1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/ossrv/ssl/libcrypto/src/crypto/asn1/x_pubkey.c Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,531 @@
1.4 +/* crypto/asn1/x_pubkey.c */
1.5 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
1.6 + * All rights reserved.
1.7 + *
1.8 + * This package is an SSL implementation written
1.9 + * by Eric Young (eay@cryptsoft.com).
1.10 + * The implementation was written so as to conform with Netscapes SSL.
1.11 + *
1.12 + * This library is free for commercial and non-commercial use as long as
1.13 + * the following conditions are aheared to. The following conditions
1.14 + * apply to all code found in this distribution, be it the RC4, RSA,
1.15 + * lhash, DES, etc., code; not just the SSL code. The SSL documentation
1.16 + * included with this distribution is covered by the same copyright terms
1.17 + * except that the holder is Tim Hudson (tjh@cryptsoft.com).
1.18 + *
1.19 + * Copyright remains Eric Young's, and as such any Copyright notices in
1.20 + * the code are not to be removed.
1.21 + * If this package is used in a product, Eric Young should be given attribution
1.22 + * as the author of the parts of the library used.
1.23 + * This can be in the form of a textual message at program startup or
1.24 + * in documentation (online or textual) provided with the package.
1.25 + *
1.26 + * Redistribution and use in source and binary forms, with or without
1.27 + * modification, are permitted provided that the following conditions
1.28 + * are met:
1.29 + * 1. Redistributions of source code must retain the copyright
1.30 + * notice, this list of conditions and the following disclaimer.
1.31 + * 2. Redistributions in binary form must reproduce the above copyright
1.32 + * notice, this list of conditions and the following disclaimer in the
1.33 + * documentation and/or other materials provided with the distribution.
1.34 + * 3. All advertising materials mentioning features or use of this software
1.35 + * must display the following acknowledgement:
1.36 + * "This product includes cryptographic software written by
1.37 + * Eric Young (eay@cryptsoft.com)"
1.38 + * The word 'cryptographic' can be left out if the rouines from the library
1.39 + * being used are not cryptographic related :-).
1.40 + * 4. If you include any Windows specific code (or a derivative thereof) from
1.41 + * the apps directory (application code) you must include an acknowledgement:
1.42 + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
1.43 + *
1.44 + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
1.45 + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1.46 + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1.47 + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
1.48 + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1.49 + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1.50 + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1.51 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1.52 + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1.53 + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1.54 + * SUCH DAMAGE.
1.55 + *
1.56 + * The licence and distribution terms for any publically available version or
1.57 + * derivative of this code cannot be changed. i.e. this code cannot simply be
1.58 + * copied and put under another distribution licence
1.59 + * [including the GNU Public Licence.]
1.60 + */
1.61 +
1.62 +#include <stdio.h>
1.63 +#include "cryptlib.h"
1.64 +#include <openssl/asn1t.h>
1.65 +#include <openssl/x509.h>
1.66 +#ifndef OPENSSL_NO_RSA
1.67 +#include <openssl/rsa.h>
1.68 +#endif
1.69 +#ifndef OPENSSL_NO_DSA
1.70 +#include <openssl/dsa.h>
1.71 +#endif
1.72 +
1.73 +/* Minor tweak to operation: free up EVP_PKEY */
1.74 +static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
1.75 + {
1.76 + if (operation == ASN1_OP_FREE_POST)
1.77 + {
1.78 + X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
1.79 + EVP_PKEY_free(pubkey->pkey);
1.80 + }
1.81 + return 1;
1.82 + }
1.83 +
1.84 +ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
1.85 + ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
1.86 + ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
1.87 +} ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY)
1.88 +
1.89 +IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
1.90 +
1.91 +EXPORT_C int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
1.92 + {
1.93 + X509_PUBKEY *pk=NULL;
1.94 + X509_ALGOR *a;
1.95 + ASN1_OBJECT *o;
1.96 + unsigned char *s,*p = NULL;
1.97 + int i;
1.98 +
1.99 + if (x == NULL) return(0);
1.100 +
1.101 + if ((pk=X509_PUBKEY_new()) == NULL) goto err;
1.102 + a=pk->algor;
1.103 +
1.104 + /* set the algorithm id */
1.105 + if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
1.106 + ASN1_OBJECT_free(a->algorithm);
1.107 + a->algorithm=o;
1.108 +
1.109 + /* Set the parameter list */
1.110 + if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA))
1.111 + {
1.112 + if ((a->parameter == NULL) ||
1.113 + (a->parameter->type != V_ASN1_NULL))
1.114 + {
1.115 + ASN1_TYPE_free(a->parameter);
1.116 + if (!(a->parameter=ASN1_TYPE_new()))
1.117 + {
1.118 + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
1.119 + goto err;
1.120 + }
1.121 + a->parameter->type=V_ASN1_NULL;
1.122 + }
1.123 + }
1.124 +#ifndef OPENSSL_NO_DSA
1.125 + else if (pkey->type == EVP_PKEY_DSA)
1.126 + {
1.127 + unsigned char *pp;
1.128 + DSA *dsa;
1.129 +
1.130 + dsa=pkey->pkey.dsa;
1.131 + dsa->write_params=0;
1.132 + ASN1_TYPE_free(a->parameter);
1.133 + if ((i=i2d_DSAparams(dsa,NULL)) <= 0)
1.134 + goto err;
1.135 + if (!(p=(unsigned char *)OPENSSL_malloc(i)))
1.136 + {
1.137 + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
1.138 + goto err;
1.139 + }
1.140 + pp=p;
1.141 + i2d_DSAparams(dsa,&pp);
1.142 + if (!(a->parameter=ASN1_TYPE_new()))
1.143 + {
1.144 + OPENSSL_free(p);
1.145 + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
1.146 + goto err;
1.147 + }
1.148 + a->parameter->type=V_ASN1_SEQUENCE;
1.149 + if (!(a->parameter->value.sequence=ASN1_STRING_new()))
1.150 + {
1.151 + OPENSSL_free(p);
1.152 + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
1.153 + goto err;
1.154 + }
1.155 + if (!ASN1_STRING_set(a->parameter->value.sequence,p,i))
1.156 + {
1.157 + OPENSSL_free(p);
1.158 + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
1.159 + goto err;
1.160 + }
1.161 + OPENSSL_free(p);
1.162 + }
1.163 +#endif
1.164 +#ifndef OPENSSL_NO_EC
1.165 + else if (pkey->type == EVP_PKEY_EC)
1.166 + {
1.167 + int nid=0;
1.168 + unsigned char *pp;
1.169 + EC_KEY *ec_key;
1.170 + const EC_GROUP *group;
1.171 +
1.172 + ec_key = pkey->pkey.ec;
1.173 + ASN1_TYPE_free(a->parameter);
1.174 +
1.175 + if ((a->parameter = ASN1_TYPE_new()) == NULL)
1.176 + {
1.177 + X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
1.178 + goto err;
1.179 + }
1.180 +
1.181 + group = EC_KEY_get0_group(ec_key);
1.182 + if (EC_GROUP_get_asn1_flag(group)
1.183 + && (nid = EC_GROUP_get_curve_name(group)))
1.184 + {
1.185 + /* just set the OID */
1.186 + a->parameter->type = V_ASN1_OBJECT;
1.187 + a->parameter->value.object = OBJ_nid2obj(nid);
1.188 + }
1.189 + else /* explicit parameters */
1.190 + {
1.191 + if ((i = i2d_ECParameters(ec_key, NULL)) == 0)
1.192 + {
1.193 + X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
1.194 + goto err;
1.195 + }
1.196 + if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
1.197 + {
1.198 + X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
1.199 + goto err;
1.200 + }
1.201 + pp = p;
1.202 + if (!i2d_ECParameters(ec_key, &pp))
1.203 + {
1.204 + X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
1.205 + OPENSSL_free(p);
1.206 + goto err;
1.207 + }
1.208 + a->parameter->type = V_ASN1_SEQUENCE;
1.209 + if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL)
1.210 + {
1.211 + X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
1.212 + OPENSSL_free(p);
1.213 + goto err;
1.214 + }
1.215 + ASN1_STRING_set(a->parameter->value.sequence, p, i);
1.216 + OPENSSL_free(p);
1.217 + }
1.218 + }
1.219 +#endif
1.220 + else if (1)
1.221 + {
1.222 + X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
1.223 + goto err;
1.224 + }
1.225 +
1.226 + if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err;
1.227 + if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL)
1.228 + {
1.229 + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
1.230 + goto err;
1.231 + }
1.232 + p=s;
1.233 + i2d_PublicKey(pkey,&p);
1.234 + if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i))
1.235 + {
1.236 + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
1.237 + goto err;
1.238 + }
1.239 + /* Set number of unused bits to zero */
1.240 + pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
1.241 + pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
1.242 +
1.243 + OPENSSL_free(s);
1.244 +
1.245 +#if 0
1.246 + CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
1.247 + pk->pkey=pkey;
1.248 +#endif
1.249 +
1.250 + if (*x != NULL)
1.251 + X509_PUBKEY_free(*x);
1.252 +
1.253 + *x=pk;
1.254 +
1.255 + return 1;
1.256 +err:
1.257 + if (pk != NULL) X509_PUBKEY_free(pk);
1.258 + return 0;
1.259 + }
1.260 +
1.261 +EXPORT_C EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
1.262 + {
1.263 + EVP_PKEY *ret=NULL;
1.264 + long j;
1.265 + int type;
1.266 + const unsigned char *p;
1.267 +#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
1.268 + const unsigned char *cp;
1.269 + X509_ALGOR *a;
1.270 +#endif
1.271 +
1.272 + if (key == NULL) goto err;
1.273 +
1.274 + if (key->pkey != NULL)
1.275 + {
1.276 + CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
1.277 + return(key->pkey);
1.278 + }
1.279 +
1.280 + if (key->public_key == NULL) goto err;
1.281 +
1.282 + type=OBJ_obj2nid(key->algor->algorithm);
1.283 + if ((ret = EVP_PKEY_new()) == NULL)
1.284 + {
1.285 + X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
1.286 + goto err;
1.287 + }
1.288 + ret->type = EVP_PKEY_type(type);
1.289 +
1.290 + /* the parameters must be extracted before the public key (ECDSA!) */
1.291 +
1.292 +#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
1.293 + a=key->algor;
1.294 +#endif
1.295 +
1.296 + if (0)
1.297 + ;
1.298 +#ifndef OPENSSL_NO_DSA
1.299 + else if (ret->type == EVP_PKEY_DSA)
1.300 + {
1.301 + if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
1.302 + {
1.303 + if ((ret->pkey.dsa = DSA_new()) == NULL)
1.304 + {
1.305 + X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
1.306 + goto err;
1.307 + }
1.308 + ret->pkey.dsa->write_params=0;
1.309 + cp=p=a->parameter->value.sequence->data;
1.310 + j=a->parameter->value.sequence->length;
1.311 + if (!d2i_DSAparams(&ret->pkey.dsa, &cp, (long)j))
1.312 + goto err;
1.313 + }
1.314 + ret->save_parameters=1;
1.315 + }
1.316 +#endif
1.317 +#ifndef OPENSSL_NO_EC
1.318 + else if (ret->type == EVP_PKEY_EC)
1.319 + {
1.320 + if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
1.321 + {
1.322 + /* type == V_ASN1_SEQUENCE => we have explicit parameters
1.323 + * (e.g. parameters in the X9_62_EC_PARAMETERS-structure )
1.324 + */
1.325 + if ((ret->pkey.ec= EC_KEY_new()) == NULL)
1.326 + {
1.327 + X509err(X509_F_X509_PUBKEY_GET,
1.328 + ERR_R_MALLOC_FAILURE);
1.329 + goto err;
1.330 + }
1.331 + cp = p = a->parameter->value.sequence->data;
1.332 + j = a->parameter->value.sequence->length;
1.333 + if (!d2i_ECParameters(&ret->pkey.ec, &cp, (long)j))
1.334 + {
1.335 + X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB);
1.336 + goto err;
1.337 + }
1.338 + }
1.339 + else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT))
1.340 + {
1.341 + /* type == V_ASN1_OBJECT => the parameters are given
1.342 + * by an asn1 OID
1.343 + */
1.344 + EC_KEY *ec_key;
1.345 + EC_GROUP *group;
1.346 +
1.347 + if (ret->pkey.ec == NULL)
1.348 + ret->pkey.ec = EC_KEY_new();
1.349 + ec_key = ret->pkey.ec;
1.350 + if (ec_key == NULL)
1.351 + goto err;
1.352 + group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object));
1.353 + if (group == NULL)
1.354 + goto err;
1.355 + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
1.356 + if (EC_KEY_set_group(ec_key, group) == 0)
1.357 + goto err;
1.358 + EC_GROUP_free(group);
1.359 + }
1.360 + /* the case implicitlyCA is currently not implemented */
1.361 + ret->save_parameters = 1;
1.362 + }
1.363 +#endif
1.364 +
1.365 + p=key->public_key->data;
1.366 + j=key->public_key->length;
1.367 + if (!d2i_PublicKey(type, &ret, &p, (long)j))
1.368 + {
1.369 + X509err(X509_F_X509_PUBKEY_GET, X509_R_ERR_ASN1_LIB);
1.370 + goto err;
1.371 + }
1.372 +
1.373 + key->pkey = ret;
1.374 + CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
1.375 + return(ret);
1.376 +err:
1.377 + if (ret != NULL)
1.378 + EVP_PKEY_free(ret);
1.379 + return(NULL);
1.380 + }
1.381 +
1.382 +/* Now two pseudo ASN1 routines that take an EVP_PKEY structure
1.383 + * and encode or decode as X509_PUBKEY
1.384 + */
1.385 +
1.386 +EXPORT_C EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp,
1.387 + long length)
1.388 + {
1.389 + X509_PUBKEY *xpk;
1.390 + EVP_PKEY *pktmp;
1.391 + xpk = d2i_X509_PUBKEY(NULL, pp, length);
1.392 + if(!xpk) return NULL;
1.393 + pktmp = X509_PUBKEY_get(xpk);
1.394 + X509_PUBKEY_free(xpk);
1.395 + if(!pktmp) return NULL;
1.396 + if(a)
1.397 + {
1.398 + EVP_PKEY_free(*a);
1.399 + *a = pktmp;
1.400 + }
1.401 + return pktmp;
1.402 + }
1.403 +
1.404 +EXPORT_C int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
1.405 + {
1.406 + X509_PUBKEY *xpk=NULL;
1.407 + int ret;
1.408 + if(!a) return 0;
1.409 + if(!X509_PUBKEY_set(&xpk, a)) return 0;
1.410 + ret = i2d_X509_PUBKEY(xpk, pp);
1.411 + X509_PUBKEY_free(xpk);
1.412 + return ret;
1.413 + }
1.414 +
1.415 +/* The following are equivalents but which return RSA and DSA
1.416 + * keys
1.417 + */
1.418 +#ifndef OPENSSL_NO_RSA
1.419 +EXPORT_C RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp,
1.420 + long length)
1.421 + {
1.422 + EVP_PKEY *pkey;
1.423 + RSA *key;
1.424 + const unsigned char *q;
1.425 + q = *pp;
1.426 + pkey = d2i_PUBKEY(NULL, &q, length);
1.427 + if (!pkey) return NULL;
1.428 + key = EVP_PKEY_get1_RSA(pkey);
1.429 + EVP_PKEY_free(pkey);
1.430 + if (!key) return NULL;
1.431 + *pp = q;
1.432 + if (a)
1.433 + {
1.434 + RSA_free(*a);
1.435 + *a = key;
1.436 + }
1.437 + return key;
1.438 + }
1.439 +
1.440 +EXPORT_C int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
1.441 + {
1.442 + EVP_PKEY *pktmp;
1.443 + int ret;
1.444 + if (!a) return 0;
1.445 + pktmp = EVP_PKEY_new();
1.446 + if (!pktmp)
1.447 + {
1.448 + ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
1.449 + return 0;
1.450 + }
1.451 + EVP_PKEY_set1_RSA(pktmp, a);
1.452 + ret = i2d_PUBKEY(pktmp, pp);
1.453 + EVP_PKEY_free(pktmp);
1.454 + return ret;
1.455 + }
1.456 +#endif
1.457 +
1.458 +#ifndef OPENSSL_NO_DSA
1.459 +EXPORT_C DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp,
1.460 + long length)
1.461 + {
1.462 + EVP_PKEY *pkey;
1.463 + DSA *key;
1.464 + const unsigned char *q;
1.465 + q = *pp;
1.466 + pkey = d2i_PUBKEY(NULL, &q, length);
1.467 + if (!pkey) return NULL;
1.468 + key = EVP_PKEY_get1_DSA(pkey);
1.469 + EVP_PKEY_free(pkey);
1.470 + if (!key) return NULL;
1.471 + *pp = q;
1.472 + if (a)
1.473 + {
1.474 + DSA_free(*a);
1.475 + *a = key;
1.476 + }
1.477 + return key;
1.478 + }
1.479 +
1.480 +EXPORT_C int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
1.481 + {
1.482 + EVP_PKEY *pktmp;
1.483 + int ret;
1.484 + if(!a) return 0;
1.485 + pktmp = EVP_PKEY_new();
1.486 + if(!pktmp)
1.487 + {
1.488 + ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
1.489 + return 0;
1.490 + }
1.491 + EVP_PKEY_set1_DSA(pktmp, a);
1.492 + ret = i2d_PUBKEY(pktmp, pp);
1.493 + EVP_PKEY_free(pktmp);
1.494 + return ret;
1.495 + }
1.496 +#endif
1.497 +
1.498 +#ifndef OPENSSL_NO_EC
1.499 +EXPORT_C EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
1.500 + {
1.501 + EVP_PKEY *pkey;
1.502 + EC_KEY *key;
1.503 + const unsigned char *q;
1.504 + q = *pp;
1.505 + pkey = d2i_PUBKEY(NULL, &q, length);
1.506 + if (!pkey) return(NULL);
1.507 + key = EVP_PKEY_get1_EC_KEY(pkey);
1.508 + EVP_PKEY_free(pkey);
1.509 + if (!key) return(NULL);
1.510 + *pp = q;
1.511 + if (a)
1.512 + {
1.513 + EC_KEY_free(*a);
1.514 + *a = key;
1.515 + }
1.516 + return(key);
1.517 + }
1.518 +
1.519 +EXPORT_C int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
1.520 + {
1.521 + EVP_PKEY *pktmp;
1.522 + int ret;
1.523 + if (!a) return(0);
1.524 + if ((pktmp = EVP_PKEY_new()) == NULL)
1.525 + {
1.526 + ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
1.527 + return(0);
1.528 + }
1.529 + EVP_PKEY_set1_EC_KEY(pktmp, a);
1.530 + ret = i2d_PUBKEY(pktmp, pp);
1.531 + EVP_PKEY_free(pktmp);
1.532 + return(ret);
1.533 + }
1.534 +#endif