1
  
2
  
3
  
4
  
5
  
6
  
7
  
8
  
9
  
10
  
11
  
12
  
13
  
14
  
15
  
16
  
17
  
18
  
19
  
20
  
21
  
22
  
23
  
24
  
25
  
26
  
27
  
28
  
29
  
30
  
31
  
32
  
33
  
34
  
35
  
36
  
37
  
38
  
39
  
40
  
41
  
42
  
43
  
44
  
45
  
46
  
47
  
48
  
49
  
50
  
51
  
52
  
53
  
54
  
55
  
56
  
57
  
58
  
59
  
60
  
61
  
62
  
63
  
64
  
65
  
66
  
67
  
68
  
//! 
//! Public-Key Cryptography Standards (PKCS). 
//! 
//! This is the Pike API for dealing with a set of standards 
//! initially published by RSA Security Inc, and later by IETF 
//! and others in various RFCs. 
//! 
//! @seealso 
//!   @[Standards.ASN1], @[Crypto], 
//!   @rfc{2314@}, @rfc{2459@}, @rfc{2986@}, @rfc{3279@}, @rfc{3280@}, 
//!   @rfc{4055@}, @rfc{4985@}, @rfc{5208@}, @rfc{5280@}, @rfc{5480@}, 
//!   @rfc{5639@}, @rfc{5915@}, @rfc{7292@} 
 
import Standards.ASN1.Types; 
 
private object ECDSA; 
 
//! Parse a PKCS#8 PrivateKeyInfo (cf @rfc{5208:5@}). 
//! 
//! @seealso 
//!   @[RSA.parse_private_key()], @[DSA.parse_private_key()] 
Crypto.Sign.State parse_private_key(Sequence seq) 
{ 
  if ((sizeof(seq->elements) < 3) || 
      (sizeof(seq->elements) > 4) || 
      (seq->elements[1]->type_name != "SEQUENCE") || 
      (seq->elements[2]->type_name != "OCTET STRING") || 
      (seq->elements[0]->type_name != "INTEGER") || 
      (seq->elements[0]->value) ||      // Version 0. 
      (sizeof(seq->elements[1]->elements) != 2) || 
      (seq->elements[1]->elements[0]->type_name != "OBJECT IDENTIFIER")) 
    return UNDEFINED; 
 
  // FIXME: Care about the attribute set (element 4)? 
  Identifier alg_id = seq->elements[1]->elements[0]; 
  if (alg_id == .Identifiers.rsa_id) { 
    return .RSA.parse_private_key(seq->elements[2]->value); 
  } 
  if (alg_id == .Identifiers.dsa_id) { 
    return .DSA.parse_private_key(seq->elements[2]->value); 
  } 
#if constant(Crypto.ECC.Curve) 
  // RFC 5915:1a. 
  if ((alg_id == .Identifiers.ec_id) || 
      (alg_id == .Identifiers.ec_dh_id) || 
      (alg_id == .Identifiers.ec_mqw_id)) { 
    if(!ECDSA) 
      ECDSA = master()->resolv("Standards.PKCS.ECDSA"); 
    Crypto.ECC.Curve curve = 
      ECDSA.parse_ec_parameters(seq->elements[1]->elements[1]); 
    return ECDSA.parse_private_key(seq->elements[2]->value, curve); 
  } 
#endif /* Crypto.ECC.Curve */ 
  return UNDEFINED; 
} 
 
//! 
variant Crypto.Sign.State parse_private_key(string key) 
{ 
  Object a = Standards.ASN1.Decode.simple_der_decode(key); 
 
  if (!a || (a->type_name != "SEQUENCE")) 
    return UNDEFINED; 
  return parse_private_key([object(Sequence)]a); 
}