1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/ossrv/ssl/libcrypto/src/crypto/evp/p_lib.c Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,502 @@
1.4 +/* crypto/evp/p_lib.c */
1.5 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
1.6 + * All rights reserved.
1.7 + *
1.8 + * This package is an SSL implementation written
1.9 + * by Eric Young (eay@cryptsoft.com).
1.10 + * The implementation was written so as to conform with Netscapes SSL.
1.11 + *
1.12 + * This library is free for commercial and non-commercial use as long as
1.13 + * the following conditions are aheared to. The following conditions
1.14 + * apply to all code found in this distribution, be it the RC4, RSA,
1.15 + * lhash, DES, etc., code; not just the SSL code. The SSL documentation
1.16 + * included with this distribution is covered by the same copyright terms
1.17 + * except that the holder is Tim Hudson (tjh@cryptsoft.com).
1.18 + *
1.19 + * Copyright remains Eric Young's, and as such any Copyright notices in
1.20 + * the code are not to be removed.
1.21 + * If this package is used in a product, Eric Young should be given attribution
1.22 + * as the author of the parts of the library used.
1.23 + * This can be in the form of a textual message at program startup or
1.24 + * in documentation (online or textual) provided with the package.
1.25 + *
1.26 + * Redistribution and use in source and binary forms, with or without
1.27 + * modification, are permitted provided that the following conditions
1.28 + * are met:
1.29 + * 1. Redistributions of source code must retain the copyright
1.30 + * notice, this list of conditions and the following disclaimer.
1.31 + * 2. Redistributions in binary form must reproduce the above copyright
1.32 + * notice, this list of conditions and the following disclaimer in the
1.33 + * documentation and/or other materials provided with the distribution.
1.34 + * 3. All advertising materials mentioning features or use of this software
1.35 + * must display the following acknowledgement:
1.36 + * "This product includes cryptographic software written by
1.37 + * Eric Young (eay@cryptsoft.com)"
1.38 + * The word 'cryptographic' can be left out if the rouines from the library
1.39 + * being used are not cryptographic related :-).
1.40 + * 4. If you include any Windows specific code (or a derivative thereof) from
1.41 + * the apps directory (application code) you must include an acknowledgement:
1.42 + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
1.43 + *
1.44 + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
1.45 + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1.46 + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1.47 + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
1.48 + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1.49 + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1.50 + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1.51 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1.52 + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1.53 + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1.54 + * SUCH DAMAGE.
1.55 + *
1.56 + * The licence and distribution terms for any publically available version or
1.57 + * derivative of this code cannot be changed. i.e. this code cannot simply be
1.58 + * copied and put under another distribution licence
1.59 + * [including the GNU Public Licence.]
1.60 + */
1.61 +
1.62 +#include <stdio.h>
1.63 +#include "cryptlib.h"
1.64 +#include <openssl/bn.h>
1.65 +#include <openssl/err.h>
1.66 +#include <openssl/objects.h>
1.67 +#include <openssl/evp.h>
1.68 +#include <openssl/asn1_mac.h>
1.69 +#include <openssl/x509.h>
1.70 +#ifndef OPENSSL_NO_RSA
1.71 +#include <openssl/rsa.h>
1.72 +#endif
1.73 +#ifndef OPENSSL_NO_DSA
1.74 +#include <openssl/dsa.h>
1.75 +#endif
1.76 +#ifndef OPENSSL_NO_DH
1.77 +#include <openssl/dh.h>
1.78 +#endif
1.79 +
1.80 +static void EVP_PKEY_free_it(EVP_PKEY *x);
1.81 +
1.82 +EXPORT_C int EVP_PKEY_bits(EVP_PKEY *pkey)
1.83 + {
1.84 + if (0)
1.85 + return 0;
1.86 +#ifndef OPENSSL_NO_RSA
1.87 + else if (pkey->type == EVP_PKEY_RSA)
1.88 + return(BN_num_bits(pkey->pkey.rsa->n));
1.89 +#endif
1.90 +#ifndef OPENSSL_NO_DSA
1.91 + else if (pkey->type == EVP_PKEY_DSA)
1.92 + return(BN_num_bits(pkey->pkey.dsa->p));
1.93 +#endif
1.94 +#ifndef OPENSSL_NO_EC
1.95 + else if (pkey->type == EVP_PKEY_EC)
1.96 + {
1.97 + BIGNUM *order = BN_new();
1.98 + const EC_GROUP *group;
1.99 + int ret;
1.100 +
1.101 + if (!order)
1.102 + {
1.103 + ERR_clear_error();
1.104 + return 0;
1.105 + }
1.106 + group = EC_KEY_get0_group(pkey->pkey.ec);
1.107 + if (!EC_GROUP_get_order(group, order, NULL))
1.108 + {
1.109 + ERR_clear_error();
1.110 + return 0;
1.111 + }
1.112 +
1.113 + ret = BN_num_bits(order);
1.114 + BN_free(order);
1.115 + return ret;
1.116 + }
1.117 +#endif
1.118 + return(0);
1.119 + }
1.120 +
1.121 +EXPORT_C int EVP_PKEY_size(EVP_PKEY *pkey)
1.122 + {
1.123 + if (pkey == NULL)
1.124 + return(0);
1.125 +#ifndef OPENSSL_NO_RSA
1.126 + if (pkey->type == EVP_PKEY_RSA)
1.127 + return(RSA_size(pkey->pkey.rsa));
1.128 + else
1.129 +#endif
1.130 +#ifndef OPENSSL_NO_DSA
1.131 + if (pkey->type == EVP_PKEY_DSA)
1.132 + return(DSA_size(pkey->pkey.dsa));
1.133 +#endif
1.134 +#ifndef OPENSSL_NO_ECDSA
1.135 + if (pkey->type == EVP_PKEY_EC)
1.136 + return(ECDSA_size(pkey->pkey.ec));
1.137 +#endif
1.138 +
1.139 + return(0);
1.140 + }
1.141 +
1.142 +EXPORT_C int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
1.143 + {
1.144 +#ifndef OPENSSL_NO_DSA
1.145 + if (pkey->type == EVP_PKEY_DSA)
1.146 + {
1.147 + int ret=pkey->save_parameters;
1.148 +
1.149 + if (mode >= 0)
1.150 + pkey->save_parameters=mode;
1.151 + return(ret);
1.152 + }
1.153 +#endif
1.154 +#ifndef OPENSSL_NO_EC
1.155 + if (pkey->type == EVP_PKEY_EC)
1.156 + {
1.157 + int ret = pkey->save_parameters;
1.158 +
1.159 + if (mode >= 0)
1.160 + pkey->save_parameters = mode;
1.161 + return(ret);
1.162 + }
1.163 +#endif
1.164 + return(0);
1.165 + }
1.166 +
1.167 +EXPORT_C int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
1.168 + {
1.169 + if (to->type != from->type)
1.170 + {
1.171 + EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES);
1.172 + goto err;
1.173 + }
1.174 +
1.175 + if (EVP_PKEY_missing_parameters(from))
1.176 + {
1.177 + EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
1.178 + goto err;
1.179 + }
1.180 +#ifndef OPENSSL_NO_DSA
1.181 + if (to->type == EVP_PKEY_DSA)
1.182 + {
1.183 + BIGNUM *a;
1.184 +
1.185 + if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err;
1.186 + if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p);
1.187 + to->pkey.dsa->p=a;
1.188 +
1.189 + if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err;
1.190 + if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q);
1.191 + to->pkey.dsa->q=a;
1.192 +
1.193 + if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err;
1.194 + if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g);
1.195 + to->pkey.dsa->g=a;
1.196 + }
1.197 +#endif
1.198 +#ifndef OPENSSL_NO_EC
1.199 + if (to->type == EVP_PKEY_EC)
1.200 + {
1.201 + EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec));
1.202 + if (group == NULL)
1.203 + goto err;
1.204 + if (EC_KEY_set_group(to->pkey.ec, group) == 0)
1.205 + goto err;
1.206 + EC_GROUP_free(group);
1.207 + }
1.208 +#endif
1.209 + return(1);
1.210 +err:
1.211 + return(0);
1.212 + }
1.213 +
1.214 +EXPORT_C int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
1.215 + {
1.216 +#ifndef OPENSSL_NO_DSA
1.217 + if (pkey->type == EVP_PKEY_DSA)
1.218 + {
1.219 + DSA *dsa;
1.220 +
1.221 + dsa=pkey->pkey.dsa;
1.222 + if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
1.223 + return(1);
1.224 + }
1.225 +#endif
1.226 +#ifndef OPENSSL_NO_EC
1.227 + if (pkey->type == EVP_PKEY_EC)
1.228 + {
1.229 + if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
1.230 + return(1);
1.231 + }
1.232 +#endif
1.233 +
1.234 + return(0);
1.235 + }
1.236 +
1.237 +EXPORT_C int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
1.238 + {
1.239 +#ifndef OPENSSL_NO_DSA
1.240 + if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
1.241 + {
1.242 + if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
1.243 + BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
1.244 + BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
1.245 + return(0);
1.246 + else
1.247 + return(1);
1.248 + }
1.249 +#endif
1.250 +#ifndef OPENSSL_NO_EC
1.251 + if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC)
1.252 + {
1.253 + const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
1.254 + *group_b = EC_KEY_get0_group(b->pkey.ec);
1.255 + if (EC_GROUP_cmp(group_a, group_b, NULL))
1.256 + return 0;
1.257 + else
1.258 + return 1;
1.259 + }
1.260 +#endif
1.261 + return(-1);
1.262 + }
1.263 +
1.264 +EXPORT_C int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
1.265 + {
1.266 + if (a->type != b->type)
1.267 + return -1;
1.268 +
1.269 + if (EVP_PKEY_cmp_parameters(a, b) == 0)
1.270 + return 0;
1.271 +
1.272 + switch (a->type)
1.273 + {
1.274 +#ifndef OPENSSL_NO_RSA
1.275 + case EVP_PKEY_RSA:
1.276 + if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0
1.277 + || BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0)
1.278 + return 0;
1.279 + break;
1.280 +#endif
1.281 +#ifndef OPENSSL_NO_DSA
1.282 + case EVP_PKEY_DSA:
1.283 + if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0)
1.284 + return 0;
1.285 + break;
1.286 +#endif
1.287 +#ifndef OPENSSL_NO_EC
1.288 + case EVP_PKEY_EC:
1.289 + {
1.290 + int r;
1.291 + const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
1.292 + const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
1.293 + *pb = EC_KEY_get0_public_key(b->pkey.ec);
1.294 + r = EC_POINT_cmp(group, pa, pb, NULL);
1.295 + if (r != 0)
1.296 + {
1.297 + if (r == 1)
1.298 + return 0;
1.299 + else
1.300 + return -2;
1.301 + }
1.302 + }
1.303 + break;
1.304 +#endif
1.305 +#ifndef OPENSSL_NO_DH
1.306 + case EVP_PKEY_DH:
1.307 + return -2;
1.308 +#endif
1.309 + default:
1.310 + return -2;
1.311 + }
1.312 +
1.313 + return 1;
1.314 + }
1.315 +
1.316 +EXPORT_C EVP_PKEY *EVP_PKEY_new(void)
1.317 + {
1.318 + EVP_PKEY *ret;
1.319 +
1.320 + ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
1.321 + if (ret == NULL)
1.322 + {
1.323 + EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
1.324 + return(NULL);
1.325 + }
1.326 + ret->type=EVP_PKEY_NONE;
1.327 + ret->references=1;
1.328 + ret->pkey.ptr=NULL;
1.329 + ret->attributes=NULL;
1.330 + ret->save_parameters=1;
1.331 + return(ret);
1.332 + }
1.333 +
1.334 +EXPORT_C int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
1.335 + {
1.336 + if (pkey == NULL) return(0);
1.337 + if (pkey->pkey.ptr != NULL)
1.338 + EVP_PKEY_free_it(pkey);
1.339 + pkey->type=EVP_PKEY_type(type);
1.340 + pkey->save_type=type;
1.341 + pkey->pkey.ptr=key;
1.342 + return(key != NULL);
1.343 + }
1.344 +
1.345 +#ifndef OPENSSL_NO_RSA
1.346 +EXPORT_C int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
1.347 +{
1.348 + int ret = EVP_PKEY_assign_RSA(pkey, key);
1.349 + if(ret)
1.350 + RSA_up_ref(key);
1.351 + return ret;
1.352 +}
1.353 +
1.354 +EXPORT_C RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
1.355 + {
1.356 + if(pkey->type != EVP_PKEY_RSA) {
1.357 + EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
1.358 + return NULL;
1.359 + }
1.360 + RSA_up_ref(pkey->pkey.rsa);
1.361 + return pkey->pkey.rsa;
1.362 +}
1.363 +#endif
1.364 +
1.365 +#ifndef OPENSSL_NO_DSA
1.366 +EXPORT_C int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
1.367 +{
1.368 + int ret = EVP_PKEY_assign_DSA(pkey, key);
1.369 + if(ret)
1.370 + DSA_up_ref(key);
1.371 + return ret;
1.372 +}
1.373 +
1.374 +EXPORT_C DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
1.375 + {
1.376 + if(pkey->type != EVP_PKEY_DSA) {
1.377 + EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
1.378 + return NULL;
1.379 + }
1.380 + DSA_up_ref(pkey->pkey.dsa);
1.381 + return pkey->pkey.dsa;
1.382 +}
1.383 +#endif
1.384 +
1.385 +#ifndef OPENSSL_NO_EC
1.386 +
1.387 +EXPORT_C int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
1.388 +{
1.389 + int ret = EVP_PKEY_assign_EC_KEY(pkey,key);
1.390 + if (ret)
1.391 + EC_KEY_up_ref(key);
1.392 + return ret;
1.393 +}
1.394 +
1.395 +EXPORT_C EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
1.396 +{
1.397 + if (pkey->type != EVP_PKEY_EC)
1.398 + {
1.399 + EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
1.400 + return NULL;
1.401 + }
1.402 + EC_KEY_up_ref(pkey->pkey.ec);
1.403 + return pkey->pkey.ec;
1.404 +}
1.405 +#endif
1.406 +
1.407 +
1.408 +#ifndef OPENSSL_NO_DH
1.409 +
1.410 +EXPORT_C int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
1.411 +{
1.412 + int ret = EVP_PKEY_assign_DH(pkey, key);
1.413 + if(ret)
1.414 + DH_up_ref(key);
1.415 + return ret;
1.416 +}
1.417 +
1.418 +EXPORT_C DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
1.419 + {
1.420 + if(pkey->type != EVP_PKEY_DH) {
1.421 + EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
1.422 + return NULL;
1.423 + }
1.424 + DH_up_ref(pkey->pkey.dh);
1.425 + return pkey->pkey.dh;
1.426 +}
1.427 +#endif
1.428 +
1.429 +EXPORT_C int EVP_PKEY_type(int type)
1.430 + {
1.431 + switch (type)
1.432 + {
1.433 + case EVP_PKEY_RSA:
1.434 + case EVP_PKEY_RSA2:
1.435 + return(EVP_PKEY_RSA);
1.436 + case EVP_PKEY_DSA:
1.437 + case EVP_PKEY_DSA1:
1.438 + case EVP_PKEY_DSA2:
1.439 + case EVP_PKEY_DSA3:
1.440 + case EVP_PKEY_DSA4:
1.441 + return(EVP_PKEY_DSA);
1.442 + case EVP_PKEY_DH:
1.443 + return(EVP_PKEY_DH);
1.444 + case EVP_PKEY_EC:
1.445 + return(EVP_PKEY_EC);
1.446 + default:
1.447 + return(NID_undef);
1.448 + }
1.449 + }
1.450 +
1.451 +EXPORT_C void EVP_PKEY_free(EVP_PKEY *x)
1.452 + {
1.453 + int i;
1.454 +
1.455 + if (x == NULL) return;
1.456 +
1.457 + i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY);
1.458 +#ifdef REF_PRINT
1.459 + REF_PRINT("EVP_PKEY",x);
1.460 +#endif
1.461 + if (i > 0) return;
1.462 +#ifdef REF_CHECK
1.463 + if (i < 0)
1.464 + {
1.465 + fprintf(stderr,"EVP_PKEY_free, bad reference count\n");
1.466 + abort();
1.467 + }
1.468 +#endif
1.469 + EVP_PKEY_free_it(x);
1.470 + if (x->attributes)
1.471 + sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
1.472 + OPENSSL_free(x);
1.473 + }
1.474 +
1.475 +static void EVP_PKEY_free_it(EVP_PKEY *x)
1.476 + {
1.477 + switch (x->type)
1.478 + {
1.479 +#ifndef OPENSSL_NO_RSA
1.480 + case EVP_PKEY_RSA:
1.481 + case EVP_PKEY_RSA2:
1.482 + RSA_free(x->pkey.rsa);
1.483 + break;
1.484 +#endif
1.485 +#ifndef OPENSSL_NO_DSA
1.486 + case EVP_PKEY_DSA:
1.487 + case EVP_PKEY_DSA2:
1.488 + case EVP_PKEY_DSA3:
1.489 + case EVP_PKEY_DSA4:
1.490 + DSA_free(x->pkey.dsa);
1.491 + break;
1.492 +#endif
1.493 +#ifndef OPENSSL_NO_EC
1.494 + case EVP_PKEY_EC:
1.495 + EC_KEY_free(x->pkey.ec);
1.496 + break;
1.497 +#endif
1.498 +#ifndef OPENSSL_NO_DH
1.499 + case EVP_PKEY_DH:
1.500 + DH_free(x->pkey.dh);
1.501 + break;
1.502 +#endif
1.503 + }
1.504 + }
1.505 +