#include <openssl/x509.h>
#include <openssl/pem2.h>
+#define PEM_BUFSIZE 1024
+
#define PEM_OBJ_UNDEF 0
#define PEM_OBJ_X509 1
#define PEM_OBJ_X509_REQ 2
#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
#define PEM_STRING_X509_CRL "X509 CRL"
-#define PEM_STRING_EVP_PKEY "PRIVATE KEY"
+#define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
#define PEM_STRING_RSA "RSA PRIVATE KEY"
#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
#define PEM_STRING_DSA "DSA PRIVATE KEY"
#define PEM_STRING_PKCS7 "PKCS7"
+#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
+#define PEM_STRING_PKCS8INF "PRIVATE KEY"
#define PEM_STRING_DHPARAMS "DH PARAMETERS"
#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
#define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
unsigned char *data;
} PEM_CTX;
+/* These macros make the PEM_read/PEM_write functions easier to maintain and
+ * write. Now they are all implemented with either:
+ * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...)
+ */
+
+#ifdef NO_FP_API
+
+#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
+#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
+#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
+
+#else
+
+#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
+type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb)\
+{ \
+return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,cb)); \
+} \
+
+#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x) \
+{ \
+return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \
+ NULL,NULL,0,NULL)); \
+}
+
+#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb) \
+ { \
+ return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \
+ (char *)x,enc,kstr,klen,cb)); \
+ }
+
+#endif
+
+#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb)\
+{ \
+return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\
+ (char **)x,cb)); \
+}
+
+#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x) \
+{ \
+return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \
+ NULL,NULL,0,NULL)); \
+}
+
+#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+ unsigned char *kstr, int klen, pem_password_cb *cb) \
+ { \
+ return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \
+ (char *)x,enc,kstr,klen,cb)); \
+ }
+
+#define IMPLEMENT_PEM_write(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_fp(name, type, str, asn1)
+
+#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
+
+#define IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_read_fp(name, type, str, asn1)
+
+#define IMPLEMENT_PEM_rw(name, type, str, asn1) \
+ IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_write(name, type, str, asn1)
+
+#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
+ IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb(name, type, str, asn1)
+
#ifdef SSLEAY_MACROS
#define PEM_write_SSL_SESSION(fp,x) \
#endif
+typedef int pem_password_cb(char *buf, int size, int rwflag);
+/* "size" should be size_t, obviously, but it was always used
+ * without a parameter list declaration, which makes it "int" */
+
int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
- int (*callback)());
+ pem_password_cb *);
#ifdef HEADER_BIO_H
int PEM_read_bio(BIO *bp, char **name, char **header,
int PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data,
long len);
char * PEM_ASN1_read_bio(char *(*d2i)(),const char *name,BIO *bp,char **x,
- int (*cb)());
+ pem_password_cb *);
int PEM_ASN1_write_bio(int (*i2d)(),const char *name,BIO *bp,char *x,
const EVP_CIPHER *enc,unsigned char *kstr,int klen,
- int (*callback)());
-STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, int (*cb)());
+ pem_password_cb *);
+STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *);
int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
- unsigned char *kstr, int klen, int (*cb)());
+ unsigned char *kstr, int klen, pem_password_cb *);
#endif
#ifndef WIN16
unsigned char **data,long *len);
int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
char * PEM_ASN1_read(char *(*d2i)(),const char *name,FILE *fp,char **x,
- int (*cb)());
+ pem_password_cb *);
int PEM_ASN1_write(int (*i2d)(),const char *name,FILE *fp,char *x,
const EVP_CIPHER *enc,unsigned char *kstr,int klen,
- int (*callback)());
-STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, int (*cb)());
+ pem_password_cb *);
+STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
+ pem_password_cb *);
#endif
int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
#ifndef SSLEAY_MACROS
+#ifdef VMS
+/* Too long names need to be abbreviated to at most 31 characters */
+#undef PEM_write_NETSCAPE_CERT_SEQUENCE
+#define PEM_write_NETSCAPE_CERT_SEQUENCE PEM_write_NETSCAPE_CERT_SEQ
+#undef PEM_read_bio_NETSCAPE_CERT_SEQUENCE
+#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE PEM_read_bio_NETSCAPE_CERT_SEQ
+#undef PEM_write_bio_NETSCAPE_CERT_SEQUENCE
+#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE PEM_write_bio_NETSCAPE_CERT_SEQ
+#endif
+
#ifndef WIN16
-X509 *PEM_read_X509(FILE *fp,X509 **x,int (*cb)());
-X509_REQ *PEM_read_X509_REQ(FILE *fp,X509_REQ **x,int (*cb)());
-X509_CRL *PEM_read_X509_CRL(FILE *fp,X509_CRL **x,int (*cb)());
+X509 *PEM_read_X509(FILE *fp,X509 **x, pem_password_cb *);
+X509_REQ *PEM_read_X509_REQ(FILE *fp,X509_REQ **x, pem_password_cb *);
+X509_CRL *PEM_read_X509_CRL(FILE *fp,X509_CRL **x, pem_password_cb *);
#ifndef NO_RSA
-RSA *PEM_read_RSAPrivateKey(FILE *fp,RSA **x,int (*cb)());
-RSA *PEM_read_RSAPublicKey(FILE *fp,RSA **x,int (*cb)());
+RSA *PEM_read_RSAPrivateKey(FILE *fp,RSA **x, pem_password_cb *);
+RSA *PEM_read_RSAPublicKey(FILE *fp,RSA **x, pem_password_cb *);
#endif
#ifndef NO_DSA
-DSA *PEM_read_DSAPrivateKey(FILE *fp,DSA **x,int (*cb)());
-DSA *PEM_read_DSAparams(FILE *fp,DSA **x,int (*cb)());
+DSA *PEM_read_DSAPrivateKey(FILE *fp,DSA **x, pem_password_cb *);
+DSA *PEM_read_DSAparams(FILE *fp,DSA **x, pem_password_cb *);
#endif
#ifndef NO_DH
-DH *PEM_read_DHparams(FILE *fp,DH **x,int (*cb)());
+DH *PEM_read_DHparams(FILE *fp,DH **x, pem_password_cb *);
#endif
-EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x,int (*cb)());
-PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x,int (*cb)());
-NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(FILE *fp,NETSCAPE_CERT_SEQUENCE **x,int (*cb)());
+EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x, pem_password_cb *);
+PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x, pem_password_cb *);
+NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(FILE *fp,NETSCAPE_CERT_SEQUENCE **x, pem_password_cb *);
+X509_SIG *PEM_read_PKCS8(FILE *fp,X509_SIG **x, pem_password_cb *);
+PKCS8_PRIV_KEY_INFO *PEM_read_PKCS8_PRIV_KEY_INFO(FILE *fp,
+ PKCS8_PRIV_KEY_INFO **x, pem_password_cb *);
int PEM_write_X509(FILE *fp,X509 *x);
int PEM_write_X509_REQ(FILE *fp,X509_REQ *x);
int PEM_write_X509_CRL(FILE *fp,X509_CRL *x);
#ifndef NO_RSA
-int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,EVP_CIPHER *enc,unsigned char *kstr,
- int klen,int (*cb)());
+int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,const EVP_CIPHER *enc,unsigned char *kstr,
+ int klen, pem_password_cb *);
int PEM_write_RSAPublicKey(FILE *fp,RSA *x);
#endif
#ifndef NO_DSA
int PEM_write_DSAPrivateKey(FILE *fp,DSA *x,const EVP_CIPHER *enc,
unsigned char *kstr,
- int klen,int (*cb)());
+ int klen, pem_password_cb *);
#endif
-int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,EVP_CIPHER *enc,
- unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
+ unsigned char *kstr,int klen, pem_password_cb *);
+int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
+ char *kstr,int klen, pem_password_cb *);
int PEM_write_PKCS7(FILE *fp,PKCS7 *x);
#ifndef NO_DH
int PEM_write_DHparams(FILE *fp,DH *x);
int PEM_write_DSAparams(FILE *fp,DSA *x);
#endif
int PEM_write_NETSCAPE_CERT_SEQUENCE(FILE *fp,NETSCAPE_CERT_SEQUENCE *x);
+int PEM_write_PKCS8(FILE *fp,X509_SIG *x);
+int PEM_write_PKCS8_PRIV_KEY_INFO(FILE *fp,PKCS8_PRIV_KEY_INFO *x);
#endif
#ifdef HEADER_BIO_H
-X509 *PEM_read_bio_X509(BIO *bp,X509 **x,int (*cb)());
-X509_REQ *PEM_read_bio_X509_REQ(BIO *bp,X509_REQ **x,int (*cb)());
-X509_CRL *PEM_read_bio_X509_CRL(BIO *bp,X509_CRL **x,int (*cb)());
+X509 *PEM_read_bio_X509(BIO *bp,X509 **x, pem_password_cb *);
+X509_REQ *PEM_read_bio_X509_REQ(BIO *bp,X509_REQ **x, pem_password_cb *);
+X509_CRL *PEM_read_bio_X509_CRL(BIO *bp,X509_CRL **x, pem_password_cb *);
#ifndef NO_RSA
-RSA *PEM_read_bio_RSAPrivateKey(BIO *bp,RSA **x,int (*cb)());
-RSA *PEM_read_bio_RSAPublicKey(BIO *bp,RSA **x,int (*cb)());
+RSA *PEM_read_bio_RSAPrivateKey(BIO *bp,RSA **x, pem_password_cb *);
+RSA *PEM_read_bio_RSAPublicKey(BIO *bp,RSA **x, pem_password_cb *);
#endif
#ifndef NO_DSA
-DSA *PEM_read_bio_DSAPrivateKey(BIO *bp,DSA **x,int (*cb)());
+DSA *PEM_read_bio_DSAPrivateKey(BIO *bp,DSA **x, pem_password_cb *);
#endif
-EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp,EVP_PKEY **x,int (*cb)());
-PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x,int (*cb)());
+EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp,EVP_PKEY **x, pem_password_cb *);
+PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x, pem_password_cb *);
#ifndef NO_DH
-DH *PEM_read_bio_DHparams(BIO *bp,DH **x,int (*cb)());
+DH *PEM_read_bio_DHparams(BIO *bp,DH **x, pem_password_cb *);
#endif
-NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,NETSCAPE_CERT_SEQUENCE **x,int (*cb)());
+NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,NETSCAPE_CERT_SEQUENCE **x, pem_password_cb *);
+X509_SIG *PEM_read_bio_PKCS8(BIO *bp,X509_SIG **x, pem_password_cb *);
+PKCS8_PRIV_KEY_INFO *PEM_read_bio_PKCS8_PRIV_KEY_INFO(BIO *bp,
+ PKCS8_PRIV_KEY_INFO **x, pem_password_cb *);
#ifndef NO_DSA
-DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x,int (*cb)());
+DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x, pem_password_cb *);
#endif
int PEM_write_bio_X509(BIO *bp,X509 *x);
int PEM_write_bio_X509_REQ(BIO *bp,X509_REQ *x);
int PEM_write_bio_X509_CRL(BIO *bp,X509_CRL *x);
#ifndef NO_RSA
int PEM_write_bio_RSAPrivateKey(BIO *fp,RSA *x,const EVP_CIPHER *enc,
- unsigned char *kstr,int klen,int (*cb)());
+ unsigned char *kstr,int klen, pem_password_cb *);
int PEM_write_bio_RSAPublicKey(BIO *fp,RSA *x);
#endif
#ifndef NO_DSA
int PEM_write_bio_DSAPrivateKey(BIO *fp,DSA *x,const EVP_CIPHER *enc,
- unsigned char *kstr,int klen,int (*cb)());
+ unsigned char *kstr,int klen, pem_password_cb *);
#endif
-int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,EVP_CIPHER *enc,
- unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
+ unsigned char *kstr,int klen, pem_password_cb *);
+int PEM_write_bio_PKCS8PrivateKey(BIO *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
+ char *kstr,int klen, pem_password_cb *);
int PEM_write_bio_PKCS7(BIO *bp,PKCS7 *x);
#ifndef NO_DH
int PEM_write_bio_DHparams(BIO *bp,DH *x);
int PEM_write_bio_DSAparams(BIO *bp,DSA *x);
#endif
int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,NETSCAPE_CERT_SEQUENCE *x);
+int PEM_write_bio_PKCS8(BIO *bp,X509_SIG *x);
+int PEM_write_bio_PKCS8_PRIV_KEY_INFO(BIO *bp,PKCS8_PRIV_KEY_INFO *x);
#endif
#endif /* SSLEAY_MACROS */
#define PEM_F_PEM_ASN1_WRITE 104
#define PEM_F_PEM_ASN1_WRITE_BIO 105
#define PEM_F_PEM_DO_HEADER 106
+#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
#define PEM_F_PEM_READ 108
#define PEM_F_PEM_READ_BIO 109
#define PEM_F_PEM_SIGNFINAL 112
#define PEM_F_PEM_WRITE 113
#define PEM_F_PEM_WRITE_BIO 114
+#define PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY 119
#define PEM_F_PEM_X509_INFO_READ 115
#define PEM_F_PEM_X509_INFO_READ_BIO 116
#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
#define PEM_R_BAD_END_LINE 102
#define PEM_R_BAD_IV_CHARS 103
#define PEM_R_BAD_PASSWORD_READ 104
+#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
#define PEM_R_NOT_DEK_INFO 105
#define PEM_R_NOT_ENCRYPTED 106
#define PEM_R_NOT_PROC_TYPE 107