1 /* 2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include "internal/cryptlib.h" 12 #include <openssl/asn1t.h> 13 #include <openssl/x509.h> 14 #include "internal/asn1_int.h" 15 #include "internal/evp_int.h" 16 #include "internal/x509_int.h" 17 #include <openssl/rsa.h> 18 #include <openssl/dsa.h> 19 20 struct X509_pubkey_st { 21 X509_ALGOR *algor; 22 ASN1_BIT_STRING *public_key; 23 EVP_PKEY *pkey; 24 }; 25 26 static int x509_pubkey_decode(EVP_PKEY **pk, X509_PUBKEY *key); 27 28 /* Minor tweak to operation: free up EVP_PKEY */ 29 static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 30 void *exarg) 31 { 32 if (operation == ASN1_OP_FREE_POST) { 33 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; 34 EVP_PKEY_free(pubkey->pkey); 35 } else if (operation == ASN1_OP_D2I_POST) { 36 /* Attempt to decode public key and cache in pubkey structure. */ 37 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; 38 EVP_PKEY_free(pubkey->pkey); 39 /* 40 * Opportunistically decode the key but remove any non fatal errors 41 * from the queue. Subsequent explicit attempts to decode/use the key 42 * will return an appropriate error. 43 */ 44 ERR_set_mark(); 45 if (x509_pubkey_decode(&pubkey->pkey, pubkey) == -1) 46 return 0; 47 ERR_pop_to_mark(); 48 } 49 return 1; 50 } 51 52 ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { 53 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR), 54 ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING) 55 } ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY) 56 57 IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY) 58 59 int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) 60 { 61 X509_PUBKEY *pk = NULL; 62 63 if (x == NULL) 64 return 0; 65 66 if ((pk = X509_PUBKEY_new()) == NULL) 67 goto error; 68 69 if (pkey->ameth) { 70 if (pkey->ameth->pub_encode) { 71 if (!pkey->ameth->pub_encode(pk, pkey)) { 72 X509err(X509_F_X509_PUBKEY_SET, 73 X509_R_PUBLIC_KEY_ENCODE_ERROR); 74 goto error; 75 } 76 } else { 77 X509err(X509_F_X509_PUBKEY_SET, X509_R_METHOD_NOT_SUPPORTED); 78 goto error; 79 } 80 } else { 81 X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM); 82 goto error; 83 } 84 85 X509_PUBKEY_free(*x); 86 *x = pk; 87 pk->pkey = pkey; 88 EVP_PKEY_up_ref(pkey); 89 return 1; 90 91 error: 92 X509_PUBKEY_free(pk); 93 return 0; 94 } 95 96 /* 97 * Attempt to decode a public key. 98 * Returns 1 on success, 0 for a decode failure and -1 for a fatal 99 * error e.g. malloc failure. 100 */ 101 102 103 static int x509_pubkey_decode(EVP_PKEY **ppkey, X509_PUBKEY *key) 104 { 105 EVP_PKEY *pkey = EVP_PKEY_new(); 106 107 if (pkey == NULL) { 108 X509err(X509_F_X509_PUBKEY_DECODE, ERR_R_MALLOC_FAILURE); 109 return -1; 110 } 111 112 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(key->algor->algorithm))) { 113 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_UNSUPPORTED_ALGORITHM); 114 goto error; 115 } 116 117 if (pkey->ameth->pub_decode) { 118 /* 119 * Treat any failure of pub_decode as a decode error. In 120 * future we could have different return codes for decode 121 * errors and fatal errors such as malloc failure. 122 */ 123 if (!pkey->ameth->pub_decode(pkey, key)) { 124 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_PUBLIC_KEY_DECODE_ERROR); 125 goto error; 126 } 127 } else { 128 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_METHOD_NOT_SUPPORTED); 129 goto error; 130 } 131 132 *ppkey = pkey; 133 return 1; 134 135 error: 136 EVP_PKEY_free(pkey); 137 return 0; 138 } 139 140 EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key) 141 { 142 EVP_PKEY *ret = NULL; 143 144 if (key == NULL || key->public_key == NULL) 145 return NULL; 146 147 if (key->pkey != NULL) 148 return key->pkey; 149 150 /* 151 * When the key ASN.1 is initially parsed an attempt is made to 152 * decode the public key and cache the EVP_PKEY structure. If this 153 * operation fails the cached value will be NULL. Parsing continues 154 * to allow parsing of unknown key types or unsupported forms. 155 * We repeat the decode operation so the appropriate errors are left 156 * in the queue. 157 */ 158 x509_pubkey_decode(&ret, key); 159 /* If decode doesn't fail something bad happened */ 160 if (ret != NULL) { 161 X509err(X509_F_X509_PUBKEY_GET0, ERR_R_INTERNAL_ERROR); 162 EVP_PKEY_free(ret); 163 } 164 165 return NULL; 166 } 167 168 EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) 169 { 170 EVP_PKEY *ret = X509_PUBKEY_get0(key); 171 if (ret != NULL) 172 EVP_PKEY_up_ref(ret); 173 return ret; 174 } 175 176 /* 177 * Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or 178 * decode as X509_PUBKEY 179 */ 180 181 EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length) 182 { 183 X509_PUBKEY *xpk; 184 EVP_PKEY *pktmp; 185 const unsigned char *q; 186 q = *pp; 187 xpk = d2i_X509_PUBKEY(NULL, &q, length); 188 if (!xpk) 189 return NULL; 190 pktmp = X509_PUBKEY_get(xpk); 191 X509_PUBKEY_free(xpk); 192 if (!pktmp) 193 return NULL; 194 *pp = q; 195 if (a) { 196 EVP_PKEY_free(*a); 197 *a = pktmp; 198 } 199 return pktmp; 200 } 201 202 int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) 203 { 204 X509_PUBKEY *xpk = NULL; 205 int ret; 206 if (!a) 207 return 0; 208 if (!X509_PUBKEY_set(&xpk, a)) 209 return -1; 210 ret = i2d_X509_PUBKEY(xpk, pp); 211 X509_PUBKEY_free(xpk); 212 return ret; 213 } 214 215 /* 216 * The following are equivalents but which return RSA and DSA keys 217 */ 218 #ifndef OPENSSL_NO_RSA 219 RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length) 220 { 221 EVP_PKEY *pkey; 222 RSA *key; 223 const unsigned char *q; 224 q = *pp; 225 pkey = d2i_PUBKEY(NULL, &q, length); 226 if (!pkey) 227 return NULL; 228 key = EVP_PKEY_get1_RSA(pkey); 229 EVP_PKEY_free(pkey); 230 if (!key) 231 return NULL; 232 *pp = q; 233 if (a) { 234 RSA_free(*a); 235 *a = key; 236 } 237 return key; 238 } 239 240 int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) 241 { 242 EVP_PKEY *pktmp; 243 int ret; 244 if (!a) 245 return 0; 246 pktmp = EVP_PKEY_new(); 247 if (pktmp == NULL) { 248 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); 249 return -1; 250 } 251 EVP_PKEY_set1_RSA(pktmp, a); 252 ret = i2d_PUBKEY(pktmp, pp); 253 EVP_PKEY_free(pktmp); 254 return ret; 255 } 256 #endif 257 258 #ifndef OPENSSL_NO_DSA 259 DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length) 260 { 261 EVP_PKEY *pkey; 262 DSA *key; 263 const unsigned char *q; 264 q = *pp; 265 pkey = d2i_PUBKEY(NULL, &q, length); 266 if (!pkey) 267 return NULL; 268 key = EVP_PKEY_get1_DSA(pkey); 269 EVP_PKEY_free(pkey); 270 if (!key) 271 return NULL; 272 *pp = q; 273 if (a) { 274 DSA_free(*a); 275 *a = key; 276 } 277 return key; 278 } 279 280 int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) 281 { 282 EVP_PKEY *pktmp; 283 int ret; 284 if (!a) 285 return 0; 286 pktmp = EVP_PKEY_new(); 287 if (pktmp == NULL) { 288 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); 289 return -1; 290 } 291 EVP_PKEY_set1_DSA(pktmp, a); 292 ret = i2d_PUBKEY(pktmp, pp); 293 EVP_PKEY_free(pktmp); 294 return ret; 295 } 296 #endif 297 298 #ifndef OPENSSL_NO_EC 299 EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length) 300 { 301 EVP_PKEY *pkey; 302 EC_KEY *key; 303 const unsigned char *q; 304 q = *pp; 305 pkey = d2i_PUBKEY(NULL, &q, length); 306 if (!pkey) 307 return NULL; 308 key = EVP_PKEY_get1_EC_KEY(pkey); 309 EVP_PKEY_free(pkey); 310 if (!key) 311 return NULL; 312 *pp = q; 313 if (a) { 314 EC_KEY_free(*a); 315 *a = key; 316 } 317 return key; 318 } 319 320 int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp) 321 { 322 EVP_PKEY *pktmp; 323 int ret; 324 if (!a) 325 return 0; 326 if ((pktmp = EVP_PKEY_new()) == NULL) { 327 ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE); 328 return -1; 329 } 330 EVP_PKEY_set1_EC_KEY(pktmp, a); 331 ret = i2d_PUBKEY(pktmp, pp); 332 EVP_PKEY_free(pktmp); 333 return ret; 334 } 335 #endif 336 337 int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, 338 int ptype, void *pval, 339 unsigned char *penc, int penclen) 340 { 341 if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval)) 342 return 0; 343 if (penc) { 344 OPENSSL_free(pub->public_key->data); 345 pub->public_key->data = penc; 346 pub->public_key->length = penclen; 347 /* Set number of unused bits to zero */ 348 pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); 349 pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT; 350 } 351 return 1; 352 } 353 354 int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, 355 const unsigned char **pk, int *ppklen, 356 X509_ALGOR **pa, X509_PUBKEY *pub) 357 { 358 if (ppkalg) 359 *ppkalg = pub->algor->algorithm; 360 if (pk) { 361 *pk = pub->public_key->data; 362 *ppklen = pub->public_key->length; 363 } 364 if (pa) 365 *pa = pub->algor; 366 return 1; 367 } 368 369 ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x) 370 { 371 if (x == NULL) 372 return NULL; 373 return x->cert_info.key->public_key; 374 } 375