]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/asn1/d2i_pr.c
projects / thirdparty / openssl.git / blob
? search:


a1f8b570bc106be0fbdd0d47cf8784912bcbaa5b
[thirdparty/openssl.git] / crypto / asn1 / d2i_pr.c
1 /*
2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include <openssl/bn.h>
13 #include <openssl/evp.h>
14 #include <openssl/objects.h>
15 #include <openssl/engine.h>
16 #include <openssl/x509.h>
17 #include <openssl/asn1.h>
18 #include "crypto/asn1.h"
19 #include "crypto/evp.h"
20
21 EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp,
22 long length, OPENSSL_CTX *libctx, const char *propq)
23 {
24 EVP_PKEY *ret;
25 const unsigned char *p = *pp;
26
27 if ((a == NULL) || (*a == NULL)) {
28 if ((ret = EVP_PKEY_new()) == NULL) {
29 ASN1err(0, ERR_R_EVP_LIB);
30 return NULL;
31 }
32 } else {
33 ret = *a;
34 #ifndef OPENSSL_NO_ENGINE
35 ENGINE_finish(ret->engine);
36 ret->engine = NULL;
37 #endif
38 }
39
40 if (!EVP_PKEY_set_type(ret, type)) {
41 ASN1err(0, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
42 goto err;
43 }
44
45 if (!ret->ameth->old_priv_decode ||
46 !ret->ameth->old_priv_decode(ret, &p, length)) {
47 if (ret->ameth->priv_decode != NULL
48 || ret->ameth->priv_decode_with_libctx != NULL) {
49 EVP_PKEY *tmp;
50 PKCS8_PRIV_KEY_INFO *p8 = NULL;
51 p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
52 if (p8 == NULL)
53 goto err;
54 tmp = evp_pkcs82pkey_int(p8, libctx, propq);
55 PKCS8_PRIV_KEY_INFO_free(p8);
56 if (tmp == NULL)
57 goto err;
58 EVP_PKEY_free(ret);
59 ret = tmp;
60 } else {
61 ASN1err(0, ERR_R_ASN1_LIB);
62 goto err;
63 }
64 }
65 *pp = p;
66 if (a != NULL)
67 (*a) = ret;
68 return ret;
69 err:
70 if (a == NULL || *a != ret)
71 EVP_PKEY_free(ret);
72 return NULL;
73 }
74
75 EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
76 long length)
77 {
78 return d2i_PrivateKey_ex(type, a, pp, length, NULL, NULL);
79 }
80
81 /*
82 * This works like d2i_PrivateKey() except it automatically works out the
83 * type
84 */
85
86 EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp,
87 long length, OPENSSL_CTX *libctx,
88 const char *propq)
89 {
90 STACK_OF(ASN1_TYPE) *inkey;
91 const unsigned char *p;
92 int keytype;
93 p = *pp;
94 /*
95 * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
96 * analyzing it we can determine the passed structure: this assumes the
97 * input is surrounded by an ASN1 SEQUENCE.
98 */
99 inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
100 p = *pp;
101 /*
102 * Since we only need to discern "traditional format" RSA and DSA keys we
103 * can just count the elements.
104 */
105 if (sk_ASN1_TYPE_num(inkey) == 6) {
106 keytype = EVP_PKEY_DSA;
107 } else if (sk_ASN1_TYPE_num(inkey) == 4) {
108 keytype = EVP_PKEY_EC;
109 } else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
110 * traditional format */
111 PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
112 EVP_PKEY *ret;
113
114 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
115 if (p8 == NULL) {
116 ASN1err(0, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
117 return NULL;
118 }
119 ret = evp_pkcs82pkey_int(p8, libctx, propq);
120 PKCS8_PRIV_KEY_INFO_free(p8);
121 if (ret == NULL)
122 return NULL;
123 *pp = p;
124 if (a) {
125 *a = ret;
126 }
127 return ret;
128 } else {
129 keytype = EVP_PKEY_RSA;
130 }
131 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
132 return d2i_PrivateKey_ex(keytype, a, pp, length, libctx, propq);
133 }
134
135 EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
136 long length)
137 {
138 return d2i_AutoPrivateKey_ex(a, pp, length, NULL, NULL);
139 }
A mirror of the official openssl repository