#include <stdio.h>
#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/err.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/asn1_mac.h>
#include <openssl/x509.h>
static void EVP_PKEY_free_it(EVP_PKEY *x);
+
int EVP_PKEY_bits(EVP_PKEY *pkey)
{
-#ifndef NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
+ if (0)
+ return 0;
+#ifndef OPENSSL_NO_RSA
+ else if (pkey->type == EVP_PKEY_RSA)
return(BN_num_bits(pkey->pkey.rsa->n));
- else
#endif
-#ifndef NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
+#ifndef OPENSSL_NO_DSA
+ else if (pkey->type == EVP_PKEY_DSA)
return(BN_num_bits(pkey->pkey.dsa->p));
+#endif
+#ifndef OPENSSL_NO_EC
+ else if (pkey->type == EVP_PKEY_EC)
+ {
+ BIGNUM *order = BN_new();
+ int ret;
+
+ if (!order)
+ {
+ ERR_clear_error();
+ return 0;
+ }
+ if (!EC_GROUP_get_order(pkey->pkey.eckey->group, order, NULL))
+ {
+ ERR_clear_error();
+ return 0;
+ }
+
+ ret = BN_num_bits(order);
+ BN_free(order);
+ return ret;
+ }
#endif
return(0);
}
{
if (pkey == NULL)
return(0);
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA)
return(RSA_size(pkey->pkey.rsa));
else
#endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
if (pkey->type == EVP_PKEY_DSA)
return(DSA_size(pkey->pkey.dsa));
#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (pkey->type == EVP_PKEY_EC)
+ return(ECDSA_size(pkey->pkey.eckey));
+#endif
+
return(0);
}
int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
{
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
if (pkey->type == EVP_PKEY_DSA)
{
- int ret=pkey->save_parameters=mode;
+ int ret=pkey->save_parameters;
if (mode >= 0)
pkey->save_parameters=mode;
return(ret);
}
+#endif
+#ifndef OPENSSL_NO_EC
+ if (pkey->type == EVP_PKEY_EC)
+ {
+ int ret = pkey->save_parameters;
+
+ if (mode >= 0)
+ pkey->save_parameters = mode;
+ return(ret);
+ }
#endif
return(0);
}
-int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
+int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
{
if (to->type != from->type)
{
if (EVP_PKEY_missing_parameters(from))
{
- EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS);
+ EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
goto err;
}
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
if (to->type == EVP_PKEY_DSA)
{
BIGNUM *a;
if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g);
to->pkey.dsa->g=a;
}
+#endif
+#ifndef OPENSSL_NO_EC
+ if (to->type == EVP_PKEY_EC)
+ {
+ if (to->pkey.eckey->group != NULL)
+ EC_GROUP_free(to->pkey.eckey->group);
+ if ((to->pkey.eckey->group = EC_GROUP_new(
+ EC_GROUP_method_of(from->pkey.eckey->group))) == NULL)
+ goto err;
+ if (!EC_GROUP_copy(to->pkey.eckey->group,
+ from->pkey.eckey->group)) goto err;
+ }
#endif
return(1);
err:
return(0);
}
-int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
+int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
{
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
if (pkey->type == EVP_PKEY_DSA)
{
DSA *dsa;
return(1);
}
#endif
+#ifndef OPENSSL_NO_EC
+ if (pkey->type == EVP_PKEY_EC)
+ {
+ if (pkey->pkey.eckey->group == NULL)
+ return(1);
+ }
+#endif
+
return(0);
}
-int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b)
+int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
{
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
{
if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
return(-1);
}
+int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+ {
+ if (a->type != b->type)
+ return -1;
+
+ /* XXXXX
+ We should really check for != 0, but cmp_paramters doesn't compare EC
+ groups, and I'm currently unsure how to handle that case... Except for
+ adding such functionality to cmp_parameters, but that would require
+ things like EC_GROUP_cmp(), which I'm not currently ready to write.
+ -- Richard Levitte */
+ if (EVP_PKEY_cmp_parameters(a, b) == 1)
+ return 1;
+
+ switch (a->type)
+ {
+#ifndef OPENSSL_NO_RSA
+ case EVP_PKEY_RSA:
+ if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0
+ || BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0)
+ return 0;
+ break;
+#endif
+#ifndef OPENSSL_NO_DSA
+ case EVP_PKEY_DSA:
+ if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0)
+ return 0;
+ break;
+#endif
+#ifndef OPENSSL_NO_EC
+ case EVP_PKEY_EC:
+ {
+ int r = EC_POINT_cmp(b->pkey.eckey->group,
+ b->pkey.eckey->pub_key,a->pkey.eckey->pub_key,NULL);
+ if (r != 0)
+ {
+ if (r == 1)
+ return 0;
+ else
+ return -2;
+ }
+ }
+ break;
+#endif
+#ifndef OPENSSL_NO_DH
+ case EVP_PKEY_DH:
+ return -2;
+#endif
+ default:
+ return -2;
+ }
+
+ return 1;
+ }
+
EVP_PKEY *EVP_PKEY_new(void)
{
EVP_PKEY *ret;
- ret=(EVP_PKEY *)Malloc(sizeof(EVP_PKEY));
+ ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
if (ret == NULL)
{
EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
pkey->type=EVP_PKEY_type(type);
pkey->save_type=type;
pkey->pkey.ptr=key;
- return(1);
+ return(key != NULL);
}
-#ifndef NO_RSA
-RSA *EVP_PKEY_get_RSA(EVP_PKEY *pkey)
+#ifndef OPENSSL_NO_RSA
+int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
+{
+ int ret = EVP_PKEY_assign_RSA(pkey, key);
+ if(ret)
+ RSA_up_ref(key);
+ return ret;
+}
+
+RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
{
if(pkey->type != EVP_PKEY_RSA) {
- EVPerr(EVP_F_EVP_PKEY_GET_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
+ EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
return NULL;
}
- CRYPTO_add(&pkey->pkey.rsa->references, 1, CRYPTO_LOCK_RSA);
+ RSA_up_ref(pkey->pkey.rsa);
return pkey->pkey.rsa;
}
#endif
-#ifndef NO_DSA
-DSA *EVP_PKEY_get_DSA(EVP_PKEY *pkey)
+#ifndef OPENSSL_NO_DSA
+int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
+{
+ int ret = EVP_PKEY_assign_DSA(pkey, key);
+ if(ret)
+ DSA_up_ref(key);
+ return ret;
+}
+
+DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
{
if(pkey->type != EVP_PKEY_DSA) {
- EVPerr(EVP_F_EVP_PKEY_GET_DSA, EVP_R_EXPECTING_A_DSA_KEY);
+ EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
return NULL;
}
- CRYPTO_add(&pkey->pkey.rsa->references, 1, CRYPTO_LOCK_DSA);
+ DSA_up_ref(pkey->pkey.dsa);
return pkey->pkey.dsa;
}
#endif
-#ifndef NO_DH
-DH *EVP_PKEY_get_DH(EVP_PKEY *pkey)
+#ifndef OPENSSL_NO_EC
+
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
+{
+ int ret = EVP_PKEY_assign_EC_KEY(pkey,key);
+ if (ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_EC);
+ return ret;
+}
+
+EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
+{
+ if (pkey->type != EVP_PKEY_EC)
+ {
+ EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
+ return NULL;
+ }
+ CRYPTO_add(&pkey->pkey.eckey->references, 1, CRYPTO_LOCK_EC);
+ return pkey->pkey.eckey;
+}
+#endif
+
+
+#ifndef OPENSSL_NO_DH
+
+int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
+{
+ int ret = EVP_PKEY_assign_DH(pkey, key);
+ if(ret)
+ DH_up_ref(key);
+ return ret;
+}
+
+DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
{
if(pkey->type != EVP_PKEY_DH) {
- EVPerr(EVP_F_EVP_PKEY_GET_DH, EVP_R_EXPECTING_A_DH_KEY);
+ EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
return NULL;
}
- CRYPTO_add(&pkey->pkey.dh->references, 1, CRYPTO_LOCK_DH);
+ DH_up_ref(pkey->pkey.dh);
return pkey->pkey.dh;
}
#endif
return(EVP_PKEY_DSA);
case EVP_PKEY_DH:
return(EVP_PKEY_DH);
+ case EVP_PKEY_EC:
+ return(EVP_PKEY_EC);
default:
return(NID_undef);
}
}
#endif
EVP_PKEY_free_it(x);
- Free((char *)x);
+ OPENSSL_free(x);
}
static void EVP_PKEY_free_it(EVP_PKEY *x)
{
switch (x->type)
{
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
case EVP_PKEY_RSA2:
RSA_free(x->pkey.rsa);
break;
#endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:
case EVP_PKEY_DSA2:
case EVP_PKEY_DSA3:
DSA_free(x->pkey.dsa);
break;
#endif
-#ifndef NO_DH
+#ifndef OPENSSL_NO_EC
+ case EVP_PKEY_EC:
+ EC_KEY_free(x->pkey.eckey);
+ break;
+#endif
+#ifndef OPENSSL_NO_DH
case EVP_PKEY_DH:
DH_free(x->pkey.dh);
break;
projects / openssl.git / blobdiff