OLD | NEW |
1 /* p12_add.c */ | 1 /* p12_add.c */ |
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 * project 1999. | 3 * project 1999. |
4 */ | 4 */ |
5 /* ==================================================================== | 5 /* ==================================================================== |
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. |
7 * | 7 * |
8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
10 * are met: | 10 * are met: |
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
99 return bag; | 99 return bag; |
100 } | 100 } |
101 | 101 |
102 /* Turn PKCS8 object into a shrouded keybag */ | 102 /* Turn PKCS8 object into a shrouded keybag */ |
103 | 103 |
104 PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass, | 104 PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass, |
105 int passlen, unsigned char *salt, int saltlen, int iter, | 105 int passlen, unsigned char *salt, int saltlen, int iter, |
106 PKCS8_PRIV_KEY_INFO *p8) | 106 PKCS8_PRIV_KEY_INFO *p8) |
107 { | 107 { |
108 PKCS12_SAFEBAG *bag; | 108 PKCS12_SAFEBAG *bag; |
| 109 const EVP_CIPHER *pbe_ciph; |
109 | 110 |
110 /* Set up the safe bag */ | 111 /* Set up the safe bag */ |
111 if (!(bag = PKCS12_SAFEBAG_new())) { | 112 if (!(bag = PKCS12_SAFEBAG_new())) { |
112 PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE); | 113 PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE); |
113 return NULL; | 114 return NULL; |
114 } | 115 } |
115 | 116 |
116 bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag); | 117 bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag); |
| 118 |
| 119 pbe_ciph = EVP_get_cipherbynid(pbe_nid); |
| 120 |
| 121 if (pbe_ciph) |
| 122 pbe_nid = -1; |
| 123 |
117 if (!(bag->value.shkeybag = | 124 if (!(bag->value.shkeybag = |
118 » PKCS8_encrypt(pbe_nid, NULL, pass, passlen, salt, saltlen, iter, | 125 » PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter, |
119 p8))) { | 126 p8))) { |
120 PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE); | 127 PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE); |
121 return NULL; | 128 return NULL; |
122 } | 129 } |
123 | 130 |
124 return bag; | 131 return bag; |
125 } | 132 } |
126 | 133 |
127 /* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */ | 134 /* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */ |
128 PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk) | 135 PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk) |
(...skipping 28 matching lines...) Expand all Loading... |
157 } | 164 } |
158 | 165 |
159 /* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */ | 166 /* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */ |
160 | 167 |
161 PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, | 168 PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, |
162 unsigned char *salt, int saltlen, int iter, | 169 unsigned char *salt, int saltlen, int iter, |
163 STACK_OF(PKCS12_SAFEBAG) *bags) | 170 STACK_OF(PKCS12_SAFEBAG) *bags) |
164 { | 171 { |
165 PKCS7 *p7; | 172 PKCS7 *p7; |
166 X509_ALGOR *pbe; | 173 X509_ALGOR *pbe; |
| 174 const EVP_CIPHER *pbe_ciph; |
167 if (!(p7 = PKCS7_new())) { | 175 if (!(p7 = PKCS7_new())) { |
168 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE); | 176 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE); |
169 return NULL; | 177 return NULL; |
170 } | 178 } |
171 if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) { | 179 if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) { |
172 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, | 180 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, |
173 PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE); | 181 PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE); |
174 return NULL; | 182 return NULL; |
175 } | 183 } |
176 » if (!(pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen))) { | 184 |
| 185 » pbe_ciph = EVP_get_cipherbynid(pbe_nid); |
| 186 |
| 187 » if (pbe_ciph) |
| 188 » » pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen); |
| 189 » else |
| 190 » » pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen); |
| 191 |
| 192 » if (!pbe) { |
177 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE); | 193 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE); |
178 return NULL; | 194 return NULL; |
179 } | 195 } |
180 X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm); | 196 X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm); |
181 p7->d.encrypted->enc_data->algorithm = pbe; | 197 p7->d.encrypted->enc_data->algorithm = pbe; |
182 M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data); | 198 M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data); |
183 if (!(p7->d.encrypted->enc_data->enc_data = | 199 if (!(p7->d.encrypted->enc_data->enc_data = |
184 PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), pass, pass
len, | 200 PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), pass, pass
len, |
185 bags, 1))) { | 201 bags, 1))) { |
186 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR
); | 202 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR
); |
(...skipping 28 matching lines...) Expand all Loading... |
215 | 231 |
216 STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12) | 232 STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12) |
217 { | 233 { |
218 if (!PKCS7_type_is_data(p12->authsafes)) | 234 if (!PKCS7_type_is_data(p12->authsafes)) |
219 { | 235 { |
220 PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,PKCS12_R_CONTENT_TYPE
_NOT_DATA); | 236 PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,PKCS12_R_CONTENT_TYPE
_NOT_DATA); |
221 return NULL; | 237 return NULL; |
222 } | 238 } |
223 return ASN1_item_unpack(p12->authsafes->d.data, ASN1_ITEM_rptr(PKCS12_AU
THSAFES)); | 239 return ASN1_item_unpack(p12->authsafes->d.data, ASN1_ITEM_rptr(PKCS12_AU
THSAFES)); |
224 } | 240 } |
OLD | NEW |