diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2015-09-27 13:42:04 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2016-02-08 18:43:49 +0000 |
| commit | 425f33000722f28462ad0b0e01ad2de686c2a00f (patch) | |
| tree | 275b4cfe50b58901bc098fc3c71c0845f02ef99d | |
| parent | c8494af54a8903ce7ff11c30aa6007f98340f2c5 (diff) | |
use new function names
Reviewed-by: Rich Salz <rsalz@openssl.org>
| -rw-r--r-- | crypto/pkcs12/p12_crt.c | 5 | ||||
| -rw-r--r-- | crypto/pkcs12/p12_sbag.c | 53 | ||||
| -rw-r--r-- | crypto/pkcs12/pk12err.c | 8 | ||||
| -rw-r--r-- | include/openssl/pkcs12.h | 24 |
4 files changed, 58 insertions, 32 deletions
diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c index 4041b966a2..1fd22c0560 100644 --- a/crypto/pkcs12/p12_crt.c +++ b/crypto/pkcs12/p12_crt.c @@ -231,10 +231,11 @@ PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, if (key_usage && !PKCS8_add_keyusage(p8, key_usage)) goto err; if (nid_key != -1) { - bag = PKCS12_MAKE_SHKEYBAG(nid_key, pass, -1, NULL, 0, iter, p8); + bag = PKCS12_SAFEBAG_create_pkcs8_encrypt(nid_key, pass, -1, NULL, 0, + iter, p8); PKCS8_PRIV_KEY_INFO_free(p8); } else - bag = PKCS12_MAKE_KEYBAG(p8); + bag = PKCS12_SAFEBAG_create0_p8inf(p8); if (!bag) goto err; diff --git a/crypto/pkcs12/p12_sbag.c b/crypto/pkcs12/p12_sbag.c index a54367216d..d0ed1e13b0 100644 --- a/crypto/pkcs12/p12_sbag.c +++ b/crypto/pkcs12/p12_sbag.c @@ -145,12 +145,12 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl) /* Turn PKCS8 object into a keybag */ -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_p8inf(PKCS8_PRIV_KEY_INFO *p8) +PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8) { - PKCS12_SAFEBAG *bag; + PKCS12_SAFEBAG *bag = PKCS12_SAFEBAG_new(); - if ((bag = PKCS12_SAFEBAG_new()) == NULL) { - PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG, ERR_R_MALLOC_FAILURE); + if (bag == NULL) { + PKCS12err(PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF, ERR_R_MALLOC_FAILURE); return NULL; } bag->type = OBJ_nid2obj(NID_keyBag); @@ -160,31 +160,48 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_p8inf(PKCS8_PRIV_KEY_INFO *p8) /* Turn PKCS8 object into a shrouded keybag */ -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8(int pbe_nid, const char *pass, - int passlen, unsigned char *salt, - int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8) +PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8) { - PKCS12_SAFEBAG *bag; - const EVP_CIPHER *pbe_ciph; - + PKCS12_SAFEBAG *bag = PKCS12_SAFEBAG_new(); /* Set up the safe bag */ - if ((bag = PKCS12_SAFEBAG_new()) == NULL) { - PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE); + if (bag == NULL) { + PKCS12err(PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } - bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag); + bag->value.shkeybag = p8; + return bag; +} + +PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid, + const char *pass, + int passlen, + unsigned char *salt, + int saltlen, int iter, + PKCS8_PRIV_KEY_INFO *p8inf) +{ + PKCS12_SAFEBAG *bag; + const EVP_CIPHER *pbe_ciph; + X509_SIG *p8; pbe_ciph = EVP_get_cipherbynid(pbe_nid); if (pbe_ciph) pbe_nid = -1; - if (!(bag->value.shkeybag = - PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter, - p8))) { - PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE); + p8 = PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter, + p8inf); + + if (p8 == NULL) { + PKCS12err(PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE); + return NULL; + } + + bag = PKCS12_SAFEBAG_create0_pkcs8(p8); + + if (bag == NULL) { + PKCS12err(PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE); + X509_SIG_free(p8); return NULL; } diff --git a/crypto/pkcs12/pk12err.c b/crypto/pkcs12/pk12err.c index c3c0d59f3b..0850da8b7f 100644 --- a/crypto/pkcs12/pk12err.c +++ b/crypto/pkcs12/pk12err.c @@ -85,14 +85,18 @@ static ERR_STRING_DATA PKCS12_str_functs[] = { {ERR_FUNC(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG), "PKCS12_item_pack_safebag"}, {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC), "PKCS12_key_gen_asc"}, {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI), "PKCS12_key_gen_uni"}, - {ERR_FUNC(PKCS12_F_PKCS12_MAKE_KEYBAG), "PKCS12_MAKE_KEYBAG"}, - {ERR_FUNC(PKCS12_F_PKCS12_MAKE_SHKEYBAG), "PKCS12_MAKE_SHKEYBAG"}, {ERR_FUNC(PKCS12_F_PKCS12_NEWPASS), "PKCS12_newpass"}, {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA), "PKCS12_pack_p7data"}, {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA), "PKCS12_pack_p7encdata"}, {ERR_FUNC(PKCS12_F_PKCS12_PARSE), "PKCS12_parse"}, {ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT), "PKCS12_pbe_crypt"}, {ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN), "PKCS12_PBE_keyivgen"}, + {ERR_FUNC(PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF), + "PKCS12_SAFEBAG_create0_p8inf"}, + {ERR_FUNC(PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8), + "PKCS12_SAFEBAG_create0_pkcs8"}, + {ERR_FUNC(PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT), + "PKCS12_SAFEBAG_create_pkcs8_encrypt"}, {ERR_FUNC(PKCS12_F_PKCS12_SETUP_MAC), "PKCS12_setup_mac"}, {ERR_FUNC(PKCS12_F_PKCS12_SET_MAC), "PKCS12_set_mac"}, {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"}, diff --git a/include/openssl/pkcs12.h b/include/openssl/pkcs12.h index a1377f7c6b..d4862440f5 100644 --- a/include/openssl/pkcs12.h +++ b/include/openssl/pkcs12.h @@ -138,9 +138,9 @@ typedef struct pkcs12_bag_st PKCS12_BAGS; # define PKCS12_bag_type PKCS12_SAFEBAG_get_nid # define PKCS12_cert_bag_type PKCS12_SAFEBAG_get_bag_nid # define PKCS12_x5092certbag PKCS12_SAFEBAG_create_cert -# define PKCS12_crl2certbag PKCS12_SAFEBAG_create_crl -# define PKCS12_MAKE_KEYBAG PKCS12_SAFEBAG_create_p8inf -# define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8 +# define PKCS12_x509crl2certbag PKCS12_SAFEBAG_create_crl +# define PKCS12_MAKE_KEYBAG PKCS12_SAFEBAG_create0_p8inf +# define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8_encrypt ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, int attr_nid); int PKCS12_mac_present(PKCS12 *p12); @@ -161,11 +161,14 @@ X509_SIG *PKCS12_SAFEBAG_get0_pkcs8(PKCS12_SAFEBAG *bag); PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509); PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_p8inf(PKCS8_PRIV_KEY_INFO *p8); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8(int pbe_nid, const char *pass, - int passlen, unsigned char *salt, - int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8); +PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8); +PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8); +PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid, + const char *pass, + int passlen, + unsigned char *salt, + int saltlen, int iter, + PKCS8_PRIV_KEY_INFO *p8inf); PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid1, int nid2); @@ -287,14 +290,15 @@ void ERR_load_PKCS12_strings(void); # define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117 # define PKCS12_F_PKCS12_KEY_GEN_ASC 110 # define PKCS12_F_PKCS12_KEY_GEN_UNI 111 -# define PKCS12_F_PKCS12_MAKE_KEYBAG 112 -# define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113 # define PKCS12_F_PKCS12_NEWPASS 128 # define PKCS12_F_PKCS12_PACK_P7DATA 114 # define PKCS12_F_PKCS12_PACK_P7ENCDATA 115 # define PKCS12_F_PKCS12_PARSE 118 # define PKCS12_F_PKCS12_PBE_CRYPT 119 # define PKCS12_F_PKCS12_PBE_KEYIVGEN 120 +# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF 112 +# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8 113 +# define PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT 133 # define PKCS12_F_PKCS12_SETUP_MAC 122 # define PKCS12_F_PKCS12_SET_MAC 123 # define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130 |