void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
const EVP_PKEY_ASN1_METHOD *src)
{
-
- dst->pub_decode = src->pub_decode;
- dst->pub_encode = src->pub_encode;
- dst->pub_cmp = src->pub_cmp;
- dst->pub_print = src->pub_print;
-
- dst->priv_decode = src->priv_decode;
- dst->priv_encode = src->priv_encode;
- dst->priv_print = src->priv_print;
-
- dst->old_priv_encode = src->old_priv_encode;
- dst->old_priv_decode = src->old_priv_decode;
-
- dst->pkey_size = src->pkey_size;
- dst->pkey_bits = src->pkey_bits;
-
- dst->param_decode = src->param_decode;
- dst->param_encode = src->param_encode;
- dst->param_missing = src->param_missing;
- dst->param_copy = src->param_copy;
- dst->param_cmp = src->param_cmp;
- dst->param_print = src->param_print;
-
- dst->pkey_free = src->pkey_free;
- dst->pkey_ctrl = src->pkey_ctrl;
-
- dst->item_sign = src->item_sign;
- dst->item_verify = src->item_verify;
-
- dst->siginf_set = src->siginf_set;
-
- dst->pkey_check = src->pkey_check;
-
+ int pkey_id = dst->pkey_id;
+ int pkey_base_id = dst->pkey_base_id;
+ unsigned long pkey_flags = dst->pkey_flags;
+ char *pem_str = dst->pem_str;
+ char *info = dst->info;
+
+ *dst = *src;
+
+ /* We only copy the function pointers so restore the other values */
+ dst->pkey_id = pkey_id;
+ dst->pkey_base_id = pkey_base_id;
+ dst->pkey_flags = pkey_flags;
+ dst->pem_str = pem_str;
+ dst->info = info;
}
void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
#include "crypto/asn1.h"
#include "crypto/evp.h"
-EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
- long length)
+EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length, OPENSSL_CTX *libctx, const char *propq)
{
EVP_PKEY *ret;
const unsigned char *p = *pp;
if ((a == NULL) || (*a == NULL)) {
if ((ret = EVP_PKEY_new()) == NULL) {
- ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
+ ASN1err(0, ERR_R_EVP_LIB);
return NULL;
}
} else {
}
if (!EVP_PKEY_set_type(ret, type)) {
- ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+ ASN1err(0, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
goto err;
}
if (!ret->ameth->old_priv_decode ||
!ret->ameth->old_priv_decode(ret, &p, length)) {
- if (ret->ameth->priv_decode) {
+ if (ret->ameth->priv_decode != NULL
+ || ret->ameth->priv_decode_with_libctx != NULL) {
EVP_PKEY *tmp;
PKCS8_PRIV_KEY_INFO *p8 = NULL;
p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
if (p8 == NULL)
goto err;
- tmp = EVP_PKCS82PKEY(p8);
+ tmp = evp_pkcs82pkey_int(p8, libctx, propq);
PKCS8_PRIV_KEY_INFO_free(p8);
if (tmp == NULL)
goto err;
EVP_PKEY_free(ret);
ret = tmp;
} else {
- ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
+ ASN1err(0, ERR_R_ASN1_LIB);
goto err;
}
}
return NULL;
}
+EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length)
+{
+ return d2i_PrivateKey_ex(type, a, pp, length, NULL, NULL);
+}
+
/*
* This works like d2i_PrivateKey() except it automatically works out the
* type
*/
-EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
- long length)
+EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp,
+ long length, OPENSSL_CTX *libctx,
+ const char *propq)
{
STACK_OF(ASN1_TYPE) *inkey;
const unsigned char *p;
* Since we only need to discern "traditional format" RSA and DSA keys we
* can just count the elements.
*/
- if (sk_ASN1_TYPE_num(inkey) == 6)
+ if (sk_ASN1_TYPE_num(inkey) == 6) {
keytype = EVP_PKEY_DSA;
- else if (sk_ASN1_TYPE_num(inkey) == 4)
+ } else if (sk_ASN1_TYPE_num(inkey) == 4) {
keytype = EVP_PKEY_EC;
- else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
+ } else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
* traditional format */
PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
EVP_PKEY *ret;
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
if (p8 == NULL) {
- ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
- ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+ ASN1err(0, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
return NULL;
}
- ret = EVP_PKCS82PKEY(p8);
+ ret = evp_pkcs82pkey_int(p8, libctx, propq);
PKCS8_PRIV_KEY_INFO_free(p8);
if (ret == NULL)
return NULL;
*a = ret;
}
return ret;
- } else
+ } else {
keytype = EVP_PKEY_RSA;
+ }
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
- return d2i_PrivateKey(keytype, a, pp, length);
+ return d2i_PrivateKey_ex(keytype, a, pp, length, libctx, propq);
+}
+
+EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+ long length)
+{
+ return d2i_AutoPrivateKey_ex(a, pp, length, NULL, NULL);
}
/* Extract a private key from a PKCS8 structure */
-EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8)
+EVP_PKEY *evp_pkcs82pkey_int(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx,
+ const char *propq)
{
EVP_PKEY *pkey = NULL;
const ASN1_OBJECT *algoid;
return NULL;
if ((pkey = EVP_PKEY_new()) == NULL) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
+ EVPerr(0, ERR_R_MALLOC_FAILURE);
return NULL;
}
if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
+ EVPerr(0, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
ERR_add_error_data(2, "TYPE=", obj_tmp);
goto error;
}
- if (pkey->ameth->priv_decode) {
+ if (pkey->ameth->priv_decode_with_libctx != NULL) {
+ if (!pkey->ameth->priv_decode_with_libctx(pkey, p8, libctx, propq)) {
+ EVPerr(0, EVP_R_PRIVATE_KEY_DECODE_ERROR);
+ goto error;
+ }
+ } else if (pkey->ameth->priv_decode != NULL) {
if (!pkey->ameth->priv_decode(pkey, p8)) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_PRIVATE_KEY_DECODE_ERROR);
+ EVPerr(0, EVP_R_PRIVATE_KEY_DECODE_ERROR);
goto error;
}
} else {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
+ EVPerr(0, EVP_R_METHOD_NOT_SUPPORTED);
goto error;
}
return NULL;
}
+EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8)
+{
+ return evp_pkcs82pkey_int(p8, NULL, NULL);
+}
+
/* Turn a private key into a PKCS8 structure */
PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey)
#include <openssl/rsa.h>
#include <openssl/dsa.h>
#include <openssl/x509v3.h>
+#include "crypto/asn1.h"
static void clean_id_ctx(EVP_MD_CTX *ctx)
{
return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a);
}
+EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OPENSSL_CTX *libctx,
+ const char *propq)
+{
+ BIO *b;
+ void *ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ X509err(0, ERR_R_BUF_LIB);
+ return NULL;
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = d2i_PrivateKey_ex_bio(b, a, libctx, propq);
+ BIO_free(b);
+ return ret;
+}
+
int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey)
{
return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey);
return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a);
}
+EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OPENSSL_CTX *libctx,
+ const char *propq)
+{
+ BUF_MEM *b = NULL;
+ const unsigned char *p;
+ void *ret = NULL;
+ int len;
+
+ len = asn1_d2i_read_bio(bp, &b);
+ if (len < 0)
+ goto err;
+
+ p = (unsigned char *)b->data;
+ ret = d2i_AutoPrivateKey_ex(a, &p, len, libctx, propq);
+ err:
+ BUF_MEM_free(b);
+ return ret;
+}
+
int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey)
{
return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey);
EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx,
const char *propq);
OSSL_CALLBACK *import_from;
+
+ int (*priv_decode_with_libctx) (EVP_PKEY *pk,
+ const PKCS8_PRIV_KEY_INFO *p8inf,
+ OPENSSL_CTX *libctx,
+ const char *propq);
} /* EVP_PKEY_ASN1_METHOD */ ;
DEFINE_STACK_OF_CONST(EVP_PKEY_ASN1_METHOD)
*/
int evp_pkey_ctx_set_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
+
+EVP_PKEY *evp_pkcs82pkey_int(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx,
+ const char *propq);
#endif /* !defined(FIPS_MODE) */
long length);
int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp);
+
+EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length, OPENSSL_CTX *libctx, const char *propq);
EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length);
+EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp,
+ long length, OPENSSL_CTX *libctx,
+ const char *propq);
EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
long length);
int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp);
int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf);
int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key);
int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey);
+EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OPENSSL_CTX *libctx,
+ const char *propq);
EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey);
EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf);
int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key);
int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey);
+EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OPENSSL_CTX *libctx,
+ const char *propq);
EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey);
EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
EVP_PKEY_CTX_set_ec_paramgen_curve_name ? 3_0_0 EXIST::FUNCTION:EC
EVP_PKEY_CTX_get_ec_paramgen_curve_name ? 3_0_0 EXIST::FUNCTION:EC
EVP_PKEY_CTX_set_ec_paramgen_curve_nid ? 3_0_0 EXIST::FUNCTION:EC
+d2i_PrivateKey_ex ? 3_0_0 EXIST::FUNCTION:
+d2i_AutoPrivateKey_ex ? 3_0_0 EXIST::FUNCTION:
+d2i_PrivateKey_ex_fp ? 3_0_0 EXIST::FUNCTION:STDIO
+d2i_PrivateKey_ex_bio ? 3_0_0 EXIST::FUNCTION: