1 /* Copyright (C) 1995-1998 Eric Young ([email protected])
2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young ([email protected]).
6 * The implementation was written so as to conform with Netscapes SSL.
7 *
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson ([email protected]).
14 *
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young ([email protected])"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson ([email protected])"
39 *
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.] */
56
57 #include <openssl/evp.h>
58
59 #include <string.h>
60
61 #include <openssl/digest.h>
62 #include <openssl/err.h>
63 #include <openssl/mem.h>
64
65 #include "../internal.h"
66 #include "internal.h"
67
68
69 static const EVP_PKEY_METHOD *const evp_methods[] = {
70 &rsa_pkey_meth,
71 &ec_pkey_meth,
72 &ed25519_pkey_meth,
73 &x25519_pkey_meth,
74 &hkdf_pkey_meth,
75 };
76
evp_pkey_meth_find(int type)77 static const EVP_PKEY_METHOD *evp_pkey_meth_find(int type) {
78 for (size_t i = 0; i < sizeof(evp_methods)/sizeof(EVP_PKEY_METHOD*); i++) {
79 if (evp_methods[i]->pkey_id == type) {
80 return evp_methods[i];
81 }
82 }
83
84 return NULL;
85 }
86
evp_pkey_ctx_new(EVP_PKEY * pkey,ENGINE * e,const EVP_PKEY_METHOD * pmeth)87 static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e,
88 const EVP_PKEY_METHOD *pmeth) {
89 EVP_PKEY_CTX *ret = OPENSSL_zalloc(sizeof(EVP_PKEY_CTX));
90 if (!ret) {
91 return NULL;
92 }
93
94 ret->engine = e;
95 ret->pmeth = pmeth;
96 ret->operation = EVP_PKEY_OP_UNDEFINED;
97
98 if (pkey) {
99 EVP_PKEY_up_ref(pkey);
100 ret->pkey = pkey;
101 }
102
103 if (pmeth->init) {
104 if (pmeth->init(ret) <= 0) {
105 EVP_PKEY_free(ret->pkey);
106 OPENSSL_free(ret);
107 return NULL;
108 }
109 }
110
111 return ret;
112 }
113
EVP_PKEY_CTX_new(EVP_PKEY * pkey,ENGINE * e)114 EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e) {
115 if (pkey == NULL || pkey->ameth == NULL) {
116 OPENSSL_PUT_ERROR(EVP, ERR_R_PASSED_NULL_PARAMETER);
117 return NULL;
118 }
119
120 const EVP_PKEY_METHOD *pkey_method = pkey->ameth->pkey_method;
121 if (pkey_method == NULL) {
122 OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);
123 ERR_add_error_dataf("algorithm %d", pkey->ameth->pkey_id);
124 return NULL;
125 }
126
127 return evp_pkey_ctx_new(pkey, e, pkey_method);
128 }
129
EVP_PKEY_CTX_new_id(int id,ENGINE * e)130 EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e) {
131 const EVP_PKEY_METHOD *pkey_method = evp_pkey_meth_find(id);
132 if (pkey_method == NULL) {
133 OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);
134 ERR_add_error_dataf("algorithm %d", id);
135 return NULL;
136 }
137
138 return evp_pkey_ctx_new(NULL, e, pkey_method);
139 }
140
EVP_PKEY_CTX_free(EVP_PKEY_CTX * ctx)141 void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) {
142 if (ctx == NULL) {
143 return;
144 }
145 if (ctx->pmeth && ctx->pmeth->cleanup) {
146 ctx->pmeth->cleanup(ctx);
147 }
148 EVP_PKEY_free(ctx->pkey);
149 EVP_PKEY_free(ctx->peerkey);
150 OPENSSL_free(ctx);
151 }
152
EVP_PKEY_CTX_dup(EVP_PKEY_CTX * ctx)153 EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx) {
154 if (!ctx->pmeth || !ctx->pmeth->copy) {
155 return NULL;
156 }
157
158 EVP_PKEY_CTX *ret = OPENSSL_zalloc(sizeof(EVP_PKEY_CTX));
159 if (!ret) {
160 return NULL;
161 }
162
163 ret->pmeth = ctx->pmeth;
164 ret->engine = ctx->engine;
165 ret->operation = ctx->operation;
166
167 if (ctx->pkey != NULL) {
168 EVP_PKEY_up_ref(ctx->pkey);
169 ret->pkey = ctx->pkey;
170 }
171
172 if (ctx->peerkey != NULL) {
173 EVP_PKEY_up_ref(ctx->peerkey);
174 ret->peerkey = ctx->peerkey;
175 }
176
177 if (ctx->pmeth->copy(ret, ctx) <= 0) {
178 ret->pmeth = NULL;
179 EVP_PKEY_CTX_free(ret);
180 OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP);
181 return NULL;
182 }
183
184 return ret;
185 }
186
EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX * ctx)187 EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx) { return ctx->pkey; }
188
EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX * ctx,int keytype,int optype,int cmd,int p1,void * p2)189 int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,
190 int p1, void *p2) {
191 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {
192 OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED);
193 return 0;
194 }
195 if (keytype != -1 && ctx->pmeth->pkey_id != keytype) {
196 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
197 return 0;
198 }
199
200 if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
201 OPENSSL_PUT_ERROR(EVP, EVP_R_NO_OPERATION_SET);
202 return 0;
203 }
204
205 if (optype != -1 && !(ctx->operation & optype)) {
206 OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_OPERATION);
207 return 0;
208 }
209
210 return ctx->pmeth->ctrl(ctx, cmd, p1, p2);
211 }
212
EVP_PKEY_sign_init(EVP_PKEY_CTX * ctx)213 int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) {
214 if (ctx == NULL || ctx->pmeth == NULL ||
215 (ctx->pmeth->sign == NULL && ctx->pmeth->sign_message == NULL)) {
216 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
217 return 0;
218 }
219
220 ctx->operation = EVP_PKEY_OP_SIGN;
221 return 1;
222 }
223
EVP_PKEY_sign(EVP_PKEY_CTX * ctx,uint8_t * sig,size_t * sig_len,const uint8_t * digest,size_t digest_len)224 int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *sig_len,
225 const uint8_t *digest, size_t digest_len) {
226 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
227 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
228 return 0;
229 }
230 if (ctx->operation != EVP_PKEY_OP_SIGN) {
231 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);
232 return 0;
233 }
234 return ctx->pmeth->sign(ctx, sig, sig_len, digest, digest_len);
235 }
236
EVP_PKEY_verify_init(EVP_PKEY_CTX * ctx)237 int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) {
238 if (ctx == NULL || ctx->pmeth == NULL ||
239 (ctx->pmeth->verify == NULL && ctx->pmeth->verify_message == NULL)) {
240 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
241 return 0;
242 }
243 ctx->operation = EVP_PKEY_OP_VERIFY;
244 return 1;
245 }
246
EVP_PKEY_verify(EVP_PKEY_CTX * ctx,const uint8_t * sig,size_t sig_len,const uint8_t * digest,size_t digest_len)247 int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t sig_len,
248 const uint8_t *digest, size_t digest_len) {
249 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
250 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
251 return 0;
252 }
253 if (ctx->operation != EVP_PKEY_OP_VERIFY) {
254 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);
255 return 0;
256 }
257 return ctx->pmeth->verify(ctx, sig, sig_len, digest, digest_len);
258 }
259
EVP_PKEY_encrypt_init(EVP_PKEY_CTX * ctx)260 int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) {
261 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
262 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
263 return 0;
264 }
265 ctx->operation = EVP_PKEY_OP_ENCRYPT;
266 return 1;
267 }
268
EVP_PKEY_encrypt(EVP_PKEY_CTX * ctx,uint8_t * out,size_t * outlen,const uint8_t * in,size_t inlen)269 int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen,
270 const uint8_t *in, size_t inlen) {
271 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
272 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
273 return 0;
274 }
275 if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
276 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);
277 return 0;
278 }
279 return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
280 }
281
EVP_PKEY_decrypt_init(EVP_PKEY_CTX * ctx)282 int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) {
283 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
284 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
285 return 0;
286 }
287 ctx->operation = EVP_PKEY_OP_DECRYPT;
288 return 1;
289 }
290
EVP_PKEY_decrypt(EVP_PKEY_CTX * ctx,uint8_t * out,size_t * outlen,const uint8_t * in,size_t inlen)291 int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen,
292 const uint8_t *in, size_t inlen) {
293 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
294 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
295 return 0;
296 }
297 if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
298 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);
299 return 0;
300 }
301 return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
302 }
303
EVP_PKEY_verify_recover_init(EVP_PKEY_CTX * ctx)304 int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx) {
305 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
306 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
307 return 0;
308 }
309 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
310 return 1;
311 }
312
EVP_PKEY_verify_recover(EVP_PKEY_CTX * ctx,uint8_t * out,size_t * out_len,const uint8_t * sig,size_t sig_len)313 int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *out_len,
314 const uint8_t *sig, size_t sig_len) {
315 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
316 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
317 return 0;
318 }
319 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
320 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);
321 return 0;
322 }
323 return ctx->pmeth->verify_recover(ctx, out, out_len, sig, sig_len);
324 }
325
EVP_PKEY_derive_init(EVP_PKEY_CTX * ctx)326 int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) {
327 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
328 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
329 return 0;
330 }
331 ctx->operation = EVP_PKEY_OP_DERIVE;
332 return 1;
333 }
334
EVP_PKEY_derive_set_peer(EVP_PKEY_CTX * ctx,EVP_PKEY * peer)335 int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) {
336 int ret;
337 if (!ctx || !ctx->pmeth ||
338 !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt) ||
339 !ctx->pmeth->ctrl) {
340 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
341 return 0;
342 }
343 if (ctx->operation != EVP_PKEY_OP_DERIVE &&
344 ctx->operation != EVP_PKEY_OP_ENCRYPT &&
345 ctx->operation != EVP_PKEY_OP_DECRYPT) {
346 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);
347 return 0;
348 }
349
350 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
351
352 if (ret <= 0) {
353 return 0;
354 }
355
356 if (ret == 2) {
357 return 1;
358 }
359
360 if (!ctx->pkey) {
361 OPENSSL_PUT_ERROR(EVP, EVP_R_NO_KEY_SET);
362 return 0;
363 }
364
365 if (ctx->pkey->type != peer->type) {
366 OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES);
367 return 0;
368 }
369
370 // [email protected]: For clarity. The error is if parameters in peer are
371 // present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
372 // 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
373 // (different key types) is impossible here because it is checked earlier.
374 // -2 is OK for us here, as well as 1, so we can check for 0 only.
375 if (!EVP_PKEY_missing_parameters(peer) &&
376 !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
377 OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_PARAMETERS);
378 return 0;
379 }
380
381 EVP_PKEY_free(ctx->peerkey);
382 ctx->peerkey = peer;
383
384 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
385
386 if (ret <= 0) {
387 ctx->peerkey = NULL;
388 return 0;
389 }
390
391 EVP_PKEY_up_ref(peer);
392 return 1;
393 }
394
EVP_PKEY_derive(EVP_PKEY_CTX * ctx,uint8_t * key,size_t * out_key_len)395 int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *out_key_len) {
396 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
397 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
398 return 0;
399 }
400 if (ctx->operation != EVP_PKEY_OP_DERIVE) {
401 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);
402 return 0;
403 }
404 return ctx->pmeth->derive(ctx, key, out_key_len);
405 }
406
EVP_PKEY_keygen_init(EVP_PKEY_CTX * ctx)407 int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) {
408 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
409 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
410 return 0;
411 }
412 ctx->operation = EVP_PKEY_OP_KEYGEN;
413 return 1;
414 }
415
EVP_PKEY_keygen(EVP_PKEY_CTX * ctx,EVP_PKEY ** out_pkey)416 int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **out_pkey) {
417 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
418 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
419 return 0;
420 }
421 if (ctx->operation != EVP_PKEY_OP_KEYGEN) {
422 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);
423 return 0;
424 }
425
426 if (!out_pkey) {
427 return 0;
428 }
429
430 if (!*out_pkey) {
431 *out_pkey = EVP_PKEY_new();
432 if (!*out_pkey) {
433 OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP);
434 return 0;
435 }
436 }
437
438 if (!ctx->pmeth->keygen(ctx, *out_pkey)) {
439 EVP_PKEY_free(*out_pkey);
440 *out_pkey = NULL;
441 return 0;
442 }
443 return 1;
444 }
445
EVP_PKEY_paramgen_init(EVP_PKEY_CTX * ctx)446 int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx) {
447 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
448 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
449 return 0;
450 }
451 ctx->operation = EVP_PKEY_OP_PARAMGEN;
452 return 1;
453 }
454
EVP_PKEY_paramgen(EVP_PKEY_CTX * ctx,EVP_PKEY ** out_pkey)455 int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **out_pkey) {
456 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
457 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
458 return 0;
459 }
460 if (ctx->operation != EVP_PKEY_OP_PARAMGEN) {
461 OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);
462 return 0;
463 }
464
465 if (!out_pkey) {
466 return 0;
467 }
468
469 if (!*out_pkey) {
470 *out_pkey = EVP_PKEY_new();
471 if (!*out_pkey) {
472 OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP);
473 return 0;
474 }
475 }
476
477 if (!ctx->pmeth->paramgen(ctx, *out_pkey)) {
478 EVP_PKEY_free(*out_pkey);
479 *out_pkey = NULL;
480 return 0;
481 }
482 return 1;
483 }
484