1 /* 2 * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include "internal/cryptlib.h" 12 #include <openssl/asn1t.h> 13 #include <openssl/x509.h> 14 #include "crypto/asn1.h" 15 #include "crypto/evp.h" 16 #include "crypto/x509.h" 17 #include <openssl/rsa.h> 18 #include <openssl/dsa.h> 19 20 struct X509_pubkey_st { 21 X509_ALGOR *algor; 22 ASN1_BIT_STRING *public_key; 23 EVP_PKEY *pkey; 24 }; 25 26 static int x509_pubkey_decode(EVP_PKEY **pk, X509_PUBKEY *key); 27 28 /* Minor tweak to operation: free up EVP_PKEY */ 29 static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 30 void *exarg) 31 { 32 if (operation == ASN1_OP_FREE_POST) { 33 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; 34 EVP_PKEY_free(pubkey->pkey); 35 } else if (operation == ASN1_OP_D2I_POST) { 36 /* Attempt to decode public key and cache in pubkey structure. */ 37 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; 38 EVP_PKEY_free(pubkey->pkey); 39 pubkey->pkey = NULL; 40 /* 41 * Opportunistically decode the key but remove any non fatal errors 42 * from the queue. Subsequent explicit attempts to decode/use the key 43 * will return an appropriate error. 44 */ 45 ERR_set_mark(); 46 if (x509_pubkey_decode(&pubkey->pkey, pubkey) == -1) 47 return 0; 48 ERR_pop_to_mark(); 49 } 50 return 1; 51 } 52 53 ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { 54 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR), 55 ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING) 56 } ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY) 57 58 IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY) 59 60 int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) 61 { 62 X509_PUBKEY *pk = NULL; 63 64 if (x == NULL) 65 return 0; 66 67 if ((pk = X509_PUBKEY_new()) == NULL) 68 goto error; 69 70 if (pkey->ameth) { 71 if (pkey->ameth->pub_encode) { 72 if (!pkey->ameth->pub_encode(pk, pkey)) { 73 X509err(X509_F_X509_PUBKEY_SET, 74 X509_R_PUBLIC_KEY_ENCODE_ERROR); 75 goto error; 76 } 77 } else { 78 X509err(X509_F_X509_PUBKEY_SET, X509_R_METHOD_NOT_SUPPORTED); 79 goto error; 80 } 81 } else { 82 X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM); 83 goto error; 84 } 85 86 X509_PUBKEY_free(*x); 87 *x = pk; 88 pk->pkey = pkey; 89 EVP_PKEY_up_ref(pkey); 90 return 1; 91 92 error: 93 X509_PUBKEY_free(pk); 94 return 0; 95 } 96 97 /* 98 * Attempt to decode a public key. 99 * Returns 1 on success, 0 for a decode failure and -1 for a fatal 100 * error e.g. malloc failure. 101 */ 102 103 104 static int x509_pubkey_decode(EVP_PKEY **ppkey, X509_PUBKEY *key) 105 { 106 EVP_PKEY *pkey = EVP_PKEY_new(); 107 108 if (pkey == NULL) { 109 X509err(X509_F_X509_PUBKEY_DECODE, ERR_R_MALLOC_FAILURE); 110 return -1; 111 } 112 113 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(key->algor->algorithm))) { 114 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_UNSUPPORTED_ALGORITHM); 115 goto error; 116 } 117 118 if (pkey->ameth->pub_decode) { 119 /* 120 * Treat any failure of pub_decode as a decode error. In 121 * future we could have different return codes for decode 122 * errors and fatal errors such as malloc failure. 123 */ 124 if (!pkey->ameth->pub_decode(pkey, key)) { 125 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_PUBLIC_KEY_DECODE_ERROR); 126 goto error; 127 } 128 } else { 129 X509err(X509_F_X509_PUBKEY_DECODE, X509_R_METHOD_NOT_SUPPORTED); 130 goto error; 131 } 132 133 *ppkey = pkey; 134 return 1; 135 136 error: 137 EVP_PKEY_free(pkey); 138 return 0; 139 } 140 141 EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key) 142 { 143 EVP_PKEY *ret = NULL; 144 145 if (key == NULL || key->public_key == NULL) 146 return NULL; 147 148 if (key->pkey != NULL) 149 return key->pkey; 150 151 /* 152 * When the key ASN.1 is initially parsed an attempt is made to 153 * decode the public key and cache the EVP_PKEY structure. If this 154 * operation fails the cached value will be NULL. Parsing continues 155 * to allow parsing of unknown key types or unsupported forms. 156 * We repeat the decode operation so the appropriate errors are left 157 * in the queue. 158 */ 159 x509_pubkey_decode(&ret, key); 160 /* If decode doesn't fail something bad happened */ 161 if (ret != NULL) { 162 X509err(X509_F_X509_PUBKEY_GET0, ERR_R_INTERNAL_ERROR); 163 EVP_PKEY_free(ret); 164 } 165 166 return NULL; 167 } 168 169 EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) 170 { 171 EVP_PKEY *ret = X509_PUBKEY_get0(key); 172 if (ret != NULL) 173 EVP_PKEY_up_ref(ret); 174 return ret; 175 } 176 177 /* 178 * Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or 179 * decode as X509_PUBKEY 180 */ 181 182 EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length) 183 { 184 X509_PUBKEY *xpk; 185 EVP_PKEY *pktmp; 186 const unsigned char *q; 187 q = *pp; 188 xpk = d2i_X509_PUBKEY(NULL, &q, length); 189 if (!xpk) 190 return NULL; 191 pktmp = X509_PUBKEY_get(xpk); 192 X509_PUBKEY_free(xpk); 193 if (!pktmp) 194 return NULL; 195 *pp = q; 196 if (a) { 197 EVP_PKEY_free(*a); 198 *a = pktmp; 199 } 200 return pktmp; 201 } 202 203 int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) 204 { 205 X509_PUBKEY *xpk = NULL; 206 int ret; 207 if (!a) 208 return 0; 209 if (!X509_PUBKEY_set(&xpk, a)) 210 return -1; 211 ret = i2d_X509_PUBKEY(xpk, pp); 212 X509_PUBKEY_free(xpk); 213 return ret; 214 } 215 216 /* 217 * The following are equivalents but which return RSA and DSA keys 218 */ 219 #ifndef OPENSSL_NO_RSA 220 RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length) 221 { 222 EVP_PKEY *pkey; 223 RSA *key; 224 const unsigned char *q; 225 q = *pp; 226 pkey = d2i_PUBKEY(NULL, &q, length); 227 if (!pkey) 228 return NULL; 229 key = EVP_PKEY_get1_RSA(pkey); 230 EVP_PKEY_free(pkey); 231 if (!key) 232 return NULL; 233 *pp = q; 234 if (a) { 235 RSA_free(*a); 236 *a = key; 237 } 238 return key; 239 } 240 241 int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) 242 { 243 EVP_PKEY *pktmp; 244 int ret; 245 if (!a) 246 return 0; 247 pktmp = EVP_PKEY_new(); 248 if (pktmp == NULL) { 249 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); 250 return -1; 251 } 252 EVP_PKEY_set1_RSA(pktmp, a); 253 ret = i2d_PUBKEY(pktmp, pp); 254 EVP_PKEY_free(pktmp); 255 return ret; 256 } 257 #endif 258 259 #ifndef OPENSSL_NO_DSA 260 DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length) 261 { 262 EVP_PKEY *pkey; 263 DSA *key; 264 const unsigned char *q; 265 q = *pp; 266 pkey = d2i_PUBKEY(NULL, &q, length); 267 if (!pkey) 268 return NULL; 269 key = EVP_PKEY_get1_DSA(pkey); 270 EVP_PKEY_free(pkey); 271 if (!key) 272 return NULL; 273 *pp = q; 274 if (a) { 275 DSA_free(*a); 276 *a = key; 277 } 278 return key; 279 } 280 281 int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) 282 { 283 EVP_PKEY *pktmp; 284 int ret; 285 if (!a) 286 return 0; 287 pktmp = EVP_PKEY_new(); 288 if (pktmp == NULL) { 289 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); 290 return -1; 291 } 292 EVP_PKEY_set1_DSA(pktmp, a); 293 ret = i2d_PUBKEY(pktmp, pp); 294 EVP_PKEY_free(pktmp); 295 return ret; 296 } 297 #endif 298 299 #ifndef OPENSSL_NO_EC 300 EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length) 301 { 302 EVP_PKEY *pkey; 303 EC_KEY *key; 304 const unsigned char *q; 305 q = *pp; 306 pkey = d2i_PUBKEY(NULL, &q, length); 307 if (!pkey) 308 return NULL; 309 key = EVP_PKEY_get1_EC_KEY(pkey); 310 EVP_PKEY_free(pkey); 311 if (!key) 312 return NULL; 313 *pp = q; 314 if (a) { 315 EC_KEY_free(*a); 316 *a = key; 317 } 318 return key; 319 } 320 321 int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp) 322 { 323 EVP_PKEY *pktmp; 324 int ret; 325 if (!a) 326 return 0; 327 if ((pktmp = EVP_PKEY_new()) == NULL) { 328 ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE); 329 return -1; 330 } 331 EVP_PKEY_set1_EC_KEY(pktmp, a); 332 ret = i2d_PUBKEY(pktmp, pp); 333 EVP_PKEY_free(pktmp); 334 return ret; 335 } 336 #endif 337 338 int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, 339 int ptype, void *pval, 340 unsigned char *penc, int penclen) 341 { 342 if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval)) 343 return 0; 344 if (penc) { 345 OPENSSL_free(pub->public_key->data); 346 pub->public_key->data = penc; 347 pub->public_key->length = penclen; 348 /* Set number of unused bits to zero */ 349 pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); 350 pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT; 351 } 352 return 1; 353 } 354 355 int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, 356 const unsigned char **pk, int *ppklen, 357 X509_ALGOR **pa, X509_PUBKEY *pub) 358 { 359 if (ppkalg) 360 *ppkalg = pub->algor->algorithm; 361 if (pk) { 362 *pk = pub->public_key->data; 363 *ppklen = pub->public_key->length; 364 } 365 if (pa) 366 *pa = pub->algor; 367 return 1; 368 } 369 370 ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x) 371 { 372 if (x == NULL) 373 return NULL; 374 return x->cert_info.key->public_key; 375 } 376