145
                a->parameter->type=V_ASN1_SEQUENCE;
127
 
                a->parameter->value.sequence=ASN1_STRING_new();
128
 
                ASN1_STRING_set(a->parameter->value.sequence,p,i);
 
146
                if (!(a->parameter->value.sequence=ASN1_STRING_new()))
 
147
                        {
 
148
                        OPENSSL_free(p);
 
149
                        X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
 
150
                        goto err;
 
151
                        }
 
152
                if (!ASN1_STRING_set(a->parameter->value.sequence,p,i))
 
153
                        {
 
154
                        OPENSSL_free(p);
 
155
                        X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
 
156
                        goto err;
 
157
                        }
129
158
                OPENSSL_free(p);
130
159
                }
131
 
        else
132
 
#endif
 
160
#endif
 
161
#ifndef OPENSSL_NO_EC
 
162
        else if (pkey->type == EVP_PKEY_EC)
 
163
                {
 
164
                int nid=0;
 
165
                unsigned char *pp;
 
166
                EC_KEY *ec_key;
 
167
                const EC_GROUP *group;
 
168
                
 
169
                ec_key = pkey->pkey.ec;
 
170
                ASN1_TYPE_free(a->parameter);
 
171
 
 
172
                if ((a->parameter = ASN1_TYPE_new()) == NULL)
 
173
                        {
 
174
                        X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
 
175
                        goto err;
 
176
                        }
 
177
 
 
178
                group = EC_KEY_get0_group(ec_key);
 
179
                if (EC_GROUP_get_asn1_flag(group)
 
180
                     && (nid = EC_GROUP_get_curve_name(group)))
 
181
                        {
 
182
                        /* just set the OID */
 
183
                        a->parameter->type = V_ASN1_OBJECT;
 
184
                        a->parameter->value.object = OBJ_nid2obj(nid);
 
185
                        }
 
186
                else /* explicit parameters */
 
187
                        {
 
188
                        if ((i = i2d_ECParameters(ec_key, NULL)) == 0)
 
189
                                {
 
190
                                X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
 
191
                                goto err;
 
192
                                }
 
193
                        if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
 
194
                                {
 
195
                                X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
 
196
                                goto err;
 
197
                                }       
 
198
                        pp = p;
 
199
                        if (!i2d_ECParameters(ec_key, &pp))
 
200
                                {
 
201
                                X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
 
202
                                OPENSSL_free(p);
 
203
                                goto err;
 
204
                                }
 
205
                        a->parameter->type = V_ASN1_SEQUENCE;
 
206
                        if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL)
 
207
                                {
 
208
                                X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
 
209
                                OPENSSL_free(p);
 
210
                                goto err;
 
211
                                }
 
212
                        ASN1_STRING_set(a->parameter->value.sequence, p, i);
 
213
                        OPENSSL_free(p);
 
214
                        }
 
215
                }
 
216
#endif
 
217
        else if (1)
133
218
                {
134
219
                X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
135
220
                goto err;
143
228
                }
144
229
        p=s;
145
230
        i2d_PublicKey(pkey,&p);
146
 
        if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
147
 
        /* Set number of unused bits to zero */
 
231
        if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i))
 
232
                {
 
233
                X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
 
234
                goto err;
 
235
                }
 
236
        /* Set number of unused bits to zero */
148
237
        pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
149
238
        pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
150
239
 
159
248
                X509_PUBKEY_free(*x);
160
249
 
161
250
        *x=pk;
162
 
        pk=NULL;
163
251
 
164
 
        ok=1;
 
252
        return 1;
165
253
err:
166
254
        if (pk != NULL) X509_PUBKEY_free(pk);
167
 
        return(ok);
 
255
        return 0;
168
256
        }
169
257
 
170
258
EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
172
260
        EVP_PKEY *ret=NULL;
173
261
        long j;
174
262
        int type;
175
 
        unsigned char *p;
176
 
#ifndef OPENSSL_NO_DSA
 
263
        const unsigned char *p;
 
264
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
177
265
        const unsigned char *cp;
178
266
        X509_ALGOR *a;
179
267
#endif
181
269
        if (key == NULL) goto err;
182
270
 
183
271
        if (key->pkey != NULL)
184
 
            {
185
 
            CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
186
 
            return(key->pkey);
187
 
            }
 
272
                {
 
273
                CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
 
274
                return(key->pkey);
 
275
                }
188
276
 
189
277
        if (key->public_key == NULL) goto err;
190
278
 
191
279
        type=OBJ_obj2nid(key->algor->algorithm);
192
 
        p=key->public_key->data;
193
 
        j=key->public_key->length;
194
 
        if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL)
 
280
        if ((ret = EVP_PKEY_new()) == NULL)
195
281
                {
196
 
                X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB);
 
282
                X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
197
283
                goto err;
198
284
                }
199
 
        ret->save_parameters=0;
 
285
        ret->type = EVP_PKEY_type(type);
200
286
 
201
 
#ifndef OPENSSL_NO_DSA
 
287
        /* the parameters must be extracted before the public key (ECDSA!) */
 
288
        
 
289
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
202
290
        a=key->algor;
203
 
        if (ret->type == EVP_PKEY_DSA)
 
291
#endif
 
292
 
 
293
        if (0)
 
294
                ;
 
295
#ifndef OPENSSL_NO_DSA
 
296
        else if (ret->type == EVP_PKEY_DSA)
204
297
                {
205
298
                if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
206
299
                        {
 
300
                        if ((ret->pkey.dsa = DSA_new()) == NULL)
 
301
                                {
 
302
                                X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
 
303
                                goto err;
 
304
                                }
207
305
                        ret->pkey.dsa->write_params=0;
208
306
                        cp=p=a->parameter->value.sequence->data;
209
307
                        j=a->parameter->value.sequence->length;
210
 
                        if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j))
 
308
                        if (!d2i_DSAparams(&ret->pkey.dsa, &cp, (long)j))
211
309
                                goto err;
212
310
                        }
213
311
                ret->save_parameters=1;
214
312
                }
215
313
#endif
216
 
        key->pkey=ret;
217
 
        CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY);
 
314
#ifndef OPENSSL_NO_EC
 
315
        else if (ret->type == EVP_PKEY_EC)
 
316
                {
 
317
                if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
 
318
                        {
 
319
                        /* type == V_ASN1_SEQUENCE => we have explicit parameters
 
320
                         * (e.g. parameters in the X9_62_EC_PARAMETERS-structure )
 
321
                         */
 
322
                        if ((ret->pkey.ec= EC_KEY_new()) == NULL)
 
323
                                {
 
324
                                X509err(X509_F_X509_PUBKEY_GET, 
 
325
                                        ERR_R_MALLOC_FAILURE);
 
326
                                goto err;
 
327
                                }
 
328
                        cp = p = a->parameter->value.sequence->data;
 
329
                        j = a->parameter->value.sequence->length;
 
330
                        if (!d2i_ECParameters(&ret->pkey.ec, &cp, (long)j))
 
331
                                {
 
332
                                X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB);
 
333
                                goto err;
 
334
                                }
 
335
                        }
 
336
                else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT))
 
337
                        {
 
338
                        /* type == V_ASN1_OBJECT => the parameters are given
 
339
                         * by an asn1 OID
 
340
                         */
 
341
                        EC_KEY   *ec_key;
 
342
                        EC_GROUP *group;
 
343
 
 
344
                        if (ret->pkey.ec == NULL)
 
345
                                ret->pkey.ec = EC_KEY_new();
 
346
                        ec_key = ret->pkey.ec;
 
347
                        if (ec_key == NULL)
 
348
                                goto err;
 
349
                        group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object));
 
350
                        if (group == NULL)
 
351
                                goto err;
 
352
                        EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
 
353
                        if (EC_KEY_set_group(ec_key, group) == 0)
 
354
                                goto err;
 
355
                        EC_GROUP_free(group);
 
356
                        }
 
357
                        /* the case implicitlyCA is currently not implemented */
 
358
                ret->save_parameters = 1;
 
359
                }
 
360
#endif
 
361
 
 
362
        p=key->public_key->data;
 
363
        j=key->public_key->length;
 
364
        if (!d2i_PublicKey(type, &ret, &p, (long)j))
 
365
                {
 
366
                X509err(X509_F_X509_PUBKEY_GET, X509_R_ERR_ASN1_LIB);
 
367
                goto err;
 
368
                }
 
369
 
 
370
        key->pkey = ret;
 
371
        CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
218
372
        return(ret);
219
373
err:
220
374
        if (ret != NULL)
226
380
 * and encode or decode as X509_PUBKEY
227
381
 */
228
382
 
229
 
EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp,
 
383
EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp,
230
384
             long length)
231
 
{
 
385
        {
232
386
        X509_PUBKEY *xpk;
233
387
        EVP_PKEY *pktmp;
234
388
        xpk = d2i_X509_PUBKEY(NULL, pp, length);
236
390
        pktmp = X509_PUBKEY_get(xpk);
237
391
        X509_PUBKEY_free(xpk);
238
392
        if(!pktmp) return NULL;
239
 
        if(a) {
 
393
        if(a)
 
394
                {
240
395
                EVP_PKEY_free(*a);
241
396
                *a = pktmp;
242
 
        }
 
397
                }
243
398
        return pktmp;
244
 
}
 
399
        }
245
400
 
246
401
int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
247
 
{
 
402
        {
248
403
        X509_PUBKEY *xpk=NULL;
249
404
        int ret;
250
405
        if(!a) return 0;
252
407
        ret = i2d_X509_PUBKEY(xpk, pp);
253
408
        X509_PUBKEY_free(xpk);
254
409
        return ret;
255
 
}
 
410
        }
256
411
 
257
412
/* The following are equivalents but which return RSA and DSA
258
413
 * keys
259
414
 */
260
415
#ifndef OPENSSL_NO_RSA
261
 
RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp,
 
416
RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp,
262
417
             long length)
263
 
{
 
418
        {
264
419
        EVP_PKEY *pkey;
265
420
        RSA *key;
266
 
        unsigned char *q;
 
421
        const unsigned char *q;
267
422
        q = *pp;
268
423
        pkey = d2i_PUBKEY(NULL, &q, length);
269
 
        if(!pkey) return NULL;
 
424
        if (!pkey) return NULL;
270
425
        key = EVP_PKEY_get1_RSA(pkey);
271
426
        EVP_PKEY_free(pkey);
272
 
        if(!key) return NULL;
 
427
        if (!key) return NULL;
273
428
        *pp = q;
274
 
        if(a) {
 
429
        if (a)
 
430
                {
275
431
                RSA_free(*a);
276
432
                *a = key;
 
433
                }
 
434
        return key;
277
435
        }
278
 
        return key;
279
 
}
280
436
 
281
437
int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
282
 
{
 
438
        {
283
439
        EVP_PKEY *pktmp;
284
440
        int ret;
285
 
        if(!a) return 0;
 
441
        if (!a) return 0;
286
442
        pktmp = EVP_PKEY_new();
287
 
        if(!pktmp) {
 
443
        if (!pktmp)
 
444
                {
288
445
                ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
289
446
                return 0;
290
 
        }
 
447
                }
291
448
        EVP_PKEY_set1_RSA(pktmp, a);
292
449
        ret = i2d_PUBKEY(pktmp, pp);
293
450
        EVP_PKEY_free(pktmp);
294
451
        return ret;
295
 
}
 
452
        }
296
453
#endif
297
454
 
298
455
#ifndef OPENSSL_NO_DSA
299
 
DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp,
 
456
DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp,
300
457
             long length)
301
 
{
 
458
        {
302
459
        EVP_PKEY *pkey;
303
460
        DSA *key;
304
 
        unsigned char *q;
 
461
        const unsigned char *q;
305
462
        q = *pp;
306
463
        pkey = d2i_PUBKEY(NULL, &q, length);
307
 
        if(!pkey) return NULL;
 
464
        if (!pkey) return NULL;
308
465
        key = EVP_PKEY_get1_DSA(pkey);
309
466
        EVP_PKEY_free(pkey);
310
 
        if(!key) return NULL;
 
467
        if (!key) return NULL;
311
468
        *pp = q;
312
 
        if(a) {
 
469
        if (a)
 
470
                {
313
471
                DSA_free(*a);
314
472
                *a = key;
 
473
                }
 
474
        return key;
315
475
        }
316
 
        return key;
317
 
}
318
476
 
319
477
int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
320
 
{
 
478
        {
321
479
        EVP_PKEY *pktmp;
322
480
        int ret;
323
481
        if(!a) return 0;
324
482
        pktmp = EVP_PKEY_new();
325
 
        if(!pktmp) {
 
483
        if(!pktmp)
 
484
                {
326
485
                ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
327
486
                return 0;
328
 
        }
 
487
                }
329
488
        EVP_PKEY_set1_DSA(pktmp, a);
330
489
        ret = i2d_PUBKEY(pktmp, pp);
331
490
        EVP_PKEY_free(pktmp);
332
491
        return ret;
333
 
}
 
492
        }
 
493
#endif
 
494
 
 
495
#ifndef OPENSSL_NO_EC
 
496
EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
 
497
        {
 
498
        EVP_PKEY *pkey;
 
499
        EC_KEY *key;
 
500
        const unsigned char *q;
 
501
        q = *pp;
 
502
        pkey = d2i_PUBKEY(NULL, &q, length);
 
503
        if (!pkey) return(NULL);
 
504
        key = EVP_PKEY_get1_EC_KEY(pkey);
 
505
        EVP_PKEY_free(pkey);
 
506
        if (!key)  return(NULL);
 
507
        *pp = q;
 
508
        if (a)
 
509
                {
 
510
                EC_KEY_free(*a);
 
511
                *a = key;
 
512
                }
 
513
        return(key);
 
514
        }
 
515
 
 
516
int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
 
517
        {
 
518
        EVP_PKEY *pktmp;
 
519
        int ret;
 
520
        if (!a) return(0);
 
521
        if ((pktmp = EVP_PKEY_new()) == NULL)
 
522
                {
 
523
                ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
 
524
                return(0);
 
525
                }
 
526
        EVP_PKEY_set1_EC_KEY(pktmp, a);
 
527
        ret = i2d_PUBKEY(pktmp, pp);
 
528
        EVP_PKEY_free(pktmp);
 
529
        return(ret);
 
530
        }
334
531
#endif