|
1 /* crypto/pem/pem_all.c */ |
|
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
|
3 * All rights reserved. |
|
4 * |
|
5 * This package is an SSL implementation written |
|
6 * by Eric Young (eay@cryptsoft.com). |
|
7 * The implementation was written so as to conform with Netscapes SSL. |
|
8 * |
|
9 * This library is free for commercial and non-commercial use as long as |
|
10 * the following conditions are aheared to. The following conditions |
|
11 * apply to all code found in this distribution, be it the RC4, RSA, |
|
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
|
13 * included with this distribution is covered by the same copyright terms |
|
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
|
15 * |
|
16 * Copyright remains Eric Young's, and as such any Copyright notices in |
|
17 * the code are not to be removed. |
|
18 * If this package is used in a product, Eric Young should be given attribution |
|
19 * as the author of the parts of the library used. |
|
20 * This can be in the form of a textual message at program startup or |
|
21 * in documentation (online or textual) provided with the package. |
|
22 * |
|
23 * Redistribution and use in source and binary forms, with or without |
|
24 * modification, are permitted provided that the following conditions |
|
25 * are met: |
|
26 * 1. Redistributions of source code must retain the copyright |
|
27 * notice, this list of conditions and the following disclaimer. |
|
28 * 2. Redistributions in binary form must reproduce the above copyright |
|
29 * notice, this list of conditions and the following disclaimer in the |
|
30 * documentation and/or other materials provided with the distribution. |
|
31 * 3. All advertising materials mentioning features or use of this software |
|
32 * must display the following acknowledgement: |
|
33 * "This product includes cryptographic software written by |
|
34 * Eric Young (eay@cryptsoft.com)" |
|
35 * The word 'cryptographic' can be left out if the rouines from the library |
|
36 * being used are not cryptographic related :-). |
|
37 * 4. If you include any Windows specific code (or a derivative thereof) from |
|
38 * the apps directory (application code) you must include an acknowledgement: |
|
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
|
40 * |
|
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
|
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
|
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
|
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
|
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
|
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
|
51 * SUCH DAMAGE. |
|
52 * |
|
53 * The licence and distribution terms for any publically available version or |
|
54 * derivative of this code cannot be changed. i.e. this code cannot simply be |
|
55 * copied and put under another distribution licence |
|
56 * [including the GNU Public Licence.] |
|
57 */ |
|
58 /* ==================================================================== |
|
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. |
|
60 * |
|
61 * Redistribution and use in source and binary forms, with or without |
|
62 * modification, are permitted provided that the following conditions |
|
63 * are met: |
|
64 * |
|
65 * 1. Redistributions of source code must retain the above copyright |
|
66 * notice, this list of conditions and the following disclaimer. |
|
67 * |
|
68 * 2. Redistributions in binary form must reproduce the above copyright |
|
69 * notice, this list of conditions and the following disclaimer in |
|
70 * the documentation and/or other materials provided with the |
|
71 * distribution. |
|
72 * |
|
73 * 3. All advertising materials mentioning features or use of this |
|
74 * software must display the following acknowledgment: |
|
75 * "This product includes software developed by the OpenSSL Project |
|
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" |
|
77 * |
|
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
|
79 * endorse or promote products derived from this software without |
|
80 * prior written permission. For written permission, please contact |
|
81 * openssl-core@openssl.org. |
|
82 * |
|
83 * 5. Products derived from this software may not be called "OpenSSL" |
|
84 * nor may "OpenSSL" appear in their names without prior written |
|
85 * permission of the OpenSSL Project. |
|
86 * |
|
87 * 6. Redistributions of any form whatsoever must retain the following |
|
88 * acknowledgment: |
|
89 * "This product includes software developed by the OpenSSL Project |
|
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" |
|
91 * |
|
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
|
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
|
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
|
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
|
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
|
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
|
103 * OF THE POSSIBILITY OF SUCH DAMAGE. |
|
104 * ==================================================================== |
|
105 * |
|
106 * This product includes cryptographic software written by Eric Young |
|
107 * (eay@cryptsoft.com). This product includes software written by Tim |
|
108 * Hudson (tjh@cryptsoft.com). |
|
109 * |
|
110 */ |
|
111 |
|
112 #include <stdio.h> |
|
113 #undef SSLEAY_MACROS |
|
114 #include "cryptlib.h" |
|
115 #include <openssl/bio.h> |
|
116 #include <openssl/evp.h> |
|
117 #include <openssl/x509.h> |
|
118 #include <openssl/pkcs7.h> |
|
119 #include <openssl/pem.h> |
|
120 #ifndef OPENSSL_NO_RSA |
|
121 #include <openssl/rsa.h> |
|
122 #endif |
|
123 #ifndef OPENSSL_NO_DSA |
|
124 #include <openssl/dsa.h> |
|
125 #endif |
|
126 #ifndef OPENSSL_NO_DH |
|
127 #include <openssl/dh.h> |
|
128 #endif |
|
129 |
|
130 #ifndef OPENSSL_NO_RSA |
|
131 static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); |
|
132 #endif |
|
133 #ifndef OPENSSL_NO_DSA |
|
134 static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); |
|
135 #endif |
|
136 |
|
137 #ifndef OPENSSL_NO_EC |
|
138 static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey); |
|
139 #endif |
|
140 |
|
141 IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) |
|
142 |
|
143 IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ) |
|
144 |
|
145 IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL) |
|
146 |
|
147 IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7) |
|
148 |
|
149 IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE, |
|
150 PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE) |
|
151 |
|
152 |
|
153 #ifndef OPENSSL_NO_RSA |
|
154 |
|
155 /* We treat RSA or DSA private keys as a special case. |
|
156 * |
|
157 * For private keys we read in an EVP_PKEY structure with |
|
158 * PEM_read_bio_PrivateKey() and extract the relevant private |
|
159 * key: this means can handle "traditional" and PKCS#8 formats |
|
160 * transparently. |
|
161 */ |
|
162 |
|
163 static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa) |
|
164 { |
|
165 RSA *rtmp; |
|
166 if(!key) return NULL; |
|
167 rtmp = EVP_PKEY_get1_RSA(key); |
|
168 EVP_PKEY_free(key); |
|
169 if(!rtmp) return NULL; |
|
170 if(rsa) { |
|
171 RSA_free(*rsa); |
|
172 *rsa = rtmp; |
|
173 } |
|
174 return rtmp; |
|
175 } |
|
176 |
|
177 EXPORT_C RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb, |
|
178 void *u) |
|
179 { |
|
180 EVP_PKEY *pktmp; |
|
181 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); |
|
182 return pkey_get_rsa(pktmp, rsa); |
|
183 } |
|
184 |
|
185 #ifndef OPENSSL_NO_FP_API |
|
186 |
|
187 EXPORT_C RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, |
|
188 void *u) |
|
189 { |
|
190 EVP_PKEY *pktmp; |
|
191 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); |
|
192 return pkey_get_rsa(pktmp, rsa); |
|
193 } |
|
194 |
|
195 #endif |
|
196 |
|
197 IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) |
|
198 IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) |
|
199 IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) |
|
200 |
|
201 #endif |
|
202 |
|
203 #ifndef OPENSSL_NO_DSA |
|
204 |
|
205 static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa) |
|
206 { |
|
207 DSA *dtmp; |
|
208 if(!key) return NULL; |
|
209 dtmp = EVP_PKEY_get1_DSA(key); |
|
210 EVP_PKEY_free(key); |
|
211 if(!dtmp) return NULL; |
|
212 if(dsa) { |
|
213 DSA_free(*dsa); |
|
214 *dsa = dtmp; |
|
215 } |
|
216 return dtmp; |
|
217 } |
|
218 |
|
219 EXPORT_C DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, |
|
220 void *u) |
|
221 { |
|
222 EVP_PKEY *pktmp; |
|
223 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); |
|
224 return pkey_get_dsa(pktmp, dsa); |
|
225 } |
|
226 |
|
227 IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) |
|
228 IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) |
|
229 |
|
230 #ifndef OPENSSL_NO_FP_API |
|
231 |
|
232 EXPORT_C DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, |
|
233 void *u) |
|
234 { |
|
235 EVP_PKEY *pktmp; |
|
236 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); |
|
237 return pkey_get_dsa(pktmp, dsa); |
|
238 } |
|
239 |
|
240 #endif |
|
241 |
|
242 IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) |
|
243 |
|
244 #endif |
|
245 |
|
246 |
|
247 #ifndef OPENSSL_NO_EC |
|
248 static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey) |
|
249 { |
|
250 EC_KEY *dtmp; |
|
251 if(!key) return NULL; |
|
252 dtmp = EVP_PKEY_get1_EC_KEY(key); |
|
253 EVP_PKEY_free(key); |
|
254 if(!dtmp) return NULL; |
|
255 if(eckey) |
|
256 { |
|
257 EC_KEY_free(*eckey); |
|
258 *eckey = dtmp; |
|
259 } |
|
260 return dtmp; |
|
261 } |
|
262 |
|
263 EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, |
|
264 void *u) |
|
265 { |
|
266 EVP_PKEY *pktmp; |
|
267 pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); |
|
268 return pkey_get_eckey(pktmp, key); |
|
269 } |
|
270 |
|
271 IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters) |
|
272 |
|
273 IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey) |
|
274 |
|
275 IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) |
|
276 |
|
277 #ifndef OPENSSL_NO_FP_API |
|
278 |
|
279 EXPORT_C EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, |
|
280 void *u) |
|
281 { |
|
282 EVP_PKEY *pktmp; |
|
283 pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); |
|
284 return pkey_get_eckey(pktmp, eckey); |
|
285 } |
|
286 |
|
287 #endif |
|
288 |
|
289 #endif |
|
290 |
|
291 #ifndef OPENSSL_NO_DH |
|
292 |
|
293 IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) |
|
294 |
|
295 #endif |
|
296 |
|
297 |
|
298 /* The PrivateKey case is not that straightforward. |
|
299 * IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey) |
|
300 * does not work, RSA and DSA keys have specific strings. |
|
301 * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything |
|
302 * appropriate.) |
|
303 */ |
|
304 IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\ |
|
305 (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey) |
|
306 |
|
307 IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) |
|
308 |