diff options
author | Richard Levitte <levitte@openssl.org> | 2018-10-12 16:56:44 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-05-13 18:51:15 +0200 |
commit | f55838f34dd5c65420662f7eacf6c6ffd7f261a2 (patch) | |
tree | d6b825c43e806c1ed7d6c6d17ce00637baa14572 /crypto/pem/pvkfmt.c | |
parent | bac4bffbfbfaf2d16d248e8bc32023d1d2d48d10 (diff) | |
download | openssl-f55838f34dd5c65420662f7eacf6c6ffd7f261a2.tar.gz |
OSSL_STORE: Make the 'file' scheme loader handle MSBLOB and PVK files
This involves exposing two pvkfmt.c functions, but only internally.
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11756)
Diffstat (limited to 'crypto/pem/pvkfmt.c')
-rw-r--r-- | crypto/pem/pvkfmt.c | 39 |
1 files changed, 20 insertions, 19 deletions
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index 1a24ce755a..e2f5702880 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -20,6 +20,7 @@ #include "internal/cryptlib.h" #include <openssl/pem.h> +#include "internal/pem_int.h" #include <openssl/rand.h> #include <openssl/bn.h> #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) @@ -89,9 +90,9 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in, static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int bitlen, int ispub); -static int do_blob_header(const unsigned char **in, unsigned int length, - unsigned int *pmagic, unsigned int *pbitlen, - int *pisdss, int *pispub) +int ossl_do_blob_header(const unsigned char **in, unsigned int length, + unsigned int *pmagic, unsigned int *pbitlen, + int *pisdss, int *pispub) { const unsigned char *p = *in; if (length < 16) @@ -99,13 +100,13 @@ static int do_blob_header(const unsigned char **in, unsigned int length, /* bType */ if (*p == MS_PUBLICKEYBLOB) { if (*pispub == 0) { - PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB); + PEMerr(PEM_F_OSSL_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB); return 0; } *pispub = 1; } else if (*p == MS_PRIVATEKEYBLOB) { if (*pispub == 1) { - PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB); + PEMerr(PEM_F_OSSL_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB); return 0; } *pispub = 0; @@ -114,7 +115,7 @@ static int do_blob_header(const unsigned char **in, unsigned int length, p++; /* Version */ if (*p++ != 0x2) { - PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_VERSION_NUMBER); + PEMerr(PEM_F_OSSL_DO_BLOB_HEADER, PEM_R_BAD_VERSION_NUMBER); return 0; } /* Ignore reserved, aiKeyAlg */ @@ -129,7 +130,7 @@ static int do_blob_header(const unsigned char **in, unsigned int length, /* fall thru */ case MS_RSA1MAGIC: if (*pispub == 0) { - PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB); + PEMerr(PEM_F_OSSL_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB); return 0; } break; @@ -139,13 +140,13 @@ static int do_blob_header(const unsigned char **in, unsigned int length, /* fall thru */ case MS_RSA2MAGIC: if (*pispub == 1) { - PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB); + PEMerr(PEM_F_OSSL_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB); return 0; } break; default: - PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_MAGIC_NUMBER); + PEMerr(PEM_F_OSSL_DO_BLOB_HEADER, PEM_R_BAD_MAGIC_NUMBER); return -1; } *in = p; @@ -191,7 +192,7 @@ static EVP_PKEY *do_b2i(const unsigned char **in, unsigned int length, const unsigned char *p = *in; unsigned int bitlen, magic; int isdss; - if (do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) { + if (ossl_do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) { PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_HEADER_PARSE_ERROR); return NULL; } @@ -218,7 +219,7 @@ static EVP_PKEY *do_b2i_bio(BIO *in, int ispub) return NULL; } p = hdr_buf; - if (do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) <= 0) + if (ossl_do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) <= 0) return NULL; length = blob_length(bitlen, isdss, ispub); @@ -617,26 +618,26 @@ int i2b_PublicKey_bio(BIO *out, const EVP_PKEY *pk) # ifndef OPENSSL_NO_RC4 -static int do_PVK_header(const unsigned char **in, unsigned int length, - int skip_magic, - unsigned int *psaltlen, unsigned int *pkeylen) +int ossl_do_PVK_header(const unsigned char **in, unsigned int length, + int skip_magic, + unsigned int *psaltlen, unsigned int *pkeylen) { const unsigned char *p = *in; unsigned int pvk_magic, is_encrypted; if (skip_magic) { if (length < 20) { - PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT); + PEMerr(PEM_F_OSSL_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT); return 0; } } else { if (length < 24) { - PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT); + PEMerr(PEM_F_OSSL_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT); return 0; } pvk_magic = read_ledword(&p); if (pvk_magic != MS_PVKMAGIC) { - PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_BAD_MAGIC_NUMBER); + PEMerr(PEM_F_OSSL_DO_PVK_HEADER, PEM_R_BAD_MAGIC_NUMBER); return 0; } } @@ -653,7 +654,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length, return 0; if (is_encrypted && *psaltlen == 0) { - PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER); + PEMerr(PEM_F_OSSL_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER); return 0; } @@ -766,7 +767,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u) } p = pvk_hdr; - if (!do_PVK_header(&p, 24, 0, &saltlen, &keylen)) + if (!ossl_do_PVK_header(&p, 24, 0, &saltlen, &keylen)) return 0; buflen = (int)keylen + saltlen; buf = OPENSSL_malloc(buflen); |