X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fasn1%2Fd2i_pr.c;h=28289447772c061736055ee88472c7124e01bf95;hp=3021b80f0dbd5c33fabd4c757beced3834224afb;hb=6343829a391df59e46e513c84b6264ee71ad9518;hpb=bb2297a41d1873e38daf9428be5cb5181b5751a2

diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index 3021b80f0d..2828944777 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -61,11 +61,14 @@
 #include <openssl/bn.h>
 #include <openssl/evp.h>
 #include <openssl/objects.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
+#include <openssl/x509.h>
 #include <openssl/asn1.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
+#include "asn1_locl.h"
 
-EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
+EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
 	     long length)
 	{
 	EVP_PKEY *ret;
@@ -78,37 +81,43 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
 			return(NULL);
 			}
 		}
-	else	ret= *a;
-
-	ret->save_type=type;
-	ret->type=EVP_PKEY_type(type);
-	switch (ret->type)
+	else
 		{
-#ifndef OPENSSL_NO_RSA
-	case EVP_PKEY_RSA:
-		if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,
-			(const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
+		ret= *a;
+#ifndef OPENSSL_NO_ENGINE
+		if (ret->engine)
 			{
-			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
-			goto err;
+			ENGINE_finish(ret->engine);
+			ret->engine = NULL;
 			}
-		break;
 #endif
-#ifndef OPENSSL_NO_DSA
-	case EVP_PKEY_DSA:
-		if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,
-			(const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
+		}
+
+	if (!EVP_PKEY_set_type(ret, type))
+		{
+		ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+		goto err;
+		}
+
+	if (!ret->ameth->old_priv_decode ||
+			!ret->ameth->old_priv_decode(ret, pp, length))
+		{
+		if (ret->ameth->priv_decode) 
+			{
+			PKCS8_PRIV_KEY_INFO *p8=NULL;
+			p8=d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length);
+			if (!p8) goto err;
+			EVP_PKEY_free(ret);
+			ret = EVP_PKCS82PKEY(p8);
+			PKCS8_PRIV_KEY_INFO_free(p8);
+
+			} 
+		else 
 			{
 			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
 			goto err;
 			}
-		break;
-#endif
-	default:
-		ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
-		goto err;
-		/* break; */
-		}
+		}	
 	if (a != NULL) (*a)=ret;
 	return(ret);
 err:
@@ -118,23 +127,43 @@ err:
 
 /* This works like d2i_PrivateKey() except it automatically works out the type */
 
-EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
+EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
 	     long length)
 {
 	STACK_OF(ASN1_TYPE) *inkey;
-	unsigned char *p;
+	const unsigned char *p;
 	int keytype;
 	p = *pp;
 	/* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE):
 	 * by analyzing it we can determine the passed structure: this
 	 * assumes the input is surrounded by an ASN1 SEQUENCE.
 	 */
-	inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE, 
-			ASN1_TYPE_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
+	inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
 	/* Since we only need to discern "traditional format" RSA and DSA
 	 * keys we can just count the elements.
          */
-	if(sk_ASN1_TYPE_num(inkey) == 6) keytype = EVP_PKEY_DSA;
+	if(sk_ASN1_TYPE_num(inkey) == 6) 
+		keytype = EVP_PKEY_DSA;
+	else if (sk_ASN1_TYPE_num(inkey) == 4)
+		keytype = EVP_PKEY_EC;
+	else if (sk_ASN1_TYPE_num(inkey) == 3)  
+		{ /* This seems to be PKCS8, not traditional format */
+			PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length);
+			EVP_PKEY *ret;
+
+			sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
+			if (!p8) 
+				{
+				ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+				return NULL;
+				}
+			ret = EVP_PKCS82PKEY(p8);
+			PKCS8_PRIV_KEY_INFO_free(p8);
+			if (a) {
+				*a = ret;
+			}	
+			return ret;
+		}
 	else keytype = EVP_PKEY_RSA;
 	sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
 	return d2i_PrivateKey(keytype, a, pp, length);