0c994d54af
Currently, there are two different directories which contain internal header files of libcrypto which are meant to be shared internally: While header files in 'include/internal' are intended to be shared between libcrypto and libssl, the files in 'crypto/include/internal' are intended to be shared inside libcrypto only. To make things complicated, the include search path is set up in such a way that the directive #include "internal/file.h" could refer to a file in either of these two directoroes. This makes it necessary in some cases to add a '_int.h' suffix to some files to resolve this ambiguity: #include "internal/file.h" # located in 'include/internal' #include "internal/file_int.h" # located in 'crypto/include/internal' This commit moves the private crypto headers from 'crypto/include/internal' to 'include/crypto' As a result, the include directives become unambiguous #include "internal/file.h" # located in 'include/internal' #include "crypto/file.h" # located in 'include/crypto' hence the superfluous '_int.h' suffixes can be stripped. The files 'store_int.h' and 'store.h' need to be treated specially; they are joined into a single file. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9681)
80 lines
2.5 KiB
C
80 lines
2.5 KiB
C
/*
|
|
* Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
* in the file LICENSE in the source distribution or at
|
|
* https://www.openssl.org/source/license.html
|
|
*/
|
|
|
|
#include <stdio.h>
|
|
#include "internal/cryptlib.h"
|
|
#include <openssl/asn1t.h>
|
|
#include <openssl/x509.h>
|
|
#include "crypto/x509.h"
|
|
|
|
/* Minor tweak to operation: zero private key data */
|
|
static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|
void *exarg)
|
|
{
|
|
/* Since the structure must still be valid use ASN1_OP_FREE_PRE */
|
|
if (operation == ASN1_OP_FREE_PRE) {
|
|
PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
|
|
if (key->pkey)
|
|
OPENSSL_cleanse(key->pkey->data, key->pkey->length);
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = {
|
|
ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER),
|
|
ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR),
|
|
ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_OCTET_STRING),
|
|
ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0)
|
|
} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
|
|
|
|
IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
|
|
|
|
int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
|
|
int version,
|
|
int ptype, void *pval, unsigned char *penc, int penclen)
|
|
{
|
|
if (version >= 0) {
|
|
if (!ASN1_INTEGER_set(priv->version, version))
|
|
return 0;
|
|
}
|
|
if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval))
|
|
return 0;
|
|
if (penc)
|
|
ASN1_STRING_set0(priv->pkey, penc, penclen);
|
|
return 1;
|
|
}
|
|
|
|
int PKCS8_pkey_get0(const ASN1_OBJECT **ppkalg,
|
|
const unsigned char **pk, int *ppklen,
|
|
const X509_ALGOR **pa, const PKCS8_PRIV_KEY_INFO *p8)
|
|
{
|
|
if (ppkalg)
|
|
*ppkalg = p8->pkeyalg->algorithm;
|
|
if (pk) {
|
|
*pk = ASN1_STRING_get0_data(p8->pkey);
|
|
*ppklen = ASN1_STRING_length(p8->pkey);
|
|
}
|
|
if (pa)
|
|
*pa = p8->pkeyalg;
|
|
return 1;
|
|
}
|
|
|
|
const STACK_OF(X509_ATTRIBUTE) *
|
|
PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8)
|
|
{
|
|
return p8->attributes;
|
|
}
|
|
|
|
int PKCS8_pkey_add1_attr_by_NID(PKCS8_PRIV_KEY_INFO *p8, int nid, int type,
|
|
const unsigned char *bytes, int len)
|
|
{
|
|
if (X509at_add1_attr_by_NID(&p8->attributes, nid, type, bytes, len) != NULL)
|
|
return 1;
|
|
return 0;
|
|
}
|