|
1 /* evp_pkey.c */ |
|
2 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL |
|
3 * project 1999. |
|
4 */ |
|
5 /* ==================================================================== |
|
6 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
|
7 * |
|
8 * Redistribution and use in source and binary forms, with or without |
|
9 * modification, are permitted provided that the following conditions |
|
10 * are met: |
|
11 * |
|
12 * 1. Redistributions of source code must retain the above copyright |
|
13 * notice, this list of conditions and the following disclaimer. |
|
14 * |
|
15 * 2. Redistributions in binary form must reproduce the above copyright |
|
16 * notice, this list of conditions and the following disclaimer in |
|
17 * the documentation and/or other materials provided with the |
|
18 * distribution. |
|
19 * |
|
20 * 3. All advertising materials mentioning features or use of this |
|
21 * software must display the following acknowledgment: |
|
22 * "This product includes software developed by the OpenSSL Project |
|
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
|
24 * |
|
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
|
26 * endorse or promote products derived from this software without |
|
27 * prior written permission. For written permission, please contact |
|
28 * licensing@OpenSSL.org. |
|
29 * |
|
30 * 5. Products derived from this software may not be called "OpenSSL" |
|
31 * nor may "OpenSSL" appear in their names without prior written |
|
32 * permission of the OpenSSL Project. |
|
33 * |
|
34 * 6. Redistributions of any form whatsoever must retain the following |
|
35 * acknowledgment: |
|
36 * "This product includes software developed by the OpenSSL Project |
|
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
|
38 * |
|
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
|
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
|
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
|
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
|
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
|
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
|
50 * OF THE POSSIBILITY OF SUCH DAMAGE. |
|
51 * ==================================================================== |
|
52 * |
|
53 * This product includes cryptographic software written by Eric Young |
|
54 * (eay@cryptsoft.com). This product includes software written by Tim |
|
55 * Hudson (tjh@cryptsoft.com). |
|
56 * |
|
57 */ |
|
58 |
|
59 #include <stdio.h> |
|
60 #include <stdlib.h> |
|
61 #include "cryptlib.h" |
|
62 #include <openssl/x509.h> |
|
63 #include <openssl/rand.h> |
|
64 #ifndef OPENSSL_NO_RSA |
|
65 #include <openssl/rsa.h> |
|
66 #endif |
|
67 #ifndef OPENSSL_NO_DSA |
|
68 #include <openssl/dsa.h> |
|
69 #endif |
|
70 #include <openssl/bn.h> |
|
71 |
|
72 #ifndef OPENSSL_NO_DSA |
|
73 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); |
|
74 #endif |
|
75 #ifndef OPENSSL_NO_EC |
|
76 static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); |
|
77 #endif |
|
78 |
|
79 /* Extract a private key from a PKCS8 structure */ |
|
80 |
|
81 EXPORT_C EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) |
|
82 { |
|
83 EVP_PKEY *pkey = NULL; |
|
84 #ifndef OPENSSL_NO_RSA |
|
85 RSA *rsa = NULL; |
|
86 #endif |
|
87 #ifndef OPENSSL_NO_DSA |
|
88 DSA *dsa = NULL; |
|
89 ASN1_TYPE *t1, *t2; |
|
90 ASN1_INTEGER *privkey; |
|
91 STACK_OF(ASN1_TYPE) *ndsa = NULL; |
|
92 #endif |
|
93 #ifndef OPENSSL_NO_EC |
|
94 EC_KEY *eckey = NULL; |
|
95 const unsigned char *p_tmp; |
|
96 #endif |
|
97 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) |
|
98 ASN1_TYPE *param = NULL; |
|
99 BN_CTX *ctx = NULL; |
|
100 int plen; |
|
101 #endif |
|
102 X509_ALGOR *a; |
|
103 const unsigned char *p; |
|
104 const unsigned char *cp; |
|
105 int pkeylen; |
|
106 int nid; |
|
107 char obj_tmp[80]; |
|
108 |
|
109 if(p8->pkey->type == V_ASN1_OCTET_STRING) { |
|
110 p8->broken = PKCS8_OK; |
|
111 p = p8->pkey->value.octet_string->data; |
|
112 pkeylen = p8->pkey->value.octet_string->length; |
|
113 } else { |
|
114 p8->broken = PKCS8_NO_OCTET; |
|
115 p = p8->pkey->value.sequence->data; |
|
116 pkeylen = p8->pkey->value.sequence->length; |
|
117 } |
|
118 if (!(pkey = EVP_PKEY_new())) { |
|
119 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); |
|
120 return NULL; |
|
121 } |
|
122 a = p8->pkeyalg; |
|
123 nid = OBJ_obj2nid(a->algorithm); |
|
124 switch(nid) |
|
125 { |
|
126 #ifndef OPENSSL_NO_RSA |
|
127 case NID_rsaEncryption: |
|
128 cp = p; |
|
129 if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) { |
|
130 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
|
131 return NULL; |
|
132 } |
|
133 EVP_PKEY_assign_RSA (pkey, rsa); |
|
134 break; |
|
135 #endif |
|
136 #ifndef OPENSSL_NO_DSA |
|
137 case NID_dsa: |
|
138 /* PKCS#8 DSA is weird: you just get a private key integer |
|
139 * and parameters in the AlgorithmIdentifier the pubkey must |
|
140 * be recalculated. |
|
141 */ |
|
142 |
|
143 /* Check for broken DSA PKCS#8, UGH! */ |
|
144 if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) { |
|
145 if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, |
|
146 d2i_ASN1_TYPE, |
|
147 ASN1_TYPE_free))) { |
|
148 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
|
149 goto dsaerr; |
|
150 } |
|
151 if(sk_ASN1_TYPE_num(ndsa) != 2 ) { |
|
152 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
|
153 goto dsaerr; |
|
154 } |
|
155 /* Handle Two broken types: |
|
156 * SEQUENCE {parameters, priv_key} |
|
157 * SEQUENCE {pub_key, priv_key} |
|
158 */ |
|
159 |
|
160 t1 = sk_ASN1_TYPE_value(ndsa, 0); |
|
161 t2 = sk_ASN1_TYPE_value(ndsa, 1); |
|
162 if(t1->type == V_ASN1_SEQUENCE) { |
|
163 p8->broken = PKCS8_EMBEDDED_PARAM; |
|
164 param = t1; |
|
165 } else if(a->parameter->type == V_ASN1_SEQUENCE) { |
|
166 p8->broken = PKCS8_NS_DB; |
|
167 param = a->parameter; |
|
168 } else { |
|
169 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
|
170 goto dsaerr; |
|
171 } |
|
172 |
|
173 if(t2->type != V_ASN1_INTEGER) { |
|
174 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
|
175 goto dsaerr; |
|
176 } |
|
177 privkey = t2->value.integer; |
|
178 } else { |
|
179 if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { |
|
180 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
|
181 goto dsaerr; |
|
182 } |
|
183 param = p8->pkeyalg->parameter; |
|
184 } |
|
185 if (!param || (param->type != V_ASN1_SEQUENCE)) { |
|
186 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
|
187 goto dsaerr; |
|
188 } |
|
189 cp = p = param->value.sequence->data; |
|
190 plen = param->value.sequence->length; |
|
191 if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) { |
|
192 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
|
193 goto dsaerr; |
|
194 } |
|
195 /* We have parameters now set private key */ |
|
196 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) { |
|
197 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR); |
|
198 goto dsaerr; |
|
199 } |
|
200 /* Calculate public key (ouch!) */ |
|
201 if (!(dsa->pub_key = BN_new())) { |
|
202 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); |
|
203 goto dsaerr; |
|
204 } |
|
205 if (!(ctx = BN_CTX_new())) { |
|
206 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); |
|
207 goto dsaerr; |
|
208 } |
|
209 |
|
210 if (!BN_mod_exp(dsa->pub_key, dsa->g, |
|
211 dsa->priv_key, dsa->p, ctx)) { |
|
212 |
|
213 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR); |
|
214 goto dsaerr; |
|
215 } |
|
216 |
|
217 EVP_PKEY_assign_DSA(pkey, dsa); |
|
218 BN_CTX_free (ctx); |
|
219 if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); |
|
220 else ASN1_INTEGER_free(privkey); |
|
221 break; |
|
222 dsaerr: |
|
223 BN_CTX_free (ctx); |
|
224 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); |
|
225 DSA_free(dsa); |
|
226 EVP_PKEY_free(pkey); |
|
227 return NULL; |
|
228 break; |
|
229 #endif |
|
230 #ifndef OPENSSL_NO_EC |
|
231 case NID_X9_62_id_ecPublicKey: |
|
232 p_tmp = p; |
|
233 /* extract the ec parameters */ |
|
234 param = p8->pkeyalg->parameter; |
|
235 |
|
236 if (!param || ((param->type != V_ASN1_SEQUENCE) && |
|
237 (param->type != V_ASN1_OBJECT))) |
|
238 { |
|
239 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
|
240 goto ecerr; |
|
241 } |
|
242 |
|
243 if (param->type == V_ASN1_SEQUENCE) |
|
244 { |
|
245 cp = p = param->value.sequence->data; |
|
246 plen = param->value.sequence->length; |
|
247 |
|
248 if (!(eckey = d2i_ECParameters(NULL, &cp, plen))) |
|
249 { |
|
250 EVPerr(EVP_F_EVP_PKCS82PKEY, |
|
251 EVP_R_DECODE_ERROR); |
|
252 goto ecerr; |
|
253 } |
|
254 } |
|
255 else |
|
256 { |
|
257 EC_GROUP *group; |
|
258 cp = p = param->value.object->data; |
|
259 plen = param->value.object->length; |
|
260 |
|
261 /* type == V_ASN1_OBJECT => the parameters are given |
|
262 * by an asn1 OID |
|
263 */ |
|
264 if ((eckey = EC_KEY_new()) == NULL) |
|
265 { |
|
266 EVPerr(EVP_F_EVP_PKCS82PKEY, |
|
267 ERR_R_MALLOC_FAILURE); |
|
268 goto ecerr; |
|
269 } |
|
270 group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); |
|
271 if (group == NULL) |
|
272 goto ecerr; |
|
273 EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); |
|
274 if (EC_KEY_set_group(eckey, group) == 0) |
|
275 goto ecerr; |
|
276 EC_GROUP_free(group); |
|
277 } |
|
278 |
|
279 /* We have parameters now set private key */ |
|
280 if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen)) |
|
281 { |
|
282 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); |
|
283 goto ecerr; |
|
284 } |
|
285 |
|
286 /* calculate public key (if necessary) */ |
|
287 if (EC_KEY_get0_public_key(eckey) == NULL) |
|
288 { |
|
289 const BIGNUM *priv_key; |
|
290 const EC_GROUP *group; |
|
291 EC_POINT *pub_key; |
|
292 /* the public key was not included in the SEC1 private |
|
293 * key => calculate the public key */ |
|
294 group = EC_KEY_get0_group(eckey); |
|
295 pub_key = EC_POINT_new(group); |
|
296 if (pub_key == NULL) |
|
297 { |
|
298 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); |
|
299 goto ecerr; |
|
300 } |
|
301 if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) |
|
302 { |
|
303 EC_POINT_free(pub_key); |
|
304 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); |
|
305 goto ecerr; |
|
306 } |
|
307 priv_key = EC_KEY_get0_private_key(eckey); |
|
308 if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) |
|
309 { |
|
310 EC_POINT_free(pub_key); |
|
311 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); |
|
312 goto ecerr; |
|
313 } |
|
314 if (EC_KEY_set_public_key(eckey, pub_key) == 0) |
|
315 { |
|
316 EC_POINT_free(pub_key); |
|
317 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); |
|
318 goto ecerr; |
|
319 } |
|
320 EC_POINT_free(pub_key); |
|
321 } |
|
322 |
|
323 EVP_PKEY_assign_EC_KEY(pkey, eckey); |
|
324 if (ctx) |
|
325 BN_CTX_free(ctx); |
|
326 break; |
|
327 ecerr: |
|
328 if (ctx) |
|
329 BN_CTX_free(ctx); |
|
330 if (eckey) |
|
331 EC_KEY_free(eckey); |
|
332 if (pkey) |
|
333 EVP_PKEY_free(pkey); |
|
334 return NULL; |
|
335 #endif |
|
336 default: |
|
337 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); |
|
338 if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp); |
|
339 else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm); |
|
340 ERR_add_error_data(2, "TYPE=", obj_tmp); |
|
341 EVP_PKEY_free (pkey); |
|
342 return NULL; |
|
343 } |
|
344 return pkey; |
|
345 } |
|
346 |
|
347 EXPORT_C PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) |
|
348 { |
|
349 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK); |
|
350 } |
|
351 |
|
352 /* Turn a private key into a PKCS8 structure */ |
|
353 |
|
354 EXPORT_C PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) |
|
355 { |
|
356 PKCS8_PRIV_KEY_INFO *p8; |
|
357 |
|
358 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { |
|
359 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
|
360 return NULL; |
|
361 } |
|
362 p8->broken = broken; |
|
363 if (!ASN1_INTEGER_set(p8->version, 0)) { |
|
364 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
|
365 PKCS8_PRIV_KEY_INFO_free (p8); |
|
366 return NULL; |
|
367 } |
|
368 if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { |
|
369 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
|
370 PKCS8_PRIV_KEY_INFO_free (p8); |
|
371 return NULL; |
|
372 } |
|
373 p8->pkey->type = V_ASN1_OCTET_STRING; |
|
374 switch (EVP_PKEY_type(pkey->type)) { |
|
375 #ifndef OPENSSL_NO_RSA |
|
376 case EVP_PKEY_RSA: |
|
377 |
|
378 if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE; |
|
379 |
|
380 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption); |
|
381 p8->pkeyalg->parameter->type = V_ASN1_NULL; |
|
382 if (!ASN1_pack_string_of (EVP_PKEY,pkey, i2d_PrivateKey, |
|
383 &p8->pkey->value.octet_string)) { |
|
384 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); |
|
385 PKCS8_PRIV_KEY_INFO_free (p8); |
|
386 return NULL; |
|
387 } |
|
388 break; |
|
389 #endif |
|
390 #ifndef OPENSSL_NO_DSA |
|
391 case EVP_PKEY_DSA: |
|
392 if(!dsa_pkey2pkcs8(p8, pkey)) { |
|
393 PKCS8_PRIV_KEY_INFO_free (p8); |
|
394 return NULL; |
|
395 } |
|
396 |
|
397 break; |
|
398 #endif |
|
399 #ifndef OPENSSL_NO_EC |
|
400 case EVP_PKEY_EC: |
|
401 if (!eckey_pkey2pkcs8(p8, pkey)) |
|
402 { |
|
403 PKCS8_PRIV_KEY_INFO_free(p8); |
|
404 return(NULL); |
|
405 } |
|
406 break; |
|
407 #endif |
|
408 default: |
|
409 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); |
|
410 PKCS8_PRIV_KEY_INFO_free (p8); |
|
411 return NULL; |
|
412 } |
|
413 RAND_add(p8->pkey->value.octet_string->data, |
|
414 p8->pkey->value.octet_string->length, 0.0); |
|
415 return p8; |
|
416 } |
|
417 |
|
418 EXPORT_C PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) |
|
419 { |
|
420 switch (broken) { |
|
421 |
|
422 case PKCS8_OK: |
|
423 p8->broken = PKCS8_OK; |
|
424 return p8; |
|
425 break; |
|
426 |
|
427 case PKCS8_NO_OCTET: |
|
428 p8->broken = PKCS8_NO_OCTET; |
|
429 p8->pkey->type = V_ASN1_SEQUENCE; |
|
430 return p8; |
|
431 break; |
|
432 |
|
433 default: |
|
434 EVPerr(EVP_F_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); |
|
435 return NULL; |
|
436 } |
|
437 } |
|
438 |
|
439 #ifndef OPENSSL_NO_DSA |
|
440 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) |
|
441 { |
|
442 ASN1_STRING *params = NULL; |
|
443 ASN1_INTEGER *prkey = NULL; |
|
444 ASN1_TYPE *ttmp = NULL; |
|
445 STACK_OF(ASN1_TYPE) *ndsa = NULL; |
|
446 unsigned char *p = NULL, *q; |
|
447 int len; |
|
448 |
|
449 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); |
|
450 len = i2d_DSAparams (pkey->pkey.dsa, NULL); |
|
451 if (!(p = OPENSSL_malloc(len))) { |
|
452 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
453 goto err; |
|
454 } |
|
455 q = p; |
|
456 i2d_DSAparams (pkey->pkey.dsa, &q); |
|
457 if (!(params = ASN1_STRING_new())) { |
|
458 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
459 goto err; |
|
460 } |
|
461 if (!ASN1_STRING_set(params, p, len)) { |
|
462 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
463 goto err; |
|
464 } |
|
465 OPENSSL_free(p); |
|
466 p = NULL; |
|
467 /* Get private key into integer */ |
|
468 if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { |
|
469 EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); |
|
470 goto err; |
|
471 } |
|
472 |
|
473 switch(p8->broken) { |
|
474 |
|
475 case PKCS8_OK: |
|
476 case PKCS8_NO_OCTET: |
|
477 |
|
478 if (!ASN1_pack_string_of(ASN1_INTEGER,prkey, i2d_ASN1_INTEGER, |
|
479 &p8->pkey->value.octet_string)) { |
|
480 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
481 goto err; |
|
482 } |
|
483 |
|
484 M_ASN1_INTEGER_free (prkey); |
|
485 prkey = NULL; |
|
486 p8->pkeyalg->parameter->value.sequence = params; |
|
487 params = NULL; |
|
488 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; |
|
489 |
|
490 break; |
|
491 |
|
492 case PKCS8_NS_DB: |
|
493 |
|
494 p8->pkeyalg->parameter->value.sequence = params; |
|
495 params = NULL; |
|
496 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; |
|
497 if (!(ndsa = sk_ASN1_TYPE_new_null())) { |
|
498 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
499 goto err; |
|
500 } |
|
501 if (!(ttmp = ASN1_TYPE_new())) { |
|
502 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
503 goto err; |
|
504 } |
|
505 if (!(ttmp->value.integer = |
|
506 BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) { |
|
507 EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); |
|
508 goto err; |
|
509 } |
|
510 ttmp->type = V_ASN1_INTEGER; |
|
511 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
|
512 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
513 goto err; |
|
514 } |
|
515 |
|
516 if (!(ttmp = ASN1_TYPE_new())) { |
|
517 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
518 goto err; |
|
519 } |
|
520 ttmp->value.integer = prkey; |
|
521 prkey = NULL; |
|
522 ttmp->type = V_ASN1_INTEGER; |
|
523 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
|
524 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
525 goto err; |
|
526 } |
|
527 ttmp = NULL; |
|
528 |
|
529 if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { |
|
530 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
531 goto err; |
|
532 } |
|
533 |
|
534 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, |
|
535 &p8->pkey->value.octet_string->data, |
|
536 &p8->pkey->value.octet_string->length)) { |
|
537 |
|
538 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
539 goto err; |
|
540 } |
|
541 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); |
|
542 break; |
|
543 |
|
544 case PKCS8_EMBEDDED_PARAM: |
|
545 |
|
546 p8->pkeyalg->parameter->type = V_ASN1_NULL; |
|
547 if (!(ndsa = sk_ASN1_TYPE_new_null())) { |
|
548 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
549 goto err; |
|
550 } |
|
551 if (!(ttmp = ASN1_TYPE_new())) { |
|
552 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
553 goto err; |
|
554 } |
|
555 ttmp->value.sequence = params; |
|
556 params = NULL; |
|
557 ttmp->type = V_ASN1_SEQUENCE; |
|
558 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
|
559 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
560 goto err; |
|
561 } |
|
562 |
|
563 if (!(ttmp = ASN1_TYPE_new())) { |
|
564 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
565 goto err; |
|
566 } |
|
567 ttmp->value.integer = prkey; |
|
568 prkey = NULL; |
|
569 ttmp->type = V_ASN1_INTEGER; |
|
570 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { |
|
571 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
572 goto err; |
|
573 } |
|
574 ttmp = NULL; |
|
575 |
|
576 if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { |
|
577 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
578 goto err; |
|
579 } |
|
580 |
|
581 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, |
|
582 &p8->pkey->value.octet_string->data, |
|
583 &p8->pkey->value.octet_string->length)) { |
|
584 |
|
585 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); |
|
586 goto err; |
|
587 } |
|
588 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); |
|
589 break; |
|
590 } |
|
591 return 1; |
|
592 err: |
|
593 if (p != NULL) OPENSSL_free(p); |
|
594 if (params != NULL) ASN1_STRING_free(params); |
|
595 if (prkey != NULL) M_ASN1_INTEGER_free(prkey); |
|
596 if (ttmp != NULL) ASN1_TYPE_free(ttmp); |
|
597 if (ndsa != NULL) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); |
|
598 return 0; |
|
599 } |
|
600 #endif |
|
601 |
|
602 #ifndef OPENSSL_NO_EC |
|
603 static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) |
|
604 { |
|
605 EC_KEY *ec_key; |
|
606 const EC_GROUP *group; |
|
607 unsigned char *p, *pp; |
|
608 int nid, i, ret = 0; |
|
609 unsigned int tmp_flags, old_flags; |
|
610 |
|
611 ec_key = pkey->pkey.ec; |
|
612 if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) |
|
613 { |
|
614 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS); |
|
615 return 0; |
|
616 } |
|
617 |
|
618 /* set the ec parameters OID */ |
|
619 if (p8->pkeyalg->algorithm) |
|
620 ASN1_OBJECT_free(p8->pkeyalg->algorithm); |
|
621 |
|
622 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_X9_62_id_ecPublicKey); |
|
623 |
|
624 /* set the ec parameters */ |
|
625 |
|
626 if (p8->pkeyalg->parameter) |
|
627 { |
|
628 ASN1_TYPE_free(p8->pkeyalg->parameter); |
|
629 p8->pkeyalg->parameter = NULL; |
|
630 } |
|
631 |
|
632 if ((p8->pkeyalg->parameter = ASN1_TYPE_new()) == NULL) |
|
633 { |
|
634 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); |
|
635 return 0; |
|
636 } |
|
637 |
|
638 if (EC_GROUP_get_asn1_flag(group) |
|
639 && (nid = EC_GROUP_get_curve_name(group))) |
|
640 { |
|
641 /* we have a 'named curve' => just set the OID */ |
|
642 p8->pkeyalg->parameter->type = V_ASN1_OBJECT; |
|
643 p8->pkeyalg->parameter->value.object = OBJ_nid2obj(nid); |
|
644 } |
|
645 else /* explicit parameters */ |
|
646 { |
|
647 if ((i = i2d_ECParameters(ec_key, NULL)) == 0) |
|
648 { |
|
649 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); |
|
650 return 0; |
|
651 } |
|
652 if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) |
|
653 { |
|
654 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); |
|
655 return 0; |
|
656 } |
|
657 pp = p; |
|
658 if (!i2d_ECParameters(ec_key, &pp)) |
|
659 { |
|
660 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); |
|
661 OPENSSL_free(p); |
|
662 return 0; |
|
663 } |
|
664 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; |
|
665 if ((p8->pkeyalg->parameter->value.sequence |
|
666 = ASN1_STRING_new()) == NULL) |
|
667 { |
|
668 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_ASN1_LIB); |
|
669 OPENSSL_free(p); |
|
670 return 0; |
|
671 } |
|
672 ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, i); |
|
673 OPENSSL_free(p); |
|
674 } |
|
675 |
|
676 /* set the private key */ |
|
677 |
|
678 /* do not include the parameters in the SEC1 private key |
|
679 * see PKCS#11 12.11 */ |
|
680 old_flags = EC_KEY_get_enc_flags(pkey->pkey.ec); |
|
681 tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS; |
|
682 EC_KEY_set_enc_flags(pkey->pkey.ec, tmp_flags); |
|
683 i = i2d_ECPrivateKey(pkey->pkey.ec, NULL); |
|
684 if (!i) |
|
685 { |
|
686 EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); |
|
687 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); |
|
688 return 0; |
|
689 } |
|
690 p = (unsigned char *) OPENSSL_malloc(i); |
|
691 if (!p) |
|
692 { |
|
693 EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); |
|
694 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); |
|
695 return 0; |
|
696 } |
|
697 pp = p; |
|
698 if (!i2d_ECPrivateKey(pkey->pkey.ec, &pp)) |
|
699 { |
|
700 EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); |
|
701 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); |
|
702 OPENSSL_free(p); |
|
703 return 0; |
|
704 } |
|
705 /* restore old encoding flags */ |
|
706 EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); |
|
707 |
|
708 switch(p8->broken) { |
|
709 |
|
710 case PKCS8_OK: |
|
711 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); |
|
712 if (!p8->pkey->value.octet_string || |
|
713 !M_ASN1_OCTET_STRING_set(p8->pkey->value.octet_string, |
|
714 (const void *)p, i)) |
|
715 |
|
716 { |
|
717 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); |
|
718 } |
|
719 else |
|
720 ret = 1; |
|
721 break; |
|
722 case PKCS8_NO_OCTET: /* RSA specific */ |
|
723 case PKCS8_NS_DB: /* DSA specific */ |
|
724 case PKCS8_EMBEDDED_PARAM: /* DSA specific */ |
|
725 default: |
|
726 EVPerr(EVP_F_ECKEY_PKEY2PKCS8,EVP_R_ENCODE_ERROR); |
|
727 } |
|
728 OPENSSL_cleanse(p, (size_t)i); |
|
729 OPENSSL_free(p); |
|
730 return ret; |
|
731 } |
|
732 #endif |
|
733 |
|
734 /* EVP_PKEY attribute functions */ |
|
735 |
|
736 EXPORT_C int EVP_PKEY_get_attr_count(const EVP_PKEY *key) |
|
737 { |
|
738 return X509at_get_attr_count(key->attributes); |
|
739 } |
|
740 |
|
741 EXPORT_C int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, |
|
742 int lastpos) |
|
743 { |
|
744 return X509at_get_attr_by_NID(key->attributes, nid, lastpos); |
|
745 } |
|
746 |
|
747 EXPORT_C int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, |
|
748 int lastpos) |
|
749 { |
|
750 return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos); |
|
751 } |
|
752 |
|
753 EXPORT_C X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc) |
|
754 { |
|
755 return X509at_get_attr(key->attributes, loc); |
|
756 } |
|
757 |
|
758 EXPORT_C X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc) |
|
759 { |
|
760 return X509at_delete_attr(key->attributes, loc); |
|
761 } |
|
762 |
|
763 EXPORT_C int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr) |
|
764 { |
|
765 if(X509at_add1_attr(&key->attributes, attr)) return 1; |
|
766 return 0; |
|
767 } |
|
768 |
|
769 EXPORT_C int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, |
|
770 const ASN1_OBJECT *obj, int type, |
|
771 const unsigned char *bytes, int len) |
|
772 { |
|
773 if(X509at_add1_attr_by_OBJ(&key->attributes, obj, |
|
774 type, bytes, len)) return 1; |
|
775 return 0; |
|
776 } |
|
777 |
|
778 EXPORT_C int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, |
|
779 int nid, int type, |
|
780 const unsigned char *bytes, int len) |
|
781 { |
|
782 if(X509at_add1_attr_by_NID(&key->attributes, nid, |
|
783 type, bytes, len)) return 1; |
|
784 return 0; |
|
785 } |
|
786 |
|
787 EXPORT_C int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, |
|
788 const char *attrname, int type, |
|
789 const unsigned char *bytes, int len) |
|
790 { |
|
791 if(X509at_add1_attr_by_txt(&key->attributes, attrname, |
|
792 type, bytes, len)) return 1; |
|
793 return 0; |
|
794 } |