diff options
Diffstat (limited to 'src/lib/libcrypto/pkcs12/p12_npas.c')
| -rw-r--r-- | src/lib/libcrypto/pkcs12/p12_npas.c | 37 |
1 files changed, 21 insertions, 16 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_npas.c b/src/lib/libcrypto/pkcs12/p12_npas.c index ee71707e2c..84e31a7f21 100644 --- a/src/lib/libcrypto/pkcs12/p12_npas.c +++ b/src/lib/libcrypto/pkcs12/p12_npas.c | |||
| @@ -66,7 +66,8 @@ | |||
| 66 | /* PKCS#12 password change routine */ | 66 | /* PKCS#12 password change routine */ |
| 67 | 67 | ||
| 68 | static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass); | 68 | static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass); |
| 69 | static int newpass_bags(STACK *bags, char *oldpass, char *newpass); | 69 | static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass, |
| 70 | char *newpass); | ||
| 70 | static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass); | 71 | static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass); |
| 71 | static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen); | 72 | static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen); |
| 72 | 73 | ||
| @@ -104,16 +105,18 @@ return 1; | |||
| 104 | 105 | ||
| 105 | static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass) | 106 | static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass) |
| 106 | { | 107 | { |
| 107 | STACK *asafes, *newsafes, *bags; | 108 | STACK_OF(PKCS7) *asafes, *newsafes; |
| 109 | STACK_OF(PKCS12_SAFEBAG) *bags; | ||
| 108 | int i, bagnid, pbe_nid, pbe_iter, pbe_saltlen; | 110 | int i, bagnid, pbe_nid, pbe_iter, pbe_saltlen; |
| 109 | PKCS7 *p7, *p7new; | 111 | PKCS7 *p7, *p7new; |
| 110 | ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL; | 112 | ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL; |
| 111 | unsigned char mac[EVP_MAX_MD_SIZE]; | 113 | unsigned char mac[EVP_MAX_MD_SIZE]; |
| 112 | unsigned int maclen; | 114 | unsigned int maclen; |
| 115 | |||
| 113 | if (!(asafes = M_PKCS12_unpack_authsafes(p12))) return 0; | 116 | if (!(asafes = M_PKCS12_unpack_authsafes(p12))) return 0; |
| 114 | if(!(newsafes = sk_new(NULL))) return 0; | 117 | if(!(newsafes = sk_PKCS7_new_null())) return 0; |
| 115 | for (i = 0; i < sk_num (asafes); i++) { | 118 | for (i = 0; i < sk_PKCS7_num (asafes); i++) { |
| 116 | p7 = (PKCS7 *) sk_value(asafes, i); | 119 | p7 = sk_PKCS7_value(asafes, i); |
| 117 | bagnid = OBJ_obj2nid(p7->type); | 120 | bagnid = OBJ_obj2nid(p7->type); |
| 118 | if (bagnid == NID_pkcs7_data) { | 121 | if (bagnid == NID_pkcs7_data) { |
| 119 | bags = M_PKCS12_unpack_p7data(p7); | 122 | bags = M_PKCS12_unpack_p7data(p7); |
| @@ -123,26 +126,26 @@ static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass) | |||
| 123 | &pbe_nid, &pbe_iter, &pbe_saltlen); | 126 | &pbe_nid, &pbe_iter, &pbe_saltlen); |
| 124 | } else continue; | 127 | } else continue; |
| 125 | if (!bags) { | 128 | if (!bags) { |
| 126 | sk_pop_free(asafes, PKCS7_free); | 129 | sk_PKCS7_pop_free(asafes, PKCS7_free); |
| 127 | return 0; | 130 | return 0; |
| 128 | } | 131 | } |
| 129 | if (!newpass_bags(bags, oldpass, newpass)) { | 132 | if (!newpass_bags(bags, oldpass, newpass)) { |
| 130 | sk_pop_free(bags, PKCS12_SAFEBAG_free); | 133 | sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); |
| 131 | sk_pop_free(asafes, PKCS7_free); | 134 | sk_PKCS7_pop_free(asafes, PKCS7_free); |
| 132 | return 0; | 135 | return 0; |
| 133 | } | 136 | } |
| 134 | /* Repack bag in same form with new password */ | 137 | /* Repack bag in same form with new password */ |
| 135 | if (bagnid == NID_pkcs7_data) p7new = PKCS12_pack_p7data(bags); | 138 | if (bagnid == NID_pkcs7_data) p7new = PKCS12_pack_p7data(bags); |
| 136 | else p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL, | 139 | else p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL, |
| 137 | pbe_saltlen, pbe_iter, bags); | 140 | pbe_saltlen, pbe_iter, bags); |
| 138 | sk_pop_free(bags, PKCS12_SAFEBAG_free); | 141 | sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); |
| 139 | if(!p7new) { | 142 | if(!p7new) { |
| 140 | sk_pop_free(asafes, PKCS7_free); | 143 | sk_PKCS7_pop_free(asafes, PKCS7_free); |
| 141 | return 0; | 144 | return 0; |
| 142 | } | 145 | } |
| 143 | sk_push(newsafes, (char *)p7new); | 146 | sk_PKCS7_push(newsafes, p7new); |
| 144 | } | 147 | } |
| 145 | sk_pop_free(asafes, PKCS7_free); | 148 | sk_PKCS7_pop_free(asafes, PKCS7_free); |
| 146 | 149 | ||
| 147 | /* Repack safe: save old safe in case of error */ | 150 | /* Repack safe: save old safe in case of error */ |
| 148 | 151 | ||
| @@ -169,12 +172,14 @@ static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass) | |||
| 169 | } | 172 | } |
| 170 | 173 | ||
| 171 | 174 | ||
| 172 | static int newpass_bags(STACK *bags, char *oldpass, char *newpass) | 175 | static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass, |
| 176 | char *newpass) | ||
| 173 | { | 177 | { |
| 174 | int i; | 178 | int i; |
| 175 | for (i = 0; i < sk_num(bags); i++) { | 179 | for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { |
| 176 | if (!newpass_bag((PKCS12_SAFEBAG *)sk_value(bags, i), | 180 | if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i), |
| 177 | oldpass, newpass)) return 0; | 181 | oldpass, newpass)) |
| 182 | return 0; | ||
| 178 | } | 183 | } |
| 179 | return 1; | 184 | return 1; |
| 180 | } | 185 | } |