X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fevp%2Fp_lib.c;h=22155ecf62c4b07ed942f434d9414c623e66914d;hb=f092a073a75be72731e57b175d2df73d2d0eddd8;hp=11369048e7e08b18b829ab1e7dc28ba75849f585;hpb=b7896b3cb86d80206af14a14d69b0717786f2729;p=oweals%2Fopenssl.git

diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 11369048e7..22155ecf62 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1,5 +1,5 @@
 /* crypto/evp/p_lib.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -58,67 +58,123 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include "objects.h"
-#include "evp.h"
-#include "asn1_mac.h"
-#include "x509.h"
-
-/* EVPerr(EVP_F_D2I_PKEY,EVP_R_UNSUPPORTED_CIPHER); */
-/* EVPerr(EVP_F_D2I_PKEY,EVP_R_IV_TOO_LARGE); */
+#include <openssl/bn.h>
+#include <openssl/err.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/asn1_mac.h>
+#include <openssl/x509.h>
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+#include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
 
-#ifndef NOPROTO
 static void EVP_PKEY_free_it(EVP_PKEY *x);
-#else
-static void EVP_PKEY_free_it();
+
+int EVP_PKEY_bits(EVP_PKEY *pkey)
+	{
+	if (0)
+		return 0;
+#ifndef OPENSSL_NO_RSA
+	else if (pkey->type == EVP_PKEY_RSA)
+		return(BN_num_bits(pkey->pkey.rsa->n));
 #endif
+#ifndef OPENSSL_NO_DSA
+	else if (pkey->type == EVP_PKEY_DSA)
+		return(BN_num_bits(pkey->pkey.dsa->p));
+#endif
+#ifndef OPENSSL_NO_EC
+	else if (pkey->type == EVP_PKEY_EC)
+		{
+		BIGNUM *order = BN_new();
+		const EC_GROUP *group;
+		int ret;
+
+		if (!order)
+			{
+			ERR_clear_error();
+			return 0;
+			}
+		group = EC_KEY_get0_group(pkey->pkey.ec);
+		if (!EC_GROUP_get_order(group, order, NULL))
+			{
+			ERR_clear_error();
+			return 0;
+			}
 
-int EVP_PKEY_size(pkey)
-EVP_PKEY *pkey;
+		ret = BN_num_bits(order);
+		BN_free(order);
+		return ret;
+		}
+#endif
+	return(0);
+	}
+
+int EVP_PKEY_size(EVP_PKEY *pkey)
 	{
-#ifndef NO_RSA
+	if (pkey == NULL)
+		return(0);
+#ifndef OPENSSL_NO_RSA
 	if (pkey->type == EVP_PKEY_RSA)
 		return(RSA_size(pkey->pkey.rsa));
 	else
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 		if (pkey->type == EVP_PKEY_DSA)
 		return(DSA_size(pkey->pkey.dsa));
 #endif
+#ifndef OPENSSL_NO_ECDSA
+		if (pkey->type == EVP_PKEY_EC)
+		return(ECDSA_size(pkey->pkey.ec));
+#endif
+
 	return(0);
 	}
 
-int EVP_PKEY_save_parameters(pkey,mode)
-EVP_PKEY *pkey;
-int mode;
+int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
 	{
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 	if (pkey->type == EVP_PKEY_DSA)
 		{
-		int ret=pkey->save_parameters=mode;
+		int ret=pkey->save_parameters;
 
 		if (mode >= 0)
 			pkey->save_parameters=mode;
 		return(ret);
 		}
+#endif
+#ifndef OPENSSL_NO_EC
+	if (pkey->type == EVP_PKEY_EC)
+		{
+		int ret = pkey->save_parameters;
+
+		if (mode >= 0)
+			pkey->save_parameters = mode;
+		return(ret);
+		}
 #endif
 	return(0);
 	}
 
-int EVP_PKEY_copy_parameters(to,from)
-EVP_PKEY *to,*from;
+int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
 	{
 	if (to->type != from->type)
 		{
 		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES);
-		return(0);
+		goto err;
 		}
 
 	if (EVP_PKEY_missing_parameters(from))
 		{
-		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS);
-		return(0);
+		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
+		goto err;
 		}
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 	if (to->type == EVP_PKEY_DSA)
 		{
 		BIGNUM *a;
@@ -135,16 +191,26 @@ EVP_PKEY *to,*from;
 		if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g);
 		to->pkey.dsa->g=a;
 		}
+#endif
+#ifndef OPENSSL_NO_EC
+	if (to->type == EVP_PKEY_EC)
+		{
+		EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec));
+		if (group == NULL)
+			goto err;
+		if (EC_KEY_set_group(to->pkey.ec, group) == 0)
+			goto err;
+		EC_GROUP_free(group);
+		}
 #endif
 	return(1);
 err:
 	return(0);
 	}
 
-int EVP_PKEY_missing_parameters(pkey)
-EVP_PKEY *pkey;
+int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
 	{
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 	if (pkey->type == EVP_PKEY_DSA)
 		{
 		DSA *dsa;
@@ -154,14 +220,101 @@ EVP_PKEY *pkey;
 			return(1);
 		}
 #endif
+#ifndef OPENSSL_NO_EC
+	if (pkey->type == EVP_PKEY_EC)
+		{
+		if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
+			return(1);
+		}
+#endif
+
 	return(0);
 	}
 
-EVP_PKEY *EVP_PKEY_new()
+int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+#ifndef OPENSSL_NO_DSA
+	if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
+		{
+		if (	BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
+			BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
+			BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
+			return(0);
+		else
+			return(1);
+		}
+#endif
+#ifndef OPENSSL_NO_EC
+	if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC)
+		{
+		const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
+		               *group_b = EC_KEY_get0_group(b->pkey.ec);
+		if (EC_GROUP_cmp(group_a, group_b, NULL))
+			return 0;
+		else
+			return 1;
+		}
+#endif
+	return(-1);
+	}
+
+int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+	if (a->type != b->type)
+		return -1;
+
+	if (EVP_PKEY_cmp_parameters(a, b) == 0)
+		return 0;
+
+	switch (a->type)
+		{
+#ifndef OPENSSL_NO_RSA
+	case EVP_PKEY_RSA:
+		if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0
+			|| BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0)
+			return 0;
+		break;
+#endif
+#ifndef OPENSSL_NO_DSA
+	case EVP_PKEY_DSA:
+		if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0)
+			return 0;
+		break;
+#endif
+#ifndef OPENSSL_NO_EC
+	case EVP_PKEY_EC:
+		{
+		int  r;
+		const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
+		const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
+		               *pb = EC_KEY_get0_public_key(b->pkey.ec);
+		r = EC_POINT_cmp(group, pa, pb, NULL);
+		if (r != 0)
+			{
+			if (r == 1)
+				return 0;
+			else
+				return -2;
+			}
+		}
+ 		break;
+#endif
+#ifndef OPENSSL_NO_DH
+	case EVP_PKEY_DH:
+		return -2;
+#endif
+	default:
+		return -2;
+		}
+
+	return 1;
+	}
+
+EVP_PKEY *EVP_PKEY_new(void)
 	{
 	EVP_PKEY *ret;
 
-	ret=(EVP_PKEY *)Malloc(sizeof(EVP_PKEY));
+	ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
 	if (ret == NULL)
 		{
 		EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
@@ -175,10 +328,7 @@ EVP_PKEY *EVP_PKEY_new()
 	return(ret);
 	}
 
-int EVP_PKEY_assign(pkey,type,key)
-EVP_PKEY *pkey;
-int type;
-char *key;
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
 	{
 	if (pkey == NULL) return(0);
 	if (pkey->pkey.ptr != NULL)
@@ -186,11 +336,94 @@ char *key;
 	pkey->type=EVP_PKEY_type(type);
 	pkey->save_type=type;
 	pkey->pkey.ptr=key;
-	return(1);
+	return(key != NULL);
 	}
 
-int EVP_PKEY_type(type)
-int type;
+#ifndef OPENSSL_NO_RSA
+int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
+{
+	int ret = EVP_PKEY_assign_RSA(pkey, key);
+	if(ret)
+		RSA_up_ref(key);
+	return ret;
+}
+
+RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
+	{
+	if(pkey->type != EVP_PKEY_RSA) {
+		EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
+		return NULL;
+	}
+	RSA_up_ref(pkey->pkey.rsa);
+	return pkey->pkey.rsa;
+}
+#endif
+
+#ifndef OPENSSL_NO_DSA
+int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
+{
+	int ret = EVP_PKEY_assign_DSA(pkey, key);
+	if(ret)
+		DSA_up_ref(key);
+	return ret;
+}
+
+DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
+	{
+	if(pkey->type != EVP_PKEY_DSA) {
+		EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
+		return NULL;
+	}
+	DSA_up_ref(pkey->pkey.dsa);
+	return pkey->pkey.dsa;
+}
+#endif
+
+#ifndef OPENSSL_NO_EC
+
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
+{
+	int ret = EVP_PKEY_assign_EC_KEY(pkey,key);
+	if (ret)
+		EC_KEY_up_ref(key);
+	return ret;
+}
+
+EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
+{
+	if (pkey->type != EVP_PKEY_EC)
+	{
+		EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
+		return NULL;
+	}
+	EC_KEY_up_ref(pkey->pkey.ec);
+	return pkey->pkey.ec;
+}
+#endif
+
+
+#ifndef OPENSSL_NO_DH
+
+int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
+{
+	int ret = EVP_PKEY_assign_DH(pkey, key);
+	if(ret)
+		DH_up_ref(key);
+	return ret;
+}
+
+DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
+	{
+	if(pkey->type != EVP_PKEY_DH) {
+		EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
+		return NULL;
+	}
+	DH_up_ref(pkey->pkey.dh);
+	return pkey->pkey.dh;
+}
+#endif
+
+int EVP_PKEY_type(int type)
 	{
 	switch (type)
 		{
@@ -198,24 +431,30 @@ int type;
 	case EVP_PKEY_RSA2:
 		return(EVP_PKEY_RSA);
 	case EVP_PKEY_DSA:
+	case EVP_PKEY_DSA1:
 	case EVP_PKEY_DSA2:
 	case EVP_PKEY_DSA3:
+	case EVP_PKEY_DSA4:
 		return(EVP_PKEY_DSA);
 	case EVP_PKEY_DH:
 		return(EVP_PKEY_DH);
+	case EVP_PKEY_EC:
+		return(EVP_PKEY_EC);
 	default:
 		return(NID_undef);
 		}
 	}
 
-void EVP_PKEY_free(x)
-EVP_PKEY *x;
+void EVP_PKEY_free(EVP_PKEY *x)
 	{
 	int i;
 
 	if (x == NULL) return;
 
 	i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+	REF_PRINT("EVP_PKEY",x);
+#endif
 	if (i > 0) return;
 #ifdef REF_CHECK
 	if (i < 0)
@@ -225,28 +464,35 @@ EVP_PKEY *x;
 		}
 #endif
 	EVP_PKEY_free_it(x);
-	Free((char *)x);
+	if (x->attributes)
+		sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
+	OPENSSL_free(x);
 	}
 
-static void EVP_PKEY_free_it(x)
-EVP_PKEY *x;
+static void EVP_PKEY_free_it(EVP_PKEY *x)
 	{
 	switch (x->type)
 		{
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
 	case EVP_PKEY_RSA:
 	case EVP_PKEY_RSA2:
 		RSA_free(x->pkey.rsa);
 		break;
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 	case EVP_PKEY_DSA:
 	case EVP_PKEY_DSA2:
 	case EVP_PKEY_DSA3:
+	case EVP_PKEY_DSA4:
 		DSA_free(x->pkey.dsa);
 		break;
 #endif
-#ifndef NO_DH
+#ifndef OPENSSL_NO_EC
+	case EVP_PKEY_EC:
+		EC_KEY_free(x->pkey.ec);
+		break;
+#endif
+#ifndef OPENSSL_NO_DH
 	case EVP_PKEY_DH:
 		DH_free(x->pkey.dh);
 		break;