The rest of the PKCS#5, PKCS#8 patch I forgot before :-)
authorDr. Stephen Henson <steve@openssl.org>
Fri, 4 Jun 1999 23:33:48 +0000 (23:33 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 4 Jun 1999 23:33:48 +0000 (23:33 +0000)
crypto/evp/Makefile.ssl
crypto/evp/evp.h
crypto/objects/obj_dat.h
crypto/objects/objects.h
crypto/pem/pem.h
crypto/pem/pem_all.c
crypto/pkcs12/pkcs12.h

index 2409c58..add46ed 100644 (file)
@@ -35,7 +35,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c \
        m_ripemd.c \
        p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
        bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
-       c_all.c evp_lib.c bio_ok.c evp_pkey.c evp_pbe.c
+       c_all.c evp_lib.c bio_ok.c evp_pkey.c evp_pbe.c p5_crpt.c
 
 LIBOBJ=        encode.o digest.o evp_enc.o evp_key.o \
        e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o \
@@ -50,7 +50,7 @@ LIBOBJ=       encode.o digest.o evp_enc.o evp_key.o \
        m_ripemd.o \
        p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
        bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
-       c_all.o evp_lib.o bio_ok.o evp_pkey.o evp_pbe.o
+       c_all.o evp_lib.o bio_ok.o evp_pkey.o evp_pbe.o p5_crpt.o
 
 SRC= $(LIBSRC)
 
index 39f4861..9df4f1f 100644 (file)
@@ -634,6 +634,11 @@ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
 int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
 int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
 
+/* PKCS5 password based encryption */
+int PKCS5_PBE_keyivgen(const char *pass, int passlen, unsigned char *salt,
+                        int saltlen, int iter, EVP_CIPHER *cipher, EVP_MD *md,
+                        unsigned char *key, unsigned char *iv);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
index 0db4550..9db7679 100644 (file)
  * perl obj_dat.pl < objects.h > obj_dat.h
  */
 
-#define NUM_NID 168
+#define NUM_NID 171
 #define NUM_SN 119
-#define NUM_LN 164
-#define NUM_OBJ 139
+#define NUM_LN 167
+#define NUM_OBJ 142
 
-static unsigned char lvalues[957]={
+static unsigned char lvalues[984]={
 0x00,                                        /* [  0] OBJ_undef */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
@@ -206,6 +206,9 @@ static unsigned char lvalues[957]={
 0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01,     /* [939] OBJ_id_qt_cps */
 0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02,     /* [947] OBJ_id_qt_unotice */
 0x0F,                                        /* [955] OBJ_SMIMECapabilities */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [956] OBJ_pbeWithMD2AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [965] OBJ_pbeWithMD5AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [974] OBJ_pbeWithSHA1AndDES_CBC */
 };
 
 static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -443,6 +446,12 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 {"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL},
 {"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,1,
        &(lvalues[955]),0},
+{"pbeWithMD2AndRC2-CBC","pbeWithMD2AndRC2-CBC",
+       NID_pbeWithMD2AndRC2_CBC,9,&(lvalues[956]),0},
+{"pbeWithMD5AndRC2-CBC","pbeWithMD5AndRC2-CBC",
+       NID_pbeWithMD5AndRC2_CBC,9,&(lvalues[965]),0},
+{"pbeWithSHA1AndDES-CBC","pbeWithSHA1AndDES-CBC",
+       NID_pbeWithSHA1AndDES_CBC,9,&(lvalues[974]),0},
 };
 
 static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -673,14 +682,17 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 &(nid_objs[17]),/* "organizationName" */
 &(nid_objs[18]),/* "organizationalUnitName" */
 &(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
+&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */
 &(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
 &(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
+&(nid_objs[169]),/* "pbeWithMD5AndRC2-CBC" */
 &(nid_objs[148]),/* "pbeWithSHA1And128BitRC2-CBC" */
 &(nid_objs[144]),/* "pbeWithSHA1And128BitRC4" */
 &(nid_objs[147]),/* "pbeWithSHA1And2-KeyTripleDES-CBC" */
 &(nid_objs[146]),/* "pbeWithSHA1And3-KeyTripleDES-CBC" */
 &(nid_objs[149]),/* "pbeWithSHA1And40BitRC2-CBC" */
 &(nid_objs[145]),/* "pbeWithSHA1And40BitRC4" */
+&(nid_objs[170]),/* "pbeWithSHA1AndDES-CBC" */
 &(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
 &(nid_objs[69]),/* "pbeWithSHA1AndRC4" */
 &(nid_objs[ 2]),/* "pkcs" */
@@ -823,6 +835,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[28]),/* OBJ_dhKeyAgreement               1 2 840 113549 1 3 1 */
 &(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC         1 2 840 113549 1 5 1 */
 &(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC         1 2 840 113549 1 5 3 */
+&(nid_objs[168]),/* OBJ_pbeWithMD2AndRC2_CBC         1 2 840 113549 1 5 4 */
+&(nid_objs[169]),/* OBJ_pbeWithMD5AndRC2_CBC         1 2 840 113549 1 5 6 */
+&(nid_objs[170]),/* OBJ_pbeWithSHA1AndDES_CBC        1 2 840 113549 1 5 10 */
 &(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC        1 2 840 113549 1 5 11  */
 &(nid_objs[69]),/* OBJ_pbeWithSHA1AndRC4            1 2 840 113549 1 5 12  */
 &(nid_objs[161]),/* OBJ_pbes2                        1 2 840 113549 1 5 13 */
index 52c5f4c..fd5c02d 100644 (file)
@@ -875,6 +875,18 @@ extern "C" {
 #define NID_SMIMECapabilities          167
 #define OBJ_SMIMECapabilities          OBJ_id_pkcs9,15L
 
+#define LN_pbeWithMD2AndRC2_CBC                "pbeWithMD2AndRC2-CBC"
+#define NID_pbeWithMD2AndRC2_CBC       168
+#define OBJ_pbeWithMD2AndRC2_CBC       OBJ_pkcs,5L,4L
+
+#define LN_pbeWithMD5AndRC2_CBC                "pbeWithMD5AndRC2-CBC"
+#define NID_pbeWithMD5AndRC2_CBC       169
+#define OBJ_pbeWithMD5AndRC2_CBC       OBJ_pkcs,5L,6L
+
+#define LN_pbeWithSHA1AndDES_CBC       "pbeWithSHA1AndDES-CBC"
+#define NID_pbeWithSHA1AndDES_CBC      170
+#define OBJ_pbeWithSHA1AndDES_CBC      OBJ_pkcs,5L,10L
+
 #include <openssl/bio.h>
 #include <openssl/asn1.h>
 
index 9434dfd..c31984c 100644 (file)
@@ -109,6 +109,7 @@ extern "C" {
 #define PEM_STRING_RSA_PUBLIC  "RSA PUBLIC KEY"
 #define PEM_STRING_DSA         "DSA PRIVATE KEY"
 #define PEM_STRING_PKCS7       "PKCS7"
+#define PEM_STRING_PKCS8       "ENCRYPTED PRIVATE KEY"
 #define PEM_STRING_DHPARAMS    "DH PARAMETERS"
 #define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
 #define PEM_STRING_DSAPARAMS   "DSA PARAMETERS"
@@ -401,6 +402,7 @@ DH *PEM_read_DHparams(FILE *fp,DH **x, pem_password_cb *);
 EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x, pem_password_cb *);
 PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x, pem_password_cb *);
 NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(FILE *fp,NETSCAPE_CERT_SEQUENCE **x, pem_password_cb *);
+X509_SIG *PEM_read_PKCS8(FILE *fp,X509_SIG **x, pem_password_cb *);
 int PEM_write_X509(FILE *fp,X509 *x);
 int PEM_write_X509_REQ(FILE *fp,X509_REQ *x);
 int PEM_write_X509_CRL(FILE *fp,X509_CRL *x);
@@ -424,6 +426,7 @@ int PEM_write_DHparams(FILE *fp,DH *x);
 int PEM_write_DSAparams(FILE *fp,DSA *x);
 #endif
 int PEM_write_NETSCAPE_CERT_SEQUENCE(FILE *fp,NETSCAPE_CERT_SEQUENCE *x);
+int PEM_write_PKCS8(FILE *fp,X509_SIG *x);
 #endif
 
 #ifdef HEADER_BIO_H
@@ -443,6 +446,7 @@ PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x, pem_password_cb *);
 DH *PEM_read_bio_DHparams(BIO *bp,DH **x, pem_password_cb *);
 #endif
 NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,NETSCAPE_CERT_SEQUENCE **x, pem_password_cb *);
+X509_SIG *PEM_read_bio_PKCS8(BIO *bp,X509_SIG **x, pem_password_cb *);
 #ifndef NO_DSA
 DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x, pem_password_cb *);
 #endif
@@ -468,6 +472,7 @@ int PEM_write_bio_DHparams(BIO *bp,DH *x);
 int PEM_write_bio_DSAparams(BIO *bp,DSA *x);
 #endif
 int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,NETSCAPE_CERT_SEQUENCE *x);
+int PEM_write_bio_PKCS8(BIO *bp,X509_SIG *x);
 #endif
 
 #endif /* SSLEAY_MACROS */
index 0775155..bb3ce51 100644 (file)
@@ -402,3 +402,36 @@ int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp, NETSCAPE_CERT_SEQUENCE *x)
                PEM_STRING_X509,bp, (char *)x, NULL,NULL,0,NULL));
        }
 
+
+/* The PKCS8 functions */
+
+#ifndef NO_FP_API
+X509_SIG *PEM_read_PKCS8(FILE *fp,
+            X509_SIG **x, pem_password_cb *cb)
+       {
+       return((X509_SIG *) PEM_ASN1_read((char *(*)())d2i_X509_SIG,
+               PEM_STRING_PKCS8,fp,(char **)x,cb));
+       }
+#endif
+
+X509_SIG *PEM_read_bio_PKCS8(BIO *bp,
+            X509_SIG **x, pem_password_cb *cb)
+       {
+       return((X509_SIG *)
+               PEM_ASN1_read_bio((char *(*)())d2i_X509_SIG,
+               PEM_STRING_PKCS8,bp,(char **)x,cb));
+       }
+
+#ifndef NO_FP_API
+int PEM_write_PKCS8(FILE *fp, X509_SIG *x)
+       {
+       return(PEM_ASN1_write((int (*)())i2d_X509_SIG,
+               PEM_STRING_PKCS8,fp, (char *)x, NULL,NULL,0,NULL));
+       }
+#endif
+
+int PEM_write_bio_PKCS8(BIO *bp, X509_SIG *x)
+       {
+       return(PEM_ASN1_write_bio((int (*)())i2d_X509_SIG,
+               PEM_STRING_PKCS8,bp, (char *)x, NULL,NULL,0,NULL));
+       }
index c660926..459962c 100644 (file)
@@ -183,7 +183,8 @@ ASN1_seq_unpack((p12)->authsafes->d.data->data, \
 
 #define M_PKCS8_decrypt(p8, pass, passlen) \
 (PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i ((p8)->algor, \
-(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (pass), (passlen), (p8)->digest, 2)
+(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free,\
+                        (pass), (passlen), (p8)->digest, 2)
 
 #define PKCS12_get_attr(bag, attr_nid) \
                         PKCS12_get_attr_gen(bag->attrib, attr_nid)