diff options
| author | beck <> | 2000-12-15 02:58:47 +0000 |
|---|---|---|
| committer | beck <> | 2000-12-15 02:58:47 +0000 |
| commit | 9200bb13d15da4b2a23e6bc92c20e95b74aa2113 (patch) | |
| tree | 5c52d628ec1e34be76e7ef2a4235d248b7c44d24 /src/lib/libcrypto/asn1/n_pkey.c | |
| parent | e131d25072e3d4197ba4b9bcc0d1b27d34d6488d (diff) | |
| download | openbsd-9200bb13d15da4b2a23e6bc92c20e95b74aa2113.tar.gz openbsd-9200bb13d15da4b2a23e6bc92c20e95b74aa2113.tar.bz2 openbsd-9200bb13d15da4b2a23e6bc92c20e95b74aa2113.zip | |
openssl-engine-0.9.6 merge
Diffstat (limited to 'src/lib/libcrypto/asn1/n_pkey.c')
| -rw-r--r-- | src/lib/libcrypto/asn1/n_pkey.c | 62 |
1 files changed, 51 insertions, 11 deletions
diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c index d804986b73..9840193538 100644 --- a/src/lib/libcrypto/asn1/n_pkey.c +++ b/src/lib/libcrypto/asn1/n_pkey.c | |||
| @@ -81,6 +81,11 @@ static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void); | |||
| 81 | static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *); | 81 | static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *); |
| 82 | 82 | ||
| 83 | int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) | 83 | int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) |
| 84 | { | ||
| 85 | return i2d_RSA_NET(a, pp, cb, 0); | ||
| 86 | } | ||
| 87 | |||
| 88 | int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey) | ||
| 84 | { | 89 | { |
| 85 | int i,j,l[6]; | 90 | int i,j,l[6]; |
| 86 | NETSCAPE_PKEY *pkey; | 91 | NETSCAPE_PKEY *pkey; |
| @@ -139,8 +144,8 @@ int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) | |||
| 139 | } | 144 | } |
| 140 | 145 | ||
| 141 | if (pkey->private_key->data != NULL) | 146 | if (pkey->private_key->data != NULL) |
| 142 | Free(pkey->private_key->data); | 147 | OPENSSL_free(pkey->private_key->data); |
| 143 | if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL) | 148 | if ((pkey->private_key->data=(unsigned char *)OPENSSL_malloc(l[0])) == NULL) |
| 144 | { | 149 | { |
| 145 | ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); | 150 | ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); |
| 146 | goto err; | 151 | goto err; |
| @@ -148,7 +153,7 @@ int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) | |||
| 148 | zz=pkey->private_key->data; | 153 | zz=pkey->private_key->data; |
| 149 | i2d_RSAPrivateKey(a,&zz); | 154 | i2d_RSAPrivateKey(a,&zz); |
| 150 | 155 | ||
| 151 | if ((os2.data=(unsigned char *)Malloc(os2.length)) == NULL) | 156 | if ((os2.data=(unsigned char *)OPENSSL_malloc(os2.length)) == NULL) |
| 152 | { | 157 | { |
| 153 | ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); | 158 | ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); |
| 154 | goto err; | 159 | goto err; |
| @@ -164,8 +169,18 @@ int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) | |||
| 164 | ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ); | 169 | ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ); |
| 165 | goto err; | 170 | goto err; |
| 166 | } | 171 | } |
| 167 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf, | 172 | i = strlen((char *)buf); |
| 168 | strlen((char *)buf),1,key,NULL); | 173 | /* If the key is used for SGC the algorithm is modified a little. */ |
| 174 | if(sgckey){ | ||
| 175 | EVP_MD_CTX mctx; | ||
| 176 | EVP_DigestInit(&mctx, EVP_md5()); | ||
| 177 | EVP_DigestUpdate(&mctx, buf, i); | ||
| 178 | EVP_DigestFinal(&mctx, buf, NULL); | ||
| 179 | memcpy(buf + 16, "SGCKEYSALT", 10); | ||
| 180 | i = 26; | ||
| 181 | } | ||
| 182 | |||
| 183 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); | ||
| 169 | memset(buf,0,256); | 184 | memset(buf,0,256); |
| 170 | 185 | ||
| 171 | EVP_CIPHER_CTX_init(&ctx); | 186 | EVP_CIPHER_CTX_init(&ctx); |
| @@ -182,14 +197,20 @@ int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) | |||
| 182 | i2d_ASN1_OCTET_STRING(&os2,&p); | 197 | i2d_ASN1_OCTET_STRING(&os2,&p); |
| 183 | ret=l[5]; | 198 | ret=l[5]; |
| 184 | err: | 199 | err: |
| 185 | if (os2.data != NULL) Free(os2.data); | 200 | if (os2.data != NULL) OPENSSL_free(os2.data); |
| 186 | if (alg != NULL) X509_ALGOR_free(alg); | 201 | if (alg != NULL) X509_ALGOR_free(alg); |
| 187 | if (pkey != NULL) NETSCAPE_PKEY_free(pkey); | 202 | if (pkey != NULL) NETSCAPE_PKEY_free(pkey); |
| 188 | r=r; | 203 | r=r; |
| 189 | return(ret); | 204 | return(ret); |
| 190 | } | 205 | } |
| 191 | 206 | ||
| 207 | |||
| 192 | RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()) | 208 | RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()) |
| 209 | { | ||
| 210 | return d2i_RSA_NET(a, pp, length, cb, 0); | ||
| 211 | } | ||
| 212 | |||
| 213 | RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey) | ||
| 193 | { | 214 | { |
| 194 | RSA *ret=NULL; | 215 | RSA *ret=NULL; |
| 195 | ASN1_OCTET_STRING *os=NULL; | 216 | ASN1_OCTET_STRING *os=NULL; |
| @@ -210,14 +231,24 @@ RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()) | |||
| 210 | } | 231 | } |
| 211 | M_ASN1_BIT_STRING_free(os); | 232 | M_ASN1_BIT_STRING_free(os); |
| 212 | c.q=c.p; | 233 | c.q=c.p; |
| 213 | if ((ret=d2i_Netscape_RSA_2(a,&c.p,c.slen,cb)) == NULL) goto err; | 234 | if ((ret=d2i_RSA_NET_2(a,&c.p,c.slen,cb, sgckey)) == NULL) goto err; |
| 214 | c.slen-=(c.p-c.q); | 235 | /* Note: some versions of IIS key files use length values that are |
| 236 | * too small for the surrounding SEQUENCEs. This following line | ||
| 237 | * effectively disable length checking. | ||
| 238 | */ | ||
| 239 | c.slen = 0; | ||
| 215 | 240 | ||
| 216 | M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA); | 241 | M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA); |
| 217 | } | 242 | } |
| 218 | 243 | ||
| 219 | RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, | 244 | RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, |
| 220 | int (*cb)()) | 245 | int (*cb)()) |
| 246 | { | ||
| 247 | return d2i_RSA_NET_2(a, pp, length, cb, 0); | ||
| 248 | } | ||
| 249 | |||
| 250 | RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length, | ||
| 251 | int (*cb)(), int sgckey) | ||
| 221 | { | 252 | { |
| 222 | NETSCAPE_PKEY *pkey=NULL; | 253 | NETSCAPE_PKEY *pkey=NULL; |
| 223 | RSA *ret=NULL; | 254 | RSA *ret=NULL; |
| @@ -250,8 +281,17 @@ RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, | |||
| 250 | goto err; | 281 | goto err; |
| 251 | } | 282 | } |
| 252 | 283 | ||
| 253 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf, | 284 | i = strlen((char *)buf); |
| 254 | strlen((char *)buf),1,key,NULL); | 285 | if(sgckey){ |
| 286 | EVP_MD_CTX mctx; | ||
| 287 | EVP_DigestInit(&mctx, EVP_md5()); | ||
| 288 | EVP_DigestUpdate(&mctx, buf, i); | ||
| 289 | EVP_DigestFinal(&mctx, buf, NULL); | ||
| 290 | memcpy(buf + 16, "SGCKEYSALT", 10); | ||
| 291 | i = 26; | ||
| 292 | } | ||
| 293 | |||
| 294 | EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); | ||
| 255 | memset(buf,0,256); | 295 | memset(buf,0,256); |
| 256 | 296 | ||
| 257 | EVP_CIPHER_CTX_init(&ctx); | 297 | EVP_CIPHER_CTX_init(&ctx); |
| @@ -334,7 +374,7 @@ static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a) | |||
| 334 | M_ASN1_INTEGER_free(a->version); | 374 | M_ASN1_INTEGER_free(a->version); |
| 335 | X509_ALGOR_free(a->algor); | 375 | X509_ALGOR_free(a->algor); |
| 336 | M_ASN1_OCTET_STRING_free(a->private_key); | 376 | M_ASN1_OCTET_STRING_free(a->private_key); |
| 337 | Free(a); | 377 | OPENSSL_free(a); |
| 338 | } | 378 | } |
| 339 | 379 | ||
| 340 | #endif /* NO_RC4 */ | 380 | #endif /* NO_RC4 */ |