xref: /openssl/crypto/x509/x_pubkey.c (revision 7ed6de99)
1 /*
2  * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 /*
11  * DSA low level APIs are deprecated for public use, but still ok for
12  * internal use.
13  */
14 #include "internal/deprecated.h"
15 
16 #include <stdio.h>
17 #include "internal/cryptlib.h"
18 #include <openssl/asn1t.h>
19 #include <openssl/x509.h>
20 #include <openssl/engine.h>
21 #include "crypto/asn1.h"
22 #include "crypto/evp.h"
23 #include "crypto/x509.h"
24 #include <openssl/rsa.h>
25 #include <openssl/dsa.h>
26 #include <openssl/decoder.h>
27 #include <openssl/encoder.h>
28 #include "internal/provider.h"
29 #include "internal/sizes.h"
30 
31 struct X509_pubkey_st {
32     X509_ALGOR *algor;
33     ASN1_BIT_STRING *public_key;
34 
35     EVP_PKEY *pkey;
36 
37     /* extra data for the callback, used by d2i_PUBKEY_ex */
38     OSSL_LIB_CTX *libctx;
39     char *propq;
40 
41     /* Flag to force legacy keys */
42     unsigned int flag_force_legacy : 1;
43 };
44 
45 static int x509_pubkey_decode(EVP_PKEY **pk, const X509_PUBKEY *key);
46 
x509_pubkey_set0_libctx(X509_PUBKEY * x,OSSL_LIB_CTX * libctx,const char * propq)47 static int x509_pubkey_set0_libctx(X509_PUBKEY *x, OSSL_LIB_CTX *libctx,
48                                    const char *propq)
49 {
50     if (x != NULL) {
51         x->libctx = libctx;
52         OPENSSL_free(x->propq);
53         x->propq = NULL;
54         if (propq != NULL) {
55             x->propq = OPENSSL_strdup(propq);
56             if (x->propq == NULL)
57                 return 0;
58         }
59     }
60     return 1;
61 }
62 
63 ASN1_SEQUENCE(X509_PUBKEY_INTERNAL) = {
64         ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
65         ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
66 } static_ASN1_SEQUENCE_END_name(X509_PUBKEY, X509_PUBKEY_INTERNAL)
67 
68 X509_PUBKEY *ossl_d2i_X509_PUBKEY_INTERNAL(const unsigned char **pp,
69                                            long len, OSSL_LIB_CTX *libctx,
70                                            const char *propq)
71 {
72     X509_PUBKEY *xpub = OPENSSL_zalloc(sizeof(*xpub));
73 
74     if (xpub == NULL)
75         return NULL;
76     return (X509_PUBKEY *)ASN1_item_d2i_ex((ASN1_VALUE **)&xpub, pp, len,
77                                            ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL),
78                                            libctx, propq);
79 }
80 
ossl_X509_PUBKEY_INTERNAL_free(X509_PUBKEY * xpub)81 void ossl_X509_PUBKEY_INTERNAL_free(X509_PUBKEY *xpub)
82 {
83     ASN1_item_free((ASN1_VALUE *)xpub, ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL));
84 }
85 
x509_pubkey_ex_free(ASN1_VALUE ** pval,const ASN1_ITEM * it)86 static void x509_pubkey_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
87 {
88     X509_PUBKEY *pubkey;
89 
90     if (pval != NULL && (pubkey = (X509_PUBKEY *)*pval) != NULL) {
91         X509_ALGOR_free(pubkey->algor);
92         ASN1_BIT_STRING_free(pubkey->public_key);
93         EVP_PKEY_free(pubkey->pkey);
94         OPENSSL_free(pubkey->propq);
95         OPENSSL_free(pubkey);
96         *pval = NULL;
97     }
98 }
99 
x509_pubkey_ex_populate(ASN1_VALUE ** pval,const ASN1_ITEM * it)100 static int x509_pubkey_ex_populate(ASN1_VALUE **pval, const ASN1_ITEM *it)
101 {
102     X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
103 
104     return (pubkey->algor != NULL
105             || (pubkey->algor = X509_ALGOR_new()) != NULL)
106         && (pubkey->public_key != NULL
107             || (pubkey->public_key = ASN1_BIT_STRING_new()) != NULL);
108 }
109 
110 
x509_pubkey_ex_new_ex(ASN1_VALUE ** pval,const ASN1_ITEM * it,OSSL_LIB_CTX * libctx,const char * propq)111 static int x509_pubkey_ex_new_ex(ASN1_VALUE **pval, const ASN1_ITEM *it,
112                                  OSSL_LIB_CTX *libctx, const char *propq)
113 {
114     X509_PUBKEY *ret;
115 
116     if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL)
117         return 0;
118     if (!x509_pubkey_ex_populate((ASN1_VALUE **)&ret, NULL)
119         || !x509_pubkey_set0_libctx(ret, libctx, propq)) {
120         x509_pubkey_ex_free((ASN1_VALUE **)&ret, NULL);
121         ret = NULL;
122         ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB);
123     } else {
124         *pval = (ASN1_VALUE *)ret;
125     }
126 
127     return ret != NULL;
128 }
129 
x509_pubkey_ex_d2i_ex(ASN1_VALUE ** pval,const unsigned char ** in,long len,const ASN1_ITEM * it,int tag,int aclass,char opt,ASN1_TLC * ctx,OSSL_LIB_CTX * libctx,const char * propq)130 static int x509_pubkey_ex_d2i_ex(ASN1_VALUE **pval,
131                                  const unsigned char **in, long len,
132                                  const ASN1_ITEM *it, int tag, int aclass,
133                                  char opt, ASN1_TLC *ctx, OSSL_LIB_CTX *libctx,
134                                  const char *propq)
135 {
136     const unsigned char *in_saved = *in;
137     size_t publen;
138     X509_PUBKEY *pubkey;
139     int ret;
140     OSSL_DECODER_CTX *dctx = NULL;
141     unsigned char *tmpbuf = NULL;
142 
143     if (*pval == NULL && !x509_pubkey_ex_new_ex(pval, it, libctx, propq))
144         return 0;
145     if (!x509_pubkey_ex_populate(pval, NULL)) {
146         ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB);
147         return 0;
148     }
149 
150     /* This ensures that |*in| advances properly no matter what */
151     if ((ret = ASN1_item_ex_d2i(pval, in, len,
152                                 ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL),
153                                 tag, aclass, opt, ctx)) <= 0)
154         return ret;
155 
156     publen = *in - in_saved;
157     if (!ossl_assert(publen > 0)) {
158         ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR);
159         return 0;
160     }
161 
162     pubkey = (X509_PUBKEY *)*pval;
163     EVP_PKEY_free(pubkey->pkey);
164     pubkey->pkey = NULL;
165 
166     /*
167      * Opportunistically decode the key but remove any non fatal errors
168      * from the queue. Subsequent explicit attempts to decode/use the key
169      * will return an appropriate error.
170      */
171     ERR_set_mark();
172 
173     /*
174      * Try to decode with legacy method first.  This ensures that engines
175      * aren't overridden by providers.
176      */
177     if ((ret = x509_pubkey_decode(&pubkey->pkey, pubkey)) == -1) {
178         /* -1 indicates a fatal error, like malloc failure */
179         ERR_clear_last_mark();
180         goto end;
181     }
182 
183     /* Try to decode it into an EVP_PKEY with OSSL_DECODER */
184     if (ret <= 0 && !pubkey->flag_force_legacy) {
185         const unsigned char *p;
186         char txtoidname[OSSL_MAX_NAME_SIZE];
187         size_t slen = publen;
188 
189         /*
190         * The decoders don't know how to handle anything other than Universal
191         * class so we modify the data accordingly.
192         */
193         if (aclass != V_ASN1_UNIVERSAL) {
194             tmpbuf = OPENSSL_memdup(in_saved, publen);
195             if (tmpbuf == NULL)
196                 return 0;
197             in_saved = tmpbuf;
198             *tmpbuf = V_ASN1_CONSTRUCTED | V_ASN1_SEQUENCE;
199         }
200         p = in_saved;
201 
202         if (OBJ_obj2txt(txtoidname, sizeof(txtoidname),
203                         pubkey->algor->algorithm, 0) <= 0) {
204             ERR_clear_last_mark();
205             goto end;
206         }
207         if ((dctx =
208              OSSL_DECODER_CTX_new_for_pkey(&pubkey->pkey,
209                                            "DER", "SubjectPublicKeyInfo",
210                                            txtoidname, EVP_PKEY_PUBLIC_KEY,
211                                            pubkey->libctx,
212                                            pubkey->propq)) != NULL)
213             /*
214              * As said higher up, we're being opportunistic.  In other words,
215              * we don't care if we fail.
216              */
217             if (OSSL_DECODER_from_data(dctx, &p, &slen)) {
218                 if (slen != 0) {
219                     /*
220                      * If we successfully decoded then we *must* consume all the
221                      * bytes.
222                      */
223                     ERR_clear_last_mark();
224                     ERR_raise(ERR_LIB_ASN1, EVP_R_DECODE_ERROR);
225                     goto end;
226                 }
227             }
228     }
229 
230     ERR_pop_to_mark();
231     ret = 1;
232  end:
233     OSSL_DECODER_CTX_free(dctx);
234     OPENSSL_free(tmpbuf);
235     return ret;
236 }
237 
x509_pubkey_ex_i2d(const ASN1_VALUE ** pval,unsigned char ** out,const ASN1_ITEM * it,int tag,int aclass)238 static int x509_pubkey_ex_i2d(const ASN1_VALUE **pval, unsigned char **out,
239                               const ASN1_ITEM *it, int tag, int aclass)
240 {
241     return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL),
242                             tag, aclass);
243 }
244 
x509_pubkey_ex_print(BIO * out,const ASN1_VALUE ** pval,int indent,const char * fname,const ASN1_PCTX * pctx)245 static int x509_pubkey_ex_print(BIO *out, const ASN1_VALUE **pval, int indent,
246                                 const char *fname, const ASN1_PCTX *pctx)
247 {
248     return ASN1_item_print(out, *pval, indent,
249                            ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL), pctx);
250 }
251 
252 static const ASN1_EXTERN_FUNCS x509_pubkey_ff = {
253     NULL,
254     NULL,
255     x509_pubkey_ex_free,
256     0,                          /* Default clear behaviour is OK */
257     NULL,
258     x509_pubkey_ex_i2d,
259     x509_pubkey_ex_print,
260     x509_pubkey_ex_new_ex,
261     x509_pubkey_ex_d2i_ex,
262 };
263 
IMPLEMENT_EXTERN_ASN1(X509_PUBKEY,V_ASN1_SEQUENCE,x509_pubkey_ff)264 IMPLEMENT_EXTERN_ASN1(X509_PUBKEY, V_ASN1_SEQUENCE, x509_pubkey_ff)
265 IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
266 
267 X509_PUBKEY *X509_PUBKEY_new_ex(OSSL_LIB_CTX *libctx, const char *propq)
268 {
269     X509_PUBKEY *pubkey = NULL;
270 
271     pubkey = (X509_PUBKEY *)ASN1_item_new_ex(X509_PUBKEY_it(), libctx, propq);
272     if (!x509_pubkey_set0_libctx(pubkey, libctx, propq)) {
273         X509_PUBKEY_free(pubkey);
274         pubkey = NULL;
275     }
276     return pubkey;
277 }
278 
279 /*
280  * X509_PUBKEY_dup() must be implemented manually, because there is no
281  * support for it in ASN1_EXTERN_FUNCS.
282  */
X509_PUBKEY_dup(const X509_PUBKEY * a)283 X509_PUBKEY *X509_PUBKEY_dup(const X509_PUBKEY *a)
284 {
285     X509_PUBKEY *pubkey = OPENSSL_zalloc(sizeof(*pubkey));
286 
287     if (pubkey == NULL)
288         return NULL;
289     if (!x509_pubkey_set0_libctx(pubkey, a->libctx, a->propq)) {
290         ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
291         x509_pubkey_ex_free((ASN1_VALUE **)&pubkey,
292                             ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL));
293         return NULL;
294     }
295     if ((pubkey->algor = X509_ALGOR_dup(a->algor)) == NULL
296         || (pubkey->public_key = ASN1_BIT_STRING_new()) == NULL
297         || !ASN1_BIT_STRING_set(pubkey->public_key,
298                                 a->public_key->data,
299                                 a->public_key->length)) {
300         x509_pubkey_ex_free((ASN1_VALUE **)&pubkey,
301                             ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL));
302         ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
303         return NULL;
304     }
305 
306     if (a->pkey != NULL) {
307         ERR_set_mark();
308         pubkey->pkey = EVP_PKEY_dup(a->pkey);
309         if (pubkey->pkey == NULL) {
310             pubkey->flag_force_legacy = 1;
311             if (x509_pubkey_decode(&pubkey->pkey, pubkey) <= 0) {
312                 x509_pubkey_ex_free((ASN1_VALUE **)&pubkey,
313                                     ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL));
314                 ERR_clear_last_mark();
315                 return NULL;
316             }
317         }
318         ERR_pop_to_mark();
319     }
320     return pubkey;
321 }
322 
X509_PUBKEY_set(X509_PUBKEY ** x,EVP_PKEY * pkey)323 int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
324 {
325     X509_PUBKEY *pk = NULL;
326 
327     if (x == NULL || pkey == NULL) {
328         ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
329         return 0;
330     }
331 
332     if (pkey->ameth != NULL) {
333         if ((pk = X509_PUBKEY_new()) == NULL) {
334             ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
335             goto error;
336         }
337         if (pkey->ameth->pub_encode != NULL) {
338             if (!pkey->ameth->pub_encode(pk, pkey)) {
339                 ERR_raise(ERR_LIB_X509, X509_R_PUBLIC_KEY_ENCODE_ERROR);
340                 goto error;
341             }
342         } else {
343             ERR_raise(ERR_LIB_X509, X509_R_METHOD_NOT_SUPPORTED);
344             goto error;
345         }
346     } else if (evp_pkey_is_provided(pkey)) {
347         unsigned char *der = NULL;
348         size_t derlen = 0;
349         OSSL_ENCODER_CTX *ectx =
350             OSSL_ENCODER_CTX_new_for_pkey(pkey, EVP_PKEY_PUBLIC_KEY,
351                                           "DER", "SubjectPublicKeyInfo",
352                                           NULL);
353 
354         if (OSSL_ENCODER_to_data(ectx, &der, &derlen)) {
355             const unsigned char *pder = der;
356 
357             pk = d2i_X509_PUBKEY(NULL, &pder, (long)derlen);
358         }
359 
360         OSSL_ENCODER_CTX_free(ectx);
361         OPENSSL_free(der);
362     }
363 
364     if (pk == NULL) {
365         ERR_raise(ERR_LIB_X509, X509_R_UNSUPPORTED_ALGORITHM);
366         goto error;
367     }
368 
369     X509_PUBKEY_free(*x);
370     if (!EVP_PKEY_up_ref(pkey)) {
371         ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR);
372         goto error;
373     }
374     *x = pk;
375 
376     /*
377      * pk->pkey is NULL when using the legacy routine, but is non-NULL when
378      * going through the encoder, and for all intents and purposes, it's
379      * a perfect copy of the public key portions of |pkey|, just not the same
380      * instance.  If that's all there was to pkey then we could simply return
381      * early, right here. However, some application might very well depend on
382      * the passed |pkey| being used and none other, so we spend a few more
383      * cycles throwing away the newly created |pk->pkey| and replace it with
384      * |pkey|.
385      */
386     if (pk->pkey != NULL)
387         EVP_PKEY_free(pk->pkey);
388 
389     pk->pkey = pkey;
390     return 1;
391 
392  error:
393     X509_PUBKEY_free(pk);
394     return 0;
395 }
396 
397 /*
398  * Attempt to decode a public key.
399  * Returns 1 on success, 0 for a decode failure and -1 for a fatal
400  * error e.g. malloc failure.
401  *
402  * This function is #legacy.
403  */
x509_pubkey_decode(EVP_PKEY ** ppkey,const X509_PUBKEY * key)404 static int x509_pubkey_decode(EVP_PKEY **ppkey, const X509_PUBKEY *key)
405 {
406     EVP_PKEY *pkey;
407     int nid;
408 
409     nid = OBJ_obj2nid(key->algor->algorithm);
410     if (!key->flag_force_legacy) {
411 #ifndef OPENSSL_NO_ENGINE
412         ENGINE *e = NULL;
413 
414         e = ENGINE_get_pkey_meth_engine(nid);
415         if (e == NULL)
416             return 0;
417         ENGINE_finish(e);
418 #else
419         return 0;
420 #endif
421     }
422 
423     pkey = EVP_PKEY_new();
424     if (pkey == NULL) {
425         ERR_raise(ERR_LIB_X509, ERR_R_EVP_LIB);
426         return -1;
427     }
428 
429     if (!EVP_PKEY_set_type(pkey, nid)) {
430         ERR_raise(ERR_LIB_X509, X509_R_UNSUPPORTED_ALGORITHM);
431         goto error;
432     }
433 
434     if (pkey->ameth->pub_decode) {
435         /*
436          * Treat any failure of pub_decode as a decode error. In
437          * future we could have different return codes for decode
438          * errors and fatal errors such as malloc failure.
439          */
440         if (!pkey->ameth->pub_decode(pkey, key))
441             goto error;
442     } else {
443         ERR_raise(ERR_LIB_X509, X509_R_METHOD_NOT_SUPPORTED);
444         goto error;
445     }
446 
447     *ppkey = pkey;
448     return 1;
449 
450  error:
451     EVP_PKEY_free(pkey);
452     return 0;
453 }
454 
X509_PUBKEY_get0(const X509_PUBKEY * key)455 EVP_PKEY *X509_PUBKEY_get0(const X509_PUBKEY *key)
456 {
457     if (key == NULL) {
458         ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
459         return NULL;
460     }
461 
462     if (key->pkey == NULL) {
463         /* We failed to decode the key when we loaded it, or it was never set */
464         ERR_raise(ERR_LIB_EVP, EVP_R_DECODE_ERROR);
465         return NULL;
466     }
467 
468     return key->pkey;
469 }
470 
X509_PUBKEY_get(const X509_PUBKEY * key)471 EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key)
472 {
473     EVP_PKEY *ret = X509_PUBKEY_get0(key);
474 
475     if (ret != NULL && !EVP_PKEY_up_ref(ret)) {
476         ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR);
477         ret = NULL;
478     }
479     return ret;
480 }
481 
482 /*
483  * Now three pseudo ASN1 routines that take an EVP_PKEY structure and encode
484  * or decode as X509_PUBKEY
485  */
d2i_PUBKEY_int(EVP_PKEY ** a,const unsigned char ** pp,long length,OSSL_LIB_CTX * libctx,const char * propq,unsigned int force_legacy,X509_PUBKEY * (* d2i_x509_pubkey)(X509_PUBKEY ** a,const unsigned char ** in,long len))486 static EVP_PKEY *d2i_PUBKEY_int(EVP_PKEY **a,
487                                 const unsigned char **pp, long length,
488                                 OSSL_LIB_CTX *libctx, const char *propq,
489                                 unsigned int force_legacy,
490                                 X509_PUBKEY *
491                                 (*d2i_x509_pubkey)(X509_PUBKEY **a,
492                                                    const unsigned char **in,
493                                                    long len))
494 {
495     X509_PUBKEY *xpk, *xpk2 = NULL, **pxpk = NULL;
496     EVP_PKEY *pktmp = NULL;
497     const unsigned char *q;
498 
499     q = *pp;
500 
501     /*
502      * If libctx or propq are non-NULL, we take advantage of the reuse
503      * feature.  It's not generally recommended, but is safe enough for
504      * newly created structures.
505      */
506     if (libctx != NULL || propq != NULL || force_legacy) {
507         xpk2 = OPENSSL_zalloc(sizeof(*xpk2));
508         if (xpk2 == NULL)
509             return NULL;
510         if (!x509_pubkey_set0_libctx(xpk2, libctx, propq))
511             goto end;
512         xpk2->flag_force_legacy = !!force_legacy;
513         pxpk = &xpk2;
514     }
515     xpk = d2i_x509_pubkey(pxpk, &q, length);
516     if (xpk == NULL)
517         goto end;
518     pktmp = X509_PUBKEY_get(xpk);
519     X509_PUBKEY_free(xpk);
520     xpk2 = NULL;                 /* We know that xpk == xpk2 */
521     if (pktmp == NULL)
522         goto end;
523     *pp = q;
524     if (a != NULL) {
525         EVP_PKEY_free(*a);
526         *a = pktmp;
527     }
528  end:
529     X509_PUBKEY_free(xpk2);
530     return pktmp;
531 }
532 
533 /* For the algorithm specific d2i functions further down */
ossl_d2i_PUBKEY_legacy(EVP_PKEY ** a,const unsigned char ** pp,long length)534 EVP_PKEY *ossl_d2i_PUBKEY_legacy(EVP_PKEY **a, const unsigned char **pp,
535                                  long length)
536 {
537     return d2i_PUBKEY_int(a, pp, length, NULL, NULL, 1, d2i_X509_PUBKEY);
538 }
539 
d2i_PUBKEY_ex(EVP_PKEY ** a,const unsigned char ** pp,long length,OSSL_LIB_CTX * libctx,const char * propq)540 EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length,
541                         OSSL_LIB_CTX *libctx, const char *propq)
542 {
543     return d2i_PUBKEY_int(a, pp, length, libctx, propq, 0, d2i_X509_PUBKEY);
544 }
545 
d2i_PUBKEY(EVP_PKEY ** a,const unsigned char ** pp,long length)546 EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
547 {
548     return d2i_PUBKEY_ex(a, pp, length, NULL, NULL);
549 }
550 
i2d_PUBKEY(const EVP_PKEY * a,unsigned char ** pp)551 int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp)
552 {
553     int ret = -1;
554 
555     if (a == NULL)
556         return 0;
557     if (a->ameth != NULL) {
558         X509_PUBKEY *xpk = NULL;
559 
560         if ((xpk = X509_PUBKEY_new()) == NULL)
561             return -1;
562 
563         /* pub_encode() only encode parameters, not the key itself */
564         if (a->ameth->pub_encode != NULL && a->ameth->pub_encode(xpk, a)) {
565             xpk->pkey = (EVP_PKEY *)a;
566             ret = i2d_X509_PUBKEY(xpk, pp);
567             xpk->pkey = NULL;
568         }
569         X509_PUBKEY_free(xpk);
570     } else if (a->keymgmt != NULL) {
571         OSSL_ENCODER_CTX *ctx =
572             OSSL_ENCODER_CTX_new_for_pkey(a, EVP_PKEY_PUBLIC_KEY,
573                                           "DER", "SubjectPublicKeyInfo",
574                                           NULL);
575         BIO *out = BIO_new(BIO_s_mem());
576         BUF_MEM *buf = NULL;
577 
578         if (OSSL_ENCODER_CTX_get_num_encoders(ctx) != 0
579             && out != NULL
580             && OSSL_ENCODER_to_bio(ctx, out)
581             && BIO_get_mem_ptr(out, &buf) > 0) {
582             ret = buf->length;
583 
584             if (pp != NULL) {
585                 if (*pp == NULL) {
586                     *pp = (unsigned char *)buf->data;
587                     buf->length = 0;
588                     buf->data = NULL;
589                 } else {
590                     memcpy(*pp, buf->data, ret);
591                     *pp += ret;
592                 }
593             }
594         }
595         BIO_free(out);
596         OSSL_ENCODER_CTX_free(ctx);
597     }
598 
599     return ret;
600 }
601 
602 /*
603  * The following are equivalents but which return RSA and DSA keys
604  */
d2i_RSA_PUBKEY(RSA ** a,const unsigned char ** pp,long length)605 RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
606 {
607     EVP_PKEY *pkey;
608     RSA *key = NULL;
609     const unsigned char *q;
610 
611     q = *pp;
612     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
613     if (pkey == NULL)
614         return NULL;
615     key = EVP_PKEY_get1_RSA(pkey);
616     EVP_PKEY_free(pkey);
617     if (key == NULL)
618         return NULL;
619     *pp = q;
620     if (a != NULL) {
621         RSA_free(*a);
622         *a = key;
623     }
624     return key;
625 }
626 
i2d_RSA_PUBKEY(const RSA * a,unsigned char ** pp)627 int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp)
628 {
629     EVP_PKEY *pktmp;
630     int ret;
631     if (!a)
632         return 0;
633     pktmp = EVP_PKEY_new();
634     if (pktmp == NULL) {
635         ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
636         return -1;
637     }
638     (void)EVP_PKEY_assign_RSA(pktmp, (RSA *)a);
639     ret = i2d_PUBKEY(pktmp, pp);
640     pktmp->pkey.ptr = NULL;
641     EVP_PKEY_free(pktmp);
642     return ret;
643 }
644 
645 #ifndef OPENSSL_NO_DH
ossl_d2i_DH_PUBKEY(DH ** a,const unsigned char ** pp,long length)646 DH *ossl_d2i_DH_PUBKEY(DH **a, const unsigned char **pp, long length)
647 {
648     EVP_PKEY *pkey;
649     DH *key = NULL;
650     const unsigned char *q;
651 
652     q = *pp;
653     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
654     if (pkey == NULL)
655         return NULL;
656     if (EVP_PKEY_get_id(pkey) == EVP_PKEY_DH)
657         key = EVP_PKEY_get1_DH(pkey);
658     EVP_PKEY_free(pkey);
659     if (key == NULL)
660         return NULL;
661     *pp = q;
662     if (a != NULL) {
663         DH_free(*a);
664         *a = key;
665     }
666     return key;
667 }
668 
ossl_i2d_DH_PUBKEY(const DH * a,unsigned char ** pp)669 int ossl_i2d_DH_PUBKEY(const DH *a, unsigned char **pp)
670 {
671     EVP_PKEY *pktmp;
672     int ret;
673     if (!a)
674         return 0;
675     pktmp = EVP_PKEY_new();
676     if (pktmp == NULL) {
677         ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
678         return -1;
679     }
680     (void)EVP_PKEY_assign_DH(pktmp, (DH *)a);
681     ret = i2d_PUBKEY(pktmp, pp);
682     pktmp->pkey.ptr = NULL;
683     EVP_PKEY_free(pktmp);
684     return ret;
685 }
686 
ossl_d2i_DHx_PUBKEY(DH ** a,const unsigned char ** pp,long length)687 DH *ossl_d2i_DHx_PUBKEY(DH **a, const unsigned char **pp, long length)
688 {
689     EVP_PKEY *pkey;
690     DH *key = NULL;
691     const unsigned char *q;
692 
693     q = *pp;
694     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
695     if (pkey == NULL)
696         return NULL;
697     if (EVP_PKEY_get_id(pkey) == EVP_PKEY_DHX)
698         key = EVP_PKEY_get1_DH(pkey);
699     EVP_PKEY_free(pkey);
700     if (key == NULL)
701         return NULL;
702     *pp = q;
703     if (a != NULL) {
704         DH_free(*a);
705         *a = key;
706     }
707     return key;
708 }
709 
ossl_i2d_DHx_PUBKEY(const DH * a,unsigned char ** pp)710 int ossl_i2d_DHx_PUBKEY(const DH *a, unsigned char **pp)
711 {
712     EVP_PKEY *pktmp;
713     int ret;
714     if (!a)
715         return 0;
716     pktmp = EVP_PKEY_new();
717     if (pktmp == NULL) {
718         ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
719         return -1;
720     }
721     (void)EVP_PKEY_assign(pktmp, EVP_PKEY_DHX, (DH *)a);
722     ret = i2d_PUBKEY(pktmp, pp);
723     pktmp->pkey.ptr = NULL;
724     EVP_PKEY_free(pktmp);
725     return ret;
726 }
727 #endif
728 
729 #ifndef OPENSSL_NO_DSA
d2i_DSA_PUBKEY(DSA ** a,const unsigned char ** pp,long length)730 DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
731 {
732     EVP_PKEY *pkey;
733     DSA *key = NULL;
734     const unsigned char *q;
735 
736     q = *pp;
737     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
738     if (pkey == NULL)
739         return NULL;
740     key = EVP_PKEY_get1_DSA(pkey);
741     EVP_PKEY_free(pkey);
742     if (key == NULL)
743         return NULL;
744     *pp = q;
745     if (a != NULL) {
746         DSA_free(*a);
747         *a = key;
748     }
749     return key;
750 }
751 
752 /* Called from decoders; disallows provided DSA keys without parameters. */
ossl_d2i_DSA_PUBKEY(DSA ** a,const unsigned char ** pp,long length)753 DSA *ossl_d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
754 {
755     DSA *key = NULL;
756     const unsigned char *data;
757     const BIGNUM *p, *q, *g;
758 
759     data = *pp;
760     key = d2i_DSA_PUBKEY(NULL, &data, length);
761     if (key == NULL)
762         return NULL;
763     DSA_get0_pqg(key, &p, &q, &g);
764     if (p == NULL || q == NULL || g == NULL) {
765         DSA_free(key);
766         return NULL;
767     }
768     *pp = data;
769     if (a != NULL) {
770         DSA_free(*a);
771         *a = key;
772     }
773     return key;
774 }
775 
i2d_DSA_PUBKEY(const DSA * a,unsigned char ** pp)776 int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp)
777 {
778     EVP_PKEY *pktmp;
779     int ret;
780     if (!a)
781         return 0;
782     pktmp = EVP_PKEY_new();
783     if (pktmp == NULL) {
784         ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
785         return -1;
786     }
787     (void)EVP_PKEY_assign_DSA(pktmp, (DSA *)a);
788     ret = i2d_PUBKEY(pktmp, pp);
789     pktmp->pkey.ptr = NULL;
790     EVP_PKEY_free(pktmp);
791     return ret;
792 }
793 #endif
794 
795 #ifndef OPENSSL_NO_EC
d2i_EC_PUBKEY(EC_KEY ** a,const unsigned char ** pp,long length)796 EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
797 {
798     EVP_PKEY *pkey;
799     EC_KEY *key = NULL;
800     const unsigned char *q;
801     int type;
802 
803     q = *pp;
804     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
805     if (pkey == NULL)
806         return NULL;
807     type = EVP_PKEY_get_id(pkey);
808     if (type == EVP_PKEY_EC || type == EVP_PKEY_SM2)
809         key = EVP_PKEY_get1_EC_KEY(pkey);
810     EVP_PKEY_free(pkey);
811     if (key == NULL)
812         return NULL;
813     *pp = q;
814     if (a != NULL) {
815         EC_KEY_free(*a);
816         *a = key;
817     }
818     return key;
819 }
820 
i2d_EC_PUBKEY(const EC_KEY * a,unsigned char ** pp)821 int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp)
822 {
823     EVP_PKEY *pktmp;
824     int ret;
825 
826     if (a == NULL)
827         return 0;
828     if ((pktmp = EVP_PKEY_new()) == NULL) {
829         ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
830         return -1;
831     }
832     (void)EVP_PKEY_assign_EC_KEY(pktmp, (EC_KEY *)a);
833     ret = i2d_PUBKEY(pktmp, pp);
834     pktmp->pkey.ptr = NULL;
835     EVP_PKEY_free(pktmp);
836     return ret;
837 }
838 
839 # ifndef OPENSSL_NO_ECX
ossl_d2i_ED25519_PUBKEY(ECX_KEY ** a,const unsigned char ** pp,long length)840 ECX_KEY *ossl_d2i_ED25519_PUBKEY(ECX_KEY **a,
841                                  const unsigned char **pp, long length)
842 {
843     EVP_PKEY *pkey;
844     ECX_KEY *key = NULL;
845     const unsigned char *q;
846 
847     q = *pp;
848     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
849     if (pkey == NULL)
850         return NULL;
851     key = ossl_evp_pkey_get1_ED25519(pkey);
852     EVP_PKEY_free(pkey);
853     if (key == NULL)
854         return NULL;
855     *pp = q;
856     if (a != NULL) {
857         ossl_ecx_key_free(*a);
858         *a = key;
859     }
860     return key;
861 }
862 
ossl_i2d_ED25519_PUBKEY(const ECX_KEY * a,unsigned char ** pp)863 int ossl_i2d_ED25519_PUBKEY(const ECX_KEY *a, unsigned char **pp)
864 {
865     EVP_PKEY *pktmp;
866     int ret;
867 
868     if (a == NULL)
869         return 0;
870     if ((pktmp = EVP_PKEY_new()) == NULL) {
871         ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
872         return -1;
873     }
874     (void)EVP_PKEY_assign(pktmp, EVP_PKEY_ED25519, (ECX_KEY *)a);
875     ret = i2d_PUBKEY(pktmp, pp);
876     pktmp->pkey.ptr = NULL;
877     EVP_PKEY_free(pktmp);
878     return ret;
879 }
880 
ossl_d2i_ED448_PUBKEY(ECX_KEY ** a,const unsigned char ** pp,long length)881 ECX_KEY *ossl_d2i_ED448_PUBKEY(ECX_KEY **a,
882                                const unsigned char **pp, long length)
883 {
884     EVP_PKEY *pkey;
885     ECX_KEY *key = NULL;
886     const unsigned char *q;
887 
888     q = *pp;
889     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
890     if (pkey == NULL)
891         return NULL;
892     if (EVP_PKEY_get_id(pkey) == EVP_PKEY_ED448)
893         key = ossl_evp_pkey_get1_ED448(pkey);
894     EVP_PKEY_free(pkey);
895     if (key == NULL)
896         return NULL;
897     *pp = q;
898     if (a != NULL) {
899         ossl_ecx_key_free(*a);
900         *a = key;
901     }
902     return key;
903 }
904 
ossl_i2d_ED448_PUBKEY(const ECX_KEY * a,unsigned char ** pp)905 int ossl_i2d_ED448_PUBKEY(const ECX_KEY *a, unsigned char **pp)
906 {
907     EVP_PKEY *pktmp;
908     int ret;
909 
910     if (a == NULL)
911         return 0;
912     if ((pktmp = EVP_PKEY_new()) == NULL) {
913         ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
914         return -1;
915     }
916     (void)EVP_PKEY_assign(pktmp, EVP_PKEY_ED448, (ECX_KEY *)a);
917     ret = i2d_PUBKEY(pktmp, pp);
918     pktmp->pkey.ptr = NULL;
919     EVP_PKEY_free(pktmp);
920     return ret;
921 }
922 
ossl_d2i_X25519_PUBKEY(ECX_KEY ** a,const unsigned char ** pp,long length)923 ECX_KEY *ossl_d2i_X25519_PUBKEY(ECX_KEY **a,
924                                 const unsigned char **pp, long length)
925 {
926     EVP_PKEY *pkey;
927     ECX_KEY *key = NULL;
928     const unsigned char *q;
929 
930     q = *pp;
931     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
932     if (pkey == NULL)
933         return NULL;
934     if (EVP_PKEY_get_id(pkey) == EVP_PKEY_X25519)
935         key = ossl_evp_pkey_get1_X25519(pkey);
936     EVP_PKEY_free(pkey);
937     if (key == NULL)
938         return NULL;
939     *pp = q;
940     if (a != NULL) {
941         ossl_ecx_key_free(*a);
942         *a = key;
943     }
944     return key;
945 }
946 
ossl_i2d_X25519_PUBKEY(const ECX_KEY * a,unsigned char ** pp)947 int ossl_i2d_X25519_PUBKEY(const ECX_KEY *a, unsigned char **pp)
948 {
949     EVP_PKEY *pktmp;
950     int ret;
951 
952     if (a == NULL)
953         return 0;
954     if ((pktmp = EVP_PKEY_new()) == NULL) {
955         ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
956         return -1;
957     }
958     (void)EVP_PKEY_assign(pktmp, EVP_PKEY_X25519, (ECX_KEY *)a);
959     ret = i2d_PUBKEY(pktmp, pp);
960     pktmp->pkey.ptr = NULL;
961     EVP_PKEY_free(pktmp);
962     return ret;
963 }
964 
ossl_d2i_X448_PUBKEY(ECX_KEY ** a,const unsigned char ** pp,long length)965 ECX_KEY *ossl_d2i_X448_PUBKEY(ECX_KEY **a,
966                               const unsigned char **pp, long length)
967 {
968     EVP_PKEY *pkey;
969     ECX_KEY *key = NULL;
970     const unsigned char *q;
971 
972     q = *pp;
973     pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
974     if (pkey == NULL)
975         return NULL;
976     if (EVP_PKEY_get_id(pkey) == EVP_PKEY_X448)
977         key = ossl_evp_pkey_get1_X448(pkey);
978     EVP_PKEY_free(pkey);
979     if (key == NULL)
980         return NULL;
981     *pp = q;
982     if (a != NULL) {
983         ossl_ecx_key_free(*a);
984         *a = key;
985     }
986     return key;
987 }
988 
ossl_i2d_X448_PUBKEY(const ECX_KEY * a,unsigned char ** pp)989 int ossl_i2d_X448_PUBKEY(const ECX_KEY *a, unsigned char **pp)
990 {
991     EVP_PKEY *pktmp;
992     int ret;
993 
994     if (a == NULL)
995         return 0;
996     if ((pktmp = EVP_PKEY_new()) == NULL) {
997         ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
998         return -1;
999     }
1000     (void)EVP_PKEY_assign(pktmp, EVP_PKEY_X448, (ECX_KEY *)a);
1001     ret = i2d_PUBKEY(pktmp, pp);
1002     pktmp->pkey.ptr = NULL;
1003     EVP_PKEY_free(pktmp);
1004     return ret;
1005 }
1006 
1007 # endif /* OPENSSL_NO_ECX */
1008 #endif
1009 
X509_PUBKEY_set0_public_key(X509_PUBKEY * pub,unsigned char * penc,int penclen)1010 void X509_PUBKEY_set0_public_key(X509_PUBKEY *pub,
1011                                  unsigned char *penc, int penclen)
1012 {
1013     ASN1_STRING_set0(pub->public_key, penc, penclen);
1014     ossl_asn1_string_set_bits_left(pub->public_key, 0);
1015 }
1016 
X509_PUBKEY_set0_param(X509_PUBKEY * pub,ASN1_OBJECT * aobj,int ptype,void * pval,unsigned char * penc,int penclen)1017 int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
1018                            int ptype, void *pval,
1019                            unsigned char *penc, int penclen)
1020 {
1021     if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
1022         return 0;
1023     if (penc != NULL)
1024         X509_PUBKEY_set0_public_key(pub, penc, penclen);
1025     return 1;
1026 }
1027 
X509_PUBKEY_get0_param(ASN1_OBJECT ** ppkalg,const unsigned char ** pk,int * ppklen,X509_ALGOR ** pa,const X509_PUBKEY * pub)1028 int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
1029                            const unsigned char **pk, int *ppklen,
1030                            X509_ALGOR **pa, const X509_PUBKEY *pub)
1031 {
1032     if (ppkalg)
1033         *ppkalg = pub->algor->algorithm;
1034     if (pk) {
1035         *pk = pub->public_key->data;
1036         *ppklen = pub->public_key->length;
1037     }
1038     if (pa)
1039         *pa = pub->algor;
1040     return 1;
1041 }
1042 
X509_get0_pubkey_bitstr(const X509 * x)1043 ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
1044 {
1045     if (x == NULL)
1046         return NULL;
1047     return x->cert_info.key->public_key;
1048 }
1049 
1050 /* Returns 1 for equal, 0, for non-equal, < 0 on error */
X509_PUBKEY_eq(const X509_PUBKEY * a,const X509_PUBKEY * b)1051 int X509_PUBKEY_eq(const X509_PUBKEY *a, const X509_PUBKEY *b)
1052 {
1053     X509_ALGOR *algA, *algB;
1054     EVP_PKEY *pA, *pB;
1055 
1056     if (a == b)
1057         return 1;
1058     if (a == NULL || b == NULL)
1059         return 0;
1060     if (!X509_PUBKEY_get0_param(NULL, NULL, NULL, &algA, a) || algA == NULL
1061         || !X509_PUBKEY_get0_param(NULL, NULL, NULL, &algB, b) || algB == NULL)
1062         return -2;
1063     if (X509_ALGOR_cmp(algA, algB) != 0)
1064         return 0;
1065     if ((pA = X509_PUBKEY_get0(a)) == NULL
1066         || (pB = X509_PUBKEY_get0(b)) == NULL)
1067         return -2;
1068     return EVP_PKEY_eq(pA, pB);
1069 }
1070 
ossl_x509_PUBKEY_get0_libctx(OSSL_LIB_CTX ** plibctx,const char ** ppropq,const X509_PUBKEY * key)1071 int ossl_x509_PUBKEY_get0_libctx(OSSL_LIB_CTX **plibctx, const char **ppropq,
1072                                  const X509_PUBKEY *key)
1073 {
1074     if (plibctx)
1075         *plibctx = key->libctx;
1076     if (ppropq)
1077         *ppropq = key->propq;
1078     return 1;
1079 }
1080