2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* We need to use some engine deprecated APIs */
11 #define OPENSSL_SUPPRESS_DEPRECATED
14 #include "internal/cryptlib.h"
15 #include <openssl/bn.h>
16 #include <openssl/evp.h>
17 #include <openssl/objects.h>
18 #include <openssl/engine.h>
19 #include <openssl/x509.h>
20 #include <openssl/asn1.h>
21 #include "crypto/asn1.h"
22 #include "crypto/evp.h"
24 EVP_PKEY
*d2i_PrivateKey_ex(int type
, EVP_PKEY
**a
, const unsigned char **pp
,
25 long length
, OSSL_LIB_CTX
*libctx
,
29 const unsigned char *p
= *pp
;
31 if ((a
== NULL
) || (*a
== NULL
)) {
32 if ((ret
= EVP_PKEY_new()) == NULL
) {
33 ERR_raise(ERR_LIB_ASN1
, ERR_R_EVP_LIB
);
38 #ifndef OPENSSL_NO_ENGINE
39 ENGINE_finish(ret
->engine
);
44 if (!EVP_PKEY_set_type(ret
, type
)) {
45 ERR_raise(ERR_LIB_ASN1
, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE
);
50 if (!ret
->ameth
->old_priv_decode
||
51 !ret
->ameth
->old_priv_decode(ret
, &p
, length
)) {
52 if (ret
->ameth
->priv_decode
!= NULL
53 || ret
->ameth
->priv_decode_ex
!= NULL
) {
55 PKCS8_PRIV_KEY_INFO
*p8
= NULL
;
56 p8
= d2i_PKCS8_PRIV_KEY_INFO(NULL
, &p
, length
);
58 ERR_clear_last_mark();
61 tmp
= EVP_PKCS82PKEY_ex(p8
, libctx
, propq
);
62 PKCS8_PRIV_KEY_INFO_free(p8
);
64 ERR_clear_last_mark();
70 if (EVP_PKEY_type(type
) != EVP_PKEY_base_id(ret
))
73 ERR_clear_last_mark();
74 ERR_raise(ERR_LIB_ASN1
, ERR_R_ASN1_LIB
);
78 ERR_clear_last_mark();
85 if (a
== NULL
|| *a
!= ret
)
90 EVP_PKEY
*d2i_PrivateKey(int type
, EVP_PKEY
**a
, const unsigned char **pp
,
93 return d2i_PrivateKey_ex(type
, a
, pp
, length
, NULL
, NULL
);
97 * This works like d2i_PrivateKey() except it automatically works out the
101 EVP_PKEY
*d2i_AutoPrivateKey_ex(EVP_PKEY
**a
, const unsigned char **pp
,
102 long length
, OSSL_LIB_CTX
*libctx
,
105 STACK_OF(ASN1_TYPE
) *inkey
;
106 const unsigned char *p
;
110 * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
111 * analyzing it we can determine the passed structure: this assumes the
112 * input is surrounded by an ASN1 SEQUENCE.
114 inkey
= d2i_ASN1_SEQUENCE_ANY(NULL
, &p
, length
);
117 * Since we only need to discern "traditional format" RSA and DSA keys we
118 * can just count the elements.
120 if (sk_ASN1_TYPE_num(inkey
) == 6) {
121 keytype
= EVP_PKEY_DSA
;
122 } else if (sk_ASN1_TYPE_num(inkey
) == 4) {
123 keytype
= EVP_PKEY_EC
;
124 } else if (sk_ASN1_TYPE_num(inkey
) == 3) { /* This seems to be PKCS8, not
125 * traditional format */
126 PKCS8_PRIV_KEY_INFO
*p8
= d2i_PKCS8_PRIV_KEY_INFO(NULL
, &p
, length
);
129 sk_ASN1_TYPE_pop_free(inkey
, ASN1_TYPE_free
);
131 ERR_raise(ERR_LIB_ASN1
, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE
);
134 ret
= EVP_PKCS82PKEY_ex(p8
, libctx
, propq
);
135 PKCS8_PRIV_KEY_INFO_free(p8
);
144 keytype
= EVP_PKEY_RSA
;
146 sk_ASN1_TYPE_pop_free(inkey
, ASN1_TYPE_free
);
147 return d2i_PrivateKey_ex(keytype
, a
, pp
, length
, libctx
, propq
);
150 EVP_PKEY
*d2i_AutoPrivateKey(EVP_PKEY
**a
, const unsigned char **pp
,
153 return d2i_AutoPrivateKey_ex(a
, pp
, length
, NULL
, NULL
);