1 files changed, 119 insertions, 0 deletions
diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c
index e72b7134ce..07963314c9 100644
--- a/src/lib/libcrypto/pem/pem_all.c
+++ b/src/lib/libcrypto/pem/pem_all.c
@@ -64,6 +64,7 @@
 #include <openssl/x509.h>
 #include <openssl/pkcs7.h>
 #include <openssl/pem.h>
+#include <openssl/fips.h>
 #ifndef OPENSSL_NO_RSA
 static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
@@ -128,7 +129,49 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb,
 #endif
+#ifdef OPENSSL_FIPS
+int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                               unsigned char *kstr, int klen,
+                                               pem_password_cb *cb, void *u)
+{
+        EVP_PKEY *k;
+        int ret;
+        k = EVP_PKEY_new();
+        if (!k)
+                return 0;
+        EVP_PKEY_set1_RSA(k, x);
+        ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
+        EVP_PKEY_free(k);
+        return ret;
+}
+#ifndef OPENSSL_NO_FP_API
+int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                                               unsigned char *kstr, int klen,
+                                               pem_password_cb *cb, void *u)
+{
+        EVP_PKEY *k;
+        int ret;
+        k = EVP_PKEY_new();
+        if (!k)
+                return 0;
+        EVP_PKEY_set1_RSA(k, x);
+        ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
+        EVP_PKEY_free(k);
+        return ret;
+}
+#endif
+#else
 IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
+#endif
 IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
 IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
@@ -158,7 +201,48 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
        return pkey_get_dsa(pktmp, dsa);
 }
+#ifdef OPENSSL_FIPS
+int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                               unsigned char *kstr, int klen,
+                                               pem_password_cb *cb, void *u)
+{
+        EVP_PKEY *k;
+        int ret;
+        k = EVP_PKEY_new();
+        if (!k)
+                return 0;
+        EVP_PKEY_set1_DSA(k, x);
+        ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
+        EVP_PKEY_free(k);
+        return ret;
+}
+#ifndef OPENSSL_NO_FP_API
+int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                                               unsigned char *kstr, int klen,
+                                               pem_password_cb *cb, void *u)
+{
+        EVP_PKEY *k;
+        int ret;
+        k = EVP_PKEY_new();
+        if (!k)
+                return 0;
+        EVP_PKEY_set1_DSA(k, x);
+        ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
+        EVP_PKEY_free(k);
+        return ret;
+}
+#endif
+#else
 IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
+#endif
 IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
 #ifndef OPENSSL_NO_FP_API
@@ -190,7 +274,42 @@ IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
 * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
 * appropriate.)
 */
+#ifdef OPENSSL_FIPS
+int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                               unsigned char *kstr, int klen,
+                                               pem_password_cb *cb, void *u)
+        {
+                if (FIPS_mode())
+                        return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
+                                                (char *)kstr, klen, cb, u);
+                else
+                        return PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,
+                (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
+                        bp,(char *)x,enc,kstr,klen,cb,u);
+        }
+#ifndef OPENSSL_NO_FP_API
+int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                               unsigned char *kstr, int klen,
+                                               pem_password_cb *cb, void *u)
+        {
+                if (FIPS_mode())
+                        return PEM_write_PKCS8PrivateKey(fp, x, enc,
+                                                (char *)kstr, klen, cb, u);
+                else
+                        return PEM_ASN1_write((int (*)())i2d_PrivateKey,
+                (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
+                        fp,(char *)x,enc,kstr,klen,cb,u);
+        }
+#endif
+#else
 IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), PrivateKey)
+#endif
 IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)

diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c index e72b7134ce..07963314c9 100644 --- a/src/lib/libcrypto/pem/pem_all.c +++ b/src/lib/libcrypto/pem/pem_all.c
@@ -64,6 +64,7 @@
64	#include <openssl/x509.h>	64	#include <openssl/x509.h>
65	#include <openssl/pkcs7.h>	65	#include <openssl/pkcs7.h>
66	#include <openssl/pem.h>	66	#include <openssl/pem.h>
		67	#include <openssl/fips.h>
67		68
68	#ifndef OPENSSL_NO_RSA	69	#ifndef OPENSSL_NO_RSA
69	static RSA pkey_get_rsa(EVP_PKEY key, RSA **rsa);	70	static RSA pkey_get_rsa(EVP_PKEY key, RSA **rsa);
@@ -128,7 +129,49 @@ RSA PEM_read_RSAPrivateKey(FILE fp, RSA *rsa, pem_password_cb cb,
128		129
129	#endif	130	#endif
130		131
		132	#ifdef OPENSSL_FIPS
		133
		134	int PEM_write_bio_RSAPrivateKey(BIO bp, RSA x, const EVP_CIPHER *enc,
		135	unsigned char *kstr, int klen,
		136	pem_password_cb cb, void u)
		137	{
		138	EVP_PKEY *k;
		139	int ret;
		140	k = EVP_PKEY_new();
		141	if (!k)
		142	return 0;
		143	EVP_PKEY_set1_RSA(k, x);
		144
		145	ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
		146	EVP_PKEY_free(k);
		147	return ret;
		148	}
		149
		150	#ifndef OPENSSL_NO_FP_API
		151	int PEM_write_RSAPrivateKey(FILE fp, RSA x, const EVP_CIPHER *enc,
		152	unsigned char *kstr, int klen,
		153	pem_password_cb cb, void u)
		154	{
		155	EVP_PKEY *k;
		156	int ret;
		157	k = EVP_PKEY_new();
		158	if (!k)
		159	return 0;
		160
		161	EVP_PKEY_set1_RSA(k, x);
		162
		163	ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
		164	EVP_PKEY_free(k);
		165	return ret;
		166	}
		167	#endif
		168
		169	#else
		170
131	IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)	171	IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
		172
		173	#endif
		174
132	IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)	175	IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
133	IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)	176	IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
134		177
@@ -158,7 +201,48 @@ DSA PEM_read_bio_DSAPrivateKey(BIO bp, DSA *dsa, pem_password_cb cb,
158	return pkey_get_dsa(pktmp, dsa);	201	return pkey_get_dsa(pktmp, dsa);
159	}	202	}
160		203
		204
		205	#ifdef OPENSSL_FIPS
		206
		207	int PEM_write_bio_DSAPrivateKey(BIO bp, DSA x, const EVP_CIPHER *enc,
		208	unsigned char *kstr, int klen,
		209	pem_password_cb cb, void u)
		210	{
		211	EVP_PKEY *k;
		212	int ret;
		213	k = EVP_PKEY_new();
		214	if (!k)
		215	return 0;
		216	EVP_PKEY_set1_DSA(k, x);
		217
		218	ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
		219	EVP_PKEY_free(k);
		220	return ret;
		221	}
		222
		223	#ifndef OPENSSL_NO_FP_API
		224	int PEM_write_DSAPrivateKey(FILE fp, DSA x, const EVP_CIPHER *enc,
		225	unsigned char *kstr, int klen,
		226	pem_password_cb cb, void u)
		227	{
		228	EVP_PKEY *k;
		229	int ret;
		230	k = EVP_PKEY_new();
		231	if (!k)
		232	return 0;
		233	EVP_PKEY_set1_DSA(k, x);
		234	ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
		235	EVP_PKEY_free(k);
		236	return ret;
		237	}
		238	#endif
		239
		240	#else
		241
161	IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)	242	IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
		243
		244	#endif
		245
162	IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)	246	IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
163		247
164	#ifndef OPENSSL_NO_FP_API	248	#ifndef OPENSSL_NO_FP_API
@@ -190,7 +274,42 @@ IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
190	* (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything	274	* (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
191	* appropriate.)	275	* appropriate.)
192	*/	276	*/
		277
		278	#ifdef OPENSSL_FIPS
		279
		280	int PEM_write_bio_PrivateKey(BIO bp, EVP_PKEY x, const EVP_CIPHER *enc,
		281	unsigned char *kstr, int klen,
		282	pem_password_cb cb, void u)
		283	{
		284	if (FIPS_mode())
		285	return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
		286	(char *)kstr, klen, cb, u);
		287	else
		288	return PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,
		289	(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
		290	bp,(char *)x,enc,kstr,klen,cb,u);
		291	}
		292
		293	#ifndef OPENSSL_NO_FP_API
		294	int PEM_write_PrivateKey(FILE fp, EVP_PKEY x, const EVP_CIPHER *enc,
		295	unsigned char *kstr, int klen,
		296	pem_password_cb cb, void u)
		297	{
		298	if (FIPS_mode())
		299	return PEM_write_PKCS8PrivateKey(fp, x, enc,
		300	(char *)kstr, klen, cb, u);
		301	else
		302	return PEM_ASN1_write((int (*)())i2d_PrivateKey,
		303	(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
		304	fp,(char *)x,enc,kstr,klen,cb,u);
		305	}
		306	#endif
		307
		308	#else
		309
193	IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), PrivateKey)	310	IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), PrivateKey)
194		311
		312	#endif
		313
195	IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)	314	IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
196		315