diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-03-22 16:23:24 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-04-08 15:18:58 +0200 |
commit | 4957d9520822f79abbb6c3cd8fe0b79837c2e64f (patch) | |
tree | 50415ae6eaedbb4a97c6fa245c019be136dec73f /crypto/pem/pem_info.c | |
parent | c1fd710297a21336ec0410fe86784c322945b805 (diff) |
PEM_X509_INFO_read_bio_ex(): Generalize to allow parsing any type of private key
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14647)
Diffstat (limited to 'crypto/pem/pem_info.c')
-rw-r--r-- | crypto/pem/pem_info.c | 91 |
1 files changed, 20 insertions, 71 deletions
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index 2714009103..cd75a95e2a 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -22,6 +22,7 @@ #include <openssl/pem.h> #include <openssl/rsa.h> #include <openssl/dsa.h> +#include "crypto/evp.h" #ifndef OPENSSL_NO_STDIO STACK_OF(X509_INFO) @@ -54,7 +55,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk, const char *propq) { X509_INFO *xi = NULL; - char *name = NULL, *header = NULL; + char *name = NULL, *header = NULL, *str; void *pp; unsigned char *data = NULL; const unsigned char *p; @@ -90,22 +91,9 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk, } ERR_clear_last_mark(); start: - if ((strcmp(name, PEM_STRING_X509) == 0) || - (strcmp(name, PEM_STRING_X509_OLD) == 0)) { - d2i = (D2I_OF(void)) d2i_X509; - if (xi->x509 != NULL) { - if (!sk_X509_INFO_push(ret, xi)) - goto err; - if ((xi = X509_INFO_new()) == NULL) - goto err; - goto start; - } - xi->x509 = X509_new_ex(libctx, propq); - if (xi->x509 == NULL) - goto err; - pp = &(xi->x509); - } else if ((strcmp(name, PEM_STRING_X509_TRUSTED) == 0)) { - d2i = (D2I_OF(void)) d2i_X509_AUX; + if (strcmp(name, PEM_STRING_X509) == 0 + || strcmp(name, PEM_STRING_X509_OLD) == 0 + || strcmp(name, PEM_STRING_X509_TRUSTED) == 0) { if (xi->x509 != NULL) { if (!sk_X509_INFO_push(ret, xi)) goto err; @@ -113,6 +101,10 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk, goto err; goto start; } + if ((strcmp(name, PEM_STRING_X509_TRUSTED) == 0)) + d2i = (D2I_OF(void)) d2i_X509_AUX; + else + d2i = (D2I_OF(void)) d2i_X509; xi->x509 = X509_new_ex(libctx, propq); if (xi->x509 == NULL) goto err; @@ -127,30 +119,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk, goto start; } pp = &(xi->crl); - } else if (strcmp(name, PEM_STRING_RSA) == 0) { - d2i = (D2I_OF(void)) d2i_RSAPrivateKey; - if (xi->x_pkey != NULL) { - if (!sk_X509_INFO_push(ret, xi)) - goto err; - if ((xi = X509_INFO_new()) == NULL) - goto err; - goto start; - } - - xi->enc_data = NULL; - xi->enc_len = 0; - - xi->x_pkey = X509_PKEY_new(); - if (xi->x_pkey == NULL) - goto err; - ptype = EVP_PKEY_RSA; - pp = &xi->x_pkey->dec_pkey; - if ((int)strlen(header) > 10) /* assume encrypted */ - raw = 1; - } else -#ifndef OPENSSL_NO_DSA - if (strcmp(name, PEM_STRING_DSA) == 0) { - d2i = (D2I_OF(void)) d2i_DSAPrivateKey; + } else if ((str = strstr(name, PEM_STRING_PKCS8INF)) != NULL) { if (xi->x_pkey != NULL) { if (!sk_X509_INFO_push(ret, xi)) goto err; @@ -158,43 +127,25 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk, goto err; goto start; } - - xi->enc_data = NULL; - xi->enc_len = 0; - - xi->x_pkey = X509_PKEY_new(); - if (xi->x_pkey == NULL) - goto err; - ptype = EVP_PKEY_DSA; - pp = &xi->x_pkey->dec_pkey; - if ((int)strlen(header) > 10) /* assume encrypted */ - raw = 1; - } else -#endif -#ifndef OPENSSL_NO_EC - if (strcmp(name, PEM_STRING_ECPRIVATEKEY) == 0) { - d2i = (D2I_OF(void)) d2i_ECPrivateKey; - if (xi->x_pkey != NULL) { - if (!sk_X509_INFO_push(ret, xi)) - goto err; - if ((xi = X509_INFO_new()) == NULL) - goto err; - goto start; + if (str == name || strcmp(name, PEM_STRING_PKCS8) == 0) { + ptype = EVP_PKEY_NONE; + } else { + /* chop " PRIVATE KEY" */ + *--str = '\0'; + ptype = evp_pkey_name2type(name); } - xi->enc_data = NULL; xi->enc_len = 0; + d2i = (D2I_OF(void)) d2i_AutoPrivateKey; xi->x_pkey = X509_PKEY_new(); if (xi->x_pkey == NULL) goto err; - ptype = EVP_PKEY_EC; pp = &xi->x_pkey->dec_pkey; - if ((int)strlen(header) > 10) /* assume encrypted */ + if ((int)strlen(header) > 10 /* assume encrypted */ + || strcmp(name, PEM_STRING_PKCS8) == 0) raw = 1; - } else -#endif - { + } else { /* unknown */ d2i = NULL; pp = NULL; } @@ -225,8 +176,6 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk, xi->enc_len = (int)len; data = NULL; } - } else { - /* unknown */ } OPENSSL_free(name); name = NULL; |