Fix CRL printing to correctly show when there are no revoked certificates.

[openssl.git] / crypto / pkcs12 / p12_crt.c

diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c
index a5f17c51a772d00cd5511228a1fcf35680a49c83..4c36c643ce683b2222126255c637c6066c52a791 100644 (file)
--- a/crypto/pkcs12/p12_crt.c
+++ b/crypto/pkcs12/p12_crt.c
@@ -86,13 +86,15 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
                return NULL;
        }
 
-       if(!(bags = sk_PKCS12_SAFEBAG_new (NULL))) {
+       if(!X509_check_private_key(cert, pkey)) return NULL;
+
+       if(!(bags = sk_PKCS12_SAFEBAG_new_null ())) {
                PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
                return NULL;
        }
 
        /* Add user certificate */
-       if(!(bag = M_PKCS12_x5092certbag(cert))) return NULL;
+       if(!(bag = PKCS12_x5092certbag(cert))) return NULL;
        if(name && !PKCS12_add_friendlyname(bag, name, -1)) return NULL;
        X509_digest(cert, EVP_sha1(), keyid, &keyidlen);
        if(!PKCS12_add_localkeyid(bag, keyid, keyidlen)) return NULL;
@@ -106,7 +108,7 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
        if(ca) {
                for(i = 0; i < sk_X509_num(ca); i++) {
                        tcert = sk_X509_value(ca, i);
-                       if(!(bag = M_PKCS12_x5092certbag(tcert))) return NULL;
+                       if(!(bag = PKCS12_x5092certbag(tcert))) return NULL;
                        if(!sk_PKCS12_SAFEBAG_push(bags, bag)) {
                                PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
                                return NULL;
@@ -121,7 +123,7 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
 
        if (!authsafe) return NULL;
 
-       if(!(safes = sk_PKCS7_new (NULL))
+       if(!(safes = sk_PKCS7_new_null ())
           || !sk_PKCS7_push(safes, authsafe)) {
                PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
                return NULL;
@@ -135,7 +137,7 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
        PKCS8_PRIV_KEY_INFO_free(p8);
         if (name && !PKCS12_add_friendlyname (bag, name, -1)) return NULL;
        if(!PKCS12_add_localkeyid (bag, keyid, keyidlen)) return NULL;
-       if(!(bags = sk_PKCS12_SAFEBAG_new(NULL))
+       if(!(bags = sk_PKCS12_SAFEBAG_new_null())
           || !sk_PKCS12_SAFEBAG_push (bags, bag)) {
                PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
                return NULL;
@@ -150,7 +152,7 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
 
        if(!(p12 = PKCS12_init (NID_pkcs7_data))) return NULL;
 
-       if(!M_PKCS12_pack_authsafes (p12, safes)) return NULL;
+       if(!PKCS12_pack_authsafes (p12, safes)) return NULL;
 
        sk_PKCS7_pop_free(safes, PKCS7_free);