evp_pkey.c revision 267654
1/* evp_pkey.c */ 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * project 1999. 4 */ 5/* ==================================================================== 6 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 59#include <stdio.h> 60#include <stdlib.h> 61#include "cryptlib.h" 62#include <openssl/x509.h> 63#include <openssl/rand.h> 64#ifndef OPENSSL_NO_RSA 65#include <openssl/rsa.h> 66#endif 67#ifndef OPENSSL_NO_DSA 68#include <openssl/dsa.h> 69#endif 70#include <openssl/bn.h> 71 72#ifndef OPENSSL_NO_DSA 73static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); 74#endif 75#ifndef OPENSSL_NO_EC 76static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); 77#endif 78 79/* Extract a private key from a PKCS8 structure */ 80 81EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) 82{ 83 EVP_PKEY *pkey = NULL; 84#ifndef OPENSSL_NO_RSA 85 RSA *rsa = NULL; 86#endif 87#ifndef OPENSSL_NO_DSA 88 DSA *dsa = NULL; 89 ASN1_TYPE *t1, *t2; 90 ASN1_INTEGER *privkey; 91 STACK_OF(ASN1_TYPE) *ndsa = NULL; 92#endif 93#ifndef OPENSSL_NO_EC 94 EC_KEY *eckey = NULL; 95 const unsigned char *p_tmp; 96#endif 97#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) 98 ASN1_TYPE *param = NULL; 99 BN_CTX *ctx = NULL; 100 int plen; 101#endif 102 X509_ALGOR *a; 103 const unsigned char *p; 104 const unsigned char *cp; 105 int pkeylen; 106 int nid; 107 char obj_tmp[80]; 108 109 if(p8->pkey->type == V_ASN1_OCTET_STRING) { 110 p8->broken = PKCS8_OK; 111 p = p8->pkey->value.octet_string->data; 112 pkeylen = p8->pkey->value.octet_string->length; 113 } else { 114 p8->broken = PKCS8_NO_OCTET; 115 p = p8->pkey->value.sequence->data; 116 pkeylen = p8->pkey->value.sequence->length; 117 } 118 if (!(pkey = EVP_PKEY_new())) { 119 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); 120 return NULL; 121 } 122 a = p8->pkeyalg; 123 nid = OBJ_obj2nid(a->algorithm); 124 switch(nid) 125 { 126#ifndef OPENSSL_NO_RSA 127 case NID_rsaEncryption: 128 cp = p; 129 if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) { 130 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 131 return NULL; 132 } 133 EVP_PKEY_assign_RSA (pkey, rsa); 134 break; 135#endif 136#ifndef OPENSSL_NO_DSA 137 case NID_dsa: 138 /* PKCS#8 DSA is weird: you just get a private key integer 139 * and parameters in the AlgorithmIdentifier the pubkey must 140 * be recalculated. 141 */ 142 143 /* Check for broken DSA PKCS#8, UGH! */ 144 if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) { 145 if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, 146 d2i_ASN1_TYPE, 147 ASN1_TYPE_free))) { 148 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 149 goto dsaerr; 150 } 151 if(sk_ASN1_TYPE_num(ndsa) != 2 ) { 152 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 153 goto dsaerr; 154 } 155 /* Handle Two broken types: 156 * SEQUENCE {parameters, priv_key} 157 * SEQUENCE {pub_key, priv_key} 158 */ 159 160 t1 = sk_ASN1_TYPE_value(ndsa, 0); 161 t2 = sk_ASN1_TYPE_value(ndsa, 1); 162 if(t1->type == V_ASN1_SEQUENCE) { 163 p8->broken = PKCS8_EMBEDDED_PARAM; 164 param = t1; 165 } else if(a->parameter->type == V_ASN1_SEQUENCE) { 166 p8->broken = PKCS8_NS_DB; 167 param = a->parameter; 168 } else { 169 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 170 goto dsaerr; 171 } 172 173 if(t2->type != V_ASN1_INTEGER) { 174 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 175 goto dsaerr; 176 } 177 privkey = t2->value.integer; 178 } else { 179 if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { 180 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 181 goto dsaerr; 182 } 183 param = p8->pkeyalg->parameter; 184 } 185 if (!param || (param->type != V_ASN1_SEQUENCE)) { 186 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 187 goto dsaerr; 188 } 189 cp = p = param->value.sequence->data; 190 plen = param->value.sequence->length; 191 if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) { 192 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 193 goto dsaerr; 194 } 195 /* We have parameters now set private key */ 196 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) { 197 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR); 198 goto dsaerr; 199 } 200 /* Calculate public key (ouch!) */ 201 if (!(dsa->pub_key = BN_new())) { 202 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); 203 goto dsaerr; 204 } 205 if (!(ctx = BN_CTX_new())) { 206 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); 207 goto dsaerr; 208 } 209 210 if (!BN_mod_exp(dsa->pub_key, dsa->g, 211 dsa->priv_key, dsa->p, ctx)) { 212 213 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR); 214 goto dsaerr; 215 } 216 217 EVP_PKEY_assign_DSA(pkey, dsa); 218 BN_CTX_free (ctx); 219 if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 220 else ASN1_INTEGER_free(privkey); 221 break; 222 dsaerr: 223 BN_CTX_free (ctx); 224 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 225 DSA_free(dsa); 226 EVP_PKEY_free(pkey); 227 return NULL; 228 break; 229#endif 230#ifndef OPENSSL_NO_EC 231 case NID_X9_62_id_ecPublicKey: 232 p_tmp = p; 233 /* extract the ec parameters */ 234 param = p8->pkeyalg->parameter; 235 236 if (!param || ((param->type != V_ASN1_SEQUENCE) && 237 (param->type != V_ASN1_OBJECT))) 238 { 239 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 240 goto ecerr; 241 } 242 243 if (param->type == V_ASN1_SEQUENCE) 244 { 245 cp = p = param->value.sequence->data; 246 plen = param->value.sequence->length; 247 248 if (!(eckey = d2i_ECParameters(NULL, &cp, plen))) 249 { 250 EVPerr(EVP_F_EVP_PKCS82PKEY, 251 EVP_R_DECODE_ERROR); 252 goto ecerr; 253 } 254 } 255 else 256 { 257 EC_GROUP *group; 258 cp = p = param->value.object->data; 259 plen = param->value.object->length; 260 261 /* type == V_ASN1_OBJECT => the parameters are given 262 * by an asn1 OID 263 */ 264 if ((eckey = EC_KEY_new()) == NULL) 265 { 266 EVPerr(EVP_F_EVP_PKCS82PKEY, 267 ERR_R_MALLOC_FAILURE); 268 goto ecerr; 269 } 270 group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); 271 if (group == NULL) 272 goto ecerr; 273 EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); 274 if (EC_KEY_set_group(eckey, group) == 0) 275 goto ecerr; 276 EC_GROUP_free(group); 277 } 278 279 /* We have parameters now set private key */ 280 if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen)) 281 { 282 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); 283 goto ecerr; 284 } 285 286 /* calculate public key (if necessary) */ 287 if (EC_KEY_get0_public_key(eckey) == NULL) 288 { 289 const BIGNUM *priv_key; 290 const EC_GROUP *group; 291 EC_POINT *pub_key; 292 /* the public key was not included in the SEC1 private 293 * key => calculate the public key */ 294 group = EC_KEY_get0_group(eckey); 295 pub_key = EC_POINT_new(group); 296 if (pub_key == NULL) 297 { 298 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); 299 goto ecerr; 300 } 301 if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) 302 { 303 EC_POINT_free(pub_key); 304 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); 305 goto ecerr; 306 } 307 priv_key = EC_KEY_get0_private_key(eckey); 308 if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) 309 { 310 EC_POINT_free(pub_key); 311 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); 312 goto ecerr; 313 } 314 if (EC_KEY_set_public_key(eckey, pub_key) == 0) 315 { 316 EC_POINT_free(pub_key); 317 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); 318 goto ecerr; 319 } 320 EC_POINT_free(pub_key); 321 } 322 323 EVP_PKEY_assign_EC_KEY(pkey, eckey); 324 if (ctx) 325 BN_CTX_free(ctx); 326 break; 327ecerr: 328 if (ctx) 329 BN_CTX_free(ctx); 330 if (eckey) 331 EC_KEY_free(eckey); 332 if (pkey) 333 EVP_PKEY_free(pkey); 334 return NULL; 335#endif 336 default: 337 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); 338 if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp); 339 else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm); 340 ERR_add_error_data(2, "TYPE=", obj_tmp); 341 EVP_PKEY_free (pkey); 342 return NULL; 343 } 344 return pkey; 345} 346 347PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) 348{ 349 return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK); 350} 351 352/* Turn a private key into a PKCS8 structure */ 353 354PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) 355{ 356 PKCS8_PRIV_KEY_INFO *p8; 357 358 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { 359 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); 360 return NULL; 361 } 362 p8->broken = broken; 363 if (!ASN1_INTEGER_set(p8->version, 0)) { 364 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); 365 PKCS8_PRIV_KEY_INFO_free (p8); 366 return NULL; 367 } 368 if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { 369 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); 370 PKCS8_PRIV_KEY_INFO_free (p8); 371 return NULL; 372 } 373 p8->pkey->type = V_ASN1_OCTET_STRING; 374 switch (EVP_PKEY_type(pkey->type)) { 375#ifndef OPENSSL_NO_RSA 376 case EVP_PKEY_RSA: 377 378 if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE; 379 380 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption); 381 p8->pkeyalg->parameter->type = V_ASN1_NULL; 382 if (!ASN1_pack_string_of (EVP_PKEY,pkey, i2d_PrivateKey, 383 &p8->pkey->value.octet_string)) { 384 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE); 385 PKCS8_PRIV_KEY_INFO_free (p8); 386 return NULL; 387 } 388 break; 389#endif 390#ifndef OPENSSL_NO_DSA 391 case EVP_PKEY_DSA: 392 if(!dsa_pkey2pkcs8(p8, pkey)) { 393 PKCS8_PRIV_KEY_INFO_free (p8); 394 return NULL; 395 } 396 397 break; 398#endif 399#ifndef OPENSSL_NO_EC 400 case EVP_PKEY_EC: 401 if (!eckey_pkey2pkcs8(p8, pkey)) 402 { 403 PKCS8_PRIV_KEY_INFO_free(p8); 404 return(NULL); 405 } 406 break; 407#endif 408 default: 409 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); 410 PKCS8_PRIV_KEY_INFO_free (p8); 411 return NULL; 412 } 413 RAND_add(p8->pkey->value.octet_string->data, 414 p8->pkey->value.octet_string->length, 0.0); 415 return p8; 416} 417 418PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) 419{ 420 switch (broken) { 421 422 case PKCS8_OK: 423 p8->broken = PKCS8_OK; 424 return p8; 425 break; 426 427 case PKCS8_NO_OCTET: 428 p8->broken = PKCS8_NO_OCTET; 429 p8->pkey->type = V_ASN1_SEQUENCE; 430 return p8; 431 break; 432 433 default: 434 EVPerr(EVP_F_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); 435 return NULL; 436 } 437} 438 439#ifndef OPENSSL_NO_DSA 440static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) 441{ 442 ASN1_STRING *params = NULL; 443 ASN1_INTEGER *prkey = NULL; 444 ASN1_TYPE *ttmp = NULL; 445 STACK_OF(ASN1_TYPE) *ndsa = NULL; 446 unsigned char *p = NULL, *q; 447 int len; 448 449 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); 450 len = i2d_DSAparams (pkey->pkey.dsa, NULL); 451 if (!(p = OPENSSL_malloc(len))) { 452 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 453 goto err; 454 } 455 q = p; 456 i2d_DSAparams (pkey->pkey.dsa, &q); 457 if (!(params = ASN1_STRING_new())) { 458 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 459 goto err; 460 } 461 if (!ASN1_STRING_set(params, p, len)) { 462 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 463 goto err; 464 } 465 OPENSSL_free(p); 466 p = NULL; 467 /* Get private key into integer */ 468 if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { 469 EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); 470 goto err; 471 } 472 473 switch(p8->broken) { 474 475 case PKCS8_OK: 476 case PKCS8_NO_OCTET: 477 478 if (!ASN1_pack_string_of(ASN1_INTEGER,prkey, i2d_ASN1_INTEGER, 479 &p8->pkey->value.octet_string)) { 480 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 481 goto err; 482 } 483 484 M_ASN1_INTEGER_free (prkey); 485 prkey = NULL; 486 p8->pkeyalg->parameter->value.sequence = params; 487 params = NULL; 488 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; 489 490 break; 491 492 case PKCS8_NS_DB: 493 494 p8->pkeyalg->parameter->value.sequence = params; 495 params = NULL; 496 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; 497 if (!(ndsa = sk_ASN1_TYPE_new_null())) { 498 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 499 goto err; 500 } 501 if (!(ttmp = ASN1_TYPE_new())) { 502 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 503 goto err; 504 } 505 if (!(ttmp->value.integer = 506 BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) { 507 EVPerr(EVP_F_DSA_PKEY2PKCS8,EVP_R_ENCODE_ERROR); 508 goto err; 509 } 510 ttmp->type = V_ASN1_INTEGER; 511 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { 512 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 513 goto err; 514 } 515 516 if (!(ttmp = ASN1_TYPE_new())) { 517 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 518 goto err; 519 } 520 ttmp->value.integer = prkey; 521 prkey = NULL; 522 ttmp->type = V_ASN1_INTEGER; 523 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { 524 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 525 goto err; 526 } 527 ttmp = NULL; 528 529 if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { 530 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 531 goto err; 532 } 533 534 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, 535 &p8->pkey->value.octet_string->data, 536 &p8->pkey->value.octet_string->length)) { 537 538 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 539 goto err; 540 } 541 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 542 break; 543 544 case PKCS8_EMBEDDED_PARAM: 545 546 p8->pkeyalg->parameter->type = V_ASN1_NULL; 547 if (!(ndsa = sk_ASN1_TYPE_new_null())) { 548 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 549 goto err; 550 } 551 if (!(ttmp = ASN1_TYPE_new())) { 552 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 553 goto err; 554 } 555 ttmp->value.sequence = params; 556 params = NULL; 557 ttmp->type = V_ASN1_SEQUENCE; 558 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { 559 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 560 goto err; 561 } 562 563 if (!(ttmp = ASN1_TYPE_new())) { 564 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 565 goto err; 566 } 567 ttmp->value.integer = prkey; 568 prkey = NULL; 569 ttmp->type = V_ASN1_INTEGER; 570 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { 571 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 572 goto err; 573 } 574 ttmp = NULL; 575 576 if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { 577 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 578 goto err; 579 } 580 581 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, 582 &p8->pkey->value.octet_string->data, 583 &p8->pkey->value.octet_string->length)) { 584 585 EVPerr(EVP_F_DSA_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 586 goto err; 587 } 588 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 589 break; 590 } 591 return 1; 592err: 593 if (p != NULL) OPENSSL_free(p); 594 if (params != NULL) ASN1_STRING_free(params); 595 if (prkey != NULL) M_ASN1_INTEGER_free(prkey); 596 if (ttmp != NULL) ASN1_TYPE_free(ttmp); 597 if (ndsa != NULL) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 598 return 0; 599} 600#endif 601 602#ifndef OPENSSL_NO_EC 603static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) 604{ 605 EC_KEY *ec_key; 606 const EC_GROUP *group; 607 unsigned char *p, *pp; 608 int nid, i, ret = 0; 609 unsigned int tmp_flags, old_flags; 610 611 ec_key = pkey->pkey.ec; 612 if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) 613 { 614 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS); 615 return 0; 616 } 617 618 /* set the ec parameters OID */ 619 if (p8->pkeyalg->algorithm) 620 ASN1_OBJECT_free(p8->pkeyalg->algorithm); 621 622 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_X9_62_id_ecPublicKey); 623 624 /* set the ec parameters */ 625 626 if (p8->pkeyalg->parameter) 627 { 628 ASN1_TYPE_free(p8->pkeyalg->parameter); 629 p8->pkeyalg->parameter = NULL; 630 } 631 632 if ((p8->pkeyalg->parameter = ASN1_TYPE_new()) == NULL) 633 { 634 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); 635 return 0; 636 } 637 638 if (EC_GROUP_get_asn1_flag(group) 639 && (nid = EC_GROUP_get_curve_name(group))) 640 { 641 /* we have a 'named curve' => just set the OID */ 642 p8->pkeyalg->parameter->type = V_ASN1_OBJECT; 643 p8->pkeyalg->parameter->value.object = OBJ_nid2obj(nid); 644 } 645 else /* explicit parameters */ 646 { 647 if ((i = i2d_ECParameters(ec_key, NULL)) == 0) 648 { 649 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); 650 return 0; 651 } 652 if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) 653 { 654 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); 655 return 0; 656 } 657 pp = p; 658 if (!i2d_ECParameters(ec_key, &pp)) 659 { 660 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); 661 OPENSSL_free(p); 662 return 0; 663 } 664 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; 665 if ((p8->pkeyalg->parameter->value.sequence 666 = ASN1_STRING_new()) == NULL) 667 { 668 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_ASN1_LIB); 669 OPENSSL_free(p); 670 return 0; 671 } 672 ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, i); 673 OPENSSL_free(p); 674 } 675 676 /* set the private key */ 677 678 /* do not include the parameters in the SEC1 private key 679 * see PKCS#11 12.11 */ 680 old_flags = EC_KEY_get_enc_flags(pkey->pkey.ec); 681 tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS; 682 EC_KEY_set_enc_flags(pkey->pkey.ec, tmp_flags); 683 i = i2d_ECPrivateKey(pkey->pkey.ec, NULL); 684 if (!i) 685 { 686 EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); 687 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); 688 return 0; 689 } 690 p = (unsigned char *) OPENSSL_malloc(i); 691 if (!p) 692 { 693 EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); 694 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); 695 return 0; 696 } 697 pp = p; 698 if (!i2d_ECPrivateKey(pkey->pkey.ec, &pp)) 699 { 700 EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); 701 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); 702 OPENSSL_free(p); 703 return 0; 704 } 705 /* restore old encoding flags */ 706 EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); 707 708 switch(p8->broken) { 709 710 case PKCS8_OK: 711 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); 712 if (!p8->pkey->value.octet_string || 713 !M_ASN1_OCTET_STRING_set(p8->pkey->value.octet_string, 714 (const void *)p, i)) 715 716 { 717 EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); 718 } 719 else 720 ret = 1; 721 break; 722 case PKCS8_NO_OCTET: /* RSA specific */ 723 case PKCS8_NS_DB: /* DSA specific */ 724 case PKCS8_EMBEDDED_PARAM: /* DSA specific */ 725 default: 726 EVPerr(EVP_F_ECKEY_PKEY2PKCS8,EVP_R_ENCODE_ERROR); 727 } 728 OPENSSL_cleanse(p, (size_t)i); 729 OPENSSL_free(p); 730 return ret; 731} 732#endif 733 734/* EVP_PKEY attribute functions */ 735 736int EVP_PKEY_get_attr_count(const EVP_PKEY *key) 737{ 738 return X509at_get_attr_count(key->attributes); 739} 740 741int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, 742 int lastpos) 743{ 744 return X509at_get_attr_by_NID(key->attributes, nid, lastpos); 745} 746 747int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, 748 int lastpos) 749{ 750 return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos); 751} 752 753X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc) 754{ 755 return X509at_get_attr(key->attributes, loc); 756} 757 758X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc) 759{ 760 return X509at_delete_attr(key->attributes, loc); 761} 762 763int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr) 764{ 765 if(X509at_add1_attr(&key->attributes, attr)) return 1; 766 return 0; 767} 768 769int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, 770 const ASN1_OBJECT *obj, int type, 771 const unsigned char *bytes, int len) 772{ 773 if(X509at_add1_attr_by_OBJ(&key->attributes, obj, 774 type, bytes, len)) return 1; 775 return 0; 776} 777 778int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, 779 int nid, int type, 780 const unsigned char *bytes, int len) 781{ 782 if(X509at_add1_attr_by_NID(&key->attributes, nid, 783 type, bytes, len)) return 1; 784 return 0; 785} 786 787int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, 788 const char *attrname, int type, 789 const unsigned char *bytes, int len) 790{ 791 if(X509at_add1_attr_by_txt(&key->attributes, attrname, 792 type, bytes, len)) return 1; 793 return 0; 794} 795