summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pem/pem_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/pem/pem_lib.c')
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c69
1 files changed, 31 insertions, 38 deletions
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 7178c8744f..b2c72e1d76 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_lib.c,v 1.43 2016/10/19 16:49:11 jsing Exp $ */ 1/* $OpenBSD: pem_lib.c,v 1.44 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -112,8 +112,7 @@ PEM_def_callback(char *buf, int num, int w, void *key)
112 for (;;) { 112 for (;;) {
113 i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w); 113 i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w);
114 if (i != 0) { 114 if (i != 0) {
115 PEMerr(PEM_F_PEM_DEF_CALLBACK, 115 PEMerror(PEM_R_PROBLEMS_GETTING_PASSWORD);
116 PEM_R_PROBLEMS_GETTING_PASSWORD);
117 memset(buf, 0, num); 116 memset(buf, 0, num);
118 return (-1); 117 return (-1);
119 } 118 }
@@ -176,7 +175,7 @@ PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
176 void *ret; 175 void *ret;
177 176
178 if ((b = BIO_new(BIO_s_file())) == NULL) { 177 if ((b = BIO_new(BIO_s_file())) == NULL) {
179 PEMerr(PEM_F_PEM_ASN1_READ, ERR_R_BUF_LIB); 178 PEMerror(ERR_R_BUF_LIB);
180 return (0); 179 return (0);
181 } 180 }
182 BIO_set_fp(b, fp, BIO_NOCLOSE); 181 BIO_set_fp(b, fp, BIO_NOCLOSE);
@@ -323,7 +322,7 @@ PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, void *x,
323 int ret; 322 int ret;
324 323
325 if ((b = BIO_new(BIO_s_file())) == NULL) { 324 if ((b = BIO_new(BIO_s_file())) == NULL) {
326 PEMerr(PEM_F_PEM_ASN1_WRITE, ERR_R_BUF_LIB); 325 PEMerror(ERR_R_BUF_LIB);
327 return (0); 326 return (0);
328 } 327 }
329 BIO_set_fp(b, fp, BIO_NOCLOSE); 328 BIO_set_fp(b, fp, BIO_NOCLOSE);
@@ -348,14 +347,13 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
348 if (enc != NULL) { 347 if (enc != NULL) {
349 objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc)); 348 objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
350 if (objstr == NULL) { 349 if (objstr == NULL) {
351 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, 350 PEMerror(PEM_R_UNSUPPORTED_CIPHER);
352 PEM_R_UNSUPPORTED_CIPHER);
353 goto err; 351 goto err;
354 } 352 }
355 } 353 }
356 354
357 if ((dsize = i2d(x, NULL)) < 0) { 355 if ((dsize = i2d(x, NULL)) < 0) {
358 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_ASN1_LIB); 356 PEMerror(ERR_R_ASN1_LIB);
359 dsize = 0; 357 dsize = 0;
360 goto err; 358 goto err;
361 } 359 }
@@ -363,7 +361,7 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
363 /* actually it needs the cipher block size extra... */ 361 /* actually it needs the cipher block size extra... */
364 data = malloc(dsize + 20); 362 data = malloc(dsize + 20);
365 if (data == NULL) { 363 if (data == NULL) {
366 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_MALLOC_FAILURE); 364 PEMerror(ERR_R_MALLOC_FAILURE);
367 goto err; 365 goto err;
368 } 366 }
369 p = data; 367 p = data;
@@ -376,14 +374,13 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
376 else 374 else
377 klen = (*callback)(buf, PEM_BUFSIZE, 1, u); 375 klen = (*callback)(buf, PEM_BUFSIZE, 1, u);
378 if (klen <= 0) { 376 if (klen <= 0) {
379 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, 377 PEMerror(PEM_R_READ_KEY);
380 PEM_R_READ_KEY);
381 goto err; 378 goto err;
382 } 379 }
383 kstr = (unsigned char *)buf; 380 kstr = (unsigned char *)buf;
384 } 381 }
385 if ((size_t)enc->iv_len > sizeof(iv)) { 382 if ((size_t)enc->iv_len > sizeof(iv)) {
386 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, EVP_R_IV_TOO_LARGE); 383 PEMerror(EVP_R_IV_TOO_LARGE);
387 goto err; 384 goto err;
388 } 385 }
389 arc4random_buf(iv, enc->iv_len); /* Generate a salt */ 386 arc4random_buf(iv, enc->iv_len); /* Generate a salt */
@@ -397,8 +394,7 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
397 explicit_bzero(buf, PEM_BUFSIZE); 394 explicit_bzero(buf, PEM_BUFSIZE);
398 395
399 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) { 396 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) {
400 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, 397 PEMerror(ASN1_R_BUFFER_TOO_SMALL);
401 ASN1_R_BUFFER_TOO_SMALL);
402 goto err; 398 goto err;
403 } 399 }
404 400
@@ -455,7 +451,7 @@ PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
455 else 451 else
456 klen = callback(buf, PEM_BUFSIZE, 0, u); 452 klen = callback(buf, PEM_BUFSIZE, 0, u);
457 if (klen <= 0) { 453 if (klen <= 0) {
458 PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ); 454 PEMerror(PEM_R_BAD_PASSWORD_READ);
459 return (0); 455 return (0);
460 } 456 }
461 if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]), 457 if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
@@ -474,7 +470,7 @@ PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
474 explicit_bzero((char *)buf, sizeof(buf)); 470 explicit_bzero((char *)buf, sizeof(buf));
475 explicit_bzero((char *)key, sizeof(key)); 471 explicit_bzero((char *)key, sizeof(key));
476 if (!o) { 472 if (!o) {
477 PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT); 473 PEMerror(PEM_R_BAD_DECRYPT);
478 return (0); 474 return (0);
479 } 475 }
480 *plen = j + i; 476 *plen = j + i;
@@ -492,7 +488,7 @@ PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
492 if ((header == NULL) || (*header == '\0') || (*header == '\n')) 488 if ((header == NULL) || (*header == '\0') || (*header == '\n'))
493 return (1); 489 return (1);
494 if (strncmp(header, "Proc-Type: ", 11) != 0) { 490 if (strncmp(header, "Proc-Type: ", 11) != 0) {
495 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE); 491 PEMerror(PEM_R_NOT_PROC_TYPE);
496 return (0); 492 return (0);
497 } 493 }
498 header += 11; 494 header += 11;
@@ -503,18 +499,18 @@ PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
503 return (0); 499 return (0);
504 header++; 500 header++;
505 if (strncmp(header, "ENCRYPTED", 9) != 0) { 501 if (strncmp(header, "ENCRYPTED", 9) != 0) {
506 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED); 502 PEMerror(PEM_R_NOT_ENCRYPTED);
507 return (0); 503 return (0);
508 } 504 }
509 for (; (*header != '\n') && (*header != '\0'); header++) 505 for (; (*header != '\n') && (*header != '\0'); header++)
510 ; 506 ;
511 if (*header == '\0') { 507 if (*header == '\0') {
512 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER); 508 PEMerror(PEM_R_SHORT_HEADER);
513 return (0); 509 return (0);
514 } 510 }
515 header++; 511 header++;
516 if (strncmp(header, "DEK-Info: ", 10) != 0) { 512 if (strncmp(header, "DEK-Info: ", 10) != 0) {
517 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO); 513 PEMerror(PEM_R_NOT_DEK_INFO);
518 return (0); 514 return (0);
519 } 515 }
520 header += 10; 516 header += 10;
@@ -533,8 +529,7 @@ PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
533 header++; 529 header++;
534 530
535 if (enc == NULL) { 531 if (enc == NULL) {
536 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, 532 PEMerror(PEM_R_UNSUPPORTED_ENCRYPTION);
537 PEM_R_UNSUPPORTED_ENCRYPTION);
538 return (0); 533 return (0);
539 } 534 }
540 if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len)) 535 if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len))
@@ -561,7 +556,7 @@ load_iv(char **fromp, unsigned char *to, int num)
561 else if ((*from >= 'a') && (*from <= 'f')) 556 else if ((*from >= 'a') && (*from <= 'f'))
562 v = *from - 'a' + 10; 557 v = *from - 'a' + 10;
563 else { 558 else {
564 PEMerr(PEM_F_LOAD_IV, PEM_R_BAD_IV_CHARS); 559 PEMerror(PEM_R_BAD_IV_CHARS);
565 return (0); 560 return (0);
566 } 561 }
567 from++; 562 from++;
@@ -579,7 +574,7 @@ PEM_write(FILE *fp, char *name, char *header, unsigned char *data, long len)
579 int ret; 574 int ret;
580 575
581 if ((b = BIO_new(BIO_s_file())) == NULL) { 576 if ((b = BIO_new(BIO_s_file())) == NULL) {
582 PEMerr(PEM_F_PEM_WRITE, ERR_R_BUF_LIB); 577 PEMerror(ERR_R_BUF_LIB);
583 return (0); 578 return (0);
584 } 579 }
585 BIO_set_fp(b, fp, BIO_NOCLOSE); 580 BIO_set_fp(b, fp, BIO_NOCLOSE);
@@ -645,7 +640,7 @@ err:
645 explicit_bzero(buf, PEM_BUFSIZE * 8); 640 explicit_bzero(buf, PEM_BUFSIZE * 8);
646 free(buf); 641 free(buf);
647 } 642 }
648 PEMerr(PEM_F_PEM_WRITE_BIO, reason); 643 PEMerror(reason);
649 return (0); 644 return (0);
650} 645}
651 646
@@ -656,7 +651,7 @@ PEM_read(FILE *fp, char **name, char **header, unsigned char **data, long *len)
656 int ret; 651 int ret;
657 652
658 if ((b = BIO_new(BIO_s_file())) == NULL) { 653 if ((b = BIO_new(BIO_s_file())) == NULL) {
659 PEMerr(PEM_F_PEM_READ, ERR_R_BUF_LIB); 654 PEMerror(ERR_R_BUF_LIB);
660 return (0); 655 return (0);
661 } 656 }
662 BIO_set_fp(b, fp, BIO_NOCLOSE); 657 BIO_set_fp(b, fp, BIO_NOCLOSE);
@@ -683,7 +678,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
683 BUF_MEM_free(nameB); 678 BUF_MEM_free(nameB);
684 BUF_MEM_free(headerB); 679 BUF_MEM_free(headerB);
685 BUF_MEM_free(dataB); 680 BUF_MEM_free(dataB);
686 PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); 681 PEMerror(ERR_R_MALLOC_FAILURE);
687 return (0); 682 return (0);
688 } 683 }
689 684
@@ -692,7 +687,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
692 i = BIO_gets(bp, buf, 254); 687 i = BIO_gets(bp, buf, 254);
693 688
694 if (i <= 0) { 689 if (i <= 0) {
695 PEMerr(PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE); 690 PEMerror(PEM_R_NO_START_LINE);
696 goto err; 691 goto err;
697 } 692 }
698 693
@@ -707,8 +702,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
707 if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0) 702 if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0)
708 continue; 703 continue;
709 if (!BUF_MEM_grow(nameB, i + 9)) { 704 if (!BUF_MEM_grow(nameB, i + 9)) {
710 PEMerr(PEM_F_PEM_READ_BIO, 705 PEMerror(ERR_R_MALLOC_FAILURE);
711 ERR_R_MALLOC_FAILURE);
712 goto err; 706 goto err;
713 } 707 }
714 memcpy(nameB->data, &(buf[11]), i - 6); 708 memcpy(nameB->data, &(buf[11]), i - 6);
@@ -718,7 +712,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
718 } 712 }
719 hl = 0; 713 hl = 0;
720 if (!BUF_MEM_grow(headerB, 256)) { 714 if (!BUF_MEM_grow(headerB, 256)) {
721 PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); 715 PEMerror(ERR_R_MALLOC_FAILURE);
722 goto err; 716 goto err;
723 } 717 }
724 headerB->data[0] = '\0'; 718 headerB->data[0] = '\0';
@@ -735,7 +729,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
735 if (buf[0] == '\n') 729 if (buf[0] == '\n')
736 break; 730 break;
737 if (!BUF_MEM_grow(headerB, hl + i + 9)) { 731 if (!BUF_MEM_grow(headerB, hl + i + 9)) {
738 PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); 732 PEMerror(ERR_R_MALLOC_FAILURE);
739 goto err; 733 goto err;
740 } 734 }
741 if (strncmp(buf, "-----END ", 9) == 0) { 735 if (strncmp(buf, "-----END ", 9) == 0) {
@@ -749,7 +743,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
749 743
750 bl = 0; 744 bl = 0;
751 if (!BUF_MEM_grow(dataB, 1024)) { 745 if (!BUF_MEM_grow(dataB, 1024)) {
752 PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); 746 PEMerror(ERR_R_MALLOC_FAILURE);
753 goto err; 747 goto err;
754 } 748 }
755 dataB->data[0] = '\0'; 749 dataB->data[0] = '\0';
@@ -771,8 +765,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
771 if (i > 65) 765 if (i > 65)
772 break; 766 break;
773 if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) { 767 if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) {
774 PEMerr(PEM_F_PEM_READ_BIO, 768 PEMerror(ERR_R_MALLOC_FAILURE);
775 ERR_R_MALLOC_FAILURE);
776 goto err; 769 goto err;
777 } 770 }
778 memcpy(&(dataB->data[bl]), buf, i); 771 memcpy(&(dataB->data[bl]), buf, i);
@@ -802,7 +795,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
802 if ((strncmp(buf, "-----END ", 9) != 0) || 795 if ((strncmp(buf, "-----END ", 9) != 0) ||
803 (strncmp(nameB->data, &(buf[9]), i) != 0) || 796 (strncmp(nameB->data, &(buf[9]), i) != 0) ||
804 (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) { 797 (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) {
805 PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_END_LINE); 798 PEMerror(PEM_R_BAD_END_LINE);
806 goto err; 799 goto err;
807 } 800 }
808 801
@@ -811,12 +804,12 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
811 (unsigned char *)dataB->data, &bl, 804 (unsigned char *)dataB->data, &bl,
812 (unsigned char *)dataB->data, bl); 805 (unsigned char *)dataB->data, bl);
813 if (i < 0) { 806 if (i < 0) {
814 PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE); 807 PEMerror(PEM_R_BAD_BASE64_DECODE);
815 goto err; 808 goto err;
816 } 809 }
817 i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k); 810 i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k);
818 if (i < 0) { 811 if (i < 0) {
819 PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE); 812 PEMerror(PEM_R_BAD_BASE64_DECODE);
820 goto err; 813 goto err;
821 } 814 }
822 bl += k; 815 bl += k;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-03 03:33:10 +0000