1 files changed, 18 insertions, 63 deletions
diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c
index aa9a4f6c96..b634d5bc85 100644
--- a/src/lib/libcrypto/asn1/p8_pkey.c
+++ b/src/lib/libcrypto/asn1/p8_pkey.c
@@ -58,72 +58,27 @@
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
-int i2d_PKCS8_PRIV_KEY_INFO (PKCS8_PRIV_KEY_INFO *a, unsigned char **pp)
+/* Minor tweak to operation: zero private key data */
+static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 {
+        /* Since the structure must still be valid use ASN1_OP_FREE_PRE */
-        M_ASN1_I2D_vars(a);
+        if(operation == ASN1_OP_FREE_PRE) {
+                PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
-        M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
+                if (key->pkey->value.octet_string)
-        M_ASN1_I2D_len (a->pkeyalg, i2d_X509_ALGOR);
+                memset(key->pkey->value.octet_string->data,
-        M_ASN1_I2D_len (a->pkey, i2d_ASN1_TYPE);
+                                 0, key->pkey->value.octet_string->length);
-        M_ASN1_I2D_len_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
+        }
-                                         i2d_X509_ATTRIBUTE, 0);
+        return 1;
-        
-        M_ASN1_I2D_seq_total ();
-        M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
-        M_ASN1_I2D_put (a->pkeyalg, i2d_X509_ALGOR);
-        M_ASN1_I2D_put (a->pkey, i2d_ASN1_TYPE);
-        M_ASN1_I2D_put_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
-                                         i2d_X509_ATTRIBUTE, 0);
-        M_ASN1_I2D_finish();
 }
-PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void)
+ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = {
-{
+        ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER),
-        PKCS8_PRIV_KEY_INFO *ret=NULL;
+        ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR),
-        ASN1_CTX c;
+        ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_ANY),
-        M_ASN1_New_Malloc(ret, PKCS8_PRIV_KEY_INFO);
+        ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0)
-        M_ASN1_New (ret->version, ASN1_INTEGER_new);
+} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
-        M_ASN1_New (ret->pkeyalg, X509_ALGOR_new);
-        M_ASN1_New (ret->pkey, ASN1_TYPE_new);
-        ret->attributes = NULL;
-        ret->broken = PKCS8_OK;
-        return (ret);
-        M_ASN1_New_Error(ASN1_F_PKCS8_PRIV_KEY_INFO_NEW);
-}
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a,
+IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
-             unsigned char **pp, long length)
-{
-        M_ASN1_D2I_vars(a,PKCS8_PRIV_KEY_INFO *,PKCS8_PRIV_KEY_INFO_new);
-        M_ASN1_D2I_Init();
-        M_ASN1_D2I_start_sequence();
-        M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
-        M_ASN1_D2I_get (ret->pkeyalg, d2i_X509_ALGOR);
-        M_ASN1_D2I_get (ret->pkey, d2i_ASN1_TYPE);
-        M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE, ret->attributes,
-                                        d2i_X509_ATTRIBUTE,
-                                        X509_ATTRIBUTE_free, 0);
-        if (ASN1_TYPE_get(ret->pkey) == V_ASN1_SEQUENCE) 
-                                                ret->broken = PKCS8_NO_OCTET;
-        M_ASN1_D2I_Finish(a, PKCS8_PRIV_KEY_INFO_free, ASN1_F_D2I_PKCS8_PRIV_KEY_INFO);
-}
-void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a)
-{
-        if (a == NULL) return;
-        ASN1_INTEGER_free (a->version);
-        X509_ALGOR_free(a->pkeyalg);
-        /* Clear sensitive data */
-        if (a->pkey->value.octet_string)
-                memset (a->pkey->value.octet_string->data,
-                                 0, a->pkey->value.octet_string->length);
-        ASN1_TYPE_free (a->pkey);
-        sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free);
-        Free (a);
-}

diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c index aa9a4f6c96..b634d5bc85 100644 --- a/src/lib/libcrypto/asn1/p8_pkey.c +++ b/src/lib/libcrypto/asn1/p8_pkey.c
@@ -58,72 +58,27 @@
58		58
59	#include <stdio.h>	59	#include <stdio.h>
60	#include "cryptlib.h"	60	#include "cryptlib.h"
61	#include <openssl/asn1_mac.h>	61	#include <openssl/asn1t.h>
62	#include <openssl/x509.h>	62	#include <openssl/x509.h>
63		63
64	int i2d_PKCS8_PRIV_KEY_INFO (PKCS8_PRIV_KEY_INFO a, unsigned char *pp)	64	/* Minor tweak to operation: zero private key data */
		65	static int pkey_cb(int operation, ASN1_VALUE *pval, const ASN1_ITEM it)
65	{	66	{
66		67	/* Since the structure must still be valid use ASN1_OP_FREE_PRE */
67	M_ASN1_I2D_vars(a);	68	if(operation == ASN1_OP_FREE_PRE) {
68		69	PKCS8_PRIV_KEY_INFO key = (PKCS8_PRIV_KEY_INFO )*pval;
69	M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);	70	if (key->pkey->value.octet_string)
70	M_ASN1_I2D_len (a->pkeyalg, i2d_X509_ALGOR);	71	memset(key->pkey->value.octet_string->data,
71	M_ASN1_I2D_len (a->pkey, i2d_ASN1_TYPE);	72	0, key->pkey->value.octet_string->length);
72	M_ASN1_I2D_len_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,	73	}
73	i2d_X509_ATTRIBUTE, 0);	74	return 1;
74
75	M_ASN1_I2D_seq_total ();
76
77	M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
78	M_ASN1_I2D_put (a->pkeyalg, i2d_X509_ALGOR);
79	M_ASN1_I2D_put (a->pkey, i2d_ASN1_TYPE);
80	M_ASN1_I2D_put_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
81	i2d_X509_ATTRIBUTE, 0);
82
83	M_ASN1_I2D_finish();
84	}	75	}
85		76
86	PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void)	77	ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = {
87	{	78	ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER),
88	PKCS8_PRIV_KEY_INFO *ret=NULL;	79	ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR),
89	ASN1_CTX c;	80	ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_ANY),
90	M_ASN1_New_Malloc(ret, PKCS8_PRIV_KEY_INFO);	81	ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0)
91	M_ASN1_New (ret->version, ASN1_INTEGER_new);	82	} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
92	M_ASN1_New (ret->pkeyalg, X509_ALGOR_new);
93	M_ASN1_New (ret->pkey, ASN1_TYPE_new);
94	ret->attributes = NULL;
95	ret->broken = PKCS8_OK;
96	return (ret);
97	M_ASN1_New_Error(ASN1_F_PKCS8_PRIV_KEY_INFO_NEW);
98	}
99		83
100	PKCS8_PRIV_KEY_INFO d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a,	84	IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
101	unsigned char **pp, long length)
102	{
103	M_ASN1_D2I_vars(a,PKCS8_PRIV_KEY_INFO *,PKCS8_PRIV_KEY_INFO_new);
104	M_ASN1_D2I_Init();
105	M_ASN1_D2I_start_sequence();
106	M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
107	M_ASN1_D2I_get (ret->pkeyalg, d2i_X509_ALGOR);
108	M_ASN1_D2I_get (ret->pkey, d2i_ASN1_TYPE);
109	M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE, ret->attributes,
110	d2i_X509_ATTRIBUTE,
111	X509_ATTRIBUTE_free, 0);
112	if (ASN1_TYPE_get(ret->pkey) == V_ASN1_SEQUENCE)
113	ret->broken = PKCS8_NO_OCTET;
114	M_ASN1_D2I_Finish(a, PKCS8_PRIV_KEY_INFO_free, ASN1_F_D2I_PKCS8_PRIV_KEY_INFO);
115	}
116
117	void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a)
118	{
119	if (a == NULL) return;
120	ASN1_INTEGER_free (a->version);
121	X509_ALGOR_free(a->pkeyalg);
122	/* Clear sensitive data */
123	if (a->pkey->value.octet_string)
124	memset (a->pkey->value.octet_string->data,
125	0, a->pkey->value.octet_string->length);
126	ASN1_TYPE_free (a->pkey);
127	sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free);
128	Free (a);
129	}