ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/OpenSSL/OpenSSL.xs
Revision: 1.1
Committed: Sat Oct 27 01:53:22 2001 UTC (22 years, 6 months ago) by stefan
Branch: MAIN
Log Message: 
*** empty log message ***

File Contents

# User Rev Content
1 stefan 1.1 #include "EXTERN.h"
2     #include "perl.h"
3     #include "XSUB.h"
4    
5     #include <openssl/bio.h>
6     #include <openssl/err.h>
7     #include <openssl/pem.h>
8     #include <openssl/evp.h>
9     #include <openssl/hmac.h>
10     #include <openssl/x509.h>
11     #include <openssl/x509v3.h>
12     #include <openssl/asn1.h>
13     #include <openssl/bn.h>
14     #include <openssl/pkcs12.h>
15     #include <openssl/rand.h>
16     #include <sys/types.h>
17     #include <openssl/md2.h>
18     #include <openssl/md4.h>
19     #include <openssl/md5.h>
20     #include <openssl/mdc2.h>
21     #include <openssl/ripemd.h>
22     #include <openssl/bn.h>
23     #include <openssl/rsa.h>
24     #include <openssl/sha.h> // fingerprint.
25     #include <openssl/blowfish.h> // single packet blowfish encoding.
26     #include <openssl/rand.h> // random generator.
27    
28     //#define EDEBUG 1
29     #ifdef EDEBUG
30     #define XD(...) fprintf(stderr, __VA_ARGS__); fflush(stderr)
31     #else
32     #define XD(...)
33     #endif
34    
35     static const char *ssl_error(void);
36    
37     #define GEN_INPUT(type,class) \
38     static inline type * input_##type(SV *sv) { \
39     XD("GEN_INPUT " class " sv=%p\n", sv); \
40     if(sv_derived_from(sv, class)) \
41     return (type *) SvIV(SvRV(sv)); \
42     croak("Not a reference to a " class " object"); \
43     return (type *) 0; }
44    
45    
46     #define GEN_OUTPUT(type,class) \
47     static inline SV* output_##type(type *foobar, SV *sv) { \
48     XD("GEN_OUTPUT " class " sv=%p\n", sv); \
49     return sv_setref_pv(sv, class, (void *) foobar); \
50     }
51    
52    
53     #define GEN_IO(type,class) \
54     GEN_INPUT(type,class) \
55     GEN_OUTPUT(type,class)
56    
57    
58     GEN_IO(X509,"OpenSSL::X509")
59     GEN_IO(X509_CRL,"OpenSSL::CRL")
60     GEN_IO(X509_NAME, "OpenSSL::Name")
61     GEN_IO(PKCS12, "OpenSSL::PKCS12")
62     GEN_IO(PKCS7, "OpenSSL::PKCS7")
63     GEN_IO(RSA, "OpenSSL::RSA")
64     GEN_IO(EVP_MD_CTX, "OpenSSL::Digest")
65     GEN_IO(EVP_CIPHER_CTX, "OpenSSL::Cipher")
66    
67    
68     static inline SV* output_ASN1_INTEGER(ASN1_INTEGER *ai, SV *sv)
69     {
70     if(!ai)
71     croak("got 0-ptr");
72     if(ai->type != V_ASN1_INTEGER)
73     croak("not asn1 integer type (%d)", ai->type);
74     //return newSViv(ASN1_INTEGER_get(ai));
75     sv_setiv(sv, ASN1_INTEGER_get(ai));
76     return sv;
77     }
78    
79     static inline SV* output_ASN1_UTCTIME(ASN1_UTCTIME *s, SV *sv)
80     {
81     struct tm tm;
82     int offs;
83     char buf[64];
84    
85     if(!s)
86     croak("got 0-ptr");
87     if(s->type != V_ASN1_UTCTIME)
88     croak("not asn1 utctime type (%d)", s->type);
89     if(!ASN1_UTCTIME_check(s))
90     croak("invalid UTC time.");
91     // fuck openssl crap.
92     memset(&tm, 0, sizeof tm);
93     #define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
94     tm.tm_year=g2(s->data);
95     if(tm.tm_year < 50)
96     tm.tm_year+=100;
97     tm.tm_mon=g2(s->data+2)-1;
98     tm.tm_mday=g2(s->data+4);
99     tm.tm_hour=g2(s->data+6);
100     tm.tm_min=g2(s->data+8);
101     tm.tm_sec=g2(s->data+10);
102     if(s->data[12] == 'Z')
103     offs=0;
104     else
105     {
106     offs=g2(s->data+13)*60+g2(s->data+15);
107     if(s->data[12] == '-')
108     offs= -offs;
109     }
110     #undef g2
111     if(!strftime(buf, 63, "%a, %d %b %Y %H:%M:%S %z", &tm)) {
112     croak("can't convert time.");
113     }
114     sv_setpv(sv, buf);
115     return sv;
116     }
117    
118     long fuck_cb(struct bio_st *bm, int m, const char *ptr, int l, long x, long y)
119     {
120     if(m == BIO_CB_WRITE) {
121     SV *sv = (SV *) BIO_get_callback_arg(bm);
122     sv_catpvn(sv, ptr, l);
123     }
124     if(m == BIO_CB_PUTS) {
125     SV *sv = (SV *) BIO_get_callback_arg(bm);
126     l = strlen(ptr);
127     sv_catpvn(sv, ptr, l);
128     }
129     return l;
130     }
131    
132     static inline BIO* sv_bio_create(void)
133     {
134     SV *sv;
135     BIO *bio;
136     sv = newSVpvn("",0);
137     // mem is completely broken for write, so we use /dev/null
138     // and use callbacks-hooks
139     bio = BIO_new_file("/dev/null", "wb");
140     BIO_set_callback(bio, fuck_cb);
141     BIO_set_callback_arg(bio, (void *)sv);
142     return bio;
143     }
144    
145     static inline BIO *sv_bio_create_file(SV *filename)
146     {
147     char *fn;
148     STRLEN l;
149    
150     return BIO_new_file(SvPV(filename, l), "wb");
151     }
152    
153     static inline SV * sv_bio_final(BIO *bio)
154     {
155     SV* sv;
156    
157     BIO_flush(bio);
158     sv = (SV *) BIO_get_callback_arg(bio);
159     BIO_free_all (bio);
160     // check for file:
161     if(!sv)
162     sv = &PL_sv_undef;
163     return sv;
164     }
165    
166     static inline void sv_bio_error(BIO *bio)
167     {
168     SV *sv;
169     sv = (SV *) BIO_get_callback_arg(bio);
170     if(sv)
171     sv_free(sv);
172     BIO_free_all (bio);
173     }
174    
175     static const char *ssl_error(void) // function leaks. :(
176     {
177     BIO *bio;
178     SV *sv;
179     STRLEN l;
180    
181     bio = sv_bio_create();
182     ERR_print_errors(bio);
183     sv = sv_bio_final(bio);
184     ERR_clear_error();
185     return SvPV(sv, l);
186     }
187    
188     static inline SV* output_BN(BIGNUM *n, SV *sv)
189     {
190     if (!n)
191     croak("parse error :)");
192    
193     sv_setpvn(sv, BN_bn2dec(n), 0);
194     return sv;
195     }
196    
197     static const char * digcvt(char *ret, const char *from, int len)
198     {
199     static const char *htab = "0123456789abcdef";
200     char *to = ret;
201     int i;
202     for(i = 0; i < len; i++) {
203     *to++ = htab[(*from >> 4) & 0xf];
204     *to++ = htab[*from++ & 0xf];
205     }
206     *to = 0;
207     return ret;
208     }
209    
210     /* mutt, anything else is broken ! */
211     static const char B64Chars[64] = {
212     'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O',
213     'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd',
214     'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's',
215     't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7',
216     '8', '9', '+', '/'
217     };
218    
219     static unsigned char *mutt_to_base64 (unsigned char *out, const unsigned char *in, size_t len,
220     size_t olen)
221     {
222     char *o = out;
223     while (len >= 3 && olen > 10)
224     {
225     *out++ = B64Chars[in[0] >> 2];
226     *out++ = B64Chars[((in[0] << 4) & 0x30) | (in[1] >> 4)];
227     *out++ = B64Chars[((in[1] << 2) & 0x3c) | (in[2] >> 6)];
228     *out++ = B64Chars[in[2] & 0x3f];
229     olen -= 4;
230     len -= 3;
231     in += 3;
232     }
233    
234     /* clean up remainder */
235     if (len > 0 && olen > 4)
236     {
237     unsigned char fragment;
238    
239     *out++ = B64Chars[in[0] >> 2];
240     fragment = (in[0] << 4) & 0x30;
241     if (len > 1)
242     fragment |= in[1] >> 4;
243     *out++ = B64Chars[fragment];
244     *out++ = (len < 2) ? '=' : B64Chars[(in[1] << 2) & 0x3c];
245     *out++ = '=';
246     }
247     *out = '\0';
248     return o;
249     }
250    
251     static inline SV* hexsv(unsigned char *s, unsigned len)
252     {
253     char *ret;
254     SV *sv;
255     ret = malloc((len<<1)+1);
256     if(!ret)
257     croak("malloc");
258     sv = newSVpv(digcvt(ret, s,len), len <<1);
259     free(ret);
260     return sv;
261     }
262    
263     static inline SV* base64sv(unsigned char *s, unsigned len)
264     {
265     char *ret;
266     SV *sv;
267     int enc_cnt = ((len+ 2) / 3) << 2;
268     ret = malloc(enc_cnt+1);
269     if(!ret)
270     croak("malloc");
271     sv = newSVpv(mutt_to_base64(ret, s,len, enc_cnt+1), enc_cnt);
272     free(ret);
273     return sv;
274    
275     }
276    
277     #define FLAG_HEX 0x10
278     #define FLAG_BASE64 0x20
279     #define NO_FLAGS(x) ((x) &0xf)
280    
281     static EVP_MD *_mds[9];
282    
283     static int mds_booted = 0;
284    
285     static void mds_boot (void)
286     {
287     if(mds_booted)
288     return;
289     mds_booted = 1;
290     OpenSSL_add_all_digests();
291     _mds[0] = EVP_md2();
292     _mds[1] = EVP_md4();
293     _mds[2] = EVP_md5();
294     _mds[3] = EVP_sha();
295     _mds[4] = EVP_sha1();
296     _mds[5] = EVP_dss();
297     _mds[6] = EVP_dss1();
298     _mds[7] = EVP_mdc2();
299     _mds[8] = EVP_ripemd160();
300     }
301    
302    
303    
304     static char *
305     dofp(X509 *x509, EVP_MD *digest)
306     {
307     unsigned char md[EVP_MAX_MD_SIZE];
308     unsigned static char s[EVP_MAX_MD_SIZE*3];
309     int n, i;
310    
311     if(!X509_digest(x509, digest, md, &n))
312     croak("Digest error: %s", ssl_error());
313     for(i = 0; i < n; i++) {
314     sprintf(&s[i*3], "%02X%c", md[i], (i + 1 == (int) n) ? '\0' : ':');
315     }
316     return s;
317     }
318    
319     static inline char *ol(X509_NAME *x)
320     {
321     static char buf[256];
322     X509_NAME_oneline(x, buf, 256);
323     return buf;
324     }
325    
326     static void run_sha1(char *digest, const char *msg, int msglen)
327     {
328     SHA_CTX ctx;
329    
330     if(!digest || !msg || msglen < 0)
331     croak("run_sha1: null pointer or illegal message len");
332     SHA1_Init(&ctx);
333     SHA1_Update(&ctx, msg, msglen);
334     SHA1_Final(digest, &ctx);
335     }
336    
337     static bool is_privkey(RSA *key)
338     {
339     return (key->n && key->e && key->d && key->p && key->q
340     && key->dmp1 && key->dmq1 && key->iqmp && key->d) ? 1 : 0;
341     }
342    
343     typedef struct {
344     EVP_CIPHER *func;
345     char name[20];
346     } cip_list_st;
347    
348     static cip_list_st cip_list[50];
349     static int cip_cnt = 0;
350    
351     static inline char *wappla_fixname(const char *s)
352     {
353     static char x[50];
354     char *p;
355     strcpy(x, s);
356     while((p = strchr(x, '_'))) {
357     *p = '-';
358     }
359     return x;
360     }
361    
362     static inline EVP_CIPHER *lookup_cipher(const char *name)
363     {
364     int i;
365     for(i = 0; i < cip_cnt;i++)
366     if(!strcmp(name, cip_list[i].name))
367     return cip_list[i].func;
368     return 0;
369     }
370    
371     #define ADD_C_(x) cip_list[cip_cnt].func = (EVP_##x()); \
372     strcpy(cip_list[cip_cnt++].name, wappla_fixname(#x))
373    
374     static int cipher_booted = 0;
375    
376     static void cipher_boot(void)
377     {
378     if(cipher_booted)
379     return;
380     cipher_booted++;
381     OpenSSL_add_all_ciphers();
382     #ifndef NO_DES
383     ADD_C_(des_ecb); ADD_C_(des_ede); ADD_C_(des_ede3);
384     ADD_C_(des_cfb); ADD_C_(des_ede_cfb); ADD_C_(des_ede3_cfb);
385     ADD_C_(des_ofb); ADD_C_(des_ede_ofb); ADD_C_(des_ede3_ofb);
386     ADD_C_(des_cbc); ADD_C_(des_ede_cbc); ADD_C_(des_ede3_cbc);
387     ADD_C_(desx_cbc);
388     #endif
389     #ifndef NO_RC4
390     ADD_C_(rc4); ADD_C_(rc4_40);
391     #endif
392     #ifndef NO_IDEA
393     ADD_C_(idea_ecb); ADD_C_(idea_cfb);
394     ADD_C_(idea_ofb); ADD_C_(idea_cbc);
395     #endif
396     #ifndef NI_RC2
397     ADD_C_(rc2_ecb); ADD_C_(rc2_cbc); ADD_C_(rc2_40_cbc);
398     ADD_C_(rc2_64_cbc); ADD_C_(rc2_cfb); ADD_C_(rc2_ofb);
399     #endif
400     #ifndef NO_BF
401     ADD_C_(bf_ecb); ADD_C_(bf_cbc);
402     ADD_C_(bf_cfb); ADD_C_(bf_ofb);
403     #endif
404     #ifndef NO_CAST
405     ADD_C_(cast5_ecb); ADD_C_(cast5_cbc);
406     ADD_C_(cast5_cfb); ADD_C_(cast5_ofb);
407     #endif
408     #ifndef NO_RC5
409     ADD_C_(rc5_32_12_16_cbc); ADD_C_(rc5_32_12_16_ecb);
410     ADD_C_(rc5_32_12_16_cfb); ADD_C_(rc5_32_12_16_ofb);
411     #endif
412     }
413    
414    
415     MODULE = OpenSSL PACKAGE = OpenSSL::RSA
416    
417     void
418     new_keygen(bits = 128, e = 35)
419     IV bits
420     IV e
421     PREINIT:
422     RSA *key;
423     PPCODE:
424     if(!(key = RSA_generate_key(bits, e, NULL, NULL)))
425     croak("RSA_generate_key");
426     EXTEND(sp, 1);
427     PUSHs(sv_newmortal());
428     sv_setref_pv(ST(0), "OpenSSL::RSA", (void *) key);
429    
430     void
431     new_pubkey(n, e)
432     char *n
433     char *e
434     PREINIT:
435     RSA *key;
436     PPCODE:
437     EXTEND(sp, 1);
438     PUSHs(sv_newmortal());
439     key = RSA_new();
440     if (!key)
441     croak("can't allocate key");
442     if(!(key->n = BN_new()) || !BN_dec2bn(&key->n, n)) {
443     RSA_free(key); croak("can't initialize n");
444     }
445     if(!(key->e = BN_new()) || !BN_dec2bn(&key->e, e)) {
446     RSA_free(key); croak("can't initialize e");
447     }
448     //key->p = 0, key->q = 0, key->dmp1 = 0, key->dmq1 = 0, key->iqmp = 0;
449     sv_setref_pv(ST(0), "OpenSSL::RSA", (void *) key);
450    
451    
452     void
453     new_privkey(n, e, p, q, dmp1, dmq1, iqmp, d)
454     char *n
455     char *e
456     char *p
457     char *q
458     char *dmp1
459     char *dmq1
460     char *iqmp
461     char *d
462     PREINIT:
463     RSA *key;
464     int rc;
465     PPCODE:
466     EXTEND(sp, 1);
467     PUSHs(sv_newmortal());
468     key = RSA_new();
469     if (!key)
470     croak("can't allocate key");
471     if(!(key->n = BN_new()) || !BN_dec2bn(&key->n, n)) {
472     RSA_free(key); croak("can't initialize n");
473     }
474     if(!(key->e = BN_new()) || !BN_dec2bn(&key->e, e)) {
475     RSA_free(key); croak("can't initialize e");
476     }
477     if(!(key->p = BN_new()) || !BN_dec2bn(&key->p, p)) {
478     RSA_free(key); croak("can't initialize p");
479     }
480     if(!(key->q = BN_new()) || !BN_dec2bn(&key->q, q)) {
481     RSA_free(key); croak("can't initialize q");
482     }
483     if(!(key->dmp1 = BN_new()) || !BN_dec2bn(&key->dmp1, dmp1)) {
484     RSA_free(key); croak("can't initialize dmp1");
485     }
486     if(!(key->dmq1 = BN_new()) || !BN_dec2bn(&key->dmq1, dmq1)) {
487     RSA_free(key); croak("can't initialize dmq1");
488     }
489     if(!(key->iqmp = BN_new()) || !BN_dec2bn(&key->iqmp, iqmp)) {
490     RSA_free(key); croak("can't initialize iqmp");
491     }
492     if(!(key->d = BN_new()) || !BN_dec2bn(&key->d, d)) {
493     RSA_free(key); croak("can't initialize d");
494     }
495     if((rc = RSA_check_key(key)) != 1) {
496     RSA_free(key); croak("RSA_check_key failed (%d).", rc);
497     }
498     sv_setref_pv(ST(0), "OpenSSL::RSA", (void *) key);
499    
500    
501     void
502     DESTROY(key)
503     RSA* key
504     CODE:
505     if (key) {
506     XD("RSA_free(%p)\n", key);
507     RSA_free(key);
508     }
509    
510     IV
511     keysize(key)
512     RSA *key;
513     CODE:
514     if (!key || !key->n)
515     croak("invalid key");
516     RETVAL = BN_num_bits(key->n);
517     OUTPUT:
518     RETVAL
519    
520     bool
521     check_key(key)
522     RSA *key;
523     PPCODE:
524     if(!key)
525     XSRETURN_NO;
526     if(RSA_check_key(key) == 1)
527     XSRETURN_YES;
528     XSRETURN_NO;
529    
530    
531     BIGNUM *
532     n(key)
533     RSA *key;
534     ALIAS:
535     e = 1
536     d = 2
537     p = 3
538     q = 4
539     dmp1 = 5
540     dmq1 = 6
541     iqmp = 7
542     PREINIT:
543     BIGNUM *bn = 0;
544     CODE:
545     if(!key)
546     croak("invalid key");
547     switch(ix) {
548     case 0: bn = key->n; break;
549     case 1: bn = key->e; break;
550     case 2: bn = key->d; break;
551     case 3: bn = key->p; break;
552     case 4: bn = key->q; break;
553     case 5: bn = key->dmp1; break;
554     case 6: bn = key->dmq1; break;
555     case 7: bn = key->iqmp; break;
556     default:
557     croak("huch");
558     }
559     if(!bn)
560     croak("bignum not defined (maybe pubkey ?)");
561     RETVAL = bn;
562     OUTPUT:
563     RETVAL
564    
565    
566     bool
567     is_privkey(key)
568     RSA *key;
569     CODE:
570     RETVAL = is_privkey(key);
571     OUTPUT:
572     RETVAL
573    
574     void
575     STORABLE_thaw(osv, cloning, sv)
576     SV *osv
577     bool cloning
578     SV *sv
579     PREINIT:
580     STRLEN len;
581     char *p;
582     unsigned int *i;
583     RSA *key = NULL;
584     PPCODE:
585     if(cloning)
586     return;
587     i = (unsigned int *) SvPV(sv, len);
588     if(i[2] == 0xffffffff) {
589     // public key
590     key = RSA_new();
591     p = (char *) &i[3];
592     key->n = BN_bin2bn(p, i[0], NULL);
593     key->e = BN_bin2bn(&p[i[0]], i[1], NULL);
594     } else if (i[8] == 0xffffffff) {
595     // private key
596     key = RSA_new();
597     p = (char *) &i[9];
598     key->n = BN_bin2bn(p, i[0], NULL);
599     p += i[0];
600     key->e = BN_bin2bn(p, i[1], NULL);
601     p += i[1];
602     key->d = BN_bin2bn(p, i[2], NULL);
603     p += i[2];
604     key->p = BN_bin2bn(p, i[3], NULL);
605     p += i[3];
606     key->q = BN_bin2bn(p, i[4], NULL);
607     p += i[4];
608     key->dmp1 = BN_bin2bn(p, i[5], NULL);
609     p += i[5];
610     key->dmq1 = BN_bin2bn(p, i[6], NULL);
611     p += i[6];
612     key->iqmp = BN_bin2bn(p, i[7], NULL);
613     }
614     if(!key)
615     croak("Illegal Storable format.");
616     sv_setiv(SvRV(osv), (IV) key);
617     //sv_setref_pv(SvRV(osv), "OpenSSL::RSA", newRV_noinc((void *) key);
618     //sv_setiv(osv, (IV) key);
619    
620    
621    
622     void
623     STORABLE_freeze(key, cloning)
624     RSA *key
625     bool cloning
626     PREINIT:
627     SV *sv;
628     STRLEN totlen;
629     PPCODE:
630     if(cloning)
631     return;
632     totlen = BN_num_bytes(key->n) + BN_num_bytes(key->e) + 3*sizeof(int);
633     if(!is_privkey(key)) {
634     int *y = malloc(totlen);
635     int *x = y;
636     char *p;
637     *x++ = BN_num_bytes(key->n);
638     *x++ = BN_num_bytes(key->e);
639     *x++ = 0xffffffff;
640     p = (char *) x;
641     p += BN_bn2bin(key->n, p);
642     p += BN_bn2bin(key->e, p);
643     XPUSHs(sv_2mortal(newSVpvn((char *)y, p - (char *) y)));
644     free(y);
645     } else {
646     int *y, *x;
647     char *p;
648     totlen += BN_num_bytes(key->d)
649     + BN_num_bytes(key->p)
650     + BN_num_bytes(key->q)
651     + BN_num_bytes(key->dmp1)
652     + BN_num_bytes(key->dmq1)
653     + BN_num_bytes(key->iqmp) + 6*sizeof(int);
654     y = malloc(totlen);
655     x = y;
656     *x++ = BN_num_bytes(key->n);
657     *x++ = BN_num_bytes(key->e);
658     *x++ = BN_num_bytes(key->d);
659     *x++ = BN_num_bytes(key->p);
660     *x++ = BN_num_bytes(key->q);
661     *x++ = BN_num_bytes(key->dmp1);
662     *x++ = BN_num_bytes(key->dmq1);
663     *x++ = BN_num_bytes(key->iqmp);
664     *x++ = 0xffffffff;
665     p = (char *) x;
666     p += BN_bn2bin(key->n, p);
667     p += BN_bn2bin(key->e, p);
668     p += BN_bn2bin(key->d, p);
669     p += BN_bn2bin(key->p, p);
670     p += BN_bn2bin(key->q, p);
671     p += BN_bn2bin(key->dmp1, p);
672     p += BN_bn2bin(key->dmq1, p);
673     p += BN_bn2bin(key->iqmp, p);
674     XPUSHs(sv_2mortal(newSVpvn((char *)y, p - (char *) y)));
675     free(y);
676     }
677    
678    
679     SV *
680     public_encrypt(key, sv)
681     RSA *key;
682     SV *sv;
683     ALIAS:
684     encrypt = 4
685     public_decrypt = 1
686     verify = 5
687     private_encrypt = 2
688     sign = 6
689     private_decrypt = 3
690     decrypt = 7
691     PREINIT:
692     static int (*func[4])(int, unsigned char *, unsigned char *, RSA *, int) = { RSA_public_encrypt, RSA_public_decrypt, RSA_private_encrypt, RSA_private_decrypt };
693     STRLEN len;
694     int keylen;
695     char *p;
696     char *out;
697     STRLEN rc;
698     CODE:
699     if(!SvPOK(sv))
700     croak ("need a string.");
701     p = SvPV(sv, len);
702     keylen = BN_num_bits(key->n);
703     if(!p || len < 1 || (len*8 > (keylen+7)&~0x7))
704     croak("illegal value");
705     RETVAL = NEWSV(0, len + keylen);
706     SvPOK_only(RETVAL);
707     SvCUR_set(RETVAL, len + keylen);
708     out = SvPV_nolen(RETVAL);
709     if((ix&0x3) > 1 && !is_privkey(key))
710     croak("need a private key.");
711     rc = func[ix&0x3](len, p, out, key, RSA_PKCS1_PADDING);
712     if(rc < 0) {
713     sv_free(RETVAL);
714     RETVAL = &PL_sv_undef;
715     croak("crypto error... rc=%d inlen=%d", rc, len);
716     }
717     SvCUR_set(RETVAL, rc);
718     OUTPUT:
719     RETVAL
720    
721    
722     void
723     fingerprint(key)
724     RSA *key
725     PREINIT:
726     char *x;
727     char dig[SHA_DIGEST_LENGTH];
728     int nlen, elen;
729     PPCODE:
730     nlen = BN_num_bytes(key->n);
731     elen = BN_num_bytes(key->e);
732     x = malloc(nlen + elen);
733     if(!x)
734     croak("malloc error");
735     BN_bn2bin(key->n, x);
736     BN_bn2bin(key->e, &x[nlen]);
737     //un_sha1(dig, x, nlen+elen);
738     free(x);
739     XPUSHs(sv_2mortal(newSVpvn(dig, SHA_DIGEST_LENGTH)));
740    
741     MODULE = OpenSSL PACKAGE = OpenSSL::Name
742    
743     PROTOTYPES: ENABLE
744    
745     void
746     new_name()
747     PREINIT:
748     X509_NAME *name;
749     PPCODE:
750     if(!(name = X509_NAME_new())) {
751     croak("X509_NAME_new");
752     }
753     EXTEND(sp, 1);
754     PUSHs(sv_newmortal());
755     sv_setref_pv(ST(0), "OpenSSL::Name", (void *) name);
756    
757    
758     void
759     add(name, key, string)
760     X509_NAME *name
761     SV *key
762     SV *string
763     PREINIT:
764     STRLEN l, kl;
765     char *p, *k;
766     int ok;
767     PPCODE:
768     p = SvPV(string, l);
769     if(SvIOK(key)) {
770     ok = X509_NAME_add_entry_by_NID(name, SvIV(key), MBSTRING_ASC, p, -1, -1, 0);
771     } else {
772     k = SvPV(key, kl);
773     ok = X509_NAME_add_entry_by_txt(name, k, MBSTRING_ASC, p, -1, -1, 0);
774     }
775     if(!ok)
776     croak("X509_NAME_add_entry_by_*: %s", ssl_error());
777    
778     IV
779     count(name)
780     X509_NAME *name
781     CODE:
782     RETVAL = X509_NAME_entry_count(name);
783     OUTPUT:
784     RETVAL
785    
786     void
787     getall(name)
788     X509_NAME *name
789     PREINIT:
790     int cnt, i;
791     X509_NAME_ENTRY *e;
792     int nid;
793     ASN1_STRING *s;
794     PPCODE:
795     cnt = X509_NAME_entry_count(name);
796     EXTEND(SP, cnt<<1);
797     for(i = 0; i < cnt; i++) {
798     e = X509_NAME_get_entry(name, i);
799     if(!e)
800     croak("X509_NAME_get_entry");
801     nid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(e));
802     s = X509_NAME_ENTRY_get_data(e);
803     PUSHs(sv_2mortal(newSVpv(OBJ_nid2ln(nid),0)));
804     PUSHs(sv_2mortal(newSVpvn(s->data, s->length)));
805     }
806    
807    
808    
809    
810    
811     void
812     DESTROY(name)
813     X509_NAME *name
814     CODE:
815     if(name) {
816     XD("X509_NAME_free(%p)\n", name);
817     X509_NAME_free(name);
818     }
819    
820    
821     MODULE = OpenSSL PACKAGE = OpenSSL::Rand
822    
823     PROTOTYPES: ENABLE
824    
825     BOOT:
826     {
827     int fd;
828     int rc;
829     ERR_load_RAND_strings();
830     fd = open("/dev/urandom", O_RDONLY);
831     if(fd != -1) {
832     char buf[64];
833     rc = read(fd, buf, 64);
834     if(rc < 1) {
835     warn ("read /dev/urandom");
836     } else {
837     RAND_seed(buf, rc);
838     }
839     close(fd);
840     } else {
841     warn ("can't open /dev/urandom");
842     }
843     }
844    
845    
846    
847     SV *
848     randbytes(nr)
849     IV nr
850     ALIAS:
851     randbytes_hex = 1
852     randbytes_base64 = 2
853     PREINIT:
854     char *p;
855     int rc;
856     CODE:
857     p = malloc(nr+1);
858     if(!p)
859     croak("malloc failed");
860     rc = RAND_bytes(p, nr);
861     if(rc != 1) {
862     free(p);
863     croak("RAND_bytes returned %d", rc);
864     }
865     switch(ix) {
866     case 0:
867     RETVAL = newSVpvn(p, nr);
868     break;
869     case 1:
870     RETVAL = hexsv(p, nr);
871     break;
872     default:
873     RETVAL = base64sv(p, nr);
874     break;
875     }
876     free(p);
877     OUTPUT:
878     RETVAL
879    
880    
881     MODULE = OpenSSL PACKAGE = OpenSSL::X509
882    
883     PROTOTYPES: ENABLE
884    
885     BOOT:
886     {
887     // We have joy we have fun we have seasons in the sun...
888     OpenSSL_add_all_algorithms();
889     OpenSSL_add_all_ciphers();
890     OpenSSL_add_all_digests();
891     SSL_load_error_strings();
892     ERR_load_PEM_strings();
893     ERR_load_PKCS7_strings();
894     ERR_load_PKCS12_strings();
895     ERR_load_ASN1_strings();
896     ERR_load_crypto_strings();
897     ERR_load_RAND_strings();
898     ERR_load_X509_strings();
899     ERR_load_X509V3_strings();
900     ERR_load_DH_strings();
901     ERR_load_DSA_strings();
902     ERR_load_RSA_strings();
903     }
904    
905    
906     void
907     new_X509()
908     PREINIT:
909     X509 *x509;
910     PPCODE:
911     if((x509=X509_new()) == NULL)
912     croak("X509_new");
913     if(!X509_set_version(x509, 2)) {
914     X509_free(x509);
915     croak("X509_set_version");
916     }
917     ASN1_INTEGER_set(X509_get_serialNumber(x509),0L);
918     EXTEND(sp, 1);
919     PUSHs(sv_newmortal());
920     sv_setref_pv(ST(0), "OpenSSL::X509", (void *) x509);
921    
922    
923     void
924     new_from_string(thing)
925     SV *thing
926     ALIAS:
927     new_from_file = 1
928     PREINIT:
929     BIO *bio;
930     X509 *x509;
931     STRLEN l;
932     char *p, *q = 0;
933     PPCODE:
934     p = SvPV(thing, l);
935     if(ix == 1) {
936     bio = BIO_new_file(p, "r");
937     } else {
938     bio = BIO_new_mem_buf (p, l);
939     }
940     if(!bio)
941     croak(ssl_error());
942    
943     x509 = PEM_read_bio_X509 (bio, 0, 0, 0);
944     BIO_free (bio);
945     if(!x509)
946     croak("PEM_read_bio_X509: %s", ssl_error());
947    
948     EXTEND(sp, 1);
949     PUSHs(sv_newmortal());
950     sv_setref_pv(ST(0), "OpenSSL::X509", (void *) x509);
951    
952     void
953     DESTROY(x509)
954     X509 *x509
955     CODE:
956     if (x509) {
957     XD("X509_free(%p)\n", x509);
958     X509_free(x509);
959     x509 = 0;
960     }
961    
962    
963     char *
964     fingerprint_md5(x509)
965     X509 *x509
966     ALIAS:
967     fingerprint_md2 = 1
968     fingerprint_mdc2 = 2
969     fingerprint_sha1 = 3
970     PREINIT:
971     EVP_MD *mds[] = { EVP_md5(), EVP_md2(), EVP_mdc2(), EVP_sha1() };
972     CODE:
973     RETVAL = dofp(x509, mds[ix]);
974     OUTPUT:
975     RETVAL
976    
977    
978     X509_NAME *
979     subject(x509)
980     X509 *x509
981     CODE:
982     RETVAL = X509_get_subject_name(x509);
983     OUTPUT:
984     RETVAL
985    
986     X509_NAME *
987     issuer(x509)
988     X509 *x509
989     CODE:
990     RETVAL = X509_get_issuer_name(x509);
991     OUTPUT:
992     RETVAL
993    
994    
995     char *
996     subject_txt(x509)
997     X509 *x509
998     CODE:
999     RETVAL = ol(X509_get_subject_name(x509));
1000     OUTPUT:
1001     RETVAL
1002    
1003    
1004     char *
1005     issuer_txt(x509)
1006     X509 *x509
1007     CODE:
1008     RETVAL = ol(X509_get_issuer_name(x509));
1009     OUTPUT:
1010     RETVAL
1011    
1012     ASN1_INTEGER *
1013     serial(x509)
1014     X509 *x509
1015     CODE:
1016     RETVAL = X509_get_serialNumber(x509);
1017     OUTPUT:
1018     RETVAL
1019    
1020    
1021     int
1022     version(x509)
1023     X509 *x509
1024     CODE:
1025     RETVAL = X509_get_version(x509);
1026     OUTPUT:
1027     RETVAL
1028    
1029     ASN1_UTCTIME *
1030     notBefore(x509)
1031     X509 *x509
1032     CODE:
1033     RETVAL = X509_get_notBefore(x509);
1034     OUTPUT:
1035     RETVAL
1036    
1037     ASN1_UTCTIME *
1038     notAfter(x509)
1039     X509 *x509
1040     CODE:
1041     RETVAL = X509_get_notAfter(x509);
1042     OUTPUT:
1043     RETVAL
1044    
1045     int
1046     cert_type(x509)
1047     X509 *x509
1048     CODE:
1049     RETVAL = X509_certificate_type(x509, 0);
1050     OUTPUT:
1051     RETVAL
1052    
1053     SV*
1054     as_string(x509,...)
1055     X509 *x509
1056     ALIAS:
1057     as_file = 1
1058     PROTOTYPE: $;$
1059     PREINIT:
1060     BIO *bio;
1061     CODE:
1062     if((ix != 1 && items > 1) || (ix == 1 && items != 2))
1063     croak("OpenSSL::X509::%s: illegal/missing args", (ix == 1) ? "as_file" : " as_string");
1064     if(items > 1) {
1065     bio = sv_bio_create_file(ST(1));
1066     } else {
1067     bio = sv_bio_create();
1068     }
1069     if(!bio)
1070     croak("sv_bio_create");
1071     if(!PEM_write_bio_X509(bio, x509)) {
1072     sv_bio_error(bio);
1073     croak("PEM_write_bio_X509: %s", ssl_error());
1074     }
1075     RETVAL = sv_bio_final(bio);
1076     OUTPUT:
1077     RETVAL
1078    
1079     SV*
1080     info(x509)
1081     X509 *x509
1082     PREINIT:
1083     BIO *bio;
1084     CODE:
1085     bio = sv_bio_create();
1086     if(!X509_print(bio,x509)) {
1087     sv_bio_error(bio);
1088     croak("X509_print: %s", ssl_error());
1089     }
1090     RETVAL = sv_bio_final(bio);
1091     OUTPUT:
1092     RETVAL
1093    
1094     void
1095     set_issuer(x509,name)
1096     X509 *x509
1097     X509_NAME *name
1098     CODE:
1099     X509_set_issuer_name(x509, X509_NAME_dup(name));
1100    
1101     void
1102     set_subject(x509,name)
1103     X509 *x509
1104     X509_NAME *name
1105     CODE:
1106     X509_set_subject_name(x509, X509_NAME_dup(name));
1107    
1108     SV *
1109     errstring(x509)
1110     X509 *x509
1111     PREINIT:
1112     BIO *bio;
1113     CODE:
1114     bio = sv_bio_create();
1115     ERR_print_errors(bio);
1116     RETVAL = sv_bio_final(bio);
1117     ERR_clear_error();
1118     OUTPUT:
1119     RETVAL
1120    
1121    
1122     MODULE = OpenSSL PACKAGE = OpenSSL::Cipher
1123    
1124     PROTOTYPES: ENABLE
1125    
1126     BOOT:
1127     {
1128     cipher_boot();
1129     }
1130    
1131     void
1132     DESTROY(ctx)
1133     EVP_CIPHER_CTX *ctx
1134     CODE:
1135     if(ctx) {
1136     EVP_CIPHER_CTX_cleanup(ctx);
1137     free(ctx);
1138     }
1139    
1140     void
1141     new_decrypt(...)
1142     ALIAS:
1143     new_encrypt = 1
1144     PREINIT:
1145     char *name;
1146     SV *svkey;
1147     EVP_CIPHER *ci;
1148     EVP_CIPHER_CTX *ctx;
1149     char *key;
1150     char iv[EVP_MAX_IV_LENGTH];
1151     char k[EVP_MAX_KEY_LENGTH];
1152     int rc;
1153     STRLEN keylen;
1154     PPCODE:
1155     if(items < 2 || items > 3) {
1156     croak("usage: new_[en|de]crypt(ciphname,key)");
1157     }
1158     name = SvPV_nolen(ST(items -2));
1159     svkey = ST(items - 1);
1160     memset(iv, 0, EVP_MAX_IV_LENGTH);
1161     memset(k, 0, EVP_MAX_KEY_LENGTH);
1162    
1163     if(!(ci = lookup_cipher(name)))
1164     croak("OpenSSL::Cipher::new: no such cipher \"%s\"", name);
1165     ctx = (EVP_CIPHER_CTX *) malloc(sizeof(EVP_CIPHER_CTX));
1166     if(!ctx)
1167     croak("malloc error");
1168     key = SvPV(svkey, keylen);
1169     memcpy(k, key, (keylen <= ci->key_len) ? keylen : ci->key_len);
1170     rc = EVP_CipherInit(ctx, ci, k, iv, ix);
1171     memset(iv, 0, EVP_MAX_IV_LENGTH);
1172     memset(iv, 0, EVP_MAX_KEY_LENGTH);
1173     if(!rc) {
1174     free(ctx);
1175     croak("EVP_CipherInit");
1176     }
1177     EXTEND(sp, 1);
1178     PUSHs(sv_newmortal());
1179     sv_setref_pv(ST(0), "OpenSSL::Cipher", (void *) ctx);
1180    
1181    
1182     SV *
1183     update(ctx,svin)
1184     EVP_CIPHER_CTX *ctx
1185     SV *svin
1186     PREINIT:
1187     unsigned char *in, *out;
1188     STRLEN il, ol;
1189     CODE:
1190     in = SvPV(svin, il);
1191     ol = (il + 63) & ~63;
1192     RETVAL = NEWSV(0, ol);
1193     SvPOK_only(RETVAL);
1194     SvCUR_set(RETVAL, ol);
1195     out = SvPV_nolen(RETVAL);
1196     if(!out)
1197     croak("memory");
1198     if(!EVP_CipherUpdate(ctx, out, &ol, in, il)) {
1199     sv_free(RETVAL);
1200     croak("EVP_CipherUpdate");
1201     }
1202     SvCUR_set(RETVAL, ol);
1203     OUTPUT:
1204     RETVAL
1205    
1206     SV *
1207     final(ctx)
1208     EVP_CIPHER_CTX *ctx
1209     PREINIT:
1210     STRLEN ol;
1211     unsigned char *out;
1212     CODE:
1213     ol = 256;
1214     RETVAL = NEWSV(0, ol);
1215     SvPOK_only(RETVAL);
1216     SvCUR_set(RETVAL, ol);
1217     out = SvPV_nolen(RETVAL);
1218     if(!out)
1219     croak("memory");
1220     if(!EVP_CipherFinal(ctx, out, &ol)) {
1221     sv_free(RETVAL);
1222     croak("EVP_CipherFinal %s", ssl_error());
1223     }
1224     SvCUR_set(RETVAL, ol);
1225     OUTPUT:
1226     RETVAL
1227    
1228     void
1229     enum_ciphers()
1230     PREINIT:
1231     int i;
1232     PPCODE:
1233     EXTEND(SP, cip_cnt<<1);
1234     for(i = 0; i < cip_cnt; i++) {
1235     PUSHs(sv_2mortal(newSVpv(cip_list[i].name, 0)));
1236     PUSHs(sv_2mortal(newSViv(cip_list[i].func->key_len)));
1237     }
1238    
1239    
1240    
1241    
1242     MODULE = OpenSSL PACKAGE = OpenSSL::Digest
1243    
1244     PROTOTYPES: ENABLE
1245    
1246     BOOT:
1247     {
1248     mds_boot();
1249     }
1250    
1251     SV *
1252     md2(sv)
1253     SV *sv
1254     ALIAS:
1255     md4 = 0x1
1256     md5 = 0x2
1257     sha = 0x3
1258     sha1 = 0x4
1259     dss = 0x5
1260     dss1 = 0x6
1261     mdc2 = 0x7
1262     ripemd160 = 0x8
1263     md2_hex = 0x10
1264     md4_hex = 0x11
1265     md5_hex = 0x12
1266     sha_hex = 0x13
1267     sha1_hex = 0x14
1268     dss_hex = 0x15
1269     dss1_hex = 0x16
1270     mdc2_hex = 0x17
1271     ripemd160_hex = 0x18
1272     md2_base64 = 0x20
1273     md4_base64 = 0x21
1274     md5_base64 = 0x22
1275     sha_base64 = 0x23
1276     sha1_base64 = 0x24
1277     dss_base64 = 0x25
1278     dss1_base64 = 0x26
1279     mdc2_base64 = 0x27
1280     ripemd160_base64 = 0x28
1281     PREINIT:
1282     EVP_MD_CTX ctx;
1283     STRLEN l;
1284     char *p;
1285     unsigned char md[EVP_MAX_MD_SIZE];
1286     unsigned int md_len;
1287     CODE:
1288     EVP_DigestInit(&ctx, _mds[NO_FLAGS(ix)]);
1289     p = SvPV(sv, l);
1290     EVP_DigestUpdate(&ctx, p, l);
1291     EVP_DigestFinal(&ctx, md, &md_len);
1292     switch(ix & ~15) {
1293     case 0:
1294     RETVAL = newSVpvn(md, md_len);
1295     break;
1296     case FLAG_HEX:
1297     RETVAL = hexsv(md, md_len);
1298     break;
1299     default:
1300     RETVAL = base64sv(md, md_len);
1301     break;
1302     }
1303     OUTPUT:
1304     RETVAL
1305    
1306    
1307     void
1308     new_md2()
1309     ALIAS:
1310     new_md4 = 0x1
1311     new_md5 = 0x2
1312     mew_sha = 0x3
1313     new_sha1 = 0x4
1314     new_dss = 0x5
1315     new_dss1 = 0x6
1316     new_mdc2 = 0x7
1317     new_ripemd160 = 0x8
1318     PREINIT:
1319     EVP_MD_CTX *ctx;
1320     PPCODE:
1321     ctx = (EVP_MD_CTX *) malloc(sizeof(EVP_MD_CTX));
1322     if(!ctx)
1323     croak("out of memory.");
1324     EVP_DigestInit(ctx, _mds[NO_FLAGS(ix)]);
1325     EXTEND(sp, 1);
1326     PUSHs(sv_newmortal());
1327     sv_setref_pv(ST(0), "OpenSSL::Digest", (void *) ctx);
1328    
1329    
1330     void
1331     DESTROY(ctx)
1332     EVP_MD_CTX *ctx
1333     CODE:
1334     if(ctx)
1335     free(ctx);
1336    
1337     void
1338     update(ctx, sv)
1339     EVP_MD_CTX *ctx
1340     SV *sv
1341     PREINIT:
1342     STRLEN l;
1343     char *p;
1344     CODE:
1345     p = SvPV(sv, l);
1346     EVP_DigestUpdate(ctx, p, l);
1347    
1348    
1349     SV *
1350     final(ctx)
1351     EVP_MD_CTX *ctx
1352     ALIAS:
1353     final_hex = 1
1354     final_base64 = 2
1355     PREINIT:
1356     unsigned char md[EVP_MAX_MD_SIZE];
1357     unsigned int md_len;
1358     CODE:
1359     EVP_DigestFinal(ctx, md, &md_len);
1360     switch(ix) {
1361     case 0:
1362     RETVAL = newSVpvn(md, md_len);
1363     break;
1364     case 1:
1365     RETVAL = hexsv(md, md_len);
1366     break;
1367     default:
1368     RETVAL = base64sv(md, md_len);
1369     break;
1370     }
1371     OUTPUT:
1372     RETVAL
1373    
1374     MODULE = OpenSSL::Digest PACKAGE = OpenSSL::HMAC
1375    
1376     PROTOTYPES: ENABLE
1377    
1378     BOOT:
1379     {
1380     mds_boot();
1381     }
1382    
1383     SV *
1384     md2(svkey, sv)
1385     SV *svkey
1386     SV *sv
1387     ALIAS:
1388     md4 = 0x1
1389     md5 = 0x2
1390     sha = 0x3
1391     sha1 = 0x4
1392     dss = 0x5
1393     dss1 = 0x6
1394     mdc2 = 0x7
1395     ripemd160 = 0x8
1396     md2_hex = 0x10
1397     md4_hex = 0x11
1398     md5_hex = 0x12
1399     sha_hex = 0x13
1400     sha1_hex = 0x14
1401     dss_hex = 0x15
1402     dss1_hex = 0x16
1403     mdc2_hex = 0x17
1404     ripemd160_hex = 0x18
1405     md2_base64 = 0x20
1406     md4_base64 = 0x21
1407     md5_base64 = 0x22
1408     sha_base64 = 0x23
1409     sha1_base64 = 0x24
1410     dss_base64 = 0x25
1411     dss1_base64 = 0x26
1412     mdc2_base64 = 0x27
1413     ripemd160_base64 = 0x28
1414     PREINIT:
1415     HMAC_CTX ctx;
1416     STRLEN l, keylen;
1417     char *p;
1418     char *key;
1419     unsigned char md[EVP_MAX_MD_SIZE];
1420     unsigned int md_len;
1421     CODE:
1422     p = SvPV(sv, l);
1423     key = SvPV(svkey, keylen);
1424     if(!HMAC(_mds[NO_FLAGS(ix)], key, keylen, p, l, md, &md_len))
1425     croak("HMAC");
1426     switch(ix & ~15) {
1427     case 0:
1428     RETVAL = newSVpvn(md, md_len);
1429     break;
1430     case FLAG_HEX:
1431     RETVAL = hexsv(md, md_len);
1432     break;
1433     default:
1434     RETVAL = base64sv(md, md_len);
1435     break;
1436     }
1437     OUTPUT:
1438     RETVAL
1439    
1440    
1441     void
1442     new_md2(void)
1443     ALIAS:
1444     new_md4 = 0x1
1445     new_md5 = 0x2
1446     mew_sha = 0x3
1447     new_sha1 = 0x4
1448     new_dss = 0x5
1449     new_dss1 = 0x6
1450     new_mdc2 = 0x7
1451     new_ripemd160 = 0x8
1452     PREINIT:
1453     EVP_MD_CTX *ctx;
1454     PPCODE:
1455     ctx = (EVP_MD_CTX *) malloc(sizeof(EVP_MD_CTX));
1456     if(!ctx)
1457     croak("out of memory.");
1458     EVP_DigestInit(ctx, _mds[NO_FLAGS(ix)]);
1459     EXTEND(sp, 1);
1460     PUSHs(sv_newmortal());
1461     sv_setref_pv(ST(0), "OpenSSL::Digest", (void *) ctx);
1462    
1463    
1464     void
1465     DESTROY(ctx)
1466     EVP_MD_CTX *ctx
1467     CODE:
1468     if(ctx)
1469     free(ctx);
1470    
1471     void
1472     update(ctx, sv)
1473     EVP_MD_CTX *ctx
1474     SV *sv
1475     PREINIT:
1476     STRLEN l;
1477     char *p;
1478     CODE:
1479     p = SvPV(sv, l);
1480     EVP_DigestUpdate(ctx, p, l);
1481    
1482    
1483     SV *
1484     final(ctx)
1485     EVP_MD_CTX *ctx
1486     ALIAS:
1487     final_hex = 1
1488     final_base64 = 2
1489     PREINIT:
1490     unsigned char md[EVP_MAX_MD_SIZE];
1491     unsigned int md_len;
1492     CODE:
1493     EVP_DigestFinal(ctx, md, &md_len);
1494     switch(ix) {
1495     case 0:
1496     RETVAL = newSVpvn(md, md_len);
1497     break;
1498     case 1:
1499     RETVAL = hexsv(md, md_len);
1500     break;
1501     default:
1502     RETVAL = base64sv(md, md_len);
1503     break;
1504     }
1505     OUTPUT:
1506     RETVAL
1507    
1508    
1509     MODULE = OpenSSL PACKAGE = OpenSSL::PKCS7
1510    
1511     void
1512     new()
1513     PREINIT:
1514     PKCS7 *p7;
1515     PPCODE:
1516     if(!(p7 = PKCS7_new())) {
1517     croak("PKCS7_new");
1518     }
1519     EXTEND(sp, 1);
1520     PUSHs(sv_newmortal());
1521     sv_setref_pv(ST(0), "OpenSSL::PKCS7", (void *) p7);
1522    
1523    
1524     void
1525     DESTROY(p7)
1526     PKCS7 *p7;
1527     CODE:
1528     if(p7) {
1529     XD("PKCS7_free(%p)\n", p7);
1530     PKCS7_free(p7);
1531     }
1532    
1533    
1534     MODULE = OpenSSL PACKAGE = OpenSSL::PKCS12
1535    
1536     void
1537     new()
1538     PREINIT:
1539     PKCS12 *p12;
1540     PPCODE:
1541     if(!(p12 = PKCS12_new())) {
1542     croak("PKCS12_new");
1543     }
1544     EXTEND(sp, 1);
1545     PUSHs(sv_newmortal());
1546     sv_setref_pv(ST(0), "OpenSSL::PKCS12", (void *) p12);
1547    
1548     void
1549     new_from_string(sv)
1550     SV *sv
1551     ALIAS:
1552     new_from_file = 1
1553     PREINIT:
1554     PKCS12 *p12;
1555     BIO *bio;
1556     char *s;
1557     STRLEN len;
1558     PPCODE:
1559     s = SvPV(sv, len);
1560     if(ix == 1) {
1561     bio = BIO_new_file(s, "r");
1562     } else {
1563     bio = BIO_new_mem_buf (s, len);
1564     }
1565     if(!bio)
1566     croak("BIO_new_mem_buf");
1567     if(!(p12 = d2i_PKCS12_bio(bio, 0))) {
1568     BIO_free(bio);
1569     croak("d2i_PKCS12_BIO: %s", ssl_error());
1570     }
1571     BIO_free(bio);
1572     EXTEND(sp, 1);
1573     PUSHs(sv_newmortal());
1574     sv_setref_pv(ST(0), "OpenSSL::PKCS12", (void *) p12);
1575    
1576    
1577     SV*
1578     mac_ok(p12, pwd)
1579     PKCS12 *p12
1580     char *pwd
1581     CODE:
1582    
1583     RETVAL = (PKCS12_verify_mac(p12, pwd, strlen(pwd))) ? &PL_sv_yes : &PL_sv_no;
1584     OUTPUT:
1585     RETVAL
1586    
1587     void
1588     changepass(p12, oldpwd, newpwd)
1589     PKCS12 *p12
1590     SV *oldpwd
1591     SV *newpwd
1592     PREINIT:
1593     char *op = 0;
1594     char *np = 0;
1595     CODE:
1596     if(oldpwd != &PL_sv_undef)
1597     op = SvPV_nolen(oldpwd);
1598     if(newpwd != &PL_sv_undef)
1599     np = SvPV_nolen(newpwd);
1600     if(!PKCS12_newpass(p12, op, np)) {
1601     croak("PKCS12_newpass: %s", ssl_error());
1602     }
1603    
1604     SV*
1605     as_string(p12,...)
1606     PKCS12 *p12
1607     ALIAS:
1608     as_file = 1
1609     PROTOTYPE: $;$
1610     PREINIT:
1611     SV *sv;
1612     BIO *bio;
1613     CODE:
1614     if((ix != 1 && items > 1) || (ix == 1 && items != 2))
1615     croak("OpenSSL::PKCS12::%s: illegal/missing args", (ix == 1) ? "as_file" : "as_string");
1616     if(items > 1) {
1617     bio = sv_bio_create_file(ST(1));
1618     } else {
1619     bio = sv_bio_create();
1620     }
1621     if(!bio)
1622     croak("sv_bio_create");
1623     if(!i2d_PKCS12_bio(bio, p12)) {
1624     sv_bio_error(bio);
1625     croak("i2d_PKCS12_bio: %s", ssl_error());
1626     }
1627     RETVAL = sv_bio_final(bio);
1628     OUTPUT:
1629     RETVAL
1630    
1631     void
1632     DESTROY(p12)
1633     PKCS12 *p12;
1634     CODE:
1635     if(p12) {
1636     XD("PKCS12_free(%p)\n", p12);
1637     PKCS12_free(p12);
1638     }
1639    
1640    
1641     MODULE = OpenSSL PACKAGE = OpenSSL::CRL
1642    
1643     void
1644     new_from_string(thing)
1645     SV *thing
1646     ALIAS:
1647     new_from_file = 1
1648     PREINIT:
1649     BIO *bio;
1650     X509_CRL *crl;
1651     STRLEN l;
1652     char *p, *q = 0;
1653     PPCODE:
1654     p = SvPV(thing, l);
1655     if(ix == 1) {
1656     bio = BIO_new_file(p, "r");
1657     } else {
1658     bio = BIO_new_mem_buf (p, l);
1659     }
1660     if(!bio)
1661     croak(ssl_error());
1662    
1663     crl = PEM_read_bio_X509_CRL (bio, 0, 0, 0);
1664     BIO_free (bio);
1665     if(!crl)
1666     croak("PEM_read_bio_X509_CRL: %s", ssl_error());
1667    
1668     EXTEND(sp, 1);
1669     PUSHs(sv_newmortal());
1670     sv_setref_pv(ST(0), "OpenSSL::CRL", (void *) crl);
1671    
1672     void
1673     DESTROY(crl)
1674     X509_CRL *crl
1675     CODE:
1676     if (crl) {
1677     XD("X509_CRL_free (%p)\n", crl);
1678     X509_CRL_free(crl);
1679     crl = 0;
1680     }
1681    
1682     SV*
1683     info(crl)
1684     X509_CRL *crl
1685     PREINIT:
1686     BIO *bio;
1687     CODE:
1688     bio = sv_bio_create();
1689     if(!X509_CRL_print(bio,crl)) {
1690     sv_bio_error(bio);
1691     croak("X509_CRL_print: %s", ssl_error());
1692     }
1693     RETVAL = sv_bio_final(bio);
1694     OUTPUT:
1695     RETVAL
1696