-/* crypto/asn1/d2i_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/*
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
+/*
+ * DSA low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-# include <openssl/ec.h>
-#endif
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
+#include <openssl/ec.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
{
EVP_PKEY *ret;
+ EVP_PKEY *copy = NULL;
if ((a == NULL) || (*a == NULL)) {
if ((ret = EVP_PKEY_new()) == NULL) {
- ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
- return (NULL);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
+ return NULL;
}
- } else
+ } else {
ret = *a;
- if (!EVP_PKEY_set_type(ret, type)) {
- ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
+#ifndef OPENSSL_NO_EC
+ if (evp_pkey_is_provided(ret)
+ && EVP_PKEY_get_base_id(ret) == EVP_PKEY_EC) {
+ if (!evp_pkey_copy_downgraded(©, ret))
+ goto err;
+ }
+#endif
+ }
+
+ if ((type != EVP_PKEY_get_id(ret) || copy != NULL)
+ && !EVP_PKEY_set_type(ret, type)) {
+ ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
goto err;
}
- switch (EVP_PKEY_id(ret)) {
-#ifndef OPENSSL_NO_RSA
+ switch (EVP_PKEY_get_base_id(ret)) {
case EVP_PKEY_RSA:
if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) {
- ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
goto err;
}
break;
-#endif
#ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:
- /* TMP UGLY CAST */
if (!d2i_DSAPublicKey(&ret->pkey.dsa, pp, length)) {
- ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
goto err;
}
break;
#endif
#ifndef OPENSSL_NO_EC
case EVP_PKEY_EC:
+ if (copy != NULL) {
+ /* use downgraded parameters from copy */
+ ret->pkey.ec = copy->pkey.ec;
+ copy->pkey.ec = NULL;
+ }
if (!o2i_ECPublicKey(&ret->pkey.ec, pp, length)) {
- ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);
goto err;
}
break;
#endif
default:
- ASN1err(ASN1_F_D2I_PUBLICKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+ ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
goto err;
- /* break; */
}
if (a != NULL)
(*a) = ret;
- return (ret);
+ EVP_PKEY_free(copy);
+ return ret;
err:
if (a == NULL || *a != ret)
EVP_PKEY_free(ret);
- return (NULL);
+ EVP_PKEY_free(copy);
+ return NULL;
}