summaryrefslogtreecommitdiffstats
path: root/crypto/pkcs12
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/pkcs12')
-rw-r--r--crypto/pkcs12/p12_crt.c6
-rw-r--r--crypto/pkcs12/p12_kiss.c31
-rw-r--r--crypto/pkcs12/pkcs12.h4
3 files changed, 26 insertions, 15 deletions
diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c
index 56d88b0759..ee8aed54c7 100644
--- a/crypto/pkcs12/p12_crt.c
+++ b/crypto/pkcs12/p12_crt.c
@@ -61,7 +61,7 @@
#include <openssl/pkcs12.h>
PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
- STACK *ca, int nid_key, int nid_cert, int iter, int mac_iter,
+ STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter,
int keytype)
{
PKCS12 *p12;
@@ -103,8 +103,8 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
/* Add all other certificates */
if(ca) {
- for(i = 0; i < sk_num(ca); i++) {
- tcert = (X509 *)sk_value(ca, i);
+ for(i = 0; i < sk_X509_num(ca); i++) {
+ tcert = sk_X509_value(ca, i);
if(!(bag = M_PKCS12_x5092certbag(tcert))) return NULL;
if(!sk_push(bags, (char *)bag)) {
PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index 9f8f982810..ee257ffbad 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -62,9 +62,17 @@
/* Simplified PKCS#12 routines */
-static int parse_pk12( PKCS12 *p12, const char *pass, int passlen, EVP_PKEY **pkey, X509 **cert, STACK **ca);
-static int parse_bags( STACK *bags, const char *pass, int passlen, EVP_PKEY **pkey, X509 **cert, STACK **ca, ASN1_OCTET_STRING **keyid, char *keymatch);
-static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen, EVP_PKEY **pkey, X509 **cert, STACK **ca, ASN1_OCTET_STRING **keyid, char *keymatch);
+static int parse_pk12( PKCS12 *p12, const char *pass, int passlen,
+ EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
+
+static int parse_bags( STACK *bags, const char *pass, int passlen,
+ EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
+ ASN1_OCTET_STRING **keyid, char *keymatch);
+
+static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
+ EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
+ ASN1_OCTET_STRING **keyid, char *keymatch);
+
/* Parse and decrypt a PKCS#12 structure returning user key, user cert
* and other (CA) certs. Note either ca should be NULL, *ca should be NULL,
* or it should point to a valid STACK structure. pkey and cert can be
@@ -72,7 +80,7 @@ static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen, EVP_PK
*/
int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
- STACK **ca)
+ STACK_OF(X509) **ca)
{
/* Check for NULL PKCS12 structure */
@@ -86,7 +94,7 @@ int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
/* Allocate stack for ca certificates if needed */
if ((ca != NULL) && (*ca == NULL))
{
- if (!(*ca = sk_new(NULL)))
+ if (!(*ca = sk_X509_new(NULL)))
{
PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE);
return 0;
@@ -116,7 +124,7 @@ int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
if (pkey && *pkey) EVP_PKEY_free (*pkey);
if (cert && *cert) X509_free (*cert);
- if (ca) sk_pop_free (*ca, X509_free);
+ if (ca) sk_X509_pop_free (*ca, X509_free);
return 0;
}
@@ -124,7 +132,7 @@ int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
/* Parse the outer PKCS#12 structure */
static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK **ca)
+ EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
{
STACK *asafes, *bags;
int i, bagnid;
@@ -159,7 +167,7 @@ static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
static int parse_bags (STACK *bags, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK **ca,
+ EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
ASN1_OCTET_STRING **keyid, char *keymatch)
{
int i;
@@ -176,7 +184,7 @@ static int parse_bags (STACK *bags, const char *pass, int passlen,
#define MATCH_ALL 0x3
static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK **ca,
+ EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
ASN1_OCTET_STRING **keyid,
char *keymatch)
{
@@ -226,7 +234,10 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
if (lkey) {
*keymatch |= MATCH_CERT;
if (cert) *cert = x509;
- } else if (ca) sk_push (*ca, (char *)x509);
+ } else {
+ if(ca) sk_X509_push (*ca, x509);
+ else X509_free(x509);
+ }
break;
case NID_safeContentsBag:
diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h
index 254000fa12..dad356c00f 100644
--- a/crypto/pkcs12/pkcs12.h
+++ b/crypto/pkcs12/pkcs12.h
@@ -265,9 +265,9 @@ void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a);
void ERR_load_PKCS12_strings(void);
void PKCS12_PBE_add(void);
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
- STACK **ca);
+ STACK_OF(X509) **ca);
PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
- STACK *ca, int nid_key, int nid_cert, int iter,
+ STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
int mac_iter, int keytype);
int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-14 17:00:32 +0000