1 /* 2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #ifndef HEADER_PEM_H 11 # define HEADER_PEM_H 12 13 # include <openssl/e_os2.h> 14 # include <openssl/bio.h> 15 # include <openssl/safestack.h> 16 # include <openssl/evp.h> 17 # include <openssl/x509.h> 18 # include <openssl/pemerr.h> 19 20 #ifdef __cplusplus 21 extern "C" { 22 #endif 23 24 # define PEM_BUFSIZE 1024 25 26 # define PEM_STRING_X509_OLD "X509 CERTIFICATE" 27 # define PEM_STRING_X509 "CERTIFICATE" 28 # define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE" 29 # define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" 30 # define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" 31 # define PEM_STRING_X509_CRL "X509 CRL" 32 # define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY" 33 # define PEM_STRING_PUBLIC "PUBLIC KEY" 34 # define PEM_STRING_RSA "RSA PRIVATE KEY" 35 # define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY" 36 # define PEM_STRING_DSA "DSA PRIVATE KEY" 37 # define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY" 38 # define PEM_STRING_PKCS7 "PKCS7" 39 # define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA" 40 # define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY" 41 # define PEM_STRING_PKCS8INF "PRIVATE KEY" 42 # define PEM_STRING_DHPARAMS "DH PARAMETERS" 43 # define PEM_STRING_DHXPARAMS "X9.42 DH PARAMETERS" 44 # define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" 45 # define PEM_STRING_DSAPARAMS "DSA PARAMETERS" 46 # define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY" 47 # define PEM_STRING_ECPARAMETERS "EC PARAMETERS" 48 # define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" 49 # define PEM_STRING_PARAMETERS "PARAMETERS" 50 # define PEM_STRING_CMS "CMS" 51 52 # define PEM_TYPE_ENCRYPTED 10 53 # define PEM_TYPE_MIC_ONLY 20 54 # define PEM_TYPE_MIC_CLEAR 30 55 # define PEM_TYPE_CLEAR 40 56 57 /* 58 * These macros make the PEM_read/PEM_write functions easier to maintain and 59 * write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or 60 * IMPLEMENT_PEM_rw_cb(...) 61 */ 62 63 # ifdef OPENSSL_NO_STDIO 64 65 # define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/ 66 # define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/ 67 # define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/ 68 # define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/ 69 # define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/ 70 # else 71 72 # define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ 73 type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\ 74 { \ 75 return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \ 76 } 77 78 # define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ 79 int PEM_write_##name(FILE *fp, type *x) \ 80 { \ 81 return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \ 82 } 83 84 # define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \ 85 int PEM_write_##name(FILE *fp, const type *x) \ 86 { \ 87 return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \ 88 } 89 90 # define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ 91 int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ 92 unsigned char *kstr, int klen, pem_password_cb *cb, \ 93 void *u) \ 94 { \ 95 return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ 96 } 97 98 # define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \ 99 int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ 100 unsigned char *kstr, int klen, pem_password_cb *cb, \ 101 void *u) \ 102 { \ 103 return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ 104 } 105 106 # endif 107 108 # define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ 109 type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\ 110 { \ 111 return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \ 112 } 113 114 # define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ 115 int PEM_write_bio_##name(BIO *bp, type *x) \ 116 { \ 117 return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \ 118 } 119 120 # define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ 121 int PEM_write_bio_##name(BIO *bp, const type *x) \ 122 { \ 123 return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \ 124 } 125 126 # define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ 127 int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ 128 unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ 129 { \ 130 return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \ 131 } 132 133 # define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ 134 int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ 135 unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ 136 { \ 137 return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \ 138 } 139 140 # define IMPLEMENT_PEM_write(name, type, str, asn1) \ 141 IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ 142 IMPLEMENT_PEM_write_fp(name, type, str, asn1) 143 144 # define IMPLEMENT_PEM_write_const(name, type, str, asn1) \ 145 IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ 146 IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) 147 148 # define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ 149 IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ 150 IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) 151 152 # define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \ 153 IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ 154 IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) 155 156 # define IMPLEMENT_PEM_read(name, type, str, asn1) \ 157 IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ 158 IMPLEMENT_PEM_read_fp(name, type, str, asn1) 159 160 # define IMPLEMENT_PEM_rw(name, type, str, asn1) \ 161 IMPLEMENT_PEM_read(name, type, str, asn1) \ 162 IMPLEMENT_PEM_write(name, type, str, asn1) 163 164 # define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \ 165 IMPLEMENT_PEM_read(name, type, str, asn1) \ 166 IMPLEMENT_PEM_write_const(name, type, str, asn1) 167 168 # define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ 169 IMPLEMENT_PEM_read(name, type, str, asn1) \ 170 IMPLEMENT_PEM_write_cb(name, type, str, asn1) 171 172 /* These are the same except they are for the declarations */ 173 174 # if defined(OPENSSL_NO_STDIO) 175 176 # define DECLARE_PEM_read_fp(name, type) /**/ 177 # define DECLARE_PEM_write_fp(name, type) /**/ 178 # define DECLARE_PEM_write_fp_const(name, type) /**/ 179 # define DECLARE_PEM_write_cb_fp(name, type) /**/ 180 # else 181 182 # define DECLARE_PEM_read_fp(name, type) \ 183 type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u); 184 185 # define DECLARE_PEM_write_fp(name, type) \ 186 int PEM_write_##name(FILE *fp, type *x); 187 188 # define DECLARE_PEM_write_fp_const(name, type) \ 189 int PEM_write_##name(FILE *fp, const type *x); 190 191 # define DECLARE_PEM_write_cb_fp(name, type) \ 192 int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ 193 unsigned char *kstr, int klen, pem_password_cb *cb, void *u); 194 195 # endif 196 197 # define DECLARE_PEM_read_bio(name, type) \ 198 type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u); 199 200 # define DECLARE_PEM_write_bio(name, type) \ 201 int PEM_write_bio_##name(BIO *bp, type *x); 202 203 # define DECLARE_PEM_write_bio_const(name, type) \ 204 int PEM_write_bio_##name(BIO *bp, const type *x); 205 206 # define DECLARE_PEM_write_cb_bio(name, type) \ 207 int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ 208 unsigned char *kstr, int klen, pem_password_cb *cb, void *u); 209 210 # define DECLARE_PEM_write(name, type) \ 211 DECLARE_PEM_write_bio(name, type) \ 212 DECLARE_PEM_write_fp(name, type) 213 # define DECLARE_PEM_write_const(name, type) \ 214 DECLARE_PEM_write_bio_const(name, type) \ 215 DECLARE_PEM_write_fp_const(name, type) 216 # define DECLARE_PEM_write_cb(name, type) \ 217 DECLARE_PEM_write_cb_bio(name, type) \ 218 DECLARE_PEM_write_cb_fp(name, type) 219 # define DECLARE_PEM_read(name, type) \ 220 DECLARE_PEM_read_bio(name, type) \ 221 DECLARE_PEM_read_fp(name, type) 222 # define DECLARE_PEM_rw(name, type) \ 223 DECLARE_PEM_read(name, type) \ 224 DECLARE_PEM_write(name, type) 225 # define DECLARE_PEM_rw_const(name, type) \ 226 DECLARE_PEM_read(name, type) \ 227 DECLARE_PEM_write_const(name, type) 228 # define DECLARE_PEM_rw_cb(name, type) \ 229 DECLARE_PEM_read(name, type) \ 230 DECLARE_PEM_write_cb(name, type) 231 typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata); 232 233 int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher); 234 int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len, 235 pem_password_cb *callback, void *u); 236 237 int PEM_read_bio(BIO *bp, char **name, char **header, 238 unsigned char **data, long *len); 239 # define PEM_FLAG_SECURE 0x1 240 # define PEM_FLAG_EAY_COMPATIBLE 0x2 241 # define PEM_FLAG_ONLY_B64 0x4 242 int PEM_read_bio_ex(BIO *bp, char **name, char **header, 243 unsigned char **data, long *len, unsigned int flags); 244 int PEM_bytes_read_bio_secmem(unsigned char **pdata, long *plen, char **pnm, 245 const char *name, BIO *bp, pem_password_cb *cb, 246 void *u); 247 int PEM_write_bio(BIO *bp, const char *name, const char *hdr, 248 const unsigned char *data, long len); 249 int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, 250 const char *name, BIO *bp, pem_password_cb *cb, 251 void *u); 252 void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, 253 pem_password_cb *cb, void *u); 254 int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, 255 const EVP_CIPHER *enc, unsigned char *kstr, int klen, 256 pem_password_cb *cb, void *u); 257 258 STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, 259 pem_password_cb *cb, void *u); 260 int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, 261 unsigned char *kstr, int klen, 262 pem_password_cb *cd, void *u); 263 264 #ifndef OPENSSL_NO_STDIO 265 int PEM_read(FILE *fp, char **name, char **header, 266 unsigned char **data, long *len); 267 int PEM_write(FILE *fp, const char *name, const char *hdr, 268 const unsigned char *data, long len); 269 void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, 270 pem_password_cb *cb, void *u); 271 int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, 272 void *x, const EVP_CIPHER *enc, unsigned char *kstr, 273 int klen, pem_password_cb *callback, void *u); 274 STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, 275 pem_password_cb *cb, void *u); 276 #endif 277 278 int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); 279 int PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt); 280 int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, 281 unsigned int *siglen, EVP_PKEY *pkey); 282 283 /* The default pem_password_cb that's used internally */ 284 int PEM_def_callback(char *buf, int num, int rwflag, void *userdata); 285 void PEM_proc_type(char *buf, int type); 286 void PEM_dek_info(char *buf, const char *type, int len, char *str); 287 288 # include <openssl/symhacks.h> 289 290 DECLARE_PEM_rw(X509, X509) 291 DECLARE_PEM_rw(X509_AUX, X509) 292 DECLARE_PEM_rw(X509_REQ, X509_REQ) 293 DECLARE_PEM_write(X509_REQ_NEW, X509_REQ) 294 DECLARE_PEM_rw(X509_CRL, X509_CRL) 295 DECLARE_PEM_rw(PKCS7, PKCS7) 296 DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE) 297 DECLARE_PEM_rw(PKCS8, X509_SIG) 298 DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) 299 # ifndef OPENSSL_NO_RSA 300 DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) 301 DECLARE_PEM_rw_const(RSAPublicKey, RSA) 302 DECLARE_PEM_rw(RSA_PUBKEY, RSA) 303 # endif 304 # ifndef OPENSSL_NO_DSA 305 DECLARE_PEM_rw_cb(DSAPrivateKey, DSA) 306 DECLARE_PEM_rw(DSA_PUBKEY, DSA) 307 DECLARE_PEM_rw_const(DSAparams, DSA) 308 # endif 309 # ifndef OPENSSL_NO_EC 310 DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP) 311 DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY) 312 DECLARE_PEM_rw(EC_PUBKEY, EC_KEY) 313 # endif 314 # ifndef OPENSSL_NO_DH 315 DECLARE_PEM_rw_const(DHparams, DH) 316 DECLARE_PEM_write_const(DHxparams, DH) 317 # endif 318 DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY) 319 DECLARE_PEM_rw(PUBKEY, EVP_PKEY) 320 321 int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x, 322 const EVP_CIPHER *enc, 323 unsigned char *kstr, int klen, 324 pem_password_cb *cb, void *u); 325 326 int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, 327 char *kstr, int klen, 328 pem_password_cb *cb, void *u); 329 int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *, 330 char *, int, pem_password_cb *, void *); 331 int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, 332 char *kstr, int klen, 333 pem_password_cb *cb, void *u); 334 int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid, 335 char *kstr, int klen, 336 pem_password_cb *cb, void *u); 337 EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, 338 void *u); 339 340 # ifndef OPENSSL_NO_STDIO 341 int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, 342 char *kstr, int klen, 343 pem_password_cb *cb, void *u); 344 int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, 345 char *kstr, int klen, 346 pem_password_cb *cb, void *u); 347 int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, 348 char *kstr, int klen, 349 pem_password_cb *cb, void *u); 350 351 EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, 352 void *u); 353 354 int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, 355 char *kstr, int klen, pem_password_cb *cd, 356 void *u); 357 # endif 358 EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x); 359 int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x); 360 361 # ifndef OPENSSL_NO_DSA 362 EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length); 363 EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length); 364 EVP_PKEY *b2i_PrivateKey_bio(BIO *in); 365 EVP_PKEY *b2i_PublicKey_bio(BIO *in); 366 int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk); 367 int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk); 368 # ifndef OPENSSL_NO_RC4 369 EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u); 370 int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, 371 pem_password_cb *cb, void *u); 372 # endif 373 # endif 374 375 # ifdef __cplusplus 376 } 377 # endif 378 #endif 379