• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2  * All rights reserved.
3  *
4  * This package is an SSL implementation written
5  * by Eric Young (eay@cryptsoft.com).
6  * The implementation was written so as to conform with Netscapes SSL.
7  *
8  * This library is free for commercial and non-commercial use as long as
9  * the following conditions are aheared to.  The following conditions
10  * apply to all code found in this distribution, be it the RC4, RSA,
11  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
12  * included with this distribution is covered by the same copyright terms
13  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14  *
15  * Copyright remains Eric Young's, and as such any Copyright notices in
16  * the code are not to be removed.
17  * If this package is used in a product, Eric Young should be given attribution
18  * as the author of the parts of the library used.
19  * This can be in the form of a textual message at program startup or
20  * in documentation (online or textual) provided with the package.
21  *
22  * Redistribution and use in source and binary forms, with or without
23  * modification, are permitted provided that the following conditions
24  * are met:
25  * 1. Redistributions of source code must retain the copyright
26  *    notice, this list of conditions and the following disclaimer.
27  * 2. Redistributions in binary form must reproduce the above copyright
28  *    notice, this list of conditions and the following disclaimer in the
29  *    documentation and/or other materials provided with the distribution.
30  * 3. All advertising materials mentioning features or use of this software
31  *    must display the following acknowledgement:
32  *    "This product includes cryptographic software written by
33  *     Eric Young (eay@cryptsoft.com)"
34  *    The word 'cryptographic' can be left out if the rouines from the library
35  *    being used are not cryptographic related :-).
36  * 4. If you include any Windows specific code (or a derivative thereof) from
37  *    the apps directory (application code) you must include an acknowledgement:
38  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39  *
40  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50  * SUCH DAMAGE.
51  *
52  * The licence and distribution terms for any publically available version or
53  * derivative of this code cannot be changed.  i.e. this code cannot simply be
54  * copied and put under another distribution licence
55  * [including the GNU Public Licence.] */
56 
57 #include <openssl/evp.h>
58 
59 #include <assert.h>
60 #include <string.h>
61 
62 #include <openssl/dsa.h>
63 #include <openssl/ec.h>
64 #include <openssl/err.h>
65 #include <openssl/mem.h>
66 #include <openssl/nid.h>
67 #include <openssl/rsa.h>
68 #include <openssl/thread.h>
69 
70 #include "internal.h"
71 #include "../internal.h"
72 
73 
74 // Node depends on |EVP_R_NOT_XOF_OR_INVALID_LENGTH|.
75 //
76 // TODO(davidben): Fix Node to not touch the error queue itself and remove this.
OPENSSL_DECLARE_ERROR_REASON(EVP,NOT_XOF_OR_INVALID_LENGTH)77 OPENSSL_DECLARE_ERROR_REASON(EVP, NOT_XOF_OR_INVALID_LENGTH)
78 
79 EVP_PKEY *EVP_PKEY_new(void) {
80   EVP_PKEY *ret;
81 
82   ret = OPENSSL_malloc(sizeof(EVP_PKEY));
83   if (ret == NULL) {
84     OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
85     return NULL;
86   }
87 
88   OPENSSL_memset(ret, 0, sizeof(EVP_PKEY));
89   ret->type = EVP_PKEY_NONE;
90   ret->references = 1;
91 
92   return ret;
93 }
94 
free_it(EVP_PKEY * pkey)95 static void free_it(EVP_PKEY *pkey) {
96   if (pkey->ameth && pkey->ameth->pkey_free) {
97     pkey->ameth->pkey_free(pkey);
98     pkey->pkey.ptr = NULL;
99     pkey->type = EVP_PKEY_NONE;
100   }
101 }
102 
EVP_PKEY_free(EVP_PKEY * pkey)103 void EVP_PKEY_free(EVP_PKEY *pkey) {
104   if (pkey == NULL) {
105     return;
106   }
107 
108   if (!CRYPTO_refcount_dec_and_test_zero(&pkey->references)) {
109     return;
110   }
111 
112   free_it(pkey);
113   OPENSSL_free(pkey);
114 }
115 
EVP_PKEY_up_ref(EVP_PKEY * pkey)116 int EVP_PKEY_up_ref(EVP_PKEY *pkey) {
117   CRYPTO_refcount_inc(&pkey->references);
118   return 1;
119 }
120 
EVP_PKEY_is_opaque(const EVP_PKEY * pkey)121 int EVP_PKEY_is_opaque(const EVP_PKEY *pkey) {
122   if (pkey->ameth && pkey->ameth->pkey_opaque) {
123     return pkey->ameth->pkey_opaque(pkey);
124   }
125   return 0;
126 }
127 
EVP_PKEY_cmp(const EVP_PKEY * a,const EVP_PKEY * b)128 int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) {
129   if (a->type != b->type) {
130     return -1;
131   }
132 
133   if (a->ameth) {
134     int ret;
135     // Compare parameters if the algorithm has them
136     if (a->ameth->param_cmp) {
137       ret = a->ameth->param_cmp(a, b);
138       if (ret <= 0) {
139         return ret;
140       }
141     }
142 
143     if (a->ameth->pub_cmp) {
144       return a->ameth->pub_cmp(a, b);
145     }
146   }
147 
148   return -2;
149 }
150 
EVP_PKEY_copy_parameters(EVP_PKEY * to,const EVP_PKEY * from)151 int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) {
152   if (to->type != from->type) {
153     OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES);
154     goto err;
155   }
156 
157   if (EVP_PKEY_missing_parameters(from)) {
158     OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS);
159     goto err;
160   }
161 
162   if (from->ameth && from->ameth->param_copy) {
163     return from->ameth->param_copy(to, from);
164   }
165 
166 err:
167   return 0;
168 }
169 
EVP_PKEY_missing_parameters(const EVP_PKEY * pkey)170 int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) {
171   if (pkey->ameth && pkey->ameth->param_missing) {
172     return pkey->ameth->param_missing(pkey);
173   }
174   return 0;
175 }
176 
EVP_PKEY_size(const EVP_PKEY * pkey)177 int EVP_PKEY_size(const EVP_PKEY *pkey) {
178   if (pkey && pkey->ameth && pkey->ameth->pkey_size) {
179     return pkey->ameth->pkey_size(pkey);
180   }
181   return 0;
182 }
183 
EVP_PKEY_bits(const EVP_PKEY * pkey)184 int EVP_PKEY_bits(const EVP_PKEY *pkey) {
185   if (pkey && pkey->ameth && pkey->ameth->pkey_bits) {
186     return pkey->ameth->pkey_bits(pkey);
187   }
188   return 0;
189 }
190 
EVP_PKEY_id(const EVP_PKEY * pkey)191 int EVP_PKEY_id(const EVP_PKEY *pkey) {
192   return pkey->type;
193 }
194 
195 // evp_pkey_asn1_find returns the ASN.1 method table for the given |nid|, which
196 // should be one of the |EVP_PKEY_*| values. It returns NULL if |nid| is
197 // unknown.
evp_pkey_asn1_find(int nid)198 static const EVP_PKEY_ASN1_METHOD *evp_pkey_asn1_find(int nid) {
199   switch (nid) {
200     case EVP_PKEY_RSA:
201       return &rsa_asn1_meth;
202     case EVP_PKEY_EC:
203       return &ec_asn1_meth;
204     case EVP_PKEY_DSA:
205       return &dsa_asn1_meth;
206     case EVP_PKEY_ED25519:
207       return &ed25519_asn1_meth;
208     case EVP_PKEY_X25519:
209       return &x25519_asn1_meth;
210     default:
211       return NULL;
212   }
213 }
214 
EVP_PKEY_type(int nid)215 int EVP_PKEY_type(int nid) {
216   const EVP_PKEY_ASN1_METHOD *meth = evp_pkey_asn1_find(nid);
217   if (meth == NULL) {
218     return NID_undef;
219   }
220   return meth->pkey_id;
221 }
222 
EVP_PKEY_set1_RSA(EVP_PKEY * pkey,RSA * key)223 int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) {
224   if (EVP_PKEY_assign_RSA(pkey, key)) {
225     RSA_up_ref(key);
226     return 1;
227   }
228   return 0;
229 }
230 
EVP_PKEY_assign_RSA(EVP_PKEY * pkey,RSA * key)231 int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key) {
232   return EVP_PKEY_assign(pkey, EVP_PKEY_RSA, key);
233 }
234 
EVP_PKEY_get0_RSA(const EVP_PKEY * pkey)235 RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey) {
236   if (pkey->type != EVP_PKEY_RSA) {
237     OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_RSA_KEY);
238     return NULL;
239   }
240   return pkey->pkey.rsa;
241 }
242 
EVP_PKEY_get1_RSA(const EVP_PKEY * pkey)243 RSA *EVP_PKEY_get1_RSA(const EVP_PKEY *pkey) {
244   RSA *rsa = EVP_PKEY_get0_RSA(pkey);
245   if (rsa != NULL) {
246     RSA_up_ref(rsa);
247   }
248   return rsa;
249 }
250 
EVP_PKEY_set1_DSA(EVP_PKEY * pkey,DSA * key)251 int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) {
252   if (EVP_PKEY_assign_DSA(pkey, key)) {
253     DSA_up_ref(key);
254     return 1;
255   }
256   return 0;
257 }
258 
EVP_PKEY_assign_DSA(EVP_PKEY * pkey,DSA * key)259 int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key) {
260   return EVP_PKEY_assign(pkey, EVP_PKEY_DSA, key);
261 }
262 
EVP_PKEY_get0_DSA(const EVP_PKEY * pkey)263 DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey) {
264   if (pkey->type != EVP_PKEY_DSA) {
265     OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DSA_KEY);
266     return NULL;
267   }
268   return pkey->pkey.dsa;
269 }
270 
EVP_PKEY_get1_DSA(const EVP_PKEY * pkey)271 DSA *EVP_PKEY_get1_DSA(const EVP_PKEY *pkey) {
272   DSA *dsa = EVP_PKEY_get0_DSA(pkey);
273   if (dsa != NULL) {
274     DSA_up_ref(dsa);
275   }
276   return dsa;
277 }
278 
EVP_PKEY_set1_EC_KEY(EVP_PKEY * pkey,EC_KEY * key)279 int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) {
280   if (EVP_PKEY_assign_EC_KEY(pkey, key)) {
281     EC_KEY_up_ref(key);
282     return 1;
283   }
284   return 0;
285 }
286 
EVP_PKEY_assign_EC_KEY(EVP_PKEY * pkey,EC_KEY * key)287 int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) {
288   return EVP_PKEY_assign(pkey, EVP_PKEY_EC, key);
289 }
290 
EVP_PKEY_get0_EC_KEY(const EVP_PKEY * pkey)291 EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey) {
292   if (pkey->type != EVP_PKEY_EC) {
293     OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_EC_KEY_KEY);
294     return NULL;
295   }
296   return pkey->pkey.ec;
297 }
298 
EVP_PKEY_get1_EC_KEY(const EVP_PKEY * pkey)299 EC_KEY *EVP_PKEY_get1_EC_KEY(const EVP_PKEY *pkey) {
300   EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(pkey);
301   if (ec_key != NULL) {
302     EC_KEY_up_ref(ec_key);
303   }
304   return ec_key;
305 }
306 
EVP_PKEY_get0_DH(const EVP_PKEY * pkey)307 DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey) { return NULL; }
EVP_PKEY_get1_DH(const EVP_PKEY * pkey)308 DH *EVP_PKEY_get1_DH(const EVP_PKEY *pkey) { return NULL; }
309 
EVP_PKEY_assign(EVP_PKEY * pkey,int type,void * key)310 int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) {
311   if (!EVP_PKEY_set_type(pkey, type)) {
312     return 0;
313   }
314   pkey->pkey.ptr = key;
315   return key != NULL;
316 }
317 
EVP_PKEY_set_type(EVP_PKEY * pkey,int type)318 int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) {
319   const EVP_PKEY_ASN1_METHOD *ameth;
320 
321   if (pkey && pkey->pkey.ptr) {
322     free_it(pkey);
323   }
324 
325   ameth = evp_pkey_asn1_find(type);
326   if (ameth == NULL) {
327     OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);
328     ERR_add_error_dataf("algorithm %d", type);
329     return 0;
330   }
331 
332   if (pkey) {
333     pkey->ameth = ameth;
334     pkey->type = pkey->ameth->pkey_id;
335   }
336 
337   return 1;
338 }
339 
EVP_PKEY_new_raw_private_key(int type,ENGINE * unused,const uint8_t * in,size_t len)340 EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *unused,
341                                        const uint8_t *in, size_t len) {
342   EVP_PKEY *ret = EVP_PKEY_new();
343   if (ret == NULL ||
344       !EVP_PKEY_set_type(ret, type)) {
345     goto err;
346   }
347 
348   if (ret->ameth->set_priv_raw == NULL) {
349     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
350     goto err;
351   }
352 
353   if (!ret->ameth->set_priv_raw(ret, in, len)) {
354     goto err;
355   }
356 
357   return ret;
358 
359 err:
360   EVP_PKEY_free(ret);
361   return NULL;
362 }
363 
EVP_PKEY_new_raw_public_key(int type,ENGINE * unused,const uint8_t * in,size_t len)364 EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *unused,
365                                       const uint8_t *in, size_t len) {
366   EVP_PKEY *ret = EVP_PKEY_new();
367   if (ret == NULL ||
368       !EVP_PKEY_set_type(ret, type)) {
369     goto err;
370   }
371 
372   if (ret->ameth->set_pub_raw == NULL) {
373     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
374     goto err;
375   }
376 
377   if (!ret->ameth->set_pub_raw(ret, in, len)) {
378     goto err;
379   }
380 
381   return ret;
382 
383 err:
384   EVP_PKEY_free(ret);
385   return NULL;
386 }
387 
EVP_PKEY_get_raw_private_key(const EVP_PKEY * pkey,uint8_t * out,size_t * out_len)388 int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, uint8_t *out,
389                                  size_t *out_len) {
390   if (pkey->ameth->get_priv_raw == NULL) {
391     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
392     return 0;
393   }
394 
395   return pkey->ameth->get_priv_raw(pkey, out, out_len);
396 }
397 
EVP_PKEY_get_raw_public_key(const EVP_PKEY * pkey,uint8_t * out,size_t * out_len)398 int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, uint8_t *out,
399                                 size_t *out_len) {
400   if (pkey->ameth->get_pub_raw == NULL) {
401     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
402     return 0;
403   }
404 
405   return pkey->ameth->get_pub_raw(pkey, out, out_len);
406 }
407 
EVP_PKEY_cmp_parameters(const EVP_PKEY * a,const EVP_PKEY * b)408 int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) {
409   if (a->type != b->type) {
410     return -1;
411   }
412   if (a->ameth && a->ameth->param_cmp) {
413     return a->ameth->param_cmp(a, b);
414   }
415   return -2;
416 }
417 
EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX * ctx,const EVP_MD * md)418 int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) {
419   return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_MD, 0,
420                            (void *)md);
421 }
422 
EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX * ctx,const EVP_MD ** out_md)423 int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **out_md) {
424   return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_GET_MD,
425                            0, (void *)out_md);
426 }
427 
OpenSSL_add_all_algorithms(void)428 void OpenSSL_add_all_algorithms(void) {}
429 
OPENSSL_add_all_algorithms_conf(void)430 void OPENSSL_add_all_algorithms_conf(void) {}
431 
OpenSSL_add_all_ciphers(void)432 void OpenSSL_add_all_ciphers(void) {}
433 
OpenSSL_add_all_digests(void)434 void OpenSSL_add_all_digests(void) {}
435 
EVP_cleanup(void)436 void EVP_cleanup(void) {}
437 
EVP_PKEY_base_id(const EVP_PKEY * pkey)438 int EVP_PKEY_base_id(const EVP_PKEY *pkey) {
439   // OpenSSL has two notions of key type because it supports multiple OIDs for
440   // the same algorithm: NID_rsa vs NID_rsaEncryption and five distinct spelling
441   // of DSA. We do not support these, so the base ID is simply the ID.
442   return EVP_PKEY_id(pkey);
443 }
444