1 /* $OpenBSD: eng_pkey.c,v 1.5 2014/06/22 12:05:09 jsing Exp $ */
2 /* ====================================================================
3  * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  *
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in
14  *    the documentation and/or other materials provided with the
15  *    distribution.
16  *
17  * 3. All advertising materials mentioning features or use of this
18  *    software must display the following acknowledgment:
19  *    "This product includes software developed by the OpenSSL Project
20  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21  *
22  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23  *    endorse or promote products derived from this software without
24  *    prior written permission. For written permission, please contact
25  *    licensing@OpenSSL.org.
26  *
27  * 5. Products derived from this software may not be called "OpenSSL"
28  *    nor may "OpenSSL" appear in their names without prior written
29  *    permission of the OpenSSL Project.
30  *
31  * 6. Redistributions of any form whatsoever must retain the following
32  *    acknowledgment:
33  *    "This product includes software developed by the OpenSSL Project
34  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35  *
36  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
40  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47  * OF THE POSSIBILITY OF SUCH DAMAGE.
48  * ====================================================================
49  *
50  * This product includes cryptographic software written by Eric Young
51  * (eay@cryptsoft.com).  This product includes software written by Tim
52  * Hudson (tjh@cryptsoft.com).
53  *
54  */
55 
56 #include <openssl/err.h>
57 
58 #include "eng_int.h"
59 
60 /* Basic get/set stuff */
61 
62 int
63 ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f)
64 {
65 	e->load_privkey = loadpriv_f;
66 	return 1;
67 }
68 
69 int
70 ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
71 {
72 	e->load_pubkey = loadpub_f;
73 	return 1;
74 }
75 
76 int
77 ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
78     ENGINE_SSL_CLIENT_CERT_PTR loadssl_f)
79 {
80 	e->load_ssl_client_cert = loadssl_f;
81 	return 1;
82 }
83 
84 ENGINE_LOAD_KEY_PTR
85 ENGINE_get_load_privkey_function(const ENGINE *e)
86 {
87 	return e->load_privkey;
88 }
89 
90 ENGINE_LOAD_KEY_PTR
91 ENGINE_get_load_pubkey_function(const ENGINE *e)
92 {
93 	return e->load_pubkey;
94 }
95 
96 ENGINE_SSL_CLIENT_CERT_PTR
97 ENGINE_get_ssl_client_cert_function(const ENGINE *e)
98 {
99 	return e->load_ssl_client_cert;
100 }
101 
102 /* API functions to load public/private keys */
103 
104 EVP_PKEY *
105 ENGINE_load_private_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
106     void *callback_data)
107 {
108 	EVP_PKEY *pkey;
109 
110 	if (e == NULL) {
111 		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
112 		    ERR_R_PASSED_NULL_PARAMETER);
113 		return 0;
114 	}
115 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
116 	if (e->funct_ref == 0) {
117 		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
118 		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
119 		    ENGINE_R_NOT_INITIALISED);
120 		return 0;
121 	}
122 	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
123 	if (!e->load_privkey) {
124 		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
125 		    ENGINE_R_NO_LOAD_FUNCTION);
126 		return 0;
127 	}
128 	pkey = e->load_privkey(e, key_id, ui_method, callback_data);
129 	if (!pkey) {
130 		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
131 		    ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
132 		return 0;
133 	}
134 	return pkey;
135 }
136 
137 EVP_PKEY *
138 ENGINE_load_public_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
139     void *callback_data)
140 {
141 	EVP_PKEY *pkey;
142 
143 	if (e == NULL) {
144 		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
145 		    ERR_R_PASSED_NULL_PARAMETER);
146 		return 0;
147 	}
148 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
149 	if (e->funct_ref == 0) {
150 		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
151 		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
152 		    ENGINE_R_NOT_INITIALISED);
153 		return 0;
154 	}
155 	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
156 	if (!e->load_pubkey) {
157 		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
158 		    ENGINE_R_NO_LOAD_FUNCTION);
159 		return 0;
160 	}
161 	pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
162 	if (!pkey) {
163 		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
164 		    ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
165 		return 0;
166 	}
167 	return pkey;
168 }
169 
170 int
171 ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, STACK_OF(X509_NAME) *ca_dn,
172     X509 **pcert, EVP_PKEY **ppkey, STACK_OF(X509) **pother,
173     UI_METHOD *ui_method, void *callback_data)
174 {
175 	if (e == NULL) {
176 		ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
177 		    ERR_R_PASSED_NULL_PARAMETER);
178 		return 0;
179 	}
180 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
181 	if (e->funct_ref == 0) {
182 		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
183 		ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
184 		    ENGINE_R_NOT_INITIALISED);
185 		return 0;
186 	}
187 	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
188 	if (!e->load_ssl_client_cert) {
189 		ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
190 		    ENGINE_R_NO_LOAD_FUNCTION);
191 		return 0;
192 	}
193 	return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother,
194 	    ui_method, callback_data);
195 }
196