1 files changed, 4 insertions, 190 deletions
diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c
index 69dd19bf2e..3e7a6093ad 100644
--- a/src/lib/libcrypto/pem/pem_all.c
+++ b/src/lib/libcrypto/pem/pem_all.c
@@ -110,7 +110,6 @@
 */
 #include <stdio.h>
-#undef SSLEAY_MACROS
 #include "cryptlib.h"
 #include <openssl/bio.h>
 #include <openssl/evp.h>
@@ -194,49 +193,7 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb,
 #endif
-#ifdef OPENSSL_FIPS
-int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
-                                               unsigned char *kstr, int klen,
-                                               pem_password_cb *cb, void *u)
-{
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-                return 0;
-        EVP_PKEY_set1_RSA(k, x);
-        ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-}
-#ifndef OPENSSL_NO_FP_API
-int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
-                                               unsigned char *kstr, int klen,
-                                               pem_password_cb *cb, void *u)
-{
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-                return 0;
-        EVP_PKEY_set1_RSA(k, x);
-        ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-}
-#endif
-#else
 IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
-#endif
 IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
 IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
@@ -263,50 +220,10 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
 {
        EVP_PKEY *pktmp;
        pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-        return pkey_get_dsa(pktmp, dsa);
+        return pkey_get_dsa(pktmp, dsa);        /* will free pktmp */
 }
-#ifdef OPENSSL_FIPS
-int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
-                                               unsigned char *kstr, int klen,
-                                               pem_password_cb *cb, void *u)
-{
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-                return 0;
-        EVP_PKEY_set1_DSA(k, x);
-        ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-}
-#ifndef OPENSSL_NO_FP_API
-int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
-                                               unsigned char *kstr, int klen,
-                                               pem_password_cb *cb, void *u)
-{
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-                return 0;
-        EVP_PKEY_set1_DSA(k, x);
-        ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-}
-#endif
-#else
 IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
-#endif
 IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
 #ifndef OPENSSL_NO_FP_API
@@ -316,7 +233,7 @@ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb,
 {
        EVP_PKEY *pktmp;
        pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-        return pkey_get_dsa(pktmp, dsa);
+        return pkey_get_dsa(pktmp, dsa);        /* will free pktmp */
 }
 #endif
@@ -347,54 +264,13 @@ EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb,
 {
        EVP_PKEY *pktmp;
        pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-        return pkey_get_eckey(pktmp, key);
+        return pkey_get_eckey(pktmp, key);      /* will free pktmp */
 }
 IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters)
-#ifdef OPENSSL_FIPS
-int PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, const EVP_CIPHER *enc,
-                                               unsigned char *kstr, int klen,
-                                               pem_password_cb *cb, void *u)
-{
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-                return 0;
-        EVP_PKEY_set1_EC_KEY(k, x);
-        ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-}
-#ifndef OPENSSL_NO_FP_API
-int PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc,
-                                               unsigned char *kstr, int klen,
-                                               pem_password_cb *cb, void *u)
-{
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-                return 0;
-        EVP_PKEY_set1_EC_KEY(k, x);
-        ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-}
-#endif
-#else
 IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey)
-#endif
 IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
 #ifndef OPENSSL_NO_FP_API
@@ -404,7 +280,7 @@ EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb,
 {
        EVP_PKEY *pktmp;
        pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-        return pkey_get_eckey(pktmp, eckey);
+        return pkey_get_eckey(pktmp, eckey);    /* will free pktmp */
 }
 #endif
@@ -417,66 +293,4 @@ IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
 #endif
-/* The PrivateKey case is not that straightforward.
- *   IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
- * does not work, RSA and DSA keys have specific strings.
- * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
- * appropriate.)
- */
-#ifdef OPENSSL_FIPS
-static const char *pkey_str(EVP_PKEY *x)
-        {
-        switch (x->type)
-                {
-                case EVP_PKEY_RSA:
-                return PEM_STRING_RSA;
-                case EVP_PKEY_DSA:
-                return PEM_STRING_DSA;
-                case EVP_PKEY_EC:
-                return PEM_STRING_ECPRIVATEKEY;
-                default:
-                return NULL;
-                }
-        }
-int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-                                               unsigned char *kstr, int klen,
-                                               pem_password_cb *cb, void *u)
-        {
-                if (FIPS_mode())
-                        return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
-                                                (char *)kstr, klen, cb, u);
-                else
-                        return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
-                        pkey_str(x), bp,(char *)x,enc,kstr,klen,cb,u);
-        }
-#ifndef OPENSSL_NO_FP_API
-int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-                                               unsigned char *kstr, int klen,
-                                               pem_password_cb *cb, void *u)
-        {
-                if (FIPS_mode())
-                        return PEM_write_PKCS8PrivateKey(fp, x, enc,
-                                                (char *)kstr, klen, cb, u);
-                else
-                        return PEM_ASN1_write((i2d_of_void *)i2d_PrivateKey,
-                        pkey_str(x), fp,(char *)x,enc,kstr,klen,cb,u);
-        }
-#endif
-#else
-IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\
-                        (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey)
-#endif
 IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)

diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c index 69dd19bf2e..3e7a6093ad 100644 --- a/src/lib/libcrypto/pem/pem_all.c +++ b/src/lib/libcrypto/pem/pem_all.c
@@ -110,7 +110,6 @@
110	*/	110	*/
111		111
112	#include <stdio.h>	112	#include <stdio.h>
113	#undef SSLEAY_MACROS
114	#include "cryptlib.h"	113	#include "cryptlib.h"
115	#include <openssl/bio.h>	114	#include <openssl/bio.h>
116	#include <openssl/evp.h>	115	#include <openssl/evp.h>
@@ -194,49 +193,7 @@ RSA PEM_read_RSAPrivateKey(FILE fp, RSA *rsa, pem_password_cb cb,
194		193
195	#endif	194	#endif
196		195
197	#ifdef OPENSSL_FIPS
198
199	int PEM_write_bio_RSAPrivateKey(BIO bp, RSA x, const EVP_CIPHER *enc,
200	unsigned char *kstr, int klen,
201	pem_password_cb cb, void u)
202	{
203	EVP_PKEY *k;
204	int ret;
205	k = EVP_PKEY_new();
206	if (!k)
207	return 0;
208	EVP_PKEY_set1_RSA(k, x);
209
210	ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
211	EVP_PKEY_free(k);
212	return ret;
213	}
214
215	#ifndef OPENSSL_NO_FP_API
216	int PEM_write_RSAPrivateKey(FILE fp, RSA x, const EVP_CIPHER *enc,
217	unsigned char *kstr, int klen,
218	pem_password_cb cb, void u)
219	{
220	EVP_PKEY *k;
221	int ret;
222	k = EVP_PKEY_new();
223	if (!k)
224	return 0;
225
226	EVP_PKEY_set1_RSA(k, x);
227
228	ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
229	EVP_PKEY_free(k);
230	return ret;
231	}
232	#endif
233
234	#else
235
236	IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)	196	IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
237
238	#endif
239
240	IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)	197	IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
241	IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)	198	IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
242		199
@@ -263,50 +220,10 @@ DSA PEM_read_bio_DSAPrivateKey(BIO bp, DSA *dsa, pem_password_cb cb,
263	{	220	{
264	EVP_PKEY *pktmp;	221	EVP_PKEY *pktmp;
265	pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);	222	pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
266	return pkey_get_dsa(pktmp, dsa);	223	return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
267	}	224	}
268		225
269	#ifdef OPENSSL_FIPS
270
271	int PEM_write_bio_DSAPrivateKey(BIO bp, DSA x, const EVP_CIPHER *enc,
272	unsigned char *kstr, int klen,
273	pem_password_cb cb, void u)
274	{
275	EVP_PKEY *k;
276	int ret;
277	k = EVP_PKEY_new();
278	if (!k)
279	return 0;
280	EVP_PKEY_set1_DSA(k, x);
281
282	ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
283	EVP_PKEY_free(k);
284	return ret;
285	}
286
287	#ifndef OPENSSL_NO_FP_API
288	int PEM_write_DSAPrivateKey(FILE fp, DSA x, const EVP_CIPHER *enc,
289	unsigned char *kstr, int klen,
290	pem_password_cb cb, void u)
291	{
292	EVP_PKEY *k;
293	int ret;
294	k = EVP_PKEY_new();
295	if (!k)
296	return 0;
297	EVP_PKEY_set1_DSA(k, x);
298	ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
299	EVP_PKEY_free(k);
300	return ret;
301	}
302	#endif
303
304	#else
305
306	IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)	226	IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
307
308	#endif
309
310	IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)	227	IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
311		228
312	#ifndef OPENSSL_NO_FP_API	229	#ifndef OPENSSL_NO_FP_API
@@ -316,7 +233,7 @@ DSA PEM_read_DSAPrivateKey(FILE fp, DSA *dsa, pem_password_cb cb,
316	{	233	{
317	EVP_PKEY *pktmp;	234	EVP_PKEY *pktmp;
318	pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);	235	pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
319	return pkey_get_dsa(pktmp, dsa);	236	return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
320	}	237	}
321		238
322	#endif	239	#endif
@@ -347,54 +264,13 @@ EC_KEY PEM_read_bio_ECPrivateKey(BIO bp, EC_KEY *key, pem_password_cb cb,
347	{	264	{
348	EVP_PKEY *pktmp;	265	EVP_PKEY *pktmp;
349	pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);	266	pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
350	return pkey_get_eckey(pktmp, key);	267	return pkey_get_eckey(pktmp, key); /* will free pktmp */
351	}	268	}
352		269
353	IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters)	270	IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters)
354		271
355
356
357	#ifdef OPENSSL_FIPS
358
359	int PEM_write_bio_ECPrivateKey(BIO bp, EC_KEY x, const EVP_CIPHER *enc,
360	unsigned char *kstr, int klen,
361	pem_password_cb cb, void u)
362	{
363	EVP_PKEY *k;
364	int ret;
365	k = EVP_PKEY_new();
366	if (!k)
367	return 0;
368	EVP_PKEY_set1_EC_KEY(k, x);
369
370	ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
371	EVP_PKEY_free(k);
372	return ret;
373	}
374
375	#ifndef OPENSSL_NO_FP_API
376	int PEM_write_ECPrivateKey(FILE fp, EC_KEY x, const EVP_CIPHER *enc,
377	unsigned char *kstr, int klen,
378	pem_password_cb cb, void u)
379	{
380	EVP_PKEY *k;
381	int ret;
382	k = EVP_PKEY_new();
383	if (!k)
384	return 0;
385	EVP_PKEY_set1_EC_KEY(k, x);
386	ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
387	EVP_PKEY_free(k);
388	return ret;
389	}
390	#endif
391
392	#else
393
394	IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey)	272	IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey)
395		273
396	#endif
397
398	IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)	274	IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
399		275
400	#ifndef OPENSSL_NO_FP_API	276	#ifndef OPENSSL_NO_FP_API
@@ -404,7 +280,7 @@ EC_KEY PEM_read_ECPrivateKey(FILE fp, EC_KEY *eckey, pem_password_cb cb,
404	{	280	{
405	EVP_PKEY *pktmp;	281	EVP_PKEY *pktmp;
406	pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);	282	pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
407	return pkey_get_eckey(pktmp, eckey);	283	return pkey_get_eckey(pktmp, eckey); /* will free pktmp */
408	}	284	}
409		285
410	#endif	286	#endif
@@ -417,66 +293,4 @@ IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
417		293
418	#endif	294	#endif
419		295
420
421	/* The PrivateKey case is not that straightforward.
422	* IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
423	* does not work, RSA and DSA keys have specific strings.
424	* (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
425	* appropriate.)
426	*/
427
428	#ifdef OPENSSL_FIPS
429
430	static const char pkey_str(EVP_PKEY x)
431	{
432	switch (x->type)
433	{
434	case EVP_PKEY_RSA:
435	return PEM_STRING_RSA;
436
437	case EVP_PKEY_DSA:
438	return PEM_STRING_DSA;
439
440	case EVP_PKEY_EC:
441	return PEM_STRING_ECPRIVATEKEY;
442
443	default:
444	return NULL;
445	}
446	}
447
448
449	int PEM_write_bio_PrivateKey(BIO bp, EVP_PKEY x, const EVP_CIPHER *enc,
450	unsigned char *kstr, int klen,
451	pem_password_cb cb, void u)
452	{
453	if (FIPS_mode())
454	return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
455	(char *)kstr, klen, cb, u);
456	else
457	return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
458	pkey_str(x), bp,(char *)x,enc,kstr,klen,cb,u);
459	}
460
461	#ifndef OPENSSL_NO_FP_API
462	int PEM_write_PrivateKey(FILE fp, EVP_PKEY x, const EVP_CIPHER *enc,
463	unsigned char *kstr, int klen,
464	pem_password_cb cb, void u)
465	{
466	if (FIPS_mode())
467	return PEM_write_PKCS8PrivateKey(fp, x, enc,
468	(char *)kstr, klen, cb, u);
469	else
470	return PEM_ASN1_write((i2d_of_void *)i2d_PrivateKey,
471	pkey_str(x), fp,(char *)x,enc,kstr,klen,cb,u);
472	}
473	#endif
474
475	#else
476	IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\
477	(x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey)
478
479	#endif
480
481	IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)	296	IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
482