-char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x,
- pem_password_cb *cb, void *u)
- {
- EVP_CIPHER_INFO cipher;
- char *nm=NULL,*header=NULL;
- unsigned char *p=NULL,*data=NULL;
- long len;
- char *ret=NULL;
-
- for (;;)
- {
- if (!PEM_read_bio(bp,&nm,&header,&data,&len)) return(NULL);
- if ( (strcmp(nm,name) == 0) ||
- ((strcmp(nm,PEM_STRING_RSA) == 0) &&
- (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
- ((strcmp(nm,PEM_STRING_DSA) == 0) &&
- (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
- ((strcmp(nm,PEM_STRING_PKCS8) == 0) &&
- (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
- ((strcmp(nm,PEM_STRING_PKCS8INF) == 0) &&
- (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
- ((strcmp(nm,PEM_STRING_X509_OLD) == 0) &&
- (strcmp(name,PEM_STRING_X509) == 0)) ||
- ((strcmp(nm,PEM_STRING_X509_REQ_OLD) == 0) &&
- (strcmp(name,PEM_STRING_X509_REQ) == 0))
- )
- break;
- Free(nm);
- Free(header);
- Free(data);
- }
- if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
- if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err;
- p=data;
- if (strcmp(name,PEM_STRING_EVP_PKEY) == 0) {
- if (strcmp(nm,PEM_STRING_RSA) == 0)
- ret=d2i(EVP_PKEY_RSA,x,&p,len);
- else if (strcmp(nm,PEM_STRING_DSA) == 0)
- ret=d2i(EVP_PKEY_DSA,x,&p,len);
- else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
- PKCS8_PRIV_KEY_INFO *p8inf;
- p8inf=d2i_PKCS8_PRIV_KEY_INFO(
- (PKCS8_PRIV_KEY_INFO **) x, &p, len);
- ret = (char *)EVP_PKCS82PKEY(p8inf);
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
- PKCS8_PRIV_KEY_INFO *p8inf;
- X509_SIG *p8;
- int klen;
- char psbuf[PEM_BUFSIZE];
- p8 = d2i_X509_SIG((X509_SIG **)x, &p, len);
- if(!p8) goto p8err;
- if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
- else klen=def_callback(psbuf,PEM_BUFSIZE,0,u);
- if (klen <= 0) {
- PEMerr(PEM_F_PEM_ASN1_READ_BIO,
- PEM_R_BAD_PASSWORD_READ);
- goto err;
- }
- p8inf = M_PKCS8_decrypt(p8, psbuf, klen);
- X509_SIG_free(p8);
- if(!p8inf) goto p8err;
- ret = (char *)EVP_PKCS82PKEY(p8inf);
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- }
- } else ret=d2i(x,&p,len);
-p8err:
- if (ret == NULL)
- PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
-err:
- Free(nm);
- Free(header);
- Free(data);
- return(ret);
- }
-
-#ifndef NO_FP_API
-int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x,
- const EVP_CIPHER *enc, unsigned char *kstr, int klen,
- pem_password_cb *callback, void *u)
- {
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB);
- return(0);
- }
- BIO_set_fp(b,fp,BIO_NOCLOSE);
- ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback,u);
- BIO_free(b);
- return(ret);
+static int check_pem(const char *nm, const char *name)
+{
+ /* Normal matching nm and name */
+ if (strcmp(nm, name) == 0)
+ return 1;
+
+ /* Make PEM_STRING_EVP_PKEY match any private key */
+
+ if (strcmp(name, PEM_STRING_EVP_PKEY) == 0) {
+ int slen;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ if (strcmp(nm, PEM_STRING_PKCS8) == 0)
+ return 1;
+ if (strcmp(nm, PEM_STRING_PKCS8INF) == 0)
+ return 1;
+ slen = pem_check_suffix(nm, "PRIVATE KEY");
+ if (slen > 0) {
+ /*
+ * NB: ENGINE implementations wont contain a deprecated old
+ * private key decode function so don't look for them.
+ */
+ ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
+ if (ameth && ameth->old_priv_decode)
+ return 1;
+ }
+ return 0;
+ }
+
+ if (strcmp(name, PEM_STRING_PARAMETERS) == 0) {
+ int slen;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ slen = pem_check_suffix(nm, "PARAMETERS");
+ if (slen > 0) {
+ ENGINE *e;
+ ameth = EVP_PKEY_asn1_find_str(&e, nm, slen);
+ if (ameth) {
+ int r;
+ if (ameth->param_decode)
+ r = 1;
+ else
+ r = 0;
+#ifndef OPENSSL_NO_ENGINE
+ ENGINE_finish(e);
+#endif
+ return r;
+ }