X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=crypto%2Fpem%2Fpem_all.c;h=60f5188f309e5af482ca9f2a7788b0bfaabb7909;hb=7f6af7d9db1a5e5f13dc0a0b03bea166ff24c3cb;hp=d1cda7aabe4395f3bbc5e1ef87da8718e7d4980b;hpb=78414a6a897db42c9bcf06aa21c705811ab33921;p=openssl.git diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c index d1cda7aabe..60f5188f30 100644 --- a/crypto/pem/pem_all.c +++ b/crypto/pem/pem_all.c @@ -55,434 +55,245 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ #include #undef SSLEAY_MACROS #include "cryptlib.h" -#include "bio.h" -#include "evp.h" -#include "x509.h" -#include "pkcs7.h" -#include "pem.h" - -#ifndef NO_FP_API -/* The X509 functions */ -X509 *PEM_read_X509(fp,x,cb) -FILE *fp; -X509 **x; -int (*cb)(); - { - return((X509 *)PEM_ASN1_read((char *(*)())d2i_X509, - PEM_STRING_X509,fp,(char **)x,cb)); - } -#endif - -X509 *PEM_read_bio_X509(bp,x,cb) -BIO *bp; -X509 **x; -int (*cb)(); - { - return((X509 *)PEM_ASN1_read_bio((char *(*)())d2i_X509, - PEM_STRING_X509,bp,(char **)x,cb)); - } - -#ifndef NO_FP_API -int PEM_write_X509(fp,x) -FILE *fp; -X509 *x; - { - return(PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, - (char *)x, NULL,NULL,0,NULL)); - } +#include +#include +#include +#include +#include + +#ifndef OPENSSL_NO_RSA +static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); #endif - -int PEM_write_bio_X509(bp,x) -BIO *bp; -X509 *x; - { - return(PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, - (char *)x, NULL,NULL,0,NULL)); - } - -#ifndef NO_FP_API -/* The X509_REQ functions */ -X509_REQ *PEM_read_X509_REQ(fp,x,cb) -FILE *fp; -X509_REQ **x; -int (*cb)(); - { - return((X509_REQ *)PEM_ASN1_read((char *(*)())d2i_X509_REQ, - PEM_STRING_X509_REQ,fp,(char **)x,cb)); - } +#ifndef OPENSSL_NO_DSA +static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); #endif -X509_REQ *PEM_read_bio_X509_REQ(bp,x,cb) -BIO *bp; -X509_REQ **x; -int (*cb)(); - { - return((X509_REQ *)PEM_ASN1_read_bio((char *(*)())d2i_X509_REQ, - PEM_STRING_X509_REQ,bp,(char **)x,cb)); - } - -#ifndef NO_FP_API -int PEM_write_X509_REQ(fp,x) -FILE *fp; -X509_REQ *x; - { - return(PEM_ASN1_write((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp, - (char *)x, NULL,NULL,0,NULL)); - } +#ifndef OPENSSL_NO_EC +static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey); #endif -int PEM_write_bio_X509_REQ(bp,x) -BIO *bp; -X509_REQ *x; - { - return(PEM_ASN1_write_bio((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ, - bp,(char *)x, NULL,NULL,0,NULL)); - } +IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) -#ifndef NO_FP_API -/* The X509_CRL functions */ -X509_CRL *PEM_read_X509_CRL(fp,x,cb) -FILE *fp; -X509_CRL **x; -int (*cb)(); - { - return((X509_CRL *)PEM_ASN1_read((char *(*)())d2i_X509_CRL, - PEM_STRING_X509_CRL,fp,(char **)x,cb)); - } -#endif +IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ) -X509_CRL *PEM_read_bio_X509_CRL(bp,x,cb) -BIO *bp; -X509_CRL **x; -int (*cb)(); - { - return((X509_CRL *)PEM_ASN1_read_bio((char *(*)())d2i_X509_CRL, - PEM_STRING_X509_CRL,bp,(char **)x,cb)); - } +IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL) -#ifndef NO_FP_API -int PEM_write_X509_CRL(fp,x) -FILE *fp; -X509_CRL *x; - { - return(PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,fp, - (char *)x, NULL,NULL,0,NULL)); - } -#endif +IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7) -int PEM_write_bio_X509_CRL(bp,x) -BIO *bp; -X509_CRL *x; - { - return(PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, - bp,(char *)x, NULL,NULL,0,NULL)); - } +IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE, + PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE) -#ifndef NO_RSA -#ifndef NO_FP_API -/* The RSAPrivateKey functions */ -RSA *PEM_read_RSAPrivateKey(fp,x,cb) -FILE *fp; -RSA **x; -int (*cb)(); - { - return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPrivateKey, - PEM_STRING_RSA,fp,(char **)x,cb)); - } - -RSA *PEM_read_RSAPublicKey(fp,x,cb) -FILE *fp; -RSA **x; -int (*cb)(); - { - return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPublicKey, - PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb)); - } -#endif -RSA *PEM_read_bio_RSAPrivateKey(bp,x,cb) -BIO *bp; -RSA **x; -int (*cb)(); - { - return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPrivateKey, - PEM_STRING_RSA,bp,(char **)x,cb)); - } +#ifndef OPENSSL_NO_RSA -RSA *PEM_read_bio_RSAPublicKey(bp,x,cb) -BIO *bp; -RSA **x; -int (*cb)(); - { - return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPublicKey, - PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb)); - } +/* We treat RSA or DSA private keys as a special case. + * + * For private keys we read in an EVP_PKEY structure with + * PEM_read_bio_PrivateKey() and extract the relevant private + * key: this means can handle "traditional" and PKCS#8 formats + * transparently. + */ -#ifndef NO_FP_API -int PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb) -FILE *fp; -RSA *x; -EVP_CIPHER *enc; -unsigned char *kstr; -int klen; -int (*cb)(); - { - return(PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp, - (char *)x,enc,kstr,klen,cb)); - } +static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa) +{ + RSA *rtmp; + if(!key) return NULL; + rtmp = EVP_PKEY_get1_RSA(key); + EVP_PKEY_free(key); + if(!rtmp) return NULL; + if(rsa) { + RSA_free(*rsa); + *rsa = rtmp; + } + return rtmp; +} + +RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb, + void *u) +{ + EVP_PKEY *pktmp; + pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); + return pkey_get_rsa(pktmp, rsa); +} + +#ifndef OPENSSL_NO_FP_API + +RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, + void *u) +{ + EVP_PKEY *pktmp; + pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); + return pkey_get_rsa(pktmp, rsa); +} -int PEM_write_RSAPublicKey(fp,x) -FILE *fp; -RSA *x; - { - return(PEM_ASN1_write((int (*)())i2d_RSAPublicKey, - PEM_STRING_RSA_PUBLIC,fp, - (char *)x,NULL,NULL,0,NULL)); - } #endif -int PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb) -BIO *bp; -RSA *x; -EVP_CIPHER *enc; -unsigned char *kstr; -int klen; -int (*cb)(); - { - return(PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA, - bp,(char *)x,enc,kstr,klen,cb)); - } +IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) +IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) +IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) -int PEM_write_bio_RSAPublicKey(bp,x) -BIO *bp; -RSA *x; - { - return(PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, - PEM_STRING_RSA_PUBLIC, - bp,(char *)x,NULL,NULL,0,NULL)); - } -#endif /* !NO_RSA */ - -#ifndef NO_DSA -#ifndef NO_FP_API -/* The DSAPrivateKey functions */ -DSA *PEM_read_DSAPrivateKey(fp,x,cb) -FILE *fp; -DSA **x; -int (*cb)(); - { - return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAPrivateKey, - PEM_STRING_DSA,fp,(char **)x,cb)); - } #endif -DSA *PEM_read_bio_DSAPrivateKey(bp,x,cb) -BIO *bp; -DSA **x; -int (*cb)(); - { - return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAPrivateKey, - PEM_STRING_DSA,bp,(char **)x,cb)); - } +#ifndef OPENSSL_NO_DSA + +static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa) +{ + DSA *dtmp; + if(!key) return NULL; + dtmp = EVP_PKEY_get1_DSA(key); + EVP_PKEY_free(key); + if(!dtmp) return NULL; + if(dsa) { + DSA_free(*dsa); + *dsa = dtmp; + } + return dtmp; +} + +DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, + void *u) +{ + EVP_PKEY *pktmp; + pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); + return pkey_get_dsa(pktmp, dsa); +} + +IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) +IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) + +#ifndef OPENSSL_NO_FP_API + +DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, + void *u) +{ + EVP_PKEY *pktmp; + pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); + return pkey_get_dsa(pktmp, dsa); +} -#ifndef NO_FP_API -int PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb) -FILE *fp; -DSA *x; -EVP_CIPHER *enc; -unsigned char *kstr; -int klen; -int (*cb)(); - { - return(PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp, - (char *)x,enc,kstr,klen,cb)); - } #endif -int PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb) -BIO *bp; -DSA *x; -EVP_CIPHER *enc; -unsigned char *kstr; -int klen; -int (*cb)(); - { - return(PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA, - bp,(char *)x,enc,kstr,klen,cb)); - } -#endif +IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) -#ifndef NO_FP_API -/* The PrivateKey functions */ -EVP_PKEY *PEM_read_PrivateKey(fp,x,cb) -FILE *fp; -EVP_PKEY **x; -int (*cb)(); - { - return((EVP_PKEY *)PEM_ASN1_read((char *(*)())d2i_PrivateKey, - PEM_STRING_EVP_PKEY,fp,(char **)x,cb)); - } #endif -EVP_PKEY *PEM_read_bio_PrivateKey(bp,x,cb) -BIO *bp; -EVP_PKEY **x; -int (*cb)(); - { - return((EVP_PKEY *)PEM_ASN1_read_bio((char *(*)())d2i_PrivateKey, - PEM_STRING_EVP_PKEY,bp,(char **)x,cb)); - } -#ifndef NO_FP_API -int PEM_write_PrivateKey(fp,x,enc,kstr,klen,cb) -FILE *fp; -EVP_PKEY *x; -EVP_CIPHER *enc; -unsigned char *kstr; -int klen; -int (*cb)(); +#ifndef OPENSSL_NO_EC +static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey) +{ + EC_KEY *dtmp; + if(!key) return NULL; + dtmp = EVP_PKEY_get1_EC_KEY(key); + EVP_PKEY_free(key); + if(!dtmp) return NULL; + if(eckey) { - return(PEM_ASN1_write((int (*)())i2d_PrivateKey, - ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), - fp,(char *)x,enc,kstr,klen,cb)); + EC_KEY_free(*eckey); + *eckey = dtmp; } -#endif + return dtmp; +} -int PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb) -BIO *bp; -EVP_PKEY *x; -EVP_CIPHER *enc; -unsigned char *kstr; -int klen; -int (*cb)(); - { - return(PEM_ASN1_write_bio((int (*)())i2d_PrivateKey, - ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), - bp,(char *)x,enc,kstr,klen,cb)); - } +EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, + void *u) +{ + EVP_PKEY *pktmp; + pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); + return pkey_get_eckey(pktmp, key); +} -#ifndef NO_FP_API -/* The PKCS7 functions */ -PKCS7 *PEM_read_PKCS7(fp,x,cb) -FILE *fp; -PKCS7 **x; -int (*cb)(); - { - return((PKCS7 *)PEM_ASN1_read((char *(*)())d2i_PKCS7, - PEM_STRING_PKCS7,fp,(char **)x,cb)); - } -#endif +IMPLEMENT_PEM_rw(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters) -PKCS7 *PEM_read_bio_PKCS7(bp,x,cb) -BIO *bp; -PKCS7 **x; -int (*cb)(); - { - return((PKCS7 *)PEM_ASN1_read_bio((char *(*)())d2i_PKCS7, - PEM_STRING_PKCS7,bp,(char **)x,cb)); - } +IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey) -#ifndef NO_FP_API -int PEM_write_PKCS7(fp,x) -FILE *fp; -PKCS7 *x; - { - return(PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, - (char *)x, NULL,NULL,0,NULL)); - } -#endif +IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) -int PEM_write_bio_PKCS7(bp,x) -BIO *bp; -PKCS7 *x; - { - return(PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, - (char *)x, NULL,NULL,0,NULL)); - } +#ifndef OPENSSL_NO_FP_API + +EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, + void *u) +{ + EVP_PKEY *pktmp; + pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); + return pkey_get_eckey(pktmp, eckey); +} -#ifndef NO_DH -#ifndef NO_FP_API -/* The DHparams functions */ -DH *PEM_read_DHparams(fp,x,cb) -FILE *fp; -DH **x; -int (*cb)(); - { - return((DH *)PEM_ASN1_read((char *(*)())d2i_DHparams, - PEM_STRING_DHPARAMS,fp,(char **)x,cb)); - } #endif -DH *PEM_read_bio_DHparams(bp,x,cb) -BIO *bp; -DH **x; -int (*cb)(); - { - return((DH *)PEM_ASN1_read_bio((char *(*)())d2i_DHparams, - PEM_STRING_DHPARAMS,bp,(char **)x,cb)); - } - -#ifndef NO_FP_API -int PEM_write_DHparams(fp,x) -FILE *fp; -DH *x; - { - return(PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp, - (char *)x, NULL,NULL,0,NULL)); - } #endif -int PEM_write_bio_DHparams(bp,x) -BIO *bp; -DH *x; - { - return(PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS, - bp,(char *)x, NULL,NULL,0,NULL)); - } -#endif +#ifndef OPENSSL_NO_DH + +IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) -#ifndef NO_DSA -#ifndef NO_FP_API -/* The DSAparams functions */ -DSA *PEM_read_DSAparams(fp,x,cb) -FILE *fp; -DSA **x; -int (*cb)(); - { - return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAparams, - PEM_STRING_DSAPARAMS,fp,(char **)x,cb)); - } #endif -DSA *PEM_read_bio_DSAparams(bp,x,cb) -BIO *bp; -DSA **x; -int (*cb)(); - { - return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAparams, - PEM_STRING_DSAPARAMS,bp,(char **)x,cb)); - } -#ifndef NO_FP_API -int PEM_write_DSAparams(fp,x) -FILE *fp; -DSA *x; - { - return(PEM_ASN1_write((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS,fp, - (char *)x, NULL,NULL,0,NULL)); - } -#endif +/* The PrivateKey case is not that straightforward. + * IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey) + * does not work, RSA and DSA keys have specific strings. + * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything + * appropriate.) + */ +IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\ + (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey) -int PEM_write_bio_DSAparams(bp,x) -BIO *bp; -DSA *x; - { - return(PEM_ASN1_write_bio((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS, - bp,(char *)x, NULL,NULL,0,NULL)); - } -#endif +IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)