pem_pk8.c@ 91977

最後變更在這個檔案從91977是 91772,由 vboxsync 提交於 3 年前
openssl-1.1.1l: Applied and adjusted our OpenSSL changes to 1.1.1l. bugref:10126
檔案大小: 6.5 KB

行
1	/*
2	* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the OpenSSL license (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include <stdio.h>
11	#include "internal/cryptlib.h"
12	#include <openssl/buffer.h>
13	#include <openssl/objects.h>
14	#include <openssl/evp.h>
15	#include <openssl/x509.h>
16	#include <openssl/pkcs12.h>
17	#include <openssl/pem.h>
18
19	static int do_pk8pkey(BIO bp, EVP_PKEY x, int isder,
20	int nid, const EVP_CIPHER *enc,
21	char kstr, int klen, pem_password_cb cb, void *u);
22
23	#ifndef OPENSSL_NO_STDIO
24	static int do_pk8pkey_fp(FILE bp, EVP_PKEY x, int isder,
25	int nid, const EVP_CIPHER *enc,
26	char kstr, int klen, pem_password_cb cb, void *u);
27	#endif
28	/*
29	* These functions write a private key in PKCS#8 format: it is a "drop in"
30	* replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc'
31	* is NULL then it uses the unencrypted private key form. The 'nid' versions
32	* uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0.
33	*/
34
35	int PEM_write_bio_PKCS8PrivateKey_nid(BIO bp, EVP_PKEY x, int nid,
36	char *kstr, int klen,
37	pem_password_cb cb, void u)
38	{
39	return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u);
40	}
41
42	int PEM_write_bio_PKCS8PrivateKey(BIO bp, EVP_PKEY x, const EVP_CIPHER *enc,
43	char *kstr, int klen,
44	pem_password_cb cb, void u)
45	{
46	return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u);
47	}
48
49	int i2d_PKCS8PrivateKey_bio(BIO bp, EVP_PKEY x, const EVP_CIPHER *enc,
50	char *kstr, int klen,
51	pem_password_cb cb, void u)
52	{
53	return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u);
54	}
55
56	int i2d_PKCS8PrivateKey_nid_bio(BIO bp, EVP_PKEY x, int nid,
57	char *kstr, int klen,
58	pem_password_cb cb, void u)
59	{
60	return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u);
61	}
62
63	static int do_pk8pkey(BIO bp, EVP_PKEY x, int isder, int nid,
64	const EVP_CIPHER enc, char kstr, int klen,
65	pem_password_cb cb, void u)
66	{
67	X509_SIG *p8;
68	PKCS8_PRIV_KEY_INFO *p8inf;
69	char buf[PEM_BUFSIZE];
70	int ret;
71
72	if ((p8inf = EVP_PKEY2PKCS8(x)) == NULL) {
73	PEMerr(PEM_F_DO_PK8PKEY, PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
74	return 0;
75	}
76	if (enc \|\| (nid != -1)) {
77	if (!kstr) {
78	if (!cb)
79	klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
80	else
81	klen = cb(buf, PEM_BUFSIZE, 1, u);
82	if (klen <= 0) {
83	PEMerr(PEM_F_DO_PK8PKEY, PEM_R_READ_KEY);
84	PKCS8_PRIV_KEY_INFO_free(p8inf);
85	return 0;
86	}
87
88	kstr = buf;
89	}
90	p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf);
91	if (kstr == buf)
92	OPENSSL_cleanse(buf, klen);
93	PKCS8_PRIV_KEY_INFO_free(p8inf);
94	if (p8 == NULL)
95	return 0;
96	if (isder)
97	ret = i2d_PKCS8_bio(bp, p8);
98	else
99	ret = PEM_write_bio_PKCS8(bp, p8);
100	X509_SIG_free(p8);
101	return ret;
102	} else {
103	if (isder)
104	ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
105	else
106	ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);
107	PKCS8_PRIV_KEY_INFO_free(p8inf);
108	return ret;
109	}
110	}
111
112	EVP_PKEY d2i_PKCS8PrivateKey_bio(BIO bp, EVP_PKEY *x, pem_password_cb cb,
113	void *u)
114	{
115	PKCS8_PRIV_KEY_INFO *p8inf = NULL;
116	X509_SIG *p8 = NULL;
117	int klen;
118	EVP_PKEY *ret;
119	char psbuf[PEM_BUFSIZE];
120	p8 = d2i_PKCS8_bio(bp, NULL);
121	if (!p8)
122	return NULL;
123	if (cb)
124	klen = cb(psbuf, PEM_BUFSIZE, 0, u);
125	else
126	klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
127	if (klen < 0) {
128	PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ);
129	X509_SIG_free(p8);
130	return NULL;
131	}
132	p8inf = PKCS8_decrypt(p8, psbuf, klen);
133	X509_SIG_free(p8);
134	OPENSSL_cleanse(psbuf, klen);
135	if (!p8inf)
136	return NULL;
137	ret = EVP_PKCS82PKEY(p8inf);
138	PKCS8_PRIV_KEY_INFO_free(p8inf);
139	if (!ret)
140	return NULL;
141	if (x) {
142	EVP_PKEY_free(*x);
143	*x = ret;
144	}
145	return ret;
146	}
147
148	#ifndef OPENSSL_NO_STDIO
149
150	int i2d_PKCS8PrivateKey_fp(FILE fp, EVP_PKEY x, const EVP_CIPHER *enc,
151	char kstr, int klen, pem_password_cb cb, void *u)
152	{
153	return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u);
154	}
155
156	int i2d_PKCS8PrivateKey_nid_fp(FILE fp, EVP_PKEY x, int nid,
157	char *kstr, int klen,
158	pem_password_cb cb, void u)
159	{
160	return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u);
161	}
162
163	int PEM_write_PKCS8PrivateKey_nid(FILE fp, EVP_PKEY x, int nid,
164	char *kstr, int klen,
165	pem_password_cb cb, void u)
166	{
167	return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u);
168	}
169
170	int PEM_write_PKCS8PrivateKey(FILE fp, EVP_PKEY x, const EVP_CIPHER *enc,
171	char kstr, int klen, pem_password_cb cb,
172	void *u)
173	{
174	return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u);
175	}
176
177	static int do_pk8pkey_fp(FILE fp, EVP_PKEY x, int isder, int nid,
178	const EVP_CIPHER enc, char kstr, int klen,
179	pem_password_cb cb, void u)
180	{
181	BIO *bp;
182	int ret;
183
184	if ((bp = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
185	PEMerr(PEM_F_DO_PK8PKEY_FP, ERR_R_BUF_LIB);
186	return 0;
187	}
188	ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);
189	BIO_free(bp);
190	return ret;
191	}
192
193	EVP_PKEY d2i_PKCS8PrivateKey_fp(FILE fp, EVP_PKEY *x, pem_password_cb cb,
194	void *u)
195	{
196	BIO *bp;
197	EVP_PKEY *ret;
198
199	if ((bp = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
200	PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP, ERR_R_BUF_LIB);
201	return NULL;
202	}
203	ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u);
204	BIO_free(bp);
205	return ret;
206	}
207
208	#endif
209
210	IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
211
212
213	IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,
214	PKCS8_PRIV_KEY_INFO)

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/libs/openssl-1.1.1l/crypto/pem/pem_pk8.c@ 91977

以其他格式下載: