diff options
Diffstat (limited to 'src/lib/libssl/src/crypto/pkcs12/p12_crt.c')
| -rw-r--r-- | src/lib/libssl/src/crypto/pkcs12/p12_crt.c | 25 |
1 files changed, 15 insertions, 10 deletions
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_crt.c b/src/lib/libssl/src/crypto/pkcs12/p12_crt.c index ee8aed54c7..a8f7b48882 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_crt.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_crt.c | |||
| @@ -65,7 +65,8 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | |||
| 65 | int keytype) | 65 | int keytype) |
| 66 | { | 66 | { |
| 67 | PKCS12 *p12; | 67 | PKCS12 *p12; |
| 68 | STACK *bags, *safes; | 68 | STACK_OF(PKCS12_SAFEBAG) *bags; |
| 69 | STACK_OF(PKCS7) *safes; | ||
| 69 | PKCS12_SAFEBAG *bag; | 70 | PKCS12_SAFEBAG *bag; |
| 70 | PKCS8_PRIV_KEY_INFO *p8; | 71 | PKCS8_PRIV_KEY_INFO *p8; |
| 71 | PKCS7 *authsafe; | 72 | PKCS7 *authsafe; |
| @@ -85,7 +86,9 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | |||
| 85 | return NULL; | 86 | return NULL; |
| 86 | } | 87 | } |
| 87 | 88 | ||
| 88 | if(!(bags = sk_new (NULL))) { | 89 | if(!X509_check_private_key(cert, pkey)) return NULL; |
| 90 | |||
| 91 | if(!(bags = sk_PKCS12_SAFEBAG_new_null ())) { | ||
| 89 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | 92 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); |
| 90 | return NULL; | 93 | return NULL; |
| 91 | } | 94 | } |
| @@ -96,7 +99,7 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | |||
| 96 | X509_digest(cert, EVP_sha1(), keyid, &keyidlen); | 99 | X509_digest(cert, EVP_sha1(), keyid, &keyidlen); |
| 97 | if(!PKCS12_add_localkeyid(bag, keyid, keyidlen)) return NULL; | 100 | if(!PKCS12_add_localkeyid(bag, keyid, keyidlen)) return NULL; |
| 98 | 101 | ||
| 99 | if(!sk_push(bags, (char *)bag)) { | 102 | if(!sk_PKCS12_SAFEBAG_push(bags, bag)) { |
| 100 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | 103 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); |
| 101 | return NULL; | 104 | return NULL; |
| 102 | } | 105 | } |
| @@ -106,7 +109,7 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | |||
| 106 | for(i = 0; i < sk_X509_num(ca); i++) { | 109 | for(i = 0; i < sk_X509_num(ca); i++) { |
| 107 | tcert = sk_X509_value(ca, i); | 110 | tcert = sk_X509_value(ca, i); |
| 108 | if(!(bag = M_PKCS12_x5092certbag(tcert))) return NULL; | 111 | if(!(bag = M_PKCS12_x5092certbag(tcert))) return NULL; |
| 109 | if(!sk_push(bags, (char *)bag)) { | 112 | if(!sk_PKCS12_SAFEBAG_push(bags, bag)) { |
| 110 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | 113 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); |
| 111 | return NULL; | 114 | return NULL; |
| 112 | } | 115 | } |
| @@ -116,11 +119,12 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | |||
| 116 | /* Turn certbags into encrypted authsafe */ | 119 | /* Turn certbags into encrypted authsafe */ |
| 117 | authsafe = PKCS12_pack_p7encdata (nid_cert, pass, -1, NULL, 0, | 120 | authsafe = PKCS12_pack_p7encdata (nid_cert, pass, -1, NULL, 0, |
| 118 | iter, bags); | 121 | iter, bags); |
| 119 | sk_pop_free(bags, PKCS12_SAFEBAG_free); | 122 | sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); |
| 120 | 123 | ||
| 121 | if (!authsafe) return NULL; | 124 | if (!authsafe) return NULL; |
| 122 | 125 | ||
| 123 | if(!(safes = sk_new (NULL)) || !sk_push(safes, (char *)authsafe)) { | 126 | if(!(safes = sk_PKCS7_new_null ()) |
| 127 | || !sk_PKCS7_push(safes, authsafe)) { | ||
| 124 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | 128 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); |
| 125 | return NULL; | 129 | return NULL; |
| 126 | } | 130 | } |
| @@ -133,14 +137,15 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | |||
| 133 | PKCS8_PRIV_KEY_INFO_free(p8); | 137 | PKCS8_PRIV_KEY_INFO_free(p8); |
| 134 | if (name && !PKCS12_add_friendlyname (bag, name, -1)) return NULL; | 138 | if (name && !PKCS12_add_friendlyname (bag, name, -1)) return NULL; |
| 135 | if(!PKCS12_add_localkeyid (bag, keyid, keyidlen)) return NULL; | 139 | if(!PKCS12_add_localkeyid (bag, keyid, keyidlen)) return NULL; |
| 136 | if(!(bags = sk_new(NULL)) || !sk_push (bags, (char *)bag)) { | 140 | if(!(bags = sk_PKCS12_SAFEBAG_new_null()) |
| 141 | || !sk_PKCS12_SAFEBAG_push (bags, bag)) { | ||
| 137 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | 142 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); |
| 138 | return NULL; | 143 | return NULL; |
| 139 | } | 144 | } |
| 140 | /* Turn it into unencrypted safe bag */ | 145 | /* Turn it into unencrypted safe bag */ |
| 141 | if(!(authsafe = PKCS12_pack_p7data (bags))) return NULL; | 146 | if(!(authsafe = PKCS12_pack_p7data (bags))) return NULL; |
| 142 | sk_pop_free(bags, PKCS12_SAFEBAG_free); | 147 | sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); |
| 143 | if(!sk_push(safes, (char *)authsafe)) { | 148 | if(!sk_PKCS7_push(safes, authsafe)) { |
| 144 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); | 149 | PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); |
| 145 | return NULL; | 150 | return NULL; |
| 146 | } | 151 | } |
| @@ -149,7 +154,7 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | |||
| 149 | 154 | ||
| 150 | if(!M_PKCS12_pack_authsafes (p12, safes)) return NULL; | 155 | if(!M_PKCS12_pack_authsafes (p12, safes)) return NULL; |
| 151 | 156 | ||
| 152 | sk_pop_free(safes, PKCS7_free); | 157 | sk_PKCS7_pop_free(safes, PKCS7_free); |
| 153 | 158 | ||
| 154 | if(!PKCS12_set_mac (p12, pass, -1, NULL, 0, mac_iter, NULL)) | 159 | if(!PKCS12_set_mac (p12, pass, -1, NULL, 0, mac_iter, NULL)) |
| 155 | return NULL; | 160 | return NULL; |