]> git.ipfire.org Git - thirdparty/openssl.git/blob - ssl/ssl_rsa.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Import of old SSLeay release: SSLeay 0.9.0b
[thirdparty/openssl.git] / ssl / ssl_rsa.c
1 /* ssl/ssl_rsa.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59 #include <stdio.h>
60 #include "bio.h"
61 #include "objects.h"
62 #include "evp.h"
63 #include "x509.h"
64 #include "pem.h"
65 #include "ssl_locl.h"
66
67 #ifndef NOPROTO
68 static int ssl_set_cert(CERT *c, X509 *x509);
69 static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
70 #else
71 static int ssl_set_cert();
72 static int ssl_set_pkey();
73 #endif
74
75 int SSL_use_certificate(ssl, x)
76 SSL *ssl;
77 X509 *x;
78 {
79 CERT *c;
80
81 if (x == NULL)
82 {
83 SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
84 return(0);
85 }
86 if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert))
87 {
88 c=ssl_cert_new();
89 if (c == NULL)
90 {
91 SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
92 return(0);
93 }
94 if (ssl->cert != NULL) ssl_cert_free(ssl->cert);
95 ssl->cert=c;
96 }
97 c=ssl->cert;
98
99 return(ssl_set_cert(c,x));
100 }
101
102 #ifndef NO_STDIO
103 int SSL_use_certificate_file(ssl, file, type)
104 SSL *ssl;
105 char *file;
106 int type;
107 {
108 int j;
109 BIO *in;
110 int ret=0;
111 X509 *x=NULL;
112
113 in=BIO_new(BIO_s_file_internal());
114 if (in == NULL)
115 {
116 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
117 goto end;
118 }
119
120 if (BIO_read_filename(in,file) <= 0)
121 {
122 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
123 goto end;
124 }
125 if (type == SSL_FILETYPE_ASN1)
126 {
127 j=ERR_R_ASN1_LIB;
128 x=d2i_X509_bio(in,NULL);
129 }
130 else if (type == SSL_FILETYPE_PEM)
131 {
132 j=ERR_R_PEM_LIB;
133 x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback);
134 }
135 else
136 {
137 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
138 goto end;
139 }
140
141 if (x == NULL)
142 {
143 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j);
144 goto end;
145 }
146
147 ret=SSL_use_certificate(ssl,x);
148 end:
149 if (x != NULL) X509_free(x);
150 if (in != NULL) BIO_free(in);
151 return(ret);
152 }
153 #endif
154
155 int SSL_use_certificate_ASN1(ssl, len, d)
156 SSL *ssl;
157 int len;
158 unsigned char *d;
159 {
160 X509 *x;
161 int ret;
162
163 x=d2i_X509(NULL,&d,(long)len);
164 if (x == NULL)
165 {
166 SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
167 return(0);
168 }
169
170 ret=SSL_use_certificate(ssl,x);
171 X509_free(x);
172 return(ret);
173 }
174
175 #ifndef NO_RSA
176 int SSL_use_RSAPrivateKey(ssl, rsa)
177 SSL *ssl;
178 RSA *rsa;
179 {
180 CERT *c;
181 EVP_PKEY *pkey;
182 int ret;
183
184 if (rsa == NULL)
185 {
186 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
187 return(0);
188 }
189
190 if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert))
191 {
192 c=ssl_cert_new();
193 if (c == NULL)
194 {
195 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
196 return(0);
197 }
198 if (ssl->cert != NULL) ssl_cert_free(ssl->cert);
199 ssl->cert=c;
200 }
201 c=ssl->cert;
202 if ((pkey=EVP_PKEY_new()) == NULL)
203 {
204 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
205 return(0);
206 }
207
208 CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
209 EVP_PKEY_assign_RSA(pkey,rsa);
210
211 ret=ssl_set_pkey(c,pkey);
212 EVP_PKEY_free(pkey);
213 return(ret);
214 }
215 #endif
216
217 static int ssl_set_pkey(c,pkey)
218 CERT *c;
219 EVP_PKEY *pkey;
220 {
221 int i,ok=0,bad=0;
222
223 i=ssl_cert_type(NULL,pkey);
224 if (i < 0)
225 {
226 SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
227 return(0);
228 }
229
230 if (c->pkeys[i].x509 != NULL)
231 {
232 #ifndef NO_RSA
233 /* Don't check the public/private key, this is mostly
234 * for smart cards. */
235 if ((pkey->type == EVP_PKEY_RSA) &&
236 (RSA_flags(pkey->pkey.rsa) &
237 RSA_METHOD_FLAG_NO_CHECK))
238 ok=1;
239 else
240 #endif
241 if (!X509_check_private_key(c->pkeys[i].x509,pkey))
242 {
243 if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
244 {
245 i=(i == SSL_PKEY_DH_RSA)?
246 SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
247
248 if (c->pkeys[i].x509 == NULL)
249 ok=1;
250 else
251 {
252 if (!X509_check_private_key(
253 c->pkeys[i].x509,pkey))
254 bad=1;
255 else
256 ok=1;
257 }
258 }
259 else
260 bad=1;
261 }
262 else
263 ok=1;
264 }
265 else
266 ok=1;
267
268 if (bad)
269 {
270 X509_free(c->pkeys[i].x509);
271 c->pkeys[i].x509=NULL;
272 return(0);
273 }
274
275 if (c->pkeys[i].privatekey != NULL)
276 EVP_PKEY_free(c->pkeys[i].privatekey);
277 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
278 c->pkeys[i].privatekey=pkey;
279 c->key= &(c->pkeys[i]);
280
281 c->valid=0;
282 return(1);
283 }
284
285 #ifndef NO_RSA
286 #ifndef NO_STDIO
287 int SSL_use_RSAPrivateKey_file(ssl, file, type)
288 SSL *ssl;
289 char *file;
290 int type;
291 {
292 int j,ret=0;
293 BIO *in;
294 RSA *rsa=NULL;
295
296 in=BIO_new(BIO_s_file_internal());
297 if (in == NULL)
298 {
299 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
300 goto end;
301 }
302
303 if (BIO_read_filename(in,file) <= 0)
304 {
305 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
306 goto end;
307 }
308 if (type == SSL_FILETYPE_ASN1)
309 {
310 j=ERR_R_ASN1_LIB;
311 rsa=d2i_RSAPrivateKey_bio(in,NULL);
312 }
313 else if (type == SSL_FILETYPE_PEM)
314 {
315 j=ERR_R_PEM_LIB;
316 rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
317 ssl->ctx->default_passwd_callback);
318 }
319 else
320 {
321 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
322 goto end;
323 }
324 if (rsa == NULL)
325 {
326 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j);
327 goto end;
328 }
329 ret=SSL_use_RSAPrivateKey(ssl,rsa);
330 RSA_free(rsa);
331 end:
332 if (in != NULL) BIO_free(in);
333 return(ret);
334 }
335 #endif
336
337 int SSL_use_RSAPrivateKey_ASN1(ssl,d,len)
338 SSL *ssl;
339 unsigned char *d;
340 long len;
341 {
342 int ret;
343 unsigned char *p;
344 RSA *rsa;
345
346 p=d;
347 if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
348 {
349 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
350 return(0);
351 }
352
353 ret=SSL_use_RSAPrivateKey(ssl,rsa);
354 RSA_free(rsa);
355 return(ret);
356 }
357 #endif /* !NO_RSA */
358
359 int SSL_use_PrivateKey(ssl, pkey)
360 SSL *ssl;
361 EVP_PKEY *pkey;
362 {
363 CERT *c;
364 int ret;
365
366 if (pkey == NULL)
367 {
368 SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
369 return(0);
370 }
371
372 if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert))
373 {
374 c=ssl_cert_new();
375 if (c == NULL)
376 {
377 SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
378 return(0);
379 }
380 if (ssl->cert != NULL) ssl_cert_free(ssl->cert);
381 ssl->cert=c;
382 }
383 c=ssl->cert;
384
385 ret=ssl_set_pkey(c,pkey);
386 return(ret);
387 }
388
389 #ifndef NO_STDIO
390 int SSL_use_PrivateKey_file(ssl, file, type)
391 SSL *ssl;
392 char *file;
393 int type;
394 {
395 int j,ret=0;
396 BIO *in;
397 EVP_PKEY *pkey=NULL;
398
399 in=BIO_new(BIO_s_file_internal());
400 if (in == NULL)
401 {
402 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
403 goto end;
404 }
405
406 if (BIO_read_filename(in,file) <= 0)
407 {
408 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
409 goto end;
410 }
411 if (type == SSL_FILETYPE_PEM)
412 {
413 j=ERR_R_PEM_LIB;
414 pkey=PEM_read_bio_PrivateKey(in,NULL,
415 ssl->ctx->default_passwd_callback);
416 }
417 else
418 {
419 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
420 goto end;
421 }
422 if (pkey == NULL)
423 {
424 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j);
425 goto end;
426 }
427 ret=SSL_use_PrivateKey(ssl,pkey);
428 EVP_PKEY_free(pkey);
429 end:
430 if (in != NULL) BIO_free(in);
431 return(ret);
432 }
433 #endif
434
435 int SSL_use_PrivateKey_ASN1(type,ssl,d,len)
436 int type;
437 SSL *ssl;
438 unsigned char *d;
439 long len;
440 {
441 int ret;
442 unsigned char *p;
443 EVP_PKEY *pkey;
444
445 p=d;
446 if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
447 {
448 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
449 return(0);
450 }
451
452 ret=SSL_use_PrivateKey(ssl,pkey);
453 EVP_PKEY_free(pkey);
454 return(ret);
455 }
456
457 int SSL_CTX_use_certificate(ctx, x)
458 SSL_CTX *ctx;
459 X509 *x;
460 {
461 CERT *c;
462
463 if (x == NULL)
464 {
465 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
466 return(0);
467 }
468
469 if (ctx->default_cert == NULL)
470 {
471 c=ssl_cert_new();
472 if (c == NULL)
473 {
474 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
475 return(0);
476 }
477 ctx->default_cert=c;
478 }
479 c=ctx->default_cert;
480
481 return(ssl_set_cert(c,x));
482 }
483
484 static int ssl_set_cert(c,x)
485 CERT *c;
486 X509 *x;
487 {
488 EVP_PKEY *pkey;
489 int i,ok=0,bad=0;
490
491 pkey=X509_get_pubkey(x);
492 if (pkey == NULL)
493 {
494 SSLerr(SSL_F_SSL_SET_CERT,SSL_R_X509_LIB);
495 return(0);
496 }
497
498 i=ssl_cert_type(x,pkey);
499 if (i < 0)
500 {
501 SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
502 return(0);
503 }
504
505 if (c->pkeys[i].privatekey != NULL)
506 {
507 if (!X509_check_private_key(x,c->pkeys[i].privatekey))
508 {
509 if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
510 {
511 i=(i == SSL_PKEY_DH_RSA)?
512 SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
513
514 if (c->pkeys[i].privatekey == NULL)
515 ok=1;
516 else
517 {
518 if (!X509_check_private_key(x,
519 c->pkeys[i].privatekey))
520 bad=1;
521 else
522 ok=1;
523 }
524 }
525 else
526 bad=1;
527 }
528 else
529 ok=1;
530 }
531 else
532 ok=1;
533
534 if (bad)
535 {
536 EVP_PKEY_free(c->pkeys[i].privatekey);
537 c->pkeys[i].privatekey=NULL;
538 }
539
540 if (c->pkeys[i].x509 != NULL)
541 X509_free(c->pkeys[i].x509);
542 CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
543 c->pkeys[i].x509=x;
544 c->key= &(c->pkeys[i]);
545
546 c->valid=0;
547 return(1);
548 }
549
550 #ifndef NO_STDIO
551 int SSL_CTX_use_certificate_file(ctx, file, type)
552 SSL_CTX *ctx;
553 char *file;
554 int type;
555 {
556 int j;
557 BIO *in;
558 int ret=0;
559 X509 *x=NULL;
560
561 in=BIO_new(BIO_s_file_internal());
562 if (in == NULL)
563 {
564 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
565 goto end;
566 }
567
568 if (BIO_read_filename(in,file) <= 0)
569 {
570 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
571 goto end;
572 }
573 if (type == SSL_FILETYPE_ASN1)
574 {
575 j=ERR_R_ASN1_LIB;
576 x=d2i_X509_bio(in,NULL);
577 }
578 else if (type == SSL_FILETYPE_PEM)
579 {
580 j=ERR_R_PEM_LIB;
581 x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback);
582 }
583 else
584 {
585 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
586 goto end;
587 }
588
589 if (x == NULL)
590 {
591 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j);
592 goto end;
593 }
594
595 ret=SSL_CTX_use_certificate(ctx,x);
596 end:
597 if (x != NULL) X509_free(x);
598 if (in != NULL) BIO_free(in);
599 return(ret);
600 }
601 #endif
602
603 int SSL_CTX_use_certificate_ASN1(ctx, len, d)
604 SSL_CTX *ctx;
605 int len;
606 unsigned char *d;
607 {
608 X509 *x;
609 int ret;
610
611 x=d2i_X509(NULL,&d,(long)len);
612 if (x == NULL)
613 {
614 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
615 return(0);
616 }
617
618 ret=SSL_CTX_use_certificate(ctx,x);
619 X509_free(x);
620 return(ret);
621 }
622
623 #ifndef NO_RSA
624 int SSL_CTX_use_RSAPrivateKey(ctx, rsa)
625 SSL_CTX *ctx;
626 RSA *rsa;
627 {
628 int ret;
629 CERT *c;
630 EVP_PKEY *pkey;
631
632 if (rsa == NULL)
633 {
634 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
635 return(0);
636 }
637 if (ctx->default_cert == NULL)
638 {
639 c=ssl_cert_new();
640 if (c == NULL)
641 {
642 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
643 return(0);
644 }
645 ctx->default_cert=c;
646 }
647 c=ctx->default_cert;
648
649 if ((pkey=EVP_PKEY_new()) == NULL)
650 {
651 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
652 return(0);
653 }
654
655 CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
656 EVP_PKEY_assign_RSA(pkey,rsa);
657
658 ret=ssl_set_pkey(c,pkey);
659 EVP_PKEY_free(pkey);
660 return(ret);
661 }
662
663 #ifndef NO_STDIO
664 int SSL_CTX_use_RSAPrivateKey_file(ctx, file, type)
665 SSL_CTX *ctx;
666 char *file;
667 int type;
668 {
669 int j,ret=0;
670 BIO *in;
671 RSA *rsa=NULL;
672
673 in=BIO_new(BIO_s_file_internal());
674 if (in == NULL)
675 {
676 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
677 goto end;
678 }
679
680 if (BIO_read_filename(in,file) <= 0)
681 {
682 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
683 goto end;
684 }
685 if (type == SSL_FILETYPE_ASN1)
686 {
687 j=ERR_R_ASN1_LIB;
688 rsa=d2i_RSAPrivateKey_bio(in,NULL);
689 }
690 else if (type == SSL_FILETYPE_PEM)
691 {
692 j=ERR_R_PEM_LIB;
693 rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
694 ctx->default_passwd_callback);
695 }
696 else
697 {
698 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
699 goto end;
700 }
701 if (rsa == NULL)
702 {
703 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j);
704 goto end;
705 }
706 ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
707 RSA_free(rsa);
708 end:
709 if (in != NULL) BIO_free(in);
710 return(ret);
711 }
712 #endif
713
714 int SSL_CTX_use_RSAPrivateKey_ASN1(ctx,d,len)
715 SSL_CTX *ctx;
716 unsigned char *d;
717 long len;
718 {
719 int ret;
720 unsigned char *p;
721 RSA *rsa;
722
723 p=d;
724 if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
725 {
726 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
727 return(0);
728 }
729
730 ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
731 RSA_free(rsa);
732 return(ret);
733 }
734 #endif /* !NO_RSA */
735
736 int SSL_CTX_use_PrivateKey(ctx, pkey)
737 SSL_CTX *ctx;
738 EVP_PKEY *pkey;
739 {
740 CERT *c;
741
742 if (pkey == NULL)
743 {
744 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
745 return(0);
746 }
747
748 if (ctx->default_cert == NULL)
749 {
750 c=ssl_cert_new();
751 if (c == NULL)
752 {
753 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
754 return(0);
755 }
756 ctx->default_cert=c;
757 }
758 c=ctx->default_cert;
759
760 return(ssl_set_pkey(c,pkey));
761 }
762
763 #ifndef NO_STDIO
764 int SSL_CTX_use_PrivateKey_file(ctx, file, type)
765 SSL_CTX *ctx;
766 char *file;
767 int type;
768 {
769 int j,ret=0;
770 BIO *in;
771 EVP_PKEY *pkey=NULL;
772
773 in=BIO_new(BIO_s_file_internal());
774 if (in == NULL)
775 {
776 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
777 goto end;
778 }
779
780 if (BIO_read_filename(in,file) <= 0)
781 {
782 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
783 goto end;
784 }
785 if (type == SSL_FILETYPE_PEM)
786 {
787 j=ERR_R_PEM_LIB;
788 pkey=PEM_read_bio_PrivateKey(in,NULL,
789 ctx->default_passwd_callback);
790 }
791 else
792 {
793 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
794 goto end;
795 }
796 if (pkey == NULL)
797 {
798 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j);
799 goto end;
800 }
801 ret=SSL_CTX_use_PrivateKey(ctx,pkey);
802 EVP_PKEY_free(pkey);
803 end:
804 if (in != NULL) BIO_free(in);
805 return(ret);
806 }
807 #endif
808
809 int SSL_CTX_use_PrivateKey_ASN1(type,ctx,d,len)
810 int type;
811 SSL_CTX *ctx;
812 unsigned char *d;
813 long len;
814 {
815 int ret;
816 unsigned char *p;
817 EVP_PKEY *pkey;
818
819 p=d;
820 if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
821 {
822 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
823 return(0);
824 }
825
826 ret=SSL_CTX_use_PrivateKey(ctx,pkey);
827 EVP_PKEY_free(pkey);
828 return(ret);
829 }
830
831
A mirror of the official openssl repository