1 /*
2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include <openssl/asn1t.h>
13 #include <openssl/x509.h>
14 #include "crypto/asn1.h"
15 #include "crypto/evp.h"
16 #include "crypto/x509.h"
17 #include <openssl/rsa.h>
18 #include <openssl/dsa.h>
19
20 struct X509_pubkey_st {
21 X509_ALGOR *algor;
22 ASN1_BIT_STRING *public_key;
23 EVP_PKEY *pkey;
24 };
25
26 static int x509_pubkey_decode(EVP_PKEY **pk, X509_PUBKEY *key);
27
28 /* Minor tweak to operation: free up EVP_PKEY */
pubkey_cb(int operation,ASN1_VALUE ** pval,const ASN1_ITEM * it,void * exarg)29 static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
30 void *exarg)
31 {
32 if (operation == ASN1_OP_FREE_POST) {
33 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
34 EVP_PKEY_free(pubkey->pkey);
35 } else if (operation == ASN1_OP_D2I_POST) {
36 /* Attempt to decode public key and cache in pubkey structure. */
37 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
38 EVP_PKEY_free(pubkey->pkey);
39 pubkey->pkey = NULL;
40 /*
41 * Opportunistically decode the key but remove any non fatal errors
42 * from the queue. Subsequent explicit attempts to decode/use the key
43 * will return an appropriate error.
44 */
45 ERR_set_mark();
46 if (x509_pubkey_decode(&pubkey->pkey, pubkey) == -1)
47 return 0;
48 ERR_pop_to_mark();
49 }
50 return 1;
51 }
52
53 ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
54 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
55 ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
56 } ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY)
57
58 IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
59
60 int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
61 {
62 X509_PUBKEY *pk = NULL;
63
64 if (x == NULL)
65 return 0;
66
67 if ((pk = X509_PUBKEY_new()) == NULL)
68 goto error;
69
70 if (pkey->ameth) {
71 if (pkey->ameth->pub_encode) {
72 if (!pkey->ameth->pub_encode(pk, pkey)) {
73 X509err(X509_F_X509_PUBKEY_SET,
74 X509_R_PUBLIC_KEY_ENCODE_ERROR);
75 goto error;
76 }
77 } else {
78 X509err(X509_F_X509_PUBKEY_SET, X509_R_METHOD_NOT_SUPPORTED);
79 goto error;
80 }
81 } else {
82 X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM);
83 goto error;
84 }
85
86 X509_PUBKEY_free(*x);
87 *x = pk;
88 pk->pkey = pkey;
89 EVP_PKEY_up_ref(pkey);
90 return 1;
91
92 error:
93 X509_PUBKEY_free(pk);
94 return 0;
95 }
96
97 /*
98 * Attempt to decode a public key.
99 * Returns 1 on success, 0 for a decode failure and -1 for a fatal
100 * error e.g. malloc failure.
101 */
102
103
x509_pubkey_decode(EVP_PKEY ** ppkey,X509_PUBKEY * key)104 static int x509_pubkey_decode(EVP_PKEY **ppkey, X509_PUBKEY *key)
105 {
106 EVP_PKEY *pkey = EVP_PKEY_new();
107
108 if (pkey == NULL) {
109 X509err(X509_F_X509_PUBKEY_DECODE, ERR_R_MALLOC_FAILURE);
110 return -1;
111 }
112
113 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(key->algor->algorithm))) {
114 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_UNSUPPORTED_ALGORITHM);
115 goto error;
116 }
117
118 if (pkey->ameth->pub_decode) {
119 /*
120 * Treat any failure of pub_decode as a decode error. In
121 * future we could have different return codes for decode
122 * errors and fatal errors such as malloc failure.
123 */
124 if (!pkey->ameth->pub_decode(pkey, key)) {
125 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_PUBLIC_KEY_DECODE_ERROR);
126 goto error;
127 }
128 } else {
129 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_METHOD_NOT_SUPPORTED);
130 goto error;
131 }
132
133 *ppkey = pkey;
134 return 1;
135
136 error:
137 EVP_PKEY_free(pkey);
138 return 0;
139 }
140
X509_PUBKEY_get0(X509_PUBKEY * key)141 EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key)
142 {
143 EVP_PKEY *ret = NULL;
144
145 if (key == NULL || key->public_key == NULL)
146 return NULL;
147
148 if (key->pkey != NULL)
149 return key->pkey;
150
151 /*
152 * When the key ASN.1 is initially parsed an attempt is made to
153 * decode the public key and cache the EVP_PKEY structure. If this
154 * operation fails the cached value will be NULL. Parsing continues
155 * to allow parsing of unknown key types or unsupported forms.
156 * We repeat the decode operation so the appropriate errors are left
157 * in the queue.
158 */
159 x509_pubkey_decode(&ret, key);
160 /* If decode doesn't fail something bad happened */
161 if (ret != NULL) {
162 X509err(X509_F_X509_PUBKEY_GET0, ERR_R_INTERNAL_ERROR);
163 EVP_PKEY_free(ret);
164 }
165
166 return NULL;
167 }
168
X509_PUBKEY_get(X509_PUBKEY * key)169 EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
170 {
171 EVP_PKEY *ret = X509_PUBKEY_get0(key);
172
173 if (ret != NULL && !EVP_PKEY_up_ref(ret)) {
174 X509err(X509_F_X509_PUBKEY_GET, ERR_R_INTERNAL_ERROR);
175 ret = NULL;
176 }
177 return ret;
178 }
179
180 /*
181 * Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or
182 * decode as X509_PUBKEY
183 */
184
d2i_PUBKEY(EVP_PKEY ** a,const unsigned char ** pp,long length)185 EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
186 {
187 X509_PUBKEY *xpk;
188 EVP_PKEY *pktmp;
189 const unsigned char *q;
190 q = *pp;
191 xpk = d2i_X509_PUBKEY(NULL, &q, length);
192 if (!xpk)
193 return NULL;
194 pktmp = X509_PUBKEY_get(xpk);
195 X509_PUBKEY_free(xpk);
196 if (!pktmp)
197 return NULL;
198 *pp = q;
199 if (a) {
200 EVP_PKEY_free(*a);
201 *a = pktmp;
202 }
203 return pktmp;
204 }
205
i2d_PUBKEY(EVP_PKEY * a,unsigned char ** pp)206 int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
207 {
208 X509_PUBKEY *xpk = NULL;
209 int ret;
210 if (!a)
211 return 0;
212 if (!X509_PUBKEY_set(&xpk, a))
213 return -1;
214 ret = i2d_X509_PUBKEY(xpk, pp);
215 X509_PUBKEY_free(xpk);
216 return ret;
217 }
218
219 /*
220 * The following are equivalents but which return RSA and DSA keys
221 */
222 #ifndef OPENSSL_NO_RSA
d2i_RSA_PUBKEY(RSA ** a,const unsigned char ** pp,long length)223 RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
224 {
225 EVP_PKEY *pkey;
226 RSA *key;
227 const unsigned char *q;
228 q = *pp;
229 pkey = d2i_PUBKEY(NULL, &q, length);
230 if (!pkey)
231 return NULL;
232 key = EVP_PKEY_get1_RSA(pkey);
233 EVP_PKEY_free(pkey);
234 if (!key)
235 return NULL;
236 *pp = q;
237 if (a) {
238 RSA_free(*a);
239 *a = key;
240 }
241 return key;
242 }
243
i2d_RSA_PUBKEY(RSA * a,unsigned char ** pp)244 int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
245 {
246 EVP_PKEY *pktmp;
247 int ret;
248 if (!a)
249 return 0;
250 pktmp = EVP_PKEY_new();
251 if (pktmp == NULL) {
252 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
253 return -1;
254 }
255 EVP_PKEY_set1_RSA(pktmp, a);
256 ret = i2d_PUBKEY(pktmp, pp);
257 EVP_PKEY_free(pktmp);
258 return ret;
259 }
260 #endif
261
262 #ifndef OPENSSL_NO_DSA
d2i_DSA_PUBKEY(DSA ** a,const unsigned char ** pp,long length)263 DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
264 {
265 EVP_PKEY *pkey;
266 DSA *key;
267 const unsigned char *q;
268 q = *pp;
269 pkey = d2i_PUBKEY(NULL, &q, length);
270 if (!pkey)
271 return NULL;
272 key = EVP_PKEY_get1_DSA(pkey);
273 EVP_PKEY_free(pkey);
274 if (!key)
275 return NULL;
276 *pp = q;
277 if (a) {
278 DSA_free(*a);
279 *a = key;
280 }
281 return key;
282 }
283
i2d_DSA_PUBKEY(DSA * a,unsigned char ** pp)284 int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
285 {
286 EVP_PKEY *pktmp;
287 int ret;
288 if (!a)
289 return 0;
290 pktmp = EVP_PKEY_new();
291 if (pktmp == NULL) {
292 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
293 return -1;
294 }
295 EVP_PKEY_set1_DSA(pktmp, a);
296 ret = i2d_PUBKEY(pktmp, pp);
297 EVP_PKEY_free(pktmp);
298 return ret;
299 }
300 #endif
301
302 #ifndef OPENSSL_NO_EC
d2i_EC_PUBKEY(EC_KEY ** a,const unsigned char ** pp,long length)303 EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
304 {
305 EVP_PKEY *pkey;
306 EC_KEY *key;
307 const unsigned char *q;
308 q = *pp;
309 pkey = d2i_PUBKEY(NULL, &q, length);
310 if (!pkey)
311 return NULL;
312 key = EVP_PKEY_get1_EC_KEY(pkey);
313 EVP_PKEY_free(pkey);
314 if (!key)
315 return NULL;
316 *pp = q;
317 if (a) {
318 EC_KEY_free(*a);
319 *a = key;
320 }
321 return key;
322 }
323
i2d_EC_PUBKEY(EC_KEY * a,unsigned char ** pp)324 int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
325 {
326 EVP_PKEY *pktmp;
327 int ret;
328 if (!a)
329 return 0;
330 if ((pktmp = EVP_PKEY_new()) == NULL) {
331 ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
332 return -1;
333 }
334 EVP_PKEY_set1_EC_KEY(pktmp, a);
335 ret = i2d_PUBKEY(pktmp, pp);
336 EVP_PKEY_free(pktmp);
337 return ret;
338 }
339 #endif
340
X509_PUBKEY_set0_param(X509_PUBKEY * pub,ASN1_OBJECT * aobj,int ptype,void * pval,unsigned char * penc,int penclen)341 int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
342 int ptype, void *pval,
343 unsigned char *penc, int penclen)
344 {
345 if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
346 return 0;
347 if (penc) {
348 OPENSSL_free(pub->public_key->data);
349 pub->public_key->data = penc;
350 pub->public_key->length = penclen;
351 /* Set number of unused bits to zero */
352 pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
353 pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
354 }
355 return 1;
356 }
357
X509_PUBKEY_get0_param(ASN1_OBJECT ** ppkalg,const unsigned char ** pk,int * ppklen,X509_ALGOR ** pa,X509_PUBKEY * pub)358 int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
359 const unsigned char **pk, int *ppklen,
360 X509_ALGOR **pa, X509_PUBKEY *pub)
361 {
362 if (ppkalg)
363 *ppkalg = pub->algor->algorithm;
364 if (pk) {
365 *pk = pub->public_key->data;
366 *ppklen = pub->public_key->length;
367 }
368 if (pa)
369 *pa = pub->algor;
370 return 1;
371 }
372
X509_get0_pubkey_bitstr(const X509 * x)373 ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
374 {
375 if (x == NULL)
376 return NULL;
377 return x->cert_info.key->public_key;
378 }
379