aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/pem/pem_pkey.c
Commit message (Collapse)AuthorAgeFilesLines
* Make PEM_read_{,bio_}PrivateKey use secmemBenjamin Kaduk2017-05-081-3/+4
| | | | | | | | | | | | | | | We now have a version of PEM_read_bytes that can use temporary buffers allocated from the secure heap; use them to handle this sensitive information. Note that for PEM_read_PrivateKey, the i/o still goes through stdio since the input is a FILE pointer. Standard I/O performs additional buffering, which cannot be changed to use the OpenSSL secure heap for temporary storage. As such, it is recommended to use BIO_new_file() and PEM_read_bio_PrivateKey() instead. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1700)
* Useless header include of openssl/rand.hFdaSilvaYY2016-06-181-1/+0
| | | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1168)
* Support for traditional format private keys.Dr. Stephen Henson2016-05-231-2/+9
| | | | | | | | Add new function PEM_write_bio_PrivateKey_traditional() to enforce the use of legacy "traditional" private key format. Add -traditional option to pkcs8 and pkey utilities. Reviewed-by: Matt Caswell <matt@openssl.org>
* Copyright consolidation 04/10Rich Salz2016-05-171-54/+6
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove #error from include files.Rich Salz2016-03-201-6/+2
| | | | | | | | Don't have #error statements in header files, but instead wrap the contents of that file in #ifndef OPENSSL_NO_xxx This means it is now always safe to include the header file. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove /* foo.c */ commentsRich Salz2016-01-261-1/+0
| | | | | | | | | | | | This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* make EVP_PKEY opaqueDr. Stephen Henson2016-01-201-0/+1
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Continue standardising malloc style for libcryptoMatt Caswell2015-11-091-1/+1
| | | | | | | Continuing from previous commit ensure our style is consistent for malloc return checks. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Identify and move common internal libcrypto header filesRichard Levitte2015-05-141-1/+1
| | | | | | | | | | | | | There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and adapt the affected source code and Makefiles. The header files that got moved are: crypto/cryptolib.h crypto/md32_common.h Reviewed-by: Rich Salz <rsalz@openssl.org>
* Use "==0" instead of "!strcmp" etcRich Salz2015-05-061-1/+1
| | | | | | | For the various string-compare routines (strcmp, strcasecmp, str.*cmp) use "strcmp()==0" instead of "!strcmp()" Reviewed-by: Tim Hudson <tjh@openssl.org>
* free cleanup almost the finaleRich Salz2015-04-301-2/+1
| | | | | | | | | | Add OPENSSL_clear_free which merges cleanse and free. (Names was picked to be similar to BN_clear_free, etc.) Removed OPENSSL_freeFunc macro. Fixed the small simple ones that are left: CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked Reviewed-by: Richard Levitte <levitte@openssl.org>
* free NULL cleanupRich Salz2015-03-281-6/+3
| | | | | | | | | EVP_.*free; this gets: EVP_CIPHER_CTX_free EVP_PKEY_CTX_free EVP_PKEY_asn1_free EVP_PKEY_asn1_set_free EVP_PKEY_free EVP_PKEY_free_it EVP_PKEY_meth_free; and also EVP_CIPHER_CTX_cleanup Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Move some ASN.1 internals to asn1_int.hDr. Stephen Henson2015-03-241-1/+1
| | | | | | | | Move ASN.1 internals used across multiple directories into new internal header file asn1_int.h remove crypto/Makefile hack which allowed other directories to include "asn1_locl.h" Reviewed-by: Matt Caswell <matt@openssl.org>
* Run util/openssl-format-source -v -c .Matt Caswell2015-01-221-191/+190
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Cleanup OPENSSL_NO_xxx, part 1master-pre-reformatRich Salz2015-01-141-2/+2
| | | | | | | | | | OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160 OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO Two typo's on #endif comments fixed: OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE Reviewed-by: Richard Levitte <levitte@openssl.org>
* transparently handle X9.42 DH parametersDr. Stephen Henson2011-12-071-0/+52
|
* Make PKCS#8 the standard write format for private keys, replacing theDr. Stephen Henson2009-01-151-1/+1
| | | | ancient SSLeay format.
* Avoid use of function pointer casts in pem library. Modify safestack toDr. Stephen Henson2007-06-041-4/+4
| | | | always use inline functions.
* Update from 0.9.7-stable.Dr. Stephen Henson2007-02-211-0/+1
|
* Complete EVP_PKEY_ASN1_METHOD ENGINE support.Dr. Stephen Henson2006-06-051-6/+7
|
* Check for deprecated private key types before PKCS#8 types.Dr. Stephen Henson2006-05-141-10/+9
|
* New utility pkeyparam. Enhance and bugfix algorithm specific parameterDr. Stephen Henson2006-03-281-3/+3
| | | | functions to support it.
* Initial support for generalized public key parameters.Dr. Stephen Henson2006-03-241-0/+54
|
* Add support for legacy PEM format private keys in EVP_PKEY_ASN1_METHOD.Dr. Stephen Henson2006-03-231-6/+45
|
* Fix more error codes.Bodo Möller2005-05-111-3/+3
| | | | | (Also improve util/ck_errf.pl script, and occasionally fix source code formatting.)
* Fix leak.Dr. Stephen Henson2004-04-221-0/+1
| | | | PR:870
* Constify d2i, s2i, c2i and r2i functions and other associatedRichard Levitte2004-03-151-1/+2
| | | | | | | | functions and macros. This change has associated tags: LEVITTE_before_const and LEVITTE_after_const. Those will be removed when this change has been properly reviewed.
* Make sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also.Richard Levitte2004-02-261-0/+4
| | | | PR: 833
* get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)Bodo Möller2002-08-121-1/+1
| | | | Submitted by: Nils Larsch
* Use SEC1 format for EC private keys.Bodo Möller2002-07-261-1/+1
| | | | | | This is not ECDSA specific, so it's now PEM_STRING_ECPRIVATEKEY etc. Submitted by: Nils Larsch <nlarsch@compuserve.de>
* Check errors when parsing a PKCS8INF PEM FILE, or there will be a core dump ↵Richard Levitte2002-06-051-0/+1
| | | | | | on error. PR: 77
* ECDSA supportBodo Möller2002-02-131-0/+2
| | | | Submitted by: Nils Larsch <nla@trustcenter.de>
* More linker bloat reorganisation:Dr. Stephen Henson2001-07-271-0/+139
Split private key PEM and normal PEM handling. Private key handling needs to link in stuff like PKCS#8. Relocate the ASN1 *_dup() functions, to the relevant ASN1 modules using new macro IMPLEMENT_ASN1_DUP_FUNCTION. Previously these were all in crypto/x509/x_all.c along with every ASN1 BIO/fp function which linked in *every* ASN1 function if a single dup was used. Move the authority key id ASN1 structure to a separate file. This is used in the X509 routines and its previous location linked in all the v3 extension code. Also move ASN1_tag2bit to avoid linking in a_bytes.c which is now largely obsolete. So far under Linux stripped binary with single PEM_read_X509 is now 238K compared to 380K before these changes.
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-16 21:58:17 +0000