1/*
2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include "internal/cryptlib.h"
12#include <openssl/bn.h>
13#include <openssl/evp.h>
14#include <openssl/objects.h>
15#include <openssl/engine.h>
16#include <openssl/x509.h>
17#include <openssl/asn1.h>
18#include "crypto/asn1.h"
19#include "crypto/evp.h"
20
21EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
22 long length)
23{
24 EVP_PKEY *ret;
25 const unsigned char *p = *pp;
26
27 if ((a == NULL) || (*a == NULL)) {
28 if ((ret = EVP_PKEY_new()) == NULL) {
29 ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
30 return NULL;
31 }
32 } else {
33 ret = *a;
34#ifndef OPENSSL_NO_ENGINE
35 ENGINE_finish(ret->engine);
36 ret->engine = NULL;
37#endif
38 }
39
40 if (!EVP_PKEY_set_type(ret, type)) {
41 ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
42 goto err;
43 }
44
45 if (!ret->ameth->old_priv_decode ||
46 !ret->ameth->old_priv_decode(ret, &p, length)) {
47 if (ret->ameth->priv_decode) {
48 EVP_PKEY *tmp;
49 PKCS8_PRIV_KEY_INFO *p8 = NULL;
50 p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
51 if (p8 == NULL)
52 goto err;
53 tmp = EVP_PKCS82PKEY(p8);
54 PKCS8_PRIV_KEY_INFO_free(p8);
55 if (tmp == NULL)
56 goto err;
57 EVP_PKEY_free(ret);
58 ret = tmp;
59 } else {
60 ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
61 goto err;
62 }
63 }
64 *pp = p;
65 if (a != NULL)
66 (*a) = ret;
67 return ret;
68 err:
69 if (a == NULL || *a != ret)
70 EVP_PKEY_free(ret);
71 return NULL;
72}
73
74/*
75 * This works like d2i_PrivateKey() except it automatically works out the
76 * type
77 */
78
79EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
80 long length)
81{
82 STACK_OF(ASN1_TYPE) *inkey;
83 const unsigned char *p;
84 int keytype;
85 p = *pp;
86 /*
87 * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
88 * analyzing it we can determine the passed structure: this assumes the
89 * input is surrounded by an ASN1 SEQUENCE.
90 */
91 inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
92 p = *pp;
93 /*
94 * Since we only need to discern "traditional format" RSA and DSA keys we
95 * can just count the elements.
96 */
97 if (sk_ASN1_TYPE_num(inkey) == 6)
98 keytype = EVP_PKEY_DSA;
99 else if (sk_ASN1_TYPE_num(inkey) == 4)
100 keytype = EVP_PKEY_EC;
101 else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
102 * traditional format */
103 PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
104 EVP_PKEY *ret;
105
106 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
107 if (p8 == NULL) {
108 ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
109 ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
110 return NULL;
111 }
112 ret = EVP_PKCS82PKEY(p8);
113 PKCS8_PRIV_KEY_INFO_free(p8);
114 if (ret == NULL)
115 return NULL;
116 *pp = p;
117 if (a) {
118 *a = ret;
119 }
120 return ret;
121 } else
122 keytype = EVP_PKEY_RSA;
123 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
124 return d2i_PrivateKey(keytype, a, pp, length);
125}
126