1 /* 2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include "internal/cryptlib.h" 12 #include <openssl/asn1t.h> 13 #include <openssl/x509.h> 14 #include "crypto/asn1.h" 15 #include "crypto/evp.h" 16 #include "crypto/x509.h" 17 #include <openssl/rsa.h> 18 #include <openssl/dsa.h> 19 20 struct X509_pubkey_st { 21 X509_ALGOR *algor; 22 ASN1_BIT_STRING *public_key; 23 EVP_PKEY *pkey; 24 }; 25 26 static int x509_pubkey_decode(EVP_PKEY **pk, X509_PUBKEY *key); 27 28 /* Minor tweak to operation: free up EVP_PKEY */ 29 static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 30 void *exarg) 31 { 32 if (operation == ASN1_OP_FREE_POST) { 33 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; 34 EVP_PKEY_free(pubkey->pkey); 35 } else if (operation == ASN1_OP_D2I_POST) { 36 /* Attempt to decode public key and cache in pubkey structure. */ 37 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; 38 EVP_PKEY_free(pubkey->pkey); 39 pubkey->pkey = NULL; 40 /* 41 * Opportunistically decode the key but remove any non fatal errors 42 * from the queue. Subsequent explicit attempts to decode/use the key 43 * will return an appropriate error. 44 */ 45 ERR_set_mark(); 46 if (x509_pubkey_decode(&pubkey->pkey, pubkey) == -1) 47 return 0; 48 ERR_pop_to_mark(); 49 } 50 return 1; 51 } 52 53 ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { 54 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR), 55 ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING) 56 } ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY) 57 58 IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY) 59 60 int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) 61 { 62 X509_PUBKEY *pk = NULL; 63 64 if (x == NULL) 65 return 0; 66 67 if ((pk = X509_PUBKEY_new()) == NULL) 68 goto error; 69 70 if (pkey->ameth) { 71 if (pkey->ameth->pub_encode) { 72 if (!pkey->ameth->pub_encode(pk, pkey)) { 73 X509err(X509_F_X509_PUBKEY_SET, 74 X509_R_PUBLIC_KEY_ENCODE_ERROR); 75 goto error; 76 } 77 } else { 78 X509err(X509_F_X509_PUBKEY_SET, X509_R_METHOD_NOT_SUPPORTED); 79 goto error; 80 } 81 } else { 82 X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM); 83 goto error; 84 } 85 86 X509_PUBKEY_free(*x); 87 *x = pk; 88 pk->pkey = pkey; 89 EVP_PKEY_up_ref(pkey); 90 return 1; 91 92 error: 93 X509_PUBKEY_free(pk); 94 return 0; 95 } 96 97 /* 98 * Attempt to decode a public key. 99 * Returns 1 on success, 0 for a decode failure and -1 for a fatal 100 * error e.g. malloc failure. 101 */ 102 103 104 static int x509_pubkey_decode(EVP_PKEY **ppkey, X509_PUBKEY *key) 105 { 106 EVP_PKEY *pkey = EVP_PKEY_new(); 107 108 if (pkey == NULL) { 109 X509err(X509_F_X509_PUBKEY_DECODE, ERR_R_MALLOC_FAILURE); 110 return -1; 111 } 112 113 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(key->algor->algorithm))) { 114 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_UNSUPPORTED_ALGORITHM); 115 goto error; 116 } 117 118 if (pkey->ameth->pub_decode) { 119 /* 120 * Treat any failure of pub_decode as a decode error. In 121 * future we could have different return codes for decode 122 * errors and fatal errors such as malloc failure. 123 */ 124 if (!pkey->ameth->pub_decode(pkey, key)) { 125 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_PUBLIC_KEY_DECODE_ERROR); 126 goto error; 127 } 128 } else { 129 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_METHOD_NOT_SUPPORTED); 130 goto error; 131 } 132 133 *ppkey = pkey; 134 return 1; 135 136 error: 137 EVP_PKEY_free(pkey); 138 return 0; 139 } 140 141 EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key) 142 { 143 EVP_PKEY *ret = NULL; 144 145 if (key == NULL || key->public_key == NULL) 146 return NULL; 147 148 if (key->pkey != NULL) 149 return key->pkey; 150 151 /* 152 * When the key ASN.1 is initially parsed an attempt is made to 153 * decode the public key and cache the EVP_PKEY structure. If this 154 * operation fails the cached value will be NULL. Parsing continues 155 * to allow parsing of unknown key types or unsupported forms. 156 * We repeat the decode operation so the appropriate errors are left 157 * in the queue. 158 */ 159 x509_pubkey_decode(&ret, key); 160 /* If decode doesn't fail something bad happened */ 161 if (ret != NULL) { 162 X509err(X509_F_X509_PUBKEY_GET0, ERR_R_INTERNAL_ERROR); 163 EVP_PKEY_free(ret); 164 } 165 166 return NULL; 167 } 168 169 EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) 170 { 171 EVP_PKEY *ret = X509_PUBKEY_get0(key); 172 173 if (ret != NULL && !EVP_PKEY_up_ref(ret)) { 174 X509err(X509_F_X509_PUBKEY_GET, ERR_R_INTERNAL_ERROR); 175 ret = NULL; 176 } 177 return ret; 178 } 179 180 /* 181 * Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or 182 * decode as X509_PUBKEY 183 */ 184 185 EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length) 186 { 187 X509_PUBKEY *xpk; 188 EVP_PKEY *pktmp; 189 const unsigned char *q; 190 q = *pp; 191 xpk = d2i_X509_PUBKEY(NULL, &q, length); 192 if (!xpk) 193 return NULL; 194 pktmp = X509_PUBKEY_get(xpk); 195 X509_PUBKEY_free(xpk); 196 if (!pktmp) 197 return NULL; 198 *pp = q; 199 if (a) { 200 EVP_PKEY_free(*a); 201 *a = pktmp; 202 } 203 return pktmp; 204 } 205 206 int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) 207 { 208 X509_PUBKEY *xpk = NULL; 209 int ret; 210 if (!a) 211 return 0; 212 if (!X509_PUBKEY_set(&xpk, a)) 213 return -1; 214 ret = i2d_X509_PUBKEY(xpk, pp); 215 X509_PUBKEY_free(xpk); 216 return ret; 217 } 218 219 /* 220 * The following are equivalents but which return RSA and DSA keys 221 */ 222 #ifndef OPENSSL_NO_RSA 223 RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length) 224 { 225 EVP_PKEY *pkey; 226 RSA *key; 227 const unsigned char *q; 228 q = *pp; 229 pkey = d2i_PUBKEY(NULL, &q, length); 230 if (!pkey) 231 return NULL; 232 key = EVP_PKEY_get1_RSA(pkey); 233 EVP_PKEY_free(pkey); 234 if (!key) 235 return NULL; 236 *pp = q; 237 if (a) { 238 RSA_free(*a); 239 *a = key; 240 } 241 return key; 242 } 243 244 int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) 245 { 246 EVP_PKEY *pktmp; 247 int ret; 248 if (!a) 249 return 0; 250 pktmp = EVP_PKEY_new(); 251 if (pktmp == NULL) { 252 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); 253 return -1; 254 } 255 EVP_PKEY_set1_RSA(pktmp, a); 256 ret = i2d_PUBKEY(pktmp, pp); 257 EVP_PKEY_free(pktmp); 258 return ret; 259 } 260 #endif 261 262 #ifndef OPENSSL_NO_DSA 263 DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length) 264 { 265 EVP_PKEY *pkey; 266 DSA *key; 267 const unsigned char *q; 268 q = *pp; 269 pkey = d2i_PUBKEY(NULL, &q, length); 270 if (!pkey) 271 return NULL; 272 key = EVP_PKEY_get1_DSA(pkey); 273 EVP_PKEY_free(pkey); 274 if (!key) 275 return NULL; 276 *pp = q; 277 if (a) { 278 DSA_free(*a); 279 *a = key; 280 } 281 return key; 282 } 283 284 int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) 285 { 286 EVP_PKEY *pktmp; 287 int ret; 288 if (!a) 289 return 0; 290 pktmp = EVP_PKEY_new(); 291 if (pktmp == NULL) { 292 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); 293 return -1; 294 } 295 EVP_PKEY_set1_DSA(pktmp, a); 296 ret = i2d_PUBKEY(pktmp, pp); 297 EVP_PKEY_free(pktmp); 298 return ret; 299 } 300 #endif 301 302 #ifndef OPENSSL_NO_EC 303 EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length) 304 { 305 EVP_PKEY *pkey; 306 EC_KEY *key; 307 const unsigned char *q; 308 q = *pp; 309 pkey = d2i_PUBKEY(NULL, &q, length); 310 if (!pkey) 311 return NULL; 312 key = EVP_PKEY_get1_EC_KEY(pkey); 313 EVP_PKEY_free(pkey); 314 if (!key) 315 return NULL; 316 *pp = q; 317 if (a) { 318 EC_KEY_free(*a); 319 *a = key; 320 } 321 return key; 322 } 323 324 int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp) 325 { 326 EVP_PKEY *pktmp; 327 int ret; 328 if (!a) 329 return 0; 330 if ((pktmp = EVP_PKEY_new()) == NULL) { 331 ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE); 332 return -1; 333 } 334 EVP_PKEY_set1_EC_KEY(pktmp, a); 335 ret = i2d_PUBKEY(pktmp, pp); 336 EVP_PKEY_free(pktmp); 337 return ret; 338 } 339 #endif 340 341 int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, 342 int ptype, void *pval, 343 unsigned char *penc, int penclen) 344 { 345 if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval)) 346 return 0; 347 if (penc) { 348 OPENSSL_free(pub->public_key->data); 349 pub->public_key->data = penc; 350 pub->public_key->length = penclen; 351 /* Set number of unused bits to zero */ 352 pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); 353 pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT; 354 } 355 return 1; 356 } 357 358 int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, 359 const unsigned char **pk, int *ppklen, 360 X509_ALGOR **pa, X509_PUBKEY *pub) 361 { 362 if (ppkalg) 363 *ppkalg = pub->algor->algorithm; 364 if (pk) { 365 *pk = pub->public_key->data; 366 *ppklen = pub->public_key->length; 367 } 368 if (pa) 369 *pa = pub->algor; 370 return 1; 371 } 372 373 ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x) 374 { 375 if (x == NULL) 376 return NULL; 377 return x->cert_info.key->public_key; 378 } 379