195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * project 1999. */ 395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* ==================================================================== 495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Redistribution and use in source and binary forms, with or without 795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * modification, are permitted provided that the following conditions 895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * are met: 995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 1095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 1. Redistributions of source code must retain the above copyright 1195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * notice, this list of conditions and the following disclaimer. 1295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 1395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 2. Redistributions in binary form must reproduce the above copyright 1495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * notice, this list of conditions and the following disclaimer in 1595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * the documentation and/or other materials provided with the 1695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * distribution. 1795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 1895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 3. All advertising materials mentioning features or use of this 1995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * software must display the following acknowledgment: 2095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * "This product includes software developed by the OpenSSL Project 2195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 2295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 2395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 2495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * endorse or promote products derived from this software without 2595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * prior written permission. For written permission, please contact 2695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * licensing@OpenSSL.org. 2795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 2895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 5. Products derived from this software may not be called "OpenSSL" 2995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * nor may "OpenSSL" appear in their names without prior written 3095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * permission of the OpenSSL Project. 3195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 3295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 6. Redistributions of any form whatsoever must retain the following 3395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * acknowledgment: 3495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * "This product includes software developed by the OpenSSL Project 3595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 3695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 3795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 3895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 3995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 4095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 4195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 4295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 4395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 4495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 4695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 4795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 4895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * OF THE POSSIBILITY OF SUCH DAMAGE. 4995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ==================================================================== 5095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 5195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * This product includes cryptographic software written by Eric Young 5295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * (eay@cryptsoft.com). This product includes software written by Tim 5395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Hudson (tjh@cryptsoft.com). */ 5495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 5595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/base64.h> 5695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/err.h> 5795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/mem.h> 5895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/x509.h> 5995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 6095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 6195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey) 6295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{ 6395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley if ((x == NULL) || (x->spkac == NULL)) return(0); 6495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return(X509_PUBKEY_set(&(x->spkac->pubkey),pkey)); 6595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley} 6695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 6795c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyEVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x) 6895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{ 6995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley if ((x == NULL) || (x->spkac == NULL)) 7095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return(NULL); 7195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return(X509_PUBKEY_get(x->spkac->pubkey)); 7295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley} 7395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 7495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Load a Netscape SPKI from a base64 encoded string */ 7595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 7695c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyNETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) 7795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{ 7895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char *spki_der; 7995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const unsigned char *p; 80d698f322b58a50ee1acf21a734367d151c154dd1David Benjamin size_t spki_len; 8195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley NETSCAPE_SPKI *spki; 82d698f322b58a50ee1acf21a734367d151c154dd1David Benjamin if (len <= 0) 83d698f322b58a50ee1acf21a734367d151c154dd1David Benjamin len = strlen(str); 84d698f322b58a50ee1acf21a734367d151c154dd1David Benjamin if (!EVP_DecodedLength(&spki_len, len)) { 85d698f322b58a50ee1acf21a734367d151c154dd1David Benjamin OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, X509_R_BASE64_DECODE_ERROR); 86d698f322b58a50ee1acf21a734367d151c154dd1David Benjamin return NULL; 87d698f322b58a50ee1acf21a734367d151c154dd1David Benjamin } 88d698f322b58a50ee1acf21a734367d151c154dd1David Benjamin if (!(spki_der = OPENSSL_malloc(spki_len))) { 8995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, ERR_R_MALLOC_FAILURE); 9095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return NULL; 9195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } 92d698f322b58a50ee1acf21a734367d151c154dd1David Benjamin if (!EVP_DecodeBase64(spki_der, &spki_len, spki_len, (const uint8_t *)str, len)) { 9395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, X509_R_BASE64_DECODE_ERROR); 9495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley OPENSSL_free(spki_der); 9595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return NULL; 9695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } 9795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley p = spki_der; 9895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len); 9995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley OPENSSL_free(spki_der); 10095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return spki; 10195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley} 10295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 10395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Generate a base64 encoded string from an SPKI */ 10495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 10595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleychar * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) 10695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{ 10795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char *der_spki, *p; 10895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley char *b64_str; 109660140206ed32aa217ba3f299debae8d9ac472ecAdam Langley size_t b64_len; 11095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int der_len; 11195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley der_len = i2d_NETSCAPE_SPKI(spki, NULL); 112660140206ed32aa217ba3f299debae8d9ac472ecAdam Langley if (!EVP_EncodedLength(&b64_len, der_len)) 113660140206ed32aa217ba3f299debae8d9ac472ecAdam Langley { 114660140206ed32aa217ba3f299debae8d9ac472ecAdam Langley OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_OVERFLOW); 115660140206ed32aa217ba3f299debae8d9ac472ecAdam Langley return NULL; 116660140206ed32aa217ba3f299debae8d9ac472ecAdam Langley } 11795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley der_spki = OPENSSL_malloc(der_len); 1188750fe58f4bd74a3dd1aeba47ace94907d0a7de5Adam Langley if (der_spki == NULL) { 1198750fe58f4bd74a3dd1aeba47ace94907d0a7de5Adam Langley OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_MALLOC_FAILURE); 1208750fe58f4bd74a3dd1aeba47ace94907d0a7de5Adam Langley return NULL; 1218750fe58f4bd74a3dd1aeba47ace94907d0a7de5Adam Langley } 122660140206ed32aa217ba3f299debae8d9ac472ecAdam Langley b64_str = OPENSSL_malloc(b64_len); 1238750fe58f4bd74a3dd1aeba47ace94907d0a7de5Adam Langley if (b64_str == NULL) { 1248750fe58f4bd74a3dd1aeba47ace94907d0a7de5Adam Langley OPENSSL_free(der_spki); 12595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_MALLOC_FAILURE); 12695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return NULL; 12795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } 12895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley p = der_spki; 12995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley i2d_NETSCAPE_SPKI(spki, &p); 13095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len); 13195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley OPENSSL_free(der_spki); 13295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return b64_str; 13395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley} 134