Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
e7871ffa
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
e7871ffa
编写于
25年前
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
More PKCS#8 stuff. Support for unencrypted forms of private key.
上级
8d8a8041
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
109 addition
and
31 deletion
+109
-31
CHANGES
CHANGES
+5
-2
apps/pkcs8.c
apps/pkcs8.c
+64
-28
crypto/pem/pem.h
crypto/pem/pem.h
+8
-1
crypto/pem/pem_all.c
crypto/pem/pem_all.c
+32
-0
未找到文件。
CHANGES
浏览文件 @
e7871ffa
...
...
@@ -6,8 +6,11 @@
Changes between 0.9.3a and 0.9.4
*) Support for PKCS#5 v1.5 compatible password based encryption algorithms
and partial PKCS#8 functionality. New 'pkcs8' application linked to
openssl.
and PKCS#8 functionality. New 'pkcs8' application linked to openssl.
Needed to change the PEM_STRING_EVP_PKEY value which was just "PRIVATE
KEY" because this clashed with PKCS#8 unencrypted string. Since this
value was just used as a "magic string" and not used directly its
value doesn't matter.
[Steve Henson]
*) Introduce some semblance of const correctness to BN. Shame C doesn't
...
...
This diff is collapsed.
Click to expand it.
apps/pkcs8.c
浏览文件 @
e7871ffa
...
...
@@ -74,6 +74,7 @@ int MAIN(int argc, char **argv)
int
iter
=
PKCS12_DEFAULT_ITER
;
int
informat
,
outformat
;
int
p8_broken
=
PKCS8_OK
;
int
nocrypt
=
0
;
X509_SIG
*
p8
;
PKCS8_PRIV_KEY_INFO
*
p8inf
;
EVP_PKEY
*
pkey
;
...
...
@@ -98,6 +99,7 @@ int MAIN(int argc, char **argv)
}
else
badarg
=
1
;
}
else
if
(
!
strcmp
(
*
args
,
"-topk8"
))
topk8
=
1
;
else
if
(
!
strcmp
(
*
args
,
"-noiter"
))
iter
=
1
;
else
if
(
!
strcmp
(
*
args
,
"-nocrypt"
))
nocrypt
=
1
;
else
if
(
!
strcmp
(
*
args
,
"-nooct"
))
p8_broken
=
PKCS8_NO_OCTET
;
else
if
(
!
strcmp
(
*
args
,
"-in"
))
{
if
(
args
[
1
])
{
...
...
@@ -116,11 +118,14 @@ int MAIN(int argc, char **argv)
if
(
badarg
)
{
BIO_printf
(
bio_err
,
"Usage pkcs8 [options]
\n
"
);
BIO_printf
(
bio_err
,
"where options are
\n
"
);
BIO_printf
(
bio_err
,
"-in file input file
\n
"
);
BIO_printf
(
bio_err
,
"-out file output file
\n
"
);
BIO_printf
(
bio_err
,
"-topk8 output PKCS8 file
\n
"
);
BIO_printf
(
bio_err
,
"-nooct use (broken) no octet form
\n
"
);
BIO_printf
(
bio_err
,
"-noiter use 1 as iteration cound
\n
"
);
BIO_printf
(
bio_err
,
"-in file input file
\n
"
);
BIO_printf
(
bio_err
,
"-inform X input format (DER or PEM)
\n
"
);
BIO_printf
(
bio_err
,
"-outform X output format (DER or PEM)
\n
"
);
BIO_printf
(
bio_err
,
"-out file output file
\n
"
);
BIO_printf
(
bio_err
,
"-topk8 output PKCS8 file
\n
"
);
BIO_printf
(
bio_err
,
"-nooct use (broken) no octet form
\n
"
);
BIO_printf
(
bio_err
,
"-noiter use 1 as iteration count
\n
"
);
BIO_printf
(
bio_err
,
"-nocrypt use or expect unencrypted private key
\n
"
);
return
(
1
);
}
...
...
@@ -154,35 +159,66 @@ int MAIN(int argc, char **argv)
return
(
1
);
}
PKCS8_set_broken
(
p8inf
,
p8_broken
);
EVP_read_pw_string
(
pass
,
50
,
"Enter Encryption Password:"
,
1
);
if
(
!
(
p8
=
PKCS8_encrypt
(
pbe_nid
,
pass
,
strlen
(
pass
),
NULL
,
0
,
iter
,
p8inf
)))
{
BIO_printf
(
bio_err
,
"Error encrypting key
\n
"
,
outfile
);
ERR_print_errors
(
bio_err
);
return
(
1
);
if
(
nocrypt
)
{
if
(
outformat
==
FORMAT_PEM
)
PEM_write_bio_PKCS8_PRIV_KEY_INFO
(
out
,
p8inf
);
else
if
(
outformat
==
FORMAT_ASN1
)
i2d_PKCS8_PRIV_KEY_INFO_bio
(
out
,
p8inf
);
else
{
BIO_printf
(
bio_err
,
"Bad format specified for key
\n
"
);
return
(
1
);
}
}
else
{
EVP_read_pw_string
(
pass
,
50
,
"Enter Encryption Password:"
,
1
);
if
(
!
(
p8
=
PKCS8_encrypt
(
pbe_nid
,
pass
,
strlen
(
pass
),
NULL
,
0
,
iter
,
p8inf
)))
{
BIO_printf
(
bio_err
,
"Error encrypting key
\n
"
,
outfile
);
ERR_print_errors
(
bio_err
);
return
(
1
);
}
if
(
outformat
==
FORMAT_PEM
)
PEM_write_bio_PKCS8
(
out
,
p8
);
else
if
(
outformat
==
FORMAT_ASN1
)
i2d_PKCS8_bio
(
out
,
p8
);
else
{
BIO_printf
(
bio_err
,
"Bad format specified for key
\n
"
);
return
(
1
);
}
X509_SIG_free
(
p8
);
}
PKCS8_PRIV_KEY_INFO_free
(
p8inf
);
PEM_write_bio_PKCS8
(
out
,
p8
);
X509_SIG_free
(
p8
);
return
(
0
);
}
if
(
informat
==
FORMAT_PEM
)
p8
=
PEM_read_bio_PKCS8
(
in
,
NULL
,
NULL
);
else
if
(
informat
==
FORMAT_ASN1
)
p8
=
d2i_PKCS8_bio
(
in
,
NULL
);
else
{
BIO_printf
(
bio_err
,
"Bad input format specified for key
\n
"
);
return
(
1
);
}
if
(
nocrypt
)
{
if
(
informat
==
FORMAT_PEM
)
p8inf
=
PEM_read_bio_PKCS8_PRIV_KEY_INFO
(
in
,
NULL
,
NULL
);
else
if
(
informat
==
FORMAT_ASN1
)
p8inf
=
d2i_PKCS8_PRIV_KEY_INFO_bio
(
in
,
NULL
);
else
{
BIO_printf
(
bio_err
,
"Bad format specified for key
\n
"
);
return
(
1
);
}
}
else
{
if
(
informat
==
FORMAT_PEM
)
p8
=
PEM_read_bio_PKCS8
(
in
,
NULL
,
NULL
);
else
if
(
informat
==
FORMAT_ASN1
)
p8
=
d2i_PKCS8_bio
(
in
,
NULL
);
else
{
BIO_printf
(
bio_err
,
"Bad format specified for key
\n
"
);
return
(
1
);
}
if
(
!
p8
)
{
BIO_printf
(
bio_err
,
"Error reading key
\n
"
,
outfile
);
ERR_print_errors
(
bio_err
);
return
(
1
);
if
(
!
p8
)
{
BIO_printf
(
bio_err
,
"Error reading key
\n
"
,
outfile
);
ERR_print_errors
(
bio_err
);
return
(
1
);
}
EVP_read_pw_string
(
pass
,
50
,
"Enter Password:"
,
0
);
p8inf
=
M_PKCS8_decrypt
(
p8
,
pass
,
strlen
(
pass
));
}
EVP_read_pw_string
(
pass
,
50
,
"Enter Password:"
,
0
);
p8inf
=
M_PKCS8_decrypt
(
p8
,
pass
,
strlen
(
pass
));
if
(
!
p8inf
)
{
BIO_printf
(
bio_err
,
"Error decrypting key
\n
"
,
outfile
);
ERR_print_errors
(
bio_err
);
...
...
@@ -210,7 +246,7 @@ int MAIN(int argc, char **argv)
PKCS8_PRIV_KEY_INFO_free
(
p8inf
);
PEM_write_bio_PrivateKey
(
out
,
pkey
,
NULL
,
NULL
,
0
,
NULL
);
PEM_write_bio_PrivateKey
(
out
,
pkey
,
NULL
,
NULL
,
0
,
NULL
);
return
(
0
);
}
This diff is collapsed.
Click to expand it.
crypto/pem/pem.h
浏览文件 @
e7871ffa
...
...
@@ -104,12 +104,13 @@ extern "C" {
#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
#define PEM_STRING_X509_CRL "X509 CRL"
#define PEM_STRING_EVP_PKEY "PRIVATE KEY"
#define PEM_STRING_EVP_PKEY "
ANY
PRIVATE KEY"
#define PEM_STRING_RSA "RSA PRIVATE KEY"
#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
#define PEM_STRING_DSA "DSA PRIVATE KEY"
#define PEM_STRING_PKCS7 "PKCS7"
#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
#define PEM_STRING_PKCS8INF "PRIVATE KEY"
#define PEM_STRING_DHPARAMS "DH PARAMETERS"
#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
#define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
...
...
@@ -403,6 +404,8 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x, pem_password_cb *);
PKCS7
*
PEM_read_PKCS7
(
FILE
*
fp
,
PKCS7
**
x
,
pem_password_cb
*
);
NETSCAPE_CERT_SEQUENCE
*
PEM_read_NETSCAPE_CERT_SEQUENCE
(
FILE
*
fp
,
NETSCAPE_CERT_SEQUENCE
**
x
,
pem_password_cb
*
);
X509_SIG
*
PEM_read_PKCS8
(
FILE
*
fp
,
X509_SIG
**
x
,
pem_password_cb
*
);
PKCS8_PRIV_KEY_INFO
*
PEM_read_PKCS8_PRIV_KEY_INFO
(
FILE
*
fp
,
PKCS8_PRIV_KEY_INFO
**
x
,
pem_password_cb
*
);
int
PEM_write_X509
(
FILE
*
fp
,
X509
*
x
);
int
PEM_write_X509_REQ
(
FILE
*
fp
,
X509_REQ
*
x
);
int
PEM_write_X509_CRL
(
FILE
*
fp
,
X509_CRL
*
x
);
...
...
@@ -427,6 +430,7 @@ int PEM_write_DSAparams(FILE *fp,DSA *x);
#endif
int
PEM_write_NETSCAPE_CERT_SEQUENCE
(
FILE
*
fp
,
NETSCAPE_CERT_SEQUENCE
*
x
);
int
PEM_write_PKCS8
(
FILE
*
fp
,
X509_SIG
*
x
);
int
PEM_write_PKCS8_PRIV_KEY_INFO
(
FILE
*
fp
,
PKCS8_PRIV_KEY_INFO
*
x
);
#endif
#ifdef HEADER_BIO_H
...
...
@@ -447,6 +451,8 @@ DH *PEM_read_bio_DHparams(BIO *bp,DH **x, pem_password_cb *);
#endif
NETSCAPE_CERT_SEQUENCE
*
PEM_read_bio_NETSCAPE_CERT_SEQUENCE
(
BIO
*
bp
,
NETSCAPE_CERT_SEQUENCE
**
x
,
pem_password_cb
*
);
X509_SIG
*
PEM_read_bio_PKCS8
(
BIO
*
bp
,
X509_SIG
**
x
,
pem_password_cb
*
);
PKCS8_PRIV_KEY_INFO
*
PEM_read_bio_PKCS8_PRIV_KEY_INFO
(
BIO
*
bp
,
PKCS8_PRIV_KEY_INFO
**
x
,
pem_password_cb
*
);
#ifndef NO_DSA
DSA
*
PEM_read_bio_DSAparams
(
BIO
*
bp
,
DSA
**
x
,
pem_password_cb
*
);
#endif
...
...
@@ -473,6 +479,7 @@ int PEM_write_bio_DSAparams(BIO *bp,DSA *x);
#endif
int
PEM_write_bio_NETSCAPE_CERT_SEQUENCE
(
BIO
*
bp
,
NETSCAPE_CERT_SEQUENCE
*
x
);
int
PEM_write_bio_PKCS8
(
BIO
*
bp
,
X509_SIG
*
x
);
int
PEM_write_bio_PKCS8_PRIV_KEY_INFO
(
BIO
*
bp
,
PKCS8_PRIV_KEY_INFO
*
x
);
#endif
#endif
/* SSLEAY_MACROS */
...
...
This diff is collapsed.
Click to expand it.
crypto/pem/pem_all.c
浏览文件 @
e7871ffa
...
...
@@ -435,3 +435,35 @@ int PEM_write_bio_PKCS8(BIO *bp, X509_SIG *x)
return
(
PEM_ASN1_write_bio
((
int
(
*
)())
i2d_X509_SIG
,
PEM_STRING_PKCS8
,
bp
,
(
char
*
)
x
,
NULL
,
NULL
,
0
,
NULL
));
}
#ifndef NO_FP_API
PKCS8_PRIV_KEY_INFO
*
PEM_read_PKCS8_PRIV_KEY_INFO
(
FILE
*
fp
,
PKCS8_PRIV_KEY_INFO
**
x
,
pem_password_cb
*
cb
)
{
return
((
PKCS8_PRIV_KEY_INFO
*
)
PEM_ASN1_read
((
char
*
(
*
)())
d2i_PKCS8_PRIV_KEY_INFO
,
PEM_STRING_PKCS8INF
,
fp
,(
char
**
)
x
,
cb
));
}
#endif
PKCS8_PRIV_KEY_INFO
*
PEM_read_bio_PKCS8_PRIV_KEY_INFO
(
BIO
*
bp
,
PKCS8_PRIV_KEY_INFO
**
x
,
pem_password_cb
*
cb
)
{
return
((
PKCS8_PRIV_KEY_INFO
*
)
PEM_ASN1_read_bio
((
char
*
(
*
)())
d2i_PKCS8_PRIV_KEY_INFO
,
PEM_STRING_PKCS8INF
,
bp
,(
char
**
)
x
,
cb
));
}
#ifndef NO_FP_API
int
PEM_write_PKCS8_PRIV_KEY_INFO
(
FILE
*
fp
,
PKCS8_PRIV_KEY_INFO
*
x
)
{
return
(
PEM_ASN1_write
((
int
(
*
)())
i2d_PKCS8_PRIV_KEY_INFO
,
PEM_STRING_PKCS8INF
,
fp
,
(
char
*
)
x
,
NULL
,
NULL
,
0
,
NULL
));
}
#endif
int
PEM_write_bio_PKCS8_PRIV_KEY_INFO
(
BIO
*
bp
,
PKCS8_PRIV_KEY_INFO
*
x
)
{
return
(
PEM_ASN1_write_bio
((
int
(
*
)())
i2d_PKCS8_PRIV_KEY_INFO
,
PEM_STRING_PKCS8INF
,
bp
,
(
char
*
)
x
,
NULL
,
NULL
,
0
,
NULL
));
}
This diff is collapsed.
Click to expand it.
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
新手
引导
客服
返回
顶部