diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-06-26 19:01:34 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-06-26 19:01:34 +0000 |
commit | 2287c92b08d48ceb29989c23aaa366b090af0d06 (patch) | |
tree | a62755f23837d82f84fd4525ad9b2749a6a64078 /lib | |
parent | 61299a220163e00ae723b91d0d6f3763ef374d05 (diff) | |
download | gnutls-2287c92b08d48ceb29989c23aaa366b090af0d06.tar.gz |
PKCS #12 generation, finaly can interoperate with openssl even in the encrypted case.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/x509/pkcs12.c | 4 | ||||
-rw-r--r-- | lib/x509/privkey_pkcs8.c | 35 |
2 files changed, 29 insertions, 10 deletions
diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c index 54c87b2c76..fcee84af83 100644 --- a/lib/x509/pkcs12.c +++ b/lib/x509/pkcs12.c @@ -617,12 +617,12 @@ int gnutls_pkcs12_set_bag(gnutls_pkcs12 pkcs12, gnutls_pkcs12_bag bag) } } else { result = _gnutls_x509_der_encode_and_copy( safe_cont, "", c2, "?LAST.content", 1); - if (result != ASN1_SUCCESS) { + if (result < 0) { gnutls_assert(); - result = _gnutls_asn2err(result); goto cleanup; } } + asn1_delete_structure(&safe_cont); diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index f195678bcf..6bce6c19c9 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -1230,7 +1230,11 @@ static int decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, const char *root, } decrypted_data->data = data; - decrypted_data->size = data_size - data[data_size - 1]; + + if ( _gnutls_cipher_get_block_size(enc_params->cipher) != 1) + decrypted_data->size = data_size - data[data_size - 1]; + else + decrypted_data->size = data_size; _gnutls_cipher_deinit(ch); @@ -1579,20 +1583,27 @@ static int encrypt_data( const gnutls_datum * plain, opaque *data = NULL; gnutls_datum div; GNUTLS_CIPHER_HANDLE ch = NULL; - opaque pad; + opaque pad, pad_size; + + pad_size = _gnutls_cipher_get_block_size(enc_params->cipher); + + if (pad_size == 1) /* stream */ pad_size = 0; - data = gnutls_malloc(plain->size + 8); + data = gnutls_malloc(plain->size + pad_size); if (data == NULL) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; } memcpy(data, plain->data, plain->size); - pad = 8 - (plain->size % 8); - if (pad == 0) - pad = 8; - memset(&data[plain->size], pad, pad); + if (pad_size > 0) { + pad = pad_size - (plain->size % pad_size); + if (pad == 0) + pad = pad_size; + memset(&data[plain->size], pad, pad); + } else pad = 0; + data_size = plain->size + pad; div.data = (opaque *) enc_params->iv; @@ -1820,7 +1831,7 @@ int _gnutls_pkcs7_encrypt_data(schema_id schema, const gnutls_datum * data, /* Now write the rest of the pkcs-7 stuff. */ - result = _gnutls_x509_write_uint32( pkcs7_asn, "version", 4); + result = _gnutls_x509_write_uint32( pkcs7_asn, "version", 0); if (result < 0) { gnutls_assert(); goto error; @@ -1834,6 +1845,14 @@ int _gnutls_pkcs7_encrypt_data(schema_id schema, const gnutls_datum * data, goto error; } + result = + asn1_write_value(pkcs7_asn, "unprotectedAttrs", NULL, 0); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto error; + } + /* Now encode and copy the DER stuff. */ result = _gnutls_x509_der_encode( pkcs7_asn, "", enc, 0); |