2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * DSA low level APIs are deprecated for public use, but still ok for
14 #include "internal/deprecated.h"
17 #include "internal/cryptlib.h"
18 #include <openssl/asn1t.h>
19 #include <openssl/x509.h>
20 #include "crypto/asn1.h"
21 #include "crypto/evp.h"
22 #include "crypto/x509.h"
23 #include <openssl/rsa.h>
24 #include <openssl/dsa.h>
25 #include <openssl/encoder.h>
27 struct X509_pubkey_st
{
29 ASN1_BIT_STRING
*public_key
;
32 /* extra data for the callback, used by d2i_PUBKEY_ex */
37 static int x509_pubkey_decode(EVP_PKEY
**pk
, const X509_PUBKEY
*key
);
39 /* Minor tweak to operation: free up EVP_PKEY */
40 static int pubkey_cb(int operation
, ASN1_VALUE
**pval
, const ASN1_ITEM
*it
,
43 if (operation
== ASN1_OP_FREE_POST
) {
44 X509_PUBKEY
*pubkey
= (X509_PUBKEY
*)*pval
;
45 EVP_PKEY_free(pubkey
->pkey
);
46 } else if (operation
== ASN1_OP_D2I_POST
) {
47 /* Attempt to decode public key and cache in pubkey structure. */
48 X509_PUBKEY
*pubkey
= (X509_PUBKEY
*)*pval
;
49 EVP_PKEY_free(pubkey
->pkey
);
52 * Opportunistically decode the key but remove any non fatal errors
53 * from the queue. Subsequent explicit attempts to decode/use the key
54 * will return an appropriate error.
57 if (x509_pubkey_decode(&pubkey
->pkey
, pubkey
) == -1)
64 ASN1_SEQUENCE_cb(X509_PUBKEY
, pubkey_cb
) = {
65 ASN1_SIMPLE(X509_PUBKEY
, algor
, X509_ALGOR
),
66 ASN1_SIMPLE(X509_PUBKEY
, public_key
, ASN1_BIT_STRING
)
67 } ASN1_SEQUENCE_END_cb(X509_PUBKEY
, X509_PUBKEY
)
69 IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY
)
70 IMPLEMENT_ASN1_DUP_FUNCTION(X509_PUBKEY
)
72 /* TODO should better be called X509_PUBKEY_set1 */
73 int X509_PUBKEY_set(X509_PUBKEY
**x
, EVP_PKEY
*pkey
)
75 X509_PUBKEY
*pk
= NULL
;
83 if (pkey
->ameth
!= NULL
) {
84 if ((pk
= X509_PUBKEY_new()) == NULL
) {
85 X509err(X509_F_X509_PUBKEY_SET
, ERR_R_MALLOC_FAILURE
);
88 if (pkey
->ameth
->pub_encode
!= NULL
) {
89 if (!pkey
->ameth
->pub_encode(pk
, pkey
)) {
90 X509err(X509_F_X509_PUBKEY_SET
,
91 X509_R_PUBLIC_KEY_ENCODE_ERROR
);
95 X509err(X509_F_X509_PUBKEY_SET
, X509_R_METHOD_NOT_SUPPORTED
);
98 } else if (pkey
->keymgmt
!= NULL
) {
99 BIO
*bmem
= BIO_new(BIO_s_mem());
100 const char *encprop
= OSSL_ENCODER_PUBKEY_TO_DER_PQ
;
101 OSSL_ENCODER_CTX
*ectx
=
102 OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey
, encprop
);
104 if (OSSL_ENCODER_to_bio(ectx
, bmem
)) {
105 const unsigned char *der
= NULL
;
106 long derlen
= BIO_get_mem_data(bmem
, (char **)&der
);
108 pk
= d2i_X509_PUBKEY(NULL
, &der
, derlen
);
111 OSSL_ENCODER_CTX_free(ectx
);
118 X509_PUBKEY_free(*x
);
119 if (!EVP_PKEY_up_ref(pkey
)) {
120 X509err(X509_F_X509_PUBKEY_SET
, ERR_R_INTERNAL_ERROR
);
126 * pk->pkey is NULL when using the legacy routine, but is non-NULL when
127 * going through the encoder, and for all intents and purposes, it's
128 * a perfect copy of |pkey|, just not the same instance. In that case,
129 * we could simply return early, right here.
130 * However, in the interest of being cautious leaning on paranoia, some
131 * application might very well depend on the passed |pkey| being used
132 * and none other, so we spend a few more cycles throwing away the newly
133 * created |pk->pkey| and replace it with |pkey|.
134 * TODO(3.0) Investigate if it's safe to change to simply return here
135 * if |pk->pkey != NULL|.
137 if (pk
->pkey
!= NULL
)
138 EVP_PKEY_free(pk
->pkey
);
144 X509err(X509_F_X509_PUBKEY_SET
, X509_R_UNSUPPORTED_ALGORITHM
);
147 X509_PUBKEY_free(pk
);
152 * Attempt to decode a public key.
153 * Returns 1 on success, 0 for a decode failure and -1 for a fatal
154 * error e.g. malloc failure.
158 static int x509_pubkey_decode(EVP_PKEY
**ppkey
, const X509_PUBKEY
*key
)
160 EVP_PKEY
*pkey
= EVP_PKEY_new();
163 X509err(X509_F_X509_PUBKEY_DECODE
, ERR_R_MALLOC_FAILURE
);
167 if (!EVP_PKEY_set_type(pkey
, OBJ_obj2nid(key
->algor
->algorithm
))) {
168 X509err(X509_F_X509_PUBKEY_DECODE
, X509_R_UNSUPPORTED_ALGORITHM
);
172 if (pkey
->ameth
->pub_decode
) {
174 * Treat any failure of pub_decode as a decode error. In
175 * future we could have different return codes for decode
176 * errors and fatal errors such as malloc failure.
178 if (!pkey
->ameth
->pub_decode(pkey
, key
)) {
179 X509err(X509_F_X509_PUBKEY_DECODE
, X509_R_PUBLIC_KEY_DECODE_ERROR
);
183 X509err(X509_F_X509_PUBKEY_DECODE
, X509_R_METHOD_NOT_SUPPORTED
);
195 EVP_PKEY
*X509_PUBKEY_get0(const X509_PUBKEY
*key
)
197 EVP_PKEY
*ret
= NULL
;
199 if (key
== NULL
|| key
->public_key
== NULL
)
202 if (key
->pkey
!= NULL
)
206 * When the key ASN.1 is initially parsed an attempt is made to
207 * decode the public key and cache the EVP_PKEY structure. If this
208 * operation fails the cached value will be NULL. Parsing continues
209 * to allow parsing of unknown key types or unsupported forms.
210 * We repeat the decode operation so the appropriate errors are left
213 x509_pubkey_decode(&ret
, key
);
214 /* If decode doesn't fail something bad happened */
216 X509err(X509_F_X509_PUBKEY_GET0
, ERR_R_INTERNAL_ERROR
);
223 EVP_PKEY
*X509_PUBKEY_get(const X509_PUBKEY
*key
)
225 EVP_PKEY
*ret
= X509_PUBKEY_get0(key
);
227 if (ret
!= NULL
&& !EVP_PKEY_up_ref(ret
)) {
228 X509err(X509_F_X509_PUBKEY_GET
, ERR_R_INTERNAL_ERROR
);
235 * Now three pseudo ASN1 routines that take an EVP_PKEY structure and encode
236 * or decode as X509_PUBKEY
239 EVP_PKEY
*d2i_PUBKEY_ex(EVP_PKEY
**a
, const unsigned char **pp
, long length
,
240 OPENSSL_CTX
*libctx
, const char *propq
)
242 X509_PUBKEY
*xpk
, *xpk2
= NULL
, **pxpk
= NULL
;
243 EVP_PKEY
*pktmp
= NULL
;
244 const unsigned char *q
;
249 * If libctx or propq are non-NULL, we take advantage of the reuse
250 * feature. It's not generally recommended, but is safe enough for
251 * newly created structures.
253 if (libctx
!= NULL
|| propq
!= NULL
) {
254 xpk2
= OPENSSL_zalloc(sizeof(*xpk2
));
256 ERR_raise(ERR_LIB_X509
, ERR_R_MALLOC_FAILURE
);
259 xpk2
->libctx
= libctx
;
263 xpk
= d2i_X509_PUBKEY(pxpk
, &q
, length
);
266 pktmp
= X509_PUBKEY_get(xpk
);
267 X509_PUBKEY_free(xpk
);
268 xpk2
= NULL
; /* We know that xpk == xpk2 */
277 X509_PUBKEY_free(xpk2
);
281 EVP_PKEY
*d2i_PUBKEY(EVP_PKEY
**a
, const unsigned char **pp
, long length
)
283 return d2i_PUBKEY_ex(a
, pp
, length
, NULL
, NULL
);
286 int i2d_PUBKEY(const EVP_PKEY
*a
, unsigned char **pp
)
292 if (a
->ameth
!= NULL
) {
293 X509_PUBKEY
*xpk
= NULL
;
295 if ((xpk
= X509_PUBKEY_new()) == NULL
)
298 /* pub_encode() only encode parameters, not the key itself */
299 if (a
->ameth
->pub_encode
!= NULL
&& a
->ameth
->pub_encode(xpk
, a
)) {
300 xpk
->pkey
= (EVP_PKEY
*)a
;
301 ret
= i2d_X509_PUBKEY(xpk
, pp
);
304 X509_PUBKEY_free(xpk
);
305 } else if (a
->keymgmt
!= NULL
) {
306 const char *encprop
= OSSL_ENCODER_PUBKEY_TO_DER_PQ
;
307 OSSL_ENCODER_CTX
*ctx
=
308 OSSL_ENCODER_CTX_new_by_EVP_PKEY(a
, encprop
);
309 BIO
*out
= BIO_new(BIO_s_mem());
314 && OSSL_ENCODER_CTX_get_encoder(ctx
) != NULL
315 && OSSL_ENCODER_to_bio(ctx
, out
)
316 && BIO_get_mem_ptr(out
, &buf
) > 0) {
321 *pp
= (unsigned char *)buf
->data
;
325 memcpy(*pp
, buf
->data
, ret
);
331 OSSL_ENCODER_CTX_free(ctx
);
338 * The following are equivalents but which return RSA and DSA keys
340 #ifndef OPENSSL_NO_RSA
341 RSA
*d2i_RSA_PUBKEY(RSA
**a
, const unsigned char **pp
, long length
)
345 const unsigned char *q
;
348 pkey
= d2i_PUBKEY(NULL
, &q
, length
);
351 key
= EVP_PKEY_get1_RSA(pkey
);
363 int i2d_RSA_PUBKEY(const RSA
*a
, unsigned char **pp
)
369 pktmp
= EVP_PKEY_new();
371 ASN1err(ASN1_F_I2D_RSA_PUBKEY
, ERR_R_MALLOC_FAILURE
);
374 (void)EVP_PKEY_assign_RSA(pktmp
, (RSA
*)a
);
375 ret
= i2d_PUBKEY(pktmp
, pp
);
376 pktmp
->pkey
.ptr
= NULL
;
377 EVP_PKEY_free(pktmp
);
382 #ifndef OPENSSL_NO_DSA
383 DSA
*d2i_DSA_PUBKEY(DSA
**a
, const unsigned char **pp
, long length
)
387 const unsigned char *q
;
390 pkey
= d2i_PUBKEY(NULL
, &q
, length
);
393 key
= EVP_PKEY_get1_DSA(pkey
);
405 int i2d_DSA_PUBKEY(const DSA
*a
, unsigned char **pp
)
411 pktmp
= EVP_PKEY_new();
413 ASN1err(ASN1_F_I2D_DSA_PUBKEY
, ERR_R_MALLOC_FAILURE
);
416 (void)EVP_PKEY_assign_DSA(pktmp
, (DSA
*)a
);
417 ret
= i2d_PUBKEY(pktmp
, pp
);
418 pktmp
->pkey
.ptr
= NULL
;
419 EVP_PKEY_free(pktmp
);
424 #ifndef OPENSSL_NO_EC
425 EC_KEY
*d2i_EC_PUBKEY(EC_KEY
**a
, const unsigned char **pp
, long length
)
429 const unsigned char *q
;
432 pkey
= d2i_PUBKEY(NULL
, &q
, length
);
435 key
= EVP_PKEY_get1_EC_KEY(pkey
);
447 int i2d_EC_PUBKEY(const EC_KEY
*a
, unsigned char **pp
)
454 if ((pktmp
= EVP_PKEY_new()) == NULL
) {
455 ASN1err(ASN1_F_I2D_EC_PUBKEY
, ERR_R_MALLOC_FAILURE
);
458 (void)EVP_PKEY_assign_EC_KEY(pktmp
, (EC_KEY
*)a
);
459 ret
= i2d_PUBKEY(pktmp
, pp
);
460 pktmp
->pkey
.ptr
= NULL
;
461 EVP_PKEY_free(pktmp
);
466 int X509_PUBKEY_set0_param(X509_PUBKEY
*pub
, ASN1_OBJECT
*aobj
,
467 int ptype
, void *pval
,
468 unsigned char *penc
, int penclen
)
470 if (!X509_ALGOR_set0(pub
->algor
, aobj
, ptype
, pval
))
473 OPENSSL_free(pub
->public_key
->data
);
474 pub
->public_key
->data
= penc
;
475 pub
->public_key
->length
= penclen
;
476 /* Set number of unused bits to zero */
477 pub
->public_key
->flags
&= ~(ASN1_STRING_FLAG_BITS_LEFT
| 0x07);
478 pub
->public_key
->flags
|= ASN1_STRING_FLAG_BITS_LEFT
;
483 int X509_PUBKEY_get0_param(ASN1_OBJECT
**ppkalg
,
484 const unsigned char **pk
, int *ppklen
,
485 X509_ALGOR
**pa
, const X509_PUBKEY
*pub
)
488 *ppkalg
= pub
->algor
->algorithm
;
490 *pk
= pub
->public_key
->data
;
491 *ppklen
= pub
->public_key
->length
;
498 ASN1_BIT_STRING
*X509_get0_pubkey_bitstr(const X509
*x
)
502 return x
->cert_info
.key
->public_key
;
505 /* Returns 1 for equal, 0, for non-equal, < 0 on error */
506 int X509_PUBKEY_eq(const X509_PUBKEY
*a
, const X509_PUBKEY
*b
)
508 X509_ALGOR
*algA
, *algB
;
513 if (a
== NULL
|| b
== NULL
)
515 if (!X509_PUBKEY_get0_param(NULL
, NULL
, NULL
, &algA
, a
) || algA
== NULL
516 || !X509_PUBKEY_get0_param(NULL
, NULL
, NULL
, &algB
, b
) || algB
== NULL
)
518 if (X509_ALGOR_cmp(algA
, algB
) != 0)
520 if ((pA
= X509_PUBKEY_get0(a
)) == NULL
521 || (pB
= X509_PUBKEY_get0(b
)) == NULL
)
523 return EVP_PKEY_eq(pA
, pB
);
526 int X509_PUBKEY_get0_libctx(OPENSSL_CTX
**plibctx
, const char **ppropq
,
527 const X509_PUBKEY
*key
)
530 *plibctx
= key
->libctx
;
532 *ppropq
= key
->propq
;