[thirdparty/openssl.git] / crypto / evp / p_lib.c

/* crypto/evp/p_lib.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 *
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 *
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 *
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/asn1_mac.h>
#include <openssl/x509.h>
#ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
#endif
#ifndef OPENSSL_NO_DSA
# include <openssl/dsa.h>
#endif
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif

#ifndef OPENSSL_NO_ENGINE
# include <openssl/engine.h>
#endif

#include "internal/asn1_int.h"

static void EVP_PKEY_free_it(EVP_PKEY *x);

int EVP_PKEY_bits(EVP_PKEY *pkey)
{
    if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
        return pkey->ameth->pkey_bits(pkey);
    return 0;
}

int EVP_PKEY_security_bits(const EVP_PKEY *pkey)
{
    if (pkey == NULL)
        return 0;
    if (!pkey->ameth || !pkey->ameth->pkey_security_bits)
        return -2;
    return pkey->ameth->pkey_security_bits(pkey);
}

int EVP_PKEY_size(EVP_PKEY *pkey)
{
    if (pkey && pkey->ameth && pkey->ameth->pkey_size)
        return pkey->ameth->pkey_size(pkey);
    return 0;
}

int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
{
#ifndef OPENSSL_NO_DSA
    if (pkey->type == EVP_PKEY_DSA) {
        int ret = pkey->save_parameters;

        if (mode >= 0)
            pkey->save_parameters = mode;
        return (ret);
    }
#endif
#ifndef OPENSSL_NO_EC
    if (pkey->type == EVP_PKEY_EC) {
        int ret = pkey->save_parameters;

        if (mode >= 0)
            pkey->save_parameters = mode;
        return (ret);
    }
#endif
    return (0);
}

int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
{
    if (to->type != from->type) {
        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_KEY_TYPES);
        goto err;
    }

    if (EVP_PKEY_missing_parameters(from)) {
        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS);
        goto err;
    }
    if (from->ameth && from->ameth->param_copy)
        return from->ameth->param_copy(to, from);
 err:
    return 0;
}

int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
{
    if (pkey->ameth && pkey->ameth->param_missing)
        return pkey->ameth->param_missing(pkey);
    return 0;
}

int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
{
    if (a->type != b->type)
        return -1;
    if (a->ameth && a->ameth->param_cmp)
        return a->ameth->param_cmp(a, b);
    return -2;
}

int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
{
    if (a->type != b->type)
        return -1;

    if (a->ameth) {
        int ret;
        /* Compare parameters if the algorithm has them */
        if (a->ameth->param_cmp) {
            ret = a->ameth->param_cmp(a, b);
            if (ret <= 0)
                return ret;
        }

        if (a->ameth->pub_cmp)
            return a->ameth->pub_cmp(a, b);
    }

    return -2;
}

EVP_PKEY *EVP_PKEY_new(void)
{
    EVP_PKEY *ret;

    ret = (EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
    if (ret == NULL) {
        EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
    }
    ret->type = EVP_PKEY_NONE;
    ret->save_type = EVP_PKEY_NONE;
    ret->references = 1;
    ret->ameth = NULL;
    ret->engine = NULL;
    ret->pkey.ptr = NULL;
    ret->attributes = NULL;
    ret->save_parameters = 1;
    return (ret);
}

/*
 * Setup a public key ASN1 method and ENGINE from a NID or a string. If pkey
 * is NULL just return 1 or 0 if the algorithm exists.
 */

static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
{
    const EVP_PKEY_ASN1_METHOD *ameth;
    ENGINE *e = NULL;
    if (pkey) {
        if (pkey->pkey.ptr)
            EVP_PKEY_free_it(pkey);
        /*
         * If key type matches and a method exists then this lookup has
         * succeeded once so just indicate success.
         */
        if ((type == pkey->save_type) && pkey->ameth)
            return 1;
#ifndef OPENSSL_NO_ENGINE
        /* If we have an ENGINE release it */
        if (pkey->engine) {
            ENGINE_finish(pkey->engine);
            pkey->engine = NULL;
        }
#endif
    }
    if (str)
        ameth = EVP_PKEY_asn1_find_str(&e, str, len);
    else
        ameth = EVP_PKEY_asn1_find(&e, type);
#ifndef OPENSSL_NO_ENGINE
    if (!pkey && e)
        ENGINE_finish(e);
#endif
    if (!ameth) {
        EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
        return 0;
    }
    if (pkey) {
        pkey->ameth = ameth;
        pkey->engine = e;

        pkey->type = pkey->ameth->pkey_id;
        pkey->save_type = type;
    }
    return 1;
}

int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
{
    return pkey_set_type(pkey, type, NULL, -1);
}

int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
{
    return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
}

int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
{
    if (!EVP_PKEY_set_type(pkey, type))
        return 0;
    pkey->pkey.ptr = key;
    return (key != NULL);
}

void *EVP_PKEY_get0(EVP_PKEY *pkey)
{
    return pkey->pkey.ptr;
}

#ifndef OPENSSL_NO_RSA
int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
{
    int ret = EVP_PKEY_assign_RSA(pkey, key);
    if (ret)
        RSA_up_ref(key);
    return ret;
}

RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
{
    if (pkey->type != EVP_PKEY_RSA) {
        EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
        return NULL;
    }
    RSA_up_ref(pkey->pkey.rsa);
    return pkey->pkey.rsa;
}
#endif

#ifndef OPENSSL_NO_DSA
int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
{
    int ret = EVP_PKEY_assign_DSA(pkey, key);
    if (ret)
        DSA_up_ref(key);
    return ret;
}

DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
{
    if (pkey->type != EVP_PKEY_DSA) {
        EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
        return NULL;
    }
    DSA_up_ref(pkey->pkey.dsa);
    return pkey->pkey.dsa;
}
#endif

#ifndef OPENSSL_NO_EC

int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
{
    int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
    if (ret)
        EC_KEY_up_ref(key);
    return ret;
}

EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
{
    if (pkey->type != EVP_PKEY_EC) {
        EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
        return NULL;
    }
    EC_KEY_up_ref(pkey->pkey.ec);
    return pkey->pkey.ec;
}
#endif

#ifndef OPENSSL_NO_DH

int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
{
    int ret = EVP_PKEY_assign_DH(pkey, key);
    if (ret)
        DH_up_ref(key);
    return ret;
}

DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
{
    if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) {
        EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
        return NULL;
    }
    DH_up_ref(pkey->pkey.dh);
    return pkey->pkey.dh;
}
#endif

int EVP_PKEY_type(int type)
{
    int ret;
    const EVP_PKEY_ASN1_METHOD *ameth;
    ENGINE *e;
    ameth = EVP_PKEY_asn1_find(&e, type);
    if (ameth)
        ret = ameth->pkey_id;
    else
        ret = NID_undef;
#ifndef OPENSSL_NO_ENGINE
    if (e)
        ENGINE_finish(e);
#endif
    return ret;
}

int EVP_PKEY_id(const EVP_PKEY *pkey)
{
    return pkey->type;
}

int EVP_PKEY_base_id(const EVP_PKEY *pkey)
{
    return EVP_PKEY_type(pkey->type);
}

void EVP_PKEY_free(EVP_PKEY *x)
{
    int i;

    if (x == NULL)
        return;

    i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY);
#ifdef REF_PRINT
    REF_PRINT("EVP_PKEY", x);
#endif
    if (i > 0)
        return;
#ifdef REF_CHECK
    if (i < 0) {
        fprintf(stderr, "EVP_PKEY_free, bad reference count\n");
        abort();
    }
#endif
    EVP_PKEY_free_it(x);
    if (x->attributes)
        sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
    OPENSSL_free(x);
}

static void EVP_PKEY_free_it(EVP_PKEY *x)
{
    if (x->ameth && x->ameth->pkey_free) {
        x->ameth->pkey_free(x);
        x->pkey.ptr = NULL;
    }
#ifndef OPENSSL_NO_ENGINE
    if (x->engine) {
        ENGINE_finish(x->engine);
        x->engine = NULL;
    }
#endif
}

static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,
                     const char *kstr)
{
    BIO_indent(out, indent, 128);
    BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
               kstr, OBJ_nid2ln(pkey->type));
    return 1;
}

int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
                          int indent, ASN1_PCTX *pctx)
{
    if (pkey->ameth && pkey->ameth->pub_print)
        return pkey->ameth->pub_print(out, pkey, indent, pctx);

    return unsup_alg(out, pkey, indent, "Public Key");
}

int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
                           int indent, ASN1_PCTX *pctx)
{
    if (pkey->ameth && pkey->ameth->priv_print)
        return pkey->ameth->priv_print(out, pkey, indent, pctx);

    return unsup_alg(out, pkey, indent, "Private Key");
}

int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
                          int indent, ASN1_PCTX *pctx)
{
    if (pkey->ameth && pkey->ameth->param_print)
        return pkey->ameth->param_print(out, pkey, indent, pctx);
    return unsup_alg(out, pkey, indent, "Parameters");
}

int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
{
    if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
        return -2;
    return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
                                  0, pnid);
}
Commit	Line	Data
d02b48c6	1	/* crypto/evp/p_lib.c */
58964a49	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6 RE	3	* All rights reserved.
	4	*
	5	* This package is an SSL implementation written
	6	* by Eric Young (eay@cryptsoft.com).
	7	* The implementation was written so as to conform with Netscapes SSL.
0f113f3e	8	*
d02b48c6 RE	9	* This library is free for commercial and non-commercial use as long as
	10	* the following conditions are aheared to. The following conditions
	11	* apply to all code found in this distribution, be it the RC4, RSA,
	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
	13	* included with this distribution is covered by the same copyright terms
	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
0f113f3e	15	*
d02b48c6 RE	16	* Copyright remains Eric Young's, and as such any Copyright notices in
	17	* the code are not to be removed.
	18	* If this package is used in a product, Eric Young should be given attribution
	19	* as the author of the parts of the library used.
	20	* This can be in the form of a textual message at program startup or
	21	* in documentation (online or textual) provided with the package.
0f113f3e	22	*
d02b48c6 RE	23	* Redistribution and use in source and binary forms, with or without
	24	* modification, are permitted provided that the following conditions
	25	* are met:
	26	* 1. Redistributions of source code must retain the copyright
	27	* notice, this list of conditions and the following disclaimer.
	28	* 2. Redistributions in binary form must reproduce the above copyright
	29	* notice, this list of conditions and the following disclaimer in the
	30	* documentation and/or other materials provided with the distribution.
	31	* 3. All advertising materials mentioning features or use of this software
	32	* must display the following acknowledgement:
	33	* "This product includes cryptographic software written by
	34	* Eric Young (eay@cryptsoft.com)"
	35	* The word 'cryptographic' can be left out if the rouines from the library
	36	* being used are not cryptographic related :-).
0f113f3e	37	* 4. If you include any Windows specific code (or a derivative thereof) from
d02b48c6 RE	38	* the apps directory (application code) you must include an acknowledgement:
d02b48c6 RE	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
0f113f3e	40	*
d02b48c6 RE	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	51	* SUCH DAMAGE.
0f113f3e	52	*
d02b48c6 RE	53	* The licence and distribution terms for any publically available version or
	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
	55	* copied and put under another distribution licence
	56	* [including the GNU Public Licence.]
	57	*/
	58
	59	#include <stdio.h>
	60	#include "cryptlib.h"
4d94ae00 BM	61	#include <openssl/bn.h>
4d94ae00 BM	62	#include <openssl/err.h>
ec577822 BM	63	#include <openssl/objects.h>
	64	#include <openssl/evp.h>
	65	#include <openssl/asn1_mac.h>
	66	#include <openssl/x509.h>
3eeaab4b	67	#ifndef OPENSSL_NO_RSA
0f113f3e	68	# include <openssl/rsa.h>
3eeaab4b NL	69	#endif
3eeaab4b NL	70	#ifndef OPENSSL_NO_DSA
0f113f3e	71	# include <openssl/dsa.h>
3eeaab4b NL	72	#endif
3eeaab4b NL	73	#ifndef OPENSSL_NO_DH
0f113f3e	74	# include <openssl/dh.h>
3eeaab4b	75	#endif
d02b48c6	76
01b8b3c7	77	#ifndef OPENSSL_NO_ENGINE
0f113f3e	78	# include <openssl/engine.h>
01b8b3c7 DSH	79	#endif
01b8b3c7 DSH	80
5fe736e5	81	#include "internal/asn1_int.h"
18e377b4	82
d02b48c6	83	static void EVP_PKEY_free_it(EVP_PKEY *x);
bb2297a4	84
6b691a5c	85	int EVP_PKEY_bits(EVP_PKEY *pkey)
0f113f3e MC	86	{
	87	if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
	88	return pkey->ameth->pkey_bits(pkey);
	89	return 0;
	90	}
58964a49	91
2514fa79	92	int EVP_PKEY_security_bits(const EVP_PKEY *pkey)
0f113f3e MC	93	{
	94	if (pkey == NULL)
	95	return 0;
	96	if (!pkey->ameth \|\| !pkey->ameth->pkey_security_bits)
	97	return -2;
	98	return pkey->ameth->pkey_security_bits(pkey);
	99	}
2514fa79	100
6b691a5c	101	int EVP_PKEY_size(EVP_PKEY *pkey)
0f113f3e MC	102	{
	103	if (pkey && pkey->ameth && pkey->ameth->pkey_size)
	104	return pkey->ameth->pkey_size(pkey);
	105	return 0;
	106	}
d02b48c6	107
6b691a5c	108	int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
0f113f3e	109	{
cf1b7d96	110	#ifndef OPENSSL_NO_DSA
0f113f3e MC	111	if (pkey->type == EVP_PKEY_DSA) {
	112	int ret = pkey->save_parameters;
	113
	114	if (mode >= 0)
	115	pkey->save_parameters = mode;
	116	return (ret);
	117	}
4d94ae00	118	#endif
5488bb61	119	#ifndef OPENSSL_NO_EC
0f113f3e MC	120	if (pkey->type == EVP_PKEY_EC) {
	121	int ret = pkey->save_parameters;
	122
	123	if (mode >= 0)
	124	pkey->save_parameters = mode;
	125	return (ret);
	126	}
d02b48c6	127	#endif
0f113f3e MC	128	return (0);
0f113f3e MC	129	}
d02b48c6	130
a8b72844	131	int EVP_PKEY_copy_parameters(EVP_PKEY to, const EVP_PKEY from)
0f113f3e MC	132	{
	133	if (to->type != from->type) {
	134	EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_KEY_TYPES);
	135	goto err;
	136	}
	137
	138	if (EVP_PKEY_missing_parameters(from)) {
	139	EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS);
	140	goto err;
	141	}
	142	if (from->ameth && from->ameth->param_copy)
	143	return from->ameth->param_copy(to, from);
	144	err:
	145	return 0;
	146	}
d02b48c6	147
af0f0f3e	148	int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
0f113f3e MC	149	{
	150	if (pkey->ameth && pkey->ameth->param_missing)
	151	return pkey->ameth->param_missing(pkey);
	152	return 0;
	153	}
d02b48c6	154
af0f0f3e	155	int EVP_PKEY_cmp_parameters(const EVP_PKEY a, const EVP_PKEY b)
0f113f3e MC	156	{
	157	if (a->type != b->type)
	158	return -1;
	159	if (a->ameth && a->ameth->param_cmp)
	160	return a->ameth->param_cmp(a, b);
	161	return -2;
	162	}
58964a49	163
af0f0f3e	164	int EVP_PKEY_cmp(const EVP_PKEY a, const EVP_PKEY b)
0f113f3e MC	165	{
	166	if (a->type != b->type)
	167	return -1;
	168
	169	if (a->ameth) {
	170	int ret;
	171	/* Compare parameters if the algorithm has them */
	172	if (a->ameth->param_cmp) {
	173	ret = a->ameth->param_cmp(a, b);
	174	if (ret <= 0)
	175	return ret;
	176	}
	177
	178	if (a->ameth->pub_cmp)
	179	return a->ameth->pub_cmp(a, b);
	180	}
	181
	182	return -2;
	183	}
e6526fbf	184
6b691a5c	185	EVP_PKEY *EVP_PKEY_new(void)
0f113f3e MC	186	{
	187	EVP_PKEY *ret;
	188
	189	ret = (EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
	190	if (ret == NULL) {
	191	EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
	192	return (NULL);
	193	}
	194	ret->type = EVP_PKEY_NONE;
	195	ret->save_type = EVP_PKEY_NONE;
	196	ret->references = 1;
	197	ret->ameth = NULL;
	198	ret->engine = NULL;
	199	ret->pkey.ptr = NULL;
	200	ret->attributes = NULL;
	201	ret->save_parameters = 1;
	202	return (ret);
	203	}
	204
	205	/*
	206	* Setup a public key ASN1 method and ENGINE from a NID or a string. If pkey
	207	* is NULL just return 1 or 0 if the algorithm exists.
01b8b3c7 DSH	208	*/
	209
	210	static int pkey_set_type(EVP_PKEY pkey, int type, const char str, int len)
0f113f3e MC	211	{
	212	const EVP_PKEY_ASN1_METHOD *ameth;
	213	ENGINE *e = NULL;
	214	if (pkey) {
	215	if (pkey->pkey.ptr)
	216	EVP_PKEY_free_it(pkey);
	217	/*
	218	* If key type matches and a method exists then this lookup has
	219	* succeeded once so just indicate success.
	220	*/
	221	if ((type == pkey->save_type) && pkey->ameth)
	222	return 1;
01b8b3c7	223	#ifndef OPENSSL_NO_ENGINE
0f113f3e MC	224	/* If we have an ENGINE release it */
	225	if (pkey->engine) {
	226	ENGINE_finish(pkey->engine);
	227	pkey->engine = NULL;
	228	}
01b8b3c7	229	#endif
0f113f3e MC	230	}
	231	if (str)
	232	ameth = EVP_PKEY_asn1_find_str(&e, str, len);
	233	else
	234	ameth = EVP_PKEY_asn1_find(&e, type);
01b8b3c7	235	#ifndef OPENSSL_NO_ENGINE
0f113f3e MC	236	if (!pkey && e)
0f113f3e MC	237	ENGINE_finish(e);
01b8b3c7	238	#endif
0f113f3e MC	239	if (!ameth) {
	240	EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
	241	return 0;
	242	}
	243	if (pkey) {
	244	pkey->ameth = ameth;
	245	pkey->engine = e;
	246
	247	pkey->type = pkey->ameth->pkey_id;
	248	pkey->save_type = type;
	249	}
	250	return 1;
	251	}
01b8b3c7 DSH	252
01b8b3c7 DSH	253	int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
0f113f3e MC	254	{
	255	return pkey_set_type(pkey, type, NULL, -1);
	256	}
01b8b3c7 DSH	257
01b8b3c7 DSH	258	int EVP_PKEY_set_type_str(EVP_PKEY pkey, const char str, int len)
0f113f3e MC	259	{
	260	return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
	261	}
01b8b3c7 DSH	262
01b8b3c7 DSH	263	int EVP_PKEY_assign(EVP_PKEY pkey, int type, void key)
0f113f3e MC	264	{
	265	if (!EVP_PKEY_set_type(pkey, type))
	266	return 0;
	267	pkey->pkey.ptr = key;
	268	return (key != NULL);
	269	}
d02b48c6	270
db98bbc1	271	void EVP_PKEY_get0(EVP_PKEY pkey)
0f113f3e MC	272	{
	273	return pkey->pkey.ptr;
	274	}
db98bbc1	275
cf1b7d96	276	#ifndef OPENSSL_NO_RSA
c7cb16a8	277	int EVP_PKEY_set1_RSA(EVP_PKEY pkey, RSA key)
52664f50	278	{
0f113f3e MC	279	int ret = EVP_PKEY_assign_RSA(pkey, key);
	280	if (ret)
	281	RSA_up_ref(key);
	282	return ret;
52664f50 DSH	283	}
52664f50 DSH	284
c7cb16a8	285	RSA EVP_PKEY_get1_RSA(EVP_PKEY pkey)
0f113f3e MC	286	{
	287	if (pkey->type != EVP_PKEY_RSA) {
	288	EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
	289	return NULL;
	290	}
	291	RSA_up_ref(pkey->pkey.rsa);
	292	return pkey->pkey.rsa;
f769ce3e DSH	293	}
	294	#endif
	295
cf1b7d96	296	#ifndef OPENSSL_NO_DSA
c7cb16a8	297	int EVP_PKEY_set1_DSA(EVP_PKEY pkey, DSA key)
52664f50	298	{
0f113f3e MC	299	int ret = EVP_PKEY_assign_DSA(pkey, key);
	300	if (ret)
	301	DSA_up_ref(key);
	302	return ret;
52664f50 DSH	303	}
52664f50 DSH	304
c7cb16a8	305	DSA EVP_PKEY_get1_DSA(EVP_PKEY pkey)
0f113f3e MC	306	{
	307	if (pkey->type != EVP_PKEY_DSA) {
	308	EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
	309	return NULL;
	310	}
	311	DSA_up_ref(pkey->pkey.dsa);
	312	return pkey->pkey.dsa;
f769ce3e DSH	313	}
	314	#endif
	315
14a7cfb3	316	#ifndef OPENSSL_NO_EC
4d94ae00	317
14a7cfb3	318	int EVP_PKEY_set1_EC_KEY(EVP_PKEY pkey, EC_KEY key)
4d94ae00	319	{
0f113f3e MC	320	int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
	321	if (ret)
	322	EC_KEY_up_ref(key);
	323	return ret;
4d94ae00 BM	324	}
4d94ae00 BM	325
14a7cfb3	326	EC_KEY EVP_PKEY_get1_EC_KEY(EVP_PKEY pkey)
4d94ae00	327	{
0f113f3e MC	328	if (pkey->type != EVP_PKEY_EC) {
	329	EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
	330	return NULL;
	331	}
	332	EC_KEY_up_ref(pkey->pkey.ec);
	333	return pkey->pkey.ec;
4d94ae00 BM	334	}
	335	#endif
	336
cf1b7d96	337	#ifndef OPENSSL_NO_DH
52664f50	338
c7cb16a8	339	int EVP_PKEY_set1_DH(EVP_PKEY pkey, DH key)
52664f50	340	{
0f113f3e MC	341	int ret = EVP_PKEY_assign_DH(pkey, key);
	342	if (ret)
	343	DH_up_ref(key);
	344	return ret;
52664f50 DSH	345	}
52664f50 DSH	346
c7cb16a8	347	DH EVP_PKEY_get1_DH(EVP_PKEY pkey)
0f113f3e MC	348	{
	349	if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) {
	350	EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
	351	return NULL;
	352	}
	353	DH_up_ref(pkey->pkey.dh);
	354	return pkey->pkey.dh;
f769ce3e DSH	355	}
	356	#endif
	357
6b691a5c	358	int EVP_PKEY_type(int type)
0f113f3e MC	359	{
	360	int ret;
	361	const EVP_PKEY_ASN1_METHOD *ameth;
	362	ENGINE *e;
	363	ameth = EVP_PKEY_asn1_find(&e, type);
	364	if (ameth)
	365	ret = ameth->pkey_id;
	366	else
	367	ret = NID_undef;
01b8b3c7	368	#ifndef OPENSSL_NO_ENGINE
0f113f3e MC	369	if (e)
0f113f3e MC	370	ENGINE_finish(e);
01b8b3c7	371	#endif
0f113f3e MC	372	return ret;
0f113f3e MC	373	}
d02b48c6	374
7f57b076	375	int EVP_PKEY_id(const EVP_PKEY *pkey)
0f113f3e MC	376	{
	377	return pkey->type;
	378	}
7f57b076 DSH	379
7f57b076 DSH	380	int EVP_PKEY_base_id(const EVP_PKEY *pkey)
0f113f3e MC	381	{
	382	return EVP_PKEY_type(pkey->type);
	383	}
7f57b076	384
6b691a5c	385	void EVP_PKEY_free(EVP_PKEY *x)
0f113f3e MC	386	{
0f113f3e MC	387	int i;
d02b48c6	388
0f113f3e MC	389	if (x == NULL)
0f113f3e MC	390	return;
d02b48c6	391
0f113f3e	392	i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY);
58964a49	393	#ifdef REF_PRINT
0f113f3e	394	REF_PRINT("EVP_PKEY", x);
58964a49	395	#endif
0f113f3e MC	396	if (i > 0)
0f113f3e MC	397	return;
d02b48c6	398	#ifdef REF_CHECK
0f113f3e MC	399	if (i < 0) {
	400	fprintf(stderr, "EVP_PKEY_free, bad reference count\n");
	401	abort();
	402	}
d02b48c6	403	#endif
0f113f3e MC	404	EVP_PKEY_free_it(x);
	405	if (x->attributes)
	406	sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
	407	OPENSSL_free(x);
	408	}
d02b48c6	409
6b691a5c	410	static void EVP_PKEY_free_it(EVP_PKEY *x)
0f113f3e MC	411	{
	412	if (x->ameth && x->ameth->pkey_free) {
	413	x->ameth->pkey_free(x);
	414	x->pkey.ptr = NULL;
	415	}
01b8b3c7	416	#ifndef OPENSSL_NO_ENGINE
0f113f3e MC	417	if (x->engine) {
	418	ENGINE_finish(x->engine);
	419	x->engine = NULL;
	420	}
01b8b3c7	421	#endif
0f113f3e	422	}
d02b48c6	423
35208f36	424	static int unsup_alg(BIO out, const EVP_PKEY pkey, int indent,
0f113f3e MC	425	const char *kstr)
	426	{
	427	BIO_indent(out, indent, 128);
	428	BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
	429	kstr, OBJ_nid2ln(pkey->type));
	430	return 1;
	431	}
35208f36 DSH	432
35208f36 DSH	433	int EVP_PKEY_print_public(BIO out, const EVP_PKEY pkey,
0f113f3e MC	434	int indent, ASN1_PCTX *pctx)
	435	{
	436	if (pkey->ameth && pkey->ameth->pub_print)
	437	return pkey->ameth->pub_print(out, pkey, indent, pctx);
	438
	439	return unsup_alg(out, pkey, indent, "Public Key");
	440	}
35208f36 DSH	441
35208f36 DSH	442	int EVP_PKEY_print_private(BIO out, const EVP_PKEY pkey,
0f113f3e MC	443	int indent, ASN1_PCTX *pctx)
	444	{
	445	if (pkey->ameth && pkey->ameth->priv_print)
	446	return pkey->ameth->priv_print(out, pkey, indent, pctx);
	447
	448	return unsup_alg(out, pkey, indent, "Private Key");
	449	}
35208f36 DSH	450
35208f36 DSH	451	int EVP_PKEY_print_params(BIO out, const EVP_PKEY pkey,
0f113f3e MC	452	int indent, ASN1_PCTX *pctx)
	453	{
	454	if (pkey->ameth && pkey->ameth->param_print)
	455	return pkey->ameth->param_print(out, pkey, indent, pctx);
	456	return unsup_alg(out, pkey, indent, "Parameters");
	457	}
03919683 DSH	458
03919683 DSH	459	int EVP_PKEY_get_default_digest_nid(EVP_PKEY pkey, int pnid)
0f113f3e MC	460	{
	461	if (!pkey->ameth \|\| !pkey->ameth->pkey_ctrl)
	462	return -2;
	463	return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
	464	0, pnid);
	465	}