* [including the GNU Public Licence.]
*/
+#ifndef NO_RSA
#include <stdio.h>
#include "cryptlib.h"
-#include "rsa.h"
-#include "objects.h"
-#include "asn1_mac.h"
-#include "evp.h"
-#include "x509.h"
+#include <openssl/rsa.h>
+#include <openssl/objects.h>
+#include <openssl/asn1_mac.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
#ifndef NO_RC4
ASN1_OCTET_STRING *private_key;
} NETSCAPE_PKEY;
-/*
- * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_LENGTH_MISMATCH);
- * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR);
- * ASN1err(ASN1_F_D2I_NETSCAPE_PKEY,ASN1_R_DECODING_ERROR);
- * ASN1err(ASN1_F_NETSCAPE_PKEY_NEW,ASN1_R_DECODING_ERROR);
- */
-#ifndef NOPROTO
static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp);
static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length);
static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *);
-#else
-static int i2d_NETSCAPE_PKEY();
-static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY();
-static NETSCAPE_PKEY *NETSCAPE_PKEY_new();
-static void NETSCAPE_PKEY_free();
-#endif
-int i2d_Netscape_RSA(a,pp,cb)
-RSA *a;
-unsigned char **pp;
-int (*cb)();
+int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)())
+{
+ return i2d_RSA_NET(a, pp, cb, 0);
+}
+
+int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
{
int i,j,l[6];
NETSCAPE_PKEY *pkey;
l[2]=i2d_X509_ALGOR(alg,NULL);
l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE);
+#ifndef CONST_STRICT
os.data=(unsigned char *)"private-key";
+#endif
os.length=11;
l[4]=i2d_ASN1_OCTET_STRING(&os,NULL);
}
if (pkey->private_key->data != NULL)
- Free((char *)pkey->private_key->data);
- if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL)
+ OPENSSL_free(pkey->private_key->data);
+ if ((pkey->private_key->data=(unsigned char *)OPENSSL_malloc(l[0])) == NULL)
{
ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
goto err;
zz=pkey->private_key->data;
i2d_RSAPrivateKey(a,&zz);
- if ((os2.data=(unsigned char *)Malloc(os2.length)) == NULL)
+ if ((os2.data=(unsigned char *)OPENSSL_malloc(os2.length)) == NULL)
{
ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
goto err;
ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ);
goto err;
}
- EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
- strlen((char *)buf),1,key,NULL);
+ i = strlen((char *)buf);
+ /* If the key is used for SGC the algorithm is modified a little. */
+ if(sgckey){
+ EVP_MD_CTX mctx;
+ EVP_DigestInit(&mctx, EVP_md5());
+ EVP_DigestUpdate(&mctx, buf, i);
+ EVP_DigestFinal(&mctx, buf, NULL);
+ memcpy(buf + 16, "SGCKEYSALT", 10);
+ i = 26;
+ }
+
+ EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
memset(buf,0,256);
EVP_CIPHER_CTX_init(&ctx);
i2d_ASN1_OCTET_STRING(&os2,&p);
ret=l[5];
err:
- if (os2.data != NULL) Free((char *)os2.data);
+ if (os2.data != NULL) OPENSSL_free(os2.data);
if (alg != NULL) X509_ALGOR_free(alg);
if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
r=r;
return(ret);
}
-RSA *d2i_Netscape_RSA(a,pp,length,cb)
-RSA **a;
-unsigned char **pp;
-long length;
-int (*cb)();
+
+RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)())
+{
+ return d2i_RSA_NET(a, pp, length, cb, 0);
+}
+
+RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey)
{
RSA *ret=NULL;
ASN1_OCTET_STRING *os=NULL;
ASN1_CTX c;
- c.pp=pp;
+ c.pp=(unsigned char **)pp; /* TMP UGLY CAST */
c.error=ASN1_R_DECODING_ERROR;
M_ASN1_D2I_Init();
(char *)os->data,os->length) != 0))
{
ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
- ASN1_BIT_STRING_free(os);
+ M_ASN1_BIT_STRING_free(os);
goto err;
}
- ASN1_BIT_STRING_free(os);
+ M_ASN1_BIT_STRING_free(os);
c.q=c.p;
- if ((ret=d2i_Netscape_RSA_2(a,&c.p,c.slen,cb)) == NULL) goto err;
- c.slen-=(c.p-c.q);
+ if ((ret=d2i_RSA_NET_2(a,(const unsigned char **)&c.p, /* TMP UGLY CAST */
+ c.slen,cb, sgckey)) == NULL) goto err;
+ /* Note: some versions of IIS key files use length values that are
+ * too small for the surrounding SEQUENCEs. This following line
+ * effectively disable length checking.
+ */
+ c.slen = 0;
M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
}
-RSA *d2i_Netscape_RSA_2(a,pp,length,cb)
-RSA **a;
-unsigned char **pp;
-long length;
-int (*cb)();
+RSA *d2i_Netscape_RSA_2(RSA **a, const unsigned char **pp, long length,
+ int (*cb)())
+{
+ return d2i_RSA_NET_2(a, pp, length, cb, 0);
+}
+
+RSA *d2i_RSA_NET_2(RSA **a, const unsigned char **pp, long length,
+ int (*cb)(), int sgckey)
{
NETSCAPE_PKEY *pkey=NULL;
RSA *ret=NULL;
ASN1_OCTET_STRING *os=NULL;
ASN1_CTX c;
- c.error=ASN1_R_ERROR_STACK;
- c.pp=pp;
+ c.error=ERR_R_NESTED_ASN1_ERROR;
+ c.pp=(unsigned char **)pp;
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
goto err;
}
- EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
- strlen((char *)buf),1,key,NULL);
+ i = strlen((char *)buf);
+ if(sgckey){
+ EVP_MD_CTX mctx;
+ EVP_DigestInit(&mctx, EVP_md5());
+ EVP_DigestUpdate(&mctx, buf, i);
+ EVP_DigestFinal(&mctx, buf, NULL);
+ memcpy(buf + 16, "SGCKEYSALT", 10);
+ i = 26;
+ }
+
+ EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
memset(buf,0,256);
EVP_CIPHER_CTX_init(&ctx);
}
zz=pkey->private_key->data;
- if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
+ if ((ret=d2i_RSAPrivateKey(a,(const unsigned char **)&zz, /* TMP UGLY CAST */
+ pkey->private_key->length)) == NULL)
{
ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
goto err;
*pp=c.p;
err:
if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
- if (os != NULL) ASN1_BIT_STRING_free(os);
+ if (os != NULL) M_ASN1_BIT_STRING_free(os);
if (alg != NULL) X509_ALGOR_free(alg);
return(ret);
}
-static int i2d_NETSCAPE_PKEY(a,pp)
-NETSCAPE_PKEY *a;
-unsigned char **pp;
+static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp)
{
M_ASN1_I2D_vars(a);
M_ASN1_I2D_finish();
}
-static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(a,pp,length)
-NETSCAPE_PKEY **a;
-unsigned char **pp;
-long length;
+static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, unsigned char **pp,
+ long length)
{
M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new);
M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY);
}
-static NETSCAPE_PKEY *NETSCAPE_PKEY_new()
+static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void)
{
NETSCAPE_PKEY *ret=NULL;
+ ASN1_CTX c;
M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
- M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
M_ASN1_New(ret->algor,X509_ALGOR_new);
- M_ASN1_New(ret->private_key,ASN1_OCTET_STRING_new);
+ M_ASN1_New(ret->private_key,M_ASN1_OCTET_STRING_new);
return(ret);
M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW);
}
-static void NETSCAPE_PKEY_free(a)
-NETSCAPE_PKEY *a;
+static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a)
{
if (a == NULL) return;
- ASN1_INTEGER_free(a->version);
+ M_ASN1_INTEGER_free(a->version);
X509_ALGOR_free(a->algor);
- ASN1_OCTET_STRING_free(a->private_key);
- Free((char *)a);
+ M_ASN1_OCTET_STRING_free(a->private_key);
+ OPENSSL_free(a);
}
#endif /* NO_RC4 */
+#else /* !NO_RSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
+#endif
projects / openssl.git / blobdiff