From: Dr. Stephen Henson Date: Sat, 5 Jun 1999 18:40:51 +0000 (+0000) Subject: Change so PEM private key read routines can handle PKCS#8 transparently. X-Git-Tag: OpenSSL_0_9_4~240 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=095ce35378bc42b1684c1fc29f6ceb3c17fdada3;p=oweals%2Fopenssl.git Change so PEM private key read routines can handle PKCS#8 transparently. --- diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index f1693ac1e4..a8414566de 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -64,6 +64,7 @@ #include #include #include +#include #ifndef NO_DES #include #endif @@ -71,6 +72,7 @@ const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT; #define MIN_LENGTH 4 +#define PEM_BUFSIZE 1024 static int def_callback(char *buf, int num, int w); static int load_iv(unsigned char **fromp,unsigned char *to, int num); @@ -183,10 +185,14 @@ char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x, (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) || ((strcmp(nm,PEM_STRING_DSA) == 0) && (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) || + ((strcmp(nm,PEM_STRING_PKCS8) == 0) && + (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) || + ((strcmp(nm,PEM_STRING_PKCS8INF) == 0) && + (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) || ((strcmp(nm,PEM_STRING_X509_OLD) == 0) && (strcmp(name,PEM_STRING_X509) == 0)) || ((strcmp(nm,PEM_STRING_X509_REQ_OLD) == 0) && - (strcmp(name,PEM_STRING_X509_REQ) == 0)) + (strcmp(name,PEM_STRING_X509_REQ) == 0)) ) break; Free(nm); @@ -196,15 +202,39 @@ char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x, if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err; if (!PEM_do_header(&cipher,data,&len,cb)) goto err; p=data; - if (strcmp(name,PEM_STRING_EVP_PKEY) == 0) - { + if (strcmp(name,PEM_STRING_EVP_PKEY) == 0) { if (strcmp(nm,PEM_STRING_RSA) == 0) ret=d2i(EVP_PKEY_RSA,x,&p,len); else if (strcmp(nm,PEM_STRING_DSA) == 0) ret=d2i(EVP_PKEY_DSA,x,&p,len); + else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) { + PKCS8_PRIV_KEY_INFO *p8inf; + p8inf=d2i_PKCS8_PRIV_KEY_INFO( + (PKCS8_PRIV_KEY_INFO **) x, &p, len); + ret = (char *)EVP_PKCS82PKEY(p8inf); + PKCS8_PRIV_KEY_INFO_free(p8inf); + } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) { + PKCS8_PRIV_KEY_INFO *p8inf; + X509_SIG *p8; + int klen; + char psbuf[PEM_BUFSIZE]; + p8 = d2i_X509_SIG((X509_SIG **)x, &p, len); + if(!p8) goto p8err; + if (cb) klen=cb(psbuf,PEM_BUFSIZE,0); + else klen=def_callback(psbuf,PEM_BUFSIZE,0); + if (klen <= 0) { + PEMerr(PEM_F_PEM_ASN1_READ_BIO, + PEM_R_BAD_PASSWORD_READ); + goto err; + } + p8inf = M_PKCS8_decrypt(p8, psbuf, klen); + X509_SIG_free(p8); + if(!p8inf) goto p8err; + ret = (char *)EVP_PKCS82PKEY(p8inf); + PKCS8_PRIV_KEY_INFO_free(p8inf); } - else - ret=d2i(x,&p,len); + } else ret=d2i(x,&p,len); +p8err: if (ret == NULL) PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); err: @@ -242,7 +272,6 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, int dsize=0,i,j,ret=0; unsigned char *p,*data=NULL; const char *objstr=NULL; -#define PEM_BUFSIZE 1024 char buf[PEM_BUFSIZE]; unsigned char key[EVP_MAX_KEY_LENGTH]; unsigned char iv[EVP_MAX_IV_LENGTH];