]> git.ipfire.org Git - thirdparty/openssl.git/blame - crypto/x509/x_all.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add X509 related libctx changes.
[thirdparty/openssl.git] / crypto / x509 / x_all.c
CommitLineData
b1322259 1/*
7e06a675 2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
d02b48c6 3 *
3e4b43b9 4 * Licensed under the Apache License 2.0 (the "License"). You may not use
b1322259
RS		 5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
d02b48c6
RE		 8 */
9
579422c8
P		 10/*
11 * Low level APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14#include "internal/deprecated.h"
15
d02b48c6 16#include <stdio.h>
b39fc560 17#include "internal/cryptlib.h"
ec577822
BM		 18#include <openssl/buffer.h>
19#include <openssl/asn1.h>
20#include <openssl/evp.h>
21#include <openssl/x509.h>
29f178bd 22#include <openssl/http.h>
3c27208f
RS		 23#include <openssl/rsa.h>
24#include <openssl/dsa.h>
d62210af 25#include <openssl/x509v3.h>
472a88b7 26#include "crypto/asn1.h"
6725682d 27#include "crypto/x509.h"
d02b48c6 28
bbaddbc0
RL		 29static void clean_id_ctx(EVP_MD_CTX *ctx)
30{
31 EVP_PKEY_CTX *pctx = EVP_MD_CTX_pkey_ctx(ctx);
8267becb 32
bbaddbc0
RL		 33 EVP_PKEY_CTX_free(pctx);
34 EVP_MD_CTX_free(ctx);
35}
8267becb 36
08202174
MC		 37static EVP_MD_CTX *make_id_ctx(EVP_PKEY *r, ASN1_OCTET_STRING *id,
38 OPENSSL_CTX *libctx, const char *propq)
8267becb 39{
40 EVP_MD_CTX *ctx = NULL;
8267becb 41 EVP_PKEY_CTX *pctx = NULL;
8267becb 42
bbaddbc0 43 if ((ctx = EVP_MD_CTX_new()) == NULL
08202174 44 || (pctx = EVP_PKEY_CTX_new_from_pkey(libctx, r, propq)) == NULL) {
bbaddbc0
RL		 45 X509err(0, ERR_R_MALLOC_FAILURE);
46 goto error;
8267becb 47 }
48
ad5b71be 49#ifndef OPENSSL_NO_EC
bbaddbc0
RL		 50 if (id != NULL) {
51 if (EVP_PKEY_CTX_set1_id(pctx, id->data, id->length) <= 0) {
52 X509err(0, ERR_R_MALLOC_FAILURE);
53 goto error;
54 }
8267becb 55 }
ad5b71be 56#endif
8267becb 57
8267becb 58 EVP_MD_CTX_set_pkey_ctx(ctx, pctx);
59
bbaddbc0
RL		 60 return ctx;
61 error:
8267becb 62 EVP_PKEY_CTX_free(pctx);
bbaddbc0
RL		 63 EVP_MD_CTX_free(ctx);
64 return NULL;
bc42bd62
PY		 65}
66
6725682d 67int X509_verify(X509 *a, EVP_PKEY *r)
0f113f3e 68{
bbaddbc0
RL		 69 int rv = 0;
70 EVP_MD_CTX *ctx = NULL;
71 ASN1_OCTET_STRING *id = NULL;
8267becb 72
6e63c142 73 if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature))
0f113f3e 74 return 0;
8267becb 75
70a7dd6f 76 id = a->distinguishing_id;
6725682d 77 if ((ctx = make_id_ctx(r, id, a->libctx, a->propq)) != NULL) {
bbaddbc0
RL		 78 rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
79 &a->signature, &a->cert_info, ctx);
80 clean_id_ctx(ctx);
81 }
82 return rv;
0f113f3e 83}
d02b48c6 84
6725682d
SL		 85int X509_REQ_verify_with_libctx(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx,
86 const char *propq)
0f113f3e 87{
bbaddbc0
RL		 88 int rv = 0;
89 EVP_MD_CTX *ctx = NULL;
90 ASN1_OCTET_STRING *id = NULL;
bc42bd62 91
70a7dd6f 92 id = a->distinguishing_id;
08202174 93 if ((ctx = make_id_ctx(r, id, libctx, propq)) != NULL) {
bbaddbc0
RL		 94 rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), &a->sig_alg,
95 a->signature, &a->req_info, ctx);
96 clean_id_ctx(ctx);
97 }
98 return rv;
0f113f3e 99}
d02b48c6 100
08202174
MC		 101int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
102{
6725682d 103 return X509_REQ_verify_with_libctx(a, r, NULL, NULL);
08202174
MC		 104}
105
6b691a5c 106int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
0f113f3e
MC		 107{
108 return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
6e63c142 109 &a->sig_algor, a->signature, a->spkac, r));
0f113f3e 110}
d02b48c6 111
6b691a5c 112int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
0f113f3e 113{
5cf6abd8 114 x->cert_info.enc.modified = 1;
6e63c142 115 return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), &x->cert_info.signature,
81e49438
DSH		 116 &x->sig_alg, &x->signature, &x->cert_info, pkey,
117 md));
0f113f3e 118}
d02b48c6 119
8d207ee3 120int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
0f113f3e 121{
5cf6abd8 122 x->cert_info.enc.modified = 1;
0f113f3e 123 return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
6e63c142 124 &x->cert_info.signature,
81e49438 125 &x->sig_alg, &x->signature, &x->cert_info, ctx);
0f113f3e 126}
8d207ee3 127
29f178bd
DDO		 128#if !defined(OPENSSL_NO_SOCK)
129static ASN1_VALUE *simple_get_asn1(const char *url, BIO *bio, BIO *rbio,
130 int timeout, const ASN1_ITEM *it)
0f113f3e 131{
afe554c2 132 return OSSL_HTTP_get_asn1(url, NULL, NULL /* no proxy used */, bio,
29f178bd
DDO		 133 rbio, NULL /* no callback for SSL/TLS */, NULL,
134 NULL /* headers */, 1024 /* maxline */,
135 0 /* max_resp_len */, timeout,
136 NULL /* expected_content_type */, it);
137}
138
139X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout)
140{
141 return (X509 *)simple_get_asn1(url, bio, rbio, timeout,
142 ASN1_ITEM_rptr(X509));
0f113f3e 143}
3e41ac35 144#endif
f4042781 145
6b691a5c 146int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
0f113f3e 147{
6e63c142 148 return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL,
95ed0e7c 149 x->signature, &x->req_info, pkey, md));
0f113f3e 150}
d02b48c6 151
8d207ee3 152int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
0f113f3e
MC		 153{
154 return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
6e63c142 155 &x->sig_alg, NULL, x->signature, &x->req_info,
0f113f3e
MC		 156 ctx);
157}
8d207ee3 158
6b691a5c 159int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
0f113f3e 160{
7aef39a7 161 x->crl.enc.modified = 1;
6e63c142 162 return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO), &x->crl.sig_alg,
34a42e14 163 &x->sig_alg, &x->signature, &x->crl, pkey, md));
0f113f3e 164}
d02b48c6 165
8d207ee3 166int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
0f113f3e 167{
7aef39a7 168 x->crl.enc.modified = 1;
0f113f3e 169 return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
34a42e14 170 &x->crl.sig_alg, &x->sig_alg, &x->signature,
7aef39a7 171 &x->crl, ctx);
0f113f3e 172}
8d207ee3 173
29f178bd
DDO		 174#if !defined(OPENSSL_NO_SOCK)
175X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout)
0f113f3e 176{
29f178bd
DDO		 177 return (X509_CRL *)simple_get_asn1(url, bio, rbio, timeout,
178 ASN1_ITEM_rptr(X509_CRL));
0f113f3e 179}
3e41ac35 180#endif
6f9076ff 181
6b691a5c 182int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
0f113f3e 183{
6e63c142 184 return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), &x->sig_algor, NULL,
0f113f3e
MC		 185 x->signature, x->spkac, pkey, md));
186}
d02b48c6 187
4b618848 188#ifndef OPENSSL_NO_STDIO
31a352d1 189X509 *d2i_X509_fp(FILE *fp, X509 **x509)
0f113f3e
MC		 190{
191 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
192}
d02b48c6 193
9fdcc21f 194int i2d_X509_fp(FILE *fp, const X509 *x509)
0f113f3e
MC		 195{
196 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
197}
d02b48c6
RE		 198#endif
199
31a352d1 200X509 *d2i_X509_bio(BIO *bp, X509 **x509)
0f113f3e
MC		 201{
202 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
203}
d02b48c6 204
9fdcc21f 205int i2d_X509_bio(BIO *bp, const X509 *x509)
0f113f3e
MC		 206{
207 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
208}
d02b48c6 209
4b618848 210#ifndef OPENSSL_NO_STDIO
31a352d1 211X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
0f113f3e
MC		 212{
213 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
214}
d02b48c6 215
9fdcc21f 216int i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl)
0f113f3e
MC		 217{
218 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
219}
d02b48c6
RE		 220#endif
221
31a352d1 222X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
0f113f3e
MC		 223{
224 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
225}
d02b48c6 226
9fdcc21f 227int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl)
0f113f3e
MC		 228{
229 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
230}
d02b48c6 231
4b618848 232#ifndef OPENSSL_NO_STDIO
31a352d1 233PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
0f113f3e
MC		 234{
235 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
236}
d02b48c6 237
9fdcc21f 238int i2d_PKCS7_fp(FILE *fp, const PKCS7 *p7)
0f113f3e
MC		 239{
240 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
241}
d02b48c6
RE		 242#endif
243
31a352d1 244PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
0f113f3e
MC		 245{
246 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
247}
d02b48c6 248
9fdcc21f 249int i2d_PKCS7_bio(BIO *bp, const PKCS7 *p7)
0f113f3e
MC		 250{
251 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
252}
d02b48c6 253
4b618848 254#ifndef OPENSSL_NO_STDIO
31a352d1 255X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
0f113f3e
MC		 256{
257 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
258}
d02b48c6 259
9fdcc21f 260int i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req)
0f113f3e
MC		 261{
262 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
263}
d02b48c6
RE		 264#endif
265
31a352d1 266X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
0f113f3e
MC		 267{
268 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
269}
d02b48c6 270
9fdcc21f 271int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req)
0f113f3e
MC		 272{
273 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
274}
d02b48c6 275
cf1b7d96 276#ifndef OPENSSL_NO_RSA
d02b48c6 277
0f113f3e 278# ifndef OPENSSL_NO_STDIO
31a352d1 279RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
0f113f3e
MC		 280{
281 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
282}
d02b48c6 283
9fdcc21f 284int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa)
0f113f3e
MC		 285{
286 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
287}
d02b48c6 288
31a352d1 289RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
0f113f3e
MC		 290{
291 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
292}
4e1209eb 293
52664f50 294RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
0f113f3e
MC		 295{
296 return ASN1_d2i_fp((void *(*)(void))
297 RSA_new, (D2I_OF(void)) d2i_RSA_PUBKEY, fp,
298 (void **)rsa);
299}
52664f50 300
9fdcc21f 301int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa)
0f113f3e
MC		 302{
303 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
304}
52664f50 305
9fdcc21f 306int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa)
0f113f3e
MC		 307{
308 return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa);
309}
310# endif
d02b48c6 311
31a352d1 312RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
0f113f3e
MC		 313{
314 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
315}
d02b48c6 316
9fdcc21f 317int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa)
0f113f3e
MC		 318{
319 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
320}
d02b48c6 321
31a352d1 322RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
0f113f3e
MC		 323{
324 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
325}
4e1209eb 326
52664f50 327RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
0f113f3e
MC		 328{
329 return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa);
330}
52664f50 331
9fdcc21f 332int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa)
0f113f3e
MC		 333{
334 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
335}
52664f50 336
9fdcc21f 337int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa)
0f113f3e
MC		 338{
339 return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa);
340}
d02b48c6
RE		 341#endif
342
cf1b7d96 343#ifndef OPENSSL_NO_DSA
0f113f3e 344# ifndef OPENSSL_NO_STDIO
31a352d1 345DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
0f113f3e
MC		 346{
347 return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSAPrivateKey, fp, dsa);
348}
d02b48c6 349
9fdcc21f 350int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa)
0f113f3e 351{
9fdcc21f 352 return ASN1_i2d_fp_of(DSA, i2d_DSAPrivateKey, fp, dsa);
0f113f3e 353}
3ea23631 354
52664f50 355DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
0f113f3e
MC		 356{
357 return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa);
358}
3ea23631 359
9fdcc21f 360int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa)
0f113f3e
MC		 361{
362 return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa);
363}
364# endif
d02b48c6 365
31a352d1 366DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
0f113f3e
MC		 367{
368 return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAPrivateKey, bp, dsa);
369}
d02b48c6 370
9fdcc21f 371int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa)
0f113f3e 372{
9fdcc21f 373 return ASN1_i2d_bio_of(DSA, i2d_DSAPrivateKey, bp, dsa);
0f113f3e 374}
3ea23631 375
52664f50 376DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
0f113f3e
MC		 377{
378 return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa);
379}
3ea23631 380
9fdcc21f 381int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa)
0f113f3e
MC		 382{
383 return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa);
384}
3ea23631 385
d02b48c6
RE		 386#endif
387
14a7cfb3 388#ifndef OPENSSL_NO_EC
0f113f3e 389# ifndef OPENSSL_NO_STDIO
14a7cfb3 390EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
0f113f3e
MC		 391{
392 return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey);
393}
394
9fdcc21f 395int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey)
0f113f3e
MC		 396{
397 return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey);
398}
14a7cfb3
BM		 399
400EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
0f113f3e
MC		 401{
402 return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey);
403}
404
9fdcc21f 405int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey)
0f113f3e
MC		 406{
407 return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey);
408}
409# endif
14a7cfb3 410EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
0f113f3e
MC		 411{
412 return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey);
413}
414
9fdcc21f 415int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *ecdsa)
0f113f3e
MC		 416{
417 return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa);
418}
14a7cfb3
BM		 419
420EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
0f113f3e
MC		 421{
422 return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey);
423}
424
9fdcc21f 425int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey)
0f113f3e
MC		 426{
427 return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey);
428}
4d94ae00
BM		 429#endif
430
0f113f3e
MC		 431int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
432 unsigned char *md, unsigned int *len)
433{
434 ASN1_BIT_STRING *key;
435 key = X509_get0_pubkey_bitstr(data);
436 if (!key)
437 return 0;
438 return EVP_Digest(key->data, key->length, md, len, type, NULL);
439}
88ce56f8 440
6725682d 441int X509_digest(const X509 *cert, const EVP_MD *md, unsigned char *data,
0f113f3e
MC		 442 unsigned int *len)
443{
6725682d
SL		 444 if (EVP_MD_is_a(md, SN_sha1) && (cert->ex_flags & EXFLAG_SET) != 0
445 && (cert->ex_flags & EXFLAG_INVALID) == 0) {
3e5d9da5
RS		 446 /* Asking for SHA1 and we already computed it. */
447 if (len != NULL)
6725682d
SL		 448 *len = sizeof(cert->sha1_hash);
449 memcpy(data, cert->sha1_hash, sizeof(cert->sha1_hash));
3e5d9da5
RS		 450 return 1;
451 }
6725682d
SL		 452 return (asn1_item_digest_with_libctx(ASN1_ITEM_rptr(X509), md, (char *)cert,
453 data, len, cert->libctx, cert->propq));
0f113f3e
MC		 454}
455
44387c90
DDO		 456/* calculate cert digest using the same hash algorithm as in its signature */
457ASN1_OCTET_STRING *X509_digest_sig(const X509 *cert)
458{
459 unsigned int len;
460 unsigned char hash[EVP_MAX_MD_SIZE];
461 int md_NID;
462 const EVP_MD *md = NULL;
463 ASN1_OCTET_STRING *new = NULL;
464
465 if (cert == NULL) {
466 X509err(0, ERR_R_PASSED_NULL_PARAMETER);
467 return NULL;
468 }
469
470 if (!OBJ_find_sigid_algs(X509_get_signature_nid(cert), &md_NID, NULL)
471 || (md = EVP_get_digestbynid(md_NID)) == NULL) {
472 CMPerr(0, X509_R_UNSUPPORTED_ALGORITHM);
473 return NULL;
474 }
475 if (!X509_digest(cert, md, hash, &len)
476 || (new = ASN1_OCTET_STRING_new()) == NULL)
477 return NULL;
478 if (!(ASN1_OCTET_STRING_set(new, hash, len))) {
479 ASN1_OCTET_STRING_free(new);
480 return NULL;
481 }
482 return new;
483}
484
0f113f3e
MC		 485int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
486 unsigned char *md, unsigned int *len)
487{
7e06a675
BE		 488 if (type == EVP_sha1() && (data->flags & EXFLAG_SET) != 0
489 && (data->flags & EXFLAG_INVALID) == 0) {
3e5d9da5
RS		 490 /* Asking for SHA1; always computed in CRL d2i. */
491 if (len != NULL)
492 *len = sizeof(data->sha1_hash);
493 memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
494 return 1;
495 }
0f113f3e
MC		 496 return (ASN1_item_digest
497 (ASN1_ITEM_rptr(X509_CRL), type, (char *)data, md, len));
498}
d02b48c6 499
0f113f3e
MC		 500int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
501 unsigned char *md, unsigned int *len)
502{
503 return (ASN1_item_digest
504 (ASN1_ITEM_rptr(X509_REQ), type, (char *)data, md, len));
505}
506
507int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
508 unsigned char *md, unsigned int *len)
509{
510 return (ASN1_item_digest
511 (ASN1_ITEM_rptr(X509_NAME), type, (char *)data, md, len));
512}
513
514int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
515 const EVP_MD *type, unsigned char *md,
516 unsigned int *len)
517{
518 return (ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL), type,
519 (char *)data, md, len));
520}
3cbb7937 521
4b618848 522#ifndef OPENSSL_NO_STDIO
3cbb7937 523X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
0f113f3e
MC		 524{
525 return ASN1_d2i_fp_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, fp, p8);
526}
3cbb7937 527
9fdcc21f 528int i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8)
0f113f3e
MC		 529{
530 return ASN1_i2d_fp_of(X509_SIG, i2d_X509_SIG, fp, p8);
531}
3cbb7937
DSH		 532#endif
533
534X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
0f113f3e
MC		 535{
536 return ASN1_d2i_bio_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, bp, p8);
537}
3cbb7937 538
9fdcc21f 539int i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8)
0f113f3e
MC		 540{
541 return ASN1_i2d_bio_of(X509_SIG, i2d_X509_SIG, bp, p8);
542}
3cbb7937 543
cb58d81e
RL		 544#ifndef OPENSSL_NO_STDIO
545X509_PUBKEY *d2i_X509_PUBKEY_fp(FILE *fp, X509_PUBKEY **xpk)
546{
547 return ASN1_d2i_fp_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
548 fp, xpk);
549}
550
551int i2d_X509_PUBKEY_fp(FILE *fp, const X509_PUBKEY *xpk)
552{
553 return ASN1_i2d_fp_of(X509_PUBKEY, i2d_X509_PUBKEY, fp, xpk);
554}
555#endif
556
557X509_PUBKEY *d2i_X509_PUBKEY_bio(BIO *bp, X509_PUBKEY **xpk)
558{
559 return ASN1_d2i_bio_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
560 bp, xpk);
561}
562
563int i2d_X509_PUBKEY_bio(BIO *bp, const X509_PUBKEY *xpk)
564{
565 return ASN1_i2d_bio_of(X509_PUBKEY, i2d_X509_PUBKEY, bp, xpk);
566}
567
4b618848 568#ifndef OPENSSL_NO_STDIO
3cbb7937 569PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
0f113f3e
MC		 570 PKCS8_PRIV_KEY_INFO **p8inf)
571{
572 return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
573 d2i_PKCS8_PRIV_KEY_INFO, fp, p8inf);
574}
3cbb7937 575
9fdcc21f 576int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf)
0f113f3e
MC		 577{
578 return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, fp,
579 p8inf);
580}
36217a94 581
9fdcc21f 582int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key)
0f113f3e
MC		 583{
584 PKCS8_PRIV_KEY_INFO *p8inf;
585 int ret;
12a765a5 586
0f113f3e 587 p8inf = EVP_PKEY2PKCS8(key);
12a765a5 588 if (p8inf == NULL)
0f113f3e
MC		 589 return 0;
590 ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
591 PKCS8_PRIV_KEY_INFO_free(p8inf);
592 return ret;
593}
36217a94 594
9fdcc21f 595int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey)
0f113f3e
MC		 596{
597 return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey);
598}
e6f3c585 599
20432eae 600EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
e6f3c585 601{
0f113f3e 602 return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a);
e6f3c585
DSH		 603}
604
472a88b7
MC		 605EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OPENSSL_CTX *libctx,
606 const char *propq)
607{
608 BIO *b;
609 void *ret;
610
611 if ((b = BIO_new(BIO_s_file())) == NULL) {
612 X509err(0, ERR_R_BUF_LIB);
613 return NULL;
614 }
615 BIO_set_fp(b, fp, BIO_NOCLOSE);
616 ret = d2i_PrivateKey_ex_bio(b, a, libctx, propq);
617 BIO_free(b);
618 return ret;
619}
620
9fdcc21f 621int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey)
0f113f3e
MC		 622{
623 return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey);
624}
bd08a2bd
DSH		 625
626EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
627{
0f113f3e 628 return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, fp, a);
bd08a2bd
DSH		 629}
630
3cbb7937
DSH		 631#endif
632
633PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
0f113f3e
MC		 634 PKCS8_PRIV_KEY_INFO **p8inf)
635{
636 return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
637 d2i_PKCS8_PRIV_KEY_INFO, bp, p8inf);
638}
3cbb7937 639
9fdcc21f 640int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf)
0f113f3e
MC		 641{
642 return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, bp,
643 p8inf);
644}
36217a94 645
9fdcc21f 646int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key)
0f113f3e
MC		 647{
648 PKCS8_PRIV_KEY_INFO *p8inf;
649 int ret;
12a765a5 650
0f113f3e 651 p8inf = EVP_PKEY2PKCS8(key);
12a765a5 652 if (p8inf == NULL)
0f113f3e
MC		 653 return 0;
654 ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
655 PKCS8_PRIV_KEY_INFO_free(p8inf);
656 return ret;
657}
e6f3c585 658
9fdcc21f 659int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey)
0f113f3e
MC		 660{
661 return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey);
662}
e6f3c585 663
20432eae 664EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
0f113f3e
MC		 665{
666 return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a);
667}
bd08a2bd 668
472a88b7
MC		 669EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OPENSSL_CTX *libctx,
670 const char *propq)
671{
672 BUF_MEM *b = NULL;
673 const unsigned char *p;
674 void *ret = NULL;
675 int len;
676
677 len = asn1_d2i_read_bio(bp, &b);
678 if (len < 0)
679 goto err;
680
681 p = (unsigned char *)b->data;
682 ret = d2i_AutoPrivateKey_ex(a, &p, len, libctx, propq);
683 err:
684 BUF_MEM_free(b);
685 return ret;
686}
687
9fdcc21f 688int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey)
0f113f3e
MC		 689{
690 return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey);
691}
bd08a2bd
DSH		 692
693EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
0f113f3e
MC		 694{
695 return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, bp, a);
696}
A mirror of the official openssl repository