1 files changed, 59 insertions, 6 deletions
diff --git a/src/lib/libcrypto/pkcs12/pkcs12.h b/src/lib/libcrypto/pkcs12/pkcs12.h
index 920b4be202..a40659fcf3 100644
--- a/src/lib/libcrypto/pkcs12/pkcs12.h
+++ b/src/lib/libcrypto/pkcs12/pkcs12.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkcs12.h,v 1.25 2022/07/12 14:42:50 kn Exp $ */
+/* $OpenBSD: pkcs12.h,v 1.26 2022/08/03 20:16:06 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -155,12 +155,63 @@ typedef struct pkcs12_bag_st {
 #define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
 #define M_PKCS8_decrypt PKCS8_decrypt
+#if !defined(LIBRESSL_NEXT_API)
 #define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
 #define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
 #define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
+#endif
 #endif /* !LIBRESSL_INTERNAL */
+#if defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_INTERNAL)
+#define M_PKCS12_bag_type       PKCS12_bag_type
+#define M_PKCS12_cert_bag_type  PKCS12_cert_bag_type
+#define M_PKCS12_crl_bag_type   PKCS12_cert_bag_type
+#define PKCS12_bag_type         PKCS12_SAFEBAG_get_nid
+#define PKCS12_cert_bag_type    PKCS12_SAFEBAG_get_bag_nid
+#define PKCS12_certbag2x509     PKCS12_SAFEBAG_get1_cert
+#define PKCS12_certbag2x509crl  PKCS12_SAFEBAG_get1_crl
+#define PKCS12_x5092certbag     PKCS12_SAFEBAG_create_cert
+#define PKCS12_x509crl2certbag  PKCS12_SAFEBAG_create_crl
+#define PKCS12_MAKE_KEYBAG      PKCS12_SAFEBAG_create0_p8inf
+#define PKCS12_MAKE_SHKEYBAG    PKCS12_SAFEBAG_create_pkcs8_encrypt
+const ASN1_TYPE *PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG *bag,
+    int attr_nid);
+const STACK_OF(X509_ATTRIBUTE) *
+    PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG *bag);
+int PKCS12_SAFEBAG_get_nid(const PKCS12_SAFEBAG *bag);
+int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag);
+X509 *PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag);
+X509_CRL *PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag);
+ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, int attr_nid);
+int PKCS12_mac_present(const PKCS12 *p12);
+void PKCS12_get0_mac(const ASN1_OCTET_STRING **pmac, const X509_ALGOR **pmacalg,
+    const ASN1_OCTET_STRING **psalt, const ASN1_INTEGER **piter,
+    const PKCS12 *p12);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid,
+    const char *pass, int passlen, unsigned char *salt, int saltlen, int iter,
+    PKCS8_PRIV_KEY_INFO *p8);
+const PKCS8_PRIV_KEY_INFO *PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG *bag);
+const X509_SIG *PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG *bag);
+const STACK_OF(PKCS12_SAFEBAG) *
+    PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag);
+const ASN1_OBJECT *PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG *bag);
+#else /* !LIBRESSL_NEXT_API && !LIBRESSL_INTERNAL*/
 #define PKCS12_get_attr(bag, attr_nid) \
                         PKCS12_get_attr_gen(bag->attrib, attr_nid)
@@ -169,15 +220,20 @@ typedef struct pkcs12_bag_st {
 #define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
 PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
 PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
 X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
 X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
+PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
+PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
+    int passlen, unsigned char *salt, int saltlen, int iter,
+    PKCS8_PRIV_KEY_INFO *p8);
+#endif /* !LIBRESSL_NEXT_API && !LIBRESSL_INTERNAL */
 PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
    int nid1, int nid2);
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
 PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(const X509_SIG *p8, const char *pass,
    int passlen);
 PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag,
@@ -185,9 +241,6 @@ PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag,
 X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
    const char *pass, int passlen, unsigned char *salt, int saltlen, int iter,
    PKCS8_PRIV_KEY_INFO *p8);
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
-    int passlen, unsigned char *salt, int saltlen, int iter,
-    PKCS8_PRIV_KEY_INFO *p8);
 PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
 STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
 PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,

diff --git a/src/lib/libcrypto/pkcs12/pkcs12.h b/src/lib/libcrypto/pkcs12/pkcs12.h index 920b4be202..a40659fcf3 100644 --- a/src/lib/libcrypto/pkcs12/pkcs12.h +++ b/src/lib/libcrypto/pkcs12/pkcs12.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: pkcs12.h,v 1.25 2022/07/12 14:42:50 kn Exp $ */	1	/* $OpenBSD: pkcs12.h,v 1.26 2022/08/03 20:16:06 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -155,12 +155,63 @@ typedef struct pkcs12_bag_st {
155	#define M_PKCS12_decrypt_skey PKCS12_decrypt_skey	155	#define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
156	#define M_PKCS8_decrypt PKCS8_decrypt	156	#define M_PKCS8_decrypt PKCS8_decrypt
157		157
		158	#if !defined(LIBRESSL_NEXT_API)
158	#define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)	159	#define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
159	#define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)	160	#define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
160	#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type	161	#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
		162	#endif
161		163
162	#endif /* !LIBRESSL_INTERNAL */	164	#endif /* !LIBRESSL_INTERNAL */
163		165
		166	#if defined(LIBRESSL_NEXT_API) \|\| defined(LIBRESSL_INTERNAL)
		167
		168	#define M_PKCS12_bag_type PKCS12_bag_type
		169	#define M_PKCS12_cert_bag_type PKCS12_cert_bag_type
		170	#define M_PKCS12_crl_bag_type PKCS12_cert_bag_type
		171
		172	#define PKCS12_bag_type PKCS12_SAFEBAG_get_nid
		173	#define PKCS12_cert_bag_type PKCS12_SAFEBAG_get_bag_nid
		174
		175	#define PKCS12_certbag2x509 PKCS12_SAFEBAG_get1_cert
		176	#define PKCS12_certbag2x509crl PKCS12_SAFEBAG_get1_crl
		177
		178	#define PKCS12_x5092certbag PKCS12_SAFEBAG_create_cert
		179	#define PKCS12_x509crl2certbag PKCS12_SAFEBAG_create_crl
		180	#define PKCS12_MAKE_KEYBAG PKCS12_SAFEBAG_create0_p8inf
		181	#define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8_encrypt
		182
		183	const ASN1_TYPE PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG bag,
		184	int attr_nid);
		185	const STACK_OF(X509_ATTRIBUTE) *
		186	PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG *bag);
		187	int PKCS12_SAFEBAG_get_nid(const PKCS12_SAFEBAG *bag);
		188	int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag);
		189
		190	X509 PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG bag);
		191	X509_CRL PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG bag);
		192
		193	ASN1_TYPE PKCS8_get_attr(PKCS8_PRIV_KEY_INFO p8, int attr_nid);
		194	int PKCS12_mac_present(const PKCS12 *p12);
		195	void PKCS12_get0_mac(const ASN1_OCTET_STRING pmac, const X509_ALGOR pmacalg,
		196	const ASN1_OCTET_STRING psalt, const ASN1_INTEGER piter,
		197	const PKCS12 *p12);
		198
		199	PKCS12_SAFEBAG PKCS12_SAFEBAG_create_cert(X509 x509);
		200	PKCS12_SAFEBAG PKCS12_SAFEBAG_create_crl(X509_CRL crl);
		201	PKCS12_SAFEBAG PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO p8);
		202	PKCS12_SAFEBAG PKCS12_SAFEBAG_create0_pkcs8(X509_SIG p8);
		203	PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid,
		204	const char pass, int passlen, unsigned char salt, int saltlen, int iter,
		205	PKCS8_PRIV_KEY_INFO *p8);
		206
		207	const PKCS8_PRIV_KEY_INFO PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG bag);
		208	const X509_SIG PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG bag);
		209	const STACK_OF(PKCS12_SAFEBAG) *
		210	PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag);
		211	const ASN1_OBJECT PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG bag);
		212
		213	#else /* !LIBRESSL_NEXT_API && !LIBRESSL_INTERNAL*/
		214
164	#define PKCS12_get_attr(bag, attr_nid) \	215	#define PKCS12_get_attr(bag, attr_nid) \
165	PKCS12_get_attr_gen(bag->attrib, attr_nid)	216	PKCS12_get_attr_gen(bag->attrib, attr_nid)
166		217
@@ -169,15 +220,20 @@ typedef struct pkcs12_bag_st {
169		220
170	#define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)	221	#define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
171		222
172
173	PKCS12_SAFEBAG PKCS12_x5092certbag(X509 x509);	223	PKCS12_SAFEBAG PKCS12_x5092certbag(X509 x509);
174	PKCS12_SAFEBAG PKCS12_x509crl2certbag(X509_CRL crl);	224	PKCS12_SAFEBAG PKCS12_x509crl2certbag(X509_CRL crl);
175	X509 PKCS12_certbag2x509(PKCS12_SAFEBAG bag);	225	X509 PKCS12_certbag2x509(PKCS12_SAFEBAG bag);
176	X509_CRL PKCS12_certbag2x509crl(PKCS12_SAFEBAG bag);	226	X509_CRL PKCS12_certbag2x509crl(PKCS12_SAFEBAG bag);
177		227
		228	PKCS12_SAFEBAG PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO p8);
		229	PKCS12_SAFEBAG PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char pass,
		230	int passlen, unsigned char *salt, int saltlen, int iter,
		231	PKCS8_PRIV_KEY_INFO *p8);
		232
		233	#endif /* !LIBRESSL_NEXT_API && !LIBRESSL_INTERNAL */
		234
178	PKCS12_SAFEBAG PKCS12_item_pack_safebag(void obj, const ASN1_ITEM *it,	235	PKCS12_SAFEBAG PKCS12_item_pack_safebag(void obj, const ASN1_ITEM *it,
179	int nid1, int nid2);	236	int nid1, int nid2);
180	PKCS12_SAFEBAG PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO p8);
181	PKCS8_PRIV_KEY_INFO PKCS8_decrypt(const X509_SIG p8, const char *pass,	237	PKCS8_PRIV_KEY_INFO PKCS8_decrypt(const X509_SIG p8, const char *pass,
182	int passlen);	238	int passlen);
183	PKCS8_PRIV_KEY_INFO PKCS12_decrypt_skey(const PKCS12_SAFEBAG bag,	239	PKCS8_PRIV_KEY_INFO PKCS12_decrypt_skey(const PKCS12_SAFEBAG bag,
@@ -185,9 +241,6 @@ PKCS8_PRIV_KEY_INFO PKCS12_decrypt_skey(const PKCS12_SAFEBAG bag,
185	X509_SIG PKCS8_encrypt(int pbe_nid, const EVP_CIPHER cipher,	241	X509_SIG PKCS8_encrypt(int pbe_nid, const EVP_CIPHER cipher,
186	const char pass, int passlen, unsigned char salt, int saltlen, int iter,	242	const char pass, int passlen, unsigned char salt, int saltlen, int iter,
187	PKCS8_PRIV_KEY_INFO *p8);	243	PKCS8_PRIV_KEY_INFO *p8);
188	PKCS12_SAFEBAG PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char pass,
189	int passlen, unsigned char *salt, int saltlen, int iter,
190	PKCS8_PRIV_KEY_INFO *p8);
191	PKCS7 PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) sk);	244	PKCS7 PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) sk);
192	STACK_OF(PKCS12_SAFEBAG) PKCS12_unpack_p7data(PKCS7 p7);	245	STACK_OF(PKCS12_SAFEBAG) PKCS12_unpack_p7data(PKCS7 p7);
193	PKCS7 PKCS12_pack_p7encdata(int pbe_nid, const char pass, int passlen,	246	PKCS7 PKCS12_pack_p7encdata(int pbe_nid, const char pass, int passlen,