#include <stdio.h>
#include "cryptlib.h"
-#include "objects.h"
-#include "evp.h"
-#include "asn1_mac.h"
-#include "x509.h"
+#include <openssl/bn.h>
+#include <openssl/err.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/asn1_mac.h>
+#include <openssl/x509.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
+#include <openssl/dh.h>
-/* EVPerr(EVP_F_D2I_PKEY,EVP_R_UNSUPPORTED_CIPHER); */
-/* EVPerr(EVP_F_D2I_PKEY,EVP_R_IV_TOO_LARGE); */
-
-#ifndef NOPROTO
static void EVP_PKEY_free_it(EVP_PKEY *x);
-#else
-static void EVP_PKEY_free_it();
-#endif
-int EVP_PKEY_bits(pkey)
-EVP_PKEY *pkey;
+int EVP_PKEY_bits(EVP_PKEY *pkey)
{
-#ifndef NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
+ if (0)
+ return 0;
+#ifndef OPENSSL_NO_RSA
+ else if (pkey->type == EVP_PKEY_RSA)
return(BN_num_bits(pkey->pkey.rsa->n));
- else
#endif
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
+#ifndef OPENSSL_NO_DSA
+ else if (pkey->type == EVP_PKEY_DSA)
return(BN_num_bits(pkey->pkey.dsa->p));
+#endif
+#ifndef OPENSSL_NO_EC
+ else if (pkey->type == EVP_PKEY_EC)
+ {
+ BIGNUM *order = BN_new();
+ const EC_GROUP *group;
+ int ret;
+
+ if (!order)
+ {
+ ERR_clear_error();
+ return 0;
+ }
+ group = EC_KEY_get0_group(pkey->pkey.ec);
+ if (!EC_GROUP_get_order(group, order, NULL))
+ {
+ ERR_clear_error();
+ return 0;
+ }
+
+ ret = BN_num_bits(order);
+ BN_free(order);
+ return ret;
+ }
#endif
return(0);
}
-int EVP_PKEY_size(pkey)
-EVP_PKEY *pkey;
+int EVP_PKEY_size(EVP_PKEY *pkey)
{
-#ifndef NO_RSA
+ if (pkey == NULL)
+ return(0);
+#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA)
return(RSA_size(pkey->pkey.rsa));
else
#endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
if (pkey->type == EVP_PKEY_DSA)
return(DSA_size(pkey->pkey.dsa));
#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (pkey->type == EVP_PKEY_EC)
+ return(ECDSA_size(pkey->pkey.ec));
+#endif
+
return(0);
}
-int EVP_PKEY_save_parameters(pkey,mode)
-EVP_PKEY *pkey;
-int mode;
+int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
{
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
if (pkey->type == EVP_PKEY_DSA)
{
- int ret=pkey->save_parameters=mode;
+ int ret=pkey->save_parameters;
if (mode >= 0)
pkey->save_parameters=mode;
return(ret);
}
+#endif
+#ifndef OPENSSL_NO_EC
+ if (pkey->type == EVP_PKEY_EC)
+ {
+ int ret = pkey->save_parameters;
+
+ if (mode >= 0)
+ pkey->save_parameters = mode;
+ return(ret);
+ }
#endif
return(0);
}
-int EVP_PKEY_copy_parameters(to,from)
-EVP_PKEY *to,*from;
+int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
{
if (to->type != from->type)
{
if (EVP_PKEY_missing_parameters(from))
{
- EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS);
+ EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
goto err;
}
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
if (to->type == EVP_PKEY_DSA)
{
BIGNUM *a;
if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g);
to->pkey.dsa->g=a;
}
+#endif
+#ifndef OPENSSL_NO_EC
+ if (to->type == EVP_PKEY_EC)
+ {
+ EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec));
+ if (group == NULL)
+ goto err;
+ if (EC_KEY_set_group(to->pkey.ec, group) == 0)
+ goto err;
+ EC_GROUP_free(group);
+ }
#endif
return(1);
err:
return(0);
}
-int EVP_PKEY_missing_parameters(pkey)
-EVP_PKEY *pkey;
+int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
{
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
if (pkey->type == EVP_PKEY_DSA)
{
DSA *dsa;
return(1);
}
#endif
+#ifndef OPENSSL_NO_EC
+ if (pkey->type == EVP_PKEY_EC)
+ {
+ if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
+ return(1);
+ }
+#endif
+
return(0);
}
-int EVP_PKEY_cmp_parameters(a,b)
-EVP_PKEY *a,*b;
+int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
{
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
{
if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
else
return(1);
}
+#endif
+#ifndef OPENSSL_NO_EC
+ if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC)
+ {
+ const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
+ *group_b = EC_KEY_get0_group(b->pkey.ec);
+ if (EC_GROUP_cmp(group_a, group_b, NULL))
+ return 0;
+ else
+ return 1;
+ }
#endif
return(-1);
}
-EVP_PKEY *EVP_PKEY_new()
+int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+ {
+ if (a->type != b->type)
+ return -1;
+
+ if (EVP_PKEY_cmp_parameters(a, b) == 0)
+ return 0;
+
+ switch (a->type)
+ {
+#ifndef OPENSSL_NO_RSA
+ case EVP_PKEY_RSA:
+ if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0
+ || BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0)
+ return 0;
+ break;
+#endif
+#ifndef OPENSSL_NO_DSA
+ case EVP_PKEY_DSA:
+ if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0)
+ return 0;
+ break;
+#endif
+#ifndef OPENSSL_NO_EC
+ case EVP_PKEY_EC:
+ {
+ int r;
+ const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
+ const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
+ *pb = EC_KEY_get0_public_key(b->pkey.ec);
+ r = EC_POINT_cmp(group, pa, pb, NULL);
+ if (r != 0)
+ {
+ if (r == 1)
+ return 0;
+ else
+ return -2;
+ }
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_DH
+ case EVP_PKEY_DH:
+ return -2;
+#endif
+ default:
+ return -2;
+ }
+
+ return 1;
+ }
+
+EVP_PKEY *EVP_PKEY_new(void)
{
EVP_PKEY *ret;
- ret=(EVP_PKEY *)Malloc(sizeof(EVP_PKEY));
+ ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
if (ret == NULL)
{
EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
return(ret);
}
-int EVP_PKEY_assign(pkey,type,key)
-EVP_PKEY *pkey;
-int type;
-char *key;
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
{
if (pkey == NULL) return(0);
if (pkey->pkey.ptr != NULL)
pkey->type=EVP_PKEY_type(type);
pkey->save_type=type;
pkey->pkey.ptr=key;
- return(1);
+ return(key != NULL);
+ }
+
+#ifndef OPENSSL_NO_RSA
+int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
+{
+ int ret = EVP_PKEY_assign_RSA(pkey, key);
+ if(ret)
+ RSA_up_ref(key);
+ return ret;
+}
+
+RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
+ {
+ if(pkey->type != EVP_PKEY_RSA) {
+ EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
+ return NULL;
+ }
+ RSA_up_ref(pkey->pkey.rsa);
+ return pkey->pkey.rsa;
+}
+#endif
+
+#ifndef OPENSSL_NO_DSA
+int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
+{
+ int ret = EVP_PKEY_assign_DSA(pkey, key);
+ if(ret)
+ DSA_up_ref(key);
+ return ret;
+}
+
+DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
+ {
+ if(pkey->type != EVP_PKEY_DSA) {
+ EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
+ return NULL;
}
+ DSA_up_ref(pkey->pkey.dsa);
+ return pkey->pkey.dsa;
+}
+#endif
+
+#ifndef OPENSSL_NO_EC
-int EVP_PKEY_type(type)
-int type;
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
+{
+ int ret = EVP_PKEY_assign_EC_KEY(pkey,key);
+ if (ret)
+ EC_KEY_up_ref(key);
+ return ret;
+}
+
+EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
+{
+ if (pkey->type != EVP_PKEY_EC)
+ {
+ EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
+ return NULL;
+ }
+ EC_KEY_up_ref(pkey->pkey.ec);
+ return pkey->pkey.ec;
+}
+#endif
+
+
+#ifndef OPENSSL_NO_DH
+
+int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
+{
+ int ret = EVP_PKEY_assign_DH(pkey, key);
+ if(ret)
+ DH_up_ref(key);
+ return ret;
+}
+
+DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
+ {
+ if(pkey->type != EVP_PKEY_DH) {
+ EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
+ return NULL;
+ }
+ DH_up_ref(pkey->pkey.dh);
+ return pkey->pkey.dh;
+}
+#endif
+
+int EVP_PKEY_type(int type)
{
switch (type)
{
return(EVP_PKEY_DSA);
case EVP_PKEY_DH:
return(EVP_PKEY_DH);
+ case EVP_PKEY_EC:
+ return(EVP_PKEY_EC);
default:
return(NID_undef);
}
}
-void EVP_PKEY_free(x)
-EVP_PKEY *x;
+void EVP_PKEY_free(EVP_PKEY *x)
{
int i;
}
#endif
EVP_PKEY_free_it(x);
- Free((char *)x);
+ if (x->attributes)
+ sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
+ OPENSSL_free(x);
}
-static void EVP_PKEY_free_it(x)
-EVP_PKEY *x;
+static void EVP_PKEY_free_it(EVP_PKEY *x)
{
switch (x->type)
{
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
case EVP_PKEY_RSA2:
RSA_free(x->pkey.rsa);
break;
#endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:
case EVP_PKEY_DSA2:
case EVP_PKEY_DSA3:
DSA_free(x->pkey.dsa);
break;
#endif
-#ifndef NO_DH
+#ifndef OPENSSL_NO_EC
+ case EVP_PKEY_EC:
+ EC_KEY_free(x->pkey.ec);
+ break;
+#endif
+#ifndef OPENSSL_NO_DH
case EVP_PKEY_DH:
DH_free(x->pkey.dh);
break;