1 /* 2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include "internal/cryptlib.h" 12 #include "internal/refcount.h" 13 #include <openssl/bn.h> 14 #include <openssl/err.h> 15 #include <openssl/objects.h> 16 #include <openssl/evp.h> 17 #include <openssl/x509.h> 18 #include <openssl/rsa.h> 19 #include <openssl/dsa.h> 20 #include <openssl/dh.h> 21 #include <openssl/cmac.h> 22 #include <openssl/engine.h> 23 24 #include "crypto/asn1.h" 25 #include "crypto/evp.h" 26 27 static void EVP_PKEY_free_it(EVP_PKEY *x); 28 29 int EVP_PKEY_bits(const EVP_PKEY *pkey) 30 { 31 if (pkey && pkey->ameth && pkey->ameth->pkey_bits) 32 return pkey->ameth->pkey_bits(pkey); 33 return 0; 34 } 35 36 int EVP_PKEY_security_bits(const EVP_PKEY *pkey) 37 { 38 if (pkey == NULL) 39 return 0; 40 if (!pkey->ameth || !pkey->ameth->pkey_security_bits) 41 return -2; 42 return pkey->ameth->pkey_security_bits(pkey); 43 } 44 45 int EVP_PKEY_size(const EVP_PKEY *pkey) 46 { 47 if (pkey && pkey->ameth && pkey->ameth->pkey_size) 48 return pkey->ameth->pkey_size(pkey); 49 return 0; 50 } 51 52 int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 53 { 54 #ifndef OPENSSL_NO_DSA 55 if (pkey->type == EVP_PKEY_DSA) { 56 int ret = pkey->save_parameters; 57 58 if (mode >= 0) 59 pkey->save_parameters = mode; 60 return ret; 61 } 62 #endif 63 #ifndef OPENSSL_NO_EC 64 if (pkey->type == EVP_PKEY_EC) { 65 int ret = pkey->save_parameters; 66 67 if (mode >= 0) 68 pkey->save_parameters = mode; 69 return ret; 70 } 71 #endif 72 return 0; 73 } 74 75 int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 76 { 77 if (to->type == EVP_PKEY_NONE) { 78 if (EVP_PKEY_set_type(to, from->type) == 0) 79 return 0; 80 } else if (to->type != from->type) { 81 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_KEY_TYPES); 82 goto err; 83 } 84 85 if (EVP_PKEY_missing_parameters(from)) { 86 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS); 87 goto err; 88 } 89 90 if (!EVP_PKEY_missing_parameters(to)) { 91 if (EVP_PKEY_cmp_parameters(to, from) == 1) 92 return 1; 93 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_PARAMETERS); 94 return 0; 95 } 96 97 if (from->ameth && from->ameth->param_copy) 98 return from->ameth->param_copy(to, from); 99 err: 100 return 0; 101 } 102 103 int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 104 { 105 if (pkey != NULL && pkey->ameth && pkey->ameth->param_missing) 106 return pkey->ameth->param_missing(pkey); 107 return 0; 108 } 109 110 int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 111 { 112 if (a->type != b->type) 113 return -1; 114 if (a->ameth && a->ameth->param_cmp) 115 return a->ameth->param_cmp(a, b); 116 return -2; 117 } 118 119 int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 120 { 121 if (a->type != b->type) 122 return -1; 123 124 if (a->ameth) { 125 int ret; 126 /* Compare parameters if the algorithm has them */ 127 if (a->ameth->param_cmp) { 128 ret = a->ameth->param_cmp(a, b); 129 if (ret <= 0) 130 return ret; 131 } 132 133 if (a->ameth->pub_cmp) 134 return a->ameth->pub_cmp(a, b); 135 } 136 137 return -2; 138 } 139 140 EVP_PKEY *EVP_PKEY_new(void) 141 { 142 EVP_PKEY *ret = OPENSSL_zalloc(sizeof(*ret)); 143 144 if (ret == NULL) { 145 EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE); 146 return NULL; 147 } 148 ret->type = EVP_PKEY_NONE; 149 ret->save_type = EVP_PKEY_NONE; 150 ret->references = 1; 151 ret->save_parameters = 1; 152 ret->lock = CRYPTO_THREAD_lock_new(); 153 if (ret->lock == NULL) { 154 EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE); 155 OPENSSL_free(ret); 156 return NULL; 157 } 158 return ret; 159 } 160 161 int EVP_PKEY_up_ref(EVP_PKEY *pkey) 162 { 163 int i; 164 165 if (CRYPTO_UP_REF(&pkey->references, &i, pkey->lock) <= 0) 166 return 0; 167 168 REF_PRINT_COUNT("EVP_PKEY", pkey); 169 REF_ASSERT_ISNT(i < 2); 170 return ((i > 1) ? 1 : 0); 171 } 172 173 /* 174 * Setup a public key ASN1 method and ENGINE from a NID or a string. If pkey 175 * is NULL just return 1 or 0 if the algorithm exists. 176 */ 177 178 static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, 179 int len) 180 { 181 const EVP_PKEY_ASN1_METHOD *ameth; 182 ENGINE **eptr = (e == NULL) ? &e : NULL; 183 184 if (pkey) { 185 if (pkey->pkey.ptr) 186 EVP_PKEY_free_it(pkey); 187 /* 188 * If key type matches and a method exists then this lookup has 189 * succeeded once so just indicate success. 190 */ 191 if ((type == pkey->save_type) && pkey->ameth) 192 return 1; 193 #ifndef OPENSSL_NO_ENGINE 194 /* If we have ENGINEs release them */ 195 ENGINE_finish(pkey->engine); 196 pkey->engine = NULL; 197 ENGINE_finish(pkey->pmeth_engine); 198 pkey->pmeth_engine = NULL; 199 #endif 200 } 201 if (str) 202 ameth = EVP_PKEY_asn1_find_str(eptr, str, len); 203 else 204 ameth = EVP_PKEY_asn1_find(eptr, type); 205 #ifndef OPENSSL_NO_ENGINE 206 if (pkey == NULL && eptr != NULL) 207 ENGINE_finish(e); 208 #endif 209 if (ameth == NULL) { 210 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM); 211 return 0; 212 } 213 if (pkey) { 214 pkey->ameth = ameth; 215 pkey->type = pkey->ameth->pkey_id; 216 pkey->save_type = type; 217 # ifndef OPENSSL_NO_ENGINE 218 if (eptr == NULL && e != NULL && !ENGINE_init(e)) { 219 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_INITIALIZATION_ERROR); 220 return 0; 221 } 222 # endif 223 pkey->engine = e; 224 } 225 return 1; 226 } 227 228 EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, 229 const unsigned char *priv, 230 size_t len) 231 { 232 EVP_PKEY *ret = EVP_PKEY_new(); 233 234 if (ret == NULL 235 || !pkey_set_type(ret, e, type, NULL, -1)) { 236 /* EVPerr already called */ 237 goto err; 238 } 239 240 if (ret->ameth->set_priv_key == NULL) { 241 EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY, 242 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 243 goto err; 244 } 245 246 if (!ret->ameth->set_priv_key(ret, priv, len)) { 247 EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY, EVP_R_KEY_SETUP_FAILED); 248 goto err; 249 } 250 251 return ret; 252 253 err: 254 EVP_PKEY_free(ret); 255 return NULL; 256 } 257 258 EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e, 259 const unsigned char *pub, 260 size_t len) 261 { 262 EVP_PKEY *ret = EVP_PKEY_new(); 263 264 if (ret == NULL 265 || !pkey_set_type(ret, e, type, NULL, -1)) { 266 /* EVPerr already called */ 267 goto err; 268 } 269 270 if (ret->ameth->set_pub_key == NULL) { 271 EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY, 272 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 273 goto err; 274 } 275 276 if (!ret->ameth->set_pub_key(ret, pub, len)) { 277 EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY, EVP_R_KEY_SETUP_FAILED); 278 goto err; 279 } 280 281 return ret; 282 283 err: 284 EVP_PKEY_free(ret); 285 return NULL; 286 } 287 288 int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv, 289 size_t *len) 290 { 291 if (pkey->ameth->get_priv_key == NULL) { 292 EVPerr(EVP_F_EVP_PKEY_GET_RAW_PRIVATE_KEY, 293 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 294 return 0; 295 } 296 297 if (!pkey->ameth->get_priv_key(pkey, priv, len)) { 298 EVPerr(EVP_F_EVP_PKEY_GET_RAW_PRIVATE_KEY, EVP_R_GET_RAW_KEY_FAILED); 299 return 0; 300 } 301 302 return 1; 303 } 304 305 int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub, 306 size_t *len) 307 { 308 if (pkey->ameth->get_pub_key == NULL) { 309 EVPerr(EVP_F_EVP_PKEY_GET_RAW_PUBLIC_KEY, 310 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 311 return 0; 312 } 313 314 if (!pkey->ameth->get_pub_key(pkey, pub, len)) { 315 EVPerr(EVP_F_EVP_PKEY_GET_RAW_PUBLIC_KEY, EVP_R_GET_RAW_KEY_FAILED); 316 return 0; 317 } 318 319 return 1; 320 } 321 322 EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, 323 size_t len, const EVP_CIPHER *cipher) 324 { 325 #ifndef OPENSSL_NO_CMAC 326 EVP_PKEY *ret = EVP_PKEY_new(); 327 CMAC_CTX *cmctx = CMAC_CTX_new(); 328 329 if (ret == NULL 330 || cmctx == NULL 331 || !pkey_set_type(ret, e, EVP_PKEY_CMAC, NULL, -1)) { 332 /* EVPerr already called */ 333 goto err; 334 } 335 336 if (!CMAC_Init(cmctx, priv, len, cipher, e)) { 337 EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, EVP_R_KEY_SETUP_FAILED); 338 goto err; 339 } 340 341 ret->pkey.ptr = cmctx; 342 return ret; 343 344 err: 345 EVP_PKEY_free(ret); 346 CMAC_CTX_free(cmctx); 347 return NULL; 348 #else 349 EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, 350 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 351 return NULL; 352 #endif 353 } 354 355 int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 356 { 357 return pkey_set_type(pkey, NULL, type, NULL, -1); 358 } 359 360 int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 361 { 362 return pkey_set_type(pkey, NULL, EVP_PKEY_NONE, str, len); 363 } 364 365 int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type) 366 { 367 if (pkey->type == type) { 368 return 1; /* it already is that type */ 369 } 370 371 /* 372 * The application is requesting to alias this to a different pkey type, 373 * but not one that resolves to the base type. 374 */ 375 if (EVP_PKEY_type(type) != EVP_PKEY_base_id(pkey)) { 376 EVPerr(EVP_F_EVP_PKEY_SET_ALIAS_TYPE, EVP_R_UNSUPPORTED_ALGORITHM); 377 return 0; 378 } 379 380 pkey->type = type; 381 return 1; 382 } 383 384 #ifndef OPENSSL_NO_ENGINE 385 int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *e) 386 { 387 if (e != NULL) { 388 if (!ENGINE_init(e)) { 389 EVPerr(EVP_F_EVP_PKEY_SET1_ENGINE, ERR_R_ENGINE_LIB); 390 return 0; 391 } 392 if (ENGINE_get_pkey_meth(e, pkey->type) == NULL) { 393 ENGINE_finish(e); 394 EVPerr(EVP_F_EVP_PKEY_SET1_ENGINE, EVP_R_UNSUPPORTED_ALGORITHM); 395 return 0; 396 } 397 } 398 ENGINE_finish(pkey->pmeth_engine); 399 pkey->pmeth_engine = e; 400 return 1; 401 } 402 403 ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey) 404 { 405 return pkey->engine; 406 } 407 #endif 408 int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 409 { 410 if (pkey == NULL || !EVP_PKEY_set_type(pkey, type)) 411 return 0; 412 pkey->pkey.ptr = key; 413 return (key != NULL); 414 } 415 416 void *EVP_PKEY_get0(const EVP_PKEY *pkey) 417 { 418 return pkey->pkey.ptr; 419 } 420 421 const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) 422 { 423 ASN1_OCTET_STRING *os = NULL; 424 if (pkey->type != EVP_PKEY_HMAC) { 425 EVPerr(EVP_F_EVP_PKEY_GET0_HMAC, EVP_R_EXPECTING_AN_HMAC_KEY); 426 return NULL; 427 } 428 os = EVP_PKEY_get0(pkey); 429 *len = os->length; 430 return os->data; 431 } 432 433 #ifndef OPENSSL_NO_POLY1305 434 const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len) 435 { 436 ASN1_OCTET_STRING *os = NULL; 437 if (pkey->type != EVP_PKEY_POLY1305) { 438 EVPerr(EVP_F_EVP_PKEY_GET0_POLY1305, EVP_R_EXPECTING_A_POLY1305_KEY); 439 return NULL; 440 } 441 os = EVP_PKEY_get0(pkey); 442 *len = os->length; 443 return os->data; 444 } 445 #endif 446 447 #ifndef OPENSSL_NO_SIPHASH 448 const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len) 449 { 450 ASN1_OCTET_STRING *os = NULL; 451 452 if (pkey->type != EVP_PKEY_SIPHASH) { 453 EVPerr(EVP_F_EVP_PKEY_GET0_SIPHASH, EVP_R_EXPECTING_A_SIPHASH_KEY); 454 return NULL; 455 } 456 os = EVP_PKEY_get0(pkey); 457 *len = os->length; 458 return os->data; 459 } 460 #endif 461 462 #ifndef OPENSSL_NO_RSA 463 int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) 464 { 465 int ret = EVP_PKEY_assign_RSA(pkey, key); 466 if (ret) 467 RSA_up_ref(key); 468 return ret; 469 } 470 471 RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) 472 { 473 if (pkey->type != EVP_PKEY_RSA && pkey->type != EVP_PKEY_RSA_PSS) { 474 EVPerr(EVP_F_EVP_PKEY_GET0_RSA, EVP_R_EXPECTING_AN_RSA_KEY); 475 return NULL; 476 } 477 return pkey->pkey.rsa; 478 } 479 480 RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) 481 { 482 RSA *ret = EVP_PKEY_get0_RSA(pkey); 483 if (ret != NULL) 484 RSA_up_ref(ret); 485 return ret; 486 } 487 #endif 488 489 #ifndef OPENSSL_NO_DSA 490 int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 491 { 492 int ret = EVP_PKEY_assign_DSA(pkey, key); 493 if (ret) 494 DSA_up_ref(key); 495 return ret; 496 } 497 498 DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey) 499 { 500 if (pkey->type != EVP_PKEY_DSA) { 501 EVPerr(EVP_F_EVP_PKEY_GET0_DSA, EVP_R_EXPECTING_A_DSA_KEY); 502 return NULL; 503 } 504 return pkey->pkey.dsa; 505 } 506 507 DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 508 { 509 DSA *ret = EVP_PKEY_get0_DSA(pkey); 510 if (ret != NULL) 511 DSA_up_ref(ret); 512 return ret; 513 } 514 #endif 515 516 #ifndef OPENSSL_NO_EC 517 518 int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) 519 { 520 int ret = EVP_PKEY_assign_EC_KEY(pkey, key); 521 if (ret) 522 EC_KEY_up_ref(key); 523 return ret; 524 } 525 526 EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) 527 { 528 if (EVP_PKEY_base_id(pkey) != EVP_PKEY_EC) { 529 EVPerr(EVP_F_EVP_PKEY_GET0_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); 530 return NULL; 531 } 532 return pkey->pkey.ec; 533 } 534 535 EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) 536 { 537 EC_KEY *ret = EVP_PKEY_get0_EC_KEY(pkey); 538 if (ret != NULL) 539 EC_KEY_up_ref(ret); 540 return ret; 541 } 542 #endif 543 544 #ifndef OPENSSL_NO_DH 545 546 int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) 547 { 548 int type = DH_get0_q(key) == NULL ? EVP_PKEY_DH : EVP_PKEY_DHX; 549 int ret = EVP_PKEY_assign(pkey, type, key); 550 551 if (ret) 552 DH_up_ref(key); 553 return ret; 554 } 555 556 DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey) 557 { 558 if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) { 559 EVPerr(EVP_F_EVP_PKEY_GET0_DH, EVP_R_EXPECTING_A_DH_KEY); 560 return NULL; 561 } 562 return pkey->pkey.dh; 563 } 564 565 DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) 566 { 567 DH *ret = EVP_PKEY_get0_DH(pkey); 568 if (ret != NULL) 569 DH_up_ref(ret); 570 return ret; 571 } 572 #endif 573 574 int EVP_PKEY_type(int type) 575 { 576 int ret; 577 const EVP_PKEY_ASN1_METHOD *ameth; 578 ENGINE *e; 579 ameth = EVP_PKEY_asn1_find(&e, type); 580 if (ameth) 581 ret = ameth->pkey_id; 582 else 583 ret = NID_undef; 584 #ifndef OPENSSL_NO_ENGINE 585 ENGINE_finish(e); 586 #endif 587 return ret; 588 } 589 590 int EVP_PKEY_id(const EVP_PKEY *pkey) 591 { 592 return pkey->type; 593 } 594 595 int EVP_PKEY_base_id(const EVP_PKEY *pkey) 596 { 597 return EVP_PKEY_type(pkey->type); 598 } 599 600 void EVP_PKEY_free(EVP_PKEY *x) 601 { 602 int i; 603 604 if (x == NULL) 605 return; 606 607 CRYPTO_DOWN_REF(&x->references, &i, x->lock); 608 REF_PRINT_COUNT("EVP_PKEY", x); 609 if (i > 0) 610 return; 611 REF_ASSERT_ISNT(i < 0); 612 EVP_PKEY_free_it(x); 613 CRYPTO_THREAD_lock_free(x->lock); 614 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); 615 OPENSSL_free(x); 616 } 617 618 static void EVP_PKEY_free_it(EVP_PKEY *x) 619 { 620 /* internal function; x is never NULL */ 621 if (x->ameth && x->ameth->pkey_free) { 622 x->ameth->pkey_free(x); 623 x->pkey.ptr = NULL; 624 } 625 #ifndef OPENSSL_NO_ENGINE 626 ENGINE_finish(x->engine); 627 x->engine = NULL; 628 ENGINE_finish(x->pmeth_engine); 629 x->pmeth_engine = NULL; 630 #endif 631 } 632 633 static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, 634 const char *kstr) 635 { 636 BIO_indent(out, indent, 128); 637 BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 638 kstr, OBJ_nid2ln(pkey->type)); 639 return 1; 640 } 641 642 int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, 643 int indent, ASN1_PCTX *pctx) 644 { 645 if (pkey->ameth && pkey->ameth->pub_print) 646 return pkey->ameth->pub_print(out, pkey, indent, pctx); 647 648 return unsup_alg(out, pkey, indent, "Public Key"); 649 } 650 651 int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, 652 int indent, ASN1_PCTX *pctx) 653 { 654 if (pkey->ameth && pkey->ameth->priv_print) 655 return pkey->ameth->priv_print(out, pkey, indent, pctx); 656 657 return unsup_alg(out, pkey, indent, "Private Key"); 658 } 659 660 int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, 661 int indent, ASN1_PCTX *pctx) 662 { 663 if (pkey->ameth && pkey->ameth->param_print) 664 return pkey->ameth->param_print(out, pkey, indent, pctx); 665 return unsup_alg(out, pkey, indent, "Parameters"); 666 } 667 668 static int evp_pkey_asn1_ctrl(EVP_PKEY *pkey, int op, int arg1, void *arg2) 669 { 670 if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL) 671 return -2; 672 return pkey->ameth->pkey_ctrl(pkey, op, arg1, arg2); 673 } 674 675 int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 676 { 677 return evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 0, pnid); 678 } 679 680 int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey, 681 const unsigned char *pt, size_t ptlen) 682 { 683 if (ptlen > INT_MAX) 684 return 0; 685 if (evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_SET1_TLS_ENCPT, ptlen, 686 (void *)pt) <= 0) 687 return 0; 688 return 1; 689 } 690 691 size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt) 692 { 693 int rv; 694 rv = evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_GET1_TLS_ENCPT, 0, ppt); 695 if (rv <= 0) 696 return 0; 697 return rv; 698 } 699