1 files changed, 0 insertions, 387 deletions
diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c
deleted file mode 100644
index b979c79b33..0000000000
--- a/src/lib/libcrypto/pem/pem_info.c
+++ /dev/null
@@ -1,387 +0,0 @@
-/* $OpenBSD: pem_info.c,v 1.27 2023/07/07 13:40:44 beck Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#include "evp_local.h"
-STACK_OF(X509_INFO) *
-PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb,
-    void *u)
-{
-        BIO *b;
-        STACK_OF(X509_INFO) *ret;
-        if ((b = BIO_new(BIO_s_file())) == NULL) {
-                PEMerror(ERR_R_BUF_LIB);
-                return (0);
-        }
-        BIO_set_fp(b, fp, BIO_NOCLOSE);
-        ret = PEM_X509_INFO_read_bio(b, sk, cb, u);
-        BIO_free(b);
-        return (ret);
-}
-LCRYPTO_ALIAS(PEM_X509_INFO_read);
-STACK_OF(X509_INFO) *
-PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb,
-    void *u)
-{
-        X509_INFO *xi = NULL;
-        char *name = NULL, *header = NULL;
-        void *pp;
-        unsigned char *data = NULL;
-        const unsigned char *p;
-        long len;
-        int ok = 0;
-        int num_in, ptype, raw;
-        STACK_OF(X509_INFO) *ret = sk;
-        d2i_of_void *d2i = NULL;
-        if (ret == NULL) {
-                if ((ret = sk_X509_INFO_new_null()) == NULL) {
-                        PEMerror(ERR_R_MALLOC_FAILURE);
-                        return NULL;
-                }
-        }
-        num_in = sk_X509_INFO_num(ret);
-        if ((xi = X509_INFO_new()) == NULL)
-                goto err;
-        for (;;) {
-                raw = 0;
-                ptype = 0;
-                if (!PEM_read_bio(bp, &name, &header, &data, &len)) {
-                        if (ERR_GET_REASON(ERR_peek_last_error()) ==
-                            PEM_R_NO_START_LINE) {
-                                ERR_clear_error();
-                                break;
-                        }
-                        goto err;
-                }
-                if ((strcmp(name, PEM_STRING_X509) == 0) ||
-                    (strcmp(name, PEM_STRING_X509_OLD) == 0)) {
-                        d2i = (D2I_OF(void))d2i_X509;
-                        if (xi->x509 != NULL) {
-                                if (!sk_X509_INFO_push(ret, xi))
-                                        goto err;
-                                if ((xi = X509_INFO_new()) == NULL)
-                                        goto err;
-                        }
-                        pp = &(xi->x509);
-                } else if ((strcmp(name, PEM_STRING_X509_TRUSTED) == 0)) {
-                        d2i = (D2I_OF(void))d2i_X509_AUX;
-                        if (xi->x509 != NULL) {
-                                if (!sk_X509_INFO_push(ret, xi))
-                                        goto err;
-                                if ((xi = X509_INFO_new()) == NULL)
-                                        goto err;
-                        }
-                        pp = &(xi->x509);
-                } else if (strcmp(name, PEM_STRING_X509_CRL) == 0) {
-                        d2i = (D2I_OF(void))d2i_X509_CRL;
-                        if (xi->crl != NULL) {
-                                if (!sk_X509_INFO_push(ret, xi))
-                                        goto err;
-                                if ((xi = X509_INFO_new()) == NULL)
-                                        goto err;
-                        }
-                        pp = &(xi->crl);
-                } else
-#ifndef OPENSSL_NO_RSA
-                if (strcmp(name, PEM_STRING_RSA) == 0) {
-                        d2i = (D2I_OF(void))d2i_RSAPrivateKey;
-                        if (xi->x_pkey != NULL) {
-                                if (!sk_X509_INFO_push(ret, xi))
-                                        goto err;
-                                if ((xi = X509_INFO_new()) == NULL)
-                                        goto err;
-                        }
-                        xi->enc_data = NULL;
-                        xi->enc_len = 0;
-                        xi->x_pkey = X509_PKEY_new();
-                        if (xi->x_pkey == NULL)
-                                goto err;
-                        ptype = EVP_PKEY_RSA;
-                        pp = &xi->x_pkey->dec_pkey;
-                        if (strlen(header) > 10) /* assume encrypted */
-                                raw = 1;
-                } else
-#endif
-#ifndef OPENSSL_NO_DSA
-                if (strcmp(name, PEM_STRING_DSA) == 0) {
-                        d2i = (D2I_OF(void))d2i_DSAPrivateKey;
-                        if (xi->x_pkey != NULL) {
-                                if (!sk_X509_INFO_push(ret, xi))
-                                        goto err;
-                                if ((xi = X509_INFO_new()) == NULL)
-                                        goto err;
-                        }
-                        xi->enc_data = NULL;
-                        xi->enc_len = 0;
-                        xi->x_pkey = X509_PKEY_new();
-                        if (xi->x_pkey == NULL)
-                                goto err;
-                        ptype = EVP_PKEY_DSA;
-                        pp = &xi->x_pkey->dec_pkey;
-                        if (strlen(header) > 10) /* assume encrypted */
-                                raw = 1;
-                } else
-#endif
-#ifndef OPENSSL_NO_EC
-                if (strcmp(name, PEM_STRING_ECPRIVATEKEY) == 0) {
-                        d2i = (D2I_OF(void))d2i_ECPrivateKey;
-                        if (xi->x_pkey != NULL) {
-                                if (!sk_X509_INFO_push(ret, xi))
-                                        goto err;
-                                if ((xi = X509_INFO_new()) == NULL)
-                                        goto err;
-                        }
-                        xi->enc_data = NULL;
-                        xi->enc_len = 0;
-                        xi->x_pkey = X509_PKEY_new();
-                        if (xi->x_pkey == NULL)
-                                goto err;
-                        ptype = EVP_PKEY_EC;
-                        pp = &xi->x_pkey->dec_pkey;
-                        if (strlen(header) > 10) /* assume encrypted */
-                                raw = 1;
-                } else
-#endif
-                {
-                        d2i = NULL;
-                        pp = NULL;
-                }
-                if (d2i != NULL) {
-                        if (!raw) {
-                                EVP_CIPHER_INFO cipher;
-                                if (!PEM_get_EVP_CIPHER_INFO(header, &cipher))
-                                        goto err;
-                                if (!PEM_do_header(&cipher, data, &len, cb, u))
-                                        goto err;
-                                p = data;
-                                if (ptype) {
-                                        if (!d2i_PrivateKey(ptype, pp, &p,
-                                            len)) {
-                                                PEMerror(ERR_R_ASN1_LIB);
-                                                goto err;
-                                        }
-                                } else if (d2i(pp, &p, len) == NULL) {
-                                        PEMerror(ERR_R_ASN1_LIB);
-                                        goto err;
-                                }
-                        } else { /* encrypted RSA data */
-                                if (!PEM_get_EVP_CIPHER_INFO(header,
-                                    &xi->enc_cipher))
-                                        goto err;
-                                xi->enc_data = (char *)data;
-                                xi->enc_len = (int)len;
-                                data = NULL;
-                        }
-                } else {
-                        /* unknown */
-                }
-                free(name);
-                free(header);
-                free(data);
-                name = NULL;
-                header = NULL;
-                data = NULL;
-        }
-        /* if the last one hasn't been pushed yet and there is anything
-         * in it then add it to the stack ...
-         */
-        if ((xi->x509 != NULL) || (xi->crl != NULL) ||
-            (xi->x_pkey != NULL) || (xi->enc_data != NULL)) {
-                if (!sk_X509_INFO_push(ret, xi))
-                        goto err;
-                xi = NULL;
-        }
-        ok = 1;
-err:
-        if (!ok) {
-                while (sk_X509_INFO_num(ret) > num_in)
-                        X509_INFO_free(sk_X509_INFO_pop(ret));
-                if (ret != sk)
-                        sk_X509_INFO_free(ret);
-                ret = NULL;
-        }
-        X509_INFO_free(xi);
-        free(name);
-        free(header);
-        free(data);
-        return ret;
-}
-LCRYPTO_ALIAS(PEM_X509_INFO_read_bio);
-/* A TJH addition */
-int
-PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
-    unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-        EVP_CIPHER_CTX ctx;
-        int i, ret = 0;
-        unsigned char *data = NULL;
-        const char *objstr = NULL;
-        char buf[PEM_BUFSIZE];
-        unsigned char *iv = NULL;
-        if (enc != NULL) {
-                objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
-                if (objstr == NULL) {
-                        PEMerror(PEM_R_UNSUPPORTED_CIPHER);
-                        goto err;
-                }
-        }
-        /* now for the fun part ... if we have a private key then
-         * we have to be able to handle a not-yet-decrypted key
-         * being written out correctly ... if it is decrypted or
-         * it is non-encrypted then we use the base code
-         */
-        if (xi->x_pkey != NULL) {
-                if ((xi->enc_data != NULL) && (xi->enc_len > 0) ) {
-                        if (enc == NULL) {
-                                PEMerror(PEM_R_CIPHER_IS_NULL);
-                                goto err;
-                        }
-                        /* copy from weirdo names into more normal things */
-                        iv = xi->enc_cipher.iv;
-                        data = (unsigned char *)xi->enc_data;
-                        i = xi->enc_len;
-                        /* we take the encryption data from the
-                         * internal stuff rather than what the
-                         * user has passed us ... as we have to
-                         * match exactly for some strange reason
-                         */
-                        objstr = OBJ_nid2sn(
-                            EVP_CIPHER_nid(xi->enc_cipher.cipher));
-                        if (objstr == NULL) {
-                                PEMerror(PEM_R_UNSUPPORTED_CIPHER);
-                                goto err;
-                        }
-                        /* create the right magic header stuff */
-                        if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 >
-                            sizeof buf) {
-                                PEMerror(ASN1_R_BUFFER_TOO_SMALL);
-                                goto err;
-                        }
-                        buf[0] = '\0';
-                        PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
-                        PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
-                        /* use the normal code to write things out */
-                        i = PEM_write_bio(bp, PEM_STRING_RSA, buf, data, i);
-                        if (i <= 0)
-                                goto err;
-                } else {
-                        /* Add DSA/DH */
-#ifndef OPENSSL_NO_RSA
-                        /* normal optionally encrypted stuff */
-                        if (PEM_write_bio_RSAPrivateKey(bp,
-                            xi->x_pkey->dec_pkey->pkey.rsa,
-                            enc, kstr, klen, cb, u) <= 0)
-                                goto err;
-#endif
-                }
-        }
-        /* if we have a certificate then write it out now */
-        if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp, xi->x509) <= 0))
-                goto err;
-        /* we are ignoring anything else that is loaded into the X509_INFO
-         * structure for the moment ... as I don't need it so I'm not
-         * coding it here and Eric can do it when this makes it into the
-         * base library --tjh
-         */
-        ret = 1;
-err:
-        explicit_bzero((char *)&ctx, sizeof(ctx));
-        explicit_bzero(buf, PEM_BUFSIZE);
-        return (ret);
-}
-LCRYPTO_ALIAS(PEM_X509_INFO_write_bio);

diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c deleted file mode 100644 index b979c79b33..0000000000 --- a/src/lib/libcrypto/pem/pem_info.c +++ /dev/null
@@ -1,387 +0,0 @@
1	/* $OpenBSD: pem_info.c,v 1.27 2023/07/07 13:40:44 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	#include <stdio.h>
60	#include <string.h>
61
62	#include <openssl/opensslconf.h>
63
64	#include <openssl/buffer.h>
65	#include <openssl/err.h>
66	#include <openssl/evp.h>
67	#include <openssl/objects.h>
68	#include <openssl/pem.h>
69	#include <openssl/x509.h>
70
71	#ifndef OPENSSL_NO_DSA
72	#include <openssl/dsa.h>
73	#endif
74	#ifndef OPENSSL_NO_RSA
75	#include <openssl/rsa.h>
76	#endif
77
78	#include "evp_local.h"
79
80	STACK_OF(X509_INFO) *
81	PEM_X509_INFO_read(FILE fp, STACK_OF(X509_INFO) sk, pem_password_cb *cb,
82	void *u)
83	{
84	BIO *b;
85	STACK_OF(X509_INFO) *ret;
86
87	if ((b = BIO_new(BIO_s_file())) == NULL) {
88	PEMerror(ERR_R_BUF_LIB);
89	return (0);
90	}
91	BIO_set_fp(b, fp, BIO_NOCLOSE);
92	ret = PEM_X509_INFO_read_bio(b, sk, cb, u);
93	BIO_free(b);
94	return (ret);
95	}
96	LCRYPTO_ALIAS(PEM_X509_INFO_read);
97
98	STACK_OF(X509_INFO) *
99	PEM_X509_INFO_read_bio(BIO bp, STACK_OF(X509_INFO) sk, pem_password_cb *cb,
100	void *u)
101	{
102	X509_INFO *xi = NULL;
103	char name = NULL, header = NULL;
104	void *pp;
105	unsigned char *data = NULL;
106	const unsigned char *p;
107	long len;
108	int ok = 0;
109	int num_in, ptype, raw;
110	STACK_OF(X509_INFO) *ret = sk;
111	d2i_of_void *d2i = NULL;
112
113	if (ret == NULL) {
114	if ((ret = sk_X509_INFO_new_null()) == NULL) {
115	PEMerror(ERR_R_MALLOC_FAILURE);
116	return NULL;
117	}
118	}
119	num_in = sk_X509_INFO_num(ret);
120
121	if ((xi = X509_INFO_new()) == NULL)
122	goto err;
123	for (;;) {
124	raw = 0;
125	ptype = 0;
126	if (!PEM_read_bio(bp, &name, &header, &data, &len)) {
127	if (ERR_GET_REASON(ERR_peek_last_error()) ==
128	PEM_R_NO_START_LINE) {
129	ERR_clear_error();
130	break;
131	}
132	goto err;
133	}
134	if ((strcmp(name, PEM_STRING_X509) == 0) \|\|
135	(strcmp(name, PEM_STRING_X509_OLD) == 0)) {
136	d2i = (D2I_OF(void))d2i_X509;
137	if (xi->x509 != NULL) {
138	if (!sk_X509_INFO_push(ret, xi))
139	goto err;
140	if ((xi = X509_INFO_new()) == NULL)
141	goto err;
142	}
143	pp = &(xi->x509);
144	} else if ((strcmp(name, PEM_STRING_X509_TRUSTED) == 0)) {
145	d2i = (D2I_OF(void))d2i_X509_AUX;
146	if (xi->x509 != NULL) {
147	if (!sk_X509_INFO_push(ret, xi))
148	goto err;
149	if ((xi = X509_INFO_new()) == NULL)
150	goto err;
151	}
152	pp = &(xi->x509);
153	} else if (strcmp(name, PEM_STRING_X509_CRL) == 0) {
154	d2i = (D2I_OF(void))d2i_X509_CRL;
155	if (xi->crl != NULL) {
156	if (!sk_X509_INFO_push(ret, xi))
157	goto err;
158	if ((xi = X509_INFO_new()) == NULL)
159	goto err;
160	}
161	pp = &(xi->crl);
162	} else
163	#ifndef OPENSSL_NO_RSA
164	if (strcmp(name, PEM_STRING_RSA) == 0) {
165	d2i = (D2I_OF(void))d2i_RSAPrivateKey;
166	if (xi->x_pkey != NULL) {
167	if (!sk_X509_INFO_push(ret, xi))
168	goto err;
169	if ((xi = X509_INFO_new()) == NULL)
170	goto err;
171	}
172	xi->enc_data = NULL;
173	xi->enc_len = 0;
174	xi->x_pkey = X509_PKEY_new();
175	if (xi->x_pkey == NULL)
176	goto err;
177	ptype = EVP_PKEY_RSA;
178	pp = &xi->x_pkey->dec_pkey;
179	if (strlen(header) > 10) /* assume encrypted */
180	raw = 1;
181	} else
182	#endif
183	#ifndef OPENSSL_NO_DSA
184	if (strcmp(name, PEM_STRING_DSA) == 0) {
185	d2i = (D2I_OF(void))d2i_DSAPrivateKey;
186	if (xi->x_pkey != NULL) {
187	if (!sk_X509_INFO_push(ret, xi))
188	goto err;
189	if ((xi = X509_INFO_new()) == NULL)
190	goto err;
191	}
192	xi->enc_data = NULL;
193	xi->enc_len = 0;
194	xi->x_pkey = X509_PKEY_new();
195	if (xi->x_pkey == NULL)
196	goto err;
197	ptype = EVP_PKEY_DSA;
198	pp = &xi->x_pkey->dec_pkey;
199	if (strlen(header) > 10) /* assume encrypted */
200	raw = 1;
201	} else
202	#endif
203	#ifndef OPENSSL_NO_EC
204	if (strcmp(name, PEM_STRING_ECPRIVATEKEY) == 0) {
205	d2i = (D2I_OF(void))d2i_ECPrivateKey;
206	if (xi->x_pkey != NULL) {
207	if (!sk_X509_INFO_push(ret, xi))
208	goto err;
209	if ((xi = X509_INFO_new()) == NULL)
210	goto err;
211	}
212	xi->enc_data = NULL;
213	xi->enc_len = 0;
214	xi->x_pkey = X509_PKEY_new();
215	if (xi->x_pkey == NULL)
216	goto err;
217	ptype = EVP_PKEY_EC;
218	pp = &xi->x_pkey->dec_pkey;
219	if (strlen(header) > 10) /* assume encrypted */
220	raw = 1;
221	} else
222	#endif
223	{
224	d2i = NULL;
225	pp = NULL;
226	}
227
228	if (d2i != NULL) {
229	if (!raw) {
230	EVP_CIPHER_INFO cipher;
231
232	if (!PEM_get_EVP_CIPHER_INFO(header, &cipher))
233	goto err;
234	if (!PEM_do_header(&cipher, data, &len, cb, u))
235	goto err;
236	p = data;
237	if (ptype) {
238	if (!d2i_PrivateKey(ptype, pp, &p,
239	len)) {
240	PEMerror(ERR_R_ASN1_LIB);
241	goto err;
242	}
243	} else if (d2i(pp, &p, len) == NULL) {
244	PEMerror(ERR_R_ASN1_LIB);
245	goto err;
246	}
247	} else { /* encrypted RSA data */
248	if (!PEM_get_EVP_CIPHER_INFO(header,
249	&xi->enc_cipher))
250	goto err;
251	xi->enc_data = (char *)data;
252	xi->enc_len = (int)len;
253	data = NULL;
254	}
255	} else {
256	/* unknown */
257	}
258	free(name);
259	free(header);
260	free(data);
261	name = NULL;
262	header = NULL;
263	data = NULL;
264	}
265
266	/* if the last one hasn't been pushed yet and there is anything
267	* in it then add it to the stack ...
268	*/
269	if ((xi->x509 != NULL) \|\| (xi->crl != NULL) \|\|
270	(xi->x_pkey != NULL) \|\| (xi->enc_data != NULL)) {
271	if (!sk_X509_INFO_push(ret, xi))
272	goto err;
273	xi = NULL;
274	}
275	ok = 1;
276
277	err:
278	if (!ok) {
279	while (sk_X509_INFO_num(ret) > num_in)
280	X509_INFO_free(sk_X509_INFO_pop(ret));
281	if (ret != sk)
282	sk_X509_INFO_free(ret);
283	ret = NULL;
284	}
285	X509_INFO_free(xi);
286	free(name);
287	free(header);
288	free(data);
289
290	return ret;
291	}
292	LCRYPTO_ALIAS(PEM_X509_INFO_read_bio);
293
294
295	/* A TJH addition */
296	int
297	PEM_X509_INFO_write_bio(BIO bp, X509_INFO xi, EVP_CIPHER *enc,
298	unsigned char kstr, int klen, pem_password_cb cb, void *u)
299	{
300	EVP_CIPHER_CTX ctx;
301	int i, ret = 0;
302	unsigned char *data = NULL;
303	const char *objstr = NULL;
304	char buf[PEM_BUFSIZE];
305	unsigned char *iv = NULL;
306
307	if (enc != NULL) {
308	objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
309	if (objstr == NULL) {
310	PEMerror(PEM_R_UNSUPPORTED_CIPHER);
311	goto err;
312	}
313	}
314
315	/* now for the fun part ... if we have a private key then
316	* we have to be able to handle a not-yet-decrypted key
317	* being written out correctly ... if it is decrypted or
318	* it is non-encrypted then we use the base code
319	*/
320	if (xi->x_pkey != NULL) {
321	if ((xi->enc_data != NULL) && (xi->enc_len > 0) ) {
322	if (enc == NULL) {
323	PEMerror(PEM_R_CIPHER_IS_NULL);
324	goto err;
325	}
326
327	/* copy from weirdo names into more normal things */
328	iv = xi->enc_cipher.iv;
329	data = (unsigned char *)xi->enc_data;
330	i = xi->enc_len;
331
332	/* we take the encryption data from the
333	* internal stuff rather than what the
334	* user has passed us ... as we have to
335	* match exactly for some strange reason
336	*/
337	objstr = OBJ_nid2sn(
338	EVP_CIPHER_nid(xi->enc_cipher.cipher));
339	if (objstr == NULL) {
340	PEMerror(PEM_R_UNSUPPORTED_CIPHER);
341	goto err;
342	}
343
344	/* create the right magic header stuff */
345	if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 >
346	sizeof buf) {
347	PEMerror(ASN1_R_BUFFER_TOO_SMALL);
348	goto err;
349	}
350	buf[0] = '\0';
351	PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
352	PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
353
354	/* use the normal code to write things out */
355	i = PEM_write_bio(bp, PEM_STRING_RSA, buf, data, i);
356	if (i <= 0)
357	goto err;
358	} else {
359	/* Add DSA/DH */
360	#ifndef OPENSSL_NO_RSA
361	/* normal optionally encrypted stuff */
362	if (PEM_write_bio_RSAPrivateKey(bp,
363	xi->x_pkey->dec_pkey->pkey.rsa,
364	enc, kstr, klen, cb, u) <= 0)
365	goto err;
366	#endif
367	}
368	}
369
370	/* if we have a certificate then write it out now */
371	if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp, xi->x509) <= 0))
372	goto err;
373
374	/* we are ignoring anything else that is loaded into the X509_INFO
375	* structure for the moment ... as I don't need it so I'm not
376	* coding it here and Eric can do it when this makes it into the
377	* base library --tjh
378	*/
379
380	ret = 1;
381
382	err:
383	explicit_bzero((char *)&ctx, sizeof(ctx));
384	explicit_bzero(buf, PEM_BUFSIZE);
385	return (ret);
386	}
387	LCRYPTO_ALIAS(PEM_X509_INFO_write_bio);