ee7e3aabac4eb99f37273e18ba5a76b9e25e7e96
[openssl.git] / crypto / evp / evp_pkey.c
1 /* evp_pkey.c */
2 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3  * project 1999.
4  */
5 /* ====================================================================
6  * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer. 
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in
17  *    the documentation and/or other materials provided with the
18  *    distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  *    software must display the following acknowledgment:
22  *    "This product includes software developed by the OpenSSL Project
23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  *    endorse or promote products derived from this software without
27  *    prior written permission. For written permission, please contact
28  *    licensing@OpenSSL.org.
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  *    nor may "OpenSSL" appear in their names without prior written
32  *    permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  *    acknowledgment:
36  *    "This product includes software developed by the OpenSSL Project
37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  *
53  * This product includes cryptographic software written by Eric Young
54  * (eay@cryptsoft.com).  This product includes software written by Tim
55  * Hudson (tjh@cryptsoft.com).
56  *
57  */
58
59 #include <stdio.h>
60 #include <stdlib.h>
61 #include "cryptlib.h"
62 #include <openssl/x509.h>
63 #include <openssl/rand.h>
64
65 #ifndef OPENSSL_NO_DSA
66 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
67 #endif
68 #ifndef OPENSSL_NO_EC
69 static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
70 #endif
71
72 /* Extract a private key from a PKCS8 structure */
73
74 EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
75 {
76         EVP_PKEY *pkey = NULL;
77 #ifndef OPENSSL_NO_RSA
78         RSA *rsa = NULL;
79 #endif
80 #ifndef OPENSSL_NO_DSA
81         DSA *dsa = NULL;
82         ASN1_TYPE *t1, *t2;
83         ASN1_INTEGER *privkey;
84         STACK_OF(ASN1_TYPE) *ndsa = NULL;
85 #endif
86 #ifndef OPENSSL_NO_EC
87         EC_KEY *eckey = NULL;
88         const unsigned char *p_tmp;
89 #endif
90 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
91         ASN1_TYPE    *param = NULL;     
92         BN_CTX *ctx = NULL;
93         int plen;
94 #endif
95         X509_ALGOR *a;
96         unsigned char *p;
97         const unsigned char *cp;
98         int pkeylen;
99         int  nid;
100         char obj_tmp[80];
101
102         if(p8->pkey->type == V_ASN1_OCTET_STRING) {
103                 p8->broken = PKCS8_OK;
104                 p = p8->pkey->value.octet_string->data;
105                 pkeylen = p8->pkey->value.octet_string->length;
106         } else {
107                 p8->broken = PKCS8_NO_OCTET;
108                 p = p8->pkey->value.sequence->data;
109                 pkeylen = p8->pkey->value.sequence->length;
110         }
111         if (!(pkey = EVP_PKEY_new())) {
112                 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
113                 return NULL;
114         }
115         a = p8->pkeyalg;
116         nid = OBJ_obj2nid(a->algorithm);
117         switch(nid)
118         {
119 #ifndef OPENSSL_NO_RSA
120                 case NID_rsaEncryption:
121                 cp = p;
122                 if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) {
123                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
124                         return NULL;
125                 }
126                 EVP_PKEY_assign_RSA (pkey, rsa);
127                 break;
128 #endif
129 #ifndef OPENSSL_NO_DSA
130                 case NID_dsa:
131                 /* PKCS#8 DSA is weird: you just get a private key integer
132                  * and parameters in the AlgorithmIdentifier the pubkey must
133                  * be recalculated.
134                  */
135         
136                 /* Check for broken DSA PKCS#8, UGH! */
137                 if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) {
138                     if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, 
139                                                           d2i_ASN1_TYPE,
140                                                           ASN1_TYPE_free))) {
141                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
142                         goto dsaerr;
143                     }
144                     if(sk_ASN1_TYPE_num(ndsa) != 2 ) {
145                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
146                         goto dsaerr;
147                     }
148                     /* Handle Two broken types:
149                      * SEQUENCE {parameters, priv_key}
150                      * SEQUENCE {pub_key, priv_key}
151                      */
152
153                     t1 = sk_ASN1_TYPE_value(ndsa, 0);
154                     t2 = sk_ASN1_TYPE_value(ndsa, 1);
155                     if(t1->type == V_ASN1_SEQUENCE) {
156                         p8->broken = PKCS8_EMBEDDED_PARAM;
157                         param = t1;
158                     } else if(a->parameter->type == V_ASN1_SEQUENCE) {
159                         p8->broken = PKCS8_NS_DB;
160                         param = a->parameter;
161                     } else {
162                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
163                         goto dsaerr;
164                     }
165
166                     if(t2->type != V_ASN1_INTEGER) {
167                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
168                         goto dsaerr;
169                     }
170                     privkey = t2->value.integer;
171                 } else {
172                         if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
173                                 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
174                                 goto dsaerr;
175                         }
176                         param = p8->pkeyalg->parameter;
177                 }
178                 if (!param || (param->type != V_ASN1_SEQUENCE)) {
179                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
180                         goto dsaerr;
181                 }
182                 cp = p = param->value.sequence->data;
183                 plen = param->value.sequence->length;
184                 if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) {
185                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
186                         goto dsaerr;
187                 }
188                 /* We have parameters now set private key */
189                 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
190                         EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR);
191                         goto dsaerr;
192                 }
193                 /* Calculate public key (ouch!) */
194                 if (!(dsa->pub_key = BN_new())) {
195                         EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
196                         goto dsaerr;
197                 }
198                 if (!(ctx = BN_CTX_new())) {
199                         EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
200                         goto dsaerr;
201                 }
202                         
203                 if (!BN_mod_exp(dsa->pub_key, dsa->g,
204                                                  dsa->priv_key, dsa->p, ctx)) {
205                         
206                         EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR);
207                         goto dsaerr;
208                 }
209
210                 EVP_PKEY_assign_DSA(pkey, dsa);
211                 BN_CTX_free (ctx);
212                 if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
213                 else ASN1_INTEGER_free(privkey);
214                 break;
215                 dsaerr:
216                 BN_CTX_free (ctx);
217                 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
218                 DSA_free(dsa);
219                 EVP_PKEY_free(pkey);
220                 return NULL;
221                 break;
222 #endif
223 #ifndef OPENSSL_NO_EC
224                 case NID_X9_62_id_ecPublicKey:
225                 p_tmp = p;
226                 /* extract the ec parameters */
227                 param = p8->pkeyalg->parameter;
228
229                 if (!param || ((param->type != V_ASN1_SEQUENCE) &&
230                     (param->type != V_ASN1_OBJECT)))
231                 {
232                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
233                         goto ecerr;
234                 }
235
236                 if (param->type == V_ASN1_SEQUENCE)
237                 {
238                         cp = p = param->value.sequence->data;
239                         plen = param->value.sequence->length;
240
241                         if (!(eckey = d2i_ECParameters(NULL, &cp, plen)))
242                         {
243                                 EVPerr(EVP_F_EVP_PKCS82PKEY,
244                                         EVP_R_DECODE_ERROR);
245                                 goto ecerr;
246                         }
247                 }
248                 else
249                 {
250                         cp = p = param->value.object->data;
251                         plen = param->value.object->length;
252
253                         /* type == V_ASN1_OBJECT => the parameters are given
254                          * by an asn1 OID
255                          */
256                         if ((eckey = EC_KEY_new()) == NULL)
257                         {
258                                 EVPerr(EVP_F_EVP_PKCS82PKEY,
259                                         ERR_R_MALLOC_FAILURE);
260                                 goto ecerr;
261                         }
262                         if ((eckey->group = EC_GROUP_new_by_nid(
263                              OBJ_obj2nid(a->parameter->value.object))) == NULL)
264                                 goto ecerr;
265                         EC_GROUP_set_asn1_flag(eckey->group, 
266                                                 OPENSSL_EC_NAMED_CURVE);
267                 }
268
269                 /* We have parameters now set private key */
270                 if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen))
271                 {
272                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
273                         goto ecerr;
274                 }
275
276                 /* calculate public key (if necessary) */
277                 if (!eckey->pub_key)
278                 {
279                         /* the public key was not included in the SEC1 private
280                          * key => calculate the public key */
281                         eckey->pub_key = EC_POINT_new(eckey->group);
282                         if (!eckey->pub_key)
283                         {
284                                 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
285                                 goto ecerr;
286                         }
287                         if (!EC_POINT_copy(eckey->pub_key, 
288                                 EC_GROUP_get0_generator(eckey->group)))
289                         {
290                                 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
291                                 goto ecerr;
292                         }
293                         if (!EC_POINT_mul(eckey->group, eckey->pub_key, 
294                                 eckey->priv_key, NULL, NULL, ctx))
295                         {
296                                 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
297                                 goto ecerr;
298                         }
299                 }
300
301                 EVP_PKEY_assign_EC_KEY(pkey, eckey);
302                 if (ctx)
303                         BN_CTX_free(ctx);
304                 break;
305 ecerr:
306                 if (ctx)
307                         BN_CTX_free(ctx);
308                 if (eckey)
309                         EC_KEY_free(eckey);
310                 if (pkey)
311                         EVP_PKEY_free(pkey);
312                 return NULL;
313 #endif
314                 default:
315                 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
316                 if (!a->algorithm) strcpy (obj_tmp, "NULL");
317                 else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
318                 ERR_add_error_data(2, "TYPE=", obj_tmp);
319                 EVP_PKEY_free (pkey);
320                 return NULL;
321         }
322         return pkey;
323 }
324
325 PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
326 {
327         return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
328 }
329
330 /* Turn a private key into a PKCS8 structure */
331
332 PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
333 {
334         PKCS8_PRIV_KEY_INFO *p8;
335
336         if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {        
337                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
338                 return NULL;
339         }
340         p8->broken = broken;
341         ASN1_INTEGER_set (p8->version, 0);
342         if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
343                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
344                 PKCS8_PRIV_KEY_INFO_free (p8);
345                 return NULL;
346         }
347         p8->pkey->type = V_ASN1_OCTET_STRING;
348         switch (EVP_PKEY_type(pkey->type)) {
349 #ifndef OPENSSL_NO_RSA
350                 case EVP_PKEY_RSA:
351
352                 if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE;
353
354                 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
355                 p8->pkeyalg->parameter->type = V_ASN1_NULL;
356                 if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey,
357                                          &p8->pkey->value.octet_string)) {
358                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
359                         PKCS8_PRIV_KEY_INFO_free (p8);
360                         return NULL;
361                 }
362                 break;
363 #endif
364 #ifndef OPENSSL_NO_DSA
365                 case EVP_PKEY_DSA:
366                 if(!dsa_pkey2pkcs8(p8, pkey)) {
367                         PKCS8_PRIV_KEY_INFO_free (p8);
368                         return NULL;
369                 }
370
371                 break;
372 #endif
373 #ifndef OPENSSL_NO_EC
374                 case EVP_PKEY_EC:
375                 if (!eckey_pkey2pkcs8(p8, pkey))
376                 {
377                         PKCS8_PRIV_KEY_INFO_free(p8);
378                         return(NULL);
379                 }
380                 break;
381 #endif
382                 default:
383                 EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
384                 PKCS8_PRIV_KEY_INFO_free (p8);
385                 return NULL;
386         }
387         RAND_add(p8->pkey->value.octet_string->data,
388                  p8->pkey->value.octet_string->length, 0);
389         return p8;
390 }
391
392 PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
393 {
394         switch (broken) {
395
396                 case PKCS8_OK:
397                 p8->broken = PKCS8_OK;
398                 return p8;
399                 break;
400
401                 case PKCS8_NO_OCTET:
402                 p8->broken = PKCS8_NO_OCTET;
403                 p8->pkey->type = V_ASN1_SEQUENCE;
404                 return p8;
405                 break;
406
407                 default:
408                 EVPerr(EVP_F_EVP_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
409                 return NULL;
410                 break;
411                 
412         }
413 }
414
415 #ifndef OPENSSL_NO_DSA
416 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
417 {
418         ASN1_STRING *params;
419         ASN1_INTEGER *prkey;
420         ASN1_TYPE *ttmp;
421         STACK_OF(ASN1_TYPE) *ndsa;
422         unsigned char *p, *q;
423         int len;
424
425         p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
426         len = i2d_DSAparams (pkey->pkey.dsa, NULL);
427         if (!(p = OPENSSL_malloc(len))) {
428                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
429                 PKCS8_PRIV_KEY_INFO_free (p8);
430                 return 0;
431         }
432         q = p;
433         i2d_DSAparams (pkey->pkey.dsa, &q);
434         params = ASN1_STRING_new();
435         ASN1_STRING_set(params, p, len);
436         OPENSSL_free(p);
437         /* Get private key into integer */
438         if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
439                 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
440                 return 0;
441         }
442
443         switch(p8->broken) {
444
445                 case PKCS8_OK:
446                 case PKCS8_NO_OCTET:
447
448                 if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
449                                          &p8->pkey->value.octet_string)) {
450                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
451                         M_ASN1_INTEGER_free (prkey);
452                         return 0;
453                 }
454
455                 M_ASN1_INTEGER_free (prkey);
456                 p8->pkeyalg->parameter->value.sequence = params;
457                 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
458
459                 break;
460
461                 case PKCS8_NS_DB:
462
463                 p8->pkeyalg->parameter->value.sequence = params;
464                 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
465                 ndsa = sk_ASN1_TYPE_new_null();
466                 ttmp = ASN1_TYPE_new();
467                 if (!(ttmp->value.integer = BN_to_ASN1_INTEGER (pkey->pkey.dsa->pub_key, NULL))) {
468                         EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
469                         PKCS8_PRIV_KEY_INFO_free(p8);
470                         return 0;
471                 }
472                 ttmp->type = V_ASN1_INTEGER;
473                 sk_ASN1_TYPE_push(ndsa, ttmp);
474
475                 ttmp = ASN1_TYPE_new();
476                 ttmp->value.integer = prkey;
477                 ttmp->type = V_ASN1_INTEGER;
478                 sk_ASN1_TYPE_push(ndsa, ttmp);
479
480                 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
481
482                 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
483                                          &p8->pkey->value.octet_string->data,
484                                          &p8->pkey->value.octet_string->length)) {
485
486                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
487                         sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
488                         M_ASN1_INTEGER_free(prkey);
489                         return 0;
490                 }
491                 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
492                 break;
493
494                 case PKCS8_EMBEDDED_PARAM:
495
496                 p8->pkeyalg->parameter->type = V_ASN1_NULL;
497                 ndsa = sk_ASN1_TYPE_new_null();
498                 ttmp = ASN1_TYPE_new();
499                 ttmp->value.sequence = params;
500                 ttmp->type = V_ASN1_SEQUENCE;
501                 sk_ASN1_TYPE_push(ndsa, ttmp);
502
503                 ttmp = ASN1_TYPE_new();
504                 ttmp->value.integer = prkey;
505                 ttmp->type = V_ASN1_INTEGER;
506                 sk_ASN1_TYPE_push(ndsa, ttmp);
507
508                 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
509
510                 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
511                                          &p8->pkey->value.octet_string->data,
512                                          &p8->pkey->value.octet_string->length)) {
513
514                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
515                         sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
516                         M_ASN1_INTEGER_free (prkey);
517                         return 0;
518                 }
519                 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
520                 break;
521         }
522         return 1;
523 }
524 #endif
525
526 #ifndef OPENSSL_NO_EC
527 static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
528 {
529         EC_KEY          *eckey;
530 #if 0 /* unused */
531         ASN1_INTEGER    *prkey = NULL;
532 #endif
533         unsigned char   *p, *pp;
534         int             nid, i, ret = 0;
535         unsigned int    tmp_flags;
536
537         if (pkey->pkey.eckey == NULL || pkey->pkey.eckey->group == NULL)
538         {
539                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS);
540                 return 0;
541         }
542         eckey = pkey->pkey.eckey;
543
544         /* set the ec parameters OID */
545         if (p8->pkeyalg->algorithm)
546                 ASN1_OBJECT_free(p8->pkeyalg->algorithm);
547
548         p8->pkeyalg->algorithm = OBJ_nid2obj(NID_X9_62_id_ecPublicKey);
549
550         /* set the ec parameters */
551
552         if (p8->pkeyalg->parameter)
553         {
554                 ASN1_TYPE_free(p8->pkeyalg->parameter);
555                 p8->pkeyalg->parameter = NULL;
556         }
557
558         if ((p8->pkeyalg->parameter = ASN1_TYPE_new()) == NULL)
559         {
560                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
561                 return 0;
562         }
563         
564         if (EC_GROUP_get_asn1_flag(eckey->group)
565                      && (nid = EC_GROUP_get_nid(eckey->group)))
566         {
567                 /* we have a 'named curve' => just set the OID */
568                 p8->pkeyalg->parameter->type = V_ASN1_OBJECT;
569                 p8->pkeyalg->parameter->value.object = OBJ_nid2obj(nid);
570         }
571         else    /* explicit parameters */
572         {
573                 if ((i = i2d_ECParameters(eckey, NULL)) == 0)
574                 {
575                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
576                         return 0;
577                 }
578                 if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
579                 {
580                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
581                         return 0;
582                 }       
583                 pp = p;
584                 if (!i2d_ECParameters(eckey, &pp))
585                 {
586                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
587                         OPENSSL_free(p);
588                         return 0;
589                 }
590                 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
591                 if ((p8->pkeyalg->parameter->value.sequence 
592                         = ASN1_STRING_new()) == NULL)
593                 {
594                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ASN1_LIB);
595                         OPENSSL_free(p);
596                         return 0;
597                 }
598                 ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, i);
599                 OPENSSL_free(p);
600         }
601
602         /* set the private key */
603
604         /* do not include the parameters in the SEC1 private key
605          * see PKCS#11 12.11 */
606         tmp_flags  = pkey->pkey.eckey->enc_flag;
607         pkey->pkey.eckey->enc_flag |= EC_PKEY_NO_PARAMETERS;
608         i = i2d_ECPrivateKey(pkey->pkey.eckey, NULL);
609         if (!i)
610         {
611                 pkey->pkey.eckey->enc_flag = tmp_flags;
612                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
613                 return 0;
614         }
615         p = (unsigned char *) OPENSSL_malloc(i);
616         if (!p)
617         {
618                 pkey->pkey.eckey->enc_flag = tmp_flags;
619                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
620                 return 0;
621         }
622         pp = p;
623         if (!i2d_ECPrivateKey(pkey->pkey.eckey, &pp))
624         {
625                 pkey->pkey.eckey->enc_flag = tmp_flags;
626                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
627                 OPENSSL_free(p);
628                 return 0;
629         }
630         /* restore old encoding flags */
631         pkey->pkey.eckey->enc_flag = tmp_flags;
632
633         switch(p8->broken) {
634
635                 case PKCS8_OK:
636                 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
637                 if (!p8->pkey->value.octet_string ||
638                     !M_ASN1_OCTET_STRING_set(p8->pkey->value.octet_string,
639                     (const void *)p, i))
640
641                 {
642                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
643                 }
644                 else
645                         ret = 1;
646                 break;
647                 case PKCS8_NO_OCTET:            /* RSA specific */
648                 case PKCS8_NS_DB:               /* DSA specific */
649                 case PKCS8_EMBEDDED_PARAM:      /* DSA specific */
650                 default:
651                         EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
652         }
653         OPENSSL_cleanse(p, (size_t)i);
654         OPENSSL_free(p);
655         return ret;
656 }
657 #endif