2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/cryptlib.h"
12 #include <openssl/bn.h>
13 #include <openssl/evp.h>
14 #include <openssl/objects.h>
15 #include <openssl/engine.h>
16 #include <openssl/x509.h>
17 #include <openssl/asn1.h>
18 #include "crypto/asn1.h"
19 #include "crypto/evp.h"
21 EVP_PKEY
*d2i_PrivateKey_ex(int type
, EVP_PKEY
**a
, const unsigned char **pp
,
22 long length
, OPENSSL_CTX
*libctx
, const char *propq
)
25 const unsigned char *p
= *pp
;
27 if ((a
== NULL
) || (*a
== NULL
)) {
28 if ((ret
= EVP_PKEY_new()) == NULL
) {
29 ASN1err(0, ERR_R_EVP_LIB
);
34 #ifndef OPENSSL_NO_ENGINE
35 ENGINE_finish(ret
->engine
);
40 if (!EVP_PKEY_set_type(ret
, type
)) {
41 ASN1err(0, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE
);
45 if (!ret
->ameth
->old_priv_decode
||
46 !ret
->ameth
->old_priv_decode(ret
, &p
, length
)) {
47 if (ret
->ameth
->priv_decode
!= NULL
48 || ret
->ameth
->priv_decode_with_libctx
!= NULL
) {
50 PKCS8_PRIV_KEY_INFO
*p8
= NULL
;
51 p8
= d2i_PKCS8_PRIV_KEY_INFO(NULL
, &p
, length
);
54 tmp
= evp_pkcs82pkey_int(p8
, libctx
, propq
);
55 PKCS8_PRIV_KEY_INFO_free(p8
);
61 ASN1err(0, ERR_R_ASN1_LIB
);
70 if (a
== NULL
|| *a
!= ret
)
75 EVP_PKEY
*d2i_PrivateKey(int type
, EVP_PKEY
**a
, const unsigned char **pp
,
78 return d2i_PrivateKey_ex(type
, a
, pp
, length
, NULL
, NULL
);
82 * This works like d2i_PrivateKey() except it automatically works out the
86 EVP_PKEY
*d2i_AutoPrivateKey_ex(EVP_PKEY
**a
, const unsigned char **pp
,
87 long length
, OPENSSL_CTX
*libctx
,
90 STACK_OF(ASN1_TYPE
) *inkey
;
91 const unsigned char *p
;
95 * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
96 * analyzing it we can determine the passed structure: this assumes the
97 * input is surrounded by an ASN1 SEQUENCE.
99 inkey
= d2i_ASN1_SEQUENCE_ANY(NULL
, &p
, length
);
102 * Since we only need to discern "traditional format" RSA and DSA keys we
103 * can just count the elements.
105 if (sk_ASN1_TYPE_num(inkey
) == 6) {
106 keytype
= EVP_PKEY_DSA
;
107 } else if (sk_ASN1_TYPE_num(inkey
) == 4) {
108 keytype
= EVP_PKEY_EC
;
109 } else if (sk_ASN1_TYPE_num(inkey
) == 3) { /* This seems to be PKCS8, not
110 * traditional format */
111 PKCS8_PRIV_KEY_INFO
*p8
= d2i_PKCS8_PRIV_KEY_INFO(NULL
, &p
, length
);
114 sk_ASN1_TYPE_pop_free(inkey
, ASN1_TYPE_free
);
116 ASN1err(0, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE
);
119 ret
= evp_pkcs82pkey_int(p8
, libctx
, propq
);
120 PKCS8_PRIV_KEY_INFO_free(p8
);
129 keytype
= EVP_PKEY_RSA
;
131 sk_ASN1_TYPE_pop_free(inkey
, ASN1_TYPE_free
);
132 return d2i_PrivateKey_ex(keytype
, a
, pp
, length
, libctx
, propq
);
135 EVP_PKEY
*d2i_AutoPrivateKey(EVP_PKEY
**a
, const unsigned char **pp
,
138 return d2i_AutoPrivateKey_ex(a
, pp
, length
, NULL
, NULL
);