Add -show_chain option to print out verified chain.

[openssl.git] / crypto / pem / pem_pkey.c

diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index 6cca60cb8d4d8d0ac3a9547033ccf7decb0b7f69..e9e41dd4e8dcbb66c49a9cc00757b5abe6a2be3d 100644 (file)
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -68,6 +68,9 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
 #include "asn1_locl.h"
 
 int pem_check_suffix(const char *pem_str, const char *suffix);
@@ -132,6 +135,7 @@ p8err:
                PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,ERR_R_ASN1_LIB);
 err:
        OPENSSL_free(nm);
+       OPENSSL_cleanse(data, len);
        OPENSSL_free(data);
        return(ret);
        }
@@ -141,14 +145,14 @@ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
                                                pem_password_cb *cb, void *u)
        {
        char pem_str[80];
-       if (!x->ameth || !x->ameth->old_priv_encode)
+       if (!x->ameth || x->ameth->priv_encode)
                return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
                                                        (char *)kstr, klen,
                                                        cb, u);
 
        BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);
-       return PEM_ASN1_write_bio((i2d_of_void *)openssl_fcast(i2d_PrivateKey),
-                               pem_str,bp,(char *)x,enc,kstr,klen,cb,u);
+       return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
+                               pem_str,bp,x,enc,kstr,klen,cb,u);
        }
 
 EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
@@ -200,8 +204,8 @@ int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x)
 
        BIO_snprintf(pem_str, 80, "%s PARAMETERS", x->ameth->pem_str);
        return PEM_ASN1_write_bio(
-               (i2d_of_void *)openssl_fcast(x->ameth->param_encode),
-                               pem_str,bp,(char *)x,NULL,NULL,0,0,NULL);
+               (i2d_of_void *)x->ameth->param_encode,
+                               pem_str,bp,x,NULL,NULL,0,0,NULL);
        }
 
 #ifndef OPENSSL_NO_FP_API
@@ -239,3 +243,52 @@ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
        }
 
 #endif
+
+#ifndef OPENSSL_NO_DH
+
+/* Transparently read in PKCS#3 or X9.42 DH parameters */
+
+DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u)
+       {
+       char *nm=NULL;
+       const unsigned char *p=NULL;
+       unsigned char *data=NULL;
+       long len;
+       DH *ret=NULL;
+
+       if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_DHPARAMS,
+                                                               bp, cb, u))
+               return NULL;
+       p = data;
+
+       if (!strcmp(nm, PEM_STRING_DHXPARAMS))
+               ret = d2i_DHxparams(x, &p, len);
+       else
+               ret = d2i_DHparams(x, &p, len);
+
+       if (ret == NULL)
+               PEMerr(PEM_F_PEM_READ_BIO_DHPARAMS,ERR_R_ASN1_LIB);
+       OPENSSL_free(nm);
+       OPENSSL_free(data);
+       return ret;
+       }
+
+#ifndef OPENSSL_NO_FP_API
+DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u)
+       {
+        BIO *b;
+        DH *ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+               {
+               PEMerr(PEM_F_PEM_READ_DHPARAMS,ERR_R_BUF_LIB);
+                return(0);
+               }
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=PEM_read_bio_DHparams(b,x,cb,u);
+        BIO_free(b);
+        return(ret);
+       }
+#endif
+
+#endif