1 | /* |
2 | * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at |
7 | * https://www.openssl.org/source/license.html |
8 | */ |
9 | |
10 | #include <stdio.h> |
11 | #include "internal/cryptlib.h" |
12 | #include <openssl/bio.h> |
13 | #include <openssl/evp.h> |
14 | #include <openssl/x509.h> |
15 | #include <openssl/pkcs7.h> |
16 | #include <openssl/pem.h> |
17 | #include <openssl/rsa.h> |
18 | #include <openssl/dsa.h> |
19 | #include <openssl/dh.h> |
20 | #include "pem_local.h" |
21 | |
22 | #ifndef OPENSSL_NO_RSA |
23 | static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); |
24 | #endif |
25 | #ifndef OPENSSL_NO_DSA |
26 | static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); |
27 | #endif |
28 | |
29 | #ifndef OPENSSL_NO_EC |
30 | static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey); |
31 | #endif |
32 | |
33 | IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) |
34 | |
35 | IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ) |
36 | IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL) |
37 | IMPLEMENT_PEM_rw(X509_PUBKEY, X509_PUBKEY, PEM_STRING_PUBLIC, X509_PUBKEY) |
38 | IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7) |
39 | |
40 | IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE, |
41 | PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE) |
42 | #ifndef OPENSSL_NO_RSA |
43 | /* |
44 | * We treat RSA or DSA private keys as a special case. For private keys we |
45 | * read in an EVP_PKEY structure with PEM_read_bio_PrivateKey() and extract |
46 | * the relevant private key: this means can handle "traditional" and PKCS#8 |
47 | * formats transparently. |
48 | */ |
49 | static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa) |
50 | { |
51 | RSA *rtmp; |
52 | if (!key) |
53 | return NULL; |
54 | rtmp = EVP_PKEY_get1_RSA(key); |
55 | EVP_PKEY_free(key); |
56 | if (!rtmp) |
57 | return NULL; |
58 | if (rsa) { |
59 | RSA_free(*rsa); |
60 | *rsa = rtmp; |
61 | } |
62 | return rtmp; |
63 | } |
64 | |
65 | RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb, |
66 | void *u) |
67 | { |
68 | EVP_PKEY *pktmp; |
69 | pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); |
70 | return pkey_get_rsa(pktmp, rsa); |
71 | } |
72 | |
73 | # ifndef OPENSSL_NO_STDIO |
74 | |
75 | RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u) |
76 | { |
77 | EVP_PKEY *pktmp; |
78 | pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); |
79 | return pkey_get_rsa(pktmp, rsa); |
80 | } |
81 | |
82 | # endif |
83 | |
84 | IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) |
85 | IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) |
86 | IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) |
87 | #endif |
88 | #ifndef OPENSSL_NO_DSA |
89 | static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa) |
90 | { |
91 | DSA *dtmp; |
92 | if (!key) |
93 | return NULL; |
94 | dtmp = EVP_PKEY_get1_DSA(key); |
95 | EVP_PKEY_free(key); |
96 | if (!dtmp) |
97 | return NULL; |
98 | if (dsa) { |
99 | DSA_free(*dsa); |
100 | *dsa = dtmp; |
101 | } |
102 | return dtmp; |
103 | } |
104 | |
105 | DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, |
106 | void *u) |
107 | { |
108 | EVP_PKEY *pktmp; |
109 | pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); |
110 | return pkey_get_dsa(pktmp, dsa); /* will free pktmp */ |
111 | } |
112 | |
113 | IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) |
114 | IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) |
115 | # ifndef OPENSSL_NO_STDIO |
116 | DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, void *u) |
117 | { |
118 | EVP_PKEY *pktmp; |
119 | pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); |
120 | return pkey_get_dsa(pktmp, dsa); /* will free pktmp */ |
121 | } |
122 | |
123 | # endif |
124 | |
125 | IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) |
126 | #endif |
127 | #ifndef OPENSSL_NO_EC |
128 | static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey) |
129 | { |
130 | EC_KEY *dtmp; |
131 | if (!key) |
132 | return NULL; |
133 | dtmp = EVP_PKEY_get1_EC_KEY(key); |
134 | EVP_PKEY_free(key); |
135 | if (!dtmp) |
136 | return NULL; |
137 | if (eckey) { |
138 | EC_KEY_free(*eckey); |
139 | *eckey = dtmp; |
140 | } |
141 | return dtmp; |
142 | } |
143 | |
144 | EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, |
145 | void *u) |
146 | { |
147 | EVP_PKEY *pktmp; |
148 | pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); |
149 | return pkey_get_eckey(pktmp, key); /* will free pktmp */ |
150 | } |
151 | |
152 | IMPLEMENT_PEM_rw(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, |
153 | ECPKParameters) |
154 | |
155 | |
156 | IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, |
157 | ECPrivateKey) |
158 | IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) |
159 | # ifndef OPENSSL_NO_STDIO |
160 | EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, |
161 | void *u) |
162 | { |
163 | EVP_PKEY *pktmp; |
164 | pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); |
165 | return pkey_get_eckey(pktmp, eckey); /* will free pktmp */ |
166 | } |
167 | |
168 | # endif |
169 | |
170 | #endif |
171 | |
172 | #ifndef OPENSSL_NO_DH |
173 | |
174 | IMPLEMENT_PEM_write(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) |
175 | IMPLEMENT_PEM_write(DHxparams, DH, PEM_STRING_DHXPARAMS, DHxparams) |
176 | #endif |
177 | IMPLEMENT_PEM_provided_write(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) |
178 | IMPLEMENT_PEM_read(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) |
179 | |