1 /*
2 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * Low level APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <stdio.h>
17 #include "internal/cryptlib.h"
18 #include <openssl/evp.h>
19 #include <openssl/encoder.h>
20 #include <openssl/buffer.h>
21 #include <openssl/x509.h>
22 #include <openssl/rsa.h> /* For i2d_RSAPublicKey */
23 #include <openssl/dsa.h> /* For i2d_DSAPublicKey */
24 #include <openssl/ec.h> /* For i2o_ECPublicKey */
25 #include "crypto/asn1.h"
26 #include "crypto/evp.h"
27
28 struct type_and_structure_st {
29 const char *output_type;
30 const char *output_structure;
31 };
32
i2d_provided(const EVP_PKEY * a,int selection,const struct type_and_structure_st * output_info,unsigned char ** pp)33 static int i2d_provided(const EVP_PKEY *a, int selection,
34 const struct type_and_structure_st *output_info,
35 unsigned char **pp)
36 {
37 OSSL_ENCODER_CTX *ctx = NULL;
38 int ret;
39
40 for (ret = -1;
41 ret == -1 && output_info->output_type != NULL;
42 output_info++) {
43 /*
44 * The i2d_ calls don't take a boundary length for *pp. However,
45 * OSSL_ENCODER_to_data() needs one, so we make one up. Because
46 * OSSL_ENCODER_to_data() decrements this number by the amount of
47 * bytes written, we need to calculate the length written further
48 * down, when pp != NULL.
49 */
50 size_t len = INT_MAX;
51 int pp_was_NULL = (pp == NULL || *pp == NULL);
52
53 ctx = OSSL_ENCODER_CTX_new_for_pkey(a, selection,
54 output_info->output_type,
55 output_info->output_structure,
56 NULL);
57 if (ctx == NULL)
58 return -1;
59 if (OSSL_ENCODER_to_data(ctx, pp, &len)) {
60 if (pp_was_NULL)
61 ret = (int)len;
62 else
63 ret = INT_MAX - (int)len;
64 }
65 OSSL_ENCODER_CTX_free(ctx);
66 ctx = NULL;
67 }
68
69 if (ret == -1)
70 ERR_raise(ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_TYPE);
71 return ret;
72 }
73
i2d_KeyParams(const EVP_PKEY * a,unsigned char ** pp)74 int i2d_KeyParams(const EVP_PKEY *a, unsigned char **pp)
75 {
76 if (evp_pkey_is_provided(a)) {
77 static const struct type_and_structure_st output_info[] = {
78 { "DER", "type-specific" },
79 { NULL, }
80 };
81
82 return i2d_provided(a, EVP_PKEY_KEY_PARAMETERS, output_info, pp);
83 }
84 if (a->ameth != NULL && a->ameth->param_encode != NULL)
85 return a->ameth->param_encode(a, pp);
86 ERR_raise(ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_TYPE);
87 return -1;
88 }
89
i2d_KeyParams_bio(BIO * bp,const EVP_PKEY * pkey)90 int i2d_KeyParams_bio(BIO *bp, const EVP_PKEY *pkey)
91 {
92 return ASN1_i2d_bio_of(EVP_PKEY, i2d_KeyParams, bp, pkey);
93 }
94
i2d_PrivateKey(const EVP_PKEY * a,unsigned char ** pp)95 int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp)
96 {
97 if (evp_pkey_is_provided(a)) {
98 static const struct type_and_structure_st output_info[] = {
99 { "DER", "type-specific" },
100 { "DER", "PrivateKeyInfo" },
101 { NULL, }
102 };
103
104 return i2d_provided(a, EVP_PKEY_KEYPAIR, output_info, pp);
105 }
106 if (a->ameth != NULL && a->ameth->old_priv_encode != NULL) {
107 return a->ameth->old_priv_encode(a, pp);
108 }
109 if (a->ameth != NULL && a->ameth->priv_encode != NULL) {
110 PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
111 int ret = 0;
112
113 if (p8 != NULL) {
114 ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
115 PKCS8_PRIV_KEY_INFO_free(p8);
116 }
117 return ret;
118 }
119 ERR_raise(ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
120 return -1;
121 }
122
i2d_PublicKey(const EVP_PKEY * a,unsigned char ** pp)123 int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp)
124 {
125 if (evp_pkey_is_provided(a)) {
126 static const struct type_and_structure_st output_info[] = {
127 { "DER", "type-specific" },
128 { "blob", NULL }, /* for EC */
129 { NULL, }
130 };
131
132 return i2d_provided(a, EVP_PKEY_PUBLIC_KEY, output_info, pp);
133 }
134 switch (EVP_PKEY_get_base_id(a)) {
135 case EVP_PKEY_RSA:
136 return i2d_RSAPublicKey(EVP_PKEY_get0_RSA(a), pp);
137 #ifndef OPENSSL_NO_DSA
138 case EVP_PKEY_DSA:
139 return i2d_DSAPublicKey(EVP_PKEY_get0_DSA(a), pp);
140 #endif
141 #ifndef OPENSSL_NO_EC
142 case EVP_PKEY_EC:
143 return i2o_ECPublicKey(EVP_PKEY_get0_EC_KEY(a), pp);
144 #endif
145 default:
146 ERR_raise(ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
147 return -1;
148 }
149 }
150