/* PEM <-> INTERNAL Macros --- fix for errors in OpenSSL */
PKI_OCSP_RESP *PEM_read_bio_PKI_OCSP_RESP( PKI_IO *bp, void *a,
void *b, void *c ) {
PKI_OCSP_RESP *ret = NULL;
if (( ret = (PKI_OCSP_RESP *)
PKI_Malloc ( sizeof( PKI_OCSP_RESP ))) == NULL ) {
return NULL;
}
#if OPENSSL_VERSION_NUMBER < 0x0090800fL
ret->resp = (PKI_X509_OCSP_RESP_VALUE *) PEM_ASN1_read_bio(
(char *(*)()) d2i_OCSP_RESPONSE,
PEM_STRING_OCSP_RESPONSE, bp, NULL, NULL, NULL);
#else
ret->resp = (PKI_X509_OCSP_RESP_VALUE *) PEM_ASN1_read_bio(
(void *(*)()) d2i_OCSP_RESPONSE,
PEM_STRING_OCSP_RESPONSE, bp, NULL, NULL, NULL);
#endif
if ( ret->resp == NULL ) {
PKI_Free ( ret );
return NULL;
}
ret->bs = OCSP_response_get1_basic(ret->resp);
return ret;
}
void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
pem_password_cb *cb, void *u)
{
BIO *b;
void *ret;
if ((b = BIO_new(BIO_s_file())) == NULL) {
PEMerr(PEM_F_PEM_ASN1_READ, ERR_R_BUF_LIB);
return 0;
}
BIO_set_fp(b, fp, BIO_NOCLOSE);
ret = PEM_ASN1_read_bio(d2i, name, b, x, cb, u);
BIO_free(b);
return ret;
}
void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
pem_password_cb *cb, void *u)
{
BIO *b;
void *ret;
if ((b=BIO_new(BIO_s_file())) == NULL)
{
OPENSSL_PUT_ERROR(PEM, PEM_ASN1_read, ERR_R_BUF_LIB);
return(0);
}
BIO_set_fp(b,fp,BIO_NOCLOSE);
ret=PEM_ASN1_read_bio(d2i,name,b,x,cb,u);
BIO_free(b);
return(ret);
}
// 根据给定的公钥获取RSA结构
//
// 本函数从openssl源码中crypto/pem/pem_all.c中第252行:
// IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
// 的定义修改而来,由从pem文件读取改为从内存中读取
RSA* get_rsa_from_public_key(const char* public_key)
{
RSA* rsa = NULL;
BIO *bio = NULL;
void *ret = NULL;
if ((bio=BIO_new(BIO_s_mem())) == NULL)
{
PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
return NULL;
}
BIO_puts(bio, public_key);
ret=PEM_ASN1_read_bio((d2i_of_void *)d2i_RSA_PUBKEY,"PUBLIC KEY",bio,(void **)rsa,NULL, NULL);
BIO_free(bio);
return (RSA*)ret;
}
static EVP_PKEY *tpm_engine_load_key(ENGINE *e, const char *key_id,
UI_METHOD *ui, void *cb_data)
{
ASN1_OCTET_STRING *blobstr;
TSS_HKEY hKey;
TSS_RESULT result;
UINT32 authusage;
RSA *rsa;
EVP_PKEY *pkey;
BIO *bf;
DBG("%s", __FUNCTION__);
if (!key_id) {
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (!tpm_load_srk(ui, cb_data)) {
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, TPM_R_SRK_LOAD_FAILED);
return NULL;
}
if ((bf = BIO_new_file(key_id, "r")) == NULL) {
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY,
TPM_R_FILE_NOT_FOUND);
return NULL;
}
blobstr = PEM_ASN1_read_bio((void *)d2i_ASN1_OCTET_STRING,
"TSS KEY BLOB", bf, NULL, NULL, NULL);
if (!blobstr) {
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY,
TPM_R_FILE_READ_FAILED);
BIO_free(bf);
return NULL;
}
BIO_free(bf);
DBG("Loading blob of size: %d", blobstr->length);
if ((result = Tspi_Context_LoadKeyByBlob(hContext, hSRK,
blobstr->length,
blobstr->data, &hKey))) {
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY,
TPM_R_REQUEST_FAILED);
return NULL;
}
ASN1_OCTET_STRING_free(blobstr);
if ((result = Tspi_GetAttribUint32(hKey, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_AUTHUSAGE,
&authusage))) {
Tspi_Context_CloseObject(hContext, hKey);
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY,
TPM_R_REQUEST_FAILED);
return NULL;
}
if (authusage) {
TSS_HPOLICY hPolicy;
BYTE *auth;
if ((auth = calloc(1, 128)) == NULL) {
Tspi_Context_CloseObject(hContext, hKey);
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, ERR_R_MALLOC_FAILURE);
return NULL;
}
if (!tpm_engine_get_auth(ui, (char *)auth, 128,
"TPM Key Password: ",
cb_data)) {
Tspi_Context_CloseObject(hContext, hKey);
free(auth);
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, TPM_R_REQUEST_FAILED);
return NULL;
}
if ((result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_POLICY,
TSS_POLICY_USAGE,
&hPolicy))) {
Tspi_Context_CloseObject(hContext, hKey);
free(auth);
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, TPM_R_REQUEST_FAILED);
return 0;
}
if ((result = Tspi_Policy_AssignToObject(hPolicy, hKey))) {
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_CloseObject(hContext, hPolicy);
free(auth);
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, TPM_R_REQUEST_FAILED);
return 0;
}
if ((result = Tspi_Policy_SetSecret(hPolicy,
TSS_SECRET_MODE_PLAIN,
strlen((char *)auth), auth))) {
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_CloseObject(hContext, hPolicy);
free(auth);
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, TPM_R_REQUEST_FAILED);
return 0;
}
free(auth);
}
/* create the new objects to return */
if ((pkey = EVP_PKEY_new()) == NULL) {
Tspi_Context_CloseObject(hContext, hKey);
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, ERR_R_MALLOC_FAILURE);
return NULL;
}
pkey->type = EVP_PKEY_RSA;
if ((rsa = RSA_new()) == NULL) {
EVP_PKEY_free(pkey);
Tspi_Context_CloseObject(hContext, hKey);
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, ERR_R_MALLOC_FAILURE);
return NULL;
}
rsa->meth = &tpm_rsa;
/* call our local init function here */
rsa->meth->init(rsa);
pkey->pkey.rsa = rsa;
if (!fill_out_rsa_object(rsa, hKey)) {
EVP_PKEY_free(pkey);
RSA_free(rsa);
Tspi_Context_CloseObject(hContext, hKey);
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, TPM_R_REQUEST_FAILED);
return NULL;
}
EVP_PKEY_assign_RSA(pkey, rsa);
return pkey;
}
X509 *
PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u)
{
return PEM_ASN1_read_bio((d2i_of_void *)d2i_X509_AUX, PEM_STRING_X509_TRUSTED, bp,
(void **)x, cb, u);
}
X509_CERT_PAIR *
PEM_read_bio_X509_CERT_PAIR(BIO *bp, X509_CERT_PAIR **x, pem_password_cb *cb, void *u)
{
return PEM_ASN1_read_bio((d2i_of_void *)d2i_X509_CERT_PAIR, PEM_STRING_X509_PAIR, bp,
(void **)x, cb, u);
}
