OLD | NEW |
1 /* crypto/pem/pem_all.c */ | 1 /* crypto/pem/pem_all.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
103 * OF THE POSSIBILITY OF SUCH DAMAGE. | 103 * OF THE POSSIBILITY OF SUCH DAMAGE. |
104 * ==================================================================== | 104 * ==================================================================== |
105 * | 105 * |
106 * This product includes cryptographic software written by Eric Young | 106 * This product includes cryptographic software written by Eric Young |
107 * (eay@cryptsoft.com). This product includes software written by Tim | 107 * (eay@cryptsoft.com). This product includes software written by Tim |
108 * Hudson (tjh@cryptsoft.com). | 108 * Hudson (tjh@cryptsoft.com). |
109 * | 109 * |
110 */ | 110 */ |
111 | 111 |
112 #include <stdio.h> | 112 #include <stdio.h> |
113 #undef SSLEAY_MACROS | |
114 #include "cryptlib.h" | 113 #include "cryptlib.h" |
115 #include <openssl/bio.h> | 114 #include <openssl/bio.h> |
116 #include <openssl/evp.h> | 115 #include <openssl/evp.h> |
117 #include <openssl/x509.h> | 116 #include <openssl/x509.h> |
118 #include <openssl/pkcs7.h> | 117 #include <openssl/pkcs7.h> |
119 #include <openssl/pem.h> | 118 #include <openssl/pem.h> |
120 #ifndef OPENSSL_NO_RSA | 119 #ifndef OPENSSL_NO_RSA |
121 #include <openssl/rsa.h> | 120 #include <openssl/rsa.h> |
122 #endif | 121 #endif |
123 #ifndef OPENSSL_NO_DSA | 122 #ifndef OPENSSL_NO_DSA |
(...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
187 RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, | 186 RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, |
188 void *u) | 187 void *u) |
189 { | 188 { |
190 EVP_PKEY *pktmp; | 189 EVP_PKEY *pktmp; |
191 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); | 190 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); |
192 return pkey_get_rsa(pktmp, rsa); | 191 return pkey_get_rsa(pktmp, rsa); |
193 } | 192 } |
194 | 193 |
195 #endif | 194 #endif |
196 | 195 |
197 #ifdef OPENSSL_FIPS | |
198 | |
199 int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc, | |
200 unsigned char *kstr, int klen, | |
201 pem_password_cb *cb, void *u) | |
202 { | |
203 EVP_PKEY *k; | |
204 int ret; | |
205 k = EVP_PKEY_new(); | |
206 if (!k) | |
207 return 0; | |
208 EVP_PKEY_set1_RSA(k, x); | |
209 | |
210 ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); | |
211 EVP_PKEY_free(k); | |
212 return ret; | |
213 } | |
214 | |
215 #ifndef OPENSSL_NO_FP_API | |
216 int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc, | |
217 unsigned char *kstr, int klen, | |
218 pem_password_cb *cb, void *u) | |
219 { | |
220 EVP_PKEY *k; | |
221 int ret; | |
222 k = EVP_PKEY_new(); | |
223 if (!k) | |
224 return 0; | |
225 | |
226 EVP_PKEY_set1_RSA(k, x); | |
227 | |
228 ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); | |
229 EVP_PKEY_free(k); | |
230 return ret; | |
231 } | |
232 #endif | |
233 | |
234 #else | |
235 | |
236 IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) | 196 IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) |
237 | |
238 #endif | |
239 | |
240 IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) | 197 IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) |
241 IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) | 198 IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) |
242 | 199 |
243 #endif | 200 #endif |
244 | 201 |
245 #ifndef OPENSSL_NO_DSA | 202 #ifndef OPENSSL_NO_DSA |
246 | 203 |
247 static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa) | 204 static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa) |
248 { | 205 { |
249 DSA *dtmp; | 206 DSA *dtmp; |
250 if(!key) return NULL; | 207 if(!key) return NULL; |
251 dtmp = EVP_PKEY_get1_DSA(key); | 208 dtmp = EVP_PKEY_get1_DSA(key); |
252 EVP_PKEY_free(key); | 209 EVP_PKEY_free(key); |
253 if(!dtmp) return NULL; | 210 if(!dtmp) return NULL; |
254 if(dsa) { | 211 if(dsa) { |
255 DSA_free(*dsa); | 212 DSA_free(*dsa); |
256 *dsa = dtmp; | 213 *dsa = dtmp; |
257 } | 214 } |
258 return dtmp; | 215 return dtmp; |
259 } | 216 } |
260 | 217 |
261 DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, | 218 DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, |
262 void *u) | 219 void *u) |
263 { | 220 { |
264 EVP_PKEY *pktmp; | 221 EVP_PKEY *pktmp; |
265 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); | 222 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); |
266 » return pkey_get_dsa(pktmp, dsa); | 223 » return pkey_get_dsa(pktmp, dsa);» /* will free pktmp */ |
267 } | 224 } |
268 | 225 |
269 #ifdef OPENSSL_FIPS | |
270 | |
271 int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc, | |
272 unsigned char *kstr, int klen, | |
273 pem_password_cb *cb, void *u) | |
274 { | |
275 EVP_PKEY *k; | |
276 int ret; | |
277 k = EVP_PKEY_new(); | |
278 if (!k) | |
279 return 0; | |
280 EVP_PKEY_set1_DSA(k, x); | |
281 | |
282 ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); | |
283 EVP_PKEY_free(k); | |
284 return ret; | |
285 } | |
286 | |
287 #ifndef OPENSSL_NO_FP_API | |
288 int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc, | |
289 unsigned char *kstr, int klen, | |
290 pem_password_cb *cb, void *u) | |
291 { | |
292 EVP_PKEY *k; | |
293 int ret; | |
294 k = EVP_PKEY_new(); | |
295 if (!k) | |
296 return 0; | |
297 EVP_PKEY_set1_DSA(k, x); | |
298 ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); | |
299 EVP_PKEY_free(k); | |
300 return ret; | |
301 } | |
302 #endif | |
303 | |
304 #else | |
305 | |
306 IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) | 226 IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) |
307 | |
308 #endif | |
309 | |
310 IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) | 227 IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) |
311 | 228 |
312 #ifndef OPENSSL_NO_FP_API | 229 #ifndef OPENSSL_NO_FP_API |
313 | 230 |
314 DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, | 231 DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, |
315 void *u) | 232 void *u) |
316 { | 233 { |
317 EVP_PKEY *pktmp; | 234 EVP_PKEY *pktmp; |
318 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); | 235 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); |
319 » return pkey_get_dsa(pktmp, dsa); | 236 » return pkey_get_dsa(pktmp, dsa);» /* will free pktmp */ |
320 } | 237 } |
321 | 238 |
322 #endif | 239 #endif |
323 | 240 |
324 IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) | 241 IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) |
325 | 242 |
326 #endif | 243 #endif |
327 | 244 |
328 | 245 |
329 #ifndef OPENSSL_NO_EC | 246 #ifndef OPENSSL_NO_EC |
(...skipping 10 matching lines...) Expand all Loading... |
340 *eckey = dtmp; | 257 *eckey = dtmp; |
341 } | 258 } |
342 return dtmp; | 259 return dtmp; |
343 } | 260 } |
344 | 261 |
345 EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, | 262 EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, |
346 void *u) | 263 void *u) |
347 { | 264 { |
348 EVP_PKEY *pktmp; | 265 EVP_PKEY *pktmp; |
349 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); | 266 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); |
350 » return pkey_get_eckey(pktmp, key); | 267 » return pkey_get_eckey(pktmp, key);» /* will free pktmp */ |
351 } | 268 } |
352 | 269 |
353 IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKPa
rameters) | 270 IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKPa
rameters) |
354 | 271 |
355 | |
356 | |
357 #ifdef OPENSSL_FIPS | |
358 | |
359 int PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, const EVP_CIPHER *enc, | |
360 unsigned char *kstr, int klen, | |
361 pem_password_cb *cb, void *u) | |
362 { | |
363 EVP_PKEY *k; | |
364 int ret; | |
365 k = EVP_PKEY_new(); | |
366 if (!k) | |
367 return 0; | |
368 EVP_PKEY_set1_EC_KEY(k, x); | |
369 | |
370 ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); | |
371 EVP_PKEY_free(k); | |
372 return ret; | |
373 } | |
374 | |
375 #ifndef OPENSSL_NO_FP_API | |
376 int PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc, | |
377 unsigned char *kstr, int klen, | |
378 pem_password_cb *cb, void *u) | |
379 { | |
380 EVP_PKEY *k; | |
381 int ret; | |
382 k = EVP_PKEY_new(); | |
383 if (!k) | |
384 return 0; | |
385 EVP_PKEY_set1_EC_KEY(k, x); | |
386 ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); | |
387 EVP_PKEY_free(k); | |
388 return ret; | |
389 } | |
390 #endif | |
391 | |
392 #else | |
393 | |
394 IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateK
ey) | 272 IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateK
ey) |
395 | 273 |
396 #endif | |
397 | |
398 IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) | 274 IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) |
399 | 275 |
400 #ifndef OPENSSL_NO_FP_API | 276 #ifndef OPENSSL_NO_FP_API |
401 | 277 |
402 EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, | 278 EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, |
403 void *u) | 279 void *u) |
404 { | 280 { |
405 EVP_PKEY *pktmp; | 281 EVP_PKEY *pktmp; |
406 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); | 282 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); |
407 » return pkey_get_eckey(pktmp, eckey); | 283 » return pkey_get_eckey(pktmp, eckey);» /* will free pktmp */ |
408 } | 284 } |
409 | 285 |
410 #endif | 286 #endif |
411 | 287 |
412 #endif | 288 #endif |
413 | 289 |
414 #ifndef OPENSSL_NO_DH | 290 #ifndef OPENSSL_NO_DH |
415 | 291 |
416 IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) | 292 IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) |
417 | 293 |
418 #endif | 294 #endif |
419 | 295 |
420 | |
421 /* The PrivateKey case is not that straightforward. | |
422 * IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey) | |
423 * does not work, RSA and DSA keys have specific strings. | |
424 * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything | |
425 * appropriate.) | |
426 */ | |
427 | |
428 #ifdef OPENSSL_FIPS | |
429 | |
430 static const char *pkey_str(EVP_PKEY *x) | |
431 { | |
432 switch (x->type) | |
433 { | |
434 case EVP_PKEY_RSA: | |
435 return PEM_STRING_RSA; | |
436 | |
437 case EVP_PKEY_DSA: | |
438 return PEM_STRING_DSA; | |
439 | |
440 case EVP_PKEY_EC: | |
441 return PEM_STRING_ECPRIVATEKEY; | |
442 | |
443 default: | |
444 return NULL; | |
445 } | |
446 } | |
447 | |
448 | |
449 int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, | |
450 unsigned char *kstr, int klen, | |
451 pem_password_cb *cb, void *u) | |
452 { | |
453 if (FIPS_mode()) | |
454 return PEM_write_bio_PKCS8PrivateKey(bp, x, enc, | |
455 (char *)kstr, klen, cb, u); | |
456 else | |
457 return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, | |
458 pkey_str(x), bp,(char *)x,enc,kstr,klen,cb,u); | |
459 } | |
460 | |
461 #ifndef OPENSSL_NO_FP_API | |
462 int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, | |
463 unsigned char *kstr, int klen, | |
464 pem_password_cb *cb, void *u) | |
465 { | |
466 if (FIPS_mode()) | |
467 return PEM_write_PKCS8PrivateKey(fp, x, enc, | |
468 (char *)kstr, klen, cb, u); | |
469 else | |
470 return PEM_ASN1_write((i2d_of_void *)i2d_PrivateKey, | |
471 pkey_str(x), fp,(char *)x,enc,kstr,klen,cb,u); | |
472 } | |
473 #endif | |
474 | |
475 #else | |
476 IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRI
NG_DSA:\ | |
477 (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPR
IVATEKEY), PrivateKey) | |
478 | |
479 #endif | |
480 | |
481 IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) | 296 IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) |
482 | |
OLD | NEW |