From 7f15ff53d82a1991d6732d2303eb652b1cf7e023 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Mon, 13 Jul 2015 17:03:20 -0400 Subject: Rename crypto/{bn,evp}/asn1.c. gyp doesn't allow two files to share the same name to avoid bugs in OS X libtool, so asn1.c's need to all get a prefix. Change-Id: I3593597912c49dd02655cae329fb253ed4f6f56d Reviewed-on: https://boringssl-review.googlesource.com/5431 Reviewed-by: Adam Langley --- crypto/bn/CMakeLists.txt | 2 +- crypto/bn/asn1.c | 74 -------------------- crypto/bn/bn_asn1.c | 74 ++++++++++++++++++++ crypto/evp/CMakeLists.txt | 2 +- crypto/evp/asn1.c | 167 ---------------------------------------------- crypto/evp/evp_asn1.c | 167 ++++++++++++++++++++++++++++++++++++++++++++++ 6 files changed, 243 insertions(+), 243 deletions(-) delete mode 100644 crypto/bn/asn1.c create mode 100644 crypto/bn/bn_asn1.c delete mode 100644 crypto/evp/asn1.c create mode 100644 crypto/evp/evp_asn1.c (limited to 'crypto') diff --git a/crypto/bn/CMakeLists.txt b/crypto/bn/CMakeLists.txt index fa6d2074..63029cf7 100644 --- a/crypto/bn/CMakeLists.txt +++ b/crypto/bn/CMakeLists.txt @@ -38,8 +38,8 @@ add_library( add.c asm/x86_64-gcc.c - asn1.c bn.c + bn_asn1.c cmp.c convert.c ctx.c diff --git a/crypto/bn/asn1.c b/crypto/bn/asn1.c deleted file mode 100644 index 81e7b897..00000000 --- a/crypto/bn/asn1.c +++ /dev/null @@ -1,74 +0,0 @@ -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#include - -#include -#include - - -int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret) { - CBS child; - if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) || - CBS_len(&child) == 0) { - OPENSSL_PUT_ERROR(BN, BN_cbs2unsigned, BN_R_BAD_ENCODING); - return 0; - } - if (CBS_data(&child)[0] & 0x80) { - OPENSSL_PUT_ERROR(BN, BN_cbs2unsigned, BN_R_NEGATIVE_NUMBER); - return 0; - } - /* INTEGERs must be minimal. */ - if (CBS_data(&child)[0] == 0x00 && - CBS_len(&child) > 1 && - !(CBS_data(&child)[1] & 0x80)) { - OPENSSL_PUT_ERROR(BN, BN_cbs2unsigned, BN_R_BAD_ENCODING); - return 0; - } - return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL; -} - -int BN_bn2cbb(CBB *cbb, const BIGNUM *bn) { - /* Negative numbers are unsupported. */ - if (BN_is_negative(bn)) { - OPENSSL_PUT_ERROR(BN, BN_bn2cbb, BN_R_NEGATIVE_NUMBER); - return 0; - } - - CBB child; - if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER)) { - OPENSSL_PUT_ERROR(BN, BN_bn2cbb, BN_R_ENCODE_ERROR); - return 0; - } - - /* The number must be padded with a leading zero if the high bit would - * otherwise be set (or |bn| is zero). */ - if (BN_num_bits(bn) % 8 == 0 && - !CBB_add_u8(&child, 0x00)) { - OPENSSL_PUT_ERROR(BN, BN_bn2cbb, BN_R_ENCODE_ERROR); - return 0; - } - - uint8_t *out; - if (!CBB_add_space(&child, &out, BN_num_bytes(bn))) { - OPENSSL_PUT_ERROR(BN, BN_bn2cbb, BN_R_ENCODE_ERROR); - return 0; - } - BN_bn2bin(bn, out); - if (!CBB_flush(cbb)) { - OPENSSL_PUT_ERROR(BN, BN_bn2cbb, BN_R_ENCODE_ERROR); - return 0; - } - return 1; -} diff --git a/crypto/bn/bn_asn1.c b/crypto/bn/bn_asn1.c new file mode 100644 index 00000000..81e7b897 --- /dev/null +++ b/crypto/bn/bn_asn1.c @@ -0,0 +1,74 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include + +#include +#include + + +int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret) { + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) || + CBS_len(&child) == 0) { + OPENSSL_PUT_ERROR(BN, BN_cbs2unsigned, BN_R_BAD_ENCODING); + return 0; + } + if (CBS_data(&child)[0] & 0x80) { + OPENSSL_PUT_ERROR(BN, BN_cbs2unsigned, BN_R_NEGATIVE_NUMBER); + return 0; + } + /* INTEGERs must be minimal. */ + if (CBS_data(&child)[0] == 0x00 && + CBS_len(&child) > 1 && + !(CBS_data(&child)[1] & 0x80)) { + OPENSSL_PUT_ERROR(BN, BN_cbs2unsigned, BN_R_BAD_ENCODING); + return 0; + } + return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL; +} + +int BN_bn2cbb(CBB *cbb, const BIGNUM *bn) { + /* Negative numbers are unsupported. */ + if (BN_is_negative(bn)) { + OPENSSL_PUT_ERROR(BN, BN_bn2cbb, BN_R_NEGATIVE_NUMBER); + return 0; + } + + CBB child; + if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER)) { + OPENSSL_PUT_ERROR(BN, BN_bn2cbb, BN_R_ENCODE_ERROR); + return 0; + } + + /* The number must be padded with a leading zero if the high bit would + * otherwise be set (or |bn| is zero). */ + if (BN_num_bits(bn) % 8 == 0 && + !CBB_add_u8(&child, 0x00)) { + OPENSSL_PUT_ERROR(BN, BN_bn2cbb, BN_R_ENCODE_ERROR); + return 0; + } + + uint8_t *out; + if (!CBB_add_space(&child, &out, BN_num_bytes(bn))) { + OPENSSL_PUT_ERROR(BN, BN_bn2cbb, BN_R_ENCODE_ERROR); + return 0; + } + BN_bn2bin(bn, out); + if (!CBB_flush(cbb)) { + OPENSSL_PUT_ERROR(BN, BN_bn2cbb, BN_R_ENCODE_ERROR); + return 0; + } + return 1; +} diff --git a/crypto/evp/CMakeLists.txt b/crypto/evp/CMakeLists.txt index 061f9351..5c22a8a3 100644 --- a/crypto/evp/CMakeLists.txt +++ b/crypto/evp/CMakeLists.txt @@ -6,9 +6,9 @@ add_library( OBJECT algorithm.c - asn1.c digestsign.c evp.c + evp_asn1.c evp_ctx.c p_dsa_asn1.c p_ec.c diff --git a/crypto/evp/asn1.c b/crypto/evp/asn1.c deleted file mode 100644 index 3df9f52b..00000000 --- a/crypto/evp/asn1.c +++ /dev/null @@ -1,167 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#include - -#include -#include -#include -#include - -#include "internal.h" - - -EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp, - long len) { - EVP_PKEY *ret; - - if (out == NULL || *out == NULL) { - ret = EVP_PKEY_new(); - if (ret == NULL) { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_EVP_LIB); - return NULL; - } - } else { - ret = *out; - } - - if (!EVP_PKEY_set_type(ret, type)) { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE); - goto err; - } - - if (!ret->ameth->old_priv_decode || - !ret->ameth->old_priv_decode(ret, inp, len)) { - if (ret->ameth->priv_decode) { - PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); - if (!p8) { - goto err; - } - EVP_PKEY_free(ret); - ret = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - } else { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_ASN1_LIB); - goto err; - } - } - - if (out != NULL) { - *out = ret; - } - return ret; - -err: - if (out == NULL || *out != ret) { - EVP_PKEY_free(ret); - } - return NULL; -} - -EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) { - STACK_OF(ASN1_TYPE) *inkey; - const uint8_t *p; - int keytype; - p = *inp; - - /* Dirty trick: read in the ASN1 data into out STACK_OF(ASN1_TYPE): - * by analyzing it we can determine the passed structure: this - * assumes the input is surrounded by an ASN1 SEQUENCE. */ - inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, len); - /* Since we only need to discern "traditional format" RSA and DSA - * keys we can just count the elements. */ - if (sk_ASN1_TYPE_num(inkey) == 6) { - keytype = EVP_PKEY_DSA; - } else if (sk_ASN1_TYPE_num(inkey) == 4) { - keytype = EVP_PKEY_EC; - } else if (sk_ASN1_TYPE_num(inkey) == 3) { - /* This seems to be PKCS8, not traditional format */ - PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); - EVP_PKEY *ret; - - sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); - if (!p8) { - OPENSSL_PUT_ERROR(EVP, d2i_AutoPrivateKey, - EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return NULL; - } - ret = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - if (out) { - *out = ret; - } - return ret; - } else { - keytype = EVP_PKEY_RSA; - } - - sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); - return d2i_PrivateKey(keytype, out, inp, len); -} - -int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) { - switch (key->type) { - case EVP_PKEY_RSA: - return i2d_RSAPublicKey(key->pkey.rsa, outp); - case EVP_PKEY_DSA: - return i2d_DSAPublicKey(key->pkey.dsa, outp); - case EVP_PKEY_EC: - return i2o_ECPublicKey(key->pkey.ec, outp); - default: - OPENSSL_PUT_ERROR(EVP, i2d_PublicKey, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return -1; - } -} diff --git a/crypto/evp/evp_asn1.c b/crypto/evp/evp_asn1.c new file mode 100644 index 00000000..3df9f52b --- /dev/null +++ b/crypto/evp/evp_asn1.c @@ -0,0 +1,167 @@ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ + +#include + +#include +#include +#include +#include + +#include "internal.h" + + +EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp, + long len) { + EVP_PKEY *ret; + + if (out == NULL || *out == NULL) { + ret = EVP_PKEY_new(); + if (ret == NULL) { + OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_EVP_LIB); + return NULL; + } + } else { + ret = *out; + } + + if (!EVP_PKEY_set_type(ret, type)) { + OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE); + goto err; + } + + if (!ret->ameth->old_priv_decode || + !ret->ameth->old_priv_decode(ret, inp, len)) { + if (ret->ameth->priv_decode) { + PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); + if (!p8) { + goto err; + } + EVP_PKEY_free(ret); + ret = EVP_PKCS82PKEY(p8); + PKCS8_PRIV_KEY_INFO_free(p8); + } else { + OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_ASN1_LIB); + goto err; + } + } + + if (out != NULL) { + *out = ret; + } + return ret; + +err: + if (out == NULL || *out != ret) { + EVP_PKEY_free(ret); + } + return NULL; +} + +EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) { + STACK_OF(ASN1_TYPE) *inkey; + const uint8_t *p; + int keytype; + p = *inp; + + /* Dirty trick: read in the ASN1 data into out STACK_OF(ASN1_TYPE): + * by analyzing it we can determine the passed structure: this + * assumes the input is surrounded by an ASN1 SEQUENCE. */ + inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, len); + /* Since we only need to discern "traditional format" RSA and DSA + * keys we can just count the elements. */ + if (sk_ASN1_TYPE_num(inkey) == 6) { + keytype = EVP_PKEY_DSA; + } else if (sk_ASN1_TYPE_num(inkey) == 4) { + keytype = EVP_PKEY_EC; + } else if (sk_ASN1_TYPE_num(inkey) == 3) { + /* This seems to be PKCS8, not traditional format */ + PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); + EVP_PKEY *ret; + + sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); + if (!p8) { + OPENSSL_PUT_ERROR(EVP, d2i_AutoPrivateKey, + EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return NULL; + } + ret = EVP_PKCS82PKEY(p8); + PKCS8_PRIV_KEY_INFO_free(p8); + if (out) { + *out = ret; + } + return ret; + } else { + keytype = EVP_PKEY_RSA; + } + + sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); + return d2i_PrivateKey(keytype, out, inp, len); +} + +int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) { + switch (key->type) { + case EVP_PKEY_RSA: + return i2d_RSAPublicKey(key->pkey.rsa, outp); + case EVP_PKEY_DSA: + return i2d_DSAPublicKey(key->pkey.dsa, outp); + case EVP_PKEY_EC: + return i2o_ECPublicKey(key->pkey.ec, outp); + default: + OPENSSL_PUT_ERROR(EVP, i2d_PublicKey, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return -1; + } +} -- cgit v1.2.3