Add X509_PUBKEY_set0_public_key(), extracted from X509_PUBKEY_set0_param()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18668)

4 files changed, 37 insertions, 15 deletions

diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c
index ee8e01b894..6c554bc030 100644
--- a/crypto/x509/x_pubkey.c
+++ b/crypto/x509/x_pubkey.c
@@ -977,20 +977,25 @@ int ossl_i2d_X448_PUBKEY(const ECX_KEY *a, unsigned char **pp)
 
 #endif
 
+void X509_PUBKEY_set0_public_key(X509_PUBKEY *pub,
+                                 unsigned char *penc, int penclen)
+{
+    OPENSSL_free(pub->public_key->data);
+    pub->public_key->data = penc;
+    pub->public_key->length = penclen;
+    /* Set number of unused bits to zero */
+    pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
+    pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+}
+
 int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
                            int ptype, void *pval,
                            unsigned char *penc, int penclen)
 {
     if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
         return 0;
-    if (penc) {
-        OPENSSL_free(pub->public_key->data);
-        pub->public_key->data = penc;
-        pub->public_key->length = penclen;
-        /* Set number of unused bits to zero */
-        pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-        pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-    }
+    if (penc != NULL)
+        X509_PUBKEY_set0_public_key(pub, penc, penclen);
     return 1;
 }
 
diff --git a/doc/man3/X509_PUBKEY_new.pod b/doc/man3/X509_PUBKEY_new.pod
index 3d22857b80..d523643c89 100644
--- a/doc/man3/X509_PUBKEY_new.pod
+++ b/doc/man3/X509_PUBKEY_new.pod
@@ -5,7 +5,8 @@
 X509_PUBKEY_new_ex, X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_dup,
 X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get,
 d2i_PUBKEY_ex, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp,
-i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param,
+i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_public_key,
+X509_PUBKEY_set0_param, X509_PUBKEY_get0_param,
 X509_PUBKEY_eq - SubjectPublicKeyInfo public key functions
 
 =head1 SYNOPSIS
@@ -32,6 +33,8 @@ X509_PUBKEY_eq - SubjectPublicKeyInfo public key functions
  int i2d_PUBKEY_fp(const FILE *fp, EVP_PKEY *pkey);
  int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey);
 
+ void X509_PUBKEY_set0_public_key(X509_PUBKEY *pub,
+                                  unsigned char *penc, int penclen);
  int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
                             int ptype, void *pval,
                             unsigned char *penc, int penclen);
@@ -85,13 +88,20 @@ d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are
 similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a
 B<BIO> or B<FILE> pointer.
 
-X509_PUBKEY_set0_param() sets the public key parameters of I<pub>. The
-OID associated with the algorithm is set to I<aobj>. The type of the
+X509_PUBKEY_set0_public_key() sets the public-key encoding of I<pub>
+to the I<penclen> bytes contained in buffer I<penc>.
+Any earlier public-key encoding in I<pub> is freed.
+I<penc> may be NULL to indicate that there is no actual public key data.
+Ownership of the I<penc> argument is passed to I<pub>.
+
+X509_PUBKEY_set0_param() sets the public-key parameters of I<pub>.
+The OID associated with the algorithm is set to I<aobj>. The type of the
 algorithm parameters is set to I<type> using the structure I<pval>.
-The encoding of the public key itself is set to the I<penclen>
-bytes contained in buffer I<penc>. On success ownership of all the supplied
-parameters is passed to I<pub> so they must not be freed after the
-call.
+If I<penc> is not NULL the encoding of the public key itself is set
+to the I<penclen> bytes contained in buffer I<penc> and
+any earlier public-key encoding in I<pub> is freed.
+On success ownership of all the supplied arguments is passed to I<pub>
+so they must not be freed after the call.
 
 X509_PUBKEY_get0_param() retrieves the public key parameters from I<pub>,
 I<*ppkalg> is set to the associated OID and the encoding consists of
@@ -122,6 +132,8 @@ X509_PUBKEY_free() does not return a value.
 X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an B<EVP_PKEY>
 structure or NULL if an error occurs.
 
+X509_PUBKEY_set0_public_key() does not return a value.
+
 X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param()
 return 1 for success and 0 if an error occurred.
 
@@ -138,6 +150,8 @@ L<X509_get_pubkey(3)>,
 The X509_PUBKEY_new_ex() and X509_PUBKEY_eq() functions were added in OpenSSL
 3.0.
 
+X509_PUBKEY_set0_public_key() was added in OpenSSL 3.1.
+
 =head1 COPYRIGHT
 
 Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/include/openssl/x509.h.in b/include/openssl/x509.h.in
index 0a94303ed9..e0797ec378 100644
--- a/include/openssl/x509.h.in
+++ b/include/openssl/x509.h.in
@@ -1072,6 +1072,8 @@ int PKCS8_pkey_add1_attr_by_OBJ(PKCS8_PRIV_KEY_INFO *p8, const ASN1_OBJECT *obj,
                                 int type, const unsigned char *bytes, int len);
 
 
+void X509_PUBKEY_set0_public_key(X509_PUBKEY *pub,
+                                 unsigned char *penc, int penclen);
 int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
                            int ptype, void *pval,
                            unsigned char *penc, int penclen);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 3922eb30ad..bbd5e2b229 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5425,6 +5425,7 @@ ASN1_item_d2i_ex                        5552	3_0_0	EXIST::FUNCTION:
 ASN1_TIME_print_ex                      5553	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_get0_provider                  5554	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_CTX_get0_provider              5555	3_0_0	EXIST::FUNCTION:
+X509_PUBKEY_set0_public_key             ?	3_1_0	EXIST::FUNCTION:
 OSSL_STACK_OF_X509_free                 ?	3_1_0	EXIST::FUNCTION:
 EVP_MD_CTX_dup                          ?	3_1_0	EXIST::FUNCTION:
 EVP_CIPHER_CTX_dup                      ?	3_1_0	EXIST::FUNCTION: