[thirdparty/openssl.git] / crypto / x509 / x_all.c

/*
 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/*
 * Low level APIs are deprecated for public use, but still ok for
 * internal use.
 */
#include "internal/deprecated.h"

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include "crypto/x509.h"
#include <openssl/http.h>
#include <openssl/rsa.h>
#include <openssl/dsa.h>
#include <openssl/x509v3.h>

static void clean_id_ctx(EVP_MD_CTX *ctx)
{
    EVP_PKEY_CTX *pctx = EVP_MD_CTX_pkey_ctx(ctx);

    EVP_PKEY_CTX_free(pctx);
    EVP_MD_CTX_free(ctx);
}

static EVP_MD_CTX *make_id_ctx(EVP_PKEY *r, ASN1_OCTET_STRING *id)
{
    EVP_MD_CTX *ctx = NULL;
    EVP_PKEY_CTX *pctx = NULL;

    if ((ctx = EVP_MD_CTX_new()) == NULL
        || (pctx = EVP_PKEY_CTX_new(r, NULL)) == NULL) {
        X509err(0, ERR_R_MALLOC_FAILURE);
        goto error;
    }

#ifndef OPENSSL_NO_EC
    if (id != NULL) {
        if (EVP_PKEY_CTX_set1_id(pctx, id->data, id->length) <= 0) {
            X509err(0, ERR_R_MALLOC_FAILURE);
            goto error;
        }
    }
#endif

    EVP_MD_CTX_set_pkey_ctx(ctx, pctx);

    return ctx;
 error:
    EVP_PKEY_CTX_free(pctx);
    EVP_MD_CTX_free(ctx);
    return NULL;
}

int X509_verify(X509 *a, EVP_PKEY *r)
{
    int rv = 0;
    EVP_MD_CTX *ctx = NULL;
    ASN1_OCTET_STRING *id = NULL;

    if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature))
        return 0;

#ifndef OPENSSL_NO_SM2
    id = a->sm2_id;
#endif

    if ((ctx = make_id_ctx(r, id)) != NULL) {
        rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
                                  &a->signature, &a->cert_info, ctx);
        clean_id_ctx(ctx);
    }
    return rv;
}

int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
{
    int rv = 0;
    EVP_MD_CTX *ctx = NULL;
    ASN1_OCTET_STRING *id = NULL;

#ifndef OPENSSL_NO_SM2
    id = a->sm2_id;
#endif

    if ((ctx = make_id_ctx(r, id)) != NULL) {
        rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), &a->sig_alg,
                                  a->signature, &a->req_info, ctx);
        clean_id_ctx(ctx);
    }
    return rv;
}

int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
{
    return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
                             &a->sig_algor, a->signature, a->spkac, r));
}

int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
{
    x->cert_info.enc.modified = 1;
    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), &x->cert_info.signature,
                           &x->sig_alg, &x->signature, &x->cert_info, pkey,
                           md));
}

int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
{
    x->cert_info.enc.modified = 1;
    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
                              &x->cert_info.signature,
                              &x->sig_alg, &x->signature, &x->cert_info, ctx);
}

#if !defined(OPENSSL_NO_SOCK)
static ASN1_VALUE *simple_get_asn1(const char *url, BIO *bio, BIO *rbio,
                                   int timeout, const ASN1_ITEM *it)
{
    return OSSL_HTTP_get_asn1(url, NULL, NULL /* no proxy and port */, bio,
                              rbio, NULL /* no callback for SSL/TLS */, NULL,
                              NULL /* headers */, 1024 /* maxline */,
                              0 /* max_resp_len */, timeout,
                              NULL /* expected_content_type */, it);
}

X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout)
{
    return (X509 *)simple_get_asn1(url, bio, rbio, timeout,
                                   ASN1_ITEM_rptr(X509));
}
#endif

int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
{
    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL,
                           x->signature, &x->req_info, pkey, md));
}

int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
{
    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
                              &x->sig_alg, NULL, x->signature, &x->req_info,
                              ctx);
}

int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
{
    x->crl.enc.modified = 1;
    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO), &x->crl.sig_alg,
                           &x->sig_alg, &x->signature, &x->crl, pkey, md));
}

int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
{
    x->crl.enc.modified = 1;
    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
                              &x->crl.sig_alg, &x->sig_alg, &x->signature,
                              &x->crl, ctx);
}

#if !defined(OPENSSL_NO_SOCK)
X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout)
{
    return (X509_CRL *)simple_get_asn1(url, bio, rbio, timeout,
                                       ASN1_ITEM_rptr(X509_CRL));
}
#endif

int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
{
    return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), &x->sig_algor, NULL,
                           x->signature, x->spkac, pkey, md));
}

#ifndef OPENSSL_NO_STDIO
X509 *d2i_X509_fp(FILE *fp, X509 **x509)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
}

int i2d_X509_fp(FILE *fp, const X509 *x509)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
}
#endif

X509 *d2i_X509_bio(BIO *bp, X509 **x509)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
}

int i2d_X509_bio(BIO *bp, const X509 *x509)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
}

#ifndef OPENSSL_NO_STDIO
X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
}

int i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
}
#endif

X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
}

int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
}

#ifndef OPENSSL_NO_STDIO
PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
}

int i2d_PKCS7_fp(FILE *fp, const PKCS7 *p7)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
}
#endif

PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
}

int i2d_PKCS7_bio(BIO *bp, const PKCS7 *p7)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
}

#ifndef OPENSSL_NO_STDIO
X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
}

int i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
}
#endif

X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
}

int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
}

#ifndef OPENSSL_NO_RSA

# ifndef OPENSSL_NO_STDIO
RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
}

int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
}

RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
}

RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
{
    return ASN1_d2i_fp((void *(*)(void))
                       RSA_new, (D2I_OF(void)) d2i_RSA_PUBKEY, fp,
                       (void **)rsa);
}

int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
}

int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa)
{
    return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa);
}
# endif

RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
}

int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
}

RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
}

RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
{
    return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa);
}

int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
}

int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa)
{
    return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa);
}
#endif

#ifndef OPENSSL_NO_DSA
# ifndef OPENSSL_NO_STDIO
DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
{
    return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSAPrivateKey, fp, dsa);
}

int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa)
{
    return ASN1_i2d_fp_of(DSA, i2d_DSAPrivateKey, fp, dsa);
}

DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
{
    return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa);
}

int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa)
{
    return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa);
}
# endif

DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
{
    return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAPrivateKey, bp, dsa);
}

int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa)
{
    return ASN1_i2d_bio_of(DSA, i2d_DSAPrivateKey, bp, dsa);
}

DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
{
    return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa);
}

int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa)
{
    return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa);
}

#endif

#ifndef OPENSSL_NO_EC
# ifndef OPENSSL_NO_STDIO
EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
{
    return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey);
}

int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey)
{
    return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey);
}

EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
{
    return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey);
}

int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey)
{
    return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey);
}
# endif
EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
{
    return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey);
}

int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *ecdsa)
{
    return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa);
}

EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
{
    return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey);
}

int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey)
{
    return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey);
}
#endif

int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
                       unsigned char *md, unsigned int *len)
{
    ASN1_BIT_STRING *key;
    key = X509_get0_pubkey_bitstr(data);
    if (!key)
        return 0;
    return EVP_Digest(key->data, key->length, md, len, type, NULL);
}

int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
                unsigned int *len)
{
    if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0) {
        /* Asking for SHA1 and we already computed it. */
        if (len != NULL)
            *len = sizeof(data->sha1_hash);
        memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
        return 1;
    }
    return (ASN1_item_digest
            (ASN1_ITEM_rptr(X509), type, (char *)data, md, len));
}

int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
                    unsigned char *md, unsigned int *len)
{
    if (type == EVP_sha1() && (data->flags & EXFLAG_SET) != 0) {
        /* Asking for SHA1; always computed in CRL d2i. */
        if (len != NULL)
            *len = sizeof(data->sha1_hash);
        memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
        return 1;
    }
    return (ASN1_item_digest
            (ASN1_ITEM_rptr(X509_CRL), type, (char *)data, md, len));
}

int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
                    unsigned char *md, unsigned int *len)
{
    return (ASN1_item_digest
            (ASN1_ITEM_rptr(X509_REQ), type, (char *)data, md, len));
}

int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
                     unsigned char *md, unsigned int *len)
{
    return (ASN1_item_digest
            (ASN1_ITEM_rptr(X509_NAME), type, (char *)data, md, len));
}

int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
                                   const EVP_MD *type, unsigned char *md,
                                   unsigned int *len)
{
    return (ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL), type,
                             (char *)data, md, len));
}

#ifndef OPENSSL_NO_STDIO
X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
{
    return ASN1_d2i_fp_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, fp, p8);
}

int i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8)
{
    return ASN1_i2d_fp_of(X509_SIG, i2d_X509_SIG, fp, p8);
}
#endif

X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
{
    return ASN1_d2i_bio_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, bp, p8);
}

int i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8)
{
    return ASN1_i2d_bio_of(X509_SIG, i2d_X509_SIG, bp, p8);
}

#ifndef OPENSSL_NO_STDIO
X509_PUBKEY *d2i_X509_PUBKEY_fp(FILE *fp, X509_PUBKEY **xpk)
{
    return ASN1_d2i_fp_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
                          fp, xpk);
}

int i2d_X509_PUBKEY_fp(FILE *fp, const X509_PUBKEY *xpk)
{
    return ASN1_i2d_fp_of(X509_PUBKEY, i2d_X509_PUBKEY, fp, xpk);
}
#endif

X509_PUBKEY *d2i_X509_PUBKEY_bio(BIO *bp, X509_PUBKEY **xpk)
{
    return ASN1_d2i_bio_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
                           bp, xpk);
}

int i2d_X509_PUBKEY_bio(BIO *bp, const X509_PUBKEY *xpk)
{
    return ASN1_i2d_bio_of(X509_PUBKEY, i2d_X509_PUBKEY, bp, xpk);
}

#ifndef OPENSSL_NO_STDIO
PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
                                                PKCS8_PRIV_KEY_INFO **p8inf)
{
    return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
                          d2i_PKCS8_PRIV_KEY_INFO, fp, p8inf);
}

int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf)
{
    return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, fp,
                          p8inf);
}

int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key)
{
    PKCS8_PRIV_KEY_INFO *p8inf;
    int ret;

    p8inf = EVP_PKEY2PKCS8(key);
    if (p8inf == NULL)
        return 0;
    ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
    PKCS8_PRIV_KEY_INFO_free(p8inf);
    return ret;
}

int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey)
{
    return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey);
}

EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
{
    return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a);
}

int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey)
{
    return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey);
}

EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
{
    return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, fp, a);
}

#endif

PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
                                                 PKCS8_PRIV_KEY_INFO **p8inf)
{
    return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
                           d2i_PKCS8_PRIV_KEY_INFO, bp, p8inf);
}

int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf)
{
    return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, bp,
                           p8inf);
}

int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key)
{
    PKCS8_PRIV_KEY_INFO *p8inf;
    int ret;

    p8inf = EVP_PKEY2PKCS8(key);
    if (p8inf == NULL)
        return 0;
    ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
    PKCS8_PRIV_KEY_INFO_free(p8inf);
    return ret;
}

int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey)
{
    return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey);
}

EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
{
    return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a);
}

int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey)
{
    return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey);
}

EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
{
    return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, bp, a);
}
Commit	Line	Data
b1322259	1	/*
1f5e0f92	2	* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
d02b48c6	3	*
3e4b43b9	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
b1322259 RS	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
d02b48c6 RE	8	*/
d02b48c6 RE	9
579422c8 P	10	/*
	11	* Low level APIs are deprecated for public use, but still ok for
	12	* internal use.
	13	*/
	14	#include "internal/deprecated.h"
	15
d02b48c6	16	#include <stdio.h>
b39fc560	17	#include "internal/cryptlib.h"
ec577822 BM	18	#include <openssl/buffer.h>
	19	#include <openssl/asn1.h>
	20	#include <openssl/evp.h>
	21	#include <openssl/x509.h>
25f2138b	22	#include "crypto/x509.h"
29f178bd	23	#include <openssl/http.h>
3c27208f RS	24	#include <openssl/rsa.h>
3c27208f RS	25	#include <openssl/dsa.h>
d62210af	26	#include <openssl/x509v3.h>
d02b48c6	27
bbaddbc0 RL	28	static void clean_id_ctx(EVP_MD_CTX *ctx)
	29	{
	30	EVP_PKEY_CTX *pctx = EVP_MD_CTX_pkey_ctx(ctx);
8267becb	31
bbaddbc0 RL	32	EVP_PKEY_CTX_free(pctx);
	33	EVP_MD_CTX_free(ctx);
	34	}
8267becb	35
bbaddbc0	36	static EVP_MD_CTX make_id_ctx(EVP_PKEY r, ASN1_OCTET_STRING *id)
8267becb	37	{
8267becb	38	EVP_MD_CTX *ctx = NULL;
8267becb	39	EVP_PKEY_CTX *pctx = NULL;
8267becb	40
bbaddbc0 RL	41	if ((ctx = EVP_MD_CTX_new()) == NULL
	42	\|\| (pctx = EVP_PKEY_CTX_new(r, NULL)) == NULL) {
	43	X509err(0, ERR_R_MALLOC_FAILURE);
	44	goto error;
8267becb	45	}
8267becb	46
ad5b71be	47	#ifndef OPENSSL_NO_EC
bbaddbc0 RL	48	if (id != NULL) {
	49	if (EVP_PKEY_CTX_set1_id(pctx, id->data, id->length) <= 0) {
	50	X509err(0, ERR_R_MALLOC_FAILURE);
	51	goto error;
	52	}
8267becb	53	}
ad5b71be	54	#endif
8267becb	55
8267becb	56	EVP_MD_CTX_set_pkey_ctx(ctx, pctx);
8267becb	57
bbaddbc0 RL	58	return ctx;
bbaddbc0 RL	59	error:
8267becb	60	EVP_PKEY_CTX_free(pctx);
bbaddbc0 RL	61	EVP_MD_CTX_free(ctx);
bbaddbc0 RL	62	return NULL;
bc42bd62 PY	63	}
bc42bd62 PY	64
6b691a5c	65	int X509_verify(X509 a, EVP_PKEY r)
0f113f3e	66	{
bbaddbc0 RL	67	int rv = 0;
	68	EVP_MD_CTX *ctx = NULL;
	69	ASN1_OCTET_STRING *id = NULL;
8267becb	70
6e63c142	71	if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature))
0f113f3e	72	return 0;
8267becb	73
8267becb	74	#ifndef OPENSSL_NO_SM2
bbaddbc0	75	id = a->sm2_id;
8267becb	76	#endif
8267becb	77
bbaddbc0 RL	78	if ((ctx = make_id_ctx(r, id)) != NULL) {
	79	rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
	80	&a->signature, &a->cert_info, ctx);
	81	clean_id_ctx(ctx);
	82	}
	83	return rv;
0f113f3e	84	}
d02b48c6	85
6b691a5c	86	int X509_REQ_verify(X509_REQ a, EVP_PKEY r)
0f113f3e	87	{
bbaddbc0 RL	88	int rv = 0;
	89	EVP_MD_CTX *ctx = NULL;
	90	ASN1_OCTET_STRING *id = NULL;
bc42bd62	91
bbaddbc0 RL	92	#ifndef OPENSSL_NO_SM2
bbaddbc0 RL	93	id = a->sm2_id;
bc42bd62 PY	94	#endif
bc42bd62 PY	95
bbaddbc0 RL	96	if ((ctx = make_id_ctx(r, id)) != NULL) {
	97	rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), &a->sig_alg,
	98	a->signature, &a->req_info, ctx);
	99	clean_id_ctx(ctx);
	100	}
	101	return rv;
0f113f3e	102	}
d02b48c6	103
6b691a5c	104	int NETSCAPE_SPKI_verify(NETSCAPE_SPKI a, EVP_PKEY r)
0f113f3e MC	105	{
0f113f3e MC	106	return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
6e63c142	107	&a->sig_algor, a->signature, a->spkac, r));
0f113f3e	108	}
d02b48c6	109
6b691a5c	110	int X509_sign(X509 x, EVP_PKEY pkey, const EVP_MD *md)
0f113f3e	111	{
5cf6abd8	112	x->cert_info.enc.modified = 1;
6e63c142	113	return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), &x->cert_info.signature,
81e49438 DSH	114	&x->sig_alg, &x->signature, &x->cert_info, pkey,
81e49438 DSH	115	md));
0f113f3e	116	}
d02b48c6	117
8d207ee3	118	int X509_sign_ctx(X509 x, EVP_MD_CTX ctx)
0f113f3e	119	{
5cf6abd8	120	x->cert_info.enc.modified = 1;
0f113f3e	121	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
6e63c142	122	&x->cert_info.signature,
81e49438	123	&x->sig_alg, &x->signature, &x->cert_info, ctx);
0f113f3e	124	}
8d207ee3	125
29f178bd DDO	126	#if !defined(OPENSSL_NO_SOCK)
	127	static ASN1_VALUE simple_get_asn1(const char url, BIO bio, BIO rbio,
	128	int timeout, const ASN1_ITEM *it)
0f113f3e	129	{
29f178bd DDO	130	return OSSL_HTTP_get_asn1(url, NULL, NULL /* no proxy and port */, bio,
	131	rbio, NULL /* no callback for SSL/TLS */, NULL,
	132	NULL /* headers /, 1024 / maxline */,
	133	0 /* max_resp_len */, timeout,
	134	NULL /* expected_content_type */, it);
	135	}
	136
	137	X509 X509_load_http(const char url, BIO bio, BIO rbio, int timeout)
	138	{
	139	return (X509 *)simple_get_asn1(url, bio, rbio, timeout,
	140	ASN1_ITEM_rptr(X509));
0f113f3e	141	}
3e41ac35	142	#endif
f4042781	143
6b691a5c	144	int X509_REQ_sign(X509_REQ x, EVP_PKEY pkey, const EVP_MD *md)
0f113f3e	145	{
6e63c142	146	return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL,
95ed0e7c	147	x->signature, &x->req_info, pkey, md));
0f113f3e	148	}
d02b48c6	149
8d207ee3	150	int X509_REQ_sign_ctx(X509_REQ x, EVP_MD_CTX ctx)
0f113f3e MC	151	{
0f113f3e MC	152	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
6e63c142	153	&x->sig_alg, NULL, x->signature, &x->req_info,
0f113f3e MC	154	ctx);
0f113f3e MC	155	}
8d207ee3	156
6b691a5c	157	int X509_CRL_sign(X509_CRL x, EVP_PKEY pkey, const EVP_MD *md)
0f113f3e	158	{
7aef39a7	159	x->crl.enc.modified = 1;
6e63c142	160	return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO), &x->crl.sig_alg,
34a42e14	161	&x->sig_alg, &x->signature, &x->crl, pkey, md));
0f113f3e	162	}
d02b48c6	163
8d207ee3	164	int X509_CRL_sign_ctx(X509_CRL x, EVP_MD_CTX ctx)
0f113f3e	165	{
7aef39a7	166	x->crl.enc.modified = 1;
0f113f3e	167	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
34a42e14	168	&x->crl.sig_alg, &x->sig_alg, &x->signature,
7aef39a7	169	&x->crl, ctx);
0f113f3e	170	}
8d207ee3	171
29f178bd DDO	172	#if !defined(OPENSSL_NO_SOCK)
29f178bd DDO	173	X509_CRL X509_CRL_load_http(const char url, BIO bio, BIO rbio, int timeout)
0f113f3e	174	{
29f178bd DDO	175	return (X509_CRL *)simple_get_asn1(url, bio, rbio, timeout,
29f178bd DDO	176	ASN1_ITEM_rptr(X509_CRL));
0f113f3e	177	}
3e41ac35	178	#endif
6f9076ff	179
6b691a5c	180	int NETSCAPE_SPKI_sign(NETSCAPE_SPKI x, EVP_PKEY pkey, const EVP_MD *md)
0f113f3e	181	{
6e63c142	182	return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), &x->sig_algor, NULL,
0f113f3e MC	183	x->signature, x->spkac, pkey, md));
0f113f3e MC	184	}
d02b48c6	185
4b618848	186	#ifndef OPENSSL_NO_STDIO
31a352d1	187	X509 d2i_X509_fp(FILE fp, X509 **x509)
0f113f3e MC	188	{
	189	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
	190	}
d02b48c6	191
9fdcc21f	192	int i2d_X509_fp(FILE fp, const X509 x509)
0f113f3e MC	193	{
	194	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
	195	}
d02b48c6 RE	196	#endif
d02b48c6 RE	197
31a352d1	198	X509 d2i_X509_bio(BIO bp, X509 **x509)
0f113f3e MC	199	{
	200	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
	201	}
d02b48c6	202
9fdcc21f	203	int i2d_X509_bio(BIO bp, const X509 x509)
0f113f3e MC	204	{
	205	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
	206	}
d02b48c6	207
4b618848	208	#ifndef OPENSSL_NO_STDIO
31a352d1	209	X509_CRL d2i_X509_CRL_fp(FILE fp, X509_CRL **crl)
0f113f3e MC	210	{
	211	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
	212	}
d02b48c6	213
9fdcc21f	214	int i2d_X509_CRL_fp(FILE fp, const X509_CRL crl)
0f113f3e MC	215	{
	216	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
	217	}
d02b48c6 RE	218	#endif
d02b48c6 RE	219
31a352d1	220	X509_CRL d2i_X509_CRL_bio(BIO bp, X509_CRL **crl)
0f113f3e MC	221	{
	222	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
	223	}
d02b48c6	224
9fdcc21f	225	int i2d_X509_CRL_bio(BIO bp, const X509_CRL crl)
0f113f3e MC	226	{
	227	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
	228	}
d02b48c6	229
4b618848	230	#ifndef OPENSSL_NO_STDIO
31a352d1	231	PKCS7 d2i_PKCS7_fp(FILE fp, PKCS7 **p7)
0f113f3e MC	232	{
	233	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
	234	}
d02b48c6	235
9fdcc21f	236	int i2d_PKCS7_fp(FILE fp, const PKCS7 p7)
0f113f3e MC	237	{
	238	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
	239	}
d02b48c6 RE	240	#endif
d02b48c6 RE	241
31a352d1	242	PKCS7 d2i_PKCS7_bio(BIO bp, PKCS7 **p7)
0f113f3e MC	243	{
	244	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
	245	}
d02b48c6	246
9fdcc21f	247	int i2d_PKCS7_bio(BIO bp, const PKCS7 p7)
0f113f3e MC	248	{
	249	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
	250	}
d02b48c6	251
4b618848	252	#ifndef OPENSSL_NO_STDIO
31a352d1	253	X509_REQ d2i_X509_REQ_fp(FILE fp, X509_REQ **req)
0f113f3e MC	254	{
	255	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
	256	}
d02b48c6	257
9fdcc21f	258	int i2d_X509_REQ_fp(FILE fp, const X509_REQ req)
0f113f3e MC	259	{
	260	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
	261	}
d02b48c6 RE	262	#endif
d02b48c6 RE	263
31a352d1	264	X509_REQ d2i_X509_REQ_bio(BIO bp, X509_REQ **req)
0f113f3e MC	265	{
	266	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
	267	}
d02b48c6	268
9fdcc21f	269	int i2d_X509_REQ_bio(BIO bp, const X509_REQ req)
0f113f3e MC	270	{
	271	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
	272	}
d02b48c6	273
cf1b7d96	274	#ifndef OPENSSL_NO_RSA
d02b48c6	275
0f113f3e	276	# ifndef OPENSSL_NO_STDIO
31a352d1	277	RSA d2i_RSAPrivateKey_fp(FILE fp, RSA **rsa)
0f113f3e MC	278	{
	279	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
	280	}
d02b48c6	281
9fdcc21f	282	int i2d_RSAPrivateKey_fp(FILE fp, const RSA rsa)
0f113f3e MC	283	{
	284	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
	285	}
d02b48c6	286
31a352d1	287	RSA d2i_RSAPublicKey_fp(FILE fp, RSA **rsa)
0f113f3e MC	288	{
	289	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
	290	}
4e1209eb	291
52664f50	292	RSA d2i_RSA_PUBKEY_fp(FILE fp, RSA **rsa)
0f113f3e MC	293	{
	294	return ASN1_d2i_fp((void ()(void))
	295	RSA_new, (D2I_OF(void)) d2i_RSA_PUBKEY, fp,
	296	(void **)rsa);
	297	}
52664f50	298
9fdcc21f	299	int i2d_RSAPublicKey_fp(FILE fp, const RSA rsa)
0f113f3e MC	300	{
	301	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
	302	}
52664f50	303
9fdcc21f	304	int i2d_RSA_PUBKEY_fp(FILE fp, const RSA rsa)
0f113f3e MC	305	{
	306	return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa);
	307	}
	308	# endif
d02b48c6	309
31a352d1	310	RSA d2i_RSAPrivateKey_bio(BIO bp, RSA **rsa)
0f113f3e MC	311	{
	312	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
	313	}
d02b48c6	314
9fdcc21f	315	int i2d_RSAPrivateKey_bio(BIO bp, const RSA rsa)
0f113f3e MC	316	{
	317	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
	318	}
d02b48c6	319
31a352d1	320	RSA d2i_RSAPublicKey_bio(BIO bp, RSA **rsa)
0f113f3e MC	321	{
	322	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
	323	}
4e1209eb	324
52664f50	325	RSA d2i_RSA_PUBKEY_bio(BIO bp, RSA **rsa)
0f113f3e MC	326	{
	327	return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa);
	328	}
52664f50	329
9fdcc21f	330	int i2d_RSAPublicKey_bio(BIO bp, const RSA rsa)
0f113f3e MC	331	{
	332	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
	333	}
52664f50	334
9fdcc21f	335	int i2d_RSA_PUBKEY_bio(BIO bp, const RSA rsa)
0f113f3e MC	336	{
	337	return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa);
	338	}
d02b48c6 RE	339	#endif
d02b48c6 RE	340
cf1b7d96	341	#ifndef OPENSSL_NO_DSA
0f113f3e	342	# ifndef OPENSSL_NO_STDIO
31a352d1	343	DSA d2i_DSAPrivateKey_fp(FILE fp, DSA **dsa)
0f113f3e MC	344	{
	345	return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSAPrivateKey, fp, dsa);
	346	}
d02b48c6	347
9fdcc21f	348	int i2d_DSAPrivateKey_fp(FILE fp, const DSA dsa)
0f113f3e	349	{
9fdcc21f	350	return ASN1_i2d_fp_of(DSA, i2d_DSAPrivateKey, fp, dsa);
0f113f3e	351	}
3ea23631	352
52664f50	353	DSA d2i_DSA_PUBKEY_fp(FILE fp, DSA **dsa)
0f113f3e MC	354	{
	355	return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa);
	356	}
3ea23631	357
9fdcc21f	358	int i2d_DSA_PUBKEY_fp(FILE fp, const DSA dsa)
0f113f3e MC	359	{
	360	return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa);
	361	}
	362	# endif
d02b48c6	363
31a352d1	364	DSA d2i_DSAPrivateKey_bio(BIO bp, DSA **dsa)
0f113f3e MC	365	{
	366	return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAPrivateKey, bp, dsa);
	367	}
d02b48c6	368
9fdcc21f	369	int i2d_DSAPrivateKey_bio(BIO bp, const DSA dsa)
0f113f3e	370	{
9fdcc21f	371	return ASN1_i2d_bio_of(DSA, i2d_DSAPrivateKey, bp, dsa);
0f113f3e	372	}
3ea23631	373
52664f50	374	DSA d2i_DSA_PUBKEY_bio(BIO bp, DSA **dsa)
0f113f3e MC	375	{
	376	return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa);
	377	}
3ea23631	378
9fdcc21f	379	int i2d_DSA_PUBKEY_bio(BIO bp, const DSA dsa)
0f113f3e MC	380	{
	381	return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa);
	382	}
3ea23631	383
d02b48c6 RE	384	#endif
d02b48c6 RE	385
14a7cfb3	386	#ifndef OPENSSL_NO_EC
0f113f3e	387	# ifndef OPENSSL_NO_STDIO
14a7cfb3	388	EC_KEY d2i_EC_PUBKEY_fp(FILE fp, EC_KEY **eckey)
0f113f3e MC	389	{
	390	return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey);
	391	}
	392
9fdcc21f	393	int i2d_EC_PUBKEY_fp(FILE fp, const EC_KEY eckey)
0f113f3e MC	394	{
	395	return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey);
	396	}
14a7cfb3 BM	397
14a7cfb3 BM	398	EC_KEY d2i_ECPrivateKey_fp(FILE fp, EC_KEY **eckey)
0f113f3e MC	399	{
	400	return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey);
	401	}
	402
9fdcc21f	403	int i2d_ECPrivateKey_fp(FILE fp, const EC_KEY eckey)
0f113f3e MC	404	{
	405	return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey);
	406	}
	407	# endif
14a7cfb3	408	EC_KEY d2i_EC_PUBKEY_bio(BIO bp, EC_KEY **eckey)
0f113f3e MC	409	{
	410	return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey);
	411	}
	412
9fdcc21f	413	int i2d_EC_PUBKEY_bio(BIO bp, const EC_KEY ecdsa)
0f113f3e MC	414	{
	415	return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa);
	416	}
14a7cfb3 BM	417
14a7cfb3 BM	418	EC_KEY d2i_ECPrivateKey_bio(BIO bp, EC_KEY **eckey)
0f113f3e MC	419	{
	420	return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey);
	421	}
	422
9fdcc21f	423	int i2d_ECPrivateKey_bio(BIO bp, const EC_KEY eckey)
0f113f3e MC	424	{
	425	return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey);
	426	}
4d94ae00 BM	427	#endif
4d94ae00 BM	428
0f113f3e MC	429	int X509_pubkey_digest(const X509 data, const EVP_MD type,
	430	unsigned char md, unsigned int len)
	431	{
	432	ASN1_BIT_STRING *key;
	433	key = X509_get0_pubkey_bitstr(data);
	434	if (!key)
	435	return 0;
	436	return EVP_Digest(key->data, key->length, md, len, type, NULL);
	437	}
88ce56f8	438
ccd86b68	439	int X509_digest(const X509 data, const EVP_MD type, unsigned char *md,
0f113f3e MC	440	unsigned int *len)
0f113f3e MC	441	{
3e5d9da5 RS	442	if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0) {
	443	/* Asking for SHA1 and we already computed it. */
	444	if (len != NULL)
	445	*len = sizeof(data->sha1_hash);
	446	memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
	447	return 1;
	448	}
0f113f3e MC	449	return (ASN1_item_digest
	450	(ASN1_ITEM_rptr(X509), type, (char *)data, md, len));
	451	}
	452
	453	int X509_CRL_digest(const X509_CRL data, const EVP_MD type,
	454	unsigned char md, unsigned int len)
	455	{
6195848b	456	if (type == EVP_sha1() && (data->flags & EXFLAG_SET) != 0) {
3e5d9da5 RS	457	/* Asking for SHA1; always computed in CRL d2i. */
	458	if (len != NULL)
	459	*len = sizeof(data->sha1_hash);
	460	memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
	461	return 1;
	462	}
0f113f3e MC	463	return (ASN1_item_digest
	464	(ASN1_ITEM_rptr(X509_CRL), type, (char *)data, md, len));
	465	}
d02b48c6	466
0f113f3e MC	467	int X509_REQ_digest(const X509_REQ data, const EVP_MD type,
	468	unsigned char md, unsigned int len)
	469	{
	470	return (ASN1_item_digest
	471	(ASN1_ITEM_rptr(X509_REQ), type, (char *)data, md, len));
	472	}
	473
	474	int X509_NAME_digest(const X509_NAME data, const EVP_MD type,
	475	unsigned char md, unsigned int len)
	476	{
	477	return (ASN1_item_digest
	478	(ASN1_ITEM_rptr(X509_NAME), type, (char *)data, md, len));
	479	}
	480
	481	int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
	482	const EVP_MD type, unsigned char md,
	483	unsigned int *len)
	484	{
	485	return (ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL), type,
	486	(char *)data, md, len));
	487	}
3cbb7937	488
4b618848	489	#ifndef OPENSSL_NO_STDIO
3cbb7937	490	X509_SIG d2i_PKCS8_fp(FILE fp, X509_SIG **p8)
0f113f3e MC	491	{
	492	return ASN1_d2i_fp_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, fp, p8);
	493	}
3cbb7937	494
9fdcc21f	495	int i2d_PKCS8_fp(FILE fp, const X509_SIG p8)
0f113f3e MC	496	{
	497	return ASN1_i2d_fp_of(X509_SIG, i2d_X509_SIG, fp, p8);
	498	}
3cbb7937 DSH	499	#endif
	500
	501	X509_SIG d2i_PKCS8_bio(BIO bp, X509_SIG **p8)
0f113f3e MC	502	{
	503	return ASN1_d2i_bio_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, bp, p8);
	504	}
3cbb7937	505
9fdcc21f	506	int i2d_PKCS8_bio(BIO bp, const X509_SIG p8)
0f113f3e MC	507	{
	508	return ASN1_i2d_bio_of(X509_SIG, i2d_X509_SIG, bp, p8);
	509	}
3cbb7937	510
cb58d81e RL	511	#ifndef OPENSSL_NO_STDIO
	512	X509_PUBKEY d2i_X509_PUBKEY_fp(FILE fp, X509_PUBKEY **xpk)
	513	{
	514	return ASN1_d2i_fp_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
	515	fp, xpk);
	516	}
	517
	518	int i2d_X509_PUBKEY_fp(FILE fp, const X509_PUBKEY xpk)
	519	{
	520	return ASN1_i2d_fp_of(X509_PUBKEY, i2d_X509_PUBKEY, fp, xpk);
	521	}
	522	#endif
	523
	524	X509_PUBKEY d2i_X509_PUBKEY_bio(BIO bp, X509_PUBKEY **xpk)
	525	{
	526	return ASN1_d2i_bio_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
	527	bp, xpk);
	528	}
	529
	530	int i2d_X509_PUBKEY_bio(BIO bp, const X509_PUBKEY xpk)
	531	{
	532	return ASN1_i2d_bio_of(X509_PUBKEY, i2d_X509_PUBKEY, bp, xpk);
	533	}
	534
4b618848	535	#ifndef OPENSSL_NO_STDIO
3cbb7937	536	PKCS8_PRIV_KEY_INFO d2i_PKCS8_PRIV_KEY_INFO_fp(FILE fp,
0f113f3e MC	537	PKCS8_PRIV_KEY_INFO **p8inf)
	538	{
	539	return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
	540	d2i_PKCS8_PRIV_KEY_INFO, fp, p8inf);
	541	}
3cbb7937	542
9fdcc21f	543	int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE fp, const PKCS8_PRIV_KEY_INFO p8inf)
0f113f3e MC	544	{
	545	return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, fp,
	546	p8inf);
	547	}
36217a94	548
9fdcc21f	549	int i2d_PKCS8PrivateKeyInfo_fp(FILE fp, const EVP_PKEY key)
0f113f3e MC	550	{
	551	PKCS8_PRIV_KEY_INFO *p8inf;
	552	int ret;
12a765a5	553
0f113f3e	554	p8inf = EVP_PKEY2PKCS8(key);
12a765a5	555	if (p8inf == NULL)
0f113f3e MC	556	return 0;
	557	ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
	558	PKCS8_PRIV_KEY_INFO_free(p8inf);
	559	return ret;
	560	}
36217a94	561
9fdcc21f	562	int i2d_PrivateKey_fp(FILE fp, const EVP_PKEY pkey)
0f113f3e MC	563	{
	564	return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey);
	565	}
e6f3c585	566
20432eae	567	EVP_PKEY d2i_PrivateKey_fp(FILE fp, EVP_PKEY **a)
e6f3c585	568	{
0f113f3e	569	return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a);
e6f3c585 DSH	570	}
e6f3c585 DSH	571
9fdcc21f	572	int i2d_PUBKEY_fp(FILE fp, const EVP_PKEY pkey)
0f113f3e MC	573	{
	574	return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey);
	575	}
bd08a2bd DSH	576
	577	EVP_PKEY d2i_PUBKEY_fp(FILE fp, EVP_PKEY **a)
	578	{
0f113f3e	579	return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, fp, a);
bd08a2bd DSH	580	}
bd08a2bd DSH	581
3cbb7937 DSH	582	#endif
	583
	584	PKCS8_PRIV_KEY_INFO d2i_PKCS8_PRIV_KEY_INFO_bio(BIO bp,
0f113f3e MC	585	PKCS8_PRIV_KEY_INFO **p8inf)
	586	{
	587	return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
	588	d2i_PKCS8_PRIV_KEY_INFO, bp, p8inf);
	589	}
3cbb7937	590
9fdcc21f	591	int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO bp, const PKCS8_PRIV_KEY_INFO p8inf)
0f113f3e MC	592	{
	593	return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, bp,
	594	p8inf);
	595	}
36217a94	596
9fdcc21f	597	int i2d_PKCS8PrivateKeyInfo_bio(BIO bp, const EVP_PKEY key)
0f113f3e MC	598	{
	599	PKCS8_PRIV_KEY_INFO *p8inf;
	600	int ret;
12a765a5	601
0f113f3e	602	p8inf = EVP_PKEY2PKCS8(key);
12a765a5	603	if (p8inf == NULL)
0f113f3e MC	604	return 0;
	605	ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
	606	PKCS8_PRIV_KEY_INFO_free(p8inf);
	607	return ret;
	608	}
e6f3c585	609
9fdcc21f	610	int i2d_PrivateKey_bio(BIO bp, const EVP_PKEY pkey)
0f113f3e MC	611	{
	612	return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey);
	613	}
e6f3c585	614
20432eae	615	EVP_PKEY d2i_PrivateKey_bio(BIO bp, EVP_PKEY **a)
0f113f3e MC	616	{
	617	return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a);
	618	}
bd08a2bd	619
9fdcc21f	620	int i2d_PUBKEY_bio(BIO bp, const EVP_PKEY pkey)
0f113f3e MC	621	{
	622	return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey);
	623	}
bd08a2bd DSH	624
bd08a2bd DSH	625	EVP_PKEY d2i_PUBKEY_bio(BIO bp, EVP_PKEY **a)
0f113f3e MC	626	{
	627	return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, bp, a);
	628	}