1 files changed, 240 insertions, 0 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_add.c b/src/lib/libcrypto/pkcs12/p12_add.c
new file mode 100644
index 0000000000..27ac5facfa
--- /dev/null
+++ b/src/lib/libcrypto/pkcs12/p12_add.c
@@ -0,0 +1,240 @@
+/* p12_add.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+/* Pack an object into an OCTET STRING and turn into a safebag */
+PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid1,
+             int nid2)
+{
+        PKCS12_BAGS *bag;
+        PKCS12_SAFEBAG *safebag;
+        if (!(bag = PKCS12_BAGS_new())) {
+                PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
+                return NULL;
+        }
+        bag->type = OBJ_nid2obj(nid1);
+        if (!ASN1_item_pack(obj, it, &bag->value.octet)) {
+                PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
+                return NULL;
+        }
+        if (!(safebag = PKCS12_SAFEBAG_new())) {
+                PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
+                return NULL;
+        }
+        safebag->value.bag = bag;
+        safebag->type = OBJ_nid2obj(nid2);
+        return safebag;
+}
+/* Turn PKCS8 object into a keybag */
+PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
+{
+        PKCS12_SAFEBAG *bag;
+        if (!(bag = PKCS12_SAFEBAG_new())) {
+                PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG,ERR_R_MALLOC_FAILURE);
+                return NULL;
+        }
+        bag->type = OBJ_nid2obj(NID_keyBag);
+        bag->value.keybag = p8;
+        return bag;
+}
+/* Turn PKCS8 object into a shrouded keybag */
+PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
+             int passlen, unsigned char *salt, int saltlen, int iter,
+             PKCS8_PRIV_KEY_INFO *p8)
+{
+        PKCS12_SAFEBAG *bag;
+        const EVP_CIPHER *pbe_ciph;
+        /* Set up the safe bag */
+        if (!(bag = PKCS12_SAFEBAG_new())) {
+                PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
+                return NULL;
+        }
+        bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
+        pbe_ciph = EVP_get_cipherbynid(pbe_nid);
+        if (pbe_ciph)
+                pbe_nid = -1;
+        if (!(bag->value.shkeybag = 
+          PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter,
+                                                                         p8))) {
+                PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
+                return NULL;
+        }
+        return bag;
+}
+/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
+PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)
+{
+        PKCS7 *p7;
+        if (!(p7 = PKCS7_new())) {
+                PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
+                return NULL;
+        }
+        p7->type = OBJ_nid2obj(NID_pkcs7_data);
+        if (!(p7->d.data = M_ASN1_OCTET_STRING_new())) {
+                PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
+                return NULL;
+        }
+        
+        if (!ASN1_item_pack(sk, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), &p7->d.data)) {
+                PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE);
+                return NULL;
+        }
+        return p7;
+}
+/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7)
+{
+        if(!PKCS7_type_is_data(p7))
+                {
+                PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,PKCS12_R_CONTENT_TYPE_NOT_DATA);
+                return NULL;
+                }
+        return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
+}
+/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
+PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
+                              unsigned char *salt, int saltlen, int iter,
+                              STACK_OF(PKCS12_SAFEBAG) *bags)
+{
+        PKCS7 *p7;
+        X509_ALGOR *pbe;
+        const EVP_CIPHER *pbe_ciph;
+        if (!(p7 = PKCS7_new())) {
+                PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
+                return NULL;
+        }
+        if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
+                PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
+                                PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
+                return NULL;
+        }
+        pbe_ciph = EVP_get_cipherbynid(pbe_nid);
+        if (pbe_ciph)
+                pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen);
+        else
+                pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
+        if (!pbe) {
+                PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
+                return NULL;
+        }
+        X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
+        p7->d.encrypted->enc_data->algorithm = pbe;
+        M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
+        if (!(p7->d.encrypted->enc_data->enc_data =
+        PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), pass, passlen,
+                                 bags, 1))) {
+                PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR);
+                return NULL;
+        }
+        return p7;
+}
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen)
+{
+        if(!PKCS7_type_is_encrypted(p7)) return NULL;
+        return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm,
+                                   ASN1_ITEM_rptr(PKCS12_SAFEBAGS),
+                                   pass, passlen,
+                                   p7->d.encrypted->enc_data->enc_data, 1);
+}
+PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag, const char *pass,
+                                                                int passlen)
+{
+        return PKCS8_decrypt(bag->value.shkeybag, pass, passlen);
+}
+int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes) 
+{
+        if(ASN1_item_pack(safes, ASN1_ITEM_rptr(PKCS12_AUTHSAFES),
+                &p12->authsafes->d.data)) 
+                        return 1;
+        return 0;
+}
+STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12)
+{
+        if (!PKCS7_type_is_data(p12->authsafes))
+                {
+                PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,PKCS12_R_CONTENT_TYPE_NOT_DATA);
+                return NULL;
+                }
+        return ASN1_item_unpack(p12->authsafes->d.data, ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
+}

diff --git a/src/lib/libcrypto/pkcs12/p12_add.c b/src/lib/libcrypto/pkcs12/p12_add.c new file mode 100644 index 0000000000..27ac5facfa --- /dev/null +++ b/src/lib/libcrypto/pkcs12/p12_add.c
@@ -0,0 +1,240 @@
	1	/* p12_add.c */
	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
	3	* project 1999.
	4	*/
	5	/* ====================================================================
	6	* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
	7	*
	8	* Redistribution and use in source and binary forms, with or without
	9	* modification, are permitted provided that the following conditions
	10	* are met:
	11	*
	12	* 1. Redistributions of source code must retain the above copyright
	13	* notice, this list of conditions and the following disclaimer.
	14	*
	15	* 2. Redistributions in binary form must reproduce the above copyright
	16	* notice, this list of conditions and the following disclaimer in
	17	* the documentation and/or other materials provided with the
	18	* distribution.
	19	*
	20	* 3. All advertising materials mentioning features or use of this
	21	* software must display the following acknowledgment:
	22	* "This product includes software developed by the OpenSSL Project
	23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
	24	*
	25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	26	* endorse or promote products derived from this software without
	27	* prior written permission. For written permission, please contact
	28	* licensing@OpenSSL.org.
	29	*
	30	* 5. Products derived from this software may not be called "OpenSSL"
	31	* nor may "OpenSSL" appear in their names without prior written
	32	* permission of the OpenSSL Project.
	33	*
	34	* 6. Redistributions of any form whatsoever must retain the following
	35	* acknowledgment:
	36	* "This product includes software developed by the OpenSSL Project
	37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
	38	*
	39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	50	* OF THE POSSIBILITY OF SUCH DAMAGE.
	51	* ====================================================================
	52	*
	53	* This product includes cryptographic software written by Eric Young
	54	* (eay@cryptsoft.com). This product includes software written by Tim
	55	* Hudson (tjh@cryptsoft.com).
	56	*
	57	*/
	58
	59	#include <stdio.h>
	60	#include "cryptlib.h"
	61	#include <openssl/pkcs12.h>
	62
	63	/* Pack an object into an OCTET STRING and turn into a safebag */
	64
	65	PKCS12_SAFEBAG PKCS12_item_pack_safebag(void obj, const ASN1_ITEM *it, int nid1,
	66	int nid2)
	67	{
	68	PKCS12_BAGS *bag;
	69	PKCS12_SAFEBAG *safebag;
	70	if (!(bag = PKCS12_BAGS_new())) {
	71	PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
	72	return NULL;
	73	}
	74	bag->type = OBJ_nid2obj(nid1);
	75	if (!ASN1_item_pack(obj, it, &bag->value.octet)) {
	76	PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
	77	return NULL;
	78	}
	79	if (!(safebag = PKCS12_SAFEBAG_new())) {
	80	PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
	81	return NULL;
	82	}
	83	safebag->value.bag = bag;
	84	safebag->type = OBJ_nid2obj(nid2);
	85	return safebag;
	86	}
	87
	88	/* Turn PKCS8 object into a keybag */
	89
	90	PKCS12_SAFEBAG PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO p8)
	91	{
	92	PKCS12_SAFEBAG *bag;
	93	if (!(bag = PKCS12_SAFEBAG_new())) {
	94	PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG,ERR_R_MALLOC_FAILURE);
	95	return NULL;
	96	}
	97	bag->type = OBJ_nid2obj(NID_keyBag);
	98	bag->value.keybag = p8;
	99	return bag;
	100	}
	101
	102	/* Turn PKCS8 object into a shrouded keybag */
	103
	104	PKCS12_SAFEBAG PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char pass,
	105	int passlen, unsigned char *salt, int saltlen, int iter,
	106	PKCS8_PRIV_KEY_INFO *p8)
	107	{
	108	PKCS12_SAFEBAG *bag;
	109	const EVP_CIPHER *pbe_ciph;
	110
	111	/* Set up the safe bag */
	112	if (!(bag = PKCS12_SAFEBAG_new())) {
	113	PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
	114	return NULL;
	115	}
	116
	117	bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
	118
	119	pbe_ciph = EVP_get_cipherbynid(pbe_nid);
	120
	121	if (pbe_ciph)
	122	pbe_nid = -1;
	123
	124	if (!(bag->value.shkeybag =
	125	PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter,
	126	p8))) {
	127	PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
	128	return NULL;
	129	}
	130
	131	return bag;
	132	}
	133
	134	/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
	135	PKCS7 PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) sk)
	136	{
	137	PKCS7 *p7;
	138	if (!(p7 = PKCS7_new())) {
	139	PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
	140	return NULL;
	141	}
	142	p7->type = OBJ_nid2obj(NID_pkcs7_data);
	143	if (!(p7->d.data = M_ASN1_OCTET_STRING_new())) {
	144	PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
	145	return NULL;
	146	}
	147
	148	if (!ASN1_item_pack(sk, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), &p7->d.data)) {
	149	PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE);
	150	return NULL;
	151	}
	152	return p7;
	153	}
	154
	155	/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */
	156	STACK_OF(PKCS12_SAFEBAG) PKCS12_unpack_p7data(PKCS7 p7)
	157	{
	158	if(!PKCS7_type_is_data(p7))
	159	{
	160	PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,PKCS12_R_CONTENT_TYPE_NOT_DATA);
	161	return NULL;
	162	}
	163	return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
	164	}
	165
	166	/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
	167
	168	PKCS7 PKCS12_pack_p7encdata(int pbe_nid, const char pass, int passlen,
	169	unsigned char *salt, int saltlen, int iter,
	170	STACK_OF(PKCS12_SAFEBAG) *bags)
	171	{
	172	PKCS7 *p7;
	173	X509_ALGOR *pbe;
	174	const EVP_CIPHER *pbe_ciph;
	175	if (!(p7 = PKCS7_new())) {
	176	PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
	177	return NULL;
	178	}
	179	if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
	180	PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
	181	PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
	182	return NULL;
	183	}
	184
	185	pbe_ciph = EVP_get_cipherbynid(pbe_nid);
	186
	187	if (pbe_ciph)
	188	pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen);
	189	else
	190	pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
	191
	192	if (!pbe) {
	193	PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
	194	return NULL;
	195	}
	196	X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
	197	p7->d.encrypted->enc_data->algorithm = pbe;
	198	M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
	199	if (!(p7->d.encrypted->enc_data->enc_data =
	200	PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), pass, passlen,
	201	bags, 1))) {
	202	PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR);
	203	return NULL;
	204	}
	205
	206	return p7;
	207	}
	208
	209	STACK_OF(PKCS12_SAFEBAG) PKCS12_unpack_p7encdata(PKCS7 p7, const char *pass, int passlen)
	210	{
	211	if(!PKCS7_type_is_encrypted(p7)) return NULL;
	212	return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm,
	213	ASN1_ITEM_rptr(PKCS12_SAFEBAGS),
	214	pass, passlen,
	215	p7->d.encrypted->enc_data->enc_data, 1);
	216	}
	217
	218	PKCS8_PRIV_KEY_INFO PKCS12_decrypt_skey(PKCS12_SAFEBAG bag, const char *pass,
	219	int passlen)
	220	{
	221	return PKCS8_decrypt(bag->value.shkeybag, pass, passlen);
	222	}
	223
	224	int PKCS12_pack_authsafes(PKCS12 p12, STACK_OF(PKCS7) safes)
	225	{
	226	if(ASN1_item_pack(safes, ASN1_ITEM_rptr(PKCS12_AUTHSAFES),
	227	&p12->authsafes->d.data))
	228	return 1;
	229	return 0;
	230	}
	231
	232	STACK_OF(PKCS7) PKCS12_unpack_authsafes(PKCS12 p12)
	233	{
	234	if (!PKCS7_type_is_data(p12->authsafes))
	235	{
	236	PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,PKCS12_R_CONTENT_TYPE_NOT_DATA);
	237	return NULL;
	238	}
	239	return ASN1_item_unpack(p12->authsafes->d.data, ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
	240	}