]>
Commit | Line | Data |
---|---|---|
b1322259 | 1 | /* |
7e06a675 | 2 | * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. |
d02b48c6 | 3 | * |
3e4b43b9 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
b1322259 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
d02b48c6 RE |
8 | */ |
9 | ||
579422c8 P |
10 | /* |
11 | * Low level APIs are deprecated for public use, but still ok for | |
12 | * internal use. | |
13 | */ | |
14 | #include "internal/deprecated.h" | |
15 | ||
d02b48c6 | 16 | #include <stdio.h> |
b39fc560 | 17 | #include "internal/cryptlib.h" |
ec577822 BM |
18 | #include <openssl/buffer.h> |
19 | #include <openssl/asn1.h> | |
20 | #include <openssl/evp.h> | |
21 | #include <openssl/x509.h> | |
29f178bd | 22 | #include <openssl/http.h> |
3c27208f RS |
23 | #include <openssl/rsa.h> |
24 | #include <openssl/dsa.h> | |
d62210af | 25 | #include <openssl/x509v3.h> |
472a88b7 | 26 | #include "crypto/asn1.h" |
6725682d | 27 | #include "crypto/x509.h" |
d02b48c6 | 28 | |
bbaddbc0 RL |
29 | static void clean_id_ctx(EVP_MD_CTX *ctx) |
30 | { | |
31 | EVP_PKEY_CTX *pctx = EVP_MD_CTX_pkey_ctx(ctx); | |
8267becb | 32 | |
bbaddbc0 RL |
33 | EVP_PKEY_CTX_free(pctx); |
34 | EVP_MD_CTX_free(ctx); | |
35 | } | |
8267becb | 36 | |
08202174 MC |
37 | static EVP_MD_CTX *make_id_ctx(EVP_PKEY *r, ASN1_OCTET_STRING *id, |
38 | OPENSSL_CTX *libctx, const char *propq) | |
8267becb | 39 | { |
40 | EVP_MD_CTX *ctx = NULL; | |
8267becb | 41 | EVP_PKEY_CTX *pctx = NULL; |
8267becb | 42 | |
bbaddbc0 | 43 | if ((ctx = EVP_MD_CTX_new()) == NULL |
08202174 | 44 | || (pctx = EVP_PKEY_CTX_new_from_pkey(libctx, r, propq)) == NULL) { |
bbaddbc0 RL |
45 | X509err(0, ERR_R_MALLOC_FAILURE); |
46 | goto error; | |
8267becb | 47 | } |
48 | ||
ad5b71be | 49 | #ifndef OPENSSL_NO_EC |
bbaddbc0 RL |
50 | if (id != NULL) { |
51 | if (EVP_PKEY_CTX_set1_id(pctx, id->data, id->length) <= 0) { | |
52 | X509err(0, ERR_R_MALLOC_FAILURE); | |
53 | goto error; | |
54 | } | |
8267becb | 55 | } |
ad5b71be | 56 | #endif |
8267becb | 57 | |
8267becb | 58 | EVP_MD_CTX_set_pkey_ctx(ctx, pctx); |
59 | ||
bbaddbc0 RL |
60 | return ctx; |
61 | error: | |
8267becb | 62 | EVP_PKEY_CTX_free(pctx); |
bbaddbc0 RL |
63 | EVP_MD_CTX_free(ctx); |
64 | return NULL; | |
bc42bd62 PY |
65 | } |
66 | ||
6725682d | 67 | int X509_verify(X509 *a, EVP_PKEY *r) |
0f113f3e | 68 | { |
bbaddbc0 RL |
69 | int rv = 0; |
70 | EVP_MD_CTX *ctx = NULL; | |
71 | ASN1_OCTET_STRING *id = NULL; | |
8267becb | 72 | |
6e63c142 | 73 | if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature)) |
0f113f3e | 74 | return 0; |
8267becb | 75 | |
70a7dd6f | 76 | id = a->distinguishing_id; |
6725682d | 77 | if ((ctx = make_id_ctx(r, id, a->libctx, a->propq)) != NULL) { |
bbaddbc0 RL |
78 | rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg, |
79 | &a->signature, &a->cert_info, ctx); | |
80 | clean_id_ctx(ctx); | |
81 | } | |
82 | return rv; | |
0f113f3e | 83 | } |
d02b48c6 | 84 | |
6725682d SL |
85 | int X509_REQ_verify_with_libctx(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx, |
86 | const char *propq) | |
0f113f3e | 87 | { |
bbaddbc0 RL |
88 | int rv = 0; |
89 | EVP_MD_CTX *ctx = NULL; | |
90 | ASN1_OCTET_STRING *id = NULL; | |
bc42bd62 | 91 | |
70a7dd6f | 92 | id = a->distinguishing_id; |
08202174 | 93 | if ((ctx = make_id_ctx(r, id, libctx, propq)) != NULL) { |
bbaddbc0 RL |
94 | rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), &a->sig_alg, |
95 | a->signature, &a->req_info, ctx); | |
96 | clean_id_ctx(ctx); | |
97 | } | |
98 | return rv; | |
0f113f3e | 99 | } |
d02b48c6 | 100 | |
08202174 MC |
101 | int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r) |
102 | { | |
6725682d | 103 | return X509_REQ_verify_with_libctx(a, r, NULL, NULL); |
08202174 MC |
104 | } |
105 | ||
6b691a5c | 106 | int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) |
0f113f3e MC |
107 | { |
108 | return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC), | |
6e63c142 | 109 | &a->sig_algor, a->signature, a->spkac, r)); |
0f113f3e | 110 | } |
d02b48c6 | 111 | |
6b691a5c | 112 | int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) |
0f113f3e | 113 | { |
5cf6abd8 | 114 | x->cert_info.enc.modified = 1; |
6e63c142 | 115 | return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), &x->cert_info.signature, |
81e49438 DSH |
116 | &x->sig_alg, &x->signature, &x->cert_info, pkey, |
117 | md)); | |
0f113f3e | 118 | } |
d02b48c6 | 119 | |
8d207ee3 | 120 | int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx) |
0f113f3e | 121 | { |
5cf6abd8 | 122 | x->cert_info.enc.modified = 1; |
0f113f3e | 123 | return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF), |
6e63c142 | 124 | &x->cert_info.signature, |
81e49438 | 125 | &x->sig_alg, &x->signature, &x->cert_info, ctx); |
0f113f3e | 126 | } |
8d207ee3 | 127 | |
29f178bd DDO |
128 | #if !defined(OPENSSL_NO_SOCK) |
129 | static ASN1_VALUE *simple_get_asn1(const char *url, BIO *bio, BIO *rbio, | |
130 | int timeout, const ASN1_ITEM *it) | |
0f113f3e | 131 | { |
afe554c2 | 132 | return OSSL_HTTP_get_asn1(url, NULL, NULL /* no proxy used */, bio, |
29f178bd DDO |
133 | rbio, NULL /* no callback for SSL/TLS */, NULL, |
134 | NULL /* headers */, 1024 /* maxline */, | |
135 | 0 /* max_resp_len */, timeout, | |
136 | NULL /* expected_content_type */, it); | |
137 | } | |
138 | ||
139 | X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout) | |
140 | { | |
141 | return (X509 *)simple_get_asn1(url, bio, rbio, timeout, | |
142 | ASN1_ITEM_rptr(X509)); | |
0f113f3e | 143 | } |
3e41ac35 | 144 | #endif |
f4042781 | 145 | |
6b691a5c | 146 | int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) |
0f113f3e | 147 | { |
6e63c142 | 148 | return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL, |
95ed0e7c | 149 | x->signature, &x->req_info, pkey, md)); |
0f113f3e | 150 | } |
d02b48c6 | 151 | |
8d207ee3 | 152 | int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx) |
0f113f3e MC |
153 | { |
154 | return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), | |
6e63c142 | 155 | &x->sig_alg, NULL, x->signature, &x->req_info, |
0f113f3e MC |
156 | ctx); |
157 | } | |
8d207ee3 | 158 | |
6b691a5c | 159 | int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md) |
0f113f3e | 160 | { |
7aef39a7 | 161 | x->crl.enc.modified = 1; |
6e63c142 | 162 | return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO), &x->crl.sig_alg, |
34a42e14 | 163 | &x->sig_alg, &x->signature, &x->crl, pkey, md)); |
0f113f3e | 164 | } |
d02b48c6 | 165 | |
8d207ee3 | 166 | int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx) |
0f113f3e | 167 | { |
7aef39a7 | 168 | x->crl.enc.modified = 1; |
0f113f3e | 169 | return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO), |
34a42e14 | 170 | &x->crl.sig_alg, &x->sig_alg, &x->signature, |
7aef39a7 | 171 | &x->crl, ctx); |
0f113f3e | 172 | } |
8d207ee3 | 173 | |
29f178bd DDO |
174 | #if !defined(OPENSSL_NO_SOCK) |
175 | X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout) | |
0f113f3e | 176 | { |
29f178bd DDO |
177 | return (X509_CRL *)simple_get_asn1(url, bio, rbio, timeout, |
178 | ASN1_ITEM_rptr(X509_CRL)); | |
0f113f3e | 179 | } |
3e41ac35 | 180 | #endif |
6f9076ff | 181 | |
6b691a5c | 182 | int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) |
0f113f3e | 183 | { |
6e63c142 | 184 | return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), &x->sig_algor, NULL, |
0f113f3e MC |
185 | x->signature, x->spkac, pkey, md)); |
186 | } | |
d02b48c6 | 187 | |
4b618848 | 188 | #ifndef OPENSSL_NO_STDIO |
31a352d1 | 189 | X509 *d2i_X509_fp(FILE *fp, X509 **x509) |
0f113f3e MC |
190 | { |
191 | return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509); | |
192 | } | |
d02b48c6 | 193 | |
9fdcc21f | 194 | int i2d_X509_fp(FILE *fp, const X509 *x509) |
0f113f3e MC |
195 | { |
196 | return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509); | |
197 | } | |
d02b48c6 RE |
198 | #endif |
199 | ||
31a352d1 | 200 | X509 *d2i_X509_bio(BIO *bp, X509 **x509) |
0f113f3e MC |
201 | { |
202 | return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509); | |
203 | } | |
d02b48c6 | 204 | |
9fdcc21f | 205 | int i2d_X509_bio(BIO *bp, const X509 *x509) |
0f113f3e MC |
206 | { |
207 | return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509); | |
208 | } | |
d02b48c6 | 209 | |
4b618848 | 210 | #ifndef OPENSSL_NO_STDIO |
31a352d1 | 211 | X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl) |
0f113f3e MC |
212 | { |
213 | return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl); | |
214 | } | |
d02b48c6 | 215 | |
9fdcc21f | 216 | int i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl) |
0f113f3e MC |
217 | { |
218 | return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl); | |
219 | } | |
d02b48c6 RE |
220 | #endif |
221 | ||
31a352d1 | 222 | X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl) |
0f113f3e MC |
223 | { |
224 | return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl); | |
225 | } | |
d02b48c6 | 226 | |
9fdcc21f | 227 | int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl) |
0f113f3e MC |
228 | { |
229 | return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl); | |
230 | } | |
d02b48c6 | 231 | |
4b618848 | 232 | #ifndef OPENSSL_NO_STDIO |
31a352d1 | 233 | PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7) |
0f113f3e MC |
234 | { |
235 | return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7); | |
236 | } | |
d02b48c6 | 237 | |
9fdcc21f | 238 | int i2d_PKCS7_fp(FILE *fp, const PKCS7 *p7) |
0f113f3e MC |
239 | { |
240 | return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7); | |
241 | } | |
d02b48c6 RE |
242 | #endif |
243 | ||
31a352d1 | 244 | PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7) |
0f113f3e MC |
245 | { |
246 | return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7); | |
247 | } | |
d02b48c6 | 248 | |
9fdcc21f | 249 | int i2d_PKCS7_bio(BIO *bp, const PKCS7 *p7) |
0f113f3e MC |
250 | { |
251 | return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7); | |
252 | } | |
d02b48c6 | 253 | |
4b618848 | 254 | #ifndef OPENSSL_NO_STDIO |
31a352d1 | 255 | X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req) |
0f113f3e MC |
256 | { |
257 | return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req); | |
258 | } | |
d02b48c6 | 259 | |
9fdcc21f | 260 | int i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req) |
0f113f3e MC |
261 | { |
262 | return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req); | |
263 | } | |
d02b48c6 RE |
264 | #endif |
265 | ||
31a352d1 | 266 | X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req) |
0f113f3e MC |
267 | { |
268 | return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req); | |
269 | } | |
d02b48c6 | 270 | |
9fdcc21f | 271 | int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req) |
0f113f3e MC |
272 | { |
273 | return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req); | |
274 | } | |
d02b48c6 | 275 | |
cf1b7d96 | 276 | #ifndef OPENSSL_NO_RSA |
d02b48c6 | 277 | |
0f113f3e | 278 | # ifndef OPENSSL_NO_STDIO |
31a352d1 | 279 | RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) |
0f113f3e MC |
280 | { |
281 | return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); | |
282 | } | |
d02b48c6 | 283 | |
9fdcc21f | 284 | int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa) |
0f113f3e MC |
285 | { |
286 | return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); | |
287 | } | |
d02b48c6 | 288 | |
31a352d1 | 289 | RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) |
0f113f3e MC |
290 | { |
291 | return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); | |
292 | } | |
4e1209eb | 293 | |
52664f50 | 294 | RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) |
0f113f3e MC |
295 | { |
296 | return ASN1_d2i_fp((void *(*)(void)) | |
297 | RSA_new, (D2I_OF(void)) d2i_RSA_PUBKEY, fp, | |
298 | (void **)rsa); | |
299 | } | |
52664f50 | 300 | |
9fdcc21f | 301 | int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa) |
0f113f3e MC |
302 | { |
303 | return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); | |
304 | } | |
52664f50 | 305 | |
9fdcc21f | 306 | int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa) |
0f113f3e MC |
307 | { |
308 | return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa); | |
309 | } | |
310 | # endif | |
d02b48c6 | 311 | |
31a352d1 | 312 | RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) |
0f113f3e MC |
313 | { |
314 | return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); | |
315 | } | |
d02b48c6 | 316 | |
9fdcc21f | 317 | int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa) |
0f113f3e MC |
318 | { |
319 | return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); | |
320 | } | |
d02b48c6 | 321 | |
31a352d1 | 322 | RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) |
0f113f3e MC |
323 | { |
324 | return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); | |
325 | } | |
4e1209eb | 326 | |
52664f50 | 327 | RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) |
0f113f3e MC |
328 | { |
329 | return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa); | |
330 | } | |
52664f50 | 331 | |
9fdcc21f | 332 | int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa) |
0f113f3e MC |
333 | { |
334 | return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); | |
335 | } | |
52664f50 | 336 | |
9fdcc21f | 337 | int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa) |
0f113f3e MC |
338 | { |
339 | return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa); | |
340 | } | |
d02b48c6 RE |
341 | #endif |
342 | ||
cf1b7d96 | 343 | #ifndef OPENSSL_NO_DSA |
0f113f3e | 344 | # ifndef OPENSSL_NO_STDIO |
31a352d1 | 345 | DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) |
0f113f3e MC |
346 | { |
347 | return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSAPrivateKey, fp, dsa); | |
348 | } | |
d02b48c6 | 349 | |
9fdcc21f | 350 | int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa) |
0f113f3e | 351 | { |
9fdcc21f | 352 | return ASN1_i2d_fp_of(DSA, i2d_DSAPrivateKey, fp, dsa); |
0f113f3e | 353 | } |
3ea23631 | 354 | |
52664f50 | 355 | DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa) |
0f113f3e MC |
356 | { |
357 | return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa); | |
358 | } | |
3ea23631 | 359 | |
9fdcc21f | 360 | int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa) |
0f113f3e MC |
361 | { |
362 | return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa); | |
363 | } | |
364 | # endif | |
d02b48c6 | 365 | |
31a352d1 | 366 | DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) |
0f113f3e MC |
367 | { |
368 | return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAPrivateKey, bp, dsa); | |
369 | } | |
d02b48c6 | 370 | |
9fdcc21f | 371 | int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa) |
0f113f3e | 372 | { |
9fdcc21f | 373 | return ASN1_i2d_bio_of(DSA, i2d_DSAPrivateKey, bp, dsa); |
0f113f3e | 374 | } |
3ea23631 | 375 | |
52664f50 | 376 | DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa) |
0f113f3e MC |
377 | { |
378 | return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa); | |
379 | } | |
3ea23631 | 380 | |
9fdcc21f | 381 | int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa) |
0f113f3e MC |
382 | { |
383 | return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa); | |
384 | } | |
3ea23631 | 385 | |
d02b48c6 RE |
386 | #endif |
387 | ||
14a7cfb3 | 388 | #ifndef OPENSSL_NO_EC |
0f113f3e | 389 | # ifndef OPENSSL_NO_STDIO |
14a7cfb3 | 390 | EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey) |
0f113f3e MC |
391 | { |
392 | return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey); | |
393 | } | |
394 | ||
9fdcc21f | 395 | int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey) |
0f113f3e MC |
396 | { |
397 | return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey); | |
398 | } | |
14a7cfb3 BM |
399 | |
400 | EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey) | |
0f113f3e MC |
401 | { |
402 | return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey); | |
403 | } | |
404 | ||
9fdcc21f | 405 | int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey) |
0f113f3e MC |
406 | { |
407 | return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey); | |
408 | } | |
409 | # endif | |
14a7cfb3 | 410 | EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey) |
0f113f3e MC |
411 | { |
412 | return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey); | |
413 | } | |
414 | ||
9fdcc21f | 415 | int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *ecdsa) |
0f113f3e MC |
416 | { |
417 | return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa); | |
418 | } | |
14a7cfb3 BM |
419 | |
420 | EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey) | |
0f113f3e MC |
421 | { |
422 | return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey); | |
423 | } | |
424 | ||
9fdcc21f | 425 | int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey) |
0f113f3e MC |
426 | { |
427 | return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey); | |
428 | } | |
4d94ae00 BM |
429 | #endif |
430 | ||
0f113f3e MC |
431 | int X509_pubkey_digest(const X509 *data, const EVP_MD *type, |
432 | unsigned char *md, unsigned int *len) | |
433 | { | |
434 | ASN1_BIT_STRING *key; | |
435 | key = X509_get0_pubkey_bitstr(data); | |
436 | if (!key) | |
437 | return 0; | |
438 | return EVP_Digest(key->data, key->length, md, len, type, NULL); | |
439 | } | |
88ce56f8 | 440 | |
6725682d | 441 | int X509_digest(const X509 *cert, const EVP_MD *md, unsigned char *data, |
0f113f3e MC |
442 | unsigned int *len) |
443 | { | |
6725682d SL |
444 | if (EVP_MD_is_a(md, SN_sha1) && (cert->ex_flags & EXFLAG_SET) != 0 |
445 | && (cert->ex_flags & EXFLAG_INVALID) == 0) { | |
3e5d9da5 RS |
446 | /* Asking for SHA1 and we already computed it. */ |
447 | if (len != NULL) | |
6725682d SL |
448 | *len = sizeof(cert->sha1_hash); |
449 | memcpy(data, cert->sha1_hash, sizeof(cert->sha1_hash)); | |
3e5d9da5 RS |
450 | return 1; |
451 | } | |
6725682d SL |
452 | return (asn1_item_digest_with_libctx(ASN1_ITEM_rptr(X509), md, (char *)cert, |
453 | data, len, cert->libctx, cert->propq)); | |
0f113f3e MC |
454 | } |
455 | ||
44387c90 DDO |
456 | /* calculate cert digest using the same hash algorithm as in its signature */ |
457 | ASN1_OCTET_STRING *X509_digest_sig(const X509 *cert) | |
458 | { | |
459 | unsigned int len; | |
460 | unsigned char hash[EVP_MAX_MD_SIZE]; | |
461 | int md_NID; | |
462 | const EVP_MD *md = NULL; | |
463 | ASN1_OCTET_STRING *new = NULL; | |
464 | ||
465 | if (cert == NULL) { | |
466 | X509err(0, ERR_R_PASSED_NULL_PARAMETER); | |
467 | return NULL; | |
468 | } | |
469 | ||
470 | if (!OBJ_find_sigid_algs(X509_get_signature_nid(cert), &md_NID, NULL) | |
471 | || (md = EVP_get_digestbynid(md_NID)) == NULL) { | |
472 | CMPerr(0, X509_R_UNSUPPORTED_ALGORITHM); | |
473 | return NULL; | |
474 | } | |
475 | if (!X509_digest(cert, md, hash, &len) | |
476 | || (new = ASN1_OCTET_STRING_new()) == NULL) | |
477 | return NULL; | |
478 | if (!(ASN1_OCTET_STRING_set(new, hash, len))) { | |
479 | ASN1_OCTET_STRING_free(new); | |
480 | return NULL; | |
481 | } | |
482 | return new; | |
483 | } | |
484 | ||
0f113f3e MC |
485 | int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, |
486 | unsigned char *md, unsigned int *len) | |
487 | { | |
7e06a675 BE |
488 | if (type == EVP_sha1() && (data->flags & EXFLAG_SET) != 0 |
489 | && (data->flags & EXFLAG_INVALID) == 0) { | |
3e5d9da5 RS |
490 | /* Asking for SHA1; always computed in CRL d2i. */ |
491 | if (len != NULL) | |
492 | *len = sizeof(data->sha1_hash); | |
493 | memcpy(md, data->sha1_hash, sizeof(data->sha1_hash)); | |
494 | return 1; | |
495 | } | |
0f113f3e MC |
496 | return (ASN1_item_digest |
497 | (ASN1_ITEM_rptr(X509_CRL), type, (char *)data, md, len)); | |
498 | } | |
d02b48c6 | 499 | |
0f113f3e MC |
500 | int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, |
501 | unsigned char *md, unsigned int *len) | |
502 | { | |
503 | return (ASN1_item_digest | |
504 | (ASN1_ITEM_rptr(X509_REQ), type, (char *)data, md, len)); | |
505 | } | |
506 | ||
507 | int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, | |
508 | unsigned char *md, unsigned int *len) | |
509 | { | |
510 | return (ASN1_item_digest | |
511 | (ASN1_ITEM_rptr(X509_NAME), type, (char *)data, md, len)); | |
512 | } | |
513 | ||
514 | int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, | |
515 | const EVP_MD *type, unsigned char *md, | |
516 | unsigned int *len) | |
517 | { | |
518 | return (ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL), type, | |
519 | (char *)data, md, len)); | |
520 | } | |
3cbb7937 | 521 | |
4b618848 | 522 | #ifndef OPENSSL_NO_STDIO |
3cbb7937 | 523 | X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) |
0f113f3e MC |
524 | { |
525 | return ASN1_d2i_fp_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, fp, p8); | |
526 | } | |
3cbb7937 | 527 | |
9fdcc21f | 528 | int i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8) |
0f113f3e MC |
529 | { |
530 | return ASN1_i2d_fp_of(X509_SIG, i2d_X509_SIG, fp, p8); | |
531 | } | |
3cbb7937 DSH |
532 | #endif |
533 | ||
534 | X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) | |
0f113f3e MC |
535 | { |
536 | return ASN1_d2i_bio_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, bp, p8); | |
537 | } | |
3cbb7937 | 538 | |
9fdcc21f | 539 | int i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8) |
0f113f3e MC |
540 | { |
541 | return ASN1_i2d_bio_of(X509_SIG, i2d_X509_SIG, bp, p8); | |
542 | } | |
3cbb7937 | 543 | |
cb58d81e RL |
544 | #ifndef OPENSSL_NO_STDIO |
545 | X509_PUBKEY *d2i_X509_PUBKEY_fp(FILE *fp, X509_PUBKEY **xpk) | |
546 | { | |
547 | return ASN1_d2i_fp_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY, | |
548 | fp, xpk); | |
549 | } | |
550 | ||
551 | int i2d_X509_PUBKEY_fp(FILE *fp, const X509_PUBKEY *xpk) | |
552 | { | |
553 | return ASN1_i2d_fp_of(X509_PUBKEY, i2d_X509_PUBKEY, fp, xpk); | |
554 | } | |
555 | #endif | |
556 | ||
557 | X509_PUBKEY *d2i_X509_PUBKEY_bio(BIO *bp, X509_PUBKEY **xpk) | |
558 | { | |
559 | return ASN1_d2i_bio_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY, | |
560 | bp, xpk); | |
561 | } | |
562 | ||
563 | int i2d_X509_PUBKEY_bio(BIO *bp, const X509_PUBKEY *xpk) | |
564 | { | |
565 | return ASN1_i2d_bio_of(X509_PUBKEY, i2d_X509_PUBKEY, bp, xpk); | |
566 | } | |
567 | ||
4b618848 | 568 | #ifndef OPENSSL_NO_STDIO |
3cbb7937 | 569 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, |
0f113f3e MC |
570 | PKCS8_PRIV_KEY_INFO **p8inf) |
571 | { | |
572 | return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new, | |
573 | d2i_PKCS8_PRIV_KEY_INFO, fp, p8inf); | |
574 | } | |
3cbb7937 | 575 | |
9fdcc21f | 576 | int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf) |
0f113f3e MC |
577 | { |
578 | return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, fp, | |
579 | p8inf); | |
580 | } | |
36217a94 | 581 | |
9fdcc21f | 582 | int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key) |
0f113f3e MC |
583 | { |
584 | PKCS8_PRIV_KEY_INFO *p8inf; | |
585 | int ret; | |
12a765a5 | 586 | |
0f113f3e | 587 | p8inf = EVP_PKEY2PKCS8(key); |
12a765a5 | 588 | if (p8inf == NULL) |
0f113f3e MC |
589 | return 0; |
590 | ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf); | |
591 | PKCS8_PRIV_KEY_INFO_free(p8inf); | |
592 | return ret; | |
593 | } | |
36217a94 | 594 | |
9fdcc21f | 595 | int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey) |
0f113f3e MC |
596 | { |
597 | return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey); | |
598 | } | |
e6f3c585 | 599 | |
20432eae | 600 | EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) |
e6f3c585 | 601 | { |
0f113f3e | 602 | return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a); |
e6f3c585 DSH |
603 | } |
604 | ||
472a88b7 MC |
605 | EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OPENSSL_CTX *libctx, |
606 | const char *propq) | |
607 | { | |
608 | BIO *b; | |
609 | void *ret; | |
610 | ||
611 | if ((b = BIO_new(BIO_s_file())) == NULL) { | |
612 | X509err(0, ERR_R_BUF_LIB); | |
613 | return NULL; | |
614 | } | |
615 | BIO_set_fp(b, fp, BIO_NOCLOSE); | |
616 | ret = d2i_PrivateKey_ex_bio(b, a, libctx, propq); | |
617 | BIO_free(b); | |
618 | return ret; | |
619 | } | |
620 | ||
9fdcc21f | 621 | int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey) |
0f113f3e MC |
622 | { |
623 | return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey); | |
624 | } | |
bd08a2bd DSH |
625 | |
626 | EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a) | |
627 | { | |
0f113f3e | 628 | return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, fp, a); |
bd08a2bd DSH |
629 | } |
630 | ||
3cbb7937 DSH |
631 | #endif |
632 | ||
633 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, | |
0f113f3e MC |
634 | PKCS8_PRIV_KEY_INFO **p8inf) |
635 | { | |
636 | return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new, | |
637 | d2i_PKCS8_PRIV_KEY_INFO, bp, p8inf); | |
638 | } | |
3cbb7937 | 639 | |
9fdcc21f | 640 | int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf) |
0f113f3e MC |
641 | { |
642 | return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, bp, | |
643 | p8inf); | |
644 | } | |
36217a94 | 645 | |
9fdcc21f | 646 | int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key) |
0f113f3e MC |
647 | { |
648 | PKCS8_PRIV_KEY_INFO *p8inf; | |
649 | int ret; | |
12a765a5 | 650 | |
0f113f3e | 651 | p8inf = EVP_PKEY2PKCS8(key); |
12a765a5 | 652 | if (p8inf == NULL) |
0f113f3e MC |
653 | return 0; |
654 | ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf); | |
655 | PKCS8_PRIV_KEY_INFO_free(p8inf); | |
656 | return ret; | |
657 | } | |
e6f3c585 | 658 | |
9fdcc21f | 659 | int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey) |
0f113f3e MC |
660 | { |
661 | return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey); | |
662 | } | |
e6f3c585 | 663 | |
20432eae | 664 | EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a) |
0f113f3e MC |
665 | { |
666 | return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a); | |
667 | } | |
bd08a2bd | 668 | |
472a88b7 MC |
669 | EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OPENSSL_CTX *libctx, |
670 | const char *propq) | |
671 | { | |
672 | BUF_MEM *b = NULL; | |
673 | const unsigned char *p; | |
674 | void *ret = NULL; | |
675 | int len; | |
676 | ||
677 | len = asn1_d2i_read_bio(bp, &b); | |
678 | if (len < 0) | |
679 | goto err; | |
680 | ||
681 | p = (unsigned char *)b->data; | |
682 | ret = d2i_AutoPrivateKey_ex(a, &p, len, libctx, propq); | |
683 | err: | |
684 | BUF_MEM_free(b); | |
685 | return ret; | |
686 | } | |
687 | ||
9fdcc21f | 688 | int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey) |
0f113f3e MC |
689 | { |
690 | return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey); | |
691 | } | |
bd08a2bd DSH |
692 | |
693 | EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a) | |
0f113f3e MC |
694 | { |
695 | return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, bp, a); | |
696 | } |