[thirdparty/openssl.git] / crypto / evp / pmeth_check.c

/*
 * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include <stdlib.h>
#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
#include "crypto/bn.h"
#include "crypto/asn1.h"
#include "crypto/evp.h"
#include "evp_local.h"

int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx)
{
    EVP_PKEY *pkey = ctx->pkey;
    void *key;
    EVP_KEYMGMT *keymgmt;

    if (pkey == NULL) {
        EVPerr(EVP_F_EVP_PKEY_PUBLIC_CHECK, EVP_R_NO_KEY_SET);
        return 0;
    }

    keymgmt = pkey->keymgmt;
    key = pkey->keydata;

    if (key != NULL && keymgmt != NULL)
        return evp_keymgmt_validate(keymgmt, key,
                                    OSSL_KEYMGMT_SELECT_PUBLIC_KEY);

    if (pkey->type == EVP_PKEY_NONE)
        goto not_supported;

#ifndef FIPS_MODULE
    /* legacy */
    /* call customized public key check function first */
    if (ctx->pmeth->public_check != NULL)
        return ctx->pmeth->public_check(pkey);

    /* use default public key check function in ameth */
    if (pkey->ameth == NULL || pkey->ameth->pkey_public_check == NULL)
        goto not_supported;

    return pkey->ameth->pkey_public_check(pkey);
#endif
 not_supported:
    EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
    return -2;
}

int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx)
{
    EVP_PKEY *pkey = ctx->pkey;
    void *key;
    EVP_KEYMGMT *keymgmt;

    if (pkey == NULL) {
        EVPerr(EVP_F_EVP_PKEY_PARAM_CHECK, EVP_R_NO_KEY_SET);
        return 0;
    }

    keymgmt = pkey->keymgmt;
    key = pkey->keydata;

    if (key != NULL && keymgmt != NULL)
        return evp_keymgmt_validate(keymgmt, key,
                                    OSSL_KEYMGMT_SELECT_ALL_PARAMETERS);

    if (pkey->type == EVP_PKEY_NONE)
        goto not_supported;

#ifndef FIPS_MODULE
    /* legacy */
    /* call customized param check function first */
    if (ctx->pmeth->param_check != NULL)
        return ctx->pmeth->param_check(pkey);

    /* use default param check function in ameth */
    if (pkey->ameth == NULL || pkey->ameth->pkey_param_check == NULL)
        goto not_supported;

    return pkey->ameth->pkey_param_check(pkey);
#endif
 not_supported:
    EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
    return -2;
}

int EVP_PKEY_private_check(EVP_PKEY_CTX *ctx)
{
    EVP_PKEY *pkey = ctx->pkey;
    void *key;
    EVP_KEYMGMT *keymgmt;

    if (pkey == NULL) {
        EVPerr(0, EVP_R_NO_KEY_SET);
        return 0;
    }

    keymgmt = pkey->keymgmt;
    key = pkey->keydata;

    if (key != NULL && keymgmt != NULL)
        return evp_keymgmt_validate(keymgmt, key,
                                    OSSL_KEYMGMT_SELECT_PRIVATE_KEY);
    /* not supported for legacy keys */
    EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
    return -2;
}

int EVP_PKEY_pairwise_check(EVP_PKEY_CTX *ctx)
{
    EVP_PKEY *pkey = ctx->pkey;
    void *key;
    EVP_KEYMGMT *keymgmt;

    if (pkey == NULL) {
        EVPerr(0, EVP_R_NO_KEY_SET);
        return 0;
    }

    keymgmt = pkey->keymgmt;
    key = pkey->keydata;

    if (key != NULL && keymgmt != NULL)
        return evp_keymgmt_validate(keymgmt, key, OSSL_KEYMGMT_SELECT_KEYPAIR);
    /* not supported for legacy keys */
    EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
    return -2;
}

int EVP_PKEY_check(EVP_PKEY_CTX *ctx)
{
    EVP_PKEY *pkey = ctx->pkey;
    void *key;
    EVP_KEYMGMT *keymgmt;

    if (pkey == NULL) {
        EVPerr(EVP_F_EVP_PKEY_CHECK, EVP_R_NO_KEY_SET);
        return 0;
    }

    keymgmt = pkey->keymgmt;
    key = pkey->keydata;

    if (key != NULL && keymgmt != NULL)
        return evp_keymgmt_validate(keymgmt, key, OSSL_KEYMGMT_SELECT_ALL);

    if (pkey->type == EVP_PKEY_NONE)
        goto not_supported;

#ifndef FIPS_MODULE
    /* legacy */
    /* call customized check function first */
    if (ctx->pmeth->check != NULL)
        return ctx->pmeth->check(pkey);

    /* use default check function in ameth */
    if (pkey->ameth == NULL || pkey->ameth->pkey_check == NULL)
        goto not_supported;

    return pkey->ameth->pkey_check(pkey);
#endif
 not_supported:
    EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
    return -2;
}
Commit	Line	Data
12603de6 SL	1	/*
	2	* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	#include <stdio.h>
	11	#include <stdlib.h>
	12	#include "internal/cryptlib.h"
	13	#include <openssl/objects.h>
	14	#include <openssl/evp.h>
	15	#include "crypto/bn.h"
	16	#include "crypto/asn1.h"
	17	#include "crypto/evp.h"
	18	#include "evp_local.h"
	19
	20	int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx)
	21	{
	22	EVP_PKEY *pkey = ctx->pkey;
	23	void *key;
	24	EVP_KEYMGMT *keymgmt;
	25
	26	if (pkey == NULL) {
	27	EVPerr(EVP_F_EVP_PKEY_PUBLIC_CHECK, EVP_R_NO_KEY_SET);
	28	return 0;
	29	}
	30
3c6ed955 RL	31	keymgmt = pkey->keymgmt;
3c6ed955 RL	32	key = pkey->keydata;
12603de6 SL	33
12603de6 SL	34	if (key != NULL && keymgmt != NULL)
b305452f RL	35	return evp_keymgmt_validate(keymgmt, key,
b305452f RL	36	OSSL_KEYMGMT_SELECT_PUBLIC_KEY);
12603de6	37
adc9f731 RL	38	if (pkey->type == EVP_PKEY_NONE)
	39	goto not_supported;
	40
f844f9eb	41	#ifndef FIPS_MODULE
12603de6 SL	42	/* legacy */
	43	/* call customized public key check function first */
	44	if (ctx->pmeth->public_check != NULL)
	45	return ctx->pmeth->public_check(pkey);
	46
	47	/* use default public key check function in ameth */
adc9f731 RL	48	if (pkey->ameth == NULL \|\| pkey->ameth->pkey_public_check == NULL)
adc9f731 RL	49	goto not_supported;
12603de6 SL	50
12603de6 SL	51	return pkey->ameth->pkey_public_check(pkey);
adc9f731 RL	52	#endif
	53	not_supported:
	54	EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
	55	return -2;
12603de6 SL	56	}
	57
	58	int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx)
	59	{
	60	EVP_PKEY *pkey = ctx->pkey;
	61	void *key;
	62	EVP_KEYMGMT *keymgmt;
	63
	64	if (pkey == NULL) {
	65	EVPerr(EVP_F_EVP_PKEY_PARAM_CHECK, EVP_R_NO_KEY_SET);
	66	return 0;
	67	}
	68
3c6ed955 RL	69	keymgmt = pkey->keymgmt;
3c6ed955 RL	70	key = pkey->keydata;
12603de6 SL	71
12603de6 SL	72	if (key != NULL && keymgmt != NULL)
b305452f RL	73	return evp_keymgmt_validate(keymgmt, key,
b305452f RL	74	OSSL_KEYMGMT_SELECT_ALL_PARAMETERS);
12603de6	75
adc9f731 RL	76	if (pkey->type == EVP_PKEY_NONE)
	77	goto not_supported;
	78
f844f9eb	79	#ifndef FIPS_MODULE
adc9f731	80	/* legacy */
12603de6 SL	81	/* call customized param check function first */
	82	if (ctx->pmeth->param_check != NULL)
	83	return ctx->pmeth->param_check(pkey);
	84
12603de6	85	/* use default param check function in ameth */
adc9f731 RL	86	if (pkey->ameth == NULL \|\| pkey->ameth->pkey_param_check == NULL)
adc9f731 RL	87	goto not_supported;
12603de6 SL	88
12603de6 SL	89	return pkey->ameth->pkey_param_check(pkey);
adc9f731 RL	90	#endif
	91	not_supported:
	92	EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
	93	return -2;
12603de6 SL	94	}
	95
	96	int EVP_PKEY_private_check(EVP_PKEY_CTX *ctx)
	97	{
	98	EVP_PKEY *pkey = ctx->pkey;
	99	void *key;
	100	EVP_KEYMGMT *keymgmt;
	101
	102	if (pkey == NULL) {
	103	EVPerr(0, EVP_R_NO_KEY_SET);
	104	return 0;
	105	}
	106
3c6ed955 RL	107	keymgmt = pkey->keymgmt;
3c6ed955 RL	108	key = pkey->keydata;
12603de6 SL	109
12603de6 SL	110	if (key != NULL && keymgmt != NULL)
b305452f RL	111	return evp_keymgmt_validate(keymgmt, key,
b305452f RL	112	OSSL_KEYMGMT_SELECT_PRIVATE_KEY);
12603de6	113	/* not supported for legacy keys */
adc9f731	114	EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
12603de6 SL	115	return -2;
	116	}
	117
	118	int EVP_PKEY_pairwise_check(EVP_PKEY_CTX *ctx)
	119	{
	120	EVP_PKEY *pkey = ctx->pkey;
	121	void *key;
	122	EVP_KEYMGMT *keymgmt;
	123
	124	if (pkey == NULL) {
	125	EVPerr(0, EVP_R_NO_KEY_SET);
	126	return 0;
	127	}
	128
3c6ed955 RL	129	keymgmt = pkey->keymgmt;
3c6ed955 RL	130	key = pkey->keydata;
12603de6 SL	131
12603de6 SL	132	if (key != NULL && keymgmt != NULL)
b305452f	133	return evp_keymgmt_validate(keymgmt, key, OSSL_KEYMGMT_SELECT_KEYPAIR);
12603de6	134	/* not supported for legacy keys */
adc9f731	135	EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
12603de6 SL	136	return -2;
	137	}
	138
	139	int EVP_PKEY_check(EVP_PKEY_CTX *ctx)
	140	{
	141	EVP_PKEY *pkey = ctx->pkey;
	142	void *key;
	143	EVP_KEYMGMT *keymgmt;
	144
	145	if (pkey == NULL) {
	146	EVPerr(EVP_F_EVP_PKEY_CHECK, EVP_R_NO_KEY_SET);
	147	return 0;
	148	}
	149
3c6ed955 RL	150	keymgmt = pkey->keymgmt;
3c6ed955 RL	151	key = pkey->keydata;
b305452f RL	152
	153	if (key != NULL && keymgmt != NULL)
	154	return evp_keymgmt_validate(keymgmt, key, OSSL_KEYMGMT_SELECT_ALL);
12603de6	155
adc9f731 RL	156	if (pkey->type == EVP_PKEY_NONE)
	157	goto not_supported;
	158
f844f9eb	159	#ifndef FIPS_MODULE
12603de6 SL	160	/* legacy */
	161	/* call customized check function first */
	162	if (ctx->pmeth->check != NULL)
	163	return ctx->pmeth->check(pkey);
	164
	165	/* use default check function in ameth */
adc9f731 RL	166	if (pkey->ameth == NULL \|\| pkey->ameth->pkey_check == NULL)
adc9f731 RL	167	goto not_supported;
12603de6 SL	168
12603de6 SL	169	return pkey->ameth->pkey_check(pkey);
adc9f731 RL	170	#endif
	171	not_supported:
	172	EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
	173	return -2;
12603de6 SL	174	}
12603de6 SL	175