summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pem
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/pem')
-rw-r--r--src/lib/libcrypto/pem/Makefile241
-rw-r--r--src/lib/libcrypto/pem/message16
-rw-r--r--src/lib/libcrypto/pem/pem.h777
-rw-r--r--src/lib/libcrypto/pem/pem2.h70
-rw-r--r--src/lib/libcrypto/pem/pem_all.c308
-rw-r--r--src/lib/libcrypto/pem/pem_err.c135
-rw-r--r--src/lib/libcrypto/pem/pem_info.c397
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c781
-rw-r--r--src/lib/libcrypto/pem/pem_oth.c86
-rw-r--r--src/lib/libcrypto/pem/pem_pk8.c242
-rw-r--r--src/lib/libcrypto/pem/pem_pkey.c149
-rw-r--r--src/lib/libcrypto/pem/pem_seal.c189
-rw-r--r--src/lib/libcrypto/pem/pem_sign.c102
-rw-r--r--src/lib/libcrypto/pem/pem_x509.c69
-rw-r--r--src/lib/libcrypto/pem/pem_xaux.c69
-rw-r--r--src/lib/libcrypto/pem/pkcs7.lis22
16 files changed, 3653 insertions, 0 deletions
diff --git a/src/lib/libcrypto/pem/Makefile b/src/lib/libcrypto/pem/Makefile
new file mode 100644
index 0000000000..742194fd24
--- /dev/null
+++ b/src/lib/libcrypto/pem/Makefile
@@ -0,0 +1,241 @@
1#
2# OpenSSL/crypto/pem/Makefile
3#
4
5DIR= pem
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST=
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c \
21 pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c
22
23LIBOBJ= pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o \
24 pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o
25
26SRC= $(LIBSRC)
27
28EXHEADER= pem.h pem2.h
29HEADER= $(EXHEADER)
30
31ALL= $(GENERAL) $(SRC) $(HEADER)
32
33top:
34 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
35
36all: lib
37
38lib: $(LIBOBJ)
39 $(AR) $(LIB) $(LIBOBJ)
40 $(RANLIB) $(LIB) || echo Never mind.
41 @touch lib
42
43files:
44 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
45
46links: $(EXHEADER)
47 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
48 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
49 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
50
51install:
52 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
53 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
54 do \
55 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
56 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
57 done;
58
59tags:
60 ctags $(SRC)
61
62tests:
63
64lint:
65 lint -DLINT $(INCLUDES) $(SRC)>fluff
66
67depend:
68 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
69 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
70
71dclean:
72 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
73 mv -f Makefile.new $(MAKEFILE)
74
75clean:
76 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
77
78# DO NOT DELETE THIS LINE -- make depend depends on it.
79
80pem_all.o: ../../e_os.h ../../include/openssl/asn1.h
81pem_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
82pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
83pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
84pem_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
85pem_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
86pem_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
87pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
88pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
89pem_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
90pem_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
91pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
92pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
93pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
94pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_all.c
95pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
96pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
97pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
98pem_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
99pem_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
100pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
101pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
102pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
103pem_err.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
104pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
105pem_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
106pem_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
107pem_err.o: ../../include/openssl/x509_vfy.h pem_err.c
108pem_info.o: ../../e_os.h ../../include/openssl/asn1.h
109pem_info.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
110pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
111pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
112pem_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
113pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
114pem_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
115pem_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
116pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
117pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
118pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
119pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
120pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
121pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
122pem_info.o: ../cryptlib.h pem_info.c
123pem_lib.o: ../../e_os.h ../../include/openssl/asn1.h
124pem_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
125pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
126pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
127pem_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
128pem_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
129pem_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
130pem_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
131pem_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
132pem_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
133pem_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
134pem_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
135pem_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
136pem_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
137pem_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
138pem_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
139pem_lib.o: ../cryptlib.h pem_lib.c
140pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h
141pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
142pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
143pem_oth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
144pem_oth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
145pem_oth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
146pem_oth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
147pem_oth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
148pem_oth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
149pem_oth.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
150pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
151pem_oth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
152pem_oth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
153pem_oth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_oth.c
154pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h
155pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
156pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
157pem_pk8.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
158pem_pk8.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
159pem_pk8.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
160pem_pk8.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
161pem_pk8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
162pem_pk8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
163pem_pk8.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
164pem_pk8.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
165pem_pk8.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
166pem_pk8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
167pem_pk8.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
168pem_pk8.o: ../cryptlib.h pem_pk8.c
169pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
170pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
171pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
172pem_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
173pem_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
174pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
175pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
176pem_pkey.o: ../../include/openssl/opensslconf.h
177pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
178pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
179pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
180pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
181pem_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
182pem_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
183pem_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pkey.c
184pem_seal.o: ../../e_os.h ../../include/openssl/asn1.h
185pem_seal.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
186pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
187pem_seal.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
188pem_seal.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
189pem_seal.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
190pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
191pem_seal.o: ../../include/openssl/opensslconf.h
192pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
193pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
194pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
195pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
196pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
197pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
198pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c
199pem_sign.o: ../../e_os.h ../../include/openssl/asn1.h
200pem_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
201pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
202pem_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
203pem_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
204pem_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
205pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
206pem_sign.o: ../../include/openssl/opensslconf.h
207pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
208pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
209pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
210pem_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
211pem_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
212pem_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
213pem_sign.o: ../cryptlib.h pem_sign.c
214pem_x509.o: ../../e_os.h ../../include/openssl/asn1.h
215pem_x509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
216pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
217pem_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
218pem_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
219pem_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
220pem_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
221pem_x509.o: ../../include/openssl/opensslconf.h
222pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
223pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
224pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
225pem_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
226pem_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
227pem_x509.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_x509.c
228pem_xaux.o: ../../e_os.h ../../include/openssl/asn1.h
229pem_xaux.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
230pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
231pem_xaux.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
232pem_xaux.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
233pem_xaux.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
234pem_xaux.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
235pem_xaux.o: ../../include/openssl/opensslconf.h
236pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
237pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
238pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
239pem_xaux.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
240pem_xaux.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
241pem_xaux.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_xaux.c
diff --git a/src/lib/libcrypto/pem/message b/src/lib/libcrypto/pem/message
new file mode 100644
index 0000000000..e8bf9d7592
--- /dev/null
+++ b/src/lib/libcrypto/pem/message
@@ -0,0 +1,16 @@
1-----BEGIN PRIVACY-ENHANCED MESSAGE-----
2Proc-Type: 4,ENCRYPTED
3Proc-Type: 4,MIC-ONLY
4Proc-Type: 4,MIC-CLEAR
5Content-Domain: RFC822
6DEK-Info: DES-CBC,0123456789abcdef
7Originator-Certificate
8 xxxx
9Issuer-Certificate
10 xxxx
11MIC-Info: RSA-MD5,RSA,
12 xxxx
13
14
15-----END PRIVACY-ENHANCED MESSAGE-----
16
diff --git a/src/lib/libcrypto/pem/pem.h b/src/lib/libcrypto/pem/pem.h
new file mode 100644
index 0000000000..670afa670b
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem.h
@@ -0,0 +1,777 @@
1/* crypto/pem/pem.h */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_PEM_H
60#define HEADER_PEM_H
61
62#include <openssl/e_os2.h>
63#ifndef OPENSSL_NO_BIO
64#include <openssl/bio.h>
65#endif
66#ifndef OPENSSL_NO_STACK
67#include <openssl/stack.h>
68#endif
69#include <openssl/evp.h>
70#include <openssl/x509.h>
71#include <openssl/pem2.h>
72
73#ifdef __cplusplus
74extern "C" {
75#endif
76
77#define PEM_BUFSIZE 1024
78
79#define PEM_OBJ_UNDEF 0
80#define PEM_OBJ_X509 1
81#define PEM_OBJ_X509_REQ 2
82#define PEM_OBJ_CRL 3
83#define PEM_OBJ_SSL_SESSION 4
84#define PEM_OBJ_PRIV_KEY 10
85#define PEM_OBJ_PRIV_RSA 11
86#define PEM_OBJ_PRIV_DSA 12
87#define PEM_OBJ_PRIV_DH 13
88#define PEM_OBJ_PUB_RSA 14
89#define PEM_OBJ_PUB_DSA 15
90#define PEM_OBJ_PUB_DH 16
91#define PEM_OBJ_DHPARAMS 17
92#define PEM_OBJ_DSAPARAMS 18
93#define PEM_OBJ_PRIV_RSA_PUBLIC 19
94#define PEM_OBJ_PRIV_ECDSA 20
95#define PEM_OBJ_PUB_ECDSA 21
96#define PEM_OBJ_ECPARAMETERS 22
97
98#define PEM_ERROR 30
99#define PEM_DEK_DES_CBC 40
100#define PEM_DEK_IDEA_CBC 45
101#define PEM_DEK_DES_EDE 50
102#define PEM_DEK_DES_ECB 60
103#define PEM_DEK_RSA 70
104#define PEM_DEK_RSA_MD2 80
105#define PEM_DEK_RSA_MD5 90
106
107#define PEM_MD_MD2 NID_md2
108#define PEM_MD_MD5 NID_md5
109#define PEM_MD_SHA NID_sha
110#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
111#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
112#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
113
114#define PEM_STRING_X509_OLD "X509 CERTIFICATE"
115#define PEM_STRING_X509 "CERTIFICATE"
116#define PEM_STRING_X509_PAIR "CERTIFICATE PAIR"
117#define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
118#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
119#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
120#define PEM_STRING_X509_CRL "X509 CRL"
121#define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
122#define PEM_STRING_PUBLIC "PUBLIC KEY"
123#define PEM_STRING_RSA "RSA PRIVATE KEY"
124#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
125#define PEM_STRING_DSA "DSA PRIVATE KEY"
126#define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
127#define PEM_STRING_PKCS7 "PKCS7"
128#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
129#define PEM_STRING_PKCS8INF "PRIVATE KEY"
130#define PEM_STRING_DHPARAMS "DH PARAMETERS"
131#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
132#define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
133#define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
134#define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
135#define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
136#define PEM_STRING_CMS "CMS"
137
138 /* Note that this structure is initialised by PEM_SealInit and cleaned up
139 by PEM_SealFinal (at least for now) */
140typedef struct PEM_Encode_Seal_st
141 {
142 EVP_ENCODE_CTX encode;
143 EVP_MD_CTX md;
144 EVP_CIPHER_CTX cipher;
145 } PEM_ENCODE_SEAL_CTX;
146
147/* enc_type is one off */
148#define PEM_TYPE_ENCRYPTED 10
149#define PEM_TYPE_MIC_ONLY 20
150#define PEM_TYPE_MIC_CLEAR 30
151#define PEM_TYPE_CLEAR 40
152
153typedef struct pem_recip_st
154 {
155 char *name;
156 X509_NAME *dn;
157
158 int cipher;
159 int key_enc;
160 /* char iv[8]; unused and wrong size */
161 } PEM_USER;
162
163typedef struct pem_ctx_st
164 {
165 int type; /* what type of object */
166
167 struct {
168 int version;
169 int mode;
170 } proc_type;
171
172 char *domain;
173
174 struct {
175 int cipher;
176 /* unused, and wrong size
177 unsigned char iv[8]; */
178 } DEK_info;
179
180 PEM_USER *originator;
181
182 int num_recipient;
183 PEM_USER **recipient;
184
185#ifndef OPENSSL_NO_STACK
186 STACK *x509_chain; /* certificate chain */
187#else
188 char *x509_chain; /* certificate chain */
189#endif
190 EVP_MD *md; /* signature type */
191
192 int md_enc; /* is the md encrypted or not? */
193 int md_len; /* length of md_data */
194 char *md_data; /* message digest, could be pkey encrypted */
195
196 EVP_CIPHER *dec; /* date encryption cipher */
197 int key_len; /* key length */
198 unsigned char *key; /* key */
199 /* unused, and wrong size
200 unsigned char iv[8]; */
201
202
203 int data_enc; /* is the data encrypted */
204 int data_len;
205 unsigned char *data;
206 } PEM_CTX;
207
208/* These macros make the PEM_read/PEM_write functions easier to maintain and
209 * write. Now they are all implemented with either:
210 * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...)
211 */
212
213#ifdef OPENSSL_NO_FP_API
214
215#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
216#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
217#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
218
219#else
220
221#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
222type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
223{ \
224 return (type*)PEM_ASN1_read(CHECKED_D2I_OF(type, d2i_##asn1), \
225 str, fp, \
226 CHECKED_PPTR_OF(type, x), \
227 cb, u); \
228}
229
230#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
231int PEM_write_##name(FILE *fp, type *x) \
232{ \
233 return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
234 str, fp, \
235 CHECKED_PTR_OF(type, x), \
236 NULL, NULL, 0, NULL, NULL); \
237}
238
239#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
240int PEM_write_##name(FILE *fp, const type *x) \
241{ \
242 return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
243 str, fp, \
244 CHECKED_PTR_OF(const type, x), \
245 NULL, NULL, 0, NULL, NULL); \
246}
247
248#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
249int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
250 unsigned char *kstr, int klen, pem_password_cb *cb, \
251 void *u) \
252 { \
253 return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
254 str, fp, \
255 CHECKED_PTR_OF(type, x), \
256 enc, kstr, klen, cb, u); \
257 }
258
259#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
260int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
261 unsigned char *kstr, int klen, pem_password_cb *cb, \
262 void *u) \
263 { \
264 return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
265 str, fp, \
266 CHECKED_PTR_OF(const type, x), \
267 enc, kstr, klen, cb, u); \
268 }
269
270#endif
271
272#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
273type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
274{ \
275 return (type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i_##asn1), \
276 str, bp, \
277 CHECKED_PPTR_OF(type, x), \
278 cb, u); \
279}
280
281#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
282int PEM_write_bio_##name(BIO *bp, type *x) \
283{ \
284 return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
285 str, bp, \
286 CHECKED_PTR_OF(type, x), \
287 NULL, NULL, 0, NULL, NULL); \
288}
289
290#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
291int PEM_write_bio_##name(BIO *bp, const type *x) \
292{ \
293 return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
294 str, bp, \
295 CHECKED_PTR_OF(const type, x), \
296 NULL, NULL, 0, NULL, NULL); \
297}
298
299#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
300int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
301 unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
302 { \
303 return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
304 str, bp, \
305 CHECKED_PTR_OF(type, x), \
306 enc, kstr, klen, cb, u); \
307 }
308
309#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
310int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
311 unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
312 { \
313 return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
314 str, bp, \
315 CHECKED_PTR_OF(const type, x), \
316 enc, kstr, klen, cb, u); \
317 }
318
319#define IMPLEMENT_PEM_write(name, type, str, asn1) \
320 IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
321 IMPLEMENT_PEM_write_fp(name, type, str, asn1)
322
323#define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
324 IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
325 IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
326
327#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
328 IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
329 IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
330
331#define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
332 IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
333 IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
334
335#define IMPLEMENT_PEM_read(name, type, str, asn1) \
336 IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
337 IMPLEMENT_PEM_read_fp(name, type, str, asn1)
338
339#define IMPLEMENT_PEM_rw(name, type, str, asn1) \
340 IMPLEMENT_PEM_read(name, type, str, asn1) \
341 IMPLEMENT_PEM_write(name, type, str, asn1)
342
343#define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
344 IMPLEMENT_PEM_read(name, type, str, asn1) \
345 IMPLEMENT_PEM_write_const(name, type, str, asn1)
346
347#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
348 IMPLEMENT_PEM_read(name, type, str, asn1) \
349 IMPLEMENT_PEM_write_cb(name, type, str, asn1)
350
351/* These are the same except they are for the declarations */
352
353#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_NO_FP_API)
354
355#define DECLARE_PEM_read_fp(name, type) /**/
356#define DECLARE_PEM_write_fp(name, type) /**/
357#define DECLARE_PEM_write_cb_fp(name, type) /**/
358
359#else
360
361#define DECLARE_PEM_read_fp(name, type) \
362 type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
363
364#define DECLARE_PEM_write_fp(name, type) \
365 int PEM_write_##name(FILE *fp, type *x);
366
367#define DECLARE_PEM_write_fp_const(name, type) \
368 int PEM_write_##name(FILE *fp, const type *x);
369
370#define DECLARE_PEM_write_cb_fp(name, type) \
371 int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
372 unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
373
374#endif
375
376#ifndef OPENSSL_NO_BIO
377#define DECLARE_PEM_read_bio(name, type) \
378 type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
379
380#define DECLARE_PEM_write_bio(name, type) \
381 int PEM_write_bio_##name(BIO *bp, type *x);
382
383#define DECLARE_PEM_write_bio_const(name, type) \
384 int PEM_write_bio_##name(BIO *bp, const type *x);
385
386#define DECLARE_PEM_write_cb_bio(name, type) \
387 int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
388 unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
389
390#else
391
392#define DECLARE_PEM_read_bio(name, type) /**/
393#define DECLARE_PEM_write_bio(name, type) /**/
394#define DECLARE_PEM_write_cb_bio(name, type) /**/
395
396#endif
397
398#define DECLARE_PEM_write(name, type) \
399 DECLARE_PEM_write_bio(name, type) \
400 DECLARE_PEM_write_fp(name, type)
401
402#define DECLARE_PEM_write_const(name, type) \
403 DECLARE_PEM_write_bio_const(name, type) \
404 DECLARE_PEM_write_fp_const(name, type)
405
406#define DECLARE_PEM_write_cb(name, type) \
407 DECLARE_PEM_write_cb_bio(name, type) \
408 DECLARE_PEM_write_cb_fp(name, type)
409
410#define DECLARE_PEM_read(name, type) \
411 DECLARE_PEM_read_bio(name, type) \
412 DECLARE_PEM_read_fp(name, type)
413
414#define DECLARE_PEM_rw(name, type) \
415 DECLARE_PEM_read(name, type) \
416 DECLARE_PEM_write(name, type)
417
418#define DECLARE_PEM_rw_const(name, type) \
419 DECLARE_PEM_read(name, type) \
420 DECLARE_PEM_write_const(name, type)
421
422#define DECLARE_PEM_rw_cb(name, type) \
423 DECLARE_PEM_read(name, type) \
424 DECLARE_PEM_write_cb(name, type)
425
426#ifdef SSLEAY_MACROS
427
428#define PEM_write_SSL_SESSION(fp,x) \
429 PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
430 PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
431#define PEM_write_X509(fp,x) \
432 PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
433 (char *)x, NULL,NULL,0,NULL,NULL)
434#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
435 (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
436 NULL,NULL,0,NULL,NULL)
437#define PEM_write_X509_CRL(fp,x) \
438 PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
439 fp,(char *)x, NULL,NULL,0,NULL,NULL)
440#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
441 PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
442 (char *)x,enc,kstr,klen,cb,u)
443#define PEM_write_RSAPublicKey(fp,x) \
444 PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
445 PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
446#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
447 PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
448 (char *)x,enc,kstr,klen,cb,u)
449#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
450 PEM_ASN1_write((int (*)())i2d_PrivateKey,\
451 (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
452 bp,(char *)x,enc,kstr,klen,cb,u)
453#define PEM_write_PKCS7(fp,x) \
454 PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
455 (char *)x, NULL,NULL,0,NULL,NULL)
456#define PEM_write_DHparams(fp,x) \
457 PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
458 (char *)x,NULL,NULL,0,NULL,NULL)
459
460#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \
461 PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
462 PEM_STRING_X509,fp, \
463 (char *)x, NULL,NULL,0,NULL,NULL)
464
465#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
466 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
467#define PEM_read_X509(fp,x,cb,u) (X509 *)PEM_ASN1_read( \
468 (char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb,u)
469#define PEM_read_X509_REQ(fp,x,cb,u) (X509_REQ *)PEM_ASN1_read( \
470 (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb,u)
471#define PEM_read_X509_CRL(fp,x,cb,u) (X509_CRL *)PEM_ASN1_read( \
472 (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb,u)
473#define PEM_read_RSAPrivateKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
474 (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb,u)
475#define PEM_read_RSAPublicKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
476 (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb,u)
477#define PEM_read_DSAPrivateKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
478 (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb,u)
479#define PEM_read_PrivateKey(fp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read( \
480 (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb,u)
481#define PEM_read_PKCS7(fp,x,cb,u) (PKCS7 *)PEM_ASN1_read( \
482 (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb,u)
483#define PEM_read_DHparams(fp,x,cb,u) (DH *)PEM_ASN1_read( \
484 (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb,u)
485
486#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb,u) \
487 (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \
488 (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\
489 (char **)x,cb,u)
490
491#define PEM_write_bio_X509(bp,x) \
492 PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
493 (char *)x, NULL,NULL,0,NULL,NULL)
494#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
495 (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
496 NULL,NULL,0,NULL,NULL)
497#define PEM_write_bio_X509_CRL(bp,x) \
498 PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
499 bp,(char *)x, NULL,NULL,0,NULL,NULL)
500#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
501 PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
502 bp,(char *)x,enc,kstr,klen,cb,u)
503#define PEM_write_bio_RSAPublicKey(bp,x) \
504 PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
505 PEM_STRING_RSA_PUBLIC,\
506 bp,(char *)x,NULL,NULL,0,NULL,NULL)
507#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
508 PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
509 bp,(char *)x,enc,kstr,klen,cb,u)
510#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
511 PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
512 (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
513 bp,(char *)x,enc,kstr,klen,cb,u)
514#define PEM_write_bio_PKCS7(bp,x) \
515 PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
516 (char *)x, NULL,NULL,0,NULL,NULL)
517#define PEM_write_bio_DHparams(bp,x) \
518 PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
519 bp,(char *)x,NULL,NULL,0,NULL,NULL)
520#define PEM_write_bio_DSAparams(bp,x) \
521 PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
522 PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL,NULL)
523
524#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \
525 PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
526 PEM_STRING_X509,bp, \
527 (char *)x, NULL,NULL,0,NULL,NULL)
528
529#define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \
530 (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u)
531#define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \
532 (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb,u)
533#define PEM_read_bio_X509_CRL(bp,x,cb,u) (X509_CRL *)PEM_ASN1_read_bio( \
534 (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb,u)
535#define PEM_read_bio_RSAPrivateKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
536 (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb,u)
537#define PEM_read_bio_RSAPublicKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
538 (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb,u)
539#define PEM_read_bio_DSAPrivateKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
540 (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb,u)
541#define PEM_read_bio_PrivateKey(bp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read_bio( \
542 (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb,u)
543
544#define PEM_read_bio_PKCS7(bp,x,cb,u) (PKCS7 *)PEM_ASN1_read_bio( \
545 (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb,u)
546#define PEM_read_bio_DHparams(bp,x,cb,u) (DH *)PEM_ASN1_read_bio( \
547 (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb,u)
548#define PEM_read_bio_DSAparams(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
549 (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb,u)
550
551#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb,u) \
552 (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \
553 (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\
554 (char **)x,cb,u)
555
556#endif
557
558#if 1
559/* "userdata": new with OpenSSL 0.9.4 */
560typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata);
561#else
562/* OpenSSL 0.9.3, 0.9.3a */
563typedef int pem_password_cb(char *buf, int size, int rwflag);
564#endif
565
566int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
567int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
568 pem_password_cb *callback,void *u);
569
570#ifndef OPENSSL_NO_BIO
571int PEM_read_bio(BIO *bp, char **name, char **header,
572 unsigned char **data,long *len);
573int PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data,
574 long len);
575int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp,
576 pem_password_cb *cb, void *u);
577void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp,
578 void **x, pem_password_cb *cb, void *u);
579
580#define PEM_ASN1_read_bio_of(type,d2i,name,bp,x,cb,u) \
581 ((type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i), \
582 name, bp, \
583 CHECKED_PPTR_OF(type, x), \
584 cb, u))
585
586int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp,char *x,
587 const EVP_CIPHER *enc,unsigned char *kstr,int klen,
588 pem_password_cb *cb, void *u);
589
590#define PEM_ASN1_write_bio_of(type,i2d,name,bp,x,enc,kstr,klen,cb,u) \
591 (PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d), \
592 name, bp, \
593 CHECKED_PTR_OF(type, x), \
594 enc, kstr, klen, cb, u))
595
596STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
597int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
598 unsigned char *kstr, int klen, pem_password_cb *cd, void *u);
599#endif
600
601#ifndef OPENSSL_SYS_WIN16
602int PEM_read(FILE *fp, char **name, char **header,
603 unsigned char **data,long *len);
604int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
605void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
606 pem_password_cb *cb, void *u);
607int PEM_ASN1_write(i2d_of_void *i2d,const char *name,FILE *fp,
608 char *x,const EVP_CIPHER *enc,unsigned char *kstr,
609 int klen,pem_password_cb *callback, void *u);
610STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
611 pem_password_cb *cb, void *u);
612#endif
613
614int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
615 EVP_MD *md_type, unsigned char **ek, int *ekl,
616 unsigned char *iv, EVP_PKEY **pubk, int npubk);
617void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
618 unsigned char *in, int inl);
619int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
620 unsigned char *out, int *outl, EVP_PKEY *priv);
621
622void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
623void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
624int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
625 unsigned int *siglen, EVP_PKEY *pkey);
626
627int PEM_def_callback(char *buf, int num, int w, void *key);
628void PEM_proc_type(char *buf, int type);
629void PEM_dek_info(char *buf, const char *type, int len, char *str);
630
631#ifndef SSLEAY_MACROS
632
633#include <openssl/symhacks.h>
634
635DECLARE_PEM_rw(X509, X509)
636
637DECLARE_PEM_rw(X509_AUX, X509)
638
639DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)
640
641DECLARE_PEM_rw(X509_REQ, X509_REQ)
642DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
643
644DECLARE_PEM_rw(X509_CRL, X509_CRL)
645
646DECLARE_PEM_rw(PKCS7, PKCS7)
647
648DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
649
650DECLARE_PEM_rw(PKCS8, X509_SIG)
651
652DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
653
654#ifndef OPENSSL_NO_RSA
655
656DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
657
658DECLARE_PEM_rw_const(RSAPublicKey, RSA)
659DECLARE_PEM_rw(RSA_PUBKEY, RSA)
660
661#endif
662
663#ifndef OPENSSL_NO_DSA
664
665DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
666
667DECLARE_PEM_rw(DSA_PUBKEY, DSA)
668
669DECLARE_PEM_rw_const(DSAparams, DSA)
670
671#endif
672
673#ifndef OPENSSL_NO_EC
674DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
675DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
676DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
677#endif
678
679#ifndef OPENSSL_NO_DH
680
681DECLARE_PEM_rw_const(DHparams, DH)
682
683#endif
684
685DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
686
687DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
688
689int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
690 char *kstr, int klen,
691 pem_password_cb *cb, void *u);
692int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
693 char *, int, pem_password_cb *, void *);
694int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
695 char *kstr, int klen,
696 pem_password_cb *cb, void *u);
697int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
698 char *kstr, int klen,
699 pem_password_cb *cb, void *u);
700EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
701
702int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
703 char *kstr, int klen,
704 pem_password_cb *cb, void *u);
705int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
706 char *kstr, int klen,
707 pem_password_cb *cb, void *u);
708int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
709 char *kstr, int klen,
710 pem_password_cb *cb, void *u);
711
712EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
713
714int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
715 char *kstr,int klen, pem_password_cb *cd, void *u);
716
717#endif /* SSLEAY_MACROS */
718
719
720/* BEGIN ERROR CODES */
721/* The following lines are auto generated by the script mkerr.pl. Any changes
722 * made after this point may be overwritten when the script is next run.
723 */
724void ERR_load_PEM_strings(void);
725
726/* Error codes for the PEM functions. */
727
728/* Function codes. */
729#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
730#define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
731#define PEM_F_DO_PK8PKEY 126
732#define PEM_F_DO_PK8PKEY_FP 125
733#define PEM_F_LOAD_IV 101
734#define PEM_F_PEM_ASN1_READ 102
735#define PEM_F_PEM_ASN1_READ_BIO 103
736#define PEM_F_PEM_ASN1_WRITE 104
737#define PEM_F_PEM_ASN1_WRITE_BIO 105
738#define PEM_F_PEM_DEF_CALLBACK 100
739#define PEM_F_PEM_DO_HEADER 106
740#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
741#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
742#define PEM_F_PEM_PK8PKEY 119
743#define PEM_F_PEM_READ 108
744#define PEM_F_PEM_READ_BIO 109
745#define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
746#define PEM_F_PEM_READ_PRIVATEKEY 124
747#define PEM_F_PEM_SEALFINAL 110
748#define PEM_F_PEM_SEALINIT 111
749#define PEM_F_PEM_SIGNFINAL 112
750#define PEM_F_PEM_WRITE 113
751#define PEM_F_PEM_WRITE_BIO 114
752#define PEM_F_PEM_X509_INFO_READ 115
753#define PEM_F_PEM_X509_INFO_READ_BIO 116
754#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
755
756/* Reason codes. */
757#define PEM_R_BAD_BASE64_DECODE 100
758#define PEM_R_BAD_DECRYPT 101
759#define PEM_R_BAD_END_LINE 102
760#define PEM_R_BAD_IV_CHARS 103
761#define PEM_R_BAD_PASSWORD_READ 104
762#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
763#define PEM_R_NOT_DEK_INFO 105
764#define PEM_R_NOT_ENCRYPTED 106
765#define PEM_R_NOT_PROC_TYPE 107
766#define PEM_R_NO_START_LINE 108
767#define PEM_R_PROBLEMS_GETTING_PASSWORD 109
768#define PEM_R_PUBLIC_KEY_NO_RSA 110
769#define PEM_R_READ_KEY 111
770#define PEM_R_SHORT_HEADER 112
771#define PEM_R_UNSUPPORTED_CIPHER 113
772#define PEM_R_UNSUPPORTED_ENCRYPTION 114
773
774#ifdef __cplusplus
775}
776#endif
777#endif
diff --git a/src/lib/libcrypto/pem/pem2.h b/src/lib/libcrypto/pem/pem2.h
new file mode 100644
index 0000000000..f31790d69c
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem2.h
@@ -0,0 +1,70 @@
1/* ====================================================================
2 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55/*
56 * This header only exists to break a circular dependency between pem and err
57 * Ben 30 Jan 1999.
58 */
59
60#ifdef __cplusplus
61extern "C" {
62#endif
63
64#ifndef HEADER_PEM_H
65void ERR_load_PEM_strings(void);
66#endif
67
68#ifdef __cplusplus
69}
70#endif
diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c
new file mode 100644
index 0000000000..66cbc7eb82
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem_all.c
@@ -0,0 +1,308 @@
1/* crypto/pem/pem_all.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <stdio.h>
113#undef SSLEAY_MACROS
114#include "cryptlib.h"
115#include <openssl/bio.h>
116#include <openssl/evp.h>
117#include <openssl/x509.h>
118#include <openssl/pkcs7.h>
119#include <openssl/pem.h>
120#ifndef OPENSSL_NO_RSA
121#include <openssl/rsa.h>
122#endif
123#ifndef OPENSSL_NO_DSA
124#include <openssl/dsa.h>
125#endif
126#ifndef OPENSSL_NO_DH
127#include <openssl/dh.h>
128#endif
129
130#ifndef OPENSSL_NO_RSA
131static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
132#endif
133#ifndef OPENSSL_NO_DSA
134static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa);
135#endif
136
137#ifndef OPENSSL_NO_EC
138static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey);
139#endif
140
141IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ)
142
143IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ)
144
145IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL)
146
147IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7)
148
149IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE,
150 PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE)
151
152
153#ifndef OPENSSL_NO_RSA
154
155/* We treat RSA or DSA private keys as a special case.
156 *
157 * For private keys we read in an EVP_PKEY structure with
158 * PEM_read_bio_PrivateKey() and extract the relevant private
159 * key: this means can handle "traditional" and PKCS#8 formats
160 * transparently.
161 */
162
163static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa)
164{
165 RSA *rtmp;
166 if(!key) return NULL;
167 rtmp = EVP_PKEY_get1_RSA(key);
168 EVP_PKEY_free(key);
169 if(!rtmp) return NULL;
170 if(rsa) {
171 RSA_free(*rsa);
172 *rsa = rtmp;
173 }
174 return rtmp;
175}
176
177RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb,
178 void *u)
179{
180 EVP_PKEY *pktmp;
181 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
182 return pkey_get_rsa(pktmp, rsa);
183}
184
185#ifndef OPENSSL_NO_FP_API
186
187RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb,
188 void *u)
189{
190 EVP_PKEY *pktmp;
191 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
192 return pkey_get_rsa(pktmp, rsa);
193}
194
195#endif
196
197IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
198IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
199IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
200
201#endif
202
203#ifndef OPENSSL_NO_DSA
204
205static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa)
206{
207 DSA *dtmp;
208 if(!key) return NULL;
209 dtmp = EVP_PKEY_get1_DSA(key);
210 EVP_PKEY_free(key);
211 if(!dtmp) return NULL;
212 if(dsa) {
213 DSA_free(*dsa);
214 *dsa = dtmp;
215 }
216 return dtmp;
217}
218
219DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
220 void *u)
221{
222 EVP_PKEY *pktmp;
223 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
224 return pkey_get_dsa(pktmp, dsa);
225}
226
227IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
228IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
229
230#ifndef OPENSSL_NO_FP_API
231
232DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb,
233 void *u)
234{
235 EVP_PKEY *pktmp;
236 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
237 return pkey_get_dsa(pktmp, dsa);
238}
239
240#endif
241
242IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
243
244#endif
245
246
247#ifndef OPENSSL_NO_EC
248static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey)
249{
250 EC_KEY *dtmp;
251 if(!key) return NULL;
252 dtmp = EVP_PKEY_get1_EC_KEY(key);
253 EVP_PKEY_free(key);
254 if(!dtmp) return NULL;
255 if(eckey)
256 {
257 EC_KEY_free(*eckey);
258 *eckey = dtmp;
259 }
260 return dtmp;
261}
262
263EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb,
264 void *u)
265{
266 EVP_PKEY *pktmp;
267 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
268 return pkey_get_eckey(pktmp, key);
269}
270
271IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters)
272
273IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey)
274
275IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
276
277#ifndef OPENSSL_NO_FP_API
278
279EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb,
280 void *u)
281{
282 EVP_PKEY *pktmp;
283 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
284 return pkey_get_eckey(pktmp, eckey);
285}
286
287#endif
288
289#endif
290
291#ifndef OPENSSL_NO_DH
292
293IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
294
295#endif
296
297
298/* The PrivateKey case is not that straightforward.
299 * IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
300 * does not work, RSA and DSA keys have specific strings.
301 * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
302 * appropriate.)
303 */
304IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\
305 (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey)
306
307IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
308
diff --git a/src/lib/libcrypto/pem/pem_err.c b/src/lib/libcrypto/pem/pem_err.c
new file mode 100644
index 0000000000..3133563d77
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem_err.c
@@ -0,0 +1,135 @@
1/* crypto/pem/pem_err.c */
2/* ====================================================================
3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/pem.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
70
71static ERR_STRING_DATA PEM_str_functs[]=
72 {
73{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"},
74{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"},
75{ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"},
76{ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"},
77{ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"},
78{ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"},
79{ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"},
80{ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"},
81{ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"},
82{ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"},
83{ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
84{ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
85{ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"},
86{ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"},
87{ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
88{ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
89{ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"},
90{ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"},
91{ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"},
92{ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"},
93{ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"},
94{ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"},
95{ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"},
96{ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"},
97{ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"},
98{ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"},
99{0,NULL}
100 };
101
102static ERR_STRING_DATA PEM_str_reasons[]=
103 {
104{ERR_REASON(PEM_R_BAD_BASE64_DECODE) ,"bad base64 decode"},
105{ERR_REASON(PEM_R_BAD_DECRYPT) ,"bad decrypt"},
106{ERR_REASON(PEM_R_BAD_END_LINE) ,"bad end line"},
107{ERR_REASON(PEM_R_BAD_IV_CHARS) ,"bad iv chars"},
108{ERR_REASON(PEM_R_BAD_PASSWORD_READ) ,"bad password read"},
109{ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY),"error converting private key"},
110{ERR_REASON(PEM_R_NOT_DEK_INFO) ,"not dek info"},
111{ERR_REASON(PEM_R_NOT_ENCRYPTED) ,"not encrypted"},
112{ERR_REASON(PEM_R_NOT_PROC_TYPE) ,"not proc type"},
113{ERR_REASON(PEM_R_NO_START_LINE) ,"no start line"},
114{ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),"problems getting password"},
115{ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA) ,"public key no rsa"},
116{ERR_REASON(PEM_R_READ_KEY) ,"read key"},
117{ERR_REASON(PEM_R_SHORT_HEADER) ,"short header"},
118{ERR_REASON(PEM_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"},
119{ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION),"unsupported encryption"},
120{0,NULL}
121 };
122
123#endif
124
125void ERR_load_PEM_strings(void)
126 {
127#ifndef OPENSSL_NO_ERR
128
129 if (ERR_func_error_string(PEM_str_functs[0].error) == NULL)
130 {
131 ERR_load_strings(0,PEM_str_functs);
132 ERR_load_strings(0,PEM_str_reasons);
133 }
134#endif
135 }
diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c
new file mode 100644
index 0000000000..3a273f6f70
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem_info.c
@@ -0,0 +1,397 @@
1/* crypto/pem/pem_info.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65#include <openssl/pem.h>
66#ifndef OPENSSL_NO_RSA
67#include <openssl/rsa.h>
68#endif
69#ifndef OPENSSL_NO_DSA
70#include <openssl/dsa.h>
71#endif
72
73#ifndef OPENSSL_NO_FP_API
74STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
75 {
76 BIO *b;
77 STACK_OF(X509_INFO) *ret;
78
79 if ((b=BIO_new(BIO_s_file())) == NULL)
80 {
81 PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB);
82 return(0);
83 }
84 BIO_set_fp(b,fp,BIO_NOCLOSE);
85 ret=PEM_X509_INFO_read_bio(b,sk,cb,u);
86 BIO_free(b);
87 return(ret);
88 }
89#endif
90
91STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
92 {
93 X509_INFO *xi=NULL;
94 char *name=NULL,*header=NULL;
95 void *pp;
96 unsigned char *data=NULL;
97 const unsigned char *p;
98 long len,error=0;
99 int ok=0;
100 STACK_OF(X509_INFO) *ret=NULL;
101 unsigned int i,raw;
102 d2i_of_void *d2i;
103
104 if (sk == NULL)
105 {
106 if ((ret=sk_X509_INFO_new_null()) == NULL)
107 {
108 PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE);
109 goto err;
110 }
111 }
112 else
113 ret=sk;
114
115 if ((xi=X509_INFO_new()) == NULL) goto err;
116 for (;;)
117 {
118 raw=0;
119 i=PEM_read_bio(bp,&name,&header,&data,&len);
120 if (i == 0)
121 {
122 error=ERR_GET_REASON(ERR_peek_last_error());
123 if (error == PEM_R_NO_START_LINE)
124 {
125 ERR_clear_error();
126 break;
127 }
128 goto err;
129 }
130start:
131 if ( (strcmp(name,PEM_STRING_X509) == 0) ||
132 (strcmp(name,PEM_STRING_X509_OLD) == 0))
133 {
134 d2i=(D2I_OF(void))d2i_X509;
135 if (xi->x509 != NULL)
136 {
137 if (!sk_X509_INFO_push(ret,xi)) goto err;
138 if ((xi=X509_INFO_new()) == NULL) goto err;
139 goto start;
140 }
141 pp=&(xi->x509);
142 }
143 else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0))
144 {
145 d2i=(D2I_OF(void))d2i_X509_AUX;
146 if (xi->x509 != NULL)
147 {
148 if (!sk_X509_INFO_push(ret,xi)) goto err;
149 if ((xi=X509_INFO_new()) == NULL) goto err;
150 goto start;
151 }
152 pp=&(xi->x509);
153 }
154 else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
155 {
156 d2i=(D2I_OF(void))d2i_X509_CRL;
157 if (xi->crl != NULL)
158 {
159 if (!sk_X509_INFO_push(ret,xi)) goto err;
160 if ((xi=X509_INFO_new()) == NULL) goto err;
161 goto start;
162 }
163 pp=&(xi->crl);
164 }
165 else
166#ifndef OPENSSL_NO_RSA
167 if (strcmp(name,PEM_STRING_RSA) == 0)
168 {
169 d2i=(D2I_OF(void))d2i_RSAPrivateKey;
170 if (xi->x_pkey != NULL)
171 {
172 if (!sk_X509_INFO_push(ret,xi)) goto err;
173 if ((xi=X509_INFO_new()) == NULL) goto err;
174 goto start;
175 }
176
177 xi->enc_data=NULL;
178 xi->enc_len=0;
179
180 xi->x_pkey=X509_PKEY_new();
181 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
182 goto err;
183 xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA;
184 pp=&(xi->x_pkey->dec_pkey->pkey.rsa);
185 if ((int)strlen(header) > 10) /* assume encrypted */
186 raw=1;
187 }
188 else
189#endif
190#ifndef OPENSSL_NO_DSA
191 if (strcmp(name,PEM_STRING_DSA) == 0)
192 {
193 d2i=(D2I_OF(void))d2i_DSAPrivateKey;
194 if (xi->x_pkey != NULL)
195 {
196 if (!sk_X509_INFO_push(ret,xi)) goto err;
197 if ((xi=X509_INFO_new()) == NULL) goto err;
198 goto start;
199 }
200
201 xi->enc_data=NULL;
202 xi->enc_len=0;
203
204 xi->x_pkey=X509_PKEY_new();
205 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
206 goto err;
207 xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA;
208 pp=&xi->x_pkey->dec_pkey->pkey.dsa;
209 if ((int)strlen(header) > 10) /* assume encrypted */
210 raw=1;
211 }
212 else
213#endif
214#ifndef OPENSSL_NO_EC
215 if (strcmp(name,PEM_STRING_ECPRIVATEKEY) == 0)
216 {
217 d2i=(D2I_OF(void))d2i_ECPrivateKey;
218 if (xi->x_pkey != NULL)
219 {
220 if (!sk_X509_INFO_push(ret,xi)) goto err;
221 if ((xi=X509_INFO_new()) == NULL) goto err;
222 goto start;
223 }
224
225 xi->enc_data=NULL;
226 xi->enc_len=0;
227
228 xi->x_pkey=X509_PKEY_new();
229 if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
230 goto err;
231 xi->x_pkey->dec_pkey->type=EVP_PKEY_EC;
232 pp=&(xi->x_pkey->dec_pkey->pkey.ec);
233 if ((int)strlen(header) > 10) /* assume encrypted */
234 raw=1;
235 }
236 else
237#endif
238 {
239 d2i=NULL;
240 pp=NULL;
241 }
242
243 if (d2i != NULL)
244 {
245 if (!raw)
246 {
247 EVP_CIPHER_INFO cipher;
248
249 if (!PEM_get_EVP_CIPHER_INFO(header,&cipher))
250 goto err;
251 if (!PEM_do_header(&cipher,data,&len,cb,u))
252 goto err;
253 p=data;
254 if (d2i(pp,&p,len) == NULL)
255 {
256 PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
257 goto err;
258 }
259 }
260 else
261 { /* encrypted RSA data */
262 if (!PEM_get_EVP_CIPHER_INFO(header,
263 &xi->enc_cipher)) goto err;
264 xi->enc_data=(char *)data;
265 xi->enc_len=(int)len;
266 data=NULL;
267 }
268 }
269 else {
270 /* unknown */
271 }
272 if (name != NULL) OPENSSL_free(name);
273 if (header != NULL) OPENSSL_free(header);
274 if (data != NULL) OPENSSL_free(data);
275 name=NULL;
276 header=NULL;
277 data=NULL;
278 }
279
280 /* if the last one hasn't been pushed yet and there is anything
281 * in it then add it to the stack ...
282 */
283 if ((xi->x509 != NULL) || (xi->crl != NULL) ||
284 (xi->x_pkey != NULL) || (xi->enc_data != NULL))
285 {
286 if (!sk_X509_INFO_push(ret,xi)) goto err;
287 xi=NULL;
288 }
289 ok=1;
290err:
291 if (xi != NULL) X509_INFO_free(xi);
292 if (!ok)
293 {
294 for (i=0; ((int)i)<sk_X509_INFO_num(ret); i++)
295 {
296 xi=sk_X509_INFO_value(ret,i);
297 X509_INFO_free(xi);
298 }
299 if (ret != sk) sk_X509_INFO_free(ret);
300 ret=NULL;
301 }
302
303 if (name != NULL) OPENSSL_free(name);
304 if (header != NULL) OPENSSL_free(header);
305 if (data != NULL) OPENSSL_free(data);
306 return(ret);
307 }
308
309
310/* A TJH addition */
311int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
312 unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
313 {
314 EVP_CIPHER_CTX ctx;
315 int i,ret=0;
316 unsigned char *data=NULL;
317 const char *objstr=NULL;
318 char buf[PEM_BUFSIZE];
319 unsigned char *iv=NULL;
320
321 if (enc != NULL)
322 {
323 objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
324 if (objstr == NULL)
325 {
326 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
327 goto err;
328 }
329 }
330
331 /* now for the fun part ... if we have a private key then
332 * we have to be able to handle a not-yet-decrypted key
333 * being written out correctly ... if it is decrypted or
334 * it is non-encrypted then we use the base code
335 */
336 if (xi->x_pkey!=NULL)
337 {
338 if ( (xi->enc_data!=NULL) && (xi->enc_len>0) )
339 {
340 /* copy from weirdo names into more normal things */
341 iv=xi->enc_cipher.iv;
342 data=(unsigned char *)xi->enc_data;
343 i=xi->enc_len;
344
345 /* we take the encryption data from the
346 * internal stuff rather than what the
347 * user has passed us ... as we have to
348 * match exactly for some strange reason
349 */
350 objstr=OBJ_nid2sn(
351 EVP_CIPHER_nid(xi->enc_cipher.cipher));
352 if (objstr == NULL)
353 {
354 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
355 goto err;
356 }
357
358 /* create the right magic header stuff */
359 OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
360 buf[0]='\0';
361 PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
362 PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
363
364 /* use the normal code to write things out */
365 i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
366 if (i <= 0) goto err;
367 }
368 else
369 {
370 /* Add DSA/DH */
371#ifndef OPENSSL_NO_RSA
372 /* normal optionally encrypted stuff */
373 if (PEM_write_bio_RSAPrivateKey(bp,
374 xi->x_pkey->dec_pkey->pkey.rsa,
375 enc,kstr,klen,cb,u)<=0)
376 goto err;
377#endif
378 }
379 }
380
381 /* if we have a certificate then write it out now */
382 if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp,xi->x509) <= 0))
383 goto err;
384
385 /* we are ignoring anything else that is loaded into the X509_INFO
386 * structure for the moment ... as I don't need it so I'm not
387 * coding it here and Eric can do it when this makes it into the
388 * base library --tjh
389 */
390
391 ret=1;
392
393err:
394 OPENSSL_cleanse((char *)&ctx,sizeof(ctx));
395 OPENSSL_cleanse(buf,PEM_BUFSIZE);
396 return(ret);
397 }
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
new file mode 100644
index 0000000000..9bae4c8850
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -0,0 +1,781 @@
1/* crypto/pem/pem_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/rand.h>
65#include <openssl/x509.h>
66#include <openssl/pem.h>
67#include <openssl/pkcs12.h>
68#ifndef OPENSSL_NO_DES
69#include <openssl/des.h>
70#endif
71
72const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT;
73
74#define MIN_LENGTH 4
75
76static int load_iv(char **fromp,unsigned char *to, int num);
77static int check_pem(const char *nm, const char *name);
78
79int PEM_def_callback(char *buf, int num, int w, void *key)
80 {
81#ifdef OPENSSL_NO_FP_API
82 /* We should not ever call the default callback routine from
83 * windows. */
84 PEMerr(PEM_F_PEM_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
85 return(-1);
86#else
87 int i,j;
88 const char *prompt;
89 if(key) {
90 i=strlen(key);
91 i=(i > num)?num:i;
92 memcpy(buf,key,i);
93 return(i);
94 }
95
96 prompt=EVP_get_pw_prompt();
97 if (prompt == NULL)
98 prompt="Enter PEM pass phrase:";
99
100 for (;;)
101 {
102 i=EVP_read_pw_string(buf,num,prompt,w);
103 if (i != 0)
104 {
105 PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
106 memset(buf,0,(unsigned int)num);
107 return(-1);
108 }
109 j=strlen(buf);
110 if (j < MIN_LENGTH)
111 {
112 fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH);
113 }
114 else
115 break;
116 }
117 return(j);
118#endif
119 }
120
121void PEM_proc_type(char *buf, int type)
122 {
123 const char *str;
124
125 if (type == PEM_TYPE_ENCRYPTED)
126 str="ENCRYPTED";
127 else if (type == PEM_TYPE_MIC_CLEAR)
128 str="MIC-CLEAR";
129 else if (type == PEM_TYPE_MIC_ONLY)
130 str="MIC-ONLY";
131 else
132 str="BAD-TYPE";
133
134 BUF_strlcat(buf,"Proc-Type: 4,",PEM_BUFSIZE);
135 BUF_strlcat(buf,str,PEM_BUFSIZE);
136 BUF_strlcat(buf,"\n",PEM_BUFSIZE);
137 }
138
139void PEM_dek_info(char *buf, const char *type, int len, char *str)
140 {
141 static const unsigned char map[17]="0123456789ABCDEF";
142 long i;
143 int j;
144
145 BUF_strlcat(buf,"DEK-Info: ",PEM_BUFSIZE);
146 BUF_strlcat(buf,type,PEM_BUFSIZE);
147 BUF_strlcat(buf,",",PEM_BUFSIZE);
148 j=strlen(buf);
149 if (j + (len * 2) + 1 > PEM_BUFSIZE)
150 return;
151 for (i=0; i<len; i++)
152 {
153 buf[j+i*2] =map[(str[i]>>4)&0x0f];
154 buf[j+i*2+1]=map[(str[i] )&0x0f];
155 }
156 buf[j+i*2]='\n';
157 buf[j+i*2+1]='\0';
158 }
159
160#ifndef OPENSSL_NO_FP_API
161void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
162 pem_password_cb *cb, void *u)
163 {
164 BIO *b;
165 void *ret;
166
167 if ((b=BIO_new(BIO_s_file())) == NULL)
168 {
169 PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
170 return(0);
171 }
172 BIO_set_fp(b,fp,BIO_NOCLOSE);
173 ret=PEM_ASN1_read_bio(d2i,name,b,x,cb,u);
174 BIO_free(b);
175 return(ret);
176 }
177#endif
178
179static int check_pem(const char *nm, const char *name)
180{
181 /* Normal matching nm and name */
182 if (!strcmp(nm,name)) return 1;
183
184 /* Make PEM_STRING_EVP_PKEY match any private key */
185
186 if(!strcmp(nm,PEM_STRING_PKCS8) &&
187 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
188
189 if(!strcmp(nm,PEM_STRING_PKCS8INF) &&
190 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
191
192 if(!strcmp(nm,PEM_STRING_RSA) &&
193 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
194
195 if(!strcmp(nm,PEM_STRING_DSA) &&
196 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
197
198 if(!strcmp(nm,PEM_STRING_ECPRIVATEKEY) &&
199 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
200 /* Permit older strings */
201
202 if(!strcmp(nm,PEM_STRING_X509_OLD) &&
203 !strcmp(name,PEM_STRING_X509)) return 1;
204
205 if(!strcmp(nm,PEM_STRING_X509_REQ_OLD) &&
206 !strcmp(name,PEM_STRING_X509_REQ)) return 1;
207
208 /* Allow normal certs to be read as trusted certs */
209 if(!strcmp(nm,PEM_STRING_X509) &&
210 !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
211
212 if(!strcmp(nm,PEM_STRING_X509_OLD) &&
213 !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
214
215 /* Some CAs use PKCS#7 with CERTIFICATE headers */
216 if(!strcmp(nm, PEM_STRING_X509) &&
217 !strcmp(name, PEM_STRING_PKCS7)) return 1;
218
219 return 0;
220}
221
222int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp,
223 pem_password_cb *cb, void *u)
224 {
225 EVP_CIPHER_INFO cipher;
226 char *nm=NULL,*header=NULL;
227 unsigned char *data=NULL;
228 long len;
229 int ret = 0;
230
231 for (;;)
232 {
233 if (!PEM_read_bio(bp,&nm,&header,&data,&len)) {
234 if(ERR_GET_REASON(ERR_peek_error()) ==
235 PEM_R_NO_START_LINE)
236 ERR_add_error_data(2, "Expecting: ", name);
237 return 0;
238 }
239 if(check_pem(nm, name)) break;
240 OPENSSL_free(nm);
241 OPENSSL_free(header);
242 OPENSSL_free(data);
243 }
244 if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
245 if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
246
247 *pdata = data;
248 *plen = len;
249
250 if (pnm)
251 *pnm = nm;
252
253 ret = 1;
254
255err:
256 if (!ret || !pnm) OPENSSL_free(nm);
257 OPENSSL_free(header);
258 if (!ret) OPENSSL_free(data);
259 return ret;
260 }
261
262#ifndef OPENSSL_NO_FP_API
263int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
264 char *x, const EVP_CIPHER *enc, unsigned char *kstr,
265 int klen, pem_password_cb *callback, void *u)
266 {
267 BIO *b;
268 int ret;
269
270 if ((b=BIO_new(BIO_s_file())) == NULL)
271 {
272 PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB);
273 return(0);
274 }
275 BIO_set_fp(b,fp,BIO_NOCLOSE);
276 ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback,u);
277 BIO_free(b);
278 return(ret);
279 }
280#endif
281
282int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
283 char *x, const EVP_CIPHER *enc, unsigned char *kstr,
284 int klen, pem_password_cb *callback, void *u)
285 {
286 EVP_CIPHER_CTX ctx;
287 int dsize=0,i,j,ret=0;
288 unsigned char *p,*data=NULL;
289 const char *objstr=NULL;
290 char buf[PEM_BUFSIZE];
291 unsigned char key[EVP_MAX_KEY_LENGTH];
292 unsigned char iv[EVP_MAX_IV_LENGTH];
293
294 if (enc != NULL)
295 {
296 objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
297 if (objstr == NULL)
298 {
299 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
300 goto err;
301 }
302 }
303
304 if ((dsize=i2d(x,NULL)) < 0)
305 {
306 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_ASN1_LIB);
307 dsize=0;
308 goto err;
309 }
310 /* dzise + 8 bytes are needed */
311 /* actually it needs the cipher block size extra... */
312 data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20);
313 if (data == NULL)
314 {
315 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
316 goto err;
317 }
318 p=data;
319 i=i2d(x,&p);
320
321 if (enc != NULL)
322 {
323 if (kstr == NULL)
324 {
325 if (callback == NULL)
326 klen=PEM_def_callback(buf,PEM_BUFSIZE,1,u);
327 else
328 klen=(*callback)(buf,PEM_BUFSIZE,1,u);
329 if (klen <= 0)
330 {
331 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
332 goto err;
333 }
334#ifdef CHARSET_EBCDIC
335 /* Convert the pass phrase from EBCDIC */
336 ebcdic2ascii(buf, buf, klen);
337#endif
338 kstr=(unsigned char *)buf;
339 }
340 RAND_add(data,i,0);/* put in the RSA key. */
341 OPENSSL_assert(enc->iv_len <= (int)sizeof(iv));
342 if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
343 goto err;
344 /* The 'iv' is used as the iv and as a salt. It is
345 * NOT taken from the BytesToKey function */
346 EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
347
348 if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf,PEM_BUFSIZE);
349
350 OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
351
352 buf[0]='\0';
353 PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
354 PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
355 /* k=strlen(buf); */
356
357 EVP_CIPHER_CTX_init(&ctx);
358 EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv);
359 EVP_EncryptUpdate(&ctx,data,&j,data,i);
360 EVP_EncryptFinal_ex(&ctx,&(data[j]),&i);
361 EVP_CIPHER_CTX_cleanup(&ctx);
362 i+=j;
363 ret=1;
364 }
365 else
366 {
367 ret=1;
368 buf[0]='\0';
369 }
370 i=PEM_write_bio(bp,name,buf,data,i);
371 if (i <= 0) ret=0;
372err:
373 OPENSSL_cleanse(key,sizeof(key));
374 OPENSSL_cleanse(iv,sizeof(iv));
375 OPENSSL_cleanse((char *)&ctx,sizeof(ctx));
376 OPENSSL_cleanse(buf,PEM_BUFSIZE);
377 if (data != NULL)
378 {
379 OPENSSL_cleanse(data,(unsigned int)dsize);
380 OPENSSL_free(data);
381 }
382 return(ret);
383 }
384
385int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
386 pem_password_cb *callback,void *u)
387 {
388 int i,j,o,klen;
389 long len;
390 EVP_CIPHER_CTX ctx;
391 unsigned char key[EVP_MAX_KEY_LENGTH];
392 char buf[PEM_BUFSIZE];
393
394 len= *plen;
395
396 if (cipher->cipher == NULL) return(1);
397 if (callback == NULL)
398 klen=PEM_def_callback(buf,PEM_BUFSIZE,0,u);
399 else
400 klen=callback(buf,PEM_BUFSIZE,0,u);
401 if (klen <= 0)
402 {
403 PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
404 return(0);
405 }
406#ifdef CHARSET_EBCDIC
407 /* Convert the pass phrase from EBCDIC */
408 ebcdic2ascii(buf, buf, klen);
409#endif
410
411 EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
412 (unsigned char *)buf,klen,1,key,NULL);
413
414 j=(int)len;
415 EVP_CIPHER_CTX_init(&ctx);
416 EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
417 EVP_DecryptUpdate(&ctx,data,&i,data,j);
418 o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
419 EVP_CIPHER_CTX_cleanup(&ctx);
420 OPENSSL_cleanse((char *)buf,sizeof(buf));
421 OPENSSL_cleanse((char *)key,sizeof(key));
422 j+=i;
423 if (!o)
424 {
425 PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT);
426 return(0);
427 }
428 *plen=j;
429 return(1);
430 }
431
432int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
433 {
434 int o;
435 const EVP_CIPHER *enc=NULL;
436 char *p,c;
437 char **header_pp = &header;
438
439 cipher->cipher=NULL;
440 if ((header == NULL) || (*header == '\0') || (*header == '\n'))
441 return(1);
442 if (strncmp(header,"Proc-Type: ",11) != 0)
443 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); }
444 header+=11;
445 if (*header != '4') return(0); header++;
446 if (*header != ',') return(0); header++;
447 if (strncmp(header,"ENCRYPTED",9) != 0)
448 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); }
449 for (; (*header != '\n') && (*header != '\0'); header++)
450 ;
451 if (*header == '\0')
452 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); }
453 header++;
454 if (strncmp(header,"DEK-Info: ",10) != 0)
455 { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); }
456 header+=10;
457
458 p=header;
459 for (;;)
460 {
461 c= *header;
462#ifndef CHARSET_EBCDIC
463 if (!( ((c >= 'A') && (c <= 'Z')) || (c == '-') ||
464 ((c >= '0') && (c <= '9'))))
465 break;
466#else
467 if (!( isupper(c) || (c == '-') ||
468 isdigit(c)))
469 break;
470#endif
471 header++;
472 }
473 *header='\0';
474 o=OBJ_sn2nid(p);
475 cipher->cipher=enc=EVP_get_cipherbyname(p);
476 *header=c;
477 header++;
478
479 if (enc == NULL)
480 {
481 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
482 return(0);
483 }
484 if (!load_iv(header_pp,&(cipher->iv[0]),enc->iv_len))
485 return(0);
486
487 return(1);
488 }
489
490static int load_iv(char **fromp, unsigned char *to, int num)
491 {
492 int v,i;
493 char *from;
494
495 from= *fromp;
496 for (i=0; i<num; i++) to[i]=0;
497 num*=2;
498 for (i=0; i<num; i++)
499 {
500 if ((*from >= '0') && (*from <= '9'))
501 v= *from-'0';
502 else if ((*from >= 'A') && (*from <= 'F'))
503 v= *from-'A'+10;
504 else if ((*from >= 'a') && (*from <= 'f'))
505 v= *from-'a'+10;
506 else
507 {
508 PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS);
509 return(0);
510 }
511 from++;
512 to[i/2]|=v<<(long)((!(i&1))*4);
513 }
514
515 *fromp=from;
516 return(1);
517 }
518
519#ifndef OPENSSL_NO_FP_API
520int PEM_write(FILE *fp, char *name, char *header, unsigned char *data,
521 long len)
522 {
523 BIO *b;
524 int ret;
525
526 if ((b=BIO_new(BIO_s_file())) == NULL)
527 {
528 PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB);
529 return(0);
530 }
531 BIO_set_fp(b,fp,BIO_NOCLOSE);
532 ret=PEM_write_bio(b, name, header, data,len);
533 BIO_free(b);
534 return(ret);
535 }
536#endif
537
538int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
539 long len)
540 {
541 int nlen,n,i,j,outl;
542 unsigned char *buf = NULL;
543 EVP_ENCODE_CTX ctx;
544 int reason=ERR_R_BUF_LIB;
545
546 EVP_EncodeInit(&ctx);
547 nlen=strlen(name);
548
549 if ( (BIO_write(bp,"-----BEGIN ",11) != 11) ||
550 (BIO_write(bp,name,nlen) != nlen) ||
551 (BIO_write(bp,"-----\n",6) != 6))
552 goto err;
553
554 i=strlen(header);
555 if (i > 0)
556 {
557 if ( (BIO_write(bp,header,i) != i) ||
558 (BIO_write(bp,"\n",1) != 1))
559 goto err;
560 }
561
562 buf = OPENSSL_malloc(PEM_BUFSIZE*8);
563 if (buf == NULL)
564 {
565 reason=ERR_R_MALLOC_FAILURE;
566 goto err;
567 }
568
569 i=j=0;
570 while (len > 0)
571 {
572 n=(int)((len>(PEM_BUFSIZE*5))?(PEM_BUFSIZE*5):len);
573 EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n);
574 if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl))
575 goto err;
576 i+=outl;
577 len-=n;
578 j+=n;
579 }
580 EVP_EncodeFinal(&ctx,buf,&outl);
581 if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
582 OPENSSL_cleanse(buf, PEM_BUFSIZE*8);
583 OPENSSL_free(buf);
584 buf = NULL;
585 if ( (BIO_write(bp,"-----END ",9) != 9) ||
586 (BIO_write(bp,name,nlen) != nlen) ||
587 (BIO_write(bp,"-----\n",6) != 6))
588 goto err;
589 return(i+outl);
590err:
591 if (buf) {
592 OPENSSL_cleanse(buf, PEM_BUFSIZE*8);
593 OPENSSL_free(buf);
594 }
595 PEMerr(PEM_F_PEM_WRITE_BIO,reason);
596 return(0);
597 }
598
599#ifndef OPENSSL_NO_FP_API
600int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
601 long *len)
602 {
603 BIO *b;
604 int ret;
605
606 if ((b=BIO_new(BIO_s_file())) == NULL)
607 {
608 PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB);
609 return(0);
610 }
611 BIO_set_fp(b,fp,BIO_NOCLOSE);
612 ret=PEM_read_bio(b, name, header, data,len);
613 BIO_free(b);
614 return(ret);
615 }
616#endif
617
618int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
619 long *len)
620 {
621 EVP_ENCODE_CTX ctx;
622 int end=0,i,k,bl=0,hl=0,nohead=0;
623 char buf[256];
624 BUF_MEM *nameB;
625 BUF_MEM *headerB;
626 BUF_MEM *dataB,*tmpB;
627
628 nameB=BUF_MEM_new();
629 headerB=BUF_MEM_new();
630 dataB=BUF_MEM_new();
631 if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL))
632 {
633 BUF_MEM_free(nameB);
634 BUF_MEM_free(headerB);
635 BUF_MEM_free(dataB);
636 PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
637 return(0);
638 }
639
640 buf[254]='\0';
641 for (;;)
642 {
643 i=BIO_gets(bp,buf,254);
644
645 if (i <= 0)
646 {
647 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE);
648 goto err;
649 }
650
651 while ((i >= 0) && (buf[i] <= ' ')) i--;
652 buf[++i]='\n'; buf[++i]='\0';
653
654 if (strncmp(buf,"-----BEGIN ",11) == 0)
655 {
656 i=strlen(&(buf[11]));
657
658 if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0)
659 continue;
660 if (!BUF_MEM_grow(nameB,i+9))
661 {
662 PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
663 goto err;
664 }
665 memcpy(nameB->data,&(buf[11]),i-6);
666 nameB->data[i-6]='\0';
667 break;
668 }
669 }
670 hl=0;
671 if (!BUF_MEM_grow(headerB,256))
672 { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
673 headerB->data[0]='\0';
674 for (;;)
675 {
676 i=BIO_gets(bp,buf,254);
677 if (i <= 0) break;
678
679 while ((i >= 0) && (buf[i] <= ' ')) i--;
680 buf[++i]='\n'; buf[++i]='\0';
681
682 if (buf[0] == '\n') break;
683 if (!BUF_MEM_grow(headerB,hl+i+9))
684 { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
685 if (strncmp(buf,"-----END ",9) == 0)
686 {
687 nohead=1;
688 break;
689 }
690 memcpy(&(headerB->data[hl]),buf,i);
691 headerB->data[hl+i]='\0';
692 hl+=i;
693 }
694
695 bl=0;
696 if (!BUF_MEM_grow(dataB,1024))
697 { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
698 dataB->data[0]='\0';
699 if (!nohead)
700 {
701 for (;;)
702 {
703 i=BIO_gets(bp,buf,254);
704 if (i <= 0) break;
705
706 while ((i >= 0) && (buf[i] <= ' ')) i--;
707 buf[++i]='\n'; buf[++i]='\0';
708
709 if (i != 65) end=1;
710 if (strncmp(buf,"-----END ",9) == 0)
711 break;
712 if (i > 65) break;
713 if (!BUF_MEM_grow_clean(dataB,i+bl+9))
714 {
715 PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
716 goto err;
717 }
718 memcpy(&(dataB->data[bl]),buf,i);
719 dataB->data[bl+i]='\0';
720 bl+=i;
721 if (end)
722 {
723 buf[0]='\0';
724 i=BIO_gets(bp,buf,254);
725 if (i <= 0) break;
726
727 while ((i >= 0) && (buf[i] <= ' ')) i--;
728 buf[++i]='\n'; buf[++i]='\0';
729
730 break;
731 }
732 }
733 }
734 else
735 {
736 tmpB=headerB;
737 headerB=dataB;
738 dataB=tmpB;
739 bl=hl;
740 }
741 i=strlen(nameB->data);
742 if ( (strncmp(buf,"-----END ",9) != 0) ||
743 (strncmp(nameB->data,&(buf[9]),i) != 0) ||
744 (strncmp(&(buf[9+i]),"-----\n",6) != 0))
745 {
746 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
747 goto err;
748 }
749
750 EVP_DecodeInit(&ctx);
751 i=EVP_DecodeUpdate(&ctx,
752 (unsigned char *)dataB->data,&bl,
753 (unsigned char *)dataB->data,bl);
754 if (i < 0)
755 {
756 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
757 goto err;
758 }
759 i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k);
760 if (i < 0)
761 {
762 PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
763 goto err;
764 }
765 bl+=k;
766
767 if (bl == 0) goto err;
768 *name=nameB->data;
769 *header=headerB->data;
770 *data=(unsigned char *)dataB->data;
771 *len=bl;
772 OPENSSL_free(nameB);
773 OPENSSL_free(headerB);
774 OPENSSL_free(dataB);
775 return(1);
776err:
777 BUF_MEM_free(nameB);
778 BUF_MEM_free(headerB);
779 BUF_MEM_free(dataB);
780 return(0);
781 }
diff --git a/src/lib/libcrypto/pem/pem_oth.c b/src/lib/libcrypto/pem/pem_oth.c
new file mode 100644
index 0000000000..b33868d25a
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem_oth.c
@@ -0,0 +1,86 @@
1/* crypto/pem/pem_oth.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/rand.h>
65#include <openssl/x509.h>
66#include <openssl/pem.h>
67
68/* Handle 'other' PEMs: not private keys */
69
70void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
71 pem_password_cb *cb, void *u)
72 {
73 const unsigned char *p=NULL;
74 unsigned char *data=NULL;
75 long len;
76 char *ret=NULL;
77
78 if (!PEM_bytes_read_bio(&data, &len, NULL, name, bp, cb, u))
79 return NULL;
80 p = data;
81 ret=d2i(x,&p,len);
82 if (ret == NULL)
83 PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
84 OPENSSL_free(data);
85 return(ret);
86 }
diff --git a/src/lib/libcrypto/pem/pem_pk8.c b/src/lib/libcrypto/pem/pem_pk8.c
new file mode 100644
index 0000000000..6deab8c338
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem_pk8.c
@@ -0,0 +1,242 @@
1/* crypto/pem/pem_pkey.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/rand.h>
65#include <openssl/x509.h>
66#include <openssl/pkcs12.h>
67#include <openssl/pem.h>
68
69static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder,
70 int nid, const EVP_CIPHER *enc,
71 char *kstr, int klen,
72 pem_password_cb *cb, void *u);
73static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder,
74 int nid, const EVP_CIPHER *enc,
75 char *kstr, int klen,
76 pem_password_cb *cb, void *u);
77
78/* These functions write a private key in PKCS#8 format: it is a "drop in"
79 * replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc'
80 * is NULL then it uses the unencrypted private key form. The 'nid' versions
81 * uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0.
82 */
83
84int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
85 char *kstr, int klen,
86 pem_password_cb *cb, void *u)
87{
88 return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u);
89}
90
91int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
92 char *kstr, int klen,
93 pem_password_cb *cb, void *u)
94{
95 return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u);
96}
97
98int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
99 char *kstr, int klen,
100 pem_password_cb *cb, void *u)
101{
102 return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u);
103}
104
105int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
106 char *kstr, int klen,
107 pem_password_cb *cb, void *u)
108{
109 return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u);
110}
111
112static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
113 char *kstr, int klen,
114 pem_password_cb *cb, void *u)
115{
116 X509_SIG *p8;
117 PKCS8_PRIV_KEY_INFO *p8inf;
118 char buf[PEM_BUFSIZE];
119 int ret;
120 if(!(p8inf = EVP_PKEY2PKCS8(x))) {
121 PEMerr(PEM_F_DO_PK8PKEY,
122 PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
123 return 0;
124 }
125 if(enc || (nid != -1)) {
126 if(!kstr) {
127 if(!cb) klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
128 else klen = cb(buf, PEM_BUFSIZE, 1, u);
129 if(klen <= 0) {
130 PEMerr(PEM_F_DO_PK8PKEY,PEM_R_READ_KEY);
131 PKCS8_PRIV_KEY_INFO_free(p8inf);
132 return 0;
133 }
134
135 kstr = buf;
136 }
137 p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf);
138 if(kstr == buf) OPENSSL_cleanse(buf, klen);
139 PKCS8_PRIV_KEY_INFO_free(p8inf);
140 if(isder) ret = i2d_PKCS8_bio(bp, p8);
141 else ret = PEM_write_bio_PKCS8(bp, p8);
142 X509_SIG_free(p8);
143 return ret;
144 } else {
145 if(isder) ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
146 else ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);
147 PKCS8_PRIV_KEY_INFO_free(p8inf);
148 return ret;
149 }
150}
151
152EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
153{
154 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
155 X509_SIG *p8 = NULL;
156 int klen;
157 EVP_PKEY *ret;
158 char psbuf[PEM_BUFSIZE];
159 p8 = d2i_PKCS8_bio(bp, NULL);
160 if(!p8) return NULL;
161 if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
162 else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u);
163 if (klen <= 0) {
164 PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ);
165 X509_SIG_free(p8);
166 return NULL;
167 }
168 p8inf = PKCS8_decrypt(p8, psbuf, klen);
169 X509_SIG_free(p8);
170 if(!p8inf) return NULL;
171 ret = EVP_PKCS82PKEY(p8inf);
172 PKCS8_PRIV_KEY_INFO_free(p8inf);
173 if(!ret) return NULL;
174 if(x) {
175 if(*x) EVP_PKEY_free(*x);
176 *x = ret;
177 }
178 return ret;
179}
180
181#ifndef OPENSSL_NO_FP_API
182
183int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
184 char *kstr, int klen,
185 pem_password_cb *cb, void *u)
186{
187 return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u);
188}
189
190int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
191 char *kstr, int klen,
192 pem_password_cb *cb, void *u)
193{
194 return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u);
195}
196
197int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
198 char *kstr, int klen,
199 pem_password_cb *cb, void *u)
200{
201 return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u);
202}
203
204int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
205 char *kstr, int klen, pem_password_cb *cb, void *u)
206{
207 return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u);
208}
209
210static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
211 char *kstr, int klen,
212 pem_password_cb *cb, void *u)
213{
214 BIO *bp;
215 int ret;
216 if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
217 PEMerr(PEM_F_DO_PK8PKEY_FP,ERR_R_BUF_LIB);
218 return(0);
219 }
220 ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);
221 BIO_free(bp);
222 return ret;
223}
224
225EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
226{
227 BIO *bp;
228 EVP_PKEY *ret;
229 if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
230 PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP,ERR_R_BUF_LIB);
231 return NULL;
232 }
233 ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u);
234 BIO_free(bp);
235 return ret;
236}
237
238#endif
239
240IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
241IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,
242 PKCS8_PRIV_KEY_INFO)
diff --git a/src/lib/libcrypto/pem/pem_pkey.c b/src/lib/libcrypto/pem/pem_pkey.c
new file mode 100644
index 0000000000..4da4c31ce5
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem_pkey.c
@@ -0,0 +1,149 @@
1/* crypto/pem/pem_pkey.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/buffer.h>
62#include <openssl/objects.h>
63#include <openssl/evp.h>
64#include <openssl/rand.h>
65#include <openssl/x509.h>
66#include <openssl/pkcs12.h>
67#include <openssl/pem.h>
68
69
70EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
71 {
72 char *nm=NULL;
73 const unsigned char *p=NULL;
74 unsigned char *data=NULL;
75 long len;
76 EVP_PKEY *ret=NULL;
77
78 if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u))
79 return NULL;
80 p = data;
81
82 if (strcmp(nm,PEM_STRING_RSA) == 0)
83 ret=d2i_PrivateKey(EVP_PKEY_RSA,x,&p,len);
84 else if (strcmp(nm,PEM_STRING_DSA) == 0)
85 ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len);
86 else if (strcmp(nm,PEM_STRING_ECPRIVATEKEY) == 0)
87 ret=d2i_PrivateKey(EVP_PKEY_EC,x,&p,len);
88 else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
89 PKCS8_PRIV_KEY_INFO *p8inf;
90 p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
91 if(!p8inf) goto p8err;
92 ret = EVP_PKCS82PKEY(p8inf);
93 if(x) {
94 if(*x) EVP_PKEY_free((EVP_PKEY *)*x);
95 *x = ret;
96 }
97 PKCS8_PRIV_KEY_INFO_free(p8inf);
98 } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
99 PKCS8_PRIV_KEY_INFO *p8inf;
100 X509_SIG *p8;
101 int klen;
102 char psbuf[PEM_BUFSIZE];
103 p8 = d2i_X509_SIG(NULL, &p, len);
104 if(!p8) goto p8err;
105 if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
106 else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u);
107 if (klen <= 0) {
108 PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,
109 PEM_R_BAD_PASSWORD_READ);
110 X509_SIG_free(p8);
111 goto err;
112 }
113 p8inf = PKCS8_decrypt(p8, psbuf, klen);
114 X509_SIG_free(p8);
115 if(!p8inf) goto p8err;
116 ret = EVP_PKCS82PKEY(p8inf);
117 if(x) {
118 if(*x) EVP_PKEY_free((EVP_PKEY *)*x);
119 *x = ret;
120 }
121 PKCS8_PRIV_KEY_INFO_free(p8inf);
122 }
123p8err:
124 if (ret == NULL)
125 PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,ERR_R_ASN1_LIB);
126err:
127 OPENSSL_free(nm);
128 OPENSSL_cleanse(data, len);
129 OPENSSL_free(data);
130 return(ret);
131 }
132
133#ifndef OPENSSL_NO_FP_API
134EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
135 {
136 BIO *b;
137 EVP_PKEY *ret;
138
139 if ((b=BIO_new(BIO_s_file())) == NULL)
140 {
141 PEMerr(PEM_F_PEM_READ_PRIVATEKEY,ERR_R_BUF_LIB);
142 return(0);
143 }
144 BIO_set_fp(b,fp,BIO_NOCLOSE);
145 ret=PEM_read_bio_PrivateKey(b,x,cb,u);
146 BIO_free(b);
147 return(ret);
148 }
149#endif
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c
new file mode 100644
index 0000000000..4e554e5481
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem_seal.c
@@ -0,0 +1,189 @@
1/* crypto/pem/pem_seal.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/opensslconf.h> /* for OPENSSL_NO_RSA */
60#ifndef OPENSSL_NO_RSA
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/evp.h>
64#include <openssl/rand.h>
65#include <openssl/objects.h>
66#include <openssl/x509.h>
67#include <openssl/pem.h>
68#include <openssl/rsa.h>
69
70int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
71 unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,
72 int npubk)
73 {
74 unsigned char key[EVP_MAX_KEY_LENGTH];
75 int ret= -1;
76 int i,j,max=0;
77 char *s=NULL;
78
79 for (i=0; i<npubk; i++)
80 {
81 if (pubk[i]->type != EVP_PKEY_RSA)
82 {
83 PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA);
84 goto err;
85 }
86 j=RSA_size(pubk[i]->pkey.rsa);
87 if (j > max) max=j;
88 }
89 s=(char *)OPENSSL_malloc(max*2);
90 if (s == NULL)
91 {
92 PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE);
93 goto err;
94 }
95
96 EVP_EncodeInit(&ctx->encode);
97
98 EVP_MD_CTX_init(&ctx->md);
99 EVP_SignInit(&ctx->md,md_type);
100
101 EVP_CIPHER_CTX_init(&ctx->cipher);
102 ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk);
103 if (!ret) goto err;
104
105 /* base64 encode the keys */
106 for (i=0; i<npubk; i++)
107 {
108 j=EVP_EncodeBlock((unsigned char *)s,ek[i],
109 RSA_size(pubk[i]->pkey.rsa));
110 ekl[i]=j;
111 memcpy(ek[i],s,j+1);
112 }
113
114 ret=npubk;
115err:
116 if (s != NULL) OPENSSL_free(s);
117 OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH);
118 return(ret);
119 }
120
121void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
122 unsigned char *in, int inl)
123 {
124 unsigned char buffer[1600];
125 int i,j;
126
127 *outl=0;
128 EVP_SignUpdate(&ctx->md,in,inl);
129 for (;;)
130 {
131 if (inl <= 0) break;
132 if (inl > 1200)
133 i=1200;
134 else
135 i=inl;
136 EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i);
137 EVP_EncodeUpdate(&ctx->encode,out,&j,buffer,j);
138 *outl+=j;
139 out+=j;
140 in+=i;
141 inl-=i;
142 }
143 }
144
145int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
146 unsigned char *out, int *outl, EVP_PKEY *priv)
147 {
148 unsigned char *s=NULL;
149 int ret=0,j;
150 unsigned int i;
151
152 if (priv->type != EVP_PKEY_RSA)
153 {
154 PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA);
155 goto err;
156 }
157 i=RSA_size(priv->pkey.rsa);
158 if (i < 100) i=100;
159 s=(unsigned char *)OPENSSL_malloc(i*2);
160 if (s == NULL)
161 {
162 PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE);
163 goto err;
164 }
165
166 EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i);
167 EVP_EncodeUpdate(&ctx->encode,out,&j,s,i);
168 *outl=j;
169 out+=j;
170 EVP_EncodeFinal(&ctx->encode,out,&j);
171 *outl+=j;
172
173 if (!EVP_SignFinal(&ctx->md,s,&i,priv)) goto err;
174 *sigl=EVP_EncodeBlock(sig,s,i);
175
176 ret=1;
177err:
178 EVP_MD_CTX_cleanup(&ctx->md);
179 EVP_CIPHER_CTX_cleanup(&ctx->cipher);
180 if (s != NULL) OPENSSL_free(s);
181 return(ret);
182 }
183#else /* !OPENSSL_NO_RSA */
184
185# if PEDANTIC
186static void *dummy=&dummy;
187# endif
188
189#endif
diff --git a/src/lib/libcrypto/pem/pem_sign.c b/src/lib/libcrypto/pem/pem_sign.c
new file mode 100644
index 0000000000..c3b9808cb2
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem_sign.c
@@ -0,0 +1,102 @@
1/* crypto/pem/pem_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/rand.h>
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65#include <openssl/pem.h>
66
67void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
68 {
69 EVP_DigestInit_ex(ctx, type, NULL);
70 }
71
72void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
73 unsigned int count)
74 {
75 EVP_DigestUpdate(ctx,data,count);
76 }
77
78int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
79 EVP_PKEY *pkey)
80 {
81 unsigned char *m;
82 int i,ret=0;
83 unsigned int m_len;
84
85 m=(unsigned char *)OPENSSL_malloc(EVP_PKEY_size(pkey)+2);
86 if (m == NULL)
87 {
88 PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE);
89 goto err;
90 }
91
92 if (EVP_SignFinal(ctx,m,&m_len,pkey) <= 0) goto err;
93
94 i=EVP_EncodeBlock(sigret,m,m_len);
95 *siglen=i;
96 ret=1;
97err:
98 /* ctx has been zeroed by EVP_SignFinal() */
99 if (m != NULL) OPENSSL_free(m);
100 return(ret);
101 }
102
diff --git a/src/lib/libcrypto/pem/pem_x509.c b/src/lib/libcrypto/pem/pem_x509.c
new file mode 100644
index 0000000000..19f88d8d3a
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem_x509.c
@@ -0,0 +1,69 @@
1/* pem_x509.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2001.
4 */
5/* ====================================================================
6 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#undef SSLEAY_MACROS
61#include "cryptlib.h"
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65#include <openssl/pkcs7.h>
66#include <openssl/pem.h>
67
68IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509)
69
diff --git a/src/lib/libcrypto/pem/pem_xaux.c b/src/lib/libcrypto/pem/pem_xaux.c
new file mode 100644
index 0000000000..63ce660cf1
--- /dev/null
+++ b/src/lib/libcrypto/pem/pem_xaux.c
@@ -0,0 +1,69 @@
1/* pem_xaux.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2001.
4 */
5/* ====================================================================
6 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#undef SSLEAY_MACROS
61#include "cryptlib.h"
62#include <openssl/bio.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65#include <openssl/pkcs7.h>
66#include <openssl/pem.h>
67
68IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX)
69IMPLEMENT_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR, PEM_STRING_X509_PAIR, X509_CERT_PAIR)
diff --git a/src/lib/libcrypto/pem/pkcs7.lis b/src/lib/libcrypto/pem/pkcs7.lis
new file mode 100644
index 0000000000..be90c5d87f
--- /dev/null
+++ b/src/lib/libcrypto/pem/pkcs7.lis
@@ -0,0 +1,22 @@
121 0:d=0 hl=2 l= 0 cons: univ: SEQUENCE
2 00 2:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData
3 21 13:d=0 hl=2 l= 0 cons: cont: 00 # explicit tag
4 21 15:d=0 hl=2 l= 0 cons: univ: SEQUENCE
5 00 17:d=0 hl=2 l= 1 prim: univ: INTEGER # version
6 20 20:d=0 hl=2 l= 0 cons: univ: SET
7 21 22:d=0 hl=2 l= 0 cons: univ: SEQUENCE
8 00 24:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data
9 00 35:d=0 hl=2 l= 0 prim: univ: EOC
10 21 37:d=0 hl=2 l= 0 cons: cont: 00 # cert tag
11 20 39:d=0 hl=4 l=545 cons: univ: SEQUENCE
12 20 588:d=0 hl=4 l=524 cons: univ: SEQUENCE
13 00 1116:d=0 hl=2 l= 0 prim: univ: EOC
14 21 1118:d=0 hl=2 l= 0 cons: cont: 01 # crl tag
15 20 1120:d=0 hl=4 l=653 cons: univ: SEQUENCE
16 20 1777:d=0 hl=4 l=285 cons: univ: SEQUENCE
17 00 2066:d=0 hl=2 l= 0 prim: univ: EOC
18 21 2068:d=0 hl=2 l= 0 cons: univ: SET # signers
19 00 2070:d=0 hl=2 l= 0 prim: univ: EOC
20 00 2072:d=0 hl=2 l= 0 prim: univ: EOC
21 00 2074:d=0 hl=2 l= 0 prim: univ: EOC
2200 2076:d=0 hl=2 l= 0 prim: univ: EOC
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-10 09:58:45 +0000