kris
/
boringssl
1
0
Atdalīts 0
Kods Problēmas 0 Izmaiņu pieprasījumi 0 Laidieni 0 Vikivietne Aktivitāte
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
1639 Revīzijas
12 Atzari
38 MiB
 
 
 
 
 
 
Koks: 399e7c94bf
Atzari Tagi
${ item.name }
Izveidot atzaru ${ searchTerm }
no '399e7c94bf'
${ noResults }
boringssl/crypto/pem/pem_pkey.c

313 rindas
9.1 KiB
Neapstrādāts Vainot Vēsture 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/pem.h>

  58. 

  59. #include <stdio.h>

  60. #include <string.h>

  61. 

  62. #include <openssl/buf.h>

  63. #include <openssl/dh.h>

  64. #include <openssl/err.h>

  65. #include <openssl/evp.h>

  66. #include <openssl/mem.h>

  67. #include <openssl/obj.h>

  68. #include <openssl/pkcs8.h>

  69. #include <openssl/rand.h>

  70. #include <openssl/x509.h>

  71. 

  72. #include "../evp/internal.h"

  73. 

  74. 

  75. int pem_check_suffix(const char *pem_str, const char *suffix);

  76. 

  77. EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)

  78. 	{

  79. 	char *nm=NULL;

  80. 	const unsigned char *p=NULL;

  81. 	unsigned char *data=NULL;

  82. 	long len;

  83. 	int slen;

  84. 	EVP_PKEY *ret=NULL;

  85. 

  86. 	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u))

  87. 		return NULL;

  88. 	p = data;

  89. 

  90. 	if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {

  91. 		PKCS8_PRIV_KEY_INFO *p8inf;

  92. 		p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);

  93. 		if(!p8inf) goto p8err;

  94. 		ret = EVP_PKCS82PKEY(p8inf);

  95. 		if(x) {

  96. 			if(*x) EVP_PKEY_free((EVP_PKEY *)*x);

  97. 			*x = ret;

  98. 		}

  99. 		PKCS8_PRIV_KEY_INFO_free(p8inf);

  100. 	} else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {

  101. 		PKCS8_PRIV_KEY_INFO *p8inf;

  102. 		X509_SIG *p8;

  103. 		int klen;

  104. 		char psbuf[PEM_BUFSIZE];

  105. 		p8 = d2i_X509_SIG(NULL, &p, len);

  106. 		if(!p8) goto p8err;

  107. 

  108. 		klen = 0;

  109. 		if (!cb) cb = PEM_def_callback;

  110. 		klen=cb(psbuf,PEM_BUFSIZE,0,u);

  111. 		if (klen <= 0) {

  112. 			OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ);

  113. 			X509_SIG_free(p8);

  114. 			goto err;

  115. 		}

  116. 		p8inf = PKCS8_decrypt(p8, psbuf, klen);

  117. 		X509_SIG_free(p8);

  118. 		if(!p8inf) goto p8err;

  119. 		ret = EVP_PKCS82PKEY(p8inf);

  120. 		if(x) {

  121. 			if(*x) EVP_PKEY_free((EVP_PKEY *)*x);

  122. 			*x = ret;

  123. 		}

  124. 		PKCS8_PRIV_KEY_INFO_free(p8inf);

  125. 	} else if ((slen = pem_check_suffix(nm, "PRIVATE KEY")) > 0)

  126. 		{

  127. 		const EVP_PKEY_ASN1_METHOD *ameth;

  128. 		ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);

  129. 		if (!ameth || !ameth->old_priv_decode)

  130. 			goto p8err;

  131. 		ret=d2i_PrivateKey(ameth->pkey_id,x,&p,len);

  132. 		}

  133. p8err:

  134. 	if (ret == NULL)

  135. 		OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB);

  136. 

  137. err:

  138. 	OPENSSL_free(nm);

  139. 	OPENSSL_cleanse(data, len);

  140. 	OPENSSL_free(data);

  141. 	return(ret);

  142. 	}

  143. 

  144. int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,

  145.                                                unsigned char *kstr, int klen,

  146.                                                pem_password_cb *cb, void *u)

  147. 	{

  148. 	char pem_str[80];

  149. 	if (!x->ameth || x->ameth->priv_encode)

  150. 		return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,

  151. 							(char *)kstr, klen,

  152. 							cb, u);

  153. 

  154. 	BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);

  155. 	return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,

  156. 				pem_str,bp,x,enc,kstr,klen,cb,u);

  157. 	}

  158. 

  159. static int public_key_type_from_str(const char *name, size_t len) {

  160.   if (len == 3 && memcmp(name, "RSA", 3) == 0) {

  161.     return EVP_PKEY_RSA;

  162.   } else if (len == 2 && memcmp(name, "DH", 2) == 0) {

  163.     return EVP_PKEY_DH;

  164.   } else if (len == 2 && memcmp(name, "EC", 2) == 0) {

  165.     return EVP_PKEY_EC;

  166.   }

  167.   return NID_undef;

  168. }

  169. 

  170. static int set_pkey_type_from_str(EVP_PKEY *pkey, const char *name, size_t len) {

  171.   int nid = public_key_type_from_str(name, len);

  172.   if (nid == NID_undef) {

  173.     return 0;

  174.   }

  175.   return EVP_PKEY_set_type(pkey, nid);

  176. }

  177. 

  178. EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)

  179. 	{

  180. 	char *nm=NULL;

  181. 	const unsigned char *p=NULL;

  182. 	unsigned char *data=NULL;

  183. 	long len;

  184. 	int slen;

  185. 	EVP_PKEY *ret=NULL;

  186. 

  187. 	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS,

  188. 								bp, 0, NULL))

  189. 		return NULL;

  190. 	p = data;

  191. 

  192. 	if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0)

  193. 		{

  194. 		ret = EVP_PKEY_new();

  195. 		if (!ret)

  196. 			goto err;

  197. 		if (!set_pkey_type_from_str(ret, nm, slen)

  198. 			|| !ret->ameth->param_decode

  199. 			|| !ret->ameth->param_decode(ret, &p, len))

  200. 			{

  201. 			EVP_PKEY_free(ret);

  202. 			ret = NULL;

  203. 			goto err;

  204. 			}

  205. 		if(x)

  206. 			{

  207. 			if(*x) EVP_PKEY_free((EVP_PKEY *)*x);

  208. 			*x = ret;

  209. 			}

  210. 		}

  211. err:

  212. 	if (ret == NULL)

  213. 		OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB);

  214. 	OPENSSL_free(nm);

  215. 	OPENSSL_free(data);

  216. 	return(ret);

  217. 	}

  218. 

  219. int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x)

  220. 	{

  221. 	char pem_str[80];

  222. 	if (!x->ameth || !x->ameth->param_encode)

  223. 		return 0;

  224. 

  225. 	BIO_snprintf(pem_str, 80, "%s PARAMETERS", x->ameth->pem_str);

  226. 	return PEM_ASN1_write_bio(

  227. 		(i2d_of_void *)x->ameth->param_encode,

  228. 				pem_str,bp,x,NULL,NULL,0,0,NULL);

  229. 	}

  230. 

  231. #ifndef OPENSSL_NO_FP_API

  232. EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)

  233. 	{

  234.         BIO *b;

  235.         EVP_PKEY *ret;

  236. 

  237.         if ((b=BIO_new(BIO_s_file())) == NULL)

  238. 		{

  239. 		OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB);

  240.                 return(0);

  241. 		}

  242.         BIO_set_fp(b,fp,BIO_NOCLOSE);

  243.         ret=PEM_read_bio_PrivateKey(b,x,cb,u);

  244.         BIO_free(b);

  245.         return(ret);

  246. 	}

  247. 

  248. int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,

  249.                                                unsigned char *kstr, int klen,

  250.                                                pem_password_cb *cb, void *u)

  251. 	{

  252.         BIO *b;

  253.         int ret;

  254. 

  255.         if ((b=BIO_new_fp(fp, BIO_NOCLOSE)) == NULL)

  256. 		{

  257. 		OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB);

  258.                 return 0;

  259. 		}

  260.         ret=PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u);

  261.         BIO_free(b);

  262.         return ret;

  263. 	}

  264. 

  265. #endif

  266. 

  267. 

  268. /* Transparently read in PKCS#3 or X9.42 DH parameters */

  269. 

  270. DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u)

  271. 	{

  272. 	char *nm=NULL;

  273. 	const unsigned char *p=NULL;

  274. 	unsigned char *data=NULL;

  275. 	long len;

  276. 	DH *ret=NULL;

  277. 

  278. 	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_DHPARAMS,

  279. 								bp, cb, u))

  280. 		return NULL;

  281. 	p = data;

  282. 

  283.         /* TODO(fork): remove? */

  284. 	/*if (!strcmp(nm, PEM_STRING_DHXPARAMS))

  285. 		ret = d2i_DHxparams(x, &p, len);

  286. 	else */

  287. 		ret = d2i_DHparams(x, &p, len);

  288. 

  289. 	if (ret == NULL)

  290. 		OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB);

  291. 	OPENSSL_free(nm);

  292. 	OPENSSL_free(data);

  293. 	return ret;

  294. 	}

  295. 

  296. #ifndef OPENSSL_NO_FP_API

  297. DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u)

  298. 	{

  299.         BIO *b;

  300.         DH *ret;

  301. 

  302.         if ((b=BIO_new(BIO_s_file())) == NULL)

  303. 		{

  304. 		OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB);

  305.                 return(0);

  306. 		}

  307.         BIO_set_fp(b,fp,BIO_NOCLOSE);

  308.         ret=PEM_read_bio_DHparams(b,x,cb,u);

  309.         BIO_free(b);

  310.         return(ret);

  311. 	}

  312. #endif