1/*
2 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include "internal/cryptlib.h"
12#include <openssl/buffer.h>
13#include <openssl/asn1.h>
14#include <openssl/evp.h>
15#include <openssl/x509.h>
16#include "crypto/x509.h"
17#include <openssl/ocsp.h>
18#include <openssl/rsa.h>
19#include <openssl/dsa.h>
20#include <openssl/x509v3.h>
21
22#ifndef OPENSSL_NO_SM2
23
24# include "crypto/asn1.h"
25# include "crypto/evp.h"
26
27static int common_verify_sm2(void *data, EVP_PKEY *pkey,
28 int mdnid, int pknid, int req)
29{
30 X509 *x = NULL;
31 X509_REQ *r = NULL;
32 EVP_MD_CTX *ctx = NULL;
33 unsigned char *buf_in = NULL;
34 int ret = -1, inl = 0;
35 size_t inll = 0;
36 EVP_PKEY_CTX *pctx = NULL;
37 const EVP_MD *type = EVP_get_digestbynid(mdnid);
38 ASN1_BIT_STRING *signature = NULL;
39 ASN1_OCTET_STRING *sm2_id = NULL;
40 ASN1_VALUE *tbv = NULL;
41
42 if (type == NULL) {
43 X509err(X509_F_COMMON_VERIFY_SM2,
44 ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
45 goto err;
46 }
47
48 if (pkey == NULL) {
49 X509err(X509_F_COMMON_VERIFY_SM2, ERR_R_PASSED_NULL_PARAMETER);
50 return -1;
51 }
52
53 if (req == 1) {
54 r = (X509_REQ *)data;
55 signature = r->signature;
56 sm2_id = r->sm2_id;
57 tbv = (ASN1_VALUE *)&r->req_info;
58 } else {
59 x = (X509 *)data;
60 signature = &x->signature;
61 sm2_id = x->sm2_id;
62 tbv = (ASN1_VALUE *)&x->cert_info;
63 }
64
65 if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) {
66 X509err(X509_F_COMMON_VERIFY_SM2, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
67 return -1;
68 }
69
70 ctx = EVP_MD_CTX_new();
71 if (ctx == NULL) {
72 X509err(X509_F_COMMON_VERIFY_SM2, ERR_R_MALLOC_FAILURE);
73 goto err;
74 }
75
76 /* Check public key OID matches public key type */
77 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
78 X509err(X509_F_COMMON_VERIFY_SM2, ASN1_R_WRONG_PUBLIC_KEY_TYPE);
79 goto err;
80 }
81
82 if (!EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)) {
83 X509err(X509_F_COMMON_VERIFY_SM2, ERR_R_EVP_LIB);
84 ret = 0;
85 goto err;
86 }
87 pctx = EVP_PKEY_CTX_new(pkey, NULL);
88 if (pctx == NULL) {
89 X509err(X509_F_COMMON_VERIFY_SM2, ERR_R_EVP_LIB);
90 ret = 0;
91 goto err;
92 }
93 /* NOTE: we tolerate no actual ID, to provide maximum flexibility */
94 if (sm2_id != NULL
95 && EVP_PKEY_CTX_set1_id(pctx, sm2_id->data, sm2_id->length) != 1) {
96 X509err(X509_F_COMMON_VERIFY_SM2, ERR_R_EVP_LIB);
97 ret = 0;
98 goto err;
99 }
100 EVP_MD_CTX_set_pkey_ctx(ctx, pctx);
101
102 if (!EVP_DigestVerifyInit(ctx, NULL, type, NULL, pkey)) {
103 X509err(X509_F_COMMON_VERIFY_SM2, ERR_R_EVP_LIB);
104 ret = 0;
105 goto err;
106 }
107
108 inl = ASN1_item_i2d(tbv, &buf_in,
109 req == 1 ?
110 ASN1_ITEM_rptr(X509_REQ_INFO) :
111 ASN1_ITEM_rptr(X509_CINF));
112 if (inl <= 0) {
113 X509err(X509_F_COMMON_VERIFY_SM2, ERR_R_INTERNAL_ERROR);
114 goto err;
115 }
116 if (buf_in == NULL) {
117 X509err(X509_F_COMMON_VERIFY_SM2, ERR_R_MALLOC_FAILURE);
118 goto err;
119 }
120 inll = inl;
121
122 ret = EVP_DigestVerify(ctx, signature->data,
123 (size_t)signature->length, buf_in, inl);
124 if (ret <= 0) {
125 X509err(X509_F_COMMON_VERIFY_SM2, ERR_R_EVP_LIB);
126 goto err;
127 }
128 ret = 1;
129 err:
130 OPENSSL_clear_free(buf_in, inll);
131 EVP_MD_CTX_free(ctx);
132 EVP_PKEY_CTX_free(pctx);
133 return ret;
134}
135
136static int x509_verify_sm2(X509 *x, EVP_PKEY *pkey, int mdnid, int pknid)
137{
138 return common_verify_sm2(x, pkey, mdnid, pknid, 0);
139}
140
141static int x509_req_verify_sm2(X509_REQ *x, EVP_PKEY *pkey,
142 int mdnid, int pknid)
143{
144 return common_verify_sm2(x, pkey, mdnid, pknid, 1);
145}
146
147#endif
148
149int X509_verify(X509 *a, EVP_PKEY *r)
150{
151#ifndef OPENSSL_NO_SM2
152 int mdnid, pknid;
153#endif
154
155 if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature))
156 return 0;
157
158#ifndef OPENSSL_NO_SM2
159 /* Convert signature OID into digest and public key OIDs */
160 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->sig_alg.algorithm),
161 &mdnid, &pknid)) {
162 X509err(X509_F_X509_VERIFY, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
163 return 0;
164 }
165
166 if (pknid == NID_sm2)
167 return x509_verify_sm2(a, r, mdnid, pknid);
168#endif
169
170 return (ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
171 &a->signature, &a->cert_info, r));
172}
173
174int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
175{
176#ifndef OPENSSL_NO_SM2
177 int mdnid, pknid;
178
179 /* Convert signature OID into digest and public key OIDs */
180 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->sig_alg.algorithm),
181 &mdnid, &pknid)) {
182 X509err(X509_F_X509_REQ_VERIFY, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
183 return 0;
184 }
185
186 if (pknid == NID_sm2)
187 return x509_req_verify_sm2(a, r, mdnid, pknid);
188#endif
189
190 return (ASN1_item_verify(ASN1_ITEM_rptr(X509_REQ_INFO),
191 &a->sig_alg, a->signature, &a->req_info, r));
192}
193
194int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
195{
196 return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
197 &a->sig_algor, a->signature, a->spkac, r));
198}
199
200int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
201{
202 x->cert_info.enc.modified = 1;
203 return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), &x->cert_info.signature,
204 &x->sig_alg, &x->signature, &x->cert_info, pkey,
205 md));
206}
207
208int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
209{
210 x->cert_info.enc.modified = 1;
211 return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
212 &x->cert_info.signature,
213 &x->sig_alg, &x->signature, &x->cert_info, ctx);
214}
215
216#ifndef OPENSSL_NO_OCSP
217int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert)
218{
219 return OCSP_REQ_CTX_nbio_d2i(rctx,
220 (ASN1_VALUE **)pcert, ASN1_ITEM_rptr(X509));
221}
222#endif
223
224int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
225{
226 return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL,
227 x->signature, &x->req_info, pkey, md));
228}
229
230int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
231{
232 return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
233 &x->sig_alg, NULL, x->signature, &x->req_info,
234 ctx);
235}
236
237int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
238{
239 x->crl.enc.modified = 1;
240 return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO), &x->crl.sig_alg,
241 &x->sig_alg, &x->signature, &x->crl, pkey, md));
242}
243
244int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
245{
246 x->crl.enc.modified = 1;
247 return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
248 &x->crl.sig_alg, &x->sig_alg, &x->signature,
249 &x->crl, ctx);
250}
251
252#ifndef OPENSSL_NO_OCSP
253int X509_CRL_http_nbio(OCSP_REQ_CTX *rctx, X509_CRL **pcrl)
254{
255 return OCSP_REQ_CTX_nbio_d2i(rctx,
256 (ASN1_VALUE **)pcrl,
257 ASN1_ITEM_rptr(X509_CRL));
258}
259#endif
260
261int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
262{
263 return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), &x->sig_algor, NULL,
264 x->signature, x->spkac, pkey, md));
265}
266
267#ifndef OPENSSL_NO_STDIO
268X509 *d2i_X509_fp(FILE *fp, X509 **x509)
269{
270 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
271}
272
273int i2d_X509_fp(FILE *fp, const X509 *x509)
274{
275 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
276}
277#endif
278
279X509 *d2i_X509_bio(BIO *bp, X509 **x509)
280{
281 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
282}
283
284int i2d_X509_bio(BIO *bp, const X509 *x509)
285{
286 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
287}
288
289#ifndef OPENSSL_NO_STDIO
290X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
291{
292 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
293}
294
295int i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl)
296{
297 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
298}
299#endif
300
301X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
302{
303 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
304}
305
306int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl)
307{
308 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
309}
310
311#ifndef OPENSSL_NO_STDIO
312PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
313{
314 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
315}
316
317int i2d_PKCS7_fp(FILE *fp, const PKCS7 *p7)
318{
319 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
320}
321#endif
322
323PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
324{
325 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
326}
327
328int i2d_PKCS7_bio(BIO *bp, const PKCS7 *p7)
329{
330 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
331}
332
333#ifndef OPENSSL_NO_STDIO
334X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
335{
336 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
337}
338
339int i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req)
340{
341 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
342}
343#endif
344
345X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
346{
347 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
348}
349
350int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req)
351{
352 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
353}
354
355#ifndef OPENSSL_NO_RSA
356
357# ifndef OPENSSL_NO_STDIO
358RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
359{
360 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
361}
362
363int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa)
364{
365 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
366}
367
368RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
369{
370 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
371}
372
373RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
374{
375 return ASN1_d2i_fp((void *(*)(void))
376 RSA_new, (D2I_OF(void)) d2i_RSA_PUBKEY, fp,
377 (void **)rsa);
378}
379
380int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa)
381{
382 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
383}
384
385int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa)
386{
387 return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa);
388}
389# endif
390
391RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
392{
393 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
394}
395
396int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa)
397{
398 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
399}
400
401RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
402{
403 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
404}
405
406RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
407{
408 return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa);
409}
410
411int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa)
412{
413 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
414}
415
416int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa)
417{
418 return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa);
419}
420#endif
421
422#ifndef OPENSSL_NO_DSA
423# ifndef OPENSSL_NO_STDIO
424DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
425{
426 return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSAPrivateKey, fp, dsa);
427}
428
429int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa)
430{
431 return ASN1_i2d_fp_of(DSA, i2d_DSAPrivateKey, fp, dsa);
432}
433
434DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
435{
436 return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa);
437}
438
439int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa)
440{
441 return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa);
442}
443# endif
444
445DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
446{
447 return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAPrivateKey, bp, dsa);
448}
449
450int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa)
451{
452 return ASN1_i2d_bio_of(DSA, i2d_DSAPrivateKey, bp, dsa);
453}
454
455DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
456{
457 return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa);
458}
459
460int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa)
461{
462 return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa);
463}
464
465#endif
466
467#ifndef OPENSSL_NO_EC
468# ifndef OPENSSL_NO_STDIO
469EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
470{
471 return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey);
472}
473
474int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey)
475{
476 return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey);
477}
478
479EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
480{
481 return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey);
482}
483
484int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey)
485{
486 return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey);
487}
488# endif
489EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
490{
491 return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey);
492}
493
494int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *ecdsa)
495{
496 return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa);
497}
498
499EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
500{
501 return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey);
502}
503
504int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey)
505{
506 return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey);
507}
508#endif
509
510int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
511 unsigned char *md, unsigned int *len)
512{
513 ASN1_BIT_STRING *key;
514 key = X509_get0_pubkey_bitstr(data);
515 if (!key)
516 return 0;
517 return EVP_Digest(key->data, key->length, md, len, type, NULL);
518}
519
520int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
521 unsigned int *len)
522{
523 if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0) {
524 /* Asking for SHA1 and we already computed it. */
525 if (len != NULL)
526 *len = sizeof(data->sha1_hash);
527 memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
528 return 1;
529 }
530 return (ASN1_item_digest
531 (ASN1_ITEM_rptr(X509), type, (char *)data, md, len));
532}
533
534int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
535 unsigned char *md, unsigned int *len)
536{
537 if (type == EVP_sha1() && (data->flags & EXFLAG_SET) != 0) {
538 /* Asking for SHA1; always computed in CRL d2i. */
539 if (len != NULL)
540 *len = sizeof(data->sha1_hash);
541 memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
542 return 1;
543 }
544 return (ASN1_item_digest
545 (ASN1_ITEM_rptr(X509_CRL), type, (char *)data, md, len));
546}
547
548int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
549 unsigned char *md, unsigned int *len)
550{
551 return (ASN1_item_digest
552 (ASN1_ITEM_rptr(X509_REQ), type, (char *)data, md, len));
553}
554
555int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
556 unsigned char *md, unsigned int *len)
557{
558 return (ASN1_item_digest
559 (ASN1_ITEM_rptr(X509_NAME), type, (char *)data, md, len));
560}
561
562int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
563 const EVP_MD *type, unsigned char *md,
564 unsigned int *len)
565{
566 return (ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL), type,
567 (char *)data, md, len));
568}
569
570#ifndef OPENSSL_NO_STDIO
571X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
572{
573 return ASN1_d2i_fp_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, fp, p8);
574}
575
576int i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8)
577{
578 return ASN1_i2d_fp_of(X509_SIG, i2d_X509_SIG, fp, p8);
579}
580#endif
581
582X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
583{
584 return ASN1_d2i_bio_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, bp, p8);
585}
586
587int i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8)
588{
589 return ASN1_i2d_bio_of(X509_SIG, i2d_X509_SIG, bp, p8);
590}
591
592#ifndef OPENSSL_NO_STDIO
593X509_PUBKEY *d2i_X509_PUBKEY_fp(FILE *fp, X509_PUBKEY **xpk)
594{
595 return ASN1_d2i_fp_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
596 fp, xpk);
597}
598
599int i2d_X509_PUBKEY_fp(FILE *fp, const X509_PUBKEY *xpk)
600{
601 return ASN1_i2d_fp_of(X509_PUBKEY, i2d_X509_PUBKEY, fp, xpk);
602}
603#endif
604
605X509_PUBKEY *d2i_X509_PUBKEY_bio(BIO *bp, X509_PUBKEY **xpk)
606{
607 return ASN1_d2i_bio_of(X509_PUBKEY, X509_PUBKEY_new, d2i_X509_PUBKEY,
608 bp, xpk);
609}
610
611int i2d_X509_PUBKEY_bio(BIO *bp, const X509_PUBKEY *xpk)
612{
613 return ASN1_i2d_bio_of(X509_PUBKEY, i2d_X509_PUBKEY, bp, xpk);
614}
615
616#ifndef OPENSSL_NO_STDIO
617PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
618 PKCS8_PRIV_KEY_INFO **p8inf)
619{
620 return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
621 d2i_PKCS8_PRIV_KEY_INFO, fp, p8inf);
622}
623
624int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf)
625{
626 return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, fp,
627 p8inf);
628}
629
630int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key)
631{
632 PKCS8_PRIV_KEY_INFO *p8inf;
633 int ret;
634
635 p8inf = EVP_PKEY2PKCS8(key);
636 if (p8inf == NULL)
637 return 0;
638 ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
639 PKCS8_PRIV_KEY_INFO_free(p8inf);
640 return ret;
641}
642
643int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey)
644{
645 return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey);
646}
647
648EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
649{
650 return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a);
651}
652
653int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey)
654{
655 return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey);
656}
657
658EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
659{
660 return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, fp, a);
661}
662
663#endif
664
665PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
666 PKCS8_PRIV_KEY_INFO **p8inf)
667{
668 return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
669 d2i_PKCS8_PRIV_KEY_INFO, bp, p8inf);
670}
671
672int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf)
673{
674 return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, bp,
675 p8inf);
676}
677
678int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key)
679{
680 PKCS8_PRIV_KEY_INFO *p8inf;
681 int ret;
682
683 p8inf = EVP_PKEY2PKCS8(key);
684 if (p8inf == NULL)
685 return 0;
686 ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
687 PKCS8_PRIV_KEY_INFO_free(p8inf);
688 return ret;
689}
690
691int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey)
692{
693 return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey);
694}
695
696EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
697{
698 return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a);
699}
700
701int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey)
702{
703 return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey);
704}
705
706EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
707{
708 return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, bp, a);
709}
710