1 /* crypto/x509/x_all.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay (at) cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay (at) cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <stdio.h> 60 #include <openssl/stack.h> 61 #include "cryptlib.h" 62 #include <openssl/buffer.h> 63 #include <openssl/asn1.h> 64 #include <openssl/evp.h> 65 #include <openssl/x509.h> 66 #ifndef OPENSSL_NO_RSA 67 #include <openssl/rsa.h> 68 #endif 69 #ifndef OPENSSL_NO_DSA 70 #include <openssl/dsa.h> 71 #endif 72 73 int X509_verify(X509 *a, EVP_PKEY *r) 74 { 75 return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF),a->sig_alg, 76 a->signature,a->cert_info,r)); 77 } 78 79 int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r) 80 { 81 return( ASN1_item_verify(ASN1_ITEM_rptr(X509_REQ_INFO), 82 a->sig_alg,a->signature,a->req_info,r)); 83 } 84 85 int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) 86 { 87 return(ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC), 88 a->sig_algor,a->signature,a->spkac,r)); 89 } 90 91 int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) 92 { 93 return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), x->cert_info->signature, 94 x->sig_alg, x->signature, x->cert_info,pkey,md)); 95 } 96 97 int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) 98 { 99 return(ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO),x->sig_alg, NULL, 100 x->signature, x->req_info,pkey,md)); 101 } 102 103 int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md) 104 { 105 x->crl->enc.modified = 1; 106 return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO),x->crl->sig_alg, 107 x->sig_alg, x->signature, x->crl,pkey,md)); 108 } 109 110 int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) 111 { 112 return(ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor,NULL, 113 x->signature, x->spkac,pkey,md)); 114 } 115 116 #ifndef OPENSSL_NO_FP_API 117 X509 *d2i_X509_fp(FILE *fp, X509 **x509) 118 { 119 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509); 120 } 121 122 int i2d_X509_fp(FILE *fp, X509 *x509) 123 { 124 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509); 125 } 126 #endif 127 128 X509 *d2i_X509_bio(BIO *bp, X509 **x509) 129 { 130 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509); 131 } 132 133 int i2d_X509_bio(BIO *bp, X509 *x509) 134 { 135 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509); 136 } 137 138 #ifndef OPENSSL_NO_FP_API 139 X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl) 140 { 141 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl); 142 } 143 144 int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl) 145 { 146 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl); 147 } 148 #endif 149 150 X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl) 151 { 152 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl); 153 } 154 155 int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl) 156 { 157 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl); 158 } 159 160 #ifndef OPENSSL_NO_FP_API 161 PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7) 162 { 163 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7); 164 } 165 166 int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7) 167 { 168 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7); 169 } 170 #endif 171 172 PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7) 173 { 174 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7); 175 } 176 177 int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7) 178 { 179 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7); 180 } 181 182 #ifndef OPENSSL_NO_FP_API 183 X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req) 184 { 185 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req); 186 } 187 188 int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req) 189 { 190 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req); 191 } 192 #endif 193 194 X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req) 195 { 196 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req); 197 } 198 199 int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req) 200 { 201 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req); 202 } 203 204 #ifndef OPENSSL_NO_RSA 205 206 #ifndef OPENSSL_NO_FP_API 207 RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) 208 { 209 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); 210 } 211 212 int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa) 213 { 214 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); 215 } 216 217 RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) 218 { 219 return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); 220 } 221 222 223 RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) 224 { 225 return ASN1_d2i_fp((void *(*)(void)) 226 RSA_new,(D2I_OF(void))d2i_RSA_PUBKEY, fp, 227 (void **)rsa); 228 } 229 230 int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) 231 { 232 return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); 233 } 234 235 int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) 236 { 237 return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY,fp,rsa); 238 } 239 #endif 240 241 RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) 242 { 243 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); 244 } 245 246 int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa) 247 { 248 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); 249 } 250 251 RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) 252 { 253 return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); 254 } 255 256 257 RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) 258 { 259 return ASN1_d2i_bio_of(RSA,RSA_new,d2i_RSA_PUBKEY,bp,rsa); 260 } 261 262 int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) 263 { 264 return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); 265 } 266 267 int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) 268 { 269 return ASN1_i2d_bio_of(RSA,i2d_RSA_PUBKEY,bp,rsa); 270 } 271 #endif 272 273 #ifndef OPENSSL_NO_DSA 274 #ifndef OPENSSL_NO_FP_API 275 DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) 276 { 277 return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSAPrivateKey,fp,dsa); 278 } 279 280 int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa) 281 { 282 return ASN1_i2d_fp_of_const(DSA,i2d_DSAPrivateKey,fp,dsa); 283 } 284 285 DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa) 286 { 287 return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSA_PUBKEY,fp,dsa); 288 } 289 290 int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa) 291 { 292 return ASN1_i2d_fp_of(DSA,i2d_DSA_PUBKEY,fp,dsa); 293 } 294 #endif 295 296 DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) 297 { 298 return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAPrivateKey,bp,dsa 299 ); 300 } 301 302 int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa) 303 { 304 return ASN1_i2d_bio_of_const(DSA,i2d_DSAPrivateKey,bp,dsa); 305 } 306 307 DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa) 308 { 309 return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSA_PUBKEY,bp,dsa); 310 } 311 312 int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa) 313 { 314 return ASN1_i2d_bio_of(DSA,i2d_DSA_PUBKEY,bp,dsa); 315 } 316 317 #endif 318 319 #ifndef OPENSSL_NO_EC 320 #ifndef OPENSSL_NO_FP_API 321 EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey) 322 { 323 return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,fp,eckey); 324 } 325 326 int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey) 327 { 328 return ASN1_i2d_fp_of(EC_KEY,i2d_EC_PUBKEY,fp,eckey); 329 } 330 331 EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey) 332 { 333 return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,fp,eckey); 334 } 335 336 int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey) 337 { 338 return ASN1_i2d_fp_of(EC_KEY,i2d_ECPrivateKey,fp,eckey); 339 } 340 #endif 341 EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey) 342 { 343 return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,bp,eckey); 344 } 345 346 int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa) 347 { 348 return ASN1_i2d_bio_of(EC_KEY,i2d_EC_PUBKEY,bp,ecdsa); 349 } 350 351 EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey) 352 { 353 return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,bp,eckey); 354 } 355 356 int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey) 357 { 358 return ASN1_i2d_bio_of(EC_KEY,i2d_ECPrivateKey,bp,eckey); 359 } 360 #endif 361 362 363 int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md, 364 unsigned int *len) 365 { 366 ASN1_BIT_STRING *key; 367 key = X509_get0_pubkey_bitstr(data); 368 if(!key) return 0; 369 return EVP_Digest(key->data, key->length, md, len, type, NULL); 370 } 371 372 int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, 373 unsigned int *len) 374 { 375 return(ASN1_item_digest(ASN1_ITEM_rptr(X509),type,(char *)data,md,len)); 376 } 377 378 int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md, 379 unsigned int *len) 380 { 381 return(ASN1_item_digest(ASN1_ITEM_rptr(X509_CRL),type,(char *)data,md,len)); 382 } 383 384 int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md, 385 unsigned int *len) 386 { 387 return(ASN1_item_digest(ASN1_ITEM_rptr(X509_REQ),type,(char *)data,md,len)); 388 } 389 390 int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md, 391 unsigned int *len) 392 { 393 return(ASN1_item_digest(ASN1_ITEM_rptr(X509_NAME),type,(char *)data,md,len)); 394 } 395 396 int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *type, 397 unsigned char *md, unsigned int *len) 398 { 399 return(ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL),type, 400 (char *)data,md,len)); 401 } 402 403 404 #ifndef OPENSSL_NO_FP_API 405 X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) 406 { 407 return ASN1_d2i_fp_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,fp,p8); 408 } 409 410 int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8) 411 { 412 return ASN1_i2d_fp_of(X509_SIG,i2d_X509_SIG,fp,p8); 413 } 414 #endif 415 416 X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) 417 { 418 return ASN1_d2i_bio_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,bp,p8); 419 } 420 421 int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8) 422 { 423 return ASN1_i2d_bio_of(X509_SIG,i2d_X509_SIG,bp,p8); 424 } 425 426 #ifndef OPENSSL_NO_FP_API 427 PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, 428 PKCS8_PRIV_KEY_INFO **p8inf) 429 { 430 return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new, 431 d2i_PKCS8_PRIV_KEY_INFO,fp,p8inf); 432 } 433 434 int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf) 435 { 436 return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,fp, 437 p8inf); 438 } 439 440 int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) 441 { 442 PKCS8_PRIV_KEY_INFO *p8inf; 443 int ret; 444 p8inf = EVP_PKEY2PKCS8(key); 445 if(!p8inf) return 0; 446 ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf); 447 PKCS8_PRIV_KEY_INFO_free(p8inf); 448 return ret; 449 } 450 451 int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey) 452 { 453 return ASN1_i2d_fp_of(EVP_PKEY,i2d_PrivateKey,fp,pkey); 454 } 455 456 EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) 457 { 458 return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,fp,a); 459 } 460 461 int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey) 462 { 463 return ASN1_i2d_fp_of(EVP_PKEY,i2d_PUBKEY,fp,pkey); 464 } 465 466 EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a) 467 { 468 return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,fp,a); 469 } 470 471 #endif 472 473 PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, 474 PKCS8_PRIV_KEY_INFO **p8inf) 475 { 476 return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new, 477 d2i_PKCS8_PRIV_KEY_INFO,bp,p8inf); 478 } 479 480 int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf) 481 { 482 return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,bp, 483 p8inf); 484 } 485 486 int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) 487 { 488 PKCS8_PRIV_KEY_INFO *p8inf; 489 int ret; 490 p8inf = EVP_PKEY2PKCS8(key); 491 if(!p8inf) return 0; 492 ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf); 493 PKCS8_PRIV_KEY_INFO_free(p8inf); 494 return ret; 495 } 496 497 int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey) 498 { 499 return ASN1_i2d_bio_of(EVP_PKEY,i2d_PrivateKey,bp,pkey); 500 } 501 502 EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a) 503 { 504 return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,bp,a); 505 } 506 507 int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey) 508 { 509 return ASN1_i2d_bio_of(EVP_PKEY,i2d_PUBKEY,bp,pkey); 510 } 511 512 EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a) 513 { 514 return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,bp,a); 515 } 516
