[thirdparty/openssl.git] / crypto / evp / p_lib.c

/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 *
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 *
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 *
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/rsa.h>
#include <openssl/dsa.h>
#include <openssl/dh.h>
#include <openssl/engine.h>

#include "internal/asn1_int.h"
#include "internal/evp_int.h"

static void EVP_PKEY_free_it(EVP_PKEY *x);

int EVP_PKEY_bits(EVP_PKEY *pkey)
{
    if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
        return pkey->ameth->pkey_bits(pkey);
    return 0;
}

int EVP_PKEY_security_bits(const EVP_PKEY *pkey)
{
    if (pkey == NULL)
        return 0;
    if (!pkey->ameth || !pkey->ameth->pkey_security_bits)
        return -2;
    return pkey->ameth->pkey_security_bits(pkey);
}

int EVP_PKEY_size(EVP_PKEY *pkey)
{
    if (pkey && pkey->ameth && pkey->ameth->pkey_size)
        return pkey->ameth->pkey_size(pkey);
    return 0;
}

int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
{
#ifndef OPENSSL_NO_DSA
    if (pkey->type == EVP_PKEY_DSA) {
        int ret = pkey->save_parameters;

        if (mode >= 0)
            pkey->save_parameters = mode;
        return (ret);
    }
#endif
#ifndef OPENSSL_NO_EC
    if (pkey->type == EVP_PKEY_EC) {
        int ret = pkey->save_parameters;

        if (mode >= 0)
            pkey->save_parameters = mode;
        return (ret);
    }
#endif
    return (0);
}

int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
{
    if (to->type == EVP_PKEY_NONE) {
        if (EVP_PKEY_set_type(to, from->type) == 0)
            return 0;
    } else if (to->type != from->type) {
        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_KEY_TYPES);
        goto err;
    }

    if (EVP_PKEY_missing_parameters(from)) {
        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS);
        goto err;
    }
    if (from->ameth && from->ameth->param_copy)
        return from->ameth->param_copy(to, from);
 err:
    return 0;
}

int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
{
    if (pkey->ameth && pkey->ameth->param_missing)
        return pkey->ameth->param_missing(pkey);
    return 0;
}

int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
{
    if (a->type != b->type)
        return -1;
    if (a->ameth && a->ameth->param_cmp)
        return a->ameth->param_cmp(a, b);
    return -2;
}

int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
{
    if (a->type != b->type)
        return -1;

    if (a->ameth) {
        int ret;
        /* Compare parameters if the algorithm has them */
        if (a->ameth->param_cmp) {
            ret = a->ameth->param_cmp(a, b);
            if (ret <= 0)
                return ret;
        }

        if (a->ameth->pub_cmp)
            return a->ameth->pub_cmp(a, b);
    }

    return -2;
}

EVP_PKEY *EVP_PKEY_new(void)
{
    EVP_PKEY *ret = OPENSSL_zalloc(sizeof(*ret));

    if (ret == NULL) {
        EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
        return NULL;
    }
    ret->type = EVP_PKEY_NONE;
    ret->save_type = EVP_PKEY_NONE;
    ret->references = 1;
    ret->save_parameters = 1;
    ret->lock = CRYPTO_THREAD_lock_new();
    if (ret->lock == NULL) {
        EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
        OPENSSL_free(ret);
        return NULL;
    }
    return ret;
}

int EVP_PKEY_up_ref(EVP_PKEY *pkey)
{
    int i;

    if (CRYPTO_atomic_add(&pkey->references, 1, &i, pkey->lock) <= 0)
        return 0;

    REF_PRINT_COUNT("EVP_PKEY", pkey);
    REF_ASSERT_ISNT(i < 2);
    return ((i > 1) ? 1 : 0);
}

/*
 * Setup a public key ASN1 method and ENGINE from a NID or a string. If pkey
 * is NULL just return 1 or 0 if the algorithm exists.
 */

static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
{
    const EVP_PKEY_ASN1_METHOD *ameth;
    ENGINE *e = NULL;
    if (pkey) {
        if (pkey->pkey.ptr)
            EVP_PKEY_free_it(pkey);
        /*
         * If key type matches and a method exists then this lookup has
         * succeeded once so just indicate success.
         */
        if ((type == pkey->save_type) && pkey->ameth)
            return 1;
#ifndef OPENSSL_NO_ENGINE
        /* If we have an ENGINE release it */
        ENGINE_finish(pkey->engine);
        pkey->engine = NULL;
#endif
    }
    if (str)
        ameth = EVP_PKEY_asn1_find_str(&e, str, len);
    else
        ameth = EVP_PKEY_asn1_find(&e, type);
#ifndef OPENSSL_NO_ENGINE
    if (pkey == NULL)
        ENGINE_finish(e);
#endif
    if (ameth == NULL) {
        EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
        return 0;
    }
    if (pkey) {
        pkey->ameth = ameth;
        pkey->engine = e;

        pkey->type = pkey->ameth->pkey_id;
        pkey->save_type = type;
    }
    return 1;
}

int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
{
    return pkey_set_type(pkey, type, NULL, -1);
}

int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
{
    return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
}

int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
{
    if (pkey == NULL || !EVP_PKEY_set_type(pkey, type))
        return 0;
    pkey->pkey.ptr = key;
    return (key != NULL);
}

void *EVP_PKEY_get0(const EVP_PKEY *pkey)
{
    return pkey->pkey.ptr;
}

#ifndef OPENSSL_NO_RSA
int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
{
    int ret = EVP_PKEY_assign_RSA(pkey, key);
    if (ret)
        RSA_up_ref(key);
    return ret;
}

RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
{
    if (pkey->type != EVP_PKEY_RSA) {
        EVPerr(EVP_F_EVP_PKEY_GET0_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
        return NULL;
    }
    return pkey->pkey.rsa;
}

RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
{
    RSA *ret = EVP_PKEY_get0_RSA(pkey);
    if (ret != NULL)
        RSA_up_ref(ret);
    return ret;
}
#endif

#ifndef OPENSSL_NO_DSA
int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
{
    int ret = EVP_PKEY_assign_DSA(pkey, key);
    if (ret)
        DSA_up_ref(key);
    return ret;
}

DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey)
{
    if (pkey->type != EVP_PKEY_DSA) {
        EVPerr(EVP_F_EVP_PKEY_GET0_DSA, EVP_R_EXPECTING_A_DSA_KEY);
        return NULL;
    }
    return pkey->pkey.dsa;
}

DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
{
    DSA *ret = EVP_PKEY_get0_DSA(pkey);
    if (ret != NULL)
        DSA_up_ref(ret);
    return ret;
}
#endif

#ifndef OPENSSL_NO_EC

int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
{
    int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
    if (ret)
        EC_KEY_up_ref(key);
    return ret;
}

EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey)
{
    if (pkey->type != EVP_PKEY_EC) {
        EVPerr(EVP_F_EVP_PKEY_GET0_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
        return NULL;
    }
    return pkey->pkey.ec;
}

EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
{
    EC_KEY *ret = EVP_PKEY_get0_EC_KEY(pkey);
    if (ret != NULL)
        EC_KEY_up_ref(ret);
    return ret;
}
#endif

#ifndef OPENSSL_NO_DH

int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
{
    int ret = EVP_PKEY_assign_DH(pkey, key);
    if (ret)
        DH_up_ref(key);
    return ret;
}

DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey)
{
    if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) {
        EVPerr(EVP_F_EVP_PKEY_GET0_DH, EVP_R_EXPECTING_A_DH_KEY);
        return NULL;
    }
    return pkey->pkey.dh;
}

DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
{
    DH *ret = EVP_PKEY_get0_DH(pkey);
    if (ret != NULL)
        DH_up_ref(ret);
    return ret;
}
#endif

int EVP_PKEY_type(int type)
{
    int ret;
    const EVP_PKEY_ASN1_METHOD *ameth;
    ENGINE *e;
    ameth = EVP_PKEY_asn1_find(&e, type);
    if (ameth)
        ret = ameth->pkey_id;
    else
        ret = NID_undef;
#ifndef OPENSSL_NO_ENGINE
    ENGINE_finish(e);
#endif
    return ret;
}

int EVP_PKEY_id(const EVP_PKEY *pkey)
{
    return pkey->type;
}

int EVP_PKEY_base_id(const EVP_PKEY *pkey)
{
    return EVP_PKEY_type(pkey->type);
}

void EVP_PKEY_free(EVP_PKEY *x)
{
    int i;

    if (x == NULL)
        return;

    CRYPTO_atomic_add(&x->references, -1, &i, x->lock);
    REF_PRINT_COUNT("EVP_PKEY", x);
    if (i > 0)
        return;
    REF_ASSERT_ISNT(i < 0);
    EVP_PKEY_free_it(x);
    sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
    OPENSSL_free(x);
}

static void EVP_PKEY_free_it(EVP_PKEY *x)
{
    /* internal function; x is never NULL */
    if (x->ameth && x->ameth->pkey_free) {
        x->ameth->pkey_free(x);
        x->pkey.ptr = NULL;
    }
#ifndef OPENSSL_NO_ENGINE
    ENGINE_finish(x->engine);
    x->engine = NULL;
#endif
    CRYPTO_THREAD_lock_free(x->lock);
}

static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,
                     const char *kstr)
{
    BIO_indent(out, indent, 128);
    BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
               kstr, OBJ_nid2ln(pkey->type));
    return 1;
}

int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
                          int indent, ASN1_PCTX *pctx)
{
    if (pkey->ameth && pkey->ameth->pub_print)
        return pkey->ameth->pub_print(out, pkey, indent, pctx);

    return unsup_alg(out, pkey, indent, "Public Key");
}

int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
                           int indent, ASN1_PCTX *pctx)
{
    if (pkey->ameth && pkey->ameth->priv_print)
        return pkey->ameth->priv_print(out, pkey, indent, pctx);

    return unsup_alg(out, pkey, indent, "Private Key");
}

int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
                          int indent, ASN1_PCTX *pctx)
{
    if (pkey->ameth && pkey->ameth->param_print)
        return pkey->ameth->param_print(out, pkey, indent, pctx);
    return unsup_alg(out, pkey, indent, "Parameters");
}

int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
{
    if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
        return -2;
    return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
                                  0, pnid);
}
Commit	Line	Data
58964a49	1	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6 RE	2	* All rights reserved.
	3	*
	4	* This package is an SSL implementation written
	5	* by Eric Young (eay@cryptsoft.com).
	6	* The implementation was written so as to conform with Netscapes SSL.
0f113f3e	7	*
d02b48c6 RE	8	* This library is free for commercial and non-commercial use as long as
	9	* the following conditions are aheared to. The following conditions
	10	* apply to all code found in this distribution, be it the RC4, RSA,
	11	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
	12	* included with this distribution is covered by the same copyright terms
	13	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
0f113f3e	14	*
d02b48c6 RE	15	* Copyright remains Eric Young's, and as such any Copyright notices in
	16	* the code are not to be removed.
	17	* If this package is used in a product, Eric Young should be given attribution
	18	* as the author of the parts of the library used.
	19	* This can be in the form of a textual message at program startup or
	20	* in documentation (online or textual) provided with the package.
0f113f3e	21	*
d02b48c6 RE	22	* Redistribution and use in source and binary forms, with or without
	23	* modification, are permitted provided that the following conditions
	24	* are met:
	25	* 1. Redistributions of source code must retain the copyright
	26	* notice, this list of conditions and the following disclaimer.
	27	* 2. Redistributions in binary form must reproduce the above copyright
	28	* notice, this list of conditions and the following disclaimer in the
	29	* documentation and/or other materials provided with the distribution.
	30	* 3. All advertising materials mentioning features or use of this software
	31	* must display the following acknowledgement:
	32	* "This product includes cryptographic software written by
	33	* Eric Young (eay@cryptsoft.com)"
	34	* The word 'cryptographic' can be left out if the rouines from the library
	35	* being used are not cryptographic related :-).
0f113f3e	36	* 4. If you include any Windows specific code (or a derivative thereof) from
d02b48c6 RE	37	* the apps directory (application code) you must include an acknowledgement:
d02b48c6 RE	38	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
0f113f3e	39	*
d02b48c6 RE	40	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
	41	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	42	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	43	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	44	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	45	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	46	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	48	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	49	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	50	* SUCH DAMAGE.
0f113f3e	51	*
d02b48c6 RE	52	* The licence and distribution terms for any publically available version or
	53	* derivative of this code cannot be changed. i.e. this code cannot simply be
	54	* copied and put under another distribution licence
	55	* [including the GNU Public Licence.]
	56	*/
	57
	58	#include <stdio.h>
b39fc560	59	#include "internal/cryptlib.h"
4d94ae00 BM	60	#include <openssl/bn.h>
4d94ae00 BM	61	#include <openssl/err.h>
ec577822 BM	62	#include <openssl/objects.h>
ec577822 BM	63	#include <openssl/evp.h>
ec577822	64	#include <openssl/x509.h>
3c27208f RS	65	#include <openssl/rsa.h>
	66	#include <openssl/dsa.h>
	67	#include <openssl/dh.h>
	68	#include <openssl/engine.h>
01b8b3c7	69
5fe736e5	70	#include "internal/asn1_int.h"
3aeb9348	71	#include "internal/evp_int.h"
18e377b4	72
d02b48c6	73	static void EVP_PKEY_free_it(EVP_PKEY *x);
bb2297a4	74
6b691a5c	75	int EVP_PKEY_bits(EVP_PKEY *pkey)
0f113f3e MC	76	{
	77	if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
	78	return pkey->ameth->pkey_bits(pkey);
	79	return 0;
	80	}
58964a49	81
2514fa79	82	int EVP_PKEY_security_bits(const EVP_PKEY *pkey)
0f113f3e MC	83	{
	84	if (pkey == NULL)
	85	return 0;
	86	if (!pkey->ameth \|\| !pkey->ameth->pkey_security_bits)
	87	return -2;
	88	return pkey->ameth->pkey_security_bits(pkey);
	89	}
2514fa79	90
6b691a5c	91	int EVP_PKEY_size(EVP_PKEY *pkey)
0f113f3e MC	92	{
	93	if (pkey && pkey->ameth && pkey->ameth->pkey_size)
	94	return pkey->ameth->pkey_size(pkey);
	95	return 0;
	96	}
d02b48c6	97
6b691a5c	98	int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
0f113f3e	99	{
cf1b7d96	100	#ifndef OPENSSL_NO_DSA
0f113f3e MC	101	if (pkey->type == EVP_PKEY_DSA) {
	102	int ret = pkey->save_parameters;
	103
	104	if (mode >= 0)
	105	pkey->save_parameters = mode;
	106	return (ret);
	107	}
4d94ae00	108	#endif
5488bb61	109	#ifndef OPENSSL_NO_EC
0f113f3e MC	110	if (pkey->type == EVP_PKEY_EC) {
	111	int ret = pkey->save_parameters;
	112
	113	if (mode >= 0)
	114	pkey->save_parameters = mode;
	115	return (ret);
	116	}
d02b48c6	117	#endif
0f113f3e MC	118	return (0);
0f113f3e MC	119	}
d02b48c6	120
a8b72844	121	int EVP_PKEY_copy_parameters(EVP_PKEY to, const EVP_PKEY from)
0f113f3e	122	{
2986ecdc DSH	123	if (to->type == EVP_PKEY_NONE) {
	124	if (EVP_PKEY_set_type(to, from->type) == 0)
	125	return 0;
	126	} else if (to->type != from->type) {
0f113f3e MC	127	EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_KEY_TYPES);
	128	goto err;
	129	}
	130
	131	if (EVP_PKEY_missing_parameters(from)) {
	132	EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS);
	133	goto err;
	134	}
	135	if (from->ameth && from->ameth->param_copy)
	136	return from->ameth->param_copy(to, from);
	137	err:
	138	return 0;
	139	}
d02b48c6	140
af0f0f3e	141	int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
0f113f3e MC	142	{
	143	if (pkey->ameth && pkey->ameth->param_missing)
	144	return pkey->ameth->param_missing(pkey);
	145	return 0;
	146	}
d02b48c6	147
af0f0f3e	148	int EVP_PKEY_cmp_parameters(const EVP_PKEY a, const EVP_PKEY b)
0f113f3e MC	149	{
	150	if (a->type != b->type)
	151	return -1;
	152	if (a->ameth && a->ameth->param_cmp)
	153	return a->ameth->param_cmp(a, b);
	154	return -2;
	155	}
58964a49	156
af0f0f3e	157	int EVP_PKEY_cmp(const EVP_PKEY a, const EVP_PKEY b)
0f113f3e MC	158	{
	159	if (a->type != b->type)
	160	return -1;
	161
	162	if (a->ameth) {
	163	int ret;
	164	/* Compare parameters if the algorithm has them */
	165	if (a->ameth->param_cmp) {
	166	ret = a->ameth->param_cmp(a, b);
	167	if (ret <= 0)
	168	return ret;
	169	}
	170
	171	if (a->ameth->pub_cmp)
	172	return a->ameth->pub_cmp(a, b);
	173	}
	174
	175	return -2;
	176	}
e6526fbf	177
6b691a5c	178	EVP_PKEY *EVP_PKEY_new(void)
0f113f3e	179	{
a2d0baa2	180	EVP_PKEY ret = OPENSSL_zalloc(sizeof(ret));
0f113f3e	181
0f113f3e MC	182	if (ret == NULL) {
0f113f3e MC	183	EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
03273d61	184	return NULL;
0f113f3e MC	185	}
	186	ret->type = EVP_PKEY_NONE;
	187	ret->save_type = EVP_PKEY_NONE;
	188	ret->references = 1;
0f113f3e	189	ret->save_parameters = 1;
03273d61 AG	190	ret->lock = CRYPTO_THREAD_lock_new();
	191	if (ret->lock == NULL) {
	192	EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
	193	OPENSSL_free(ret);
	194	return NULL;
	195	}
	196	return ret;
0f113f3e MC	197	}
0f113f3e MC	198
c5ebfcab	199	int EVP_PKEY_up_ref(EVP_PKEY *pkey)
2872dbe1	200	{
03273d61	201	int i;
c5ebfcab F	202
	203	if (CRYPTO_atomic_add(&pkey->references, 1, &i, pkey->lock) <= 0)
	204	return 0;
	205
	206	REF_PRINT_COUNT("EVP_PKEY", pkey);
	207	REF_ASSERT_ISNT(i < 2);
	208	return ((i > 1) ? 1 : 0);
2872dbe1 DSH	209	}
2872dbe1 DSH	210
0f113f3e MC	211	/*
	212	* Setup a public key ASN1 method and ENGINE from a NID or a string. If pkey
	213	* is NULL just return 1 or 0 if the algorithm exists.
01b8b3c7 DSH	214	*/
	215
	216	static int pkey_set_type(EVP_PKEY pkey, int type, const char str, int len)
0f113f3e MC	217	{
	218	const EVP_PKEY_ASN1_METHOD *ameth;
	219	ENGINE *e = NULL;
	220	if (pkey) {
	221	if (pkey->pkey.ptr)
	222	EVP_PKEY_free_it(pkey);
	223	/*
	224	* If key type matches and a method exists then this lookup has
	225	* succeeded once so just indicate success.
	226	*/
	227	if ((type == pkey->save_type) && pkey->ameth)
	228	return 1;
01b8b3c7	229	#ifndef OPENSSL_NO_ENGINE
0f113f3e	230	/* If we have an ENGINE release it */
7c96dbcd RS	231	ENGINE_finish(pkey->engine);
7c96dbcd RS	232	pkey->engine = NULL;
01b8b3c7	233	#endif
0f113f3e MC	234	}
	235	if (str)
	236	ameth = EVP_PKEY_asn1_find_str(&e, str, len);
	237	else
	238	ameth = EVP_PKEY_asn1_find(&e, type);
01b8b3c7	239	#ifndef OPENSSL_NO_ENGINE
7c96dbcd	240	if (pkey == NULL)
0f113f3e	241	ENGINE_finish(e);
01b8b3c7	242	#endif
7c96dbcd	243	if (ameth == NULL) {
0f113f3e MC	244	EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
	245	return 0;
	246	}
	247	if (pkey) {
	248	pkey->ameth = ameth;
	249	pkey->engine = e;
	250
	251	pkey->type = pkey->ameth->pkey_id;
	252	pkey->save_type = type;
	253	}
	254	return 1;
	255	}
01b8b3c7 DSH	256
01b8b3c7 DSH	257	int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
0f113f3e MC	258	{
	259	return pkey_set_type(pkey, type, NULL, -1);
	260	}
01b8b3c7 DSH	261
01b8b3c7 DSH	262	int EVP_PKEY_set_type_str(EVP_PKEY pkey, const char str, int len)
0f113f3e MC	263	{
	264	return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
	265	}
01b8b3c7 DSH	266
01b8b3c7 DSH	267	int EVP_PKEY_assign(EVP_PKEY pkey, int type, void key)
0f113f3e	268	{
e34c66c6	269	if (pkey == NULL \|\| !EVP_PKEY_set_type(pkey, type))
0f113f3e MC	270	return 0;
	271	pkey->pkey.ptr = key;
	272	return (key != NULL);
	273	}
d02b48c6	274
3aeb9348	275	void EVP_PKEY_get0(const EVP_PKEY pkey)
0f113f3e MC	276	{
	277	return pkey->pkey.ptr;
	278	}
db98bbc1	279
cf1b7d96	280	#ifndef OPENSSL_NO_RSA
c7cb16a8	281	int EVP_PKEY_set1_RSA(EVP_PKEY pkey, RSA key)
52664f50	282	{
0f113f3e MC	283	int ret = EVP_PKEY_assign_RSA(pkey, key);
	284	if (ret)
	285	RSA_up_ref(key);
	286	return ret;
52664f50 DSH	287	}
52664f50 DSH	288
2872dbe1	289	RSA EVP_PKEY_get0_RSA(EVP_PKEY pkey)
0f113f3e MC	290	{
0f113f3e MC	291	if (pkey->type != EVP_PKEY_RSA) {
2872dbe1	292	EVPerr(EVP_F_EVP_PKEY_GET0_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
0f113f3e MC	293	return NULL;
0f113f3e MC	294	}
0f113f3e	295	return pkey->pkey.rsa;
f769ce3e	296	}
2872dbe1 DSH	297
	298	RSA EVP_PKEY_get1_RSA(EVP_PKEY pkey)
	299	{
	300	RSA *ret = EVP_PKEY_get0_RSA(pkey);
	301	if (ret != NULL)
	302	RSA_up_ref(ret);
	303	return ret;
	304	}
f769ce3e DSH	305	#endif
f769ce3e DSH	306
cf1b7d96	307	#ifndef OPENSSL_NO_DSA
c7cb16a8	308	int EVP_PKEY_set1_DSA(EVP_PKEY pkey, DSA key)
52664f50	309	{
0f113f3e MC	310	int ret = EVP_PKEY_assign_DSA(pkey, key);
	311	if (ret)
	312	DSA_up_ref(key);
	313	return ret;
52664f50 DSH	314	}
52664f50 DSH	315
2872dbe1	316	DSA EVP_PKEY_get0_DSA(EVP_PKEY pkey)
0f113f3e MC	317	{
0f113f3e MC	318	if (pkey->type != EVP_PKEY_DSA) {
2872dbe1	319	EVPerr(EVP_F_EVP_PKEY_GET0_DSA, EVP_R_EXPECTING_A_DSA_KEY);
0f113f3e MC	320	return NULL;
0f113f3e MC	321	}
0f113f3e	322	return pkey->pkey.dsa;
f769ce3e	323	}
2872dbe1 DSH	324
	325	DSA EVP_PKEY_get1_DSA(EVP_PKEY pkey)
	326	{
	327	DSA *ret = EVP_PKEY_get0_DSA(pkey);
	328	if (ret != NULL)
	329	DSA_up_ref(ret);
	330	return ret;
	331	}
f769ce3e DSH	332	#endif
f769ce3e DSH	333
14a7cfb3	334	#ifndef OPENSSL_NO_EC
4d94ae00	335
14a7cfb3	336	int EVP_PKEY_set1_EC_KEY(EVP_PKEY pkey, EC_KEY key)
4d94ae00	337	{
0f113f3e MC	338	int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
	339	if (ret)
	340	EC_KEY_up_ref(key);
	341	return ret;
4d94ae00 BM	342	}
4d94ae00 BM	343
2872dbe1	344	EC_KEY EVP_PKEY_get0_EC_KEY(EVP_PKEY pkey)
4d94ae00	345	{
0f113f3e	346	if (pkey->type != EVP_PKEY_EC) {
2872dbe1	347	EVPerr(EVP_F_EVP_PKEY_GET0_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
0f113f3e MC	348	return NULL;
0f113f3e MC	349	}
0f113f3e	350	return pkey->pkey.ec;
4d94ae00	351	}
2872dbe1 DSH	352
	353	EC_KEY EVP_PKEY_get1_EC_KEY(EVP_PKEY pkey)
	354	{
	355	EC_KEY *ret = EVP_PKEY_get0_EC_KEY(pkey);
	356	if (ret != NULL)
	357	EC_KEY_up_ref(ret);
	358	return ret;
	359	}
4d94ae00 BM	360	#endif
4d94ae00 BM	361
cf1b7d96	362	#ifndef OPENSSL_NO_DH
52664f50	363
c7cb16a8	364	int EVP_PKEY_set1_DH(EVP_PKEY pkey, DH key)
52664f50	365	{
0f113f3e MC	366	int ret = EVP_PKEY_assign_DH(pkey, key);
	367	if (ret)
	368	DH_up_ref(key);
	369	return ret;
52664f50 DSH	370	}
52664f50 DSH	371
2872dbe1	372	DH EVP_PKEY_get0_DH(EVP_PKEY pkey)
0f113f3e MC	373	{
0f113f3e MC	374	if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) {
2872dbe1	375	EVPerr(EVP_F_EVP_PKEY_GET0_DH, EVP_R_EXPECTING_A_DH_KEY);
0f113f3e MC	376	return NULL;
0f113f3e MC	377	}
0f113f3e	378	return pkey->pkey.dh;
f769ce3e	379	}
2872dbe1 DSH	380
	381	DH EVP_PKEY_get1_DH(EVP_PKEY pkey)
	382	{
	383	DH *ret = EVP_PKEY_get0_DH(pkey);
	384	if (ret != NULL)
	385	DH_up_ref(ret);
	386	return ret;
	387	}
f769ce3e DSH	388	#endif
f769ce3e DSH	389
6b691a5c	390	int EVP_PKEY_type(int type)
0f113f3e MC	391	{
	392	int ret;
	393	const EVP_PKEY_ASN1_METHOD *ameth;
	394	ENGINE *e;
	395	ameth = EVP_PKEY_asn1_find(&e, type);
	396	if (ameth)
	397	ret = ameth->pkey_id;
	398	else
	399	ret = NID_undef;
01b8b3c7	400	#ifndef OPENSSL_NO_ENGINE
7c96dbcd	401	ENGINE_finish(e);
01b8b3c7	402	#endif
0f113f3e MC	403	return ret;
0f113f3e MC	404	}
d02b48c6	405
7f57b076	406	int EVP_PKEY_id(const EVP_PKEY *pkey)
0f113f3e MC	407	{
	408	return pkey->type;
	409	}
7f57b076 DSH	410
7f57b076 DSH	411	int EVP_PKEY_base_id(const EVP_PKEY *pkey)
0f113f3e MC	412	{
	413	return EVP_PKEY_type(pkey->type);
	414	}
7f57b076	415
6b691a5c	416	void EVP_PKEY_free(EVP_PKEY *x)
0f113f3e MC	417	{
0f113f3e MC	418	int i;
d02b48c6	419
0f113f3e MC	420	if (x == NULL)
0f113f3e MC	421	return;
d02b48c6	422
03273d61	423	CRYPTO_atomic_add(&x->references, -1, &i, x->lock);
f3f1cf84	424	REF_PRINT_COUNT("EVP_PKEY", x);
0f113f3e MC	425	if (i > 0)
0f113f3e MC	426	return;
f3f1cf84	427	REF_ASSERT_ISNT(i < 0);
0f113f3e	428	EVP_PKEY_free_it(x);
222561fe	429	sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
0f113f3e MC	430	OPENSSL_free(x);
0f113f3e MC	431	}
d02b48c6	432
6b691a5c	433	static void EVP_PKEY_free_it(EVP_PKEY *x)
0f113f3e	434	{
c5ba2d99	435	/* internal function; x is never NULL */
0f113f3e MC	436	if (x->ameth && x->ameth->pkey_free) {
	437	x->ameth->pkey_free(x);
	438	x->pkey.ptr = NULL;
	439	}
01b8b3c7	440	#ifndef OPENSSL_NO_ENGINE
7c96dbcd RS	441	ENGINE_finish(x->engine);
7c96dbcd RS	442	x->engine = NULL;
01b8b3c7	443	#endif
03273d61	444	CRYPTO_THREAD_lock_free(x->lock);
0f113f3e	445	}
d02b48c6	446
35208f36	447	static int unsup_alg(BIO out, const EVP_PKEY pkey, int indent,
0f113f3e MC	448	const char *kstr)
	449	{
	450	BIO_indent(out, indent, 128);
	451	BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
	452	kstr, OBJ_nid2ln(pkey->type));
	453	return 1;
	454	}
35208f36 DSH	455
35208f36 DSH	456	int EVP_PKEY_print_public(BIO out, const EVP_PKEY pkey,
0f113f3e MC	457	int indent, ASN1_PCTX *pctx)
	458	{
	459	if (pkey->ameth && pkey->ameth->pub_print)
	460	return pkey->ameth->pub_print(out, pkey, indent, pctx);
	461
	462	return unsup_alg(out, pkey, indent, "Public Key");
	463	}
35208f36 DSH	464
35208f36 DSH	465	int EVP_PKEY_print_private(BIO out, const EVP_PKEY pkey,
0f113f3e MC	466	int indent, ASN1_PCTX *pctx)
	467	{
	468	if (pkey->ameth && pkey->ameth->priv_print)
	469	return pkey->ameth->priv_print(out, pkey, indent, pctx);
	470
	471	return unsup_alg(out, pkey, indent, "Private Key");
	472	}
35208f36 DSH	473
35208f36 DSH	474	int EVP_PKEY_print_params(BIO out, const EVP_PKEY pkey,
0f113f3e MC	475	int indent, ASN1_PCTX *pctx)
	476	{
	477	if (pkey->ameth && pkey->ameth->param_print)
	478	return pkey->ameth->param_print(out, pkey, indent, pctx);
	479	return unsup_alg(out, pkey, indent, "Parameters");
	480	}
03919683 DSH	481
03919683 DSH	482	int EVP_PKEY_get_default_digest_nid(EVP_PKEY pkey, int pnid)
0f113f3e MC	483	{
	484	if (!pkey->ameth \|\| !pkey->ameth->pkey_ctrl)
	485	return -2;
	486	return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
	487	0, pnid);
	488	}