Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
8ee4845b
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
8ee4845b
编写于
10月 28, 2002
作者:
B
Bodo Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
'broken' PKCS #8 format does not apply to ECDSA
Submitted by: Nils Larsch
上级
19b8d06a
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
201 addition
and
332 deletion
+201
-332
crypto/ecdsa/ecdsatest.c
crypto/ecdsa/ecdsatest.c
+0
-45
crypto/evp/evp_pkey.c
crypto/evp/evp_pkey.c
+201
-287
未找到文件。
crypto/ecdsa/ecdsatest.c
浏览文件 @
8ee4845b
...
@@ -472,54 +472,9 @@ int main(void)
...
@@ -472,54 +472,9 @@ int main(void)
EC_KEY_free
(
ret_ecdsa
);
EC_KEY_free
(
ret_ecdsa
);
ret_ecdsa
=
NULL
;
ret_ecdsa
=
NULL
;
PKCS8_PRIV_KEY_INFO_free
(
pkcs8
);
PKCS8_PRIV_KEY_INFO_free
(
pkcs8
);
BIO_printf
(
bio_err
,
"PKCS8_NO_OCTET : "
);
if
((
pkcs8
=
EVP_PKEY2PKCS8_broken
(
pkey
,
PKCS8_NO_OCTET
))
==
NULL
)
goto
err
;
if
((
ret_pkey
=
EVP_PKCS82PKEY
(
pkcs8
))
==
NULL
)
goto
err
;
ret_ecdsa
=
EVP_PKEY_get1_EC_KEY
(
ret_pkey
);
if
(
ecdsa_cmp
(
ecdsa
,
ret_ecdsa
))
{
BIO_printf
(
bio_err
,
"TEST FAILED
\n
"
);
goto
err
;
}
else
BIO_printf
(
bio_err
,
"TEST OK
\n
"
);
EVP_PKEY_free
(
ret_pkey
);
ret_pkey
=
NULL
;
EC_KEY_free
(
ret_ecdsa
);
ret_ecdsa
=
NULL
;
PKCS8_PRIV_KEY_INFO_free
(
pkcs8
);
BIO_printf
(
bio_err
,
"PKCS8_EMBEDDED_PARAM : "
);
if
((
pkcs8
=
EVP_PKEY2PKCS8_broken
(
pkey
,
PKCS8_EMBEDDED_PARAM
))
==
NULL
)
goto
err
;
if
((
ret_pkey
=
EVP_PKCS82PKEY
(
pkcs8
))
==
NULL
)
goto
err
;
ret_ecdsa
=
EVP_PKEY_get1_EC_KEY
(
ret_pkey
);
if
(
ecdsa_cmp
(
ecdsa
,
ret_ecdsa
))
{
BIO_printf
(
bio_err
,
"TEST FAILED
\n
"
);
goto
err
;
}
else
BIO_printf
(
bio_err
,
"TEST OK
\n
"
);
EVP_PKEY_free
(
ret_pkey
);
ret_pkey
=
NULL
;
EC_KEY_free
(
ret_ecdsa
);
ret_ecdsa
=
NULL
;
PKCS8_PRIV_KEY_INFO_free
(
pkcs8
);
BIO_printf
(
bio_err
,
"PKCS8_NS_DB : "
);
if
((
pkcs8
=
EVP_PKEY2PKCS8_broken
(
pkey
,
PKCS8_NS_DB
))
==
NULL
)
goto
err
;
if
((
ret_pkey
=
EVP_PKCS82PKEY
(
pkcs8
))
==
NULL
)
goto
err
;
ret_ecdsa
=
EVP_PKEY_get1_EC_KEY
(
ret_pkey
);
if
(
ecdsa_cmp
(
ecdsa
,
ret_ecdsa
))
{
BIO_printf
(
bio_err
,
"TEST FAILED
\n
"
);
goto
err
;
}
else
BIO_printf
(
bio_err
,
"TEST OK
\n
"
);
EVP_PKEY_free
(
ret_pkey
);
ret_pkey
=
NULL
;
EC_KEY_free
(
ret_ecdsa
);
ret_ecdsa
=
NULL
;
EVP_PKEY_free
(
pkey
);
EVP_PKEY_free
(
pkey
);
pkey
=
NULL
;
pkey
=
NULL
;
ecdsa
=
NULL
;
ecdsa
=
NULL
;
PKCS8_PRIV_KEY_INFO_free
(
pkcs8
);
pkcs8
=
NULL
;
pkcs8
=
NULL
;
/* sign and verify tests */
/* sign and verify tests */
...
...
crypto/evp/evp_pkey.c
浏览文件 @
8ee4845b
...
@@ -79,14 +79,15 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
...
@@ -79,14 +79,15 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
#endif
#endif
#ifndef OPENSSL_NO_DSA
#ifndef OPENSSL_NO_DSA
DSA
*
dsa
=
NULL
;
DSA
*
dsa
=
NULL
;
ASN1_TYPE
*
t1
,
*
t2
;
STACK_OF
(
ASN1_TYPE
)
*
ndsa
=
NULL
;
#endif
#endif
#ifndef OPENSSL_NO_EC
#ifndef OPENSSL_NO_EC
EC_KEY
*
eckey
=
NULL
;
EC_KEY
*
eckey
=
NULL
;
#endif
#endif
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
ASN1_TYPE
*
param
=
NULL
;
ASN1_INTEGER
*
privkey
;
ASN1_INTEGER
*
privkey
;
ASN1_TYPE
*
t1
,
*
t2
,
*
param
=
NULL
;
STACK_OF
(
ASN1_TYPE
)
*
n_stack
=
NULL
;
BN_CTX
*
ctx
=
NULL
;
BN_CTX
*
ctx
=
NULL
;
int
plen
;
int
plen
;
#endif
#endif
...
@@ -124,172 +125,188 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
...
@@ -124,172 +125,188 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
EVP_PKEY_assign_RSA
(
pkey
,
rsa
);
EVP_PKEY_assign_RSA
(
pkey
,
rsa
);
break
;
break
;
#endif
#endif
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
#ifndef OPENSSL_NO_DSA
case
NID_ecdsa_with_SHA1
:
case
NID_dsa
:
case
NID_dsa
:
/* PKCS#8 DSA
/ECDSA
is weird: you just get a private key integer
/* PKCS#8 DSA is weird: you just get a private key integer
* and parameters in the AlgorithmIdentifier the pubkey must
* and parameters in the AlgorithmIdentifier the pubkey must
* be recalculated.
* be recalculated.
*/
*/
/* Check for broken DSA/ECDSA PKCS#8, UGH! */
/* Check for broken DSA PKCS#8, UGH! */
if
(
*
p
==
(
V_ASN1_SEQUENCE
|
V_ASN1_CONSTRUCTED
))
if
(
*
p
==
(
V_ASN1_SEQUENCE
|
V_ASN1_CONSTRUCTED
))
{
{
if
(
!
(
ndsa
=
ASN1_seq_unpack_ASN1_TYPE
(
p
,
pkeylen
,
if
(
!
(
n_stack
=
ASN1_seq_unpack_ASN1_TYPE
(
p
,
pkeylen
,
d2i_ASN1_TYPE
,
d2i_ASN1_TYPE
,
ASN1_TYPE_free
)))
ASN1_TYPE_free
)))
{
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
goto
dsaerr
;
goto
err
;
}
}
if
(
sk_ASN1_TYPE_num
(
ndsa
)
!=
2
)
{
if
(
sk_ASN1_TYPE_num
(
n_stack
)
!=
2
)
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
{
goto
dsaerr
;
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
}
goto
err
;
}
/* Handle Two broken types:
/* Handle Two broken types:
* SEQUENCE {parameters, priv_key}
* SEQUENCE {parameters, priv_key}
* SEQUENCE {pub_key, priv_key}
* SEQUENCE {pub_key, priv_key}
*/
*/
t1
=
sk_ASN1_TYPE_value
(
n_stack
,
0
);
t1
=
sk_ASN1_TYPE_value
(
ndsa
,
0
);
t2
=
sk_ASN1_TYPE_value
(
n_stack
,
1
);
t2
=
sk_ASN1_TYPE_value
(
ndsa
,
1
);
if
(
t1
->
type
==
V_ASN1_SEQUENCE
)
if
(
t1
->
type
==
V_ASN1_SEQUENCE
)
{
{
p8
->
broken
=
PKCS8_EMBEDDED_PARAM
;
p8
->
broken
=
PKCS8_EMBEDDED_PARAM
;
param
=
t1
;
param
=
t1
;
}
}
else
if
(
a
->
parameter
->
type
==
V_ASN1_SEQUENCE
)
{
else
if
(
a
->
parameter
->
type
==
V_ASN1_SEQUENCE
)
{
p8
->
broken
=
PKCS8_NS_DB
;
p8
->
broken
=
PKCS8_NS_DB
;
param
=
a
->
parameter
;
param
=
a
->
parameter
;
}
}
else
{
else
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
goto
err
;
goto
dsa
err
;
}
}
if
(
t2
->
type
!=
V_ASN1_INTEGER
)
{
if
(
t2
->
type
!=
V_ASN1_INTEGER
)
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
goto
err
;
goto
dsa
err
;
}
}
privkey
=
t2
->
value
.
integer
;
privkey
=
t2
->
value
.
integer
;
}
}
else
{
else
if
(
!
(
privkey
=
d2i_ASN1_INTEGER
(
NULL
,
&
p
,
pkeylen
)))
{
{
if
(
!
(
privkey
=
d2i_ASN1_INTEGER
(
NULL
,
&
p
,
pkeylen
)))
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
goto
err
;
goto
dsa
err
;
}
}
param
=
p8
->
pkeyalg
->
parameter
;
param
=
p8
->
pkeyalg
->
parameter
;
}
}
if
(
!
param
||
(
param
->
type
!=
V_ASN1_SEQUENCE
))
if
(
!
param
||
(
param
->
type
!=
V_ASN1_SEQUENCE
))
{
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
goto
err
;
goto
dsa
err
;
}
}
cp
=
p
=
param
->
value
.
sequence
->
data
;
cp
=
p
=
param
->
value
.
sequence
->
data
;
plen
=
param
->
value
.
sequence
->
length
;
plen
=
param
->
value
.
sequence
->
length
;
if
(
!
(
ctx
=
BN_CTX_new
()))
if
(
!
(
dsa
=
d2i_DSAparams
(
NULL
,
&
cp
,
plen
)))
{
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
goto
dsaerr
;
}
/* We have parameters now set private key */
if
(
!
(
dsa
->
priv_key
=
ASN1_INTEGER_to_BN
(
privkey
,
NULL
)))
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_BN_DECODE_ERROR
);
goto
dsaerr
;
}
/* Calculate public key (ouch!) */
if
(
!
(
dsa
->
pub_key
=
BN_new
()))
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
ERR_R_MALLOC_FAILURE
);
goto
dsaerr
;
}
if
(
!
(
ctx
=
BN_CTX_new
()))
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
ERR_R_MALLOC_FAILURE
);
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
goto
dsa
err
;
}
}
if
(
nid
==
NID_dsa
)
if
(
!
BN_mod_exp
(
dsa
->
pub_key
,
dsa
->
g
,
dsa
->
priv_key
,
dsa
->
p
,
ctx
))
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_BN_PUBKEY_ERROR
);
goto
dsaerr
;
}
EVP_PKEY_assign_DSA
(
pkey
,
dsa
);
BN_CTX_free
(
ctx
);
if
(
ndsa
)
sk_ASN1_TYPE_pop_free
(
ndsa
,
ASN1_TYPE_free
);
else
ASN1_INTEGER_free
(
privkey
);
break
;
dsaerr:
BN_CTX_free
(
ctx
);
sk_ASN1_TYPE_pop_free
(
ndsa
,
ASN1_TYPE_free
);
DSA_free
(
dsa
);
EVP_PKEY_free
(
pkey
);
return
NULL
;
break
;
#endif
#ifndef OPENSSL_NO_EC
case
NID_X9_62_id_ecPublicKey
:
if
(
!
(
privkey
=
d2i_ASN1_INTEGER
(
NULL
,
&
p
,
pkeylen
)))
{
{
#ifndef OPENSSL_NO_DSA
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
if
(
!
(
dsa
=
d2i_DSAparams
(
NULL
,
&
cp
,
plen
)))
goto
ecerr
;
{
}
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
param
=
p8
->
pkeyalg
->
parameter
;
goto
err
;
}
/* We have parameters now set private key */
if
(
!
(
dsa
->
priv_key
=
ASN1_INTEGER_to_BN
(
privkey
,
NULL
)))
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_BN_DECODE_ERROR
);
goto
err
;
}
/* Calculate public key (ouch!) */
if
(
!
(
dsa
->
pub_key
=
BN_new
()))
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
}
if
(
!
BN_mod_exp
(
dsa
->
pub_key
,
dsa
->
g
,
dsa
->
priv_key
,
dsa
->
p
,
ctx
))
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_BN_PUBKEY_ERROR
);
goto
err
;
}
EVP_PKEY_assign_DSA
(
pkey
,
dsa
);
if
(
!
param
||
((
param
->
type
!=
V_ASN1_SEQUENCE
)
&&
BN_CTX_free
(
ctx
);
(
param
->
type
!=
V_ASN1_OBJECT
)))
if
(
n_stack
)
sk_ASN1_TYPE_pop_free
(
n_stack
,
ASN1_TYPE_free
);
else
ASN1_INTEGER_free
(
privkey
);
#else
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM
);
goto
err
;
#endif
}
else
/* nid == NID_ecdsa_with_SHA1 */
{
{
#ifndef OPENSSL_NO_EC
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
if
((
eckey
=
d2i_ECParameters
(
NULL
,
&
cp
,
goto
ecerr
;
plen
))
==
NULL
)
}
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
if
(
param
->
type
==
V_ASN1_SEQUENCE
)
goto
err
;
{
}
cp
=
p
=
param
->
value
.
sequence
->
data
;
if
((
eckey
->
priv_key
=
ASN1_INTEGER_to_BN
(
privkey
,
plen
=
param
->
value
.
sequence
->
length
;
NULL
))
==
NULL
)
{
if
(
!
(
eckey
=
d2i_ECParameters
(
NULL
,
&
cp
,
plen
)))
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_DECODE_ERROR
);
goto
err
;
}
if
((
eckey
->
pub_key
=
EC_POINT_new
(
eckey
->
group
))
==
NULL
)
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
ERR_R_EC_LIB
);
goto
err
;
}
if
(
!
EC_POINT_copy
(
eckey
->
pub_key
,
EC_GROUP_get0_generator
(
eckey
->
group
)))
{
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
ERR_R_EC_LIB
);
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
goto
err
;
EVP_R_DECODE_ERROR
);
goto
ecerr
;
}
}
if
(
!
EC_POINT_mul
(
eckey
->
group
,
eckey
->
pub_key
,
}
eckey
->
priv_key
,
NULL
,
NULL
,
ctx
))
else
{
cp
=
p
=
param
->
value
.
object
->
data
;
plen
=
param
->
value
.
object
->
length
;
/* type == V_ASN1_OBJECT => the parameters are given
* by an asn1 OID
*/
if
((
eckey
=
EC_KEY_new
())
==
NULL
)
{
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
ERR_R_EC_LIB
);
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
goto
err
;
ERR_R_MALLOC_FAILURE
);
goto
ecerr
;
}
}
if
((
eckey
->
group
=
EC_GROUP_new_by_nid
(
EVP_PKEY_assign_EC_KEY
(
pkey
,
eckey
);
OBJ_obj2nid
(
a
->
parameter
->
value
.
object
)))
==
NULL
)
BN_CTX_free
(
ctx
);
goto
ecerr
;
if
(
n_stack
)
sk_ASN1_TYPE_pop_free
(
n_stack
,
ASN1_TYPE_free
);
EC_GROUP_set_asn1_flag
(
eckey
->
group
,
else
OPENSSL_EC_NAMED_CURVE
);
ASN1_INTEGER_free
(
privkey
);
}
#else
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM
);
/* We have parameters now set private key */
goto
err
;
if
(
!
(
eckey
->
priv_key
=
ASN1_INTEGER_to_BN
(
privkey
,
NULL
)))
#endif
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_BN_DECODE_ERROR
);
goto
ecerr
;
}
/* Calculate public key */
if
((
eckey
->
pub_key
=
EC_POINT_new
(
eckey
->
group
))
==
NULL
)
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
ERR_R_EC_LIB
);
goto
ecerr
;
}
}
if
(
!
EC_POINT_copy
(
eckey
->
pub_key
,
EC_GROUP_get0_generator
(
eckey
->
group
)))
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
ERR_R_EC_LIB
);
goto
ecerr
;
}
if
(
!
EC_POINT_mul
(
eckey
->
group
,
eckey
->
pub_key
,
eckey
->
priv_key
,
NULL
,
NULL
,
ctx
))
{
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
ERR_R_EC_LIB
);
goto
ecerr
;
}
EVP_PKEY_assign_EC_KEY
(
pkey
,
eckey
);
if
(
ctx
)
BN_CTX_free
(
ctx
);
if
(
privkey
)
ASN1_INTEGER_free
(
privkey
);
break
;
break
;
err:
ecerr:
if
(
ctx
)
BN_CTX_free
(
ctx
);
if
(
ctx
)
sk_ASN1_TYPE_pop_free
(
n_stack
,
ASN1_TYPE_free
);
BN_CTX_free
(
ctx
);
#ifndef OPENSSL_NO_DSA
if
(
eckey
)
if
(
dsa
)
DSA_free
(
dsa
);
#endif
#ifndef OPENSSL_NO_EC
if
(
eckey
)
EC_KEY_free
(
eckey
);
EC_KEY_free
(
eckey
);
#endif
if
(
pkey
)
if
(
pkey
)
EVP_PKEY_free
(
pkey
);
EVP_PKEY_free
(
pkey
);
return
NULL
;
return
NULL
;
break
;
#endif
#endif
default:
default:
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM
);
EVPerr
(
EVP_F_EVP_PKCS82PKEY
,
EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM
);
...
@@ -506,209 +523,106 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
...
@@ -506,209 +523,106 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
#ifndef OPENSSL_NO_EC
#ifndef OPENSSL_NO_EC
static
int
eckey_pkey2pkcs8
(
PKCS8_PRIV_KEY_INFO
*
p8
,
EVP_PKEY
*
pkey
)
static
int
eckey_pkey2pkcs8
(
PKCS8_PRIV_KEY_INFO
*
p8
,
EVP_PKEY
*
pkey
)
{
{
ASN1_STRING
*
params
=
NULL
;
EC_KEY
*
eckey
;
ASN1_INTEGER
*
prkey
=
NULL
;
ASN1_INTEGER
*
prkey
=
NULL
;
ASN1_TYPE
*
ttmp
=
NULL
;
unsigned
char
*
p
,
*
pp
;
STACK_OF
(
ASN1_TYPE
)
*
neckey
=
NULL
;
int
nid
;
unsigned
char
*
p
=
NULL
,
*
q
=
NULL
;
int
len
=
0
;
EC_POINT
*
point
=
NULL
;
if
(
pkey
->
pkey
.
eckey
==
NULL
||
pkey
->
pkey
.
eckey
->
group
==
NULL
)
if
(
pkey
->
pkey
.
eckey
==
NULL
||
pkey
->
pkey
.
eckey
->
group
==
NULL
)
{
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
EVP_R_MISSING_PARAMETERS
);
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
EVP_R_MISSING_PARAMETERS
);
return
0
;
return
0
;
}
}
p8
->
pkeyalg
->
algorithm
=
OBJ_nid2obj
(
NID_ecdsa_with_SHA1
);
eckey
=
pkey
->
pkey
.
eckey
;
len
=
i2d_ECParameters
(
pkey
->
pkey
.
eckey
,
NULL
);
if
((
p
=
OPENSSL_malloc
(
len
))
==
NULL
)
/* set the ec parameters OID */
if
(
p8
->
pkeyalg
->
algorithm
)
ASN1_OBJECT_free
(
p8
->
pkeyalg
->
algorithm
);
p8
->
pkeyalg
->
algorithm
=
OBJ_nid2obj
(
NID_X9_62_id_ecPublicKey
);
/* set the ec parameters */
if
(
p8
->
pkeyalg
->
parameter
)
{
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
ASN1_TYPE_free
(
p8
->
pkeyalg
->
parameter
);
return
0
;
p8
->
pkeyalg
->
parameter
=
NULL
;
}
}
q
=
p
;
if
(
!
i2d_ECParameters
(
pkey
->
pkey
.
eckey
,
&
q
))
if
((
p8
->
pkeyalg
->
parameter
=
ASN1_TYPE_new
())
==
NULL
)
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_EC_LIB
);
OPENSSL_free
(
p
);
return
0
;
}
if
((
params
=
ASN1_STRING_new
())
==
NULL
)
{
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
OPENSSL_free
(
p
);
return
0
;
return
0
;
}
}
if
(
!
ASN1_STRING_set
(
params
,
p
,
len
))
if
(
EC_GROUP_get_asn1_flag
(
eckey
->
group
)
&&
(
nid
=
EC_GROUP_get_nid
(
eckey
->
group
)))
{
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_ASN1_LIB
);
/* we have a 'named curve' => just set the OID */
OPENSSL_free
(
p
)
;
p8
->
pkeyalg
->
parameter
->
type
=
V_ASN1_OBJECT
;
return
0
;
p8
->
pkeyalg
->
parameter
->
value
.
object
=
OBJ_nid2obj
(
nid
)
;
}
}
OPENSSL_free
(
p
);
else
/* explicit parameters */
if
((
prkey
=
BN_to_ASN1_INTEGER
(
pkey
->
pkey
.
eckey
->
priv_key
,
NULL
))
==
NULL
)
{
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_ASN1_LIB
);
int
i
;
return
0
;
if
((
i
=
i2d_ECParameters
(
eckey
,
NULL
))
==
0
)
}
switch
(
p8
->
broken
)
{
case
PKCS8_OK
:
case
PKCS8_NO_OCTET
:
if
(
!
ASN1_pack_string
((
char
*
)
prkey
,
i2d_ASN1_INTEGER
,
&
p8
->
pkey
->
value
.
octet_string
))
{
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_EC_LIB
);
M_ASN1_INTEGER_free
(
prkey
);
return
0
;
return
0
;
}
}
if
((
p
=
(
unsigned
char
*
)
OPENSSL_malloc
(
i
))
==
NULL
)
ASN1_INTEGER_free
(
prkey
);
p8
->
pkeyalg
->
parameter
->
value
.
sequence
=
params
;
p8
->
pkeyalg
->
parameter
->
type
=
V_ASN1_SEQUENCE
;
break
;
case
PKCS8_NS_DB
:
p8
->
pkeyalg
->
parameter
->
value
.
sequence
=
params
;
p8
->
pkeyalg
->
parameter
->
type
=
V_ASN1_SEQUENCE
;
neckey
=
sk_ASN1_TYPE_new_null
();
if
(
neckey
==
NULL
||
(
ttmp
=
ASN1_TYPE_new
())
==
NULL
)
{
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
return
0
;
return
0
;
}
}
pp
=
p
;
if
((
point
=
EC_GROUP_get0_generator
(
pkey
->
pkey
.
eckey
->
group
))
if
(
!
i2d_ECParameters
(
eckey
,
&
pp
))
==
NULL
)
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_EC_LIB
);
return
0
;
}
len
=
EC_POINT_point2oct
(
pkey
->
pkey
.
eckey
->
group
,
point
,
pkey
->
pkey
.
eckey
->
conv_form
,
NULL
,
0
,
NULL
);
p
=
OPENSSL_malloc
(
len
);
if
(
!
len
||
!
p
||
!
EC_POINT_point2oct
(
pkey
->
pkey
.
eckey
->
group
,
point
,
pkey
->
pkey
.
eckey
->
conv_form
,
p
,
len
,
NULL
))
{
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_EC_LIB
);
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_EC_LIB
);
OPENSSL_free
(
p
);
OPENSSL_free
(
p
);
return
0
;
return
0
;
}
}
if
((
ttmp
->
value
.
octet_string
=
ASN1_OCTET_STRING_new
())
==
NULL
)
p8
->
pkeyalg
->
parameter
->
type
=
V_ASN1_SEQUENCE
;
{
if
((
p8
->
pkeyalg
->
parameter
->
value
.
sequence
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
=
ASN1_STRING_new
())
==
NULL
)
return
0
;
}
if
(
!
ASN1_OCTET_STRING_set
(
ttmp
->
value
.
octet_string
,
p
,
len
))
{
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
EVP_R_ASN1_LIB
);
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_ASN1_LIB
);
OPENSSL_free
(
p
);
return
0
;
return
0
;
}
}
ASN1_STRING_set
(
p8
->
pkeyalg
->
parameter
->
value
.
sequence
,
p
,
i
);
OPENSSL_free
(
p
);
OPENSSL_free
(
p
);
}
ttmp
->
type
=
V_ASN1_OCTET_STRING
;
if
(
!
sk_ASN1_TYPE_push
(
neckey
,
ttmp
))
{
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
ASN1_INTEGER_free
(
prkey
);
return
0
;
}
if
((
ttmp
=
ASN1_TYPE_new
())
==
NULL
)
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
return
0
;
}
ttmp
->
value
.
integer
=
prkey
;
ttmp
->
type
=
V_ASN1_INTEGER
;
if
(
!
sk_ASN1_TYPE_push
(
neckey
,
ttmp
))
{
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
ASN1_INTEGER_free
(
prkey
);
return
0
;
}
if
((
p8
->
pkey
->
value
.
octet_string
=
ASN1_OCTET_STRING_new
())
==
NULL
)
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
return
0
;
}
if
(
!
ASN1_seq_pack_ASN1_TYPE
(
neckey
,
i2d_ASN1_TYPE
,
&
p8
->
pkey
->
value
.
octet_string
->
data
,
&
p8
->
pkey
->
value
.
octet_string
->
length
))
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
/* set the private key */
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
if
((
prkey
=
BN_to_ASN1_INTEGER
(
pkey
->
pkey
.
eckey
->
priv_key
,
NULL
))
return
0
;
==
NULL
)
}
{
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_ASN1_LIB
);
break
;
return
0
;
}
case
PKCS8_EMBEDDED_PARAM
:
switch
(
p8
->
broken
)
{
p8
->
pkeyalg
->
parameter
->
type
=
V_ASN1_NULL
;
case
PKCS8_OK
:
neckey
=
sk_ASN1_TYPE_new_null
();
if
(
!
ASN1_pack_string
((
char
*
)
prkey
,
i2d_ASN1_INTEGER
,
if
((
ttmp
=
ASN1_TYPE_new
())
==
NULL
)
&
p8
->
pkey
->
value
.
octet_string
))
{
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
M_ASN1_INTEGER_free
(
prkey
);
ASN1_INTEGER_free
(
prkey
);
return
0
;
}
ttmp
->
value
.
sequence
=
params
;
ttmp
->
type
=
V_ASN1_SEQUENCE
;
if
(
!
sk_ASN1_TYPE_push
(
neckey
,
ttmp
))
{
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
ASN1_INTEGER_free
(
prkey
);
return
0
;
return
0
;
}
}
if
((
ttmp
=
ASN1_TYPE_new
())
==
NULL
)
ASN1_INTEGER_free
(
prkey
);
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
ASN1_INTEGER_free
(
prkey
);
return
0
;
}
ttmp
->
value
.
integer
=
prkey
;
ttmp
->
type
=
V_ASN1_INTEGER
;
if
(
!
sk_ASN1_TYPE_push
(
neckey
,
ttmp
))
{
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
ASN1_INTEGER_free
(
prkey
);
return
0
;
}
if
((
p8
->
pkey
->
value
.
octet_string
=
ASN1_OCTET_STRING_new
())
break
;
==
NULL
)
case
PKCS8_NO_OCTET
:
/* RSA specific */
{
case
PKCS8_NS_DB
:
/* DSA specific */
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
case
PKCS8_EMBEDDED_PARAM
:
/* DSA specific */
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
default:
EVPerr
(
EVP_F_EVP_PKEY2PKCS8
,
EVP_R_ENCODE_ERROR
);
return
0
;
return
0
;
}
if
(
!
ASN1_seq_pack_ASN1_TYPE
(
neckey
,
i2d_ASN1_TYPE
,
&
p8
->
pkey
->
value
.
octet_string
->
data
,
&
p8
->
pkey
->
value
.
octet_string
->
length
))
{
EVPerr
(
EVP_F_EC_KEY_PKEY2PKCS8
,
ERR_R_MALLOC_FAILURE
);
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
return
0
;
}
sk_ASN1_TYPE_pop_free
(
neckey
,
ASN1_TYPE_free
);
break
;
}
}
return
1
;
return
1
;
}
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录