1 files changed, 163 insertions, 166 deletions
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 7a2c0ad83b..18b751a91a 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -58,45 +58,40 @@
 #include <stdio.h>
 #include "cryptlib.h"
-#include "buffer.h"
+#include <openssl/buffer.h>
-#include "objects.h"
+#include <openssl/objects.h>
-#include "evp.h"
+#include <openssl/evp.h>
-#include "rand.h"
+#include <openssl/rand.h>
-#include "x509.h"
+#include <openssl/x509.h>
-#include "pem.h"
+#include <openssl/pem.h>
-#ifndef NO_DES
+#include <openssl/pkcs12.h>
-#include "des.h"
+#ifndef OPENSSL_NO_DES
+#include <openssl/des.h>
 #endif
-char *PEM_version="PEM part of SSLeay 0.9.0b 29-Jun-1998";
+const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
 #define MIN_LENGTH      4
-/* PEMerr(PEM_F_PEM_WRITE_BIO,ERR_R_MALLOC_FAILURE);
- * PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
- */
-#ifndef NOPROTO
-static int def_callback(char *buf, int num, int w);
 static int load_iv(unsigned char **fromp,unsigned char *to, int num);
-#else
+static int check_pem(const char *nm, const char *name);
-static int def_callback();
-static int load_iv();
-#endif
-static int def_callback(buf, num, w)
+int PEM_def_callback(char *buf, int num, int w, void *key)
-char *buf;
-int num;
-int w;
        {
-#ifdef NO_FP_API
+#ifdef OPENSSL_NO_FP_API
        /* We should not ever call the default callback routine from
         * windows. */
        PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
        return(-1);
 #else
        int i,j;
-        char *prompt;
+        const char *prompt;
+        if(key) {
+                i=strlen(key);
+                i=(i > num)?num:i;
+                memcpy(buf,key,i);
+                return(i);
+        }
        prompt=EVP_get_pw_prompt();
        if (prompt == NULL)
@@ -123,11 +118,9 @@ int w;
 #endif
        }
-void PEM_proc_type(buf, type)
+void PEM_proc_type(char *buf, int type)
-char *buf;
-int type;
        {
-        char *str;
+        const char *str;
        if (type == PEM_TYPE_ENCRYPTED)
                str="ENCRYPTED";
@@ -143,11 +136,7 @@ int type;
        strcat(buf,"\n");
        }
-void PEM_dek_info(buf, type, len, str)
+void PEM_dek_info(char *buf, const char *type, int len, char *str)
-char *buf;
-char *type;
-int len;
-char *str;
        {
        static unsigned char map[17]="0123456789ABCDEF";
        long i;
@@ -166,13 +155,9 @@ char *str;
        buf[j+i*2+1]='\0';
        }
-#ifndef NO_FP_API
+#ifndef OPENSSL_NO_FP_API
-char *PEM_ASN1_read(d2i,name,fp, x, cb)
+char *PEM_ASN1_read(char *(*d2i)(), const char *name, FILE *fp, char **x,
-char *(*d2i)();
+             pem_password_cb *cb, void *u)
-char *name;
-FILE *fp;
-char **x;
-int (*cb)();
        {
        BIO *b;
        char *ret;
@@ -183,74 +168,97 @@ int (*cb)();
                return(0);
                }
        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_ASN1_read_bio(d2i,name,b,x,cb);
+        ret=PEM_ASN1_read_bio(d2i,name,b,x,cb,u);
        BIO_free(b);
        return(ret);
        }
 #endif
-char *PEM_ASN1_read_bio(d2i,name,bp, x, cb)
+static int check_pem(const char *nm, const char *name)
-char *(*d2i)();
+{
-char *name;
+        /* Normal matching nm and name */
-BIO *bp;
+        if (!strcmp(nm,name)) return 1;
-char **x;
-int (*cb)();
+        /* Make PEM_STRING_EVP_PKEY match any private key */
+        if(!strcmp(nm,PEM_STRING_PKCS8) &&
+                !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
+        if(!strcmp(nm,PEM_STRING_PKCS8INF) &&
+                 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
+        if(!strcmp(nm,PEM_STRING_RSA) &&
+                !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
+        if(!strcmp(nm,PEM_STRING_DSA) &&
+                 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
+        /* Permit older strings */
+        if(!strcmp(nm,PEM_STRING_X509_OLD) &&
+                !strcmp(name,PEM_STRING_X509)) return 1;
+        if(!strcmp(nm,PEM_STRING_X509_REQ_OLD) &&
+                !strcmp(name,PEM_STRING_X509_REQ)) return 1;
+        /* Allow normal certs to be read as trusted certs */
+        if(!strcmp(nm,PEM_STRING_X509) &&
+                !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
+        if(!strcmp(nm,PEM_STRING_X509_OLD) &&
+                !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
+        /* Some CAs use PKCS#7 with CERTIFICATE headers */
+        if(!strcmp(nm, PEM_STRING_X509) &&
+                !strcmp(name, PEM_STRING_PKCS7)) return 1;
+        return 0;
+}
+int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp,
+             pem_password_cb *cb, void *u)
        {
        EVP_CIPHER_INFO cipher;
        char *nm=NULL,*header=NULL;
-        unsigned char *p=NULL,*data=NULL;
+        unsigned char *data=NULL;
        long len;
-        char *ret=NULL;
+        int ret = 0;
        for (;;)
                {
-                if (!PEM_read_bio(bp,&nm,&header,&data,&len)) return(NULL);
+                if (!PEM_read_bio(bp,&nm,&header,&data,&len)) {
-                if (    (strcmp(nm,name) == 0) ||
+                        if(ERR_GET_REASON(ERR_peek_error()) ==
-                        ((strcmp(nm,PEM_STRING_RSA) == 0) &&
+                                PEM_R_NO_START_LINE)
-                         (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
+                                ERR_add_error_data(2, "Expecting: ", name);
-                        ((strcmp(nm,PEM_STRING_DSA) == 0) &&
+                        return 0;
-                         (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
-                        ((strcmp(nm,PEM_STRING_X509_OLD) == 0) &&
-                         (strcmp(name,PEM_STRING_X509) == 0)) ||
-                        ((strcmp(nm,PEM_STRING_X509_REQ_OLD) == 0) &&
-                         (strcmp(name,PEM_STRING_X509_REQ) == 0))
-                        )
-                        break;
-                Free(nm);
-                Free(header);
-                Free(data);
                }
-        if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
+                if(check_pem(nm, name)) break;
-        if (!PEM_do_header(&cipher,data,&len,cb)) goto err;
+                OPENSSL_free(nm);
-        p=data;
+                OPENSSL_free(header);
-        if (strcmp(name,PEM_STRING_EVP_PKEY) == 0)
+                OPENSSL_free(data);
-                {
-                if (strcmp(nm,PEM_STRING_RSA) == 0)
-                        ret=d2i(EVP_PKEY_RSA,x,&p,len);
-                else if (strcmp(nm,PEM_STRING_DSA) == 0)
-                        ret=d2i(EVP_PKEY_DSA,x,&p,len);
                }
-        else    
+        if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
-                ret=d2i(x,&p,len);
+        if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
-        if (ret == NULL)
-                PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
+        *pdata = data;
+        *plen = len;
+        if (pnm)
+                *pnm = nm;
+        ret = 1;
 err:
-        Free(nm);
+        if (!pnm) OPENSSL_free(nm);
-        Free(header);
+        OPENSSL_free(header);
-        Free(data);
+        if (!ret) OPENSSL_free(data);
-        return(ret);
+        return ret;
        }
-#ifndef NO_FP_API
+#ifndef OPENSSL_NO_FP_API
-int PEM_ASN1_write(i2d,name,fp, x, enc, kstr, klen, callback)
+int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x,
-int (*i2d)();
+             const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-char *name;
+             pem_password_cb *callback, void *u)
-FILE *fp;
-char *x;
-EVP_CIPHER *enc;
-unsigned char *kstr;
-int klen;
-int (*callback)();
        {
        BIO *b;
        int ret;
@@ -261,27 +269,20 @@ int (*callback)();
                return(0);
                }
        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback);
+        ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback,u);
        BIO_free(b);
        return(ret);
        }
 #endif
-int PEM_ASN1_write_bio(i2d,name,bp, x, enc, kstr, klen, callback)
+int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
-int (*i2d)();
+             const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-char *name;
+             pem_password_cb *callback, void *u)
-BIO *bp;
-char *x;
-EVP_CIPHER *enc;
-unsigned char *kstr;
-int klen;
-int (*callback)();
        {
        EVP_CIPHER_CTX ctx;
        int dsize=0,i,j,ret=0;
        unsigned char *p,*data=NULL;
-        char *objstr=NULL;
+        const char *objstr=NULL;
-#define PEM_BUFSIZE     1024
        char buf[PEM_BUFSIZE];
        unsigned char key[EVP_MAX_KEY_LENGTH];
        unsigned char iv[EVP_MAX_IV_LENGTH];
@@ -303,7 +304,7 @@ int (*callback)();
                goto err;
                }
        /* dzise + 8 bytes are needed */
-        data=(unsigned char *)Malloc((unsigned int)dsize+20);
+        data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20);
        if (data == NULL)
                {
                PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
@@ -317,18 +318,23 @@ int (*callback)();
                if (kstr == NULL)
                        {
                        if (callback == NULL)
-                                klen=def_callback(buf,PEM_BUFSIZE,1);
+                                klen=PEM_def_callback(buf,PEM_BUFSIZE,1,u);
                        else
-                                klen=(*callback)(buf,PEM_BUFSIZE,1);
+                                klen=(*callback)(buf,PEM_BUFSIZE,1,u);
                        if (klen <= 0)
                                {
                                PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
                                goto err;
                                }
+#ifdef CHARSET_EBCDIC
+                        /* Convert the pass phrase from EBCDIC */
+                        ebcdic2ascii(buf, buf, klen);
+#endif
                        kstr=(unsigned char *)buf;
                        }
-                RAND_seed(data,i);/* put in the RSA key. */
+                RAND_add(data,i,0);/* put in the RSA key. */
-                RAND_bytes(iv,8);       /* Generate a salt */
+                if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
+                        goto err;
                /* The 'iv' is used as the iv and as a salt.  It is
                 * NOT taken from the BytesToKey function */
                EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
@@ -337,12 +343,14 @@ int (*callback)();
                buf[0]='\0';
                PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-                PEM_dek_info(buf,objstr,8,(char *)iv);
+                PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
                /* k=strlen(buf); */
-        
-                EVP_EncryptInit(&ctx,enc,key,iv);
+                EVP_CIPHER_CTX_init(&ctx);
+                EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv);
                EVP_EncryptUpdate(&ctx,data,&j,data,i);
-                EVP_EncryptFinal(&ctx,&(data[j]),&i);
+                EVP_EncryptFinal_ex(&ctx,&(data[j]),&i);
+                EVP_CIPHER_CTX_cleanup(&ctx);
                i+=j;
                ret=1;
                }
@@ -359,15 +367,12 @@ err:
        memset((char *)&ctx,0,sizeof(ctx));
        memset(buf,0,PEM_BUFSIZE);
        memset(data,0,(unsigned int)dsize);
-        Free(data);
+        OPENSSL_free(data);
        return(ret);
        }
-int PEM_do_header(cipher, data, plen, callback)
+int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
-EVP_CIPHER_INFO *cipher;
+             pem_password_cb *callback,void *u)
-unsigned char *data;
-long *plen;
-int (*callback)();
        {
        int i,j,o,klen;
        long len;
@@ -379,21 +384,27 @@ int (*callback)();
        if (cipher->cipher == NULL) return(1);
        if (callback == NULL)
-                klen=def_callback(buf,PEM_BUFSIZE,0);
+                klen=PEM_def_callback(buf,PEM_BUFSIZE,0,u);
        else
-                klen=callback(buf,PEM_BUFSIZE,0);
+                klen=callback(buf,PEM_BUFSIZE,0,u);
        if (klen <= 0)
                {
                PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
                return(0);
                }
+#ifdef CHARSET_EBCDIC
+        /* Convert the pass phrase from EBCDIC */
+        ebcdic2ascii(buf, buf, klen);
+#endif
        EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
                (unsigned char *)buf,klen,1,key,NULL);
        j=(int)len;
-        EVP_DecryptInit(&ctx,cipher->cipher,key,&(cipher->iv[0]));
+        EVP_CIPHER_CTX_init(&ctx);
+        EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
        EVP_DecryptUpdate(&ctx,data,&i,data,j);
-        o=EVP_DecryptFinal(&ctx,&(data[i]),&j);
+        o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
        EVP_CIPHER_CTX_cleanup(&ctx);
        memset((char *)buf,0,sizeof(buf));
        memset((char *)key,0,sizeof(key));
@@ -407,12 +418,10 @@ int (*callback)();
        return(1);
        }
-int PEM_get_EVP_CIPHER_INFO(header,cipher)
+int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
-char *header;
-EVP_CIPHER_INFO *cipher;
        {
        int o;
-        EVP_CIPHER *enc=NULL;
+        const EVP_CIPHER *enc=NULL;
        char *p,c;
        cipher->cipher=NULL;
@@ -438,9 +447,15 @@ EVP_CIPHER_INFO *cipher;
        for (;;)
                {
                c= *header;
+#ifndef CHARSET_EBCDIC
                if (!(  ((c >= 'A') && (c <= 'Z')) || (c == '-') ||
                        ((c >= '0') && (c <= '9'))))
                        break;
+#else
+                if (!(  isupper(c) || (c == '-') ||
+                        isdigit(c)))
+                        break;
+#endif
                header++;
                }
        *header='\0';
@@ -454,14 +469,12 @@ EVP_CIPHER_INFO *cipher;
                PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
                return(0);
                }
-        if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);
+        if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),enc->iv_len)) return(0);
        return(1);
        }
-static int load_iv(fromp,to,num)
+static int load_iv(unsigned char **fromp, unsigned char *to, int num)
-unsigned char **fromp,*to;
-int num;
        {
        int v,i;
        unsigned char *from;
@@ -490,13 +503,9 @@ int num;
        return(1);
        }
-#ifndef NO_FP_API
+#ifndef OPENSSL_NO_FP_API
-int PEM_write(fp, name, header, data,len)
+int PEM_write(FILE *fp, char *name, char *header, unsigned char *data,
-FILE *fp;
+             long len)
-char *name;
-char *header;
-unsigned char *data;
-long len;
        {
        BIO *b;
        int ret;
@@ -513,12 +522,8 @@ long len;
        }
 #endif
-int PEM_write_bio(bp, name, header, data,len)
+int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
-BIO *bp;
+             long len)
-char *name;
-char *header;
-unsigned char *data;
-long len;
        {
        int nlen,n,i,j,outl;
        unsigned char *buf;
@@ -541,7 +546,7 @@ long len;
                        goto err;
                }
-        buf=(unsigned char *)Malloc(PEM_BUFSIZE*8);
+        buf=(unsigned char *)OPENSSL_malloc(PEM_BUFSIZE*8);
        if (buf == NULL)
                {
                reason=ERR_R_MALLOC_FAILURE;
@@ -561,7 +566,7 @@ long len;
                }
        EVP_EncodeFinal(&ctx,buf,&outl);
        if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
-        Free(buf);
+        OPENSSL_free(buf);
        if (    (BIO_write(bp,"-----END ",9) != 9) ||
                (BIO_write(bp,name,nlen) != nlen) ||
                (BIO_write(bp,"-----\n",6) != 6))
@@ -572,13 +577,9 @@ err:
        return(0);
        }
-#ifndef NO_FP_API
+#ifndef OPENSSL_NO_FP_API
-int PEM_read(fp, name, header, data,len)
+int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
-FILE *fp;
+             long *len)
-char **name;
-char **header;
-unsigned char **data;
-long *len;
        {
        BIO *b;
        int ret;
@@ -595,12 +596,8 @@ long *len;
        }
 #endif
-int PEM_read_bio(bp, name, header, data, len)
+int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
-BIO *bp;
+             long *len)
-char **name;
-char **header;
-unsigned char **data;
-long *len;
        {
        EVP_ENCODE_CTX ctx;
        int end=0,i,k,bl=0,hl=0,nohead=0;
@@ -643,7 +640,7 @@ long *len;
                                PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
                                goto err;
                                }
-                        strncpy(nameB->data,&(buf[11]),(unsigned int)i-6);
+                        memcpy(nameB->data,&(buf[11]),i-6);
                        nameB->data[i-6]='\0';
                        break;
                        }
@@ -668,7 +665,7 @@ long *len;
                        nohead=1;
                        break;
                        }
-                strncpy(&(headerB->data[hl]),buf,(unsigned int)i);
+                memcpy(&(headerB->data[hl]),buf,i);
                headerB->data[hl+i]='\0';
                hl+=i;
                }
@@ -696,7 +693,7 @@ long *len;
                                PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
                                goto err;
                                }
-                        strncpy(&(dataB->data[bl]),buf,(unsigned int)i);
+                        memcpy(&(dataB->data[bl]),buf,i);
                        dataB->data[bl+i]='\0';
                        bl+=i;
                        if (end)
@@ -721,7 +718,7 @@ long *len;
                }
        i=strlen(nameB->data);
        if (    (strncmp(buf,"-----END ",9) != 0) ||
-                (strncmp(nameB->data,&(buf[9]),(unsigned int)i) != 0) ||
+                (strncmp(nameB->data,&(buf[9]),i) != 0) ||
                (strncmp(&(buf[9+i]),"-----\n",6) != 0))
                {
                PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
@@ -750,9 +747,9 @@ long *len;
        *header=headerB->data;
        *data=(unsigned char *)dataB->data;
        *len=bl;
-        Free(nameB);
+        OPENSSL_free(nameB);
-        Free(headerB);
+        OPENSSL_free(headerB);
-        Free(dataB);
+        OPENSSL_free(dataB);
        return(1);
 err:
        BUF_MEM_free(nameB);

diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c index 7a2c0ad83b..18b751a91a 100644 --- a/src/lib/libcrypto/pem/pem_lib.c +++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -58,45 +58,40 @@
58		58
59	#include <stdio.h>	59	#include <stdio.h>
60	#include "cryptlib.h"	60	#include "cryptlib.h"
61	#include "buffer.h"	61	#include <openssl/buffer.h>
62	#include "objects.h"	62	#include <openssl/objects.h>
63	#include "evp.h"	63	#include <openssl/evp.h>
64	#include "rand.h"	64	#include <openssl/rand.h>
65	#include "x509.h"	65	#include <openssl/x509.h>
66	#include "pem.h"	66	#include <openssl/pem.h>
67	#ifndef NO_DES	67	#include <openssl/pkcs12.h>
68	#include "des.h"	68	#ifndef OPENSSL_NO_DES
		69	#include <openssl/des.h>
69	#endif	70	#endif
70		71
71	char *PEM_version="PEM part of SSLeay 0.9.0b 29-Jun-1998";	72	const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
72		73
73	#define MIN_LENGTH 4	74	#define MIN_LENGTH 4
74		75
75	/* PEMerr(PEM_F_PEM_WRITE_BIO,ERR_R_MALLOC_FAILURE);
76	* PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
77	*/
78
79	#ifndef NOPROTO
80	static int def_callback(char *buf, int num, int w);
81	static int load_iv(unsigned char *fromp,unsigned char to, int num);	76	static int load_iv(unsigned char *fromp,unsigned char to, int num);
82	#else	77	static int check_pem(const char nm, const char name);
83	static int def_callback();
84	static int load_iv();
85	#endif
86		78
87	static int def_callback(buf, num, w)	79	int PEM_def_callback(char buf, int num, int w, void key)
88	char *buf;
89	int num;
90	int w;
91	{	80	{
92	#ifdef NO_FP_API	81	#ifdef OPENSSL_NO_FP_API
93	/* We should not ever call the default callback routine from	82	/* We should not ever call the default callback routine from
94	* windows. */	83	* windows. */
95	PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);	84	PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
96	return(-1);	85	return(-1);
97	#else	86	#else
98	int i,j;	87	int i,j;
99	char *prompt;	88	const char *prompt;
		89	if(key) {
		90	i=strlen(key);
		91	i=(i > num)?num:i;
		92	memcpy(buf,key,i);
		93	return(i);
		94	}
100		95
101	prompt=EVP_get_pw_prompt();	96	prompt=EVP_get_pw_prompt();
102	if (prompt == NULL)	97	if (prompt == NULL)
@@ -123,11 +118,9 @@ int w;
123	#endif	118	#endif
124	}	119	}
125		120
126	void PEM_proc_type(buf, type)	121	void PEM_proc_type(char *buf, int type)
127	char *buf;
128	int type;
129	{	122	{
130	char *str;	123	const char *str;
131		124
132	if (type == PEM_TYPE_ENCRYPTED)	125	if (type == PEM_TYPE_ENCRYPTED)
133	str="ENCRYPTED";	126	str="ENCRYPTED";
@@ -143,11 +136,7 @@ int type;
143	strcat(buf,"\n");	136	strcat(buf,"\n");
144	}	137	}
145		138
146	void PEM_dek_info(buf, type, len, str)	139	void PEM_dek_info(char buf, const char type, int len, char *str)
147	char *buf;
148	char *type;
149	int len;
150	char *str;
151	{	140	{
152	static unsigned char map[17]="0123456789ABCDEF";	141	static unsigned char map[17]="0123456789ABCDEF";
153	long i;	142	long i;
@@ -166,13 +155,9 @@ char *str;
166	buf[j+i*2+1]='\0';	155	buf[j+i*2+1]='\0';
167	}	156	}
168		157
169	#ifndef NO_FP_API	158	#ifndef OPENSSL_NO_FP_API
170	char *PEM_ASN1_read(d2i,name,fp, x, cb)	159	char PEM_ASN1_read(char (d2i)(), const char name, FILE fp, char *x,
171	char (d2i)();	160	pem_password_cb cb, void u)
172	char *name;
173	FILE *fp;
174	char **x;
175	int (*cb)();
176	{	161	{
177	BIO *b;	162	BIO *b;
178	char *ret;	163	char *ret;
@@ -183,74 +168,97 @@ int (*cb)();
183	return(0);	168	return(0);
184	}	169	}
185	BIO_set_fp(b,fp,BIO_NOCLOSE);	170	BIO_set_fp(b,fp,BIO_NOCLOSE);
186	ret=PEM_ASN1_read_bio(d2i,name,b,x,cb);	171	ret=PEM_ASN1_read_bio(d2i,name,b,x,cb,u);
187	BIO_free(b);	172	BIO_free(b);
188	return(ret);	173	return(ret);
189	}	174	}
190	#endif	175	#endif
191		176
192	char *PEM_ASN1_read_bio(d2i,name,bp, x, cb)	177	static int check_pem(const char nm, const char name)
193	char (d2i)();	178	{
194	char *name;	179	/* Normal matching nm and name */
195	BIO *bp;	180	if (!strcmp(nm,name)) return 1;
196	char **x;	181
197	int (*cb)();	182	/* Make PEM_STRING_EVP_PKEY match any private key */
		183
		184	if(!strcmp(nm,PEM_STRING_PKCS8) &&
		185	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
		186
		187	if(!strcmp(nm,PEM_STRING_PKCS8INF) &&
		188	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
		189
		190	if(!strcmp(nm,PEM_STRING_RSA) &&
		191	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
		192
		193	if(!strcmp(nm,PEM_STRING_DSA) &&
		194	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
		195
		196	/* Permit older strings */
		197
		198	if(!strcmp(nm,PEM_STRING_X509_OLD) &&
		199	!strcmp(name,PEM_STRING_X509)) return 1;
		200
		201	if(!strcmp(nm,PEM_STRING_X509_REQ_OLD) &&
		202	!strcmp(name,PEM_STRING_X509_REQ)) return 1;
		203
		204	/* Allow normal certs to be read as trusted certs */
		205	if(!strcmp(nm,PEM_STRING_X509) &&
		206	!strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
		207
		208	if(!strcmp(nm,PEM_STRING_X509_OLD) &&
		209	!strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
		210
		211	/* Some CAs use PKCS#7 with CERTIFICATE headers */
		212	if(!strcmp(nm, PEM_STRING_X509) &&
		213	!strcmp(name, PEM_STRING_PKCS7)) return 1;
		214
		215	return 0;
		216	}
		217
		218	int PEM_bytes_read_bio(unsigned char *pdata, long plen, char *pnm, const char name, BIO *bp,
		219	pem_password_cb cb, void u)
198	{	220	{
199	EVP_CIPHER_INFO cipher;	221	EVP_CIPHER_INFO cipher;
200	char nm=NULL,header=NULL;	222	char nm=NULL,header=NULL;
201	unsigned char p=NULL,data=NULL;	223	unsigned char *data=NULL;
202	long len;	224	long len;
203	char *ret=NULL;	225	int ret = 0;
204		226
205	for (;;)	227	for (;;)
206	{	228	{
207	if (!PEM_read_bio(bp,&nm,&header,&data,&len)) return(NULL);	229	if (!PEM_read_bio(bp,&nm,&header,&data,&len)) {
208	if ( (strcmp(nm,name) == 0) \|\|	230	if(ERR_GET_REASON(ERR_peek_error()) ==
209	((strcmp(nm,PEM_STRING_RSA) == 0) &&	231	PEM_R_NO_START_LINE)
210	(strcmp(name,PEM_STRING_EVP_PKEY) == 0)) \|\|	232	ERR_add_error_data(2, "Expecting: ", name);
211	((strcmp(nm,PEM_STRING_DSA) == 0) &&	233	return 0;
212	(strcmp(name,PEM_STRING_EVP_PKEY) == 0)) \|\|
213	((strcmp(nm,PEM_STRING_X509_OLD) == 0) &&
214	(strcmp(name,PEM_STRING_X509) == 0)) \|\|
215	((strcmp(nm,PEM_STRING_X509_REQ_OLD) == 0) &&
216	(strcmp(name,PEM_STRING_X509_REQ) == 0))
217	)
218	break;
219	Free(nm);
220	Free(header);
221	Free(data);
222	}	234	}
223	if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;	235	if(check_pem(nm, name)) break;
224	if (!PEM_do_header(&cipher,data,&len,cb)) goto err;	236	OPENSSL_free(nm);
225	p=data;	237	OPENSSL_free(header);
226	if (strcmp(name,PEM_STRING_EVP_PKEY) == 0)	238	OPENSSL_free(data);
227	{
228	if (strcmp(nm,PEM_STRING_RSA) == 0)
229	ret=d2i(EVP_PKEY_RSA,x,&p,len);
230	else if (strcmp(nm,PEM_STRING_DSA) == 0)
231	ret=d2i(EVP_PKEY_DSA,x,&p,len);
232	}	239	}
233	else	240	if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
234	ret=d2i(x,&p,len);	241	if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
235	if (ret == NULL)	242
236	PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);	243	*pdata = data;
		244	*plen = len;
		245
		246	if (pnm)
		247	*pnm = nm;
		248
		249	ret = 1;
		250
237	err:	251	err:
238	Free(nm);	252	if (!pnm) OPENSSL_free(nm);
239	Free(header);	253	OPENSSL_free(header);
240	Free(data);	254	if (!ret) OPENSSL_free(data);
241	return(ret);	255	return ret;
242	}	256	}
243		257
244	#ifndef NO_FP_API	258	#ifndef OPENSSL_NO_FP_API
245	int PEM_ASN1_write(i2d,name,fp, x, enc, kstr, klen, callback)	259	int PEM_ASN1_write(int (i2d)(), const char name, FILE fp, char x,
246	int (*i2d)();	260	const EVP_CIPHER enc, unsigned char kstr, int klen,
247	char *name;	261	pem_password_cb callback, void u)
248	FILE *fp;
249	char *x;
250	EVP_CIPHER *enc;
251	unsigned char *kstr;
252	int klen;
253	int (*callback)();
254	{	262	{
255	BIO *b;	263	BIO *b;
256	int ret;	264	int ret;
@@ -261,27 +269,20 @@ int (*callback)();
261	return(0);	269	return(0);
262	}	270	}
263	BIO_set_fp(b,fp,BIO_NOCLOSE);	271	BIO_set_fp(b,fp,BIO_NOCLOSE);
264	ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback);	272	ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback,u);
265	BIO_free(b);	273	BIO_free(b);
266	return(ret);	274	return(ret);
267	}	275	}
268	#endif	276	#endif
269		277
270	int PEM_ASN1_write_bio(i2d,name,bp, x, enc, kstr, klen, callback)	278	int PEM_ASN1_write_bio(int (i2d)(), const char name, BIO bp, char x,
271	int (*i2d)();	279	const EVP_CIPHER enc, unsigned char kstr, int klen,
272	char *name;	280	pem_password_cb callback, void u)
273	BIO *bp;
274	char *x;
275	EVP_CIPHER *enc;
276	unsigned char *kstr;
277	int klen;
278	int (*callback)();
279	{	281	{
280	EVP_CIPHER_CTX ctx;	282	EVP_CIPHER_CTX ctx;
281	int dsize=0,i,j,ret=0;	283	int dsize=0,i,j,ret=0;
282	unsigned char p,data=NULL;	284	unsigned char p,data=NULL;
283	char *objstr=NULL;	285	const char *objstr=NULL;
284	#define PEM_BUFSIZE 1024
285	char buf[PEM_BUFSIZE];	286	char buf[PEM_BUFSIZE];
286	unsigned char key[EVP_MAX_KEY_LENGTH];	287	unsigned char key[EVP_MAX_KEY_LENGTH];
287	unsigned char iv[EVP_MAX_IV_LENGTH];	288	unsigned char iv[EVP_MAX_IV_LENGTH];
@@ -303,7 +304,7 @@ int (*callback)();
303	goto err;	304	goto err;
304	}	305	}
305	/* dzise + 8 bytes are needed */	306	/* dzise + 8 bytes are needed */
306	data=(unsigned char *)Malloc((unsigned int)dsize+20);	307	data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20);
307	if (data == NULL)	308	if (data == NULL)
308	{	309	{
309	PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);	310	PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
@@ -317,18 +318,23 @@ int (*callback)();
317	if (kstr == NULL)	318	if (kstr == NULL)
318	{	319	{
319	if (callback == NULL)	320	if (callback == NULL)
320	klen=def_callback(buf,PEM_BUFSIZE,1);	321	klen=PEM_def_callback(buf,PEM_BUFSIZE,1,u);
321	else	322	else
322	klen=(*callback)(buf,PEM_BUFSIZE,1);	323	klen=(*callback)(buf,PEM_BUFSIZE,1,u);
323	if (klen <= 0)	324	if (klen <= 0)
324	{	325	{
325	PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);	326	PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
326	goto err;	327	goto err;
327	}	328	}
		329	#ifdef CHARSET_EBCDIC
		330	/* Convert the pass phrase from EBCDIC */
		331	ebcdic2ascii(buf, buf, klen);
		332	#endif
328	kstr=(unsigned char *)buf;	333	kstr=(unsigned char *)buf;
329	}	334	}
330	RAND_seed(data,i);/* put in the RSA key. */	335	RAND_add(data,i,0);/* put in the RSA key. */
331	RAND_bytes(iv,8); /* Generate a salt */	336	if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
		337	goto err;
332	/* The 'iv' is used as the iv and as a salt. It is	338	/* The 'iv' is used as the iv and as a salt. It is
333	* NOT taken from the BytesToKey function */	339	* NOT taken from the BytesToKey function */
334	EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);	340	EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
@@ -337,12 +343,14 @@ int (*callback)();
337		343
338	buf[0]='\0';	344	buf[0]='\0';
339	PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);	345	PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
340	PEM_dek_info(buf,objstr,8,(char *)iv);	346	PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
341	/* k=strlen(buf); */	347	/* k=strlen(buf); */
342		348
343	EVP_EncryptInit(&ctx,enc,key,iv);	349	EVP_CIPHER_CTX_init(&ctx);
		350	EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv);
344	EVP_EncryptUpdate(&ctx,data,&j,data,i);	351	EVP_EncryptUpdate(&ctx,data,&j,data,i);
345	EVP_EncryptFinal(&ctx,&(data[j]),&i);	352	EVP_EncryptFinal_ex(&ctx,&(data[j]),&i);
		353	EVP_CIPHER_CTX_cleanup(&ctx);
346	i+=j;	354	i+=j;
347	ret=1;	355	ret=1;
348	}	356	}
@@ -359,15 +367,12 @@ err:
359	memset((char *)&ctx,0,sizeof(ctx));	367	memset((char *)&ctx,0,sizeof(ctx));
360	memset(buf,0,PEM_BUFSIZE);	368	memset(buf,0,PEM_BUFSIZE);
361	memset(data,0,(unsigned int)dsize);	369	memset(data,0,(unsigned int)dsize);
362	Free(data);	370	OPENSSL_free(data);
363	return(ret);	371	return(ret);
364	}	372	}
365		373
366	int PEM_do_header(cipher, data, plen, callback)	374	int PEM_do_header(EVP_CIPHER_INFO cipher, unsigned char data, long *plen,
367	EVP_CIPHER_INFO *cipher;	375	pem_password_cb callback,void u)
368	unsigned char *data;
369	long *plen;
370	int (*callback)();
371	{	376	{
372	int i,j,o,klen;	377	int i,j,o,klen;
373	long len;	378	long len;
@@ -379,21 +384,27 @@ int (*callback)();
379		384
380	if (cipher->cipher == NULL) return(1);	385	if (cipher->cipher == NULL) return(1);
381	if (callback == NULL)	386	if (callback == NULL)
382	klen=def_callback(buf,PEM_BUFSIZE,0);	387	klen=PEM_def_callback(buf,PEM_BUFSIZE,0,u);
383	else	388	else
384	klen=callback(buf,PEM_BUFSIZE,0);	389	klen=callback(buf,PEM_BUFSIZE,0,u);
385	if (klen <= 0)	390	if (klen <= 0)
386	{	391	{
387	PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);	392	PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
388	return(0);	393	return(0);
389	}	394	}
		395	#ifdef CHARSET_EBCDIC
		396	/* Convert the pass phrase from EBCDIC */
		397	ebcdic2ascii(buf, buf, klen);
		398	#endif
		399
390	EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),	400	EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
391	(unsigned char *)buf,klen,1,key,NULL);	401	(unsigned char *)buf,klen,1,key,NULL);
392		402
393	j=(int)len;	403	j=(int)len;
394	EVP_DecryptInit(&ctx,cipher->cipher,key,&(cipher->iv[0]));	404	EVP_CIPHER_CTX_init(&ctx);
		405	EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
395	EVP_DecryptUpdate(&ctx,data,&i,data,j);	406	EVP_DecryptUpdate(&ctx,data,&i,data,j);
396	o=EVP_DecryptFinal(&ctx,&(data[i]),&j);	407	o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
397	EVP_CIPHER_CTX_cleanup(&ctx);	408	EVP_CIPHER_CTX_cleanup(&ctx);
398	memset((char *)buf,0,sizeof(buf));	409	memset((char *)buf,0,sizeof(buf));
399	memset((char *)key,0,sizeof(key));	410	memset((char *)key,0,sizeof(key));
@@ -407,12 +418,10 @@ int (*callback)();
407	return(1);	418	return(1);
408	}	419	}
409		420
410	int PEM_get_EVP_CIPHER_INFO(header,cipher)	421	int PEM_get_EVP_CIPHER_INFO(char header, EVP_CIPHER_INFO cipher)
411	char *header;
412	EVP_CIPHER_INFO *cipher;
413	{	422	{
414	int o;	423	int o;
415	EVP_CIPHER *enc=NULL;	424	const EVP_CIPHER *enc=NULL;
416	char *p,c;	425	char *p,c;
417		426
418	cipher->cipher=NULL;	427	cipher->cipher=NULL;
@@ -438,9 +447,15 @@ EVP_CIPHER_INFO *cipher;
438	for (;;)	447	for (;;)
439	{	448	{
440	c= *header;	449	c= *header;
		450	#ifndef CHARSET_EBCDIC
441	if (!( ((c >= 'A') && (c <= 'Z')) \|\| (c == '-') \|\|	451	if (!( ((c >= 'A') && (c <= 'Z')) \|\| (c == '-') \|\|
442	((c >= '0') && (c <= '9'))))	452	((c >= '0') && (c <= '9'))))
443	break;	453	break;
		454	#else
		455	if (!( isupper(c) \|\| (c == '-') \|\|
		456	isdigit(c)))
		457	break;
		458	#endif
444	header++;	459	header++;
445	}	460	}
446	*header='\0';	461	*header='\0';
@@ -454,14 +469,12 @@ EVP_CIPHER_INFO *cipher;
454	PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);	469	PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
455	return(0);	470	return(0);
456	}	471	}
457	if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);	472	if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),enc->iv_len)) return(0);
458		473
459	return(1);	474	return(1);
460	}	475	}
461		476
462	static int load_iv(fromp,to,num)	477	static int load_iv(unsigned char *fromp, unsigned char to, int num)
463	unsigned char *fromp,to;
464	int num;
465	{	478	{
466	int v,i;	479	int v,i;
467	unsigned char *from;	480	unsigned char *from;
@@ -490,13 +503,9 @@ int num;
490	return(1);	503	return(1);
491	}	504	}
492		505
493	#ifndef NO_FP_API	506	#ifndef OPENSSL_NO_FP_API
494	int PEM_write(fp, name, header, data,len)	507	int PEM_write(FILE fp, char name, char header, unsigned char data,
495	FILE *fp;	508	long len)
496	char *name;
497	char *header;
498	unsigned char *data;
499	long len;
500	{	509	{
501	BIO *b;	510	BIO *b;
502	int ret;	511	int ret;
@@ -513,12 +522,8 @@ long len;
513	}	522	}
514	#endif	523	#endif
515		524
516	int PEM_write_bio(bp, name, header, data,len)	525	int PEM_write_bio(BIO bp, const char name, char header, unsigned char data,
517	BIO *bp;	526	long len)
518	char *name;
519	char *header;
520	unsigned char *data;
521	long len;
522	{	527	{
523	int nlen,n,i,j,outl;	528	int nlen,n,i,j,outl;
524	unsigned char *buf;	529	unsigned char *buf;
@@ -541,7 +546,7 @@ long len;
541	goto err;	546	goto err;
542	}	547	}
543		548
544	buf=(unsigned char )Malloc(PEM_BUFSIZE8);	549	buf=(unsigned char )OPENSSL_malloc(PEM_BUFSIZE8);
545	if (buf == NULL)	550	if (buf == NULL)
546	{	551	{
547	reason=ERR_R_MALLOC_FAILURE;	552	reason=ERR_R_MALLOC_FAILURE;
@@ -561,7 +566,7 @@ long len;
561	}	566	}
562	EVP_EncodeFinal(&ctx,buf,&outl);	567	EVP_EncodeFinal(&ctx,buf,&outl);
563	if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;	568	if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
564	Free(buf);	569	OPENSSL_free(buf);
565	if ( (BIO_write(bp,"-----END ",9) != 9) \|\|	570	if ( (BIO_write(bp,"-----END ",9) != 9) \|\|
566	(BIO_write(bp,name,nlen) != nlen) \|\|	571	(BIO_write(bp,name,nlen) != nlen) \|\|
567	(BIO_write(bp,"-----\n",6) != 6))	572	(BIO_write(bp,"-----\n",6) != 6))
@@ -572,13 +577,9 @@ err:
572	return(0);	577	return(0);
573	}	578	}
574		579
575	#ifndef NO_FP_API	580	#ifndef OPENSSL_NO_FP_API
576	int PEM_read(fp, name, header, data,len)	581	int PEM_read(FILE fp, char name, char header, unsigned char *data,
577	FILE *fp;	582	long *len)
578	char **name;
579	char **header;
580	unsigned char **data;
581	long *len;
582	{	583	{
583	BIO *b;	584	BIO *b;
584	int ret;	585	int ret;
@@ -595,12 +596,8 @@ long *len;
595	}	596	}
596	#endif	597	#endif
597		598
598	int PEM_read_bio(bp, name, header, data, len)	599	int PEM_read_bio(BIO bp, char name, char header, unsigned char *data,
599	BIO *bp;	600	long *len)
600	char **name;
601	char **header;
602	unsigned char **data;
603	long *len;
604	{	601	{
605	EVP_ENCODE_CTX ctx;	602	EVP_ENCODE_CTX ctx;
606	int end=0,i,k,bl=0,hl=0,nohead=0;	603	int end=0,i,k,bl=0,hl=0,nohead=0;
@@ -643,7 +640,7 @@ long *len;
643	PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);	640	PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
644	goto err;	641	goto err;
645	}	642	}
646	strncpy(nameB->data,&(buf[11]),(unsigned int)i-6);	643	memcpy(nameB->data,&(buf[11]),i-6);
647	nameB->data[i-6]='\0';	644	nameB->data[i-6]='\0';
648	break;	645	break;
649	}	646	}
@@ -668,7 +665,7 @@ long *len;
668	nohead=1;	665	nohead=1;
669	break;	666	break;
670	}	667	}
671	strncpy(&(headerB->data[hl]),buf,(unsigned int)i);	668	memcpy(&(headerB->data[hl]),buf,i);
672	headerB->data[hl+i]='\0';	669	headerB->data[hl+i]='\0';
673	hl+=i;	670	hl+=i;
674	}	671	}
@@ -696,7 +693,7 @@ long *len;
696	PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);	693	PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
697	goto err;	694	goto err;
698	}	695	}
699	strncpy(&(dataB->data[bl]),buf,(unsigned int)i);	696	memcpy(&(dataB->data[bl]),buf,i);
700	dataB->data[bl+i]='\0';	697	dataB->data[bl+i]='\0';
701	bl+=i;	698	bl+=i;
702	if (end)	699	if (end)
@@ -721,7 +718,7 @@ long *len;
721	}	718	}
722	i=strlen(nameB->data);	719	i=strlen(nameB->data);
723	if ( (strncmp(buf,"-----END ",9) != 0) \|\|	720	if ( (strncmp(buf,"-----END ",9) != 0) \|\|
724	(strncmp(nameB->data,&(buf[9]),(unsigned int)i) != 0) \|\|	721	(strncmp(nameB->data,&(buf[9]),i) != 0) \|\|
725	(strncmp(&(buf[9+i]),"-----\n",6) != 0))	722	(strncmp(&(buf[9+i]),"-----\n",6) != 0))
726	{	723	{
727	PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);	724	PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
@@ -750,9 +747,9 @@ long *len;
750	*header=headerB->data;	747	*header=headerB->data;
751	data=(unsigned char )dataB->data;	748	data=(unsigned char )dataB->data;
752	*len=bl;	749	*len=bl;
753	Free(nameB);	750	OPENSSL_free(nameB);
754	Free(headerB);	751	OPENSSL_free(headerB);
755	Free(dataB);	752	OPENSSL_free(dataB);
756	return(1);	753	return(1);
757	err:	754	err:
758	BUF_MEM_free(nameB);	755	BUF_MEM_free(nameB);