1 files changed, 15 insertions, 85 deletions
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 42e4861bc1..cbafefe416 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -57,7 +57,6 @@
 */
 #include <stdio.h>
-#include <ctype.h>
 #include "cryptlib.h"
 #include <openssl/buffer.h>
 #include <openssl/objects.h>
@@ -66,13 +65,9 @@
 #include <openssl/x509.h>
 #include <openssl/pem.h>
 #include <openssl/pkcs12.h>
-#include "asn1_locl.h"
 #ifndef OPENSSL_NO_DES
 #include <openssl/des.h>
 #endif
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
 const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT;
@@ -80,7 +75,6 @@ const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT;
 static int load_iv(char **fromp,unsigned char *to, int num);
 static int check_pem(const char *nm, const char *name);
-int pem_check_suffix(const char *pem_str, const char *suffix);
 int PEM_def_callback(char *buf, int num, int w, void *key)
        {
@@ -105,7 +99,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
        for (;;)
                {
-                i=EVP_read_pw_string_min(buf,MIN_LENGTH,num,prompt,w);
+                i=EVP_read_pw_string(buf,num,prompt,w);
                if (i != 0)
                        {
                        PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
@@ -189,54 +183,20 @@ static int check_pem(const char *nm, const char *name)
        /* Make PEM_STRING_EVP_PKEY match any private key */
-        if(!strcmp(name,PEM_STRING_EVP_PKEY))
+        if(!strcmp(nm,PEM_STRING_PKCS8) &&
-                {
+                !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-                int slen;
-                const EVP_PKEY_ASN1_METHOD *ameth;
-                if(!strcmp(nm,PEM_STRING_PKCS8))
-                        return 1;
-                if(!strcmp(nm,PEM_STRING_PKCS8INF))
-                        return 1;
-                slen = pem_check_suffix(nm, "PRIVATE KEY"); 
-                if (slen > 0)
-                        {
-                        /* NB: ENGINE implementations wont contain
-                         * a deprecated old private key decode function
-                         * so don't look for them.
-                         */
-                        ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
-                        if (ameth && ameth->old_priv_decode)
-                                return 1;
-                        }
-                return 0;
-                }
-        if(!strcmp(name,PEM_STRING_PARAMETERS))
+        if(!strcmp(nm,PEM_STRING_PKCS8INF) &&
-                {
+                 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-                int slen;
-                const EVP_PKEY_ASN1_METHOD *ameth;
-                slen = pem_check_suffix(nm, "PARAMETERS"); 
-                if (slen > 0)
-                        {
-                        ENGINE *e;
-                        ameth = EVP_PKEY_asn1_find_str(&e, nm, slen);
-                        if (ameth)
-                                {
-                                int r;
-                                if (ameth->param_decode)
-                                        r = 1;
-                                else
-                                        r = 0;
-#ifndef OPENSSL_NO_ENGINE
-                                if (e)
-                                        ENGINE_finish(e);
-#endif
-                                return r;
-                                }
-                        }
-                return 0;
-                }
+        if(!strcmp(nm,PEM_STRING_RSA) &&
+                !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
+        if(!strcmp(nm,PEM_STRING_DSA) &&
+                 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
+        if(!strcmp(nm,PEM_STRING_ECPRIVATEKEY) &&
+                 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
        /* Permit older strings */
        if(!strcmp(nm,PEM_STRING_X509_OLD) &&
@@ -259,14 +219,6 @@ static int check_pem(const char *nm, const char *name)
        if(!strcmp(nm, PEM_STRING_PKCS7_SIGNED) &&
                !strcmp(name, PEM_STRING_PKCS7)) return 1;
-#ifndef OPENSSL_NO_CMS
-        if(!strcmp(nm, PEM_STRING_X509) &&
-                !strcmp(name, PEM_STRING_CMS)) return 1;
-        /* Allow CMS to be read from PKCS#7 headers */
-        if(!strcmp(nm, PEM_STRING_PKCS7) &&
-                !strcmp(name, PEM_STRING_CMS)) return 1;
-#endif
        return 0;
 }
@@ -312,7 +264,7 @@ err:
 #ifndef OPENSSL_NO_FP_API
 int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
-                   void *x, const EVP_CIPHER *enc, unsigned char *kstr,
+                   char *x, const EVP_CIPHER *enc, unsigned char *kstr,
                   int klen, pem_password_cb *callback, void *u)
        {
        BIO *b;
@@ -331,7 +283,7 @@ int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
 #endif
 int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
-                       void *x, const EVP_CIPHER *enc, unsigned char *kstr,
+                       char *x, const EVP_CIPHER *enc, unsigned char *kstr,
                       int klen, pem_password_cb *callback, void *u)
        {
        EVP_CIPHER_CTX ctx;
@@ -830,25 +782,3 @@ err:
        BUF_MEM_free(dataB);
        return(0);
        }
-/* Check pem string and return prefix length.
- * If for example the pem_str == "RSA PRIVATE KEY" and suffix = "PRIVATE KEY"
- * the return value is 3 for the string "RSA".
- */
-int pem_check_suffix(const char *pem_str, const char *suffix)
-        {
-        int pem_len = strlen(pem_str);
-        int suffix_len = strlen(suffix);
-        const char *p;
-        if (suffix_len + 1 >= pem_len)
-                return 0;
-        p = pem_str + pem_len - suffix_len;
-        if (strcmp(p, suffix))
-                return 0;
-        p--;
-        if (*p != ' ')
-                return 0;
-        return p - pem_str;
-        }

diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c index 42e4861bc1..cbafefe416 100644 --- a/src/lib/libcrypto/pem/pem_lib.c +++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -57,7 +57,6 @@
57	*/	57	*/
58		58
59	#include <stdio.h>	59	#include <stdio.h>
60	#include <ctype.h>
61	#include "cryptlib.h"	60	#include "cryptlib.h"
62	#include <openssl/buffer.h>	61	#include <openssl/buffer.h>
63	#include <openssl/objects.h>	62	#include <openssl/objects.h>
@@ -66,13 +65,9 @@
66	#include <openssl/x509.h>	65	#include <openssl/x509.h>
67	#include <openssl/pem.h>	66	#include <openssl/pem.h>
68	#include <openssl/pkcs12.h>	67	#include <openssl/pkcs12.h>
69	#include "asn1_locl.h"
70	#ifndef OPENSSL_NO_DES	68	#ifndef OPENSSL_NO_DES
71	#include <openssl/des.h>	69	#include <openssl/des.h>
72	#endif	70	#endif
73	#ifndef OPENSSL_NO_ENGINE
74	#include <openssl/engine.h>
75	#endif
76		71
77	const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT;	72	const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT;
78		73
@@ -80,7 +75,6 @@ const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT;
80		75
81	static int load_iv(char *fromp,unsigned char to, int num);	76	static int load_iv(char *fromp,unsigned char to, int num);
82	static int check_pem(const char nm, const char name);	77	static int check_pem(const char nm, const char name);
83	int pem_check_suffix(const char pem_str, const char suffix);
84		78
85	int PEM_def_callback(char buf, int num, int w, void key)	79	int PEM_def_callback(char buf, int num, int w, void key)
86	{	80	{
@@ -105,7 +99,7 @@ int PEM_def_callback(char buf, int num, int w, void key)
105		99
106	for (;;)	100	for (;;)
107	{	101	{
108	i=EVP_read_pw_string_min(buf,MIN_LENGTH,num,prompt,w);	102	i=EVP_read_pw_string(buf,num,prompt,w);
109	if (i != 0)	103	if (i != 0)
110	{	104	{
111	PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);	105	PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
@@ -189,54 +183,20 @@ static int check_pem(const char nm, const char name)
189		183
190	/* Make PEM_STRING_EVP_PKEY match any private key */	184	/* Make PEM_STRING_EVP_PKEY match any private key */
191		185
192	if(!strcmp(name,PEM_STRING_EVP_PKEY))	186	if(!strcmp(nm,PEM_STRING_PKCS8) &&
193	{	187	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
194	int slen;
195	const EVP_PKEY_ASN1_METHOD *ameth;
196	if(!strcmp(nm,PEM_STRING_PKCS8))
197	return 1;
198	if(!strcmp(nm,PEM_STRING_PKCS8INF))
199	return 1;
200	slen = pem_check_suffix(nm, "PRIVATE KEY");
201	if (slen > 0)
202	{
203	/* NB: ENGINE implementations wont contain
204	* a deprecated old private key decode function
205	* so don't look for them.
206	*/
207	ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
208	if (ameth && ameth->old_priv_decode)
209	return 1;
210	}
211	return 0;
212	}
213		188
214	if(!strcmp(name,PEM_STRING_PARAMETERS))	189	if(!strcmp(nm,PEM_STRING_PKCS8INF) &&
215	{	190	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
216	int slen;
217	const EVP_PKEY_ASN1_METHOD *ameth;
218	slen = pem_check_suffix(nm, "PARAMETERS");
219	if (slen > 0)
220	{
221	ENGINE *e;
222	ameth = EVP_PKEY_asn1_find_str(&e, nm, slen);
223	if (ameth)
224	{
225	int r;
226	if (ameth->param_decode)
227	r = 1;
228	else
229	r = 0;
230	#ifndef OPENSSL_NO_ENGINE
231	if (e)
232	ENGINE_finish(e);
233	#endif
234	return r;
235	}
236	}
237	return 0;
238	}
239		191
		192	if(!strcmp(nm,PEM_STRING_RSA) &&
		193	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
		194
		195	if(!strcmp(nm,PEM_STRING_DSA) &&
		196	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
		197
		198	if(!strcmp(nm,PEM_STRING_ECPRIVATEKEY) &&
		199	!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
240	/* Permit older strings */	200	/* Permit older strings */
241		201
242	if(!strcmp(nm,PEM_STRING_X509_OLD) &&	202	if(!strcmp(nm,PEM_STRING_X509_OLD) &&
@@ -259,14 +219,6 @@ static int check_pem(const char nm, const char name)
259	if(!strcmp(nm, PEM_STRING_PKCS7_SIGNED) &&	219	if(!strcmp(nm, PEM_STRING_PKCS7_SIGNED) &&
260	!strcmp(name, PEM_STRING_PKCS7)) return 1;	220	!strcmp(name, PEM_STRING_PKCS7)) return 1;
261		221
262	#ifndef OPENSSL_NO_CMS
263	if(!strcmp(nm, PEM_STRING_X509) &&
264	!strcmp(name, PEM_STRING_CMS)) return 1;
265	/* Allow CMS to be read from PKCS#7 headers */
266	if(!strcmp(nm, PEM_STRING_PKCS7) &&
267	!strcmp(name, PEM_STRING_CMS)) return 1;
268	#endif
269
270	return 0;	222	return 0;
271	}	223	}
272		224
@@ -312,7 +264,7 @@ err:
312		264
313	#ifndef OPENSSL_NO_FP_API	265	#ifndef OPENSSL_NO_FP_API
314	int PEM_ASN1_write(i2d_of_void i2d, const char name, FILE *fp,	266	int PEM_ASN1_write(i2d_of_void i2d, const char name, FILE *fp,
315	void x, const EVP_CIPHER enc, unsigned char *kstr,	267	char x, const EVP_CIPHER enc, unsigned char *kstr,
316	int klen, pem_password_cb callback, void u)	268	int klen, pem_password_cb callback, void u)
317	{	269	{
318	BIO *b;	270	BIO *b;
@@ -331,7 +283,7 @@ int PEM_ASN1_write(i2d_of_void i2d, const char name, FILE *fp,
331	#endif	283	#endif
332		284
333	int PEM_ASN1_write_bio(i2d_of_void i2d, const char name, BIO *bp,	285	int PEM_ASN1_write_bio(i2d_of_void i2d, const char name, BIO *bp,
334	void x, const EVP_CIPHER enc, unsigned char *kstr,	286	char x, const EVP_CIPHER enc, unsigned char *kstr,
335	int klen, pem_password_cb callback, void u)	287	int klen, pem_password_cb callback, void u)
336	{	288	{
337	EVP_CIPHER_CTX ctx;	289	EVP_CIPHER_CTX ctx;
@@ -830,25 +782,3 @@ err:
830	BUF_MEM_free(dataB);	782	BUF_MEM_free(dataB);
831	return(0);	783	return(0);
832	}	784	}
833
834	/* Check pem string and return prefix length.
835	* If for example the pem_str == "RSA PRIVATE KEY" and suffix = "PRIVATE KEY"
836	* the return value is 3 for the string "RSA".
837	*/
838
839	int pem_check_suffix(const char pem_str, const char suffix)
840	{
841	int pem_len = strlen(pem_str);
842	int suffix_len = strlen(suffix);
843	const char *p;
844	if (suffix_len + 1 >= pem_len)
845	return 0;
846	p = pem_str + pem_len - suffix_len;
847	if (strcmp(p, suffix))
848	return 0;
849	p--;
850	if (*p != ' ')
851	return 0;
852	return p - pem_str;
853	}
854