diff options
Diffstat (limited to 'crypto/pkcs12/p12_add.c')
-rw-r--r-- | crypto/pkcs12/p12_add.c | 39 |
1 files changed, 32 insertions, 7 deletions
diff --git a/crypto/pkcs12/p12_add.c b/crypto/pkcs12/p12_add.c index 1909f28506..27ac5facfa 100644 --- a/crypto/pkcs12/p12_add.c +++ b/crypto/pkcs12/p12_add.c @@ -1,5 +1,5 @@ /* p12_add.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== @@ -68,16 +68,16 @@ PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid PKCS12_BAGS *bag; PKCS12_SAFEBAG *safebag; if (!(bag = PKCS12_BAGS_new())) { - PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); + PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); return NULL; } bag->type = OBJ_nid2obj(nid1); if (!ASN1_item_pack(obj, it, &bag->value.octet)) { - PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); + PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); return NULL; } if (!(safebag = PKCS12_SAFEBAG_new())) { - PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); + PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); return NULL; } safebag->value.bag = bag; @@ -106,6 +106,7 @@ PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass, PKCS8_PRIV_KEY_INFO *p8) { PKCS12_SAFEBAG *bag; + const EVP_CIPHER *pbe_ciph; /* Set up the safe bag */ if (!(bag = PKCS12_SAFEBAG_new())) { @@ -114,8 +115,14 @@ PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass, } bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag); + + pbe_ciph = EVP_get_cipherbynid(pbe_nid); + + if (pbe_ciph) + pbe_nid = -1; + if (!(bag->value.shkeybag = - PKCS8_encrypt(pbe_nid, NULL, pass, passlen, salt, saltlen, iter, + PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter, p8))) { PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE); return NULL; @@ -148,7 +155,11 @@ PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk) /* Unpack SAFEBAGS from PKCS#7 data ContentInfo */ STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7) { - if(!PKCS7_type_is_data(p7)) return NULL; + if(!PKCS7_type_is_data(p7)) + { + PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,PKCS12_R_CONTENT_TYPE_NOT_DATA); + return NULL; + } return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS)); } @@ -160,6 +171,7 @@ PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, { PKCS7 *p7; X509_ALGOR *pbe; + const EVP_CIPHER *pbe_ciph; if (!(p7 = PKCS7_new())) { PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE); return NULL; @@ -169,7 +181,15 @@ PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE); return NULL; } - if (!(pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen))) { + + pbe_ciph = EVP_get_cipherbynid(pbe_nid); + + if (pbe_ciph) + pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen); + else + pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen); + + if (!pbe) { PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE); return NULL; } @@ -211,5 +231,10 @@ int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes) STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12) { + if (!PKCS7_type_is_data(p12->authsafes)) + { + PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,PKCS12_R_CONTENT_TYPE_NOT_DATA); + return NULL; + } return ASN1_item_unpack(p12->authsafes->d.data, ASN1_ITEM_rptr(PKCS12_AUTHSAFES)); } |