int get_cert_chain(X509 *cert, STACK_OF(X509) **chain);
int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int options, char *pempass);
-int dump_certs_pkeys_bags(BIO *out, STACK *bags, char *pass, int passlen, int options, char *pempass);
+int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, char *pass,
+ int passlen, int options, char *pempass);
int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options, char *pempass);
int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name);
void hex_prin(BIO *out, unsigned char *buf, int len);
if (export_cert) {
EVP_PKEY *key;
- STACK *bags, *safes;
+ STACK_OF(PKCS12_SAFEBAG) *bags;
+ STACK *safes;
PKCS12_SAFEBAG *bag;
PKCS8_PRIV_KEY_INFO *p8;
PKCS7 *authsafe;
goto end;
}
- bags = sk_new (NULL);
+ bags = sk_PKCS12_SAFEBAG_new (NULL);
/* Add any more certificates asked for */
if (certsin) {
PKCS12_add_localkeyid(bag, keyid, keyidlen);
} else if((catmp = sk_shift(canames)))
PKCS12_add_friendlyname(bag, catmp, -1);
- sk_push(bags, (char *)bag);
+ sk_PKCS12_SAFEBAG_push(bags, bag);
}
sk_X509_pop_free(certs, X509_free);
if (canames) sk_free(canames);
/* Turn certbags into encrypted authsafe */
authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0,
iter, bags);
- sk_pop_free(bags, (void(*)(void *)) PKCS12_SAFEBAG_free);
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
if (!authsafe) {
ERR_print_errors (bio_err);
PKCS8_PRIV_KEY_INFO_free(p8);
if (name) PKCS12_add_friendlyname (bag, name, -1);
PKCS12_add_localkeyid (bag, keyid, keyidlen);
- bags = sk_new(NULL);
- sk_push (bags, (char *)bag);
+ bags = sk_PKCS12_SAFEBAG_new(NULL);
+ sk_PKCS12_SAFEBAG_push (bags, bag);
/* Turn it into unencrypted safe bag */
authsafe = PKCS12_pack_p7data (bags);
- sk_pop_free(bags, (void(*)(void *)) PKCS12_SAFEBAG_free);
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
sk_push (safes, (char *)authsafe);
p12 = PKCS12_init (NID_pkcs7_data);
int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass,
int passlen, int options, char *pempass)
{
- STACK *asafes, *bags;
+ STACK *asafes;
+ STACK_OF(PKCS12_SAFEBAG) *bags;
int i, bagnid;
PKCS7 *p7;
if (!( asafes = M_PKCS12_unpack_authsafes (p12))) return 0;
if (!bags) return 0;
if (!dump_certs_pkeys_bags (out, bags, pass, passlen,
options, pempass)) {
- sk_pop_free (bags, (void(*)(void *)) PKCS12_SAFEBAG_free);
+ sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free);
return 0;
}
- sk_pop_free (bags, (void(*)(void *)) PKCS12_SAFEBAG_free);
+ sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free);
}
sk_pop_free (asafes, (void(*)(void *)) PKCS7_free);
return 1;
}
-int dump_certs_pkeys_bags (BIO *out, STACK *bags, char *pass,
- int passlen, int options, char *pempass)
+int dump_certs_pkeys_bags (BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
+ char *pass, int passlen, int options, char *pempass)
{
int i;
- for (i = 0; i < sk_num (bags); i++) {
+ for (i = 0; i < sk_PKCS12_SAFEBAG_num (bags); i++) {
if (!dump_certs_pkeys_bag (out,
- (PKCS12_SAFEBAG *)sk_value (bags, i), pass, passlen,
- options, pempass)) return 0;
+ sk_PKCS12_SAFEBAG_value (bags, i),
+ pass, passlen,
+ options, pempass))
+ return 0;
}
return 1;
}
#define MBSTRING_UNIV (MBSTRING_FLAG|3)
#define MBSTRING_UTF8 (MBSTRING_FLAG|4)
+struct X509_algor_st;
+
#define DECLARE_ASN1_SET_OF(type) \
int i2d_ASN1_SET_OF_##type(STACK_OF(type) *a,unsigned char **pp, \
int (*func)(type *,unsigned char **), int ex_tag, \
type *(*func)(type **, \
unsigned char **,long), \
void (*free_func)(type *), \
- int ex_tag,int ex_class);
+ int ex_tag,int ex_class); \
+unsigned char *ASN1_seq_pack_##type(STACK_OF(type) *st, \
+ int (*i2d)(type *,unsigned char **), \
+ unsigned char **buf,int *len); \
+STACK_OF(type) *ASN1_seq_unpack_##type(unsigned char *buf,int len, \
+ type *(*d2i)(type **,unsigned char **, \
+ long), \
+ void (*free_func)(type *));
#define IMPLEMENT_ASN1_SET_OF(type) \
int i2d_ASN1_SET_OF_##type(STACK_OF(type) *a,unsigned char **pp, \
{ return (STACK_OF(type) *)d2i_ASN1_SET((STACK **)a,pp,length, \
(char *(*)())func, \
(void (*)())free_func, \
- ex_tag,ex_class); }
+ ex_tag,ex_class); } \
+unsigned char *ASN1_seq_pack_##type(STACK_OF(type) *st, \
+ int (*i2d)(type *,unsigned char **), \
+ unsigned char **buf,int *len) \
+ { return ASN1_seq_pack((STACK *)st,i2d,buf,len); } \
+STACK_OF(type) *ASN1_seq_unpack_##type(unsigned char *buf,int len, \
+ type *(*d2i)(type **,unsigned char **, \
+ long), \
+ void (*free_func)(type *)) \
+ { return (STACK_OF(type) *)ASN1_seq_unpack(buf,len,(char *(*)())d2i, \
+ (void(*)(void *))free_func); }
typedef struct asn1_ctx_st
{
STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
void (*free_func)() );
unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
- int *len );
+ int *len );
void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)());
ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_OCTET_STRING **oct);
}
/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
-PKCS7 *PKCS12_pack_p7data (STACK *sk)
+PKCS7 *PKCS12_pack_p7data (STACK_OF(PKCS12_SAFEBAG) *sk)
{
PKCS7 *p7;
if (!(p7 = PKCS7_new())) {
return NULL;
}
- if (!ASN1_seq_pack(sk, i2d_PKCS12_SAFEBAG, &p7->d.data->data,
- &p7->d.data->length)) {
+ if (!ASN1_seq_pack_PKCS12_SAFEBAG(sk, i2d_PKCS12_SAFEBAG,
+ &p7->d.data->data,
+ &p7->d.data->length)) {
PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE);
return NULL;
}
/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
PKCS7 *PKCS12_pack_p7encdata (int pbe_nid, const char *pass, int passlen,
- unsigned char *salt, int saltlen, int iter, STACK *bags)
+ unsigned char *salt, int saltlen, int iter,
+ STACK_OF(PKCS12_SAFEBAG) *bags)
{
PKCS7 *p7;
X509_ALGOR *pbe;
int keytype)
{
PKCS12 *p12;
- STACK *bags, *safes;
+ STACK_OF(PKCS12_SAFEBAG) *bags;
+ STACK *safes;
PKCS12_SAFEBAG *bag;
PKCS8_PRIV_KEY_INFO *p8;
PKCS7 *authsafe;
return NULL;
}
- if(!(bags = sk_new (NULL))) {
+ if(!(bags = sk_PKCS12_SAFEBAG_new (NULL))) {
PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
return NULL;
}
X509_digest(cert, EVP_sha1(), keyid, &keyidlen);
if(!PKCS12_add_localkeyid(bag, keyid, keyidlen)) return NULL;
- if(!sk_push(bags, (char *)bag)) {
+ if(!sk_PKCS12_SAFEBAG_push(bags, bag)) {
PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
return NULL;
}
for(i = 0; i < sk_X509_num(ca); i++) {
tcert = sk_X509_value(ca, i);
if(!(bag = M_PKCS12_x5092certbag(tcert))) return NULL;
- if(!sk_push(bags, (char *)bag)) {
+ if(!sk_PKCS12_SAFEBAG_push(bags, bag)) {
PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
return NULL;
}
/* Turn certbags into encrypted authsafe */
authsafe = PKCS12_pack_p7encdata (nid_cert, pass, -1, NULL, 0,
iter, bags);
- sk_pop_free(bags, (void(*)(void *)) PKCS12_SAFEBAG_free);
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
if (!authsafe) return NULL;
PKCS8_PRIV_KEY_INFO_free(p8);
if (name && !PKCS12_add_friendlyname (bag, name, -1)) return NULL;
if(!PKCS12_add_localkeyid (bag, keyid, keyidlen)) return NULL;
- if(!(bags = sk_new(NULL)) || !sk_push (bags, (char *)bag)) {
+ if(!(bags = sk_PKCS12_SAFEBAG_new(NULL))
+ || !sk_PKCS12_SAFEBAG_push (bags, bag)) {
PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
return NULL;
}
/* Turn it into unencrypted safe bag */
if(!(authsafe = PKCS12_pack_p7data (bags))) return NULL;
- sk_pop_free(bags, (void(*)(void *)) PKCS12_SAFEBAG_free);
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
if(!sk_push(safes, (char *)authsafe)) {
PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
return NULL;
static int parse_pk12( PKCS12 *p12, const char *pass, int passlen,
EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
-static int parse_bags( STACK *bags, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
- ASN1_OCTET_STRING **keyid, char *keymatch);
+static int parse_bags( STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
+ int passlen, EVP_PKEY **pkey, X509 **cert,
+ STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
+ char *keymatch);
static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
{
- STACK *asafes, *bags;
+ STACK *asafes;
+ STACK_OF(PKCS12_SAFEBAG) *bags;
int i, bagnid;
PKCS7 *p7;
ASN1_OCTET_STRING *keyid = NULL;
}
if (!parse_bags(bags, pass, passlen, pkey, cert, ca,
&keyid, &keymatch)) {
- sk_pop_free(bags, (void(*)(void *)) PKCS12_SAFEBAG_free);
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
sk_pop_free(asafes, (void(*)(void *)) PKCS7_free);
return 0;
}
- sk_pop_free(bags, (void(*)(void *)) PKCS12_SAFEBAG_free);
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
}
sk_pop_free(asafes, (void(*)(void *)) PKCS7_free);
if (keyid) M_ASN1_OCTET_STRING_free(keyid);
}
-static int parse_bags (STACK *bags, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
- ASN1_OCTET_STRING **keyid, char *keymatch)
+static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
+ int passlen, EVP_PKEY **pkey, X509 **cert,
+ STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
+ char *keymatch)
{
int i;
- for (i = 0; i < sk_num(bags); i++) {
- if (!parse_bag((PKCS12_SAFEBAG *)sk_value (bags, i),
+ for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
+ if (!parse_bag(sk_PKCS12_SAFEBAG_value (bags, i),
pass, passlen, pkey, cert, ca, keyid,
keymatch)) return 0;
}
/* PKCS#12 password change routine */
static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass);
-static int newpass_bags(STACK *bags, char *oldpass, char *newpass);
+static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
+ char *newpass);
static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass);
static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
{
- STACK *asafes, *newsafes, *bags;
+ STACK *asafes, *newsafes;
+ STACK_OF(PKCS12_SAFEBAG) *bags;
int i, bagnid, pbe_nid, pbe_iter, pbe_saltlen;
PKCS7 *p7, *p7new;
ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL;
unsigned char mac[EVP_MAX_MD_SIZE];
unsigned int maclen;
+
if (!(asafes = M_PKCS12_unpack_authsafes(p12))) return 0;
if(!(newsafes = sk_new(NULL))) return 0;
for (i = 0; i < sk_num (asafes); i++) {
return 0;
}
if (!newpass_bags(bags, oldpass, newpass)) {
- sk_pop_free(bags, (void(*)(void *)) PKCS12_SAFEBAG_free);
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
sk_pop_free(asafes, (void(*)(void *)) PKCS7_free);
return 0;
}
if (bagnid == NID_pkcs7_data) p7new = PKCS12_pack_p7data(bags);
else p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL,
pbe_saltlen, pbe_iter, bags);
- sk_pop_free(bags, (void(*)(void *)) PKCS12_SAFEBAG_free);
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
if(!p7new) {
sk_pop_free(asafes, (void(*)(void *)) PKCS7_free);
return 0;
}
-static int newpass_bags(STACK *bags, char *oldpass, char *newpass)
+static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
+ char *newpass)
{
int i;
- for (i = 0; i < sk_num(bags); i++) {
- if (!newpass_bag((PKCS12_SAFEBAG *)sk_value(bags, i),
- oldpass, newpass)) return 0;
+ for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
+ if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i),
+ oldpass, newpass))
+ return 0;
}
return 1;
}
break;
case NID_safeContentsBag:
- M_ASN1_I2D_len_EXP_SEQUENCE_opt (a->value.safes,
- i2d_PKCS12_SAFEBAG, 0, V_ASN1_SEQUENCE, v);
+ M_ASN1_I2D_len_EXP_SEQUENCE_opt_type
+ (PKCS12_SAFEBAG, a->value.safes, i2d_PKCS12_SAFEBAG,
+ 0, V_ASN1_SEQUENCE, v);
break;
case NID_certBag:
break;
case NID_safeContentsBag:
- M_ASN1_I2D_put_EXP_SEQUENCE_opt (a->value.safes,
- i2d_PKCS12_SAFEBAG, 0, V_ASN1_SEQUENCE, v);
+ M_ASN1_I2D_put_EXP_SEQUENCE_opt_type
+ (PKCS12_SAFEBAG, a->value.safes, i2d_PKCS12_SAFEBAG,
+ 0, V_ASN1_SEQUENCE, v);
break;
case NID_certBag:
break;
case NID_safeContentsBag:
- M_ASN1_D2I_get_EXP_set_opt(ret->value.safes,
- d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free,
- 0, V_ASN1_SEQUENCE);
+ M_ASN1_D2I_get_EXP_set_opt_type
+ (PKCS12_SAFEBAG, ret->value.safes,
+ d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free, 0,
+ V_ASN1_SEQUENCE);
break;
case NID_certBag:
sk_X509_ATTRIBUTE_pop_free (a->attrib, X509_ATTRIBUTE_free);
Free (a);
}
+
+IMPLEMENT_STACK_OF(PKCS12_SAFEBAG)
+IMPLEMENT_ASN1_SET_OF(PKCS12_SAFEBAG)
+IMPLEMENT_PKCS12_STACK_OF(PKCS12_SAFEBAG)
extern "C" {
#endif
+#define DECLARE_PKCS12_STACK_OF(type) \
+STACK_OF(type) *PKCS12_decrypt_d2i_##type(struct X509_algor_st *algor, \
+ type *(*d2i)(type **, \
+ unsigned char **, \
+ long), \
+ void (*free_func)(type *), \
+ const char *pass, int passlen, \
+ ASN1_STRING *oct, int seq);
+
+#define IMPLEMENT_PKCS12_STACK_OF(type) \
+STACK_OF(type) *PKCS12_decrypt_d2i_##type(struct X509_algor_st *algor, \
+ type *(*d2i)(type **, \
+ unsigned char **, \
+ long), \
+ void (*free_func)(type *), \
+ const char *pass, int passlen, \
+ ASN1_STRING *oct, int seq) \
+ { return (STACK_OF(type) *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i, \
+ (void(*)(void *))free_func, \
+ pass,passlen,oct,seq); }
+
#define PKCS12_KEY_ID 1
#define PKCS12_IV_ID 2
#define PKCS12_MAC_ID 3
PKCS7 *authsafes;
} PKCS12;
+PREDECLARE_STACK_OF(PKCS12_SAFEBAG)
+
typedef struct {
ASN1_OBJECT *type;
union {
struct pkcs12_bag_st *bag; /* secret, crl and certbag */
struct pkcs8_priv_key_info_st *keybag; /* keybag */
X509_SIG *shkeybag; /* shrouded key bag */
- STACK /* PKCS12_SAFEBAG */ *safes;
+ STACK_OF(PKCS12_SAFEBAG) *safes;
ASN1_TYPE *other;
}value;
STACK_OF(X509_ATTRIBUTE) *attrib;
ASN1_TYPE *rest;
} PKCS12_SAFEBAG;
+DECLARE_STACK_OF(PKCS12_SAFEBAG)
+DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
+DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
+
typedef struct pkcs12_bag_st {
ASN1_OBJECT *type;
union {
(RSA *) ASN1_unpack_string ((p8)->pkey, (char *(*)())d2i_RSAPrivateKey)*/
#define M_PKCS12_unpack_p7data(p7) \
-ASN1_seq_unpack ((p7)->d.data->data, p7->d.data->length, \
- (char *(*)())d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free)
+ASN1_seq_unpack_PKCS12_SAFEBAG ((p7)->d.data->data, p7->d.data->length, \
+ d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free)
#define M_PKCS12_pack_authsafes(p12, safes) \
ASN1_seq_pack((safes), (int (*)())i2d_PKCS7,\
PKCS7_free)
#define M_PKCS12_unpack_p7encdata(p7, pass, passlen) \
-(STACK *) PKCS12_decrypt_d2i ((p7)->d.encrypted->enc_data->algorithm,\
- (char *(*)())d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free, \
- (pass), (passlen), \
- (p7)->d.encrypted->enc_data->enc_data, 3)
+PKCS12_decrypt_d2i_PKCS12_SAFEBAG ((p7)->d.encrypted->enc_data->algorithm,\
+ d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free, \
+ (pass), (passlen), \
+ (p7)->d.encrypted->enc_data->enc_data, 3)
#define M_PKCS12_decrypt_skey(bag, pass, passlen) \
(PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i ((bag)->value.shkeybag->algor, \
int passlen, unsigned char *salt,
int saltlen, int iter,
PKCS8_PRIV_KEY_INFO *p8);
-PKCS7 *PKCS12_pack_p7data(STACK *sk);
+PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
unsigned char *salt, int saltlen, int iter,
- STACK *bags);
+ STACK_OF(PKCS12_SAFEBAG) *bags);
int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen);
int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
int namelen);
#include <openssl/stack.h>
-#define STACK_OF(type) STACK_##type
+#define STACK_OF(type) struct stack_st_##type
+#define PREDECLARE_STACK_OF(type) STACK_OF(type);
#define DECLARE_STACK_OF(type) \
-typedef struct stack_st_##type \
+STACK_OF(type) \
{ \
STACK stack; \
- } STACK_OF(type); \
+ }; \
STACK_OF(type) *sk_##type##_new(int (*cmp)(type **,type **)); \
STACK_OF(type) *sk_##type##_new_null(void); \
void sk_##type##_free(STACK_OF(type) *sk); \
projects / openssl.git / commitdiff