1 /* crypto/asn1/x_pubkey.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 
59 #include <stdio.h>
60 #include "cryptlib.h"
61 #include <openssl/asn1t.h>
62 #include <openssl/x509.h>
63 
64 /* Minor tweak to operation: free up EVP_PKEY */
pubkey_cb(int operation,ASN1_VALUE ** pval,const ASN1_ITEM * it)65 static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
66 {
67 	if(operation == ASN1_OP_FREE_POST) {
68 		X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
69 		EVP_PKEY_free(pubkey->pkey);
70 	}
71 	return 1;
72 }
73 
74 ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
75 	ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
76 	ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
77 } ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY)
78 
79 IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
80 
81 int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
82 	{
83 	X509_PUBKEY *pk=NULL;
84 	X509_ALGOR *a;
85 	ASN1_OBJECT *o;
86 	unsigned char *s,*p = NULL;
87 	int i;
88 
89 	if (x == NULL) return(0);
90 
91 	if ((pk=X509_PUBKEY_new()) == NULL) goto err;
92 	a=pk->algor;
93 
94 	/* set the algorithm id */
95 	if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
96 	ASN1_OBJECT_free(a->algorithm);
97 	a->algorithm=o;
98 
99 	/* Set the parameter list */
100 	if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA))
101 		{
102 		if ((a->parameter == NULL) ||
103 			(a->parameter->type != V_ASN1_NULL))
104 			{
105 			ASN1_TYPE_free(a->parameter);
106 			if (!(a->parameter=ASN1_TYPE_new()))
107 				{
108 				X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
109 				goto err;
110 				}
111 			a->parameter->type=V_ASN1_NULL;
112 			}
113 		}
114 	else
115 #ifndef OPENSSL_NO_DSA
116 		if (pkey->type == EVP_PKEY_DSA)
117 		{
118 		unsigned char *pp;
119 		DSA *dsa;
120 
121 		dsa=pkey->pkey.dsa;
122 		dsa->write_params=0;
123 		ASN1_TYPE_free(a->parameter);
124 		if ((i=i2d_DSAparams(dsa,NULL)) <= 0)
125 			goto err;
126 		if (!(p=(unsigned char *)OPENSSL_malloc(i)))
127 			{
128 			X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
129 			goto err;
130 			}
131 		pp=p;
132 		i2d_DSAparams(dsa,&pp);
133 		if (!(a->parameter=ASN1_TYPE_new()))
134 			{
135 			OPENSSL_free(p);
136 			X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
137 			goto err;
138 			}
139 		a->parameter->type=V_ASN1_SEQUENCE;
140 		if (!(a->parameter->value.sequence=ASN1_STRING_new()))
141 			{
142 			OPENSSL_free(p);
143 			X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
144 			goto err;
145 			}
146 		if (!ASN1_STRING_set(a->parameter->value.sequence,p,i))
147 			{
148 			OPENSSL_free(p);
149 			X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
150 			goto err;
151 			}
152 		OPENSSL_free(p);
153 		}
154 	else
155 #endif
156 		{
157 		X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
158 		goto err;
159 		}
160 
161 	if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err;
162 	if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL)
163 		{
164 		X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
165 		goto err;
166 		}
167 	p=s;
168 	i2d_PublicKey(pkey,&p);
169 	if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i))
170 		{
171 		X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
172 		goto err;
173 		}
174 	/* Set number of unused bits to zero */
175 	pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
176 	pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
177 
178 	OPENSSL_free(s);
179 
180 #if 0
181 	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
182 	pk->pkey=pkey;
183 #endif
184 
185 	if (*x != NULL)
186 		X509_PUBKEY_free(*x);
187 
188 	*x=pk;
189 
190 	return 1;
191 err:
192 	if (pk != NULL) X509_PUBKEY_free(pk);
193 	return 0;
194 	}
195 
X509_PUBKEY_get(X509_PUBKEY * key)196 EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
197 	{
198 	EVP_PKEY *ret=NULL;
199 	long j;
200 	int type;
201 	unsigned char *p;
202 #ifndef OPENSSL_NO_DSA
203 	const unsigned char *cp;
204 	X509_ALGOR *a;
205 #endif
206 
207 	if (key == NULL) goto err;
208 
209 	if (key->pkey != NULL)
210 	    {
211 	    CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
212 	    return(key->pkey);
213 	    }
214 
215 	if (key->public_key == NULL) goto err;
216 
217 	type=OBJ_obj2nid(key->algor->algorithm);
218 	p=key->public_key->data;
219         j=key->public_key->length;
220         if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL)
221 		{
222 		X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB);
223 		goto err;
224 		}
225 	ret->save_parameters=0;
226 
227 #ifndef OPENSSL_NO_DSA
228 	a=key->algor;
229 	if (ret->type == EVP_PKEY_DSA)
230 		{
231 		if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
232 			{
233 			ret->pkey.dsa->write_params=0;
234 			cp=p=a->parameter->value.sequence->data;
235 			j=a->parameter->value.sequence->length;
236 			if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j))
237 				goto err;
238 			}
239 		ret->save_parameters=1;
240 		}
241 #endif
242 	key->pkey=ret;
243 	CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY);
244 	return(ret);
245 err:
246 	if (ret != NULL)
247 		EVP_PKEY_free(ret);
248 	return(NULL);
249 	}
250 
251 /* Now two pseudo ASN1 routines that take an EVP_PKEY structure
252  * and encode or decode as X509_PUBKEY
253  */
254 
d2i_PUBKEY(EVP_PKEY ** a,unsigned char ** pp,long length)255 EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp,
256 	     long length)
257 {
258 	X509_PUBKEY *xpk;
259 	EVP_PKEY *pktmp;
260 	xpk = d2i_X509_PUBKEY(NULL, pp, length);
261 	if(!xpk) return NULL;
262 	pktmp = X509_PUBKEY_get(xpk);
263 	X509_PUBKEY_free(xpk);
264 	if(!pktmp) return NULL;
265 	if(a) {
266 		EVP_PKEY_free(*a);
267 		*a = pktmp;
268 	}
269 	return pktmp;
270 }
271 
i2d_PUBKEY(EVP_PKEY * a,unsigned char ** pp)272 int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
273 {
274 	X509_PUBKEY *xpk=NULL;
275 	int ret;
276 	if(!a) return 0;
277 	if(!X509_PUBKEY_set(&xpk, a)) return 0;
278 	ret = i2d_X509_PUBKEY(xpk, pp);
279 	X509_PUBKEY_free(xpk);
280 	return ret;
281 }
282 
283 /* The following are equivalents but which return RSA and DSA
284  * keys
285  */
286 #ifndef OPENSSL_NO_RSA
d2i_RSA_PUBKEY(RSA ** a,unsigned char ** pp,long length)287 RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp,
288 	     long length)
289 {
290 	EVP_PKEY *pkey;
291 	RSA *key;
292 	unsigned char *q;
293 	q = *pp;
294 	pkey = d2i_PUBKEY(NULL, &q, length);
295 	if(!pkey) return NULL;
296 	key = EVP_PKEY_get1_RSA(pkey);
297 	EVP_PKEY_free(pkey);
298 	if(!key) return NULL;
299 	*pp = q;
300 	if(a) {
301 		RSA_free(*a);
302 		*a = key;
303 	}
304 	return key;
305 }
306 
i2d_RSA_PUBKEY(RSA * a,unsigned char ** pp)307 int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
308 {
309 	EVP_PKEY *pktmp;
310 	int ret;
311 	if(!a) return 0;
312 	pktmp = EVP_PKEY_new();
313 	if(!pktmp) {
314 		ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
315 		return 0;
316 	}
317 	EVP_PKEY_set1_RSA(pktmp, a);
318 	ret = i2d_PUBKEY(pktmp, pp);
319 	EVP_PKEY_free(pktmp);
320 	return ret;
321 }
322 #endif
323 
324 #ifndef OPENSSL_NO_DSA
d2i_DSA_PUBKEY(DSA ** a,unsigned char ** pp,long length)325 DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp,
326 	     long length)
327 {
328 	EVP_PKEY *pkey;
329 	DSA *key;
330 	unsigned char *q;
331 	q = *pp;
332 	pkey = d2i_PUBKEY(NULL, &q, length);
333 	if(!pkey) return NULL;
334 	key = EVP_PKEY_get1_DSA(pkey);
335 	EVP_PKEY_free(pkey);
336 	if(!key) return NULL;
337 	*pp = q;
338 	if(a) {
339 		DSA_free(*a);
340 		*a = key;
341 	}
342 	return key;
343 }
344 
i2d_DSA_PUBKEY(DSA * a,unsigned char ** pp)345 int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
346 {
347 	EVP_PKEY *pktmp;
348 	int ret;
349 	if(!a) return 0;
350 	pktmp = EVP_PKEY_new();
351 	if(!pktmp) {
352 		ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
353 		return 0;
354 	}
355 	EVP_PKEY_set1_DSA(pktmp, a);
356 	ret = i2d_PUBKEY(pktmp, pp);
357 	EVP_PKEY_free(pktmp);
358 	return ret;
359 }
360 #endif
361