1/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
7 *
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14 *
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.] */
56
57#include <openssl/evp.h>
58
59#include <assert.h>
60#include <string.h>
61
62#include <openssl/dsa.h>
63#include <openssl/ec.h>
64#include <openssl/err.h>
65#include <openssl/mem.h>
66#include <openssl/nid.h>
67#include <openssl/rsa.h>
68#include <openssl/thread.h>
69
70#include "internal.h"
71#include "../internal.h"
72
73
74EVP_PKEY *EVP_PKEY_new(void) {
75 EVP_PKEY *ret;
76
77 ret = OPENSSL_malloc(sizeof(EVP_PKEY));
78 if (ret == NULL) {
79 OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
80 return NULL;
81 }
82
83 OPENSSL_memset(ret, 0, sizeof(EVP_PKEY));
84 ret->type = EVP_PKEY_NONE;
85 ret->references = 1;
86
87 return ret;
88}
89
90static void free_it(EVP_PKEY *pkey) {
91 if (pkey->ameth && pkey->ameth->pkey_free) {
92 pkey->ameth->pkey_free(pkey);
93 pkey->pkey.ptr = NULL;
94 pkey->type = EVP_PKEY_NONE;
95 }
96}
97
98void EVP_PKEY_free(EVP_PKEY *pkey) {
99 if (pkey == NULL) {
100 return;
101 }
102
103 if (!CRYPTO_refcount_dec_and_test_zero(&pkey->references)) {
104 return;
105 }
106
107 free_it(pkey);
108 OPENSSL_free(pkey);
109}
110
111int EVP_PKEY_up_ref(EVP_PKEY *pkey) {
112 CRYPTO_refcount_inc(&pkey->references);
113 return 1;
114}
115
116int EVP_PKEY_is_opaque(const EVP_PKEY *pkey) {
117 if (pkey->ameth && pkey->ameth->pkey_opaque) {
118 return pkey->ameth->pkey_opaque(pkey);
119 }
120 return 0;
121}
122
123int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) {
124 if (a->type != b->type) {
125 return -1;
126 }
127
128 if (a->ameth) {
129 int ret;
130 // Compare parameters if the algorithm has them
131 if (a->ameth->param_cmp) {
132 ret = a->ameth->param_cmp(a, b);
133 if (ret <= 0) {
134 return ret;
135 }
136 }
137
138 if (a->ameth->pub_cmp) {
139 return a->ameth->pub_cmp(a, b);
140 }
141 }
142
143 return -2;
144}
145
146int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) {
147 if (to->type != from->type) {
148 OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES);
149 goto err;
150 }
151
152 if (EVP_PKEY_missing_parameters(from)) {
153 OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS);
154 goto err;
155 }
156
157 if (from->ameth && from->ameth->param_copy) {
158 return from->ameth->param_copy(to, from);
159 }
160
161err:
162 return 0;
163}
164
165int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) {
166 if (pkey->ameth && pkey->ameth->param_missing) {
167 return pkey->ameth->param_missing(pkey);
168 }
169 return 0;
170}
171
172int EVP_PKEY_size(const EVP_PKEY *pkey) {
173 if (pkey && pkey->ameth && pkey->ameth->pkey_size) {
174 return pkey->ameth->pkey_size(pkey);
175 }
176 return 0;
177}
178
179int EVP_PKEY_bits(const EVP_PKEY *pkey) {
180 if (pkey && pkey->ameth && pkey->ameth->pkey_bits) {
181 return pkey->ameth->pkey_bits(pkey);
182 }
183 return 0;
184}
185
186int EVP_PKEY_id(const EVP_PKEY *pkey) {
187 return pkey->type;
188}
189
190// evp_pkey_asn1_find returns the ASN.1 method table for the given |nid|, which
191// should be one of the |EVP_PKEY_*| values. It returns NULL if |nid| is
192// unknown.
193static const EVP_PKEY_ASN1_METHOD *evp_pkey_asn1_find(int nid) {
194 switch (nid) {
195 case EVP_PKEY_RSA:
196 return &rsa_asn1_meth;
197 case EVP_PKEY_EC:
198 return &ec_asn1_meth;
199 case EVP_PKEY_DSA:
200 return &dsa_asn1_meth;
201 case EVP_PKEY_ED25519:
202 return &ed25519_asn1_meth;
203 default:
204 return NULL;
205 }
206}
207
208int EVP_PKEY_type(int nid) {
209 const EVP_PKEY_ASN1_METHOD *meth = evp_pkey_asn1_find(nid);
210 if (meth == NULL) {
211 return NID_undef;
212 }
213 return meth->pkey_id;
214}
215
216int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) {
217 if (EVP_PKEY_assign_RSA(pkey, key)) {
218 RSA_up_ref(key);
219 return 1;
220 }
221 return 0;
222}
223
224int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key) {
225 return EVP_PKEY_assign(pkey, EVP_PKEY_RSA, key);
226}
227
228RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey) {
229 if (pkey->type != EVP_PKEY_RSA) {
230 OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_RSA_KEY);
231 return NULL;
232 }
233 return pkey->pkey.rsa;
234}
235
236RSA *EVP_PKEY_get1_RSA(const EVP_PKEY *pkey) {
237 RSA *rsa = EVP_PKEY_get0_RSA(pkey);
238 if (rsa != NULL) {
239 RSA_up_ref(rsa);
240 }
241 return rsa;
242}
243
244int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) {
245 if (EVP_PKEY_assign_DSA(pkey, key)) {
246 DSA_up_ref(key);
247 return 1;
248 }
249 return 0;
250}
251
252int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key) {
253 return EVP_PKEY_assign(pkey, EVP_PKEY_DSA, key);
254}
255
256DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey) {
257 if (pkey->type != EVP_PKEY_DSA) {
258 OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DSA_KEY);
259 return NULL;
260 }
261 return pkey->pkey.dsa;
262}
263
264DSA *EVP_PKEY_get1_DSA(const EVP_PKEY *pkey) {
265 DSA *dsa = EVP_PKEY_get0_DSA(pkey);
266 if (dsa != NULL) {
267 DSA_up_ref(dsa);
268 }
269 return dsa;
270}
271
272int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) {
273 if (EVP_PKEY_assign_EC_KEY(pkey, key)) {
274 EC_KEY_up_ref(key);
275 return 1;
276 }
277 return 0;
278}
279
280int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) {
281 return EVP_PKEY_assign(pkey, EVP_PKEY_EC, key);
282}
283
284EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey) {
285 if (pkey->type != EVP_PKEY_EC) {
286 OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_EC_KEY_KEY);
287 return NULL;
288 }
289 return pkey->pkey.ec;
290}
291
292EC_KEY *EVP_PKEY_get1_EC_KEY(const EVP_PKEY *pkey) {
293 EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(pkey);
294 if (ec_key != NULL) {
295 EC_KEY_up_ref(ec_key);
296 }
297 return ec_key;
298}
299
300DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey) { return NULL; }
301DH *EVP_PKEY_get1_DH(const EVP_PKEY *pkey) { return NULL; }
302
303int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) {
304 if (!EVP_PKEY_set_type(pkey, type)) {
305 return 0;
306 }
307 pkey->pkey.ptr = key;
308 return key != NULL;
309}
310
311int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) {
312 const EVP_PKEY_ASN1_METHOD *ameth;
313
314 if (pkey && pkey->pkey.ptr) {
315 free_it(pkey);
316 }
317
318 ameth = evp_pkey_asn1_find(type);
319 if (ameth == NULL) {
320 OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);
321 ERR_add_error_dataf("algorithm %d", type);
322 return 0;
323 }
324
325 if (pkey) {
326 pkey->ameth = ameth;
327 pkey->type = pkey->ameth->pkey_id;
328 }
329
330 return 1;
331}
332
333EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *unused,
334 const uint8_t *in, size_t len) {
335 EVP_PKEY *ret = EVP_PKEY_new();
336 if (ret == NULL ||
337 !EVP_PKEY_set_type(ret, type)) {
338 goto err;
339 }
340
341 if (ret->ameth->set_priv_raw == NULL) {
342 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
343 goto err;
344 }
345
346 if (!ret->ameth->set_priv_raw(ret, in, len)) {
347 goto err;
348 }
349
350 return ret;
351
352err:
353 EVP_PKEY_free(ret);
354 return NULL;
355}
356
357EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *unused,
358 const uint8_t *in, size_t len) {
359 EVP_PKEY *ret = EVP_PKEY_new();
360 if (ret == NULL ||
361 !EVP_PKEY_set_type(ret, type)) {
362 goto err;
363 }
364
365 if (ret->ameth->set_pub_raw == NULL) {
366 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
367 goto err;
368 }
369
370 if (!ret->ameth->set_pub_raw(ret, in, len)) {
371 goto err;
372 }
373
374 return ret;
375
376err:
377 EVP_PKEY_free(ret);
378 return NULL;
379}
380
381int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, uint8_t *out,
382 size_t *out_len) {
383 if (pkey->ameth->get_priv_raw == NULL) {
384 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
385 return 0;
386 }
387
388 return pkey->ameth->get_priv_raw(pkey, out, out_len);
389}
390
391int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, uint8_t *out,
392 size_t *out_len) {
393 if (pkey->ameth->get_pub_raw == NULL) {
394 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
395 return 0;
396 }
397
398 return pkey->ameth->get_pub_raw(pkey, out, out_len);
399}
400
401int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) {
402 if (a->type != b->type) {
403 return -1;
404 }
405 if (a->ameth && a->ameth->param_cmp) {
406 return a->ameth->param_cmp(a, b);
407 }
408 return -2;
409}
410
411int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) {
412 return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_MD, 0,
413 (void *)md);
414}
415
416int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **out_md) {
417 return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_GET_MD,
418 0, (void *)out_md);
419}
420
421void OpenSSL_add_all_algorithms(void) {}
422
423void OPENSSL_add_all_algorithms_conf(void) {}
424
425void OpenSSL_add_all_ciphers(void) {}
426
427void OpenSSL_add_all_digests(void) {}
428
429void EVP_cleanup(void) {}
430