#include "e_os.h"
-/*
+/*-
* Password prompting
+ * ------------------
*/
static char *file_get_pass(const UI_METHOD *ui_method, char *pass,
void *data;
const char *prompt_info;
};
+
static int file_fill_pem_pass_data(struct pem_pass_data *pass_data,
const char *prompt_info,
const UI_METHOD *ui_method, void *ui_data)
pass_data->prompt_info = prompt_info;
return 1;
}
+
+/* This is used anywhere a pem_password_cb is needed */
static int file_get_pem_pass(char *buf, int num, int w, void *data)
{
struct pem_pass_data *pass_data = data;
return pass == NULL ? 0 : strlen(pass);
}
-/*
- * The file scheme handlers
+/*-
+ * The file scheme decoders
+ * ------------------------
+ *
+ * Each possible data type has its own decoder, which either operates
+ * through a given PEM name, or attempts to decode to see if the blob
+ * it's given is decodable for its data type. The assumption is that
+ * only the correct data type will match the content.
*/
/*-
int repeatable;
} FILE_HANDLER;
+/*
+ * PKCS#12 decoder. It operates by decoding all of the blob content,
+ * extracting all the interesting data from it and storing them internally,
+ * then serving them one piece at a time.
+ */
static OSSL_STORE_INFO *try_decode_PKCS12(const char *pem_name,
const char *pem_header,
const unsigned char *blob,
return store_info;
}
+
static int eof_PKCS12(void *ctx_)
{
STACK_OF(OSSL_STORE_INFO) *ctx = ctx_;
return ctx == NULL || sk_OSSL_STORE_INFO_num(ctx) == 0;
}
+
static void destroy_ctx_PKCS12(void **pctx)
{
STACK_OF(OSSL_STORE_INFO) *ctx = *pctx;
sk_OSSL_STORE_INFO_pop_free(ctx, OSSL_STORE_INFO_free);
*pctx = NULL;
}
+
static FILE_HANDLER PKCS12_handler = {
"PKCS12",
try_decode_PKCS12,
1 /* repeatable */
};
+/*
+ * Encrypted PKCS#8 decoder. It operates by just decrypting the given blob
+ * into a new blob, which is returned as an EMBEDDED STORE_INFO. The whole
+ * decoding process will then start over with the new blob.
+ */
static OSSL_STORE_INFO *try_decode_PKCS8Encrypted(const char *pem_name,
const char *pem_header,
const unsigned char *blob,
BUF_MEM_free(mem);
return NULL;
}
+
static FILE_HANDLER PKCS8Encrypted_handler = {
"PKCS8Encrypted",
try_decode_PKCS8Encrypted
};
+/*
+ * Private key decoder. Decodes all sorts of private keys, both PKCS#8
+ * encoded ones and old style PEM ones (with the key type is encoded into
+ * the PEM name).
+ */
int pem_check_suffix(const char *pem_str, const char *suffix);
static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
const char *pem_header,
return store_info;
}
+
static FILE_HANDLER PrivateKey_handler = {
"PrivateKey",
try_decode_PrivateKey
};
+/*
+ * Public key decoder. Only supports SubjectPublicKeyInfo formated keys.
+ */
static OSSL_STORE_INFO *try_decode_PUBKEY(const char *pem_name,
const char *pem_header,
const unsigned char *blob,
return store_info;
}
+
static FILE_HANDLER PUBKEY_handler = {
"PUBKEY",
try_decode_PUBKEY
};
+/*
+ * Key parameter decoder.
+ */
static OSSL_STORE_INFO *try_decode_params(const char *pem_name,
const char *pem_header,
const unsigned char *blob,
return store_info;
}
+
static FILE_HANDLER params_handler = {
"params",
try_decode_params
};
+/*
+ * X.509 certificate decoder.
+ */
static OSSL_STORE_INFO *try_decode_X509Certificate(const char *pem_name,
const char *pem_header,
const unsigned char *blob,
return store_info;
}
+
static FILE_HANDLER X509Certificate_handler = {
"X509Certificate",
try_decode_X509Certificate
};
+/*
+ * X.509 CRL decoder.
+ */
static OSSL_STORE_INFO *try_decode_X509CRL(const char *pem_name,
const char *pem_header,
const unsigned char *blob,
return store_info;
}
+
static FILE_HANDLER X509CRL_handler = {
"X509CRL",
try_decode_X509CRL
};
+/*
+ * To finish it all off, we collect all the handlers.
+ */
static const FILE_HANDLER *file_handlers[] = {
&PKCS12_handler,
&PKCS8Encrypted_handler,
};
-/*
+/*-
* The loader itself
+ * -----------------
*/
struct ossl_store_loader_ctx_st {