1 /* 2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* 11 * DSA low level APIs are deprecated for public use, but still ok for 12 * internal use. 13 */ 14 #include "internal/deprecated.h" 15 16 #include <assert.h> 17 #include <stdio.h> 18 #include "internal/cryptlib.h" 19 #include "internal/refcount.h" 20 #include "internal/namemap.h" 21 #include <openssl/bn.h> 22 #include <openssl/err.h> 23 #include <openssl/objects.h> 24 #include <openssl/evp.h> 25 #include <openssl/rsa.h> 26 #include <openssl/dsa.h> 27 #include <openssl/dh.h> 28 #include <openssl/ec.h> 29 #include <openssl/cmac.h> 30 #ifndef FIPS_MODULE 31 # include <openssl/engine.h> 32 #endif 33 #include <openssl/params.h> 34 #include <openssl/param_build.h> 35 #include <openssl/encoder.h> 36 #include <openssl/core_names.h> 37 38 #include "internal/numbers.h" /* includes SIZE_MAX */ 39 #include "internal/ffc.h" 40 #include "crypto/evp.h" 41 #include "crypto/dh.h" 42 #include "crypto/dsa.h" 43 #include "crypto/ec.h" 44 #include "crypto/ecx.h" 45 #include "crypto/rsa.h" 46 #ifndef FIPS_MODULE 47 # include "crypto/asn1.h" 48 # include "crypto/x509.h" 49 #endif 50 #include "internal/provider.h" 51 #include "evp_local.h" 52 53 static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, 54 int len, EVP_KEYMGMT *keymgmt); 55 static void evp_pkey_free_it(EVP_PKEY *key); 56 57 #ifndef FIPS_MODULE 58 59 /* The type of parameters selected in key parameter functions */ 60 # define SELECT_PARAMETERS OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS 61 62 int EVP_PKEY_get_bits(const EVP_PKEY *pkey) 63 { 64 int size = 0; 65 66 if (pkey != NULL) { 67 size = pkey->cache.bits; 68 if (pkey->ameth != NULL && pkey->ameth->pkey_bits != NULL) 69 size = pkey->ameth->pkey_bits(pkey); 70 } 71 return size < 0 ? 0 : size; 72 } 73 74 int EVP_PKEY_get_security_bits(const EVP_PKEY *pkey) 75 { 76 int size = 0; 77 78 if (pkey != NULL) { 79 size = pkey->cache.security_bits; 80 if (pkey->ameth != NULL && pkey->ameth->pkey_security_bits != NULL) 81 size = pkey->ameth->pkey_security_bits(pkey); 82 } 83 return size < 0 ? 0 : size; 84 } 85 86 int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 87 { 88 # ifndef OPENSSL_NO_DSA 89 if (pkey->type == EVP_PKEY_DSA) { 90 int ret = pkey->save_parameters; 91 92 if (mode >= 0) 93 pkey->save_parameters = mode; 94 return ret; 95 } 96 # endif 97 # ifndef OPENSSL_NO_EC 98 if (pkey->type == EVP_PKEY_EC) { 99 int ret = pkey->save_parameters; 100 101 if (mode >= 0) 102 pkey->save_parameters = mode; 103 return ret; 104 } 105 # endif 106 return 0; 107 } 108 109 int EVP_PKEY_set_ex_data(EVP_PKEY *key, int idx, void *arg) 110 { 111 return CRYPTO_set_ex_data(&key->ex_data, idx, arg); 112 } 113 114 void *EVP_PKEY_get_ex_data(const EVP_PKEY *key, int idx) 115 { 116 return CRYPTO_get_ex_data(&key->ex_data, idx); 117 } 118 119 int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 120 { 121 /* 122 * Clean up legacy stuff from this function when legacy support is gone. 123 */ 124 125 EVP_PKEY *downgraded_from = NULL; 126 int ok = 0; 127 128 /* 129 * If |to| is a legacy key and |from| isn't, we must make a downgraded 130 * copy of |from|. If that fails, this function fails. 131 */ 132 if (evp_pkey_is_legacy(to) && evp_pkey_is_provided(from)) { 133 if (!evp_pkey_copy_downgraded(&downgraded_from, from)) 134 goto end; 135 from = downgraded_from; 136 } 137 138 /* 139 * Make sure |to| is typed. Content is less important at this early 140 * stage. 141 * 142 * 1. If |to| is untyped, assign |from|'s key type to it. 143 * 2. If |to| contains a legacy key, compare its |type| to |from|'s. 144 * (|from| was already downgraded above) 145 * 146 * If |to| is a provided key, there's nothing more to do here, functions 147 * like evp_keymgmt_util_copy() and evp_pkey_export_to_provider() called 148 * further down help us find out if they are the same or not. 149 */ 150 if (evp_pkey_is_blank(to)) { 151 if (evp_pkey_is_legacy(from)) { 152 if (EVP_PKEY_set_type(to, from->type) == 0) 153 goto end; 154 } else { 155 if (EVP_PKEY_set_type_by_keymgmt(to, from->keymgmt) == 0) 156 goto end; 157 } 158 } else if (evp_pkey_is_legacy(to)) { 159 if (to->type != from->type) { 160 ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES); 161 goto end; 162 } 163 } 164 165 if (EVP_PKEY_missing_parameters(from)) { 166 ERR_raise(ERR_LIB_EVP, EVP_R_MISSING_PARAMETERS); 167 goto end; 168 } 169 170 if (!EVP_PKEY_missing_parameters(to)) { 171 if (EVP_PKEY_parameters_eq(to, from) == 1) 172 ok = 1; 173 else 174 ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_PARAMETERS); 175 goto end; 176 } 177 178 /* For purely provided keys, we just call the keymgmt utility */ 179 if (to->keymgmt != NULL && from->keymgmt != NULL) { 180 ok = evp_keymgmt_util_copy(to, (EVP_PKEY *)from, SELECT_PARAMETERS); 181 goto end; 182 } 183 184 /* 185 * If |to| is provided, we know that |from| is legacy at this point. 186 * Try exporting |from| to |to|'s keymgmt, then use evp_keymgmt_dup() 187 * to copy the appropriate data to |to|'s keydata. 188 * We cannot override existing data so do it only if there is no keydata 189 * in |to| yet. 190 */ 191 if (to->keymgmt != NULL && to->keydata == NULL) { 192 EVP_KEYMGMT *to_keymgmt = to->keymgmt; 193 void *from_keydata = 194 evp_pkey_export_to_provider((EVP_PKEY *)from, NULL, &to_keymgmt, 195 NULL); 196 197 /* 198 * If we get a NULL, it could be an internal error, or it could be 199 * that there's a key mismatch. We're pretending the latter... 200 */ 201 if (from_keydata == NULL) 202 ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES); 203 else 204 ok = (to->keydata = evp_keymgmt_dup(to->keymgmt, 205 from_keydata, 206 SELECT_PARAMETERS)) != NULL; 207 goto end; 208 } 209 210 /* Both keys are legacy */ 211 if (from->ameth != NULL && from->ameth->param_copy != NULL) 212 ok = from->ameth->param_copy(to, from); 213 end: 214 EVP_PKEY_free(downgraded_from); 215 return ok; 216 } 217 218 int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 219 { 220 if (pkey != NULL) { 221 if (pkey->keymgmt != NULL) 222 return !evp_keymgmt_util_has((EVP_PKEY *)pkey, SELECT_PARAMETERS); 223 else if (pkey->ameth != NULL && pkey->ameth->param_missing != NULL) 224 return pkey->ameth->param_missing(pkey); 225 } 226 return 0; 227 } 228 229 /* 230 * This function is called for any mixture of keys except pure legacy pair. 231 * When legacy keys are gone, we replace a call to this functions with 232 * a call to evp_keymgmt_util_match(). 233 */ 234 static int evp_pkey_cmp_any(const EVP_PKEY *a, const EVP_PKEY *b, 235 int selection) 236 { 237 EVP_KEYMGMT *keymgmt1 = NULL, *keymgmt2 = NULL; 238 void *keydata1 = NULL, *keydata2 = NULL, *tmp_keydata = NULL; 239 240 /* If none of them are provided, this function shouldn't have been called */ 241 if (!ossl_assert(evp_pkey_is_provided(a) || evp_pkey_is_provided(b))) 242 return -2; 243 244 /* For purely provided keys, we just call the keymgmt utility */ 245 if (evp_pkey_is_provided(a) && evp_pkey_is_provided(b)) 246 return evp_keymgmt_util_match((EVP_PKEY *)a, (EVP_PKEY *)b, selection); 247 248 /* 249 * At this point, one of them is provided, the other not. This allows 250 * us to compare types using legacy NIDs. 251 */ 252 if (evp_pkey_is_legacy(a) 253 && !EVP_KEYMGMT_is_a(b->keymgmt, OBJ_nid2sn(a->type))) 254 return -1; /* not the same key type */ 255 if (evp_pkey_is_legacy(b) 256 && !EVP_KEYMGMT_is_a(a->keymgmt, OBJ_nid2sn(b->type))) 257 return -1; /* not the same key type */ 258 259 /* 260 * We've determined that they both are the same keytype, so the next 261 * step is to do a bit of cross export to ensure we have keydata for 262 * both keys in the same keymgmt. 263 */ 264 keymgmt1 = a->keymgmt; 265 keydata1 = a->keydata; 266 keymgmt2 = b->keymgmt; 267 keydata2 = b->keydata; 268 269 if (keymgmt2 != NULL && keymgmt2->match != NULL) { 270 tmp_keydata = 271 evp_pkey_export_to_provider((EVP_PKEY *)a, NULL, &keymgmt2, NULL); 272 if (tmp_keydata != NULL) { 273 keymgmt1 = keymgmt2; 274 keydata1 = tmp_keydata; 275 } 276 } 277 if (tmp_keydata == NULL && keymgmt1 != NULL && keymgmt1->match != NULL) { 278 tmp_keydata = 279 evp_pkey_export_to_provider((EVP_PKEY *)b, NULL, &keymgmt1, NULL); 280 if (tmp_keydata != NULL) { 281 keymgmt2 = keymgmt1; 282 keydata2 = tmp_keydata; 283 } 284 } 285 286 /* If we still don't have matching keymgmt implementations, we give up */ 287 if (keymgmt1 != keymgmt2) 288 return -2; 289 290 /* If the keymgmt implementations are NULL, the export failed */ 291 if (keymgmt1 == NULL) 292 return -2; 293 294 return evp_keymgmt_match(keymgmt1, keydata1, keydata2, selection); 295 } 296 297 # ifndef OPENSSL_NO_DEPRECATED_3_0 298 int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 299 { 300 return EVP_PKEY_parameters_eq(a, b); 301 } 302 #endif 303 304 int EVP_PKEY_parameters_eq(const EVP_PKEY *a, const EVP_PKEY *b) 305 { 306 /* 307 * This will just call evp_keymgmt_util_match when legacy support 308 * is gone. 309 */ 310 311 if (a->keymgmt != NULL || b->keymgmt != NULL) 312 return evp_pkey_cmp_any(a, b, SELECT_PARAMETERS); 313 314 /* All legacy keys */ 315 if (a->type != b->type) 316 return -1; 317 if (a->ameth != NULL && a->ameth->param_cmp != NULL) 318 return a->ameth->param_cmp(a, b); 319 return -2; 320 } 321 322 # ifndef OPENSSL_NO_DEPRECATED_3_0 323 int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 324 { 325 return EVP_PKEY_eq(a, b); 326 } 327 #endif 328 329 int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b) 330 { 331 /* 332 * This will just call evp_keymgmt_util_match when legacy support 333 * is gone. 334 */ 335 336 /* Trivial shortcuts */ 337 if (a == b) 338 return 1; 339 if (a == NULL || b == NULL) 340 return 0; 341 342 if (a->keymgmt != NULL || b->keymgmt != NULL) { 343 int selection = SELECT_PARAMETERS; 344 345 if (evp_keymgmt_util_has((EVP_PKEY *)a, OSSL_KEYMGMT_SELECT_PUBLIC_KEY) 346 && evp_keymgmt_util_has((EVP_PKEY *)b, OSSL_KEYMGMT_SELECT_PUBLIC_KEY)) 347 selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY; 348 else 349 selection |= OSSL_KEYMGMT_SELECT_KEYPAIR; 350 return evp_pkey_cmp_any(a, b, selection); 351 } 352 353 /* All legacy keys */ 354 if (a->type != b->type) 355 return -1; 356 357 if (a->ameth != NULL) { 358 int ret; 359 /* Compare parameters if the algorithm has them */ 360 if (a->ameth->param_cmp != NULL) { 361 ret = a->ameth->param_cmp(a, b); 362 if (ret <= 0) 363 return ret; 364 } 365 366 if (a->ameth->pub_cmp != NULL) 367 return a->ameth->pub_cmp(a, b); 368 } 369 370 return -2; 371 } 372 373 374 static EVP_PKEY *new_raw_key_int(OSSL_LIB_CTX *libctx, 375 const char *strtype, 376 const char *propq, 377 int nidtype, 378 ENGINE *e, 379 const unsigned char *key, 380 size_t len, 381 int key_is_priv) 382 { 383 EVP_PKEY *pkey = NULL; 384 EVP_PKEY_CTX *ctx = NULL; 385 const EVP_PKEY_ASN1_METHOD *ameth = NULL; 386 int result = 0; 387 388 # ifndef OPENSSL_NO_ENGINE 389 /* Check if there is an Engine for this type */ 390 if (e == NULL) { 391 ENGINE *tmpe = NULL; 392 393 if (strtype != NULL) 394 ameth = EVP_PKEY_asn1_find_str(&tmpe, strtype, -1); 395 else if (nidtype != EVP_PKEY_NONE) 396 ameth = EVP_PKEY_asn1_find(&tmpe, nidtype); 397 398 /* If tmpe is NULL then no engine is claiming to support this type */ 399 if (tmpe == NULL) 400 ameth = NULL; 401 402 ENGINE_finish(tmpe); 403 } 404 # endif 405 406 if (e == NULL && ameth == NULL) { 407 /* 408 * No engine is claiming to support this type, so lets see if we have 409 * a provider. 410 */ 411 ctx = EVP_PKEY_CTX_new_from_name(libctx, 412 strtype != NULL ? strtype 413 : OBJ_nid2sn(nidtype), 414 propq); 415 if (ctx == NULL) 416 goto err; 417 /* May fail if no provider available */ 418 ERR_set_mark(); 419 if (EVP_PKEY_fromdata_init(ctx) == 1) { 420 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END }; 421 422 ERR_clear_last_mark(); 423 params[0] = OSSL_PARAM_construct_octet_string( 424 key_is_priv ? OSSL_PKEY_PARAM_PRIV_KEY 425 : OSSL_PKEY_PARAM_PUB_KEY, 426 (void *)key, len); 427 428 if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) != 1) { 429 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 430 goto err; 431 } 432 433 EVP_PKEY_CTX_free(ctx); 434 435 return pkey; 436 } 437 ERR_pop_to_mark(); 438 /* else not supported so fallback to legacy */ 439 } 440 441 /* Legacy code path */ 442 443 pkey = EVP_PKEY_new(); 444 if (pkey == NULL) { 445 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 446 goto err; 447 } 448 449 if (!pkey_set_type(pkey, e, nidtype, strtype, -1, NULL)) { 450 /* EVPerr already called */ 451 goto err; 452 } 453 454 if (!ossl_assert(pkey->ameth != NULL)) 455 goto err; 456 457 if (key_is_priv) { 458 if (pkey->ameth->set_priv_key == NULL) { 459 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 460 goto err; 461 } 462 463 if (!pkey->ameth->set_priv_key(pkey, key, len)) { 464 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 465 goto err; 466 } 467 } else { 468 if (pkey->ameth->set_pub_key == NULL) { 469 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 470 goto err; 471 } 472 473 if (!pkey->ameth->set_pub_key(pkey, key, len)) { 474 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 475 goto err; 476 } 477 } 478 479 result = 1; 480 err: 481 if (!result) { 482 EVP_PKEY_free(pkey); 483 pkey = NULL; 484 } 485 EVP_PKEY_CTX_free(ctx); 486 return pkey; 487 } 488 489 EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OSSL_LIB_CTX *libctx, 490 const char *keytype, 491 const char *propq, 492 const unsigned char *priv, size_t len) 493 { 494 return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, priv, 495 len, 1); 496 } 497 498 EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, 499 const unsigned char *priv, 500 size_t len) 501 { 502 return new_raw_key_int(NULL, NULL, NULL, type, e, priv, len, 1); 503 } 504 505 EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OSSL_LIB_CTX *libctx, 506 const char *keytype, const char *propq, 507 const unsigned char *pub, size_t len) 508 { 509 return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, pub, 510 len, 0); 511 } 512 513 EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e, 514 const unsigned char *pub, 515 size_t len) 516 { 517 return new_raw_key_int(NULL, NULL, NULL, type, e, pub, len, 0); 518 } 519 520 struct raw_key_details_st 521 { 522 unsigned char **key; 523 size_t *len; 524 int selection; 525 }; 526 527 static OSSL_CALLBACK get_raw_key_details; 528 static int get_raw_key_details(const OSSL_PARAM params[], void *arg) 529 { 530 const OSSL_PARAM *p = NULL; 531 struct raw_key_details_st *raw_key = arg; 532 533 if (raw_key->selection == OSSL_KEYMGMT_SELECT_PRIVATE_KEY) { 534 if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY)) 535 != NULL) 536 return OSSL_PARAM_get_octet_string(p, (void **)raw_key->key, 537 raw_key->key == NULL ? 0 : *raw_key->len, 538 raw_key->len); 539 } else if (raw_key->selection == OSSL_KEYMGMT_SELECT_PUBLIC_KEY) { 540 if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY)) 541 != NULL) 542 return OSSL_PARAM_get_octet_string(p, (void **)raw_key->key, 543 raw_key->key == NULL ? 0 : *raw_key->len, 544 raw_key->len); 545 } 546 547 return 0; 548 } 549 550 int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv, 551 size_t *len) 552 { 553 if (pkey->keymgmt != NULL) { 554 struct raw_key_details_st raw_key; 555 556 raw_key.key = priv == NULL ? NULL : &priv; 557 raw_key.len = len; 558 raw_key.selection = OSSL_KEYMGMT_SELECT_PRIVATE_KEY; 559 560 return evp_keymgmt_util_export(pkey, OSSL_KEYMGMT_SELECT_PRIVATE_KEY, 561 get_raw_key_details, &raw_key); 562 } 563 564 if (pkey->ameth == NULL) { 565 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 566 return 0; 567 } 568 569 if (pkey->ameth->get_priv_key == NULL) { 570 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 571 return 0; 572 } 573 574 if (!pkey->ameth->get_priv_key(pkey, priv, len)) { 575 ERR_raise(ERR_LIB_EVP, EVP_R_GET_RAW_KEY_FAILED); 576 return 0; 577 } 578 579 return 1; 580 } 581 582 int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub, 583 size_t *len) 584 { 585 if (pkey->keymgmt != NULL) { 586 struct raw_key_details_st raw_key; 587 588 raw_key.key = pub == NULL ? NULL : &pub; 589 raw_key.len = len; 590 raw_key.selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY; 591 592 return evp_keymgmt_util_export(pkey, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, 593 get_raw_key_details, &raw_key); 594 } 595 596 if (pkey->ameth == NULL) { 597 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 598 return 0; 599 } 600 601 if (pkey->ameth->get_pub_key == NULL) { 602 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 603 return 0; 604 } 605 606 if (!pkey->ameth->get_pub_key(pkey, pub, len)) { 607 ERR_raise(ERR_LIB_EVP, EVP_R_GET_RAW_KEY_FAILED); 608 return 0; 609 } 610 611 return 1; 612 } 613 614 static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len, 615 const char *cipher_name, 616 const EVP_CIPHER *cipher, 617 OSSL_LIB_CTX *libctx, 618 const char *propq, ENGINE *e) 619 { 620 # ifndef OPENSSL_NO_CMAC 621 # ifndef OPENSSL_NO_ENGINE 622 const char *engine_id = e != NULL ? ENGINE_get_id(e) : NULL; 623 # endif 624 OSSL_PARAM params[5], *p = params; 625 EVP_PKEY *pkey = NULL; 626 EVP_PKEY_CTX *ctx; 627 628 if (cipher != NULL) 629 cipher_name = EVP_CIPHER_get0_name(cipher); 630 631 if (cipher_name == NULL) { 632 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 633 return NULL; 634 } 635 636 ctx = EVP_PKEY_CTX_new_from_name(libctx, "CMAC", propq); 637 if (ctx == NULL) 638 goto err; 639 640 if (EVP_PKEY_fromdata_init(ctx) <= 0) { 641 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 642 goto err; 643 } 644 645 *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, 646 (void *)priv, len); 647 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_CIPHER, 648 (char *)cipher_name, 0); 649 if (propq != NULL) 650 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_PROPERTIES, 651 (char *)propq, 0); 652 # ifndef OPENSSL_NO_ENGINE 653 if (engine_id != NULL) 654 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_ENGINE, 655 (char *)engine_id, 0); 656 # endif 657 *p = OSSL_PARAM_construct_end(); 658 659 if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) { 660 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 661 goto err; 662 } 663 664 err: 665 EVP_PKEY_CTX_free(ctx); 666 667 return pkey; 668 # else 669 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 670 return NULL; 671 # endif 672 } 673 674 EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, 675 size_t len, const EVP_CIPHER *cipher) 676 { 677 return new_cmac_key_int(priv, len, NULL, cipher, NULL, NULL, e); 678 } 679 680 int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 681 { 682 return pkey_set_type(pkey, NULL, type, NULL, -1, NULL); 683 } 684 685 int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 686 { 687 return pkey_set_type(pkey, NULL, EVP_PKEY_NONE, str, len, NULL); 688 } 689 690 # ifndef OPENSSL_NO_ENGINE 691 int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *e) 692 { 693 if (e != NULL) { 694 if (!ENGINE_init(e)) { 695 ERR_raise(ERR_LIB_EVP, ERR_R_ENGINE_LIB); 696 return 0; 697 } 698 if (ENGINE_get_pkey_meth(e, pkey->type) == NULL) { 699 ENGINE_finish(e); 700 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM); 701 return 0; 702 } 703 } 704 ENGINE_finish(pkey->pmeth_engine); 705 pkey->pmeth_engine = e; 706 return 1; 707 } 708 709 ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey) 710 { 711 return pkey->engine; 712 } 713 # endif 714 715 # ifndef OPENSSL_NO_DEPRECATED_3_0 716 static void detect_foreign_key(EVP_PKEY *pkey) 717 { 718 switch (pkey->type) { 719 case EVP_PKEY_RSA: 720 case EVP_PKEY_RSA_PSS: 721 pkey->foreign = pkey->pkey.rsa != NULL 722 && ossl_rsa_is_foreign(pkey->pkey.rsa); 723 break; 724 # ifndef OPENSSL_NO_EC 725 case EVP_PKEY_SM2: 726 break; 727 case EVP_PKEY_EC: 728 pkey->foreign = pkey->pkey.ec != NULL 729 && ossl_ec_key_is_foreign(pkey->pkey.ec); 730 break; 731 # endif 732 # ifndef OPENSSL_NO_DSA 733 case EVP_PKEY_DSA: 734 pkey->foreign = pkey->pkey.dsa != NULL 735 && ossl_dsa_is_foreign(pkey->pkey.dsa); 736 break; 737 #endif 738 # ifndef OPENSSL_NO_DH 739 case EVP_PKEY_DH: 740 pkey->foreign = pkey->pkey.dh != NULL 741 && ossl_dh_is_foreign(pkey->pkey.dh); 742 break; 743 #endif 744 default: 745 pkey->foreign = 0; 746 break; 747 } 748 } 749 750 int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 751 { 752 # ifndef OPENSSL_NO_EC 753 int pktype; 754 755 pktype = EVP_PKEY_type(type); 756 if ((key != NULL) && (pktype == EVP_PKEY_EC || pktype == EVP_PKEY_SM2)) { 757 const EC_GROUP *group = EC_KEY_get0_group(key); 758 759 if (group != NULL) { 760 int curve = EC_GROUP_get_curve_name(group); 761 762 /* 763 * Regardless of what is requested the SM2 curve must be SM2 type, 764 * and non SM2 curves are EC type. 765 */ 766 if (curve == NID_sm2 && pktype == EVP_PKEY_EC) 767 type = EVP_PKEY_SM2; 768 else if(curve != NID_sm2 && pktype == EVP_PKEY_SM2) 769 type = EVP_PKEY_EC; 770 } 771 } 772 # endif 773 774 if (pkey == NULL || !EVP_PKEY_set_type(pkey, type)) 775 return 0; 776 777 pkey->pkey.ptr = key; 778 detect_foreign_key(pkey); 779 780 return (key != NULL); 781 } 782 # endif 783 784 void *EVP_PKEY_get0(const EVP_PKEY *pkey) 785 { 786 if (pkey == NULL) 787 return NULL; 788 789 if (!evp_pkey_is_provided(pkey)) 790 return pkey->pkey.ptr; 791 792 return NULL; 793 } 794 795 const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) 796 { 797 const ASN1_OCTET_STRING *os = NULL; 798 if (pkey->type != EVP_PKEY_HMAC) { 799 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_AN_HMAC_KEY); 800 return NULL; 801 } 802 os = evp_pkey_get_legacy((EVP_PKEY *)pkey); 803 if (os != NULL) { 804 *len = os->length; 805 return os->data; 806 } 807 return NULL; 808 } 809 810 # ifndef OPENSSL_NO_POLY1305 811 const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len) 812 { 813 const ASN1_OCTET_STRING *os = NULL; 814 if (pkey->type != EVP_PKEY_POLY1305) { 815 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_POLY1305_KEY); 816 return NULL; 817 } 818 os = evp_pkey_get_legacy((EVP_PKEY *)pkey); 819 if (os != NULL) { 820 *len = os->length; 821 return os->data; 822 } 823 return NULL; 824 } 825 # endif 826 827 # ifndef OPENSSL_NO_SIPHASH 828 const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len) 829 { 830 const ASN1_OCTET_STRING *os = NULL; 831 832 if (pkey->type != EVP_PKEY_SIPHASH) { 833 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_SIPHASH_KEY); 834 return NULL; 835 } 836 os = evp_pkey_get_legacy((EVP_PKEY *)pkey); 837 if (os != NULL) { 838 *len = os->length; 839 return os->data; 840 } 841 return NULL; 842 } 843 # endif 844 845 # ifndef OPENSSL_NO_DSA 846 static DSA *evp_pkey_get0_DSA_int(const EVP_PKEY *pkey) 847 { 848 if (pkey->type != EVP_PKEY_DSA) { 849 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_DSA_KEY); 850 return NULL; 851 } 852 return evp_pkey_get_legacy((EVP_PKEY *)pkey); 853 } 854 855 const DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey) 856 { 857 return evp_pkey_get0_DSA_int(pkey); 858 } 859 860 int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 861 { 862 int ret = EVP_PKEY_assign_DSA(pkey, key); 863 if (ret) 864 DSA_up_ref(key); 865 return ret; 866 } 867 DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 868 { 869 DSA *ret = evp_pkey_get0_DSA_int(pkey); 870 871 if (ret != NULL) 872 DSA_up_ref(ret); 873 return ret; 874 } 875 # endif /* OPENSSL_NO_DSA */ 876 877 # ifndef OPENSSL_NO_EC 878 static const ECX_KEY *evp_pkey_get0_ECX_KEY(const EVP_PKEY *pkey, int type) 879 { 880 if (EVP_PKEY_get_base_id(pkey) != type) { 881 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_ECX_KEY); 882 return NULL; 883 } 884 return evp_pkey_get_legacy((EVP_PKEY *)pkey); 885 } 886 887 static ECX_KEY *evp_pkey_get1_ECX_KEY(EVP_PKEY *pkey, int type) 888 { 889 ECX_KEY *ret = (ECX_KEY *)evp_pkey_get0_ECX_KEY(pkey, type); 890 891 if (ret != NULL && !ossl_ecx_key_up_ref(ret)) 892 ret = NULL; 893 return ret; 894 } 895 896 # define IMPLEMENT_ECX_VARIANT(NAME) \ 897 ECX_KEY *ossl_evp_pkey_get1_##NAME(EVP_PKEY *pkey) \ 898 { \ 899 return evp_pkey_get1_ECX_KEY(pkey, EVP_PKEY_##NAME); \ 900 } 901 IMPLEMENT_ECX_VARIANT(X25519) 902 IMPLEMENT_ECX_VARIANT(X448) 903 IMPLEMENT_ECX_VARIANT(ED25519) 904 IMPLEMENT_ECX_VARIANT(ED448) 905 906 # endif 907 908 # if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0) 909 910 int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *dhkey) 911 { 912 int ret, type; 913 914 /* 915 * ossl_dh_is_named_safe_prime_group() returns 1 for named safe prime groups 916 * related to ffdhe and modp (which cache q = (p - 1) / 2), 917 * and returns 0 for all other dh parameter generation types including 918 * RFC5114 named groups. 919 * 920 * The EVP_PKEY_DH type is used for dh parameter generation types: 921 * - named safe prime groups related to ffdhe and modp 922 * - safe prime generator 923 * 924 * The type EVP_PKEY_DHX is used for dh parameter generation types 925 * - fips186-4 and fips186-2 926 * - rfc5114 named groups. 927 * 928 * The EVP_PKEY_DH type is used to save PKCS#3 data than can be stored 929 * without a q value. 930 * The EVP_PKEY_DHX type is used to save X9.42 data that requires the 931 * q value to be stored. 932 */ 933 if (ossl_dh_is_named_safe_prime_group(dhkey)) 934 type = EVP_PKEY_DH; 935 else 936 type = DH_get0_q(dhkey) == NULL ? EVP_PKEY_DH : EVP_PKEY_DHX; 937 938 ret = EVP_PKEY_assign(pkey, type, dhkey); 939 940 if (ret) 941 DH_up_ref(dhkey); 942 return ret; 943 } 944 945 DH *evp_pkey_get0_DH_int(const EVP_PKEY *pkey) 946 { 947 if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) { 948 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_DH_KEY); 949 return NULL; 950 } 951 return evp_pkey_get_legacy((EVP_PKEY *)pkey); 952 } 953 954 const DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey) 955 { 956 return evp_pkey_get0_DH_int(pkey); 957 } 958 959 DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) 960 { 961 DH *ret = evp_pkey_get0_DH_int(pkey); 962 963 if (ret != NULL) 964 DH_up_ref(ret); 965 return ret; 966 } 967 # endif 968 969 int EVP_PKEY_type(int type) 970 { 971 int ret; 972 const EVP_PKEY_ASN1_METHOD *ameth; 973 ENGINE *e; 974 ameth = EVP_PKEY_asn1_find(&e, type); 975 if (ameth) 976 ret = ameth->pkey_id; 977 else 978 ret = NID_undef; 979 # ifndef OPENSSL_NO_ENGINE 980 ENGINE_finish(e); 981 # endif 982 return ret; 983 } 984 985 int EVP_PKEY_get_id(const EVP_PKEY *pkey) 986 { 987 return pkey->type; 988 } 989 990 int EVP_PKEY_get_base_id(const EVP_PKEY *pkey) 991 { 992 return EVP_PKEY_type(pkey->type); 993 } 994 995 /* 996 * These hard coded cases are pure hackery to get around the fact 997 * that names in crypto/objects/objects.txt are a mess. There is 998 * no "EC", and "RSA" leads to the NID for 2.5.8.1.1, an OID that's 999 * fallen out in favor of { pkcs-1 1 }, i.e. 1.2.840.113549.1.1.1, 1000 * the NID of which is used for EVP_PKEY_RSA. Strangely enough, 1001 * "DSA" is accurate... but still, better be safe and hard-code 1002 * names that we know. 1003 * On a similar topic, EVP_PKEY_type(EVP_PKEY_SM2) will result in 1004 * EVP_PKEY_EC, because of aliasing. 1005 * This should be cleaned away along with all other #legacy support. 1006 */ 1007 static const OSSL_ITEM standard_name2type[] = { 1008 { EVP_PKEY_RSA, "RSA" }, 1009 { EVP_PKEY_RSA_PSS, "RSA-PSS" }, 1010 { EVP_PKEY_EC, "EC" }, 1011 { EVP_PKEY_ED25519, "ED25519" }, 1012 { EVP_PKEY_ED448, "ED448" }, 1013 { EVP_PKEY_X25519, "X25519" }, 1014 { EVP_PKEY_X448, "X448" }, 1015 { EVP_PKEY_SM2, "SM2" }, 1016 { EVP_PKEY_DH, "DH" }, 1017 { EVP_PKEY_DHX, "X9.42 DH" }, 1018 { EVP_PKEY_DHX, "DHX" }, 1019 { EVP_PKEY_DSA, "DSA" }, 1020 }; 1021 1022 int evp_pkey_name2type(const char *name) 1023 { 1024 int type; 1025 size_t i; 1026 1027 for (i = 0; i < OSSL_NELEM(standard_name2type); i++) { 1028 if (OPENSSL_strcasecmp(name, standard_name2type[i].ptr) == 0) 1029 return (int)standard_name2type[i].id; 1030 } 1031 1032 if ((type = EVP_PKEY_type(OBJ_sn2nid(name))) != NID_undef) 1033 return type; 1034 return EVP_PKEY_type(OBJ_ln2nid(name)); 1035 } 1036 1037 const char *evp_pkey_type2name(int type) 1038 { 1039 size_t i; 1040 1041 for (i = 0; i < OSSL_NELEM(standard_name2type); i++) { 1042 if (type == (int)standard_name2type[i].id) 1043 return standard_name2type[i].ptr; 1044 } 1045 1046 return OBJ_nid2sn(type); 1047 } 1048 1049 int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name) 1050 { 1051 if (pkey == NULL) 1052 return 0; 1053 if (pkey->keymgmt == NULL) 1054 return pkey->type == evp_pkey_name2type(name); 1055 return EVP_KEYMGMT_is_a(pkey->keymgmt, name); 1056 } 1057 1058 int EVP_PKEY_type_names_do_all(const EVP_PKEY *pkey, 1059 void (*fn)(const char *name, void *data), 1060 void *data) 1061 { 1062 if (!evp_pkey_is_typed(pkey)) 1063 return 0; 1064 1065 if (!evp_pkey_is_provided(pkey)) { 1066 const char *name = OBJ_nid2sn(EVP_PKEY_get_id(pkey)); 1067 1068 fn(name, data); 1069 return 1; 1070 } 1071 return EVP_KEYMGMT_names_do_all(pkey->keymgmt, fn, data); 1072 } 1073 1074 int EVP_PKEY_can_sign(const EVP_PKEY *pkey) 1075 { 1076 if (pkey->keymgmt == NULL) { 1077 switch (EVP_PKEY_get_base_id(pkey)) { 1078 case EVP_PKEY_RSA: 1079 case EVP_PKEY_RSA_PSS: 1080 return 1; 1081 # ifndef OPENSSL_NO_DSA 1082 case EVP_PKEY_DSA: 1083 return 1; 1084 # endif 1085 # ifndef OPENSSL_NO_EC 1086 case EVP_PKEY_ED25519: 1087 case EVP_PKEY_ED448: 1088 return 1; 1089 case EVP_PKEY_EC: /* Including SM2 */ 1090 return EC_KEY_can_sign(pkey->pkey.ec); 1091 # endif 1092 default: 1093 break; 1094 } 1095 } else { 1096 const OSSL_PROVIDER *prov = EVP_KEYMGMT_get0_provider(pkey->keymgmt); 1097 OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); 1098 const char *supported_sig = 1099 pkey->keymgmt->query_operation_name != NULL 1100 ? pkey->keymgmt->query_operation_name(OSSL_OP_SIGNATURE) 1101 : EVP_KEYMGMT_get0_name(pkey->keymgmt); 1102 EVP_SIGNATURE *signature = NULL; 1103 1104 signature = EVP_SIGNATURE_fetch(libctx, supported_sig, NULL); 1105 if (signature != NULL) { 1106 EVP_SIGNATURE_free(signature); 1107 return 1; 1108 } 1109 } 1110 return 0; 1111 } 1112 1113 static int print_reset_indent(BIO **out, int pop_f_prefix, long saved_indent) 1114 { 1115 BIO_set_indent(*out, saved_indent); 1116 if (pop_f_prefix) { 1117 BIO *next = BIO_pop(*out); 1118 1119 BIO_free(*out); 1120 *out = next; 1121 } 1122 return 1; 1123 } 1124 1125 static int print_set_indent(BIO **out, int *pop_f_prefix, long *saved_indent, 1126 long indent) 1127 { 1128 *pop_f_prefix = 0; 1129 *saved_indent = 0; 1130 if (indent > 0) { 1131 long i = BIO_get_indent(*out); 1132 1133 *saved_indent = (i < 0 ? 0 : i); 1134 if (BIO_set_indent(*out, indent) <= 0) { 1135 BIO *prefbio = BIO_new(BIO_f_prefix()); 1136 1137 if (prefbio == NULL) 1138 return 0; 1139 *out = BIO_push(prefbio, *out); 1140 *pop_f_prefix = 1; 1141 } 1142 if (BIO_set_indent(*out, indent) <= 0) { 1143 print_reset_indent(out, *pop_f_prefix, *saved_indent); 1144 return 0; 1145 } 1146 } 1147 return 1; 1148 } 1149 1150 static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, 1151 const char *kstr) 1152 { 1153 return BIO_indent(out, indent, 128) 1154 && BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 1155 kstr, OBJ_nid2ln(pkey->type)) > 0; 1156 } 1157 1158 static int print_pkey(const EVP_PKEY *pkey, BIO *out, int indent, 1159 int selection /* For provided encoding */, 1160 const char *propquery /* For provided encoding */, 1161 int (*legacy_print)(BIO *out, const EVP_PKEY *pkey, 1162 int indent, ASN1_PCTX *pctx), 1163 ASN1_PCTX *legacy_pctx /* For legacy print */) 1164 { 1165 int pop_f_prefix; 1166 long saved_indent; 1167 OSSL_ENCODER_CTX *ctx = NULL; 1168 int ret = -2; /* default to unsupported */ 1169 1170 if (!print_set_indent(&out, &pop_f_prefix, &saved_indent, indent)) 1171 return 0; 1172 1173 ctx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "TEXT", NULL, 1174 propquery); 1175 if (OSSL_ENCODER_CTX_get_num_encoders(ctx) != 0) 1176 ret = OSSL_ENCODER_to_bio(ctx, out); 1177 OSSL_ENCODER_CTX_free(ctx); 1178 1179 if (ret != -2) 1180 goto end; 1181 1182 /* legacy fallback */ 1183 if (legacy_print != NULL) 1184 ret = legacy_print(out, pkey, 0, legacy_pctx); 1185 else 1186 ret = unsup_alg(out, pkey, 0, "Public Key"); 1187 1188 end: 1189 print_reset_indent(&out, pop_f_prefix, saved_indent); 1190 return ret; 1191 } 1192 1193 int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, 1194 int indent, ASN1_PCTX *pctx) 1195 { 1196 return print_pkey(pkey, out, indent, EVP_PKEY_PUBLIC_KEY, NULL, 1197 (pkey->ameth != NULL ? pkey->ameth->pub_print : NULL), 1198 pctx); 1199 } 1200 1201 int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, 1202 int indent, ASN1_PCTX *pctx) 1203 { 1204 return print_pkey(pkey, out, indent, EVP_PKEY_PRIVATE_KEY, NULL, 1205 (pkey->ameth != NULL ? pkey->ameth->priv_print : NULL), 1206 pctx); 1207 } 1208 1209 int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, 1210 int indent, ASN1_PCTX *pctx) 1211 { 1212 return print_pkey(pkey, out, indent, EVP_PKEY_KEY_PARAMETERS, NULL, 1213 (pkey->ameth != NULL ? pkey->ameth->param_print : NULL), 1214 pctx); 1215 } 1216 1217 # ifndef OPENSSL_NO_STDIO 1218 int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey, 1219 int indent, ASN1_PCTX *pctx) 1220 { 1221 int ret; 1222 BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); 1223 1224 if (b == NULL) 1225 return 0; 1226 ret = EVP_PKEY_print_public(b, pkey, indent, pctx); 1227 BIO_free(b); 1228 return ret; 1229 } 1230 1231 int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey, 1232 int indent, ASN1_PCTX *pctx) 1233 { 1234 int ret; 1235 BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); 1236 1237 if (b == NULL) 1238 return 0; 1239 ret = EVP_PKEY_print_private(b, pkey, indent, pctx); 1240 BIO_free(b); 1241 return ret; 1242 } 1243 1244 int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey, 1245 int indent, ASN1_PCTX *pctx) 1246 { 1247 int ret; 1248 BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); 1249 1250 if (b == NULL) 1251 return 0; 1252 ret = EVP_PKEY_print_params(b, pkey, indent, pctx); 1253 BIO_free(b); 1254 return ret; 1255 } 1256 # endif 1257 1258 static void mdname2nid(const char *mdname, void *data) 1259 { 1260 int *nid = (int *)data; 1261 1262 if (*nid != NID_undef) 1263 return; 1264 1265 *nid = OBJ_sn2nid(mdname); 1266 if (*nid == NID_undef) 1267 *nid = OBJ_ln2nid(mdname); 1268 } 1269 1270 static int legacy_asn1_ctrl_to_param(EVP_PKEY *pkey, int op, 1271 int arg1, void *arg2) 1272 { 1273 if (pkey->keymgmt == NULL) 1274 return 0; 1275 switch (op) { 1276 case ASN1_PKEY_CTRL_DEFAULT_MD_NID: 1277 { 1278 char mdname[80] = ""; 1279 int rv = EVP_PKEY_get_default_digest_name(pkey, mdname, 1280 sizeof(mdname)); 1281 1282 if (rv > 0) { 1283 int mdnum; 1284 OSSL_LIB_CTX *libctx = ossl_provider_libctx(pkey->keymgmt->prov); 1285 /* Make sure the MD is in the namemap if available */ 1286 EVP_MD *md; 1287 OSSL_NAMEMAP *namemap; 1288 int nid = NID_undef; 1289 1290 (void)ERR_set_mark(); 1291 md = EVP_MD_fetch(libctx, mdname, NULL); 1292 (void)ERR_pop_to_mark(); 1293 namemap = ossl_namemap_stored(libctx); 1294 1295 /* 1296 * The only reason to fetch the MD was to make sure it is in the 1297 * namemap. We can immediately free it. 1298 */ 1299 EVP_MD_free(md); 1300 mdnum = ossl_namemap_name2num(namemap, mdname); 1301 if (mdnum == 0) 1302 return 0; 1303 1304 /* 1305 * We have the namemap number - now we need to find the 1306 * associated nid 1307 */ 1308 if (!ossl_namemap_doall_names(namemap, mdnum, mdname2nid, &nid)) 1309 return 0; 1310 *(int *)arg2 = nid; 1311 } 1312 return rv; 1313 } 1314 default: 1315 return -2; 1316 } 1317 } 1318 1319 static int evp_pkey_asn1_ctrl(EVP_PKEY *pkey, int op, int arg1, void *arg2) 1320 { 1321 if (pkey->ameth == NULL) 1322 return legacy_asn1_ctrl_to_param(pkey, op, arg1, arg2); 1323 if (pkey->ameth->pkey_ctrl == NULL) 1324 return -2; 1325 return pkey->ameth->pkey_ctrl(pkey, op, arg1, arg2); 1326 } 1327 1328 int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 1329 { 1330 if (pkey == NULL) 1331 return 0; 1332 return evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 0, pnid); 1333 } 1334 1335 int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey, 1336 char *mdname, size_t mdname_sz) 1337 { 1338 if (pkey->ameth == NULL) 1339 return evp_keymgmt_util_get_deflt_digest_name(pkey->keymgmt, 1340 pkey->keydata, 1341 mdname, mdname_sz); 1342 1343 { 1344 int nid = NID_undef; 1345 int rv = EVP_PKEY_get_default_digest_nid(pkey, &nid); 1346 const char *name = rv > 0 ? OBJ_nid2sn(nid) : NULL; 1347 1348 if (rv > 0) 1349 OPENSSL_strlcpy(mdname, name, mdname_sz); 1350 return rv; 1351 } 1352 } 1353 1354 int EVP_PKEY_get_group_name(const EVP_PKEY *pkey, char *gname, size_t gname_sz, 1355 size_t *gname_len) 1356 { 1357 return EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_GROUP_NAME, 1358 gname, gname_sz, gname_len); 1359 } 1360 1361 int EVP_PKEY_digestsign_supports_digest(EVP_PKEY *pkey, OSSL_LIB_CTX *libctx, 1362 const char *name, const char *propq) 1363 { 1364 int rv; 1365 EVP_MD_CTX *ctx = NULL; 1366 1367 if ((ctx = EVP_MD_CTX_new()) == NULL) 1368 return -1; 1369 1370 ERR_set_mark(); 1371 rv = EVP_DigestSignInit_ex(ctx, NULL, name, libctx, 1372 propq, pkey, NULL); 1373 ERR_pop_to_mark(); 1374 1375 EVP_MD_CTX_free(ctx); 1376 return rv; 1377 } 1378 1379 int EVP_PKEY_set1_encoded_public_key(EVP_PKEY *pkey, const unsigned char *pub, 1380 size_t publen) 1381 { 1382 if (pkey == NULL) 1383 return 0; 1384 if (evp_pkey_is_provided(pkey)) 1385 return 1386 EVP_PKEY_set_octet_string_param(pkey, 1387 OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, 1388 (unsigned char *)pub, publen); 1389 1390 if (publen > INT_MAX) 1391 return 0; 1392 /* Historically this function was EVP_PKEY_set1_tls_encodedpoint */ 1393 if (evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_SET1_TLS_ENCPT, publen, 1394 (void *)pub) <= 0) 1395 return 0; 1396 return 1; 1397 } 1398 1399 size_t EVP_PKEY_get1_encoded_public_key(EVP_PKEY *pkey, unsigned char **ppub) 1400 { 1401 int rv; 1402 1403 if (pkey == NULL) 1404 return 0; 1405 if (evp_pkey_is_provided(pkey)) { 1406 size_t return_size = OSSL_PARAM_UNMODIFIED; 1407 unsigned char *buf; 1408 1409 /* 1410 * We know that this is going to fail, but it will give us a size 1411 * to allocate. 1412 */ 1413 EVP_PKEY_get_octet_string_param(pkey, 1414 OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, 1415 NULL, 0, &return_size); 1416 if (return_size == OSSL_PARAM_UNMODIFIED) 1417 return 0; 1418 1419 *ppub = NULL; 1420 buf = OPENSSL_malloc(return_size); 1421 if (buf == NULL) 1422 return 0; 1423 1424 if (!EVP_PKEY_get_octet_string_param(pkey, 1425 OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, 1426 buf, return_size, NULL)) { 1427 OPENSSL_free(buf); 1428 return 0; 1429 } 1430 *ppub = buf; 1431 return return_size; 1432 } 1433 1434 1435 rv = evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_GET1_TLS_ENCPT, 0, ppub); 1436 if (rv <= 0) 1437 return 0; 1438 return rv; 1439 } 1440 1441 #endif /* FIPS_MODULE */ 1442 1443 /*- All methods below can also be used in FIPS_MODULE */ 1444 1445 EVP_PKEY *EVP_PKEY_new(void) 1446 { 1447 EVP_PKEY *ret = OPENSSL_zalloc(sizeof(*ret)); 1448 1449 if (ret == NULL) { 1450 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 1451 return NULL; 1452 } 1453 1454 ret->type = EVP_PKEY_NONE; 1455 ret->save_type = EVP_PKEY_NONE; 1456 ret->references = 1; 1457 1458 ret->lock = CRYPTO_THREAD_lock_new(); 1459 if (ret->lock == NULL) { 1460 EVPerr(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 1461 goto err; 1462 } 1463 1464 #ifndef FIPS_MODULE 1465 ret->save_parameters = 1; 1466 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, ret, &ret->ex_data)) { 1467 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 1468 goto err; 1469 } 1470 #endif 1471 return ret; 1472 1473 err: 1474 CRYPTO_THREAD_lock_free(ret->lock); 1475 OPENSSL_free(ret); 1476 return NULL; 1477 } 1478 1479 /* 1480 * Setup a public key management method. 1481 * 1482 * For legacy keys, either |type| or |str| is expected to have the type 1483 * information. In this case, the setup consists of finding an ASN1 method 1484 * and potentially an ENGINE, and setting those fields in |pkey|. 1485 * 1486 * For provider side keys, |keymgmt| is expected to be non-NULL. In this 1487 * case, the setup consists of setting the |keymgmt| field in |pkey|. 1488 * 1489 * If pkey is NULL just return 1 or 0 if the key management method exists. 1490 */ 1491 1492 static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, 1493 int len, EVP_KEYMGMT *keymgmt) 1494 { 1495 #ifndef FIPS_MODULE 1496 const EVP_PKEY_ASN1_METHOD *ameth = NULL; 1497 ENGINE **eptr = (e == NULL) ? &e : NULL; 1498 #endif 1499 1500 /* 1501 * The setups can't set both legacy and provider side methods. 1502 * It is forbidden 1503 */ 1504 if (!ossl_assert(type == EVP_PKEY_NONE || keymgmt == NULL) 1505 || !ossl_assert(e == NULL || keymgmt == NULL)) { 1506 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 1507 return 0; 1508 } 1509 1510 if (pkey != NULL) { 1511 int free_it = 0; 1512 1513 #ifndef FIPS_MODULE 1514 free_it = free_it || pkey->pkey.ptr != NULL; 1515 #endif 1516 free_it = free_it || pkey->keydata != NULL; 1517 if (free_it) 1518 evp_pkey_free_it(pkey); 1519 #ifndef FIPS_MODULE 1520 /* 1521 * If key type matches and a method exists then this lookup has 1522 * succeeded once so just indicate success. 1523 */ 1524 if (pkey->type != EVP_PKEY_NONE 1525 && type == pkey->save_type 1526 && pkey->ameth != NULL) 1527 return 1; 1528 # ifndef OPENSSL_NO_ENGINE 1529 /* If we have ENGINEs release them */ 1530 ENGINE_finish(pkey->engine); 1531 pkey->engine = NULL; 1532 ENGINE_finish(pkey->pmeth_engine); 1533 pkey->pmeth_engine = NULL; 1534 # endif 1535 #endif 1536 } 1537 #ifndef FIPS_MODULE 1538 if (str != NULL) 1539 ameth = EVP_PKEY_asn1_find_str(eptr, str, len); 1540 else if (type != EVP_PKEY_NONE) 1541 ameth = EVP_PKEY_asn1_find(eptr, type); 1542 # ifndef OPENSSL_NO_ENGINE 1543 if (pkey == NULL && eptr != NULL) 1544 ENGINE_finish(e); 1545 # endif 1546 #endif 1547 1548 1549 { 1550 int check = 1; 1551 1552 #ifndef FIPS_MODULE 1553 check = check && ameth == NULL; 1554 #endif 1555 check = check && keymgmt == NULL; 1556 if (check) { 1557 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM); 1558 return 0; 1559 } 1560 } 1561 if (pkey != NULL) { 1562 if (keymgmt != NULL && !EVP_KEYMGMT_up_ref(keymgmt)) { 1563 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 1564 return 0; 1565 } 1566 1567 pkey->keymgmt = keymgmt; 1568 1569 pkey->save_type = type; 1570 pkey->type = type; 1571 1572 #ifndef FIPS_MODULE 1573 /* 1574 * If the internal "origin" key is provider side, don't save |ameth|. 1575 * The main reason is that |ameth| is one factor to detect that the 1576 * internal "origin" key is a legacy one. 1577 */ 1578 if (keymgmt == NULL) 1579 pkey->ameth = ameth; 1580 1581 /* 1582 * The EVP_PKEY_ASN1_METHOD |pkey_id| retains its legacy key purpose 1583 * for any key type that has a legacy implementation, regardless of 1584 * if the internal key is a legacy or a provider side one. When 1585 * there is no legacy implementation for the key, the type becomes 1586 * EVP_PKEY_KEYMGMT, which indicates that one should be cautious 1587 * with functions that expect legacy internal keys. 1588 */ 1589 if (ameth != NULL) { 1590 if (type == EVP_PKEY_NONE) 1591 pkey->type = ameth->pkey_id; 1592 } else { 1593 pkey->type = EVP_PKEY_KEYMGMT; 1594 } 1595 # ifndef OPENSSL_NO_ENGINE 1596 if (eptr == NULL && e != NULL && !ENGINE_init(e)) { 1597 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); 1598 return 0; 1599 } 1600 # endif 1601 pkey->engine = e; 1602 #endif 1603 } 1604 return 1; 1605 } 1606 1607 #ifndef FIPS_MODULE 1608 static void find_ameth(const char *name, void *data) 1609 { 1610 const char **str = data; 1611 1612 /* 1613 * The error messages from pkey_set_type() are uninteresting here, 1614 * and misleading. 1615 */ 1616 ERR_set_mark(); 1617 1618 if (pkey_set_type(NULL, NULL, EVP_PKEY_NONE, name, strlen(name), 1619 NULL)) { 1620 if (str[0] == NULL) 1621 str[0] = name; 1622 else if (str[1] == NULL) 1623 str[1] = name; 1624 } 1625 1626 ERR_pop_to_mark(); 1627 } 1628 #endif 1629 1630 int EVP_PKEY_set_type_by_keymgmt(EVP_PKEY *pkey, EVP_KEYMGMT *keymgmt) 1631 { 1632 #ifndef FIPS_MODULE 1633 # define EVP_PKEY_TYPE_STR str[0] 1634 # define EVP_PKEY_TYPE_STRLEN (str[0] == NULL ? -1 : (int)strlen(str[0])) 1635 /* 1636 * Find at most two strings that have an associated EVP_PKEY_ASN1_METHOD 1637 * Ideally, only one should be found. If two (or more) are found, the 1638 * match is ambiguous. This should never happen, but... 1639 */ 1640 const char *str[2] = { NULL, NULL }; 1641 1642 if (!EVP_KEYMGMT_names_do_all(keymgmt, find_ameth, &str) 1643 || str[1] != NULL) { 1644 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 1645 return 0; 1646 } 1647 #else 1648 # define EVP_PKEY_TYPE_STR NULL 1649 # define EVP_PKEY_TYPE_STRLEN -1 1650 #endif 1651 return pkey_set_type(pkey, NULL, EVP_PKEY_NONE, 1652 EVP_PKEY_TYPE_STR, EVP_PKEY_TYPE_STRLEN, 1653 keymgmt); 1654 1655 #undef EVP_PKEY_TYPE_STR 1656 #undef EVP_PKEY_TYPE_STRLEN 1657 } 1658 1659 int EVP_PKEY_up_ref(EVP_PKEY *pkey) 1660 { 1661 int i; 1662 1663 if (CRYPTO_UP_REF(&pkey->references, &i, pkey->lock) <= 0) 1664 return 0; 1665 1666 REF_PRINT_COUNT("EVP_PKEY", pkey); 1667 REF_ASSERT_ISNT(i < 2); 1668 return ((i > 1) ? 1 : 0); 1669 } 1670 1671 #ifndef FIPS_MODULE 1672 EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey) 1673 { 1674 EVP_PKEY *dup_pk; 1675 1676 if (pkey == NULL) { 1677 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER); 1678 return NULL; 1679 } 1680 1681 if ((dup_pk = EVP_PKEY_new()) == NULL) 1682 return NULL; 1683 1684 if (evp_pkey_is_blank(pkey)) 1685 goto done; 1686 1687 if (evp_pkey_is_provided(pkey)) { 1688 if (!evp_keymgmt_util_copy(dup_pk, pkey, 1689 OSSL_KEYMGMT_SELECT_ALL)) 1690 goto err; 1691 goto done; 1692 } 1693 1694 if (evp_pkey_is_legacy(pkey)) { 1695 const EVP_PKEY_ASN1_METHOD *ameth = pkey->ameth; 1696 1697 if (ameth == NULL || ameth->copy == NULL) { 1698 if (pkey->pkey.ptr == NULL /* empty key, just set type */ 1699 && EVP_PKEY_set_type(dup_pk, pkey->type) != 0) 1700 goto done; 1701 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE); 1702 goto err; 1703 } 1704 if (!ameth->copy(dup_pk, pkey)) 1705 goto err; 1706 goto done; 1707 } 1708 1709 goto err; 1710 done: 1711 /* copy auxiliary data */ 1712 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, 1713 &dup_pk->ex_data, &pkey->ex_data)) 1714 goto err; 1715 1716 if (pkey->attributes != NULL) { 1717 if ((dup_pk->attributes = ossl_x509at_dup(pkey->attributes)) == NULL) 1718 goto err; 1719 } 1720 return dup_pk; 1721 err: 1722 EVP_PKEY_free(dup_pk); 1723 return NULL; 1724 } 1725 1726 void evp_pkey_free_legacy(EVP_PKEY *x) 1727 { 1728 const EVP_PKEY_ASN1_METHOD *ameth = x->ameth; 1729 ENGINE *tmpe = NULL; 1730 1731 if (ameth == NULL && x->legacy_cache_pkey.ptr != NULL) 1732 ameth = EVP_PKEY_asn1_find(&tmpe, x->type); 1733 1734 if (ameth != NULL) { 1735 if (x->legacy_cache_pkey.ptr != NULL) { 1736 /* 1737 * We should never have both a legacy origin key, and a key in the 1738 * legacy cache. 1739 */ 1740 assert(x->pkey.ptr == NULL); 1741 /* 1742 * For the purposes of freeing we make the legacy cache look like 1743 * a legacy origin key. 1744 */ 1745 x->pkey = x->legacy_cache_pkey; 1746 x->legacy_cache_pkey.ptr = NULL; 1747 } 1748 if (ameth->pkey_free != NULL) 1749 ameth->pkey_free(x); 1750 x->pkey.ptr = NULL; 1751 } 1752 # ifndef OPENSSL_NO_ENGINE 1753 ENGINE_finish(tmpe); 1754 ENGINE_finish(x->engine); 1755 x->engine = NULL; 1756 ENGINE_finish(x->pmeth_engine); 1757 x->pmeth_engine = NULL; 1758 # endif 1759 } 1760 #endif /* FIPS_MODULE */ 1761 1762 static void evp_pkey_free_it(EVP_PKEY *x) 1763 { 1764 /* internal function; x is never NULL */ 1765 evp_keymgmt_util_clear_operation_cache(x, 1); 1766 #ifndef FIPS_MODULE 1767 evp_pkey_free_legacy(x); 1768 #endif 1769 1770 if (x->keymgmt != NULL) { 1771 evp_keymgmt_freedata(x->keymgmt, x->keydata); 1772 EVP_KEYMGMT_free(x->keymgmt); 1773 x->keymgmt = NULL; 1774 x->keydata = NULL; 1775 } 1776 x->type = EVP_PKEY_NONE; 1777 } 1778 1779 void EVP_PKEY_free(EVP_PKEY *x) 1780 { 1781 int i; 1782 1783 if (x == NULL) 1784 return; 1785 1786 CRYPTO_DOWN_REF(&x->references, &i, x->lock); 1787 REF_PRINT_COUNT("EVP_PKEY", x); 1788 if (i > 0) 1789 return; 1790 REF_ASSERT_ISNT(i < 0); 1791 evp_pkey_free_it(x); 1792 #ifndef FIPS_MODULE 1793 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, x, &x->ex_data); 1794 #endif 1795 CRYPTO_THREAD_lock_free(x->lock); 1796 #ifndef FIPS_MODULE 1797 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); 1798 #endif 1799 OPENSSL_free(x); 1800 } 1801 1802 int EVP_PKEY_get_size(const EVP_PKEY *pkey) 1803 { 1804 int size = 0; 1805 1806 if (pkey != NULL) { 1807 size = pkey->cache.size; 1808 #ifndef FIPS_MODULE 1809 if (pkey->ameth != NULL && pkey->ameth->pkey_size != NULL) 1810 size = pkey->ameth->pkey_size(pkey); 1811 #endif 1812 } 1813 return size < 0 ? 0 : size; 1814 } 1815 1816 const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey) 1817 { 1818 if (!evp_pkey_is_assigned(pkey)) 1819 return NULL; 1820 1821 if (evp_pkey_is_provided(pkey) && pkey->keymgmt->description != NULL) 1822 return pkey->keymgmt->description; 1823 #ifndef FIPS_MODULE 1824 if (pkey->ameth != NULL) 1825 return pkey->ameth->info; 1826 #endif 1827 return NULL; 1828 } 1829 1830 void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, 1831 EVP_KEYMGMT **keymgmt, 1832 const char *propquery) 1833 { 1834 EVP_KEYMGMT *allocated_keymgmt = NULL; 1835 EVP_KEYMGMT *tmp_keymgmt = NULL; 1836 int selection = OSSL_KEYMGMT_SELECT_ALL; 1837 void *keydata = NULL; 1838 int check; 1839 1840 if (pk == NULL) 1841 return NULL; 1842 1843 /* No key data => nothing to export */ 1844 check = 1; 1845 #ifndef FIPS_MODULE 1846 check = check && pk->pkey.ptr == NULL; 1847 #endif 1848 check = check && pk->keydata == NULL; 1849 if (check) 1850 return NULL; 1851 1852 #ifndef FIPS_MODULE 1853 if (pk->pkey.ptr != NULL) { 1854 /* 1855 * If the legacy key doesn't have an dirty counter or export function, 1856 * give up 1857 */ 1858 if (pk->ameth->dirty_cnt == NULL || pk->ameth->export_to == NULL) 1859 return NULL; 1860 } 1861 #endif 1862 1863 if (keymgmt != NULL) { 1864 tmp_keymgmt = *keymgmt; 1865 *keymgmt = NULL; 1866 } 1867 1868 /* 1869 * If no keymgmt was given or found, get a default keymgmt. We do so by 1870 * letting EVP_PKEY_CTX_new_from_pkey() do it for us, then we steal it. 1871 */ 1872 if (tmp_keymgmt == NULL) { 1873 EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pk, propquery); 1874 1875 if (ctx == NULL) 1876 goto end; 1877 allocated_keymgmt = tmp_keymgmt = ctx->keymgmt; 1878 ctx->keymgmt = NULL; 1879 EVP_PKEY_CTX_free(ctx); 1880 } 1881 1882 /* If there's still no keymgmt to be had, give up */ 1883 if (tmp_keymgmt == NULL) 1884 goto end; 1885 1886 #ifndef FIPS_MODULE 1887 if (pk->pkey.ptr != NULL) { 1888 OP_CACHE_ELEM *op; 1889 1890 /* 1891 * If the legacy "origin" hasn't changed since last time, we try 1892 * to find our keymgmt in the operation cache. If it has changed, 1893 * |i| remains zero, and we will clear the cache further down. 1894 */ 1895 if (pk->ameth->dirty_cnt(pk) == pk->dirty_cnt_copy) { 1896 if (!CRYPTO_THREAD_read_lock(pk->lock)) 1897 goto end; 1898 op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt, 1899 selection); 1900 1901 /* 1902 * If |tmp_keymgmt| is present in the operation cache, it means 1903 * that export doesn't need to be redone. In that case, we take 1904 * token copies of the cached pointers, to have token success 1905 * values to return. 1906 */ 1907 if (op != NULL && op->keymgmt != NULL) { 1908 keydata = op->keydata; 1909 CRYPTO_THREAD_unlock(pk->lock); 1910 goto end; 1911 } 1912 CRYPTO_THREAD_unlock(pk->lock); 1913 } 1914 1915 /* Make sure that the keymgmt key type matches the legacy NID */ 1916 if (!EVP_KEYMGMT_is_a(tmp_keymgmt, OBJ_nid2sn(pk->type))) 1917 goto end; 1918 1919 if ((keydata = evp_keymgmt_newdata(tmp_keymgmt)) == NULL) 1920 goto end; 1921 1922 if (!pk->ameth->export_to(pk, keydata, tmp_keymgmt->import, 1923 libctx, propquery)) { 1924 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1925 keydata = NULL; 1926 goto end; 1927 } 1928 1929 /* 1930 * If the dirty counter changed since last time, then clear the 1931 * operation cache. In that case, we know that |i| is zero. Just 1932 * in case this is a re-export, we increment then decrement the 1933 * keymgmt reference counter. 1934 */ 1935 if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) { /* refcnt++ */ 1936 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1937 keydata = NULL; 1938 goto end; 1939 } 1940 1941 if (!CRYPTO_THREAD_write_lock(pk->lock)) 1942 goto end; 1943 if (pk->ameth->dirty_cnt(pk) != pk->dirty_cnt_copy 1944 && !evp_keymgmt_util_clear_operation_cache(pk, 0)) { 1945 CRYPTO_THREAD_unlock(pk->lock); 1946 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1947 keydata = NULL; 1948 EVP_KEYMGMT_free(tmp_keymgmt); 1949 goto end; 1950 } 1951 EVP_KEYMGMT_free(tmp_keymgmt); /* refcnt-- */ 1952 1953 /* Check to make sure some other thread didn't get there first */ 1954 op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt, selection); 1955 if (op != NULL && op->keymgmt != NULL) { 1956 void *tmp_keydata = op->keydata; 1957 1958 CRYPTO_THREAD_unlock(pk->lock); 1959 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1960 keydata = tmp_keydata; 1961 goto end; 1962 } 1963 1964 /* Add the new export to the operation cache */ 1965 if (!evp_keymgmt_util_cache_keydata(pk, tmp_keymgmt, keydata, 1966 selection)) { 1967 CRYPTO_THREAD_unlock(pk->lock); 1968 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1969 keydata = NULL; 1970 goto end; 1971 } 1972 1973 /* Synchronize the dirty count */ 1974 pk->dirty_cnt_copy = pk->ameth->dirty_cnt(pk); 1975 1976 CRYPTO_THREAD_unlock(pk->lock); 1977 goto end; 1978 } 1979 #endif /* FIPS_MODULE */ 1980 1981 keydata = evp_keymgmt_util_export_to_provider(pk, tmp_keymgmt, selection); 1982 1983 end: 1984 /* 1985 * If nothing was exported, |tmp_keymgmt| might point at a freed 1986 * EVP_KEYMGMT, so we clear it to be safe. It shouldn't be useful for 1987 * the caller either way in that case. 1988 */ 1989 if (keydata == NULL) 1990 tmp_keymgmt = NULL; 1991 1992 if (keymgmt != NULL && tmp_keymgmt != NULL) { 1993 *keymgmt = tmp_keymgmt; 1994 allocated_keymgmt = NULL; 1995 } 1996 1997 EVP_KEYMGMT_free(allocated_keymgmt); 1998 return keydata; 1999 } 2000 2001 #ifndef FIPS_MODULE 2002 int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src) 2003 { 2004 EVP_PKEY *allocpkey = NULL; 2005 2006 if (!ossl_assert(dest != NULL)) 2007 return 0; 2008 2009 if (evp_pkey_is_assigned(src) && evp_pkey_is_provided(src)) { 2010 EVP_KEYMGMT *keymgmt = src->keymgmt; 2011 void *keydata = src->keydata; 2012 int type = src->type; 2013 const char *keytype = NULL; 2014 2015 keytype = EVP_KEYMGMT_get0_name(keymgmt); 2016 2017 /* 2018 * If the type is EVP_PKEY_NONE, then we have a problem somewhere 2019 * else in our code. If it's not one of the well known EVP_PKEY_xxx 2020 * values, it should at least be EVP_PKEY_KEYMGMT at this point. 2021 * The check is kept as a safety measure. 2022 */ 2023 if (!ossl_assert(type != EVP_PKEY_NONE)) { 2024 ERR_raise_data(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR, 2025 "keymgmt key type = %s but legacy type = EVP_PKEY_NONE", 2026 keytype); 2027 return 0; 2028 } 2029 2030 /* Prefer the legacy key type name for error reporting */ 2031 if (type != EVP_PKEY_KEYMGMT) 2032 keytype = OBJ_nid2sn(type); 2033 2034 /* Make sure we have a clean slate to copy into */ 2035 if (*dest == NULL) { 2036 allocpkey = *dest = EVP_PKEY_new(); 2037 if (*dest == NULL) { 2038 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 2039 return 0; 2040 } 2041 } else { 2042 evp_pkey_free_it(*dest); 2043 } 2044 2045 if (EVP_PKEY_set_type(*dest, type)) { 2046 /* If the key is typed but empty, we're done */ 2047 if (keydata == NULL) 2048 return 1; 2049 2050 if ((*dest)->ameth->import_from == NULL) { 2051 ERR_raise_data(ERR_LIB_EVP, EVP_R_NO_IMPORT_FUNCTION, 2052 "key type = %s", keytype); 2053 } else { 2054 /* 2055 * We perform the export in the same libctx as the keymgmt 2056 * that we are using. 2057 */ 2058 OSSL_LIB_CTX *libctx = 2059 ossl_provider_libctx(keymgmt->prov); 2060 EVP_PKEY_CTX *pctx = 2061 EVP_PKEY_CTX_new_from_pkey(libctx, *dest, NULL); 2062 2063 if (pctx == NULL) 2064 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 2065 2066 if (pctx != NULL 2067 && evp_keymgmt_export(keymgmt, keydata, 2068 OSSL_KEYMGMT_SELECT_ALL, 2069 (*dest)->ameth->import_from, 2070 pctx)) { 2071 /* Synchronize the dirty count */ 2072 (*dest)->dirty_cnt_copy = (*dest)->ameth->dirty_cnt(*dest); 2073 2074 EVP_PKEY_CTX_free(pctx); 2075 return 1; 2076 } 2077 EVP_PKEY_CTX_free(pctx); 2078 } 2079 2080 ERR_raise_data(ERR_LIB_EVP, EVP_R_KEYMGMT_EXPORT_FAILURE, 2081 "key type = %s", keytype); 2082 } 2083 } 2084 2085 if (allocpkey != NULL) { 2086 EVP_PKEY_free(allocpkey); 2087 *dest = NULL; 2088 } 2089 return 0; 2090 } 2091 2092 void *evp_pkey_get_legacy(EVP_PKEY *pk) 2093 { 2094 EVP_PKEY *tmp_copy = NULL; 2095 void *ret = NULL; 2096 2097 if (!ossl_assert(pk != NULL)) 2098 return NULL; 2099 2100 /* 2101 * If this isn't an assigned provider side key, we just use any existing 2102 * origin legacy key. 2103 */ 2104 if (!evp_pkey_is_assigned(pk)) 2105 return NULL; 2106 if (!evp_pkey_is_provided(pk)) 2107 return pk->pkey.ptr; 2108 2109 if (!CRYPTO_THREAD_read_lock(pk->lock)) 2110 return NULL; 2111 2112 ret = pk->legacy_cache_pkey.ptr; 2113 2114 if (!CRYPTO_THREAD_unlock(pk->lock)) 2115 return NULL; 2116 2117 if (ret != NULL) 2118 return ret; 2119 2120 if (!evp_pkey_copy_downgraded(&tmp_copy, pk)) 2121 goto err; 2122 2123 if (!CRYPTO_THREAD_write_lock(pk->lock)) 2124 goto err; 2125 2126 /* Check again in case some other thread has updated it in the meantime */ 2127 ret = pk->legacy_cache_pkey.ptr; 2128 if (ret == NULL) { 2129 /* Steal the legacy key reference from the temporary copy */ 2130 ret = pk->legacy_cache_pkey.ptr = tmp_copy->pkey.ptr; 2131 tmp_copy->pkey.ptr = NULL; 2132 } 2133 2134 if (!CRYPTO_THREAD_unlock(pk->lock)) { 2135 ret = NULL; 2136 goto err; 2137 } 2138 2139 err: 2140 EVP_PKEY_free(tmp_copy); 2141 2142 return ret; 2143 } 2144 #endif /* FIPS_MODULE */ 2145 2146 int EVP_PKEY_get_bn_param(const EVP_PKEY *pkey, const char *key_name, 2147 BIGNUM **bn) 2148 { 2149 int ret = 0; 2150 OSSL_PARAM params[2]; 2151 unsigned char buffer[2048]; 2152 unsigned char *buf = NULL; 2153 size_t buf_sz = 0; 2154 2155 if (key_name == NULL 2156 || bn == NULL) 2157 return 0; 2158 2159 memset(buffer, 0, sizeof(buffer)); 2160 params[0] = OSSL_PARAM_construct_BN(key_name, buffer, sizeof(buffer)); 2161 params[1] = OSSL_PARAM_construct_end(); 2162 if (!EVP_PKEY_get_params(pkey, params)) { 2163 if (!OSSL_PARAM_modified(params) || params[0].return_size == 0) 2164 return 0; 2165 buf_sz = params[0].return_size; 2166 /* 2167 * If it failed because the buffer was too small then allocate the 2168 * required buffer size and retry. 2169 */ 2170 buf = OPENSSL_zalloc(buf_sz); 2171 if (buf == NULL) 2172 return 0; 2173 params[0].data = buf; 2174 params[0].data_size = buf_sz; 2175 2176 if (!EVP_PKEY_get_params(pkey, params)) 2177 goto err; 2178 } 2179 /* Fail if the param was not found */ 2180 if (!OSSL_PARAM_modified(params)) 2181 goto err; 2182 ret = OSSL_PARAM_get_BN(params, bn); 2183 err: 2184 if (buf != NULL) { 2185 if (OSSL_PARAM_modified(params)) 2186 OPENSSL_clear_free(buf, buf_sz); 2187 else 2188 OPENSSL_free(buf); 2189 } else if (OSSL_PARAM_modified(params)) { 2190 OPENSSL_cleanse(buffer, params[0].data_size); 2191 } 2192 return ret; 2193 } 2194 2195 int EVP_PKEY_get_octet_string_param(const EVP_PKEY *pkey, const char *key_name, 2196 unsigned char *buf, size_t max_buf_sz, 2197 size_t *out_len) 2198 { 2199 OSSL_PARAM params[2]; 2200 int ret1 = 0, ret2 = 0; 2201 2202 if (key_name == NULL) 2203 return 0; 2204 2205 params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, max_buf_sz); 2206 params[1] = OSSL_PARAM_construct_end(); 2207 if ((ret1 = EVP_PKEY_get_params(pkey, params))) 2208 ret2 = OSSL_PARAM_modified(params); 2209 if (ret2 && out_len != NULL) 2210 *out_len = params[0].return_size; 2211 return ret1 && ret2; 2212 } 2213 2214 int EVP_PKEY_get_utf8_string_param(const EVP_PKEY *pkey, const char *key_name, 2215 char *str, size_t max_buf_sz, 2216 size_t *out_len) 2217 { 2218 OSSL_PARAM params[2]; 2219 int ret1 = 0, ret2 = 0; 2220 2221 if (key_name == NULL) 2222 return 0; 2223 2224 params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, max_buf_sz); 2225 params[1] = OSSL_PARAM_construct_end(); 2226 if ((ret1 = EVP_PKEY_get_params(pkey, params))) 2227 ret2 = OSSL_PARAM_modified(params); 2228 if (ret2 && out_len != NULL) 2229 *out_len = params[0].return_size; 2230 2231 if (ret2 && params[0].return_size == max_buf_sz) 2232 /* There was no space for a NUL byte */ 2233 return 0; 2234 /* Add a terminating NUL byte for good measure */ 2235 if (ret2 && str != NULL) 2236 str[params[0].return_size] = '\0'; 2237 2238 return ret1 && ret2; 2239 } 2240 2241 int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name, 2242 int *out) 2243 { 2244 OSSL_PARAM params[2]; 2245 2246 if (key_name == NULL) 2247 return 0; 2248 2249 params[0] = OSSL_PARAM_construct_int(key_name, out); 2250 params[1] = OSSL_PARAM_construct_end(); 2251 return EVP_PKEY_get_params(pkey, params) 2252 && OSSL_PARAM_modified(params); 2253 } 2254 2255 int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name, 2256 size_t *out) 2257 { 2258 OSSL_PARAM params[2]; 2259 2260 if (key_name == NULL) 2261 return 0; 2262 2263 params[0] = OSSL_PARAM_construct_size_t(key_name, out); 2264 params[1] = OSSL_PARAM_construct_end(); 2265 return EVP_PKEY_get_params(pkey, params) 2266 && OSSL_PARAM_modified(params); 2267 } 2268 2269 int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in) 2270 { 2271 OSSL_PARAM params[2]; 2272 2273 if (key_name == NULL) 2274 return 0; 2275 2276 params[0] = OSSL_PARAM_construct_int(key_name, &in); 2277 params[1] = OSSL_PARAM_construct_end(); 2278 return EVP_PKEY_set_params(pkey, params); 2279 } 2280 2281 int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in) 2282 { 2283 OSSL_PARAM params[2]; 2284 2285 if (key_name == NULL) 2286 return 0; 2287 2288 params[0] = OSSL_PARAM_construct_size_t(key_name, &in); 2289 params[1] = OSSL_PARAM_construct_end(); 2290 return EVP_PKEY_set_params(pkey, params); 2291 } 2292 2293 int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, 2294 const BIGNUM *bn) 2295 { 2296 OSSL_PARAM params[2]; 2297 unsigned char buffer[2048]; 2298 int bsize = 0; 2299 2300 if (key_name == NULL 2301 || bn == NULL 2302 || pkey == NULL 2303 || !evp_pkey_is_assigned(pkey)) 2304 return 0; 2305 2306 bsize = BN_num_bytes(bn); 2307 if (!ossl_assert(bsize <= (int)sizeof(buffer))) 2308 return 0; 2309 2310 if (BN_bn2nativepad(bn, buffer, bsize) < 0) 2311 return 0; 2312 params[0] = OSSL_PARAM_construct_BN(key_name, buffer, bsize); 2313 params[1] = OSSL_PARAM_construct_end(); 2314 return EVP_PKEY_set_params(pkey, params); 2315 } 2316 2317 int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name, 2318 const char *str) 2319 { 2320 OSSL_PARAM params[2]; 2321 2322 if (key_name == NULL) 2323 return 0; 2324 2325 params[0] = OSSL_PARAM_construct_utf8_string(key_name, (char *)str, 0); 2326 params[1] = OSSL_PARAM_construct_end(); 2327 return EVP_PKEY_set_params(pkey, params); 2328 } 2329 2330 int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, 2331 const unsigned char *buf, size_t bsize) 2332 { 2333 OSSL_PARAM params[2]; 2334 2335 if (key_name == NULL) 2336 return 0; 2337 2338 params[0] = OSSL_PARAM_construct_octet_string(key_name, 2339 (unsigned char *)buf, bsize); 2340 params[1] = OSSL_PARAM_construct_end(); 2341 return EVP_PKEY_set_params(pkey, params); 2342 } 2343 2344 const OSSL_PARAM *EVP_PKEY_settable_params(const EVP_PKEY *pkey) 2345 { 2346 return (pkey != NULL && evp_pkey_is_provided(pkey)) 2347 ? EVP_KEYMGMT_settable_params(pkey->keymgmt) 2348 : NULL; 2349 } 2350 2351 int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]) 2352 { 2353 if (pkey != NULL) { 2354 if (evp_pkey_is_provided(pkey)) { 2355 pkey->dirty_cnt++; 2356 return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); 2357 } 2358 #ifndef FIPS_MODULE 2359 /* 2360 * We will hopefully never find the need to set individual data in 2361 * EVP_PKEYs with a legacy internal key, but we can't be entirely 2362 * sure. This bit of code can be enabled if we find the need. If 2363 * not, it can safely be removed when #legacy support is removed. 2364 */ 2365 # if 0 2366 else if (evp_pkey_is_legacy(pkey)) { 2367 return evp_pkey_set_params_to_ctrl(pkey, params); 2368 } 2369 # endif 2370 #endif 2371 } 2372 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY); 2373 return 0; 2374 } 2375 2376 const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey) 2377 { 2378 return (pkey != NULL && evp_pkey_is_provided(pkey)) 2379 ? EVP_KEYMGMT_gettable_params(pkey->keymgmt) 2380 : NULL; 2381 } 2382 2383 int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[]) 2384 { 2385 if (pkey != NULL) { 2386 if (evp_pkey_is_provided(pkey)) 2387 return evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params) > 0; 2388 #ifndef FIPS_MODULE 2389 else if (evp_pkey_is_legacy(pkey)) 2390 return evp_pkey_get_params_to_ctrl(pkey, params) > 0; 2391 #endif 2392 } 2393 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY); 2394 return 0; 2395 } 2396 2397 #ifndef FIPS_MODULE 2398 int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey) 2399 { 2400 char name[80]; 2401 size_t name_len; 2402 2403 if (pkey == NULL) 2404 return 0; 2405 2406 if (pkey->keymgmt == NULL 2407 || pkey->keydata == NULL) { 2408 # ifndef OPENSSL_NO_EC 2409 /* Might work through the legacy route */ 2410 const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); 2411 2412 if (ec == NULL) 2413 return 0; 2414 2415 return EC_KEY_get_conv_form(ec); 2416 # else 2417 return 0; 2418 # endif 2419 } 2420 2421 if (!EVP_PKEY_get_utf8_string_param(pkey, 2422 OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, 2423 name, sizeof(name), &name_len)) 2424 return 0; 2425 2426 if (strcmp(name, "uncompressed") == 0) 2427 return POINT_CONVERSION_UNCOMPRESSED; 2428 2429 if (strcmp(name, "compressed") == 0) 2430 return POINT_CONVERSION_COMPRESSED; 2431 2432 if (strcmp(name, "hybrid") == 0) 2433 return POINT_CONVERSION_HYBRID; 2434 2435 return 0; 2436 } 2437 2438 int EVP_PKEY_get_field_type(const EVP_PKEY *pkey) 2439 { 2440 char fstr[80]; 2441 size_t fstrlen; 2442 2443 if (pkey == NULL) 2444 return 0; 2445 2446 if (pkey->keymgmt == NULL 2447 || pkey->keydata == NULL) { 2448 # ifndef OPENSSL_NO_EC 2449 /* Might work through the legacy route */ 2450 const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); 2451 const EC_GROUP *grp; 2452 2453 if (ec == NULL) 2454 return 0; 2455 grp = EC_KEY_get0_group(ec); 2456 if (grp == NULL) 2457 return 0; 2458 2459 return EC_GROUP_get_field_type(grp); 2460 # else 2461 return 0; 2462 # endif 2463 } 2464 2465 if (!EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_EC_FIELD_TYPE, 2466 fstr, sizeof(fstr), &fstrlen)) 2467 return 0; 2468 2469 if (strcmp(fstr, SN_X9_62_prime_field) == 0) 2470 return NID_X9_62_prime_field; 2471 else if (strcmp(fstr, SN_X9_62_characteristic_two_field)) 2472 return NID_X9_62_characteristic_two_field; 2473 2474 return 0; 2475 } 2476 #endif 2477