get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)
[openssl.git] / crypto / evp / evp_pkey.c
1 /* evp_pkey.c */
2 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3  * project 1999.
4  */
5 /* ====================================================================
6  * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer. 
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in
17  *    the documentation and/or other materials provided with the
18  *    distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  *    software must display the following acknowledgment:
22  *    "This product includes software developed by the OpenSSL Project
23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  *    endorse or promote products derived from this software without
27  *    prior written permission. For written permission, please contact
28  *    licensing@OpenSSL.org.
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  *    nor may "OpenSSL" appear in their names without prior written
32  *    permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  *    acknowledgment:
36  *    "This product includes software developed by the OpenSSL Project
37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  *
53  * This product includes cryptographic software written by Eric Young
54  * (eay@cryptsoft.com).  This product includes software written by Tim
55  * Hudson (tjh@cryptsoft.com).
56  *
57  */
58
59 #include <stdio.h>
60 #include <stdlib.h>
61 #include "cryptlib.h"
62 #include <openssl/x509.h>
63 #include <openssl/rand.h>
64
65 #ifndef OPENSSL_NO_DSA
66 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
67 #endif
68 #ifndef OPENSSL_NO_EC
69 static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
70 #endif
71
72 /* Extract a private key from a PKCS8 structure */
73
74 EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
75 {
76         EVP_PKEY *pkey = NULL;
77 #ifndef OPENSSL_NO_RSA
78         RSA *rsa = NULL;
79 #endif
80 #ifndef OPENSSL_NO_DSA
81         DSA *dsa = NULL;
82 #endif
83 #ifndef OPENSSL_NO_EC
84         EC_KEY *eckey = NULL;
85 #endif
86 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
87         ASN1_INTEGER *privkey;
88         ASN1_TYPE    *t1, *t2, *param = NULL;
89         STACK_OF(ASN1_TYPE) *n_stack = NULL;
90         BN_CTX *ctx = NULL;
91         int plen;
92 #endif
93         X509_ALGOR *a;
94         unsigned char *p;
95         const unsigned char *cp;
96         int pkeylen;
97         int  nid;
98         char obj_tmp[80];
99
100         if(p8->pkey->type == V_ASN1_OCTET_STRING) {
101                 p8->broken = PKCS8_OK;
102                 p = p8->pkey->value.octet_string->data;
103                 pkeylen = p8->pkey->value.octet_string->length;
104         } else {
105                 p8->broken = PKCS8_NO_OCTET;
106                 p = p8->pkey->value.sequence->data;
107                 pkeylen = p8->pkey->value.sequence->length;
108         }
109         if (!(pkey = EVP_PKEY_new())) {
110                 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
111                 return NULL;
112         }
113         a = p8->pkeyalg;
114         nid = OBJ_obj2nid(a->algorithm);
115         switch(nid)
116         {
117 #ifndef OPENSSL_NO_RSA
118                 case NID_rsaEncryption:
119                 cp = p;
120                 if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) {
121                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
122                         return NULL;
123                 }
124                 EVP_PKEY_assign_RSA (pkey, rsa);
125                 break;
126 #endif
127 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
128                 case NID_ecdsa_with_SHA1:
129                 case NID_dsa:
130                 /* PKCS#8 DSA/ECDSA is weird: you just get a private key integer
131                  * and parameters in the AlgorithmIdentifier the pubkey must
132                  * be recalculated.
133                  */
134         
135                 /* Check for broken DSA/ECDSA PKCS#8, UGH! */
136                 if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) 
137                 {
138                         if(!(n_stack = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, 
139                                                           d2i_ASN1_TYPE,
140                                                           ASN1_TYPE_free))) 
141                         {
142                                 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
143                                 goto err;
144                         }
145                         if(sk_ASN1_TYPE_num(n_stack) != 2 ) 
146                         {
147                                 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
148                                 goto err;
149                         }
150                     /* Handle Two broken types:
151                      * SEQUENCE {parameters, priv_key}
152                      * SEQUENCE {pub_key, priv_key}
153                      */
154
155                     t1 = sk_ASN1_TYPE_value(n_stack, 0);
156                     t2 = sk_ASN1_TYPE_value(n_stack, 1);
157                     if(t1->type == V_ASN1_SEQUENCE) 
158                     {
159                         p8->broken = PKCS8_EMBEDDED_PARAM;
160                         param = t1;
161                     } 
162                     else if(a->parameter->type == V_ASN1_SEQUENCE) 
163                     {
164                         p8->broken = PKCS8_NS_DB;
165                         param = a->parameter;
166                     } 
167                     else 
168                     {
169                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
170                         goto err;
171                     }
172
173                     if(t2->type != V_ASN1_INTEGER) {
174                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
175                         goto err;
176                     }
177                     privkey = t2->value.integer;
178                 } 
179                 else 
180                 {
181                         if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) 
182                         {
183                                 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
184                                 goto err;
185                         }
186                         param = p8->pkeyalg->parameter;
187                 }
188                 if (!param || (param->type != V_ASN1_SEQUENCE)) 
189                 {
190                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
191                         goto err;
192                 }
193                 cp = p = param->value.sequence->data;
194                 plen = param->value.sequence->length;
195                 if (!(ctx = BN_CTX_new())) 
196                 {
197                         EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
198                         goto err;
199                 }
200                 if (nid == NID_dsa)
201                 {
202 #ifndef OPENSSL_NO_DSA
203                         if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) 
204                         {
205                                 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
206                                 goto err;
207                         }
208                         /* We have parameters now set private key */
209                         if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) 
210                         {
211                                 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR);
212                                 goto err;
213                         }
214                         /* Calculate public key (ouch!) */
215                         if (!(dsa->pub_key = BN_new())) 
216                         {
217                                 EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
218                                 goto err;
219                         }
220                         if (!BN_mod_exp(dsa->pub_key, dsa->g,
221                                                  dsa->priv_key, dsa->p, ctx)) 
222                         {
223                                 EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR);
224                                 goto err;
225                         }
226
227                         EVP_PKEY_assign_DSA(pkey, dsa);
228                         BN_CTX_free(ctx);
229                         if(n_stack) sk_ASN1_TYPE_pop_free(n_stack, ASN1_TYPE_free);
230                         else ASN1_INTEGER_free(privkey);
231 #else
232                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
233                         goto err;
234 #endif 
235                 } 
236                 else /* nid == NID_ecdsa_with_SHA1 */
237                 {
238 #ifndef OPENSSL_NO_EC
239                         if ((eckey = d2i_ECParameters(NULL, &cp, 
240                                 plen)) == NULL)
241                         {
242                                 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
243                                 goto err;
244                         }
245                         if ((eckey->priv_key = ASN1_INTEGER_to_BN(privkey, 
246                                 NULL)) == NULL)
247                         {
248                                 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
249                                 goto err;
250                         }
251                         if ((eckey->pub_key = EC_POINT_new(eckey->group)) == NULL)
252                         {
253                                 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
254                                 goto err;
255                         }
256                         if (!EC_POINT_copy(eckey->pub_key, 
257                                 EC_GROUP_get0_generator(eckey->group)))
258                         {
259                                 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
260                                 goto err;
261                         }
262                         if (!EC_POINT_mul(eckey->group, eckey->pub_key, 
263                                 eckey->priv_key, NULL, NULL, ctx))
264                         {
265                                 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
266                                 goto err;
267                         }
268                         
269                         EVP_PKEY_assign_EC_KEY(pkey, eckey);
270                         BN_CTX_free(ctx);
271                         if (n_stack) sk_ASN1_TYPE_pop_free(n_stack, ASN1_TYPE_free);
272                         else
273                                 ASN1_INTEGER_free(privkey);
274 #else
275                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
276                         goto err;
277 #endif
278                 }
279                 break;
280 err:
281                 if (ctx)   BN_CTX_free(ctx);
282                 sk_ASN1_TYPE_pop_free(n_stack, ASN1_TYPE_free);
283 #ifndef OPENSSL_NO_DSA
284                 if (dsa)   DSA_free(dsa);
285 #endif
286 #ifndef OPENSSL_NO_EC
287                 if (eckey) 
288                         EC_KEY_free(eckey);
289 #endif
290                 if (pkey)  EVP_PKEY_free(pkey);
291                 return NULL;
292                 break;
293 #endif
294                 default:
295                 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
296                 if (!a->algorithm) strcpy (obj_tmp, "NULL");
297                 else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
298                 ERR_add_error_data(2, "TYPE=", obj_tmp);
299                 EVP_PKEY_free (pkey);
300                 return NULL;
301         }
302         return pkey;
303 }
304
305 PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
306 {
307         return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
308 }
309
310 /* Turn a private key into a PKCS8 structure */
311
312 PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
313 {
314         PKCS8_PRIV_KEY_INFO *p8;
315
316         if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {        
317                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
318                 return NULL;
319         }
320         p8->broken = broken;
321         ASN1_INTEGER_set (p8->version, 0);
322         if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
323                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
324                 PKCS8_PRIV_KEY_INFO_free (p8);
325                 return NULL;
326         }
327         p8->pkey->type = V_ASN1_OCTET_STRING;
328         switch (EVP_PKEY_type(pkey->type)) {
329 #ifndef OPENSSL_NO_RSA
330                 case EVP_PKEY_RSA:
331
332                 if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE;
333
334                 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
335                 p8->pkeyalg->parameter->type = V_ASN1_NULL;
336                 if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey,
337                                          &p8->pkey->value.octet_string)) {
338                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
339                         PKCS8_PRIV_KEY_INFO_free (p8);
340                         return NULL;
341                 }
342                 break;
343 #endif
344 #ifndef OPENSSL_NO_DSA
345                 case EVP_PKEY_DSA:
346                 if(!dsa_pkey2pkcs8(p8, pkey)) {
347                         PKCS8_PRIV_KEY_INFO_free (p8);
348                         return NULL;
349                 }
350
351                 break;
352 #endif
353 #ifndef OPENSSL_NO_EC
354                 case EVP_PKEY_EC:
355                 if (!eckey_pkey2pkcs8(p8, pkey))
356                 {
357                         PKCS8_PRIV_KEY_INFO_free(p8);
358                         return(NULL);
359                 }
360                 break;
361 #endif
362                 default:
363                 EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
364                 PKCS8_PRIV_KEY_INFO_free (p8);
365                 return NULL;
366         }
367         RAND_add(p8->pkey->value.octet_string->data,
368                  p8->pkey->value.octet_string->length, 0);
369         return p8;
370 }
371
372 PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
373 {
374         switch (broken) {
375
376                 case PKCS8_OK:
377                 p8->broken = PKCS8_OK;
378                 return p8;
379                 break;
380
381                 case PKCS8_NO_OCTET:
382                 p8->broken = PKCS8_NO_OCTET;
383                 p8->pkey->type = V_ASN1_SEQUENCE;
384                 return p8;
385                 break;
386
387                 default:
388                 EVPerr(EVP_F_EVP_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
389                 return NULL;
390                 break;
391                 
392         }
393 }
394
395 #ifndef OPENSSL_NO_DSA
396 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
397 {
398         ASN1_STRING *params;
399         ASN1_INTEGER *prkey;
400         ASN1_TYPE *ttmp;
401         STACK_OF(ASN1_TYPE) *ndsa;
402         unsigned char *p, *q;
403         int len;
404
405         p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
406         len = i2d_DSAparams (pkey->pkey.dsa, NULL);
407         if (!(p = OPENSSL_malloc(len))) {
408                 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
409                 PKCS8_PRIV_KEY_INFO_free (p8);
410                 return 0;
411         }
412         q = p;
413         i2d_DSAparams (pkey->pkey.dsa, &q);
414         params = ASN1_STRING_new();
415         ASN1_STRING_set(params, p, len);
416         OPENSSL_free(p);
417         /* Get private key into integer */
418         if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
419                 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
420                 return 0;
421         }
422
423         switch(p8->broken) {
424
425                 case PKCS8_OK:
426                 case PKCS8_NO_OCTET:
427
428                 if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
429                                          &p8->pkey->value.octet_string)) {
430                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
431                         M_ASN1_INTEGER_free (prkey);
432                         return 0;
433                 }
434
435                 M_ASN1_INTEGER_free (prkey);
436                 p8->pkeyalg->parameter->value.sequence = params;
437                 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
438
439                 break;
440
441                 case PKCS8_NS_DB:
442
443                 p8->pkeyalg->parameter->value.sequence = params;
444                 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
445                 ndsa = sk_ASN1_TYPE_new_null();
446                 ttmp = ASN1_TYPE_new();
447                 if (!(ttmp->value.integer = BN_to_ASN1_INTEGER (pkey->pkey.dsa->pub_key, NULL))) {
448                         EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
449                         PKCS8_PRIV_KEY_INFO_free(p8);
450                         return 0;
451                 }
452                 ttmp->type = V_ASN1_INTEGER;
453                 sk_ASN1_TYPE_push(ndsa, ttmp);
454
455                 ttmp = ASN1_TYPE_new();
456                 ttmp->value.integer = prkey;
457                 ttmp->type = V_ASN1_INTEGER;
458                 sk_ASN1_TYPE_push(ndsa, ttmp);
459
460                 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
461
462                 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
463                                          &p8->pkey->value.octet_string->data,
464                                          &p8->pkey->value.octet_string->length)) {
465
466                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
467                         sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
468                         M_ASN1_INTEGER_free(prkey);
469                         return 0;
470                 }
471                 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
472                 break;
473
474                 case PKCS8_EMBEDDED_PARAM:
475
476                 p8->pkeyalg->parameter->type = V_ASN1_NULL;
477                 ndsa = sk_ASN1_TYPE_new_null();
478                 ttmp = ASN1_TYPE_new();
479                 ttmp->value.sequence = params;
480                 ttmp->type = V_ASN1_SEQUENCE;
481                 sk_ASN1_TYPE_push(ndsa, ttmp);
482
483                 ttmp = ASN1_TYPE_new();
484                 ttmp->value.integer = prkey;
485                 ttmp->type = V_ASN1_INTEGER;
486                 sk_ASN1_TYPE_push(ndsa, ttmp);
487
488                 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
489
490                 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
491                                          &p8->pkey->value.octet_string->data,
492                                          &p8->pkey->value.octet_string->length)) {
493
494                         EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
495                         sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
496                         M_ASN1_INTEGER_free (prkey);
497                         return 0;
498                 }
499                 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
500                 break;
501         }
502         return 1;
503 }
504 #endif
505
506 #ifndef OPENSSL_NO_EC
507 static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
508 {
509         ASN1_STRING       *params=NULL;
510         ASN1_INTEGER      *prkey=NULL;
511         ASN1_TYPE         *ttmp=NULL;
512         STACK_OF(ASN1_TYPE) *neckey=NULL;
513         unsigned char     *p=NULL, *q=NULL;
514         int len=0;
515         EC_POINT          *point=NULL;
516
517         if (pkey->pkey.eckey == NULL || pkey->pkey.eckey->group == NULL)
518         {
519                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS);
520                 return 0;
521         }
522         p8->pkeyalg->algorithm = OBJ_nid2obj(NID_ecdsa_with_SHA1);
523         len = i2d_ECParameters(pkey->pkey.eckey, NULL);
524         if ((p = OPENSSL_malloc(len)) == NULL)
525         {
526                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
527                 return 0;
528         }
529         q = p;
530         if (!i2d_ECParameters(pkey->pkey.eckey, &q))
531         {
532                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
533                 OPENSSL_free(p);
534                 return 0;
535         }
536         if ((params = ASN1_STRING_new()) == NULL)
537         {
538                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
539                 OPENSSL_free(p);
540                 return 0;
541                 
542         }
543         if (!ASN1_STRING_set(params, p, len))
544         {
545                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ASN1_LIB);
546                 OPENSSL_free(p);
547                 return 0;
548         }
549         OPENSSL_free(p);
550         if ((prkey = BN_to_ASN1_INTEGER(pkey->pkey.eckey->priv_key, NULL)) 
551                 == NULL)
552         {
553                 EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ASN1_LIB);
554                 return 0;
555         }
556
557         switch(p8->broken) {
558
559                 case PKCS8_OK:
560                 case PKCS8_NO_OCTET:
561
562                 if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
563                                          &p8->pkey->value.octet_string)) 
564                 {
565                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
566                         M_ASN1_INTEGER_free(prkey);
567                         return 0;
568                 }
569
570                 ASN1_INTEGER_free(prkey);
571                 p8->pkeyalg->parameter->value.sequence = params;
572                 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
573
574                 break;
575
576                 case PKCS8_NS_DB:
577
578                 p8->pkeyalg->parameter->value.sequence = params;
579                 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
580                 neckey = sk_ASN1_TYPE_new_null();
581                 if (neckey == NULL || (ttmp = ASN1_TYPE_new()) == NULL)
582                 {
583                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
584                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
585                         return 0;
586                 }
587
588                 if ((point = EC_GROUP_get0_generator(pkey->pkey.eckey->group)) 
589                         == NULL)
590                 {
591                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
592                         return 0;
593                 }
594                 len = EC_POINT_point2oct(pkey->pkey.eckey->group, point, 
595                         pkey->pkey.eckey->conv_form, NULL, 0, NULL);
596                 p = OPENSSL_malloc(len);
597                 if (!len || !p || !EC_POINT_point2oct(pkey->pkey.eckey->group, 
598                         point, pkey->pkey.eckey->conv_form, p, len, NULL))
599                 {
600                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
601                         OPENSSL_free(p);
602                         return 0;
603                 }
604                 if ((ttmp->value.octet_string =ASN1_OCTET_STRING_new()) == NULL)
605                 {
606                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
607                         return 0;
608                 }
609                 if (!ASN1_OCTET_STRING_set(ttmp->value.octet_string, p, len))
610                 {
611                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, EVP_R_ASN1_LIB);
612                         return 0;
613                 }
614                 OPENSSL_free(p);
615                 
616                 ttmp->type = V_ASN1_OCTET_STRING;
617                 if (!sk_ASN1_TYPE_push(neckey, ttmp))
618                 {
619                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
620                         ASN1_INTEGER_free(prkey);
621                         return 0;
622                 }
623
624                 if ((ttmp = ASN1_TYPE_new()) == NULL)
625                 {
626                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
627                         return 0;
628                 }
629                 ttmp->value.integer = prkey;
630                 ttmp->type = V_ASN1_INTEGER;
631                 if (!sk_ASN1_TYPE_push(neckey, ttmp))
632                 {
633                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
634                         ASN1_INTEGER_free(prkey);
635                         return 0;
636                 }
637
638                 if ((p8->pkey->value.octet_string = ASN1_OCTET_STRING_new()) 
639                         == NULL)
640                 {       
641                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
642                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
643                         return 0;
644                 }
645
646                 if (!ASN1_seq_pack_ASN1_TYPE(neckey, i2d_ASN1_TYPE,
647                                          &p8->pkey->value.octet_string->data,
648                                          &p8->pkey->value.octet_string->length)) 
649                 {
650
651                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
652                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
653                         return 0;
654                 }
655                 sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
656                 break;
657
658                 case PKCS8_EMBEDDED_PARAM:
659
660                 p8->pkeyalg->parameter->type = V_ASN1_NULL;
661                 neckey = sk_ASN1_TYPE_new_null();
662                 if ((ttmp = ASN1_TYPE_new()) == NULL)
663                 {
664                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
665                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
666                         ASN1_INTEGER_free(prkey);
667                         return 0;
668                 }
669                 ttmp->value.sequence = params;
670                 ttmp->type = V_ASN1_SEQUENCE;
671                 if (!sk_ASN1_TYPE_push(neckey, ttmp))
672                 {
673                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
674                         ASN1_INTEGER_free(prkey);
675                         return 0;
676                 }
677
678                 if ((ttmp = ASN1_TYPE_new()) == NULL)
679                 {
680                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
681                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
682                         ASN1_INTEGER_free(prkey);
683                         return 0;
684                 }
685                 ttmp->value.integer = prkey;
686                 ttmp->type = V_ASN1_INTEGER;
687                 if (!sk_ASN1_TYPE_push(neckey, ttmp))
688                 {
689                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
690                         ASN1_INTEGER_free(prkey);
691                         return 0;
692                 }
693
694                 if ((p8->pkey->value.octet_string = ASN1_OCTET_STRING_new()) 
695                         == NULL)
696                 {
697                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
698                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
699                         return 0;
700                 }
701
702                 if (!ASN1_seq_pack_ASN1_TYPE(neckey, i2d_ASN1_TYPE,
703                                          &p8->pkey->value.octet_string->data,
704                                          &p8->pkey->value.octet_string->length)) 
705                 {
706                         EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
707                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
708                         return 0;
709                 }
710                 sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
711                 break;
712         }
713         return 1;
714 }
715 #endif