diff options
Diffstat (limited to 'deps/openssl/openssl/crypto/pem')
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/Makefile | 261 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/build.info | 4 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/message | 16 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem.h | 617 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem2.h | 70 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem_all.c | 278 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem_err.c | 112 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem_info.c | 104 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem_lib.c | 425 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem_oth.c | 64 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem_pk8.c | 82 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem_pkey.c | 106 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem_seal.c | 191 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem_sign.c | 77 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem_x509.c | 62 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pem_xaux.c | 64 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pkcs7.lis | 22 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/pem/pvkfmt.c | 420 |
18 files changed, 557 insertions, 2418 deletions
diff --git a/deps/openssl/openssl/crypto/pem/Makefile b/deps/openssl/openssl/crypto/pem/Makefile deleted file mode 100644 index 65de60e2a1..0000000000 --- a/deps/openssl/openssl/crypto/pem/Makefile +++ /dev/null @@ -1,261 +0,0 @@ -# -# OpenSSL/crypto/pem/Makefile -# - -DIR= pem -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -MAKEFILE= Makefile -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c \ - pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c pvkfmt.c - -LIBOBJ= pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o \ - pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o pvkfmt.o - -SRC= $(LIBSRC) - -EXHEADER= pem.h pem2.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -update: depend - -depend: - @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -pem_all.o: ../../e_os.h ../../include/openssl/asn1.h -pem_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -pem_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -pem_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -pem_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -pem_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -pem_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_all.c -pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -pem_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -pem_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_err.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -pem_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_err.o: ../../include/openssl/x509_vfy.h pem_err.c -pem_info.o: ../../e_os.h ../../include/openssl/asn1.h -pem_info.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h -pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -pem_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -pem_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h -pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_info.o: ../cryptlib.h pem_info.c -pem_lib.o: ../../e_os.h ../../include/openssl/asn1.h -pem_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -pem_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -pem_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -pem_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pem_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -pem_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -pem_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_lib.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -pem_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h -pem_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h -pem_lib.o: pem_lib.c -pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h -pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -pem_oth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -pem_oth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -pem_oth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -pem_oth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_oth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -pem_oth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -pem_oth.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -pem_oth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_oth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_oth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_oth.c -pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h -pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -pem_pk8.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -pem_pk8.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -pem_pk8.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -pem_pk8.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_pk8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -pem_pk8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -pem_pk8.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h -pem_pk8.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_pk8.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_pk8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_pk8.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_pk8.o: ../cryptlib.h pem_pk8.c -pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h -pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -pem_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -pem_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -pem_pkey.o: ../../include/openssl/engine.h ../../include/openssl/err.h -pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_pkey.o: ../../include/openssl/opensslconf.h -pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h -pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -pem_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_pkey.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h -pem_pkey.o: pem_pkey.c -pem_seal.o: ../../e_os.h ../../include/openssl/asn1.h -pem_seal.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -pem_seal.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -pem_seal.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -pem_seal.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_seal.o: ../../include/openssl/opensslconf.h -pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c -pem_sign.o: ../../e_os.h ../../include/openssl/asn1.h -pem_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -pem_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -pem_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -pem_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_sign.o: ../../include/openssl/opensslconf.h -pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pem_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -pem_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -pem_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -pem_sign.o: ../cryptlib.h pem_sign.c -pem_x509.o: ../../e_os.h ../../include/openssl/asn1.h -pem_x509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -pem_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -pem_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -pem_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -pem_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_x509.o: ../../include/openssl/opensslconf.h -pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -pem_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_x509.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_x509.c -pem_xaux.o: ../../e_os.h ../../include/openssl/asn1.h -pem_xaux.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -pem_xaux.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -pem_xaux.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -pem_xaux.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -pem_xaux.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -pem_xaux.o: ../../include/openssl/opensslconf.h -pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -pem_xaux.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pem_xaux.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pem_xaux.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_xaux.c -pvkfmt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -pvkfmt.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -pvkfmt.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h -pvkfmt.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -pvkfmt.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -pvkfmt.o: ../../include/openssl/err.h ../../include/openssl/evp.h -pvkfmt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -pvkfmt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -pvkfmt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -pvkfmt.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -pvkfmt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -pvkfmt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -pvkfmt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -pvkfmt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -pvkfmt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pvkfmt.c diff --git a/deps/openssl/openssl/crypto/pem/build.info b/deps/openssl/openssl/crypto/pem/build.info new file mode 100644 index 0000000000..357b32833b --- /dev/null +++ b/deps/openssl/openssl/crypto/pem/build.info @@ -0,0 +1,4 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=\ + pem_sign.c pem_info.c pem_lib.c pem_all.c pem_err.c \ + pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c pvkfmt.c diff --git a/deps/openssl/openssl/crypto/pem/message b/deps/openssl/openssl/crypto/pem/message deleted file mode 100644 index e8bf9d7592..0000000000 --- a/deps/openssl/openssl/crypto/pem/message +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVACY-ENHANCED MESSAGE----- -Proc-Type: 4,ENCRYPTED -Proc-Type: 4,MIC-ONLY -Proc-Type: 4,MIC-CLEAR -Content-Domain: RFC822 -DEK-Info: DES-CBC,0123456789abcdef -Originator-Certificate - xxxx -Issuer-Certificate - xxxx -MIC-Info: RSA-MD5,RSA, - xxxx - - ------END PRIVACY-ENHANCED MESSAGE----- - diff --git a/deps/openssl/openssl/crypto/pem/pem.h b/deps/openssl/openssl/crypto/pem/pem.h deleted file mode 100644 index aac72fb21e..0000000000 --- a/deps/openssl/openssl/crypto/pem/pem.h +++ /dev/null @@ -1,617 +0,0 @@ -/* crypto/pem/pem.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_PEM_H -# define HEADER_PEM_H - -# include <openssl/e_os2.h> -# ifndef OPENSSL_NO_BIO -# include <openssl/bio.h> -# endif -# ifndef OPENSSL_NO_STACK -# include <openssl/stack.h> -# endif -# include <openssl/evp.h> -# include <openssl/x509.h> -# include <openssl/pem2.h> - -#ifdef __cplusplus -extern "C" { -#endif - -# define PEM_BUFSIZE 1024 - -# define PEM_OBJ_UNDEF 0 -# define PEM_OBJ_X509 1 -# define PEM_OBJ_X509_REQ 2 -# define PEM_OBJ_CRL 3 -# define PEM_OBJ_SSL_SESSION 4 -# define PEM_OBJ_PRIV_KEY 10 -# define PEM_OBJ_PRIV_RSA 11 -# define PEM_OBJ_PRIV_DSA 12 -# define PEM_OBJ_PRIV_DH 13 -# define PEM_OBJ_PUB_RSA 14 -# define PEM_OBJ_PUB_DSA 15 -# define PEM_OBJ_PUB_DH 16 -# define PEM_OBJ_DHPARAMS 17 -# define PEM_OBJ_DSAPARAMS 18 -# define PEM_OBJ_PRIV_RSA_PUBLIC 19 -# define PEM_OBJ_PRIV_ECDSA 20 -# define PEM_OBJ_PUB_ECDSA 21 -# define PEM_OBJ_ECPARAMETERS 22 - -# define PEM_ERROR 30 -# define PEM_DEK_DES_CBC 40 -# define PEM_DEK_IDEA_CBC 45 -# define PEM_DEK_DES_EDE 50 -# define PEM_DEK_DES_ECB 60 -# define PEM_DEK_RSA 70 -# define PEM_DEK_RSA_MD2 80 -# define PEM_DEK_RSA_MD5 90 - -# define PEM_MD_MD2 NID_md2 -# define PEM_MD_MD5 NID_md5 -# define PEM_MD_SHA NID_sha -# define PEM_MD_MD2_RSA NID_md2WithRSAEncryption -# define PEM_MD_MD5_RSA NID_md5WithRSAEncryption -# define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption - -# define PEM_STRING_X509_OLD "X509 CERTIFICATE" -# define PEM_STRING_X509 "CERTIFICATE" -# define PEM_STRING_X509_PAIR "CERTIFICATE PAIR" -# define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE" -# define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" -# define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" -# define PEM_STRING_X509_CRL "X509 CRL" -# define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY" -# define PEM_STRING_PUBLIC "PUBLIC KEY" -# define PEM_STRING_RSA "RSA PRIVATE KEY" -# define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY" -# define PEM_STRING_DSA "DSA PRIVATE KEY" -# define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY" -# define PEM_STRING_PKCS7 "PKCS7" -# define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA" -# define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY" -# define PEM_STRING_PKCS8INF "PRIVATE KEY" -# define PEM_STRING_DHPARAMS "DH PARAMETERS" -# define PEM_STRING_DHXPARAMS "X9.42 DH PARAMETERS" -# define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" -# define PEM_STRING_DSAPARAMS "DSA PARAMETERS" -# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY" -# define PEM_STRING_ECPARAMETERS "EC PARAMETERS" -# define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" -# define PEM_STRING_PARAMETERS "PARAMETERS" -# define PEM_STRING_CMS "CMS" - - /* - * Note that this structure is initialised by PEM_SealInit and cleaned up - * by PEM_SealFinal (at least for now) - */ -typedef struct PEM_Encode_Seal_st { - EVP_ENCODE_CTX encode; - EVP_MD_CTX md; - EVP_CIPHER_CTX cipher; -} PEM_ENCODE_SEAL_CTX; - -/* enc_type is one off */ -# define PEM_TYPE_ENCRYPTED 10 -# define PEM_TYPE_MIC_ONLY 20 -# define PEM_TYPE_MIC_CLEAR 30 -# define PEM_TYPE_CLEAR 40 - -typedef struct pem_recip_st { - char *name; - X509_NAME *dn; - int cipher; - int key_enc; - /* char iv[8]; unused and wrong size */ -} PEM_USER; - -typedef struct pem_ctx_st { - int type; /* what type of object */ - struct { - int version; - int mode; - } proc_type; - - char *domain; - - struct { - int cipher; - /*- - unused, and wrong size - unsigned char iv[8]; */ - } DEK_info; - - PEM_USER *originator; - - int num_recipient; - PEM_USER **recipient; -/*- - XXX(ben): don#t think this is used! - STACK *x509_chain; / * certificate chain */ - EVP_MD *md; /* signature type */ - - int md_enc; /* is the md encrypted or not? */ - int md_len; /* length of md_data */ - char *md_data; /* message digest, could be pkey encrypted */ - - EVP_CIPHER *dec; /* date encryption cipher */ - int key_len; /* key length */ - unsigned char *key; /* key */ - /*- - unused, and wrong size - unsigned char iv[8]; */ - - int data_enc; /* is the data encrypted */ - int data_len; - unsigned char *data; -} PEM_CTX; - -/* - * These macros make the PEM_read/PEM_write functions easier to maintain and - * write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or - * IMPLEMENT_PEM_rw_cb(...) - */ - -# ifdef OPENSSL_NO_FP_API - -# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/ -# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/ -# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/ -# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/ -# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/ -# else - -# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ -type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\ -{ \ -return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \ -} - -# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x) \ -{ \ -return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \ -} - -# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, const type *x) \ -{ \ -return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \ -} - -# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, \ - void *u) \ - { \ - return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ - } - -# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, \ - void *u) \ - { \ - return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ - } - -# endif - -# define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ -type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\ -{ \ -return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \ -} - -# define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x) \ -{ \ -return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \ -} - -# define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, const type *x) \ -{ \ -return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \ -} - -# define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ - { \ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \ - } - -# define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ - { \ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \ - } - -# define IMPLEMENT_PEM_write(name, type, str, asn1) \ - IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_write_fp(name, type, str, asn1) - -# define IMPLEMENT_PEM_write_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) - -# define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) - -# define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) - -# define IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_read_fp(name, type, str, asn1) - -# define IMPLEMENT_PEM_rw(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write(name, type, str, asn1) - -# define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write_const(name, type, str, asn1) - -# define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb(name, type, str, asn1) - -/* These are the same except they are for the declarations */ - -# if defined(OPENSSL_NO_FP_API) - -# define DECLARE_PEM_read_fp(name, type) /**/ -# define DECLARE_PEM_write_fp(name, type) /**/ -# define DECLARE_PEM_write_cb_fp(name, type) /**/ -# else - -# define DECLARE_PEM_read_fp(name, type) \ - type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u); - -# define DECLARE_PEM_write_fp(name, type) \ - int PEM_write_##name(FILE *fp, type *x); - -# define DECLARE_PEM_write_fp_const(name, type) \ - int PEM_write_##name(FILE *fp, const type *x); - -# define DECLARE_PEM_write_cb_fp(name, type) \ - int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u); - -# endif - -# ifndef OPENSSL_NO_BIO -# define DECLARE_PEM_read_bio(name, type) \ - type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u); - -# define DECLARE_PEM_write_bio(name, type) \ - int PEM_write_bio_##name(BIO *bp, type *x); - -# define DECLARE_PEM_write_bio_const(name, type) \ - int PEM_write_bio_##name(BIO *bp, const type *x); - -# define DECLARE_PEM_write_cb_bio(name, type) \ - int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u); - -# else - -# define DECLARE_PEM_read_bio(name, type) /**/ -# define DECLARE_PEM_write_bio(name, type) /**/ -# define DECLARE_PEM_write_bio_const(name, type) /**/ -# define DECLARE_PEM_write_cb_bio(name, type) /**/ -# endif -# define DECLARE_PEM_write(name, type) \ - DECLARE_PEM_write_bio(name, type) \ - DECLARE_PEM_write_fp(name, type) -# define DECLARE_PEM_write_const(name, type) \ - DECLARE_PEM_write_bio_const(name, type) \ - DECLARE_PEM_write_fp_const(name, type) -# define DECLARE_PEM_write_cb(name, type) \ - DECLARE_PEM_write_cb_bio(name, type) \ - DECLARE_PEM_write_cb_fp(name, type) -# define DECLARE_PEM_read(name, type) \ - DECLARE_PEM_read_bio(name, type) \ - DECLARE_PEM_read_fp(name, type) -# define DECLARE_PEM_rw(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write(name, type) -# define DECLARE_PEM_rw_const(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write_const(name, type) -# define DECLARE_PEM_rw_cb(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write_cb(name, type) -# if 1 -/* "userdata": new with OpenSSL 0.9.4 */ -typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata); -# else -/* OpenSSL 0.9.3, 0.9.3a */ -typedef int pem_password_cb (char *buf, int size, int rwflag); -# endif - -int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher); -int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len, - pem_password_cb *callback, void *u); - -# ifndef OPENSSL_NO_BIO -int PEM_read_bio(BIO *bp, char **name, char **header, - unsigned char **data, long *len); -int PEM_write_bio(BIO *bp, const char *name, const char *hdr, - const unsigned char *data, long len); -int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, - const char *name, BIO *bp, pem_password_cb *cb, - void *u); -void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, - pem_password_cb *cb, void *u); -int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, - pem_password_cb *cb, void *u); - -STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u); -int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cd, void *u); -# endif - -int PEM_read(FILE *fp, char **name, char **header, - unsigned char **data, long *len); -int PEM_write(FILE *fp, const char *name, const char *hdr, - const unsigned char *data, long len); -void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, - pem_password_cb *cb, void *u); -int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, - void *x, const EVP_CIPHER *enc, unsigned char *kstr, - int klen, pem_password_cb *callback, void *u); -STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u); - -int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, - EVP_MD *md_type, unsigned char **ek, int *ekl, - unsigned char *iv, EVP_PKEY **pubk, int npubk); -void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl); -int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, - unsigned char *out, int *outl, EVP_PKEY *priv); - -void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); -void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt); -int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, - unsigned int *siglen, EVP_PKEY *pkey); - -int PEM_def_callback(char *buf, int num, int w, void *key); -void PEM_proc_type(char *buf, int type); -void PEM_dek_info(char *buf, const char *type, int len, char *str); - -# include <openssl/symhacks.h> - -DECLARE_PEM_rw(X509, X509) -DECLARE_PEM_rw(X509_AUX, X509) -DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR) -DECLARE_PEM_rw(X509_REQ, X509_REQ) -DECLARE_PEM_write(X509_REQ_NEW, X509_REQ) -DECLARE_PEM_rw(X509_CRL, X509_CRL) -DECLARE_PEM_rw(PKCS7, PKCS7) -DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE) -DECLARE_PEM_rw(PKCS8, X509_SIG) -DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) -# ifndef OPENSSL_NO_RSA -DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) -DECLARE_PEM_rw_const(RSAPublicKey, RSA) -DECLARE_PEM_rw(RSA_PUBKEY, RSA) -# endif -# ifndef OPENSSL_NO_DSA -DECLARE_PEM_rw_cb(DSAPrivateKey, DSA) -DECLARE_PEM_rw(DSA_PUBKEY, DSA) -DECLARE_PEM_rw_const(DSAparams, DSA) -# endif -# ifndef OPENSSL_NO_EC -DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP) -DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY) -DECLARE_PEM_rw(EC_PUBKEY, EC_KEY) -# endif -# ifndef OPENSSL_NO_DH -DECLARE_PEM_rw_const(DHparams, DH) -DECLARE_PEM_write_const(DHxparams, DH) -# endif -DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY) -DECLARE_PEM_rw(PUBKEY, EVP_PKEY) - -int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *, - char *, int, pem_password_cb *, void *); -int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, - void *u); - -int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); - -EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, - void *u); - -int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, pem_password_cb *cd, - void *u); - -EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x); -int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x); - -EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length); -EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length); -EVP_PKEY *b2i_PrivateKey_bio(BIO *in); -EVP_PKEY *b2i_PublicKey_bio(BIO *in); -int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk); -int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk); -# ifndef OPENSSL_NO_RC4 -EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u); -int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, - pem_password_cb *cb, void *u); -# endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -void ERR_load_PEM_strings(void); - -/* Error codes for the PEM functions. */ - -/* Function codes. */ -# define PEM_F_B2I_DSS 127 -# define PEM_F_B2I_PVK_BIO 128 -# define PEM_F_B2I_RSA 129 -# define PEM_F_CHECK_BITLEN_DSA 130 -# define PEM_F_CHECK_BITLEN_RSA 131 -# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120 -# define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121 -# define PEM_F_DO_B2I 132 -# define PEM_F_DO_B2I_BIO 133 -# define PEM_F_DO_BLOB_HEADER 134 -# define PEM_F_DO_PK8PKEY 126 -# define PEM_F_DO_PK8PKEY_FP 125 -# define PEM_F_DO_PVK_BODY 135 -# define PEM_F_DO_PVK_HEADER 136 -# define PEM_F_I2B_PVK 137 -# define PEM_F_I2B_PVK_BIO 138 -# define PEM_F_LOAD_IV 101 -# define PEM_F_PEM_ASN1_READ 102 -# define PEM_F_PEM_ASN1_READ_BIO 103 -# define PEM_F_PEM_ASN1_WRITE 104 -# define PEM_F_PEM_ASN1_WRITE_BIO 105 -# define PEM_F_PEM_DEF_CALLBACK 100 -# define PEM_F_PEM_DO_HEADER 106 -# define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118 -# define PEM_F_PEM_GET_EVP_CIPHER_INFO 107 -# define PEM_F_PEM_PK8PKEY 119 -# define PEM_F_PEM_READ 108 -# define PEM_F_PEM_READ_BIO 109 -# define PEM_F_PEM_READ_BIO_DHPARAMS 141 -# define PEM_F_PEM_READ_BIO_PARAMETERS 140 -# define PEM_F_PEM_READ_BIO_PRIVATEKEY 123 -# define PEM_F_PEM_READ_DHPARAMS 142 -# define PEM_F_PEM_READ_PRIVATEKEY 124 -# define PEM_F_PEM_SEALFINAL 110 -# define PEM_F_PEM_SEALINIT 111 -# define PEM_F_PEM_SIGNFINAL 112 -# define PEM_F_PEM_WRITE 113 -# define PEM_F_PEM_WRITE_BIO 114 -# define PEM_F_PEM_WRITE_PRIVATEKEY 139 -# define PEM_F_PEM_X509_INFO_READ 115 -# define PEM_F_PEM_X509_INFO_READ_BIO 116 -# define PEM_F_PEM_X509_INFO_WRITE_BIO 117 - -/* Reason codes. */ -# define PEM_R_BAD_BASE64_DECODE 100 -# define PEM_R_BAD_DECRYPT 101 -# define PEM_R_BAD_END_LINE 102 -# define PEM_R_BAD_IV_CHARS 103 -# define PEM_R_BAD_MAGIC_NUMBER 116 -# define PEM_R_BAD_PASSWORD_READ 104 -# define PEM_R_BAD_VERSION_NUMBER 117 -# define PEM_R_BIO_WRITE_FAILURE 118 -# define PEM_R_CIPHER_IS_NULL 127 -# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115 -# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119 -# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120 -# define PEM_R_HEADER_TOO_LONG 128 -# define PEM_R_INCONSISTENT_HEADER 121 -# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122 -# define PEM_R_KEYBLOB_TOO_SHORT 123 -# define PEM_R_NOT_DEK_INFO 105 -# define PEM_R_NOT_ENCRYPTED 106 -# define PEM_R_NOT_PROC_TYPE 107 -# define PEM_R_NO_START_LINE 108 -# define PEM_R_PROBLEMS_GETTING_PASSWORD 109 -# define PEM_R_PUBLIC_KEY_NO_RSA 110 -# define PEM_R_PVK_DATA_TOO_SHORT 124 -# define PEM_R_PVK_TOO_SHORT 125 -# define PEM_R_READ_KEY 111 -# define PEM_R_SHORT_HEADER 112 -# define PEM_R_UNSUPPORTED_CIPHER 113 -# define PEM_R_UNSUPPORTED_ENCRYPTION 114 -# define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126 - -# ifdef __cplusplus -} -# endif -#endif diff --git a/deps/openssl/openssl/crypto/pem/pem2.h b/deps/openssl/openssl/crypto/pem/pem2.h deleted file mode 100644 index 84897d5ec3..0000000000 --- a/deps/openssl/openssl/crypto/pem/pem2.h +++ /dev/null @@ -1,70 +0,0 @@ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * This header only exists to break a circular dependency between pem and err - * Ben 30 Jan 1999. - */ - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef HEADER_PEM_H -void ERR_load_PEM_strings(void); -#endif - -#ifdef __cplusplus -} -#endif diff --git a/deps/openssl/openssl/crypto/pem/pem_all.c b/deps/openssl/openssl/crypto/pem/pem_all.c index 0e5be63ef0..0e71813113 100644 --- a/deps/openssl/openssl/crypto/pem/pem_all.c +++ b/deps/openssl/openssl/crypto/pem/pem_all.c @@ -1,130 +1,22 @@ -/* crypto/pem/pem_all.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/bio.h> #include <openssl/evp.h> #include <openssl/x509.h> #include <openssl/pkcs7.h> #include <openssl/pem.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DSA -# include <openssl/dsa.h> -#endif -#ifndef OPENSSL_NO_DH -# include <openssl/dh.h> -#endif +#include <openssl/rsa.h> +#include <openssl/dsa.h> +#include <openssl/dh.h> #ifndef OPENSSL_NO_RSA static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); @@ -176,7 +68,7 @@ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb, return pkey_get_rsa(pktmp, rsa); } -# ifndef OPENSSL_NO_FP_API +# ifndef OPENSSL_NO_STDIO RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u) { @@ -187,57 +79,10 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u) # endif -# ifdef OPENSSL_FIPS - -int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - if (FIPS_mode()) { - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_RSA(k, x); - - ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; - } else - return PEM_ASN1_write_bio((i2d_of_void *)i2d_RSAPrivateKey, - PEM_STRING_RSA, bp, x, enc, kstr, klen, cb, - u); -} - -# ifndef OPENSSL_NO_FP_API -int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - if (FIPS_mode()) { - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - - EVP_PKEY_set1_RSA(k, x); - - ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; - } else - return PEM_ASN1_write((i2d_of_void *)i2d_RSAPrivateKey, - PEM_STRING_RSA, fp, x, enc, kstr, klen, cb, u); -} -# endif - -# else - IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) -# endif + + IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, @@ -268,57 +113,10 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, return pkey_get_dsa(pktmp, dsa); /* will free pktmp */ } -# ifdef OPENSSL_FIPS - -int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - if (FIPS_mode()) { - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_DSA(k, x); - - ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; - } else - return PEM_ASN1_write_bio((i2d_of_void *)i2d_DSAPrivateKey, - PEM_STRING_DSA, bp, x, enc, kstr, klen, cb, - u); -} - -# ifndef OPENSSL_NO_FP_API -int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - if (FIPS_mode()) { - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_DSA(k, x); - ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; - } else - return PEM_ASN1_write((i2d_of_void *)i2d_DSAPrivateKey, - PEM_STRING_DSA, fp, x, enc, kstr, klen, cb, u); -} -# endif - -# else - IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) -# endif IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) -# ifndef OPENSSL_NO_FP_API +# ifndef OPENSSL_NO_STDIO DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, void *u) { EVP_PKEY *pktmp; @@ -357,56 +155,12 @@ EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters) -# ifdef OPENSSL_FIPS -int PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - if (FIPS_mode()) { - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_EC_KEY(k, x); - - ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; - } else - return PEM_ASN1_write_bio((i2d_of_void *)i2d_ECPrivateKey, - PEM_STRING_ECPRIVATEKEY, - bp, x, enc, kstr, klen, cb, u); -} -# ifndef OPENSSL_NO_FP_API -int PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - if (FIPS_mode()) { - EVP_PKEY *k; - int ret; - k = EVP_PKEY_new(); - if (!k) - return 0; - EVP_PKEY_set1_EC_KEY(k, x); - ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); - EVP_PKEY_free(k); - return ret; - } else - return PEM_ASN1_write((i2d_of_void *)i2d_ECPrivateKey, - PEM_STRING_ECPRIVATEKEY, - fp, x, enc, kstr, klen, cb, u); -} -# endif -# else - IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, +IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey) -# endif IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) -# ifndef OPENSSL_NO_FP_API +# ifndef OPENSSL_NO_STDIO EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, void *u) { diff --git a/deps/openssl/openssl/crypto/pem/pem_err.c b/deps/openssl/openssl/crypto/pem/pem_err.c index 4e5f8e936c..f36d89324b 100644 --- a/deps/openssl/openssl/crypto/pem/pem_err.c +++ b/deps/openssl/openssl/crypto/pem/pem_err.c @@ -1,62 +1,11 @@ -/* crypto/pem/pem_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - /* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> @@ -70,46 +19,41 @@ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason) static ERR_STRING_DATA PEM_str_functs[] = { - {ERR_FUNC(PEM_F_B2I_DSS), "B2I_DSS"}, + {ERR_FUNC(PEM_F_B2I_DSS), "b2i_dss"}, {ERR_FUNC(PEM_F_B2I_PVK_BIO), "b2i_PVK_bio"}, - {ERR_FUNC(PEM_F_B2I_RSA), "B2I_RSA"}, - {ERR_FUNC(PEM_F_CHECK_BITLEN_DSA), "CHECK_BITLEN_DSA"}, - {ERR_FUNC(PEM_F_CHECK_BITLEN_RSA), "CHECK_BITLEN_RSA"}, + {ERR_FUNC(PEM_F_B2I_RSA), "b2i_rsa"}, + {ERR_FUNC(PEM_F_CHECK_BITLEN_DSA), "check_bitlen_dsa"}, + {ERR_FUNC(PEM_F_CHECK_BITLEN_RSA), "check_bitlen_rsa"}, {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"}, {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"}, - {ERR_FUNC(PEM_F_DO_B2I), "DO_B2I"}, - {ERR_FUNC(PEM_F_DO_B2I_BIO), "DO_B2I_BIO"}, - {ERR_FUNC(PEM_F_DO_BLOB_HEADER), "DO_BLOB_HEADER"}, - {ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"}, - {ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"}, - {ERR_FUNC(PEM_F_DO_PVK_BODY), "DO_PVK_BODY"}, - {ERR_FUNC(PEM_F_DO_PVK_HEADER), "DO_PVK_HEADER"}, - {ERR_FUNC(PEM_F_I2B_PVK), "I2B_PVK"}, + {ERR_FUNC(PEM_F_DO_B2I), "do_b2i"}, + {ERR_FUNC(PEM_F_DO_B2I_BIO), "do_b2i_bio"}, + {ERR_FUNC(PEM_F_DO_BLOB_HEADER), "do_blob_header"}, + {ERR_FUNC(PEM_F_DO_PK8PKEY), "do_pk8pkey"}, + {ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "do_pk8pkey_fp"}, + {ERR_FUNC(PEM_F_DO_PVK_BODY), "do_PVK_body"}, + {ERR_FUNC(PEM_F_DO_PVK_HEADER), "do_PVK_header"}, + {ERR_FUNC(PEM_F_I2B_PVK), "i2b_PVK"}, {ERR_FUNC(PEM_F_I2B_PVK_BIO), "i2b_PVK_bio"}, - {ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"}, + {ERR_FUNC(PEM_F_LOAD_IV), "load_iv"}, {ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"}, {ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"}, {ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"}, {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"}, {ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"}, {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"}, - {ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY), - "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"}, {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"}, - {ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"}, {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"}, {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"}, - {ERR_FUNC(PEM_F_PEM_READ_BIO_DHPARAMS), "PEM_READ_BIO_DHPARAMS"}, + {ERR_FUNC(PEM_F_PEM_READ_BIO_DHPARAMS), "PEM_read_bio_DHparams"}, {ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS), "PEM_read_bio_Parameters"}, - {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"}, - {ERR_FUNC(PEM_F_PEM_READ_DHPARAMS), "PEM_READ_DHPARAMS"}, - {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"}, - {ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"}, - {ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"}, + {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_read_bio_PrivateKey"}, + {ERR_FUNC(PEM_F_PEM_READ_DHPARAMS), "PEM_read_DHparams"}, + {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_read_PrivateKey"}, {ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"}, {ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"}, {ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"}, - {ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY), "PEM_WRITE_PRIVATEKEY"}, + {ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY), "PEM_write_PrivateKey"}, {ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"}, {ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"}, {ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"}, @@ -137,17 +81,18 @@ static ERR_STRING_DATA PEM_str_reasons[] = { {ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR), "keyblob header parse error"}, {ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT), "keyblob too short"}, + {ERR_REASON(PEM_R_MISSING_DEK_IV), "missing dek iv"}, {ERR_REASON(PEM_R_NOT_DEK_INFO), "not dek info"}, {ERR_REASON(PEM_R_NOT_ENCRYPTED), "not encrypted"}, {ERR_REASON(PEM_R_NOT_PROC_TYPE), "not proc type"}, {ERR_REASON(PEM_R_NO_START_LINE), "no start line"}, {ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD), "problems getting password"}, - {ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA), "public key no rsa"}, {ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT), "pvk data too short"}, {ERR_REASON(PEM_R_PVK_TOO_SHORT), "pvk too short"}, {ERR_REASON(PEM_R_READ_KEY), "read key"}, {ERR_REASON(PEM_R_SHORT_HEADER), "short header"}, + {ERR_REASON(PEM_R_UNEXPECTED_DEK_IV), "unexpected dek iv"}, {ERR_REASON(PEM_R_UNSUPPORTED_CIPHER), "unsupported cipher"}, {ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION), "unsupported encryption"}, {ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS), @@ -157,7 +102,7 @@ static ERR_STRING_DATA PEM_str_reasons[] = { #endif -void ERR_load_PEM_strings(void) +int ERR_load_PEM_strings(void) { #ifndef OPENSSL_NO_ERR @@ -166,4 +111,5 @@ void ERR_load_PEM_strings(void) ERR_load_strings(0, PEM_str_reasons); } #endif + return 1; } diff --git a/deps/openssl/openssl/crypto/pem/pem_info.c b/deps/openssl/openssl/crypto/pem/pem_info.c index 0994020d2e..78d4476a2a 100644 --- a/deps/openssl/openssl/crypto/pem/pem_info.c +++ b/deps/openssl/openssl/crypto/pem/pem_info.c @@ -1,76 +1,23 @@ -/* crypto/pem/pem_info.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/buffer.h> #include <openssl/objects.h> #include <openssl/evp.h> #include <openssl/x509.h> #include <openssl/pem.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DSA -# include <openssl/dsa.h> -#endif +#include <openssl/rsa.h> +#include <openssl/dsa.h> -#ifndef OPENSSL_NO_FP_API +#ifndef OPENSSL_NO_STDIO STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) { @@ -259,14 +206,11 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, } else { /* unknown */ } - if (name != NULL) - OPENSSL_free(name); - if (header != NULL) - OPENSSL_free(header); - if (data != NULL) - OPENSSL_free(data); + OPENSSL_free(name); name = NULL; + OPENSSL_free(header); header = NULL; + OPENSSL_free(data); data = NULL; } @@ -282,8 +226,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, } ok = 1; err: - if (xi != NULL) - X509_INFO_free(xi); + X509_INFO_free(xi); if (!ok) { for (i = 0; ((int)i) < sk_X509_INFO_num(ret); i++) { xi = sk_X509_INFO_value(ret, i); @@ -294,12 +237,9 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, ret = NULL; } - if (name != NULL) - OPENSSL_free(name); - if (header != NULL) - OPENSSL_free(header); - if (data != NULL) - OPENSSL_free(data); + OPENSSL_free(name); + OPENSSL_free(header); + OPENSSL_free(data); return (ret); } @@ -308,7 +248,6 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, void *u) { - EVP_CIPHER_CTX ctx; int i, ret = 0; unsigned char *data = NULL; const char *objstr = NULL; @@ -353,11 +292,13 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, } /* create the right magic header stuff */ - OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <= + OPENSSL_assert(strlen(objstr) + 23 + + 2 * EVP_CIPHER_iv_length(enc) + 13 <= sizeof(buf)); buf[0] = '\0'; PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); - PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv); + PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc), + (char *)iv); /* use the normal code to write things out */ i = PEM_write_bio(bp, PEM_STRING_RSA, buf, data, i); @@ -368,7 +309,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, #ifndef OPENSSL_NO_RSA /* normal optionally encrypted stuff */ if (PEM_write_bio_RSAPrivateKey(bp, - xi->x_pkey->dec_pkey->pkey.rsa, + EVP_PKEY_get0_RSA(xi->x_pkey->dec_pkey), enc, kstr, klen, cb, u) <= 0) goto err; #endif @@ -388,7 +329,6 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, ret = 1; err: - OPENSSL_cleanse((char *)&ctx, sizeof(ctx)); OPENSSL_cleanse(buf, PEM_BUFSIZE); return (ret); } diff --git a/deps/openssl/openssl/crypto/pem/pem_lib.c b/deps/openssl/openssl/crypto/pem/pem_lib.c index 4d5f053e46..e9202f44ae 100644 --- a/deps/openssl/openssl/crypto/pem/pem_lib.c +++ b/deps/openssl/openssl/crypto/pem/pem_lib.c @@ -1,64 +1,16 @@ -/* crypto/pem/pem_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <ctype.h> -#include "cryptlib.h" +#include <string.h> +#include "internal/cryptlib.h" #include <openssl/buffer.h> #include <openssl/objects.h> #include <openssl/evp.h> @@ -66,15 +18,9 @@ #include <openssl/x509.h> #include <openssl/pem.h> #include <openssl/pkcs12.h> -#include "asn1_locl.h" -#ifndef OPENSSL_NO_DES -# include <openssl/des.h> -#endif -#ifndef OPENSSL_NO_ENGINE -# include <openssl/engine.h> -#endif - -const char PEM_version[] = "PEM" OPENSSL_VERSION_PTEXT; +#include "internal/asn1_int.h" +#include <openssl/des.h> +#include <openssl/engine.h> #define MIN_LENGTH 4 @@ -84,22 +30,24 @@ int pem_check_suffix(const char *pem_str, const char *suffix); int PEM_def_callback(char *buf, int num, int w, void *key) { -#ifdef OPENSSL_NO_FP_API - /* - * We should not ever call the default callback routine from windows. - */ - PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return (-1); +#if defined(OPENSSL_NO_STDIO) || defined(OPENSSL_NO_UI) + int i; #else int i, j; const char *prompt; +#endif + if (key) { i = strlen(key); i = (i > num) ? num : i; memcpy(buf, key, i); - return (i); + return i; } +#if defined(OPENSSL_NO_STDIO) || defined(OPENSSL_NO_UI) + PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return -1; +#else prompt = EVP_get_pw_prompt(); if (prompt == NULL) prompt = "Enter PEM pass phrase:"; @@ -115,7 +63,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key) if (i != 0) { PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD); memset(buf, 0, (unsigned int)num); - return (-1); + return -1; } j = strlen(buf); if (min_len && j < min_len) { @@ -125,7 +73,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key) } else break; } - return (j); + return j; #endif } @@ -142,9 +90,9 @@ void PEM_proc_type(char *buf, int type) else str = "BAD-TYPE"; - BUF_strlcat(buf, "Proc-Type: 4,", PEM_BUFSIZE); - BUF_strlcat(buf, str, PEM_BUFSIZE); - BUF_strlcat(buf, "\n", PEM_BUFSIZE); + OPENSSL_strlcat(buf, "Proc-Type: 4,", PEM_BUFSIZE); + OPENSSL_strlcat(buf, str, PEM_BUFSIZE); + OPENSSL_strlcat(buf, "\n", PEM_BUFSIZE); } void PEM_dek_info(char *buf, const char *type, int len, char *str) @@ -153,9 +101,9 @@ void PEM_dek_info(char *buf, const char *type, int len, char *str) long i; int j; - BUF_strlcat(buf, "DEK-Info: ", PEM_BUFSIZE); - BUF_strlcat(buf, type, PEM_BUFSIZE); - BUF_strlcat(buf, ",", PEM_BUFSIZE); + OPENSSL_strlcat(buf, "DEK-Info: ", PEM_BUFSIZE); + OPENSSL_strlcat(buf, type, PEM_BUFSIZE); + OPENSSL_strlcat(buf, ",", PEM_BUFSIZE); j = strlen(buf); if (j + (len * 2) + 1 > PEM_BUFSIZE) return; @@ -167,7 +115,7 @@ void PEM_dek_info(char *buf, const char *type, int len, char *str) buf[j + i * 2 + 1] = '\0'; } -#ifndef OPENSSL_NO_FP_API +#ifndef OPENSSL_NO_STDIO void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, pem_password_cb *cb, void *u) { @@ -188,22 +136,22 @@ void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, static int check_pem(const char *nm, const char *name) { /* Normal matching nm and name */ - if (!strcmp(nm, name)) + if (strcmp(nm, name) == 0) return 1; /* Make PEM_STRING_EVP_PKEY match any private key */ - if (!strcmp(name, PEM_STRING_EVP_PKEY)) { + if (strcmp(name, PEM_STRING_EVP_PKEY) == 0) { int slen; const EVP_PKEY_ASN1_METHOD *ameth; - if (!strcmp(nm, PEM_STRING_PKCS8)) + if (strcmp(nm, PEM_STRING_PKCS8) == 0) return 1; - if (!strcmp(nm, PEM_STRING_PKCS8INF)) + if (strcmp(nm, PEM_STRING_PKCS8INF) == 0) return 1; slen = pem_check_suffix(nm, "PRIVATE KEY"); if (slen > 0) { /* - * NB: ENGINE implementations wont contain a deprecated old + * NB: ENGINE implementations won't contain a deprecated old * private key decode function so don't look for them. */ ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen); @@ -213,7 +161,7 @@ static int check_pem(const char *nm, const char *name) return 0; } - if (!strcmp(name, PEM_STRING_PARAMETERS)) { + if (strcmp(name, PEM_STRING_PARAMETERS) == 0) { int slen; const EVP_PKEY_ASN1_METHOD *ameth; slen = pem_check_suffix(nm, "PARAMETERS"); @@ -227,8 +175,7 @@ static int check_pem(const char *nm, const char *name) else r = 0; #ifndef OPENSSL_NO_ENGINE - if (e) - ENGINE_finish(e); + ENGINE_finish(e); #endif return r; } @@ -236,41 +183,45 @@ static int check_pem(const char *nm, const char *name) return 0; } /* If reading DH parameters handle X9.42 DH format too */ - if (!strcmp(nm, PEM_STRING_DHXPARAMS) && - !strcmp(name, PEM_STRING_DHPARAMS)) + if (strcmp(nm, PEM_STRING_DHXPARAMS) == 0 + && strcmp(name, PEM_STRING_DHPARAMS) == 0) return 1; /* Permit older strings */ - if (!strcmp(nm, PEM_STRING_X509_OLD) && !strcmp(name, PEM_STRING_X509)) + if (strcmp(nm, PEM_STRING_X509_OLD) == 0 + && strcmp(name, PEM_STRING_X509) == 0) return 1; - if (!strcmp(nm, PEM_STRING_X509_REQ_OLD) && - !strcmp(name, PEM_STRING_X509_REQ)) + if (strcmp(nm, PEM_STRING_X509_REQ_OLD) == 0 + && strcmp(name, PEM_STRING_X509_REQ) == 0) return 1; /* Allow normal certs to be read as trusted certs */ - if (!strcmp(nm, PEM_STRING_X509) && - !strcmp(name, PEM_STRING_X509_TRUSTED)) + if (strcmp(nm, PEM_STRING_X509) == 0 + && strcmp(name, PEM_STRING_X509_TRUSTED) == 0) return 1; - if (!strcmp(nm, PEM_STRING_X509_OLD) && - !strcmp(name, PEM_STRING_X509_TRUSTED)) + if (strcmp(nm, PEM_STRING_X509_OLD) == 0 + && strcmp(name, PEM_STRING_X509_TRUSTED) == 0) return 1; /* Some CAs use PKCS#7 with CERTIFICATE headers */ - if (!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_PKCS7)) + if (strcmp(nm, PEM_STRING_X509) == 0 + && strcmp(name, PEM_STRING_PKCS7) == 0) return 1; - if (!strcmp(nm, PEM_STRING_PKCS7_SIGNED) && - !strcmp(name, PEM_STRING_PKCS7)) + if (strcmp(nm, PEM_STRING_PKCS7_SIGNED) == 0 + && strcmp(name, PEM_STRING_PKCS7) == 0) return 1; #ifndef OPENSSL_NO_CMS - if (!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_CMS)) + if (strcmp(nm, PEM_STRING_X509) == 0 + && strcmp(name, PEM_STRING_CMS) == 0) return 1; /* Allow CMS to be read from PKCS#7 headers */ - if (!strcmp(nm, PEM_STRING_PKCS7) && !strcmp(name, PEM_STRING_CMS)) + if (strcmp(nm, PEM_STRING_PKCS7) == 0 + && strcmp(name, PEM_STRING_CMS) == 0) return 1; #endif @@ -321,7 +272,7 @@ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, return ret; } -#ifndef OPENSSL_NO_FP_API +#ifndef OPENSSL_NO_STDIO int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, void *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *callback, void *u) @@ -344,8 +295,8 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *callback, void *u) { - EVP_CIPHER_CTX ctx; - int dsize = 0, i, j, ret = 0; + EVP_CIPHER_CTX *ctx = NULL; + int dsize = 0, i = 0, j = 0, ret = 0; unsigned char *p, *data = NULL; const char *objstr = NULL; char buf[PEM_BUFSIZE]; @@ -365,9 +316,9 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, dsize = 0; goto err; } - /* dzise + 8 bytes are needed */ + /* dsize + 8 bytes are needed */ /* actually it needs the cipher block size extra... */ - data = (unsigned char *)OPENSSL_malloc((unsigned int)dsize + 20); + data = OPENSSL_malloc((unsigned int)dsize + 20); if (data == NULL) { PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_MALLOC_FAILURE); goto err; @@ -392,8 +343,8 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, kstr = (unsigned char *)buf; } RAND_add(data, i, 0); /* put in the RSA key. */ - OPENSSL_assert(enc->iv_len <= (int)sizeof(iv)); - if (RAND_bytes(iv, enc->iv_len) <= 0) /* Generate a salt */ + OPENSSL_assert(EVP_CIPHER_iv_length(enc) <= (int)sizeof(iv)); + if (RAND_bytes(iv, EVP_CIPHER_iv_length(enc)) <= 0) /* Generate a salt */ goto err; /* * The 'iv' is used as the iv and as a salt. It is NOT taken from @@ -405,21 +356,20 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf, PEM_BUFSIZE); - OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <= - sizeof(buf)); + OPENSSL_assert(strlen(objstr) + 23 + 2 * EVP_CIPHER_iv_length(enc) + 13 + <= sizeof(buf)); buf[0] = '\0'; PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); - PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv); + PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc), (char *)iv); /* k=strlen(buf); */ - EVP_CIPHER_CTX_init(&ctx); ret = 1; - if (!EVP_EncryptInit_ex(&ctx, enc, NULL, key, iv) - || !EVP_EncryptUpdate(&ctx, data, &j, data, i) - || !EVP_EncryptFinal_ex(&ctx, &(data[j]), &i)) + if ((ctx = EVP_CIPHER_CTX_new()) == NULL + || !EVP_EncryptInit_ex(ctx, enc, NULL, key, iv) + || !EVP_EncryptUpdate(ctx, data, &j, data, i) + || !EVP_EncryptFinal_ex(ctx, &(data[j]), &i)) ret = 0; - EVP_CIPHER_CTX_cleanup(&ctx); if (ret == 0) goto err; i += j; @@ -433,128 +383,162 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, err: OPENSSL_cleanse(key, sizeof(key)); OPENSSL_cleanse(iv, sizeof(iv)); - OPENSSL_cleanse((char *)&ctx, sizeof(ctx)); + EVP_CIPHER_CTX_free(ctx); OPENSSL_cleanse(buf, PEM_BUFSIZE); - if (data != NULL) { - OPENSSL_cleanse(data, (unsigned int)dsize); - OPENSSL_free(data); - } + OPENSSL_clear_free(data, (unsigned int)dsize); return (ret); } int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, pem_password_cb *callback, void *u) { - int i = 0, j, o, klen; - long len; - EVP_CIPHER_CTX ctx; + int ok; + int keylen; + long len = *plen; + int ilen = (int) len; /* EVP_DecryptUpdate etc. take int lengths */ + EVP_CIPHER_CTX *ctx; unsigned char key[EVP_MAX_KEY_LENGTH]; char buf[PEM_BUFSIZE]; - len = *plen; +#if LONG_MAX > INT_MAX + /* Check that we did not truncate the length */ + if (len > INT_MAX) { + PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_HEADER_TOO_LONG); + return 0; + } +#endif if (cipher->cipher == NULL) - return (1); + return 1; if (callback == NULL) - klen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u); + keylen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u); else - klen = callback(buf, PEM_BUFSIZE, 0, u); - if (klen <= 0) { + keylen = callback(buf, PEM_BUFSIZE, 0, u); + if (keylen <= 0) { PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ); - return (0); + return 0; } #ifdef CHARSET_EBCDIC /* Convert the pass phrase from EBCDIC */ - ebcdic2ascii(buf, buf, klen); + ebcdic2ascii(buf, buf, keylen); #endif if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]), - (unsigned char *)buf, klen, 1, key, NULL)) + (unsigned char *)buf, keylen, 1, key, NULL)) + return 0; + + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) return 0; - j = (int)len; - EVP_CIPHER_CTX_init(&ctx); - o = EVP_DecryptInit_ex(&ctx, cipher->cipher, NULL, key, &(cipher->iv[0])); - if (o) - o = EVP_DecryptUpdate(&ctx, data, &i, data, j); - if (o) - o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j); - EVP_CIPHER_CTX_cleanup(&ctx); + ok = EVP_DecryptInit_ex(ctx, cipher->cipher, NULL, key, &(cipher->iv[0])); + if (ok) + ok = EVP_DecryptUpdate(ctx, data, &ilen, data, ilen); + if (ok) { + /* Squirrel away the length of data decrypted so far. */ + *plen = ilen; + ok = EVP_DecryptFinal_ex(ctx, &(data[ilen]), &ilen); + } + if (ok) + *plen += ilen; + else + PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT); + + EVP_CIPHER_CTX_free(ctx); OPENSSL_cleanse((char *)buf, sizeof(buf)); OPENSSL_cleanse((char *)key, sizeof(key)); - if (o) - j += i; - else { - PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT); - return (0); - } - *plen = j; - return (1); + return ok; } +/* + * This implements a very limited PEM header parser that does not support the + * full grammar of rfc1421. In particular, folded headers are not supported, + * nor is additional whitespace. + * + * A robust implementation would make use of a library that turns the headers + * into a BIO from which one folded line is read at a time, and is then split + * into a header label and content. We would then parse the content of the + * headers we care about. This is overkill for just this limited use-case, but + * presumably we also parse rfc822-style headers for S/MIME, so a common + * abstraction might well be more generally useful. + */ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) { + static const char ProcType[] = "Proc-Type:"; + static const char ENCRYPTED[] = "ENCRYPTED"; + static const char DEKInfo[] = "DEK-Info:"; const EVP_CIPHER *enc = NULL; - char *p, c; - char **header_pp = &header; + int ivlen; + char *dekinfostart, c; cipher->cipher = NULL; if ((header == NULL) || (*header == '\0') || (*header == '\n')) - return (1); - if (strncmp(header, "Proc-Type: ", 11) != 0) { + return 1; + + if (strncmp(header, ProcType, sizeof(ProcType)-1) != 0) { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE); - return (0); + return 0; } - header += 11; - if (*header != '4') - return (0); - header++; - if (*header != ',') - return (0); - header++; - if (strncmp(header, "ENCRYPTED", 9) != 0) { + header += sizeof(ProcType)-1; + header += strspn(header, " \t"); + + if (*header++ != '4' || *header++ != ',') + return 0; + header += strspn(header, " \t"); + + /* We expect "ENCRYPTED" followed by optional white-space + line break */ + if (strncmp(header, ENCRYPTED, sizeof(ENCRYPTED)-1) != 0 || + strspn(header+sizeof(ENCRYPTED)-1, " \t\r\n") == 0) { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED); - return (0); + return 0; } - for (; (*header != '\n') && (*header != '\0'); header++) ; - if (*header == '\0') { + header += sizeof(ENCRYPTED)-1; + header += strspn(header, " \t\r"); + if (*header++ != '\n') { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER); - return (0); + return 0; } - header++; - if (strncmp(header, "DEK-Info: ", 10) != 0) { + + /*- + * https://tools.ietf.org/html/rfc1421#section-4.6.1.3 + * We expect "DEK-Info: algo[,hex-parameters]" + */ + if (strncmp(header, DEKInfo, sizeof(DEKInfo)-1) != 0) { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO); - return (0); + return 0; } - header += 10; + header += sizeof(DEKInfo)-1; + header += strspn(header, " \t"); - p = header; - for (;;) { - c = *header; -#ifndef CHARSET_EBCDIC - if (!(((c >= 'A') && (c <= 'Z')) || (c == '-') || - ((c >= '0') && (c <= '9')))) - break; -#else - if (!(isupper((unsigned char)c) || (c == '-') - || isdigit((unsigned char)c))) - break; -#endif - header++; - } + /* + * DEK-INFO is a comma-separated combination of algorithm name and optional + * parameters. + */ + dekinfostart = header; + header += strcspn(header, " \t,"); + c = *header; *header = '\0'; - cipher->cipher = enc = EVP_get_cipherbyname(p); + cipher->cipher = enc = EVP_get_cipherbyname(dekinfostart); *header = c; - header++; + header += strspn(header, " \t"); if (enc == NULL) { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION); - return (0); + return 0; + } + ivlen = EVP_CIPHER_iv_length(enc); + if (ivlen > 0 && *header++ != ',') { + PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_MISSING_DEK_IV); + return 0; + } else if (ivlen == 0 && *header == ',') { + PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNEXPECTED_DEK_IV); + return 0; } - if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len)) - return (0); - return (1); + if (!load_iv(&header, cipher->iv, EVP_CIPHER_iv_length(enc))) + return 0; + + return 1; } static int load_iv(char **fromp, unsigned char *to, int num) @@ -567,13 +551,8 @@ static int load_iv(char **fromp, unsigned char *to, int num) to[i] = 0; num *= 2; for (i = 0; i < num; i++) { - if ((*from >= '0') && (*from <= '9')) - v = *from - '0'; - else if ((*from >= 'A') && (*from <= 'F')) - v = *from - 'A' + 10; - else if ((*from >= 'a') && (*from <= 'f')) - v = *from - 'a' + 10; - else { + v = OPENSSL_hexchar2int(*from); + if (v < 0) { PEMerr(PEM_F_LOAD_IV, PEM_R_BAD_IV_CHARS); return (0); } @@ -585,7 +564,7 @@ static int load_iv(char **fromp, unsigned char *to, int num) return (1); } -#ifndef OPENSSL_NO_FP_API +#ifndef OPENSSL_NO_STDIO int PEM_write(FILE *fp, const char *name, const char *header, const unsigned char *data, long len) { @@ -608,10 +587,15 @@ int PEM_write_bio(BIO *bp, const char *name, const char *header, { int nlen, n, i, j, outl; unsigned char *buf = NULL; - EVP_ENCODE_CTX ctx; + EVP_ENCODE_CTX *ctx = EVP_ENCODE_CTX_new(); int reason = ERR_R_BUF_LIB; - EVP_EncodeInit(&ctx); + if (ctx == NULL) { + reason = ERR_R_MALLOC_FAILURE; + goto err; + } + + EVP_EncodeInit(ctx); nlen = strlen(name); if ((BIO_write(bp, "-----BEGIN ", 11) != 11) || @@ -634,34 +618,32 @@ int PEM_write_bio(BIO *bp, const char *name, const char *header, i = j = 0; while (len > 0) { n = (int)((len > (PEM_BUFSIZE * 5)) ? (PEM_BUFSIZE * 5) : len); - EVP_EncodeUpdate(&ctx, buf, &outl, &(data[j]), n); + if (!EVP_EncodeUpdate(ctx, buf, &outl, &(data[j]), n)) + goto err; if ((outl) && (BIO_write(bp, (char *)buf, outl) != outl)) goto err; i += outl; len -= n; j += n; } - EVP_EncodeFinal(&ctx, buf, &outl); + EVP_EncodeFinal(ctx, buf, &outl); if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl)) goto err; - OPENSSL_cleanse(buf, PEM_BUFSIZE * 8); - OPENSSL_free(buf); - buf = NULL; if ((BIO_write(bp, "-----END ", 9) != 9) || (BIO_write(bp, name, nlen) != nlen) || (BIO_write(bp, "-----\n", 6) != 6)) goto err; + OPENSSL_clear_free(buf, PEM_BUFSIZE * 8); + EVP_ENCODE_CTX_free(ctx); return (i + outl); err: - if (buf) { - OPENSSL_cleanse(buf, PEM_BUFSIZE * 8); - OPENSSL_free(buf); - } + OPENSSL_clear_free(buf, PEM_BUFSIZE * 8); + EVP_ENCODE_CTX_free(ctx); PEMerr(PEM_F_PEM_WRITE_BIO, reason); return (0); } -#ifndef OPENSSL_NO_FP_API +#ifndef OPENSSL_NO_STDIO int PEM_read(FILE *fp, char **name, char **header, unsigned char **data, long *len) { @@ -682,22 +664,23 @@ int PEM_read(FILE *fp, char **name, char **header, unsigned char **data, int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, long *len) { - EVP_ENCODE_CTX ctx; + EVP_ENCODE_CTX *ctx = EVP_ENCODE_CTX_new(); int end = 0, i, k, bl = 0, hl = 0, nohead = 0; char buf[256]; BUF_MEM *nameB; BUF_MEM *headerB; BUF_MEM *dataB, *tmpB; + if (ctx == NULL) { + PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); + return (0); + } + nameB = BUF_MEM_new(); headerB = BUF_MEM_new(); dataB = BUF_MEM_new(); if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL)) { - BUF_MEM_free(nameB); - BUF_MEM_free(headerB); - BUF_MEM_free(dataB); - PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); - return (0); + goto err; } buf[254] = '\0'; @@ -817,15 +800,15 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, goto err; } - EVP_DecodeInit(&ctx); - i = EVP_DecodeUpdate(&ctx, + EVP_DecodeInit(ctx); + i = EVP_DecodeUpdate(ctx, (unsigned char *)dataB->data, &bl, (unsigned char *)dataB->data, bl); if (i < 0) { PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE); goto err; } - i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k); + i = EVP_DecodeFinal(ctx, (unsigned char *)&(dataB->data[bl]), &k); if (i < 0) { PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE); goto err; @@ -841,11 +824,13 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, OPENSSL_free(nameB); OPENSSL_free(headerB); OPENSSL_free(dataB); + EVP_ENCODE_CTX_free(ctx); return (1); err: BUF_MEM_free(nameB); BUF_MEM_free(headerB); BUF_MEM_free(dataB); + EVP_ENCODE_CTX_free(ctx); return (0); } diff --git a/deps/openssl/openssl/crypto/pem/pem_oth.c b/deps/openssl/openssl/crypto/pem/pem_oth.c index 1dd3bd7a1b..cc7a8dbec4 100644 --- a/deps/openssl/openssl/crypto/pem/pem_oth.c +++ b/deps/openssl/openssl/crypto/pem/pem_oth.c @@ -1,67 +1,17 @@ -/* crypto/pem/pem_oth.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/buffer.h> #include <openssl/objects.h> #include <openssl/evp.h> -#include <openssl/rand.h> #include <openssl/x509.h> #include <openssl/pem.h> diff --git a/deps/openssl/openssl/crypto/pem/pem_pk8.c b/deps/openssl/openssl/crypto/pem/pem_pk8.c index daf210fde0..5caad9faab 100644 --- a/deps/openssl/openssl/crypto/pem/pem_pk8.c +++ b/deps/openssl/openssl/crypto/pem/pem_pk8.c @@ -1,67 +1,17 @@ -/* crypto/pem/pem_pkey.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/buffer.h> #include <openssl/objects.h> #include <openssl/evp.h> -#include <openssl/rand.h> #include <openssl/x509.h> #include <openssl/pkcs12.h> #include <openssl/pem.h> @@ -69,10 +19,12 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); + +#ifndef OPENSSL_NO_STDIO static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); - +#endif /* * These functions write a private key in PKCS#8 format: it is a "drop in" * replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc' @@ -116,7 +68,8 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, PKCS8_PRIV_KEY_INFO *p8inf; char buf[PEM_BUFSIZE]; int ret; - if (!(p8inf = EVP_PKEY2PKCS8(x))) { + + if ((p8inf = EVP_PKEY2PKCS8(x)) == NULL) { PEMerr(PEM_F_DO_PK8PKEY, PEM_R_ERROR_CONVERTING_PRIVATE_KEY); return 0; } @@ -186,14 +139,13 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, if (!ret) return NULL; if (x) { - if (*x) - EVP_PKEY_free(*x); + EVP_PKEY_free(*x); *x = ret; } return ret; } -#ifndef OPENSSL_NO_FP_API +#ifndef OPENSSL_NO_STDIO int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u) @@ -228,7 +180,8 @@ static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, { BIO *bp; int ret; - if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { + + if ((bp = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) { PEMerr(PEM_F_DO_PK8PKEY_FP, ERR_R_BUF_LIB); return (0); } @@ -242,7 +195,8 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, { BIO *bp; EVP_PKEY *ret; - if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { + + if ((bp = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) { PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP, ERR_R_BUF_LIB); return NULL; } diff --git a/deps/openssl/openssl/crypto/pem/pem_pkey.c b/deps/openssl/openssl/crypto/pem/pem_pkey.c index e8b3a1b92c..671b374f36 100644 --- a/deps/openssl/openssl/crypto/pem/pem_pkey.c +++ b/deps/openssl/openssl/crypto/pem/pem_pkey.c @@ -1,77 +1,24 @@ -/* crypto/pem/pem_pkey.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/buffer.h> #include <openssl/objects.h> #include <openssl/evp.h> -#include <openssl/rand.h> #include <openssl/x509.h> #include <openssl/pkcs12.h> #include <openssl/pem.h> -#ifndef OPENSSL_NO_ENGINE -# include <openssl/engine.h> -#endif -#ifndef OPENSSL_NO_DH -# include <openssl/dh.h> -#endif -#include "asn1_locl.h" +#include <openssl/engine.h> +#include <openssl/dh.h> +#include "internal/asn1_int.h" +#include "internal/evp_int.h" int pem_check_suffix(const char *pem_str, const char *suffix); @@ -96,8 +43,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, goto p8err; ret = EVP_PKCS82PKEY(p8inf); if (x) { - if (*x) - EVP_PKEY_free((EVP_PKEY *)*x); + EVP_PKEY_free((EVP_PKEY *)*x); *x = ret; } PKCS8_PRIV_KEY_INFO_free(p8inf); @@ -125,8 +71,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, goto p8err; ret = EVP_PKCS82PKEY(p8inf); if (x) { - if (*x) - EVP_PKEY_free((EVP_PKEY *)*x); + EVP_PKEY_free((EVP_PKEY *)*x); *x = ret; } PKCS8_PRIV_KEY_INFO_free(p8inf); @@ -142,8 +87,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, ERR_R_ASN1_LIB); err: OPENSSL_free(nm); - OPENSSL_cleanse(data, len); - OPENSSL_free(data); + OPENSSL_clear_free(data, len); return (ret); } @@ -151,11 +95,18 @@ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, void *u) { - char pem_str[80]; - if (!x->ameth || x->ameth->priv_encode) + if (x->ameth == NULL || x->ameth->priv_encode != NULL) return PEM_write_bio_PKCS8PrivateKey(bp, x, enc, (char *)kstr, klen, cb, u); + return PEM_write_bio_PrivateKey_traditional(bp, x, enc, kstr, klen, cb, u); +} +int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x, + const EVP_CIPHER *enc, + unsigned char *kstr, int klen, + pem_password_cb *cb, void *u) +{ + char pem_str[80]; BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str); return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, pem_str, bp, x, enc, kstr, klen, cb, u); @@ -177,7 +128,7 @@ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x) if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0) { ret = EVP_PKEY_new(); - if (!ret) + if (ret == NULL) goto err; if (!EVP_PKEY_set_type_str(ret, nm, slen) || !ret->ameth->param_decode @@ -187,8 +138,7 @@ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x) goto err; } if (x) { - if (*x) - EVP_PKEY_free((EVP_PKEY *)*x); + EVP_PKEY_free((EVP_PKEY *)*x); *x = ret; } } @@ -211,7 +161,7 @@ int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x) pem_str, bp, x, NULL, NULL, 0, 0, NULL); } -#ifndef OPENSSL_NO_FP_API +#ifndef OPENSSL_NO_STDIO EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u) { @@ -262,7 +212,7 @@ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) return NULL; p = data; - if (!strcmp(nm, PEM_STRING_DHXPARAMS)) + if (strcmp(nm, PEM_STRING_DHXPARAMS) == 0) ret = d2i_DHxparams(x, &p, len); else ret = d2i_DHparams(x, &p, len); @@ -274,7 +224,7 @@ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) return ret; } -# ifndef OPENSSL_NO_FP_API +# ifndef OPENSSL_NO_STDIO DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u) { BIO *b; diff --git a/deps/openssl/openssl/crypto/pem/pem_seal.c b/deps/openssl/openssl/crypto/pem/pem_seal.c deleted file mode 100644 index a5c1812575..0000000000 --- a/deps/openssl/openssl/crypto/pem/pem_seal.c +++ /dev/null @@ -1,191 +0,0 @@ -/* crypto/pem/pem_seal.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <openssl/opensslconf.h> /* for OPENSSL_NO_RSA */ -#ifndef OPENSSL_NO_RSA -# include <stdio.h> -# include "cryptlib.h" -# include <openssl/evp.h> -# include <openssl/rand.h> -# include <openssl/objects.h> -# include <openssl/x509.h> -# include <openssl/pem.h> -# include <openssl/rsa.h> - -int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, - unsigned char **ek, int *ekl, unsigned char *iv, - EVP_PKEY **pubk, int npubk) -{ - unsigned char key[EVP_MAX_KEY_LENGTH]; - int ret = -1; - int i, j, max = 0; - char *s = NULL; - - for (i = 0; i < npubk; i++) { - if (pubk[i]->type != EVP_PKEY_RSA) { - PEMerr(PEM_F_PEM_SEALINIT, PEM_R_PUBLIC_KEY_NO_RSA); - goto err; - } - j = RSA_size(pubk[i]->pkey.rsa); - if (j > max) - max = j; - } - s = (char *)OPENSSL_malloc(max * 2); - if (s == NULL) { - PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE); - goto err; - } - - EVP_EncodeInit(&ctx->encode); - - EVP_MD_CTX_init(&ctx->md); - if (!EVP_SignInit(&ctx->md, md_type)) - goto err; - - EVP_CIPHER_CTX_init(&ctx->cipher); - ret = EVP_SealInit(&ctx->cipher, type, ek, ekl, iv, pubk, npubk); - if (ret <= 0) - goto err; - - /* base64 encode the keys */ - for (i = 0; i < npubk; i++) { - j = EVP_EncodeBlock((unsigned char *)s, ek[i], - RSA_size(pubk[i]->pkey.rsa)); - ekl[i] = j; - memcpy(ek[i], s, j + 1); - } - - ret = npubk; - err: - if (s != NULL) - OPENSSL_free(s); - OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); - return (ret); -} - -void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl) -{ - unsigned char buffer[1600]; - int i, j; - - *outl = 0; - EVP_SignUpdate(&ctx->md, in, inl); - for (;;) { - if (inl <= 0) - break; - if (inl > 1200) - i = 1200; - else - i = inl; - EVP_EncryptUpdate(&ctx->cipher, buffer, &j, in, i); - EVP_EncodeUpdate(&ctx->encode, out, &j, buffer, j); - *outl += j; - out += j; - in += i; - inl -= i; - } -} - -int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, - unsigned char *out, int *outl, EVP_PKEY *priv) -{ - unsigned char *s = NULL; - int ret = 0, j; - unsigned int i; - - if (priv->type != EVP_PKEY_RSA) { - PEMerr(PEM_F_PEM_SEALFINAL, PEM_R_PUBLIC_KEY_NO_RSA); - goto err; - } - i = RSA_size(priv->pkey.rsa); - if (i < 100) - i = 100; - s = (unsigned char *)OPENSSL_malloc(i * 2); - if (s == NULL) { - PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!EVP_EncryptFinal_ex(&ctx->cipher, s, (int *)&i)) - goto err; - EVP_EncodeUpdate(&ctx->encode, out, &j, s, i); - *outl = j; - out += j; - EVP_EncodeFinal(&ctx->encode, out, &j); - *outl += j; - - if (!EVP_SignFinal(&ctx->md, s, &i, priv)) - goto err; - *sigl = EVP_EncodeBlock(sig, s, i); - - ret = 1; - err: - EVP_MD_CTX_cleanup(&ctx->md); - EVP_CIPHER_CTX_cleanup(&ctx->cipher); - if (s != NULL) - OPENSSL_free(s); - return (ret); -} -#else /* !OPENSSL_NO_RSA */ - -# if PEDANTIC -static void *dummy = &dummy; -# endif - -#endif diff --git a/deps/openssl/openssl/crypto/pem/pem_sign.c b/deps/openssl/openssl/crypto/pem/pem_sign.c index b5e5c29b0e..12ad97450a 100644 --- a/deps/openssl/openssl/crypto/pem/pem_sign.c +++ b/deps/openssl/openssl/crypto/pem/pem_sign.c @@ -1,77 +1,27 @@ -/* crypto/pem/pem_sign.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" -#include <openssl/rand.h> +#include "internal/cryptlib.h" #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/x509.h> #include <openssl/pem.h> -void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type) +int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type) { - EVP_DigestInit_ex(ctx, type, NULL); + return EVP_DigestInit_ex(ctx, type, NULL); } -void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, unsigned int count) +int PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, unsigned int count) { - EVP_DigestUpdate(ctx, data, count); + return EVP_DigestUpdate(ctx, data, count); } int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, @@ -81,7 +31,7 @@ int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, int i, ret = 0; unsigned int m_len; - m = (unsigned char *)OPENSSL_malloc(EVP_PKEY_size(pkey) + 2); + m = OPENSSL_malloc(EVP_PKEY_size(pkey) + 2); if (m == NULL) { PEMerr(PEM_F_PEM_SIGNFINAL, ERR_R_MALLOC_FAILURE); goto err; @@ -95,7 +45,6 @@ int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, ret = 1; err: /* ctx has been zeroed by EVP_SignFinal() */ - if (m != NULL) - OPENSSL_free(m); + OPENSSL_free(m); return (ret); } diff --git a/deps/openssl/openssl/crypto/pem/pem_x509.c b/deps/openssl/openssl/crypto/pem/pem_x509.c index 3c20ff28ad..3a997564a2 100644 --- a/deps/openssl/openssl/crypto/pem/pem_x509.c +++ b/deps/openssl/openssl/crypto/pem/pem_x509.c @@ -1,64 +1,14 @@ -/* pem_x509.c */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/bio.h> #include <openssl/evp.h> #include <openssl/x509.h> diff --git a/deps/openssl/openssl/crypto/pem/pem_xaux.c b/deps/openssl/openssl/crypto/pem/pem_xaux.c index c523430189..6d7e1db21a 100644 --- a/deps/openssl/openssl/crypto/pem/pem_xaux.c +++ b/deps/openssl/openssl/crypto/pem/pem_xaux.c @@ -1,64 +1,14 @@ -/* pem_xaux.c */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/bio.h> #include <openssl/evp.h> #include <openssl/x509.h> @@ -66,5 +16,3 @@ #include <openssl/pem.h> IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX) -IMPLEMENT_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR, PEM_STRING_X509_PAIR, - X509_CERT_PAIR) diff --git a/deps/openssl/openssl/crypto/pem/pkcs7.lis b/deps/openssl/openssl/crypto/pem/pkcs7.lis deleted file mode 100644 index be90c5d87f..0000000000 --- a/deps/openssl/openssl/crypto/pem/pkcs7.lis +++ /dev/null @@ -1,22 +0,0 @@ -21 0:d=0 hl=2 l= 0 cons: univ: SEQUENCE - 00 2:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData - 21 13:d=0 hl=2 l= 0 cons: cont: 00 # explicit tag - 21 15:d=0 hl=2 l= 0 cons: univ: SEQUENCE - 00 17:d=0 hl=2 l= 1 prim: univ: INTEGER # version - 20 20:d=0 hl=2 l= 0 cons: univ: SET - 21 22:d=0 hl=2 l= 0 cons: univ: SEQUENCE - 00 24:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data - 00 35:d=0 hl=2 l= 0 prim: univ: EOC - 21 37:d=0 hl=2 l= 0 cons: cont: 00 # cert tag - 20 39:d=0 hl=4 l=545 cons: univ: SEQUENCE - 20 588:d=0 hl=4 l=524 cons: univ: SEQUENCE - 00 1116:d=0 hl=2 l= 0 prim: univ: EOC - 21 1118:d=0 hl=2 l= 0 cons: cont: 01 # crl tag - 20 1120:d=0 hl=4 l=653 cons: univ: SEQUENCE - 20 1777:d=0 hl=4 l=285 cons: univ: SEQUENCE - 00 2066:d=0 hl=2 l= 0 prim: univ: EOC - 21 2068:d=0 hl=2 l= 0 cons: univ: SET # signers - 00 2070:d=0 hl=2 l= 0 prim: univ: EOC - 00 2072:d=0 hl=2 l= 0 prim: univ: EOC - 00 2074:d=0 hl=2 l= 0 prim: univ: EOC -00 2076:d=0 hl=2 l= 0 prim: univ: EOC diff --git a/deps/openssl/openssl/crypto/pem/pvkfmt.c b/deps/openssl/openssl/crypto/pem/pvkfmt.c index 1ce5a1e319..d0a423957c 100644 --- a/deps/openssl/openssl/crypto/pem/pvkfmt.c +++ b/deps/openssl/openssl/crypto/pem/pvkfmt.c @@ -1,59 +1,10 @@ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 2005. - */ -/* ==================================================================== - * Copyright (c) 2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ /* @@ -61,7 +12,7 @@ * and PRIVATEKEYBLOB). */ -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/pem.h> #include <openssl/rand.h> #include <openssl/bn.h> @@ -93,23 +44,11 @@ static unsigned int read_ledword(const unsigned char **in) static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r) { - const unsigned char *p; - unsigned char *tmpbuf, *q; - unsigned int i; - p = *in + nbyte - 1; - tmpbuf = OPENSSL_malloc(nbyte); - if (!tmpbuf) - return 0; - q = tmpbuf; - for (i = 0; i < nbyte; i++) - *q++ = *p--; - *r = BN_bin2bn(tmpbuf, nbyte, NULL); - OPENSSL_free(tmpbuf); - if (*r) { - *in += nbyte; - return 1; - } else + *r = BN_lebin2bn(*in, nbyte, NULL); + if (*r == NULL) return 0; + *in += nbyte; + return 1; } /* Convert private key blob to EVP_PKEY: RSA and DSA keys supported */ @@ -139,9 +78,9 @@ static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r) /* Maximum salt length */ # define PVK_MAX_SALTLEN 10240 -static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length, +static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int bitlen, int ispub); -static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length, +static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int bitlen, int ispub); static int do_blob_header(const unsigned char **in, unsigned int length, @@ -181,6 +120,7 @@ static int do_blob_header(const unsigned char **in, unsigned int length, case MS_DSS1MAGIC: *pisdss = 1; + /* fall thru */ case MS_RSA1MAGIC: if (*pispub == 0) { PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB); @@ -190,6 +130,7 @@ static int do_blob_header(const unsigned char **in, unsigned int length, case MS_DSS2MAGIC: *pisdss = 1; + /* fall thru */ case MS_RSA2MAGIC: if (*pispub == 1) { PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB); @@ -254,9 +195,9 @@ static EVP_PKEY *do_b2i(const unsigned char **in, unsigned int length, return NULL; } if (isdss) - return b2i_dss(&p, length, bitlen, ispub); + return b2i_dss(&p, bitlen, ispub); else - return b2i_rsa(&p, length, bitlen, ispub); + return b2i_rsa(&p, bitlen, ispub); } static EVP_PKEY *do_b2i_bio(BIO *in, int ispub) @@ -280,7 +221,7 @@ static EVP_PKEY *do_b2i_bio(BIO *in, int ispub) return NULL; } buf = OPENSSL_malloc(length); - if (!buf) { + if (buf == NULL) { PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE); goto err; } @@ -291,17 +232,16 @@ static EVP_PKEY *do_b2i_bio(BIO *in, int ispub) } if (isdss) - ret = b2i_dss(&p, length, bitlen, ispub); + ret = b2i_dss(&p, bitlen, ispub); else - ret = b2i_rsa(&p, length, bitlen, ispub); + ret = b2i_rsa(&p, bitlen, ispub); err: - if (buf) - OPENSSL_free(buf); + OPENSSL_free(buf); return ret; } -static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length, +static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int bitlen, int ispub) { const unsigned char *p = *in; @@ -309,97 +249,133 @@ static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length, DSA *dsa = NULL; BN_CTX *ctx = NULL; unsigned int nbyte; + BIGNUM *pbn = NULL, *qbn = NULL, *gbn = NULL, *priv_key = NULL; + BIGNUM *pub_key = NULL; + nbyte = (bitlen + 7) >> 3; dsa = DSA_new(); ret = EVP_PKEY_new(); - if (!dsa || !ret) + if (dsa == NULL || ret == NULL) goto memerr; - if (!read_lebn(&p, nbyte, &dsa->p)) + if (!read_lebn(&p, nbyte, &pbn)) goto memerr; - if (!read_lebn(&p, 20, &dsa->q)) + + if (!read_lebn(&p, 20, &qbn)) goto memerr; - if (!read_lebn(&p, nbyte, &dsa->g)) + + if (!read_lebn(&p, nbyte, &gbn)) goto memerr; + if (ispub) { - if (!read_lebn(&p, nbyte, &dsa->pub_key)) + if (!read_lebn(&p, nbyte, &pub_key)) goto memerr; } else { - if (!read_lebn(&p, 20, &dsa->priv_key)) + if (!read_lebn(&p, 20, &priv_key)) goto memerr; + /* Calculate public key */ - if (!(dsa->pub_key = BN_new())) + pub_key = BN_new(); + if (pub_key == NULL) goto memerr; - if (!(ctx = BN_CTX_new())) + if ((ctx = BN_CTX_new()) == NULL) goto memerr; - if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) - + if (!BN_mod_exp(pub_key, gbn, priv_key, pbn, ctx)) goto memerr; + BN_CTX_free(ctx); + ctx = NULL; } + if (!DSA_set0_pqg(dsa, pbn, qbn, gbn)) + goto memerr; + pbn = qbn = gbn = NULL; + if (!DSA_set0_key(dsa, pub_key, priv_key)) + goto memerr; + pub_key = priv_key = NULL; - EVP_PKEY_set1_DSA(ret, dsa); + if (!EVP_PKEY_set1_DSA(ret, dsa)) + goto memerr; DSA_free(dsa); *in = p; return ret; memerr: PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE); - if (dsa) - DSA_free(dsa); - if (ret) - EVP_PKEY_free(ret); - if (ctx) - BN_CTX_free(ctx); + DSA_free(dsa); + BN_free(pbn); + BN_free(qbn); + BN_free(gbn); + BN_free(pub_key); + BN_free(priv_key); + EVP_PKEY_free(ret); + BN_CTX_free(ctx); return NULL; } -static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length, +static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int bitlen, int ispub) { - const unsigned char *p = *in; + const unsigned char *pin = *in; EVP_PKEY *ret = NULL; + BIGNUM *e = NULL, *n = NULL, *d = NULL; + BIGNUM *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; RSA *rsa = NULL; unsigned int nbyte, hnbyte; nbyte = (bitlen + 7) >> 3; hnbyte = (bitlen + 15) >> 4; rsa = RSA_new(); ret = EVP_PKEY_new(); - if (!rsa || !ret) + if (rsa == NULL || ret == NULL) goto memerr; - rsa->e = BN_new(); - if (!rsa->e) + e = BN_new(); + if (e == NULL) goto memerr; - if (!BN_set_word(rsa->e, read_ledword(&p))) + if (!BN_set_word(e, read_ledword(&pin))) goto memerr; - if (!read_lebn(&p, nbyte, &rsa->n)) + if (!read_lebn(&pin, nbyte, &n)) goto memerr; if (!ispub) { - if (!read_lebn(&p, hnbyte, &rsa->p)) + if (!read_lebn(&pin, hnbyte, &p)) + goto memerr; + if (!read_lebn(&pin, hnbyte, &q)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->q)) + if (!read_lebn(&pin, hnbyte, &dmp1)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->dmp1)) + if (!read_lebn(&pin, hnbyte, &dmq1)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->dmq1)) + if (!read_lebn(&pin, hnbyte, &iqmp)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->iqmp)) + if (!read_lebn(&pin, nbyte, &d)) goto memerr; - if (!read_lebn(&p, nbyte, &rsa->d)) + if (!RSA_set0_factors(rsa, p, q)) goto memerr; + p = q = NULL; + if (!RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp)) + goto memerr; + dmp1 = dmq1 = iqmp = NULL; } + if (!RSA_set0_key(rsa, n, e, d)) + goto memerr; + n = e = d = NULL; - EVP_PKEY_set1_RSA(ret, rsa); + if (!EVP_PKEY_set1_RSA(ret, rsa)) + goto memerr; RSA_free(rsa); - *in = p; + *in = pin; return ret; memerr: PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE); - if (rsa) - RSA_free(rsa); - if (ret) - EVP_PKEY_free(ret); + BN_free(e); + BN_free(n); + BN_free(p); + BN_free(q); + BN_free(dmp1); + BN_free(dmq1); + BN_free(iqmp); + BN_free(d); + RSA_free(rsa); + EVP_PKEY_free(ret); return NULL; } @@ -435,26 +411,8 @@ static void write_ledword(unsigned char **out, unsigned int dw) static void write_lebn(unsigned char **out, const BIGNUM *bn, int len) { - int nb, i; - unsigned char *p = *out, *q, c; - nb = BN_num_bytes(bn); - BN_bn2bin(bn, p); - q = p + nb - 1; - /* In place byte order reversal */ - for (i = 0; i < nb / 2; i++) { - c = *p; - *p++ = *q; - *q-- = c; - } - *out += nb; - /* Pad with zeroes if we have to */ - if (len > 0) { - len -= nb; - if (len > 0) { - memset(*out, 0, len); - *out += len; - } - } + BN_bn2lebinpad(bn, *out, len); + *out += len; } static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *magic); @@ -468,11 +426,12 @@ static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub) unsigned char *p; unsigned int bitlen, magic = 0, keyalg; int outlen, noinc = 0; - if (pk->type == EVP_PKEY_DSA) { - bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic); + int pktype = EVP_PKEY_id(pk); + if (pktype == EVP_PKEY_DSA) { + bitlen = check_bitlen_dsa(EVP_PKEY_get0_DSA(pk), ispub, &magic); keyalg = MS_KEYALG_DSS_SIGN; - } else if (pk->type == EVP_PKEY_RSA) { - bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic); + } else if (pktype == EVP_PKEY_RSA) { + bitlen = check_bitlen_rsa(EVP_PKEY_get0_RSA(pk), ispub, &magic); keyalg = MS_KEYALG_RSA_KEYX; } else return -1; @@ -486,7 +445,7 @@ static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub) p = *out; else { p = OPENSSL_malloc(outlen); - if (!p) + if (p == NULL) return -1; *out = p; noinc = 1; @@ -502,9 +461,9 @@ static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub) write_ledword(&p, magic); write_ledword(&p, bitlen); if (keyalg == MS_KEYALG_DSS_SIGN) - write_dsa(&p, pk->pkey.dsa, ispub); + write_dsa(&p, EVP_PKEY_get0_DSA(pk), ispub); else - write_rsa(&p, pk->pkey.rsa, ispub); + write_rsa(&p, EVP_PKEY_get0_RSA(pk), ispub); if (!noinc) *out += outlen; return outlen; @@ -527,16 +486,21 @@ static int do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub) static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic) { int bitlen; - bitlen = BN_num_bits(dsa->p); - if ((bitlen & 7) || (BN_num_bits(dsa->q) != 160) - || (BN_num_bits(dsa->g) > bitlen)) + const BIGNUM *p = NULL, *q = NULL, *g = NULL; + const BIGNUM *pub_key = NULL, *priv_key = NULL; + + DSA_get0_pqg(dsa, &p, &q, &g); + DSA_get0_key(dsa, &pub_key, &priv_key); + bitlen = BN_num_bits(p); + if ((bitlen & 7) || (BN_num_bits(q) != 160) + || (BN_num_bits(g) > bitlen)) goto badkey; if (ispub) { - if (BN_num_bits(dsa->pub_key) > bitlen) + if (BN_num_bits(pub_key) > bitlen) goto badkey; *pmagic = MS_DSS1MAGIC; } else { - if (BN_num_bits(dsa->priv_key) > 160) + if (BN_num_bits(priv_key) > 160) goto badkey; *pmagic = MS_DSS2MAGIC; } @@ -550,26 +514,35 @@ static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic) static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic) { int nbyte, hnbyte, bitlen; - if (BN_num_bits(rsa->e) > 32) + const BIGNUM *e; + + RSA_get0_key(rsa, NULL, &e, NULL); + if (BN_num_bits(e) > 32) goto badkey; - bitlen = BN_num_bits(rsa->n); - nbyte = BN_num_bytes(rsa->n); - hnbyte = (BN_num_bits(rsa->n) + 15) >> 4; + bitlen = RSA_bits(rsa); + nbyte = RSA_size(rsa); + hnbyte = (bitlen + 15) >> 4; if (ispub) { *pmagic = MS_RSA1MAGIC; return bitlen; } else { + const BIGNUM *d, *p, *q, *iqmp, *dmp1, *dmq1; + *pmagic = MS_RSA2MAGIC; + /* * For private key each component must fit within nbyte or hnbyte. */ - if (BN_num_bytes(rsa->d) > nbyte) + RSA_get0_key(rsa, NULL, NULL, &d); + if (BN_num_bytes(d) > nbyte) goto badkey; - if ((BN_num_bytes(rsa->iqmp) > hnbyte) - || (BN_num_bytes(rsa->p) > hnbyte) - || (BN_num_bytes(rsa->q) > hnbyte) - || (BN_num_bytes(rsa->dmp1) > hnbyte) - || (BN_num_bytes(rsa->dmq1) > hnbyte)) + RSA_get0_factors(rsa, &p, &q); + RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); + if ((BN_num_bytes(iqmp) > hnbyte) + || (BN_num_bytes(p) > hnbyte) + || (BN_num_bytes(q) > hnbyte) + || (BN_num_bytes(dmp1) > hnbyte) + || (BN_num_bytes(dmq1) > hnbyte)) goto badkey; } return bitlen; @@ -581,31 +554,41 @@ static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic) static void write_rsa(unsigned char **out, RSA *rsa, int ispub) { int nbyte, hnbyte; - nbyte = BN_num_bytes(rsa->n); - hnbyte = (BN_num_bits(rsa->n) + 15) >> 4; - write_lebn(out, rsa->e, 4); - write_lebn(out, rsa->n, -1); + const BIGNUM *n, *d, *e, *p, *q, *iqmp, *dmp1, *dmq1; + + nbyte = RSA_size(rsa); + hnbyte = (RSA_bits(rsa) + 15) >> 4; + RSA_get0_key(rsa, &n, &e, &d); + write_lebn(out, e, 4); + write_lebn(out, n, nbyte); if (ispub) return; - write_lebn(out, rsa->p, hnbyte); - write_lebn(out, rsa->q, hnbyte); - write_lebn(out, rsa->dmp1, hnbyte); - write_lebn(out, rsa->dmq1, hnbyte); - write_lebn(out, rsa->iqmp, hnbyte); - write_lebn(out, rsa->d, nbyte); + RSA_get0_factors(rsa, &p, &q); + RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); + write_lebn(out, p, hnbyte); + write_lebn(out, q, hnbyte); + write_lebn(out, dmp1, hnbyte); + write_lebn(out, dmq1, hnbyte); + write_lebn(out, iqmp, hnbyte); + write_lebn(out, d, nbyte); } static void write_dsa(unsigned char **out, DSA *dsa, int ispub) { int nbyte; - nbyte = BN_num_bytes(dsa->p); - write_lebn(out, dsa->p, nbyte); - write_lebn(out, dsa->q, 20); - write_lebn(out, dsa->g, nbyte); + const BIGNUM *p = NULL, *q = NULL, *g = NULL; + const BIGNUM *pub_key = NULL, *priv_key = NULL; + + DSA_get0_pqg(dsa, &p, &q, &g); + DSA_get0_key(dsa, &pub_key, &priv_key); + nbyte = BN_num_bytes(p); + write_lebn(out, p, nbyte); + write_lebn(out, q, 20); + write_lebn(out, g, nbyte); if (ispub) - write_lebn(out, dsa->pub_key, nbyte); + write_lebn(out, pub_key, nbyte); else - write_lebn(out, dsa->priv_key, 20); + write_lebn(out, priv_key, 20); /* Set "invalid" for seed structure values */ memset(*out, 0xff, 24); *out += 24; @@ -671,16 +654,16 @@ static int derive_pvk_key(unsigned char *key, const unsigned char *salt, unsigned int saltlen, const unsigned char *pass, int passlen) { - EVP_MD_CTX mctx; + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); int rv = 1; - EVP_MD_CTX_init(&mctx); - if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL) - || !EVP_DigestUpdate(&mctx, salt, saltlen) - || !EVP_DigestUpdate(&mctx, pass, passlen) - || !EVP_DigestFinal_ex(&mctx, key, NULL)) + if (mctx == NULL + || !EVP_DigestInit_ex(mctx, EVP_sha1(), NULL) + || !EVP_DigestUpdate(mctx, salt, saltlen) + || !EVP_DigestUpdate(mctx, pass, passlen) + || !EVP_DigestFinal_ex(mctx, key, NULL)) rv = 0; - EVP_MD_CTX_cleanup(&mctx); + EVP_MD_CTX_free(mctx); return rv; } @@ -692,8 +675,8 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, const unsigned char *p = *in; unsigned int magic; unsigned char *enctmp = NULL, *q; - EVP_CIPHER_CTX cctx; - EVP_CIPHER_CTX_init(&cctx); + + EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new(); if (saltlen) { char psbuf[PEM_BUFSIZE]; unsigned char keybuf[20]; @@ -707,7 +690,7 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, goto err; } enctmp = OPENSSL_malloc(keylen + 8); - if (!enctmp) { + if (enctmp == NULL) { PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE); goto err; } @@ -724,22 +707,22 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, } inlen = keylen - 8; q = enctmp + 8; - if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) + if (!EVP_DecryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL)) goto err; - if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen)) + if (!EVP_DecryptUpdate(cctx, q, &enctmplen, p, inlen)) goto err; - if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen)) + if (!EVP_DecryptFinal_ex(cctx, q + enctmplen, &enctmplen)) goto err; magic = read_ledword((const unsigned char **)&q); if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) { q = enctmp + 8; memset(keybuf + 5, 0, 11); - if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) + if (!EVP_DecryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL)) goto err; OPENSSL_cleanse(keybuf, 20); - if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen)) + if (!EVP_DecryptUpdate(cctx, q, &enctmplen, p, inlen)) goto err; - if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen)) + if (!EVP_DecryptFinal_ex(cctx, q + enctmplen, &enctmplen)) goto err; magic = read_ledword((const unsigned char **)&q); if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) { @@ -753,9 +736,8 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, ret = b2i_PrivateKey(&p, keylen); err: - EVP_CIPHER_CTX_cleanup(&cctx); - if (enctmp && saltlen) - OPENSSL_free(enctmp); + EVP_CIPHER_CTX_free(cctx); + OPENSSL_free(enctmp); return ret; } @@ -776,7 +758,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u) return 0; buflen = (int)keylen + saltlen; buf = OPENSSL_malloc(buflen); - if (!buf) { + if (buf == NULL) { PEMerr(PEM_F_B2I_PVK_BIO, ERR_R_MALLOC_FAILURE); return 0; } @@ -788,10 +770,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u) ret = do_PVK_body(&p, saltlen, keylen, cb, u); err: - if (buf) { - OPENSSL_cleanse(buf, buflen); - OPENSSL_free(buf); - } + OPENSSL_clear_free(buf, buflen); return ret; } @@ -799,31 +778,33 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel, pem_password_cb *cb, void *u) { int outlen = 24, pklen; - unsigned char *p, *salt = NULL; - EVP_CIPHER_CTX cctx; - EVP_CIPHER_CTX_init(&cctx); + unsigned char *p = NULL, *start = NULL, *salt = NULL; + EVP_CIPHER_CTX *cctx = NULL; if (enclevel) outlen += PVK_SALTLEN; pklen = do_i2b(NULL, pk, 0); if (pklen < 0) return -1; outlen += pklen; - if (!out) + if (out == NULL) return outlen; - if (*out) + if (*out != NULL) { p = *out; - else { - p = OPENSSL_malloc(outlen); - if (!p) { + } else { + start = p = OPENSSL_malloc(outlen); + if (p == NULL) { PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE); return -1; } - *out = p; } + cctx = EVP_CIPHER_CTX_new(); + if (cctx == NULL) + goto error; + write_ledword(&p, MS_PVKMAGIC); write_ledword(&p, 0); - if (pk->type == EVP_PKEY_DSA) + if (EVP_PKEY_id(pk) == EVP_PKEY_DSA) write_ledword(&p, MS_KEYTYPE_SIGN); else write_ledword(&p, MS_KEYTYPE_KEYX); @@ -837,9 +818,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel, p += PVK_SALTLEN; } do_i2b(&p, pk, 0); - if (enclevel == 0) - return outlen; - else { + if (enclevel != 0) { char psbuf[PEM_BUFSIZE]; unsigned char keybuf[20]; int enctmplen, inlen; @@ -857,19 +836,26 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel, if (enclevel == 1) memset(keybuf + 5, 0, 11); p = salt + PVK_SALTLEN + 8; - if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) + if (!EVP_EncryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL)) goto error; OPENSSL_cleanse(keybuf, 20); - if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8)) + if (!EVP_DecryptUpdate(cctx, p, &enctmplen, p, pklen - 8)) goto error; - if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen)) + if (!EVP_DecryptFinal_ex(cctx, p + enctmplen, &enctmplen)) goto error; } - EVP_CIPHER_CTX_cleanup(&cctx); + + EVP_CIPHER_CTX_free(cctx); + + if (*out == NULL) + *out = start; + return outlen; error: - EVP_CIPHER_CTX_cleanup(&cctx); + EVP_CIPHER_CTX_free(cctx); + if (*out == NULL) + OPENSSL_free(start); return -1; } |