xref: /freebsd/crypto/openssl/crypto/asn1/d2i_pr.c (revision 5c8e8e82aeaf3aa788acdd6cfca30ef09094230d)
1 /*
2  * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the OpenSSL license (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include <openssl/bn.h>
13 #include <openssl/evp.h>
14 #include <openssl/objects.h>
15 #include <openssl/engine.h>
16 #include <openssl/x509.h>
17 #include <openssl/asn1.h>
18 #include "crypto/asn1.h"
19 #include "crypto/evp.h"
20 
21 EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
22                          long length)
23 {
24     EVP_PKEY *ret;
25     const unsigned char *p = *pp;
26 
27     if ((a == NULL) || (*a == NULL)) {
28         if ((ret = EVP_PKEY_new()) == NULL) {
29             ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
30             return NULL;
31         }
32     } else {
33         ret = *a;
34 #ifndef OPENSSL_NO_ENGINE
35         ENGINE_finish(ret->engine);
36         ret->engine = NULL;
37 #endif
38     }
39 
40     if (!EVP_PKEY_set_type(ret, type)) {
41         ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
42         goto err;
43     }
44 
45     if (!ret->ameth->old_priv_decode ||
46         !ret->ameth->old_priv_decode(ret, &p, length)) {
47         if (ret->ameth->priv_decode) {
48             EVP_PKEY *tmp;
49             PKCS8_PRIV_KEY_INFO *p8 = NULL;
50             p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
51             if (!p8)
52                 goto err;
53             tmp = EVP_PKCS82PKEY(p8);
54             PKCS8_PRIV_KEY_INFO_free(p8);
55             if (tmp == NULL)
56                 goto err;
57             EVP_PKEY_free(ret);
58             ret = tmp;
59             if (EVP_PKEY_type(type) != EVP_PKEY_base_id(ret))
60                 goto err;
61         } else {
62             ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
63             goto err;
64         }
65     }
66     *pp = p;
67     if (a != NULL)
68         (*a) = ret;
69     return ret;
70  err:
71     if (a == NULL || *a != ret)
72         EVP_PKEY_free(ret);
73     return NULL;
74 }
75 
76 /*
77  * This works like d2i_PrivateKey() except it automatically works out the
78  * type
79  */
80 
81 static EVP_PKEY *key_as_pkcs8(const unsigned char **pp, long length, int *carry_on)
82 {
83     const unsigned char *p = *pp;
84     PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
85     EVP_PKEY *ret;
86 
87     if (p8 == NULL)
88         return NULL;
89 
90     ret = EVP_PKCS82PKEY(p8);
91     if (ret == NULL)
92         *carry_on = 0;
93 
94     PKCS8_PRIV_KEY_INFO_free(p8);
95 
96     if (ret != NULL)
97         *pp = p;
98 
99     return ret;
100 }
101 
102 EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
103                              long length)
104 {
105     STACK_OF(ASN1_TYPE) *inkey;
106     const unsigned char *p;
107     int keytype;
108     EVP_PKEY *ret = NULL;
109     int carry_on = 1;
110 
111     ERR_set_mark();
112     ret = key_as_pkcs8(pp, length, &carry_on);
113     if (ret != NULL) {
114         ERR_clear_last_mark();
115         if (a != NULL)
116             *a = ret;
117         return ret;
118     }
119 
120     if (carry_on == 0) {
121         ERR_clear_last_mark();
122         ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
123                 ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
124         return NULL;
125     }
126     p = *pp;
127 
128     /*
129      * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
130      * analyzing it we can determine the passed structure: this assumes the
131      * input is surrounded by an ASN1 SEQUENCE.
132      */
133     inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
134     p = *pp;
135     /*
136      * Since we only need to discern "traditional format" RSA and DSA keys we
137      * can just count the elements.
138      */
139     if (sk_ASN1_TYPE_num(inkey) == 6)
140         keytype = EVP_PKEY_DSA;
141     else if (sk_ASN1_TYPE_num(inkey) == 4)
142         keytype = EVP_PKEY_EC;
143     else
144         keytype = EVP_PKEY_RSA;
145     sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
146 
147     ret = d2i_PrivateKey(keytype, a, pp, length);
148     if (ret != NULL)
149         ERR_pop_to_mark();
150     else
151         ERR_clear_last_mark();
152 
153     return ret;
154 }
155