#include <stdio.h>
#include "cryptlib.h"
-#include "pkcs12.h"
+#include <openssl/pkcs12.h>
/* Pack an object into an OCTET STRING and turn into a safebag */
-PKCS12_SAFEBAG *PKCS12_pack_safebag (obj, i2d, nid1, nid2)
-char *obj;
-int (*i2d)();
-int nid1;
-int nid2;
-
+PKCS12_SAFEBAG *PKCS12_pack_safebag (char *obj, int (*i2d)(), int nid1,
+ int nid2)
{
PKCS12_BAGS *bag;
PKCS12_SAFEBAG *safebag;
/* Turn PKCS8 object into a keybag */
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG (p8)
-PKCS8_PRIV_KEY_INFO *p8;
+PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG (PKCS8_PRIV_KEY_INFO *p8)
{
PKCS12_SAFEBAG *bag;
if (!(bag = PKCS12_SAFEBAG_new())) {
- PKCS12err(PKCS12_F_PKCS12_MAKE_SAFEBAG, ERR_R_MALLOC_FAILURE);
+ PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG,ERR_R_MALLOC_FAILURE);
return NULL;
}
bag->type = OBJ_nid2obj(NID_keyBag);
/* Turn PKCS8 object into a shrouded keybag */
-PKCS12_SAFEBAG
- *PKCS12_MAKE_SHKEYBAG (pbe_nid, pass, passlen, salt, saltlen, iter, p8)int pbe_nid;
-unsigned char *pass;
-int passlen;
-unsigned char *salt;
-int saltlen;
-int iter;
-PKCS8_PRIV_KEY_INFO *p8;
+PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG (int pbe_nid, const char *pass,
+ int passlen, unsigned char *salt, int saltlen, int iter,
+ PKCS8_PRIV_KEY_INFO *p8)
{
PKCS12_SAFEBAG *bag;
bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
if (!(bag->value.shkeybag =
- PKCS8_encrypt(pbe_nid, pass, passlen, salt, saltlen, iter, p8))) {
+ PKCS8_encrypt(pbe_nid, NULL, pass, passlen, salt, saltlen, iter,
+ p8))) {
PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
return NULL;
}
}
/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
-PKCS7 *PKCS12_pack_p7data (sk)
-STACK *sk;
+PKCS7 *PKCS12_pack_p7data (STACK *sk)
{
PKCS7 *p7;
if (!(p7 = PKCS7_new())) {
- PKCS12err(PKCS12_F_PKCS12_PACK_P7_DATA, ERR_R_MALLOC_FAILURE);
+ PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
return NULL;
}
p7->type = OBJ_nid2obj(NID_pkcs7_data);
- if (!(p7->d.data = ASN1_OCTET_STRING_new())) {
- PKCS12err(PKCS12_F_PKCS12_PACK_P7_DATA, ERR_R_MALLOC_FAILURE);
+ if (!(p7->d.data = M_ASN1_OCTET_STRING_new())) {
+ PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
return NULL;
}
/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
-PKCS7 *PKCS12_pack_p7encdata (pbe_nid, pass, passlen, salt, saltlen, iter,
- bags)
-int pbe_nid;
-unsigned char *pass;
-int passlen;
-unsigned char *salt;
-int saltlen;
-int iter;
-STACK *bags;
+PKCS7 *PKCS12_pack_p7encdata (int pbe_nid, const char *pass, int passlen,
+ unsigned char *salt, int saltlen, int iter, STACK *bags)
{
PKCS7 *p7;
X509_ALGOR *pbe;
PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
return NULL;
}
- p7->type = OBJ_nid2obj(NID_pkcs7_encrypted);
- if (!(p7->d.encrypted = PKCS7_ENCRYPT_new ())) {
- PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
+ if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
+ PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
+ PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
return NULL;
}
- ASN1_INTEGER_set (p7->d.encrypted->version, 0);
- p7->d.encrypted->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data);
if (!(pbe = PKCS5_pbe_set (pbe_nid, iter, salt, saltlen))) {
PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
return NULL;
}
X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
p7->d.encrypted->enc_data->algorithm = pbe;
- ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
+ M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
if (!(p7->d.encrypted->enc_data->enc_data =
PKCS12_i2d_encrypt (pbe, i2d_PKCS12_SAFEBAG, pass, passlen,
(char *)bags, 1))) {
return p7;
}
-X509_SIG *PKCS8_encrypt (pbe_nid, pass, passlen, salt, saltlen, iter, p8inf)
-int pbe_nid;
-unsigned char *pass;
-int passlen;
-unsigned char *salt;
-int saltlen;
-int iter;
-PKCS8_PRIV_KEY_INFO *p8inf;
+X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
+ const char *pass, int passlen,
+ unsigned char *salt, int saltlen, int iter,
+ PKCS8_PRIV_KEY_INFO *p8inf)
{
X509_SIG *p8;
X509_ALGOR *pbe;
if (!(p8 = X509_SIG_new())) {
PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
- return NULL;
+ goto err;
}
- if (!(pbe = PKCS5_pbe_set (pbe_nid, iter, salt, saltlen))) {
- PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
- return NULL;
+ if(pbe_nid == -1) pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
+ else pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
+ if(!pbe) {
+ PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB);
+ goto err;
}
X509_ALGOR_free(p8->algor);
p8->algor = pbe;
- ASN1_OCTET_STRING_free(p8->digest);
+ M_ASN1_OCTET_STRING_free(p8->digest);
if (!(p8->digest =
PKCS12_i2d_encrypt (pbe, i2d_PKCS8_PRIV_KEY_INFO, pass, passlen,
(char *)p8inf, 0))) {
PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
- return NULL;
+ goto err;
}
return p8;
+
+ err:
+ X509_SIG_free(p8);
+ return NULL;
}
projects / openssl.git / blobdiff