summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pem
diff options
context:
space:
mode:
authordjm <>2008-09-06 12:17:54 +0000
committerdjm <>2008-09-06 12:17:54 +0000
commit6b62d1fdd8a4fd35acfcc0c4bb1bf8b757fa8cda (patch)
tree7ccc28afe1789ea3dbedf72365f955d5b8e105b5 /src/lib/libcrypto/pem
parent89181603212b41e95cde36b1be5a146ce8fb2935 (diff)
downloadopenbsd-6b62d1fdd8a4fd35acfcc0c4bb1bf8b757fa8cda.tar.gz
openbsd-6b62d1fdd8a4fd35acfcc0c4bb1bf8b757fa8cda.tar.bz2
openbsd-6b62d1fdd8a4fd35acfcc0c4bb1bf8b757fa8cda.zip
resolve conflicts
Diffstat (limited to 'src/lib/libcrypto/pem')
-rw-r--r--src/lib/libcrypto/pem/pem.h173
-rw-r--r--src/lib/libcrypto/pem/pem_all.c233
-rw-r--r--src/lib/libcrypto/pem/pem_err.c18
-rw-r--r--src/lib/libcrypto/pem/pem_info.c58
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c33
-rw-r--r--src/lib/libcrypto/pem/pem_oth.c7
-rw-r--r--src/lib/libcrypto/pem/pem_pk8.c7
-rw-r--r--src/lib/libcrypto/pem/pem_pkey.c12
-rw-r--r--src/lib/libcrypto/pem/pem_seal.c2
-rw-r--r--src/lib/libcrypto/pem/pem_xaux.c1
10 files changed, 343 insertions, 201 deletions
diff --git a/src/lib/libcrypto/pem/pem.h b/src/lib/libcrypto/pem/pem.h
index d330cbf9a3..670afa670b 100644
--- a/src/lib/libcrypto/pem/pem.h
+++ b/src/lib/libcrypto/pem/pem.h
@@ -59,6 +59,7 @@
59#ifndef HEADER_PEM_H 59#ifndef HEADER_PEM_H
60#define HEADER_PEM_H 60#define HEADER_PEM_H
61 61
62#include <openssl/e_os2.h>
62#ifndef OPENSSL_NO_BIO 63#ifndef OPENSSL_NO_BIO
63#include <openssl/bio.h> 64#include <openssl/bio.h>
64#endif 65#endif
@@ -68,7 +69,6 @@
68#include <openssl/evp.h> 69#include <openssl/evp.h>
69#include <openssl/x509.h> 70#include <openssl/x509.h>
70#include <openssl/pem2.h> 71#include <openssl/pem2.h>
71#include <openssl/e_os2.h>
72 72
73#ifdef __cplusplus 73#ifdef __cplusplus
74extern "C" { 74extern "C" {
@@ -91,6 +91,9 @@ extern "C" {
91#define PEM_OBJ_DHPARAMS 17 91#define PEM_OBJ_DHPARAMS 17
92#define PEM_OBJ_DSAPARAMS 18 92#define PEM_OBJ_DSAPARAMS 18
93#define PEM_OBJ_PRIV_RSA_PUBLIC 19 93#define PEM_OBJ_PRIV_RSA_PUBLIC 19
94#define PEM_OBJ_PRIV_ECDSA 20
95#define PEM_OBJ_PUB_ECDSA 21
96#define PEM_OBJ_ECPARAMETERS 22
94 97
95#define PEM_ERROR 30 98#define PEM_ERROR 30
96#define PEM_DEK_DES_CBC 40 99#define PEM_DEK_DES_CBC 40
@@ -110,6 +113,7 @@ extern "C" {
110 113
111#define PEM_STRING_X509_OLD "X509 CERTIFICATE" 114#define PEM_STRING_X509_OLD "X509 CERTIFICATE"
112#define PEM_STRING_X509 "CERTIFICATE" 115#define PEM_STRING_X509 "CERTIFICATE"
116#define PEM_STRING_X509_PAIR "CERTIFICATE PAIR"
113#define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE" 117#define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
114#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" 118#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
115#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" 119#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
@@ -126,6 +130,10 @@ extern "C" {
126#define PEM_STRING_DHPARAMS "DH PARAMETERS" 130#define PEM_STRING_DHPARAMS "DH PARAMETERS"
127#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" 131#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
128#define PEM_STRING_DSAPARAMS "DSA PARAMETERS" 132#define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
133#define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
134#define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
135#define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
136#define PEM_STRING_CMS "CMS"
129 137
130 /* Note that this structure is initialised by PEM_SealInit and cleaned up 138 /* Note that this structure is initialised by PEM_SealInit and cleaned up
131 by PEM_SealFinal (at least for now) */ 139 by PEM_SealFinal (at least for now) */
@@ -213,24 +221,50 @@ typedef struct pem_ctx_st
213#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ 221#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
214type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\ 222type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
215{ \ 223{ \
216return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,\ 224 return (type*)PEM_ASN1_read(CHECKED_D2I_OF(type, d2i_##asn1), \
217 cb,u)); \ 225 str, fp, \
218} \ 226 CHECKED_PPTR_OF(type, x), \
227 cb, u); \
228}
219 229
220#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ 230#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
221int PEM_write_##name(FILE *fp, type *x) \ 231int PEM_write_##name(FILE *fp, type *x) \
222{ \ 232{ \
223return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \ 233 return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
224 NULL,NULL,0,NULL,NULL)); \ 234 str, fp, \
225} 235 CHECKED_PTR_OF(type, x), \
236 NULL, NULL, 0, NULL, NULL); \
237}
238
239#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
240int PEM_write_##name(FILE *fp, const type *x) \
241{ \
242 return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
243 str, fp, \
244 CHECKED_PTR_OF(const type, x), \
245 NULL, NULL, 0, NULL, NULL); \
246}
226 247
227#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ 248#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
228int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ 249int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
229 unsigned char *kstr, int klen, pem_password_cb *cb, \ 250 unsigned char *kstr, int klen, pem_password_cb *cb, \
230 void *u) \ 251 void *u) \
231 { \ 252 { \
232 return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \ 253 return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
233 (char *)x,enc,kstr,klen,cb,u)); \ 254 str, fp, \
255 CHECKED_PTR_OF(type, x), \
256 enc, kstr, klen, cb, u); \
257 }
258
259#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
260int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
261 unsigned char *kstr, int klen, pem_password_cb *cb, \
262 void *u) \
263 { \
264 return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
265 str, fp, \
266 CHECKED_PTR_OF(const type, x), \
267 enc, kstr, klen, cb, u); \
234 } 268 }
235 269
236#endif 270#endif
@@ -238,33 +272,66 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
238#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ 272#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
239type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\ 273type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
240{ \ 274{ \
241return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\ 275 return (type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i_##asn1), \
242 (char **)x,cb,u)); \ 276 str, bp, \
277 CHECKED_PPTR_OF(type, x), \
278 cb, u); \
243} 279}
244 280
245#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ 281#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
246int PEM_write_bio_##name(BIO *bp, type *x) \ 282int PEM_write_bio_##name(BIO *bp, type *x) \
247{ \ 283{ \
248return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \ 284 return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
249 NULL,NULL,0,NULL,NULL)); \ 285 str, bp, \
286 CHECKED_PTR_OF(type, x), \
287 NULL, NULL, 0, NULL, NULL); \
288}
289
290#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
291int PEM_write_bio_##name(BIO *bp, const type *x) \
292{ \
293 return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
294 str, bp, \
295 CHECKED_PTR_OF(const type, x), \
296 NULL, NULL, 0, NULL, NULL); \
250} 297}
251 298
252#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ 299#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
253int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ 300int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
254 unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ 301 unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
255 { \ 302 { \
256 return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \ 303 return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
257 (char *)x,enc,kstr,klen,cb,u)); \ 304 str, bp, \
305 CHECKED_PTR_OF(type, x), \
306 enc, kstr, klen, cb, u); \
307 }
308
309#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
310int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
311 unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
312 { \
313 return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
314 str, bp, \
315 CHECKED_PTR_OF(const type, x), \
316 enc, kstr, klen, cb, u); \
258 } 317 }
259 318
260#define IMPLEMENT_PEM_write(name, type, str, asn1) \ 319#define IMPLEMENT_PEM_write(name, type, str, asn1) \
261 IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ 320 IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
262 IMPLEMENT_PEM_write_fp(name, type, str, asn1) 321 IMPLEMENT_PEM_write_fp(name, type, str, asn1)
263 322
323#define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
324 IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
325 IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
326
264#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ 327#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
265 IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ 328 IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
266 IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) 329 IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
267 330
331#define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
332 IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
333 IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
334
268#define IMPLEMENT_PEM_read(name, type, str, asn1) \ 335#define IMPLEMENT_PEM_read(name, type, str, asn1) \
269 IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ 336 IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
270 IMPLEMENT_PEM_read_fp(name, type, str, asn1) 337 IMPLEMENT_PEM_read_fp(name, type, str, asn1)
@@ -273,6 +340,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
273 IMPLEMENT_PEM_read(name, type, str, asn1) \ 340 IMPLEMENT_PEM_read(name, type, str, asn1) \
274 IMPLEMENT_PEM_write(name, type, str, asn1) 341 IMPLEMENT_PEM_write(name, type, str, asn1)
275 342
343#define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
344 IMPLEMENT_PEM_read(name, type, str, asn1) \
345 IMPLEMENT_PEM_write_const(name, type, str, asn1)
346
276#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ 347#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
277 IMPLEMENT_PEM_read(name, type, str, asn1) \ 348 IMPLEMENT_PEM_read(name, type, str, asn1) \
278 IMPLEMENT_PEM_write_cb(name, type, str, asn1) 349 IMPLEMENT_PEM_write_cb(name, type, str, asn1)
@@ -293,6 +364,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
293#define DECLARE_PEM_write_fp(name, type) \ 364#define DECLARE_PEM_write_fp(name, type) \
294 int PEM_write_##name(FILE *fp, type *x); 365 int PEM_write_##name(FILE *fp, type *x);
295 366
367#define DECLARE_PEM_write_fp_const(name, type) \
368 int PEM_write_##name(FILE *fp, const type *x);
369
296#define DECLARE_PEM_write_cb_fp(name, type) \ 370#define DECLARE_PEM_write_cb_fp(name, type) \
297 int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ 371 int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
298 unsigned char *kstr, int klen, pem_password_cb *cb, void *u); 372 unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
@@ -306,6 +380,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
306#define DECLARE_PEM_write_bio(name, type) \ 380#define DECLARE_PEM_write_bio(name, type) \
307 int PEM_write_bio_##name(BIO *bp, type *x); 381 int PEM_write_bio_##name(BIO *bp, type *x);
308 382
383#define DECLARE_PEM_write_bio_const(name, type) \
384 int PEM_write_bio_##name(BIO *bp, const type *x);
385
309#define DECLARE_PEM_write_cb_bio(name, type) \ 386#define DECLARE_PEM_write_cb_bio(name, type) \
310 int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ 387 int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
311 unsigned char *kstr, int klen, pem_password_cb *cb, void *u); 388 unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
@@ -322,6 +399,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
322 DECLARE_PEM_write_bio(name, type) \ 399 DECLARE_PEM_write_bio(name, type) \
323 DECLARE_PEM_write_fp(name, type) 400 DECLARE_PEM_write_fp(name, type)
324 401
402#define DECLARE_PEM_write_const(name, type) \
403 DECLARE_PEM_write_bio_const(name, type) \
404 DECLARE_PEM_write_fp_const(name, type)
405
325#define DECLARE_PEM_write_cb(name, type) \ 406#define DECLARE_PEM_write_cb(name, type) \
326 DECLARE_PEM_write_cb_bio(name, type) \ 407 DECLARE_PEM_write_cb_bio(name, type) \
327 DECLARE_PEM_write_cb_fp(name, type) 408 DECLARE_PEM_write_cb_fp(name, type)
@@ -334,6 +415,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
334 DECLARE_PEM_read(name, type) \ 415 DECLARE_PEM_read(name, type) \
335 DECLARE_PEM_write(name, type) 416 DECLARE_PEM_write(name, type)
336 417
418#define DECLARE_PEM_rw_const(name, type) \
419 DECLARE_PEM_read(name, type) \
420 DECLARE_PEM_write_const(name, type)
421
337#define DECLARE_PEM_rw_cb(name, type) \ 422#define DECLARE_PEM_rw_cb(name, type) \
338 DECLARE_PEM_read(name, type) \ 423 DECLARE_PEM_read(name, type) \
339 DECLARE_PEM_write_cb(name, type) 424 DECLARE_PEM_write_cb(name, type)
@@ -403,9 +488,6 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
403 (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\ 488 (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\
404 (char **)x,cb,u) 489 (char **)x,cb,u)
405 490
406#define PEM_write_bio_SSL_SESSION(bp,x) \
407 PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
408 PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
409#define PEM_write_bio_X509(bp,x) \ 491#define PEM_write_bio_X509(bp,x) \
410 PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \ 492 PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
411 (char *)x, NULL,NULL,0,NULL,NULL) 493 (char *)x, NULL,NULL,0,NULL,NULL)
@@ -444,8 +526,6 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
444 PEM_STRING_X509,bp, \ 526 PEM_STRING_X509,bp, \
445 (char *)x, NULL,NULL,0,NULL,NULL) 527 (char *)x, NULL,NULL,0,NULL,NULL)
446 528
447#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
448 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
449#define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \ 529#define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \
450 (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u) 530 (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u)
451#define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \ 531#define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \
@@ -494,11 +574,25 @@ int PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data,
494 long len); 574 long len);
495int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp, 575int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp,
496 pem_password_cb *cb, void *u); 576 pem_password_cb *cb, void *u);
497char * PEM_ASN1_read_bio(char *(*d2i)(),const char *name,BIO *bp,char **x, 577void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp,
498 pem_password_cb *cb, void *u); 578 void **x, pem_password_cb *cb, void *u);
499int PEM_ASN1_write_bio(int (*i2d)(),const char *name,BIO *bp,char *x, 579
580#define PEM_ASN1_read_bio_of(type,d2i,name,bp,x,cb,u) \
581 ((type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i), \
582 name, bp, \
583 CHECKED_PPTR_OF(type, x), \
584 cb, u))
585
586int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp,char *x,
500 const EVP_CIPHER *enc,unsigned char *kstr,int klen, 587 const EVP_CIPHER *enc,unsigned char *kstr,int klen,
501 pem_password_cb *cb, void *u); 588 pem_password_cb *cb, void *u);
589
590#define PEM_ASN1_write_bio_of(type,i2d,name,bp,x,enc,kstr,klen,cb,u) \
591 (PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d), \
592 name, bp, \
593 CHECKED_PTR_OF(type, x), \
594 enc, kstr, klen, cb, u))
595
502STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); 596STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
503int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc, 597int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
504 unsigned char *kstr, int klen, pem_password_cb *cd, void *u); 598 unsigned char *kstr, int klen, pem_password_cb *cd, void *u);
@@ -508,11 +602,11 @@ int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
508int PEM_read(FILE *fp, char **name, char **header, 602int PEM_read(FILE *fp, char **name, char **header,
509 unsigned char **data,long *len); 603 unsigned char **data,long *len);
510int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len); 604int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
511char * PEM_ASN1_read(char *(*d2i)(),const char *name,FILE *fp,char **x, 605void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
512 pem_password_cb *cb, void *u); 606 pem_password_cb *cb, void *u);
513int PEM_ASN1_write(int (*i2d)(),const char *name,FILE *fp,char *x, 607int PEM_ASN1_write(i2d_of_void *i2d,const char *name,FILE *fp,
514 const EVP_CIPHER *enc,unsigned char *kstr,int klen, 608 char *x,const EVP_CIPHER *enc,unsigned char *kstr,
515 pem_password_cb *callback, void *u); 609 int klen,pem_password_cb *callback, void *u);
516STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, 610STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
517 pem_password_cb *cb, void *u); 611 pem_password_cb *cb, void *u);
518#endif 612#endif
@@ -542,6 +636,8 @@ DECLARE_PEM_rw(X509, X509)
542 636
543DECLARE_PEM_rw(X509_AUX, X509) 637DECLARE_PEM_rw(X509_AUX, X509)
544 638
639DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)
640
545DECLARE_PEM_rw(X509_REQ, X509_REQ) 641DECLARE_PEM_rw(X509_REQ, X509_REQ)
546DECLARE_PEM_write(X509_REQ_NEW, X509_REQ) 642DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
547 643
@@ -559,7 +655,7 @@ DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
559 655
560DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) 656DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
561 657
562DECLARE_PEM_rw(RSAPublicKey, RSA) 658DECLARE_PEM_rw_const(RSAPublicKey, RSA)
563DECLARE_PEM_rw(RSA_PUBKEY, RSA) 659DECLARE_PEM_rw(RSA_PUBKEY, RSA)
564 660
565#endif 661#endif
@@ -570,13 +666,19 @@ DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
570 666
571DECLARE_PEM_rw(DSA_PUBKEY, DSA) 667DECLARE_PEM_rw(DSA_PUBKEY, DSA)
572 668
573DECLARE_PEM_rw(DSAparams, DSA) 669DECLARE_PEM_rw_const(DSAparams, DSA)
670
671#endif
574 672
673#ifndef OPENSSL_NO_EC
674DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
675DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
676DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
575#endif 677#endif
576 678
577#ifndef OPENSSL_NO_DH 679#ifndef OPENSSL_NO_DH
578 680
579DECLARE_PEM_rw(DHparams, DH) 681DECLARE_PEM_rw_const(DHparams, DH)
580 682
581#endif 683#endif
582 684
@@ -626,24 +728,27 @@ void ERR_load_PEM_strings(void);
626/* Function codes. */ 728/* Function codes. */
627#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120 729#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
628#define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121 730#define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
629#define PEM_F_DEF_CALLBACK 100 731#define PEM_F_DO_PK8PKEY 126
732#define PEM_F_DO_PK8PKEY_FP 125
630#define PEM_F_LOAD_IV 101 733#define PEM_F_LOAD_IV 101
631#define PEM_F_PEM_ASN1_READ 102 734#define PEM_F_PEM_ASN1_READ 102
632#define PEM_F_PEM_ASN1_READ_BIO 103 735#define PEM_F_PEM_ASN1_READ_BIO 103
633#define PEM_F_PEM_ASN1_WRITE 104 736#define PEM_F_PEM_ASN1_WRITE 104
634#define PEM_F_PEM_ASN1_WRITE_BIO 105 737#define PEM_F_PEM_ASN1_WRITE_BIO 105
738#define PEM_F_PEM_DEF_CALLBACK 100
635#define PEM_F_PEM_DO_HEADER 106 739#define PEM_F_PEM_DO_HEADER 106
636#define PEM_F_PEM_F_DO_PK8KEY_FP 122
637#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118 740#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
638#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107 741#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
742#define PEM_F_PEM_PK8PKEY 119
639#define PEM_F_PEM_READ 108 743#define PEM_F_PEM_READ 108
640#define PEM_F_PEM_READ_BIO 109 744#define PEM_F_PEM_READ_BIO 109
745#define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
746#define PEM_F_PEM_READ_PRIVATEKEY 124
641#define PEM_F_PEM_SEALFINAL 110 747#define PEM_F_PEM_SEALFINAL 110
642#define PEM_F_PEM_SEALINIT 111 748#define PEM_F_PEM_SEALINIT 111
643#define PEM_F_PEM_SIGNFINAL 112 749#define PEM_F_PEM_SIGNFINAL 112
644#define PEM_F_PEM_WRITE 113 750#define PEM_F_PEM_WRITE 113
645#define PEM_F_PEM_WRITE_BIO 114 751#define PEM_F_PEM_WRITE_BIO 114
646#define PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY 119
647#define PEM_F_PEM_X509_INFO_READ 115 752#define PEM_F_PEM_X509_INFO_READ 115
648#define PEM_F_PEM_X509_INFO_READ_BIO 116 753#define PEM_F_PEM_X509_INFO_READ_BIO 116
649#define PEM_F_PEM_X509_INFO_WRITE_BIO 117 754#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c
index 07963314c9..66cbc7eb82 100644
--- a/src/lib/libcrypto/pem/pem_all.c
+++ b/src/lib/libcrypto/pem/pem_all.c
@@ -55,6 +55,59 @@
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
58 111
59#include <stdio.h> 112#include <stdio.h>
60#undef SSLEAY_MACROS 113#undef SSLEAY_MACROS
@@ -64,7 +117,15 @@
64#include <openssl/x509.h> 117#include <openssl/x509.h>
65#include <openssl/pkcs7.h> 118#include <openssl/pkcs7.h>
66#include <openssl/pem.h> 119#include <openssl/pem.h>
67#include <openssl/fips.h> 120#ifndef OPENSSL_NO_RSA
121#include <openssl/rsa.h>
122#endif
123#ifndef OPENSSL_NO_DSA
124#include <openssl/dsa.h>
125#endif
126#ifndef OPENSSL_NO_DH
127#include <openssl/dh.h>
128#endif
68 129
69#ifndef OPENSSL_NO_RSA 130#ifndef OPENSSL_NO_RSA
70static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); 131static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
@@ -73,6 +134,10 @@ static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
73static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); 134static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa);
74#endif 135#endif
75 136
137#ifndef OPENSSL_NO_EC
138static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey);
139#endif
140
76IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) 141IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ)
77 142
78IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ) 143IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ)
@@ -129,50 +194,8 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb,
129 194
130#endif 195#endif
131 196
132#ifdef OPENSSL_FIPS 197IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
133 198IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
134int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
135 unsigned char *kstr, int klen,
136 pem_password_cb *cb, void *u)
137{
138 EVP_PKEY *k;
139 int ret;
140 k = EVP_PKEY_new();
141 if (!k)
142 return 0;
143 EVP_PKEY_set1_RSA(k, x);
144
145 ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
146 EVP_PKEY_free(k);
147 return ret;
148}
149
150#ifndef OPENSSL_NO_FP_API
151int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
152 unsigned char *kstr, int klen,
153 pem_password_cb *cb, void *u)
154{
155 EVP_PKEY *k;
156 int ret;
157 k = EVP_PKEY_new();
158 if (!k)
159 return 0;
160
161 EVP_PKEY_set1_RSA(k, x);
162
163 ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
164 EVP_PKEY_free(k);
165 return ret;
166}
167#endif
168
169#else
170
171IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
172
173#endif
174
175IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
176IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) 199IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
177 200
178#endif 201#endif
@@ -201,69 +224,73 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
201 return pkey_get_dsa(pktmp, dsa); 224 return pkey_get_dsa(pktmp, dsa);
202} 225}
203 226
227IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
228IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
204 229
205#ifdef OPENSSL_FIPS 230#ifndef OPENSSL_NO_FP_API
206 231
207int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc, 232DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb,
208 unsigned char *kstr, int klen, 233 void *u)
209 pem_password_cb *cb, void *u)
210{ 234{
211 EVP_PKEY *k; 235 EVP_PKEY *pktmp;
212 int ret; 236 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
213 k = EVP_PKEY_new(); 237 return pkey_get_dsa(pktmp, dsa);
214 if (!k)
215 return 0;
216 EVP_PKEY_set1_DSA(k, x);
217
218 ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
219 EVP_PKEY_free(k);
220 return ret;
221} 238}
222 239
223#ifndef OPENSSL_NO_FP_API 240#endif
224int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc, 241
225 unsigned char *kstr, int klen, 242IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
226 pem_password_cb *cb, void *u) 243
244#endif
245
246
247#ifndef OPENSSL_NO_EC
248static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey)
227{ 249{
228 EVP_PKEY *k; 250 EC_KEY *dtmp;
229 int ret; 251 if(!key) return NULL;
230 k = EVP_PKEY_new(); 252 dtmp = EVP_PKEY_get1_EC_KEY(key);
231 if (!k) 253 EVP_PKEY_free(key);
232 return 0; 254 if(!dtmp) return NULL;
233 EVP_PKEY_set1_DSA(k, x); 255 if(eckey)
234 ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); 256 {
235 EVP_PKEY_free(k); 257 EC_KEY_free(*eckey);
236 return ret; 258 *eckey = dtmp;
259 }
260 return dtmp;
237} 261}
238#endif
239 262
240#else 263EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb,
264 void *u)
265{
266 EVP_PKEY *pktmp;
267 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
268 return pkey_get_eckey(pktmp, key);
269}
241 270
242IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) 271IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters)
243 272
244#endif 273IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey)
245 274
246IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) 275IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
247 276
248#ifndef OPENSSL_NO_FP_API 277#ifndef OPENSSL_NO_FP_API
249 278
250DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, 279EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb,
251 void *u) 280 void *u)
252{ 281{
253 EVP_PKEY *pktmp; 282 EVP_PKEY *pktmp;
254 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); 283 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
255 return pkey_get_dsa(pktmp, dsa); 284 return pkey_get_eckey(pktmp, eckey);
256} 285}
257 286
258#endif 287#endif
259 288
260IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
261
262#endif 289#endif
263 290
264#ifndef OPENSSL_NO_DH 291#ifndef OPENSSL_NO_DH
265 292
266IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) 293IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
267 294
268#endif 295#endif
269 296
@@ -274,42 +301,8 @@ IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
274 * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything 301 * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
275 * appropriate.) 302 * appropriate.)
276 */ 303 */
277 304IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\
278#ifdef OPENSSL_FIPS 305 (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey)
279
280int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
281 unsigned char *kstr, int klen,
282 pem_password_cb *cb, void *u)
283 {
284 if (FIPS_mode())
285 return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
286 (char *)kstr, klen, cb, u);
287 else
288 return PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,
289 (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
290 bp,(char *)x,enc,kstr,klen,cb,u);
291 }
292
293#ifndef OPENSSL_NO_FP_API
294int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
295 unsigned char *kstr, int klen,
296 pem_password_cb *cb, void *u)
297 {
298 if (FIPS_mode())
299 return PEM_write_PKCS8PrivateKey(fp, x, enc,
300 (char *)kstr, klen, cb, u);
301 else
302 return PEM_ASN1_write((int (*)())i2d_PrivateKey,
303 (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
304 fp,(char *)x,enc,kstr,klen,cb,u);
305 }
306#endif
307
308#else
309
310IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), PrivateKey)
311
312#endif
313 306
314IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) 307IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
315 308
diff --git a/src/lib/libcrypto/pem/pem_err.c b/src/lib/libcrypto/pem/pem_err.c
index 8527028ebc..3133563d77 100644
--- a/src/lib/libcrypto/pem/pem_err.c
+++ b/src/lib/libcrypto/pem/pem_err.c
@@ -72,24 +72,27 @@ static ERR_STRING_DATA PEM_str_functs[]=
72 { 72 {
73{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"}, 73{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"},
74{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"}, 74{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"},
75{ERR_FUNC(PEM_F_DEF_CALLBACK), "DEF_CALLBACK"}, 75{ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"},
76{ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"},
76{ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"}, 77{ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"},
77{ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"}, 78{ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"},
78{ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"}, 79{ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"},
79{ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"}, 80{ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"},
80{ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"}, 81{ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"},
82{ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"},
81{ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"}, 83{ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
82{ERR_FUNC(PEM_F_PEM_F_DO_PK8KEY_FP), "PEM_F_DO_PK8KEY_FP"},
83{ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"}, 84{ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
84{ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"}, 85{ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"},
86{ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"},
85{ERR_FUNC(PEM_F_PEM_READ), "PEM_read"}, 87{ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
86{ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"}, 88{ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
89{ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"},
90{ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"},
87{ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"}, 91{ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"},
88{ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"}, 92{ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"},
89{ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"}, 93{ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"},
90{ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"}, 94{ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"},
91{ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"}, 95{ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"},
92{ERR_FUNC(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY), "PEM_write_bio_PKCS8PrivateKey"},
93{ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"}, 96{ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"},
94{ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"}, 97{ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"},
95{ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"}, 98{ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"},
@@ -121,15 +124,12 @@ static ERR_STRING_DATA PEM_str_reasons[]=
121 124
122void ERR_load_PEM_strings(void) 125void ERR_load_PEM_strings(void)
123 { 126 {
124 static int init=1; 127#ifndef OPENSSL_NO_ERR
125 128
126 if (init) 129 if (ERR_func_error_string(PEM_str_functs[0].error) == NULL)
127 { 130 {
128 init=0;
129#ifndef OPENSSL_NO_ERR
130 ERR_load_strings(0,PEM_str_functs); 131 ERR_load_strings(0,PEM_str_functs);
131 ERR_load_strings(0,PEM_str_reasons); 132 ERR_load_strings(0,PEM_str_reasons);
132#endif
133
134 } 133 }
134#endif
135 } 135 }
diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c
index 9e4af29c95..3a273f6f70 100644
--- a/src/lib/libcrypto/pem/pem_info.c
+++ b/src/lib/libcrypto/pem/pem_info.c
@@ -63,6 +63,12 @@
63#include <openssl/evp.h> 63#include <openssl/evp.h>
64#include <openssl/x509.h> 64#include <openssl/x509.h>
65#include <openssl/pem.h> 65#include <openssl/pem.h>
66#ifndef OPENSSL_NO_RSA
67#include <openssl/rsa.h>
68#endif
69#ifndef OPENSSL_NO_DSA
70#include <openssl/dsa.h>
71#endif
66 72
67#ifndef OPENSSL_NO_FP_API 73#ifndef OPENSSL_NO_FP_API
68STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) 74STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
@@ -85,13 +91,15 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_p
85STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) 91STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
86 { 92 {
87 X509_INFO *xi=NULL; 93 X509_INFO *xi=NULL;
88 char *name=NULL,*header=NULL,**pp; 94 char *name=NULL,*header=NULL;
89 unsigned char *data=NULL,*p; 95 void *pp;
96 unsigned char *data=NULL;
97 const unsigned char *p;
90 long len,error=0; 98 long len,error=0;
91 int ok=0; 99 int ok=0;
92 STACK_OF(X509_INFO) *ret=NULL; 100 STACK_OF(X509_INFO) *ret=NULL;
93 unsigned int i,raw; 101 unsigned int i,raw;
94 char *(*d2i)(); 102 d2i_of_void *d2i;
95 103
96 if (sk == NULL) 104 if (sk == NULL)
97 { 105 {
@@ -123,42 +131,42 @@ start:
123 if ( (strcmp(name,PEM_STRING_X509) == 0) || 131 if ( (strcmp(name,PEM_STRING_X509) == 0) ||
124 (strcmp(name,PEM_STRING_X509_OLD) == 0)) 132 (strcmp(name,PEM_STRING_X509_OLD) == 0))
125 { 133 {
126 d2i=(char *(*)())d2i_X509; 134 d2i=(D2I_OF(void))d2i_X509;
127 if (xi->x509 != NULL) 135 if (xi->x509 != NULL)
128 { 136 {
129 if (!sk_X509_INFO_push(ret,xi)) goto err; 137 if (!sk_X509_INFO_push(ret,xi)) goto err;
130 if ((xi=X509_INFO_new()) == NULL) goto err; 138 if ((xi=X509_INFO_new()) == NULL) goto err;
131 goto start; 139 goto start;
132 } 140 }
133 pp=(char **)&(xi->x509); 141 pp=&(xi->x509);
134 } 142 }
135 else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0)) 143 else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0))
136 { 144 {
137 d2i=(char *(*)())d2i_X509_AUX; 145 d2i=(D2I_OF(void))d2i_X509_AUX;
138 if (xi->x509 != NULL) 146 if (xi->x509 != NULL)
139 { 147 {
140 if (!sk_X509_INFO_push(ret,xi)) goto err; 148 if (!sk_X509_INFO_push(ret,xi)) goto err;
141 if ((xi=X509_INFO_new()) == NULL) goto err; 149 if ((xi=X509_INFO_new()) == NULL) goto err;
142 goto start; 150 goto start;
143 } 151 }
144 pp=(char **)&(xi->x509); 152 pp=&(xi->x509);
145 } 153 }
146 else if (strcmp(name,PEM_STRING_X509_CRL) == 0) 154 else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
147 { 155 {
148 d2i=(char *(*)())d2i_X509_CRL; 156 d2i=(D2I_OF(void))d2i_X509_CRL;
149 if (xi->crl != NULL) 157 if (xi->crl != NULL)
150 { 158 {
151 if (!sk_X509_INFO_push(ret,xi)) goto err; 159 if (!sk_X509_INFO_push(ret,xi)) goto err;
152 if ((xi=X509_INFO_new()) == NULL) goto err; 160 if ((xi=X509_INFO_new()) == NULL) goto err;
153 goto start; 161 goto start;
154 } 162 }
155 pp=(char **)&(xi->crl); 163 pp=&(xi->crl);
156 } 164 }
157 else 165 else
158#ifndef OPENSSL_NO_RSA 166#ifndef OPENSSL_NO_RSA
159 if (strcmp(name,PEM_STRING_RSA) == 0) 167 if (strcmp(name,PEM_STRING_RSA) == 0)
160 { 168 {
161 d2i=(char *(*)())d2i_RSAPrivateKey; 169 d2i=(D2I_OF(void))d2i_RSAPrivateKey;
162 if (xi->x_pkey != NULL) 170 if (xi->x_pkey != NULL)
163 { 171 {
164 if (!sk_X509_INFO_push(ret,xi)) goto err; 172 if (!sk_X509_INFO_push(ret,xi)) goto err;
@@ -173,7 +181,7 @@ start:
173 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) 181 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
174 goto err; 182 goto err;
175 xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA; 183 xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA;
176 pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa); 184 pp=&(xi->x_pkey->dec_pkey->pkey.rsa);
177 if ((int)strlen(header) > 10) /* assume encrypted */ 185 if ((int)strlen(header) > 10) /* assume encrypted */
178 raw=1; 186 raw=1;
179 } 187 }
@@ -182,7 +190,7 @@ start:
182#ifndef OPENSSL_NO_DSA 190#ifndef OPENSSL_NO_DSA
183 if (strcmp(name,PEM_STRING_DSA) == 0) 191 if (strcmp(name,PEM_STRING_DSA) == 0)
184 { 192 {
185 d2i=(char *(*)())d2i_DSAPrivateKey; 193 d2i=(D2I_OF(void))d2i_DSAPrivateKey;
186 if (xi->x_pkey != NULL) 194 if (xi->x_pkey != NULL)
187 { 195 {
188 if (!sk_X509_INFO_push(ret,xi)) goto err; 196 if (!sk_X509_INFO_push(ret,xi)) goto err;
@@ -197,12 +205,36 @@ start:
197 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) 205 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
198 goto err; 206 goto err;
199 xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA; 207 xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA;
200 pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa); 208 pp=&xi->x_pkey->dec_pkey->pkey.dsa;
201 if ((int)strlen(header) > 10) /* assume encrypted */ 209 if ((int)strlen(header) > 10) /* assume encrypted */
202 raw=1; 210 raw=1;
203 } 211 }
204 else 212 else
205#endif 213#endif
214#ifndef OPENSSL_NO_EC
215 if (strcmp(name,PEM_STRING_ECPRIVATEKEY) == 0)
216 {
217 d2i=(D2I_OF(void))d2i_ECPrivateKey;
218 if (xi->x_pkey != NULL)
219 {
220 if (!sk_X509_INFO_push(ret,xi)) goto err;
221 if ((xi=X509_INFO_new()) == NULL) goto err;
222 goto start;
223 }
224
225 xi->enc_data=NULL;
226 xi->enc_len=0;
227
228 xi->x_pkey=X509_PKEY_new();
229 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
230 goto err;
231 xi->x_pkey->dec_pkey->type=EVP_PKEY_EC;
232 pp=&(xi->x_pkey->dec_pkey->pkey.ec);
233 if ((int)strlen(header) > 10) /* assume encrypted */
234 raw=1;
235 }
236 else
237#endif
206 { 238 {
207 d2i=NULL; 239 d2i=NULL;
208 pp=NULL; 240 pp=NULL;
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 82815067b3..9bae4c8850 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -69,7 +69,7 @@
69#include <openssl/des.h> 69#include <openssl/des.h>
70#endif 70#endif
71 71
72const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT; 72const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT;
73 73
74#define MIN_LENGTH 4 74#define MIN_LENGTH 4
75 75
@@ -81,7 +81,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
81#ifdef OPENSSL_NO_FP_API 81#ifdef OPENSSL_NO_FP_API
82 /* We should not ever call the default callback routine from 82 /* We should not ever call the default callback routine from
83 * windows. */ 83 * windows. */
84 PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 84 PEMerr(PEM_F_PEM_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
85 return(-1); 85 return(-1);
86#else 86#else
87 int i,j; 87 int i,j;
@@ -102,7 +102,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
102 i=EVP_read_pw_string(buf,num,prompt,w); 102 i=EVP_read_pw_string(buf,num,prompt,w);
103 if (i != 0) 103 if (i != 0)
104 { 104 {
105 PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); 105 PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
106 memset(buf,0,(unsigned int)num); 106 memset(buf,0,(unsigned int)num);
107 return(-1); 107 return(-1);
108 } 108 }
@@ -158,11 +158,11 @@ void PEM_dek_info(char *buf, const char *type, int len, char *str)
158 } 158 }
159 159
160#ifndef OPENSSL_NO_FP_API 160#ifndef OPENSSL_NO_FP_API
161char *PEM_ASN1_read(char *(*d2i)(), const char *name, FILE *fp, char **x, 161void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
162 pem_password_cb *cb, void *u) 162 pem_password_cb *cb, void *u)
163 { 163 {
164 BIO *b; 164 BIO *b;
165 char *ret; 165 void *ret;
166 166
167 if ((b=BIO_new(BIO_s_file())) == NULL) 167 if ((b=BIO_new(BIO_s_file())) == NULL)
168 { 168 {
@@ -195,6 +195,8 @@ static int check_pem(const char *nm, const char *name)
195 if(!strcmp(nm,PEM_STRING_DSA) && 195 if(!strcmp(nm,PEM_STRING_DSA) &&
196 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; 196 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
197 197
198 if(!strcmp(nm,PEM_STRING_ECPRIVATEKEY) &&
199 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
198 /* Permit older strings */ 200 /* Permit older strings */
199 201
200 if(!strcmp(nm,PEM_STRING_X509_OLD) && 202 if(!strcmp(nm,PEM_STRING_X509_OLD) &&
@@ -258,9 +260,9 @@ err:
258 } 260 }
259 261
260#ifndef OPENSSL_NO_FP_API 262#ifndef OPENSSL_NO_FP_API
261int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x, 263int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
262 const EVP_CIPHER *enc, unsigned char *kstr, int klen, 264 char *x, const EVP_CIPHER *enc, unsigned char *kstr,
263 pem_password_cb *callback, void *u) 265 int klen, pem_password_cb *callback, void *u)
264 { 266 {
265 BIO *b; 267 BIO *b;
266 int ret; 268 int ret;
@@ -277,9 +279,9 @@ int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x,
277 } 279 }
278#endif 280#endif
279 281
280int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, 282int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
281 const EVP_CIPHER *enc, unsigned char *kstr, int klen, 283 char *x, const EVP_CIPHER *enc, unsigned char *kstr,
282 pem_password_cb *callback, void *u) 284 int klen, pem_password_cb *callback, void *u)
283 { 285 {
284 EVP_CIPHER_CTX ctx; 286 EVP_CIPHER_CTX ctx;
285 int dsize=0,i,j,ret=0; 287 int dsize=0,i,j,ret=0;
@@ -336,7 +338,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
336 kstr=(unsigned char *)buf; 338 kstr=(unsigned char *)buf;
337 } 339 }
338 RAND_add(data,i,0);/* put in the RSA key. */ 340 RAND_add(data,i,0);/* put in the RSA key. */
339 OPENSSL_assert(enc->iv_len <= sizeof iv); 341 OPENSSL_assert(enc->iv_len <= (int)sizeof(iv));
340 if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ 342 if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
341 goto err; 343 goto err;
342 /* The 'iv' is used as the iv and as a salt. It is 344 /* The 'iv' is used as the iv and as a salt. It is
@@ -577,6 +579,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
577 } 579 }
578 EVP_EncodeFinal(&ctx,buf,&outl); 580 EVP_EncodeFinal(&ctx,buf,&outl);
579 if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; 581 if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
582 OPENSSL_cleanse(buf, PEM_BUFSIZE*8);
580 OPENSSL_free(buf); 583 OPENSSL_free(buf);
581 buf = NULL; 584 buf = NULL;
582 if ( (BIO_write(bp,"-----END ",9) != 9) || 585 if ( (BIO_write(bp,"-----END ",9) != 9) ||
@@ -585,8 +588,10 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
585 goto err; 588 goto err;
586 return(i+outl); 589 return(i+outl);
587err: 590err:
588 if (buf) 591 if (buf) {
592 OPENSSL_cleanse(buf, PEM_BUFSIZE*8);
589 OPENSSL_free(buf); 593 OPENSSL_free(buf);
594 }
590 PEMerr(PEM_F_PEM_WRITE_BIO,reason); 595 PEMerr(PEM_F_PEM_WRITE_BIO,reason);
591 return(0); 596 return(0);
592 } 597 }
diff --git a/src/lib/libcrypto/pem/pem_oth.c b/src/lib/libcrypto/pem/pem_oth.c
index 8d9064ea7c..b33868d25a 100644
--- a/src/lib/libcrypto/pem/pem_oth.c
+++ b/src/lib/libcrypto/pem/pem_oth.c
@@ -67,10 +67,11 @@
67 67
68/* Handle 'other' PEMs: not private keys */ 68/* Handle 'other' PEMs: not private keys */
69 69
70char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x, 70void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
71 pem_password_cb *cb, void *u) 71 pem_password_cb *cb, void *u)
72 { 72 {
73 unsigned char *p=NULL,*data=NULL; 73 const unsigned char *p=NULL;
74 unsigned char *data=NULL;
74 long len; 75 long len;
75 char *ret=NULL; 76 char *ret=NULL;
76 77
diff --git a/src/lib/libcrypto/pem/pem_pk8.c b/src/lib/libcrypto/pem/pem_pk8.c
index db38a2a79d..6deab8c338 100644
--- a/src/lib/libcrypto/pem/pem_pk8.c
+++ b/src/lib/libcrypto/pem/pem_pk8.c
@@ -118,7 +118,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER
118 char buf[PEM_BUFSIZE]; 118 char buf[PEM_BUFSIZE];
119 int ret; 119 int ret;
120 if(!(p8inf = EVP_PKEY2PKCS8(x))) { 120 if(!(p8inf = EVP_PKEY2PKCS8(x))) {
121 PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY, 121 PEMerr(PEM_F_DO_PK8PKEY,
122 PEM_R_ERROR_CONVERTING_PRIVATE_KEY); 122 PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
123 return 0; 123 return 0;
124 } 124 }
@@ -127,8 +127,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER
127 if(!cb) klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u); 127 if(!cb) klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
128 else klen = cb(buf, PEM_BUFSIZE, 1, u); 128 else klen = cb(buf, PEM_BUFSIZE, 1, u);
129 if(klen <= 0) { 129 if(klen <= 0) {
130 PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY, 130 PEMerr(PEM_F_DO_PK8PKEY,PEM_R_READ_KEY);
131 PEM_R_READ_KEY);
132 PKCS8_PRIV_KEY_INFO_free(p8inf); 131 PKCS8_PRIV_KEY_INFO_free(p8inf);
133 return 0; 132 return 0;
134 } 133 }
@@ -215,7 +214,7 @@ static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CI
215 BIO *bp; 214 BIO *bp;
216 int ret; 215 int ret;
217 if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { 216 if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
218 PEMerr(PEM_F_PEM_F_DO_PK8KEY_FP,ERR_R_BUF_LIB); 217 PEMerr(PEM_F_DO_PK8PKEY_FP,ERR_R_BUF_LIB);
219 return(0); 218 return(0);
220 } 219 }
221 ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u); 220 ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);
diff --git a/src/lib/libcrypto/pem/pem_pkey.c b/src/lib/libcrypto/pem/pem_pkey.c
index 9ecdbd5419..4da4c31ce5 100644
--- a/src/lib/libcrypto/pem/pem_pkey.c
+++ b/src/lib/libcrypto/pem/pem_pkey.c
@@ -70,7 +70,8 @@
70EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) 70EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
71 { 71 {
72 char *nm=NULL; 72 char *nm=NULL;
73 unsigned char *p=NULL,*data=NULL; 73 const unsigned char *p=NULL;
74 unsigned char *data=NULL;
74 long len; 75 long len;
75 EVP_PKEY *ret=NULL; 76 EVP_PKEY *ret=NULL;
76 77
@@ -82,6 +83,8 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
82 ret=d2i_PrivateKey(EVP_PKEY_RSA,x,&p,len); 83 ret=d2i_PrivateKey(EVP_PKEY_RSA,x,&p,len);
83 else if (strcmp(nm,PEM_STRING_DSA) == 0) 84 else if (strcmp(nm,PEM_STRING_DSA) == 0)
84 ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len); 85 ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len);
86 else if (strcmp(nm,PEM_STRING_ECPRIVATEKEY) == 0)
87 ret=d2i_PrivateKey(EVP_PKEY_EC,x,&p,len);
85 else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) { 88 else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
86 PKCS8_PRIV_KEY_INFO *p8inf; 89 PKCS8_PRIV_KEY_INFO *p8inf;
87 p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len); 90 p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
@@ -102,7 +105,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
102 if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u); 105 if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
103 else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u); 106 else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u);
104 if (klen <= 0) { 107 if (klen <= 0) {
105 PEMerr(PEM_F_PEM_ASN1_READ_BIO, 108 PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,
106 PEM_R_BAD_PASSWORD_READ); 109 PEM_R_BAD_PASSWORD_READ);
107 X509_SIG_free(p8); 110 X509_SIG_free(p8);
108 goto err; 111 goto err;
@@ -119,9 +122,10 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
119 } 122 }
120p8err: 123p8err:
121 if (ret == NULL) 124 if (ret == NULL)
122 PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); 125 PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,ERR_R_ASN1_LIB);
123err: 126err:
124 OPENSSL_free(nm); 127 OPENSSL_free(nm);
128 OPENSSL_cleanse(data, len);
125 OPENSSL_free(data); 129 OPENSSL_free(data);
126 return(ret); 130 return(ret);
127 } 131 }
@@ -134,7 +138,7 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void
134 138
135 if ((b=BIO_new(BIO_s_file())) == NULL) 139 if ((b=BIO_new(BIO_s_file())) == NULL)
136 { 140 {
137 PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB); 141 PEMerr(PEM_F_PEM_READ_PRIVATEKEY,ERR_R_BUF_LIB);
138 return(0); 142 return(0);
139 } 143 }
140 BIO_set_fp(b,fp,BIO_NOCLOSE); 144 BIO_set_fp(b,fp,BIO_NOCLOSE);
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c
index 56e08abd70..4e554e5481 100644
--- a/src/lib/libcrypto/pem/pem_seal.c
+++ b/src/lib/libcrypto/pem/pem_seal.c
@@ -56,6 +56,7 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#include <openssl/opensslconf.h> /* for OPENSSL_NO_RSA */
59#ifndef OPENSSL_NO_RSA 60#ifndef OPENSSL_NO_RSA
60#include <stdio.h> 61#include <stdio.h>
61#include "cryptlib.h" 62#include "cryptlib.h"
@@ -64,6 +65,7 @@
64#include <openssl/objects.h> 65#include <openssl/objects.h>
65#include <openssl/x509.h> 66#include <openssl/x509.h>
66#include <openssl/pem.h> 67#include <openssl/pem.h>
68#include <openssl/rsa.h>
67 69
68int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, 70int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
69 unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, 71 unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,
diff --git a/src/lib/libcrypto/pem/pem_xaux.c b/src/lib/libcrypto/pem/pem_xaux.c
index 2f579b5421..63ce660cf1 100644
--- a/src/lib/libcrypto/pem/pem_xaux.c
+++ b/src/lib/libcrypto/pem/pem_xaux.c
@@ -66,3 +66,4 @@
66#include <openssl/pem.h> 66#include <openssl/pem.h>
67 67
68IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX) 68IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX)
69IMPLEMENT_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR, PEM_STRING_X509_PAIR, X509_CERT_PAIR)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-01-03 20:15:49 +0000