]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/x509/x_pubkey.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
[thirdparty/openssl.git] / crypto / x509 / x_pubkey.c
1 /*
2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * DSA low level APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <stdio.h>
17 #include "internal/cryptlib.h"
18 #include <openssl/asn1t.h>
19 #include <openssl/x509.h>
20 #include "crypto/asn1.h"
21 #include "crypto/evp.h"
22 #include "crypto/x509.h"
23 #include <openssl/rsa.h>
24 #include <openssl/dsa.h>
25 #include <openssl/encoder.h>
26
27 struct X509_pubkey_st {
28 X509_ALGOR *algor;
29 ASN1_BIT_STRING *public_key;
30 EVP_PKEY *pkey;
31
32 /* extra data for the callback, used by d2i_PUBKEY_ex */
33 OPENSSL_CTX *libctx;
34 const char *propq;
35 };
36
37 static int x509_pubkey_decode(EVP_PKEY **pk, const X509_PUBKEY *key);
38
39 /* Minor tweak to operation: free up EVP_PKEY */
40 static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
41 void *exarg)
42 {
43 if (operation == ASN1_OP_FREE_POST) {
44 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
45 EVP_PKEY_free(pubkey->pkey);
46 } else if (operation == ASN1_OP_D2I_POST) {
47 /* Attempt to decode public key and cache in pubkey structure. */
48 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
49 EVP_PKEY_free(pubkey->pkey);
50 pubkey->pkey = NULL;
51 /*
52 * Opportunistically decode the key but remove any non fatal errors
53 * from the queue. Subsequent explicit attempts to decode/use the key
54 * will return an appropriate error.
55 */
56 ERR_set_mark();
57 if (x509_pubkey_decode(&pubkey->pkey, pubkey) == -1)
58 return 0;
59 ERR_pop_to_mark();
60 }
61 return 1;
62 }
63
64 ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
65 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
66 ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
67 } ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY)
68
69 IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
70 IMPLEMENT_ASN1_DUP_FUNCTION(X509_PUBKEY)
71
72 /* TODO should better be called X509_PUBKEY_set1 */
73 int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
74 {
75 X509_PUBKEY *pk = NULL;
76
77 if (x == NULL)
78 return 0;
79
80 if (pkey == NULL)
81 goto unsupported;
82
83 if (pkey->ameth != NULL) {
84 if ((pk = X509_PUBKEY_new()) == NULL) {
85 X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
86 goto error;
87 }
88 if (pkey->ameth->pub_encode != NULL) {
89 if (!pkey->ameth->pub_encode(pk, pkey)) {
90 X509err(X509_F_X509_PUBKEY_SET,
91 X509_R_PUBLIC_KEY_ENCODE_ERROR);
92 goto error;
93 }
94 } else {
95 X509err(X509_F_X509_PUBKEY_SET, X509_R_METHOD_NOT_SUPPORTED);
96 goto error;
97 }
98 } else if (pkey->keymgmt != NULL) {
99 BIO *bmem = BIO_new(BIO_s_mem());
100 const char *encprop = OSSL_ENCODER_PUBKEY_TO_DER_PQ;
101 OSSL_ENCODER_CTX *ectx =
102 OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, encprop);
103
104 if (OSSL_ENCODER_to_bio(ectx, bmem)) {
105 const unsigned char *der = NULL;
106 long derlen = BIO_get_mem_data(bmem, (char **)&der);
107
108 pk = d2i_X509_PUBKEY(NULL, &der, derlen);
109 }
110
111 OSSL_ENCODER_CTX_free(ectx);
112 BIO_free(bmem);
113 }
114
115 if (pk == NULL)
116 goto unsupported;
117
118 X509_PUBKEY_free(*x);
119 if (!EVP_PKEY_up_ref(pkey)) {
120 X509err(X509_F_X509_PUBKEY_SET, ERR_R_INTERNAL_ERROR);
121 goto error;
122 }
123 *x = pk;
124
125 /*
126 * pk->pkey is NULL when using the legacy routine, but is non-NULL when
127 * going through the encoder, and for all intents and purposes, it's
128 * a perfect copy of |pkey|, just not the same instance. In that case,
129 * we could simply return early, right here.
130 * However, in the interest of being cautious leaning on paranoia, some
131 * application might very well depend on the passed |pkey| being used
132 * and none other, so we spend a few more cycles throwing away the newly
133 * created |pk->pkey| and replace it with |pkey|.
134 * TODO(3.0) Investigate if it's safe to change to simply return here
135 * if |pk->pkey != NULL|.
136 */
137 if (pk->pkey != NULL)
138 EVP_PKEY_free(pk->pkey);
139
140 pk->pkey = pkey;
141 return 1;
142
143 unsupported:
144 X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM);
145
146 error:
147 X509_PUBKEY_free(pk);
148 return 0;
149 }
150
151 /*
152 * Attempt to decode a public key.
153 * Returns 1 on success, 0 for a decode failure and -1 for a fatal
154 * error e.g. malloc failure.
155 */
156
157
158 static int x509_pubkey_decode(EVP_PKEY **ppkey, const X509_PUBKEY *key)
159 {
160 EVP_PKEY *pkey = EVP_PKEY_new();
161
162 if (pkey == NULL) {
163 X509err(X509_F_X509_PUBKEY_DECODE, ERR_R_MALLOC_FAILURE);
164 return -1;
165 }
166
167 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(key->algor->algorithm))) {
168 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_UNSUPPORTED_ALGORITHM);
169 goto error;
170 }
171
172 if (pkey->ameth->pub_decode) {
173 /*
174 * Treat any failure of pub_decode as a decode error. In
175 * future we could have different return codes for decode
176 * errors and fatal errors such as malloc failure.
177 */
178 if (!pkey->ameth->pub_decode(pkey, key)) {
179 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_PUBLIC_KEY_DECODE_ERROR);
180 goto error;
181 }
182 } else {
183 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_METHOD_NOT_SUPPORTED);
184 goto error;
185 }
186
187 *ppkey = pkey;
188 return 1;
189
190 error:
191 EVP_PKEY_free(pkey);
192 return 0;
193 }
194
195 EVP_PKEY *X509_PUBKEY_get0(const X509_PUBKEY *key)
196 {
197 EVP_PKEY *ret = NULL;
198
199 if (key == NULL || key->public_key == NULL)
200 return NULL;
201
202 if (key->pkey != NULL)
203 return key->pkey;
204
205 /*
206 * When the key ASN.1 is initially parsed an attempt is made to
207 * decode the public key and cache the EVP_PKEY structure. If this
208 * operation fails the cached value will be NULL. Parsing continues
209 * to allow parsing of unknown key types or unsupported forms.
210 * We repeat the decode operation so the appropriate errors are left
211 * in the queue.
212 */
213 x509_pubkey_decode(&ret, key);
214 /* If decode doesn't fail something bad happened */
215 if (ret != NULL) {
216 X509err(X509_F_X509_PUBKEY_GET0, ERR_R_INTERNAL_ERROR);
217 EVP_PKEY_free(ret);
218 }
219
220 return NULL;
221 }
222
223 EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key)
224 {
225 EVP_PKEY *ret = X509_PUBKEY_get0(key);
226
227 if (ret != NULL && !EVP_PKEY_up_ref(ret)) {
228 X509err(X509_F_X509_PUBKEY_GET, ERR_R_INTERNAL_ERROR);
229 ret = NULL;
230 }
231 return ret;
232 }
233
234 /*
235 * Now three pseudo ASN1 routines that take an EVP_PKEY structure and encode
236 * or decode as X509_PUBKEY
237 */
238
239 EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length,
240 OPENSSL_CTX *libctx, const char *propq)
241 {
242 X509_PUBKEY *xpk, *xpk2 = NULL, **pxpk = NULL;
243 EVP_PKEY *pktmp = NULL;
244 const unsigned char *q;
245
246 q = *pp;
247
248 /*
249 * If libctx or propq are non-NULL, we take advantage of the reuse
250 * feature. It's not generally recommended, but is safe enough for
251 * newly created structures.
252 */
253 if (libctx != NULL || propq != NULL) {
254 xpk2 = OPENSSL_zalloc(sizeof(*xpk2));
255 if (xpk2 == NULL) {
256 ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
257 return NULL;
258 }
259 xpk2->libctx = libctx;
260 xpk2->propq = propq;
261 pxpk = &xpk2;
262 }
263 xpk = d2i_X509_PUBKEY(pxpk, &q, length);
264 if (xpk == NULL)
265 goto end;
266 pktmp = X509_PUBKEY_get(xpk);
267 X509_PUBKEY_free(xpk);
268 xpk2 = NULL; /* We know that xpk == xpk2 */
269 if (pktmp == NULL)
270 goto end;
271 *pp = q;
272 if (a != NULL) {
273 EVP_PKEY_free(*a);
274 *a = pktmp;
275 }
276 end:
277 X509_PUBKEY_free(xpk2);
278 return pktmp;
279 }
280
281 EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
282 {
283 return d2i_PUBKEY_ex(a, pp, length, NULL, NULL);
284 }
285
286 int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp)
287 {
288 int ret = -1;
289
290 if (a == NULL)
291 return 0;
292 if (a->ameth != NULL) {
293 X509_PUBKEY *xpk = NULL;
294
295 if ((xpk = X509_PUBKEY_new()) == NULL)
296 return -1;
297
298 /* pub_encode() only encode parameters, not the key itself */
299 if (a->ameth->pub_encode != NULL && a->ameth->pub_encode(xpk, a)) {
300 xpk->pkey = (EVP_PKEY *)a;
301 ret = i2d_X509_PUBKEY(xpk, pp);
302 xpk->pkey = NULL;
303 }
304 X509_PUBKEY_free(xpk);
305 } else if (a->keymgmt != NULL) {
306 const char *encprop = OSSL_ENCODER_PUBKEY_TO_DER_PQ;
307 OSSL_ENCODER_CTX *ctx =
308 OSSL_ENCODER_CTX_new_by_EVP_PKEY(a, encprop);
309 BIO *out = BIO_new(BIO_s_mem());
310 BUF_MEM *buf = NULL;
311
312 if (ctx != NULL
313 && out != NULL
314 && OSSL_ENCODER_CTX_get_encoder(ctx) != NULL
315 && OSSL_ENCODER_to_bio(ctx, out)
316 && BIO_get_mem_ptr(out, &buf) > 0) {
317 ret = buf->length;
318
319 if (pp != NULL) {
320 if (*pp == NULL) {
321 *pp = (unsigned char *)buf->data;
322 buf->length = 0;
323 buf->data = NULL;
324 } else {
325 memcpy(*pp, buf->data, ret);
326 *pp += ret;
327 }
328 }
329 }
330 BIO_free(out);
331 OSSL_ENCODER_CTX_free(ctx);
332 }
333
334 return ret;
335 }
336
337 /*
338 * The following are equivalents but which return RSA and DSA keys
339 */
340 #ifndef OPENSSL_NO_RSA
341 RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
342 {
343 EVP_PKEY *pkey;
344 RSA *key;
345 const unsigned char *q;
346
347 q = *pp;
348 pkey = d2i_PUBKEY(NULL, &q, length);
349 if (pkey == NULL)
350 return NULL;
351 key = EVP_PKEY_get1_RSA(pkey);
352 EVP_PKEY_free(pkey);
353 if (key == NULL)
354 return NULL;
355 *pp = q;
356 if (a != NULL) {
357 RSA_free(*a);
358 *a = key;
359 }
360 return key;
361 }
362
363 int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp)
364 {
365 EVP_PKEY *pktmp;
366 int ret;
367 if (!a)
368 return 0;
369 pktmp = EVP_PKEY_new();
370 if (pktmp == NULL) {
371 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
372 return -1;
373 }
374 (void)EVP_PKEY_assign_RSA(pktmp, (RSA *)a);
375 ret = i2d_PUBKEY(pktmp, pp);
376 pktmp->pkey.ptr = NULL;
377 EVP_PKEY_free(pktmp);
378 return ret;
379 }
380 #endif
381
382 #ifndef OPENSSL_NO_DSA
383 DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
384 {
385 EVP_PKEY *pkey;
386 DSA *key;
387 const unsigned char *q;
388
389 q = *pp;
390 pkey = d2i_PUBKEY(NULL, &q, length);
391 if (pkey == NULL)
392 return NULL;
393 key = EVP_PKEY_get1_DSA(pkey);
394 EVP_PKEY_free(pkey);
395 if (key == NULL)
396 return NULL;
397 *pp = q;
398 if (a != NULL) {
399 DSA_free(*a);
400 *a = key;
401 }
402 return key;
403 }
404
405 int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp)
406 {
407 EVP_PKEY *pktmp;
408 int ret;
409 if (!a)
410 return 0;
411 pktmp = EVP_PKEY_new();
412 if (pktmp == NULL) {
413 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
414 return -1;
415 }
416 (void)EVP_PKEY_assign_DSA(pktmp, (DSA *)a);
417 ret = i2d_PUBKEY(pktmp, pp);
418 pktmp->pkey.ptr = NULL;
419 EVP_PKEY_free(pktmp);
420 return ret;
421 }
422 #endif
423
424 #ifndef OPENSSL_NO_EC
425 EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
426 {
427 EVP_PKEY *pkey;
428 EC_KEY *key;
429 const unsigned char *q;
430
431 q = *pp;
432 pkey = d2i_PUBKEY(NULL, &q, length);
433 if (pkey == NULL)
434 return NULL;
435 key = EVP_PKEY_get1_EC_KEY(pkey);
436 EVP_PKEY_free(pkey);
437 if (key == NULL)
438 return NULL;
439 *pp = q;
440 if (a != NULL) {
441 EC_KEY_free(*a);
442 *a = key;
443 }
444 return key;
445 }
446
447 int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp)
448 {
449 EVP_PKEY *pktmp;
450 int ret;
451
452 if (a == NULL)
453 return 0;
454 if ((pktmp = EVP_PKEY_new()) == NULL) {
455 ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
456 return -1;
457 }
458 (void)EVP_PKEY_assign_EC_KEY(pktmp, (EC_KEY *)a);
459 ret = i2d_PUBKEY(pktmp, pp);
460 pktmp->pkey.ptr = NULL;
461 EVP_PKEY_free(pktmp);
462 return ret;
463 }
464 #endif
465
466 int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
467 int ptype, void *pval,
468 unsigned char *penc, int penclen)
469 {
470 if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
471 return 0;
472 if (penc) {
473 OPENSSL_free(pub->public_key->data);
474 pub->public_key->data = penc;
475 pub->public_key->length = penclen;
476 /* Set number of unused bits to zero */
477 pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
478 pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
479 }
480 return 1;
481 }
482
483 int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
484 const unsigned char **pk, int *ppklen,
485 X509_ALGOR **pa, const X509_PUBKEY *pub)
486 {
487 if (ppkalg)
488 *ppkalg = pub->algor->algorithm;
489 if (pk) {
490 *pk = pub->public_key->data;
491 *ppklen = pub->public_key->length;
492 }
493 if (pa)
494 *pa = pub->algor;
495 return 1;
496 }
497
498 ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
499 {
500 if (x == NULL)
501 return NULL;
502 return x->cert_info.key->public_key;
503 }
504
505 /* Returns 1 for equal, 0, for non-equal, < 0 on error */
506 int X509_PUBKEY_eq(const X509_PUBKEY *a, const X509_PUBKEY *b)
507 {
508 X509_ALGOR *algA, *algB;
509 EVP_PKEY *pA, *pB;
510
511 if (a == b)
512 return 1;
513 if (a == NULL || b == NULL)
514 return 0;
515 if (!X509_PUBKEY_get0_param(NULL, NULL, NULL, &algA, a) || algA == NULL
516 || !X509_PUBKEY_get0_param(NULL, NULL, NULL, &algB, b) || algB == NULL)
517 return -2;
518 if (X509_ALGOR_cmp(algA, algB) != 0)
519 return 0;
520 if ((pA = X509_PUBKEY_get0(a)) == NULL
521 || (pB = X509_PUBKEY_get0(b)) == NULL)
522 return -2;
523 return EVP_PKEY_eq(pA, pB);
524 }
525
526 int X509_PUBKEY_get0_libctx(OPENSSL_CTX **plibctx, const char **ppropq,
527 const X509_PUBKEY *key)
528 {
529 if (plibctx)
530 *plibctx = key->libctx;
531 if (ppropq)
532 *ppropq = key->propq;
533 return 1;
534 }
A mirror of the official openssl repository