generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Change so PEM private key read routines can handle PKCS#8 transparently.

Browse Source
This commit is contained in:
Dr. Stephen Henson 1999-06-05 18:40:51 +00:00
parent e7871ffaa8
commit 095ce35378
1 changed files with 35 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
crypto/pem/pem_lib.c
View File

@ -64,6 +64,7 @@
#include <openssl/rand.h> #include <openssl/rand.h>
#include <openssl/x509.h> #include <openssl/x509.h>
#include <openssl/pem.h> #include <openssl/pem.h>
#include <openssl/pkcs12.h>
#ifndef NO_DES #ifndef NO_DES
#include <openssl/des.h> #include <openssl/des.h>
#endif #endif
@ -71,6 +72,7 @@
const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT; const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
#define MIN_LENGTH 4 #define MIN_LENGTH 4
#define PEM_BUFSIZE 1024
static int def_callback(char *buf, int num, int w); static int def_callback(char *buf, int num, int w);
static int load_iv(unsigned char **fromp,unsigned char *to, int num); static int load_iv(unsigned char **fromp,unsigned char *to, int num);
@ -183,6 +185,10 @@ char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x,
(strcmp(name,PEM_STRING_EVP_PKEY) == 0)) || (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
((strcmp(nm,PEM_STRING_DSA) == 0) && ((strcmp(nm,PEM_STRING_DSA) == 0) &&
(strcmp(name,PEM_STRING_EVP_PKEY) == 0)) || (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
((strcmp(nm,PEM_STRING_PKCS8) == 0) &&
(strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
((strcmp(nm,PEM_STRING_PKCS8INF) == 0) &&
(strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
((strcmp(nm,PEM_STRING_X509_OLD) == 0) && ((strcmp(nm,PEM_STRING_X509_OLD) == 0) &&
(strcmp(name,PEM_STRING_X509) == 0)) || (strcmp(name,PEM_STRING_X509) == 0)) ||
((strcmp(nm,PEM_STRING_X509_REQ_OLD) == 0) && ((strcmp(nm,PEM_STRING_X509_REQ_OLD) == 0) &&
@ -196,15 +202,39 @@ char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x,
if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err; if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
if (!PEM_do_header(&cipher,data,&len,cb)) goto err; if (!PEM_do_header(&cipher,data,&len,cb)) goto err;
p=data; p=data;
if (strcmp(name,PEM_STRING_EVP_PKEY) == 0) if (strcmp(name,PEM_STRING_EVP_PKEY) == 0) {
{
if (strcmp(nm,PEM_STRING_RSA) == 0) if (strcmp(nm,PEM_STRING_RSA) == 0)
ret=d2i(EVP_PKEY_RSA,x,&p,len); ret=d2i(EVP_PKEY_RSA,x,&p,len);
else if (strcmp(nm,PEM_STRING_DSA) == 0) else if (strcmp(nm,PEM_STRING_DSA) == 0)
ret=d2i(EVP_PKEY_DSA,x,&p,len); ret=d2i(EVP_PKEY_DSA,x,&p,len);
else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
PKCS8_PRIV_KEY_INFO *p8inf;
p8inf=d2i_PKCS8_PRIV_KEY_INFO(
(PKCS8_PRIV_KEY_INFO **) x, &p, len);
ret = (char *)EVP_PKCS82PKEY(p8inf);
PKCS8_PRIV_KEY_INFO_free(p8inf);
} else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
PKCS8_PRIV_KEY_INFO *p8inf;
X509_SIG *p8;
int klen;
char psbuf[PEM_BUFSIZE];
p8 = d2i_X509_SIG((X509_SIG **)x, &p, len);
if(!p8) goto p8err;
if (cb) klen=cb(psbuf,PEM_BUFSIZE,0);
else klen=def_callback(psbuf,PEM_BUFSIZE,0);
if (klen <= 0) {
PEMerr(PEM_F_PEM_ASN1_READ_BIO,
PEM_R_BAD_PASSWORD_READ);
goto err;
} }
else p8inf = M_PKCS8_decrypt(p8, psbuf, klen);
ret=d2i(x,&p,len); X509_SIG_free(p8);
if(!p8inf) goto p8err;
ret = (char *)EVP_PKCS82PKEY(p8inf);
PKCS8_PRIV_KEY_INFO_free(p8inf);
}
} else ret=d2i(x,&p,len);
p8err:
if (ret == NULL) if (ret == NULL)
PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
err: err:
@ -242,7 +272,6 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
int dsize=0,i,j,ret=0; int dsize=0,i,j,ret=0;
unsigned char *p,*data=NULL; unsigned char *p,*data=NULL;
const char *objstr=NULL; const char *objstr=NULL;
#define PEM_BUFSIZE 1024
char buf[PEM_BUFSIZE]; char buf[PEM_BUFSIZE];
unsigned char key[EVP_MAX_KEY_LENGTH]; unsigned char key[EVP_MAX_KEY_LENGTH];
unsigned char iv[EVP_MAX_IV_LENGTH]; unsigned char iv[EVP_MAX_IV_LENGTH];