From db98bbc1144cb7ac412562a54aaba0e4d2cde080 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 24 Mar 2006 13:46:58 +0000 Subject: [PATCH] Initial support for generalized public key parameters. --- crypto/asn1/ameth_lib.c | 16 ++++++++---- crypto/asn1/asn1_locl.h | 9 ++++--- crypto/evp/evp.h | 8 ++++-- crypto/evp/p_lib.c | 5 ++++ crypto/pem/pem.h | 2 ++ crypto/pem/pem_err.c | 1 + crypto/pem/pem_pkey.c | 54 +++++++++++++++++++++++++++++++++++++++++ 7 files changed, 84 insertions(+), 11 deletions(-) diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c index c95ccf0831..3616816c1c 100644 --- a/crypto/asn1/ameth_lib.c +++ b/crypto/asn1/ameth_lib.c @@ -70,15 +70,23 @@ extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; /* Keep this sorted in type order !! */ const EVP_PKEY_ASN1_METHOD *standard_methods[] = { +#ifndef OPENSSL_NO_RSA &rsa_asn1_meths[0], &rsa_asn1_meths[1], +#endif +#ifndef OPENSSL_NO_DH &dh_asn1_meth, +#endif +#ifndef OPENSSL_NO_DSA &dsa_asn1_meths[0], &dsa_asn1_meths[1], &dsa_asn1_meths[2], &dsa_asn1_meths[3], &dsa_asn1_meths[4], +#endif +#ifndef OPENSSL_NO_EC &eckey_asn1_meth +#endif }; typedef int sk_cmp_fn_type(const char * const *a, const char * const *b); @@ -209,11 +217,9 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, ameth->pub_cmp = 0; ameth->pub_print = 0; - ameth->priv_decode = 0; ameth->priv_encode = 0; ameth->priv_print = 0; - ameth->pkey_size = 0; ameth->pkey_bits = 0; @@ -225,7 +231,6 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, ameth->param_cmp = 0; ameth->param_print = 0; - ameth->pkey_free = 0; ameth->pkey_ctrl = 0; @@ -279,8 +284,9 @@ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, } void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, - int (*param_decode)(const EVP_PKEY *pk, X509_PUBKEY *pub), - int (*param_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk), + int (*param_decode)(EVP_PKEY *pkey, + const unsigned char **pder, int derlen), + int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder), int (*param_missing)(const EVP_PKEY *pk), int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from), int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), diff --git a/crypto/asn1/asn1_locl.h b/crypto/asn1/asn1_locl.h index 3acb4392d5..d21108d9bb 100644 --- a/crypto/asn1/asn1_locl.h +++ b/crypto/asn1/asn1_locl.h @@ -1,9 +1,9 @@ /* asn1t.h */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 2005. + * project 2006. */ /* ==================================================================== - * Copyright (c) 2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -97,8 +97,9 @@ struct evp_pkey_asn1_method_st int (*pkey_size)(const EVP_PKEY *pk); int (*pkey_bits)(const EVP_PKEY *pk); - int (*param_decode)(const EVP_PKEY *pk, X509_PUBKEY *pub); - int (*param_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk); + int (*param_decode)(EVP_PKEY *pkey, + const unsigned char **pder, int derlen); + int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder); int (*param_missing)(const EVP_PKEY *pk); int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from); int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b); diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 76ed8764c9..a367ff9717 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -777,6 +777,7 @@ int EVP_PKEY_type(int type); int EVP_PKEY_bits(EVP_PKEY *pkey); int EVP_PKEY_size(EVP_PKEY *pkey); int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key); +void * EVP_PKEY_get0(EVP_PKEY *pkey); #ifndef OPENSSL_NO_RSA struct rsa_st; @@ -868,14 +869,17 @@ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk), int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx)); + void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, - int (*param_decode)(const EVP_PKEY *pk, X509_PUBKEY *pub), - int (*param_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk), + int (*param_decode)(EVP_PKEY *pkey, + const unsigned char **pder, int derlen), + int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder), int (*param_missing)(const EVP_PKEY *pk), int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from), int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx)); + void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, void (*pkey_free)(EVP_PKEY *pkey)); void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index f18ac62a0f..0d3a69b48a 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -199,6 +199,11 @@ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) return(key != NULL); } +void *EVP_PKEY_get0(EVP_PKEY *pkey) + { + return pkey->pkey.ptr; + } + #ifndef OPENSSL_NO_RSA int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) { diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h index f2c5f329ad..b273007c0e 100644 --- a/crypto/pem/pem.h +++ b/crypto/pem/pem.h @@ -133,6 +133,7 @@ extern "C" { #define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY" #define PEM_STRING_ECPARAMETERS "EC PARAMETERS" #define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" +#define PEM_STRING_PARAMETERS "PARAMETERS" /* Note that this structure is initialised by PEM_SealInit and cleaned up by PEM_SealFinal (at least for now) */ @@ -724,6 +725,7 @@ void ERR_load_PEM_strings(void); #define PEM_F_PEM_PK8PKEY 119 #define PEM_F_PEM_READ 108 #define PEM_F_PEM_READ_BIO 109 +#define PEM_F_PEM_READ_BIO_PARAMETERS 140 #define PEM_F_PEM_READ_BIO_PRIVATEKEY 123 #define PEM_F_PEM_READ_PRIVATEKEY 124 #define PEM_F_PEM_SEALFINAL 110 diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c index c43585564b..d3352080e1 100644 --- a/crypto/pem/pem_err.c +++ b/crypto/pem/pem_err.c @@ -98,6 +98,7 @@ static ERR_STRING_DATA PEM_str_functs[]= {ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"}, {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"}, {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"}, +{ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS), "PEM_READ_BIO_PARAMETERS"}, {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"}, {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"}, {ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"}, diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index aea826e04e..b9067e0745 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -149,6 +149,60 @@ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, pem_str,bp,(char *)x,enc,kstr,klen,cb,u); } +EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) + { + char *nm=NULL; + const unsigned char *p=NULL; + unsigned char *data=NULL; + long len; + int slen; + EVP_PKEY *ret=NULL; + + if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS, + bp, cb, u)) + return NULL; + p = data; + + if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0) + { + const EVP_PKEY_ASN1_METHOD *ameth; + ameth = EVP_PKEY_asn1_find_str(nm, slen); + if (!ameth || !ameth->param_decode) + goto err; + ret = EVP_PKEY_new(); + if (!ret) + goto err; + if (!ameth->param_decode(ret, &p, len)) + { + EVP_PKEY_free(ret); + ret = NULL; + goto err; + } + if(x) + { + if(*x) EVP_PKEY_free((EVP_PKEY *)*x); + *x = ret; + } + } +err: + if (ret == NULL) + PEMerr(PEM_F_PEM_READ_BIO_PARAMETERS,ERR_R_ASN1_LIB); + OPENSSL_free(nm); + OPENSSL_free(data); + return(ret); + } + +int PEM_write_bio_Paramters(BIO *bp, EVP_PKEY *x) + { + char pem_str[80]; + if (!x->ameth || !x->ameth->param_encode) + return 0; + + BIO_snprintf(pem_str, 80, "%s PARAMETERS", x->ameth->pem_str); + return PEM_ASN1_write_bio( + (i2d_of_void *)openssl_fcast(x->ameth->param_encode), + pem_str,bp,(char *)x,NULL,NULL,0,0,NULL); + } #ifndef OPENSSL_NO_FP_API EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u) -- 2.25.1