summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pem
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>1999-10-10 21:32:04 +0000
committercvs2svn <admin@example.com>1999-10-10 21:32:04 +0000
commit9b77a555b5e85a4473f23ac7342ddfb4d9ff309d (patch)
treedae5e50679bccd1ed8d7d4041fbb9f3d96bbc98c /src/lib/libcrypto/pem
parent3ef9529fbf0c1f8f1c9da1172e92ad3370d5fcfe (diff)
downloadopenbsd-OPENBSD_2_6.tar.gz
openbsd-OPENBSD_2_6.tar.bz2
openbsd-OPENBSD_2_6.zip
This commit was manufactured by cvs2git to create branch 'OPENBSD_2_6'.OPENBSD_2_6
Diffstat (limited to 'src/lib/libcrypto/pem')
-rw-r--r--src/lib/libcrypto/pem/message16
-rw-r--r--src/lib/libcrypto/pem/pem.h625
-rw-r--r--src/lib/libcrypto/pem/pem2.h60
-rw-r--r--src/lib/libcrypto/pem/pem_all.c113
-rw-r--r--src/lib/libcrypto/pem/pem_err.c127
-rw-r--r--src/lib/libcrypto/pem/pem_info.c353
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c803
-rw-r--r--src/lib/libcrypto/pem/pem_seal.c178
-rw-r--r--src/lib/libcrypto/pem/pem_sign.c102
-rw-r--r--src/lib/libcrypto/pem/pkcs7.lis22
10 files changed, 0 insertions, 2399 deletions
diff --git a/src/lib/libcrypto/pem/message b/src/lib/libcrypto/pem/message
deleted file mode 100644
index e8bf9d7592..0000000000
--- a/src/lib/libcrypto/pem/message
+++ /dev/null
@@ -1,16 +0,0 @@
1-----BEGIN PRIVACY-ENHANCED MESSAGE-----
2Proc-Type: 4,ENCRYPTED
3Proc-Type: 4,MIC-ONLY
4Proc-Type: 4,MIC-CLEAR
5Content-Domain: RFC822
6DEK-Info: DES-CBC,0123456789abcdef
7Originator-Certificate
8 xxxx
9Issuer-Certificate
10 xxxx
11MIC-Info: RSA-MD5,RSA,
12 xxxx
13
14
15-----END PRIVACY-ENHANCED MESSAGE-----
16
diff --git a/src/lib/libcrypto/pem/pem.h b/src/lib/libcrypto/pem/pem.h
deleted file mode 100644
index fc333e42c8..0000000000
--- a/src/lib/libcrypto/pem/pem.h
+++ /dev/null
@@ -1,625 +0,0 @@
1/* crypto/pem/pem.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_PEM_H
60#define HEADER_PEM_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66#include <openssl/evp.h>
67#include <openssl/x509.h>
68#include <openssl/pem2.h>
69
70#define PEM_BUFSIZE 1024
71
72#define PEM_OBJ_UNDEF 0
73#define PEM_OBJ_X509 1
74#define PEM_OBJ_X509_REQ 2
75#define PEM_OBJ_CRL 3
76#define PEM_OBJ_SSL_SESSION 4
77#define PEM_OBJ_PRIV_KEY 10
78#define PEM_OBJ_PRIV_RSA 11
79#define PEM_OBJ_PRIV_DSA 12
80#define PEM_OBJ_PRIV_DH 13
81#define PEM_OBJ_PUB_RSA 14
82#define PEM_OBJ_PUB_DSA 15
83#define PEM_OBJ_PUB_DH 16
84#define PEM_OBJ_DHPARAMS 17
85#define PEM_OBJ_DSAPARAMS 18
86#define PEM_OBJ_PRIV_RSA_PUBLIC 19
87
88#define PEM_ERROR 30
89#define PEM_DEK_DES_CBC 40
90#define PEM_DEK_IDEA_CBC 45
91#define PEM_DEK_DES_EDE 50
92#define PEM_DEK_DES_ECB 60
93#define PEM_DEK_RSA 70
94#define PEM_DEK_RSA_MD2 80
95#define PEM_DEK_RSA_MD5 90
96
97#define PEM_MD_MD2 NID_md2
98#define PEM_MD_MD5 NID_md5
99#define PEM_MD_SHA NID_sha
100#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
101#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
102#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
103
104#define PEM_STRING_X509_OLD "X509 CERTIFICATE"
105#define PEM_STRING_X509 "CERTIFICATE"
106#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
107#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
108#define PEM_STRING_X509_CRL "X509 CRL"
109#define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
110#define PEM_STRING_RSA "RSA PRIVATE KEY"
111#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
112#define PEM_STRING_DSA "DSA PRIVATE KEY"
113#define PEM_STRING_PKCS7 "PKCS7"
114#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
115#define PEM_STRING_PKCS8INF "PRIVATE KEY"
116#define PEM_STRING_DHPARAMS "DH PARAMETERS"
117#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
118#define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
119
120
121typedef struct PEM_Encode_Seal_st
122 {
123 EVP_ENCODE_CTX encode;
124 EVP_MD_CTX md;
125 EVP_CIPHER_CTX cipher;
126 } PEM_ENCODE_SEAL_CTX;
127
128/* enc_type is one off */
129#define PEM_TYPE_ENCRYPTED 10
130#define PEM_TYPE_MIC_ONLY 20
131#define PEM_TYPE_MIC_CLEAR 30
132#define PEM_TYPE_CLEAR 40
133
134typedef struct pem_recip_st
135 {
136 char *name;
137 X509_NAME *dn;
138
139 int cipher;
140 int key_enc;
141 char iv[8];
142 } PEM_USER;
143
144typedef struct pem_ctx_st
145 {
146 int type; /* what type of object */
147
148 struct {
149 int version;
150 int mode;
151 } proc_type;
152
153 char *domain;
154
155 struct {
156 int cipher;
157 unsigned char iv[8];
158 } DEK_info;
159
160 PEM_USER *originator;
161
162 int num_recipient;
163 PEM_USER **recipient;
164
165#ifdef HEADER_STACK_H
166 STACK *x509_chain; /* certificate chain */
167#else
168 char *x509_chain; /* certificate chain */
169#endif
170 EVP_MD *md; /* signature type */
171
172 int md_enc; /* is the md encrypted or not? */
173 int md_len; /* length of md_data */
174 char *md_data; /* message digest, could be pkey encrypted */
175
176 EVP_CIPHER *dec; /* date encryption cipher */
177 int key_len; /* key length */
178 unsigned char *key; /* key */
179 unsigned char iv[8]; /* the iv */
180
181
182 int data_enc; /* is the data encrypted */
183 int data_len;
184 unsigned char *data;
185 } PEM_CTX;
186
187/* These macros make the PEM_read/PEM_write functions easier to maintain and
188 * write. Now they are all implemented with either:
189 * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...)
190 */
191
192#ifdef NO_FP_API
193
194#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
195#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
196#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
197
198#else
199
200#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
201type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
202{ \
203return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,\
204 cb,u)); \
205} \
206
207#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
208int PEM_write_##name(FILE *fp, type *x) \
209{ \
210return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \
211 NULL,NULL,0,NULL,NULL)); \
212}
213
214#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
215int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
216 unsigned char *kstr, int klen, pem_password_cb *cb, \
217 void *u) \
218 { \
219 return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \
220 (char *)x,enc,kstr,klen,cb,u)); \
221 }
222
223#endif
224
225#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
226type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
227{ \
228return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\
229 (char **)x,cb,u)); \
230}
231
232#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
233int PEM_write_bio_##name(BIO *bp, type *x) \
234{ \
235return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \
236 NULL,NULL,0,NULL,NULL)); \
237}
238
239#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
240int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
241 unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
242 { \
243 return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \
244 (char *)x,enc,kstr,klen,cb,u)); \
245 }
246
247#define IMPLEMENT_PEM_write(name, type, str, asn1) \
248 IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
249 IMPLEMENT_PEM_write_fp(name, type, str, asn1)
250
251#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
252 IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
253 IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
254
255#define IMPLEMENT_PEM_read(name, type, str, asn1) \
256 IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
257 IMPLEMENT_PEM_read_fp(name, type, str, asn1)
258
259#define IMPLEMENT_PEM_rw(name, type, str, asn1) \
260 IMPLEMENT_PEM_read(name, type, str, asn1) \
261 IMPLEMENT_PEM_write(name, type, str, asn1)
262
263#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
264 IMPLEMENT_PEM_read(name, type, str, asn1) \
265 IMPLEMENT_PEM_write_cb(name, type, str, asn1)
266
267/* These are the same except they are for the declarations */
268
269#if defined(WIN16) || defined(NO_FP_API)
270
271#define DECLARE_PEM_read_fp(name, type) /**/
272#define DECLARE_PEM_write_fp(name, type) /**/
273#define DECLARE_PEM_write_cb_fp(name, type) /**/
274
275#else
276
277#define DECLARE_PEM_read_fp(name, type) \
278 type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
279
280#define DECLARE_PEM_write_fp(name, type) \
281 int PEM_write_##name(FILE *fp, type *x);
282
283#define DECLARE_PEM_write_cb_fp(name, type) \
284 int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
285 unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
286
287#endif
288
289#ifdef HEADER_BIO_H
290#define DECLARE_PEM_read_bio(name, type) \
291 type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
292
293#define DECLARE_PEM_write_bio(name, type) \
294 int PEM_write_bio_##name(BIO *bp, type *x);
295
296#define DECLARE_PEM_write_cb_bio(name, type) \
297 int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
298 unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
299
300#else
301
302#define DECLARE_PEM_read_bio(name, type) /**/
303#define DECLARE_PEM_write_bio(name, type) /**/
304#define DECLARE_PEM_write_cb_bio(name, type) /**/
305
306#endif
307
308#define DECLARE_PEM_write(name, type) \
309 DECLARE_PEM_write_bio(name, type) \
310 DECLARE_PEM_write_fp(name, type)
311
312#define DECLARE_PEM_write_cb(name, type) \
313 DECLARE_PEM_write_cb_bio(name, type) \
314 DECLARE_PEM_write_cb_fp(name, type)
315
316#define DECLARE_PEM_read(name, type) \
317 DECLARE_PEM_read_bio(name, type) \
318 DECLARE_PEM_read_fp(name, type)
319
320#define DECLARE_PEM_rw(name, type) \
321 DECLARE_PEM_read(name, type) \
322 DECLARE_PEM_write(name, type)
323
324#define DECLARE_PEM_rw_cb(name, type) \
325 DECLARE_PEM_read(name, type) \
326 DECLARE_PEM_write_cb(name, type)
327
328#ifdef SSLEAY_MACROS
329
330#define PEM_write_SSL_SESSION(fp,x) \
331 PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
332 PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
333#define PEM_write_X509(fp,x) \
334 PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
335 (char *)x, NULL,NULL,0,NULL,NULL)
336#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
337 (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
338 NULL,NULL,0,NULL,NULL)
339#define PEM_write_X509_CRL(fp,x) \
340 PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
341 fp,(char *)x, NULL,NULL,0,NULL,NULL)
342#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
343 PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
344 (char *)x,enc,kstr,klen,cb,u)
345#define PEM_write_RSAPublicKey(fp,x) \
346 PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
347 PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
348#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
349 PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
350 (char *)x,enc,kstr,klen,cb,u)
351#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
352 PEM_ASN1_write((int (*)())i2d_PrivateKey,\
353 (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
354 bp,(char *)x,enc,kstr,klen,cb,u)
355#define PEM_write_PKCS7(fp,x) \
356 PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
357 (char *)x, NULL,NULL,0,NULL,NULL)
358#define PEM_write_DHparams(fp,x) \
359 PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
360 (char *)x,NULL,NULL,0,NULL,NULL)
361
362#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \
363 PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
364 PEM_STRING_X509,fp, \
365 (char *)x, NULL,NULL,0,NULL,NULL)
366
367#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
368 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
369#define PEM_read_X509(fp,x,cb,u) (X509 *)PEM_ASN1_read( \
370 (char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb,u)
371#define PEM_read_X509_REQ(fp,x,cb,u) (X509_REQ *)PEM_ASN1_read( \
372 (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb,u)
373#define PEM_read_X509_CRL(fp,x,cb,u) (X509_CRL *)PEM_ASN1_read( \
374 (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb,u)
375#define PEM_read_RSAPrivateKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
376 (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb,u)
377#define PEM_read_RSAPublicKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
378 (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb,u)
379#define PEM_read_DSAPrivateKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
380 (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb,u)
381#define PEM_read_PrivateKey(fp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read( \
382 (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb,u)
383#define PEM_read_PKCS7(fp,x,cb,u) (PKCS7 *)PEM_ASN1_read( \
384 (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb,u)
385#define PEM_read_DHparams(fp,x,cb,u) (DH *)PEM_ASN1_read( \
386 (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb,u)
387
388#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb,u) \
389 (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \
390 (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\
391 (char **)x,cb,u)
392
393#define PEM_write_bio_SSL_SESSION(bp,x) \
394 PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
395 PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
396#define PEM_write_bio_X509(bp,x) \
397 PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
398 (char *)x, NULL,NULL,0,NULL,NULL)
399#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
400 (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
401 NULL,NULL,0,NULL,NULL)
402#define PEM_write_bio_X509_CRL(bp,x) \
403 PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
404 bp,(char *)x, NULL,NULL,0,NULL,NULL)
405#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
406 PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
407 bp,(char *)x,enc,kstr,klen,cb,u)
408#define PEM_write_bio_RSAPublicKey(bp,x) \
409 PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
410 PEM_STRING_RSA_PUBLIC,\
411 bp,(char *)x,NULL,NULL,0,NULL,NULL)
412#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
413 PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
414 bp,(char *)x,enc,kstr,klen,cb,u)
415#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
416 PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
417 (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
418 bp,(char *)x,enc,kstr,klen,cb,u)
419#define PEM_write_bio_PKCS7(bp,x) \
420 PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
421 (char *)x, NULL,NULL,0,NULL,NULL)
422#define PEM_write_bio_DHparams(bp,x) \
423 PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
424 bp,(char *)x,NULL,NULL,0,NULL,NULL)
425#define PEM_write_bio_DSAparams(bp,x) \
426 PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
427 PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL,NULL)
428
429#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \
430 PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
431 PEM_STRING_X509,bp, \
432 (char *)x, NULL,NULL,0,NULL,NULL)
433
434#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
435 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
436#define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \
437 (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u)
438#define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \
439 (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb,u)
440#define PEM_read_bio_X509_CRL(bp,x,cb,u) (X509_CRL *)PEM_ASN1_read_bio( \
441 (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb,u)
442#define PEM_read_bio_RSAPrivateKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
443 (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb,u)
444#define PEM_read_bio_RSAPublicKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
445 (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb,u)
446#define PEM_read_bio_DSAPrivateKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
447 (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb,u)
448#define PEM_read_bio_PrivateKey(bp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read_bio( \
449 (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb,u)
450
451#define PEM_read_bio_PKCS7(bp,x,cb,u) (PKCS7 *)PEM_ASN1_read_bio( \
452 (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb,u)
453#define PEM_read_bio_DHparams(bp,x,cb,u) (DH *)PEM_ASN1_read_bio( \
454 (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb,u)
455#define PEM_read_bio_DSAparams(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
456 (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb,u)
457
458#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb,u) \
459 (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \
460 (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\
461 (char **)x,cb,u)
462
463#endif
464
465#if 1
466/* "userdata": new with OpenSSL 0.9.4 */
467typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata);
468#else
469/* OpenSSL 0.9.3, 0.9.3a */
470typedef int pem_password_cb(char *buf, int size, int rwflag);
471#endif
472
473int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
474int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
475 pem_password_cb *callback,void *u);
476
477#ifdef HEADER_BIO_H
478int PEM_read_bio(BIO *bp, char **name, char **header,
479 unsigned char **data,long *len);
480int PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data,
481 long len);
482char * PEM_ASN1_read_bio(char *(*d2i)(),const char *name,BIO *bp,char **x,
483 pem_password_cb *cb, void *u);
484int PEM_ASN1_write_bio(int (*i2d)(),const char *name,BIO *bp,char *x,
485 const EVP_CIPHER *enc,unsigned char *kstr,int klen,
486 pem_password_cb *cb, void *u);
487STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
488int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
489 unsigned char *kstr, int klen, pem_password_cb *cd, void *u);
490#endif
491
492#ifndef WIN16
493int PEM_read(FILE *fp, char **name, char **header,
494 unsigned char **data,long *len);
495int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
496char * PEM_ASN1_read(char *(*d2i)(),const char *name,FILE *fp,char **x,
497 pem_password_cb *cb, void *u);
498int PEM_ASN1_write(int (*i2d)(),const char *name,FILE *fp,char *x,
499 const EVP_CIPHER *enc,unsigned char *kstr,int klen,
500 pem_password_cb *callback, void *u);
501STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
502 pem_password_cb *cb, void *u);
503#endif
504
505int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
506 EVP_MD *md_type, unsigned char **ek, int *ekl,
507 unsigned char *iv, EVP_PKEY **pubk, int npubk);
508void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
509 unsigned char *in, int inl);
510int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
511 unsigned char *out, int *outl, EVP_PKEY *priv);
512
513void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
514void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
515int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
516 unsigned int *siglen, EVP_PKEY *pkey);
517
518void ERR_load_PEM_strings(void);
519
520void PEM_proc_type(char *buf, int type);
521void PEM_dek_info(char *buf, const char *type, int len, char *str);
522
523#ifndef SSLEAY_MACROS
524
525#ifdef VMS
526#include <openssl/vms_idhacks.h>
527#endif
528
529DECLARE_PEM_rw(X509, X509)
530
531DECLARE_PEM_rw(X509_REQ, X509_REQ)
532
533DECLARE_PEM_rw(X509_CRL, X509_CRL)
534
535DECLARE_PEM_rw(PKCS7, PKCS7)
536
537DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
538
539DECLARE_PEM_rw(PKCS8, X509_SIG)
540
541DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
542
543#ifndef NO_RSA
544
545DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
546
547DECLARE_PEM_rw(RSAPublicKey, RSA)
548
549#endif
550
551#ifndef NO_DSA
552
553DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
554
555DECLARE_PEM_rw(DSAparams, DSA)
556
557#endif
558
559#ifndef NO_DH
560
561DECLARE_PEM_rw(DHparams, DH)
562
563#endif
564
565DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
566
567int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
568 char *, int, pem_password_cb *, void *);
569int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
570 char *kstr,int klen, pem_password_cb *cd, void *u);
571#endif /* SSLEAY_MACROS */
572
573
574/* BEGIN ERROR CODES */
575/* The following lines are auto generated by the script mkerr.pl. Any changes
576 * made after this point may be overwritten when the script is next run.
577 */
578
579/* Error codes for the PEM functions. */
580
581/* Function codes. */
582#define PEM_F_DEF_CALLBACK 100
583#define PEM_F_LOAD_IV 101
584#define PEM_F_PEM_ASN1_READ 102
585#define PEM_F_PEM_ASN1_READ_BIO 103
586#define PEM_F_PEM_ASN1_WRITE 104
587#define PEM_F_PEM_ASN1_WRITE_BIO 105
588#define PEM_F_PEM_DO_HEADER 106
589#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
590#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
591#define PEM_F_PEM_READ 108
592#define PEM_F_PEM_READ_BIO 109
593#define PEM_F_PEM_SEALFINAL 110
594#define PEM_F_PEM_SEALINIT 111
595#define PEM_F_PEM_SIGNFINAL 112
596#define PEM_F_PEM_WRITE 113
597#define PEM_F_PEM_WRITE_BIO 114
598#define PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY 119
599#define PEM_F_PEM_X509_INFO_READ 115
600#define PEM_F_PEM_X509_INFO_READ_BIO 116
601#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
602
603/* Reason codes. */
604#define PEM_R_BAD_BASE64_DECODE 100
605#define PEM_R_BAD_DECRYPT 101
606#define PEM_R_BAD_END_LINE 102
607#define PEM_R_BAD_IV_CHARS 103
608#define PEM_R_BAD_PASSWORD_READ 104
609#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
610#define PEM_R_NOT_DEK_INFO 105
611#define PEM_R_NOT_ENCRYPTED 106
612#define PEM_R_NOT_PROC_TYPE 107
613#define PEM_R_NO_START_LINE 108
614#define PEM_R_PROBLEMS_GETTING_PASSWORD 109
615#define PEM_R_PUBLIC_KEY_NO_RSA 110
616#define PEM_R_READ_KEY 111
617#define PEM_R_SHORT_HEADER 112
618#define PEM_R_UNSUPPORTED_CIPHER 113
619#define PEM_R_UNSUPPORTED_ENCRYPTION 114
620
621#ifdef __cplusplus
622}
623#endif
624#endif
625
diff --git a/src/lib/libcrypto/pem/pem2.h b/src/lib/libcrypto/pem/pem2.h
deleted file mode 100644
index 4a016aacd2..0000000000
--- a/src/lib/libcrypto/pem/pem2.h
+++ /dev/null
@@ -1,60 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55/*
56 * This header only exists to break a circular dependency between pem and err
57 * Ben 30 Jan 1999.
58 */
59
60void ERR_load_PEM_strings(void);
diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c
deleted file mode 100644
index bc473f3cff..0000000000
--- a/src/lib/libcrypto/pem/pem_all.c
+++ /dev/null
@@ -1,113 +0,0 @@
1/* crypto/pem/pem_all.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#undef SSLEAY_MACROS
61#include "cryptlib.h"
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65#include <openssl/pkcs7.h>
66#include <openssl/pem.h>
67
68IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509)
69
70IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ)
71
72IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL)
73
74IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7)
75
76IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE,
77 PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE)
78
79IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
80IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,
81 PKCS8_PRIV_KEY_INFO)
82
83#ifndef NO_RSA
84
85IMPLEMENT_PEM_rw_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
86
87IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
88
89#endif
90
91#ifndef NO_DSA
92
93IMPLEMENT_PEM_rw_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
94
95IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
96
97#endif
98
99#ifndef NO_DH
100
101IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
102
103#endif
104
105
106/* The PrivateKey case is not that straightforward.
107 * IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
108 * does not work, RSA and DSA keys have specific strings.
109 * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
110 * appropriate.)
111 */
112IMPLEMENT_PEM_read(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
113IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), PrivateKey)
diff --git a/src/lib/libcrypto/pem/pem_err.c b/src/lib/libcrypto/pem/pem_err.c
deleted file mode 100644
index fa70f60998..0000000000
--- a/src/lib/libcrypto/pem/pem_err.c
+++ /dev/null
@@ -1,127 +0,0 @@
1/* crypto/pem/pem_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file.
58 */
59
60#include <stdio.h>
61#include <openssl/err.h>
62#include <openssl/pem.h>
63
64/* BEGIN ERROR CODES */
65#ifndef NO_ERR
66static ERR_STRING_DATA PEM_str_functs[]=
67 {
68{ERR_PACK(0,PEM_F_DEF_CALLBACK,0), "DEF_CALLBACK"},
69{ERR_PACK(0,PEM_F_LOAD_IV,0), "LOAD_IV"},
70{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0), "PEM_ASN1_read"},
71{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0), "PEM_ASN1_read_bio"},
72{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0), "PEM_ASN1_write"},
73{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0), "PEM_ASN1_write_bio"},
74{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0), "PEM_do_header"},
75{ERR_PACK(0,PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY,0), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
76{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0), "PEM_get_EVP_CIPHER_INFO"},
77{ERR_PACK(0,PEM_F_PEM_READ,0), "PEM_read"},
78{ERR_PACK(0,PEM_F_PEM_READ_BIO,0), "PEM_read_bio"},
79{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0), "PEM_SealFinal"},
80{ERR_PACK(0,PEM_F_PEM_SEALINIT,0), "PEM_SealInit"},
81{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0), "PEM_SignFinal"},
82{ERR_PACK(0,PEM_F_PEM_WRITE,0), "PEM_write"},
83{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0), "PEM_write_bio"},
84{ERR_PACK(0,PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,0), "PEM_write_bio_PKCS8PrivateKey"},
85{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0), "PEM_X509_INFO_read"},
86{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0), "PEM_X509_INFO_read_bio"},
87{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0), "PEM_X509_INFO_write_bio"},
88{0,NULL}
89 };
90
91static ERR_STRING_DATA PEM_str_reasons[]=
92 {
93{PEM_R_BAD_BASE64_DECODE ,"bad base64 decode"},
94{PEM_R_BAD_DECRYPT ,"bad decrypt"},
95{PEM_R_BAD_END_LINE ,"bad end line"},
96{PEM_R_BAD_IV_CHARS ,"bad iv chars"},
97{PEM_R_BAD_PASSWORD_READ ,"bad password read"},
98{PEM_R_ERROR_CONVERTING_PRIVATE_KEY ,"error converting private key"},
99{PEM_R_NOT_DEK_INFO ,"not dek info"},
100{PEM_R_NOT_ENCRYPTED ,"not encrypted"},
101{PEM_R_NOT_PROC_TYPE ,"not proc type"},
102{PEM_R_NO_START_LINE ,"no start line"},
103{PEM_R_PROBLEMS_GETTING_PASSWORD ,"problems getting password"},
104{PEM_R_PUBLIC_KEY_NO_RSA ,"public key no rsa"},
105{PEM_R_READ_KEY ,"read key"},
106{PEM_R_SHORT_HEADER ,"short header"},
107{PEM_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
108{PEM_R_UNSUPPORTED_ENCRYPTION ,"unsupported encryption"},
109{0,NULL}
110 };
111
112#endif
113
114void ERR_load_PEM_strings(void)
115 {
116 static int init=1;
117
118 if (init)
119 {
120 init=0;
121#ifndef NO_ERR
122 ERR_load_strings(ERR_LIB_PEM,PEM_str_functs);
123 ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons);
124#endif
125
126 }
127 }
diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c
deleted file mode 100644
index fec18a4c2e..0000000000
--- a/src/lib/libcrypto/pem/pem_info.c
+++ /dev/null
@@ -1,353 +0,0 @@
1/* crypto/pem/pem_info.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65#include <openssl/pem.h>
66
67#ifndef NO_FP_API
68STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
69 {
70 BIO *b;
71 STACK_OF(X509_INFO) *ret;
72
73 if ((b=BIO_new(BIO_s_file())) == NULL)
74 {
75 PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB);
76 return(0);
77 }
78 BIO_set_fp(b,fp,BIO_NOCLOSE);
79 ret=PEM_X509_INFO_read_bio(b,sk,cb,u);
80 BIO_free(b);
81 return(ret);
82 }
83#endif
84
85STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
86 {
87 X509_INFO *xi=NULL;
88 char *name=NULL,*header=NULL,**pp;
89 unsigned char *data=NULL,*p;
90 long len,error=0;
91 int ok=0;
92 STACK_OF(X509_INFO) *ret=NULL;
93 unsigned int i,raw;
94 char *(*d2i)();
95
96 if (sk == NULL)
97 {
98 if ((ret=sk_X509_INFO_new_null()) == NULL)
99 {
100 PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE);
101 goto err;
102 }
103 }
104 else
105 ret=sk;
106
107 if ((xi=X509_INFO_new()) == NULL) goto err;
108 for (;;)
109 {
110 raw=0;
111 i=PEM_read_bio(bp,&name,&header,&data,&len);
112 if (i == 0)
113 {
114 error=ERR_GET_REASON(ERR_peek_error());
115 if (error == PEM_R_NO_START_LINE)
116 {
117 ERR_clear_error();
118 break;
119 }
120 goto err;
121 }
122start:
123 if ( (strcmp(name,PEM_STRING_X509) == 0) ||
124 (strcmp(name,PEM_STRING_X509_OLD) == 0))
125 {
126 d2i=(char *(*)())d2i_X509;
127 if (xi->x509 != NULL)
128 {
129 if (!sk_X509_INFO_push(ret,xi)) goto err;
130 if ((xi=X509_INFO_new()) == NULL) goto err;
131 goto start;
132 }
133 pp=(char **)&(xi->x509);
134 }
135 else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
136 {
137 d2i=(char *(*)())d2i_X509_CRL;
138 if (xi->crl != NULL)
139 {
140 if (!sk_X509_INFO_push(ret,xi)) goto err;
141 if ((xi=X509_INFO_new()) == NULL) goto err;
142 goto start;
143 }
144 pp=(char **)&(xi->crl);
145 }
146 else
147#ifndef NO_RSA
148 if (strcmp(name,PEM_STRING_RSA) == 0)
149 {
150 d2i=(char *(*)())d2i_RSAPrivateKey;
151 if (xi->x_pkey != NULL)
152 {
153 if (!sk_X509_INFO_push(ret,xi)) goto err;
154 if ((xi=X509_INFO_new()) == NULL) goto err;
155 goto start;
156 }
157
158 xi->enc_data=NULL;
159 xi->enc_len=0;
160
161 xi->x_pkey=X509_PKEY_new();
162 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
163 goto err;
164 xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA;
165 pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa);
166 if ((int)strlen(header) > 10) /* assume encrypted */
167 raw=1;
168 }
169 else
170#endif
171#ifndef NO_DSA
172 if (strcmp(name,PEM_STRING_DSA) == 0)
173 {
174 d2i=(char *(*)())d2i_DSAPrivateKey;
175 if (xi->x_pkey != NULL)
176 {
177 if (!sk_X509_INFO_push(ret,xi)) goto err;
178 if ((xi=X509_INFO_new()) == NULL) goto err;
179 goto start;
180 }
181
182 xi->enc_data=NULL;
183 xi->enc_len=0;
184
185 xi->x_pkey=X509_PKEY_new();
186 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
187 goto err;
188 xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA;
189 pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa);
190 if ((int)strlen(header) > 10) /* assume encrypted */
191 raw=1;
192 }
193 else
194#endif
195 {
196 d2i=NULL;
197 pp=NULL;
198 }
199
200 if (d2i != NULL)
201 {
202 if (!raw)
203 {
204 EVP_CIPHER_INFO cipher;
205
206 if (!PEM_get_EVP_CIPHER_INFO(header,&cipher))
207 goto err;
208 if (!PEM_do_header(&cipher,data,&len,cb,u))
209 goto err;
210 p=data;
211 if (d2i(pp,&p,len) == NULL)
212 {
213 PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
214 goto err;
215 }
216 }
217 else
218 { /* encrypted RSA data */
219 if (!PEM_get_EVP_CIPHER_INFO(header,
220 &xi->enc_cipher)) goto err;
221 xi->enc_data=(char *)data;
222 xi->enc_len=(int)len;
223 data=NULL;
224 }
225 }
226 else {
227 /* unknown */
228 }
229 if (name != NULL) Free(name);
230 if (header != NULL) Free(header);
231 if (data != NULL) Free(data);
232 name=NULL;
233 header=NULL;
234 data=NULL;
235 }
236
237 /* if the last one hasn't been pushed yet and there is anything
238 * in it then add it to the stack ...
239 */
240 if ((xi->x509 != NULL) || (xi->crl != NULL) ||
241 (xi->x_pkey != NULL) || (xi->enc_data != NULL))
242 {
243 if (!sk_X509_INFO_push(ret,xi)) goto err;
244 xi=NULL;
245 }
246 ok=1;
247err:
248 if (xi != NULL) X509_INFO_free(xi);
249 if (!ok)
250 {
251 for (i=0; ((int)i)<sk_X509_INFO_num(ret); i++)
252 {
253 xi=sk_X509_INFO_value(ret,i);
254 X509_INFO_free(xi);
255 }
256 if (ret != sk) sk_X509_INFO_free(ret);
257 ret=NULL;
258 }
259
260 if (name != NULL) Free(name);
261 if (header != NULL) Free(header);
262 if (data != NULL) Free(data);
263 return(ret);
264 }
265
266
267/* A TJH addition */
268int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
269 unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
270 {
271 EVP_CIPHER_CTX ctx;
272 int i,ret=0;
273 unsigned char *data=NULL;
274 const char *objstr=NULL;
275 char buf[PEM_BUFSIZE];
276 unsigned char *iv=NULL;
277
278 if (enc != NULL)
279 {
280 objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
281 if (objstr == NULL)
282 {
283 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
284 goto err;
285 }
286 }
287
288 /* now for the fun part ... if we have a private key then
289 * we have to be able to handle a not-yet-decrypted key
290 * being written out correctly ... if it is decrypted or
291 * it is non-encrypted then we use the base code
292 */
293 if (xi->x_pkey!=NULL)
294 {
295 if ( (xi->enc_data!=NULL) && (xi->enc_len>0) )
296 {
297 /* copy from wierdo names into more normal things */
298 iv=xi->enc_cipher.iv;
299 data=(unsigned char *)xi->enc_data;
300 i=xi->enc_len;
301
302 /* we take the encryption data from the
303 * internal stuff rather than what the
304 * user has passed us ... as we have to
305 * match exactly for some strange reason
306 */
307 objstr=OBJ_nid2sn(
308 EVP_CIPHER_nid(xi->enc_cipher.cipher));
309 if (objstr == NULL)
310 {
311 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
312 goto err;
313 }
314
315 /* create the right magic header stuff */
316 buf[0]='\0';
317 PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
318 PEM_dek_info(buf,objstr,8,(char *)iv);
319
320 /* use the normal code to write things out */
321 i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
322 if (i <= 0) goto err;
323 }
324 else
325 {
326 /* Add DSA/DH */
327#ifndef NO_RSA
328 /* normal optionally encrypted stuff */
329 if (PEM_write_bio_RSAPrivateKey(bp,
330 xi->x_pkey->dec_pkey->pkey.rsa,
331 enc,kstr,klen,cb,u)<=0)
332 goto err;
333#endif
334 }
335 }
336
337 /* if we have a certificate then write it out now */
338 if ((xi->x509 != NULL) || (PEM_write_bio_X509(bp,xi->x509) <= 0))
339 goto err;
340
341 /* we are ignoring anything else that is loaded into the X509_INFO
342 * structure for the moment ... as I don't need it so I'm not
343 * coding it here and Eric can do it when this makes it into the
344 * base library --tjh
345 */
346
347 ret=1;
348
349err:
350 memset((char *)&ctx,0,sizeof(ctx));
351 memset(buf,0,PEM_BUFSIZE);
352 return(ret);
353 }
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
deleted file mode 100644
index 90f02011ba..0000000000
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ /dev/null
@@ -1,803 +0,0 @@
1/* crypto/pem/pem_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/rand.h>
65#include <openssl/x509.h>
66#include <openssl/pem.h>
67#include <openssl/pkcs12.h>
68#ifndef NO_DES
69#include <openssl/des.h>
70#endif
71
72const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
73
74#define MIN_LENGTH 4
75
76static int def_callback(char *buf, int num, int w, void *userdata);
77static int load_iv(unsigned char **fromp,unsigned char *to, int num);
78
79static int def_callback(char *buf, int num, int w, void *userdata)
80 {
81#ifdef NO_FP_API
82 /* We should not ever call the default callback routine from
83 * windows. */
84 PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
85 return(-1);
86#else
87 int i,j;
88 const char *prompt;
89
90 prompt=EVP_get_pw_prompt();
91 if (prompt == NULL)
92 prompt="Enter PEM pass phrase:";
93
94 for (;;)
95 {
96 i=EVP_read_pw_string(buf,num,prompt,w);
97 if (i != 0)
98 {
99 PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
100 memset(buf,0,(unsigned int)num);
101 return(-1);
102 }
103 j=strlen(buf);
104 if (j < MIN_LENGTH)
105 {
106 fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH);
107 }
108 else
109 break;
110 }
111 return(j);
112#endif
113 }
114
115void PEM_proc_type(char *buf, int type)
116 {
117 const char *str;
118
119 if (type == PEM_TYPE_ENCRYPTED)
120 str="ENCRYPTED";
121 else if (type == PEM_TYPE_MIC_CLEAR)
122 str="MIC-CLEAR";
123 else if (type == PEM_TYPE_MIC_ONLY)
124 str="MIC-ONLY";
125 else
126 str="BAD-TYPE";
127
128 strcat(buf,"Proc-Type: 4,");
129 strcat(buf,str);
130 strcat(buf,"\n");
131 }
132
133void PEM_dek_info(char *buf, const char *type, int len, char *str)
134 {
135 static unsigned char map[17]="0123456789ABCDEF";
136 long i;
137 int j;
138
139 strcat(buf,"DEK-Info: ");
140 strcat(buf,type);
141 strcat(buf,",");
142 j=strlen(buf);
143 for (i=0; i<len; i++)
144 {
145 buf[j+i*2] =map[(str[i]>>4)&0x0f];
146 buf[j+i*2+1]=map[(str[i] )&0x0f];
147 }
148 buf[j+i*2]='\n';
149 buf[j+i*2+1]='\0';
150 }
151
152#ifndef NO_FP_API
153char *PEM_ASN1_read(char *(*d2i)(), const char *name, FILE *fp, char **x,
154 pem_password_cb *cb, void *u)
155 {
156 BIO *b;
157 char *ret;
158
159 if ((b=BIO_new(BIO_s_file())) == NULL)
160 {
161 PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
162 return(0);
163 }
164 BIO_set_fp(b,fp,BIO_NOCLOSE);
165 ret=PEM_ASN1_read_bio(d2i,name,b,x,cb,u);
166 BIO_free(b);
167 return(ret);
168 }
169#endif
170
171char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x,
172 pem_password_cb *cb, void *u)
173 {
174 EVP_CIPHER_INFO cipher;
175 char *nm=NULL,*header=NULL;
176 unsigned char *p=NULL,*data=NULL;
177 long len;
178 char *ret=NULL;
179
180 for (;;)
181 {
182 if (!PEM_read_bio(bp,&nm,&header,&data,&len)) return(NULL);
183 if ( (strcmp(nm,name) == 0) ||
184 ((strcmp(nm,PEM_STRING_RSA) == 0) &&
185 (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
186 ((strcmp(nm,PEM_STRING_DSA) == 0) &&
187 (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
188 ((strcmp(nm,PEM_STRING_PKCS8) == 0) &&
189 (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
190 ((strcmp(nm,PEM_STRING_PKCS8INF) == 0) &&
191 (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
192 ((strcmp(nm,PEM_STRING_X509_OLD) == 0) &&
193 (strcmp(name,PEM_STRING_X509) == 0)) ||
194 ((strcmp(nm,PEM_STRING_X509_REQ_OLD) == 0) &&
195 (strcmp(name,PEM_STRING_X509_REQ) == 0))
196 )
197 break;
198 Free(nm);
199 Free(header);
200 Free(data);
201 }
202 if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
203 if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
204 p=data;
205 if (strcmp(name,PEM_STRING_EVP_PKEY) == 0) {
206 if (strcmp(nm,PEM_STRING_RSA) == 0)
207 ret=d2i(EVP_PKEY_RSA,x,&p,len);
208 else if (strcmp(nm,PEM_STRING_DSA) == 0)
209 ret=d2i(EVP_PKEY_DSA,x,&p,len);
210 else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
211 PKCS8_PRIV_KEY_INFO *p8inf;
212 p8inf=d2i_PKCS8_PRIV_KEY_INFO(
213 (PKCS8_PRIV_KEY_INFO **) x, &p, len);
214 ret = (char *)EVP_PKCS82PKEY(p8inf);
215 PKCS8_PRIV_KEY_INFO_free(p8inf);
216 } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
217 PKCS8_PRIV_KEY_INFO *p8inf;
218 X509_SIG *p8;
219 int klen;
220 char psbuf[PEM_BUFSIZE];
221 p8 = d2i_X509_SIG((X509_SIG **)x, &p, len);
222 if(!p8) goto p8err;
223 if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
224 else klen=def_callback(psbuf,PEM_BUFSIZE,0,u);
225 if (klen <= 0) {
226 PEMerr(PEM_F_PEM_ASN1_READ_BIO,
227 PEM_R_BAD_PASSWORD_READ);
228 goto err;
229 }
230 p8inf = M_PKCS8_decrypt(p8, psbuf, klen);
231 X509_SIG_free(p8);
232 if(!p8inf) goto p8err;
233 ret = (char *)EVP_PKCS82PKEY(p8inf);
234 PKCS8_PRIV_KEY_INFO_free(p8inf);
235 }
236 } else ret=d2i(x,&p,len);
237p8err:
238 if (ret == NULL)
239 PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
240err:
241 Free(nm);
242 Free(header);
243 Free(data);
244 return(ret);
245 }
246
247#ifndef NO_FP_API
248int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x,
249 const EVP_CIPHER *enc, unsigned char *kstr, int klen,
250 pem_password_cb *callback, void *u)
251 {
252 BIO *b;
253 int ret;
254
255 if ((b=BIO_new(BIO_s_file())) == NULL)
256 {
257 PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB);
258 return(0);
259 }
260 BIO_set_fp(b,fp,BIO_NOCLOSE);
261 ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback,u);
262 BIO_free(b);
263 return(ret);
264 }
265#endif
266
267int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
268 const EVP_CIPHER *enc, unsigned char *kstr, int klen,
269 pem_password_cb *callback, void *u)
270 {
271 EVP_CIPHER_CTX ctx;
272 int dsize=0,i,j,ret=0;
273 unsigned char *p,*data=NULL;
274 const char *objstr=NULL;
275 char buf[PEM_BUFSIZE];
276 unsigned char key[EVP_MAX_KEY_LENGTH];
277 unsigned char iv[EVP_MAX_IV_LENGTH];
278
279 if (enc != NULL)
280 {
281 objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
282 if (objstr == NULL)
283 {
284 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
285 goto err;
286 }
287 }
288
289 if ((dsize=i2d(x,NULL)) < 0)
290 {
291 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
292 dsize=0;
293 goto err;
294 }
295 /* dzise + 8 bytes are needed */
296 data=(unsigned char *)Malloc((unsigned int)dsize+20);
297 if (data == NULL)
298 {
299 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
300 goto err;
301 }
302 p=data;
303 i=i2d(x,&p);
304
305 if (enc != NULL)
306 {
307 if (kstr == NULL)
308 {
309 if (callback == NULL)
310 klen=def_callback(buf,PEM_BUFSIZE,1,u);
311 else
312 klen=(*callback)(buf,PEM_BUFSIZE,1,u);
313 if (klen <= 0)
314 {
315 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
316 goto err;
317 }
318#ifdef CHARSET_EBCDIC
319 /* Convert the pass phrase from EBCDIC */
320 ebcdic2ascii(buf, buf, klen);
321#endif
322 kstr=(unsigned char *)buf;
323 }
324 RAND_seed(data,i);/* put in the RSA key. */
325 RAND_bytes(iv,8); /* Generate a salt */
326 /* The 'iv' is used as the iv and as a salt. It is
327 * NOT taken from the BytesToKey function */
328 EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
329
330 if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
331
332 buf[0]='\0';
333 PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
334 PEM_dek_info(buf,objstr,8,(char *)iv);
335 /* k=strlen(buf); */
336
337 EVP_EncryptInit(&ctx,enc,key,iv);
338 EVP_EncryptUpdate(&ctx,data,&j,data,i);
339 EVP_EncryptFinal(&ctx,&(data[j]),&i);
340 i+=j;
341 ret=1;
342 }
343 else
344 {
345 ret=1;
346 buf[0]='\0';
347 }
348 i=PEM_write_bio(bp,name,buf,data,i);
349 if (i <= 0) ret=0;
350err:
351 memset(key,0,sizeof(key));
352 memset(iv,0,sizeof(iv));
353 memset((char *)&ctx,0,sizeof(ctx));
354 memset(buf,0,PEM_BUFSIZE);
355 memset(data,0,(unsigned int)dsize);
356 Free(data);
357 return(ret);
358 }
359
360int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
361 pem_password_cb *callback,void *u)
362 {
363 int i,j,o,klen;
364 long len;
365 EVP_CIPHER_CTX ctx;
366 unsigned char key[EVP_MAX_KEY_LENGTH];
367 char buf[PEM_BUFSIZE];
368
369 len= *plen;
370
371 if (cipher->cipher == NULL) return(1);
372 if (callback == NULL)
373 klen=def_callback(buf,PEM_BUFSIZE,0,u);
374 else
375 klen=callback(buf,PEM_BUFSIZE,0,u);
376 if (klen <= 0)
377 {
378 PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
379 return(0);
380 }
381#ifdef CHARSET_EBCDIC
382 /* Convert the pass phrase from EBCDIC */
383 ebcdic2ascii(buf, buf, klen);
384#endif
385
386 EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
387 (unsigned char *)buf,klen,1,key,NULL);
388
389 j=(int)len;
390 EVP_DecryptInit(&ctx,cipher->cipher,key,&(cipher->iv[0]));
391 EVP_DecryptUpdate(&ctx,data,&i,data,j);
392 o=EVP_DecryptFinal(&ctx,&(data[i]),&j);
393 EVP_CIPHER_CTX_cleanup(&ctx);
394 memset((char *)buf,0,sizeof(buf));
395 memset((char *)key,0,sizeof(key));
396 j+=i;
397 if (!o)
398 {
399 PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT);
400 return(0);
401 }
402 *plen=j;
403 return(1);
404 }
405
406int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
407 {
408 int o;
409 const EVP_CIPHER *enc=NULL;
410 char *p,c;
411
412 cipher->cipher=NULL;
413 if ((header == NULL) || (*header == '\0') || (*header == '\n'))
414 return(1);
415 if (strncmp(header,"Proc-Type: ",11) != 0)
416 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); }
417 header+=11;
418 if (*header != '4') return(0); header++;
419 if (*header != ',') return(0); header++;
420 if (strncmp(header,"ENCRYPTED",9) != 0)
421 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); }
422 for (; (*header != '\n') && (*header != '\0'); header++)
423 ;
424 if (*header == '\0')
425 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); }
426 header++;
427 if (strncmp(header,"DEK-Info: ",10) != 0)
428 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); }
429 header+=10;
430
431 p=header;
432 for (;;)
433 {
434 c= *header;
435#ifndef CHARSET_EBCDIC
436 if (!( ((c >= 'A') && (c <= 'Z')) || (c == '-') ||
437 ((c >= '0') && (c <= '9'))))
438 break;
439#else
440 if (!( isupper(c) || (c == '-') ||
441 isdigit(c)))
442 break;
443#endif
444 header++;
445 }
446 *header='\0';
447 o=OBJ_sn2nid(p);
448 cipher->cipher=enc=EVP_get_cipherbyname(p);
449 *header=c;
450 header++;
451
452 if (enc == NULL)
453 {
454 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
455 return(0);
456 }
457 if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);
458
459 return(1);
460 }
461
462static int load_iv(unsigned char **fromp, unsigned char *to, int num)
463 {
464 int v,i;
465 unsigned char *from;
466
467 from= *fromp;
468 for (i=0; i<num; i++) to[i]=0;
469 num*=2;
470 for (i=0; i<num; i++)
471 {
472 if ((*from >= '0') && (*from <= '9'))
473 v= *from-'0';
474 else if ((*from >= 'A') && (*from <= 'F'))
475 v= *from-'A'+10;
476 else if ((*from >= 'a') && (*from <= 'f'))
477 v= *from-'a'+10;
478 else
479 {
480 PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS);
481 return(0);
482 }
483 from++;
484 to[i/2]|=v<<(long)((!(i&1))*4);
485 }
486
487 *fromp=from;
488 return(1);
489 }
490
491#ifndef NO_FP_API
492int PEM_write(FILE *fp, char *name, char *header, unsigned char *data,
493 long len)
494 {
495 BIO *b;
496 int ret;
497
498 if ((b=BIO_new(BIO_s_file())) == NULL)
499 {
500 PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB);
501 return(0);
502 }
503 BIO_set_fp(b,fp,BIO_NOCLOSE);
504 ret=PEM_write_bio(b, name, header, data,len);
505 BIO_free(b);
506 return(ret);
507 }
508#endif
509
510int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
511 long len)
512 {
513 int nlen,n,i,j,outl;
514 unsigned char *buf;
515 EVP_ENCODE_CTX ctx;
516 int reason=ERR_R_BUF_LIB;
517
518 EVP_EncodeInit(&ctx);
519 nlen=strlen(name);
520
521 if ( (BIO_write(bp,"-----BEGIN ",11) != 11) ||
522 (BIO_write(bp,name,nlen) != nlen) ||
523 (BIO_write(bp,"-----\n",6) != 6))
524 goto err;
525
526 i=strlen(header);
527 if (i > 0)
528 {
529 if ( (BIO_write(bp,header,i) != i) ||
530 (BIO_write(bp,"\n",1) != 1))
531 goto err;
532 }
533
534 buf=(unsigned char *)Malloc(PEM_BUFSIZE*8);
535 if (buf == NULL)
536 {
537 reason=ERR_R_MALLOC_FAILURE;
538 goto err;
539 }
540
541 i=j=0;
542 while (len > 0)
543 {
544 n=(int)((len>(PEM_BUFSIZE*5))?(PEM_BUFSIZE*5):len);
545 EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n);
546 if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl))
547 goto err;
548 i+=outl;
549 len-=n;
550 j+=n;
551 }
552 EVP_EncodeFinal(&ctx,buf,&outl);
553 if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
554 Free(buf);
555 if ( (BIO_write(bp,"-----END ",9) != 9) ||
556 (BIO_write(bp,name,nlen) != nlen) ||
557 (BIO_write(bp,"-----\n",6) != 6))
558 goto err;
559 return(i+outl);
560err:
561 PEMerr(PEM_F_PEM_WRITE_BIO,reason);
562 return(0);
563 }
564
565#ifndef NO_FP_API
566int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
567 long *len)
568 {
569 BIO *b;
570 int ret;
571
572 if ((b=BIO_new(BIO_s_file())) == NULL)
573 {
574 PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB);
575 return(0);
576 }
577 BIO_set_fp(b,fp,BIO_NOCLOSE);
578 ret=PEM_read_bio(b, name, header, data,len);
579 BIO_free(b);
580 return(ret);
581 }
582#endif
583
584int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
585 long *len)
586 {
587 EVP_ENCODE_CTX ctx;
588 int end=0,i,k,bl=0,hl=0,nohead=0;
589 char buf[256];
590 BUF_MEM *nameB;
591 BUF_MEM *headerB;
592 BUF_MEM *dataB,*tmpB;
593
594 nameB=BUF_MEM_new();
595 headerB=BUF_MEM_new();
596 dataB=BUF_MEM_new();
597 if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL))
598 {
599 PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
600 return(0);
601 }
602
603 buf[254]='\0';
604 for (;;)
605 {
606 i=BIO_gets(bp,buf,254);
607
608 if (i <= 0)
609 {
610 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE);
611 goto err;
612 }
613
614 while ((i >= 0) && (buf[i] <= ' ')) i--;
615 buf[++i]='\n'; buf[++i]='\0';
616
617 if (strncmp(buf,"-----BEGIN ",11) == 0)
618 {
619 i=strlen(&(buf[11]));
620
621 if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0)
622 continue;
623 if (!BUF_MEM_grow(nameB,i+9))
624 {
625 PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
626 goto err;
627 }
628 memcpy(nameB->data,&(buf[11]),i-6);
629 nameB->data[i-6]='\0';
630 break;
631 }
632 }
633 hl=0;
634 if (!BUF_MEM_grow(headerB,256))
635 { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
636 headerB->data[0]='\0';
637 for (;;)
638 {
639 i=BIO_gets(bp,buf,254);
640 if (i <= 0) break;
641
642 while ((i >= 0) && (buf[i] <= ' ')) i--;
643 buf[++i]='\n'; buf[++i]='\0';
644
645 if (buf[0] == '\n') break;
646 if (!BUF_MEM_grow(headerB,hl+i+9))
647 { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
648 if (strncmp(buf,"-----END ",9) == 0)
649 {
650 nohead=1;
651 break;
652 }
653 memcpy(&(headerB->data[hl]),buf,i);
654 headerB->data[hl+i]='\0';
655 hl+=i;
656 }
657
658 bl=0;
659 if (!BUF_MEM_grow(dataB,1024))
660 { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
661 dataB->data[0]='\0';
662 if (!nohead)
663 {
664 for (;;)
665 {
666 i=BIO_gets(bp,buf,254);
667 if (i <= 0) break;
668
669 while ((i >= 0) && (buf[i] <= ' ')) i--;
670 buf[++i]='\n'; buf[++i]='\0';
671
672 if (i != 65) end=1;
673 if (strncmp(buf,"-----END ",9) == 0)
674 break;
675 if (i > 65) break;
676 if (!BUF_MEM_grow(dataB,i+bl+9))
677 {
678 PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
679 goto err;
680 }
681 memcpy(&(dataB->data[bl]),buf,i);
682 dataB->data[bl+i]='\0';
683 bl+=i;
684 if (end)
685 {
686 buf[0]='\0';
687 i=BIO_gets(bp,buf,254);
688 if (i <= 0) break;
689
690 while ((i >= 0) && (buf[i] <= ' ')) i--;
691 buf[++i]='\n'; buf[++i]='\0';
692
693 break;
694 }
695 }
696 }
697 else
698 {
699 tmpB=headerB;
700 headerB=dataB;
701 dataB=tmpB;
702 bl=hl;
703 }
704 i=strlen(nameB->data);
705 if ( (strncmp(buf,"-----END ",9) != 0) ||
706 (strncmp(nameB->data,&(buf[9]),i) != 0) ||
707 (strncmp(&(buf[9+i]),"-----\n",6) != 0))
708 {
709 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
710 goto err;
711 }
712
713 EVP_DecodeInit(&ctx);
714 i=EVP_DecodeUpdate(&ctx,
715 (unsigned char *)dataB->data,&bl,
716 (unsigned char *)dataB->data,bl);
717 if (i < 0)
718 {
719 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
720 goto err;
721 }
722 i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k);
723 if (i < 0)
724 {
725 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
726 goto err;
727 }
728 bl+=k;
729
730 if (bl == 0) goto err;
731 *name=nameB->data;
732 *header=headerB->data;
733 *data=(unsigned char *)dataB->data;
734 *len=bl;
735 Free(nameB);
736 Free(headerB);
737 Free(dataB);
738 return(1);
739err:
740 BUF_MEM_free(nameB);
741 BUF_MEM_free(headerB);
742 BUF_MEM_free(dataB);
743 return(0);
744 }
745
746/* This function writes a private key in PKCS#8 format: it is a "drop in"
747 * replacement for PEM_write_bio_PrivateKey(). As usual if 'enc' is NULL then
748 * it uses the unencrypted private key form. It uses PKCS#5 v2.0 password based
749 * encryption algorithms.
750 */
751
752int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
753 char *kstr, int klen,
754 pem_password_cb *cb, void *u)
755{
756 X509_SIG *p8;
757 PKCS8_PRIV_KEY_INFO *p8inf;
758 char buf[PEM_BUFSIZE];
759 int ret;
760 if(!(p8inf = EVP_PKEY2PKCS8(x))) {
761 PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,
762 PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
763 return 0;
764 }
765 if(enc) {
766 if(!kstr) {
767 if(!cb) klen = def_callback(buf, PEM_BUFSIZE, 1, u);
768 else klen = cb(buf, PEM_BUFSIZE, 1, u);
769 if(klen <= 0) {
770 PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,
771 PEM_R_READ_KEY);
772 PKCS8_PRIV_KEY_INFO_free(p8inf);
773 return 0;
774 }
775
776 kstr = buf;
777 }
778 p8 = PKCS8_encrypt(-1, enc, kstr, klen, NULL, 0, 0, p8inf);
779 if(kstr == buf) memset(buf, 0, klen);
780 PKCS8_PRIV_KEY_INFO_free(p8inf);
781 ret = PEM_write_bio_PKCS8(bp, p8);
782 X509_SIG_free(p8);
783 return ret;
784 } else {
785 ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);
786 PKCS8_PRIV_KEY_INFO_free(p8inf);
787 return ret;
788 }
789}
790
791int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
792 char *kstr, int klen, pem_password_cb *cb, void *u)
793{
794 BIO *bp;
795 int ret;
796 if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
797 PEMerr(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY,ERR_R_BUF_LIB);
798 return(0);
799 }
800 ret = PEM_write_bio_PKCS8PrivateKey(bp, x, enc, kstr, klen, cb, u);
801 BIO_free(bp);
802 return ret;
803}
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c
deleted file mode 100644
index 23f95beb1e..0000000000
--- a/src/lib/libcrypto/pem/pem_seal.c
+++ /dev/null
@@ -1,178 +0,0 @@
1/* crypto/pem/pem_seal.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_RSA
60#include <stdio.h>
61#include "cryptlib.h"
62#include <openssl/evp.h>
63#include <openssl/rand.h>
64#include <openssl/objects.h>
65#include <openssl/x509.h>
66#include <openssl/pem.h>
67
68int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
69 unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,
70 int npubk)
71 {
72 unsigned char key[EVP_MAX_KEY_LENGTH];
73 int ret= -1;
74 int i,j,max=0;
75 char *s=NULL;
76
77 for (i=0; i<npubk; i++)
78 {
79 if (pubk[i]->type != EVP_PKEY_RSA)
80 {
81 PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA);
82 goto err;
83 }
84 j=RSA_size(pubk[i]->pkey.rsa);
85 if (j > max) max=j;
86 }
87 s=(char *)Malloc(max*2);
88 if (s == NULL)
89 {
90 PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE);
91 goto err;
92 }
93
94 EVP_EncodeInit(&(ctx->encode));
95 EVP_SignInit(&(ctx->md),md_type);
96
97 ret=EVP_SealInit(&(ctx->cipher),type,ek,ekl,iv,pubk,npubk);
98 if (!ret) goto err;
99
100 /* base64 encode the keys */
101 for (i=0; i<npubk; i++)
102 {
103 j=EVP_EncodeBlock((unsigned char *)s,ek[i],
104 RSA_size(pubk[i]->pkey.rsa));
105 ekl[i]=j;
106 memcpy(ek[i],s,j+1);
107 }
108
109 ret=npubk;
110err:
111 if (s != NULL) Free(s);
112 memset(key,0,EVP_MAX_KEY_LENGTH);
113 return(ret);
114 }
115
116void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
117 unsigned char *in, int inl)
118 {
119 unsigned char buffer[1600];
120 int i,j;
121
122 *outl=0;
123 EVP_SignUpdate(&(ctx->md),in,inl);
124 for (;;)
125 {
126 if (inl <= 0) break;
127 if (inl > 1200)
128 i=1200;
129 else
130 i=inl;
131 EVP_EncryptUpdate(&(ctx->cipher),buffer,&j,in,i);
132 EVP_EncodeUpdate(&(ctx->encode),out,&j,buffer,j);
133 *outl+=j;
134 out+=j;
135 in+=i;
136 inl-=i;
137 }
138 }
139
140int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
141 unsigned char *out, int *outl, EVP_PKEY *priv)
142 {
143 unsigned char *s=NULL;
144 int ret=0,j;
145 unsigned int i;
146
147 if (priv->type != EVP_PKEY_RSA)
148 {
149 PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA);
150 goto err;
151 }
152 i=RSA_size(priv->pkey.rsa);
153 if (i < 100) i=100;
154 s=(unsigned char *)Malloc(i*2);
155 if (s == NULL)
156 {
157 PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE);
158 goto err;
159 }
160
161 EVP_EncryptFinal(&(ctx->cipher),s,(int *)&i);
162 EVP_EncodeUpdate(&(ctx->encode),out,&j,s,i);
163 *outl=j;
164 out+=j;
165 EVP_EncodeFinal(&(ctx->encode),out,&j);
166 *outl+=j;
167
168 if (!EVP_SignFinal(&(ctx->md),s,&i,priv)) goto err;
169 *sigl=EVP_EncodeBlock(sig,s,i);
170
171 ret=1;
172err:
173 memset((char *)&(ctx->md),0,sizeof(ctx->md));
174 memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher));
175 if (s != NULL) Free(s);
176 return(ret);
177 }
178#endif
diff --git a/src/lib/libcrypto/pem/pem_sign.c b/src/lib/libcrypto/pem/pem_sign.c
deleted file mode 100644
index aabafb702d..0000000000
--- a/src/lib/libcrypto/pem/pem_sign.c
+++ /dev/null
@@ -1,102 +0,0 @@
1/* crypto/pem/pem_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65#include <openssl/pem.h>
66
67void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
68 {
69 EVP_DigestInit(ctx,type);
70 }
71
72void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
73 unsigned int count)
74 {
75 EVP_DigestUpdate(ctx,data,count);
76 }
77
78int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
79 EVP_PKEY *pkey)
80 {
81 unsigned char *m;
82 int i,ret=0;
83 unsigned int m_len;
84
85 m=(unsigned char *)Malloc(EVP_PKEY_size(pkey)+2);
86 if (m == NULL)
87 {
88 PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE);
89 goto err;
90 }
91
92 if (EVP_SignFinal(ctx,m,&m_len,pkey) <= 0) goto err;
93
94 i=EVP_EncodeBlock(sigret,m,m_len);
95 *siglen=i;
96 ret=1;
97err:
98 /* ctx has been zeroed by EVP_SignFinal() */
99 if (m != NULL) Free(m);
100 return(ret);
101 }
102
diff --git a/src/lib/libcrypto/pem/pkcs7.lis b/src/lib/libcrypto/pem/pkcs7.lis
deleted file mode 100644
index be90c5d87f..0000000000
--- a/src/lib/libcrypto/pem/pkcs7.lis
+++ /dev/null
@@ -1,22 +0,0 @@
121 0:d=0 hl=2 l= 0 cons: univ: SEQUENCE
2 00 2:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData
3 21 13:d=0 hl=2 l= 0 cons: cont: 00 # explicit tag
4 21 15:d=0 hl=2 l= 0 cons: univ: SEQUENCE
5 00 17:d=0 hl=2 l= 1 prim: univ: INTEGER # version
6 20 20:d=0 hl=2 l= 0 cons: univ: SET
7 21 22:d=0 hl=2 l= 0 cons: univ: SEQUENCE
8 00 24:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data
9 00 35:d=0 hl=2 l= 0 prim: univ: EOC
10 21 37:d=0 hl=2 l= 0 cons: cont: 00 # cert tag
11 20 39:d=0 hl=4 l=545 cons: univ: SEQUENCE
12 20 588:d=0 hl=4 l=524 cons: univ: SEQUENCE
13 00 1116:d=0 hl=2 l= 0 prim: univ: EOC
14 21 1118:d=0 hl=2 l= 0 cons: cont: 01 # crl tag
15 20 1120:d=0 hl=4 l=653 cons: univ: SEQUENCE
16 20 1777:d=0 hl=4 l=285 cons: univ: SEQUENCE
17 00 2066:d=0 hl=2 l= 0 prim: univ: EOC
18 21 2068:d=0 hl=2 l= 0 cons: univ: SET # signers
19 00 2070:d=0 hl=2 l= 0 prim: univ: EOC
20 00 2072:d=0 hl=2 l= 0 prim: univ: EOC
21 00 2074:d=0 hl=2 l= 0 prim: univ: EOC
2200 2076:d=0 hl=2 l= 0 prim: univ: EOC
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-25 23:12:33 +0000