crypto/asn1/d2i_pr.c

e71b7053SJung-uk Kim/*
*9a3ae0cdSJung-uk Kim * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
74664626SKris Kennaway *
e71b7053SJung-uk Kim * Licensed under the OpenSSL license (the "License").  You may not use
e71b7053SJung-uk Kim * this file except in compliance with the License.  You can obtain a copy
e71b7053SJung-uk Kim * in the file LICENSE in the source distribution or at
e71b7053SJung-uk Kim * https://www.openssl.org/source/license.html
74664626SKris Kennaway */
74664626SKris Kennaway
74664626SKris Kennaway#include <stdio.h>
e71b7053SJung-uk Kim#include "internal/cryptlib.h"
74664626SKris Kennaway#include <openssl/bn.h>
74664626SKris Kennaway#include <openssl/evp.h>
74664626SKris Kennaway#include <openssl/objects.h>
1f13597dSJung-uk Kim#include <openssl/engine.h>
1f13597dSJung-uk Kim#include <openssl/x509.h>
74664626SKris Kennaway#include <openssl/asn1.h>
17f01e99SJung-uk Kim#include "crypto/asn1.h"
17f01e99SJung-uk Kim#include "crypto/evp.h"
74664626SKris Kennaway
3b4e3dcbSSimon L. B. NielsenEVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
74664626SKris Kennaway                         long length)
74664626SKris Kennaway{
74664626SKris Kennaway    EVP_PKEY *ret;
80815a77SJung-uk Kim    const unsigned char *p = *pp;
74664626SKris Kennaway
6f9291ceSJung-uk Kim    if ((a == NULL) || (*a == NULL)) {
6f9291ceSJung-uk Kim        if ((ret = EVP_PKEY_new()) == NULL) {
74664626SKris Kennaway            ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
e71b7053SJung-uk Kim            return NULL;
74664626SKris Kennaway        }
6f9291ceSJung-uk Kim    } else {
1f13597dSJung-uk Kim        ret = *a;
1f13597dSJung-uk Kim#ifndef OPENSSL_NO_ENGINE
1f13597dSJung-uk Kim        ENGINE_finish(ret->engine);
1f13597dSJung-uk Kim        ret->engine = NULL;
1f13597dSJung-uk Kim#endif
1f13597dSJung-uk Kim    }
74664626SKris Kennaway
6f9291ceSJung-uk Kim    if (!EVP_PKEY_set_type(ret, type)) {
74664626SKris Kennaway        ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
74664626SKris Kennaway        goto err;
1f13597dSJung-uk Kim    }
1f13597dSJung-uk Kim
1f13597dSJung-uk Kim    if (!ret->ameth->old_priv_decode ||
80815a77SJung-uk Kim        !ret->ameth->old_priv_decode(ret, &p, length)) {
6f9291ceSJung-uk Kim        if (ret->ameth->priv_decode) {
aeb5019cSJung-uk Kim            EVP_PKEY *tmp;
1f13597dSJung-uk Kim            PKCS8_PRIV_KEY_INFO *p8 = NULL;
80815a77SJung-uk Kim            p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
6f9291ceSJung-uk Kim            if (!p8)
6f9291ceSJung-uk Kim                goto err;
aeb5019cSJung-uk Kim            tmp = EVP_PKCS82PKEY(p8);
1f13597dSJung-uk Kim            PKCS8_PRIV_KEY_INFO_free(p8);
aeb5019cSJung-uk Kim            if (tmp == NULL)
80815a77SJung-uk Kim                goto err;
aeb5019cSJung-uk Kim            EVP_PKEY_free(ret);
aeb5019cSJung-uk Kim            ret = tmp;
58f35182SJung-uk Kim            if (EVP_PKEY_type(type) != EVP_PKEY_base_id(ret))
58f35182SJung-uk Kim                goto err;
6f9291ceSJung-uk Kim        } else {
1f13597dSJung-uk Kim            ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
1f13597dSJung-uk Kim            goto err;
1f13597dSJung-uk Kim        }
74664626SKris Kennaway    }
80815a77SJung-uk Kim    *pp = p;
6f9291ceSJung-uk Kim    if (a != NULL)
6f9291ceSJung-uk Kim        (*a) = ret;
e71b7053SJung-uk Kim    return ret;
74664626SKris Kennaway err:
e71b7053SJung-uk Kim    if (a == NULL || *a != ret)
6f9291ceSJung-uk Kim        EVP_PKEY_free(ret);
e71b7053SJung-uk Kim    return NULL;
74664626SKris Kennaway}
74664626SKris Kennaway
6f9291ceSJung-uk Kim/*
6f9291ceSJung-uk Kim * This works like d2i_PrivateKey() except it automatically works out the
6f9291ceSJung-uk Kim * type
6f9291ceSJung-uk Kim */
f579bf8eSKris Kennaway
*9a3ae0cdSJung-uk Kimstatic EVP_PKEY *key_as_pkcs8(const unsigned char **pp, long length, int *carry_on)
*9a3ae0cdSJung-uk Kim{
*9a3ae0cdSJung-uk Kim    const unsigned char *p = *pp;
*9a3ae0cdSJung-uk Kim    PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
*9a3ae0cdSJung-uk Kim    EVP_PKEY *ret;
*9a3ae0cdSJung-uk Kim
*9a3ae0cdSJung-uk Kim    if (p8 == NULL)
*9a3ae0cdSJung-uk Kim        return NULL;
*9a3ae0cdSJung-uk Kim
*9a3ae0cdSJung-uk Kim    ret = EVP_PKCS82PKEY(p8);
*9a3ae0cdSJung-uk Kim    if (ret == NULL)
*9a3ae0cdSJung-uk Kim        *carry_on = 0;
*9a3ae0cdSJung-uk Kim
*9a3ae0cdSJung-uk Kim    PKCS8_PRIV_KEY_INFO_free(p8);
*9a3ae0cdSJung-uk Kim
*9a3ae0cdSJung-uk Kim    if (ret != NULL)
*9a3ae0cdSJung-uk Kim        *pp = p;
*9a3ae0cdSJung-uk Kim
*9a3ae0cdSJung-uk Kim    return ret;
*9a3ae0cdSJung-uk Kim}
*9a3ae0cdSJung-uk Kim
3b4e3dcbSSimon L. B. NielsenEVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
f579bf8eSKris Kennaway                             long length)
f579bf8eSKris Kennaway{
f579bf8eSKris Kennaway    STACK_OF(ASN1_TYPE) *inkey;
3b4e3dcbSSimon L. B. Nielsen    const unsigned char *p;
f579bf8eSKris Kennaway    int keytype;
*9a3ae0cdSJung-uk Kim    EVP_PKEY *ret = NULL;
*9a3ae0cdSJung-uk Kim    int carry_on = 1;
*9a3ae0cdSJung-uk Kim
*9a3ae0cdSJung-uk Kim    ERR_set_mark();
*9a3ae0cdSJung-uk Kim    ret = key_as_pkcs8(pp, length, &carry_on);
*9a3ae0cdSJung-uk Kim    if (ret != NULL) {
*9a3ae0cdSJung-uk Kim        ERR_clear_last_mark();
*9a3ae0cdSJung-uk Kim        if (a != NULL)
*9a3ae0cdSJung-uk Kim            *a = ret;
*9a3ae0cdSJung-uk Kim        return ret;
*9a3ae0cdSJung-uk Kim    }
*9a3ae0cdSJung-uk Kim
*9a3ae0cdSJung-uk Kim    if (carry_on == 0) {
*9a3ae0cdSJung-uk Kim        ERR_clear_last_mark();
*9a3ae0cdSJung-uk Kim        ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
*9a3ae0cdSJung-uk Kim                ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
*9a3ae0cdSJung-uk Kim        return NULL;
*9a3ae0cdSJung-uk Kim    }
f579bf8eSKris Kennaway    p = *pp;
*9a3ae0cdSJung-uk Kim
6f9291ceSJung-uk Kim    /*
6f9291ceSJung-uk Kim     * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
6f9291ceSJung-uk Kim     * analyzing it we can determine the passed structure: this assumes the
6f9291ceSJung-uk Kim     * input is surrounded by an ASN1 SEQUENCE.
f579bf8eSKris Kennaway     */
1f13597dSJung-uk Kim    inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
80815a77SJung-uk Kim    p = *pp;
6f9291ceSJung-uk Kim    /*
6f9291ceSJung-uk Kim     * Since we only need to discern "traditional format" RSA and DSA keys we
6f9291ceSJung-uk Kim     * can just count the elements.
f579bf8eSKris Kennaway     */
3b4e3dcbSSimon L. B. Nielsen    if (sk_ASN1_TYPE_num(inkey) == 6)
3b4e3dcbSSimon L. B. Nielsen        keytype = EVP_PKEY_DSA;
3b4e3dcbSSimon L. B. Nielsen    else if (sk_ASN1_TYPE_num(inkey) == 4)
3b4e3dcbSSimon L. B. Nielsen        keytype = EVP_PKEY_EC;
*9a3ae0cdSJung-uk Kim    else
6f9291ceSJung-uk Kim        keytype = EVP_PKEY_RSA;
f579bf8eSKris Kennaway    sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
*9a3ae0cdSJung-uk Kim
*9a3ae0cdSJung-uk Kim    ret = d2i_PrivateKey(keytype, a, pp, length);
*9a3ae0cdSJung-uk Kim    if (ret != NULL)
*9a3ae0cdSJung-uk Kim        ERR_pop_to_mark();
*9a3ae0cdSJung-uk Kim    else
*9a3ae0cdSJung-uk Kim        ERR_clear_last_mark();
*9a3ae0cdSJung-uk Kim
*9a3ae0cdSJung-uk Kim    return ret;
f579bf8eSKris Kennaway}