1 files changed, 0 insertions, 762 deletions
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
deleted file mode 100644
index a8db6ffbf5..0000000000
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ /dev/null
@@ -1,762 +0,0 @@
-/* crypto/pem/pem_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs12.h>
-#ifndef OPENSSL_NO_DES
-#include <openssl/des.h>
-#endif
-const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
-#define MIN_LENGTH      4
-static int load_iv(unsigned char **fromp,unsigned char *to, int num);
-static int check_pem(const char *nm, const char *name);
-int PEM_def_callback(char *buf, int num, int w, void *key)
-        {
-#ifdef OPENSSL_NO_FP_API
-        /* We should not ever call the default callback routine from
-         * windows. */
-        PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return(-1);
-#else
-        int i,j;
-        const char *prompt;
-        if(key) {
-                i=strlen(key);
-                i=(i > num)?num:i;
-                memcpy(buf,key,i);
-                return(i);
-        }
-        prompt=EVP_get_pw_prompt();
-        if (prompt == NULL)
-                prompt="Enter PEM pass phrase:";
-        for (;;)
-                {
-                i=EVP_read_pw_string(buf,num,prompt,w);
-                if (i != 0)
-                        {
-                        PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
-                        memset(buf,0,(unsigned int)num);
-                        return(-1);
-                        }
-                j=strlen(buf);
-                if (j < MIN_LENGTH)
-                        {
-                        fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH);
-                        }
-                else
-                        break;
-                }
-        return(j);
-#endif
-        }
-void PEM_proc_type(char *buf, int type)
-        {
-        const char *str;
-        if (type == PEM_TYPE_ENCRYPTED)
-                str="ENCRYPTED";
-        else if (type == PEM_TYPE_MIC_CLEAR)
-                str="MIC-CLEAR";
-        else if (type == PEM_TYPE_MIC_ONLY)
-                str="MIC-ONLY";
-        else
-                str="BAD-TYPE";
-                
-        strcat(buf,"Proc-Type: 4,");
-        strcat(buf,str);
-        strcat(buf,"\n");
-        }
-void PEM_dek_info(char *buf, const char *type, int len, char *str)
-        {
-        static unsigned char map[17]="0123456789ABCDEF";
-        long i;
-        int j;
-        strcat(buf,"DEK-Info: ");
-        strcat(buf,type);
-        strcat(buf,",");
-        j=strlen(buf);
-        for (i=0; i<len; i++)
-                {
-                buf[j+i*2]  =map[(str[i]>>4)&0x0f];
-                buf[j+i*2+1]=map[(str[i]   )&0x0f];
-                }
-        buf[j+i*2]='\n';
-        buf[j+i*2+1]='\0';
-        }
-#ifndef OPENSSL_NO_FP_API
-char *PEM_ASN1_read(char *(*d2i)(), const char *name, FILE *fp, char **x,
-             pem_password_cb *cb, void *u)
-        {
-        BIO *b;
-        char *ret;
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-                {
-                PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
-                return(0);
-                }
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_ASN1_read_bio(d2i,name,b,x,cb,u);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-static int check_pem(const char *nm, const char *name)
-{
-        /* Normal matching nm and name */
-        if (!strcmp(nm,name)) return 1;
-        /* Make PEM_STRING_EVP_PKEY match any private key */
-        if(!strcmp(nm,PEM_STRING_PKCS8) &&
-                !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-        if(!strcmp(nm,PEM_STRING_PKCS8INF) &&
-                 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-        if(!strcmp(nm,PEM_STRING_RSA) &&
-                !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-        if(!strcmp(nm,PEM_STRING_DSA) &&
-                 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-        /* Permit older strings */
-        if(!strcmp(nm,PEM_STRING_X509_OLD) &&
-                !strcmp(name,PEM_STRING_X509)) return 1;
-        if(!strcmp(nm,PEM_STRING_X509_REQ_OLD) &&
-                !strcmp(name,PEM_STRING_X509_REQ)) return 1;
-        /* Allow normal certs to be read as trusted certs */
-        if(!strcmp(nm,PEM_STRING_X509) &&
-                !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
-        if(!strcmp(nm,PEM_STRING_X509_OLD) &&
-                !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
-        /* Some CAs use PKCS#7 with CERTIFICATE headers */
-        if(!strcmp(nm, PEM_STRING_X509) &&
-                !strcmp(name, PEM_STRING_PKCS7)) return 1;
-        return 0;
-}
-int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp,
-             pem_password_cb *cb, void *u)
-        {
-        EVP_CIPHER_INFO cipher;
-        char *nm=NULL,*header=NULL;
-        unsigned char *data=NULL;
-        long len;
-        int ret = 0;
-        for (;;)
-                {
-                if (!PEM_read_bio(bp,&nm,&header,&data,&len)) {
-                        if(ERR_GET_REASON(ERR_peek_error()) ==
-                                PEM_R_NO_START_LINE)
-                                ERR_add_error_data(2, "Expecting: ", name);
-                        return 0;
-                }
-                if(check_pem(nm, name)) break;
-                OPENSSL_free(nm);
-                OPENSSL_free(header);
-                OPENSSL_free(data);
-                }
-        if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
-        if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
-        *pdata = data;
-        *plen = len;
-        if (pnm)
-                *pnm = nm;
-        ret = 1;
-err:
-        if (!pnm) OPENSSL_free(nm);
-        OPENSSL_free(header);
-        if (!ret) OPENSSL_free(data);
-        return ret;
-        }
-#ifndef OPENSSL_NO_FP_API
-int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x,
-             const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-             pem_password_cb *callback, void *u)
-        {
-        BIO *b;
-        int ret;
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-                {
-                PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB);
-                return(0);
-                }
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback,u);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
-             const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-             pem_password_cb *callback, void *u)
-        {
-        EVP_CIPHER_CTX ctx;
-        int dsize=0,i,j,ret=0;
-        unsigned char *p,*data=NULL;
-        const char *objstr=NULL;
-        char buf[PEM_BUFSIZE];
-        unsigned char key[EVP_MAX_KEY_LENGTH];
-        unsigned char iv[EVP_MAX_IV_LENGTH];
-        
-        if (enc != NULL)
-                {
-                objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
-                if (objstr == NULL)
-                        {
-                        PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
-                        goto err;
-                        }
-                }
-        if ((dsize=i2d(x,NULL)) < 0)
-                {
-                PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
-                dsize=0;
-                goto err;
-                }
-        /* dzise + 8 bytes are needed */
-        data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20);
-        if (data == NULL)
-                {
-                PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
-                goto err;
-                }
-        p=data;
-        i=i2d(x,&p);
-        if (enc != NULL)
-                {
-                if (kstr == NULL)
-                        {
-                        if (callback == NULL)
-                                klen=PEM_def_callback(buf,PEM_BUFSIZE,1,u);
-                        else
-                                klen=(*callback)(buf,PEM_BUFSIZE,1,u);
-                        if (klen <= 0)
-                                {
-                                PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
-                                goto err;
-                                }
-#ifdef CHARSET_EBCDIC
-                        /* Convert the pass phrase from EBCDIC */
-                        ebcdic2ascii(buf, buf, klen);
-#endif
-                        kstr=(unsigned char *)buf;
-                        }
-                RAND_add(data,i,0);/* put in the RSA key. */
-                if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
-                        goto err;
-                /* The 'iv' is used as the iv and as a salt.  It is
-                 * NOT taken from the BytesToKey function */
-                EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
-                if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
-                buf[0]='\0';
-                PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-                PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
-                /* k=strlen(buf); */
-                EVP_CIPHER_CTX_init(&ctx);
-                EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv);
-                EVP_EncryptUpdate(&ctx,data,&j,data,i);
-                EVP_EncryptFinal_ex(&ctx,&(data[j]),&i);
-                EVP_CIPHER_CTX_cleanup(&ctx);
-                i+=j;
-                ret=1;
-                }
-        else
-                {
-                ret=1;
-                buf[0]='\0';
-                }
-        i=PEM_write_bio(bp,name,buf,data,i);
-        if (i <= 0) ret=0;
-err:
-        memset(key,0,sizeof(key));
-        memset(iv,0,sizeof(iv));
-        memset((char *)&ctx,0,sizeof(ctx));
-        memset(buf,0,PEM_BUFSIZE);
-        if (data != NULL)
-                {
-                memset(data,0,(unsigned int)dsize);
-                OPENSSL_free(data);
-                }
-        return(ret);
-        }
-int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
-             pem_password_cb *callback,void *u)
-        {
-        int i,j,o,klen;
-        long len;
-        EVP_CIPHER_CTX ctx;
-        unsigned char key[EVP_MAX_KEY_LENGTH];
-        char buf[PEM_BUFSIZE];
-        len= *plen;
-        if (cipher->cipher == NULL) return(1);
-        if (callback == NULL)
-                klen=PEM_def_callback(buf,PEM_BUFSIZE,0,u);
-        else
-                klen=callback(buf,PEM_BUFSIZE,0,u);
-        if (klen <= 0)
-                {
-                PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
-                return(0);
-                }
-#ifdef CHARSET_EBCDIC
-        /* Convert the pass phrase from EBCDIC */
-        ebcdic2ascii(buf, buf, klen);
-#endif
-        EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
-                (unsigned char *)buf,klen,1,key,NULL);
-        j=(int)len;
-        EVP_CIPHER_CTX_init(&ctx);
-        EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
-        EVP_DecryptUpdate(&ctx,data,&i,data,j);
-        o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
-        EVP_CIPHER_CTX_cleanup(&ctx);
-        memset((char *)buf,0,sizeof(buf));
-        memset((char *)key,0,sizeof(key));
-        j+=i;
-        if (!o)
-                {
-                PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT);
-                return(0);
-                }
-        *plen=j;
-        return(1);
-        }
-int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
-        {
-        int o;
-        const EVP_CIPHER *enc=NULL;
-        char *p,c;
-        cipher->cipher=NULL;
-        if ((header == NULL) || (*header == '\0') || (*header == '\n'))
-                return(1);
-        if (strncmp(header,"Proc-Type: ",11) != 0)
-                { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); }
-        header+=11;
-        if (*header != '4') return(0); header++;
-        if (*header != ',') return(0); header++;
-        if (strncmp(header,"ENCRYPTED",9) != 0)
-                { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); }
-        for (; (*header != '\n') && (*header != '\0'); header++)
-                ;
-        if (*header == '\0')
-                { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); }
-        header++;
-        if (strncmp(header,"DEK-Info: ",10) != 0)
-                { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); }
-        header+=10;
-        p=header;
-        for (;;)
-                {
-                c= *header;
-#ifndef CHARSET_EBCDIC
-                if (!(  ((c >= 'A') && (c <= 'Z')) || (c == '-') ||
-                        ((c >= '0') && (c <= '9'))))
-                        break;
-#else
-                if (!(  isupper(c) || (c == '-') ||
-                        isdigit(c)))
-                        break;
-#endif
-                header++;
-                }
-        *header='\0';
-        o=OBJ_sn2nid(p);
-        cipher->cipher=enc=EVP_get_cipherbyname(p);
-        *header=c;
-        header++;
-        if (enc == NULL)
-                {
-                PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
-                return(0);
-                }
-        if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),enc->iv_len)) return(0);
-        return(1);
-        }
-static int load_iv(unsigned char **fromp, unsigned char *to, int num)
-        {
-        int v,i;
-        unsigned char *from;
-        from= *fromp;
-        for (i=0; i<num; i++) to[i]=0;
-        num*=2;
-        for (i=0; i<num; i++)
-                {
-                if ((*from >= '0') && (*from <= '9'))
-                        v= *from-'0';
-                else if ((*from >= 'A') && (*from <= 'F'))
-                        v= *from-'A'+10;
-                else if ((*from >= 'a') && (*from <= 'f'))
-                        v= *from-'a'+10;
-                else
-                        {
-                        PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS);
-                        return(0);
-                        }
-                from++;
-                to[i/2]|=v<<(long)((!(i&1))*4);
-                }
-        *fromp=from;
-        return(1);
-        }
-#ifndef OPENSSL_NO_FP_API
-int PEM_write(FILE *fp, char *name, char *header, unsigned char *data,
-             long len)
-        {
-        BIO *b;
-        int ret;
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-                {
-                PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB);
-                return(0);
-                }
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_write_bio(b, name, header, data,len);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
-             long len)
-        {
-        int nlen,n,i,j,outl;
-        unsigned char *buf;
-        EVP_ENCODE_CTX ctx;
-        int reason=ERR_R_BUF_LIB;
-        
-        EVP_EncodeInit(&ctx);
-        nlen=strlen(name);
-        if (    (BIO_write(bp,"-----BEGIN ",11) != 11) ||
-                (BIO_write(bp,name,nlen) != nlen) ||
-                (BIO_write(bp,"-----\n",6) != 6))
-                goto err;
-                
-        i=strlen(header);
-        if (i > 0)
-                {
-                if (    (BIO_write(bp,header,i) != i) ||
-                        (BIO_write(bp,"\n",1) != 1))
-                        goto err;
-                }
-        buf=(unsigned char *)OPENSSL_malloc(PEM_BUFSIZE*8);
-        if (buf == NULL)
-                {
-                reason=ERR_R_MALLOC_FAILURE;
-                goto err;
-                }
-        i=j=0;
-        while (len > 0)
-                {
-                n=(int)((len>(PEM_BUFSIZE*5))?(PEM_BUFSIZE*5):len);
-                EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n);
-                if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl))
-                        goto err;
-                i+=outl;
-                len-=n;
-                j+=n;
-                }
-        EVP_EncodeFinal(&ctx,buf,&outl);
-        if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
-        OPENSSL_free(buf);
-        if (    (BIO_write(bp,"-----END ",9) != 9) ||
-                (BIO_write(bp,name,nlen) != nlen) ||
-                (BIO_write(bp,"-----\n",6) != 6))
-                goto err;
-        return(i+outl);
-err:
-        PEMerr(PEM_F_PEM_WRITE_BIO,reason);
-        return(0);
-        }
-#ifndef OPENSSL_NO_FP_API
-int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
-             long *len)
-        {
-        BIO *b;
-        int ret;
-        if ((b=BIO_new(BIO_s_file())) == NULL)
-                {
-                PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB);
-                return(0);
-                }
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_read_bio(b, name, header, data,len);
-        BIO_free(b);
-        return(ret);
-        }
-#endif
-int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
-             long *len)
-        {
-        EVP_ENCODE_CTX ctx;
-        int end=0,i,k,bl=0,hl=0,nohead=0;
-        char buf[256];
-        BUF_MEM *nameB;
-        BUF_MEM *headerB;
-        BUF_MEM *dataB,*tmpB;
-        
-        nameB=BUF_MEM_new();
-        headerB=BUF_MEM_new();
-        dataB=BUF_MEM_new();
-        if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL))
-                {
-                PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
-                return(0);
-                }
-        buf[254]='\0';
-        for (;;)
-                {
-                i=BIO_gets(bp,buf,254);
-                if (i <= 0)
-                        {
-                        PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE);
-                        goto err;
-                        }
-                while ((i >= 0) && (buf[i] <= ' ')) i--;
-                buf[++i]='\n'; buf[++i]='\0';
-                if (strncmp(buf,"-----BEGIN ",11) == 0)
-                        {
-                        i=strlen(&(buf[11]));
-                        if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0)
-                                continue;
-                        if (!BUF_MEM_grow(nameB,i+9))
-                                {
-                                PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
-                                goto err;
-                                }
-                        memcpy(nameB->data,&(buf[11]),i-6);
-                        nameB->data[i-6]='\0';
-                        break;
-                        }
-                }
-        hl=0;
-        if (!BUF_MEM_grow(headerB,256))
-                { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
-        headerB->data[0]='\0';
-        for (;;)
-                {
-                i=BIO_gets(bp,buf,254);
-                if (i <= 0) break;
-                while ((i >= 0) && (buf[i] <= ' ')) i--;
-                buf[++i]='\n'; buf[++i]='\0';
-                if (buf[0] == '\n') break;
-                if (!BUF_MEM_grow(headerB,hl+i+9))
-                        { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
-                if (strncmp(buf,"-----END ",9) == 0)
-                        {
-                        nohead=1;
-                        break;
-                        }
-                memcpy(&(headerB->data[hl]),buf,i);
-                headerB->data[hl+i]='\0';
-                hl+=i;
-                }
-        bl=0;
-        if (!BUF_MEM_grow(dataB,1024))
-                { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
-        dataB->data[0]='\0';
-        if (!nohead)
-                {
-                for (;;)
-                        {
-                        i=BIO_gets(bp,buf,254);
-                        if (i <= 0) break;
-                        while ((i >= 0) && (buf[i] <= ' ')) i--;
-                        buf[++i]='\n'; buf[++i]='\0';
-                        if (i != 65) end=1;
-                        if (strncmp(buf,"-----END ",9) == 0)
-                                break;
-                        if (i > 65) break;
-                        if (!BUF_MEM_grow(dataB,i+bl+9))
-                                {
-                                PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
-                                goto err;
-                                }
-                        memcpy(&(dataB->data[bl]),buf,i);
-                        dataB->data[bl+i]='\0';
-                        bl+=i;
-                        if (end)
-                                {
-                                buf[0]='\0';
-                                i=BIO_gets(bp,buf,254);
-                                if (i <= 0) break;
-                                while ((i >= 0) && (buf[i] <= ' ')) i--;
-                                buf[++i]='\n'; buf[++i]='\0';
-                                break;
-                                }
-                        }
-                }
-        else
-                {
-                tmpB=headerB;
-                headerB=dataB;
-                dataB=tmpB;
-                bl=hl;
-                }
-        i=strlen(nameB->data);
-        if (    (strncmp(buf,"-----END ",9) != 0) ||
-                (strncmp(nameB->data,&(buf[9]),i) != 0) ||
-                (strncmp(&(buf[9+i]),"-----\n",6) != 0))
-                {
-                PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
-                goto err;
-                }
-        EVP_DecodeInit(&ctx);
-        i=EVP_DecodeUpdate(&ctx,
-                (unsigned char *)dataB->data,&bl,
-                (unsigned char *)dataB->data,bl);
-        if (i < 0)
-                {
-                PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
-                goto err;
-                }
-        i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k);
-        if (i < 0)
-                {
-                PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
-                goto err;
-                }
-        bl+=k;
-        if (bl == 0) goto err;
-        *name=nameB->data;
-        *header=headerB->data;
-        *data=(unsigned char *)dataB->data;
-        *len=bl;
-        OPENSSL_free(nameB);
-        OPENSSL_free(headerB);
-        OPENSSL_free(dataB);
-        return(1);
-err:
-        BUF_MEM_free(nameB);
-        BUF_MEM_free(headerB);
-        BUF_MEM_free(dataB);
-        return(0);
-        }

diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c deleted file mode 100644 index a8db6ffbf5..0000000000 --- a/src/lib/libcrypto/pem/pem_lib.c +++ /dev/null
@@ -1,762 +0,0 @@
1	/* crypto/pem/pem_lib.c */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	#include <stdio.h>
60	#include "cryptlib.h"
61	#include <openssl/buffer.h>
62	#include <openssl/objects.h>
63	#include <openssl/evp.h>
64	#include <openssl/rand.h>
65	#include <openssl/x509.h>
66	#include <openssl/pem.h>
67	#include <openssl/pkcs12.h>
68	#ifndef OPENSSL_NO_DES
69	#include <openssl/des.h>
70	#endif
71
72	const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
73
74	#define MIN_LENGTH 4
75
76	static int load_iv(unsigned char *fromp,unsigned char to, int num);
77	static int check_pem(const char nm, const char name);
78
79	int PEM_def_callback(char buf, int num, int w, void key)
80	{
81	#ifdef OPENSSL_NO_FP_API
82	/* We should not ever call the default callback routine from
83	* windows. */
84	PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
85	return(-1);
86	#else
87	int i,j;
88	const char *prompt;
89	if(key) {
90	i=strlen(key);
91	i=(i > num)?num:i;
92	memcpy(buf,key,i);
93	return(i);
94	}
95
96	prompt=EVP_get_pw_prompt();
97	if (prompt == NULL)
98	prompt="Enter PEM pass phrase:";
99
100	for (;;)
101	{
102	i=EVP_read_pw_string(buf,num,prompt,w);
103	if (i != 0)
104	{
105	PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
106	memset(buf,0,(unsigned int)num);
107	return(-1);
108	}
109	j=strlen(buf);
110	if (j < MIN_LENGTH)
111	{
112	fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH);
113	}
114	else
115	break;
116	}
117	return(j);
118	#endif
119	}
120
121	void PEM_proc_type(char *buf, int type)
122	{
123	const char *str;
124
125	if (type == PEM_TYPE_ENCRYPTED)
126	str="ENCRYPTED";
127	else if (type == PEM_TYPE_MIC_CLEAR)
128	str="MIC-CLEAR";
129	else if (type == PEM_TYPE_MIC_ONLY)
130	str="MIC-ONLY";
131	else
132	str="BAD-TYPE";
133
134	strcat(buf,"Proc-Type: 4,");
135	strcat(buf,str);
136	strcat(buf,"\n");
137	}
138
139	void PEM_dek_info(char buf, const char type, int len, char *str)
140	{
141	static unsigned char map[17]="0123456789ABCDEF";
142	long i;
143	int j;
144
145	strcat(buf,"DEK-Info: ");
146	strcat(buf,type);
147	strcat(buf,",");
148	j=strlen(buf);
149	for (i=0; i<len; i++)
150	{
151	buf[j+i*2] =map[(str[i]>>4)&0x0f];
152	buf[j+i*2+1]=map[(str[i] )&0x0f];
153	}
154	buf[j+i*2]='\n';
155	buf[j+i*2+1]='\0';
156	}
157
158	#ifndef OPENSSL_NO_FP_API
159	char PEM_ASN1_read(char (d2i)(), const char name, FILE fp, char *x,
160	pem_password_cb cb, void u)
161	{
162	BIO *b;
163	char *ret;
164
165	if ((b=BIO_new(BIO_s_file())) == NULL)
166	{
167	PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
168	return(0);
169	}
170	BIO_set_fp(b,fp,BIO_NOCLOSE);
171	ret=PEM_ASN1_read_bio(d2i,name,b,x,cb,u);
172	BIO_free(b);
173	return(ret);
174	}
175	#endif
176
177	static int check_pem(const char nm, const char name)
178	{
179	/* Normal matching nm and name */
180	if (!strcmp(nm,name)) return 1;
181
182	/* Make PEM_STRING_EVP_PKEY match any private key */
183
184	if(!strcmp(nm,PEM_STRING_PKCS8) &&
185	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
186
187	if(!strcmp(nm,PEM_STRING_PKCS8INF) &&
188	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
189
190	if(!strcmp(nm,PEM_STRING_RSA) &&
191	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
192
193	if(!strcmp(nm,PEM_STRING_DSA) &&
194	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
195
196	/* Permit older strings */
197
198	if(!strcmp(nm,PEM_STRING_X509_OLD) &&
199	!strcmp(name,PEM_STRING_X509)) return 1;
200
201	if(!strcmp(nm,PEM_STRING_X509_REQ_OLD) &&
202	!strcmp(name,PEM_STRING_X509_REQ)) return 1;
203
204	/* Allow normal certs to be read as trusted certs */
205	if(!strcmp(nm,PEM_STRING_X509) &&
206	!strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
207
208	if(!strcmp(nm,PEM_STRING_X509_OLD) &&
209	!strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
210
211	/* Some CAs use PKCS#7 with CERTIFICATE headers */
212	if(!strcmp(nm, PEM_STRING_X509) &&
213	!strcmp(name, PEM_STRING_PKCS7)) return 1;
214
215	return 0;
216	}
217
218	int PEM_bytes_read_bio(unsigned char *pdata, long plen, char *pnm, const char name, BIO *bp,
219	pem_password_cb cb, void u)
220	{
221	EVP_CIPHER_INFO cipher;
222	char nm=NULL,header=NULL;
223	unsigned char *data=NULL;
224	long len;
225	int ret = 0;
226
227	for (;;)
228	{
229	if (!PEM_read_bio(bp,&nm,&header,&data,&len)) {
230	if(ERR_GET_REASON(ERR_peek_error()) ==
231	PEM_R_NO_START_LINE)
232	ERR_add_error_data(2, "Expecting: ", name);
233	return 0;
234	}
235	if(check_pem(nm, name)) break;
236	OPENSSL_free(nm);
237	OPENSSL_free(header);
238	OPENSSL_free(data);
239	}
240	if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
241	if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
242
243	*pdata = data;
244	*plen = len;
245
246	if (pnm)
247	*pnm = nm;
248
249	ret = 1;
250
251	err:
252	if (!pnm) OPENSSL_free(nm);
253	OPENSSL_free(header);
254	if (!ret) OPENSSL_free(data);
255	return ret;
256	}
257
258	#ifndef OPENSSL_NO_FP_API
259	int PEM_ASN1_write(int (i2d)(), const char name, FILE fp, char x,
260	const EVP_CIPHER enc, unsigned char kstr, int klen,
261	pem_password_cb callback, void u)
262	{
263	BIO *b;
264	int ret;
265
266	if ((b=BIO_new(BIO_s_file())) == NULL)
267	{
268	PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB);
269	return(0);
270	}
271	BIO_set_fp(b,fp,BIO_NOCLOSE);
272	ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback,u);
273	BIO_free(b);
274	return(ret);
275	}
276	#endif
277
278	int PEM_ASN1_write_bio(int (i2d)(), const char name, BIO bp, char x,
279	const EVP_CIPHER enc, unsigned char kstr, int klen,
280	pem_password_cb callback, void u)
281	{
282	EVP_CIPHER_CTX ctx;
283	int dsize=0,i,j,ret=0;
284	unsigned char p,data=NULL;
285	const char *objstr=NULL;
286	char buf[PEM_BUFSIZE];
287	unsigned char key[EVP_MAX_KEY_LENGTH];
288	unsigned char iv[EVP_MAX_IV_LENGTH];
289
290	if (enc != NULL)
291	{
292	objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
293	if (objstr == NULL)
294	{
295	PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
296	goto err;
297	}
298	}
299
300	if ((dsize=i2d(x,NULL)) < 0)
301	{
302	PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
303	dsize=0;
304	goto err;
305	}
306	/* dzise + 8 bytes are needed */
307	data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20);
308	if (data == NULL)
309	{
310	PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
311	goto err;
312	}
313	p=data;
314	i=i2d(x,&p);
315
316	if (enc != NULL)
317	{
318	if (kstr == NULL)
319	{
320	if (callback == NULL)
321	klen=PEM_def_callback(buf,PEM_BUFSIZE,1,u);
322	else
323	klen=(*callback)(buf,PEM_BUFSIZE,1,u);
324	if (klen <= 0)
325	{
326	PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
327	goto err;
328	}
329	#ifdef CHARSET_EBCDIC
330	/* Convert the pass phrase from EBCDIC */
331	ebcdic2ascii(buf, buf, klen);
332	#endif
333	kstr=(unsigned char *)buf;
334	}
335	RAND_add(data,i,0);/* put in the RSA key. */
336	if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
337	goto err;
338	/* The 'iv' is used as the iv and as a salt. It is
339	* NOT taken from the BytesToKey function */
340	EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
341
342	if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
343
344	buf[0]='\0';
345	PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
346	PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
347	/* k=strlen(buf); */
348
349	EVP_CIPHER_CTX_init(&ctx);
350	EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv);
351	EVP_EncryptUpdate(&ctx,data,&j,data,i);
352	EVP_EncryptFinal_ex(&ctx,&(data[j]),&i);
353	EVP_CIPHER_CTX_cleanup(&ctx);
354	i+=j;
355	ret=1;
356	}
357	else
358	{
359	ret=1;
360	buf[0]='\0';
361	}
362	i=PEM_write_bio(bp,name,buf,data,i);
363	if (i <= 0) ret=0;
364	err:
365	memset(key,0,sizeof(key));
366	memset(iv,0,sizeof(iv));
367	memset((char *)&ctx,0,sizeof(ctx));
368	memset(buf,0,PEM_BUFSIZE);
369	if (data != NULL)
370	{
371	memset(data,0,(unsigned int)dsize);
372	OPENSSL_free(data);
373	}
374	return(ret);
375	}
376
377	int PEM_do_header(EVP_CIPHER_INFO cipher, unsigned char data, long *plen,
378	pem_password_cb callback,void u)
379	{
380	int i,j,o,klen;
381	long len;
382	EVP_CIPHER_CTX ctx;
383	unsigned char key[EVP_MAX_KEY_LENGTH];
384	char buf[PEM_BUFSIZE];
385
386	len= *plen;
387
388	if (cipher->cipher == NULL) return(1);
389	if (callback == NULL)
390	klen=PEM_def_callback(buf,PEM_BUFSIZE,0,u);
391	else
392	klen=callback(buf,PEM_BUFSIZE,0,u);
393	if (klen <= 0)
394	{
395	PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
396	return(0);
397	}
398	#ifdef CHARSET_EBCDIC
399	/* Convert the pass phrase from EBCDIC */
400	ebcdic2ascii(buf, buf, klen);
401	#endif
402
403	EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
404	(unsigned char *)buf,klen,1,key,NULL);
405
406	j=(int)len;
407	EVP_CIPHER_CTX_init(&ctx);
408	EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
409	EVP_DecryptUpdate(&ctx,data,&i,data,j);
410	o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
411	EVP_CIPHER_CTX_cleanup(&ctx);
412	memset((char *)buf,0,sizeof(buf));
413	memset((char *)key,0,sizeof(key));
414	j+=i;
415	if (!o)
416	{
417	PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT);
418	return(0);
419	}
420	*plen=j;
421	return(1);
422	}
423
424	int PEM_get_EVP_CIPHER_INFO(char header, EVP_CIPHER_INFO cipher)
425	{
426	int o;
427	const EVP_CIPHER *enc=NULL;
428	char *p,c;
429
430	cipher->cipher=NULL;
431	if ((header == NULL) \|\| (header == '\0') \|\| (header == '\n'))
432	return(1);
433	if (strncmp(header,"Proc-Type: ",11) != 0)
434	{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); }
435	header+=11;
436	if (*header != '4') return(0); header++;
437	if (*header != ',') return(0); header++;
438	if (strncmp(header,"ENCRYPTED",9) != 0)
439	{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); }
440	for (; (header != '\n') && (header != '\0'); header++)
441	;
442	if (*header == '\0')
443	{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); }
444	header++;
445	if (strncmp(header,"DEK-Info: ",10) != 0)
446	{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); }
447	header+=10;
448
449	p=header;
450	for (;;)
451	{
452	c= *header;
453	#ifndef CHARSET_EBCDIC
454	if (!( ((c >= 'A') && (c <= 'Z')) \|\| (c == '-') \|\|
455	((c >= '0') && (c <= '9'))))
456	break;
457	#else
458	if (!( isupper(c) \|\| (c == '-') \|\|
459	isdigit(c)))
460	break;
461	#endif
462	header++;
463	}
464	*header='\0';
465	o=OBJ_sn2nid(p);
466	cipher->cipher=enc=EVP_get_cipherbyname(p);
467	*header=c;
468	header++;
469
470	if (enc == NULL)
471	{
472	PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
473	return(0);
474	}
475	if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),enc->iv_len)) return(0);
476
477	return(1);
478	}
479
480	static int load_iv(unsigned char *fromp, unsigned char to, int num)
481	{
482	int v,i;
483	unsigned char *from;
484
485	from= *fromp;
486	for (i=0; i<num; i++) to[i]=0;
487	num*=2;
488	for (i=0; i<num; i++)
489	{
490	if ((from >= '0') && (from <= '9'))
491	v= *from-'0';
492	else if ((from >= 'A') && (from <= 'F'))
493	v= *from-'A'+10;
494	else if ((from >= 'a') && (from <= 'f'))
495	v= *from-'a'+10;
496	else
497	{
498	PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS);
499	return(0);
500	}
501	from++;
502	to[i/2]\|=v<<(long)((!(i&1))*4);
503	}
504
505	*fromp=from;
506	return(1);
507	}
508
509	#ifndef OPENSSL_NO_FP_API
510	int PEM_write(FILE fp, char name, char header, unsigned char data,
511	long len)
512	{
513	BIO *b;
514	int ret;
515
516	if ((b=BIO_new(BIO_s_file())) == NULL)
517	{
518	PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB);
519	return(0);
520	}
521	BIO_set_fp(b,fp,BIO_NOCLOSE);
522	ret=PEM_write_bio(b, name, header, data,len);
523	BIO_free(b);
524	return(ret);
525	}
526	#endif
527
528	int PEM_write_bio(BIO bp, const char name, char header, unsigned char data,
529	long len)
530	{
531	int nlen,n,i,j,outl;
532	unsigned char *buf;
533	EVP_ENCODE_CTX ctx;
534	int reason=ERR_R_BUF_LIB;
535
536	EVP_EncodeInit(&ctx);
537	nlen=strlen(name);
538
539	if ( (BIO_write(bp,"-----BEGIN ",11) != 11) \|\|
540	(BIO_write(bp,name,nlen) != nlen) \|\|
541	(BIO_write(bp,"-----\n",6) != 6))
542	goto err;
543
544	i=strlen(header);
545	if (i > 0)
546	{
547	if ( (BIO_write(bp,header,i) != i) \|\|
548	(BIO_write(bp,"\n",1) != 1))
549	goto err;
550	}
551
552	buf=(unsigned char )OPENSSL_malloc(PEM_BUFSIZE8);
553	if (buf == NULL)
554	{
555	reason=ERR_R_MALLOC_FAILURE;
556	goto err;
557	}
558
559	i=j=0;
560	while (len > 0)
561	{
562	n=(int)((len>(PEM_BUFSIZE5))?(PEM_BUFSIZE5):len);
563	EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n);
564	if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl))
565	goto err;
566	i+=outl;
567	len-=n;
568	j+=n;
569	}
570	EVP_EncodeFinal(&ctx,buf,&outl);
571	if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
572	OPENSSL_free(buf);
573	if ( (BIO_write(bp,"-----END ",9) != 9) \|\|
574	(BIO_write(bp,name,nlen) != nlen) \|\|
575	(BIO_write(bp,"-----\n",6) != 6))
576	goto err;
577	return(i+outl);
578	err:
579	PEMerr(PEM_F_PEM_WRITE_BIO,reason);
580	return(0);
581	}
582
583	#ifndef OPENSSL_NO_FP_API
584	int PEM_read(FILE fp, char name, char header, unsigned char *data,
585	long *len)
586	{
587	BIO *b;
588	int ret;
589
590	if ((b=BIO_new(BIO_s_file())) == NULL)
591	{
592	PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB);
593	return(0);
594	}
595	BIO_set_fp(b,fp,BIO_NOCLOSE);
596	ret=PEM_read_bio(b, name, header, data,len);
597	BIO_free(b);
598	return(ret);
599	}
600	#endif
601
602	int PEM_read_bio(BIO bp, char name, char header, unsigned char *data,
603	long *len)
604	{
605	EVP_ENCODE_CTX ctx;
606	int end=0,i,k,bl=0,hl=0,nohead=0;
607	char buf[256];
608	BUF_MEM *nameB;
609	BUF_MEM *headerB;
610	BUF_MEM dataB,tmpB;
611
612	nameB=BUF_MEM_new();
613	headerB=BUF_MEM_new();
614	dataB=BUF_MEM_new();
615	if ((nameB == NULL) \|\| (headerB == NULL) \|\| (dataB == NULL))
616	{
617	PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
618	return(0);
619	}
620
621	buf[254]='\0';
622	for (;;)
623	{
624	i=BIO_gets(bp,buf,254);
625
626	if (i <= 0)
627	{
628	PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE);
629	goto err;
630	}
631
632	while ((i >= 0) && (buf[i] <= ' ')) i--;
633	buf[++i]='\n'; buf[++i]='\0';
634
635	if (strncmp(buf,"-----BEGIN ",11) == 0)
636	{
637	i=strlen(&(buf[11]));
638
639	if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0)
640	continue;
641	if (!BUF_MEM_grow(nameB,i+9))
642	{
643	PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
644	goto err;
645	}
646	memcpy(nameB->data,&(buf[11]),i-6);
647	nameB->data[i-6]='\0';
648	break;
649	}
650	}
651	hl=0;
652	if (!BUF_MEM_grow(headerB,256))
653	{ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
654	headerB->data[0]='\0';
655	for (;;)
656	{
657	i=BIO_gets(bp,buf,254);
658	if (i <= 0) break;
659
660	while ((i >= 0) && (buf[i] <= ' ')) i--;
661	buf[++i]='\n'; buf[++i]='\0';
662
663	if (buf[0] == '\n') break;
664	if (!BUF_MEM_grow(headerB,hl+i+9))
665	{ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
666	if (strncmp(buf,"-----END ",9) == 0)
667	{
668	nohead=1;
669	break;
670	}
671	memcpy(&(headerB->data[hl]),buf,i);
672	headerB->data[hl+i]='\0';
673	hl+=i;
674	}
675
676	bl=0;
677	if (!BUF_MEM_grow(dataB,1024))
678	{ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
679	dataB->data[0]='\0';
680	if (!nohead)
681	{
682	for (;;)
683	{
684	i=BIO_gets(bp,buf,254);
685	if (i <= 0) break;
686
687	while ((i >= 0) && (buf[i] <= ' ')) i--;
688	buf[++i]='\n'; buf[++i]='\0';
689
690	if (i != 65) end=1;
691	if (strncmp(buf,"-----END ",9) == 0)
692	break;
693	if (i > 65) break;
694	if (!BUF_MEM_grow(dataB,i+bl+9))
695	{
696	PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
697	goto err;
698	}
699	memcpy(&(dataB->data[bl]),buf,i);
700	dataB->data[bl+i]='\0';
701	bl+=i;
702	if (end)
703	{
704	buf[0]='\0';
705	i=BIO_gets(bp,buf,254);
706	if (i <= 0) break;
707
708	while ((i >= 0) && (buf[i] <= ' ')) i--;
709	buf[++i]='\n'; buf[++i]='\0';
710
711	break;
712	}
713	}
714	}
715	else
716	{
717	tmpB=headerB;
718	headerB=dataB;
719	dataB=tmpB;
720	bl=hl;
721	}
722	i=strlen(nameB->data);
723	if ( (strncmp(buf,"-----END ",9) != 0) \|\|
724	(strncmp(nameB->data,&(buf[9]),i) != 0) \|\|
725	(strncmp(&(buf[9+i]),"-----\n",6) != 0))
726	{
727	PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
728	goto err;
729	}
730
731	EVP_DecodeInit(&ctx);
732	i=EVP_DecodeUpdate(&ctx,
733	(unsigned char *)dataB->data,&bl,
734	(unsigned char *)dataB->data,bl);
735	if (i < 0)
736	{
737	PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
738	goto err;
739	}
740	i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k);
741	if (i < 0)
742	{
743	PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
744	goto err;
745	}
746	bl+=k;
747
748	if (bl == 0) goto err;
749	*name=nameB->data;
750	*header=headerB->data;
751	data=(unsigned char )dataB->data;
752	*len=bl;
753	OPENSSL_free(nameB);
754	OPENSSL_free(headerB);
755	OPENSSL_free(dataB);
756	return(1);
757	err:
758	BUF_MEM_free(nameB);
759	BUF_MEM_free(headerB);
760	BUF_MEM_free(dataB);
761	return(0);
762	}