static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *);
-int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)())
+int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)())
+{
+ return i2d_RSA_NET(a, pp, cb, 0);
+}
+
+int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
{
int i,j,l[6];
NETSCAPE_PKEY *pkey;
}
if (pkey->private_key->data != NULL)
- Free((char *)pkey->private_key->data);
- if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL)
+ OPENSSL_free(pkey->private_key->data);
+ if ((pkey->private_key->data=(unsigned char *)OPENSSL_malloc(l[0])) == NULL)
{
ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
goto err;
zz=pkey->private_key->data;
i2d_RSAPrivateKey(a,&zz);
- if ((os2.data=(unsigned char *)Malloc(os2.length)) == NULL)
+ if ((os2.data=(unsigned char *)OPENSSL_malloc(os2.length)) == NULL)
{
ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
goto err;
ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ);
goto err;
}
- EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
- strlen((char *)buf),1,key,NULL);
+ i = strlen((char *)buf);
+ /* If the key is used for SGC the algorithm is modified a little. */
+ if(sgckey){
+ EVP_MD_CTX mctx;
+ EVP_DigestInit(&mctx, EVP_md5());
+ EVP_DigestUpdate(&mctx, buf, i);
+ EVP_DigestFinal(&mctx, buf, NULL);
+ memcpy(buf + 16, "SGCKEYSALT", 10);
+ i = 26;
+ }
+
+ EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
memset(buf,0,256);
EVP_CIPHER_CTX_init(&ctx);
i2d_ASN1_OCTET_STRING(&os2,&p);
ret=l[5];
err:
- if (os2.data != NULL) Free(os2.data);
+ if (os2.data != NULL) OPENSSL_free(os2.data);
if (alg != NULL) X509_ALGOR_free(alg);
if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
r=r;
return(ret);
}
-RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)())
+
+RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)())
+{
+ return d2i_RSA_NET(a, pp, length, cb, 0);
+}
+
+RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey)
{
RSA *ret=NULL;
ASN1_OCTET_STRING *os=NULL;
ASN1_CTX c;
- c.pp=pp;
+ c.pp=(unsigned char **)pp; /* TMP UGLY CAST */
c.error=ASN1_R_DECODING_ERROR;
M_ASN1_D2I_Init();
(char *)os->data,os->length) != 0))
{
ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
- ASN1_BIT_STRING_free(os);
+ M_ASN1_BIT_STRING_free(os);
goto err;
}
- ASN1_BIT_STRING_free(os);
+ M_ASN1_BIT_STRING_free(os);
c.q=c.p;
- if ((ret=d2i_Netscape_RSA_2(a,&c.p,c.slen,cb)) == NULL) goto err;
- c.slen-=(c.p-c.q);
+ if ((ret=d2i_RSA_NET_2(a,(const unsigned char **)&c.p, /* TMP UGLY CAST */
+ c.slen,cb, sgckey)) == NULL) goto err;
+ /* Note: some versions of IIS key files use length values that are
+ * too small for the surrounding SEQUENCEs. This following line
+ * effectively disable length checking.
+ */
+ c.slen = 0;
M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
}
-RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length,
+RSA *d2i_Netscape_RSA_2(RSA **a, const unsigned char **pp, long length,
int (*cb)())
+{
+ return d2i_RSA_NET_2(a, pp, length, cb, 0);
+}
+
+RSA *d2i_RSA_NET_2(RSA **a, const unsigned char **pp, long length,
+ int (*cb)(), int sgckey)
{
NETSCAPE_PKEY *pkey=NULL;
RSA *ret=NULL;
ASN1_CTX c;
c.error=ERR_R_NESTED_ASN1_ERROR;
- c.pp=pp;
+ c.pp=(unsigned char **)pp;
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
goto err;
}
- EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
- strlen((char *)buf),1,key,NULL);
+ i = strlen((char *)buf);
+ if(sgckey){
+ EVP_MD_CTX mctx;
+ EVP_DigestInit(&mctx, EVP_md5());
+ EVP_DigestUpdate(&mctx, buf, i);
+ EVP_DigestFinal(&mctx, buf, NULL);
+ memcpy(buf + 16, "SGCKEYSALT", 10);
+ i = 26;
+ }
+
+ EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
memset(buf,0,256);
EVP_CIPHER_CTX_init(&ctx);
}
zz=pkey->private_key->data;
- if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
+ if ((ret=d2i_RSAPrivateKey(a,(const unsigned char **)&zz, /* TMP UGLY CAST */
+ pkey->private_key->length)) == NULL)
{
ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
goto err;
*pp=c.p;
err:
if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
- if (os != NULL) ASN1_BIT_STRING_free(os);
+ if (os != NULL) M_ASN1_BIT_STRING_free(os);
if (alg != NULL) X509_ALGOR_free(alg);
return(ret);
}
ASN1_CTX c;
M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
- M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
M_ASN1_New(ret->algor,X509_ALGOR_new);
- M_ASN1_New(ret->private_key,ASN1_OCTET_STRING_new);
+ M_ASN1_New(ret->private_key,M_ASN1_OCTET_STRING_new);
return(ret);
M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW);
}
static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a)
{
if (a == NULL) return;
- ASN1_INTEGER_free(a->version);
+ M_ASN1_INTEGER_free(a->version);
X509_ALGOR_free(a->algor);
- ASN1_OCTET_STRING_free(a->private_key);
- Free((char *)a);
+ M_ASN1_OCTET_STRING_free(a->private_key);
+ OPENSSL_free(a);
}
#endif /* NO_RC4 */
+
+#else /* !NO_RSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
#endif