diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2000-09-07 23:14:26 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2000-09-07 23:14:26 +0000 |
commit | 84b65340e1cf5b0c427d87e89f42382bff2a5b63 (patch) | |
tree | bf55a359dd51faaeb01ad56c7aae165a6c3c0b96 /crypto/pkcs12 | |
parent | f50c11ca40132a556880d11172694dfec6b90ad2 (diff) |
Two new PKCS#12 demo programs.
Update PKCS12_parse().
Make the keyid in certificate aux info more usable.
Diffstat (limited to 'crypto/pkcs12')
-rw-r--r-- | crypto/pkcs12/p12_kiss.c | 36 |
1 files changed, 25 insertions, 11 deletions
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c index 3b36cfa46c..368c98765c 100644 --- a/crypto/pkcs12/p12_kiss.c +++ b/crypto/pkcs12/p12_kiss.c @@ -86,21 +86,18 @@ int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, /* Check for NULL PKCS12 structure */ - if(!p12) - { + if(!p12) { PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_INVALID_NULL_PKCS12_POINTER); return 0; - } + } /* Allocate stack for ca certificates if needed */ - if ((ca != NULL) && (*ca == NULL)) - { - if (!(*ca = sk_X509_new(NULL))) - { + if ((ca != NULL) && (*ca == NULL)) { + if (!(*ca = sk_X509_new(NULL))) { PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE); return 0; - } } + } if(pkey) *pkey = NULL; if(cert) *cert = NULL; @@ -206,12 +203,17 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, { PKCS8_PRIV_KEY_INFO *p8; X509 *x509; - ASN1_OCTET_STRING *lkey = NULL; + ASN1_OCTET_STRING *lkey = NULL, *ckid = NULL; ASN1_TYPE *attrib; + ASN1_BMPSTRING *fname = NULL; + if ((attrib = PKCS12_get_attr (bag, NID_friendlyName))) + fname = attrib->value.bmpstring; - if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) - lkey = attrib->value.octet_string; + if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) { + lkey = attrib->value.octet_string; + ckid = lkey; + } /* Check for any local key id matching (if needed) */ if (lkey && ((*keymatch & MATCH_ALL) != MATCH_ALL)) { @@ -247,6 +249,18 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate ) return 1; if (!(x509 = M_PKCS12_certbag2x509(bag))) return 0; + if(ckid) X509_keyid_set1(x509, ckid->data, ckid->length); + if(fname) { + int len; + unsigned char *data; + len = ASN1_STRING_to_UTF8(&data, fname); + if(len > 0) { + X509_alias_set1(x509, data, len); + OPENSSL_free(data); + } + } + + if (lkey) { *keymatch |= MATCH_CERT; if (cert) *cert = x509; |