2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * DSA low level APIs are deprecated for public use, but still ok for
14 #include "internal/deprecated.h"
17 #include "internal/cryptlib.h"
18 #include <openssl/asn1t.h>
19 #include <openssl/x509.h>
20 #include "crypto/asn1.h"
21 #include "crypto/evp.h"
22 #include "crypto/x509.h"
23 #include <openssl/rsa.h>
24 #include <openssl/dsa.h>
25 #include <openssl/serializer.h>
27 struct X509_pubkey_st
{
29 ASN1_BIT_STRING
*public_key
;
33 static int x509_pubkey_decode(EVP_PKEY
**pk
, X509_PUBKEY
*key
);
35 /* Minor tweak to operation: free up EVP_PKEY */
36 static int pubkey_cb(int operation
, ASN1_VALUE
**pval
, const ASN1_ITEM
*it
,
39 if (operation
== ASN1_OP_FREE_POST
) {
40 X509_PUBKEY
*pubkey
= (X509_PUBKEY
*)*pval
;
41 EVP_PKEY_free(pubkey
->pkey
);
42 } else if (operation
== ASN1_OP_D2I_POST
) {
43 /* Attempt to decode public key and cache in pubkey structure. */
44 X509_PUBKEY
*pubkey
= (X509_PUBKEY
*)*pval
;
45 EVP_PKEY_free(pubkey
->pkey
);
48 * Opportunistically decode the key but remove any non fatal errors
49 * from the queue. Subsequent explicit attempts to decode/use the key
50 * will return an appropriate error.
53 if (x509_pubkey_decode(&pubkey
->pkey
, pubkey
) == -1)
60 ASN1_SEQUENCE_cb(X509_PUBKEY
, pubkey_cb
) = {
61 ASN1_SIMPLE(X509_PUBKEY
, algor
, X509_ALGOR
),
62 ASN1_SIMPLE(X509_PUBKEY
, public_key
, ASN1_BIT_STRING
)
63 } ASN1_SEQUENCE_END_cb(X509_PUBKEY
, X509_PUBKEY
)
65 IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY
)
66 IMPLEMENT_ASN1_DUP_FUNCTION(X509_PUBKEY
)
68 /* TODO should better be called X509_PUBKEY_set1 */
69 int X509_PUBKEY_set(X509_PUBKEY
**x
, EVP_PKEY
*pkey
)
71 X509_PUBKEY
*pk
= NULL
;
79 if (pkey
->ameth
!= NULL
) {
80 if ((pk
= X509_PUBKEY_new()) == NULL
) {
81 X509err(X509_F_X509_PUBKEY_SET
, ERR_R_MALLOC_FAILURE
);
84 if (pkey
->ameth
->pub_encode
!= NULL
) {
85 if (!pkey
->ameth
->pub_encode(pk
, pkey
)) {
86 X509err(X509_F_X509_PUBKEY_SET
,
87 X509_R_PUBLIC_KEY_ENCODE_ERROR
);
91 X509err(X509_F_X509_PUBKEY_SET
, X509_R_METHOD_NOT_SUPPORTED
);
94 } else if (pkey
->pkeys
[0].keymgmt
!= NULL
) {
95 BIO
*bmem
= BIO_new(BIO_s_mem());
96 const char *serprop
= "format=der,type=public";
97 OSSL_SERIALIZER_CTX
*sctx
=
98 OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pkey
, serprop
);
100 if (OSSL_SERIALIZER_to_bio(sctx
, bmem
)) {
101 const unsigned char *der
= NULL
;
102 long derlen
= BIO_get_mem_data(bmem
, (char **)&der
);
104 pk
= d2i_X509_PUBKEY(NULL
, &der
, derlen
);
107 OSSL_SERIALIZER_CTX_free(sctx
);
114 X509_PUBKEY_free(*x
);
115 if (!EVP_PKEY_up_ref(pkey
)) {
116 X509err(X509_F_X509_PUBKEY_SET
, ERR_R_INTERNAL_ERROR
);
122 * pk->pkey is NULL when using the legacy routine, but is non-NULL when
123 * going through the serializer, and for all intents and purposes, it's
124 * a perfect copy of |pkey|, just not the same instance. In that case,
125 * we could simply return early, right here.
126 * However, in the interest of being cautious leaning on paranoia, some
127 * application might very well depend on the passed |pkey| being used
128 * and none other, so we spend a few more cycles throwing away the newly
129 * created |pk->pkey| and replace it with |pkey|.
130 * TODO(3.0) Investigate if it's safe to change to simply return here
131 * if |pk->pkey != NULL|.
133 if (pk
->pkey
!= NULL
)
134 EVP_PKEY_free(pk
->pkey
);
140 X509err(X509_F_X509_PUBKEY_SET
, X509_R_UNSUPPORTED_ALGORITHM
);
143 X509_PUBKEY_free(pk
);
148 * Attempt to decode a public key.
149 * Returns 1 on success, 0 for a decode failure and -1 for a fatal
150 * error e.g. malloc failure.
154 static int x509_pubkey_decode(EVP_PKEY
**ppkey
, X509_PUBKEY
*key
)
156 EVP_PKEY
*pkey
= EVP_PKEY_new();
159 X509err(X509_F_X509_PUBKEY_DECODE
, ERR_R_MALLOC_FAILURE
);
163 if (!EVP_PKEY_set_type(pkey
, OBJ_obj2nid(key
->algor
->algorithm
))) {
164 X509err(X509_F_X509_PUBKEY_DECODE
, X509_R_UNSUPPORTED_ALGORITHM
);
168 if (pkey
->ameth
->pub_decode
) {
170 * Treat any failure of pub_decode as a decode error. In
171 * future we could have different return codes for decode
172 * errors and fatal errors such as malloc failure.
174 if (!pkey
->ameth
->pub_decode(pkey
, key
)) {
175 X509err(X509_F_X509_PUBKEY_DECODE
, X509_R_PUBLIC_KEY_DECODE_ERROR
);
179 X509err(X509_F_X509_PUBKEY_DECODE
, X509_R_METHOD_NOT_SUPPORTED
);
191 EVP_PKEY
*X509_PUBKEY_get0(X509_PUBKEY
*key
)
193 EVP_PKEY
*ret
= NULL
;
195 if (key
== NULL
|| key
->public_key
== NULL
)
198 if (key
->pkey
!= NULL
)
202 * When the key ASN.1 is initially parsed an attempt is made to
203 * decode the public key and cache the EVP_PKEY structure. If this
204 * operation fails the cached value will be NULL. Parsing continues
205 * to allow parsing of unknown key types or unsupported forms.
206 * We repeat the decode operation so the appropriate errors are left
209 x509_pubkey_decode(&ret
, key
);
210 /* If decode doesn't fail something bad happened */
212 X509err(X509_F_X509_PUBKEY_GET0
, ERR_R_INTERNAL_ERROR
);
219 EVP_PKEY
*X509_PUBKEY_get(X509_PUBKEY
*key
)
221 EVP_PKEY
*ret
= X509_PUBKEY_get0(key
);
223 EVP_PKEY_up_ref(ret
);
228 * Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or
229 * decode as X509_PUBKEY
232 EVP_PKEY
*d2i_PUBKEY(EVP_PKEY
**a
, const unsigned char **pp
, long length
)
236 const unsigned char *q
;
239 xpk
= d2i_X509_PUBKEY(NULL
, &q
, length
);
242 pktmp
= X509_PUBKEY_get(xpk
);
243 X509_PUBKEY_free(xpk
);
254 int i2d_PUBKEY(const EVP_PKEY
*a
, unsigned char **pp
)
256 X509_PUBKEY
*xpk
= NULL
;
261 if ((xpk
= X509_PUBKEY_new()) == NULL
)
263 if (a
->ameth
!= NULL
&& a
->ameth
->pub_encode
!= NULL
264 && !a
->ameth
->pub_encode(xpk
, a
))
266 xpk
->pkey
= (EVP_PKEY
*)a
;
267 ret
= i2d_X509_PUBKEY(xpk
, pp
);
270 X509_PUBKEY_free(xpk
);
275 * The following are equivalents but which return RSA and DSA keys
277 #ifndef OPENSSL_NO_RSA
278 RSA
*d2i_RSA_PUBKEY(RSA
**a
, const unsigned char **pp
, long length
)
282 const unsigned char *q
;
285 pkey
= d2i_PUBKEY(NULL
, &q
, length
);
288 key
= EVP_PKEY_get1_RSA(pkey
);
300 int i2d_RSA_PUBKEY(const RSA
*a
, unsigned char **pp
)
306 pktmp
= EVP_PKEY_new();
308 ASN1err(ASN1_F_I2D_RSA_PUBKEY
, ERR_R_MALLOC_FAILURE
);
311 (void)EVP_PKEY_assign_RSA(pktmp
, (RSA
*)a
);
312 ret
= i2d_PUBKEY(pktmp
, pp
);
313 pktmp
->pkey
.ptr
= NULL
;
314 EVP_PKEY_free(pktmp
);
319 #ifndef OPENSSL_NO_DSA
320 DSA
*d2i_DSA_PUBKEY(DSA
**a
, const unsigned char **pp
, long length
)
324 const unsigned char *q
;
327 pkey
= d2i_PUBKEY(NULL
, &q
, length
);
330 key
= EVP_PKEY_get1_DSA(pkey
);
342 int i2d_DSA_PUBKEY(const DSA
*a
, unsigned char **pp
)
348 pktmp
= EVP_PKEY_new();
350 ASN1err(ASN1_F_I2D_DSA_PUBKEY
, ERR_R_MALLOC_FAILURE
);
353 (void)EVP_PKEY_assign_DSA(pktmp
, (DSA
*)a
);
354 ret
= i2d_PUBKEY(pktmp
, pp
);
355 pktmp
->pkey
.ptr
= NULL
;
356 EVP_PKEY_free(pktmp
);
361 #ifndef OPENSSL_NO_EC
362 EC_KEY
*d2i_EC_PUBKEY(EC_KEY
**a
, const unsigned char **pp
, long length
)
366 const unsigned char *q
;
369 pkey
= d2i_PUBKEY(NULL
, &q
, length
);
372 key
= EVP_PKEY_get1_EC_KEY(pkey
);
384 int i2d_EC_PUBKEY(const EC_KEY
*a
, unsigned char **pp
)
391 if ((pktmp
= EVP_PKEY_new()) == NULL
) {
392 ASN1err(ASN1_F_I2D_EC_PUBKEY
, ERR_R_MALLOC_FAILURE
);
395 (void)EVP_PKEY_assign_EC_KEY(pktmp
, (EC_KEY
*)a
);
396 ret
= i2d_PUBKEY(pktmp
, pp
);
397 pktmp
->pkey
.ptr
= NULL
;
398 EVP_PKEY_free(pktmp
);
403 int X509_PUBKEY_set0_param(X509_PUBKEY
*pub
, ASN1_OBJECT
*aobj
,
404 int ptype
, void *pval
,
405 unsigned char *penc
, int penclen
)
407 if (!X509_ALGOR_set0(pub
->algor
, aobj
, ptype
, pval
))
410 OPENSSL_free(pub
->public_key
->data
);
411 pub
->public_key
->data
= penc
;
412 pub
->public_key
->length
= penclen
;
413 /* Set number of unused bits to zero */
414 pub
->public_key
->flags
&= ~(ASN1_STRING_FLAG_BITS_LEFT
| 0x07);
415 pub
->public_key
->flags
|= ASN1_STRING_FLAG_BITS_LEFT
;
420 int X509_PUBKEY_get0_param(ASN1_OBJECT
**ppkalg
,
421 const unsigned char **pk
, int *ppklen
,
422 X509_ALGOR
**pa
, X509_PUBKEY
*pub
)
425 *ppkalg
= pub
->algor
->algorithm
;
427 *pk
= pub
->public_key
->data
;
428 *ppklen
= pub
->public_key
->length
;
435 ASN1_BIT_STRING
*X509_get0_pubkey_bitstr(const X509
*x
)
439 return x
->cert_info
.key
->public_key
;