X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fasn1%2Fn_pkey.c;h=5a7d494ff06f39501b776bcf5939379f5cd0a6df;hp=6353d18c53a6bffb662928c81097a30f1f279590;hb=b4b41f48d1cfb6151e24e9c5f28019d3cfa5ec96;hpb=eda1f21f1af8b6f77327e7b37573af9c1ba73726 diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index 6353d18c53..5a7d494ff0 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -1,5 +1,5 @@ /* crypto/asn1/n_pkey.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -56,13 +56,14 @@ * [including the GNU Public Licence.] */ +#ifndef NO_RSA #include #include "cryptlib.h" -#include "rsa.h" -#include "objects.h" -#include "asn1_mac.h" -#include "evp.h" -#include "x509.h" +#include +#include +#include +#include +#include #ifndef NO_RC4 @@ -74,31 +75,12 @@ typedef struct netscape_pkey_st ASN1_OCTET_STRING *private_key; } NETSCAPE_PKEY; -/* - * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_LENGTH_MISMATCH); - * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR); - * ASN1err(ASN1_F_D2I_NETSCAPE_PKEY,ASN1_R_DECODING_ERROR); - * ASN1err(ASN1_F_NETSCAPE_PKEY_NEW,ASN1_R_DECODING_ERROR); - */ -#ifndef NOPROTO -static RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, - int (*cb)()); static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp); static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length); static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void); static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *); -#else -static RSA *d2i_Netscape_RSA_2(); -static int i2d_NETSCAPE_PKEY(); -static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(); -static NETSCAPE_PKEY *NETSCAPE_PKEY_new(); -static void NETSCAPE_PKEY_free(); -#endif -int i2d_Netscape_RSA(a,pp,cb) -RSA *a; -unsigned char **pp; -int (*cb)(); +int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) { int i,j,l[6]; NETSCAPE_PKEY *pkey; @@ -141,7 +123,9 @@ int (*cb)(); l[2]=i2d_X509_ALGOR(alg,NULL); l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE); +#ifndef CONST_STRICT os.data=(unsigned char *)"private-key"; +#endif os.length=11; l[4]=i2d_ASN1_OCTET_STRING(&os,NULL); @@ -155,7 +139,7 @@ int (*cb)(); } if (pkey->private_key->data != NULL) - Free((char *)pkey->private_key->data); + Free(pkey->private_key->data); if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL) { ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); @@ -183,6 +167,8 @@ int (*cb)(); EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf, strlen((char *)buf),1,key,NULL); memset(buf,0,256); + + EVP_CIPHER_CTX_init(&ctx); EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL); EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length); EVP_EncryptFinal(&ctx,&(os2.data[i]),&j); @@ -196,18 +182,14 @@ int (*cb)(); i2d_ASN1_OCTET_STRING(&os2,&p); ret=l[5]; err: - if (os2.data != NULL) Free((char *)os2.data); + if (os2.data != NULL) Free(os2.data); if (alg != NULL) X509_ALGOR_free(alg); if (pkey != NULL) NETSCAPE_PKEY_free(pkey); r=r; return(ret); } -RSA *d2i_Netscape_RSA(a,pp,length,cb) -RSA **a; -unsigned char **pp; -long length; -int (*cb)(); +RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()) { RSA *ret=NULL; ASN1_OCTET_STRING *os=NULL; @@ -223,22 +205,23 @@ int (*cb)(); (char *)os->data,os->length) != 0)) { ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING); - ASN1_BIT_STRING_free(os); + M_ASN1_BIT_STRING_free(os); goto err; } - ASN1_BIT_STRING_free(os); + M_ASN1_BIT_STRING_free(os); c.q=c.p; if ((ret=d2i_Netscape_RSA_2(a,&c.p,c.slen,cb)) == NULL) goto err; - c.slen-=(c.p-c.q); + /* Note: some versions of IIS key files use length values that are + * too small for the surrounding SEQUENCEs. This following line + * effectively disable length checking. + */ + c.slen = 0; M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA); } -static RSA *d2i_Netscape_RSA_2(a,pp,length,cb) -RSA **a; -unsigned char **pp; -long length; -int (*cb)(); +RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, + int (*cb)()) { NETSCAPE_PKEY *pkey=NULL; RSA *ret=NULL; @@ -250,7 +233,7 @@ int (*cb)(); ASN1_OCTET_STRING *os=NULL; ASN1_CTX c; - c.error=ASN1_R_ERROR_STACK; + c.error=ERR_R_NESTED_ASN1_ERROR; c.pp=pp; M_ASN1_D2I_Init(); @@ -274,6 +257,8 @@ int (*cb)(); EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf, strlen((char *)buf),1,key,NULL); memset(buf,0,256); + + EVP_CIPHER_CTX_init(&ctx); EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL); EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length); EVP_DecryptFinal(&ctx,&(os->data[i]),&j); @@ -298,14 +283,12 @@ int (*cb)(); *pp=c.p; err: if (pkey != NULL) NETSCAPE_PKEY_free(pkey); - if (os != NULL) ASN1_BIT_STRING_free(os); + if (os != NULL) M_ASN1_BIT_STRING_free(os); if (alg != NULL) X509_ALGOR_free(alg); return(ret); } -static int i2d_NETSCAPE_PKEY(a,pp) -NETSCAPE_PKEY *a; -unsigned char **pp; +static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp) { M_ASN1_I2D_vars(a); @@ -323,10 +306,8 @@ unsigned char **pp; M_ASN1_I2D_finish(); } -static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(a,pp,length) -NETSCAPE_PKEY **a; -unsigned char **pp; -long length; +static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, unsigned char **pp, + long length) { M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new); @@ -338,27 +319,34 @@ long length; M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY); } -static NETSCAPE_PKEY *NETSCAPE_PKEY_new() +static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void) { NETSCAPE_PKEY *ret=NULL; + ASN1_CTX c; M_ASN1_New_Malloc(ret,NETSCAPE_PKEY); - M_ASN1_New(ret->version,ASN1_INTEGER_new); + M_ASN1_New(ret->version,M_ASN1_INTEGER_new); M_ASN1_New(ret->algor,X509_ALGOR_new); - M_ASN1_New(ret->private_key,ASN1_OCTET_STRING_new); + M_ASN1_New(ret->private_key,M_ASN1_OCTET_STRING_new); return(ret); M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW); } -static void NETSCAPE_PKEY_free(a) -NETSCAPE_PKEY *a; +static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a) { if (a == NULL) return; - ASN1_INTEGER_free(a->version); + M_ASN1_INTEGER_free(a->version); X509_ALGOR_free(a->algor); - ASN1_OCTET_STRING_free(a->private_key); - Free((char *)a); + M_ASN1_OCTET_STRING_free(a->private_key); + Free(a); } #endif /* NO_RC4 */ +#else /* !NO_RSA */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif + +#endif