sha1-s390x.pl: lingering comment update.

[openssl.git] / crypto / pkcs12 / p12_crt.c

diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c
index 77b5845ea95a26e999c0b8320f34295412deff34..96b131defa0cadb3df00e170698913c5952257f2 100644 (file)
--- a/crypto/pkcs12/p12_crt.c
+++ b/crypto/pkcs12/p12_crt.c
@@ -1,5 +1,5 @@
 /* p12_crt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
@@ -63,6 +63,19 @@
 
 static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag);
 
+static int copy_bag_attr(PKCS12_SAFEBAG *bag, EVP_PKEY *pkey, int nid)
+       {
+       int idx;
+       X509_ATTRIBUTE *attr;
+       idx = EVP_PKEY_get_attr_by_NID(pkey, nid, -1);
+       if (idx < 0)
+               return 1;
+       attr = EVP_PKEY_get_attr(pkey, idx);
+       if (!X509at_add1_attr(&bag->attrib, attr))
+               return 0;
+       return 1;
+       }
+
 PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
             STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter,
             int keytype)
@@ -123,8 +136,15 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
        if (pkey)
                {
                bag = PKCS12_add_key(&bags, pkey, keytype, iter, nid_key, pass);
+
                if (!bag)
                        goto err;
+
+               if (!copy_bag_attr(bag, pkey, NID_ms_csp_name))
+                       goto err;
+               if (!copy_bag_attr(bag, pkey, NID_LocalKeySet))
+                       goto err;
+
                if(name && !PKCS12_add_friendlyname(bag, name, -1))
                        goto err;
                if(keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
@@ -139,6 +159,9 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
 
        p12 = PKCS12_add_safes(safes, 0);
 
+       if (!p12)
+               goto err;
+
        sk_PKCS7_pop_free(safes, PKCS7_free);
 
        safes = NULL;