OLD | NEW |
1 /* crypto/asn1/d2i_pr.c */ | 1 /* crypto/asn1/d2i_pr.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
54 * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 * derivative of this code cannot be changed. i.e. this code cannot simply be |
55 * copied and put under another distribution licence | 55 * copied and put under another distribution licence |
56 * [including the GNU Public Licence.] | 56 * [including the GNU Public Licence.] |
57 */ | 57 */ |
58 | 58 |
59 #include <stdio.h> | 59 #include <stdio.h> |
60 #include "cryptlib.h" | 60 #include "cryptlib.h" |
61 #include <openssl/bn.h> | 61 #include <openssl/bn.h> |
62 #include <openssl/evp.h> | 62 #include <openssl/evp.h> |
63 #include <openssl/objects.h> | 63 #include <openssl/objects.h> |
| 64 #ifndef OPENSSL_NO_ENGINE |
| 65 #include <openssl/engine.h> |
| 66 #endif |
| 67 #include <openssl/x509.h> |
64 #include <openssl/asn1.h> | 68 #include <openssl/asn1.h> |
65 #ifndef OPENSSL_NO_RSA | 69 #include "asn1_locl.h" |
66 #include <openssl/rsa.h> | |
67 #endif | |
68 #ifndef OPENSSL_NO_DSA | |
69 #include <openssl/dsa.h> | |
70 #endif | |
71 #ifndef OPENSSL_NO_EC | |
72 #include <openssl/ec.h> | |
73 #endif | |
74 | 70 |
75 EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, | 71 EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, |
76 long length) | 72 long length) |
77 { | 73 { |
78 EVP_PKEY *ret; | 74 EVP_PKEY *ret; |
79 | 75 |
80 if ((a == NULL) || (*a == NULL)) | 76 if ((a == NULL) || (*a == NULL)) |
81 { | 77 { |
82 if ((ret=EVP_PKEY_new()) == NULL) | 78 if ((ret=EVP_PKEY_new()) == NULL) |
83 { | 79 { |
84 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB); | 80 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB); |
85 return(NULL); | 81 return(NULL); |
86 } | 82 } |
87 } | 83 } |
88 » else» ret= *a; | 84 » else |
| 85 » » { |
| 86 » » ret= *a; |
| 87 #ifndef OPENSSL_NO_ENGINE |
| 88 » » if (ret->engine) |
| 89 » » » { |
| 90 » » » ENGINE_finish(ret->engine); |
| 91 » » » ret->engine = NULL; |
| 92 » » » } |
| 93 #endif |
| 94 » » } |
89 | 95 |
90 » ret->save_type=type; | 96 » if (!EVP_PKEY_set_type(ret, type)) |
91 » ret->type=EVP_PKEY_type(type); | |
92 » switch (ret->type) | |
93 { | 97 { |
94 #ifndef OPENSSL_NO_RSA | 98 » » ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); |
95 » case EVP_PKEY_RSA: | 99 » » goto err; |
96 » » if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL, | 100 » » } |
97 » » » (const unsigned char **)pp,length)) == NULL) /* TMP UGLY
CAST */ | 101 |
| 102 » if (!ret->ameth->old_priv_decode || |
| 103 » » » !ret->ameth->old_priv_decode(ret, pp, length)) |
| 104 » » { |
| 105 » » if (ret->ameth->priv_decode) |
| 106 » » » { |
| 107 » » » PKCS8_PRIV_KEY_INFO *p8=NULL; |
| 108 » » » p8=d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length); |
| 109 » » » if (!p8) goto err; |
| 110 » » » EVP_PKEY_free(ret); |
| 111 » » » ret = EVP_PKCS82PKEY(p8); |
| 112 » » » PKCS8_PRIV_KEY_INFO_free(p8); |
| 113 |
| 114 » » » } |
| 115 » » else |
98 { | 116 { |
99 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); | 117 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); |
100 goto err; | 118 goto err; |
101 } | 119 } |
102 » » break; | 120 » » }» |
103 #endif | |
104 #ifndef OPENSSL_NO_DSA | |
105 » case EVP_PKEY_DSA: | |
106 » » if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL, | |
107 » » » (const unsigned char **)pp,length)) == NULL) /* TMP UGLY
CAST */ | |
108 » » » { | |
109 » » » ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); | |
110 » » » goto err; | |
111 » » » } | |
112 » » break; | |
113 #endif | |
114 #ifndef OPENSSL_NO_EC | |
115 » case EVP_PKEY_EC: | |
116 » » if ((ret->pkey.ec = d2i_ECPrivateKey(NULL, | |
117 » » » (const unsigned char **)pp, length)) == NULL) | |
118 » » » { | |
119 » » » ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB); | |
120 » » » goto err; | |
121 » » » } | |
122 » » break; | |
123 #endif | |
124 » default: | |
125 » » ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); | |
126 » » goto err; | |
127 » » /* break; */ | |
128 » » } | |
129 if (a != NULL) (*a)=ret; | 121 if (a != NULL) (*a)=ret; |
130 return(ret); | 122 return(ret); |
131 err: | 123 err: |
132 if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret); | 124 if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret); |
133 return(NULL); | 125 return(NULL); |
134 } | 126 } |
135 | 127 |
136 /* This works like d2i_PrivateKey() except it automatically works out the type *
/ | 128 /* This works like d2i_PrivateKey() except it automatically works out the type *
/ |
137 | 129 |
138 EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, | 130 EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, |
139 long length) | 131 long length) |
140 { | 132 { |
141 STACK_OF(ASN1_TYPE) *inkey; | 133 STACK_OF(ASN1_TYPE) *inkey; |
142 const unsigned char *p; | 134 const unsigned char *p; |
143 int keytype; | 135 int keytype; |
144 p = *pp; | 136 p = *pp; |
145 /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): | 137 /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): |
146 * by analyzing it we can determine the passed structure: this | 138 * by analyzing it we can determine the passed structure: this |
147 * assumes the input is surrounded by an ASN1 SEQUENCE. | 139 * assumes the input is surrounded by an ASN1 SEQUENCE. |
148 */ | 140 */ |
149 » inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE, | 141 » inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length); |
150 » » » ASN1_TYPE_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); | |
151 /* Since we only need to discern "traditional format" RSA and DSA | 142 /* Since we only need to discern "traditional format" RSA and DSA |
152 * keys we can just count the elements. | 143 * keys we can just count the elements. |
153 */ | 144 */ |
154 if(sk_ASN1_TYPE_num(inkey) == 6) | 145 if(sk_ASN1_TYPE_num(inkey) == 6) |
155 keytype = EVP_PKEY_DSA; | 146 keytype = EVP_PKEY_DSA; |
156 else if (sk_ASN1_TYPE_num(inkey) == 4) | 147 else if (sk_ASN1_TYPE_num(inkey) == 4) |
157 keytype = EVP_PKEY_EC; | 148 keytype = EVP_PKEY_EC; |
| 149 else if (sk_ASN1_TYPE_num(inkey) == 3) |
| 150 { /* This seems to be PKCS8, not traditional format */ |
| 151 PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL,p
p,length); |
| 152 EVP_PKEY *ret; |
| 153 |
| 154 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); |
| 155 if (!p8) |
| 156 { |
| 157 ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,ASN1_R_UNSUPPO
RTED_PUBLIC_KEY_TYPE); |
| 158 return NULL; |
| 159 } |
| 160 ret = EVP_PKCS82PKEY(p8); |
| 161 PKCS8_PRIV_KEY_INFO_free(p8); |
| 162 if (a) { |
| 163 *a = ret; |
| 164 } |
| 165 return ret; |
| 166 } |
158 else keytype = EVP_PKEY_RSA; | 167 else keytype = EVP_PKEY_RSA; |
159 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); | 168 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); |
160 return d2i_PrivateKey(keytype, a, pp, length); | 169 return d2i_PrivateKey(keytype, a, pp, length); |
161 } | 170 } |
OLD | NEW |