]>
Commit | Line | Data |
---|---|---|
cfcefcbe DSH |
1 | /* evp_pkey.c */ |
2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | |
3 | * project 1999. | |
4 | */ | |
5 | /* ==================================================================== | |
4d94ae00 | 6 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
cfcefcbe DSH |
7 | * |
8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | |
11 | * | |
12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | |
14 | * | |
15 | * 2. Redistributions in binary form must reproduce the above copyright | |
16 | * notice, this list of conditions and the following disclaimer in | |
17 | * the documentation and/or other materials provided with the | |
18 | * distribution. | |
19 | * | |
20 | * 3. All advertising materials mentioning features or use of this | |
21 | * software must display the following acknowledgment: | |
22 | * "This product includes software developed by the OpenSSL Project | |
23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
24 | * | |
25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
26 | * endorse or promote products derived from this software without | |
27 | * prior written permission. For written permission, please contact | |
28 | * licensing@OpenSSL.org. | |
29 | * | |
30 | * 5. Products derived from this software may not be called "OpenSSL" | |
31 | * nor may "OpenSSL" appear in their names without prior written | |
32 | * permission of the OpenSSL Project. | |
33 | * | |
34 | * 6. Redistributions of any form whatsoever must retain the following | |
35 | * acknowledgment: | |
36 | * "This product includes software developed by the OpenSSL Project | |
37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
38 | * | |
39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
51 | * ==================================================================== | |
52 | * | |
53 | * This product includes cryptographic software written by Eric Young | |
54 | * (eay@cryptsoft.com). This product includes software written by Tim | |
55 | * Hudson (tjh@cryptsoft.com). | |
56 | * | |
57 | */ | |
58 | ||
59 | #include <stdio.h> | |
60 | #include <stdlib.h> | |
61 | #include "cryptlib.h" | |
ec577822 BM |
62 | #include <openssl/x509.h> |
63 | #include <openssl/rand.h> | |
3eeaab4b | 64 | #ifndef OPENSSL_NO_RSA |
60a938c6 | 65 | #include <openssl/rsa.h> |
3eeaab4b NL |
66 | #endif |
67 | #ifndef OPENSSL_NO_DSA | |
60a938c6 | 68 | #include <openssl/dsa.h> |
3eeaab4b | 69 | #endif |
0f814687 | 70 | #include <openssl/bn.h> |
cfcefcbe | 71 | |
40928698 | 72 | #ifndef OPENSSL_NO_DSA |
66430207 | 73 | static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); |
40928698 | 74 | #endif |
14a7cfb3 BM |
75 | #ifndef OPENSSL_NO_EC |
76 | static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); | |
4d94ae00 | 77 | #endif |
66430207 | 78 | |
cfcefcbe DSH |
79 | /* Extract a private key from a PKCS8 structure */ |
80 | ||
8afca8d9 | 81 | EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) |
cfcefcbe | 82 | { |
66430207 | 83 | EVP_PKEY *pkey = NULL; |
cf1b7d96 | 84 | #ifndef OPENSSL_NO_RSA |
66430207 | 85 | RSA *rsa = NULL; |
f5d7a031 | 86 | #endif |
cf1b7d96 | 87 | #ifndef OPENSSL_NO_DSA |
66430207 | 88 | DSA *dsa = NULL; |
8ee4845b | 89 | ASN1_TYPE *t1, *t2; |
0fbffe7a | 90 | ASN1_INTEGER *privkey; |
8ee4845b | 91 | STACK_OF(ASN1_TYPE) *ndsa = NULL; |
4d94ae00 | 92 | #endif |
14a7cfb3 BM |
93 | #ifndef OPENSSL_NO_EC |
94 | EC_KEY *eckey = NULL; | |
0fbffe7a | 95 | const unsigned char *p_tmp; |
4d94ae00 | 96 | #endif |
5488bb61 | 97 | #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) |
8ee4845b | 98 | ASN1_TYPE *param = NULL; |
66430207 | 99 | BN_CTX *ctx = NULL; |
f5d7a031 UM |
100 | int plen; |
101 | #endif | |
102 | X509_ALGOR *a; | |
875a644a | 103 | const unsigned char *p; |
0413ba42 | 104 | const unsigned char *cp; |
f5d7a031 | 105 | int pkeylen; |
4d94ae00 | 106 | int nid; |
cfcefcbe DSH |
107 | char obj_tmp[80]; |
108 | ||
66430207 DSH |
109 | if(p8->pkey->type == V_ASN1_OCTET_STRING) { |
110 | p8->broken = PKCS8_OK; | |
cfcefcbe DSH |
111 | p = p8->pkey->value.octet_string->data; |
112 | pkeylen = p8->pkey->value.octet_string->length; | |
66430207 DSH |
113 | } else { |
114 | p8->broken = PKCS8_NO_OCTET; | |
cfcefcbe DSH |
115 | p = p8->pkey->value.sequence->data; |
116 | pkeylen = p8->pkey->value.sequence->length; | |
cfcefcbe DSH |
117 | } |
118 | if (!(pkey = EVP_PKEY_new())) { | |
119 | EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); | |
120 | return NULL; | |
121 | } | |
122 | a = p8->pkeyalg; | |
4d94ae00 BM |
123 | nid = OBJ_obj2nid(a->algorithm); |
124 | switch(nid) | |
cfcefcbe | 125 | { |
cf1b7d96 | 126 | #ifndef OPENSSL_NO_RSA |
cfcefcbe | 127 | case NID_rsaEncryption: |
0413ba42 RL |
128 | cp = p; |
129 | if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) { | |
cfcefcbe DSH |
130 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
131 | return NULL; | |
132 | } | |
133 | EVP_PKEY_assign_RSA (pkey, rsa); | |
134 | break; | |
f5d7a031 | 135 | #endif |
8ee4845b | 136 | #ifndef OPENSSL_NO_DSA |
cfcefcbe | 137 | case NID_dsa: |
8ee4845b | 138 | /* PKCS#8 DSA is weird: you just get a private key integer |
cfcefcbe DSH |
139 | * and parameters in the AlgorithmIdentifier the pubkey must |
140 | * be recalculated. | |
141 | */ | |
142 | ||
8ee4845b BM |
143 | /* Check for broken DSA PKCS#8, UGH! */ |
144 | if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) { | |
145 | if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, | |
371acb22 | 146 | d2i_ASN1_TYPE, |
8ee4845b BM |
147 | ASN1_TYPE_free))) { |
148 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
149 | goto dsaerr; | |
150 | } | |
151 | if(sk_ASN1_TYPE_num(ndsa) != 2 ) { | |
152 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
153 | goto dsaerr; | |
154 | } | |
66430207 DSH |
155 | /* Handle Two broken types: |
156 | * SEQUENCE {parameters, priv_key} | |
157 | * SEQUENCE {pub_key, priv_key} | |
158 | */ | |
48fe0eec | 159 | |
8ee4845b BM |
160 | t1 = sk_ASN1_TYPE_value(ndsa, 0); |
161 | t2 = sk_ASN1_TYPE_value(ndsa, 1); | |
162 | if(t1->type == V_ASN1_SEQUENCE) { | |
66430207 DSH |
163 | p8->broken = PKCS8_EMBEDDED_PARAM; |
164 | param = t1; | |
8ee4845b | 165 | } else if(a->parameter->type == V_ASN1_SEQUENCE) { |
66430207 DSH |
166 | p8->broken = PKCS8_NS_DB; |
167 | param = a->parameter; | |
8ee4845b | 168 | } else { |
cfcefcbe | 169 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
8ee4845b | 170 | goto dsaerr; |
66430207 DSH |
171 | } |
172 | ||
173 | if(t2->type != V_ASN1_INTEGER) { | |
174 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
8ee4845b | 175 | goto dsaerr; |
66430207 DSH |
176 | } |
177 | privkey = t2->value.integer; | |
8ee4845b BM |
178 | } else { |
179 | if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { | |
48fe0eec | 180 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
8ee4845b | 181 | goto dsaerr; |
48fe0eec DSH |
182 | } |
183 | param = p8->pkeyalg->parameter; | |
184 | } | |
8ee4845b | 185 | if (!param || (param->type != V_ASN1_SEQUENCE)) { |
66430207 | 186 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
8ee4845b | 187 | goto dsaerr; |
cfcefcbe | 188 | } |
a4aba800 | 189 | cp = p = param->value.sequence->data; |
66430207 | 190 | plen = param->value.sequence->length; |
8ee4845b BM |
191 | if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) { |
192 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
193 | goto dsaerr; | |
194 | } | |
195 | /* We have parameters now set private key */ | |
196 | if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) { | |
197 | EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR); | |
198 | goto dsaerr; | |
199 | } | |
200 | /* Calculate public key (ouch!) */ | |
201 | if (!(dsa->pub_key = BN_new())) { | |
202 | EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); | |
203 | goto dsaerr; | |
204 | } | |
205 | if (!(ctx = BN_CTX_new())) { | |
cfcefcbe | 206 | EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); |
8ee4845b | 207 | goto dsaerr; |
cfcefcbe | 208 | } |
8ee4845b BM |
209 | |
210 | if (!BN_mod_exp(dsa->pub_key, dsa->g, | |
211 | dsa->priv_key, dsa->p, ctx)) { | |
212 | ||
213 | EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR); | |
214 | goto dsaerr; | |
215 | } | |
216 | ||
217 | EVP_PKEY_assign_DSA(pkey, dsa); | |
218 | BN_CTX_free (ctx); | |
219 | if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | |
220 | else ASN1_INTEGER_free(privkey); | |
221 | break; | |
222 | dsaerr: | |
223 | BN_CTX_free (ctx); | |
224 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | |
225 | DSA_free(dsa); | |
226 | EVP_PKEY_free(pkey); | |
227 | return NULL; | |
228 | break; | |
229 | #endif | |
230 | #ifndef OPENSSL_NO_EC | |
231 | case NID_X9_62_id_ecPublicKey: | |
0fbffe7a BM |
232 | p_tmp = p; |
233 | /* extract the ec parameters */ | |
8ee4845b | 234 | param = p8->pkeyalg->parameter; |
4d94ae00 | 235 | |
8ee4845b BM |
236 | if (!param || ((param->type != V_ASN1_SEQUENCE) && |
237 | (param->type != V_ASN1_OBJECT))) | |
4d94ae00 | 238 | { |
8ee4845b BM |
239 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
240 | goto ecerr; | |
241 | } | |
242 | ||
243 | if (param->type == V_ASN1_SEQUENCE) | |
244 | { | |
245 | cp = p = param->value.sequence->data; | |
246 | plen = param->value.sequence->length; | |
247 | ||
248 | if (!(eckey = d2i_ECParameters(NULL, &cp, plen))) | |
4d94ae00 | 249 | { |
8ee4845b BM |
250 | EVPerr(EVP_F_EVP_PKCS82PKEY, |
251 | EVP_R_DECODE_ERROR); | |
252 | goto ecerr; | |
4d94ae00 | 253 | } |
8ee4845b BM |
254 | } |
255 | else | |
256 | { | |
9dd84053 | 257 | EC_GROUP *group; |
8ee4845b BM |
258 | cp = p = param->value.object->data; |
259 | plen = param->value.object->length; | |
260 | ||
261 | /* type == V_ASN1_OBJECT => the parameters are given | |
262 | * by an asn1 OID | |
263 | */ | |
264 | if ((eckey = EC_KEY_new()) == NULL) | |
4d94ae00 | 265 | { |
8ee4845b BM |
266 | EVPerr(EVP_F_EVP_PKCS82PKEY, |
267 | ERR_R_MALLOC_FAILURE); | |
268 | goto ecerr; | |
4d94ae00 | 269 | } |
9dd84053 NL |
270 | group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); |
271 | if (group == NULL) | |
8ee4845b | 272 | goto ecerr; |
9dd84053 NL |
273 | EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); |
274 | if (EC_KEY_set_group(eckey, group) == 0) | |
275 | goto ecerr; | |
276 | EC_GROUP_free(group); | |
8ee4845b BM |
277 | } |
278 | ||
279 | /* We have parameters now set private key */ | |
0fbffe7a | 280 | if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen)) |
8ee4845b | 281 | { |
0fbffe7a | 282 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
8ee4845b BM |
283 | goto ecerr; |
284 | } | |
0fbffe7a BM |
285 | |
286 | /* calculate public key (if necessary) */ | |
9dd84053 | 287 | if (EC_KEY_get0_public_key(eckey) == NULL) |
8ee4845b | 288 | { |
9dd84053 NL |
289 | const BIGNUM *priv_key; |
290 | const EC_GROUP *group; | |
291 | EC_POINT *pub_key; | |
0fbffe7a BM |
292 | /* the public key was not included in the SEC1 private |
293 | * key => calculate the public key */ | |
9dd84053 NL |
294 | group = EC_KEY_get0_group(eckey); |
295 | pub_key = EC_POINT_new(group); | |
296 | if (pub_key == NULL) | |
297 | { | |
298 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); | |
299 | goto ecerr; | |
300 | } | |
301 | if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) | |
0fbffe7a | 302 | { |
9dd84053 | 303 | EC_POINT_free(pub_key); |
0fbffe7a BM |
304 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); |
305 | goto ecerr; | |
306 | } | |
9dd84053 NL |
307 | priv_key = EC_KEY_get0_private_key(eckey); |
308 | if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) | |
0fbffe7a | 309 | { |
9dd84053 | 310 | EC_POINT_free(pub_key); |
0fbffe7a BM |
311 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); |
312 | goto ecerr; | |
313 | } | |
9dd84053 | 314 | if (EC_KEY_set_public_key(eckey, pub_key) == 0) |
0fbffe7a | 315 | { |
9dd84053 | 316 | EC_POINT_free(pub_key); |
0fbffe7a BM |
317 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); |
318 | goto ecerr; | |
319 | } | |
9dd84053 | 320 | EC_POINT_free(pub_key); |
8ee4845b BM |
321 | } |
322 | ||
323 | EVP_PKEY_assign_EC_KEY(pkey, eckey); | |
324 | if (ctx) | |
325 | BN_CTX_free(ctx); | |
66430207 | 326 | break; |
8ee4845b BM |
327 | ecerr: |
328 | if (ctx) | |
329 | BN_CTX_free(ctx); | |
330 | if (eckey) | |
14a7cfb3 | 331 | EC_KEY_free(eckey); |
8ee4845b BM |
332 | if (pkey) |
333 | EVP_PKEY_free(pkey); | |
66430207 | 334 | return NULL; |
f5d7a031 | 335 | #endif |
cfcefcbe DSH |
336 | default: |
337 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); | |
d420ac2c | 338 | if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp); |
cfcefcbe DSH |
339 | else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm); |
340 | ERR_add_error_data(2, "TYPE=", obj_tmp); | |
341 | EVP_PKEY_free (pkey); | |
342 | return NULL; | |
343 | } | |
344 | return pkey; | |
345 | } | |
346 | ||
66430207 DSH |
347 | PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) |
348 | { | |
349 | return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK); | |
350 | } | |
351 | ||
cfcefcbe DSH |
352 | /* Turn a private key into a PKCS8 structure */ |
353 | ||
66430207 | 354 | PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) |
cfcefcbe DSH |
355 | { |
356 | PKCS8_PRIV_KEY_INFO *p8; | |
66430207 | 357 | |
cfcefcbe | 358 | if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { |
8afca8d9 | 359 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
cfcefcbe DSH |
360 | return NULL; |
361 | } | |
66430207 | 362 | p8->broken = broken; |
a0e7c8ee | 363 | if (!ASN1_INTEGER_set(p8->version, 0)) { |
8afca8d9 | 364 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
365 | PKCS8_PRIV_KEY_INFO_free (p8); |
366 | return NULL; | |
367 | } | |
cfcefcbe | 368 | if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { |
8afca8d9 | 369 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
cfcefcbe DSH |
370 | PKCS8_PRIV_KEY_INFO_free (p8); |
371 | return NULL; | |
372 | } | |
66430207 | 373 | p8->pkey->type = V_ASN1_OCTET_STRING; |
cfcefcbe | 374 | switch (EVP_PKEY_type(pkey->type)) { |
cf1b7d96 | 375 | #ifndef OPENSSL_NO_RSA |
cfcefcbe DSH |
376 | case EVP_PKEY_RSA: |
377 | ||
66430207 DSH |
378 | if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE; |
379 | ||
cfcefcbe DSH |
380 | p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption); |
381 | p8->pkeyalg->parameter->type = V_ASN1_NULL; | |
41a15c4f | 382 | if (!ASN1_pack_string_of (EVP_PKEY,pkey, i2d_PrivateKey, |
cfcefcbe | 383 | &p8->pkey->value.octet_string)) { |
8afca8d9 | 384 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
cfcefcbe DSH |
385 | PKCS8_PRIV_KEY_INFO_free (p8); |
386 | return NULL; | |
387 | } | |
388 | break; | |
f5d7a031 | 389 | #endif |
cf1b7d96 | 390 | #ifndef OPENSSL_NO_DSA |
cfcefcbe | 391 | case EVP_PKEY_DSA: |
66430207 | 392 | if(!dsa_pkey2pkcs8(p8, pkey)) { |
cfcefcbe DSH |
393 | PKCS8_PRIV_KEY_INFO_free (p8); |
394 | return NULL; | |
395 | } | |
66430207 | 396 | |
cfcefcbe | 397 | break; |
f5d7a031 | 398 | #endif |
5488bb61 BM |
399 | #ifndef OPENSSL_NO_EC |
400 | case EVP_PKEY_EC: | |
14a7cfb3 | 401 | if (!eckey_pkey2pkcs8(p8, pkey)) |
4d94ae00 BM |
402 | { |
403 | PKCS8_PRIV_KEY_INFO_free(p8); | |
404 | return(NULL); | |
405 | } | |
406 | break; | |
407 | #endif | |
cfcefcbe | 408 | default: |
8afca8d9 | 409 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); |
cfcefcbe DSH |
410 | PKCS8_PRIV_KEY_INFO_free (p8); |
411 | return NULL; | |
412 | } | |
eb952088 | 413 | RAND_add(p8->pkey->value.octet_string->data, |
875a644a | 414 | p8->pkey->value.octet_string->length, 0.0); |
cfcefcbe DSH |
415 | return p8; |
416 | } | |
417 | ||
6b691a5c | 418 | PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) |
cfcefcbe DSH |
419 | { |
420 | switch (broken) { | |
421 | ||
422 | case PKCS8_OK: | |
423 | p8->broken = PKCS8_OK; | |
424 | return p8; | |
425 | break; | |
426 | ||
427 | case PKCS8_NO_OCTET: | |
428 | p8->broken = PKCS8_NO_OCTET; | |
429 | p8->pkey->type = V_ASN1_SEQUENCE; | |
430 | return p8; | |
431 | break; | |
432 | ||
433 | default: | |
8afca8d9 | 434 | EVPerr(EVP_F_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); |
cfcefcbe | 435 | return NULL; |
cfcefcbe DSH |
436 | } |
437 | } | |
438 | ||
cf1b7d96 | 439 | #ifndef OPENSSL_NO_DSA |
66430207 DSH |
440 | static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) |
441 | { | |
a0e7c8ee DSH |
442 | ASN1_STRING *params = NULL; |
443 | ASN1_INTEGER *prkey = NULL; | |
444 | ASN1_TYPE *ttmp = NULL; | |
445 | STACK_OF(ASN1_TYPE) *ndsa = NULL; | |
446 | unsigned char *p = NULL, *q; | |
66430207 | 447 | int len; |
371acb22 | 448 | |
66430207 DSH |
449 | p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); |
450 | len = i2d_DSAparams (pkey->pkey.dsa, NULL); | |
26a3a48d | 451 | if (!(p = OPENSSL_malloc(len))) { |
8afca8d9 | 452 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee | 453 | goto err; |
66430207 DSH |
454 | } |
455 | q = p; | |
456 | i2d_DSAparams (pkey->pkey.dsa, &q); | |
a0e7c8ee | 457 | if (!(params = ASN1_STRING_new())) { |
8afca8d9 | 458 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
459 | goto err; |
460 | } | |
461 | if (!ASN1_STRING_set(params, p, len)) { | |
8afca8d9 | 462 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
463 | goto err; |
464 | } | |
26a3a48d | 465 | OPENSSL_free(p); |
a0e7c8ee | 466 | p = NULL; |
66430207 DSH |
467 | /* Get private key into integer */ |
468 | if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { | |
8afca8d9 | 469 | EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); |
a0e7c8ee | 470 | goto err; |
66430207 DSH |
471 | } |
472 | ||
473 | switch(p8->broken) { | |
cfcefcbe | 474 | |
66430207 DSH |
475 | case PKCS8_OK: |
476 | case PKCS8_NO_OCTET: | |
477 | ||
41a15c4f | 478 | if (!ASN1_pack_string_of(ASN1_INTEGER,prkey, i2d_ASN1_INTEGER, |
66430207 | 479 | &p8->pkey->value.octet_string)) { |
8afca8d9 | 480 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee | 481 | goto err; |
66430207 DSH |
482 | } |
483 | ||
484 | M_ASN1_INTEGER_free (prkey); | |
a0e7c8ee | 485 | prkey = NULL; |
66430207 | 486 | p8->pkeyalg->parameter->value.sequence = params; |
a0e7c8ee | 487 | params = NULL; |
66430207 DSH |
488 | p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; |
489 | ||
490 | break; | |
491 | ||
492 | case PKCS8_NS_DB: | |
493 | ||
494 | p8->pkeyalg->parameter->value.sequence = params; | |
a0e7c8ee | 495 | params = NULL; |
66430207 | 496 | p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; |
a0e7c8ee | 497 | if (!(ndsa = sk_ASN1_TYPE_new_null())) { |
8afca8d9 | 498 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
499 | goto err; |
500 | } | |
501 | if (!(ttmp = ASN1_TYPE_new())) { | |
8afca8d9 | 502 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
503 | goto err; |
504 | } | |
505 | if (!(ttmp->value.integer = | |
506 | BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) { | |
8afca8d9 | 507 | EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); |
a0e7c8ee | 508 | goto err; |
66430207 DSH |
509 | } |
510 | ttmp->type = V_ASN1_INTEGER; | |
a0e7c8ee | 511 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
8afca8d9 | 512 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
513 | goto err; |
514 | } | |
66430207 | 515 | |
a0e7c8ee | 516 | if (!(ttmp = ASN1_TYPE_new())) { |
8afca8d9 | 517 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
518 | goto err; |
519 | } | |
66430207 | 520 | ttmp->value.integer = prkey; |
a0e7c8ee | 521 | prkey = NULL; |
66430207 | 522 | ttmp->type = V_ASN1_INTEGER; |
a0e7c8ee | 523 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
8afca8d9 | 524 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
525 | goto err; |
526 | } | |
527 | ttmp = NULL; | |
66430207 | 528 | |
a0e7c8ee | 529 | if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { |
8afca8d9 | 530 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
531 | goto err; |
532 | } | |
66430207 | 533 | |
371acb22 | 534 | if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, |
66430207 DSH |
535 | &p8->pkey->value.octet_string->data, |
536 | &p8->pkey->value.octet_string->length)) { | |
537 | ||
8afca8d9 | 538 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee | 539 | goto err; |
66430207 | 540 | } |
371acb22 | 541 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); |
66430207 DSH |
542 | break; |
543 | ||
544 | case PKCS8_EMBEDDED_PARAM: | |
545 | ||
546 | p8->pkeyalg->parameter->type = V_ASN1_NULL; | |
a0e7c8ee | 547 | if (!(ndsa = sk_ASN1_TYPE_new_null())) { |
8afca8d9 | 548 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
549 | goto err; |
550 | } | |
551 | if (!(ttmp = ASN1_TYPE_new())) { | |
8afca8d9 | 552 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
553 | goto err; |
554 | } | |
66430207 | 555 | ttmp->value.sequence = params; |
a0e7c8ee | 556 | params = NULL; |
66430207 | 557 | ttmp->type = V_ASN1_SEQUENCE; |
a0e7c8ee | 558 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
8afca8d9 | 559 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
560 | goto err; |
561 | } | |
66430207 | 562 | |
a0e7c8ee | 563 | if (!(ttmp = ASN1_TYPE_new())) { |
8afca8d9 | 564 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
565 | goto err; |
566 | } | |
66430207 | 567 | ttmp->value.integer = prkey; |
a0e7c8ee | 568 | prkey = NULL; |
66430207 | 569 | ttmp->type = V_ASN1_INTEGER; |
a0e7c8ee | 570 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
8afca8d9 | 571 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
572 | goto err; |
573 | } | |
574 | ttmp = NULL; | |
66430207 | 575 | |
a0e7c8ee | 576 | if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { |
8afca8d9 | 577 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee DSH |
578 | goto err; |
579 | } | |
66430207 | 580 | |
371acb22 | 581 | if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, |
66430207 DSH |
582 | &p8->pkey->value.octet_string->data, |
583 | &p8->pkey->value.octet_string->length)) { | |
584 | ||
8afca8d9 | 585 | EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
a0e7c8ee | 586 | goto err; |
66430207 | 587 | } |
371acb22 | 588 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); |
66430207 DSH |
589 | break; |
590 | } | |
591 | return 1; | |
a0e7c8ee DSH |
592 | err: |
593 | if (p != NULL) OPENSSL_free(p); | |
594 | if (params != NULL) ASN1_STRING_free(params); | |
595 | if (prkey != NULL) M_ASN1_INTEGER_free(prkey); | |
596 | if (ttmp != NULL) ASN1_TYPE_free(ttmp); | |
597 | if (ndsa != NULL) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | |
598 | return 0; | |
66430207 DSH |
599 | } |
600 | #endif | |
4d94ae00 | 601 | |
14a7cfb3 BM |
602 | #ifndef OPENSSL_NO_EC |
603 | static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) | |
4d94ae00 | 604 | { |
9dd84053 NL |
605 | EC_KEY *ec_key; |
606 | const EC_GROUP *group; | |
8ee4845b | 607 | unsigned char *p, *pp; |
0fbffe7a | 608 | int nid, i, ret = 0; |
9dd84053 | 609 | unsigned int tmp_flags, old_flags; |
4d94ae00 | 610 | |
9dd84053 NL |
611 | ec_key = pkey->pkey.ec; |
612 | if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) | |
4d94ae00 | 613 | { |
8afca8d9 | 614 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS); |
4d94ae00 BM |
615 | return 0; |
616 | } | |
8ee4845b BM |
617 | |
618 | /* set the ec parameters OID */ | |
619 | if (p8->pkeyalg->algorithm) | |
620 | ASN1_OBJECT_free(p8->pkeyalg->algorithm); | |
621 | ||
622 | p8->pkeyalg->algorithm = OBJ_nid2obj(NID_X9_62_id_ecPublicKey); | |
623 | ||
624 | /* set the ec parameters */ | |
625 | ||
626 | if (p8->pkeyalg->parameter) | |
4d94ae00 | 627 | { |
8ee4845b BM |
628 | ASN1_TYPE_free(p8->pkeyalg->parameter); |
629 | p8->pkeyalg->parameter = NULL; | |
4d94ae00 | 630 | } |
8ee4845b BM |
631 | |
632 | if ((p8->pkeyalg->parameter = ASN1_TYPE_new()) == NULL) | |
4d94ae00 | 633 | { |
8afca8d9 | 634 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); |
4d94ae00 | 635 | return 0; |
4d94ae00 | 636 | } |
8ee4845b | 637 | |
9dd84053 NL |
638 | if (EC_GROUP_get_asn1_flag(group) |
639 | && (nid = EC_GROUP_get_curve_name(group))) | |
4d94ae00 | 640 | { |
8ee4845b BM |
641 | /* we have a 'named curve' => just set the OID */ |
642 | p8->pkeyalg->parameter->type = V_ASN1_OBJECT; | |
643 | p8->pkeyalg->parameter->value.object = OBJ_nid2obj(nid); | |
4d94ae00 | 644 | } |
8ee4845b | 645 | else /* explicit parameters */ |
4d94ae00 | 646 | { |
9dd84053 | 647 | if ((i = i2d_ECParameters(ec_key, NULL)) == 0) |
4d94ae00 | 648 | { |
8afca8d9 | 649 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); |
4d94ae00 BM |
650 | return 0; |
651 | } | |
8ee4845b | 652 | if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) |
4d94ae00 | 653 | { |
8afca8d9 | 654 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); |
4d94ae00 | 655 | return 0; |
8ee4845b BM |
656 | } |
657 | pp = p; | |
9dd84053 | 658 | if (!i2d_ECParameters(ec_key, &pp)) |
4d94ae00 | 659 | { |
8afca8d9 | 660 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); |
4d94ae00 BM |
661 | OPENSSL_free(p); |
662 | return 0; | |
663 | } | |
8ee4845b BM |
664 | p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; |
665 | if ((p8->pkeyalg->parameter->value.sequence | |
666 | = ASN1_STRING_new()) == NULL) | |
4d94ae00 | 667 | { |
8afca8d9 | 668 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_ASN1_LIB); |
8ee4845b | 669 | OPENSSL_free(p); |
4d94ae00 BM |
670 | return 0; |
671 | } | |
8ee4845b | 672 | ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, i); |
4d94ae00 | 673 | OPENSSL_free(p); |
8ee4845b | 674 | } |
4d94ae00 | 675 | |
8ee4845b | 676 | /* set the private key */ |
0fbffe7a BM |
677 | |
678 | /* do not include the parameters in the SEC1 private key | |
679 | * see PKCS#11 12.11 */ | |
9dd84053 NL |
680 | old_flags = EC_KEY_get_enc_flags(pkey->pkey.ec); |
681 | tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS; | |
682 | EC_KEY_set_enc_flags(pkey->pkey.ec, tmp_flags); | |
683 | i = i2d_ECPrivateKey(pkey->pkey.ec, NULL); | |
0fbffe7a BM |
684 | if (!i) |
685 | { | |
9dd84053 | 686 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); |
8afca8d9 | 687 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); |
0fbffe7a BM |
688 | return 0; |
689 | } | |
690 | p = (unsigned char *) OPENSSL_malloc(i); | |
691 | if (!p) | |
8ee4845b | 692 | { |
9dd84053 | 693 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); |
8afca8d9 | 694 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); |
8ee4845b BM |
695 | return 0; |
696 | } | |
0fbffe7a | 697 | pp = p; |
9dd84053 | 698 | if (!i2d_ECPrivateKey(pkey->pkey.ec, &pp)) |
0fbffe7a | 699 | { |
9dd84053 | 700 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); |
8afca8d9 | 701 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); |
0fbffe7a BM |
702 | OPENSSL_free(p); |
703 | return 0; | |
704 | } | |
705 | /* restore old encoding flags */ | |
9dd84053 | 706 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); |
4d94ae00 | 707 | |
8ee4845b | 708 | switch(p8->broken) { |
4d94ae00 | 709 | |
8ee4845b | 710 | case PKCS8_OK: |
0fbffe7a BM |
711 | p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); |
712 | if (!p8->pkey->value.octet_string || | |
713 | !M_ASN1_OCTET_STRING_set(p8->pkey->value.octet_string, | |
714 | (const void *)p, i)) | |
715 | ||
4d94ae00 | 716 | { |
8afca8d9 | 717 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); |
4d94ae00 | 718 | } |
0fbffe7a BM |
719 | else |
720 | ret = 1; | |
8ee4845b BM |
721 | break; |
722 | case PKCS8_NO_OCTET: /* RSA specific */ | |
723 | case PKCS8_NS_DB: /* DSA specific */ | |
724 | case PKCS8_EMBEDDED_PARAM: /* DSA specific */ | |
725 | default: | |
8afca8d9 | 726 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8,EVP_R_ENCODE_ERROR); |
4d94ae00 | 727 | } |
0fbffe7a BM |
728 | OPENSSL_cleanse(p, (size_t)i); |
729 | OPENSSL_free(p); | |
730 | return ret; | |
4d94ae00 BM |
731 | } |
732 | #endif | |
b6995add DSH |
733 | |
734 | /* EVP_PKEY attribute functions */ | |
735 | ||
736 | int EVP_PKEY_get_attr_count(const EVP_PKEY *key) | |
737 | { | |
738 | return X509at_get_attr_count(key->attributes); | |
739 | } | |
740 | ||
741 | int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, | |
742 | int lastpos) | |
743 | { | |
744 | return X509at_get_attr_by_NID(key->attributes, nid, lastpos); | |
745 | } | |
746 | ||
747 | int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, | |
748 | int lastpos) | |
749 | { | |
750 | return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos); | |
751 | } | |
752 | ||
753 | X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc) | |
754 | { | |
755 | return X509at_get_attr(key->attributes, loc); | |
756 | } | |
757 | ||
758 | X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc) | |
759 | { | |
760 | return X509at_delete_attr(key->attributes, loc); | |
761 | } | |
762 | ||
763 | int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr) | |
764 | { | |
765 | if(X509at_add1_attr(&key->attributes, attr)) return 1; | |
766 | return 0; | |
767 | } | |
768 | ||
769 | int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, | |
770 | const ASN1_OBJECT *obj, int type, | |
771 | const unsigned char *bytes, int len) | |
772 | { | |
773 | if(X509at_add1_attr_by_OBJ(&key->attributes, obj, | |
774 | type, bytes, len)) return 1; | |
775 | return 0; | |
776 | } | |
777 | ||
778 | int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, | |
779 | int nid, int type, | |
780 | const unsigned char *bytes, int len) | |
781 | { | |
782 | if(X509at_add1_attr_by_NID(&key->attributes, nid, | |
783 | type, bytes, len)) return 1; | |
784 | return 0; | |
785 | } | |
786 | ||
787 | int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, | |
788 | const char *attrname, int type, | |
789 | const unsigned char *bytes, int len) | |
790 | { | |
791 | if(X509at_add1_attr_by_txt(&key->attributes, attrname, | |
792 | type, bytes, len)) return 1; | |
793 | return 0; | |
794 | } |