transparently handle X9.42 DH parameters

(backport from HEAD)
author: Dr. Stephen Henson <steve@openssl.org> 2012-04-07 20:42:44 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2012-04-07 20:42:44 +0000
commit: c3cb069108d8f2327eedbf9df27d9e8a49b8e0e8 (patch)
tree: d88c27ed0e8963bf4786484021931c0ef038559c /crypto/pem
parent: cdb41713a45a64eb6dae85900aeab1178c1c2106 (diff)
5 files changed, 61 insertions, 2 deletions
diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h
index 5872fcc1c5..00c274b35a 100644
--- a/crypto/pem/pem.h
+++ b/crypto/pem/pem.h
@@ -594,8 +594,10 @@ void ERR_load_PEM_strings(void);
 #define PEM_F_PEM_PK8PKEY				 119
 #define PEM_F_PEM_READ					 108
 #define PEM_F_PEM_READ_BIO				 109
+#define PEM_F_PEM_READ_BIO_DHPARAMS			 141
 #define PEM_F_PEM_READ_BIO_PARAMETERS			 140
 #define PEM_F_PEM_READ_BIO_PRIVATEKEY			 123
+#define PEM_F_PEM_READ_DHPARAMS				 142
 #define PEM_F_PEM_READ_PRIVATEKEY			 124
 #define PEM_F_PEM_SEALFINAL				 110
 #define PEM_F_PEM_SEALINIT				 111
diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c
index e09b24ad7a..5c8c6f4158 100644
--- a/crypto/pem/pem_all.c
+++ b/crypto/pem/pem_all.c
@@ -289,7 +289,7 @@ EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb,
 
 #ifndef OPENSSL_NO_DH
 
-IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
+IMPLEMENT_PEM_write_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
 IMPLEMENT_PEM_write_const(DHxparams, DH, PEM_STRING_DHXPARAMS, DHxparams)
 
 #endif
diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c
index d644aeedd4..9690224f53 100644
--- a/crypto/pem/pem_err.c
+++ b/crypto/pem/pem_err.c
@@ -1,6 +1,6 @@
 /* crypto/pem/pem_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -98,8 +98,10 @@ static ERR_STRING_DATA PEM_str_functs[]=
 {ERR_FUNC(PEM_F_PEM_PK8PKEY),	"PEM_PK8PKEY"},
 {ERR_FUNC(PEM_F_PEM_READ),	"PEM_read"},
 {ERR_FUNC(PEM_F_PEM_READ_BIO),	"PEM_read_bio"},
+{ERR_FUNC(PEM_F_PEM_READ_BIO_DHPARAMS),	"PEM_READ_BIO_DHPARAMS"},
 {ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS),	"PEM_read_bio_Parameters"},
 {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY),	"PEM_READ_BIO_PRIVATEKEY"},
+{ERR_FUNC(PEM_F_PEM_READ_DHPARAMS),	"PEM_READ_DHPARAMS"},
 {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY),	"PEM_READ_PRIVATEKEY"},
 {ERR_FUNC(PEM_F_PEM_SEALFINAL),	"PEM_SealFinal"},
 {ERR_FUNC(PEM_F_PEM_SEALINIT),	"PEM_SealInit"},
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index cfc89a9921..cfea16bdca 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -236,6 +236,9 @@ static int check_pem(const char *nm, const char *name)
 			}
 		return 0;
 		}
+	/* If reading DH parameters handle X9.42 DH format too */
+	if(!strcmp(nm,PEM_STRING_DHXPARAMS) &&
+		!strcmp(name,PEM_STRING_DHPARAMS)) return 1;
 
 	/* Permit older strings */
 
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index 8ecf24903b..e9e41dd4e8 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -68,6 +68,9 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
 #include "asn1_locl.h"
 
 int pem_check_suffix(const char *pem_str, const char *suffix);
@@ -240,3 +243,52 @@ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
 	}
 
 #endif
+
+#ifndef OPENSSL_NO_DH
+
+/* Transparently read in PKCS#3 or X9.42 DH parameters */
+
+DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u)
+	{
+	char *nm=NULL;
+	const unsigned char *p=NULL;
+	unsigned char *data=NULL;
+	long len;
+	DH *ret=NULL;
+
+	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_DHPARAMS,
+								bp, cb, u))
+		return NULL;
+	p = data;
+
+	if (!strcmp(nm, PEM_STRING_DHXPARAMS))
+		ret = d2i_DHxparams(x, &p, len);
+	else
+		ret = d2i_DHparams(x, &p, len);
+
+	if (ret == NULL)
+		PEMerr(PEM_F_PEM_READ_BIO_DHPARAMS,ERR_R_ASN1_LIB);
+	OPENSSL_free(nm);
+	OPENSSL_free(data);
+	return ret;
+	}
+
+#ifndef OPENSSL_NO_FP_API
+DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u)
+	{
+        BIO *b;
+        DH *ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		PEMerr(PEM_F_PEM_READ_DHPARAMS,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=PEM_read_bio_DHparams(b,x,cb,u);
+        BIO_free(b);
+        return(ret);
+	}
+#endif
+
+#endif
author	Dr. Stephen Henson <steve@openssl.org>	2012-04-07 20:42:44 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2012-04-07 20:42:44 +0000
commit	c3cb069108d8f2327eedbf9df27d9e8a49b8e0e8 (patch)
tree	d88c27ed0e8963bf4786484021931c0ef038559c /crypto/pem
parent	cdb41713a45a64eb6dae85900aeab1178c1c2106 (diff)