kris
/
boringssl
1
0
Çatalla 0
Kod Konular 0 Değişiklik İstekleri 0 Sürümler 0 Wiki Aktivite
25'ten fazla konu seçemezsiniz Konular bir harf veya rakamla başlamalı, kısa çizgiler ('-') içerebilir ve en fazla 35 karakter uzunluğunda olabilir.
5667 İşleme
12 Dallar
38 MiB
 
 
 
 
 
 
Ağaç: 9978f0a865
Dallar Biçim İmleri
${ item.name }
${ searchTerm } dalı oluştur
'9978f0a865'den
${ noResults }
boringssl/crypto/pem/pem_pk8.c

259 satır
9.2 KiB
Ham Suçlama Geçmiş 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/pem.h>

  58. 

  59. #include <openssl/buf.h>

  60. #include <openssl/err.h>

  61. #include <openssl/evp.h>

  62. #include <openssl/mem.h>

  63. #include <openssl/obj.h>

  64. #include <openssl/pkcs8.h>

  65. #include <openssl/rand.h>

  66. #include <openssl/x509.h>

  67. 

  68. static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder,

  69.                       int nid, const EVP_CIPHER *enc,

  70.                       char *kstr, int klen, pem_password_cb *cb, void *u);

  71. static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder,

  72.                          int nid, const EVP_CIPHER *enc,

  73.                          char *kstr, int klen, pem_password_cb *cb, void *u);

  74. 

  75. /*

  76.  * These functions write a private key in PKCS#8 format: it is a "drop in"

  77.  * replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc'

  78.  * is NULL then it uses the unencrypted private key form. The 'nid' versions

  79.  * uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0.

  80.  */

  81. 

  82. int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,

  83.                                       char *kstr, int klen,

  84.                                       pem_password_cb *cb, void *u)

  85. {

  86.     return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u);

  87. }

  88. 

  89. int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,

  90.                                   char *kstr, int klen,

  91.                                   pem_password_cb *cb, void *u)

  92. {

  93.     return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u);

  94. }

  95. 

  96. int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,

  97.                             char *kstr, int klen,

  98.                             pem_password_cb *cb, void *u)

  99. {

  100.     return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u);

  101. }

  102. 

  103. int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,

  104.                                 char *kstr, int klen,

  105.                                 pem_password_cb *cb, void *u)

  106. {

  107.     return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u);

  108. }

  109. 

  110. static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid,

  111.                       const EVP_CIPHER *enc, char *kstr, int klen,

  112.                       pem_password_cb *cb, void *u)

  113. {

  114.     X509_SIG *p8;

  115.     PKCS8_PRIV_KEY_INFO *p8inf;

  116.     char buf[PEM_BUFSIZE];

  117.     int ret;

  118.     if (!(p8inf = EVP_PKEY2PKCS8(x))) {

  119.         OPENSSL_PUT_ERROR(PEM, PEM_R_ERROR_CONVERTING_PRIVATE_KEY);

  120.         return 0;

  121.     }

  122.     if (enc || (nid != -1)) {

  123.         if (!kstr) {

  124.             klen = 0;

  125.             if (!cb)

  126.                 cb = PEM_def_callback;

  127.             klen = cb(buf, PEM_BUFSIZE, 1, u);

  128.             if (klen <= 0) {

  129.                 OPENSSL_PUT_ERROR(PEM, PEM_R_READ_KEY);

  130.                 PKCS8_PRIV_KEY_INFO_free(p8inf);

  131.                 return 0;

  132.             }

  133. 

  134.             kstr = buf;

  135.         }

  136.         p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf);

  137.         if (kstr == buf)

  138.             OPENSSL_cleanse(buf, klen);

  139.         PKCS8_PRIV_KEY_INFO_free(p8inf);

  140.         if (isder)

  141.             ret = i2d_PKCS8_bio(bp, p8);

  142.         else

  143.             ret = PEM_write_bio_PKCS8(bp, p8);

  144.         X509_SIG_free(p8);

  145.         return ret;

  146.     } else {

  147.         if (isder)

  148.             ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);

  149.         else

  150.             ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);

  151.         PKCS8_PRIV_KEY_INFO_free(p8inf);

  152.         return ret;

  153.     }

  154. }

  155. 

  156. EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,

  157.                                   void *u)

  158. {

  159.     PKCS8_PRIV_KEY_INFO *p8inf = NULL;

  160.     X509_SIG *p8 = NULL;

  161.     int klen;

  162.     EVP_PKEY *ret;

  163.     char psbuf[PEM_BUFSIZE];

  164.     p8 = d2i_PKCS8_bio(bp, NULL);

  165.     if (!p8)

  166.         return NULL;

  167. 

  168.     klen = 0;

  169.     if (!cb)

  170.         cb = PEM_def_callback;

  171.     klen = cb(psbuf, PEM_BUFSIZE, 0, u);

  172.     if (klen <= 0) {

  173.         OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ);

  174.         X509_SIG_free(p8);

  175.         return NULL;

  176.     }

  177.     p8inf = PKCS8_decrypt(p8, psbuf, klen);

  178.     X509_SIG_free(p8);

  179.     OPENSSL_cleanse(psbuf, klen);

  180.     if (!p8inf)

  181.         return NULL;

  182.     ret = EVP_PKCS82PKEY(p8inf);

  183.     PKCS8_PRIV_KEY_INFO_free(p8inf);

  184.     if (!ret)

  185.         return NULL;

  186.     if (x) {

  187.         if (*x)

  188.             EVP_PKEY_free(*x);

  189.         *x = ret;

  190.     }

  191.     return ret;

  192. }

  193. 

  194. #ifndef OPENSSL_NO_FP_API

  195. 

  196. int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,

  197.                            char *kstr, int klen, pem_password_cb *cb, void *u)

  198. {

  199.     return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u);

  200. }

  201. 

  202. int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,

  203.                                char *kstr, int klen,

  204.                                pem_password_cb *cb, void *u)

  205. {

  206.     return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u);

  207. }

  208. 

  209. int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,

  210.                                   char *kstr, int klen,

  211.                                   pem_password_cb *cb, void *u)

  212. {

  213.     return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u);

  214. }

  215. 

  216. int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,

  217.                               char *kstr, int klen, pem_password_cb *cb,

  218.                               void *u)

  219. {

  220.     return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u);

  221. }

  222. 

  223. static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid,

  224.                          const EVP_CIPHER *enc, char *kstr, int klen,

  225.                          pem_password_cb *cb, void *u)

  226. {

  227.     BIO *bp;

  228.     int ret;

  229.     if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {

  230.         OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB);

  231.         return (0);

  232.     }

  233.     ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);

  234.     BIO_free(bp);

  235.     return ret;

  236. }

  237. 

  238. EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,

  239.                                  void *u)

  240. {

  241.     BIO *bp;

  242.     EVP_PKEY *ret;

  243.     if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {

  244.         OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB);

  245.         return NULL;

  246.     }

  247.     ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u);

  248.     BIO_free(bp);

  249.     return ret;

  250. }

  251. 

  252. #endif

  253. 

  254. IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)

  255. 

  256. 

  257. IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,

  258.              PKCS8_PRIV_KEY_INFO)