projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Rewrite PKCS#12 code and remove some of the old
[openssl.git]
/
crypto
/
pem
/
pem_lib.c
diff --git
a/crypto/pem/pem_lib.c
b/crypto/pem/pem_lib.c
index 1b441d78520fae56b614c1950748ebb03a215e60..5d105242ac24c6e03dcff2fb29ee31c63b102dd5 100644
(file)
--- a/
crypto/pem/pem_lib.c
+++ b/
crypto/pem/pem_lib.c
@@
-217,6
+217,10
@@
static int check_pem(const char *nm, const char *name)
if(!strcmp(nm,PEM_STRING_X509_OLD) &&
!strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
if(!strcmp(nm,PEM_STRING_X509_OLD) &&
!strcmp(name,PEM_STRING_X509_TRUSTED)) return 1;
+ /* Some CAs use PKCS#7 with CERTIFICATE headers */
+ if(!strcmp(nm, PEM_STRING_X509) &&
+ !strcmp(name, PEM_STRING_PKCS7)) return 1;
+
return 0;
}
return 0;
}
@@
-238,9
+242,9
@@
char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x,
return(NULL);
}
if(check_pem(nm, name)) break;
return(NULL);
}
if(check_pem(nm, name)) break;
-
F
ree(nm);
-
F
ree(header);
-
F
ree(data);
+
OPENSSL_f
ree(nm);
+
OPENSSL_f
ree(header);
+
OPENSSL_f
ree(data);
}
if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
}
if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
@@
-270,7
+274,7
@@
char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x,
PEM_R_BAD_PASSWORD_READ);
goto err;
}
PEM_R_BAD_PASSWORD_READ);
goto err;
}
- p8inf =
M_
PKCS8_decrypt(p8, psbuf, klen);
+ p8inf = PKCS8_decrypt(p8, psbuf, klen);
X509_SIG_free(p8);
if(!p8inf) goto p8err;
ret = (char *)EVP_PKCS82PKEY(p8inf);
X509_SIG_free(p8);
if(!p8inf) goto p8err;
ret = (char *)EVP_PKCS82PKEY(p8inf);
@@
-285,9
+289,9
@@
p8err:
if (ret == NULL)
PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
err:
if (ret == NULL)
PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
err:
-
F
ree(nm);
-
F
ree(header);
-
F
ree(data);
+
OPENSSL_f
ree(nm);
+
OPENSSL_f
ree(header);
+
OPENSSL_f
ree(data);
return(ret);
}
return(ret);
}
@@
-340,7
+344,7
@@
int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
goto err;
}
/* dzise + 8 bytes are needed */
goto err;
}
/* dzise + 8 bytes are needed */
- data=(unsigned char *)
M
alloc((unsigned int)dsize+20);
+ data=(unsigned char *)
OPENSSL_m
alloc((unsigned int)dsize+20);
if (data == NULL)
{
PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
if (data == NULL)
{
PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
@@
-369,7
+373,7
@@
int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
kstr=(unsigned char *)buf;
}
RAND_add(data,i,0);/* put in the RSA key. */
kstr=(unsigned char *)buf;
}
RAND_add(data,i,0);/* put in the RSA key. */
- if (RAND_
bytes(iv,8) <= 0)
/* Generate a salt */
+ if (RAND_
pseudo_bytes(iv,8) < 0)
/* Generate a salt */
goto err;
/* The 'iv' is used as the iv and as a salt. It is
* NOT taken from the BytesToKey function */
goto err;
/* The 'iv' is used as the iv and as a salt. It is
* NOT taken from the BytesToKey function */
@@
-401,7
+405,7
@@
err:
memset((char *)&ctx,0,sizeof(ctx));
memset(buf,0,PEM_BUFSIZE);
memset(data,0,(unsigned int)dsize);
memset((char *)&ctx,0,sizeof(ctx));
memset(buf,0,PEM_BUFSIZE);
memset(data,0,(unsigned int)dsize);
-
F
ree(data);
+
OPENSSL_f
ree(data);
return(ret);
}
return(ret);
}
@@
-579,7
+583,7
@@
int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
goto err;
}
goto err;
}
- buf=(unsigned char *)
M
alloc(PEM_BUFSIZE*8);
+ buf=(unsigned char *)
OPENSSL_m
alloc(PEM_BUFSIZE*8);
if (buf == NULL)
{
reason=ERR_R_MALLOC_FAILURE;
if (buf == NULL)
{
reason=ERR_R_MALLOC_FAILURE;
@@
-599,7
+603,7
@@
int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
}
EVP_EncodeFinal(&ctx,buf,&outl);
if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
}
EVP_EncodeFinal(&ctx,buf,&outl);
if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
-
F
ree(buf);
+
OPENSSL_f
ree(buf);
if ( (BIO_write(bp,"-----END ",9) != 9) ||
(BIO_write(bp,name,nlen) != nlen) ||
(BIO_write(bp,"-----\n",6) != 6))
if ( (BIO_write(bp,"-----END ",9) != 9) ||
(BIO_write(bp,name,nlen) != nlen) ||
(BIO_write(bp,"-----\n",6) != 6))
@@
-780,9
+784,9
@@
int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
*header=headerB->data;
*data=(unsigned char *)dataB->data;
*len=bl;
*header=headerB->data;
*data=(unsigned char *)dataB->data;
*len=bl;
-
F
ree(nameB);
-
F
ree(headerB);
-
F
ree(dataB);
+
OPENSSL_f
ree(nameB);
+
OPENSSL_f
ree(headerB);
+
OPENSSL_f
ree(dataB);
return(1);
err:
BUF_MEM_free(nameB);
return(1);
err:
BUF_MEM_free(nameB);
@@
-886,7
+890,7
@@
EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
X509_SIG_free(p8);
return NULL;
}
X509_SIG_free(p8);
return NULL;
}
- p8inf =
M_
PKCS8_decrypt(p8, psbuf, klen);
+ p8inf = PKCS8_decrypt(p8, psbuf, klen);
X509_SIG_free(p8);
if(!p8inf) return NULL;
ret = EVP_PKCS82PKEY(p8inf);
X509_SIG_free(p8);
if(!p8inf) return NULL;
ret = EVP_PKCS82PKEY(p8inf);