diff options
| -rw-r--r-- | CHANGES | 10 | ||||
| -rw-r--r-- | crypto/pem/pem.h | 84 | ||||
| -rw-r--r-- | crypto/pem/pem_all.c | 393 | ||||
| -rw-r--r-- | demos/selfsign.c | 54 |
4 files changed, 133 insertions, 408 deletions
@@ -5,6 +5,16 @@ Changes between 0.9.3a and 0.9.4 + *) Fix demos/selfsign.c: it used obsolete and deleted functions, changed + to use the new extension code. + [Steve Henson] + + *) Implement the PEM_read/PEM_write functions in crypto/pem/pem_all.c + with macros. This should make it easier to change their form, add extra + arguments etc. Fix a few PEM prototypes which didn't have cipher as a + constant. + [Steve Henson] + *) Add to configuration table a new entry that can specify an alternative name for unistd.h (for pre-POSIX systems); we need this for NeXTstep, according to Mark Crispin <MRC@Panda.COM>. diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h index 7c02356f1e..71953241d0 100644 --- a/crypto/pem/pem.h +++ b/crypto/pem/pem.h @@ -182,6 +182,84 @@ typedef struct pem_ctx_st unsigned char *data; } PEM_CTX; +/* These macros make the PEM_read/PEM_write functions easier to maintain and + * write. Now they are all implemented with either: + * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...) + */ + +#ifdef NO_FP_API + +#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/ +#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/ +#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/ + +#else + +#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ +type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb)\ +{ \ +return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,cb)); \ +} \ + +#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ +int PEM_write_##name(FILE *fp, type *x) \ +{ \ +return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \ + NULL,NULL,0,NULL)); \ +} + +#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ +int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ + unsigned char *kstr, int klen, pem_password_cb *cb) \ + { \ + return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \ + (char *)x,enc,kstr,klen,cb)); \ + } + +#endif + +#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ +type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb)\ +{ \ +return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\ + (char **)x,cb)); \ +} + +#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ +int PEM_write_bio_##name(BIO *bp, type *x) \ +{ \ +return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \ + NULL,NULL,0,NULL)); \ +} + +#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ +int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ + unsigned char *kstr, int klen, pem_password_cb *cb) \ + { \ + return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \ + (char *)x,enc,kstr,klen,cb)); \ + } + +#define IMPLEMENT_PEM_write(name, type, str, asn1) \ + IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ + IMPLEMENT_PEM_write_fp(name, type, str, asn1) + +#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ + IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ + IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) + +#define IMPLEMENT_PEM_read(name, type, str, asn1) \ + IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ + IMPLEMENT_PEM_read_fp(name, type, str, asn1) + +#define IMPLEMENT_PEM_rw(name, type, str, asn1) \ + IMPLEMENT_PEM_read(name, type, str, asn1) \ + IMPLEMENT_PEM_write(name, type, str, asn1) + +#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ + IMPLEMENT_PEM_read(name, type, str, asn1) \ + IMPLEMENT_PEM_write_cb(name, type, str, asn1) + #ifdef SSLEAY_MACROS #define PEM_write_SSL_SESSION(fp,x) \ @@ -410,7 +488,7 @@ int PEM_write_X509(FILE *fp,X509 *x); int PEM_write_X509_REQ(FILE *fp,X509_REQ *x); int PEM_write_X509_CRL(FILE *fp,X509_CRL *x); #ifndef NO_RSA -int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,EVP_CIPHER *enc,unsigned char *kstr, +int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,const EVP_CIPHER *enc,unsigned char *kstr, int klen, pem_password_cb *); int PEM_write_RSAPublicKey(FILE *fp,RSA *x); #endif @@ -419,7 +497,7 @@ int PEM_write_DSAPrivateKey(FILE *fp,DSA *x,const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *); #endif -int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,EVP_CIPHER *enc, +int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc, unsigned char *kstr,int klen, pem_password_cb *); int PEM_write_PKCS7(FILE *fp,PKCS7 *x); #ifndef NO_DH @@ -468,7 +546,7 @@ int PEM_write_bio_RSAPublicKey(BIO *fp,RSA *x); int PEM_write_bio_DSAPrivateKey(BIO *fp,DSA *x,const EVP_CIPHER *enc, unsigned char *kstr,int klen, pem_password_cb *); #endif -int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,EVP_CIPHER *enc, +int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,const EVP_CIPHER *enc, unsigned char *kstr,int klen, pem_password_cb *); int PEM_write_bio_PKCS7(BIO *bp,PKCS7 *x); #ifndef NO_DH diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c index 51eec6d9cf..b283b6b4ba 100644 --- a/crypto/pem/pem_all.c +++ b/crypto/pem/pem_all.c @@ -65,405 +65,42 @@ #include <openssl/pkcs7.h> #include <openssl/pem.h> -#ifndef NO_FP_API -/* The X509 functions */ -X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb) - { - return((X509 *)PEM_ASN1_read((char *(*)())d2i_X509, - PEM_STRING_X509,fp,(char **)x,cb)); - } -#endif - -X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb) - { - return((X509 *)PEM_ASN1_read_bio((char *(*)())d2i_X509, - PEM_STRING_X509,bp,(char **)x,cb)); - } - -#ifndef NO_FP_API -int PEM_write_X509(FILE *fp, X509 *x) - { - return(PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, - (char *)x, NULL,NULL,0,NULL)); - } -#endif - -int PEM_write_bio_X509(BIO *bp, X509 *x) - { - return(PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, - (char *)x, NULL,NULL,0,NULL)); - } - -#ifndef NO_FP_API -/* The X509_REQ functions */ -X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x, pem_password_cb *cb) - { - return((X509_REQ *)PEM_ASN1_read((char *(*)())d2i_X509_REQ, - PEM_STRING_X509_REQ,fp,(char **)x,cb)); - } -#endif - -X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x, pem_password_cb *cb) - { - return((X509_REQ *)PEM_ASN1_read_bio((char *(*)())d2i_X509_REQ, - PEM_STRING_X509_REQ,bp,(char **)x,cb)); - } +IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509) -#ifndef NO_FP_API -int PEM_write_X509_REQ(FILE *fp, X509_REQ *x) - { - return(PEM_ASN1_write((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp, - (char *)x, NULL,NULL,0,NULL)); - } -#endif - -int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x) - { - return(PEM_ASN1_write_bio((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ, - bp,(char *)x, NULL,NULL,0,NULL)); - } +IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) -#ifndef NO_FP_API -/* The X509_CRL functions */ -X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x, pem_password_cb *cb) - { - return((X509_CRL *)PEM_ASN1_read((char *(*)())d2i_X509_CRL, - PEM_STRING_X509_CRL,fp,(char **)x,cb)); - } -#endif +IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL) -X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x, pem_password_cb *cb) - { - return((X509_CRL *)PEM_ASN1_read_bio((char *(*)())d2i_X509_CRL, - PEM_STRING_X509_CRL,bp,(char **)x,cb)); - } +IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7) -#ifndef NO_FP_API -int PEM_write_X509_CRL(FILE *fp, X509_CRL *x) - { - return(PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,fp, - (char *)x, NULL,NULL,0,NULL)); - } -#endif +IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE, + PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE) -int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x) - { - return(PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, - bp,(char *)x, NULL,NULL,0,NULL)); - } +IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG) +IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF, + PKCS8_PRIV_KEY_INFO) #ifndef NO_RSA -#ifndef NO_FP_API -/* The RSAPrivateKey functions */ -RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x, pem_password_cb *cb) - { - return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPrivateKey, - PEM_STRING_RSA,fp,(char **)x,cb)); - } -RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x, pem_password_cb *cb) - { - return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPublicKey, - PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb)); - } -#endif - -RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x, pem_password_cb *cb) - { - return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPrivateKey, - PEM_STRING_RSA,bp,(char **)x,cb)); - } +IMPLEMENT_PEM_rw_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) -RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x, pem_password_cb *cb) - { - return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPublicKey, - PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb)); - } +IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) -#ifndef NO_FP_API -int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb) - { - return(PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp, - (char *)x,enc,kstr,klen,cb)); - } - -int PEM_write_RSAPublicKey(FILE *fp, RSA *x) - { - return(PEM_ASN1_write((int (*)())i2d_RSAPublicKey, - PEM_STRING_RSA_PUBLIC,fp, - (char *)x,NULL,NULL,0,NULL)); - } #endif -int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb) - { - return(PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA, - bp,(char *)x,enc,kstr,klen,cb)); - } - -int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x) - { - return(PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, - PEM_STRING_RSA_PUBLIC, - bp,(char *)x,NULL,NULL,0,NULL)); - } -#endif /* !NO_RSA */ - #ifndef NO_DSA -#ifndef NO_FP_API -/* The DSAPrivateKey functions */ -DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x, pem_password_cb *cb) - { - return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAPrivateKey, - PEM_STRING_DSA,fp,(char **)x,cb)); - } -#endif - -DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x, pem_password_cb *cb) - { - return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAPrivateKey, - PEM_STRING_DSA,bp,(char **)x,cb)); - } - -#ifndef NO_FP_API -int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb) - { - return(PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp, - (char *)x,enc,kstr,klen,cb)); - } -#endif - -int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb) - { - return(PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA, - bp,(char *)x,enc,kstr,klen,cb)); - } -#endif -#ifndef NO_FP_API -/* The PrivateKey functions */ -EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb) - { - return((EVP_PKEY *)PEM_ASN1_read((char *(*)())d2i_PrivateKey, - PEM_STRING_EVP_PKEY,fp,(char **)x,cb)); - } -#endif +IMPLEMENT_PEM_rw_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) -EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb) - { - return((EVP_PKEY *)PEM_ASN1_read_bio((char *(*)())d2i_PrivateKey, - PEM_STRING_EVP_PKEY,bp,(char **)x,cb)); - } +IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) -#ifndef NO_FP_API -int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb) - { - return(PEM_ASN1_write((int (*)())i2d_PrivateKey, - ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), - fp,(char *)x,enc,kstr,klen,cb)); - } #endif -int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb) - { - return(PEM_ASN1_write_bio((int (*)())i2d_PrivateKey, - ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), - bp,(char *)x,enc,kstr,klen,cb)); - } - -#ifndef NO_FP_API -/* The PKCS7 functions */ -PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb) - { - return((PKCS7 *)PEM_ASN1_read((char *(*)())d2i_PKCS7, - PEM_STRING_PKCS7,fp,(char **)x,cb)); - } -#endif - -PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb) - { - return((PKCS7 *)PEM_ASN1_read_bio((char *(*)())d2i_PKCS7, - PEM_STRING_PKCS7,bp,(char **)x,cb)); - } - -#ifndef NO_FP_API -int PEM_write_PKCS7(FILE *fp, PKCS7 *x) - { - return(PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, - (char *)x, NULL,NULL,0,NULL)); - } -#endif - -int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x) - { - return(PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, - (char *)x, NULL,NULL,0,NULL)); - } - #ifndef NO_DH -#ifndef NO_FP_API -/* The DHparams functions */ -DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb) - { - return((DH *)PEM_ASN1_read((char *(*)())d2i_DHparams, - PEM_STRING_DHPARAMS,fp,(char **)x,cb)); - } -#endif - -DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb) - { - return((DH *)PEM_ASN1_read_bio((char *(*)())d2i_DHparams, - PEM_STRING_DHPARAMS,bp,(char **)x,cb)); - } - -#ifndef NO_FP_API -int PEM_write_DHparams(FILE *fp, DH *x) - { - return(PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp, - (char *)x, NULL,NULL,0,NULL)); - } -#endif - -int PEM_write_bio_DHparams(BIO *bp, DH *x) - { - return(PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS, - bp,(char *)x, NULL,NULL,0,NULL)); - } -#endif - -#ifndef NO_DSA -#ifndef NO_FP_API -/* The DSAparams functions */ -DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb) - { - return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAparams, - PEM_STRING_DSAPARAMS,fp,(char **)x,cb)); - } -#endif - -DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb) - { - return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAparams, - PEM_STRING_DSAPARAMS,bp,(char **)x,cb)); - } - -#ifndef NO_FP_API -int PEM_write_DSAparams(FILE *fp, DSA *x) - { - return(PEM_ASN1_write((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS,fp, - (char *)x, NULL,NULL,0,NULL)); - } -#endif - -int PEM_write_bio_DSAparams(BIO *bp, DSA *x) - { - return(PEM_ASN1_write_bio((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS, - bp,(char *)x, NULL,NULL,0,NULL)); - } -#endif - -/* The Netscape Certificate sequence functions */ -#ifndef NO_FP_API -NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(FILE *fp, - NETSCAPE_CERT_SEQUENCE **x, pem_password_cb *cb) - { - return((NETSCAPE_CERT_SEQUENCE *) - PEM_ASN1_read((char *(*)())d2i_NETSCAPE_CERT_SEQUENCE, - PEM_STRING_X509,fp,(char **)x,cb)); - } -#endif - -NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp, - NETSCAPE_CERT_SEQUENCE **x, pem_password_cb *cb) - { - return((NETSCAPE_CERT_SEQUENCE *) - PEM_ASN1_read_bio((char *(*)())d2i_NETSCAPE_CERT_SEQUENCE, - PEM_STRING_X509,bp,(char **)x,cb)); - } - -#ifndef NO_FP_API -int PEM_write_NETSCAPE_CERT_SEQUENCE(FILE *fp, NETSCAPE_CERT_SEQUENCE *x) - { - return(PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, - PEM_STRING_X509,fp, (char *)x, NULL,NULL,0,NULL)); - } -#endif +IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) -int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp, NETSCAPE_CERT_SEQUENCE *x) - { - return(PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, - PEM_STRING_X509,bp, (char *)x, NULL,NULL,0,NULL)); - } - - -/* The PKCS8 functions */ - -#ifndef NO_FP_API -X509_SIG *PEM_read_PKCS8(FILE *fp, - X509_SIG **x, pem_password_cb *cb) - { - return((X509_SIG *) PEM_ASN1_read((char *(*)())d2i_X509_SIG, - PEM_STRING_PKCS8,fp,(char **)x,cb)); - } #endif -X509_SIG *PEM_read_bio_PKCS8(BIO *bp, - X509_SIG **x, pem_password_cb *cb) - { - return((X509_SIG *) - PEM_ASN1_read_bio((char *(*)())d2i_X509_SIG, - PEM_STRING_PKCS8,bp,(char **)x,cb)); - } - -#ifndef NO_FP_API -int PEM_write_PKCS8(FILE *fp, X509_SIG *x) - { - return(PEM_ASN1_write((int (*)())i2d_X509_SIG, - PEM_STRING_PKCS8,fp, (char *)x, NULL,NULL,0,NULL)); - } -#endif - -int PEM_write_bio_PKCS8(BIO *bp, X509_SIG *x) - { - return(PEM_ASN1_write_bio((int (*)())i2d_X509_SIG, - PEM_STRING_PKCS8,bp, (char *)x, NULL,NULL,0,NULL)); - } - -#ifndef NO_FP_API -PKCS8_PRIV_KEY_INFO *PEM_read_PKCS8_PRIV_KEY_INFO(FILE *fp, - PKCS8_PRIV_KEY_INFO **x, pem_password_cb *cb) - { - return((PKCS8_PRIV_KEY_INFO *) - PEM_ASN1_read((char *(*)())d2i_PKCS8_PRIV_KEY_INFO, - PEM_STRING_PKCS8INF,fp,(char **)x,cb)); - } -#endif - -PKCS8_PRIV_KEY_INFO *PEM_read_bio_PKCS8_PRIV_KEY_INFO(BIO *bp, - PKCS8_PRIV_KEY_INFO **x, pem_password_cb *cb) - { - return((PKCS8_PRIV_KEY_INFO *) - PEM_ASN1_read_bio((char *(*)())d2i_PKCS8_PRIV_KEY_INFO, - PEM_STRING_PKCS8INF,bp,(char **)x,cb)); - } - -#ifndef NO_FP_API -int PEM_write_PKCS8_PRIV_KEY_INFO(FILE *fp, PKCS8_PRIV_KEY_INFO *x) - { - return(PEM_ASN1_write((int (*)())i2d_PKCS8_PRIV_KEY_INFO, - PEM_STRING_PKCS8INF,fp, (char *)x, NULL,NULL,0,NULL)); - } -#endif +IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey) -int PEM_write_bio_PKCS8_PRIV_KEY_INFO(BIO *bp, PKCS8_PRIV_KEY_INFO *x) - { - return(PEM_ASN1_write_bio((int (*)())i2d_PKCS8_PRIV_KEY_INFO, - PEM_STRING_PKCS8INF,bp, (char *)x, NULL,NULL,0,NULL)); - } diff --git a/demos/selfsign.c b/demos/selfsign.c index ea9b3ff1c8..f4a8369352 100644 --- a/demos/selfsign.c +++ b/demos/selfsign.c @@ -4,13 +4,9 @@ #include <stdio.h> #include <stdlib.h> -#include <openssl/buffer.h> -#include <openssl/crypto.h> -#include <openssl/objects.h> -#include <openssl/asn1.h> -#include <openssl/evp.h> -#include <openssl/x509.h> #include <openssl/pem.h> +#include <openssl/conf.h> +#include <openssl/x509v3.h> int mkit(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days); @@ -22,7 +18,7 @@ int main() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - X509v3_add_netscape_extensions(); + X509V3_add_standard_extensions(); if ((bio_err=BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE); @@ -39,7 +35,7 @@ int main() EVP_PKEY_free(pkey); BIO_free(bio_err); - X509_cleanup_extensions(); + X509V3_EXT_cleanup(); CRYPTO_mem_leaks(bio_err); return(0); @@ -53,9 +49,10 @@ int main() # define MS_FAR #endif -static void MS_CALLBACK callback(p, n) +static void MS_CALLBACK callback(p, n, arg) int p; int n; +void *arg; { char c='B'; @@ -76,11 +73,9 @@ int days; X509 *x; EVP_PKEY *pk; RSA *rsa; - char *s; X509_NAME *name=NULL; X509_NAME_ENTRY *ne=NULL; X509_EXTENSION *ex=NULL; - ASN1_OCTET_STRING *data=NULL; if ((pkeyp == NULL) || (*pkeyp == NULL)) @@ -135,24 +130,33 @@ int days; /* finished with structure */ X509_NAME_free(name); - data=X509v3_pack_string(NULL,V_ASN1_BIT_STRING, - "\001",1); - ex=X509_EXTENSION_create_by_NID(NULL,NID_netscape_cert_type,0,data); + /* Add extension using V3 code: we can set the config file as NULL + * because we wont reference any other sections. We can also set + * the context to NULL because none of these extensions below will need + * to access it. + */ + + ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_cert_type, "server"); X509_add_ext(x,ex,-1); - X509v3_pack_string(&data,V_ASN1_IA5STRING, - "example comment extension",-1); - X509_EXTENSION_create_by_NID(&ex,NID_netscape_comment,0,data); + ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_comment, + "example comment extension"); X509_add_ext(x,ex,-1); - X509v3_pack_string(&data,V_ASN1_BIT_STRING, - "www.cryptsoft.com",-1); - X509_EXTENSION_create_by_NID(&ex,NID_netscape_ssl_server_name,0,data); + ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_ssl_server_name, + "www.openssl.org"); + X509_add_ext(x,ex,-1); - - X509_EXTENSION_free(ex); - ASN1_OCTET_STRING_free(data); +#if 0 + /* might want something like this too.... */ + ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints, + "critical,CA:TRUE"); + + + X509_add_ext(x,ex,-1); +#endif + if (!X509_sign(x,pk,EVP_md5())) goto err; @@ -162,7 +166,3 @@ int days; err: return(0); } - - - - |