New utility pkeyparam. Enhance and bugfix algorithm specific parameter

functions to support it.
author: Dr. Stephen Henson <steve@openssl.org> 2006-03-28 14:35:32 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2006-03-28 14:35:32 +0000
commit: 3e4585c8fd0b23f884d775462736502599146af6 (patch)
tree: 27b73970dedcc4215d6f7c4def10ee3990674143 /crypto
parent: 3e84b6e15fe6a580177b9e242c66e1d1ab6c2164 (diff)
13 files changed, 156 insertions, 53 deletions
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
index 7871882e35..48b6283704 100644
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -215,13 +215,14 @@ void ERR_load_DH_strings(void);
 #define DH_F_DHPARAMS_PRINT_FP				 101
 #define DH_F_DH_BUILTIN_GENPARAMS			 106
 #define DH_F_DH_NEW_METHOD				 105
+#define DH_F_DH_PARAM_DECODE				 107
 #define DH_F_GENERATE_KEY				 103
 #define DH_F_GENERATE_PARAMETERS			 104
 
 /* Reason codes. */
 #define DH_R_BAD_GENERATOR				 101
-#define DH_R_NO_PRIVATE_VALUE				 100
 #define DH_R_INVALID_PUBKEY				 102
+#define DH_R_NO_PRIVATE_VALUE				 100
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c
index bcc56a166e..ba3ff562a1 100644
--- a/crypto/dh/dh_ameth.c
+++ b/crypto/dh/dh_ameth.c
@@ -67,6 +67,82 @@ static void int_dh_free(EVP_PKEY *pkey)
 	DH_free(pkey->pkey.dh);
 	}
 
+static int dh_param_decode(EVP_PKEY *pkey,
+					const unsigned char **pder, int derlen)
+	{
+	DH *dh;
+	if (!(dh = d2i_DHparams(NULL, pder, derlen)))
+		{
+		DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
+		return 0;
+		}
+	EVP_PKEY_assign_DH(pkey, dh);
+	return 1;
+	}
+
+static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+	{
+	return i2d_DHparams(pkey->pkey.dh, pder);
+	}
+
+static int do_dhparam_print(BIO *bp, const DH *x, int indent,
+							ASN1_PCTX *ctx)
+	{
+	unsigned char *m=NULL;
+	int reason=ERR_R_BUF_LIB,ret=0;
+	size_t buf_len=0, i;
+
+	if (x->p)
+		buf_len = (size_t)BN_num_bytes(x->p);
+	else
+		{
+		reason = ERR_R_PASSED_NULL_PARAMETER;
+		goto err;
+		}
+	if (x->g)
+		if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
+			buf_len = i;
+	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
+	if (m == NULL)
+		{
+		reason=ERR_R_MALLOC_FAILURE;
+		goto err;
+		}
+
+	BIO_indent(bp, indent, 128);
+	if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n",
+		BN_num_bits(x->p)) <= 0)
+		goto err;
+	indent += 4;
+	if (!ASN1_bn_print(bp,"prime:",x->p,m,indent)) goto err;
+	if (!ASN1_bn_print(bp,"generator:",x->g,m,indent)) goto err;
+	if (x->length != 0)
+		{
+		BIO_indent(bp, indent, 128);
+		if (BIO_printf(bp,"recommended-private-length: %d bits\n",
+			(int)x->length) <= 0) goto err;
+		}
+	ret=1;
+	if (0)
+		{
+err:
+		DHerr(DH_F_DHPARAMS_PRINT,reason);
+		}
+	if (m != NULL) OPENSSL_free(m);
+	return(ret);
+	}
+
+static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_dhparam_print(bp, pkey->pkey.dh, indent, ctx);
+	}
+
+int DHparams_print(BIO *bp, const DH *x)
+	{
+	return do_dhparam_print(bp, x, 4, NULL);
+	}
+
 const EVP_PKEY_ASN1_METHOD dh_asn1_meth = 
 	{
 	EVP_PKEY_DH,
@@ -88,7 +164,10 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth =
 	0,
 	0,
 
-	0,0,0,0,0,0,
+	dh_param_decode,
+	dh_param_encode,
+	0,0,0,
+	dh_param_print,
 
 	int_dh_free,
 	0
diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
index ea67fb71a0..4e4deb6d13 100644
--- a/crypto/dh/dh_err.c
+++ b/crypto/dh/dh_err.c
@@ -75,6 +75,7 @@ static ERR_STRING_DATA DH_str_functs[]=
 {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP),	"DHparams_print_fp"},
 {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS),	"DH_BUILTIN_GENPARAMS"},
 {ERR_FUNC(DH_F_DH_NEW_METHOD),	"DH_new_method"},
+{ERR_FUNC(DH_F_DH_PARAM_DECODE),	"DH_PARAM_DECODE"},
 {ERR_FUNC(DH_F_GENERATE_KEY),	"GENERATE_KEY"},
 {ERR_FUNC(DH_F_GENERATE_PARAMETERS),	"GENERATE_PARAMETERS"},
 {0,NULL}
@@ -83,8 +84,8 @@ static ERR_STRING_DATA DH_str_functs[]=
 static ERR_STRING_DATA DH_str_reasons[]=
 	{
 {ERR_REASON(DH_R_BAD_GENERATOR)          ,"bad generator"},
-{ERR_REASON(DH_R_NO_PRIVATE_VALUE)       ,"no private value"},
 {ERR_REASON(DH_R_INVALID_PUBKEY)         ,"invalid public key"},
+{ERR_REASON(DH_R_NO_PRIVATE_VALUE)       ,"no private value"},
 {0,NULL}
 	};
 
diff --git a/crypto/dh/dh_prn.c b/crypto/dh/dh_prn.c
index 04e7c55b7a..ae58c2ac87 100644
--- a/crypto/dh/dh_prn.c
+++ b/crypto/dh/dh_prn.c
@@ -78,47 +78,3 @@ int DHparams_print_fp(FILE *fp, const DH *x)
 	return(ret);
 	}
 #endif
-
-int DHparams_print(BIO *bp, const DH *x)
-	{
-	unsigned char *m=NULL;
-	int reason=ERR_R_BUF_LIB,ret=0;
-	size_t buf_len=0, i;
-
-	if (x->p)
-		buf_len = (size_t)BN_num_bytes(x->p);
-	else
-		{
-		reason = ERR_R_PASSED_NULL_PARAMETER;
-		goto err;
-		}
-	if (x->g)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
-			buf_len = i;
-	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
-	if (m == NULL)
-		{
-		reason=ERR_R_MALLOC_FAILURE;
-		goto err;
-		}
-
-	if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n",
-		BN_num_bits(x->p)) <= 0)
-		goto err;
-	if (!ASN1_bn_print(bp,"prime:",x->p,m,4)) goto err;
-	if (!ASN1_bn_print(bp,"generator:",x->g,m,4)) goto err;
-	if (x->length != 0)
-		{
-		if (BIO_printf(bp,"    recommended-private-length: %d bits\n",
-			(int)x->length) <= 0) goto err;
-		}
-	ret=1;
-	if (0)
-		{
-err:
-		DHerr(DH_F_DHPARAMS_PRINT,reason);
-		}
-	if (m != NULL) OPENSSL_free(m);
-	return(ret);
-	}
-
diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
index 5ee83e33ba..502b4896a3 100644
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -260,6 +260,7 @@ void ERR_load_DSA_strings(void);
 #define DSA_F_DSA_DO_SIGN				 112
 #define DSA_F_DSA_DO_VERIFY				 113
 #define DSA_F_DSA_NEW_METHOD				 103
+#define DSA_F_DSA_PARAM_DECODE				 119
 #define DSA_F_DSA_PRINT					 104
 #define DSA_F_DSA_PRINT_FP				 105
 #define DSA_F_DSA_PRIV_DECODE				 115
diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c
index 31982242e2..9d55665c4a 100644
--- a/crypto/dsa/dsa_ameth.c
+++ b/crypto/dsa/dsa_ameth.c
@@ -473,6 +473,23 @@ err:
 	return(ret);
 	}
 
+static int dsa_param_decode(EVP_PKEY *pkey,
+					const unsigned char **pder, int derlen)
+	{
+	DSA *dsa;
+	if (!(dsa = d2i_DSAparams(NULL, pder, derlen)))
+		{
+		DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
+		return 0;
+		}
+	EVP_PKEY_assign_DSA(pkey, dsa);
+	return 1;
+	}
+
+static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+	{
+	return i2d_DSAparams(pkey->pkey.dsa, pder);
+	}
 
 static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
 							ASN1_PCTX *ctx)
@@ -560,7 +577,8 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] =
 		int_dsa_size,
 		dsa_bits,
 
-		0,0,
+		dsa_param_decode,
+		dsa_param_encode,
 		dsa_missing_parameters,
 		dsa_copy_parameters,
 		dsa_cmp_parameters,
diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c
index 920cabf282..492c8fa3d0 100644
--- a/crypto/dsa/dsa_err.c
+++ b/crypto/dsa/dsa_err.c
@@ -76,6 +76,7 @@ static ERR_STRING_DATA DSA_str_functs[]=
 {ERR_FUNC(DSA_F_DSA_DO_SIGN),	"DSA_do_sign"},
 {ERR_FUNC(DSA_F_DSA_DO_VERIFY),	"DSA_do_verify"},
 {ERR_FUNC(DSA_F_DSA_NEW_METHOD),	"DSA_new_method"},
+{ERR_FUNC(DSA_F_DSA_PARAM_DECODE),	"DSA_PARAM_DECODE"},
 {ERR_FUNC(DSA_F_DSA_PRINT),	"DSA_print"},
 {ERR_FUNC(DSA_F_DSA_PRINT_FP),	"DSA_print_fp"},
 {ERR_FUNC(DSA_F_DSA_PRIV_DECODE),	"DSA_PRIV_DECODE"},
diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h
index a5ec63071a..b937f6419a 100644
--- a/crypto/ec/ec.h
+++ b/crypto/ec/ec.h
@@ -919,6 +919,7 @@ void ERR_load_EC_strings(void);
 #define EC_F_D2I_ECPKPARAMETERS				 145
 #define EC_F_D2I_ECPRIVATEKEY				 146
 #define EC_F_ECKEY_PARAM2TYPE				 211
+#define EC_F_ECKEY_PARAM_DECODE				 196
 #define EC_F_ECKEY_PRIV_DECODE				 212
 #define EC_F_ECKEY_PRIV_ENCODE				 213
 #define EC_F_ECKEY_PUB_DECODE				 214
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index 2fee623bad..18c4265cfc 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -515,6 +515,24 @@ err:
 	return(ret);
 	}
 
+static int eckey_param_decode(EVP_PKEY *pkey,
+					const unsigned char **pder, int derlen)
+	{
+	EC_KEY *eckey;
+	if (!(eckey = d2i_ECParameters(NULL, pder, derlen)))
+		{
+		ECerr(EC_F_ECKEY_PARAM_DECODE, ERR_R_EC_LIB);
+		return 0;
+		}
+	EVP_PKEY_assign_EC_KEY(pkey, eckey);
+	return 1;
+	}
+
+static int eckey_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+	{
+	return i2d_ECParameters(pkey->pkey.ec, pder);
+	}
+
 static int eckey_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
 							ASN1_PCTX *ctx)
 	{
@@ -572,7 +590,8 @@ EVP_PKEY_ASN1_METHOD eckey_asn1_meth =
 	int_ec_size,
 	ec_bits,
 
-	0,0,	
+	eckey_param_decode,
+	eckey_param_encode,
 	ec_missing_parameters,
 	ec_copy_parameters,
 	ec_cmp_parameters,
diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c
index 18a300d753..78dbf486c1 100644
--- a/crypto/ec/ec_err.c
+++ b/crypto/ec/ec_err.c
@@ -74,6 +74,13 @@ static ERR_STRING_DATA EC_str_functs[]=
 {ERR_FUNC(EC_F_D2I_ECPARAMETERS),	"d2i_ECParameters"},
 {ERR_FUNC(EC_F_D2I_ECPKPARAMETERS),	"d2i_ECPKParameters"},
 {ERR_FUNC(EC_F_D2I_ECPRIVATEKEY),	"d2i_ECPrivateKey"},
+{ERR_FUNC(EC_F_ECKEY_PARAM2TYPE),	"ECKEY_PARAM2TYPE"},
+{ERR_FUNC(EC_F_ECKEY_PARAM_DECODE),	"ECKEY_PARAM_DECODE"},
+{ERR_FUNC(EC_F_ECKEY_PRIV_DECODE),	"ECKEY_PRIV_DECODE"},
+{ERR_FUNC(EC_F_ECKEY_PRIV_ENCODE),	"ECKEY_PRIV_ENCODE"},
+{ERR_FUNC(EC_F_ECKEY_PUB_DECODE),	"ECKEY_PUB_DECODE"},
+{ERR_FUNC(EC_F_ECKEY_PUB_ENCODE),	"ECKEY_PUB_ENCODE"},
+{ERR_FUNC(EC_F_ECKEY_TYPE2PARAM),	"ECKEY_TYPE2PARAM"},
 {ERR_FUNC(EC_F_ECPARAMETERS_PRINT),	"ECParameters_print"},
 {ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP),	"ECParameters_print_fp"},
 {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT),	"ECPKParameters_print"},
@@ -88,6 +95,7 @@ static ERR_STRING_DATA EC_str_functs[]=
 {ERR_FUNC(EC_F_EC_ASN1_GROUP2PKPARAMETERS),	"EC_ASN1_GROUP2PKPARAMETERS"},
 {ERR_FUNC(EC_F_EC_ASN1_PARAMETERS2GROUP),	"EC_ASN1_PARAMETERS2GROUP"},
 {ERR_FUNC(EC_F_EC_ASN1_PKPARAMETERS2GROUP),	"EC_ASN1_PKPARAMETERS2GROUP"},
+{ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA),	"EC_EX_DATA_set_data"},
 {ERR_FUNC(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY),	"EC_GF2M_MONTGOMERY_POINT_MULTIPLY"},
 {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT),	"ec_GF2m_simple_group_check_discriminant"},
 {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE),	"ec_GF2m_simple_group_set_curve"},
@@ -137,7 +145,7 @@ static ERR_STRING_DATA EC_str_functs[]=
 {ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT),	"EC_GROUP_precompute_mult"},
 {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GF2M),	"EC_GROUP_set_curve_GF2m"},
 {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP),	"EC_GROUP_set_curve_GFp"},
-{ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA),	"EC_EX_DATA_set_data"},
+{ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA),	"EC_GROUP_SET_EXTRA_DATA"},
 {ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR),	"EC_GROUP_set_generator"},
 {ERR_FUNC(EC_F_EC_KEY_CHECK_KEY),	"EC_KEY_check_key"},
 {ERR_FUNC(EC_F_EC_KEY_COPY),	"EC_KEY_copy"},
@@ -185,6 +193,7 @@ static ERR_STRING_DATA EC_str_reasons[]=
 {ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD)     ,"asn1 unknown field"},
 {ERR_REASON(EC_R_BUFFER_TOO_SMALL)       ,"buffer too small"},
 {ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),"d2i ecpkparameters failure"},
+{ERR_REASON(EC_R_DECODE_ERROR)           ,"decode error"},
 {ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO)   ,"discriminant is zero"},
 {ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),"ec group new by name failure"},
 {ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE),"group2pkparameters failure"},
diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h
index b273007c0e..e4c91adf58 100644
--- a/crypto/pem/pem.h
+++ b/crypto/pem/pem.h
@@ -673,6 +673,9 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, vo
 int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
 			      char *kstr,int klen, pem_password_cb *cd, void *u);
 
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
+int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
+
 #endif /* SSLEAY_MACROS */
 
 
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 22793fada0..9631ee2d5d 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -204,6 +204,20 @@ static int check_pem(const char *nm, const char *name)
 		return 0;
 		}
 
+	if(!strcmp(name,PEM_STRING_PARAMETERS))
+		{
+		int slen;
+		const EVP_PKEY_ASN1_METHOD *ameth;
+		slen = pem_check_suffix(nm, "PARAMETERS"); 
+		if (slen > 0)
+			{
+			ameth = EVP_PKEY_asn1_find_str(nm, slen);
+			if (ameth && ameth->param_decode)
+				return 1;
+			}
+		return 0;
+		}
+
 	/* Permit older strings */
 
 	if(!strcmp(nm,PEM_STRING_X509_OLD) &&
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index b9067e0745..7747a057f4 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -149,7 +149,7 @@ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
 				pem_str,bp,(char *)x,enc,kstr,klen,cb,u);
 	}
 
-EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
 	{
 	char *nm=NULL;
 	const unsigned char *p=NULL;
@@ -159,7 +159,7 @@ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
 	EVP_PKEY *ret=NULL;
 
 	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS,
-								bp, cb, u))
+								bp, 0, NULL))
 		return NULL;
 	p = data;
 
@@ -192,7 +192,7 @@ err:
 	return(ret);
 	}
 
-int PEM_write_bio_Paramters(BIO *bp, EVP_PKEY *x)
+int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x)
 	{
 	char pem_str[80];
 	if (!x->ameth || !x->ameth->param_encode)
author	Dr. Stephen Henson <steve@openssl.org>	2006-03-28 14:35:32 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2006-03-28 14:35:32 +0000
commit	3e4585c8fd0b23f884d775462736502599146af6 (patch)
tree	27b73970dedcc4215d6f7c4def10ee3990674143 /crypto
parent	3e84b6e15fe6a580177b9e242c66e1d1ab6c2164 (diff)