2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * DSA low level APIs are deprecated for public use, but still ok for
14 #include "internal/deprecated.h"
17 #include "internal/cryptlib.h"
18 #include <openssl/asn1t.h>
19 #include <openssl/x509.h>
20 #include "crypto/asn1.h"
21 #include "crypto/evp.h"
22 #include "crypto/x509.h"
23 #include <openssl/rsa.h>
24 #include <openssl/dsa.h>
25 #include <openssl/encoder.h>
26 #include "internal/provider.h"
28 struct X509_pubkey_st
{
30 ASN1_BIT_STRING
*public_key
;
33 /* extra data for the callback, used by d2i_PUBKEY_ex */
38 static int x509_pubkey_decode(EVP_PKEY
**pk
, const X509_PUBKEY
*key
);
40 static int x509_pubkey_set0_libctx(X509_PUBKEY
*x
, OSSL_LIB_CTX
*libctx
,
45 OPENSSL_free(x
->propq
);
48 x
->propq
= OPENSSL_strdup(propq
);
56 /* Minor tweak to operation: free up EVP_PKEY */
57 static int pubkey_cb(int operation
, ASN1_VALUE
**pval
, const ASN1_ITEM
*it
,
60 X509_PUBKEY
*pubkey
= (X509_PUBKEY
*)*pval
;
62 if (operation
== ASN1_OP_FREE_POST
) {
63 OPENSSL_free(pubkey
->propq
);
64 EVP_PKEY_free(pubkey
->pkey
);
65 } else if (operation
== ASN1_OP_D2I_POST
) {
66 /* Attempt to decode public key and cache in pubkey structure. */
67 EVP_PKEY_free(pubkey
->pkey
);
70 * Opportunistically decode the key but remove any non fatal errors
71 * from the queue. Subsequent explicit attempts to decode/use the key
72 * will return an appropriate error.
75 if (x509_pubkey_decode(&pubkey
->pkey
, pubkey
) == -1) {
76 ERR_clear_last_mark();
80 } else if (operation
== ASN1_OP_DUP_POST
) {
81 X509_PUBKEY
*old
= exarg
;
83 if (!x509_pubkey_set0_libctx(pubkey
, old
->libctx
, old
->propq
))
89 ASN1_SEQUENCE_cb(X509_PUBKEY
, pubkey_cb
) = {
90 ASN1_SIMPLE(X509_PUBKEY
, algor
, X509_ALGOR
),
91 ASN1_SIMPLE(X509_PUBKEY
, public_key
, ASN1_BIT_STRING
)
92 } ASN1_SEQUENCE_END_cb(X509_PUBKEY
, X509_PUBKEY
)
94 IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY
)
95 IMPLEMENT_ASN1_DUP_FUNCTION(X509_PUBKEY
)
97 /* TODO should better be called X509_PUBKEY_set1 */
98 int X509_PUBKEY_set(X509_PUBKEY
**x
, EVP_PKEY
*pkey
)
100 X509_PUBKEY
*pk
= NULL
;
102 if (x
== NULL
|| pkey
== NULL
) {
103 ERR_raise(ERR_LIB_X509
, ERR_R_PASSED_NULL_PARAMETER
);
107 if (pkey
->ameth
!= NULL
) {
108 if ((pk
= X509_PUBKEY_new()) == NULL
) {
109 ERR_raise(ERR_LIB_X509
, ERR_R_MALLOC_FAILURE
);
112 if (pkey
->ameth
->pub_encode
!= NULL
) {
113 if (!pkey
->ameth
->pub_encode(pk
, pkey
)) {
114 ERR_raise(ERR_LIB_X509
, X509_R_PUBLIC_KEY_ENCODE_ERROR
);
118 ERR_raise(ERR_LIB_X509
, X509_R_METHOD_NOT_SUPPORTED
);
121 } else if (evp_pkey_is_provided(pkey
)) {
122 unsigned char *der
= NULL
;
124 OSSL_ENCODER_CTX
*ectx
=
125 OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey
, EVP_PKEY_PUBLIC_KEY
,
126 "DER", "SubjectPublicKeyInfo",
129 if (OSSL_ENCODER_to_data(ectx
, &der
, &derlen
)) {
130 const unsigned char *pder
= der
;
132 pk
= d2i_X509_PUBKEY(NULL
, &pder
, (long)derlen
);
135 OSSL_ENCODER_CTX_free(ectx
);
140 ERR_raise(ERR_LIB_X509
, X509_R_UNSUPPORTED_ALGORITHM
);
144 X509_PUBKEY_free(*x
);
145 if (!EVP_PKEY_up_ref(pkey
)) {
146 ERR_raise(ERR_LIB_X509
, ERR_R_INTERNAL_ERROR
);
152 * pk->pkey is NULL when using the legacy routine, but is non-NULL when
153 * going through the encoder, and for all intents and purposes, it's
154 * a perfect copy of |pkey|, just not the same instance. In that case,
155 * we could simply return early, right here.
156 * However, in the interest of being cautious leaning on paranoia, some
157 * application might very well depend on the passed |pkey| being used
158 * and none other, so we spend a few more cycles throwing away the newly
159 * created |pk->pkey| and replace it with |pkey|.
160 * TODO(3.0) Investigate if it's safe to change to simply return here
161 * if |pk->pkey != NULL|.
163 if (pk
->pkey
!= NULL
)
164 EVP_PKEY_free(pk
->pkey
);
170 X509_PUBKEY_free(pk
);
175 * Attempt to decode a public key.
176 * Returns 1 on success, 0 for a decode failure and -1 for a fatal
177 * error e.g. malloc failure.
181 static int x509_pubkey_decode(EVP_PKEY
**ppkey
, const X509_PUBKEY
*key
)
183 EVP_PKEY
*pkey
= EVP_PKEY_new();
186 ERR_raise(ERR_LIB_X509
, ERR_R_MALLOC_FAILURE
);
190 if (!EVP_PKEY_set_type(pkey
, OBJ_obj2nid(key
->algor
->algorithm
))) {
191 ERR_raise(ERR_LIB_X509
, X509_R_UNSUPPORTED_ALGORITHM
);
195 if (pkey
->ameth
->pub_decode
) {
197 * Treat any failure of pub_decode as a decode error. In
198 * future we could have different return codes for decode
199 * errors and fatal errors such as malloc failure.
201 if (!pkey
->ameth
->pub_decode(pkey
, key
))
204 ERR_raise(ERR_LIB_X509
, X509_R_METHOD_NOT_SUPPORTED
);
216 EVP_PKEY
*X509_PUBKEY_get0(const X509_PUBKEY
*key
)
218 EVP_PKEY
*ret
= NULL
;
220 if (key
== NULL
|| key
->public_key
== NULL
)
223 if (key
->pkey
!= NULL
)
227 * When the key ASN.1 is initially parsed an attempt is made to
228 * decode the public key and cache the EVP_PKEY structure. If this
229 * operation fails the cached value will be NULL. Parsing continues
230 * to allow parsing of unknown key types or unsupported forms.
231 * We repeat the decode operation so the appropriate errors are left
234 x509_pubkey_decode(&ret
, key
);
235 /* If decode doesn't fail something bad happened */
237 ERR_raise(ERR_LIB_X509
, ERR_R_INTERNAL_ERROR
);
244 EVP_PKEY
*X509_PUBKEY_get(const X509_PUBKEY
*key
)
246 EVP_PKEY
*ret
= X509_PUBKEY_get0(key
);
248 if (ret
!= NULL
&& !EVP_PKEY_up_ref(ret
)) {
249 ERR_raise(ERR_LIB_X509
, ERR_R_INTERNAL_ERROR
);
256 * Now three pseudo ASN1 routines that take an EVP_PKEY structure and encode
257 * or decode as X509_PUBKEY
260 EVP_PKEY
*d2i_PUBKEY_ex(EVP_PKEY
**a
, const unsigned char **pp
, long length
,
261 OSSL_LIB_CTX
*libctx
, const char *propq
)
263 X509_PUBKEY
*xpk
, *xpk2
= NULL
, **pxpk
= NULL
;
264 EVP_PKEY
*pktmp
= NULL
;
265 const unsigned char *q
;
270 * If libctx or propq are non-NULL, we take advantage of the reuse
271 * feature. It's not generally recommended, but is safe enough for
272 * newly created structures.
274 if (libctx
!= NULL
|| propq
!= NULL
) {
275 xpk2
= OPENSSL_zalloc(sizeof(*xpk2
));
277 ERR_raise(ERR_LIB_X509
, ERR_R_MALLOC_FAILURE
);
280 if (!x509_pubkey_set0_libctx(xpk2
, libctx
, propq
))
284 xpk
= d2i_X509_PUBKEY(pxpk
, &q
, length
);
287 pktmp
= X509_PUBKEY_get(xpk
);
288 X509_PUBKEY_free(xpk
);
289 xpk2
= NULL
; /* We know that xpk == xpk2 */
298 X509_PUBKEY_free(xpk2
);
302 EVP_PKEY
*d2i_PUBKEY(EVP_PKEY
**a
, const unsigned char **pp
, long length
)
304 return d2i_PUBKEY_ex(a
, pp
, length
, NULL
, NULL
);
307 int i2d_PUBKEY(const EVP_PKEY
*a
, unsigned char **pp
)
313 if (a
->ameth
!= NULL
) {
314 X509_PUBKEY
*xpk
= NULL
;
316 if ((xpk
= X509_PUBKEY_new()) == NULL
)
319 /* pub_encode() only encode parameters, not the key itself */
320 if (a
->ameth
->pub_encode
!= NULL
&& a
->ameth
->pub_encode(xpk
, a
)) {
321 xpk
->pkey
= (EVP_PKEY
*)a
;
322 ret
= i2d_X509_PUBKEY(xpk
, pp
);
325 X509_PUBKEY_free(xpk
);
326 } else if (a
->keymgmt
!= NULL
) {
327 OSSL_ENCODER_CTX
*ctx
=
328 OSSL_ENCODER_CTX_new_by_EVP_PKEY(a
, EVP_PKEY_PUBLIC_KEY
,
329 "DER", "SubjectPublicKeyInfo",
331 BIO
*out
= BIO_new(BIO_s_mem());
334 if (OSSL_ENCODER_CTX_get_num_encoders(ctx
) != 0
336 && OSSL_ENCODER_to_bio(ctx
, out
)
337 && BIO_get_mem_ptr(out
, &buf
) > 0) {
342 *pp
= (unsigned char *)buf
->data
;
346 memcpy(*pp
, buf
->data
, ret
);
352 OSSL_ENCODER_CTX_free(ctx
);
359 * The following are equivalents but which return RSA and DSA keys
361 RSA
*d2i_RSA_PUBKEY(RSA
**a
, const unsigned char **pp
, long length
)
365 const unsigned char *q
;
368 pkey
= d2i_PUBKEY(NULL
, &q
, length
);
371 key
= EVP_PKEY_get1_RSA(pkey
);
383 int i2d_RSA_PUBKEY(const RSA
*a
, unsigned char **pp
)
389 pktmp
= EVP_PKEY_new();
391 ERR_raise(ERR_LIB_ASN1
, ERR_R_MALLOC_FAILURE
);
394 (void)EVP_PKEY_assign_RSA(pktmp
, (RSA
*)a
);
395 ret
= i2d_PUBKEY(pktmp
, pp
);
396 pktmp
->pkey
.ptr
= NULL
;
397 EVP_PKEY_free(pktmp
);
401 #ifndef OPENSSL_NO_DSA
402 DSA
*d2i_DSA_PUBKEY(DSA
**a
, const unsigned char **pp
, long length
)
406 const unsigned char *q
;
409 pkey
= d2i_PUBKEY(NULL
, &q
, length
);
412 key
= EVP_PKEY_get1_DSA(pkey
);
424 int i2d_DSA_PUBKEY(const DSA
*a
, unsigned char **pp
)
430 pktmp
= EVP_PKEY_new();
432 ERR_raise(ERR_LIB_ASN1
, ERR_R_MALLOC_FAILURE
);
435 (void)EVP_PKEY_assign_DSA(pktmp
, (DSA
*)a
);
436 ret
= i2d_PUBKEY(pktmp
, pp
);
437 pktmp
->pkey
.ptr
= NULL
;
438 EVP_PKEY_free(pktmp
);
443 #ifndef OPENSSL_NO_EC
444 EC_KEY
*d2i_EC_PUBKEY(EC_KEY
**a
, const unsigned char **pp
, long length
)
448 const unsigned char *q
;
451 pkey
= d2i_PUBKEY(NULL
, &q
, length
);
454 key
= EVP_PKEY_get1_EC_KEY(pkey
);
466 int i2d_EC_PUBKEY(const EC_KEY
*a
, unsigned char **pp
)
473 if ((pktmp
= EVP_PKEY_new()) == NULL
) {
474 ERR_raise(ERR_LIB_ASN1
, ERR_R_MALLOC_FAILURE
);
477 (void)EVP_PKEY_assign_EC_KEY(pktmp
, (EC_KEY
*)a
);
478 ret
= i2d_PUBKEY(pktmp
, pp
);
479 pktmp
->pkey
.ptr
= NULL
;
480 EVP_PKEY_free(pktmp
);
485 int X509_PUBKEY_set0_param(X509_PUBKEY
*pub
, ASN1_OBJECT
*aobj
,
486 int ptype
, void *pval
,
487 unsigned char *penc
, int penclen
)
489 if (!X509_ALGOR_set0(pub
->algor
, aobj
, ptype
, pval
))
492 OPENSSL_free(pub
->public_key
->data
);
493 pub
->public_key
->data
= penc
;
494 pub
->public_key
->length
= penclen
;
495 /* Set number of unused bits to zero */
496 pub
->public_key
->flags
&= ~(ASN1_STRING_FLAG_BITS_LEFT
| 0x07);
497 pub
->public_key
->flags
|= ASN1_STRING_FLAG_BITS_LEFT
;
502 int X509_PUBKEY_get0_param(ASN1_OBJECT
**ppkalg
,
503 const unsigned char **pk
, int *ppklen
,
504 X509_ALGOR
**pa
, const X509_PUBKEY
*pub
)
507 *ppkalg
= pub
->algor
->algorithm
;
509 *pk
= pub
->public_key
->data
;
510 *ppklen
= pub
->public_key
->length
;
517 ASN1_BIT_STRING
*X509_get0_pubkey_bitstr(const X509
*x
)
521 return x
->cert_info
.key
->public_key
;
524 /* Returns 1 for equal, 0, for non-equal, < 0 on error */
525 int X509_PUBKEY_eq(const X509_PUBKEY
*a
, const X509_PUBKEY
*b
)
527 X509_ALGOR
*algA
, *algB
;
532 if (a
== NULL
|| b
== NULL
)
534 if (!X509_PUBKEY_get0_param(NULL
, NULL
, NULL
, &algA
, a
) || algA
== NULL
535 || !X509_PUBKEY_get0_param(NULL
, NULL
, NULL
, &algB
, b
) || algB
== NULL
)
537 if (X509_ALGOR_cmp(algA
, algB
) != 0)
539 if ((pA
= X509_PUBKEY_get0(a
)) == NULL
540 || (pB
= X509_PUBKEY_get0(b
)) == NULL
)
542 return EVP_PKEY_eq(pA
, pB
);
545 int X509_PUBKEY_get0_libctx(OSSL_LIB_CTX
**plibctx
, const char **ppropq
,
546 const X509_PUBKEY
*key
)
549 *plibctx
= key
->libctx
;
551 *ppropq
= key
->propq
;