crypto/evp/p_lib.c

*de0e0e4dSAntonio Huete Jimenez/* $OpenBSD: p_lib.c,v 1.29 2022/06/27 12:36:05 tb Exp $ */
f5b1c8a1SJohn Marino/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
f5b1c8a1SJohn Marino * All rights reserved.
f5b1c8a1SJohn Marino *
f5b1c8a1SJohn Marino * This package is an SSL implementation written
f5b1c8a1SJohn Marino * by Eric Young (eay@cryptsoft.com).
f5b1c8a1SJohn Marino * The implementation was written so as to conform with Netscapes SSL.
f5b1c8a1SJohn Marino *
f5b1c8a1SJohn Marino * This library is free for commercial and non-commercial use as long as
f5b1c8a1SJohn Marino * the following conditions are aheared to.  The following conditions
f5b1c8a1SJohn Marino * apply to all code found in this distribution, be it the RC4, RSA,
f5b1c8a1SJohn Marino * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
f5b1c8a1SJohn Marino * included with this distribution is covered by the same copyright terms
f5b1c8a1SJohn Marino * except that the holder is Tim Hudson (tjh@cryptsoft.com).
f5b1c8a1SJohn Marino *
f5b1c8a1SJohn Marino * Copyright remains Eric Young's, and as such any Copyright notices in
f5b1c8a1SJohn Marino * the code are not to be removed.
f5b1c8a1SJohn Marino * If this package is used in a product, Eric Young should be given attribution
f5b1c8a1SJohn Marino * as the author of the parts of the library used.
f5b1c8a1SJohn Marino * This can be in the form of a textual message at program startup or
f5b1c8a1SJohn Marino * in documentation (online or textual) provided with the package.
f5b1c8a1SJohn Marino *
f5b1c8a1SJohn Marino * Redistribution and use in source and binary forms, with or without
f5b1c8a1SJohn Marino * modification, are permitted provided that the following conditions
f5b1c8a1SJohn Marino * are met:
f5b1c8a1SJohn Marino * 1. Redistributions of source code must retain the copyright
f5b1c8a1SJohn Marino *    notice, this list of conditions and the following disclaimer.
f5b1c8a1SJohn Marino * 2. Redistributions in binary form must reproduce the above copyright
f5b1c8a1SJohn Marino *    notice, this list of conditions and the following disclaimer in the
f5b1c8a1SJohn Marino *    documentation and/or other materials provided with the distribution.
f5b1c8a1SJohn Marino * 3. All advertising materials mentioning features or use of this software
f5b1c8a1SJohn Marino *    must display the following acknowledgement:
f5b1c8a1SJohn Marino *    "This product includes cryptographic software written by
f5b1c8a1SJohn Marino *     Eric Young (eay@cryptsoft.com)"
f5b1c8a1SJohn Marino *    The word 'cryptographic' can be left out if the rouines from the library
f5b1c8a1SJohn Marino *    being used are not cryptographic related :-).
f5b1c8a1SJohn Marino * 4. If you include any Windows specific code (or a derivative thereof) from
f5b1c8a1SJohn Marino *    the apps directory (application code) you must include an acknowledgement:
f5b1c8a1SJohn Marino *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
f5b1c8a1SJohn Marino *
f5b1c8a1SJohn Marino * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
f5b1c8a1SJohn Marino * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
f5b1c8a1SJohn Marino * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
f5b1c8a1SJohn Marino * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
f5b1c8a1SJohn Marino * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
f5b1c8a1SJohn Marino * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
f5b1c8a1SJohn Marino * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
f5b1c8a1SJohn Marino * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
f5b1c8a1SJohn Marino * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
f5b1c8a1SJohn Marino * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
f5b1c8a1SJohn Marino * SUCH DAMAGE.
f5b1c8a1SJohn Marino *
f5b1c8a1SJohn Marino * The licence and distribution terms for any publically available version or
f5b1c8a1SJohn Marino * derivative of this code cannot be changed.  i.e. this code cannot simply be
f5b1c8a1SJohn Marino * copied and put under another distribution licence
f5b1c8a1SJohn Marino * [including the GNU Public Licence.]
f5b1c8a1SJohn Marino */
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino#include <stdio.h>
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino#include <openssl/opensslconf.h>
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino#include <openssl/bn.h>
*de0e0e4dSAntonio Huete Jimenez#include <openssl/cmac.h>
f5b1c8a1SJohn Marino#include <openssl/err.h>
f5b1c8a1SJohn Marino#include <openssl/evp.h>
f5b1c8a1SJohn Marino#include <openssl/objects.h>
f5b1c8a1SJohn Marino#include <openssl/x509.h>
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_DH
f5b1c8a1SJohn Marino#include <openssl/dh.h>
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_DSA
f5b1c8a1SJohn Marino#include <openssl/dsa.h>
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_RSA
f5b1c8a1SJohn Marino#include <openssl/rsa.h>
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_ENGINE
f5b1c8a1SJohn Marino#include <openssl/engine.h>
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino#include "asn1_locl.h"
*de0e0e4dSAntonio Huete Jimenez#include "evp_locl.h"
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinostatic void EVP_PKEY_free_it(EVP_PKEY *x);
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
72c33676SMaxim AgEVP_PKEY_bits(const EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
f5b1c8a1SJohn Marino		return pkey->ameth->pkey_bits(pkey);
f5b1c8a1SJohn Marino	return 0;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
*de0e0e4dSAntonio Huete JimenezEVP_PKEY_security_bits(const EVP_PKEY *pkey)
*de0e0e4dSAntonio Huete Jimenez{
*de0e0e4dSAntonio Huete Jimenez	if (pkey == NULL)
*de0e0e4dSAntonio Huete Jimenez		return 0;
*de0e0e4dSAntonio Huete Jimenez	if (pkey->ameth == NULL || pkey->ameth->pkey_security_bits == NULL)
*de0e0e4dSAntonio Huete Jimenez		return -2;
*de0e0e4dSAntonio Huete Jimenez
*de0e0e4dSAntonio Huete Jimenez	return pkey->ameth->pkey_security_bits(pkey);
*de0e0e4dSAntonio Huete Jimenez}
*de0e0e4dSAntonio Huete Jimenez
*de0e0e4dSAntonio Huete Jimenezint
72c33676SMaxim AgEVP_PKEY_size(const EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (pkey && pkey->ameth && pkey->ameth->pkey_size)
f5b1c8a1SJohn Marino		return pkey->ameth->pkey_size(pkey);
f5b1c8a1SJohn Marino	return 0;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_DSA
f5b1c8a1SJohn Marino	if (pkey->type == EVP_PKEY_DSA) {
f5b1c8a1SJohn Marino		int ret = pkey->save_parameters;
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino		if (mode >= 0)
f5b1c8a1SJohn Marino			pkey->save_parameters = mode;
f5b1c8a1SJohn Marino		return (ret);
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_EC
f5b1c8a1SJohn Marino	if (pkey->type == EVP_PKEY_EC) {
f5b1c8a1SJohn Marino		int ret = pkey->save_parameters;
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino		if (mode >= 0)
f5b1c8a1SJohn Marino			pkey->save_parameters = mode;
f5b1c8a1SJohn Marino		return (ret);
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino	return (0);
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (to->type != from->type) {
72c33676SMaxim Ag		EVPerror(EVP_R_DIFFERENT_KEY_TYPES);
f5b1c8a1SJohn Marino		goto err;
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino	if (EVP_PKEY_missing_parameters(from)) {
72c33676SMaxim Ag		EVPerror(EVP_R_MISSING_PARAMETERS);
f5b1c8a1SJohn Marino		goto err;
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino	if (from->ameth && from->ameth->param_copy)
f5b1c8a1SJohn Marino		return from->ameth->param_copy(to, from);
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoerr:
f5b1c8a1SJohn Marino	return 0;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (pkey->ameth && pkey->ameth->param_missing)
f5b1c8a1SJohn Marino		return pkey->ameth->param_missing(pkey);
f5b1c8a1SJohn Marino	return 0;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (a->type != b->type)
f5b1c8a1SJohn Marino		return -1;
f5b1c8a1SJohn Marino	if (a->ameth && a->ameth->param_cmp)
f5b1c8a1SJohn Marino		return a->ameth->param_cmp(a, b);
f5b1c8a1SJohn Marino	return -2;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (a->type != b->type)
f5b1c8a1SJohn Marino		return -1;
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino	if (a->ameth) {
f5b1c8a1SJohn Marino		int ret;
f5b1c8a1SJohn Marino		/* Compare parameters if the algorithm has them */
f5b1c8a1SJohn Marino		if (a->ameth->param_cmp) {
f5b1c8a1SJohn Marino			ret = a->ameth->param_cmp(a, b);
f5b1c8a1SJohn Marino			if (ret <= 0)
f5b1c8a1SJohn Marino				return ret;
f5b1c8a1SJohn Marino		}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino		if (a->ameth->pub_cmp)
f5b1c8a1SJohn Marino			return a->ameth->pub_cmp(a, b);
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino	return -2;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn MarinoEVP_PKEY *
f5b1c8a1SJohn MarinoEVP_PKEY_new(void)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	EVP_PKEY *ret;
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino	ret = malloc(sizeof(EVP_PKEY));
f5b1c8a1SJohn Marino	if (ret == NULL) {
72c33676SMaxim Ag		EVPerror(ERR_R_MALLOC_FAILURE);
f5b1c8a1SJohn Marino		return (NULL);
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino	ret->type = EVP_PKEY_NONE;
f5b1c8a1SJohn Marino	ret->save_type = EVP_PKEY_NONE;
f5b1c8a1SJohn Marino	ret->references = 1;
f5b1c8a1SJohn Marino	ret->ameth = NULL;
f5b1c8a1SJohn Marino	ret->engine = NULL;
f5b1c8a1SJohn Marino	ret->pkey.ptr = NULL;
f5b1c8a1SJohn Marino	ret->attributes = NULL;
f5b1c8a1SJohn Marino	ret->save_parameters = 1;
f5b1c8a1SJohn Marino	return (ret);
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
72c33676SMaxim Agint
72c33676SMaxim AgEVP_PKEY_up_ref(EVP_PKEY *pkey)
72c33676SMaxim Ag{
72c33676SMaxim Ag	int refs = CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
72c33676SMaxim Ag	return ((refs > 1) ? 1 : 0);
72c33676SMaxim Ag}
72c33676SMaxim Ag
f5b1c8a1SJohn Marino/* Setup a public key ASN1 method and ENGINE from a NID or a string.
f5b1c8a1SJohn Marino * If pkey is NULL just return 1 or 0 if the algorithm exists.
f5b1c8a1SJohn Marino */
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinostatic int
*de0e0e4dSAntonio Huete Jimenezpkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, int len)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	const EVP_PKEY_ASN1_METHOD *ameth;
*de0e0e4dSAntonio Huete Jimenez	ENGINE **eptr = NULL;
*de0e0e4dSAntonio Huete Jimenez
*de0e0e4dSAntonio Huete Jimenez	if (e == NULL)
*de0e0e4dSAntonio Huete Jimenez		eptr = &e;
*de0e0e4dSAntonio Huete Jimenez
f5b1c8a1SJohn Marino	if (pkey) {
f5b1c8a1SJohn Marino		if (pkey->pkey.ptr)
f5b1c8a1SJohn Marino			EVP_PKEY_free_it(pkey);
f5b1c8a1SJohn Marino		/* If key type matches and a method exists then this
f5b1c8a1SJohn Marino		 * lookup has succeeded once so just indicate success.
f5b1c8a1SJohn Marino		 */
f5b1c8a1SJohn Marino		if ((type == pkey->save_type) && pkey->ameth)
f5b1c8a1SJohn Marino			return 1;
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_ENGINE
f5b1c8a1SJohn Marino		ENGINE_finish(pkey->engine);
f5b1c8a1SJohn Marino		pkey->engine = NULL;
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino	if (str)
*de0e0e4dSAntonio Huete Jimenez		ameth = EVP_PKEY_asn1_find_str(eptr, str, len);
f5b1c8a1SJohn Marino	else
*de0e0e4dSAntonio Huete Jimenez		ameth = EVP_PKEY_asn1_find(eptr, type);
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_ENGINE
*de0e0e4dSAntonio Huete Jimenez	if (pkey == NULL && eptr != NULL)
f5b1c8a1SJohn Marino		ENGINE_finish(e);
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino	if (!ameth) {
72c33676SMaxim Ag		EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
f5b1c8a1SJohn Marino		return 0;
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino	if (pkey) {
f5b1c8a1SJohn Marino		pkey->ameth = ameth;
f5b1c8a1SJohn Marino		pkey->engine = e;
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino		pkey->type = pkey->ameth->pkey_id;
f5b1c8a1SJohn Marino		pkey->save_type = type;
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino	return 1;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_set_type(EVP_PKEY *pkey, int type)
f5b1c8a1SJohn Marino{
*de0e0e4dSAntonio Huete Jimenez	return pkey_set_type(pkey, NULL, type, NULL, -1);
*de0e0e4dSAntonio Huete Jimenez}
*de0e0e4dSAntonio Huete Jimenez
*de0e0e4dSAntonio Huete JimenezEVP_PKEY *
*de0e0e4dSAntonio Huete JimenezEVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len,
*de0e0e4dSAntonio Huete Jimenez    const EVP_CIPHER *cipher)
*de0e0e4dSAntonio Huete Jimenez{
*de0e0e4dSAntonio Huete Jimenez	EVP_PKEY *ret = NULL;
*de0e0e4dSAntonio Huete Jimenez	CMAC_CTX *cmctx = NULL;
*de0e0e4dSAntonio Huete Jimenez
*de0e0e4dSAntonio Huete Jimenez	if ((ret = EVP_PKEY_new()) == NULL)
*de0e0e4dSAntonio Huete Jimenez		goto err;
*de0e0e4dSAntonio Huete Jimenez	if ((cmctx = CMAC_CTX_new()) == NULL)
*de0e0e4dSAntonio Huete Jimenez		goto err;
*de0e0e4dSAntonio Huete Jimenez
*de0e0e4dSAntonio Huete Jimenez	if (!pkey_set_type(ret, e, EVP_PKEY_CMAC, NULL, -1))
*de0e0e4dSAntonio Huete Jimenez		goto err;
*de0e0e4dSAntonio Huete Jimenez
*de0e0e4dSAntonio Huete Jimenez	if (!CMAC_Init(cmctx, priv, len, cipher, e)) {
*de0e0e4dSAntonio Huete Jimenez		EVPerror(EVP_R_KEY_SETUP_FAILED);
*de0e0e4dSAntonio Huete Jimenez		goto err;
*de0e0e4dSAntonio Huete Jimenez	}
*de0e0e4dSAntonio Huete Jimenez
*de0e0e4dSAntonio Huete Jimenez	ret->pkey.ptr = (char *)cmctx;
*de0e0e4dSAntonio Huete Jimenez
*de0e0e4dSAntonio Huete Jimenez	return ret;
*de0e0e4dSAntonio Huete Jimenez
*de0e0e4dSAntonio Huete Jimenez err:
*de0e0e4dSAntonio Huete Jimenez	EVP_PKEY_free(ret);
*de0e0e4dSAntonio Huete Jimenez	CMAC_CTX_free(cmctx);
*de0e0e4dSAntonio Huete Jimenez	return NULL;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
f5b1c8a1SJohn Marino{
*de0e0e4dSAntonio Huete Jimenez	return pkey_set_type(pkey, NULL, EVP_PKEY_NONE, str, len);
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (!EVP_PKEY_set_type(pkey, type))
f5b1c8a1SJohn Marino		return 0;
f5b1c8a1SJohn Marino	pkey->pkey.ptr = key;
f5b1c8a1SJohn Marino	return (key != NULL);
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinovoid *
72c33676SMaxim AgEVP_PKEY_get0(const EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	return pkey->pkey.ptr;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
72c33676SMaxim Agconst unsigned char *
72c33676SMaxim AgEVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len)
f5b1c8a1SJohn Marino{
72c33676SMaxim Ag	ASN1_OCTET_STRING *os;
72c33676SMaxim Ag
72c33676SMaxim Ag	if (pkey->type != EVP_PKEY_HMAC) {
72c33676SMaxim Ag		EVPerror(EVP_R_EXPECTING_AN_HMAC_KEY);
72c33676SMaxim Ag		return NULL;
72c33676SMaxim Ag	}
72c33676SMaxim Ag
72c33676SMaxim Ag	os = EVP_PKEY_get0(pkey);
72c33676SMaxim Ag	*len = os->length;
72c33676SMaxim Ag
72c33676SMaxim Ag	return os->data;
72c33676SMaxim Ag}
72c33676SMaxim Ag
72c33676SMaxim Ag#ifndef OPENSSL_NO_RSA
72c33676SMaxim AgRSA *
72c33676SMaxim AgEVP_PKEY_get0_RSA(EVP_PKEY *pkey)
72c33676SMaxim Ag{
72c33676SMaxim Ag	if (pkey->type != EVP_PKEY_RSA) {
72c33676SMaxim Ag		EVPerror(EVP_R_EXPECTING_AN_RSA_KEY);
72c33676SMaxim Ag		return NULL;
72c33676SMaxim Ag	}
72c33676SMaxim Ag	return pkey->pkey.rsa;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn MarinoRSA *
f5b1c8a1SJohn MarinoEVP_PKEY_get1_RSA(EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (pkey->type != EVP_PKEY_RSA) {
72c33676SMaxim Ag		EVPerror(EVP_R_EXPECTING_AN_RSA_KEY);
f5b1c8a1SJohn Marino		return NULL;
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino	RSA_up_ref(pkey->pkey.rsa);
f5b1c8a1SJohn Marino	return pkey->pkey.rsa;
f5b1c8a1SJohn Marino}
72c33676SMaxim Ag
72c33676SMaxim Agint
72c33676SMaxim AgEVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
72c33676SMaxim Ag{
72c33676SMaxim Ag	int ret = EVP_PKEY_assign_RSA(pkey, key);
72c33676SMaxim Ag	if (ret != 0)
72c33676SMaxim Ag		RSA_up_ref(key);
72c33676SMaxim Ag	return ret;
72c33676SMaxim Ag}
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_DSA
72c33676SMaxim AgDSA *
72c33676SMaxim AgEVP_PKEY_get0_DSA(EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
72c33676SMaxim Ag	if (pkey->type != EVP_PKEY_DSA) {
72c33676SMaxim Ag		EVPerror(EVP_R_EXPECTING_A_DSA_KEY);
72c33676SMaxim Ag		return NULL;
72c33676SMaxim Ag	}
72c33676SMaxim Ag	return pkey->pkey.dsa;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn MarinoDSA *
f5b1c8a1SJohn MarinoEVP_PKEY_get1_DSA(EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (pkey->type != EVP_PKEY_DSA) {
72c33676SMaxim Ag		EVPerror(EVP_R_EXPECTING_A_DSA_KEY);
f5b1c8a1SJohn Marino		return NULL;
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino	DSA_up_ref(pkey->pkey.dsa);
f5b1c8a1SJohn Marino	return pkey->pkey.dsa;
f5b1c8a1SJohn Marino}
72c33676SMaxim Ag
72c33676SMaxim Agint
72c33676SMaxim AgEVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
72c33676SMaxim Ag{
72c33676SMaxim Ag	int ret = EVP_PKEY_assign_DSA(pkey, key);
72c33676SMaxim Ag	if (ret != 0)
72c33676SMaxim Ag		DSA_up_ref(key);
72c33676SMaxim Ag	return ret;
72c33676SMaxim Ag}
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_EC
72c33676SMaxim AgEC_KEY *
72c33676SMaxim AgEVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
72c33676SMaxim Ag	if (pkey->type != EVP_PKEY_EC) {
72c33676SMaxim Ag		EVPerror(EVP_R_EXPECTING_A_EC_KEY);
72c33676SMaxim Ag		return NULL;
72c33676SMaxim Ag	}
72c33676SMaxim Ag	return pkey->pkey.ec;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn MarinoEC_KEY *
f5b1c8a1SJohn MarinoEVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (pkey->type != EVP_PKEY_EC) {
72c33676SMaxim Ag		EVPerror(EVP_R_EXPECTING_A_EC_KEY);
f5b1c8a1SJohn Marino		return NULL;
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino	EC_KEY_up_ref(pkey->pkey.ec);
f5b1c8a1SJohn Marino	return pkey->pkey.ec;
f5b1c8a1SJohn Marino}
72c33676SMaxim Ag
72c33676SMaxim Agint
72c33676SMaxim AgEVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
72c33676SMaxim Ag{
72c33676SMaxim Ag	int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
72c33676SMaxim Ag	if (ret != 0)
72c33676SMaxim Ag		EC_KEY_up_ref(key);
72c33676SMaxim Ag	return ret;
72c33676SMaxim Ag}
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_DH
72c33676SMaxim AgDH *
72c33676SMaxim AgEVP_PKEY_get0_DH(EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
72c33676SMaxim Ag	if (pkey->type != EVP_PKEY_DH) {
72c33676SMaxim Ag		EVPerror(EVP_R_EXPECTING_A_DH_KEY);
72c33676SMaxim Ag		return NULL;
72c33676SMaxim Ag	}
72c33676SMaxim Ag	return pkey->pkey.dh;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn MarinoDH *
f5b1c8a1SJohn MarinoEVP_PKEY_get1_DH(EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (pkey->type != EVP_PKEY_DH) {
72c33676SMaxim Ag		EVPerror(EVP_R_EXPECTING_A_DH_KEY);
f5b1c8a1SJohn Marino		return NULL;
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino	DH_up_ref(pkey->pkey.dh);
f5b1c8a1SJohn Marino	return pkey->pkey.dh;
f5b1c8a1SJohn Marino}
72c33676SMaxim Ag
72c33676SMaxim Agint
72c33676SMaxim AgEVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
72c33676SMaxim Ag{
72c33676SMaxim Ag	int ret = EVP_PKEY_assign_DH(pkey, key);
72c33676SMaxim Ag	if (ret != 0)
72c33676SMaxim Ag		DH_up_ref(key);
72c33676SMaxim Ag	return ret;
72c33676SMaxim Ag}
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_type(int type)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	int ret;
f5b1c8a1SJohn Marino	const EVP_PKEY_ASN1_METHOD *ameth;
f5b1c8a1SJohn Marino	ENGINE *e;
f5b1c8a1SJohn Marino	ameth = EVP_PKEY_asn1_find(&e, type);
f5b1c8a1SJohn Marino	if (ameth)
f5b1c8a1SJohn Marino		ret = ameth->pkey_id;
f5b1c8a1SJohn Marino	else
f5b1c8a1SJohn Marino		ret = NID_undef;
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_ENGINE
f5b1c8a1SJohn Marino	ENGINE_finish(e);
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino	return ret;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_id(const EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	return pkey->type;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_base_id(const EVP_PKEY *pkey)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	return EVP_PKEY_type(pkey->type);
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinovoid
f5b1c8a1SJohn MarinoEVP_PKEY_free(EVP_PKEY *x)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	int i;
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino	if (x == NULL)
f5b1c8a1SJohn Marino		return;
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino	i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY);
f5b1c8a1SJohn Marino	if (i > 0)
f5b1c8a1SJohn Marino		return;
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino	EVP_PKEY_free_it(x);
f5b1c8a1SJohn Marino	if (x->attributes)
f5b1c8a1SJohn Marino		sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
f5b1c8a1SJohn Marino	free(x);
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinostatic void
f5b1c8a1SJohn MarinoEVP_PKEY_free_it(EVP_PKEY *x)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (x->ameth && x->ameth->pkey_free) {
f5b1c8a1SJohn Marino		x->ameth->pkey_free(x);
f5b1c8a1SJohn Marino		x->pkey.ptr = NULL;
f5b1c8a1SJohn Marino	}
f5b1c8a1SJohn Marino#ifndef OPENSSL_NO_ENGINE
f5b1c8a1SJohn Marino	ENGINE_finish(x->engine);
f5b1c8a1SJohn Marino	x->engine = NULL;
f5b1c8a1SJohn Marino#endif
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinostatic int
f5b1c8a1SJohn Marinounsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr)
f5b1c8a1SJohn Marino{
*de0e0e4dSAntonio Huete Jimenez	if (!BIO_indent(out, indent, 128))
*de0e0e4dSAntonio Huete Jimenez		return 0;
f5b1c8a1SJohn Marino	BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
f5b1c8a1SJohn Marino	    kstr, OBJ_nid2ln(pkey->type));
f5b1c8a1SJohn Marino	return 1;
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent,
f5b1c8a1SJohn Marino    ASN1_PCTX *pctx)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (pkey->ameth && pkey->ameth->pub_print)
f5b1c8a1SJohn Marino		return pkey->ameth->pub_print(out, pkey, indent, pctx);
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino	return unsup_alg(out, pkey, indent, "Public Key");
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent,
f5b1c8a1SJohn Marino    ASN1_PCTX *pctx)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (pkey->ameth && pkey->ameth->priv_print)
f5b1c8a1SJohn Marino		return pkey->ameth->priv_print(out, pkey, indent, pctx);
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marino	return unsup_alg(out, pkey, indent, "Private Key");
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent,
f5b1c8a1SJohn Marino    ASN1_PCTX *pctx)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (pkey->ameth && pkey->ameth->param_print)
f5b1c8a1SJohn Marino		return pkey->ameth->param_print(out, pkey, indent, pctx);
f5b1c8a1SJohn Marino	return unsup_alg(out, pkey, indent, "Parameters");
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino
f5b1c8a1SJohn Marinoint
f5b1c8a1SJohn MarinoEVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
f5b1c8a1SJohn Marino{
f5b1c8a1SJohn Marino	if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
f5b1c8a1SJohn Marino		return -2;
f5b1c8a1SJohn Marino	return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
f5b1c8a1SJohn Marino	    0, pnid);
f5b1c8a1SJohn Marino}
f5b1c8a1SJohn Marino