ameth_lib.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446
  1. /*
  2. * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
  3. * 2006.
  4. */
  5. /* ====================================================================
  6. * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
  7. *
  8. * Redistribution and use in source and binary forms, with or without
  9. * modification, are permitted provided that the following conditions
  10. * are met:
  11. *
  12. * 1. Redistributions of source code must retain the above copyright
  13. * notice, this list of conditions and the following disclaimer.
  14. *
  15. * 2. Redistributions in binary form must reproduce the above copyright
  16. * notice, this list of conditions and the following disclaimer in
  17. * the documentation and/or other materials provided with the
  18. * distribution.
  19. *
  20. * 3. All advertising materials mentioning features or use of this
  21. * software must display the following acknowledgment:
  22. * "This product includes software developed by the OpenSSL Project
  23. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24. *
  25. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26. * endorse or promote products derived from this software without
  27. * prior written permission. For written permission, please contact
  28. * licensing@OpenSSL.org.
  29. *
  30. * 5. Products derived from this software may not be called "OpenSSL"
  31. * nor may "OpenSSL" appear in their names without prior written
  32. * permission of the OpenSSL Project.
  33. *
  34. * 6. Redistributions of any form whatsoever must retain the following
  35. * acknowledgment:
  36. * "This product includes software developed by the OpenSSL Project
  37. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38. *
  39. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50. * OF THE POSSIBILITY OF SUCH DAMAGE.
  51. * ====================================================================
  52. *
  53. * This product includes cryptographic software written by Eric Young
  54. * (eay@cryptsoft.com). This product includes software written by Tim
  55. * Hudson (tjh@cryptsoft.com).
  56. *
  57. */
  58. #include <stdio.h>
  59. #include "internal/cryptlib.h"
  60. #include <openssl/asn1t.h>
  61. #include <openssl/x509.h>
  62. #ifndef OPENSSL_NO_ENGINE
  63. # include <openssl/engine.h>
  64. #endif
  65. #include "internal/asn1_int.h"
  66. #include "internal/evp_int.h"
  67. /* Keep this sorted in type order !! */
  68. static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
  69. #ifndef OPENSSL_NO_RSA
  70. &rsa_asn1_meths[0],
  71. &rsa_asn1_meths[1],
  72. #endif
  73. #ifndef OPENSSL_NO_DH
  74. &dh_asn1_meth,
  75. #endif
  76. #ifndef OPENSSL_NO_DSA
  77. &dsa_asn1_meths[0],
  78. &dsa_asn1_meths[1],
  79. &dsa_asn1_meths[2],
  80. &dsa_asn1_meths[3],
  81. &dsa_asn1_meths[4],
  82. #endif
  83. #ifndef OPENSSL_NO_EC
  84. &eckey_asn1_meth,
  85. #endif
  86. &hmac_asn1_meth,
  87. &cmac_asn1_meth,
  88. #ifndef OPENSSL_NO_DH
  89. &dhx_asn1_meth
  90. #endif
  91. };
  92. typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
  93. static STACK_OF(EVP_PKEY_ASN1_METHOD) *app_methods = NULL;
  94. #ifdef TEST
  95. void main()
  96. {
  97. int i;
  98. for (i = 0; i < OSSL_NELEM(standard_methods); i++)
  99. fprintf(stderr, "Number %d id=%d (%s)\n", i,
  100. standard_methods[i]->pkey_id,
  101. OBJ_nid2sn(standard_methods[i]->pkey_id));
  102. }
  103. #endif
  104. DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
  105. const EVP_PKEY_ASN1_METHOD *, ameth);
  106. static int ameth_cmp(const EVP_PKEY_ASN1_METHOD *const *a,
  107. const EVP_PKEY_ASN1_METHOD *const *b)
  108. {
  109. return ((*a)->pkey_id - (*b)->pkey_id);
  110. }
  111. IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
  112. const EVP_PKEY_ASN1_METHOD *, ameth);
  113. int EVP_PKEY_asn1_get_count(void)
  114. {
  115. int num = OSSL_NELEM(standard_methods);
  116. if (app_methods)
  117. num += sk_EVP_PKEY_ASN1_METHOD_num(app_methods);
  118. return num;
  119. }
  120. const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx)
  121. {
  122. int num = OSSL_NELEM(standard_methods);
  123. if (idx < 0)
  124. return NULL;
  125. if (idx < num)
  126. return standard_methods[idx];
  127. idx -= num;
  128. return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
  129. }
  130. static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type)
  131. {
  132. EVP_PKEY_ASN1_METHOD tmp;
  133. const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret;
  134. tmp.pkey_id = type;
  135. if (app_methods) {
  136. int idx;
  137. idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp);
  138. if (idx >= 0)
  139. return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
  140. }
  141. ret = OBJ_bsearch_ameth(&t, standard_methods, OSSL_NELEM(standard_methods));
  142. if (!ret || !*ret)
  143. return NULL;
  144. return *ret;
  145. }
  146. /*
  147. * Find an implementation of an ASN1 algorithm. If 'pe' is not NULL also
  148. * search through engines and set *pe to a functional reference to the engine
  149. * implementing 'type' or NULL if no engine implements it.
  150. */
  151. const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type)
  152. {
  153. const EVP_PKEY_ASN1_METHOD *t;
  154. for (;;) {
  155. t = pkey_asn1_find(type);
  156. if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS))
  157. break;
  158. type = t->pkey_base_id;
  159. }
  160. if (pe) {
  161. #ifndef OPENSSL_NO_ENGINE
  162. ENGINE *e;
  163. /* type will contain the final unaliased type */
  164. e = ENGINE_get_pkey_asn1_meth_engine(type);
  165. if (e) {
  166. *pe = e;
  167. return ENGINE_get_pkey_asn1_meth(e, type);
  168. }
  169. #endif
  170. *pe = NULL;
  171. }
  172. return t;
  173. }
  174. const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
  175. const char *str, int len)
  176. {
  177. int i;
  178. const EVP_PKEY_ASN1_METHOD *ameth;
  179. if (len == -1)
  180. len = strlen(str);
  181. if (pe) {
  182. #ifndef OPENSSL_NO_ENGINE
  183. ENGINE *e;
  184. ameth = ENGINE_pkey_asn1_find_str(&e, str, len);
  185. if (ameth) {
  186. /*
  187. * Convert structural into functional reference
  188. */
  189. if (!ENGINE_init(e))
  190. ameth = NULL;
  191. ENGINE_free(e);
  192. *pe = e;
  193. return ameth;
  194. }
  195. #endif
  196. *pe = NULL;
  197. }
  198. for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
  199. ameth = EVP_PKEY_asn1_get0(i);
  200. if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
  201. continue;
  202. if (((int)strlen(ameth->pem_str) == len)
  203. && (strncasecmp(ameth->pem_str, str, len) == 0))
  204. return ameth;
  205. }
  206. return NULL;
  207. }
  208. int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
  209. {
  210. if (app_methods == NULL) {
  211. app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp);
  212. if (app_methods == NULL)
  213. return 0;
  214. }
  215. if (!sk_EVP_PKEY_ASN1_METHOD_push(app_methods, ameth))
  216. return 0;
  217. sk_EVP_PKEY_ASN1_METHOD_sort(app_methods);
  218. return 1;
  219. }
  220. int EVP_PKEY_asn1_add_alias(int to, int from)
  221. {
  222. EVP_PKEY_ASN1_METHOD *ameth;
  223. ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL);
  224. if (ameth == NULL)
  225. return 0;
  226. ameth->pkey_base_id = to;
  227. if (!EVP_PKEY_asn1_add0(ameth)) {
  228. EVP_PKEY_asn1_free(ameth);
  229. return 0;
  230. }
  231. return 1;
  232. }
  233. int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id,
  234. int *ppkey_flags, const char **pinfo,
  235. const char **ppem_str,
  236. const EVP_PKEY_ASN1_METHOD *ameth)
  237. {
  238. if (!ameth)
  239. return 0;
  240. if (ppkey_id)
  241. *ppkey_id = ameth->pkey_id;
  242. if (ppkey_base_id)
  243. *ppkey_base_id = ameth->pkey_base_id;
  244. if (ppkey_flags)
  245. *ppkey_flags = ameth->pkey_flags;
  246. if (pinfo)
  247. *pinfo = ameth->info;
  248. if (ppem_str)
  249. *ppem_str = ameth->pem_str;
  250. return 1;
  251. }
  252. const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey)
  253. {
  254. return pkey->ameth;
  255. }
  256. EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
  257. const char *pem_str, const char *info)
  258. {
  259. EVP_PKEY_ASN1_METHOD *ameth = OPENSSL_zalloc(sizeof(*ameth));
  260. if (ameth == NULL)
  261. return NULL;
  262. ameth->pkey_id = id;
  263. ameth->pkey_base_id = id;
  264. ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
  265. if (info) {
  266. ameth->info = OPENSSL_strdup(info);
  267. if (!ameth->info)
  268. goto err;
  269. }
  270. if (pem_str) {
  271. ameth->pem_str = OPENSSL_strdup(pem_str);
  272. if (!ameth->pem_str)
  273. goto err;
  274. }
  275. return ameth;
  276. err:
  277. EVP_PKEY_asn1_free(ameth);
  278. return NULL;
  279. }
  280. void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
  281. const EVP_PKEY_ASN1_METHOD *src)
  282. {
  283. dst->pub_decode = src->pub_decode;
  284. dst->pub_encode = src->pub_encode;
  285. dst->pub_cmp = src->pub_cmp;
  286. dst->pub_print = src->pub_print;
  287. dst->priv_decode = src->priv_decode;
  288. dst->priv_encode = src->priv_encode;
  289. dst->priv_print = src->priv_print;
  290. dst->old_priv_encode = src->old_priv_encode;
  291. dst->old_priv_decode = src->old_priv_decode;
  292. dst->pkey_size = src->pkey_size;
  293. dst->pkey_bits = src->pkey_bits;
  294. dst->param_decode = src->param_decode;
  295. dst->param_encode = src->param_encode;
  296. dst->param_missing = src->param_missing;
  297. dst->param_copy = src->param_copy;
  298. dst->param_cmp = src->param_cmp;
  299. dst->param_print = src->param_print;
  300. dst->pkey_free = src->pkey_free;
  301. dst->pkey_ctrl = src->pkey_ctrl;
  302. dst->item_sign = src->item_sign;
  303. dst->item_verify = src->item_verify;
  304. }
  305. void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
  306. {
  307. if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) {
  308. OPENSSL_free(ameth->pem_str);
  309. OPENSSL_free(ameth->info);
  310. OPENSSL_free(ameth);
  311. }
  312. }
  313. void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
  314. int (*pub_decode) (EVP_PKEY *pk,
  315. X509_PUBKEY *pub),
  316. int (*pub_encode) (X509_PUBKEY *pub,
  317. const EVP_PKEY *pk),
  318. int (*pub_cmp) (const EVP_PKEY *a,
  319. const EVP_PKEY *b),
  320. int (*pub_print) (BIO *out,
  321. const EVP_PKEY *pkey,
  322. int indent, ASN1_PCTX *pctx),
  323. int (*pkey_size) (const EVP_PKEY *pk),
  324. int (*pkey_bits) (const EVP_PKEY *pk))
  325. {
  326. ameth->pub_decode = pub_decode;
  327. ameth->pub_encode = pub_encode;
  328. ameth->pub_cmp = pub_cmp;
  329. ameth->pub_print = pub_print;
  330. ameth->pkey_size = pkey_size;
  331. ameth->pkey_bits = pkey_bits;
  332. }
  333. void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
  334. int (*priv_decode) (EVP_PKEY *pk,
  335. PKCS8_PRIV_KEY_INFO
  336. *p8inf),
  337. int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
  338. const EVP_PKEY *pk),
  339. int (*priv_print) (BIO *out,
  340. const EVP_PKEY *pkey,
  341. int indent,
  342. ASN1_PCTX *pctx))
  343. {
  344. ameth->priv_decode = priv_decode;
  345. ameth->priv_encode = priv_encode;
  346. ameth->priv_print = priv_print;
  347. }
  348. void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
  349. int (*param_decode) (EVP_PKEY *pkey,
  350. const unsigned char **pder,
  351. int derlen),
  352. int (*param_encode) (const EVP_PKEY *pkey,
  353. unsigned char **pder),
  354. int (*param_missing) (const EVP_PKEY *pk),
  355. int (*param_copy) (EVP_PKEY *to,
  356. const EVP_PKEY *from),
  357. int (*param_cmp) (const EVP_PKEY *a,
  358. const EVP_PKEY *b),
  359. int (*param_print) (BIO *out,
  360. const EVP_PKEY *pkey,
  361. int indent, ASN1_PCTX *pctx))
  362. {
  363. ameth->param_decode = param_decode;
  364. ameth->param_encode = param_encode;
  365. ameth->param_missing = param_missing;
  366. ameth->param_copy = param_copy;
  367. ameth->param_cmp = param_cmp;
  368. ameth->param_print = param_print;
  369. }
  370. void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
  371. void (*pkey_free) (EVP_PKEY *pkey))
  372. {
  373. ameth->pkey_free = pkey_free;
  374. }
  375. void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
  376. int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
  377. long arg1, void *arg2))
  378. {
  379. ameth->pkey_ctrl = pkey_ctrl;
  380. }
  381. void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
  382. int (*pkey_security_bits) (const EVP_PKEY
  383. *pk))
  384. {
  385. ameth->pkey_security_bits = pkey_security_bits;
  386. }
  387. void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
  388. int (*item_verify) (EVP_MD_CTX *ctx,
  389. const ASN1_ITEM *it,
  390. void *asn,
  391. X509_ALGOR *a,
  392. ASN1_BIT_STRING *sig,
  393. EVP_PKEY *pkey),
  394. int (*item_sign) (EVP_MD_CTX *ctx,
  395. const ASN1_ITEM *it,
  396. void *asn,
  397. X509_ALGOR *alg1,
  398. X509_ALGOR *alg2,
  399. ASN1_BIT_STRING *sig))
  400. {
  401. ameth->item_sign = item_sign;
  402. ameth->item_verify = item_verify;
  403. }