Change the PEM function implementation to use a common set of macros: this

should make modifying them easier.

Fix the selfsign demo: it was rather ancient and used deleted functions.

diff --git a/CHANGES b/CHANGES
index 32f6ff118171fff3ea88f7155fd7597f54f17c6b..b29cb8e09cf6648c12aebcb95c938d927ddc522e 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,16 @@
 
  Changes between 0.9.3a and 0.9.4
 
+  *) Fix demos/selfsign.c: it used obsolete and deleted functions, changed
+     to use the new extension code.
+     [Steve Henson]
+
+  *) Implement the PEM_read/PEM_write functions in crypto/pem/pem_all.c
+     with macros. This should make it easier to change their form, add extra
+     arguments etc. Fix a few PEM prototypes which didn't have cipher as a
+     constant.
+     [Steve Henson]
+
   *) Add to configuration table a new entry that can specify an alternative
      name for unistd.h (for pre-POSIX systems); we need this for NeXTstep,
      according to Mark Crispin <MRC@Panda.COM>.

diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h
index 7c02356f1ec2495cca4eff851a84811522758bca..71953241d0d93f31e8c6111a55c31a29be69e926 100644 (file)
--- a/crypto/pem/pem.h
+++ b/crypto/pem/pem.h
@@ -182,6 +182,84 @@ typedef struct pem_ctx_st
        unsigned char *data;
        } PEM_CTX;
 
+/* These macros make the PEM_read/PEM_write functions easier to maintain and
+ * write. Now they are all implemented with either:
+ * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...)
+ */
+
+#ifdef NO_FP_API
+
+#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
+#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
+#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
+
+#else
+
+#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
+type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb)\
+{ \
+return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,cb)); \
+} \
+
+#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x) \
+{ \
+return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \
+                                                        NULL,NULL,0,NULL)); \
+} 
+
+#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+            unsigned char *kstr, int klen, pem_password_cb *cb) \
+       { \
+       return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \
+               (char *)x,enc,kstr,klen,cb)); \
+       }
+
+#endif
+
+#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb)\
+{ \
+return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\
+                                                       (char **)x,cb)); \
+}
+
+#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x) \
+{ \
+return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \
+                                                        NULL,NULL,0,NULL)); \
+}
+
+#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+            unsigned char *kstr, int klen, pem_password_cb *cb) \
+       { \
+       return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \
+               (char *)x,enc,kstr,klen,cb)); \
+       }
+
+#define IMPLEMENT_PEM_write(name, type, str, asn1) \
+       IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+       IMPLEMENT_PEM_write_fp(name, type, str, asn1) 
+
+#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
+       IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+       IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) 
+
+#define IMPLEMENT_PEM_read(name, type, str, asn1) \
+       IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+       IMPLEMENT_PEM_read_fp(name, type, str, asn1) 
+
+#define IMPLEMENT_PEM_rw(name, type, str, asn1) \
+       IMPLEMENT_PEM_read(name, type, str, asn1) \
+       IMPLEMENT_PEM_write(name, type, str, asn1)
+
+#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
+       IMPLEMENT_PEM_read(name, type, str, asn1) \
+       IMPLEMENT_PEM_write_cb(name, type, str, asn1)
+
 #ifdef SSLEAY_MACROS
 
 #define PEM_write_SSL_SESSION(fp,x) \
@@ -410,7 +488,7 @@ int PEM_write_X509(FILE *fp,X509 *x);
 int PEM_write_X509_REQ(FILE *fp,X509_REQ *x);
 int PEM_write_X509_CRL(FILE *fp,X509_CRL *x);
 #ifndef NO_RSA
-int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,EVP_CIPHER *enc,unsigned char *kstr,
+int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,const EVP_CIPHER *enc,unsigned char *kstr,
         int klen, pem_password_cb *);
 int PEM_write_RSAPublicKey(FILE *fp,RSA *x);
 #endif
@@ -419,7 +497,7 @@ int PEM_write_DSAPrivateKey(FILE *fp,DSA *x,const EVP_CIPHER *enc,
                            unsigned char *kstr,
         int klen, pem_password_cb *);
 #endif
-int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
        unsigned char *kstr,int klen, pem_password_cb *);
 int PEM_write_PKCS7(FILE *fp,PKCS7 *x);
 #ifndef NO_DH
@@ -468,7 +546,7 @@ int PEM_write_bio_RSAPublicKey(BIO *fp,RSA *x);
 int PEM_write_bio_DSAPrivateKey(BIO *fp,DSA *x,const EVP_CIPHER *enc,
         unsigned char *kstr,int klen, pem_password_cb *);
 #endif
-int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
         unsigned char *kstr,int klen, pem_password_cb *);
 int PEM_write_bio_PKCS7(BIO *bp,PKCS7 *x);
 #ifndef NO_DH

diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c
index 51eec6d9cf0107916dea269b866f38f965cdaf5b..b283b6b4ba09170ef7ddd125e1534942cb83e1f4 100644 (file)
--- a/crypto/pem/pem_all.c
+++ b/crypto/pem/pem_all.c
@@ -65,405 +65,42 @@
 #include <openssl/pkcs7.h>
 #include <openssl/pem.h>
 
-#ifndef NO_FP_API
-/* The X509 functions */
-X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb)
-       {
-       return((X509 *)PEM_ASN1_read((char *(*)())d2i_X509,
-               PEM_STRING_X509,fp,(char **)x,cb));
-       }
-#endif
-
-X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb)
-       {
-       return((X509 *)PEM_ASN1_read_bio((char *(*)())d2i_X509,
-               PEM_STRING_X509,bp,(char **)x,cb));
-       }
-
-#ifndef NO_FP_API
-int PEM_write_X509(FILE *fp, X509 *x)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp,
-               (char *)x, NULL,NULL,0,NULL));
-       }
-#endif
-
-int PEM_write_bio_X509(BIO *bp, X509 *x)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp,
-               (char *)x, NULL,NULL,0,NULL));
-       }
-
-#ifndef NO_FP_API
-/* The X509_REQ functions */
-X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x, pem_password_cb *cb)
-       {
-       return((X509_REQ *)PEM_ASN1_read((char *(*)())d2i_X509_REQ,
-               PEM_STRING_X509_REQ,fp,(char **)x,cb));
-       }
-#endif
-
-X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x, pem_password_cb *cb)
-       {
-       return((X509_REQ *)PEM_ASN1_read_bio((char *(*)())d2i_X509_REQ,
-               PEM_STRING_X509_REQ,bp,(char **)x,cb));
-       }
+IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509)
 
-#ifndef NO_FP_API
-int PEM_write_X509_REQ(FILE *fp, X509_REQ *x)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,
-               (char *)x, NULL,NULL,0,NULL));
-       }
-#endif
-
-int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,
-               bp,(char *)x, NULL,NULL,0,NULL));
-       }
+IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ)
 
-#ifndef NO_FP_API
-/* The X509_CRL functions */
-X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x, pem_password_cb *cb)
-       {
-       return((X509_CRL *)PEM_ASN1_read((char *(*)())d2i_X509_CRL,
-               PEM_STRING_X509_CRL,fp,(char **)x,cb));
-       }
-#endif
+IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL)
 
-X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x, pem_password_cb *cb)
-       {
-       return((X509_CRL *)PEM_ASN1_read_bio((char *(*)())d2i_X509_CRL,
-               PEM_STRING_X509_CRL,bp,(char **)x,cb));
-       }
+IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7)
 
-#ifndef NO_FP_API
-int PEM_write_X509_CRL(FILE *fp, X509_CRL *x)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,fp,
-               (char *)x, NULL,NULL,0,NULL));
-       }
-#endif
+IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE,
+                                       PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE)
 
-int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,
-               bp,(char *)x, NULL,NULL,0,NULL));
-       }
+IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
+IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,
+                                                        PKCS8_PRIV_KEY_INFO)
 
 #ifndef NO_RSA
-#ifndef NO_FP_API
-/* The RSAPrivateKey functions */
-RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x, pem_password_cb *cb)
-       {
-       return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPrivateKey,
-               PEM_STRING_RSA,fp,(char **)x,cb));
-       }
 
-RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x, pem_password_cb *cb)
-       {
-       return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPublicKey,
-               PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb));
-       }
-#endif
-
-RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x, pem_password_cb *cb)
-       {
-       return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPrivateKey,
-               PEM_STRING_RSA,bp,(char **)x,cb));
-       }
+IMPLEMENT_PEM_rw_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
 
-RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x, pem_password_cb *cb)
-       {
-       return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPublicKey,
-               PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb));
-       }
+IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
 
-#ifndef NO_FP_API
-int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, EVP_CIPHER *enc,
-            unsigned char *kstr, int klen, pem_password_cb *cb)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,
-               (char *)x,enc,kstr,klen,cb));
-       }
-
-int PEM_write_RSAPublicKey(FILE *fp, RSA *x)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_RSAPublicKey,
-               PEM_STRING_RSA_PUBLIC,fp,
-               (char *)x,NULL,NULL,0,NULL));
-       }
 #endif
 
-int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
-            unsigned char *kstr, int klen, pem_password_cb *cb)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,
-               bp,(char *)x,enc,kstr,klen,cb));
-       }
-
-int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey,
-               PEM_STRING_RSA_PUBLIC,
-               bp,(char *)x,NULL,NULL,0,NULL));
-       }
-#endif /* !NO_RSA */
-
 #ifndef NO_DSA
-#ifndef NO_FP_API
-/* The DSAPrivateKey functions */
-DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x, pem_password_cb *cb)
-       {
-       return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAPrivateKey,
-               PEM_STRING_DSA,fp,(char **)x,cb));
-       }
-#endif
-
-DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x, pem_password_cb *cb)
-       {
-       return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAPrivateKey,
-               PEM_STRING_DSA,bp,(char **)x,cb));
-       }
-
-#ifndef NO_FP_API
-int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
-            unsigned char *kstr, int klen, pem_password_cb *cb)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,
-               (char *)x,enc,kstr,klen,cb));
-       }
-#endif
-
-int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
-            unsigned char *kstr, int klen, pem_password_cb *cb)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,
-               bp,(char *)x,enc,kstr,klen,cb));
-       }
-#endif
 
-#ifndef NO_FP_API
-/* The PrivateKey functions */
-EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb)
-       {
-       return((EVP_PKEY *)PEM_ASN1_read((char *(*)())d2i_PrivateKey,
-               PEM_STRING_EVP_PKEY,fp,(char **)x,cb));
-       }
-#endif
+IMPLEMENT_PEM_rw_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
 
-EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb)
-       {
-       return((EVP_PKEY *)PEM_ASN1_read_bio((char *(*)())d2i_PrivateKey,
-               PEM_STRING_EVP_PKEY,bp,(char **)x,cb));
-       }
+IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
 
-#ifndef NO_FP_API
-int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, EVP_CIPHER *enc,
-            unsigned char *kstr, int klen, pem_password_cb *cb)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_PrivateKey,
-               ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
-               fp,(char *)x,enc,kstr,klen,cb));
-       }
 #endif
 
-int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, EVP_CIPHER *enc,
-            unsigned char *kstr, int klen, pem_password_cb *cb)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,
-               ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
-               bp,(char *)x,enc,kstr,klen,cb));
-       }
-
-#ifndef NO_FP_API
-/* The PKCS7 functions */
-PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb)
-       {
-       return((PKCS7 *)PEM_ASN1_read((char *(*)())d2i_PKCS7,
-               PEM_STRING_PKCS7,fp,(char **)x,cb));
-       }
-#endif
-
-PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb)
-       {
-       return((PKCS7 *)PEM_ASN1_read_bio((char *(*)())d2i_PKCS7,
-               PEM_STRING_PKCS7,bp,(char **)x,cb));
-       }
-
-#ifndef NO_FP_API
-int PEM_write_PKCS7(FILE *fp, PKCS7 *x)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp,
-               (char *)x, NULL,NULL,0,NULL));
-       }
-#endif
-
-int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp,
-               (char *)x, NULL,NULL,0,NULL));
-       }
-
 #ifndef NO_DH
-#ifndef NO_FP_API
-/* The DHparams functions */
-DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb)
-       {
-       return((DH *)PEM_ASN1_read((char *(*)())d2i_DHparams,
-               PEM_STRING_DHPARAMS,fp,(char **)x,cb));
-       }
-#endif
-
-DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb)
-       {
-       return((DH *)PEM_ASN1_read_bio((char *(*)())d2i_DHparams,
-               PEM_STRING_DHPARAMS,bp,(char **)x,cb));
-       }
-
-#ifndef NO_FP_API
-int PEM_write_DHparams(FILE *fp, DH *x)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,
-               (char *)x, NULL,NULL,0,NULL));
-       }
-#endif
-
-int PEM_write_bio_DHparams(BIO *bp, DH *x)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,
-               bp,(char *)x, NULL,NULL,0,NULL));
-       }
-#endif
-
-#ifndef NO_DSA
-#ifndef NO_FP_API
-/* The DSAparams functions */
-DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb)
-       {
-       return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAparams,
-               PEM_STRING_DSAPARAMS,fp,(char **)x,cb));
-       }
-#endif
-
-DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb)
-       {
-       return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAparams,
-               PEM_STRING_DSAPARAMS,bp,(char **)x,cb));
-       }
-
-#ifndef NO_FP_API
-int PEM_write_DSAparams(FILE *fp, DSA *x)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS,fp,
-               (char *)x, NULL,NULL,0,NULL));
-       }
-#endif
-
-int PEM_write_bio_DSAparams(BIO *bp, DSA *x)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS,
-               bp,(char *)x, NULL,NULL,0,NULL));
-       }
-#endif
-
-/* The Netscape Certificate sequence functions */
 
-#ifndef NO_FP_API
-NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(FILE *fp,
-            NETSCAPE_CERT_SEQUENCE **x, pem_password_cb *cb)
-       {
-       return((NETSCAPE_CERT_SEQUENCE *)
-               PEM_ASN1_read((char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,
-               PEM_STRING_X509,fp,(char **)x,cb));
-       }
-#endif
-
-NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,
-            NETSCAPE_CERT_SEQUENCE **x, pem_password_cb *cb)
-       {
-       return((NETSCAPE_CERT_SEQUENCE *)
-               PEM_ASN1_read_bio((char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,
-               PEM_STRING_X509,bp,(char **)x,cb));
-       }
-
-#ifndef NO_FP_API
-int PEM_write_NETSCAPE_CERT_SEQUENCE(FILE *fp, NETSCAPE_CERT_SEQUENCE *x)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE,
-               PEM_STRING_X509,fp, (char *)x, NULL,NULL,0,NULL));
-       }
-#endif
+IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
 
-int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp, NETSCAPE_CERT_SEQUENCE *x)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE,
-               PEM_STRING_X509,bp, (char *)x, NULL,NULL,0,NULL));
-       }
-
-
-/* The PKCS8 functions */
-
-#ifndef NO_FP_API
-X509_SIG *PEM_read_PKCS8(FILE *fp,
-            X509_SIG **x, pem_password_cb *cb)
-       {
-       return((X509_SIG *) PEM_ASN1_read((char *(*)())d2i_X509_SIG,
-               PEM_STRING_PKCS8,fp,(char **)x,cb));
-       }
 #endif
 
-X509_SIG *PEM_read_bio_PKCS8(BIO *bp,
-            X509_SIG **x, pem_password_cb *cb)
-       {
-       return((X509_SIG *)
-               PEM_ASN1_read_bio((char *(*)())d2i_X509_SIG,
-               PEM_STRING_PKCS8,bp,(char **)x,cb));
-       }
-
-#ifndef NO_FP_API
-int PEM_write_PKCS8(FILE *fp, X509_SIG *x)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_X509_SIG,
-               PEM_STRING_PKCS8,fp, (char *)x, NULL,NULL,0,NULL));
-       }
-#endif
-
-int PEM_write_bio_PKCS8(BIO *bp, X509_SIG *x)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_X509_SIG,
-               PEM_STRING_PKCS8,bp, (char *)x, NULL,NULL,0,NULL));
-       }
-
-#ifndef NO_FP_API
-PKCS8_PRIV_KEY_INFO *PEM_read_PKCS8_PRIV_KEY_INFO(FILE *fp,
-            PKCS8_PRIV_KEY_INFO **x, pem_password_cb *cb)
-       {
-       return((PKCS8_PRIV_KEY_INFO *)
-               PEM_ASN1_read((char *(*)())d2i_PKCS8_PRIV_KEY_INFO,
-               PEM_STRING_PKCS8INF,fp,(char **)x,cb));
-       }
-#endif
-
-PKCS8_PRIV_KEY_INFO *PEM_read_bio_PKCS8_PRIV_KEY_INFO(BIO *bp,
-            PKCS8_PRIV_KEY_INFO **x, pem_password_cb *cb)
-       {
-       return((PKCS8_PRIV_KEY_INFO *)
-               PEM_ASN1_read_bio((char *(*)())d2i_PKCS8_PRIV_KEY_INFO,
-               PEM_STRING_PKCS8INF,bp,(char **)x,cb));
-       }
-
-#ifndef NO_FP_API
-int PEM_write_PKCS8_PRIV_KEY_INFO(FILE *fp, PKCS8_PRIV_KEY_INFO *x)
-       {
-       return(PEM_ASN1_write((int (*)())i2d_PKCS8_PRIV_KEY_INFO,
-               PEM_STRING_PKCS8INF,fp, (char *)x, NULL,NULL,0,NULL));
-       }
-#endif
+IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
 
-int PEM_write_bio_PKCS8_PRIV_KEY_INFO(BIO *bp, PKCS8_PRIV_KEY_INFO *x)
-       {
-       return(PEM_ASN1_write_bio((int (*)())i2d_PKCS8_PRIV_KEY_INFO,
-               PEM_STRING_PKCS8INF,bp, (char *)x, NULL,NULL,0,NULL));
-       }

diff --git a/demos/selfsign.c b/demos/selfsign.c
index ea9b3ff1c8e8909a070903b4958fd241f4e65b1d..f4a83693528eee94b674b201abc15cab56e1ad4e 100644 (file)
--- a/demos/selfsign.c
+++ b/demos/selfsign.c
@@ -4,13 +4,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#include <openssl/buffer.h>
-#include <openssl/crypto.h>
-#include <openssl/objects.h>
-#include <openssl/asn1.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
 
 int mkit(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
 
@@ -22,7 +18,7 @@ int main()
 
        CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
 
-       X509v3_add_netscape_extensions();
+       X509V3_add_standard_extensions();
 
        if ((bio_err=BIO_new(BIO_s_file())) != NULL)
                BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
@@ -39,7 +35,7 @@ int main()
        EVP_PKEY_free(pkey);
        BIO_free(bio_err);
 
-       X509_cleanup_extensions();
+       X509V3_EXT_cleanup();
 
        CRYPTO_mem_leaks(bio_err);
        return(0);
@@ -53,9 +49,10 @@ int main()
 #  define MS_FAR
 #endif
 
-static void MS_CALLBACK callback(p, n)
+static void MS_CALLBACK callback(p, n, arg)
 int p;
 int n;
+void *arg;
        {
        char c='B';
 
@@ -76,11 +73,9 @@ int days;
        X509 *x;
        EVP_PKEY *pk;
        RSA *rsa;
-       char *s;
        X509_NAME *name=NULL;
        X509_NAME_ENTRY *ne=NULL;
        X509_EXTENSION *ex=NULL;
-       ASN1_OCTET_STRING *data=NULL;
 
        
        if ((pkeyp == NULL) || (*pkeyp == NULL))
@@ -135,24 +130,33 @@ int days;
        /* finished with structure */
        X509_NAME_free(name);
 
-       data=X509v3_pack_string(NULL,V_ASN1_BIT_STRING,
-               "\001",1);
-       ex=X509_EXTENSION_create_by_NID(NULL,NID_netscape_cert_type,0,data);
+       /* Add extension using V3 code: we can set the config file as NULL
+        * because we wont reference any other sections. We can also set
+         * the context to NULL because none of these extensions below will need
+        * to access it.
+        */
+
+       ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_cert_type, "server");
        X509_add_ext(x,ex,-1);
 
-       X509v3_pack_string(&data,V_ASN1_IA5STRING,
-               "example comment extension",-1);
-       X509_EXTENSION_create_by_NID(&ex,NID_netscape_comment,0,data);
+       ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_comment,
+                                               "example comment extension");
        X509_add_ext(x,ex,-1);
 
-       X509v3_pack_string(&data,V_ASN1_BIT_STRING,
-               "www.cryptsoft.com",-1);
-       X509_EXTENSION_create_by_NID(&ex,NID_netscape_ssl_server_name,0,data);
+       ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_ssl_server_name,
+                                                       "www.openssl.org");
+
        X509_add_ext(x,ex,-1);
-       
-       X509_EXTENSION_free(ex);
-       ASN1_OCTET_STRING_free(data);
 
+#if 0
+       /* might want something like this too.... */
+       ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,
+                                                       "critical,CA:TRUE");
+
+
+       X509_add_ext(x,ex,-1);
+#endif
+       
        if (!X509_sign(x,pk,EVP_md5()))
                goto err;
 
@@ -162,7 +166,3 @@ int days;
 err:
        return(0);
        }
-                        
-
-
-