diff options
Diffstat (limited to 'openssl/crypto/pkcs12/p12_p8e.c')
-rw-r--r-- | openssl/crypto/pkcs12/p12_p8e.c | 70 |
1 files changed, 39 insertions, 31 deletions
diff --git a/openssl/crypto/pkcs12/p12_p8e.c b/openssl/crypto/pkcs12/p12_p8e.c index bf20a77b4..861a087f8 100644 --- a/openssl/crypto/pkcs12/p12_p8e.c +++ b/openssl/crypto/pkcs12/p12_p8e.c @@ -1,6 +1,7 @@ /* p12_p8e.c */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2001. +/* + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 2001. */ /* ==================================================================== * Copyright (c) 2001 The OpenSSL Project. All rights reserved. @@ -10,7 +11,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -61,37 +62,44 @@ #include <openssl/pkcs12.h> X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, - const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8inf) + const char *pass, int passlen, + unsigned char *salt, int saltlen, int iter, + PKCS8_PRIV_KEY_INFO *p8inf) { - X509_SIG *p8 = NULL; - X509_ALGOR *pbe; + X509_SIG *p8 = NULL; + X509_ALGOR *pbe; - if (!(p8 = X509_SIG_new())) { - PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE); - goto err; - } + if (!(p8 = X509_SIG_new())) { + PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE); + goto err; + } - if(pbe_nid == -1) pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen); - else pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen); - if(!pbe) { - PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB); - goto err; - } - X509_ALGOR_free(p8->algor); - p8->algor = pbe; - M_ASN1_OCTET_STRING_free(p8->digest); - p8->digest = PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), - pass, passlen, p8inf, 1); - if(!p8->digest) { - PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR); - goto err; - } + if (pbe_nid == -1) + pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen); + else if (EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0)) + pbe = PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, pbe_nid); + else { + ERR_clear_error(); + pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen); + } + if (!pbe) { + PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB); + goto err; + } + X509_ALGOR_free(p8->algor); + p8->algor = pbe; + M_ASN1_OCTET_STRING_free(p8->digest); + p8->digest = + PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), + pass, passlen, p8inf, 1); + if (!p8->digest) { + PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR); + goto err; + } - return p8; + return p8; - err: - X509_SIG_free(p8); - return NULL; + err: + X509_SIG_free(p8); + return NULL; } |