2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/cryptlib.h"
12 #include <openssl/bn.h>
13 #include <openssl/evp.h>
14 #include <openssl/objects.h>
15 #include <openssl/engine.h>
16 #include <openssl/x509.h>
17 #include <openssl/asn1.h>
18 #include "crypto/asn1.h"
19 #include "crypto/evp.h"
21 DEFINE_STACK_OF(ASN1_TYPE)
22 EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp,
23 long length, OPENSSL_CTX *libctx, const char *propq)
26 const unsigned char *p = *pp;
28 if ((a == NULL) || (*a == NULL)) {
29 if ((ret = EVP_PKEY_new()) == NULL) {
30 ASN1err(0, ERR_R_EVP_LIB);
35 #ifndef OPENSSL_NO_ENGINE
36 ENGINE_finish(ret->engine);
41 if (!EVP_PKEY_set_type(ret, type)) {
42 ASN1err(0, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
46 if (!ret->ameth->old_priv_decode ||
47 !ret->ameth->old_priv_decode(ret, &p, length)) {
48 if (ret->ameth->priv_decode != NULL
49 || ret->ameth->priv_decode_with_libctx != NULL) {
51 PKCS8_PRIV_KEY_INFO *p8 = NULL;
52 p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
55 tmp = evp_pkcs82pkey_int(p8, libctx, propq);
56 PKCS8_PRIV_KEY_INFO_free(p8);
61 if (EVP_PKEY_type(type) != EVP_PKEY_base_id(ret))
64 ASN1err(0, ERR_R_ASN1_LIB);
73 if (a == NULL || *a != ret)
78 EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
81 return d2i_PrivateKey_ex(type, a, pp, length, NULL, NULL);
85 * This works like d2i_PrivateKey() except it automatically works out the
89 EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp,
90 long length, OPENSSL_CTX *libctx,
93 STACK_OF(ASN1_TYPE) *inkey;
94 const unsigned char *p;
98 * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
99 * analyzing it we can determine the passed structure: this assumes the
100 * input is surrounded by an ASN1 SEQUENCE.
102 inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
105 * Since we only need to discern "traditional format" RSA and DSA keys we
106 * can just count the elements.
108 if (sk_ASN1_TYPE_num(inkey) == 6) {
109 keytype = EVP_PKEY_DSA;
110 } else if (sk_ASN1_TYPE_num(inkey) == 4) {
111 keytype = EVP_PKEY_EC;
112 } else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
113 * traditional format */
114 PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
117 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
119 ASN1err(0, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
122 ret = evp_pkcs82pkey_int(p8, libctx, propq);
123 PKCS8_PRIV_KEY_INFO_free(p8);
132 keytype = EVP_PKEY_RSA;
134 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
135 return d2i_PrivateKey_ex(keytype, a, pp, length, libctx, propq);
138 EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
141 return d2i_AutoPrivateKey_ex(a, pp, length, NULL, NULL);