1/* 2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10/* 11 * DSA low level APIs are deprecated for public use, but still ok for 12 * internal use. 13 */ 14#include "internal/deprecated.h" 15 16#include <assert.h> 17#include <stdio.h> 18#include "internal/cryptlib.h" 19#include "internal/refcount.h" 20#include "internal/namemap.h" 21#include <openssl/bn.h> 22#include <openssl/err.h> 23#include <openssl/objects.h> 24#include <openssl/evp.h> 25#include <openssl/rsa.h> 26#include <openssl/dsa.h> 27#include <openssl/dh.h> 28#include <openssl/ec.h> 29#include <openssl/cmac.h> 30#ifndef FIPS_MODULE 31# include <openssl/engine.h> 32#endif 33#include <openssl/params.h> 34#include <openssl/param_build.h> 35#include <openssl/encoder.h> 36#include <openssl/core_names.h> 37 38#include "internal/numbers.h" /* includes SIZE_MAX */ 39#include "internal/ffc.h" 40#include "crypto/evp.h" 41#include "crypto/dh.h" 42#include "crypto/dsa.h" 43#include "crypto/ec.h" 44#include "crypto/ecx.h" 45#include "crypto/rsa.h" 46#ifndef FIPS_MODULE 47# include "crypto/asn1.h" 48# include "crypto/x509.h" 49#endif 50#include "internal/provider.h" 51#include "evp_local.h" 52 53static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, 54 int len, EVP_KEYMGMT *keymgmt); 55static void evp_pkey_free_it(EVP_PKEY *key); 56 57#ifndef FIPS_MODULE 58 59/* The type of parameters selected in key parameter functions */ 60# define SELECT_PARAMETERS OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS 61 62int EVP_PKEY_get_bits(const EVP_PKEY *pkey) 63{ 64 int size = 0; 65 66 if (pkey != NULL) { 67 size = pkey->cache.bits; 68 if (pkey->ameth != NULL && pkey->ameth->pkey_bits != NULL) 69 size = pkey->ameth->pkey_bits(pkey); 70 } 71 return size < 0 ? 0 : size; 72} 73 74int EVP_PKEY_get_security_bits(const EVP_PKEY *pkey) 75{ 76 int size = 0; 77 78 if (pkey != NULL) { 79 size = pkey->cache.security_bits; 80 if (pkey->ameth != NULL && pkey->ameth->pkey_security_bits != NULL) 81 size = pkey->ameth->pkey_security_bits(pkey); 82 } 83 return size < 0 ? 0 : size; 84} 85 86int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) 87{ 88# ifndef OPENSSL_NO_DSA 89 if (pkey->type == EVP_PKEY_DSA) { 90 int ret = pkey->save_parameters; 91 92 if (mode >= 0) 93 pkey->save_parameters = mode; 94 return ret; 95 } 96# endif 97# ifndef OPENSSL_NO_EC 98 if (pkey->type == EVP_PKEY_EC) { 99 int ret = pkey->save_parameters; 100 101 if (mode >= 0) 102 pkey->save_parameters = mode; 103 return ret; 104 } 105# endif 106 return 0; 107} 108 109int EVP_PKEY_set_ex_data(EVP_PKEY *key, int idx, void *arg) 110{ 111 return CRYPTO_set_ex_data(&key->ex_data, idx, arg); 112} 113 114void *EVP_PKEY_get_ex_data(const EVP_PKEY *key, int idx) 115{ 116 return CRYPTO_get_ex_data(&key->ex_data, idx); 117} 118 119int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 120{ 121 /* 122 * Clean up legacy stuff from this function when legacy support is gone. 123 */ 124 125 EVP_PKEY *downgraded_from = NULL; 126 int ok = 0; 127 128 /* 129 * If |to| is a legacy key and |from| isn't, we must make a downgraded 130 * copy of |from|. If that fails, this function fails. 131 */ 132 if (evp_pkey_is_legacy(to) && evp_pkey_is_provided(from)) { 133 if (!evp_pkey_copy_downgraded(&downgraded_from, from)) 134 goto end; 135 from = downgraded_from; 136 } 137 138 /* 139 * Make sure |to| is typed. Content is less important at this early 140 * stage. 141 * 142 * 1. If |to| is untyped, assign |from|'s key type to it. 143 * 2. If |to| contains a legacy key, compare its |type| to |from|'s. 144 * (|from| was already downgraded above) 145 * 146 * If |to| is a provided key, there's nothing more to do here, functions 147 * like evp_keymgmt_util_copy() and evp_pkey_export_to_provider() called 148 * further down help us find out if they are the same or not. 149 */ 150 if (evp_pkey_is_blank(to)) { 151 if (evp_pkey_is_legacy(from)) { 152 if (EVP_PKEY_set_type(to, from->type) == 0) 153 goto end; 154 } else { 155 if (EVP_PKEY_set_type_by_keymgmt(to, from->keymgmt) == 0) 156 goto end; 157 } 158 } else if (evp_pkey_is_legacy(to)) { 159 if (to->type != from->type) { 160 ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES); 161 goto end; 162 } 163 } 164 165 if (EVP_PKEY_missing_parameters(from)) { 166 ERR_raise(ERR_LIB_EVP, EVP_R_MISSING_PARAMETERS); 167 goto end; 168 } 169 170 if (!EVP_PKEY_missing_parameters(to)) { 171 if (EVP_PKEY_parameters_eq(to, from) == 1) 172 ok = 1; 173 else 174 ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_PARAMETERS); 175 goto end; 176 } 177 178 /* For purely provided keys, we just call the keymgmt utility */ 179 if (to->keymgmt != NULL && from->keymgmt != NULL) { 180 ok = evp_keymgmt_util_copy(to, (EVP_PKEY *)from, SELECT_PARAMETERS); 181 goto end; 182 } 183 184 /* 185 * If |to| is provided, we know that |from| is legacy at this point. 186 * Try exporting |from| to |to|'s keymgmt, then use evp_keymgmt_dup() 187 * to copy the appropriate data to |to|'s keydata. 188 * We cannot override existing data so do it only if there is no keydata 189 * in |to| yet. 190 */ 191 if (to->keymgmt != NULL && to->keydata == NULL) { 192 EVP_KEYMGMT *to_keymgmt = to->keymgmt; 193 void *from_keydata = 194 evp_pkey_export_to_provider((EVP_PKEY *)from, NULL, &to_keymgmt, 195 NULL); 196 197 /* 198 * If we get a NULL, it could be an internal error, or it could be 199 * that there's a key mismatch. We're pretending the latter... 200 */ 201 if (from_keydata == NULL) 202 ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES); 203 else 204 ok = (to->keydata = evp_keymgmt_dup(to->keymgmt, 205 from_keydata, 206 SELECT_PARAMETERS)) != NULL; 207 goto end; 208 } 209 210 /* Both keys are legacy */ 211 if (from->ameth != NULL && from->ameth->param_copy != NULL) 212 ok = from->ameth->param_copy(to, from); 213 end: 214 EVP_PKEY_free(downgraded_from); 215 return ok; 216} 217 218int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) 219{ 220 if (pkey != NULL) { 221 if (pkey->keymgmt != NULL) 222 return !evp_keymgmt_util_has((EVP_PKEY *)pkey, SELECT_PARAMETERS); 223 else if (pkey->ameth != NULL && pkey->ameth->param_missing != NULL) 224 return pkey->ameth->param_missing(pkey); 225 } 226 return 0; 227} 228 229/* 230 * This function is called for any mixture of keys except pure legacy pair. 231 * When legacy keys are gone, we replace a call to this functions with 232 * a call to evp_keymgmt_util_match(). 233 */ 234static int evp_pkey_cmp_any(const EVP_PKEY *a, const EVP_PKEY *b, 235 int selection) 236{ 237 EVP_KEYMGMT *keymgmt1 = NULL, *keymgmt2 = NULL; 238 void *keydata1 = NULL, *keydata2 = NULL, *tmp_keydata = NULL; 239 240 /* If none of them are provided, this function shouldn't have been called */ 241 if (!ossl_assert(evp_pkey_is_provided(a) || evp_pkey_is_provided(b))) 242 return -2; 243 244 /* For purely provided keys, we just call the keymgmt utility */ 245 if (evp_pkey_is_provided(a) && evp_pkey_is_provided(b)) 246 return evp_keymgmt_util_match((EVP_PKEY *)a, (EVP_PKEY *)b, selection); 247 248 /* 249 * At this point, one of them is provided, the other not. This allows 250 * us to compare types using legacy NIDs. 251 */ 252 if (evp_pkey_is_legacy(a) 253 && !EVP_KEYMGMT_is_a(b->keymgmt, OBJ_nid2sn(a->type))) 254 return -1; /* not the same key type */ 255 if (evp_pkey_is_legacy(b) 256 && !EVP_KEYMGMT_is_a(a->keymgmt, OBJ_nid2sn(b->type))) 257 return -1; /* not the same key type */ 258 259 /* 260 * We've determined that they both are the same keytype, so the next 261 * step is to do a bit of cross export to ensure we have keydata for 262 * both keys in the same keymgmt. 263 */ 264 keymgmt1 = a->keymgmt; 265 keydata1 = a->keydata; 266 keymgmt2 = b->keymgmt; 267 keydata2 = b->keydata; 268 269 if (keymgmt2 != NULL && keymgmt2->match != NULL) { 270 tmp_keydata = 271 evp_pkey_export_to_provider((EVP_PKEY *)a, NULL, &keymgmt2, NULL); 272 if (tmp_keydata != NULL) { 273 keymgmt1 = keymgmt2; 274 keydata1 = tmp_keydata; 275 } 276 } 277 if (tmp_keydata == NULL && keymgmt1 != NULL && keymgmt1->match != NULL) { 278 tmp_keydata = 279 evp_pkey_export_to_provider((EVP_PKEY *)b, NULL, &keymgmt1, NULL); 280 if (tmp_keydata != NULL) { 281 keymgmt2 = keymgmt1; 282 keydata2 = tmp_keydata; 283 } 284 } 285 286 /* If we still don't have matching keymgmt implementations, we give up */ 287 if (keymgmt1 != keymgmt2) 288 return -2; 289 290 /* If the keymgmt implementations are NULL, the export failed */ 291 if (keymgmt1 == NULL) 292 return -2; 293 294 return evp_keymgmt_match(keymgmt1, keydata1, keydata2, selection); 295} 296 297# ifndef OPENSSL_NO_DEPRECATED_3_0 298int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 299{ 300 return EVP_PKEY_parameters_eq(a, b); 301} 302#endif 303 304int EVP_PKEY_parameters_eq(const EVP_PKEY *a, const EVP_PKEY *b) 305{ 306 /* 307 * This will just call evp_keymgmt_util_match when legacy support 308 * is gone. 309 */ 310 311 if (a->keymgmt != NULL || b->keymgmt != NULL) 312 return evp_pkey_cmp_any(a, b, SELECT_PARAMETERS); 313 314 /* All legacy keys */ 315 if (a->type != b->type) 316 return -1; 317 if (a->ameth != NULL && a->ameth->param_cmp != NULL) 318 return a->ameth->param_cmp(a, b); 319 return -2; 320} 321 322# ifndef OPENSSL_NO_DEPRECATED_3_0 323int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 324{ 325 return EVP_PKEY_eq(a, b); 326} 327#endif 328 329int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b) 330{ 331 /* 332 * This will just call evp_keymgmt_util_match when legacy support 333 * is gone. 334 */ 335 336 /* Trivial shortcuts */ 337 if (a == b) 338 return 1; 339 if (a == NULL || b == NULL) 340 return 0; 341 342 if (a->keymgmt != NULL || b->keymgmt != NULL) { 343 int selection = SELECT_PARAMETERS; 344 345 if (evp_keymgmt_util_has((EVP_PKEY *)a, OSSL_KEYMGMT_SELECT_PUBLIC_KEY) 346 && evp_keymgmt_util_has((EVP_PKEY *)b, OSSL_KEYMGMT_SELECT_PUBLIC_KEY)) 347 selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY; 348 else 349 selection |= OSSL_KEYMGMT_SELECT_KEYPAIR; 350 return evp_pkey_cmp_any(a, b, selection); 351 } 352 353 /* All legacy keys */ 354 if (a->type != b->type) 355 return -1; 356 357 if (a->ameth != NULL) { 358 int ret; 359 /* Compare parameters if the algorithm has them */ 360 if (a->ameth->param_cmp != NULL) { 361 ret = a->ameth->param_cmp(a, b); 362 if (ret <= 0) 363 return ret; 364 } 365 366 if (a->ameth->pub_cmp != NULL) 367 return a->ameth->pub_cmp(a, b); 368 } 369 370 return -2; 371} 372 373 374static EVP_PKEY *new_raw_key_int(OSSL_LIB_CTX *libctx, 375 const char *strtype, 376 const char *propq, 377 int nidtype, 378 ENGINE *e, 379 const unsigned char *key, 380 size_t len, 381 int key_is_priv) 382{ 383 EVP_PKEY *pkey = NULL; 384 EVP_PKEY_CTX *ctx = NULL; 385 const EVP_PKEY_ASN1_METHOD *ameth = NULL; 386 int result = 0; 387 388# ifndef OPENSSL_NO_ENGINE 389 /* Check if there is an Engine for this type */ 390 if (e == NULL) { 391 ENGINE *tmpe = NULL; 392 393 if (strtype != NULL) 394 ameth = EVP_PKEY_asn1_find_str(&tmpe, strtype, -1); 395 else if (nidtype != EVP_PKEY_NONE) 396 ameth = EVP_PKEY_asn1_find(&tmpe, nidtype); 397 398 /* If tmpe is NULL then no engine is claiming to support this type */ 399 if (tmpe == NULL) 400 ameth = NULL; 401 402 ENGINE_finish(tmpe); 403 } 404# endif 405 406 if (e == NULL && ameth == NULL) { 407 /* 408 * No engine is claiming to support this type, so lets see if we have 409 * a provider. 410 */ 411 ctx = EVP_PKEY_CTX_new_from_name(libctx, 412 strtype != NULL ? strtype 413 : OBJ_nid2sn(nidtype), 414 propq); 415 if (ctx == NULL) 416 goto err; 417 /* May fail if no provider available */ 418 ERR_set_mark(); 419 if (EVP_PKEY_fromdata_init(ctx) == 1) { 420 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END }; 421 422 ERR_clear_last_mark(); 423 params[0] = OSSL_PARAM_construct_octet_string( 424 key_is_priv ? OSSL_PKEY_PARAM_PRIV_KEY 425 : OSSL_PKEY_PARAM_PUB_KEY, 426 (void *)key, len); 427 428 if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) != 1) { 429 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 430 goto err; 431 } 432 433 EVP_PKEY_CTX_free(ctx); 434 435 return pkey; 436 } 437 ERR_pop_to_mark(); 438 /* else not supported so fallback to legacy */ 439 } 440 441 /* Legacy code path */ 442 443 pkey = EVP_PKEY_new(); 444 if (pkey == NULL) { 445 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 446 goto err; 447 } 448 449 if (!pkey_set_type(pkey, e, nidtype, strtype, -1, NULL)) { 450 /* EVPerr already called */ 451 goto err; 452 } 453 454 if (!ossl_assert(pkey->ameth != NULL)) 455 goto err; 456 457 if (key_is_priv) { 458 if (pkey->ameth->set_priv_key == NULL) { 459 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 460 goto err; 461 } 462 463 if (!pkey->ameth->set_priv_key(pkey, key, len)) { 464 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 465 goto err; 466 } 467 } else { 468 if (pkey->ameth->set_pub_key == NULL) { 469 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 470 goto err; 471 } 472 473 if (!pkey->ameth->set_pub_key(pkey, key, len)) { 474 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 475 goto err; 476 } 477 } 478 479 result = 1; 480 err: 481 if (!result) { 482 EVP_PKEY_free(pkey); 483 pkey = NULL; 484 } 485 EVP_PKEY_CTX_free(ctx); 486 return pkey; 487} 488 489EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OSSL_LIB_CTX *libctx, 490 const char *keytype, 491 const char *propq, 492 const unsigned char *priv, size_t len) 493{ 494 return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, priv, 495 len, 1); 496} 497 498EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, 499 const unsigned char *priv, 500 size_t len) 501{ 502 return new_raw_key_int(NULL, NULL, NULL, type, e, priv, len, 1); 503} 504 505EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OSSL_LIB_CTX *libctx, 506 const char *keytype, const char *propq, 507 const unsigned char *pub, size_t len) 508{ 509 return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, pub, 510 len, 0); 511} 512 513EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e, 514 const unsigned char *pub, 515 size_t len) 516{ 517 return new_raw_key_int(NULL, NULL, NULL, type, e, pub, len, 0); 518} 519 520struct raw_key_details_st 521{ 522 unsigned char **key; 523 size_t *len; 524 int selection; 525}; 526 527static OSSL_CALLBACK get_raw_key_details; 528static int get_raw_key_details(const OSSL_PARAM params[], void *arg) 529{ 530 const OSSL_PARAM *p = NULL; 531 struct raw_key_details_st *raw_key = arg; 532 533 if (raw_key->selection == OSSL_KEYMGMT_SELECT_PRIVATE_KEY) { 534 if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY)) 535 != NULL) 536 return OSSL_PARAM_get_octet_string(p, (void **)raw_key->key, 537 raw_key->key == NULL ? 0 : *raw_key->len, 538 raw_key->len); 539 } else if (raw_key->selection == OSSL_KEYMGMT_SELECT_PUBLIC_KEY) { 540 if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY)) 541 != NULL) 542 return OSSL_PARAM_get_octet_string(p, (void **)raw_key->key, 543 raw_key->key == NULL ? 0 : *raw_key->len, 544 raw_key->len); 545 } 546 547 return 0; 548} 549 550int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv, 551 size_t *len) 552{ 553 if (pkey->keymgmt != NULL) { 554 struct raw_key_details_st raw_key; 555 556 raw_key.key = priv == NULL ? NULL : &priv; 557 raw_key.len = len; 558 raw_key.selection = OSSL_KEYMGMT_SELECT_PRIVATE_KEY; 559 560 return evp_keymgmt_util_export(pkey, OSSL_KEYMGMT_SELECT_PRIVATE_KEY, 561 get_raw_key_details, &raw_key); 562 } 563 564 if (pkey->ameth == NULL) { 565 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 566 return 0; 567 } 568 569 if (pkey->ameth->get_priv_key == NULL) { 570 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 571 return 0; 572 } 573 574 if (!pkey->ameth->get_priv_key(pkey, priv, len)) { 575 ERR_raise(ERR_LIB_EVP, EVP_R_GET_RAW_KEY_FAILED); 576 return 0; 577 } 578 579 return 1; 580} 581 582int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub, 583 size_t *len) 584{ 585 if (pkey->keymgmt != NULL) { 586 struct raw_key_details_st raw_key; 587 588 raw_key.key = pub == NULL ? NULL : &pub; 589 raw_key.len = len; 590 raw_key.selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY; 591 592 return evp_keymgmt_util_export(pkey, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, 593 get_raw_key_details, &raw_key); 594 } 595 596 if (pkey->ameth == NULL) { 597 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 598 return 0; 599 } 600 601 if (pkey->ameth->get_pub_key == NULL) { 602 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 603 return 0; 604 } 605 606 if (!pkey->ameth->get_pub_key(pkey, pub, len)) { 607 ERR_raise(ERR_LIB_EVP, EVP_R_GET_RAW_KEY_FAILED); 608 return 0; 609 } 610 611 return 1; 612} 613 614static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len, 615 const char *cipher_name, 616 const EVP_CIPHER *cipher, 617 OSSL_LIB_CTX *libctx, 618 const char *propq, ENGINE *e) 619{ 620# ifndef OPENSSL_NO_CMAC 621# ifndef OPENSSL_NO_ENGINE 622 const char *engine_id = e != NULL ? ENGINE_get_id(e) : NULL; 623# endif 624 OSSL_PARAM params[5], *p = params; 625 EVP_PKEY *pkey = NULL; 626 EVP_PKEY_CTX *ctx; 627 628 if (cipher != NULL) 629 cipher_name = EVP_CIPHER_get0_name(cipher); 630 631 if (cipher_name == NULL) { 632 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 633 return NULL; 634 } 635 636 ctx = EVP_PKEY_CTX_new_from_name(libctx, "CMAC", propq); 637 if (ctx == NULL) 638 goto err; 639 640 if (EVP_PKEY_fromdata_init(ctx) <= 0) { 641 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 642 goto err; 643 } 644 645 *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, 646 (void *)priv, len); 647 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_CIPHER, 648 (char *)cipher_name, 0); 649 if (propq != NULL) 650 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_PROPERTIES, 651 (char *)propq, 0); 652# ifndef OPENSSL_NO_ENGINE 653 if (engine_id != NULL) 654 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_ENGINE, 655 (char *)engine_id, 0); 656# endif 657 *p = OSSL_PARAM_construct_end(); 658 659 if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) { 660 ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); 661 goto err; 662 } 663 664 err: 665 EVP_PKEY_CTX_free(ctx); 666 667 return pkey; 668# else 669 ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 670 return NULL; 671# endif 672} 673 674EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, 675 size_t len, const EVP_CIPHER *cipher) 676{ 677 return new_cmac_key_int(priv, len, NULL, cipher, NULL, NULL, e); 678} 679 680int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) 681{ 682 return pkey_set_type(pkey, NULL, type, NULL, -1, NULL); 683} 684 685int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) 686{ 687 return pkey_set_type(pkey, NULL, EVP_PKEY_NONE, str, len, NULL); 688} 689 690# ifndef OPENSSL_NO_ENGINE 691int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *e) 692{ 693 if (e != NULL) { 694 if (!ENGINE_init(e)) { 695 ERR_raise(ERR_LIB_EVP, ERR_R_ENGINE_LIB); 696 return 0; 697 } 698 if (ENGINE_get_pkey_meth(e, pkey->type) == NULL) { 699 ENGINE_finish(e); 700 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM); 701 return 0; 702 } 703 } 704 ENGINE_finish(pkey->pmeth_engine); 705 pkey->pmeth_engine = e; 706 return 1; 707} 708 709ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey) 710{ 711 return pkey->engine; 712} 713# endif 714 715# ifndef OPENSSL_NO_DEPRECATED_3_0 716static void detect_foreign_key(EVP_PKEY *pkey) 717{ 718 switch (pkey->type) { 719 case EVP_PKEY_RSA: 720 pkey->foreign = pkey->pkey.rsa != NULL 721 && ossl_rsa_is_foreign(pkey->pkey.rsa); 722 break; 723# ifndef OPENSSL_NO_EC 724 case EVP_PKEY_SM2: 725 case EVP_PKEY_EC: 726 pkey->foreign = pkey->pkey.ec != NULL 727 && ossl_ec_key_is_foreign(pkey->pkey.ec); 728 break; 729# endif 730# ifndef OPENSSL_NO_DSA 731 case EVP_PKEY_DSA: 732 pkey->foreign = pkey->pkey.dsa != NULL 733 && ossl_dsa_is_foreign(pkey->pkey.dsa); 734 break; 735#endif 736# ifndef OPENSSL_NO_DH 737 case EVP_PKEY_DH: 738 pkey->foreign = pkey->pkey.dh != NULL 739 && ossl_dh_is_foreign(pkey->pkey.dh); 740 break; 741#endif 742 default: 743 pkey->foreign = 0; 744 break; 745 } 746} 747 748int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) 749{ 750# ifndef OPENSSL_NO_EC 751 int pktype; 752 753 pktype = EVP_PKEY_type(type); 754 if ((key != NULL) && (pktype == EVP_PKEY_EC || pktype == EVP_PKEY_SM2)) { 755 const EC_GROUP *group = EC_KEY_get0_group(key); 756 757 if (group != NULL) { 758 int curve = EC_GROUP_get_curve_name(group); 759 760 /* 761 * Regardless of what is requested the SM2 curve must be SM2 type, 762 * and non SM2 curves are EC type. 763 */ 764 if (curve == NID_sm2 && pktype == EVP_PKEY_EC) 765 type = EVP_PKEY_SM2; 766 else if(curve != NID_sm2 && pktype == EVP_PKEY_SM2) 767 type = EVP_PKEY_EC; 768 } 769 } 770# endif 771 772 if (pkey == NULL || !EVP_PKEY_set_type(pkey, type)) 773 return 0; 774 775 pkey->pkey.ptr = key; 776 detect_foreign_key(pkey); 777 778 return (key != NULL); 779} 780# endif 781 782void *EVP_PKEY_get0(const EVP_PKEY *pkey) 783{ 784 if (pkey == NULL) 785 return NULL; 786 787 if (!evp_pkey_is_provided(pkey)) 788 return pkey->pkey.ptr; 789 790 return NULL; 791} 792 793const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) 794{ 795 const ASN1_OCTET_STRING *os = NULL; 796 if (pkey->type != EVP_PKEY_HMAC) { 797 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_AN_HMAC_KEY); 798 return NULL; 799 } 800 os = evp_pkey_get_legacy((EVP_PKEY *)pkey); 801 if (os != NULL) { 802 *len = os->length; 803 return os->data; 804 } 805 return NULL; 806} 807 808# ifndef OPENSSL_NO_POLY1305 809const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len) 810{ 811 const ASN1_OCTET_STRING *os = NULL; 812 if (pkey->type != EVP_PKEY_POLY1305) { 813 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_POLY1305_KEY); 814 return NULL; 815 } 816 os = evp_pkey_get_legacy((EVP_PKEY *)pkey); 817 if (os != NULL) { 818 *len = os->length; 819 return os->data; 820 } 821 return NULL; 822} 823# endif 824 825# ifndef OPENSSL_NO_SIPHASH 826const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len) 827{ 828 const ASN1_OCTET_STRING *os = NULL; 829 830 if (pkey->type != EVP_PKEY_SIPHASH) { 831 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_SIPHASH_KEY); 832 return NULL; 833 } 834 os = evp_pkey_get_legacy((EVP_PKEY *)pkey); 835 if (os != NULL) { 836 *len = os->length; 837 return os->data; 838 } 839 return NULL; 840} 841# endif 842 843# ifndef OPENSSL_NO_DSA 844static DSA *evp_pkey_get0_DSA_int(const EVP_PKEY *pkey) 845{ 846 if (pkey->type != EVP_PKEY_DSA) { 847 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_DSA_KEY); 848 return NULL; 849 } 850 return evp_pkey_get_legacy((EVP_PKEY *)pkey); 851} 852 853const DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey) 854{ 855 return evp_pkey_get0_DSA_int(pkey); 856} 857 858int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) 859{ 860 int ret = EVP_PKEY_assign_DSA(pkey, key); 861 if (ret) 862 DSA_up_ref(key); 863 return ret; 864} 865DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 866{ 867 DSA *ret = evp_pkey_get0_DSA_int(pkey); 868 869 if (ret != NULL) 870 DSA_up_ref(ret); 871 return ret; 872} 873# endif /* OPENSSL_NO_DSA */ 874 875# ifndef OPENSSL_NO_EC 876static const ECX_KEY *evp_pkey_get0_ECX_KEY(const EVP_PKEY *pkey, int type) 877{ 878 if (EVP_PKEY_get_base_id(pkey) != type) { 879 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_ECX_KEY); 880 return NULL; 881 } 882 return evp_pkey_get_legacy((EVP_PKEY *)pkey); 883} 884 885static ECX_KEY *evp_pkey_get1_ECX_KEY(EVP_PKEY *pkey, int type) 886{ 887 ECX_KEY *ret = (ECX_KEY *)evp_pkey_get0_ECX_KEY(pkey, type); 888 889 if (ret != NULL && !ossl_ecx_key_up_ref(ret)) 890 ret = NULL; 891 return ret; 892} 893 894# define IMPLEMENT_ECX_VARIANT(NAME) \ 895 ECX_KEY *ossl_evp_pkey_get1_##NAME(EVP_PKEY *pkey) \ 896 { \ 897 return evp_pkey_get1_ECX_KEY(pkey, EVP_PKEY_##NAME); \ 898 } 899IMPLEMENT_ECX_VARIANT(X25519) 900IMPLEMENT_ECX_VARIANT(X448) 901IMPLEMENT_ECX_VARIANT(ED25519) 902IMPLEMENT_ECX_VARIANT(ED448) 903 904# endif 905 906# if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0) 907 908int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *dhkey) 909{ 910 int ret, type; 911 912 /* 913 * ossl_dh_is_named_safe_prime_group() returns 1 for named safe prime groups 914 * related to ffdhe and modp (which cache q = (p - 1) / 2), 915 * and returns 0 for all other dh parameter generation types including 916 * RFC5114 named groups. 917 * 918 * The EVP_PKEY_DH type is used for dh parameter generation types: 919 * - named safe prime groups related to ffdhe and modp 920 * - safe prime generator 921 * 922 * The type EVP_PKEY_DHX is used for dh parameter generation types 923 * - fips186-4 and fips186-2 924 * - rfc5114 named groups. 925 * 926 * The EVP_PKEY_DH type is used to save PKCS#3 data than can be stored 927 * without a q value. 928 * The EVP_PKEY_DHX type is used to save X9.42 data that requires the 929 * q value to be stored. 930 */ 931 if (ossl_dh_is_named_safe_prime_group(dhkey)) 932 type = EVP_PKEY_DH; 933 else 934 type = DH_get0_q(dhkey) == NULL ? EVP_PKEY_DH : EVP_PKEY_DHX; 935 936 ret = EVP_PKEY_assign(pkey, type, dhkey); 937 938 if (ret) 939 DH_up_ref(dhkey); 940 return ret; 941} 942 943DH *evp_pkey_get0_DH_int(const EVP_PKEY *pkey) 944{ 945 if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) { 946 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_DH_KEY); 947 return NULL; 948 } 949 return evp_pkey_get_legacy((EVP_PKEY *)pkey); 950} 951 952const DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey) 953{ 954 return evp_pkey_get0_DH_int(pkey); 955} 956 957DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) 958{ 959 DH *ret = evp_pkey_get0_DH_int(pkey); 960 961 if (ret != NULL) 962 DH_up_ref(ret); 963 return ret; 964} 965# endif 966 967int EVP_PKEY_type(int type) 968{ 969 int ret; 970 const EVP_PKEY_ASN1_METHOD *ameth; 971 ENGINE *e; 972 ameth = EVP_PKEY_asn1_find(&e, type); 973 if (ameth) 974 ret = ameth->pkey_id; 975 else 976 ret = NID_undef; 977# ifndef OPENSSL_NO_ENGINE 978 ENGINE_finish(e); 979# endif 980 return ret; 981} 982 983int EVP_PKEY_get_id(const EVP_PKEY *pkey) 984{ 985 return pkey->type; 986} 987 988int EVP_PKEY_get_base_id(const EVP_PKEY *pkey) 989{ 990 return EVP_PKEY_type(pkey->type); 991} 992 993/* 994 * These hard coded cases are pure hackery to get around the fact 995 * that names in crypto/objects/objects.txt are a mess. There is 996 * no "EC", and "RSA" leads to the NID for 2.5.8.1.1, an OID that's 997 * fallen out in favor of { pkcs-1 1 }, i.e. 1.2.840.113549.1.1.1, 998 * the NID of which is used for EVP_PKEY_RSA. Strangely enough, 999 * "DSA" is accurate... but still, better be safe and hard-code 1000 * names that we know. 1001 * On a similar topic, EVP_PKEY_type(EVP_PKEY_SM2) will result in 1002 * EVP_PKEY_EC, because of aliasing. 1003 * This should be cleaned away along with all other #legacy support. 1004 */ 1005static const OSSL_ITEM standard_name2type[] = { 1006 { EVP_PKEY_RSA, "RSA" }, 1007 { EVP_PKEY_RSA_PSS, "RSA-PSS" }, 1008 { EVP_PKEY_EC, "EC" }, 1009 { EVP_PKEY_ED25519, "ED25519" }, 1010 { EVP_PKEY_ED448, "ED448" }, 1011 { EVP_PKEY_X25519, "X25519" }, 1012 { EVP_PKEY_X448, "X448" }, 1013 { EVP_PKEY_SM2, "SM2" }, 1014 { EVP_PKEY_DH, "DH" }, 1015 { EVP_PKEY_DHX, "X9.42 DH" }, 1016 { EVP_PKEY_DHX, "DHX" }, 1017 { EVP_PKEY_DSA, "DSA" }, 1018}; 1019 1020int evp_pkey_name2type(const char *name) 1021{ 1022 int type; 1023 size_t i; 1024 1025 for (i = 0; i < OSSL_NELEM(standard_name2type); i++) { 1026 if (OPENSSL_strcasecmp(name, standard_name2type[i].ptr) == 0) 1027 return (int)standard_name2type[i].id; 1028 } 1029 1030 if ((type = EVP_PKEY_type(OBJ_sn2nid(name))) != NID_undef) 1031 return type; 1032 return EVP_PKEY_type(OBJ_ln2nid(name)); 1033} 1034 1035const char *evp_pkey_type2name(int type) 1036{ 1037 size_t i; 1038 1039 for (i = 0; i < OSSL_NELEM(standard_name2type); i++) { 1040 if (type == (int)standard_name2type[i].id) 1041 return standard_name2type[i].ptr; 1042 } 1043 1044 return OBJ_nid2sn(type); 1045} 1046 1047int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name) 1048{ 1049 if (pkey == NULL) 1050 return 0; 1051 if (pkey->keymgmt == NULL) 1052 return pkey->type == evp_pkey_name2type(name); 1053 return EVP_KEYMGMT_is_a(pkey->keymgmt, name); 1054} 1055 1056int EVP_PKEY_type_names_do_all(const EVP_PKEY *pkey, 1057 void (*fn)(const char *name, void *data), 1058 void *data) 1059{ 1060 if (!evp_pkey_is_typed(pkey)) 1061 return 0; 1062 1063 if (!evp_pkey_is_provided(pkey)) { 1064 const char *name = OBJ_nid2sn(EVP_PKEY_get_id(pkey)); 1065 1066 fn(name, data); 1067 return 1; 1068 } 1069 return EVP_KEYMGMT_names_do_all(pkey->keymgmt, fn, data); 1070} 1071 1072int EVP_PKEY_can_sign(const EVP_PKEY *pkey) 1073{ 1074 if (pkey->keymgmt == NULL) { 1075 switch (EVP_PKEY_get_base_id(pkey)) { 1076 case EVP_PKEY_RSA: 1077 return 1; 1078# ifndef OPENSSL_NO_DSA 1079 case EVP_PKEY_DSA: 1080 return 1; 1081# endif 1082# ifndef OPENSSL_NO_EC 1083 case EVP_PKEY_ED25519: 1084 case EVP_PKEY_ED448: 1085 return 1; 1086 case EVP_PKEY_EC: /* Including SM2 */ 1087 return EC_KEY_can_sign(pkey->pkey.ec); 1088# endif 1089 default: 1090 break; 1091 } 1092 } else { 1093 const OSSL_PROVIDER *prov = EVP_KEYMGMT_get0_provider(pkey->keymgmt); 1094 OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); 1095 const char *supported_sig = 1096 pkey->keymgmt->query_operation_name != NULL 1097 ? pkey->keymgmt->query_operation_name(OSSL_OP_SIGNATURE) 1098 : EVP_KEYMGMT_get0_name(pkey->keymgmt); 1099 EVP_SIGNATURE *signature = NULL; 1100 1101 signature = EVP_SIGNATURE_fetch(libctx, supported_sig, NULL); 1102 if (signature != NULL) { 1103 EVP_SIGNATURE_free(signature); 1104 return 1; 1105 } 1106 } 1107 return 0; 1108} 1109 1110static int print_reset_indent(BIO **out, int pop_f_prefix, long saved_indent) 1111{ 1112 BIO_set_indent(*out, saved_indent); 1113 if (pop_f_prefix) { 1114 BIO *next = BIO_pop(*out); 1115 1116 BIO_free(*out); 1117 *out = next; 1118 } 1119 return 1; 1120} 1121 1122static int print_set_indent(BIO **out, int *pop_f_prefix, long *saved_indent, 1123 long indent) 1124{ 1125 *pop_f_prefix = 0; 1126 *saved_indent = 0; 1127 if (indent > 0) { 1128 long i = BIO_get_indent(*out); 1129 1130 *saved_indent = (i < 0 ? 0 : i); 1131 if (BIO_set_indent(*out, indent) <= 0) { 1132 BIO *prefbio = BIO_new(BIO_f_prefix()); 1133 1134 if (prefbio == NULL) 1135 return 0; 1136 *out = BIO_push(prefbio, *out); 1137 *pop_f_prefix = 1; 1138 } 1139 if (BIO_set_indent(*out, indent) <= 0) { 1140 print_reset_indent(out, *pop_f_prefix, *saved_indent); 1141 return 0; 1142 } 1143 } 1144 return 1; 1145} 1146 1147static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, 1148 const char *kstr) 1149{ 1150 return BIO_indent(out, indent, 128) 1151 && BIO_printf(out, "%s algorithm \"%s\" unsupported\n", 1152 kstr, OBJ_nid2ln(pkey->type)) > 0; 1153} 1154 1155static int print_pkey(const EVP_PKEY *pkey, BIO *out, int indent, 1156 int selection /* For provided encoding */, 1157 const char *propquery /* For provided encoding */, 1158 int (*legacy_print)(BIO *out, const EVP_PKEY *pkey, 1159 int indent, ASN1_PCTX *pctx), 1160 ASN1_PCTX *legacy_pctx /* For legacy print */) 1161{ 1162 int pop_f_prefix; 1163 long saved_indent; 1164 OSSL_ENCODER_CTX *ctx = NULL; 1165 int ret = -2; /* default to unsupported */ 1166 1167 if (!print_set_indent(&out, &pop_f_prefix, &saved_indent, indent)) 1168 return 0; 1169 1170 ctx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "TEXT", NULL, 1171 propquery); 1172 if (OSSL_ENCODER_CTX_get_num_encoders(ctx) != 0) 1173 ret = OSSL_ENCODER_to_bio(ctx, out); 1174 OSSL_ENCODER_CTX_free(ctx); 1175 1176 if (ret != -2) 1177 goto end; 1178 1179 /* legacy fallback */ 1180 if (legacy_print != NULL) 1181 ret = legacy_print(out, pkey, 0, legacy_pctx); 1182 else 1183 ret = unsup_alg(out, pkey, 0, "Public Key"); 1184 1185 end: 1186 print_reset_indent(&out, pop_f_prefix, saved_indent); 1187 return ret; 1188} 1189 1190int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, 1191 int indent, ASN1_PCTX *pctx) 1192{ 1193 return print_pkey(pkey, out, indent, EVP_PKEY_PUBLIC_KEY, NULL, 1194 (pkey->ameth != NULL ? pkey->ameth->pub_print : NULL), 1195 pctx); 1196} 1197 1198int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, 1199 int indent, ASN1_PCTX *pctx) 1200{ 1201 return print_pkey(pkey, out, indent, EVP_PKEY_KEYPAIR, NULL, 1202 (pkey->ameth != NULL ? pkey->ameth->priv_print : NULL), 1203 pctx); 1204} 1205 1206int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, 1207 int indent, ASN1_PCTX *pctx) 1208{ 1209 return print_pkey(pkey, out, indent, EVP_PKEY_KEY_PARAMETERS, NULL, 1210 (pkey->ameth != NULL ? pkey->ameth->param_print : NULL), 1211 pctx); 1212} 1213 1214# ifndef OPENSSL_NO_STDIO 1215int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey, 1216 int indent, ASN1_PCTX *pctx) 1217{ 1218 int ret; 1219 BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); 1220 1221 if (b == NULL) 1222 return 0; 1223 ret = EVP_PKEY_print_public(b, pkey, indent, pctx); 1224 BIO_free(b); 1225 return ret; 1226} 1227 1228int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey, 1229 int indent, ASN1_PCTX *pctx) 1230{ 1231 int ret; 1232 BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); 1233 1234 if (b == NULL) 1235 return 0; 1236 ret = EVP_PKEY_print_private(b, pkey, indent, pctx); 1237 BIO_free(b); 1238 return ret; 1239} 1240 1241int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey, 1242 int indent, ASN1_PCTX *pctx) 1243{ 1244 int ret; 1245 BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); 1246 1247 if (b == NULL) 1248 return 0; 1249 ret = EVP_PKEY_print_params(b, pkey, indent, pctx); 1250 BIO_free(b); 1251 return ret; 1252} 1253# endif 1254 1255static void mdname2nid(const char *mdname, void *data) 1256{ 1257 int *nid = (int *)data; 1258 1259 if (*nid != NID_undef) 1260 return; 1261 1262 *nid = OBJ_sn2nid(mdname); 1263 if (*nid == NID_undef) 1264 *nid = OBJ_ln2nid(mdname); 1265} 1266 1267static int legacy_asn1_ctrl_to_param(EVP_PKEY *pkey, int op, 1268 int arg1, void *arg2) 1269{ 1270 if (pkey->keymgmt == NULL) 1271 return 0; 1272 switch (op) { 1273 case ASN1_PKEY_CTRL_DEFAULT_MD_NID: 1274 { 1275 char mdname[80] = ""; 1276 int rv = EVP_PKEY_get_default_digest_name(pkey, mdname, 1277 sizeof(mdname)); 1278 1279 if (rv > 0) { 1280 int mdnum; 1281 OSSL_LIB_CTX *libctx = ossl_provider_libctx(pkey->keymgmt->prov); 1282 /* Make sure the MD is in the namemap if available */ 1283 EVP_MD *md; 1284 OSSL_NAMEMAP *namemap; 1285 int nid = NID_undef; 1286 1287 (void)ERR_set_mark(); 1288 md = EVP_MD_fetch(libctx, mdname, NULL); 1289 (void)ERR_pop_to_mark(); 1290 namemap = ossl_namemap_stored(libctx); 1291 1292 /* 1293 * The only reason to fetch the MD was to make sure it is in the 1294 * namemap. We can immediately free it. 1295 */ 1296 EVP_MD_free(md); 1297 mdnum = ossl_namemap_name2num(namemap, mdname); 1298 if (mdnum == 0) 1299 return 0; 1300 1301 /* 1302 * We have the namemap number - now we need to find the 1303 * associated nid 1304 */ 1305 if (!ossl_namemap_doall_names(namemap, mdnum, mdname2nid, &nid)) 1306 return 0; 1307 *(int *)arg2 = nid; 1308 } 1309 return rv; 1310 } 1311 default: 1312 return -2; 1313 } 1314} 1315 1316static int evp_pkey_asn1_ctrl(EVP_PKEY *pkey, int op, int arg1, void *arg2) 1317{ 1318 if (pkey->ameth == NULL) 1319 return legacy_asn1_ctrl_to_param(pkey, op, arg1, arg2); 1320 if (pkey->ameth->pkey_ctrl == NULL) 1321 return -2; 1322 return pkey->ameth->pkey_ctrl(pkey, op, arg1, arg2); 1323} 1324 1325int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) 1326{ 1327 if (pkey == NULL) 1328 return 0; 1329 return evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 0, pnid); 1330} 1331 1332int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey, 1333 char *mdname, size_t mdname_sz) 1334{ 1335 if (pkey->ameth == NULL) 1336 return evp_keymgmt_util_get_deflt_digest_name(pkey->keymgmt, 1337 pkey->keydata, 1338 mdname, mdname_sz); 1339 1340 { 1341 int nid = NID_undef; 1342 int rv = EVP_PKEY_get_default_digest_nid(pkey, &nid); 1343 const char *name = rv > 0 ? OBJ_nid2sn(nid) : NULL; 1344 1345 if (rv > 0) 1346 OPENSSL_strlcpy(mdname, name, mdname_sz); 1347 return rv; 1348 } 1349} 1350 1351int EVP_PKEY_get_group_name(const EVP_PKEY *pkey, char *gname, size_t gname_sz, 1352 size_t *gname_len) 1353{ 1354 return EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_GROUP_NAME, 1355 gname, gname_sz, gname_len); 1356} 1357 1358int EVP_PKEY_digestsign_supports_digest(EVP_PKEY *pkey, OSSL_LIB_CTX *libctx, 1359 const char *name, const char *propq) 1360{ 1361 int rv; 1362 EVP_MD_CTX *ctx = NULL; 1363 1364 if ((ctx = EVP_MD_CTX_new()) == NULL) 1365 return -1; 1366 1367 ERR_set_mark(); 1368 rv = EVP_DigestSignInit_ex(ctx, NULL, name, libctx, 1369 propq, pkey, NULL); 1370 ERR_pop_to_mark(); 1371 1372 EVP_MD_CTX_free(ctx); 1373 return rv; 1374} 1375 1376int EVP_PKEY_set1_encoded_public_key(EVP_PKEY *pkey, const unsigned char *pub, 1377 size_t publen) 1378{ 1379 if (pkey == NULL) 1380 return 0; 1381 if (evp_pkey_is_provided(pkey)) 1382 return 1383 EVP_PKEY_set_octet_string_param(pkey, 1384 OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, 1385 (unsigned char *)pub, publen); 1386 1387 if (publen > INT_MAX) 1388 return 0; 1389 /* Historically this function was EVP_PKEY_set1_tls_encodedpoint */ 1390 if (evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_SET1_TLS_ENCPT, publen, 1391 (void *)pub) <= 0) 1392 return 0; 1393 return 1; 1394} 1395 1396size_t EVP_PKEY_get1_encoded_public_key(EVP_PKEY *pkey, unsigned char **ppub) 1397{ 1398 int rv; 1399 1400 if (pkey == NULL) 1401 return 0; 1402 if (evp_pkey_is_provided(pkey)) { 1403 size_t return_size = OSSL_PARAM_UNMODIFIED; 1404 unsigned char *buf; 1405 1406 /* 1407 * We know that this is going to fail, but it will give us a size 1408 * to allocate. 1409 */ 1410 EVP_PKEY_get_octet_string_param(pkey, 1411 OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, 1412 NULL, 0, &return_size); 1413 if (return_size == OSSL_PARAM_UNMODIFIED) 1414 return 0; 1415 1416 *ppub = NULL; 1417 buf = OPENSSL_malloc(return_size); 1418 if (buf == NULL) 1419 return 0; 1420 1421 if (!EVP_PKEY_get_octet_string_param(pkey, 1422 OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, 1423 buf, return_size, NULL)) { 1424 OPENSSL_free(buf); 1425 return 0; 1426 } 1427 *ppub = buf; 1428 return return_size; 1429 } 1430 1431 1432 rv = evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_GET1_TLS_ENCPT, 0, ppub); 1433 if (rv <= 0) 1434 return 0; 1435 return rv; 1436} 1437 1438#endif /* FIPS_MODULE */ 1439 1440/*- All methods below can also be used in FIPS_MODULE */ 1441 1442EVP_PKEY *EVP_PKEY_new(void) 1443{ 1444 EVP_PKEY *ret = OPENSSL_zalloc(sizeof(*ret)); 1445 1446 if (ret == NULL) { 1447 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 1448 return NULL; 1449 } 1450 1451 ret->type = EVP_PKEY_NONE; 1452 ret->save_type = EVP_PKEY_NONE; 1453 ret->references = 1; 1454 1455 ret->lock = CRYPTO_THREAD_lock_new(); 1456 if (ret->lock == NULL) { 1457 EVPerr(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 1458 goto err; 1459 } 1460 1461#ifndef FIPS_MODULE 1462 ret->save_parameters = 1; 1463 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, ret, &ret->ex_data)) { 1464 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 1465 goto err; 1466 } 1467#endif 1468 return ret; 1469 1470 err: 1471 CRYPTO_THREAD_lock_free(ret->lock); 1472 OPENSSL_free(ret); 1473 return NULL; 1474} 1475 1476/* 1477 * Setup a public key management method. 1478 * 1479 * For legacy keys, either |type| or |str| is expected to have the type 1480 * information. In this case, the setup consists of finding an ASN1 method 1481 * and potentially an ENGINE, and setting those fields in |pkey|. 1482 * 1483 * For provider side keys, |keymgmt| is expected to be non-NULL. In this 1484 * case, the setup consists of setting the |keymgmt| field in |pkey|. 1485 * 1486 * If pkey is NULL just return 1 or 0 if the key management method exists. 1487 */ 1488 1489static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, 1490 int len, EVP_KEYMGMT *keymgmt) 1491{ 1492#ifndef FIPS_MODULE 1493 const EVP_PKEY_ASN1_METHOD *ameth = NULL; 1494 ENGINE **eptr = (e == NULL) ? &e : NULL; 1495#endif 1496 1497 /* 1498 * The setups can't set both legacy and provider side methods. 1499 * It is forbidden 1500 */ 1501 if (!ossl_assert(type == EVP_PKEY_NONE || keymgmt == NULL) 1502 || !ossl_assert(e == NULL || keymgmt == NULL)) { 1503 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 1504 return 0; 1505 } 1506 1507 if (pkey != NULL) { 1508 int free_it = 0; 1509 1510#ifndef FIPS_MODULE 1511 free_it = free_it || pkey->pkey.ptr != NULL; 1512#endif 1513 free_it = free_it || pkey->keydata != NULL; 1514 if (free_it) 1515 evp_pkey_free_it(pkey); 1516#ifndef FIPS_MODULE 1517 /* 1518 * If key type matches and a method exists then this lookup has 1519 * succeeded once so just indicate success. 1520 */ 1521 if (pkey->type != EVP_PKEY_NONE 1522 && type == pkey->save_type 1523 && pkey->ameth != NULL) 1524 return 1; 1525# ifndef OPENSSL_NO_ENGINE 1526 /* If we have ENGINEs release them */ 1527 ENGINE_finish(pkey->engine); 1528 pkey->engine = NULL; 1529 ENGINE_finish(pkey->pmeth_engine); 1530 pkey->pmeth_engine = NULL; 1531# endif 1532#endif 1533 } 1534#ifndef FIPS_MODULE 1535 if (str != NULL) 1536 ameth = EVP_PKEY_asn1_find_str(eptr, str, len); 1537 else if (type != EVP_PKEY_NONE) 1538 ameth = EVP_PKEY_asn1_find(eptr, type); 1539# ifndef OPENSSL_NO_ENGINE 1540 if (pkey == NULL && eptr != NULL) 1541 ENGINE_finish(e); 1542# endif 1543#endif 1544 1545 1546 { 1547 int check = 1; 1548 1549#ifndef FIPS_MODULE 1550 check = check && ameth == NULL; 1551#endif 1552 check = check && keymgmt == NULL; 1553 if (check) { 1554 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM); 1555 return 0; 1556 } 1557 } 1558 if (pkey != NULL) { 1559 if (keymgmt != NULL && !EVP_KEYMGMT_up_ref(keymgmt)) { 1560 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 1561 return 0; 1562 } 1563 1564 pkey->keymgmt = keymgmt; 1565 1566 pkey->save_type = type; 1567 pkey->type = type; 1568 1569#ifndef FIPS_MODULE 1570 /* 1571 * If the internal "origin" key is provider side, don't save |ameth|. 1572 * The main reason is that |ameth| is one factor to detect that the 1573 * internal "origin" key is a legacy one. 1574 */ 1575 if (keymgmt == NULL) 1576 pkey->ameth = ameth; 1577 1578 /* 1579 * The EVP_PKEY_ASN1_METHOD |pkey_id| retains its legacy key purpose 1580 * for any key type that has a legacy implementation, regardless of 1581 * if the internal key is a legacy or a provider side one. When 1582 * there is no legacy implementation for the key, the type becomes 1583 * EVP_PKEY_KEYMGMT, which indicates that one should be cautious 1584 * with functions that expect legacy internal keys. 1585 */ 1586 if (ameth != NULL) { 1587 if (type == EVP_PKEY_NONE) 1588 pkey->type = ameth->pkey_id; 1589 } else { 1590 pkey->type = EVP_PKEY_KEYMGMT; 1591 } 1592# ifndef OPENSSL_NO_ENGINE 1593 if (eptr == NULL && e != NULL && !ENGINE_init(e)) { 1594 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); 1595 return 0; 1596 } 1597# endif 1598 pkey->engine = e; 1599#endif 1600 } 1601 return 1; 1602} 1603 1604#ifndef FIPS_MODULE 1605static void find_ameth(const char *name, void *data) 1606{ 1607 const char **str = data; 1608 1609 /* 1610 * The error messages from pkey_set_type() are uninteresting here, 1611 * and misleading. 1612 */ 1613 ERR_set_mark(); 1614 1615 if (pkey_set_type(NULL, NULL, EVP_PKEY_NONE, name, strlen(name), 1616 NULL)) { 1617 if (str[0] == NULL) 1618 str[0] = name; 1619 else if (str[1] == NULL) 1620 str[1] = name; 1621 } 1622 1623 ERR_pop_to_mark(); 1624} 1625#endif 1626 1627int EVP_PKEY_set_type_by_keymgmt(EVP_PKEY *pkey, EVP_KEYMGMT *keymgmt) 1628{ 1629#ifndef FIPS_MODULE 1630# define EVP_PKEY_TYPE_STR str[0] 1631# define EVP_PKEY_TYPE_STRLEN (str[0] == NULL ? -1 : (int)strlen(str[0])) 1632 /* 1633 * Find at most two strings that have an associated EVP_PKEY_ASN1_METHOD 1634 * Ideally, only one should be found. If two (or more) are found, the 1635 * match is ambiguous. This should never happen, but... 1636 */ 1637 const char *str[2] = { NULL, NULL }; 1638 1639 if (!EVP_KEYMGMT_names_do_all(keymgmt, find_ameth, &str) 1640 || str[1] != NULL) { 1641 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); 1642 return 0; 1643 } 1644#else 1645# define EVP_PKEY_TYPE_STR NULL 1646# define EVP_PKEY_TYPE_STRLEN -1 1647#endif 1648 return pkey_set_type(pkey, NULL, EVP_PKEY_NONE, 1649 EVP_PKEY_TYPE_STR, EVP_PKEY_TYPE_STRLEN, 1650 keymgmt); 1651 1652#undef EVP_PKEY_TYPE_STR 1653#undef EVP_PKEY_TYPE_STRLEN 1654} 1655 1656int EVP_PKEY_up_ref(EVP_PKEY *pkey) 1657{ 1658 int i; 1659 1660 if (CRYPTO_UP_REF(&pkey->references, &i, pkey->lock) <= 0) 1661 return 0; 1662 1663 REF_PRINT_COUNT("EVP_PKEY", pkey); 1664 REF_ASSERT_ISNT(i < 2); 1665 return ((i > 1) ? 1 : 0); 1666} 1667 1668#ifndef FIPS_MODULE 1669EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey) 1670{ 1671 EVP_PKEY *dup_pk; 1672 1673 if (pkey == NULL) { 1674 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER); 1675 return NULL; 1676 } 1677 1678 if ((dup_pk = EVP_PKEY_new()) == NULL) 1679 return NULL; 1680 1681 if (evp_pkey_is_blank(pkey)) 1682 goto done; 1683 1684 if (evp_pkey_is_provided(pkey)) { 1685 if (!evp_keymgmt_util_copy(dup_pk, pkey, 1686 OSSL_KEYMGMT_SELECT_ALL)) 1687 goto err; 1688 goto done; 1689 } 1690 1691 if (evp_pkey_is_legacy(pkey)) { 1692 const EVP_PKEY_ASN1_METHOD *ameth = pkey->ameth; 1693 1694 if (ameth == NULL || ameth->copy == NULL) { 1695 if (pkey->pkey.ptr == NULL /* empty key, just set type */ 1696 && EVP_PKEY_set_type(dup_pk, pkey->type) != 0) 1697 goto done; 1698 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE); 1699 goto err; 1700 } 1701 if (!ameth->copy(dup_pk, pkey)) 1702 goto err; 1703 goto done; 1704 } 1705 1706 goto err; 1707done: 1708 /* copy auxiliary data */ 1709 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, 1710 &dup_pk->ex_data, &pkey->ex_data)) 1711 goto err; 1712 1713 if (pkey->attributes != NULL) { 1714 if ((dup_pk->attributes = ossl_x509at_dup(pkey->attributes)) == NULL) 1715 goto err; 1716 } 1717 return dup_pk; 1718err: 1719 EVP_PKEY_free(dup_pk); 1720 return NULL; 1721} 1722 1723void evp_pkey_free_legacy(EVP_PKEY *x) 1724{ 1725 const EVP_PKEY_ASN1_METHOD *ameth = x->ameth; 1726 ENGINE *tmpe = NULL; 1727 1728 if (ameth == NULL && x->legacy_cache_pkey.ptr != NULL) 1729 ameth = EVP_PKEY_asn1_find(&tmpe, x->type); 1730 1731 if (ameth != NULL) { 1732 if (x->legacy_cache_pkey.ptr != NULL) { 1733 /* 1734 * We should never have both a legacy origin key, and a key in the 1735 * legacy cache. 1736 */ 1737 assert(x->pkey.ptr == NULL); 1738 /* 1739 * For the purposes of freeing we make the legacy cache look like 1740 * a legacy origin key. 1741 */ 1742 x->pkey = x->legacy_cache_pkey; 1743 x->legacy_cache_pkey.ptr = NULL; 1744 } 1745 if (ameth->pkey_free != NULL) 1746 ameth->pkey_free(x); 1747 x->pkey.ptr = NULL; 1748 } 1749# ifndef OPENSSL_NO_ENGINE 1750 ENGINE_finish(tmpe); 1751 ENGINE_finish(x->engine); 1752 x->engine = NULL; 1753 ENGINE_finish(x->pmeth_engine); 1754 x->pmeth_engine = NULL; 1755# endif 1756} 1757#endif /* FIPS_MODULE */ 1758 1759static void evp_pkey_free_it(EVP_PKEY *x) 1760{ 1761 /* internal function; x is never NULL */ 1762 evp_keymgmt_util_clear_operation_cache(x, 1); 1763#ifndef FIPS_MODULE 1764 evp_pkey_free_legacy(x); 1765#endif 1766 1767 if (x->keymgmt != NULL) { 1768 evp_keymgmt_freedata(x->keymgmt, x->keydata); 1769 EVP_KEYMGMT_free(x->keymgmt); 1770 x->keymgmt = NULL; 1771 x->keydata = NULL; 1772 } 1773 x->type = EVP_PKEY_NONE; 1774} 1775 1776void EVP_PKEY_free(EVP_PKEY *x) 1777{ 1778 int i; 1779 1780 if (x == NULL) 1781 return; 1782 1783 CRYPTO_DOWN_REF(&x->references, &i, x->lock); 1784 REF_PRINT_COUNT("EVP_PKEY", x); 1785 if (i > 0) 1786 return; 1787 REF_ASSERT_ISNT(i < 0); 1788 evp_pkey_free_it(x); 1789#ifndef FIPS_MODULE 1790 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, x, &x->ex_data); 1791#endif 1792 CRYPTO_THREAD_lock_free(x->lock); 1793#ifndef FIPS_MODULE 1794 sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); 1795#endif 1796 OPENSSL_free(x); 1797} 1798 1799int EVP_PKEY_get_size(const EVP_PKEY *pkey) 1800{ 1801 int size = 0; 1802 1803 if (pkey != NULL) { 1804 size = pkey->cache.size; 1805#ifndef FIPS_MODULE 1806 if (pkey->ameth != NULL && pkey->ameth->pkey_size != NULL) 1807 size = pkey->ameth->pkey_size(pkey); 1808#endif 1809 } 1810 return size < 0 ? 0 : size; 1811} 1812 1813const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey) 1814{ 1815 if (!evp_pkey_is_assigned(pkey)) 1816 return NULL; 1817 1818 if (evp_pkey_is_provided(pkey) && pkey->keymgmt->description != NULL) 1819 return pkey->keymgmt->description; 1820#ifndef FIPS_MODULE 1821 if (pkey->ameth != NULL) 1822 return pkey->ameth->info; 1823#endif 1824 return NULL; 1825} 1826 1827void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, 1828 EVP_KEYMGMT **keymgmt, 1829 const char *propquery) 1830{ 1831 EVP_KEYMGMT *allocated_keymgmt = NULL; 1832 EVP_KEYMGMT *tmp_keymgmt = NULL; 1833 int selection = OSSL_KEYMGMT_SELECT_ALL; 1834 void *keydata = NULL; 1835 int check; 1836 1837 if (pk == NULL) 1838 return NULL; 1839 1840 /* No key data => nothing to export */ 1841 check = 1; 1842#ifndef FIPS_MODULE 1843 check = check && pk->pkey.ptr == NULL; 1844#endif 1845 check = check && pk->keydata == NULL; 1846 if (check) 1847 return NULL; 1848 1849#ifndef FIPS_MODULE 1850 if (pk->pkey.ptr != NULL) { 1851 /* 1852 * If the legacy key doesn't have an dirty counter or export function, 1853 * give up 1854 */ 1855 if (pk->ameth->dirty_cnt == NULL || pk->ameth->export_to == NULL) 1856 return NULL; 1857 } 1858#endif 1859 1860 if (keymgmt != NULL) { 1861 tmp_keymgmt = *keymgmt; 1862 *keymgmt = NULL; 1863 } 1864 1865 /* 1866 * If no keymgmt was given or found, get a default keymgmt. We do so by 1867 * letting EVP_PKEY_CTX_new_from_pkey() do it for us, then we steal it. 1868 */ 1869 if (tmp_keymgmt == NULL) { 1870 EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pk, propquery); 1871 1872 if (ctx == NULL) 1873 goto end; 1874 allocated_keymgmt = tmp_keymgmt = ctx->keymgmt; 1875 ctx->keymgmt = NULL; 1876 EVP_PKEY_CTX_free(ctx); 1877 } 1878 1879 /* If there's still no keymgmt to be had, give up */ 1880 if (tmp_keymgmt == NULL) 1881 goto end; 1882 1883#ifndef FIPS_MODULE 1884 if (pk->pkey.ptr != NULL) { 1885 OP_CACHE_ELEM *op; 1886 1887 /* 1888 * If the legacy "origin" hasn't changed since last time, we try 1889 * to find our keymgmt in the operation cache. If it has changed, 1890 * |i| remains zero, and we will clear the cache further down. 1891 */ 1892 if (pk->ameth->dirty_cnt(pk) == pk->dirty_cnt_copy) { 1893 if (!CRYPTO_THREAD_read_lock(pk->lock)) 1894 goto end; 1895 op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt, 1896 selection); 1897 1898 /* 1899 * If |tmp_keymgmt| is present in the operation cache, it means 1900 * that export doesn't need to be redone. In that case, we take 1901 * token copies of the cached pointers, to have token success 1902 * values to return. 1903 */ 1904 if (op != NULL && op->keymgmt != NULL) { 1905 keydata = op->keydata; 1906 CRYPTO_THREAD_unlock(pk->lock); 1907 goto end; 1908 } 1909 CRYPTO_THREAD_unlock(pk->lock); 1910 } 1911 1912 /* Make sure that the keymgmt key type matches the legacy NID */ 1913 if (!EVP_KEYMGMT_is_a(tmp_keymgmt, OBJ_nid2sn(pk->type))) 1914 goto end; 1915 1916 if ((keydata = evp_keymgmt_newdata(tmp_keymgmt)) == NULL) 1917 goto end; 1918 1919 if (!pk->ameth->export_to(pk, keydata, tmp_keymgmt->import, 1920 libctx, propquery)) { 1921 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1922 keydata = NULL; 1923 goto end; 1924 } 1925 1926 /* 1927 * If the dirty counter changed since last time, then clear the 1928 * operation cache. In that case, we know that |i| is zero. Just 1929 * in case this is a re-export, we increment then decrement the 1930 * keymgmt reference counter. 1931 */ 1932 if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) { /* refcnt++ */ 1933 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1934 keydata = NULL; 1935 goto end; 1936 } 1937 1938 if (!CRYPTO_THREAD_write_lock(pk->lock)) 1939 goto end; 1940 if (pk->ameth->dirty_cnt(pk) != pk->dirty_cnt_copy 1941 && !evp_keymgmt_util_clear_operation_cache(pk, 0)) { 1942 CRYPTO_THREAD_unlock(pk->lock); 1943 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1944 keydata = NULL; 1945 EVP_KEYMGMT_free(tmp_keymgmt); 1946 goto end; 1947 } 1948 EVP_KEYMGMT_free(tmp_keymgmt); /* refcnt-- */ 1949 1950 /* Check to make sure some other thread didn't get there first */ 1951 op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt, selection); 1952 if (op != NULL && op->keymgmt != NULL) { 1953 void *tmp_keydata = op->keydata; 1954 1955 CRYPTO_THREAD_unlock(pk->lock); 1956 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1957 keydata = tmp_keydata; 1958 goto end; 1959 } 1960 1961 /* Add the new export to the operation cache */ 1962 if (!evp_keymgmt_util_cache_keydata(pk, tmp_keymgmt, keydata, 1963 selection)) { 1964 CRYPTO_THREAD_unlock(pk->lock); 1965 evp_keymgmt_freedata(tmp_keymgmt, keydata); 1966 keydata = NULL; 1967 goto end; 1968 } 1969 1970 /* Synchronize the dirty count */ 1971 pk->dirty_cnt_copy = pk->ameth->dirty_cnt(pk); 1972 1973 CRYPTO_THREAD_unlock(pk->lock); 1974 goto end; 1975 } 1976#endif /* FIPS_MODULE */ 1977 1978 keydata = evp_keymgmt_util_export_to_provider(pk, tmp_keymgmt, selection); 1979 1980 end: 1981 /* 1982 * If nothing was exported, |tmp_keymgmt| might point at a freed 1983 * EVP_KEYMGMT, so we clear it to be safe. It shouldn't be useful for 1984 * the caller either way in that case. 1985 */ 1986 if (keydata == NULL) 1987 tmp_keymgmt = NULL; 1988 1989 if (keymgmt != NULL && tmp_keymgmt != NULL) { 1990 *keymgmt = tmp_keymgmt; 1991 allocated_keymgmt = NULL; 1992 } 1993 1994 EVP_KEYMGMT_free(allocated_keymgmt); 1995 return keydata; 1996} 1997 1998#ifndef FIPS_MODULE 1999int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src) 2000{ 2001 EVP_PKEY *allocpkey = NULL; 2002 2003 if (!ossl_assert(dest != NULL)) 2004 return 0; 2005 2006 if (evp_pkey_is_assigned(src) && evp_pkey_is_provided(src)) { 2007 EVP_KEYMGMT *keymgmt = src->keymgmt; 2008 void *keydata = src->keydata; 2009 int type = src->type; 2010 const char *keytype = NULL; 2011 2012 keytype = EVP_KEYMGMT_get0_name(keymgmt); 2013 2014 /* 2015 * If the type is EVP_PKEY_NONE, then we have a problem somewhere 2016 * else in our code. If it's not one of the well known EVP_PKEY_xxx 2017 * values, it should at least be EVP_PKEY_KEYMGMT at this point. 2018 * The check is kept as a safety measure. 2019 */ 2020 if (!ossl_assert(type != EVP_PKEY_NONE)) { 2021 ERR_raise_data(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR, 2022 "keymgmt key type = %s but legacy type = EVP_PKEY_NONE", 2023 keytype); 2024 return 0; 2025 } 2026 2027 /* Prefer the legacy key type name for error reporting */ 2028 if (type != EVP_PKEY_KEYMGMT) 2029 keytype = OBJ_nid2sn(type); 2030 2031 /* Make sure we have a clean slate to copy into */ 2032 if (*dest == NULL) { 2033 allocpkey = *dest = EVP_PKEY_new(); 2034 if (*dest == NULL) { 2035 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 2036 return 0; 2037 } 2038 } else { 2039 evp_pkey_free_it(*dest); 2040 } 2041 2042 if (EVP_PKEY_set_type(*dest, type)) { 2043 /* If the key is typed but empty, we're done */ 2044 if (keydata == NULL) 2045 return 1; 2046 2047 if ((*dest)->ameth->import_from == NULL) { 2048 ERR_raise_data(ERR_LIB_EVP, EVP_R_NO_IMPORT_FUNCTION, 2049 "key type = %s", keytype); 2050 } else { 2051 /* 2052 * We perform the export in the same libctx as the keymgmt 2053 * that we are using. 2054 */ 2055 OSSL_LIB_CTX *libctx = 2056 ossl_provider_libctx(keymgmt->prov); 2057 EVP_PKEY_CTX *pctx = 2058 EVP_PKEY_CTX_new_from_pkey(libctx, *dest, NULL); 2059 2060 if (pctx == NULL) 2061 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); 2062 2063 if (pctx != NULL 2064 && evp_keymgmt_export(keymgmt, keydata, 2065 OSSL_KEYMGMT_SELECT_ALL, 2066 (*dest)->ameth->import_from, 2067 pctx)) { 2068 /* Synchronize the dirty count */ 2069 (*dest)->dirty_cnt_copy = (*dest)->ameth->dirty_cnt(*dest); 2070 2071 EVP_PKEY_CTX_free(pctx); 2072 return 1; 2073 } 2074 EVP_PKEY_CTX_free(pctx); 2075 } 2076 2077 ERR_raise_data(ERR_LIB_EVP, EVP_R_KEYMGMT_EXPORT_FAILURE, 2078 "key type = %s", keytype); 2079 } 2080 } 2081 2082 if (allocpkey != NULL) { 2083 EVP_PKEY_free(allocpkey); 2084 *dest = NULL; 2085 } 2086 return 0; 2087} 2088 2089void *evp_pkey_get_legacy(EVP_PKEY *pk) 2090{ 2091 EVP_PKEY *tmp_copy = NULL; 2092 void *ret = NULL; 2093 2094 if (!ossl_assert(pk != NULL)) 2095 return NULL; 2096 2097 /* 2098 * If this isn't an assigned provider side key, we just use any existing 2099 * origin legacy key. 2100 */ 2101 if (!evp_pkey_is_assigned(pk)) 2102 return NULL; 2103 if (!evp_pkey_is_provided(pk)) 2104 return pk->pkey.ptr; 2105 2106 if (!CRYPTO_THREAD_read_lock(pk->lock)) 2107 return NULL; 2108 2109 ret = pk->legacy_cache_pkey.ptr; 2110 2111 if (!CRYPTO_THREAD_unlock(pk->lock)) 2112 return NULL; 2113 2114 if (ret != NULL) 2115 return ret; 2116 2117 if (!evp_pkey_copy_downgraded(&tmp_copy, pk)) 2118 goto err; 2119 2120 if (!CRYPTO_THREAD_write_lock(pk->lock)) 2121 goto err; 2122 2123 /* Check again in case some other thread has updated it in the meantime */ 2124 ret = pk->legacy_cache_pkey.ptr; 2125 if (ret == NULL) { 2126 /* Steal the legacy key reference from the temporary copy */ 2127 ret = pk->legacy_cache_pkey.ptr = tmp_copy->pkey.ptr; 2128 tmp_copy->pkey.ptr = NULL; 2129 } 2130 2131 if (!CRYPTO_THREAD_unlock(pk->lock)) { 2132 ret = NULL; 2133 goto err; 2134 } 2135 2136 err: 2137 EVP_PKEY_free(tmp_copy); 2138 2139 return ret; 2140} 2141#endif /* FIPS_MODULE */ 2142 2143int EVP_PKEY_get_bn_param(const EVP_PKEY *pkey, const char *key_name, 2144 BIGNUM **bn) 2145{ 2146 int ret = 0; 2147 OSSL_PARAM params[2]; 2148 unsigned char buffer[2048]; 2149 unsigned char *buf = NULL; 2150 size_t buf_sz = 0; 2151 2152 if (key_name == NULL 2153 || bn == NULL) 2154 return 0; 2155 2156 memset(buffer, 0, sizeof(buffer)); 2157 params[0] = OSSL_PARAM_construct_BN(key_name, buffer, sizeof(buffer)); 2158 params[1] = OSSL_PARAM_construct_end(); 2159 if (!EVP_PKEY_get_params(pkey, params)) { 2160 if (!OSSL_PARAM_modified(params) || params[0].return_size == 0) 2161 return 0; 2162 buf_sz = params[0].return_size; 2163 /* 2164 * If it failed because the buffer was too small then allocate the 2165 * required buffer size and retry. 2166 */ 2167 buf = OPENSSL_zalloc(buf_sz); 2168 if (buf == NULL) 2169 return 0; 2170 params[0].data = buf; 2171 params[0].data_size = buf_sz; 2172 2173 if (!EVP_PKEY_get_params(pkey, params)) 2174 goto err; 2175 } 2176 /* Fail if the param was not found */ 2177 if (!OSSL_PARAM_modified(params)) 2178 goto err; 2179 ret = OSSL_PARAM_get_BN(params, bn); 2180err: 2181 if (buf != NULL) { 2182 if (OSSL_PARAM_modified(params)) 2183 OPENSSL_clear_free(buf, buf_sz); 2184 else 2185 OPENSSL_free(buf); 2186 } else if (OSSL_PARAM_modified(params)) { 2187 OPENSSL_cleanse(buffer, params[0].data_size); 2188 } 2189 return ret; 2190} 2191 2192int EVP_PKEY_get_octet_string_param(const EVP_PKEY *pkey, const char *key_name, 2193 unsigned char *buf, size_t max_buf_sz, 2194 size_t *out_len) 2195{ 2196 OSSL_PARAM params[2]; 2197 int ret1 = 0, ret2 = 0; 2198 2199 if (key_name == NULL) 2200 return 0; 2201 2202 params[0] = OSSL_PARAM_construct_octet_string(key_name, buf, max_buf_sz); 2203 params[1] = OSSL_PARAM_construct_end(); 2204 if ((ret1 = EVP_PKEY_get_params(pkey, params))) 2205 ret2 = OSSL_PARAM_modified(params); 2206 if (ret2 && out_len != NULL) 2207 *out_len = params[0].return_size; 2208 return ret1 && ret2; 2209} 2210 2211int EVP_PKEY_get_utf8_string_param(const EVP_PKEY *pkey, const char *key_name, 2212 char *str, size_t max_buf_sz, 2213 size_t *out_len) 2214{ 2215 OSSL_PARAM params[2]; 2216 int ret1 = 0, ret2 = 0; 2217 2218 if (key_name == NULL) 2219 return 0; 2220 2221 params[0] = OSSL_PARAM_construct_utf8_string(key_name, str, max_buf_sz); 2222 params[1] = OSSL_PARAM_construct_end(); 2223 if ((ret1 = EVP_PKEY_get_params(pkey, params))) 2224 ret2 = OSSL_PARAM_modified(params); 2225 if (ret2 && out_len != NULL) 2226 *out_len = params[0].return_size; 2227 2228 if (ret2 && params[0].return_size == max_buf_sz) 2229 /* There was no space for a NUL byte */ 2230 return 0; 2231 /* Add a terminating NUL byte for good measure */ 2232 if (ret2 && str != NULL) 2233 str[params[0].return_size] = '\0'; 2234 2235 return ret1 && ret2; 2236} 2237 2238int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name, 2239 int *out) 2240{ 2241 OSSL_PARAM params[2]; 2242 2243 if (key_name == NULL) 2244 return 0; 2245 2246 params[0] = OSSL_PARAM_construct_int(key_name, out); 2247 params[1] = OSSL_PARAM_construct_end(); 2248 return EVP_PKEY_get_params(pkey, params) 2249 && OSSL_PARAM_modified(params); 2250} 2251 2252int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name, 2253 size_t *out) 2254{ 2255 OSSL_PARAM params[2]; 2256 2257 if (key_name == NULL) 2258 return 0; 2259 2260 params[0] = OSSL_PARAM_construct_size_t(key_name, out); 2261 params[1] = OSSL_PARAM_construct_end(); 2262 return EVP_PKEY_get_params(pkey, params) 2263 && OSSL_PARAM_modified(params); 2264} 2265 2266int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in) 2267{ 2268 OSSL_PARAM params[2]; 2269 2270 if (key_name == NULL) 2271 return 0; 2272 2273 params[0] = OSSL_PARAM_construct_int(key_name, &in); 2274 params[1] = OSSL_PARAM_construct_end(); 2275 return EVP_PKEY_set_params(pkey, params); 2276} 2277 2278int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in) 2279{ 2280 OSSL_PARAM params[2]; 2281 2282 if (key_name == NULL) 2283 return 0; 2284 2285 params[0] = OSSL_PARAM_construct_size_t(key_name, &in); 2286 params[1] = OSSL_PARAM_construct_end(); 2287 return EVP_PKEY_set_params(pkey, params); 2288} 2289 2290int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name, 2291 const BIGNUM *bn) 2292{ 2293 OSSL_PARAM params[2]; 2294 unsigned char buffer[2048]; 2295 int bsize = 0; 2296 2297 if (key_name == NULL 2298 || bn == NULL 2299 || pkey == NULL 2300 || !evp_pkey_is_assigned(pkey)) 2301 return 0; 2302 2303 bsize = BN_num_bytes(bn); 2304 if (!ossl_assert(bsize <= (int)sizeof(buffer))) 2305 return 0; 2306 2307 if (BN_bn2nativepad(bn, buffer, bsize) < 0) 2308 return 0; 2309 params[0] = OSSL_PARAM_construct_BN(key_name, buffer, bsize); 2310 params[1] = OSSL_PARAM_construct_end(); 2311 return EVP_PKEY_set_params(pkey, params); 2312} 2313 2314int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name, 2315 const char *str) 2316{ 2317 OSSL_PARAM params[2]; 2318 2319 if (key_name == NULL) 2320 return 0; 2321 2322 params[0] = OSSL_PARAM_construct_utf8_string(key_name, (char *)str, 0); 2323 params[1] = OSSL_PARAM_construct_end(); 2324 return EVP_PKEY_set_params(pkey, params); 2325} 2326 2327int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name, 2328 const unsigned char *buf, size_t bsize) 2329{ 2330 OSSL_PARAM params[2]; 2331 2332 if (key_name == NULL) 2333 return 0; 2334 2335 params[0] = OSSL_PARAM_construct_octet_string(key_name, 2336 (unsigned char *)buf, bsize); 2337 params[1] = OSSL_PARAM_construct_end(); 2338 return EVP_PKEY_set_params(pkey, params); 2339} 2340 2341const OSSL_PARAM *EVP_PKEY_settable_params(const EVP_PKEY *pkey) 2342{ 2343 return (pkey != NULL && evp_pkey_is_provided(pkey)) 2344 ? EVP_KEYMGMT_settable_params(pkey->keymgmt) 2345 : NULL; 2346} 2347 2348int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]) 2349{ 2350 if (pkey != NULL) { 2351 if (evp_pkey_is_provided(pkey)) { 2352 pkey->dirty_cnt++; 2353 return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); 2354 } 2355#ifndef FIPS_MODULE 2356 /* 2357 * We will hopefully never find the need to set individual data in 2358 * EVP_PKEYs with a legacy internal key, but we can't be entirely 2359 * sure. This bit of code can be enabled if we find the need. If 2360 * not, it can safely be removed when #legacy support is removed. 2361 */ 2362# if 0 2363 else if (evp_pkey_is_legacy(pkey)) { 2364 return evp_pkey_set_params_to_ctrl(pkey, params); 2365 } 2366# endif 2367#endif 2368 } 2369 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY); 2370 return 0; 2371} 2372 2373const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey) 2374{ 2375 return (pkey != NULL && evp_pkey_is_provided(pkey)) 2376 ? EVP_KEYMGMT_gettable_params(pkey->keymgmt) 2377 : NULL; 2378} 2379 2380int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[]) 2381{ 2382 if (pkey != NULL) { 2383 if (evp_pkey_is_provided(pkey)) 2384 return evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params) > 0; 2385#ifndef FIPS_MODULE 2386 else if (evp_pkey_is_legacy(pkey)) 2387 return evp_pkey_get_params_to_ctrl(pkey, params) > 0; 2388#endif 2389 } 2390 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY); 2391 return 0; 2392} 2393 2394#ifndef FIPS_MODULE 2395int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey) 2396{ 2397 char name[80]; 2398 size_t name_len; 2399 2400 if (pkey == NULL) 2401 return 0; 2402 2403 if (pkey->keymgmt == NULL 2404 || pkey->keydata == NULL) { 2405# ifndef OPENSSL_NO_EC 2406 /* Might work through the legacy route */ 2407 const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); 2408 2409 if (ec == NULL) 2410 return 0; 2411 2412 return EC_KEY_get_conv_form(ec); 2413# else 2414 return 0; 2415# endif 2416 } 2417 2418 if (!EVP_PKEY_get_utf8_string_param(pkey, 2419 OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, 2420 name, sizeof(name), &name_len)) 2421 return 0; 2422 2423 if (strcmp(name, "uncompressed") == 0) 2424 return POINT_CONVERSION_UNCOMPRESSED; 2425 2426 if (strcmp(name, "compressed") == 0) 2427 return POINT_CONVERSION_COMPRESSED; 2428 2429 if (strcmp(name, "hybrid") == 0) 2430 return POINT_CONVERSION_HYBRID; 2431 2432 return 0; 2433} 2434 2435int EVP_PKEY_get_field_type(const EVP_PKEY *pkey) 2436{ 2437 char fstr[80]; 2438 size_t fstrlen; 2439 2440 if (pkey == NULL) 2441 return 0; 2442 2443 if (pkey->keymgmt == NULL 2444 || pkey->keydata == NULL) { 2445# ifndef OPENSSL_NO_EC 2446 /* Might work through the legacy route */ 2447 const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); 2448 const EC_GROUP *grp; 2449 2450 if (ec == NULL) 2451 return 0; 2452 grp = EC_KEY_get0_group(ec); 2453 if (grp == NULL) 2454 return 0; 2455 2456 return EC_GROUP_get_field_type(grp); 2457# else 2458 return 0; 2459# endif 2460 } 2461 2462 if (!EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_EC_FIELD_TYPE, 2463 fstr, sizeof(fstr), &fstrlen)) 2464 return 0; 2465 2466 if (strcmp(fstr, SN_X9_62_prime_field) == 0) 2467 return NID_X9_62_prime_field; 2468 else if (strcmp(fstr, SN_X9_62_characteristic_two_field)) 2469 return NID_X9_62_characteristic_two_field; 2470 2471 return 0; 2472} 2473#endif 2474