1/*
2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include "internal/cryptlib.h"
12#include <openssl/evp.h>
13#include <openssl/objects.h>
14#include <openssl/x509.h>
15
16int X509_certificate_type(const X509 *x, const EVP_PKEY *pkey)
17{
18 const EVP_PKEY *pk;
19 int ret = 0, i;
20
21 if (x == NULL)
22 return 0;
23
24 if (pkey == NULL)
25 pk = X509_get0_pubkey(x);
26 else
27 pk = pkey;
28
29 if (pk == NULL)
30 return 0;
31
32 switch (EVP_PKEY_id(pk)) {
33 case EVP_PKEY_RSA:
34 ret = EVP_PK_RSA | EVP_PKT_SIGN;
35/* if (!sign only extension) */
36 ret |= EVP_PKT_ENC;
37 break;
38 case EVP_PKEY_RSA_PSS:
39 ret = EVP_PK_RSA | EVP_PKT_SIGN;
40 break;
41 case EVP_PKEY_DSA:
42 ret = EVP_PK_DSA | EVP_PKT_SIGN;
43 break;
44 case EVP_PKEY_EC:
45 ret = EVP_PK_EC | EVP_PKT_SIGN | EVP_PKT_EXCH;
46 break;
47 case EVP_PKEY_ED448:
48 case EVP_PKEY_ED25519:
49 ret = EVP_PKT_SIGN;
50 break;
51 case EVP_PKEY_DH:
52 ret = EVP_PK_DH | EVP_PKT_EXCH;
53 break;
54 case NID_id_GostR3410_2001:
55 case NID_id_GostR3410_2012_256:
56 case NID_id_GostR3410_2012_512:
57 ret = EVP_PKT_EXCH | EVP_PKT_SIGN;
58 break;
59 default:
60 break;
61 }
62
63 i = X509_get_signature_nid(x);
64 if (i && OBJ_find_sigid_algs(i, NULL, &i)) {
65
66 switch (i) {
67 case NID_rsaEncryption:
68 case NID_rsa:
69 ret |= EVP_PKS_RSA;
70 break;
71 case NID_dsa:
72 case NID_dsa_2:
73 ret |= EVP_PKS_DSA;
74 break;
75 case NID_X9_62_id_ecPublicKey:
76 ret |= EVP_PKS_EC;
77 break;
78 default:
79 break;
80 }
81 }
82
83 return ret;
84}
85