From b0c6fb8064f129ba94aa9e1f479750a20b2bdee2 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 4 Jun 1999 23:33:48 +0000 Subject: [PATCH] The rest of the PKCS#5, PKCS#8 patch I forgot before :-) --- crypto/evp/Makefile.ssl | 4 ++-- crypto/evp/evp.h | 5 +++++ crypto/objects/obj_dat.h | 23 +++++++++++++++++++---- crypto/objects/objects.h | 12 ++++++++++++ crypto/pem/pem.h | 5 +++++ crypto/pem/pem_all.c | 33 +++++++++++++++++++++++++++++++++ crypto/pkcs12/pkcs12.h | 3 ++- 7 files changed, 78 insertions(+), 7 deletions(-) diff --git a/crypto/evp/Makefile.ssl b/crypto/evp/Makefile.ssl index 2409c5861b..add46ed9f1 100644 --- a/crypto/evp/Makefile.ssl +++ b/crypto/evp/Makefile.ssl @@ -35,7 +35,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c \ m_ripemd.c \ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ - c_all.c evp_lib.c bio_ok.c evp_pkey.c evp_pbe.c + c_all.c evp_lib.c bio_ok.c evp_pkey.c evp_pbe.c p5_crpt.c LIBOBJ= encode.o digest.o evp_enc.o evp_key.o \ e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o \ @@ -50,7 +50,7 @@ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o \ m_ripemd.o \ p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \ bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \ - c_all.o evp_lib.o bio_ok.o evp_pkey.o evp_pbe.o + c_all.o evp_lib.o bio_ok.o evp_pkey.o evp_pbe.o p5_crpt.o SRC= $(LIBSRC) diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 39f48610ed..9df4f1fdab 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -634,6 +634,11 @@ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type); int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type); int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type); +/* PKCS5 password based encryption */ +int PKCS5_PBE_keyivgen(const char *pass, int passlen, unsigned char *salt, + int saltlen, int iter, EVP_CIPHER *cipher, EVP_MD *md, + unsigned char *key, unsigned char *iv); + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 0db4550c72..9db7679ccd 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -61,12 +61,12 @@ * perl obj_dat.pl < objects.h > obj_dat.h */ -#define NUM_NID 168 +#define NUM_NID 171 #define NUM_SN 119 -#define NUM_LN 164 -#define NUM_OBJ 139 +#define NUM_LN 167 +#define NUM_OBJ 142 -static unsigned char lvalues[957]={ +static unsigned char lvalues[984]={ 0x00, /* [ 0] OBJ_undef */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ @@ -206,6 +206,9 @@ static unsigned char lvalues[957]={ 0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [939] OBJ_id_qt_cps */ 0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [947] OBJ_id_qt_unotice */ 0x0F, /* [955] OBJ_SMIMECapabilities */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [956] OBJ_pbeWithMD2AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [965] OBJ_pbeWithMD5AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [974] OBJ_pbeWithSHA1AndDES_CBC */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -443,6 +446,12 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL}, {"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,1, &(lvalues[955]),0}, +{"pbeWithMD2AndRC2-CBC","pbeWithMD2AndRC2-CBC", + NID_pbeWithMD2AndRC2_CBC,9,&(lvalues[956]),0}, +{"pbeWithMD5AndRC2-CBC","pbeWithMD5AndRC2-CBC", + NID_pbeWithMD5AndRC2_CBC,9,&(lvalues[965]),0}, +{"pbeWithSHA1AndDES-CBC","pbeWithSHA1AndDES-CBC", + NID_pbeWithSHA1AndDES_CBC,9,&(lvalues[974]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -673,14 +682,17 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[17]),/* "organizationName" */ &(nid_objs[18]),/* "organizationalUnitName" */ &(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */ +&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */ &(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */ &(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */ +&(nid_objs[169]),/* "pbeWithMD5AndRC2-CBC" */ &(nid_objs[148]),/* "pbeWithSHA1And128BitRC2-CBC" */ &(nid_objs[144]),/* "pbeWithSHA1And128BitRC4" */ &(nid_objs[147]),/* "pbeWithSHA1And2-KeyTripleDES-CBC" */ &(nid_objs[146]),/* "pbeWithSHA1And3-KeyTripleDES-CBC" */ &(nid_objs[149]),/* "pbeWithSHA1And40BitRC2-CBC" */ &(nid_objs[145]),/* "pbeWithSHA1And40BitRC4" */ +&(nid_objs[170]),/* "pbeWithSHA1AndDES-CBC" */ &(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */ &(nid_objs[69]),/* "pbeWithSHA1AndRC4" */ &(nid_objs[ 2]),/* "pkcs" */ @@ -823,6 +835,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */ &(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */ &(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */ +&(nid_objs[168]),/* OBJ_pbeWithMD2AndRC2_CBC 1 2 840 113549 1 5 4 */ +&(nid_objs[169]),/* OBJ_pbeWithMD5AndRC2_CBC 1 2 840 113549 1 5 6 */ +&(nid_objs[170]),/* OBJ_pbeWithSHA1AndDES_CBC 1 2 840 113549 1 5 10 */ &(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */ &(nid_objs[69]),/* OBJ_pbeWithSHA1AndRC4 1 2 840 113549 1 5 12 */ &(nid_objs[161]),/* OBJ_pbes2 1 2 840 113549 1 5 13 */ diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h index 52c5f4ca32..fd5c02d313 100644 --- a/crypto/objects/objects.h +++ b/crypto/objects/objects.h @@ -875,6 +875,18 @@ extern "C" { #define NID_SMIMECapabilities 167 #define OBJ_SMIMECapabilities OBJ_id_pkcs9,15L +#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC" +#define NID_pbeWithMD2AndRC2_CBC 168 +#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs,5L,4L + +#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC" +#define NID_pbeWithMD5AndRC2_CBC 169 +#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs,5L,6L + +#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC" +#define NID_pbeWithSHA1AndDES_CBC 170 +#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs,5L,10L + #include #include diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h index 9434dfdbd9..c31984c75a 100644 --- a/crypto/pem/pem.h +++ b/crypto/pem/pem.h @@ -109,6 +109,7 @@ extern "C" { #define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY" #define PEM_STRING_DSA "DSA PRIVATE KEY" #define PEM_STRING_PKCS7 "PKCS7" +#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY" #define PEM_STRING_DHPARAMS "DH PARAMETERS" #define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" #define PEM_STRING_DSAPARAMS "DSA PARAMETERS" @@ -401,6 +402,7 @@ DH *PEM_read_DHparams(FILE *fp,DH **x, pem_password_cb *); EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x, pem_password_cb *); PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x, pem_password_cb *); NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(FILE *fp,NETSCAPE_CERT_SEQUENCE **x, pem_password_cb *); +X509_SIG *PEM_read_PKCS8(FILE *fp,X509_SIG **x, pem_password_cb *); int PEM_write_X509(FILE *fp,X509 *x); int PEM_write_X509_REQ(FILE *fp,X509_REQ *x); int PEM_write_X509_CRL(FILE *fp,X509_CRL *x); @@ -424,6 +426,7 @@ int PEM_write_DHparams(FILE *fp,DH *x); int PEM_write_DSAparams(FILE *fp,DSA *x); #endif int PEM_write_NETSCAPE_CERT_SEQUENCE(FILE *fp,NETSCAPE_CERT_SEQUENCE *x); +int PEM_write_PKCS8(FILE *fp,X509_SIG *x); #endif #ifdef HEADER_BIO_H @@ -443,6 +446,7 @@ PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x, pem_password_cb *); DH *PEM_read_bio_DHparams(BIO *bp,DH **x, pem_password_cb *); #endif NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,NETSCAPE_CERT_SEQUENCE **x, pem_password_cb *); +X509_SIG *PEM_read_bio_PKCS8(BIO *bp,X509_SIG **x, pem_password_cb *); #ifndef NO_DSA DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x, pem_password_cb *); #endif @@ -468,6 +472,7 @@ int PEM_write_bio_DHparams(BIO *bp,DH *x); int PEM_write_bio_DSAparams(BIO *bp,DSA *x); #endif int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,NETSCAPE_CERT_SEQUENCE *x); +int PEM_write_bio_PKCS8(BIO *bp,X509_SIG *x); #endif #endif /* SSLEAY_MACROS */ diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c index 0775155fb0..bb3ce5128b 100644 --- a/crypto/pem/pem_all.c +++ b/crypto/pem/pem_all.c @@ -402,3 +402,36 @@ int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp, NETSCAPE_CERT_SEQUENCE *x) PEM_STRING_X509,bp, (char *)x, NULL,NULL,0,NULL)); } + +/* The PKCS8 functions */ + +#ifndef NO_FP_API +X509_SIG *PEM_read_PKCS8(FILE *fp, + X509_SIG **x, pem_password_cb *cb) + { + return((X509_SIG *) PEM_ASN1_read((char *(*)())d2i_X509_SIG, + PEM_STRING_PKCS8,fp,(char **)x,cb)); + } +#endif + +X509_SIG *PEM_read_bio_PKCS8(BIO *bp, + X509_SIG **x, pem_password_cb *cb) + { + return((X509_SIG *) + PEM_ASN1_read_bio((char *(*)())d2i_X509_SIG, + PEM_STRING_PKCS8,bp,(char **)x,cb)); + } + +#ifndef NO_FP_API +int PEM_write_PKCS8(FILE *fp, X509_SIG *x) + { + return(PEM_ASN1_write((int (*)())i2d_X509_SIG, + PEM_STRING_PKCS8,fp, (char *)x, NULL,NULL,0,NULL)); + } +#endif + +int PEM_write_bio_PKCS8(BIO *bp, X509_SIG *x) + { + return(PEM_ASN1_write_bio((int (*)())i2d_X509_SIG, + PEM_STRING_PKCS8,bp, (char *)x, NULL,NULL,0,NULL)); + } diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h index c660926cb0..459962c1a3 100644 --- a/crypto/pkcs12/pkcs12.h +++ b/crypto/pkcs12/pkcs12.h @@ -183,7 +183,8 @@ ASN1_seq_unpack((p12)->authsafes->d.data->data, \ #define M_PKCS8_decrypt(p8, pass, passlen) \ (PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i ((p8)->algor, \ -(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (pass), (passlen), (p8)->digest, 2) +(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free,\ + (pass), (passlen), (p8)->digest, 2) #define PKCS12_get_attr(bag, attr_nid) \ PKCS12_get_attr_gen(bag->attrib, attr_nid) -- GitLab