some const fixes and cleanup
[openssl.git] / crypto / evp / evp_pkey.c
1 /* evp_pkey.c */
2 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3  * project 1999.
4  */
5 /* ====================================================================
6  * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer. 
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in
17  *    the documentation and/or other materials provided with the
18  *    distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  *    software must display the following acknowledgment:
22  *    "This product includes software developed by the OpenSSL Project
23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  *    endorse or promote products derived from this software without
27  *    prior written permission. For written permission, please contact
28  *    licensing@OpenSSL.org.
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  *    nor may "OpenSSL" appear in their names without prior written
32  *    permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  *    acknowledgment:
36  *    "This product includes software developed by the OpenSSL Project
37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  *
53  * This product includes cryptographic software written by Eric Young
54  * (eay@cryptsoft.com).  This product includes software written by Tim
55  * Hudson (tjh@cryptsoft.com).
56  *
57  */
58
59 #include <stdio.h>
60 #include <stdlib.h>
61 #include "cryptlib.h"
62 #include <openssl/x509.h>
63 #include <openssl/rand.h>
64 #include <openssl/rsa.h>
65 #include <openssl/dsa.h>
66 #include <openssl/bn.h>
67
68 #ifndef OPENSSL_NO_DSA
69 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
70 #endif
71 #ifndef OPENSSL_NO_EC
72 static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
73 #endif
74
75 /* Extract a private key from a PKCS8 structure */
76
77 EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
78 {
79         EVP_PKEY *pkey = NULL;
80 #ifndef OPENSSL_NO_RSA
81         RSA *rsa = NULL;
82 #endif
83 #ifndef OPENSSL_NO_DSA
84         DSA *dsa = NULL;
85         ASN1_TYPE *t1, *t2;
86         ASN1_INTEGER *privkey;
87         STACK_OF(ASN1_TYPE) *ndsa = NULL;
88 #endif
89 #ifndef OPENSSL_NO_EC
90         EC_KEY *eckey = NULL;
91         const unsigned char *p_tmp;
92 #endif
93 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
94         ASN1_TYPE    *param = NULL;     
95         BN_CTX *ctx = NULL;
96         int plen;
97 #endif
98         X509_ALGOR *a;
99         const unsigned char *p;
100         const unsigned char *cp;
101         int pkeylen;
102         int  nid;
103         char obj_tmp[80];
104
105         if(p8->pkey->type == V_ASN1_OCTET_STRING) {
106                 p8->broken = PKCS8_OK;
107                 p = p8->pkey->value.octet_string->data;
108                 pkeylen = p8->pkey->value.octet_string->length;
109         } else {
110                 p8->broken = PKCS8_NO_OCTET;
111                 p = p8->pkey->value.sequence->data;
112                 pkeylen = p8->pkey->value.sequence->length;
113         }
114         if (!(pkey = EVP_PKEY_new())) {
115                 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
116                 return NULL;
117         }
118         a = p8->pkeyalg;
119         nid = OBJ_obj2nid(a->algorithm);
120         switch(nid)
121         {
122 #ifndef OPENSSL_NO_RSA
123                 case NID_rsaEncryption:
124                 cp = p;
125                 if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) {
126                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
127                         return NULL;
128                 }
129                 EVP_PKEY_assign_RSA (pkey, rsa);
130                 break;
131 #endif
132 #ifndef OPENSSL_NO_DSA
133                 case NID_dsa:
134                 /* PKCS#8 DSA is weird: you just get a private key integer
135                  * and parameters in the AlgorithmIdentifier the pubkey must
136                  * be recalculated.
137                  */
138         
139                 /* Check for broken DSA PKCS#8, UGH! */
140                 if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) {
141                     if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, 
142                                                           d2i_ASN1_TYPE,
143                                                           ASN1_TYPE_free))) {
144                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
145                         goto dsaerr;
146                     }
147                     if(sk_ASN1_TYPE_num(ndsa) != 2 ) {
148                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
149                         goto dsaerr;
150                     }
151                     /* Handle Two broken types:
152                      * SEQUENCE {parameters, priv_key}
153                      * SEQUENCE {pub_key, priv_key}
154                      */
155
156                     t1 = sk_ASN1_TYPE_value(ndsa, 0);
157                     t2 = sk_ASN1_TYPE_value(ndsa, 1);
158                     if(t1->type == V_ASN1_SEQUENCE) {
159                         p8->broken = PKCS8_EMBEDDED_PARAM;
160                         param = t1;
161                     } else if(a->parameter->type == V_ASN1_SEQUENCE) {
162                         p8->broken = PKCS8_NS_DB;
163                         param = a->parameter;
164                     } else {
165                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
166                         goto dsaerr;
167                     }
168
169                     if(t2->type != V_ASN1_INTEGER) {
170                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
171                         goto dsaerr;
172                     }
173                     privkey = t2->value.integer;
174                 } else {
175                         if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
176                                 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
177                                 goto dsaerr;
178                         }
179                         param = p8->pkeyalg->parameter;
180                 }
181                 if (!param || (param->type != V_ASN1_SEQUENCE)) {
182                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
183                         goto dsaerr;
184                 }
185                 cp = p = param->value.sequence->data;
186                 plen = param->value.sequence->length;
187                 if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) {
188                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
189                         goto dsaerr;
190                 }
191                 /* We have parameters now set private key */
192                 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
193                         EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR);
194                         goto dsaerr;
195                 }
196                 /* Calculate public key (ouch!) */
197                 if (!(dsa->pub_key = BN_new())) {
198                         EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
199                         goto dsaerr;
200                 }
201                 if (!(ctx = BN_CTX_new())) {
202                         EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
203                         goto dsaerr;
204                 }
205                         
206                 if (!BN_mod_exp(dsa->pub_key, dsa->g,
207                                                  dsa->priv_key, dsa->p, ctx)) {
208                         
209                         EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR);
210                         goto dsaerr;
211                 }
212
213                 EVP_PKEY_assign_DSA(pkey, dsa);
214                 BN_CTX_free (ctx);
215                 if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
216                 else ASN1_INTEGER_free(privkey);
217                 break;
218                 dsaerr:
219                 BN_CTX_free (ctx);
220                 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
221                 DSA_free(dsa);
222                 EVP_PKEY_free(pkey);
223                 return NULL;
224                 break;
225 #endif
226 #ifndef OPENSSL_NO_EC
227                 case NID_X9_62_id_ecPublicKey:
228                 p_tmp = p;
229                 /* extract the ec parameters */
230                 param = p8->pkeyalg->parameter;
231
232                 if (!param || ((param->type != V_ASN1_SEQUENCE) &&
233                     (param->type != V_ASN1_OBJECT)))
234                 {
235                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
236                         goto ecerr;
237                 }
238
239                 if (param->type == V_ASN1_SEQUENCE)
240                 {
241                         cp = p = param->value.sequence->data;
242                         plen = param->value.sequence->length;
243
244                         if (!(eckey = d2i_ECParameters(NULL, &cp, plen)))
245                         {
246                                 EVPerr(EVP_F_EVP_PKCS82PKEY,
247                                         EVP_R_DECODE_ERROR);
248                                 goto ecerr;
249                         }
250                 }
251                 else
252                 {
253                         cp = p = param->value.object->data;
254                         plen = param->value.object->length;
255
256                         /* type == V_ASN1_OBJECT => the parameters are given
257                          * by an asn1 OID
258                          */
259                         if ((eckey = EC_KEY_new()) == NULL)
260                         {
261                                 EVPerr(EVP_F_EVP_PKCS82PKEY,
262                                         ERR_R_MALLOC_FAILURE);
263                                 goto ecerr;
264                         }
265                         if ((eckey->group = EC_GROUP_new_by_nid(
266                              OBJ_obj2nid(a->parameter->value.object))) == NULL)
267                                 goto ecerr;
268                         EC_GROUP_set_asn1_flag(eckey->group, 
269                                                 OPENSSL_EC_NAMED_CURVE);
270                 }
271
272                 /* We have parameters now set private key */
273                 if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen))
274                 {
275                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
276                         goto ecerr;
277                 }
278
279                 /* calculate public key (if necessary) */
280                 if (!eckey->pub_key)
281                 {
282                         /* the public key was not included in the SEC1 private
283                          * key => calculate the public key */
284                         eckey->pub_key = EC_POINT_new(eckey->group);
285                         if (!eckey->pub_key)
286                         {
287                                 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
288                                 goto ecerr;
289                         }
290                         if (!EC_POINT_copy(eckey->pub_key, 
291                                 EC_GROUP_get0_generator(eckey->group)))
292                         {
293                                 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
294                                 goto ecerr;
295                         }
296                         if (!EC_POINT_mul(eckey->group, eckey->pub_key, 
297                                 eckey->priv_key, NULL, NULL, ctx))
298                         {
299                                 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
300                                 goto ecerr;
301                         }
302                 }
303
304                 EVP_PKEY_assign_EC_KEY(pkey, eckey);
305                 if (ctx)
306                         BN_CTX_free(ctx);
307                 break;
308 ecerr:
309                 if (ctx)
310                         BN_CTX_free(ctx);
311                 if (eckey)
312                         EC_KEY_free(eckey);
313                 if (pkey)
314                         EVP_PKEY_free(pkey);
315                 return NULL;
316 #endif
317                 default:
318                 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
319                 if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
320                 else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
321                 ERR_add_error_data(2, "TYPE=", obj_tmp);
322                 EVP_PKEY_free (pkey);
323                 return NULL;
324         }
325         return pkey;
326 }
327
328 PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
329 {
330         return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
331 }
332
333 /* Turn a private key into a PKCS8 structure */
334
335 PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
336 {
337         PKCS8_PRIV_KEY_INFO *p8;
338
339         if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {        
340                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
341                 return NULL;
342         }
343         p8->broken = broken;
344         if (!ASN1_INTEGER_set(p8->version, 0)) {
345                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
346                 PKCS8_PRIV_KEY_INFO_free (p8);
347                 return NULL;
348         }
349         if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
350                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
351                 PKCS8_PRIV_KEY_INFO_free (p8);
352                 return NULL;
353         }
354         p8->pkey->type = V_ASN1_OCTET_STRING;
355         switch (EVP_PKEY_type(pkey->type)) {
356 #ifndef OPENSSL_NO_RSA
357                 case EVP_PKEY_RSA:
358
359                 if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE;
360
361                 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
362                 p8->pkeyalg->parameter->type = V_ASN1_NULL;
363                 if (!ASN1_pack_string_of (EVP_PKEY,pkey, i2d_PrivateKey,
364                                          &p8->pkey->value.octet_string)) {
365                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
366                         PKCS8_PRIV_KEY_INFO_free (p8);
367                         return NULL;
368                 }
369                 break;
370 #endif
371 #ifndef OPENSSL_NO_DSA
372                 case EVP_PKEY_DSA:
373                 if(!dsa_pkey2pkcs8(p8, pkey)) {
374                         PKCS8_PRIV_KEY_INFO_free (p8);
375                         return NULL;
376                 }
377
378                 break;
379 #endif
380 #ifndef OPENSSL_NO_EC
381                 case EVP_PKEY_EC:
382                 if (!eckey_pkey2pkcs8(p8, pkey))
383                 {
384                         PKCS8_PRIV_KEY_INFO_free(p8);
385                         return(NULL);
386                 }
387                 break;
388 #endif
389                 default:
390                 EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
391                 PKCS8_PRIV_KEY_INFO_free (p8);
392                 return NULL;
393         }
394         RAND_add(p8->pkey->value.octet_string->data,
395                  p8->pkey->value.octet_string->length, 0.0);
396         return p8;
397 }
398
399 PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
400 {
401         switch (broken) {
402
403                 case PKCS8_OK:
404                 p8->broken = PKCS8_OK;
405                 return p8;
406                 break;
407
408                 case PKCS8_NO_OCTET:
409                 p8->broken = PKCS8_NO_OCTET;
410                 p8->pkey->type = V_ASN1_SEQUENCE;
411                 return p8;
412                 break;
413
414                 default:
415                 EVPerr(EVP_F_EVP_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
416                 return NULL;
417         }
418 }
419
420 #ifndef OPENSSL_NO_DSA
421 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
422 {
423         ASN1_STRING *params = NULL;
424         ASN1_INTEGER *prkey = NULL;
425         ASN1_TYPE *ttmp = NULL;
426         STACK_OF(ASN1_TYPE) *ndsa = NULL;
427         unsigned char *p = NULL, *q;
428         int len;
429
430         p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
431         len = i2d_DSAparams (pkey->pkey.dsa, NULL);
432         if (!(p = OPENSSL_malloc(len))) {
433                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
434                 goto err;
435         }
436         q = p;
437         i2d_DSAparams (pkey->pkey.dsa, &q);
438         if (!(params = ASN1_STRING_new())) {
439                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
440                 goto err;
441         }
442         if (!ASN1_STRING_set(params, p, len)) {
443                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
444                 goto err;
445         }
446         OPENSSL_free(p);
447         p = NULL;
448         /* Get private key into integer */
449         if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
450                 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
451                 goto err;
452         }
453
454         switch(p8->broken) {
455
456                 case PKCS8_OK:
457                 case PKCS8_NO_OCTET:
458
459                 if (!ASN1_pack_string_of(ASN1_INTEGER,prkey, i2d_ASN1_INTEGER,
460                                          &p8->pkey->value.octet_string)) {
461                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
462                         goto err;
463                 }
464
465                 M_ASN1_INTEGER_free (prkey);
466                 prkey = NULL;
467                 p8->pkeyalg->parameter->value.sequence = params;
468                 params = NULL;
469                 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
470
471                 break;
472
473                 case PKCS8_NS_DB:
474
475                 p8->pkeyalg->parameter->value.sequence = params;
476                 params = NULL;
477                 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
478                 if (!(ndsa = sk_ASN1_TYPE_new_null())) {
479                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
480                         goto err;
481                 }
482                 if (!(ttmp = ASN1_TYPE_new())) {
483                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
484                         goto err;
485                 }
486                 if (!(ttmp->value.integer =
487                         BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) {
488                         EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
489                         goto err;
490                 }
491                 ttmp->type = V_ASN1_INTEGER;
492                 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
493                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
494                         goto err;
495                 }
496
497                 if (!(ttmp = ASN1_TYPE_new())) {
498                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
499                         goto err;
500                 }
501                 ttmp->value.integer = prkey;
502                 prkey = NULL;
503                 ttmp->type = V_ASN1_INTEGER;
504                 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
505                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
506                         goto err;
507                 }
508                 ttmp = NULL;
509
510                 if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) {
511                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
512                         goto err;
513                 }
514
515                 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
516                                          &p8->pkey->value.octet_string->data,
517                                          &p8->pkey->value.octet_string->length)) {
518
519                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
520                         goto err;
521                 }
522                 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
523                 break;
524
525                 case PKCS8_EMBEDDED_PARAM:
526
527                 p8->pkeyalg->parameter->type = V_ASN1_NULL;
528                 if (!(ndsa = sk_ASN1_TYPE_new_null())) {
529                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
530                         goto err;
531                 }
532                 if (!(ttmp = ASN1_TYPE_new())) {
533                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
534                         goto err;
535                 }
536                 ttmp->value.sequence = params;
537                 params = NULL;
538                 ttmp->type = V_ASN1_SEQUENCE;
539                 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
540                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
541                         goto err;
542                 }
543
544                 if (!(ttmp = ASN1_TYPE_new())) {
545                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
546                         goto err;
547                 }
548                 ttmp->value.integer = prkey;
549                 prkey = NULL;
550                 ttmp->type = V_ASN1_INTEGER;
551                 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
552                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
553                         goto err;
554                 }
555                 ttmp = NULL;
556
557                 if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) {
558                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
559                         goto err;
560                 }
561
562                 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
563                                          &p8->pkey->value.octet_string->data,
564                                          &p8->pkey->value.octet_string->length)) {
565
566                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
567                         goto err;
568                 }
569                 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
570                 break;
571         }
572         return 1;
573 err:
574         if (p != NULL) OPENSSL_free(p);
575         if (params != NULL) ASN1_STRING_free(params);
576         if (prkey != NULL) M_ASN1_INTEGER_free(prkey);
577         if (ttmp != NULL) ASN1_TYPE_free(ttmp);
578         if (ndsa != NULL) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
579         return 0;
580 }
581 #endif
582
583 #ifndef OPENSSL_NO_EC
584 static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
585 {
586         EC_KEY          *eckey;
587         unsigned char   *p, *pp;
588         int             nid, i, ret = 0;
589         unsigned int    tmp_flags;
590
591         if (pkey->pkey.eckey == NULL || pkey->pkey.eckey->group == NULL)
592         {
593                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS);
594                 return 0;
595         }
596         eckey = pkey->pkey.eckey;
597
598         /* set the ec parameters OID */
599         if (p8->pkeyalg->algorithm)
600                 ASN1_OBJECT_free(p8->pkeyalg->algorithm);
601
602         p8->pkeyalg->algorithm = OBJ_nid2obj(NID_X9_62_id_ecPublicKey);
603
604         /* set the ec parameters */
605
606         if (p8->pkeyalg->parameter)
607         {
608                 ASN1_TYPE_free(p8->pkeyalg->parameter);
609                 p8->pkeyalg->parameter = NULL;
610         }
611
612         if ((p8->pkeyalg->parameter = ASN1_TYPE_new()) == NULL)
613         {
614                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
615                 return 0;
616         }
617         
618         if (EC_GROUP_get_asn1_flag(eckey->group)
619                      && (nid = EC_GROUP_get_nid(eckey->group)))
620         {
621                 /* we have a 'named curve' => just set the OID */
622                 p8->pkeyalg->parameter->type = V_ASN1_OBJECT;
623                 p8->pkeyalg->parameter->value.object = OBJ_nid2obj(nid);
624         }
625         else    /* explicit parameters */
626         {
627                 if ((i = i2d_ECParameters(eckey, NULL)) == 0)
628                 {
629                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
630                         return 0;
631                 }
632                 if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
633                 {
634                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
635                         return 0;
636                 }       
637                 pp = p;
638                 if (!i2d_ECParameters(eckey, &pp))
639                 {
640                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
641                         OPENSSL_free(p);
642                         return 0;
643                 }
644                 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
645                 if ((p8->pkeyalg->parameter->value.sequence 
646                         = ASN1_STRING_new()) == NULL)
647                 {
648                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ASN1_LIB);
649                         OPENSSL_free(p);
650                         return 0;
651                 }
652                 ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, i);
653                 OPENSSL_free(p);
654         }
655
656         /* set the private key */
657
658         /* do not include the parameters in the SEC1 private key
659          * see PKCS#11 12.11 */
660         tmp_flags  = pkey->pkey.eckey->enc_flag;
661         pkey->pkey.eckey->enc_flag |= EC_PKEY_NO_PARAMETERS;
662         i = i2d_ECPrivateKey(pkey->pkey.eckey, NULL);
663         if (!i)
664         {
665                 pkey->pkey.eckey->enc_flag = tmp_flags;
666                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
667                 return 0;
668         }
669         p = (unsigned char *) OPENSSL_malloc(i);
670         if (!p)
671         {
672                 pkey->pkey.eckey->enc_flag = tmp_flags;
673                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
674                 return 0;
675         }
676         pp = p;
677         if (!i2d_ECPrivateKey(pkey->pkey.eckey, &pp))
678         {
679                 pkey->pkey.eckey->enc_flag = tmp_flags;
680                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
681                 OPENSSL_free(p);
682                 return 0;
683         }
684         /* restore old encoding flags */
685         pkey->pkey.eckey->enc_flag = tmp_flags;
686
687         switch(p8->broken) {
688
689                 case PKCS8_OK:
690                 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
691                 if (!p8->pkey->value.octet_string ||
692                     !M_ASN1_OCTET_STRING_set(p8->pkey->value.octet_string,
693                     (const void *)p, i))
694
695                 {
696                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
697                 }
698                 else
699                         ret = 1;
700                 break;
701                 case PKCS8_NO_OCTET:            /* RSA specific */
702                 case PKCS8_NS_DB:               /* DSA specific */
703                 case PKCS8_EMBEDDED_PARAM:      /* DSA specific */
704                 default:
705                         EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
706         }
707         OPENSSL_cleanse(p, (size_t)i);
708         OPENSSL_free(p);
709         return ret;
710 }
711 #endif