]>
Commit | Line | Data |
---|---|---|
cfcefcbe | 1 | /* evp_pkey.c */ |
40720ce3 MC |
2 | /* |
3 | * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project | |
4 | * 1999. | |
cfcefcbe DSH |
5 | */ |
6 | /* ==================================================================== | |
4d94ae00 | 7 | * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
cfcefcbe DSH |
8 | * |
9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | |
12 | * | |
13 | * 1. Redistributions of source code must retain the above copyright | |
40720ce3 | 14 | * notice, this list of conditions and the following disclaimer. |
cfcefcbe DSH |
15 | * |
16 | * 2. Redistributions in binary form must reproduce the above copyright | |
17 | * notice, this list of conditions and the following disclaimer in | |
18 | * the documentation and/or other materials provided with the | |
19 | * distribution. | |
20 | * | |
21 | * 3. All advertising materials mentioning features or use of this | |
22 | * software must display the following acknowledgment: | |
23 | * "This product includes software developed by the OpenSSL Project | |
24 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
25 | * | |
26 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
27 | * endorse or promote products derived from this software without | |
28 | * prior written permission. For written permission, please contact | |
29 | * licensing@OpenSSL.org. | |
30 | * | |
31 | * 5. Products derived from this software may not be called "OpenSSL" | |
32 | * nor may "OpenSSL" appear in their names without prior written | |
33 | * permission of the OpenSSL Project. | |
34 | * | |
35 | * 6. Redistributions of any form whatsoever must retain the following | |
36 | * acknowledgment: | |
37 | * "This product includes software developed by the OpenSSL Project | |
38 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
39 | * | |
40 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
41 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
42 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
43 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
44 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
45 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
46 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
47 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
49 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
50 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
51 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
52 | * ==================================================================== | |
53 | * | |
54 | * This product includes cryptographic software written by Eric Young | |
55 | * (eay@cryptsoft.com). This product includes software written by Tim | |
56 | * Hudson (tjh@cryptsoft.com). | |
57 | * | |
58 | */ | |
59 | ||
60 | #include <stdio.h> | |
61 | #include <stdlib.h> | |
62 | #include "cryptlib.h" | |
ec577822 BM |
63 | #include <openssl/x509.h> |
64 | #include <openssl/rand.h> | |
4913b88f | 65 | #ifndef OPENSSL_NO_RSA |
40720ce3 | 66 | # include <openssl/rsa.h> |
4913b88f NL |
67 | #endif |
68 | #ifndef OPENSSL_NO_DSA | |
40720ce3 | 69 | # include <openssl/dsa.h> |
4913b88f | 70 | #endif |
0f814687 | 71 | #include <openssl/bn.h> |
cfcefcbe | 72 | |
40928698 | 73 | #ifndef OPENSSL_NO_DSA |
66430207 | 74 | static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); |
40928698 | 75 | #endif |
14a7cfb3 BM |
76 | #ifndef OPENSSL_NO_EC |
77 | static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); | |
4d94ae00 | 78 | #endif |
66430207 | 79 | |
cfcefcbe DSH |
80 | /* Extract a private key from a PKCS8 structure */ |
81 | ||
8afca8d9 | 82 | EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) |
cfcefcbe | 83 | { |
40720ce3 | 84 | EVP_PKEY *pkey = NULL; |
cf1b7d96 | 85 | #ifndef OPENSSL_NO_RSA |
40720ce3 | 86 | RSA *rsa = NULL; |
f5d7a031 | 87 | #endif |
cf1b7d96 | 88 | #ifndef OPENSSL_NO_DSA |
40720ce3 MC |
89 | DSA *dsa = NULL; |
90 | ASN1_TYPE *t1, *t2; | |
91 | ASN1_INTEGER *privkey; | |
92 | STACK_OF(ASN1_TYPE) *ndsa = NULL; | |
4d94ae00 | 93 | #endif |
14a7cfb3 | 94 | #ifndef OPENSSL_NO_EC |
40720ce3 MC |
95 | EC_KEY *eckey = NULL; |
96 | const unsigned char *p_tmp; | |
4d94ae00 | 97 | #endif |
5488bb61 | 98 | #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) |
40720ce3 MC |
99 | ASN1_TYPE *param = NULL; |
100 | BN_CTX *ctx = NULL; | |
101 | int plen; | |
f5d7a031 | 102 | #endif |
40720ce3 MC |
103 | X509_ALGOR *a; |
104 | const unsigned char *p; | |
105 | const unsigned char *cp; | |
106 | int pkeylen; | |
107 | int nid; | |
108 | char obj_tmp[80]; | |
109 | ||
110 | if (p8->pkey->type == V_ASN1_OCTET_STRING) { | |
111 | p8->broken = PKCS8_OK; | |
112 | p = p8->pkey->value.octet_string->data; | |
113 | pkeylen = p8->pkey->value.octet_string->length; | |
114 | } else { | |
115 | p8->broken = PKCS8_NO_OCTET; | |
116 | p = p8->pkey->value.sequence->data; | |
117 | pkeylen = p8->pkey->value.sequence->length; | |
118 | } | |
119 | if (!(pkey = EVP_PKEY_new())) { | |
120 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE); | |
121 | return NULL; | |
122 | } | |
123 | a = p8->pkeyalg; | |
124 | nid = OBJ_obj2nid(a->algorithm); | |
125 | switch (nid) { | |
cf1b7d96 | 126 | #ifndef OPENSSL_NO_RSA |
40720ce3 MC |
127 | case NID_rsaEncryption: |
128 | cp = p; | |
129 | if (!(rsa = d2i_RSAPrivateKey(NULL, &cp, pkeylen))) { | |
130 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
131 | return NULL; | |
132 | } | |
133 | EVP_PKEY_assign_RSA(pkey, rsa); | |
134 | break; | |
f5d7a031 | 135 | #endif |
8ee4845b | 136 | #ifndef OPENSSL_NO_DSA |
40720ce3 MC |
137 | case NID_dsa: |
138 | /* | |
139 | * PKCS#8 DSA is weird: you just get a private key integer and | |
140 | * parameters in the AlgorithmIdentifier the pubkey must be | |
141 | * recalculated. | |
142 | */ | |
143 | ||
144 | /* Check for broken DSA PKCS#8, UGH! */ | |
145 | if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) { | |
146 | if (!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, | |
147 | d2i_ASN1_TYPE, | |
148 | ASN1_TYPE_free))) { | |
149 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
150 | goto dsaerr; | |
151 | } | |
152 | if (sk_ASN1_TYPE_num(ndsa) != 2) { | |
153 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
154 | goto dsaerr; | |
155 | } | |
156 | /* | |
157 | * Handle Two broken types: SEQUENCE {parameters, priv_key} | |
158 | * SEQUENCE {pub_key, priv_key} | |
159 | */ | |
160 | ||
161 | t1 = sk_ASN1_TYPE_value(ndsa, 0); | |
162 | t2 = sk_ASN1_TYPE_value(ndsa, 1); | |
163 | if (t1->type == V_ASN1_SEQUENCE) { | |
164 | p8->broken = PKCS8_EMBEDDED_PARAM; | |
165 | param = t1; | |
166 | } else if (a->parameter->type == V_ASN1_SEQUENCE) { | |
167 | p8->broken = PKCS8_NS_DB; | |
168 | param = a->parameter; | |
169 | } else { | |
170 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
171 | goto dsaerr; | |
172 | } | |
173 | ||
174 | if (t2->type != V_ASN1_INTEGER) { | |
175 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
176 | goto dsaerr; | |
177 | } | |
178 | privkey = t2->value.integer; | |
179 | } else { | |
180 | if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pkeylen))) { | |
181 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
182 | goto dsaerr; | |
183 | } | |
184 | param = p8->pkeyalg->parameter; | |
185 | } | |
186 | if (!param || (param->type != V_ASN1_SEQUENCE)) { | |
187 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
188 | goto dsaerr; | |
189 | } | |
190 | cp = p = param->value.sequence->data; | |
191 | plen = param->value.sequence->length; | |
192 | if (!(dsa = d2i_DSAparams(NULL, &cp, plen))) { | |
193 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
194 | goto dsaerr; | |
195 | } | |
196 | /* We have parameters now set private key */ | |
197 | if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) { | |
198 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_BN_DECODE_ERROR); | |
199 | goto dsaerr; | |
200 | } | |
201 | /* Calculate public key (ouch!) */ | |
202 | if (!(dsa->pub_key = BN_new())) { | |
203 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE); | |
204 | goto dsaerr; | |
205 | } | |
206 | if (!(ctx = BN_CTX_new())) { | |
207 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE); | |
208 | goto dsaerr; | |
209 | } | |
210 | ||
211 | if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { | |
212 | ||
213 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_BN_PUBKEY_ERROR); | |
214 | goto dsaerr; | |
215 | } | |
216 | ||
217 | EVP_PKEY_assign_DSA(pkey, dsa); | |
218 | BN_CTX_free(ctx); | |
219 | if (ndsa) | |
220 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | |
221 | else | |
222 | ASN1_INTEGER_free(privkey); | |
223 | break; | |
224 | dsaerr: | |
225 | BN_CTX_free(ctx); | |
226 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | |
227 | DSA_free(dsa); | |
228 | EVP_PKEY_free(pkey); | |
229 | return NULL; | |
230 | break; | |
8ee4845b BM |
231 | #endif |
232 | #ifndef OPENSSL_NO_EC | |
40720ce3 MC |
233 | case NID_X9_62_id_ecPublicKey: |
234 | p_tmp = p; | |
235 | /* extract the ec parameters */ | |
236 | param = p8->pkeyalg->parameter; | |
237 | ||
238 | if (!param || ((param->type != V_ASN1_SEQUENCE) && | |
239 | (param->type != V_ASN1_OBJECT))) { | |
240 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
241 | goto ecerr; | |
242 | } | |
243 | ||
244 | if (param->type == V_ASN1_SEQUENCE) { | |
245 | cp = p = param->value.sequence->data; | |
246 | plen = param->value.sequence->length; | |
247 | ||
248 | if (!(eckey = d2i_ECParameters(NULL, &cp, plen))) { | |
249 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
250 | goto ecerr; | |
251 | } | |
252 | } else { | |
253 | EC_GROUP *group; | |
254 | cp = p = param->value.object->data; | |
255 | plen = param->value.object->length; | |
256 | ||
257 | /* | |
258 | * type == V_ASN1_OBJECT => the parameters are given by an asn1 | |
259 | * OID | |
260 | */ | |
261 | if ((eckey = EC_KEY_new()) == NULL) { | |
262 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE); | |
263 | goto ecerr; | |
264 | } | |
265 | group = | |
266 | EC_GROUP_new_by_curve_name(OBJ_obj2nid | |
267 | (a->parameter->value.object)); | |
268 | if (group == NULL) | |
269 | goto ecerr; | |
270 | EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); | |
271 | if (EC_KEY_set_group(eckey, group) == 0) | |
272 | goto ecerr; | |
273 | EC_GROUP_free(group); | |
274 | } | |
275 | ||
276 | /* We have parameters now set private key */ | |
277 | if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen)) { | |
278 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); | |
279 | goto ecerr; | |
280 | } | |
281 | ||
282 | /* calculate public key (if necessary) */ | |
283 | if (EC_KEY_get0_public_key(eckey) == NULL) { | |
284 | const BIGNUM *priv_key; | |
285 | const EC_GROUP *group; | |
286 | EC_POINT *pub_key; | |
287 | /* | |
288 | * the public key was not included in the SEC1 private key => | |
289 | * calculate the public key | |
290 | */ | |
291 | group = EC_KEY_get0_group(eckey); | |
292 | pub_key = EC_POINT_new(group); | |
293 | if (pub_key == NULL) { | |
294 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); | |
295 | goto ecerr; | |
296 | } | |
297 | if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) { | |
298 | EC_POINT_free(pub_key); | |
299 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); | |
300 | goto ecerr; | |
301 | } | |
302 | priv_key = EC_KEY_get0_private_key(eckey); | |
303 | if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) { | |
304 | EC_POINT_free(pub_key); | |
305 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); | |
306 | goto ecerr; | |
307 | } | |
308 | if (EC_KEY_set_public_key(eckey, pub_key) == 0) { | |
309 | EC_POINT_free(pub_key); | |
310 | EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); | |
311 | goto ecerr; | |
312 | } | |
313 | EC_POINT_free(pub_key); | |
314 | } | |
315 | ||
316 | EVP_PKEY_assign_EC_KEY(pkey, eckey); | |
317 | if (ctx) | |
318 | BN_CTX_free(ctx); | |
319 | break; | |
320 | ecerr: | |
321 | if (ctx) | |
322 | BN_CTX_free(ctx); | |
323 | if (eckey) | |
324 | EC_KEY_free(eckey); | |
325 | if (pkey) | |
326 | EVP_PKEY_free(pkey); | |
327 | return NULL; | |
f5d7a031 | 328 | #endif |
40720ce3 MC |
329 | default: |
330 | EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); | |
331 | if (!a->algorithm) | |
332 | BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp); | |
333 | else | |
334 | i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm); | |
335 | ERR_add_error_data(2, "TYPE=", obj_tmp); | |
336 | EVP_PKEY_free(pkey); | |
337 | return NULL; | |
338 | } | |
339 | return pkey; | |
cfcefcbe DSH |
340 | } |
341 | ||
66430207 DSH |
342 | PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) |
343 | { | |
40720ce3 | 344 | return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK); |
66430207 DSH |
345 | } |
346 | ||
cfcefcbe DSH |
347 | /* Turn a private key into a PKCS8 structure */ |
348 | ||
66430207 | 349 | PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) |
cfcefcbe | 350 | { |
40720ce3 MC |
351 | PKCS8_PRIV_KEY_INFO *p8; |
352 | ||
353 | if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { | |
354 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE); | |
355 | return NULL; | |
356 | } | |
357 | p8->broken = broken; | |
358 | if (!ASN1_INTEGER_set(p8->version, 0)) { | |
359 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE); | |
360 | PKCS8_PRIV_KEY_INFO_free(p8); | |
361 | return NULL; | |
362 | } | |
363 | if (!(p8->pkeyalg->parameter = ASN1_TYPE_new())) { | |
364 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE); | |
365 | PKCS8_PRIV_KEY_INFO_free(p8); | |
366 | return NULL; | |
367 | } | |
368 | p8->pkey->type = V_ASN1_OCTET_STRING; | |
369 | switch (EVP_PKEY_type(pkey->type)) { | |
cf1b7d96 | 370 | #ifndef OPENSSL_NO_RSA |
40720ce3 MC |
371 | case EVP_PKEY_RSA: |
372 | ||
373 | if (p8->broken == PKCS8_NO_OCTET) | |
374 | p8->pkey->type = V_ASN1_SEQUENCE; | |
375 | ||
376 | p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption); | |
377 | p8->pkeyalg->parameter->type = V_ASN1_NULL; | |
378 | if (!ASN1_pack_string_of(EVP_PKEY, pkey, i2d_PrivateKey, | |
379 | &p8->pkey->value.octet_string)) { | |
380 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE); | |
381 | PKCS8_PRIV_KEY_INFO_free(p8); | |
382 | return NULL; | |
383 | } | |
384 | break; | |
f5d7a031 | 385 | #endif |
cf1b7d96 | 386 | #ifndef OPENSSL_NO_DSA |
40720ce3 MC |
387 | case EVP_PKEY_DSA: |
388 | if (!dsa_pkey2pkcs8(p8, pkey)) { | |
389 | PKCS8_PRIV_KEY_INFO_free(p8); | |
390 | return NULL; | |
391 | } | |
66430207 | 392 | |
40720ce3 | 393 | break; |
f5d7a031 | 394 | #endif |
5488bb61 | 395 | #ifndef OPENSSL_NO_EC |
40720ce3 MC |
396 | case EVP_PKEY_EC: |
397 | if (!eckey_pkey2pkcs8(p8, pkey)) { | |
398 | PKCS8_PRIV_KEY_INFO_free(p8); | |
399 | return (NULL); | |
400 | } | |
401 | break; | |
4d94ae00 | 402 | #endif |
40720ce3 MC |
403 | default: |
404 | EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, | |
405 | EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); | |
406 | PKCS8_PRIV_KEY_INFO_free(p8); | |
407 | return NULL; | |
408 | } | |
409 | RAND_add(p8->pkey->value.octet_string->data, | |
410 | p8->pkey->value.octet_string->length, 0.0); | |
411 | return p8; | |
cfcefcbe DSH |
412 | } |
413 | ||
6b691a5c | 414 | PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) |
cfcefcbe | 415 | { |
40720ce3 MC |
416 | switch (broken) { |
417 | ||
418 | case PKCS8_OK: | |
419 | p8->broken = PKCS8_OK; | |
420 | return p8; | |
421 | break; | |
422 | ||
423 | case PKCS8_NO_OCTET: | |
424 | p8->broken = PKCS8_NO_OCTET; | |
425 | p8->pkey->type = V_ASN1_SEQUENCE; | |
426 | return p8; | |
427 | break; | |
428 | ||
429 | default: | |
430 | EVPerr(EVP_F_PKCS8_SET_BROKEN, EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); | |
431 | return NULL; | |
432 | } | |
cfcefcbe DSH |
433 | } |
434 | ||
cf1b7d96 | 435 | #ifndef OPENSSL_NO_DSA |
66430207 DSH |
436 | static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) |
437 | { | |
40720ce3 MC |
438 | ASN1_STRING *params = NULL; |
439 | ASN1_INTEGER *prkey = NULL; | |
440 | ASN1_TYPE *ttmp = NULL; | |
441 | STACK_OF(ASN1_TYPE) *ndsa = NULL; | |
442 | unsigned char *p = NULL, *q; | |
443 | int len; | |
444 | ||
445 | p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); | |
446 | len = i2d_DSAparams(pkey->pkey.dsa, NULL); | |
447 | if (!(p = OPENSSL_malloc(len))) { | |
448 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
449 | goto err; | |
450 | } | |
451 | q = p; | |
452 | i2d_DSAparams(pkey->pkey.dsa, &q); | |
453 | if (!(params = ASN1_STRING_new())) { | |
454 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
455 | goto err; | |
456 | } | |
457 | if (!ASN1_STRING_set(params, p, len)) { | |
458 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
459 | goto err; | |
460 | } | |
461 | OPENSSL_free(p); | |
462 | p = NULL; | |
463 | /* Get private key into integer */ | |
464 | if (!(prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL))) { | |
465 | EVPerr(EVP_F_DSA_PKEY2PKCS8, EVP_R_ENCODE_ERROR); | |
466 | goto err; | |
467 | } | |
468 | ||
469 | switch (p8->broken) { | |
470 | ||
471 | case PKCS8_OK: | |
472 | case PKCS8_NO_OCTET: | |
473 | ||
474 | if (!ASN1_pack_string_of(ASN1_INTEGER, prkey, i2d_ASN1_INTEGER, | |
475 | &p8->pkey->value.octet_string)) { | |
476 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
477 | goto err; | |
478 | } | |
479 | ||
480 | M_ASN1_INTEGER_free(prkey); | |
481 | prkey = NULL; | |
482 | p8->pkeyalg->parameter->value.sequence = params; | |
483 | params = NULL; | |
484 | p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; | |
485 | ||
486 | break; | |
487 | ||
488 | case PKCS8_NS_DB: | |
489 | ||
490 | p8->pkeyalg->parameter->value.sequence = params; | |
491 | params = NULL; | |
492 | p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; | |
493 | if (!(ndsa = sk_ASN1_TYPE_new_null())) { | |
494 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
495 | goto err; | |
496 | } | |
497 | if (!(ttmp = ASN1_TYPE_new())) { | |
498 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
499 | goto err; | |
500 | } | |
501 | if (!(ttmp->value.integer = | |
502 | BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) { | |
503 | EVPerr(EVP_F_DSA_PKEY2PKCS8, EVP_R_ENCODE_ERROR); | |
504 | goto err; | |
505 | } | |
506 | ttmp->type = V_ASN1_INTEGER; | |
507 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { | |
508 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
509 | goto err; | |
510 | } | |
511 | ||
512 | if (!(ttmp = ASN1_TYPE_new())) { | |
513 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
514 | goto err; | |
515 | } | |
516 | ttmp->value.integer = prkey; | |
517 | prkey = NULL; | |
518 | ttmp->type = V_ASN1_INTEGER; | |
519 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { | |
520 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
521 | goto err; | |
522 | } | |
523 | ttmp = NULL; | |
524 | ||
525 | if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { | |
526 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
527 | goto err; | |
528 | } | |
529 | ||
530 | if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, | |
531 | &p8->pkey->value.octet_string->data, | |
532 | &p8->pkey->value.octet_string->length)) { | |
533 | ||
534 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
535 | goto err; | |
536 | } | |
537 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | |
538 | break; | |
539 | ||
540 | case PKCS8_EMBEDDED_PARAM: | |
541 | ||
542 | p8->pkeyalg->parameter->type = V_ASN1_NULL; | |
543 | if (!(ndsa = sk_ASN1_TYPE_new_null())) { | |
544 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
545 | goto err; | |
546 | } | |
547 | if (!(ttmp = ASN1_TYPE_new())) { | |
548 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
549 | goto err; | |
550 | } | |
551 | ttmp->value.sequence = params; | |
552 | params = NULL; | |
553 | ttmp->type = V_ASN1_SEQUENCE; | |
554 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { | |
555 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
556 | goto err; | |
557 | } | |
558 | ||
559 | if (!(ttmp = ASN1_TYPE_new())) { | |
560 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
561 | goto err; | |
562 | } | |
563 | ttmp->value.integer = prkey; | |
564 | prkey = NULL; | |
565 | ttmp->type = V_ASN1_INTEGER; | |
566 | if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { | |
567 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
568 | goto err; | |
569 | } | |
570 | ttmp = NULL; | |
571 | ||
572 | if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { | |
573 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
574 | goto err; | |
575 | } | |
576 | ||
577 | if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, | |
578 | &p8->pkey->value.octet_string->data, | |
579 | &p8->pkey->value.octet_string->length)) { | |
580 | ||
581 | EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
582 | goto err; | |
583 | } | |
584 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | |
585 | break; | |
586 | } | |
587 | return 1; | |
588 | err: | |
589 | if (p != NULL) | |
590 | OPENSSL_free(p); | |
591 | if (params != NULL) | |
592 | ASN1_STRING_free(params); | |
593 | if (prkey != NULL) | |
594 | M_ASN1_INTEGER_free(prkey); | |
595 | if (ttmp != NULL) | |
596 | ASN1_TYPE_free(ttmp); | |
597 | if (ndsa != NULL) | |
598 | sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | |
599 | return 0; | |
66430207 DSH |
600 | } |
601 | #endif | |
4d94ae00 | 602 | |
14a7cfb3 BM |
603 | #ifndef OPENSSL_NO_EC |
604 | static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) | |
4d94ae00 | 605 | { |
40720ce3 MC |
606 | EC_KEY *ec_key; |
607 | const EC_GROUP *group; | |
608 | unsigned char *p, *pp; | |
609 | int nid, i, ret = 0; | |
610 | unsigned int tmp_flags, old_flags; | |
611 | ||
612 | ec_key = pkey->pkey.ec; | |
613 | if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) { | |
614 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS); | |
615 | return 0; | |
616 | } | |
617 | ||
618 | /* set the ec parameters OID */ | |
619 | if (p8->pkeyalg->algorithm) | |
620 | ASN1_OBJECT_free(p8->pkeyalg->algorithm); | |
621 | ||
622 | p8->pkeyalg->algorithm = OBJ_nid2obj(NID_X9_62_id_ecPublicKey); | |
623 | ||
624 | /* set the ec parameters */ | |
625 | ||
626 | if (p8->pkeyalg->parameter) { | |
627 | ASN1_TYPE_free(p8->pkeyalg->parameter); | |
628 | p8->pkeyalg->parameter = NULL; | |
629 | } | |
630 | ||
631 | if ((p8->pkeyalg->parameter = ASN1_TYPE_new()) == NULL) { | |
632 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
633 | return 0; | |
634 | } | |
635 | ||
636 | if (EC_GROUP_get_asn1_flag(group) | |
637 | && (nid = EC_GROUP_get_curve_name(group))) { | |
638 | /* we have a 'named curve' => just set the OID */ | |
639 | p8->pkeyalg->parameter->type = V_ASN1_OBJECT; | |
640 | p8->pkeyalg->parameter->value.object = OBJ_nid2obj(nid); | |
641 | } else { /* explicit parameters */ | |
642 | ||
643 | if ((i = i2d_ECParameters(ec_key, NULL)) == 0) { | |
644 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); | |
645 | return 0; | |
646 | } | |
647 | if ((p = (unsigned char *)OPENSSL_malloc(i)) == NULL) { | |
648 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
649 | return 0; | |
650 | } | |
651 | pp = p; | |
652 | if (!i2d_ECParameters(ec_key, &pp)) { | |
653 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); | |
654 | OPENSSL_free(p); | |
655 | return 0; | |
656 | } | |
657 | p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; | |
658 | if ((p8->pkeyalg->parameter->value.sequence | |
659 | = ASN1_STRING_new()) == NULL) { | |
660 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_ASN1_LIB); | |
661 | OPENSSL_free(p); | |
662 | return 0; | |
663 | } | |
664 | ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, i); | |
665 | OPENSSL_free(p); | |
666 | } | |
667 | ||
668 | /* set the private key */ | |
669 | ||
670 | /* | |
671 | * do not include the parameters in the SEC1 private key see PKCS#11 | |
672 | * 12.11 | |
673 | */ | |
674 | old_flags = EC_KEY_get_enc_flags(pkey->pkey.ec); | |
675 | tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS; | |
676 | EC_KEY_set_enc_flags(pkey->pkey.ec, tmp_flags); | |
677 | i = i2d_ECPrivateKey(pkey->pkey.ec, NULL); | |
678 | if (!i) { | |
679 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); | |
680 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); | |
681 | return 0; | |
682 | } | |
683 | p = (unsigned char *)OPENSSL_malloc(i); | |
684 | if (!p) { | |
685 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); | |
686 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
687 | return 0; | |
688 | } | |
689 | pp = p; | |
690 | if (!i2d_ECPrivateKey(pkey->pkey.ec, &pp)) { | |
691 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); | |
692 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); | |
693 | OPENSSL_free(p); | |
694 | return 0; | |
695 | } | |
696 | /* restore old encoding flags */ | |
697 | EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); | |
698 | ||
699 | switch (p8->broken) { | |
700 | ||
701 | case PKCS8_OK: | |
702 | p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); | |
703 | if (!p8->pkey->value.octet_string || | |
704 | !M_ASN1_OCTET_STRING_set(p8->pkey->value.octet_string, | |
705 | (const void *)p, i)) { | |
706 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); | |
707 | } else | |
708 | ret = 1; | |
709 | break; | |
710 | case PKCS8_NO_OCTET: /* RSA specific */ | |
711 | case PKCS8_NS_DB: /* DSA specific */ | |
712 | case PKCS8_EMBEDDED_PARAM: /* DSA specific */ | |
713 | default: | |
714 | EVPerr(EVP_F_ECKEY_PKEY2PKCS8, EVP_R_ENCODE_ERROR); | |
715 | } | |
716 | OPENSSL_cleanse(p, (size_t)i); | |
717 | OPENSSL_free(p); | |
718 | return ret; | |
4d94ae00 BM |
719 | } |
720 | #endif | |
b6995add DSH |
721 | |
722 | /* EVP_PKEY attribute functions */ | |
723 | ||
724 | int EVP_PKEY_get_attr_count(const EVP_PKEY *key) | |
725 | { | |
40720ce3 | 726 | return X509at_get_attr_count(key->attributes); |
b6995add DSH |
727 | } |
728 | ||
40720ce3 | 729 | int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos) |
b6995add | 730 | { |
40720ce3 | 731 | return X509at_get_attr_by_NID(key->attributes, nid, lastpos); |
b6995add DSH |
732 | } |
733 | ||
734 | int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, | |
40720ce3 | 735 | int lastpos) |
b6995add | 736 | { |
40720ce3 | 737 | return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos); |
b6995add DSH |
738 | } |
739 | ||
740 | X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc) | |
741 | { | |
40720ce3 | 742 | return X509at_get_attr(key->attributes, loc); |
b6995add DSH |
743 | } |
744 | ||
745 | X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc) | |
746 | { | |
40720ce3 | 747 | return X509at_delete_attr(key->attributes, loc); |
b6995add DSH |
748 | } |
749 | ||
750 | int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr) | |
751 | { | |
40720ce3 MC |
752 | if (X509at_add1_attr(&key->attributes, attr)) |
753 | return 1; | |
754 | return 0; | |
b6995add DSH |
755 | } |
756 | ||
757 | int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, | |
40720ce3 MC |
758 | const ASN1_OBJECT *obj, int type, |
759 | const unsigned char *bytes, int len) | |
b6995add | 760 | { |
40720ce3 MC |
761 | if (X509at_add1_attr_by_OBJ(&key->attributes, obj, type, bytes, len)) |
762 | return 1; | |
763 | return 0; | |
b6995add DSH |
764 | } |
765 | ||
766 | int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, | |
40720ce3 MC |
767 | int nid, int type, |
768 | const unsigned char *bytes, int len) | |
b6995add | 769 | { |
40720ce3 MC |
770 | if (X509at_add1_attr_by_NID(&key->attributes, nid, type, bytes, len)) |
771 | return 1; | |
772 | return 0; | |
b6995add DSH |
773 | } |
774 | ||
775 | int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, | |
40720ce3 MC |
776 | const char *attrname, int type, |
777 | const unsigned char *bytes, int len) | |
b6995add | 778 | { |
40720ce3 MC |
779 | if (X509at_add1_attr_by_txt(&key->attributes, attrname, type, bytes, len)) |
780 | return 1; | |
781 | return 0; | |
b6995add | 782 | } |