-/* p12_p8e.c */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 2001.
*/
#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/pkcs12.h>
X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
X509_SIG *p8 = NULL;
X509_ALGOR *pbe;
- if (!(p8 = X509_SIG_new())) {
- PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
if (pbe_nid == -1)
pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
else if (EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0))
}
if (!pbe) {
PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB);
- goto err;
+ return NULL;
}
- X509_ALGOR_free(p8->algor);
- p8->algor = pbe;
- ASN1_OCTET_STRING_free(p8->digest);
- p8->digest =
+ p8 = PKCS8_set0_pbe(pass, passlen, p8inf, pbe);
+ if (p8 == NULL) {
+ X509_ALGOR_free(pbe);
+ return NULL;
+ }
+
+ return p8;
+}
+
+X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen,
+ PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe)
+{
+ X509_SIG *p8;
+ ASN1_OCTET_STRING *enckey;
+
+ enckey =
PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO),
pass, passlen, p8inf, 1);
- if (!p8->digest) {
- PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
- goto err;
+ if (!enckey) {
+ PKCS12err(PKCS12_F_PKCS8_SET0_PBE, PKCS12_R_ENCRYPT_ERROR);
+ return NULL;
}
- return p8;
+ if ((p8 = X509_SIG_new()) == NULL) {
+ PKCS12err(PKCS12_F_PKCS8_SET0_PBE, ERR_R_MALLOC_FAILURE);
+ ASN1_OCTET_STRING_free(enckey);
+ return NULL;
+ }
+ X509_ALGOR_free(p8->algor);
+ ASN1_OCTET_STRING_free(p8->digest);
+ p8->algor = pbe;
+ p8->digest = enckey;
- err:
- X509_SIG_free(p8);
- return NULL;
+ return p8;
}