[thirdparty/openssl.git] / crypto / x509 / x_all.c

/*
 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include "crypto/x509.h"
#include <openssl/ocsp.h>
#include <openssl/rsa.h>
#include <openssl/dsa.h>
#include <openssl/x509v3.h>

static void clean_id_ctx(EVP_MD_CTX *ctx)
{
    EVP_PKEY_CTX *pctx = EVP_MD_CTX_pkey_ctx(ctx);

    EVP_PKEY_CTX_free(pctx);
    EVP_MD_CTX_free(ctx);
}

static EVP_MD_CTX *make_id_ctx(EVP_PKEY *r, ASN1_OCTET_STRING *id)
{
    EVP_MD_CTX *ctx = NULL;
    EVP_PKEY_CTX *pctx = NULL;

    if ((ctx = EVP_MD_CTX_new()) == NULL
        || (pctx = EVP_PKEY_CTX_new(r, NULL)) == NULL) {
        X509err(0, ERR_R_MALLOC_FAILURE);
        goto error;
    }

    if (id != NULL) {
        if (EVP_PKEY_CTX_set1_id(pctx, id->data, id->length) <= 0) {
            X509err(0, ERR_R_MALLOC_FAILURE);
            goto error;
        }
    }

    EVP_MD_CTX_set_pkey_ctx(ctx, pctx);

    return ctx;
 error:
    EVP_PKEY_CTX_free(pctx);
    EVP_MD_CTX_free(ctx);
    return NULL;
}

int X509_verify(X509 *a, EVP_PKEY *r)
{
    int rv = 0;
    EVP_MD_CTX *ctx = NULL;
    ASN1_OCTET_STRING *id = NULL;

    if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature))
        return 0;

#ifndef OPENSSL_NO_SM2
    id = a->sm2_id;
#endif

    if ((ctx = make_id_ctx(r, id)) != NULL) {
        rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
                                  &a->signature, &a->cert_info, ctx);
        clean_id_ctx(ctx);
    }
    return rv;
}

int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
{
    int rv = 0;
    EVP_MD_CTX *ctx = NULL;
    ASN1_OCTET_STRING *id = NULL;

#ifndef OPENSSL_NO_SM2
    id = a->sm2_id;
#endif

    if ((ctx = make_id_ctx(r, id)) != NULL) {
        rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), &a->sig_alg,
                                  a->signature, &a->req_info, ctx);
        clean_id_ctx(ctx);
    }
    return rv;
}

int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
{
    return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
                             &a->sig_algor, a->signature, a->spkac, r));
}

int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
{
    x->cert_info.enc.modified = 1;
    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), &x->cert_info.signature,
                           &x->sig_alg, &x->signature, &x->cert_info, pkey,
                           md));
}

int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
{
    x->cert_info.enc.modified = 1;
    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
                              &x->cert_info.signature,
                              &x->sig_alg, &x->signature, &x->cert_info, ctx);
}

#ifndef OPENSSL_NO_OCSP
int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert)
{
    return OCSP_REQ_CTX_nbio_d2i(rctx,
                                 (ASN1_VALUE **)pcert, ASN1_ITEM_rptr(X509));
}
#endif

int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
{
    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL,
                           x->signature, &x->req_info, pkey, md));
}

int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
{
    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
                              &x->sig_alg, NULL, x->signature, &x->req_info,
                              ctx);
}

int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
{
    x->crl.enc.modified = 1;
    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO), &x->crl.sig_alg,
                           &x->sig_alg, &x->signature, &x->crl, pkey, md));
}

int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
{
    x->crl.enc.modified = 1;
    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
                              &x->crl.sig_alg, &x->sig_alg, &x->signature,
                              &x->crl, ctx);
}

#ifndef OPENSSL_NO_OCSP
int X509_CRL_http_nbio(OCSP_REQ_CTX *rctx, X509_CRL **pcrl)
{
    return OCSP_REQ_CTX_nbio_d2i(rctx,
                                 (ASN1_VALUE **)pcrl,
                                 ASN1_ITEM_rptr(X509_CRL));
}
#endif

int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
{
    return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), &x->sig_algor, NULL,
                           x->signature, x->spkac, pkey, md));
}

#ifndef OPENSSL_NO_STDIO
X509 *d2i_X509_fp(FILE *fp, X509 **x509)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
}

int i2d_X509_fp(FILE *fp, const X509 *x509)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
}
#endif

X509 *d2i_X509_bio(BIO *bp, X509 **x509)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
}

int i2d_X509_bio(BIO *bp, const X509 *x509)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
}

#ifndef OPENSSL_NO_STDIO
X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
}

int i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
}
#endif

X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
}

int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
}

#ifndef OPENSSL_NO_STDIO
PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
}

int i2d_PKCS7_fp(FILE *fp, const PKCS7 *p7)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
}
#endif

PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
}

int i2d_PKCS7_bio(BIO *bp, const PKCS7 *p7)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
}

#ifndef OPENSSL_NO_STDIO
X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
}

int i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
}
#endif

X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
}

int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
}

#ifndef OPENSSL_NO_RSA

# ifndef OPENSSL_NO_STDIO
RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
}

int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
}

RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
{
    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
}

RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
{
    return ASN1_d2i_fp((void *(*)(void))
                       RSA_new, (D2I_OF(void)) d2i_RSA_PUBKEY, fp,
                       (void **)rsa);
}

int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa)
{
    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
}

int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa)
{
    return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa);
}
# endif

RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
}

int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
}

RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
{
    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
}

RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
{
    return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa);
}

int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa)
{
    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
}

int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa)
{
    return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa);
}
#endif

#ifndef OPENSSL_NO_DSA
# ifndef OPENSSL_NO_STDIO
DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
{
    return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSAPrivateKey, fp, dsa);
}

int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa)
{
    return ASN1_i2d_fp_of(DSA, i2d_DSAPrivateKey, fp, dsa);
}

DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
{
    return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa);
}

int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa)
{
    return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa);
}
# endif

DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
{
    return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAPrivateKey, bp, dsa);
}

int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa)
{
    return ASN1_i2d_bio_of(DSA, i2d_DSAPrivateKey, bp, dsa);
}

DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
{
    return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa);
}

int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa)
{
    return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa);
}

#endif

#ifndef OPENSSL_NO_EC
# ifndef OPENSSL_NO_STDIO
EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
{
    return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey);
}

int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey)
{
    return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey);
}

EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
{
    return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey);
}

int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey)
{
    return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey);
}
# endif
EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
{
    return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey);
}

int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *ecdsa)
{
    return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa);
}

EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
{
    return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey);
}

int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey)
{
    return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey);
}
#endif

int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
                       unsigned char *md, unsigned int *len)
{
    ASN1_BIT_STRING *key;
    key = X509_get0_pubkey_bitstr(data);
    if (!key)
        return 0;
    return EVP_Digest(key->data, key->length, md, len, type, NULL);
}

int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
                unsigned int *len)
{
    if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0) {
        /* Asking for SHA1 and we already computed it. */
        if (len != NULL)
            *len = sizeof(data->sha1_hash);
        memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
        return 1;
    }
    return (ASN1_item_digest
            (ASN1_ITEM_rptr(X509), type, (char *)data, md, len));
}

int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
                    unsigned char *md, unsigned int *len)
{
    if (type == EVP_sha1() && (data->flags & EXFLAG_SET) != 0) {
        /* Asking for SHA1; always computed in CRL d2i. */
        if (len != NULL)
            *len = sizeof(data->sha1_hash);
        memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
        return 1;
    }
    return (ASN1_item_digest
            (ASN1_ITEM_rptr(X509_CRL), type, (char *)data, md, len));
}

int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
                    unsigned char *md, unsigned int *len)
{
    return (ASN1_item_digest
            (ASN1_ITEM_rptr(X509_REQ), type, (char *)data, md, len));
}

int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
                     unsigned char *md, unsigned int *len)
{
    return (ASN1_item_digest
            (ASN1_ITEM_rptr(X509_NAME), type, (char *)data, md, len));
}

int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
                                   const EVP_MD *type, unsigned char *md,
                                   unsigned int *len)
{
    return (ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL), type,
                             (char *)data, md, len));
}

#ifndef OPENSSL_NO_STDIO
X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
{
    return ASN1_d2i_fp_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, fp, p8);
}

int i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8)
{
    return ASN1_i2d_fp_of(X509_SIG, i2d_X509_SIG, fp, p8);
}
#endif

X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
{
    return ASN1_d2i_bio_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, bp, p8);
}

int i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8)
{
    return ASN1_i2d_bio_of(X509_SIG, i2d_X509_SIG, bp, p8);
}

#ifndef OPENSSL_NO_STDIO
X509_PUBKEY *d2i_X509_PUBKEY_fp(FILE *fp, X509_PUBKEY **xpk)
{
    return ASN1_d2i_fp_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
                          fp, xpk);
}

int i2d_X509_PUBKEY_fp(FILE *fp, const X509_PUBKEY *xpk)
{
    return ASN1_i2d_fp_of(X509_PUBKEY, i2d_X509_PUBKEY, fp, xpk);
}
#endif

X509_PUBKEY *d2i_X509_PUBKEY_bio(BIO *bp, X509_PUBKEY **xpk)
{
    return ASN1_d2i_bio_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
                           bp, xpk);
}

int i2d_X509_PUBKEY_bio(BIO *bp, const X509_PUBKEY *xpk)
{
    return ASN1_i2d_bio_of(X509_PUBKEY, i2d_X509_PUBKEY, bp, xpk);
}

#ifndef OPENSSL_NO_STDIO
PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
                                                PKCS8_PRIV_KEY_INFO **p8inf)
{
    return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
                          d2i_PKCS8_PRIV_KEY_INFO, fp, p8inf);
}

int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf)
{
    return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, fp,
                          p8inf);
}

int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key)
{
    PKCS8_PRIV_KEY_INFO *p8inf;
    int ret;

    p8inf = EVP_PKEY2PKCS8(key);
    if (p8inf == NULL)
        return 0;
    ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
    PKCS8_PRIV_KEY_INFO_free(p8inf);
    return ret;
}

int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey)
{
    return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey);
}

EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
{
    return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a);
}

int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey)
{
    return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey);
}

EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
{
    return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, fp, a);
}

#endif

PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
                                                 PKCS8_PRIV_KEY_INFO **p8inf)
{
    return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
                           d2i_PKCS8_PRIV_KEY_INFO, bp, p8inf);
}

int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf)
{
    return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, bp,
                           p8inf);
}

int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key)
{
    PKCS8_PRIV_KEY_INFO *p8inf;
    int ret;

    p8inf = EVP_PKEY2PKCS8(key);
    if (p8inf == NULL)
        return 0;
    ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
    PKCS8_PRIV_KEY_INFO_free(p8inf);
    return ret;
}

int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey)
{
    return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey);
}

EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
{
    return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a);
}

int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey)
{
    return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey);
}

EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
{
    return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, bp, a);
}
Commit	Line	Data
b1322259	1	/*
1f5e0f92	2	* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
d02b48c6	3	*
3e4b43b9	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
b1322259 RS	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
d02b48c6 RE	8	*/
	9
	10	#include <stdio.h>
b39fc560	11	#include "internal/cryptlib.h"
ec577822 BM	12	#include <openssl/buffer.h>
	13	#include <openssl/asn1.h>
	14	#include <openssl/evp.h>
	15	#include <openssl/x509.h>
25f2138b	16	#include "crypto/x509.h"
6f9076ff	17	#include <openssl/ocsp.h>
3c27208f RS	18	#include <openssl/rsa.h>
3c27208f RS	19	#include <openssl/dsa.h>
d62210af	20	#include <openssl/x509v3.h>
d02b48c6	21
bbaddbc0 RL	22	static void clean_id_ctx(EVP_MD_CTX *ctx)
	23	{
	24	EVP_PKEY_CTX *pctx = EVP_MD_CTX_pkey_ctx(ctx);
8267becb	25
bbaddbc0 RL	26	EVP_PKEY_CTX_free(pctx);
	27	EVP_MD_CTX_free(ctx);
	28	}
8267becb	29
bbaddbc0	30	static EVP_MD_CTX make_id_ctx(EVP_PKEY r, ASN1_OCTET_STRING *id)
8267becb	31	{
8267becb	32	EVP_MD_CTX *ctx = NULL;
8267becb	33	EVP_PKEY_CTX *pctx = NULL;
8267becb	34
bbaddbc0 RL	35	if ((ctx = EVP_MD_CTX_new()) == NULL
	36	\|\| (pctx = EVP_PKEY_CTX_new(r, NULL)) == NULL) {
	37	X509err(0, ERR_R_MALLOC_FAILURE);
	38	goto error;
8267becb	39	}
8267becb	40
bbaddbc0 RL	41	if (id != NULL) {
	42	if (EVP_PKEY_CTX_set1_id(pctx, id->data, id->length) <= 0) {
	43	X509err(0, ERR_R_MALLOC_FAILURE);
	44	goto error;
	45	}
8267becb	46	}
8267becb	47
8267becb	48	EVP_MD_CTX_set_pkey_ctx(ctx, pctx);
8267becb	49
bbaddbc0 RL	50	return ctx;
bbaddbc0 RL	51	error:
8267becb	52	EVP_PKEY_CTX_free(pctx);
bbaddbc0 RL	53	EVP_MD_CTX_free(ctx);
bbaddbc0 RL	54	return NULL;
bc42bd62 PY	55	}
bc42bd62 PY	56
6b691a5c	57	int X509_verify(X509 a, EVP_PKEY r)
0f113f3e	58	{
bbaddbc0 RL	59	int rv = 0;
	60	EVP_MD_CTX *ctx = NULL;
	61	ASN1_OCTET_STRING *id = NULL;
8267becb	62
6e63c142	63	if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature))
0f113f3e	64	return 0;
8267becb	65
8267becb	66	#ifndef OPENSSL_NO_SM2
bbaddbc0	67	id = a->sm2_id;
8267becb	68	#endif
8267becb	69
bbaddbc0 RL	70	if ((ctx = make_id_ctx(r, id)) != NULL) {
	71	rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
	72	&a->signature, &a->cert_info, ctx);
	73	clean_id_ctx(ctx);
	74	}
	75	return rv;
0f113f3e	76	}
d02b48c6	77
6b691a5c	78	int X509_REQ_verify(X509_REQ a, EVP_PKEY r)
0f113f3e	79	{
bbaddbc0 RL	80	int rv = 0;
	81	EVP_MD_CTX *ctx = NULL;
	82	ASN1_OCTET_STRING *id = NULL;
bc42bd62	83
bbaddbc0 RL	84	#ifndef OPENSSL_NO_SM2
bbaddbc0 RL	85	id = a->sm2_id;
bc42bd62 PY	86	#endif
bc42bd62 PY	87
bbaddbc0 RL	88	if ((ctx = make_id_ctx(r, id)) != NULL) {
	89	rv = ASN1_item_verify_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), &a->sig_alg,
	90	a->signature, &a->req_info, ctx);
	91	clean_id_ctx(ctx);
	92	}
	93	return rv;
0f113f3e	94	}
d02b48c6	95
6b691a5c	96	int NETSCAPE_SPKI_verify(NETSCAPE_SPKI a, EVP_PKEY r)
0f113f3e MC	97	{
0f113f3e MC	98	return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
6e63c142	99	&a->sig_algor, a->signature, a->spkac, r));
0f113f3e	100	}
d02b48c6	101
6b691a5c	102	int X509_sign(X509 x, EVP_PKEY pkey, const EVP_MD *md)
0f113f3e	103	{
5cf6abd8	104	x->cert_info.enc.modified = 1;
6e63c142	105	return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), &x->cert_info.signature,
81e49438 DSH	106	&x->sig_alg, &x->signature, &x->cert_info, pkey,
81e49438 DSH	107	md));
0f113f3e	108	}
d02b48c6	109
8d207ee3	110	int X509_sign_ctx(X509 x, EVP_MD_CTX ctx)
0f113f3e	111	{
5cf6abd8	112	x->cert_info.enc.modified = 1;
0f113f3e	113	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
6e63c142	114	&x->cert_info.signature,
81e49438	115	&x->sig_alg, &x->signature, &x->cert_info, ctx);
0f113f3e	116	}
8d207ee3	117
3e41ac35	118	#ifndef OPENSSL_NO_OCSP
f4042781	119	int X509_http_nbio(OCSP_REQ_CTX rctx, X509 *pcert)
0f113f3e MC	120	{
	121	return OCSP_REQ_CTX_nbio_d2i(rctx,
	122	(ASN1_VALUE **)pcert, ASN1_ITEM_rptr(X509));
	123	}
3e41ac35	124	#endif
f4042781	125
6b691a5c	126	int X509_REQ_sign(X509_REQ x, EVP_PKEY pkey, const EVP_MD *md)
0f113f3e	127	{
6e63c142	128	return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL,
95ed0e7c	129	x->signature, &x->req_info, pkey, md));
0f113f3e	130	}
d02b48c6	131
8d207ee3	132	int X509_REQ_sign_ctx(X509_REQ x, EVP_MD_CTX ctx)
0f113f3e MC	133	{
0f113f3e MC	134	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
6e63c142	135	&x->sig_alg, NULL, x->signature, &x->req_info,
0f113f3e MC	136	ctx);
0f113f3e MC	137	}
8d207ee3	138
6b691a5c	139	int X509_CRL_sign(X509_CRL x, EVP_PKEY pkey, const EVP_MD *md)
0f113f3e	140	{
7aef39a7	141	x->crl.enc.modified = 1;
6e63c142	142	return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO), &x->crl.sig_alg,
34a42e14	143	&x->sig_alg, &x->signature, &x->crl, pkey, md));
0f113f3e	144	}
d02b48c6	145
8d207ee3	146	int X509_CRL_sign_ctx(X509_CRL x, EVP_MD_CTX ctx)
0f113f3e	147	{
7aef39a7	148	x->crl.enc.modified = 1;
0f113f3e	149	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
34a42e14	150	&x->crl.sig_alg, &x->sig_alg, &x->signature,
7aef39a7	151	&x->crl, ctx);
0f113f3e	152	}
8d207ee3	153
3e41ac35	154	#ifndef OPENSSL_NO_OCSP
6f9076ff	155	int X509_CRL_http_nbio(OCSP_REQ_CTX rctx, X509_CRL *pcrl)
0f113f3e MC	156	{
	157	return OCSP_REQ_CTX_nbio_d2i(rctx,
	158	(ASN1_VALUE **)pcrl,
	159	ASN1_ITEM_rptr(X509_CRL));
	160	}
3e41ac35	161	#endif
6f9076ff	162
6b691a5c	163	int NETSCAPE_SPKI_sign(NETSCAPE_SPKI x, EVP_PKEY pkey, const EVP_MD *md)
0f113f3e	164	{
6e63c142	165	return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), &x->sig_algor, NULL,
0f113f3e MC	166	x->signature, x->spkac, pkey, md));
0f113f3e MC	167	}
d02b48c6	168
4b618848	169	#ifndef OPENSSL_NO_STDIO
31a352d1	170	X509 d2i_X509_fp(FILE fp, X509 **x509)
0f113f3e MC	171	{
	172	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
	173	}
d02b48c6	174
9fdcc21f	175	int i2d_X509_fp(FILE fp, const X509 x509)
0f113f3e MC	176	{
	177	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
	178	}
d02b48c6 RE	179	#endif
d02b48c6 RE	180
31a352d1	181	X509 d2i_X509_bio(BIO bp, X509 **x509)
0f113f3e MC	182	{
	183	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
	184	}
d02b48c6	185
9fdcc21f	186	int i2d_X509_bio(BIO bp, const X509 x509)
0f113f3e MC	187	{
	188	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
	189	}
d02b48c6	190
4b618848	191	#ifndef OPENSSL_NO_STDIO
31a352d1	192	X509_CRL d2i_X509_CRL_fp(FILE fp, X509_CRL **crl)
0f113f3e MC	193	{
	194	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
	195	}
d02b48c6	196
9fdcc21f	197	int i2d_X509_CRL_fp(FILE fp, const X509_CRL crl)
0f113f3e MC	198	{
	199	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
	200	}
d02b48c6 RE	201	#endif
d02b48c6 RE	202
31a352d1	203	X509_CRL d2i_X509_CRL_bio(BIO bp, X509_CRL **crl)
0f113f3e MC	204	{
	205	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
	206	}
d02b48c6	207
9fdcc21f	208	int i2d_X509_CRL_bio(BIO bp, const X509_CRL crl)
0f113f3e MC	209	{
	210	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
	211	}
d02b48c6	212
4b618848	213	#ifndef OPENSSL_NO_STDIO
31a352d1	214	PKCS7 d2i_PKCS7_fp(FILE fp, PKCS7 **p7)
0f113f3e MC	215	{
	216	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
	217	}
d02b48c6	218
9fdcc21f	219	int i2d_PKCS7_fp(FILE fp, const PKCS7 p7)
0f113f3e MC	220	{
	221	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
	222	}
d02b48c6 RE	223	#endif
d02b48c6 RE	224
31a352d1	225	PKCS7 d2i_PKCS7_bio(BIO bp, PKCS7 **p7)
0f113f3e MC	226	{
	227	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
	228	}
d02b48c6	229
9fdcc21f	230	int i2d_PKCS7_bio(BIO bp, const PKCS7 p7)
0f113f3e MC	231	{
	232	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
	233	}
d02b48c6	234
4b618848	235	#ifndef OPENSSL_NO_STDIO
31a352d1	236	X509_REQ d2i_X509_REQ_fp(FILE fp, X509_REQ **req)
0f113f3e MC	237	{
	238	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
	239	}
d02b48c6	240
9fdcc21f	241	int i2d_X509_REQ_fp(FILE fp, const X509_REQ req)
0f113f3e MC	242	{
	243	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
	244	}
d02b48c6 RE	245	#endif
d02b48c6 RE	246
31a352d1	247	X509_REQ d2i_X509_REQ_bio(BIO bp, X509_REQ **req)
0f113f3e MC	248	{
	249	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
	250	}
d02b48c6	251
9fdcc21f	252	int i2d_X509_REQ_bio(BIO bp, const X509_REQ req)
0f113f3e MC	253	{
	254	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
	255	}
d02b48c6	256
cf1b7d96	257	#ifndef OPENSSL_NO_RSA
d02b48c6	258
0f113f3e	259	# ifndef OPENSSL_NO_STDIO
31a352d1	260	RSA d2i_RSAPrivateKey_fp(FILE fp, RSA **rsa)
0f113f3e MC	261	{
	262	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
	263	}
d02b48c6	264
9fdcc21f	265	int i2d_RSAPrivateKey_fp(FILE fp, const RSA rsa)
0f113f3e MC	266	{
	267	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
	268	}
d02b48c6	269
31a352d1	270	RSA d2i_RSAPublicKey_fp(FILE fp, RSA **rsa)
0f113f3e MC	271	{
	272	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
	273	}
4e1209eb	274
52664f50	275	RSA d2i_RSA_PUBKEY_fp(FILE fp, RSA **rsa)
0f113f3e MC	276	{
	277	return ASN1_d2i_fp((void ()(void))
	278	RSA_new, (D2I_OF(void)) d2i_RSA_PUBKEY, fp,
	279	(void **)rsa);
	280	}
52664f50	281
9fdcc21f	282	int i2d_RSAPublicKey_fp(FILE fp, const RSA rsa)
0f113f3e MC	283	{
	284	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
	285	}
52664f50	286
9fdcc21f	287	int i2d_RSA_PUBKEY_fp(FILE fp, const RSA rsa)
0f113f3e MC	288	{
	289	return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa);
	290	}
	291	# endif
d02b48c6	292
31a352d1	293	RSA d2i_RSAPrivateKey_bio(BIO bp, RSA **rsa)
0f113f3e MC	294	{
	295	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
	296	}
d02b48c6	297
9fdcc21f	298	int i2d_RSAPrivateKey_bio(BIO bp, const RSA rsa)
0f113f3e MC	299	{
	300	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
	301	}
d02b48c6	302
31a352d1	303	RSA d2i_RSAPublicKey_bio(BIO bp, RSA **rsa)
0f113f3e MC	304	{
	305	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
	306	}
4e1209eb	307
52664f50	308	RSA d2i_RSA_PUBKEY_bio(BIO bp, RSA **rsa)
0f113f3e MC	309	{
	310	return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa);
	311	}
52664f50	312
9fdcc21f	313	int i2d_RSAPublicKey_bio(BIO bp, const RSA rsa)
0f113f3e MC	314	{
	315	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
	316	}
52664f50	317
9fdcc21f	318	int i2d_RSA_PUBKEY_bio(BIO bp, const RSA rsa)
0f113f3e MC	319	{
	320	return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa);
	321	}
d02b48c6 RE	322	#endif
d02b48c6 RE	323
cf1b7d96	324	#ifndef OPENSSL_NO_DSA
0f113f3e	325	# ifndef OPENSSL_NO_STDIO
31a352d1	326	DSA d2i_DSAPrivateKey_fp(FILE fp, DSA **dsa)
0f113f3e MC	327	{
	328	return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSAPrivateKey, fp, dsa);
	329	}
d02b48c6	330
9fdcc21f	331	int i2d_DSAPrivateKey_fp(FILE fp, const DSA dsa)
0f113f3e	332	{
9fdcc21f	333	return ASN1_i2d_fp_of(DSA, i2d_DSAPrivateKey, fp, dsa);
0f113f3e	334	}
3ea23631	335
52664f50	336	DSA d2i_DSA_PUBKEY_fp(FILE fp, DSA **dsa)
0f113f3e MC	337	{
	338	return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa);
	339	}
3ea23631	340
9fdcc21f	341	int i2d_DSA_PUBKEY_fp(FILE fp, const DSA dsa)
0f113f3e MC	342	{
	343	return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa);
	344	}
	345	# endif
d02b48c6	346
31a352d1	347	DSA d2i_DSAPrivateKey_bio(BIO bp, DSA **dsa)
0f113f3e MC	348	{
	349	return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAPrivateKey, bp, dsa);
	350	}
d02b48c6	351
9fdcc21f	352	int i2d_DSAPrivateKey_bio(BIO bp, const DSA dsa)
0f113f3e	353	{
9fdcc21f	354	return ASN1_i2d_bio_of(DSA, i2d_DSAPrivateKey, bp, dsa);
0f113f3e	355	}
3ea23631	356
52664f50	357	DSA d2i_DSA_PUBKEY_bio(BIO bp, DSA **dsa)
0f113f3e MC	358	{
	359	return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa);
	360	}
3ea23631	361
9fdcc21f	362	int i2d_DSA_PUBKEY_bio(BIO bp, const DSA dsa)
0f113f3e MC	363	{
	364	return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa);
	365	}
3ea23631	366
d02b48c6 RE	367	#endif
d02b48c6 RE	368
14a7cfb3	369	#ifndef OPENSSL_NO_EC
0f113f3e	370	# ifndef OPENSSL_NO_STDIO
14a7cfb3	371	EC_KEY d2i_EC_PUBKEY_fp(FILE fp, EC_KEY **eckey)
0f113f3e MC	372	{
	373	return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey);
	374	}
	375
9fdcc21f	376	int i2d_EC_PUBKEY_fp(FILE fp, const EC_KEY eckey)
0f113f3e MC	377	{
	378	return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey);
	379	}
14a7cfb3 BM	380
14a7cfb3 BM	381	EC_KEY d2i_ECPrivateKey_fp(FILE fp, EC_KEY **eckey)
0f113f3e MC	382	{
	383	return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey);
	384	}
	385
9fdcc21f	386	int i2d_ECPrivateKey_fp(FILE fp, const EC_KEY eckey)
0f113f3e MC	387	{
	388	return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey);
	389	}
	390	# endif
14a7cfb3	391	EC_KEY d2i_EC_PUBKEY_bio(BIO bp, EC_KEY **eckey)
0f113f3e MC	392	{
	393	return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey);
	394	}
	395
9fdcc21f	396	int i2d_EC_PUBKEY_bio(BIO bp, const EC_KEY ecdsa)
0f113f3e MC	397	{
	398	return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa);
	399	}
14a7cfb3 BM	400
14a7cfb3 BM	401	EC_KEY d2i_ECPrivateKey_bio(BIO bp, EC_KEY **eckey)
0f113f3e MC	402	{
	403	return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey);
	404	}
	405
9fdcc21f	406	int i2d_ECPrivateKey_bio(BIO bp, const EC_KEY eckey)
0f113f3e MC	407	{
	408	return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey);
	409	}
4d94ae00 BM	410	#endif
4d94ae00 BM	411
0f113f3e MC	412	int X509_pubkey_digest(const X509 data, const EVP_MD type,
	413	unsigned char md, unsigned int len)
	414	{
	415	ASN1_BIT_STRING *key;
	416	key = X509_get0_pubkey_bitstr(data);
	417	if (!key)
	418	return 0;
	419	return EVP_Digest(key->data, key->length, md, len, type, NULL);
	420	}
88ce56f8	421
ccd86b68	422	int X509_digest(const X509 data, const EVP_MD type, unsigned char *md,
0f113f3e MC	423	unsigned int *len)
0f113f3e MC	424	{
3e5d9da5 RS	425	if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0) {
	426	/* Asking for SHA1 and we already computed it. */
	427	if (len != NULL)
	428	*len = sizeof(data->sha1_hash);
	429	memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
	430	return 1;
	431	}
0f113f3e MC	432	return (ASN1_item_digest
	433	(ASN1_ITEM_rptr(X509), type, (char *)data, md, len));
	434	}
	435
	436	int X509_CRL_digest(const X509_CRL data, const EVP_MD type,
	437	unsigned char md, unsigned int len)
	438	{
6195848b	439	if (type == EVP_sha1() && (data->flags & EXFLAG_SET) != 0) {
3e5d9da5 RS	440	/* Asking for SHA1; always computed in CRL d2i. */
	441	if (len != NULL)
	442	*len = sizeof(data->sha1_hash);
	443	memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
	444	return 1;
	445	}
0f113f3e MC	446	return (ASN1_item_digest
	447	(ASN1_ITEM_rptr(X509_CRL), type, (char *)data, md, len));
	448	}
d02b48c6	449
0f113f3e MC	450	int X509_REQ_digest(const X509_REQ data, const EVP_MD type,
	451	unsigned char md, unsigned int len)
	452	{
	453	return (ASN1_item_digest
	454	(ASN1_ITEM_rptr(X509_REQ), type, (char *)data, md, len));
	455	}
	456
	457	int X509_NAME_digest(const X509_NAME data, const EVP_MD type,
	458	unsigned char md, unsigned int len)
	459	{
	460	return (ASN1_item_digest
	461	(ASN1_ITEM_rptr(X509_NAME), type, (char *)data, md, len));
	462	}
	463
	464	int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
	465	const EVP_MD type, unsigned char md,
	466	unsigned int *len)
	467	{
	468	return (ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL), type,
	469	(char *)data, md, len));
	470	}
3cbb7937	471
4b618848	472	#ifndef OPENSSL_NO_STDIO
3cbb7937	473	X509_SIG d2i_PKCS8_fp(FILE fp, X509_SIG **p8)
0f113f3e MC	474	{
	475	return ASN1_d2i_fp_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, fp, p8);
	476	}
3cbb7937	477
9fdcc21f	478	int i2d_PKCS8_fp(FILE fp, const X509_SIG p8)
0f113f3e MC	479	{
	480	return ASN1_i2d_fp_of(X509_SIG, i2d_X509_SIG, fp, p8);
	481	}
3cbb7937 DSH	482	#endif
	483
	484	X509_SIG d2i_PKCS8_bio(BIO bp, X509_SIG **p8)
0f113f3e MC	485	{
	486	return ASN1_d2i_bio_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, bp, p8);
	487	}
3cbb7937	488
9fdcc21f	489	int i2d_PKCS8_bio(BIO bp, const X509_SIG p8)
0f113f3e MC	490	{
	491	return ASN1_i2d_bio_of(X509_SIG, i2d_X509_SIG, bp, p8);
	492	}
3cbb7937	493
cb58d81e RL	494	#ifndef OPENSSL_NO_STDIO
	495	X509_PUBKEY d2i_X509_PUBKEY_fp(FILE fp, X509_PUBKEY **xpk)
	496	{
	497	return ASN1_d2i_fp_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
	498	fp, xpk);
	499	}
	500
	501	int i2d_X509_PUBKEY_fp(FILE fp, const X509_PUBKEY xpk)
	502	{
	503	return ASN1_i2d_fp_of(X509_PUBKEY, i2d_X509_PUBKEY, fp, xpk);
	504	}
	505	#endif
	506
	507	X509_PUBKEY d2i_X509_PUBKEY_bio(BIO bp, X509_PUBKEY **xpk)
	508	{
	509	return ASN1_d2i_bio_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
	510	bp, xpk);
	511	}
	512
	513	int i2d_X509_PUBKEY_bio(BIO bp, const X509_PUBKEY xpk)
	514	{
	515	return ASN1_i2d_bio_of(X509_PUBKEY, i2d_X509_PUBKEY, bp, xpk);
	516	}
	517
4b618848	518	#ifndef OPENSSL_NO_STDIO
3cbb7937	519	PKCS8_PRIV_KEY_INFO d2i_PKCS8_PRIV_KEY_INFO_fp(FILE fp,
0f113f3e MC	520	PKCS8_PRIV_KEY_INFO **p8inf)
	521	{
	522	return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
	523	d2i_PKCS8_PRIV_KEY_INFO, fp, p8inf);
	524	}
3cbb7937	525
9fdcc21f	526	int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE fp, const PKCS8_PRIV_KEY_INFO p8inf)
0f113f3e MC	527	{
	528	return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, fp,
	529	p8inf);
	530	}
36217a94	531
9fdcc21f	532	int i2d_PKCS8PrivateKeyInfo_fp(FILE fp, const EVP_PKEY key)
0f113f3e MC	533	{
	534	PKCS8_PRIV_KEY_INFO *p8inf;
	535	int ret;
12a765a5	536
0f113f3e	537	p8inf = EVP_PKEY2PKCS8(key);
12a765a5	538	if (p8inf == NULL)
0f113f3e MC	539	return 0;
	540	ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
	541	PKCS8_PRIV_KEY_INFO_free(p8inf);
	542	return ret;
	543	}
36217a94	544
9fdcc21f	545	int i2d_PrivateKey_fp(FILE fp, const EVP_PKEY pkey)
0f113f3e MC	546	{
	547	return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey);
	548	}
e6f3c585	549
20432eae	550	EVP_PKEY d2i_PrivateKey_fp(FILE fp, EVP_PKEY **a)
e6f3c585	551	{
0f113f3e	552	return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a);
e6f3c585 DSH	553	}
e6f3c585 DSH	554
9fdcc21f	555	int i2d_PUBKEY_fp(FILE fp, const EVP_PKEY pkey)
0f113f3e MC	556	{
	557	return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey);
	558	}
bd08a2bd DSH	559
	560	EVP_PKEY d2i_PUBKEY_fp(FILE fp, EVP_PKEY **a)
	561	{
0f113f3e	562	return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, fp, a);
bd08a2bd DSH	563	}
bd08a2bd DSH	564
3cbb7937 DSH	565	#endif
	566
	567	PKCS8_PRIV_KEY_INFO d2i_PKCS8_PRIV_KEY_INFO_bio(BIO bp,
0f113f3e MC	568	PKCS8_PRIV_KEY_INFO **p8inf)
	569	{
	570	return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
	571	d2i_PKCS8_PRIV_KEY_INFO, bp, p8inf);
	572	}
3cbb7937	573
9fdcc21f	574	int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO bp, const PKCS8_PRIV_KEY_INFO p8inf)
0f113f3e MC	575	{
	576	return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, bp,
	577	p8inf);
	578	}
36217a94	579
9fdcc21f	580	int i2d_PKCS8PrivateKeyInfo_bio(BIO bp, const EVP_PKEY key)
0f113f3e MC	581	{
	582	PKCS8_PRIV_KEY_INFO *p8inf;
	583	int ret;
12a765a5	584
0f113f3e	585	p8inf = EVP_PKEY2PKCS8(key);
12a765a5	586	if (p8inf == NULL)
0f113f3e MC	587	return 0;
	588	ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
	589	PKCS8_PRIV_KEY_INFO_free(p8inf);
	590	return ret;
	591	}
e6f3c585	592
9fdcc21f	593	int i2d_PrivateKey_bio(BIO bp, const EVP_PKEY pkey)
0f113f3e MC	594	{
	595	return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey);
	596	}
e6f3c585	597
20432eae	598	EVP_PKEY d2i_PrivateKey_bio(BIO bp, EVP_PKEY **a)
0f113f3e MC	599	{
	600	return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a);
	601	}
bd08a2bd	602
9fdcc21f	603	int i2d_PUBKEY_bio(BIO bp, const EVP_PKEY pkey)
0f113f3e MC	604	{
	605	return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey);
	606	}
bd08a2bd DSH	607
bd08a2bd DSH	608	EVP_PKEY d2i_PUBKEY_bio(BIO bp, EVP_PKEY **a)
0f113f3e MC	609	{
	610	return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, bp, a);
	611	}