#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
+#include <openssl/x509.h>
#include <openssl/asn1.h>
#include "asn1_locl.h"
if (!ret->ameth->old_priv_decode ||
!ret->ameth->old_priv_decode(ret, pp, length))
{
- ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
- goto err;
- }
+ if (ret->ameth->priv_decode)
+ {
+ PKCS8_PRIV_KEY_INFO *p8=NULL;
+ p8=d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length);
+ if (!p8) goto err;
+ EVP_PKEY_free(ret);
+ ret = EVP_PKCS82PKEY(p8);
+ PKCS8_PRIV_KEY_INFO_free(p8);
+
+ }
+ else
+ {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ }
if (a != NULL) (*a)=ret;
return(ret);
err:
* by analyzing it we can determine the passed structure: this
* assumes the input is surrounded by an ASN1 SEQUENCE.
*/
- inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE,
- ASN1_TYPE_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
+ inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
/* Since we only need to discern "traditional format" RSA and DSA
* keys we can just count the elements.
*/
keytype = EVP_PKEY_DSA;
else if (sk_ASN1_TYPE_num(inkey) == 4)
keytype = EVP_PKEY_EC;
+ else if (sk_ASN1_TYPE_num(inkey) == 3)
+ { /* This seems to be PKCS8, not traditional format */
+ PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length);
+ EVP_PKEY *ret;
+
+ sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
+ if (!p8)
+ {
+ ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+ return NULL;
+ }
+ ret = EVP_PKCS82PKEY(p8);
+ PKCS8_PRIV_KEY_INFO_free(p8);
+ if (a) {
+ *a = ret;
+ }
+ return ret;
+ }
else keytype = EVP_PKEY_RSA;
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
return d2i_PrivateKey(keytype, a, pp, length);