xref: /freebsd/crypto/openssl/crypto/x509/x_pubkey.c (revision b077aed33b7b6aefca7b17ddb250cf521f938613)
1 /*
2  * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 /*
11  * DSA low level APIs are deprecated for public use, but still ok for
12  * internal use.
13  */
14 #include "internal/deprecated.h"
15 
16 #include <stdio.h>
17 #include "internal/cryptlib.h"
18 #include <openssl/asn1t.h>
19 #include <openssl/x509.h>
20 #include <openssl/engine.h>
21 #include "crypto/asn1.h"
22 #include "crypto/evp.h"
23 #include "crypto/x509.h"
24 #include <openssl/rsa.h>
25 #include <openssl/dsa.h>
26 #include <openssl/decoder.h>
27 #include <openssl/encoder.h>
28 #include "internal/provider.h"
29 #include "internal/sizes.h"
30 
31 struct X509_pubkey_st {
32     X509_ALGOR *algor;
33     ASN1_BIT_STRING *public_key;
34 
35     EVP_PKEY *pkey;
36 
37     /* extra data for the callback, used by d2i_PUBKEY_ex */
38     OSSL_LIB_CTX *libctx;
39     char *propq;
40 
41     /* Flag to force legacy keys */
42     unsigned int flag_force_legacy : 1;
43 };
44 
45 static int x509_pubkey_decode(EVP_PKEY **pk, const X509_PUBKEY *key);
46 
x509_pubkey_set0_libctx(X509_PUBKEY * x,OSSL_LIB_CTX * libctx,const char * propq)47 static int x509_pubkey_set0_libctx(X509_PUBKEY *x, OSSL_LIB_CTX *libctx,
48                                    const char *propq)
49 {
50     if (x != NULL) {
51         x->libctx = libctx;
52         OPENSSL_free(x->propq);
53         x->propq = NULL;
54         if (propq != NULL) {
55             x->propq = OPENSSL_strdup(propq);
56             if (x->propq == NULL)
57                 return 0;
58         }
59     }
60     return 1;
61 }
62 
63 ASN1_SEQUENCE(X509_PUBKEY_INTERNAL) = {
64         ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
65         ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
66 } static_ASN1_SEQUENCE_END_name(X509_PUBKEY, X509_PUBKEY_INTERNAL)
67 
68 X509_PUBKEY *ossl_d2i_X509_PUBKEY_INTERNAL(const unsigned char **pp,
69                                            long len, OSSL_LIB_CTX *libctx)
70 {
71     X509_PUBKEY *xpub = OPENSSL_zalloc(sizeof(*xpub));
72 
73     if (xpub == NULL)
74         return NULL;
75     return (X509_PUBKEY *)ASN1_item_d2i_ex((ASN1_VALUE **)&xpub, pp, len,
76                                            ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL),
77                                            libctx, NULL);
78 }
79 
ossl_X509_PUBKEY_INTERNAL_free(X509_PUBKEY * xpub)80 void ossl_X509_PUBKEY_INTERNAL_free(X509_PUBKEY *xpub)
81 {
82     ASN1_item_free((ASN1_VALUE *)xpub, ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL));
83 }
84 
x509_pubkey_ex_free(ASN1_VALUE ** pval,const ASN1_ITEM * it)85 static void x509_pubkey_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
86 {
87     X509_PUBKEY *pubkey;
88 
89     if (pval != NULL && (pubkey = (X509_PUBKEY *)*pval) != NULL) {
90         X509_ALGOR_free(pubkey->algor);
91         ASN1_BIT_STRING_free(pubkey->public_key);
92         EVP_PKEY_free(pubkey->pkey);
93         OPENSSL_free(pubkey->propq);
94         OPENSSL_free(pubkey);
95         *pval = NULL;
96     }
97 }
98 
x509_pubkey_ex_populate(ASN1_VALUE ** pval,const ASN1_ITEM * it)99 static int x509_pubkey_ex_populate(ASN1_VALUE **pval, const ASN1_ITEM *it)
100 {
101     X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
102 
103     return (pubkey->algor != NULL
104             || (pubkey->algor = X509_ALGOR_new()) != NULL)
105         && (pubkey->public_key != NULL
106             || (pubkey->public_key = ASN1_BIT_STRING_new()) != NULL);
107 }
108 
109 
x509_pubkey_ex_new_ex(ASN1_VALUE ** pval,const ASN1_ITEM * it,OSSL_LIB_CTX * libctx,const char * propq)110 static int x509_pubkey_ex_new_ex(ASN1_VALUE **pval, const ASN1_ITEM *it,
111                                  OSSL_LIB_CTX *libctx, const char *propq)
112 {
113     X509_PUBKEY *ret;
114 
115     if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL
116         || !x509_pubkey_ex_populate((ASN1_VALUE **)&ret, NULL)
117         || !x509_pubkey_set0_libctx(ret, libctx, propq)) {
118         x509_pubkey_ex_free((ASN1_VALUE **)&ret, NULL);
119         ret = NULL;
120         ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
121     } else {
122         *pval = (ASN1_VALUE *)ret;
123     }
124 
125     return ret != NULL;
126 }
127 
x509_pubkey_ex_d2i_ex(ASN1_VALUE ** pval,const unsigned char ** in,long len,const ASN1_ITEM * it,int tag,int aclass,char opt,ASN1_TLC * ctx,OSSL_LIB_CTX * libctx,const char * propq)128 static int x509_pubkey_ex_d2i_ex(ASN1_VALUE **pval,
129                                  const unsigned char **in, long len,
130                                  const ASN1_ITEM *it, int tag, int aclass,
131                                  char opt, ASN1_TLC *ctx, OSSL_LIB_CTX *libctx,
132                                  const char *propq)
133 {
134     const unsigned char *in_saved = *in;
135     size_t publen;
136     X509_PUBKEY *pubkey;
137     int ret;
138     OSSL_DECODER_CTX *dctx = NULL;
139     unsigned char *tmpbuf = NULL;
140 
141     if (*pval == NULL && !x509_pubkey_ex_new_ex(pval, it, libctx, propq))
142         return 0;
143     if (!x509_pubkey_ex_populate(pval, NULL)) {
144         ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
145         return 0;
146     }
147 
148     /* This ensures that |*in| advances properly no matter what */
149     if ((ret = ASN1_item_ex_d2i(pval, in, len,
150                                 ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL),
151                                 tag, aclass, opt, ctx)) <= 0)
152         return ret;
153 
154     publen = *in - in_saved;
155     if (!ossl_assert(publen > 0)) {
156         ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR);
157         return 0;
158     }
159 
160     pubkey = (X509_PUBKEY *)*pval;
161     EVP_PKEY_free(pubkey->pkey);
162     pubkey->pkey = NULL;
163 
164     /*
165      * Opportunistically decode the key but remove any non fatal errors
166      * from the queue. Subsequent explicit attempts to decode/use the key
167      * will return an appropriate error.
168      */
169     ERR_set_mark();
170 
171     /*
172      * Try to decode with legacy method first.  This ensures that engines
173      * aren't overriden by providers.
174      */
175     if ((ret = x509_pubkey_decode(&pubkey->pkey, pubkey)) == -1) {
176         /* -1 indicates a fatal error, like malloc failure */
177         ERR_clear_last_mark();
178         goto end;
179     }
180 
181     /* Try to decode it into an EVP_PKEY with OSSL_DECODER */
182     if (ret <= 0 && !pubkey->flag_force_legacy) {
183         const unsigned char *p;
184         char txtoidname[OSSL_MAX_NAME_SIZE];
185         size_t slen = publen;
186 
187         /*
188         * The decoders don't know how to handle anything other than Universal
189         * class so we modify the data accordingly.
190         */
191         if (aclass != V_ASN1_UNIVERSAL) {
192             tmpbuf = OPENSSL_memdup(in_saved, publen);
193             if (tmpbuf == NULL) {
194                 ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
195                 return 0;
196             }
197             in_saved = tmpbuf;
198             *tmpbuf = V_ASN1_CONSTRUCTED | V_ASN1_SEQUENCE;
199         }
200         p = in_saved;
201 
202         if (OBJ_obj2txt(txtoidname, sizeof(txtoidname),
203                         pubkey->algor->algorithm, 0) <= 0) {
204             ERR_clear_last_mark();
205             goto end;
206         }
207         if ((dctx =
208              OSSL_DECODER_CTX_new_for_pkey(&pubkey->pkey,
209                                            "DER", "SubjectPublicKeyInfo",
210                                            txtoidname, EVP_PKEY_PUBLIC_KEY,
211                                            pubkey->libctx,
212                                            pubkey->propq)) != NULL)
213             /*
214              * As said higher up, we're being opportunistic.  In other words,
215              * we don't care if we fail.
216              */
217             if (OSSL_DECODER_from_data(dctx, &p, &slen)) {
218                 if (slen != 0) {
219                     /*
220                      * If we successfully decoded then we *must* consume all the
221                      * bytes.
222                      */
223                     ERR_clear_last_mark();
224                     ERR_raise(ERR_LIB_ASN1, EVP_R_DECODE_ERROR);
225                     goto end;
226                 }
227             }
228     }
229 
230     ERR_pop_to_mark();
231     ret = 1;
232  end:
233     OSSL_DECODER_CTX_free(dctx);
234     OPENSSL_free(tmpbuf);
235     return ret;
236 }
237 
x509_pubkey_ex_i2d(const ASN1_VALUE ** pval,unsigned char ** out,const ASN1_ITEM * it,int tag,int aclass)238 static int x509_pubkey_ex_i2d(const ASN1_VALUE **pval, unsigned char **out,
239                               const ASN1_ITEM *it, int tag, int aclass)
240 {
241     return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL),
242                             tag, aclass);
243 }
244 
x509_pubkey_ex_print(BIO * out,const ASN1_VALUE ** pval,int indent,const char * fname,const ASN1_PCTX * pctx)245 static int x509_pubkey_ex_print(BIO *out, const ASN1_VALUE **pval, int indent,
246                                 const char *fname, const ASN1_PCTX *pctx)
247 {
248     return ASN1_item_print(out, *pval, indent,
249                            ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL), pctx);
250 }
251 
252 static const ASN1_EXTERN_FUNCS x509_pubkey_ff = {
253     NULL,
254     NULL,
255     x509_pubkey_ex_free,
256     0,                          /* Default clear behaviour is OK */
257     NULL,
258     x509_pubkey_ex_i2d,
259     x509_pubkey_ex_print,
260     x509_pubkey_ex_new_ex,
261     x509_pubkey_ex_d2i_ex,
262 };
263 
IMPLEMENT_EXTERN_ASN1(X509_PUBKEY,V_ASN1_SEQUENCE,x509_pubkey_ff)264 IMPLEMENT_EXTERN_ASN1(X509_PUBKEY, V_ASN1_SEQUENCE, x509_pubkey_ff)
265 IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
266 
267 X509_PUBKEY *X509_PUBKEY_new_ex(OSSL_LIB_CTX *libctx, const char *propq)
268 {
269     X509_PUBKEY *pubkey = NULL;
270 
271     pubkey = (X509_PUBKEY *)ASN1_item_new_ex(X509_PUBKEY_it(), libctx, propq);
272     if (!x509_pubkey_set0_libctx(pubkey, libctx, propq)) {
273         X509_PUBKEY_free(pubkey);
274         pubkey = NULL;
275     }
276     return pubkey;
277 }
278 
279 /*
280  * X509_PUBKEY_dup() must be implemented manually, because there is no
281  * support for it in ASN1_EXTERN_FUNCS.
282  */
X509_PUBKEY_dup(const X509_PUBKEY * a)283 X509_PUBKEY *X509_PUBKEY_dup(const X509_PUBKEY *a)
284 {
285     X509_PUBKEY *pubkey = OPENSSL_zalloc(sizeof(*pubkey));
286 
287     if (pubkey == NULL
288             || !x509_pubkey_set0_libctx(pubkey, a->libctx, a->propq)
289             || (pubkey->algor = X509_ALGOR_dup(a->algor)) == NULL
290             || (pubkey->public_key = ASN1_BIT_STRING_new()) == NULL
291             || !ASN1_BIT_STRING_set(pubkey->public_key,
292                                     a->public_key->data,
293                                     a->public_key->length)) {
294         x509_pubkey_ex_free((ASN1_VALUE **)&pubkey,
295                             ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL));
296         ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
297         return NULL;
298     }
299 
300     if (a->pkey != NULL) {
301         ERR_set_mark();
302         pubkey->pkey = EVP_PKEY_dup(a->pkey);
303         if (pubkey->pkey == NULL) {
304             pubkey->flag_force_legacy = 1;
305             if (x509_pubkey_decode(&pubkey->pkey, pubkey) <= 0) {
306                 x509_pubkey_ex_free((ASN1_VALUE **)&pubkey,
307                                     ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL));
308                 ERR_clear_last_mark();
309                 return NULL;
310             }
311         }
312         ERR_pop_to_mark();
313     }
314     return pubkey;
315 }
316 
X509_PUBKEY_set(X509_PUBKEY ** x,EVP_PKEY * pkey)317 int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
318 {
319     X509_PUBKEY *pk = NULL;
320 
321     if (x == NULL || pkey == NULL) {
322         ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
323         return 0;
324     }
325 
326     if (pkey->ameth != NULL) {
327         if ((pk = X509_PUBKEY_new()) == NULL) {
328             ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
329             goto error;
330         }
331         if (pkey->ameth->pub_encode != NULL) {
332             if (!pkey->ameth->pub_encode(pk, pkey)) {
333                 ERR_raise(ERR_LIB_X509, X509_R_PUBLIC_KEY_ENCODE_ERROR);
334                 goto error;
335             }
336         } else {
337             ERR_raise(ERR_LIB_X509, X509_R_METHOD_NOT_SUPPORTED);
338             goto error;
339         }
340     } else if (evp_pkey_is_provided(pkey)) {
341         unsigned char *der = NULL;
342         size_t derlen = 0;
343         OSSL_ENCODER_CTX *ectx =
344             OSSL_ENCODER_CTX_new_for_pkey(pkey, EVP_PKEY_PUBLIC_KEY,
345                                           "DER", "SubjectPublicKeyInfo",
346                                           NULL);
347 
348         if (OSSL_ENCODER_to_data(ectx, &der, &derlen)) {
349             const unsigned char *pder = der;
350 
351             pk = d2i_X509_PUBKEY(NULL, &pder, (long)derlen);
352         }
353 
354         OSSL_ENCODER_CTX_free(ectx);
355         OPENSSL_free(der);
356     }
357 
358     if (pk == NULL) {
359         ERR_raise(ERR_LIB_X509, X509_R_UNSUPPORTED_ALGORITHM);
360         goto error;
361     }
362 
363     X509_PUBKEY_free(*x);
364     if (!EVP_PKEY_up_ref(pkey)) {
365         ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR);
366         goto error;
367     }
368     *x = pk;
369 
370     /*
371      * pk->pkey is NULL when using the legacy routine, but is non-NULL when
372      * going through the encoder, and for all intents and purposes, it's
373      * a perfect copy of the public key portions of |pkey|, just not the same
374      * instance.  If that's all there was to pkey then we could simply return
375      * early, right here. However, some application might very well depend on
376      * the passed |pkey| being used and none other, so we spend a few more
377      * cycles throwing away the newly created |pk->pkey| and replace it with
378      * |pkey|.
379      */
380     if (pk->pkey != NULL)
381         EVP_PKEY_free(pk->pkey);
382 
383     pk->pkey = pkey;
384     return 1;
385 
386  error:
387     X509_PUBKEY_free(pk);
388     return 0;
389 }
390 
391 /*
392  * Attempt to decode a public key.
393  * Returns 1 on success, 0 for a decode failure and -1 for a fatal
394  * error e.g. malloc failure.
395  *
396  * This function is #legacy.
397  */
x509_pubkey_decode(EVP_PKEY ** ppkey,const X509_PUBKEY * key)398 static int x509_pubkey_decode(EVP_PKEY **ppkey, const X509_PUBKEY *key)
399 {
400     EVP_PKEY *pkey;
401     int nid;
402 
403     nid = OBJ_obj2nid(key->algor->algorithm);
404     if (!key->flag_force_legacy) {
405 #ifndef OPENSSL_NO_ENGINE
406         ENGINE *e = NULL;
407 
408         e = ENGINE_get_pkey_meth_engine(nid);
409         if (e == NULL)
410             return 0;
411         ENGINE_finish(e);
412 #else
413         return 0;
414 #endif
415     }
416 
417     pkey = EVP_PKEY_new();
418     if (pkey == NULL) {
419         ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
420         return -1;
421     }
422 
423     if (!EVP_PKEY_set_type(pkey, nid)) {
424         ERR_raise(ERR_LIB_X509, X509_R_UNSUPPORTED_ALGORITHM);
425         goto error;
426     }
427 
428     if (pkey->ameth->pub_decode) {
429         /*
430          * Treat any failure of pub_decode as a decode error. In
431          * future we could have different return codes for decode
432          * errors and fatal errors such as malloc failure.
433          */
434         if (!pkey->ameth->pub_decode(pkey, key))
435             goto error;
436     } else {
437         ERR_raise(ERR_LIB_X509, X509_R_METHOD_NOT_SUPPORTED);
438         goto error;
439     }
440 
441     *ppkey = pkey;
442     return 1;
443 
444  error:
445     EVP_PKEY_free(pkey);
446     return 0;
447 }
448 
X509_PUBKEY_get0(const X509_PUBKEY * key)449 EVP_PKEY *X509_PUBKEY_get0(const X509_PUBKEY *key)
450 {
451     if (key == NULL) {
452         ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
453         return NULL;
454     }
455 
456     if (key->pkey == NULL) {
457         /* We failed to decode the key when we loaded it, or it was never set */
458         ERR_raise(ERR_LIB_EVP, EVP_R_DECODE_ERROR);
459         return NULL;
460     }
461 
462     return key->pkey;
463 }
464 
X509_PUBKEY_get(const X509_PUBKEY * key)465 EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key)
466 {
467     EVP_PKEY *ret = X509_PUBKEY_get0(key);
468 
469     if (ret != NULL && !EVP_PKEY_up_ref(ret)) {
470         ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR);
471         ret = NULL;
472     }
473     return ret;
474 }
475 
476 /*
477  * Now three pseudo ASN1 routines that take an EVP_PKEY structure and encode
478  * or decode as X509_PUBKEY
479  */
d2i_PUBKEY_int(EVP_PKEY ** a,const unsigned char ** pp,long length,OSSL_LIB_CTX * libctx,const char * propq,unsigned int force_legacy,X509_PUBKEY * (* d2i_x509_pubkey)(X509_PUBKEY ** a,const unsigned char ** in,long len))480 static EVP_PKEY *d2i_PUBKEY_int(EVP_PKEY **a,
481                                 const unsigned char **pp, long length,
482                                 OSSL_LIB_CTX *libctx, const char *propq,
483                                 unsigned int force_legacy,
484                                 X509_PUBKEY *
485                                 (*d2i_x509_pubkey)(X509_PUBKEY **a,
486                                                    const unsigned char **in,
487                                                    long len))
488 {
489     X509_PUBKEY *xpk, *xpk2 = NULL, **pxpk = NULL;
490     EVP_PKEY *pktmp = NULL;
491     const unsigned char *q;
492 
493     q = *pp;
494 
495     /*
496      * If libctx or propq are non-NULL, we take advantage of the reuse
497      * feature.  It's not generally recommended, but is safe enough for
498      * newly created structures.
499      */
500     if (libctx != NULL || propq != NULL || force_legacy) {
501         xpk2 = OPENSSL_zalloc(sizeof(*xpk2));
502         if (xpk2 == NULL) {
503             ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
504             return NULL;
505         }
506         if (!x509_pubkey_set0_libctx(xpk2, libctx, propq))
507             goto end;
508         xpk2->flag_force_legacy = !!force_legacy;
509         pxpk = &xpk2;
510     }
511     xpk = d2i_x509_pubkey(pxpk, &q, length);
512     if (xpk == NULL)
513         goto end;
514     pktmp = X509_PUBKEY_get(xpk);
515     X509_PUBKEY_free(xpk);
516     xpk2 = NULL;                 /* We know that xpk == xpk2 */
517     if (pktmp == NULL)
518         goto end;
519     *pp = q;
520     if (a != NULL) {
521         EVP_PKEY_free(*a);
522         *a = pktmp;
523     }
524  end:
525     X509_PUBKEY_free(xpk2);
526     return pktmp;
527 }
528 
529 /* For the algorithm specific d2i functions further down */
ossl_d2i_PUBKEY_legacy(EVP_PKEY ** a,const unsigned char ** pp,long length)530 EVP_PKEY *ossl_d2i_PUBKEY_legacy(EVP_PKEY **a, const unsigned char **pp,
531                                  long length)
532 {
533     return d2i_PUBKEY_int(a, pp, length, NULL, NULL, 1, d2i_X509_PUBKEY);
534 }
535 
d2i_PUBKEY_ex(EVP_PKEY ** a,const unsigned char ** pp,long length,OSSL_LIB_CTX * libctx,const char * propq)536 EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length,
537                         OSSL_LIB_CTX *libctx, const char *propq)
538 {
539     return d2i_PUBKEY_int(a, pp, length, libctx, propq, 0, d2i_X509_PUBKEY);
540 }
541 
d2i_PUBKEY(EVP_PKEY ** a,const unsigned char ** pp,long length)542 EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
543 {
544     return d2i_PUBKEY_ex(a, pp, length, NULL, NULL);
545 }
546 
i2d_PUBKEY(const EVP_PKEY * a,unsigned char ** pp)547 int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp)
548 {
549     int ret = -1;
550 
551     if (a == NULL)
552         return 0;
553     if (a->ameth != NULL) {
554         X509_PUBKEY *xpk = NULL;
555 
556         if ((xpk = X509_PUBKEY_new()) == NULL)
557             return -1;
558 
559         /* pub_encode() only encode parameters, not the key itself */
560         if (a->ameth->pub_encode != NULL && a->ameth->pub_encode(xpk, a)) {
561             xpk->pkey = (EVP_PKEY *)a;
562             ret = i2d_X509_PUBKEY(xpk, pp);
563             xpk->pkey = NULL;
564         }
565         X509_PUBKEY_free(xpk);
566     } else if (a->keymgmt != NULL) {
567         OSSL_ENCODER_CTX *ctx =
568             OSSL_ENCODER_CTX_new_for_pkey(a, EVP_PKEY_PUBLIC_KEY,
569                                           "DER", "SubjectPublicKeyInfo",
570                                           NULL);
571         BIO *out = BIO_new(BIO_s_mem());
572         BUF_MEM *buf = NULL;
573 
574         if (OSSL_ENCODER_CTX_get_num_encoders(ctx) != 0
575             && out != NULL
576             && OSSL_ENCODER_to_bio(ctx, out)
577             && BIO_get_mem_ptr(out, &buf) > 0) {
578             ret = buf->length;
579 
580             if (pp != NULL) {
581                 if (*pp == NULL) {
582                     *pp = (unsigned char *)buf->data;
583                     buf->length = 0;
584                     buf->data = NULL;
585                 } else {
586                     memcpy(*pp, buf->data, ret);
587                     *pp += ret;
588                 }
589             }
590         }
591         BIO_free(out);
592         OSSL_ENCODER_CTX_free(ctx);
593     }
594 
595     return ret;
596 }
597 
598 /*
599  * The following are equivalents but which return RSA and DSA keys
600  */
d2i_RSA_PUBKEY(RSA ** a,const unsigned char ** pp,long length)601 RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
602 {
603     EVP_PKEY *pkey;
604     RSA *key = NULL;
605     const unsigned char *q;
606 
607     q = *pp;
608     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
609     if (pkey == NULL)
610         return NULL;
611     key = EVP_PKEY_get1_RSA(pkey);
612     EVP_PKEY_free(pkey);
613     if (key == NULL)
614         return NULL;
615     *pp = q;
616     if (a != NULL) {
617         RSA_free(*a);
618         *a = key;
619     }
620     return key;
621 }
622 
i2d_RSA_PUBKEY(const RSA * a,unsigned char ** pp)623 int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp)
624 {
625     EVP_PKEY *pktmp;
626     int ret;
627     if (!a)
628         return 0;
629     pktmp = EVP_PKEY_new();
630     if (pktmp == NULL) {
631         ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
632         return -1;
633     }
634     (void)EVP_PKEY_assign_RSA(pktmp, (RSA *)a);
635     ret = i2d_PUBKEY(pktmp, pp);
636     pktmp->pkey.ptr = NULL;
637     EVP_PKEY_free(pktmp);
638     return ret;
639 }
640 
641 #ifndef OPENSSL_NO_DH
ossl_d2i_DH_PUBKEY(DH ** a,const unsigned char ** pp,long length)642 DH *ossl_d2i_DH_PUBKEY(DH **a, const unsigned char **pp, long length)
643 {
644     EVP_PKEY *pkey;
645     DH *key = NULL;
646     const unsigned char *q;
647 
648     q = *pp;
649     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
650     if (pkey == NULL)
651         return NULL;
652     if (EVP_PKEY_get_id(pkey) == EVP_PKEY_DH)
653         key = EVP_PKEY_get1_DH(pkey);
654     EVP_PKEY_free(pkey);
655     if (key == NULL)
656         return NULL;
657     *pp = q;
658     if (a != NULL) {
659         DH_free(*a);
660         *a = key;
661     }
662     return key;
663 }
664 
ossl_i2d_DH_PUBKEY(const DH * a,unsigned char ** pp)665 int ossl_i2d_DH_PUBKEY(const DH *a, unsigned char **pp)
666 {
667     EVP_PKEY *pktmp;
668     int ret;
669     if (!a)
670         return 0;
671     pktmp = EVP_PKEY_new();
672     if (pktmp == NULL) {
673         ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
674         return -1;
675     }
676     (void)EVP_PKEY_assign_DH(pktmp, (DH *)a);
677     ret = i2d_PUBKEY(pktmp, pp);
678     pktmp->pkey.ptr = NULL;
679     EVP_PKEY_free(pktmp);
680     return ret;
681 }
682 
ossl_d2i_DHx_PUBKEY(DH ** a,const unsigned char ** pp,long length)683 DH *ossl_d2i_DHx_PUBKEY(DH **a, const unsigned char **pp, long length)
684 {
685     EVP_PKEY *pkey;
686     DH *key = NULL;
687     const unsigned char *q;
688 
689     q = *pp;
690     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
691     if (pkey == NULL)
692         return NULL;
693     if (EVP_PKEY_get_id(pkey) == EVP_PKEY_DHX)
694         key = EVP_PKEY_get1_DH(pkey);
695     EVP_PKEY_free(pkey);
696     if (key == NULL)
697         return NULL;
698     *pp = q;
699     if (a != NULL) {
700         DH_free(*a);
701         *a = key;
702     }
703     return key;
704 }
705 
ossl_i2d_DHx_PUBKEY(const DH * a,unsigned char ** pp)706 int ossl_i2d_DHx_PUBKEY(const DH *a, unsigned char **pp)
707 {
708     EVP_PKEY *pktmp;
709     int ret;
710     if (!a)
711         return 0;
712     pktmp = EVP_PKEY_new();
713     if (pktmp == NULL) {
714         ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
715         return -1;
716     }
717     (void)EVP_PKEY_assign(pktmp, EVP_PKEY_DHX, (DH *)a);
718     ret = i2d_PUBKEY(pktmp, pp);
719     pktmp->pkey.ptr = NULL;
720     EVP_PKEY_free(pktmp);
721     return ret;
722 }
723 #endif
724 
725 #ifndef OPENSSL_NO_DSA
d2i_DSA_PUBKEY(DSA ** a,const unsigned char ** pp,long length)726 DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
727 {
728     EVP_PKEY *pkey;
729     DSA *key = NULL;
730     const unsigned char *q;
731 
732     q = *pp;
733     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
734     if (pkey == NULL)
735         return NULL;
736     key = EVP_PKEY_get1_DSA(pkey);
737     EVP_PKEY_free(pkey);
738     if (key == NULL)
739         return NULL;
740     *pp = q;
741     if (a != NULL) {
742         DSA_free(*a);
743         *a = key;
744     }
745     return key;
746 }
747 
748 /* Called from decoders; disallows provided DSA keys without parameters. */
ossl_d2i_DSA_PUBKEY(DSA ** a,const unsigned char ** pp,long length)749 DSA *ossl_d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
750 {
751     DSA *key = NULL;
752     const unsigned char *data;
753     const BIGNUM *p, *q, *g;
754 
755     data = *pp;
756     key = d2i_DSA_PUBKEY(NULL, &data, length);
757     if (key == NULL)
758         return NULL;
759     DSA_get0_pqg(key, &p, &q, &g);
760     if (p == NULL || q == NULL || g == NULL) {
761         DSA_free(key);
762         return NULL;
763     }
764     *pp = data;
765     if (a != NULL) {
766         DSA_free(*a);
767         *a = key;
768     }
769     return key;
770 }
771 
i2d_DSA_PUBKEY(const DSA * a,unsigned char ** pp)772 int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp)
773 {
774     EVP_PKEY *pktmp;
775     int ret;
776     if (!a)
777         return 0;
778     pktmp = EVP_PKEY_new();
779     if (pktmp == NULL) {
780         ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
781         return -1;
782     }
783     (void)EVP_PKEY_assign_DSA(pktmp, (DSA *)a);
784     ret = i2d_PUBKEY(pktmp, pp);
785     pktmp->pkey.ptr = NULL;
786     EVP_PKEY_free(pktmp);
787     return ret;
788 }
789 #endif
790 
791 #ifndef OPENSSL_NO_EC
d2i_EC_PUBKEY(EC_KEY ** a,const unsigned char ** pp,long length)792 EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
793 {
794     EVP_PKEY *pkey;
795     EC_KEY *key = NULL;
796     const unsigned char *q;
797     int type;
798 
799     q = *pp;
800     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
801     if (pkey == NULL)
802         return NULL;
803     type = EVP_PKEY_get_id(pkey);
804     if (type == EVP_PKEY_EC || type == EVP_PKEY_SM2)
805         key = EVP_PKEY_get1_EC_KEY(pkey);
806     EVP_PKEY_free(pkey);
807     if (key == NULL)
808         return NULL;
809     *pp = q;
810     if (a != NULL) {
811         EC_KEY_free(*a);
812         *a = key;
813     }
814     return key;
815 }
816 
i2d_EC_PUBKEY(const EC_KEY * a,unsigned char ** pp)817 int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp)
818 {
819     EVP_PKEY *pktmp;
820     int ret;
821 
822     if (a == NULL)
823         return 0;
824     if ((pktmp = EVP_PKEY_new()) == NULL) {
825         ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
826         return -1;
827     }
828     (void)EVP_PKEY_assign_EC_KEY(pktmp, (EC_KEY *)a);
829     ret = i2d_PUBKEY(pktmp, pp);
830     pktmp->pkey.ptr = NULL;
831     EVP_PKEY_free(pktmp);
832     return ret;
833 }
834 
ossl_d2i_ED25519_PUBKEY(ECX_KEY ** a,const unsigned char ** pp,long length)835 ECX_KEY *ossl_d2i_ED25519_PUBKEY(ECX_KEY **a,
836                                  const unsigned char **pp, long length)
837 {
838     EVP_PKEY *pkey;
839     ECX_KEY *key = NULL;
840     const unsigned char *q;
841 
842     q = *pp;
843     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
844     if (pkey == NULL)
845         return NULL;
846     key = ossl_evp_pkey_get1_ED25519(pkey);
847     EVP_PKEY_free(pkey);
848     if (key == NULL)
849         return NULL;
850     *pp = q;
851     if (a != NULL) {
852         ossl_ecx_key_free(*a);
853         *a = key;
854     }
855     return key;
856 }
857 
ossl_i2d_ED25519_PUBKEY(const ECX_KEY * a,unsigned char ** pp)858 int ossl_i2d_ED25519_PUBKEY(const ECX_KEY *a, unsigned char **pp)
859 {
860     EVP_PKEY *pktmp;
861     int ret;
862 
863     if (a == NULL)
864         return 0;
865     if ((pktmp = EVP_PKEY_new()) == NULL) {
866         ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
867         return -1;
868     }
869     (void)EVP_PKEY_assign(pktmp, EVP_PKEY_ED25519, (ECX_KEY *)a);
870     ret = i2d_PUBKEY(pktmp, pp);
871     pktmp->pkey.ptr = NULL;
872     EVP_PKEY_free(pktmp);
873     return ret;
874 }
875 
ossl_d2i_ED448_PUBKEY(ECX_KEY ** a,const unsigned char ** pp,long length)876 ECX_KEY *ossl_d2i_ED448_PUBKEY(ECX_KEY **a,
877                                const unsigned char **pp, long length)
878 {
879     EVP_PKEY *pkey;
880     ECX_KEY *key = NULL;
881     const unsigned char *q;
882 
883     q = *pp;
884     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
885     if (pkey == NULL)
886         return NULL;
887     if (EVP_PKEY_get_id(pkey) == EVP_PKEY_ED448)
888         key = ossl_evp_pkey_get1_ED448(pkey);
889     EVP_PKEY_free(pkey);
890     if (key == NULL)
891         return NULL;
892     *pp = q;
893     if (a != NULL) {
894         ossl_ecx_key_free(*a);
895         *a = key;
896     }
897     return key;
898 }
899 
ossl_i2d_ED448_PUBKEY(const ECX_KEY * a,unsigned char ** pp)900 int ossl_i2d_ED448_PUBKEY(const ECX_KEY *a, unsigned char **pp)
901 {
902     EVP_PKEY *pktmp;
903     int ret;
904 
905     if (a == NULL)
906         return 0;
907     if ((pktmp = EVP_PKEY_new()) == NULL) {
908         ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
909         return -1;
910     }
911     (void)EVP_PKEY_assign(pktmp, EVP_PKEY_ED448, (ECX_KEY *)a);
912     ret = i2d_PUBKEY(pktmp, pp);
913     pktmp->pkey.ptr = NULL;
914     EVP_PKEY_free(pktmp);
915     return ret;
916 }
917 
ossl_d2i_X25519_PUBKEY(ECX_KEY ** a,const unsigned char ** pp,long length)918 ECX_KEY *ossl_d2i_X25519_PUBKEY(ECX_KEY **a,
919                                 const unsigned char **pp, long length)
920 {
921     EVP_PKEY *pkey;
922     ECX_KEY *key = NULL;
923     const unsigned char *q;
924 
925     q = *pp;
926     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
927     if (pkey == NULL)
928         return NULL;
929     if (EVP_PKEY_get_id(pkey) == EVP_PKEY_X25519)
930         key = ossl_evp_pkey_get1_X25519(pkey);
931     EVP_PKEY_free(pkey);
932     if (key == NULL)
933         return NULL;
934     *pp = q;
935     if (a != NULL) {
936         ossl_ecx_key_free(*a);
937         *a = key;
938     }
939     return key;
940 }
941 
ossl_i2d_X25519_PUBKEY(const ECX_KEY * a,unsigned char ** pp)942 int ossl_i2d_X25519_PUBKEY(const ECX_KEY *a, unsigned char **pp)
943 {
944     EVP_PKEY *pktmp;
945     int ret;
946 
947     if (a == NULL)
948         return 0;
949     if ((pktmp = EVP_PKEY_new()) == NULL) {
950         ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
951         return -1;
952     }
953     (void)EVP_PKEY_assign(pktmp, EVP_PKEY_X25519, (ECX_KEY *)a);
954     ret = i2d_PUBKEY(pktmp, pp);
955     pktmp->pkey.ptr = NULL;
956     EVP_PKEY_free(pktmp);
957     return ret;
958 }
959 
ossl_d2i_X448_PUBKEY(ECX_KEY ** a,const unsigned char ** pp,long length)960 ECX_KEY *ossl_d2i_X448_PUBKEY(ECX_KEY **a,
961                               const unsigned char **pp, long length)
962 {
963     EVP_PKEY *pkey;
964     ECX_KEY *key = NULL;
965     const unsigned char *q;
966 
967     q = *pp;
968     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
969     if (pkey == NULL)
970         return NULL;
971     if (EVP_PKEY_get_id(pkey) == EVP_PKEY_X448)
972         key = ossl_evp_pkey_get1_X448(pkey);
973     EVP_PKEY_free(pkey);
974     if (key == NULL)
975         return NULL;
976     *pp = q;
977     if (a != NULL) {
978         ossl_ecx_key_free(*a);
979         *a = key;
980     }
981     return key;
982 }
983 
ossl_i2d_X448_PUBKEY(const ECX_KEY * a,unsigned char ** pp)984 int ossl_i2d_X448_PUBKEY(const ECX_KEY *a, unsigned char **pp)
985 {
986     EVP_PKEY *pktmp;
987     int ret;
988 
989     if (a == NULL)
990         return 0;
991     if ((pktmp = EVP_PKEY_new()) == NULL) {
992         ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
993         return -1;
994     }
995     (void)EVP_PKEY_assign(pktmp, EVP_PKEY_X448, (ECX_KEY *)a);
996     ret = i2d_PUBKEY(pktmp, pp);
997     pktmp->pkey.ptr = NULL;
998     EVP_PKEY_free(pktmp);
999     return ret;
1000 }
1001 
1002 #endif
1003 
X509_PUBKEY_set0_param(X509_PUBKEY * pub,ASN1_OBJECT * aobj,int ptype,void * pval,unsigned char * penc,int penclen)1004 int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
1005                            int ptype, void *pval,
1006                            unsigned char *penc, int penclen)
1007 {
1008     if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
1009         return 0;
1010     if (penc) {
1011         OPENSSL_free(pub->public_key->data);
1012         pub->public_key->data = penc;
1013         pub->public_key->length = penclen;
1014         /* Set number of unused bits to zero */
1015         pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
1016         pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
1017     }
1018     return 1;
1019 }
1020 
X509_PUBKEY_get0_param(ASN1_OBJECT ** ppkalg,const unsigned char ** pk,int * ppklen,X509_ALGOR ** pa,const X509_PUBKEY * pub)1021 int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
1022                            const unsigned char **pk, int *ppklen,
1023                            X509_ALGOR **pa, const X509_PUBKEY *pub)
1024 {
1025     if (ppkalg)
1026         *ppkalg = pub->algor->algorithm;
1027     if (pk) {
1028         *pk = pub->public_key->data;
1029         *ppklen = pub->public_key->length;
1030     }
1031     if (pa)
1032         *pa = pub->algor;
1033     return 1;
1034 }
1035 
X509_get0_pubkey_bitstr(const X509 * x)1036 ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
1037 {
1038     if (x == NULL)
1039         return NULL;
1040     return x->cert_info.key->public_key;
1041 }
1042 
1043 /* Returns 1 for equal, 0, for non-equal, < 0 on error */
X509_PUBKEY_eq(const X509_PUBKEY * a,const X509_PUBKEY * b)1044 int X509_PUBKEY_eq(const X509_PUBKEY *a, const X509_PUBKEY *b)
1045 {
1046     X509_ALGOR *algA, *algB;
1047     EVP_PKEY *pA, *pB;
1048 
1049     if (a == b)
1050         return 1;
1051     if (a == NULL || b == NULL)
1052         return 0;
1053     if (!X509_PUBKEY_get0_param(NULL, NULL, NULL, &algA, a) || algA == NULL
1054         || !X509_PUBKEY_get0_param(NULL, NULL, NULL, &algB, b) || algB == NULL)
1055         return -2;
1056     if (X509_ALGOR_cmp(algA, algB) != 0)
1057         return 0;
1058     if ((pA = X509_PUBKEY_get0(a)) == NULL
1059         || (pB = X509_PUBKEY_get0(b)) == NULL)
1060         return -2;
1061     return EVP_PKEY_eq(pA, pB);
1062 }
1063 
ossl_x509_PUBKEY_get0_libctx(OSSL_LIB_CTX ** plibctx,const char ** ppropq,const X509_PUBKEY * key)1064 int ossl_x509_PUBKEY_get0_libctx(OSSL_LIB_CTX **plibctx, const char **ppropq,
1065                                  const X509_PUBKEY *key)
1066 {
1067     if (plibctx)
1068         *plibctx = key->libctx;
1069     if (ppropq)
1070         *ppropq = key->propq;
1071     return 1;
1072 }
1073