This commit was manufactured by cvs2git to create tag 'OPENBSD_5_2_BASE'.OPENBSD_5_2_BASE

author: cvs2svn <admin@example.com> 2012-07-13 17:49:55 +0000
committer: cvs2svn <admin@example.com> 2012-07-13 17:49:55 +0000
commit: 6fdb436ab2cd5b35066babb3a03be7ad0daf1ae2 (patch)
tree: a760cf389e7ea59961bb306a1f50bf5443205176 /src/lib/libcrypto/pem/pem_info.c
parent: 9204e59073bcf27e1487ec4ac46e981902ddd904 (diff)
download: openbsd-OPENBSD_5_2_BASE.tar.gz
openbsd-OPENBSD_5_2_BASE.tar.bz2
openbsd-OPENBSD_5_2_BASE.zip
1 files changed, 0 insertions, 405 deletions
diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c
deleted file mode 100644
index 1b2be527ed..0000000000
--- a/src/lib/libcrypto/pem/pem_info.c
+++ /dev/null
@@ -1,405 +0,0 @@
-/* crypto/pem/pem_info.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_FP_API
-STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
-        {
-        BIO *b;
-        STACK_OF(X509_INFO) *ret;
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-                {
-                PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB);
-                return(0);
-                }
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_X509_INFO_read_bio(b,sk,cb,u);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
-        {
-        X509_INFO *xi=NULL;
-        char *name=NULL,*header=NULL;
-        void *pp;
-        unsigned char *data=NULL;
-        const unsigned char *p;
-        long len,error=0;
-        int ok=0;
-        STACK_OF(X509_INFO) *ret=NULL;
-        unsigned int i,raw,ptype;
-        d2i_of_void *d2i = 0;
-        if (sk == NULL)
-                {
-                if ((ret=sk_X509_INFO_new_null()) == NULL)
-                        {
-                        PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE);
-                        goto err;
-                        }
-                }
-        else
-                ret=sk;
-        if ((xi=X509_INFO_new()) == NULL) goto err;
-        for (;;)
-                {
-                raw=0;
-                ptype = 0;
-                i=PEM_read_bio(bp,&name,&header,&data,&len);
-                if (i == 0)
-                        {
-                        error=ERR_GET_REASON(ERR_peek_last_error());
-                        if (error == PEM_R_NO_START_LINE)
-                                {
-                                ERR_clear_error();
-                                break;
-                                }
-                        goto err;
-                        }
-start:
-                if (    (strcmp(name,PEM_STRING_X509) == 0) ||
-                        (strcmp(name,PEM_STRING_X509_OLD) == 0))
-                        {
-                        d2i=(D2I_OF(void))d2i_X509;
-                        if (xi->x509 != NULL)
-                                {
-                                if (!sk_X509_INFO_push(ret,xi)) goto err;
-                                if ((xi=X509_INFO_new()) == NULL) goto err;
-                                goto start;
-                                }
-                        pp=&(xi->x509);
-                        }
-                else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0))
-                        {
-                        d2i=(D2I_OF(void))d2i_X509_AUX;
-                        if (xi->x509 != NULL)
-                                {
-                                if (!sk_X509_INFO_push(ret,xi)) goto err;
-                                if ((xi=X509_INFO_new()) == NULL) goto err;
-                                goto start;
-                                }
-                        pp=&(xi->x509);
-                        }
-                else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
-                        {
-                        d2i=(D2I_OF(void))d2i_X509_CRL;
-                        if (xi->crl != NULL)
-                                {
-                                if (!sk_X509_INFO_push(ret,xi)) goto err;
-                                if ((xi=X509_INFO_new()) == NULL) goto err;
-                                goto start;
-                                }
-                        pp=&(xi->crl);
-                        }
-                else
-#ifndef OPENSSL_NO_RSA
-                        if (strcmp(name,PEM_STRING_RSA) == 0)
-                        {
-                        if (xi->x_pkey != NULL) 
-                                {
-                                if (!sk_X509_INFO_push(ret,xi)) goto err;
-                                if ((xi=X509_INFO_new()) == NULL) goto err;
-                                goto start;
-                                }
-                        xi->enc_data=NULL;
-                        xi->enc_len=0;
-                        xi->x_pkey=X509_PKEY_new();
-                        ptype=EVP_PKEY_RSA;
-                        pp=&xi->x_pkey->dec_pkey;
-                        if ((int)strlen(header) > 10) /* assume encrypted */
-                                raw=1;
-                        }
-                else
-#endif
-#ifndef OPENSSL_NO_DSA
-                        if (strcmp(name,PEM_STRING_DSA) == 0)
-                        {
-                        d2i=(D2I_OF(void))d2i_DSAPrivateKey;
-                        if (xi->x_pkey != NULL) 
-                                {
-                                if (!sk_X509_INFO_push(ret,xi)) goto err;
-                                if ((xi=X509_INFO_new()) == NULL) goto err;
-                                goto start;
-                                }
-                        xi->enc_data=NULL;
-                        xi->enc_len=0;
-                        xi->x_pkey=X509_PKEY_new();
-                        ptype = EVP_PKEY_DSA;
-                        pp=&xi->x_pkey->dec_pkey;
-                        if ((int)strlen(header) > 10) /* assume encrypted */
-                                raw=1;
-                        }
-                else
-#endif
-#ifndef OPENSSL_NO_EC
-                        if (strcmp(name,PEM_STRING_ECPRIVATEKEY) == 0)
-                        {
-                                d2i=(D2I_OF(void))d2i_ECPrivateKey;
-                                if (xi->x_pkey != NULL) 
-                                {
-                                        if (!sk_X509_INFO_push(ret,xi)) goto err;
-                                        if ((xi=X509_INFO_new()) == NULL) goto err;
-                                                goto start;
-                                }
- 
-                        xi->enc_data=NULL;
-                        xi->enc_len=0;
- 
-                        xi->x_pkey=X509_PKEY_new();
-                        ptype = EVP_PKEY_EC;
-                        pp=&xi->x_pkey->dec_pkey;
-                        if ((int)strlen(header) > 10) /* assume encrypted */
-                                raw=1;
-                        }
-                else
-#endif
-                        {
-                        d2i=NULL;
-                        pp=NULL;
-                        }
-                if (d2i != NULL)
-                        {
-                        if (!raw)
-                                {
-                                EVP_CIPHER_INFO cipher;
-                                if (!PEM_get_EVP_CIPHER_INFO(header,&cipher))
-                                        goto err;
-                                if (!PEM_do_header(&cipher,data,&len,cb,u))
-                                        goto err;
-                                p=data;
-                                if (ptype)
-                                        {
-                                        if (!d2i_PrivateKey(ptype, pp, &p, len))
-                                                {
-                                                PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
-                                                goto err;
-                                                }
-                                        }
-                                else if (d2i(pp,&p,len) == NULL)
-                                        {
-                                        PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
-                                        goto err;
-                                        }
-                                }
-                        else
-                                { /* encrypted RSA data */
-                                if (!PEM_get_EVP_CIPHER_INFO(header,
-                                        &xi->enc_cipher)) goto err;
-                                xi->enc_data=(char *)data;
-                                xi->enc_len=(int)len;
-                                data=NULL;
-                                }
-                        }
-                else    {
-                        /* unknown */
-                        }
-                if (name != NULL) OPENSSL_free(name);
-                if (header != NULL) OPENSSL_free(header);
-                if (data != NULL) OPENSSL_free(data);
-                name=NULL;
-                header=NULL;
-                data=NULL;
-                }
-        /* if the last one hasn't been pushed yet and there is anything
-         * in it then add it to the stack ... 
-         */
-        if ((xi->x509 != NULL) || (xi->crl != NULL) ||
-                (xi->x_pkey != NULL) || (xi->enc_data != NULL))
-                {
-                if (!sk_X509_INFO_push(ret,xi)) goto err;
-                xi=NULL;
-                }
-        ok=1;
-err:
-        if (xi != NULL) X509_INFO_free(xi);
-        if (!ok)
-                {
-                for (i=0; ((int)i)<sk_X509_INFO_num(ret); i++)
-                        {
-                        xi=sk_X509_INFO_value(ret,i);
-                        X509_INFO_free(xi);
-                        }
-                if (ret != sk) sk_X509_INFO_free(ret);
-                ret=NULL;
-                }
-                
-        if (name != NULL) OPENSSL_free(name);
-        if (header != NULL) OPENSSL_free(header);
-        if (data != NULL) OPENSSL_free(data);
-        return(ret);
-        }
-/* A TJH addition */
-int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
-             unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
-        {
-        EVP_CIPHER_CTX ctx;
-        int i,ret=0;
-        unsigned char *data=NULL;
-        const char *objstr=NULL;
-        char buf[PEM_BUFSIZE];
-        unsigned char *iv=NULL;
-        
-        if (enc != NULL)
-                {
-                objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
-                if (objstr == NULL)
-                        {
-                        PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
-                        goto err;
-                        }
-                }
-        /* now for the fun part ... if we have a private key then 
-         * we have to be able to handle a not-yet-decrypted key
-         * being written out correctly ... if it is decrypted or
-         * it is non-encrypted then we use the base code
-         */
-        if (xi->x_pkey!=NULL)
-                {
-                if ( (xi->enc_data!=NULL) && (xi->enc_len>0) )
-                        {
-                        if (enc == NULL)
-                                {
-                                PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_CIPHER_IS_NULL);
-                                goto err;
-                                }
-                        /* copy from weirdo names into more normal things */
-                        iv=xi->enc_cipher.iv;
-                        data=(unsigned char *)xi->enc_data;
-                        i=xi->enc_len;
-                        /* we take the encryption data from the
-                         * internal stuff rather than what the
-                         * user has passed us ... as we have to 
-                         * match exactly for some strange reason
-                         */
-                        objstr=OBJ_nid2sn(
-                                EVP_CIPHER_nid(xi->enc_cipher.cipher));
-                        if (objstr == NULL)
-                                {
-                                PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
-                                goto err;
-                                }
-                        /* create the right magic header stuff */
-                        OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
-                        buf[0]='\0';
-                        PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-                        PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
-                        /* use the normal code to write things out */
-                        i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
-                        if (i <= 0) goto err;
-                        }
-                else
-                        {
-                        /* Add DSA/DH */
-#ifndef OPENSSL_NO_RSA
-                        /* normal optionally encrypted stuff */
-                        if (PEM_write_bio_RSAPrivateKey(bp,
-                                xi->x_pkey->dec_pkey->pkey.rsa,
-                                enc,kstr,klen,cb,u)<=0)
-                                goto err;
-#endif
-                        }
-                }
-        /* if we have a certificate then write it out now */
-        if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp,xi->x509) <= 0))
-                goto err;
-        /* we are ignoring anything else that is loaded into the X509_INFO
-         * structure for the moment ... as I don't need it so I'm not
-         * coding it here and Eric can do it when this makes it into the
-         * base library --tjh
-         */
-        ret=1;
-err:
-        OPENSSL_cleanse((char *)&ctx,sizeof(ctx));
-        OPENSSL_cleanse(buf,PEM_BUFSIZE);
-        return(ret);
-        }
author	cvs2svn <admin@example.com>	2012-07-13 17:49:55 +0000
committer	cvs2svn <admin@example.com>	2012-07-13 17:49:55 +0000
commit	6fdb436ab2cd5b35066babb3a03be7ad0daf1ae2 (patch)
tree	a760cf389e7ea59961bb306a1f50bf5443205176 /src/lib/libcrypto/pem/pem_info.c
parent	9204e59073bcf27e1487ec4ac46e981902ddd904 (diff)
download	openbsd-OPENBSD_5_2_BASE.tar.gz openbsd-OPENBSD_5_2_BASE.tar.bz2 openbsd-OPENBSD_5_2_BASE.zip

diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c deleted file mode 100644 index 1b2be527ed..0000000000 --- a/src/lib/libcrypto/pem/pem_info.c +++ /dev/null
@@ -1,405 +0,0 @@
1	/* crypto/pem/pem_info.c */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	#include <stdio.h>
60	#include "cryptlib.h"
61	#include <openssl/buffer.h>
62	#include <openssl/objects.h>
63	#include <openssl/evp.h>
64	#include <openssl/x509.h>
65	#include <openssl/pem.h>
66	#ifndef OPENSSL_NO_RSA
67	#include <openssl/rsa.h>
68	#endif
69	#ifndef OPENSSL_NO_DSA
70	#include <openssl/dsa.h>
71	#endif
72
73	#ifndef OPENSSL_NO_FP_API
74	STACK_OF(X509_INFO) PEM_X509_INFO_read(FILE fp, STACK_OF(X509_INFO) sk, pem_password_cb cb, void *u)
75	{
76	BIO *b;
77	STACK_OF(X509_INFO) *ret;
78
79	if ((b=BIO_new(BIO_s_file())) == NULL)
80	{
81	PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB);
82	return(0);
83	}
84	BIO_set_fp(b,fp,BIO_NOCLOSE);
85	ret=PEM_X509_INFO_read_bio(b,sk,cb,u);
86	BIO_free(b);
87	return(ret);
88	}
89	#endif
90
91	STACK_OF(X509_INFO) PEM_X509_INFO_read_bio(BIO bp, STACK_OF(X509_INFO) sk, pem_password_cb cb, void *u)
92	{
93	X509_INFO *xi=NULL;
94	char name=NULL,header=NULL;
95	void *pp;
96	unsigned char *data=NULL;
97	const unsigned char *p;
98	long len,error=0;
99	int ok=0;
100	STACK_OF(X509_INFO) *ret=NULL;
101	unsigned int i,raw,ptype;
102	d2i_of_void *d2i = 0;
103
104	if (sk == NULL)
105	{
106	if ((ret=sk_X509_INFO_new_null()) == NULL)
107	{
108	PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE);
109	goto err;
110	}
111	}
112	else
113	ret=sk;
114
115	if ((xi=X509_INFO_new()) == NULL) goto err;
116	for (;;)
117	{
118	raw=0;
119	ptype = 0;
120	i=PEM_read_bio(bp,&name,&header,&data,&len);
121	if (i == 0)
122	{
123	error=ERR_GET_REASON(ERR_peek_last_error());
124	if (error == PEM_R_NO_START_LINE)
125	{
126	ERR_clear_error();
127	break;
128	}
129	goto err;
130	}
131	start:
132	if ( (strcmp(name,PEM_STRING_X509) == 0) \|\|
133	(strcmp(name,PEM_STRING_X509_OLD) == 0))
134	{
135	d2i=(D2I_OF(void))d2i_X509;
136	if (xi->x509 != NULL)
137	{
138	if (!sk_X509_INFO_push(ret,xi)) goto err;
139	if ((xi=X509_INFO_new()) == NULL) goto err;
140	goto start;
141	}
142	pp=&(xi->x509);
143	}
144	else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0))
145	{
146	d2i=(D2I_OF(void))d2i_X509_AUX;
147	if (xi->x509 != NULL)
148	{
149	if (!sk_X509_INFO_push(ret,xi)) goto err;
150	if ((xi=X509_INFO_new()) == NULL) goto err;
151	goto start;
152	}
153	pp=&(xi->x509);
154	}
155	else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
156	{
157	d2i=(D2I_OF(void))d2i_X509_CRL;
158	if (xi->crl != NULL)
159	{
160	if (!sk_X509_INFO_push(ret,xi)) goto err;
161	if ((xi=X509_INFO_new()) == NULL) goto err;
162	goto start;
163	}
164	pp=&(xi->crl);
165	}
166	else
167	#ifndef OPENSSL_NO_RSA
168	if (strcmp(name,PEM_STRING_RSA) == 0)
169	{
170	if (xi->x_pkey != NULL)
171	{
172	if (!sk_X509_INFO_push(ret,xi)) goto err;
173	if ((xi=X509_INFO_new()) == NULL) goto err;
174	goto start;
175	}
176
177	xi->enc_data=NULL;
178	xi->enc_len=0;
179
180	xi->x_pkey=X509_PKEY_new();
181	ptype=EVP_PKEY_RSA;
182	pp=&xi->x_pkey->dec_pkey;
183	if ((int)strlen(header) > 10) /* assume encrypted */
184	raw=1;
185	}
186	else
187	#endif
188	#ifndef OPENSSL_NO_DSA
189	if (strcmp(name,PEM_STRING_DSA) == 0)
190	{
191	d2i=(D2I_OF(void))d2i_DSAPrivateKey;
192	if (xi->x_pkey != NULL)
193	{
194	if (!sk_X509_INFO_push(ret,xi)) goto err;
195	if ((xi=X509_INFO_new()) == NULL) goto err;
196	goto start;
197	}
198
199	xi->enc_data=NULL;
200	xi->enc_len=0;
201
202	xi->x_pkey=X509_PKEY_new();
203	ptype = EVP_PKEY_DSA;
204	pp=&xi->x_pkey->dec_pkey;
205	if ((int)strlen(header) > 10) /* assume encrypted */
206	raw=1;
207	}
208	else
209	#endif
210	#ifndef OPENSSL_NO_EC
211	if (strcmp(name,PEM_STRING_ECPRIVATEKEY) == 0)
212	{
213	d2i=(D2I_OF(void))d2i_ECPrivateKey;
214	if (xi->x_pkey != NULL)
215	{
216	if (!sk_X509_INFO_push(ret,xi)) goto err;
217	if ((xi=X509_INFO_new()) == NULL) goto err;
218	goto start;
219	}
220
221	xi->enc_data=NULL;
222	xi->enc_len=0;
223
224	xi->x_pkey=X509_PKEY_new();
225	ptype = EVP_PKEY_EC;
226	pp=&xi->x_pkey->dec_pkey;
227	if ((int)strlen(header) > 10) /* assume encrypted */
228	raw=1;
229	}
230	else
231	#endif
232	{
233	d2i=NULL;
234	pp=NULL;
235	}
236
237	if (d2i != NULL)
238	{
239	if (!raw)
240	{
241	EVP_CIPHER_INFO cipher;
242
243	if (!PEM_get_EVP_CIPHER_INFO(header,&cipher))
244	goto err;
245	if (!PEM_do_header(&cipher,data,&len,cb,u))
246	goto err;
247	p=data;
248	if (ptype)
249	{
250	if (!d2i_PrivateKey(ptype, pp, &p, len))
251	{
252	PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
253	goto err;
254	}
255	}
256	else if (d2i(pp,&p,len) == NULL)
257	{
258	PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
259	goto err;
260	}
261	}
262	else
263	{ /* encrypted RSA data */
264	if (!PEM_get_EVP_CIPHER_INFO(header,
265	&xi->enc_cipher)) goto err;
266	xi->enc_data=(char *)data;
267	xi->enc_len=(int)len;
268	data=NULL;
269	}
270	}
271	else {
272	/* unknown */
273	}
274	if (name != NULL) OPENSSL_free(name);
275	if (header != NULL) OPENSSL_free(header);
276	if (data != NULL) OPENSSL_free(data);
277	name=NULL;
278	header=NULL;
279	data=NULL;
280	}
281
282	/* if the last one hasn't been pushed yet and there is anything
283	* in it then add it to the stack ...
284	*/
285	if ((xi->x509 != NULL) \|\| (xi->crl != NULL) \|\|
286	(xi->x_pkey != NULL) \|\| (xi->enc_data != NULL))
287	{
288	if (!sk_X509_INFO_push(ret,xi)) goto err;
289	xi=NULL;
290	}
291	ok=1;
292	err:
293	if (xi != NULL) X509_INFO_free(xi);
294	if (!ok)
295	{
296	for (i=0; ((int)i)<sk_X509_INFO_num(ret); i++)
297	{
298	xi=sk_X509_INFO_value(ret,i);
299	X509_INFO_free(xi);
300	}
301	if (ret != sk) sk_X509_INFO_free(ret);
302	ret=NULL;
303	}
304
305	if (name != NULL) OPENSSL_free(name);
306	if (header != NULL) OPENSSL_free(header);
307	if (data != NULL) OPENSSL_free(data);
308	return(ret);
309	}
310
311
312	/* A TJH addition */
313	int PEM_X509_INFO_write_bio(BIO bp, X509_INFO xi, EVP_CIPHER *enc,
314	unsigned char kstr, int klen, pem_password_cb cb, void *u)
315	{
316	EVP_CIPHER_CTX ctx;
317	int i,ret=0;
318	unsigned char *data=NULL;
319	const char *objstr=NULL;
320	char buf[PEM_BUFSIZE];
321	unsigned char *iv=NULL;
322
323	if (enc != NULL)
324	{
325	objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
326	if (objstr == NULL)
327	{
328	PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
329	goto err;
330	}
331	}
332
333	/* now for the fun part ... if we have a private key then
334	* we have to be able to handle a not-yet-decrypted key
335	* being written out correctly ... if it is decrypted or
336	* it is non-encrypted then we use the base code
337	*/
338	if (xi->x_pkey!=NULL)
339	{
340	if ( (xi->enc_data!=NULL) && (xi->enc_len>0) )
341	{
342	if (enc == NULL)
343	{
344	PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_CIPHER_IS_NULL);
345	goto err;
346	}
347
348	/* copy from weirdo names into more normal things */
349	iv=xi->enc_cipher.iv;
350	data=(unsigned char *)xi->enc_data;
351	i=xi->enc_len;
352
353	/* we take the encryption data from the
354	* internal stuff rather than what the
355	* user has passed us ... as we have to
356	* match exactly for some strange reason
357	*/
358	objstr=OBJ_nid2sn(
359	EVP_CIPHER_nid(xi->enc_cipher.cipher));
360	if (objstr == NULL)
361	{
362	PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
363	goto err;
364	}
365
366	/* create the right magic header stuff */
367	OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
368	buf[0]='\0';
369	PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
370	PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
371
372	/* use the normal code to write things out */
373	i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
374	if (i <= 0) goto err;
375	}
376	else
377	{
378	/* Add DSA/DH */
379	#ifndef OPENSSL_NO_RSA
380	/* normal optionally encrypted stuff */
381	if (PEM_write_bio_RSAPrivateKey(bp,
382	xi->x_pkey->dec_pkey->pkey.rsa,
383	enc,kstr,klen,cb,u)<=0)
384	goto err;
385	#endif
386	}
387	}
388
389	/* if we have a certificate then write it out now */
390	if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp,xi->x509) <= 0))
391	goto err;
392
393	/* we are ignoring anything else that is loaded into the X509_INFO
394	* structure for the moment ... as I don't need it so I'm not
395	* coding it here and Eric can do it when this makes it into the
396	* base library --tjh
397	*/
398
399	ret=1;
400
401	err:
402	OPENSSL_cleanse((char *)&ctx,sizeof(ctx));
403	OPENSSL_cleanse(buf,PEM_BUFSIZE);
404	return(ret);
405	}