d2i_pr.c 3.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125
  1. /*
  2. * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include "internal/cryptlib.h"
  11. #include <openssl/bn.h>
  12. #include <openssl/evp.h>
  13. #include <openssl/objects.h>
  14. #include <openssl/engine.h>
  15. #include <openssl/x509.h>
  16. #include <openssl/asn1.h>
  17. #include "internal/asn1_int.h"
  18. #include "internal/evp_int.h"
  19. EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
  20. long length)
  21. {
  22. EVP_PKEY *ret;
  23. const unsigned char *p = *pp;
  24. if ((a == NULL) || (*a == NULL)) {
  25. if ((ret = EVP_PKEY_new()) == NULL) {
  26. ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
  27. return NULL;
  28. }
  29. } else {
  30. ret = *a;
  31. #ifndef OPENSSL_NO_ENGINE
  32. ENGINE_finish(ret->engine);
  33. ret->engine = NULL;
  34. #endif
  35. }
  36. if (!EVP_PKEY_set_type(ret, type)) {
  37. ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
  38. goto err;
  39. }
  40. if (!ret->ameth->old_priv_decode ||
  41. !ret->ameth->old_priv_decode(ret, &p, length)) {
  42. if (ret->ameth->priv_decode) {
  43. EVP_PKEY *tmp;
  44. PKCS8_PRIV_KEY_INFO *p8 = NULL;
  45. p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
  46. if (!p8)
  47. goto err;
  48. tmp = EVP_PKCS82PKEY(p8);
  49. PKCS8_PRIV_KEY_INFO_free(p8);
  50. if (tmp == NULL)
  51. goto err;
  52. EVP_PKEY_free(ret);
  53. ret = tmp;
  54. } else {
  55. ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
  56. goto err;
  57. }
  58. }
  59. *pp = p;
  60. if (a != NULL)
  61. (*a) = ret;
  62. return ret;
  63. err:
  64. if (a == NULL || *a != ret)
  65. EVP_PKEY_free(ret);
  66. return NULL;
  67. }
  68. /*
  69. * This works like d2i_PrivateKey() except it automatically works out the
  70. * type
  71. */
  72. EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
  73. long length)
  74. {
  75. STACK_OF(ASN1_TYPE) *inkey;
  76. const unsigned char *p;
  77. int keytype;
  78. p = *pp;
  79. /*
  80. * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
  81. * analyzing it we can determine the passed structure: this assumes the
  82. * input is surrounded by an ASN1 SEQUENCE.
  83. */
  84. inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
  85. p = *pp;
  86. /*
  87. * Since we only need to discern "traditional format" RSA and DSA keys we
  88. * can just count the elements.
  89. */
  90. if (sk_ASN1_TYPE_num(inkey) == 6)
  91. keytype = EVP_PKEY_DSA;
  92. else if (sk_ASN1_TYPE_num(inkey) == 4)
  93. keytype = EVP_PKEY_EC;
  94. else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
  95. * traditional format */
  96. PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
  97. EVP_PKEY *ret;
  98. sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
  99. if (!p8) {
  100. ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
  101. ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
  102. return NULL;
  103. }
  104. ret = EVP_PKCS82PKEY(p8);
  105. PKCS8_PRIV_KEY_INFO_free(p8);
  106. if (ret == NULL)
  107. return NULL;
  108. *pp = p;
  109. if (a) {
  110. *a = ret;
  111. }
  112. return ret;
  113. } else
  114. keytype = EVP_PKEY_RSA;
  115. sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
  116. return d2i_PrivateKey(keytype, a, pp, length);
  117. }