OLD | NEW |
1 /* p12_crt.c */ | 1 /* p12_crt.c */ |
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 * project. | 3 * project. |
4 */ | 4 */ |
5 /* ==================================================================== | 5 /* ==================================================================== |
6 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. | 6 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. |
7 * | 7 * |
8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
10 * are met: | 10 * are met: |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
52 * | 52 * |
53 * This product includes cryptographic software written by Eric Young | 53 * This product includes cryptographic software written by Eric Young |
54 * (eay@cryptsoft.com). This product includes software written by Tim | 54 * (eay@cryptsoft.com). This product includes software written by Tim |
55 * Hudson (tjh@cryptsoft.com). | 55 * Hudson (tjh@cryptsoft.com). |
56 * | 56 * |
57 */ | 57 */ |
58 | 58 |
59 #include <stdio.h> | 59 #include <stdio.h> |
60 #include "cryptlib.h" | 60 #include "cryptlib.h" |
61 #include <openssl/pkcs12.h> | 61 #include <openssl/pkcs12.h> |
62 #ifdef OPENSSL_FIPS | |
63 #include <openssl/fips.h> | |
64 #endif | |
65 | |
66 | 62 |
67 | 63 |
68 static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag)
; | 64 static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag)
; |
69 | 65 |
70 static int copy_bag_attr(PKCS12_SAFEBAG *bag, EVP_PKEY *pkey, int nid) | 66 static int copy_bag_attr(PKCS12_SAFEBAG *bag, EVP_PKEY *pkey, int nid) |
71 { | 67 { |
72 int idx; | 68 int idx; |
73 X509_ATTRIBUTE *attr; | 69 X509_ATTRIBUTE *attr; |
74 idx = EVP_PKEY_get_attr_by_NID(pkey, nid, -1); | 70 idx = EVP_PKEY_get_attr_by_NID(pkey, nid, -1); |
75 if (idx < 0) | 71 if (idx < 0) |
(...skipping 11 matching lines...) Expand all Loading... |
87 PKCS12 *p12 = NULL; | 83 PKCS12 *p12 = NULL; |
88 STACK_OF(PKCS7) *safes = NULL; | 84 STACK_OF(PKCS7) *safes = NULL; |
89 STACK_OF(PKCS12_SAFEBAG) *bags = NULL; | 85 STACK_OF(PKCS12_SAFEBAG) *bags = NULL; |
90 PKCS12_SAFEBAG *bag = NULL; | 86 PKCS12_SAFEBAG *bag = NULL; |
91 int i; | 87 int i; |
92 unsigned char keyid[EVP_MAX_MD_SIZE]; | 88 unsigned char keyid[EVP_MAX_MD_SIZE]; |
93 unsigned int keyidlen = 0; | 89 unsigned int keyidlen = 0; |
94 | 90 |
95 /* Set defaults */ | 91 /* Set defaults */ |
96 if (!nid_cert) | 92 if (!nid_cert) |
97 { | |
98 #ifdef OPENSSL_FIPS | |
99 if (FIPS_mode()) | |
100 nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; | |
101 else | |
102 #endif | |
103 nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; | 93 nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; |
104 } | |
105 if (!nid_key) | 94 if (!nid_key) |
106 nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; | 95 nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; |
107 if (!iter) | 96 if (!iter) |
108 iter = PKCS12_DEFAULT_ITER; | 97 iter = PKCS12_DEFAULT_ITER; |
109 if (!mac_iter) | 98 if (!mac_iter) |
110 mac_iter = 1; | 99 mac_iter = 1; |
111 | 100 |
112 if(!pkey && !cert && !ca) | 101 if(!pkey && !cert && !ca) |
113 { | 102 { |
114 PKCS12err(PKCS12_F_PKCS12_CREATE,PKCS12_R_INVALID_NULL_ARGUMENT)
; | 103 PKCS12err(PKCS12_F_PKCS12_CREATE,PKCS12_R_INVALID_NULL_ARGUMENT)
; |
(...skipping 246 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
361 | 350 |
362 if(!PKCS12_pack_authsafes(p12, safes)) | 351 if(!PKCS12_pack_authsafes(p12, safes)) |
363 { | 352 { |
364 PKCS12_free(p12); | 353 PKCS12_free(p12); |
365 return NULL; | 354 return NULL; |
366 } | 355 } |
367 | 356 |
368 return p12; | 357 return p12; |
369 | 358 |
370 } | 359 } |
OLD | NEW |