1 /* 2 * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include "internal/cryptlib.h" 12 #include "internal/refcount.h" 13 #include <openssl/bn.h> 14 #include <openssl/err.h> 15 #include <openssl/objects.h> 16 #include <openssl/evp.h> 17 #include <openssl/x509.h> 18 #include <openssl/rsa.h> 19 #include <openssl/dsa.h> 20 #include <openssl/dh.h> 21 #include <openssl/cmac.h> 22 #include <openssl/engine.h> 23 24 #include "crypto/asn1.h" 25 #include "crypto/evp.h" 26 27 static void EVP_PKEY_free_it(EVP_PKEY *x); 28 29 int EVP_PKEY_bits(const EVP_PKEY *pkey) 30 { 31 if (pkey && pkey->ameth && pkey->ameth->pkey_bits) 32 return pkey->ameth->pkey_bits(pkey); 33 return 0; 34 } 35 36 int EVP_PKEY_security_bits(const EVP_PKEY *pkey) 37 { 38 if (pkey == NULL) 39 return 0; 40 if (!pkey->ameth || !pkey->ameth->pkey_security_bits) 41 return -2; 42 return pkey->ameth->pkey_security_bits(pkey); 43 } 44 45 int EVP_PKEY_size(const EVP_PKEY *pkey) 46 { 47 if (pkey && pkey->ameth && pkey->ameth->pkey_size) 48 return pkey->ameth->pkey_size(pkey); 49 return 0; 50 } 51 52 int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 53 { 54 #ifndef OPENSSL_NO_DSA 55 if (pkey->type == EVP_PKEY_DSA) { 56 int ret = pkey->save_parameters; 57 58 if (mode >= 0) 59 pkey->save_parameters = mode; 60 return ret; 61 } 62 #endif 63 #ifndef OPENSSL_NO_EC 64 if (pkey->type == EVP_PKEY_EC) { 65 int ret = pkey->save_parameters; 66 67 if (mode >= 0) 68 pkey->save_parameters = mode; 69 return ret; 70 } 71 #endif 72 return 0; 73 } 74 75 int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 76 { 77 if (to->type == EVP_PKEY_NONE) { 78 if (EVP_PKEY_set_type(to, from->type) == 0) 79 return 0; 80 } else if (to->type != from->type) { 81 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_KEY_TYPES); 82 goto err; 83 } 84 85 if (EVP_PKEY_missing_parameters(from)) { 86 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS); 87 goto err; 88 } 89 90 if (!EVP_PKEY_missing_parameters(to)) { 91 if (EVP_PKEY_cmp_parameters(to, from) == 1) 92 return 1; 93 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_PARAMETERS); 94 return 0; 95 } 96 97 if (from->ameth && from->ameth->param_copy) 98 return from->ameth->param_copy(to, from); 99 err: 100 return 0; 101 } 102 103 int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 104 { 105 if (pkey != NULL && pkey->ameth && pkey->ameth->param_missing) 106 return pkey->ameth->param_missing(pkey); 107 return 0; 108 } 109 110 int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 111 { 112 if (a->type != b->type) 113 return -1; 114 if (a->ameth && a->ameth->param_cmp) 115 return a->ameth->param_cmp(a, b); 116 return -2; 117 } 118 119 int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 120 { 121 if (a->type != b->type) 122 return -1; 123 124 if (a->ameth) { 125 int ret; 126 /* Compare parameters if the algorithm has them */ 127 if (a->ameth->param_cmp) { 128 ret = a->ameth->param_cmp(a, b); 129 if (ret <= 0) 130 return ret; 131 } 132 133 if (a->ameth->pub_cmp) 134 return a->ameth->pub_cmp(a, b); 135 } 136 137 return -2; 138 } 139 140 EVP_PKEY *EVP_PKEY_new(void) 141 { 142 EVP_PKEY *ret = OPENSSL_zalloc(sizeof(*ret)); 143 144 if (ret == NULL) { 145 EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE); 146 return NULL; 147 } 148 ret->type = EVP_PKEY_NONE; 149 ret->save_type = EVP_PKEY_NONE; 150 ret->references = 1; 151 ret->save_parameters = 1; 152 ret->lock = CRYPTO_THREAD_lock_new(); 153 if (ret->lock == NULL) { 154 EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE); 155 OPENSSL_free(ret); 156 return NULL; 157 } 158 return ret; 159 } 160 161 int EVP_PKEY_up_ref(EVP_PKEY *pkey) 162 { 163 int i; 164 165 if (CRYPTO_UP_REF(&pkey->references, &i, pkey->lock) <= 0) 166 return 0; 167 168 REF_PRINT_COUNT("EVP_PKEY", pkey); 169 REF_ASSERT_ISNT(i < 2); 170 return ((i > 1) ? 1 : 0); 171 } 172 173 /* 174 * Setup a public key ASN1 method and ENGINE from a NID or a string. If pkey 175 * is NULL just return 1 or 0 if the algorithm exists. 176 */ 177 178 static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, 179 int len) 180 { 181 const EVP_PKEY_ASN1_METHOD *ameth; 182 ENGINE **eptr = (e == NULL) ? &e : NULL; 183 184 if (pkey) { 185 if (pkey->pkey.ptr) 186 EVP_PKEY_free_it(pkey); 187 /* 188 * If key type matches and a method exists then this lookup has 189 * succeeded once so just indicate success. 190 */ 191 if ((type == pkey->save_type) && pkey->ameth) 192 return 1; 193 #ifndef OPENSSL_NO_ENGINE 194 /* If we have ENGINEs release them */ 195 ENGINE_finish(pkey->engine); 196 pkey->engine = NULL; 197 ENGINE_finish(pkey->pmeth_engine); 198 pkey->pmeth_engine = NULL; 199 #endif 200 } 201 if (str) 202 ameth = EVP_PKEY_asn1_find_str(eptr, str, len); 203 else 204 ameth = EVP_PKEY_asn1_find(eptr, type); 205 #ifndef OPENSSL_NO_ENGINE 206 if (pkey == NULL && eptr != NULL) 207 ENGINE_finish(e); 208 #endif 209 if (ameth == NULL) { 210 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM); 211 return 0; 212 } 213 if (pkey) { 214 pkey->ameth = ameth; 215 pkey->engine = e; 216 217 pkey->type = pkey->ameth->pkey_id; 218 pkey->save_type = type; 219 } 220 return 1; 221 } 222 223 EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, 224 const unsigned char *priv, 225 size_t len) 226 { 227 EVP_PKEY *ret = EVP_PKEY_new(); 228 229 if (ret == NULL 230 || !pkey_set_type(ret, e, type, NULL, -1)) { 231 /* EVPerr already called */ 232 goto err; 233 } 234 235 if (ret->ameth->set_priv_key == NULL) { 236 EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY, 237 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 238 goto err; 239 } 240 241 if (!ret->ameth->set_priv_key(ret, priv, len)) { 242 EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY, EVP_R_KEY_SETUP_FAILED); 243 goto err; 244 } 245 246 return ret; 247 248 err: 249 EVP_PKEY_free(ret); 250 return NULL; 251 } 252 253 EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e, 254 const unsigned char *pub, 255 size_t len) 256 { 257 EVP_PKEY *ret = EVP_PKEY_new(); 258 259 if (ret == NULL 260 || !pkey_set_type(ret, e, type, NULL, -1)) { 261 /* EVPerr already called */ 262 goto err; 263 } 264 265 if (ret->ameth->set_pub_key == NULL) { 266 EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY, 267 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 268 goto err; 269 } 270 271 if (!ret->ameth->set_pub_key(ret, pub, len)) { 272 EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY, EVP_R_KEY_SETUP_FAILED); 273 goto err; 274 } 275 276 return ret; 277 278 err: 279 EVP_PKEY_free(ret); 280 return NULL; 281 } 282 283 int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv, 284 size_t *len) 285 { 286 if (pkey->ameth->get_priv_key == NULL) { 287 EVPerr(EVP_F_EVP_PKEY_GET_RAW_PRIVATE_KEY, 288 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 289 return 0; 290 } 291 292 if (!pkey->ameth->get_priv_key(pkey, priv, len)) { 293 EVPerr(EVP_F_EVP_PKEY_GET_RAW_PRIVATE_KEY, EVP_R_GET_RAW_KEY_FAILED); 294 return 0; 295 } 296 297 return 1; 298 } 299 300 int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub, 301 size_t *len) 302 { 303 if (pkey->ameth->get_pub_key == NULL) { 304 EVPerr(EVP_F_EVP_PKEY_GET_RAW_PUBLIC_KEY, 305 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 306 return 0; 307 } 308 309 if (!pkey->ameth->get_pub_key(pkey, pub, len)) { 310 EVPerr(EVP_F_EVP_PKEY_GET_RAW_PUBLIC_KEY, EVP_R_GET_RAW_KEY_FAILED); 311 return 0; 312 } 313 314 return 1; 315 } 316 317 EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, 318 size_t len, const EVP_CIPHER *cipher) 319 { 320 #ifndef OPENSSL_NO_CMAC 321 EVP_PKEY *ret = EVP_PKEY_new(); 322 CMAC_CTX *cmctx = CMAC_CTX_new(); 323 324 if (ret == NULL 325 || cmctx == NULL 326 || !pkey_set_type(ret, e, EVP_PKEY_CMAC, NULL, -1)) { 327 /* EVPerr already called */ 328 goto err; 329 } 330 331 if (!CMAC_Init(cmctx, priv, len, cipher, e)) { 332 EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, EVP_R_KEY_SETUP_FAILED); 333 goto err; 334 } 335 336 ret->pkey.ptr = cmctx; 337 return ret; 338 339 err: 340 EVP_PKEY_free(ret); 341 CMAC_CTX_free(cmctx); 342 return NULL; 343 #else 344 EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, 345 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 346 return NULL; 347 #endif 348 } 349 350 int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 351 { 352 return pkey_set_type(pkey, NULL, type, NULL, -1); 353 } 354 355 int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 356 { 357 return pkey_set_type(pkey, NULL, EVP_PKEY_NONE, str, len); 358 } 359 360 int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type) 361 { 362 if (pkey->type == type) { 363 return 1; /* it already is that type */ 364 } 365 366 /* 367 * The application is requesting to alias this to a different pkey type, 368 * but not one that resolves to the base type. 369 */ 370 if (EVP_PKEY_type(type) != EVP_PKEY_base_id(pkey)) { 371 EVPerr(EVP_F_EVP_PKEY_SET_ALIAS_TYPE, EVP_R_UNSUPPORTED_ALGORITHM); 372 return 0; 373 } 374 375 pkey->type = type; 376 return 1; 377 } 378 379 #ifndef OPENSSL_NO_ENGINE 380 int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *e) 381 { 382 if (e != NULL) { 383 if (!ENGINE_init(e)) { 384 EVPerr(EVP_F_EVP_PKEY_SET1_ENGINE, ERR_R_ENGINE_LIB); 385 return 0; 386 } 387 if (ENGINE_get_pkey_meth(e, pkey->type) == NULL) { 388 ENGINE_finish(e); 389 EVPerr(EVP_F_EVP_PKEY_SET1_ENGINE, EVP_R_UNSUPPORTED_ALGORITHM); 390 return 0; 391 } 392 } 393 ENGINE_finish(pkey->pmeth_engine); 394 pkey->pmeth_engine = e; 395 return 1; 396 } 397 398 ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey) 399 { 400 return pkey->engine; 401 } 402 #endif 403 int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 404 { 405 if (pkey == NULL || !EVP_PKEY_set_type(pkey, type)) 406 return 0; 407 pkey->pkey.ptr = key; 408 return (key != NULL); 409 } 410 411 void *EVP_PKEY_get0(const EVP_PKEY *pkey) 412 { 413 return pkey->pkey.ptr; 414 } 415 416 const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) 417 { 418 ASN1_OCTET_STRING *os = NULL; 419 if (pkey->type != EVP_PKEY_HMAC) { 420 EVPerr(EVP_F_EVP_PKEY_GET0_HMAC, EVP_R_EXPECTING_AN_HMAC_KEY); 421 return NULL; 422 } 423 os = EVP_PKEY_get0(pkey); 424 *len = os->length; 425 return os->data; 426 } 427 428 #ifndef OPENSSL_NO_POLY1305 429 const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len) 430 { 431 ASN1_OCTET_STRING *os = NULL; 432 if (pkey->type != EVP_PKEY_POLY1305) { 433 EVPerr(EVP_F_EVP_PKEY_GET0_POLY1305, EVP_R_EXPECTING_A_POLY1305_KEY); 434 return NULL; 435 } 436 os = EVP_PKEY_get0(pkey); 437 *len = os->length; 438 return os->data; 439 } 440 #endif 441 442 #ifndef OPENSSL_NO_SIPHASH 443 const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len) 444 { 445 ASN1_OCTET_STRING *os = NULL; 446 447 if (pkey->type != EVP_PKEY_SIPHASH) { 448 EVPerr(EVP_F_EVP_PKEY_GET0_SIPHASH, EVP_R_EXPECTING_A_SIPHASH_KEY); 449 return NULL; 450 } 451 os = EVP_PKEY_get0(pkey); 452 *len = os->length; 453 return os->data; 454 } 455 #endif 456 457 #ifndef OPENSSL_NO_RSA 458 int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) 459 { 460 int ret = EVP_PKEY_assign_RSA(pkey, key); 461 if (ret) 462 RSA_up_ref(key); 463 return ret; 464 } 465 466 RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) 467 { 468 if (pkey->type != EVP_PKEY_RSA && pkey->type != EVP_PKEY_RSA_PSS) { 469 EVPerr(EVP_F_EVP_PKEY_GET0_RSA, EVP_R_EXPECTING_AN_RSA_KEY); 470 return NULL; 471 } 472 return pkey->pkey.rsa; 473 } 474 475 RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) 476 { 477 RSA *ret = EVP_PKEY_get0_RSA(pkey); 478 if (ret != NULL) 479 RSA_up_ref(ret); 480 return ret; 481 } 482 #endif 483 484 #ifndef OPENSSL_NO_DSA 485 int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 486 { 487 int ret = EVP_PKEY_assign_DSA(pkey, key); 488 if (ret) 489 DSA_up_ref(key); 490 return ret; 491 } 492 493 DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey) 494 { 495 if (pkey->type != EVP_PKEY_DSA) { 496 EVPerr(EVP_F_EVP_PKEY_GET0_DSA, EVP_R_EXPECTING_A_DSA_KEY); 497 return NULL; 498 } 499 return pkey->pkey.dsa; 500 } 501 502 DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 503 { 504 DSA *ret = EVP_PKEY_get0_DSA(pkey); 505 if (ret != NULL) 506 DSA_up_ref(ret); 507 return ret; 508 } 509 #endif 510 511 #ifndef OPENSSL_NO_EC 512 513 int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) 514 { 515 int ret = EVP_PKEY_assign_EC_KEY(pkey, key); 516 if (ret) 517 EC_KEY_up_ref(key); 518 return ret; 519 } 520 521 EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) 522 { 523 if (pkey->type != EVP_PKEY_EC) { 524 EVPerr(EVP_F_EVP_PKEY_GET0_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); 525 return NULL; 526 } 527 return pkey->pkey.ec; 528 } 529 530 EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) 531 { 532 EC_KEY *ret = EVP_PKEY_get0_EC_KEY(pkey); 533 if (ret != NULL) 534 EC_KEY_up_ref(ret); 535 return ret; 536 } 537 #endif 538 539 #ifndef OPENSSL_NO_DH 540 541 int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) 542 { 543 int type = DH_get0_q(key) == NULL ? EVP_PKEY_DH : EVP_PKEY_DHX; 544 int ret = EVP_PKEY_assign(pkey, type, key); 545 546 if (ret) 547 DH_up_ref(key); 548 return ret; 549 } 550 551 DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey) 552 { 553 if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) { 554 EVPerr(EVP_F_EVP_PKEY_GET0_DH, EVP_R_EXPECTING_A_DH_KEY); 555 return NULL; 556 } 557 return pkey->pkey.dh; 558 } 559 560 DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) 561 { 562 DH *ret = EVP_PKEY_get0_DH(pkey); 563 if (ret != NULL) 564 DH_up_ref(ret); 565 return ret; 566 } 567 #endif 568 569 int EVP_PKEY_type(int type) 570 { 571 int ret; 572 const EVP_PKEY_ASN1_METHOD *ameth; 573 ENGINE *e; 574 ameth = EVP_PKEY_asn1_find(&e, type); 575 if (ameth) 576 ret = ameth->pkey_id; 577 else 578 ret = NID_undef; 579 #ifndef OPENSSL_NO_ENGINE 580 ENGINE_finish(e); 581 #endif 582 return ret; 583 } 584 585 int EVP_PKEY_id(const EVP_PKEY *pkey) 586 { 587 return pkey->type; 588 } 589 590 int EVP_PKEY_base_id(const EVP_PKEY *pkey) 591 { 592 return EVP_PKEY_type(pkey->type); 593 } 594 595 void EVP_PKEY_free(EVP_PKEY *x) 596 { 597 int i; 598 599 if (x == NULL) 600 return; 601 602 CRYPTO_DOWN_REF(&x->references, &i, x->lock); 603 REF_PRINT_COUNT("EVP_PKEY", x); 604 if (i > 0) 605 return; 606 REF_ASSERT_ISNT(i < 0); 607 EVP_PKEY_free_it(x); 608 CRYPTO_THREAD_lock_free(x->lock); 609 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); 610 OPENSSL_free(x); 611 } 612 613 static void EVP_PKEY_free_it(EVP_PKEY *x) 614 { 615 /* internal function; x is never NULL */ 616 if (x->ameth && x->ameth->pkey_free) { 617 x->ameth->pkey_free(x); 618 x->pkey.ptr = NULL; 619 } 620 #ifndef OPENSSL_NO_ENGINE 621 ENGINE_finish(x->engine); 622 x->engine = NULL; 623 ENGINE_finish(x->pmeth_engine); 624 x->pmeth_engine = NULL; 625 #endif 626 } 627 628 static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, 629 const char *kstr) 630 { 631 BIO_indent(out, indent, 128); 632 BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 633 kstr, OBJ_nid2ln(pkey->type)); 634 return 1; 635 } 636 637 int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, 638 int indent, ASN1_PCTX *pctx) 639 { 640 if (pkey->ameth && pkey->ameth->pub_print) 641 return pkey->ameth->pub_print(out, pkey, indent, pctx); 642 643 return unsup_alg(out, pkey, indent, "Public Key"); 644 } 645 646 int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, 647 int indent, ASN1_PCTX *pctx) 648 { 649 if (pkey->ameth && pkey->ameth->priv_print) 650 return pkey->ameth->priv_print(out, pkey, indent, pctx); 651 652 return unsup_alg(out, pkey, indent, "Private Key"); 653 } 654 655 int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, 656 int indent, ASN1_PCTX *pctx) 657 { 658 if (pkey->ameth && pkey->ameth->param_print) 659 return pkey->ameth->param_print(out, pkey, indent, pctx); 660 return unsup_alg(out, pkey, indent, "Parameters"); 661 } 662 663 static int evp_pkey_asn1_ctrl(EVP_PKEY *pkey, int op, int arg1, void *arg2) 664 { 665 if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL) 666 return -2; 667 return pkey->ameth->pkey_ctrl(pkey, op, arg1, arg2); 668 } 669 670 int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 671 { 672 return evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 0, pnid); 673 } 674 675 int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey, 676 const unsigned char *pt, size_t ptlen) 677 { 678 if (ptlen > INT_MAX) 679 return 0; 680 if (evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_SET1_TLS_ENCPT, ptlen, 681 (void *)pt) <= 0) 682 return 0; 683 return 1; 684 } 685 686 size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt) 687 { 688 int rv; 689 rv = evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_GET1_TLS_ENCPT, 0, ppt); 690 if (rv <= 0) 691 return 0; 692 return rv; 693 } 694