if (key_usage && !PKCS8_add_keyusage(p8, key_usage))
goto err;
if (nid_key != -1) {
- bag = PKCS12_MAKE_SHKEYBAG(nid_key, pass, -1, NULL, 0, iter, p8);
+ bag = PKCS12_SAFEBAG_create_pkcs8_encrypt(nid_key, pass, -1, NULL, 0,
+ iter, p8);
PKCS8_PRIV_KEY_INFO_free(p8);
} else
- bag = PKCS12_MAKE_KEYBAG(p8);
+ bag = PKCS12_SAFEBAG_create0_p8inf(p8);
if (!bag)
goto err;
/* Turn PKCS8 object into a keybag */
-PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_p8inf(PKCS8_PRIV_KEY_INFO *p8)
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8)
{
- PKCS12_SAFEBAG *bag;
+ PKCS12_SAFEBAG *bag = PKCS12_SAFEBAG_new();
- if ((bag = PKCS12_SAFEBAG_new()) == NULL) {
- PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG, ERR_R_MALLOC_FAILURE);
+ if (bag == NULL) {
+ PKCS12err(PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF, ERR_R_MALLOC_FAILURE);
return NULL;
}
bag->type = OBJ_nid2obj(NID_keyBag);
/* Turn PKCS8 object into a shrouded keybag */
-PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8(int pbe_nid, const char *pass,
- int passlen, unsigned char *salt,
- int saltlen, int iter,
- PKCS8_PRIV_KEY_INFO *p8)
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8)
{
- PKCS12_SAFEBAG *bag;
- const EVP_CIPHER *pbe_ciph;
-
+ PKCS12_SAFEBAG *bag = PKCS12_SAFEBAG_new();
/* Set up the safe bag */
- if ((bag = PKCS12_SAFEBAG_new()) == NULL) {
- PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
+ if (bag == NULL) {
+ PKCS12err(PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8, ERR_R_MALLOC_FAILURE);
return NULL;
}
-
bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
+ bag->value.shkeybag = p8;
+ return bag;
+}
+
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid,
+ const char *pass,
+ int passlen,
+ unsigned char *salt,
+ int saltlen, int iter,
+ PKCS8_PRIV_KEY_INFO *p8inf)
+{
+ PKCS12_SAFEBAG *bag;
+ const EVP_CIPHER *pbe_ciph;
+ X509_SIG *p8;
pbe_ciph = EVP_get_cipherbynid(pbe_nid);
if (pbe_ciph)
pbe_nid = -1;
- if (!(bag->value.shkeybag =
- PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter,
- p8))) {
- PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
+ p8 = PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter,
+ p8inf);
+
+ if (p8 == NULL) {
+ PKCS12err(PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ bag = PKCS12_SAFEBAG_create0_pkcs8(p8);
+
+ if (bag == NULL) {
+ PKCS12err(PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
+ X509_SIG_free(p8);
return NULL;
}
{ERR_FUNC(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG), "PKCS12_item_pack_safebag"},
{ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC), "PKCS12_key_gen_asc"},
{ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI), "PKCS12_key_gen_uni"},
- {ERR_FUNC(PKCS12_F_PKCS12_MAKE_KEYBAG), "PKCS12_MAKE_KEYBAG"},
- {ERR_FUNC(PKCS12_F_PKCS12_MAKE_SHKEYBAG), "PKCS12_MAKE_SHKEYBAG"},
{ERR_FUNC(PKCS12_F_PKCS12_NEWPASS), "PKCS12_newpass"},
{ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA), "PKCS12_pack_p7data"},
{ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA), "PKCS12_pack_p7encdata"},
{ERR_FUNC(PKCS12_F_PKCS12_PARSE), "PKCS12_parse"},
{ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT), "PKCS12_pbe_crypt"},
{ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN), "PKCS12_PBE_keyivgen"},
+ {ERR_FUNC(PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF),
+ "PKCS12_SAFEBAG_create0_p8inf"},
+ {ERR_FUNC(PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8),
+ "PKCS12_SAFEBAG_create0_pkcs8"},
+ {ERR_FUNC(PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT),
+ "PKCS12_SAFEBAG_create_pkcs8_encrypt"},
{ERR_FUNC(PKCS12_F_PKCS12_SETUP_MAC), "PKCS12_setup_mac"},
{ERR_FUNC(PKCS12_F_PKCS12_SET_MAC), "PKCS12_set_mac"},
{ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"},
# define PKCS12_bag_type PKCS12_SAFEBAG_get_nid
# define PKCS12_cert_bag_type PKCS12_SAFEBAG_get_bag_nid
# define PKCS12_x5092certbag PKCS12_SAFEBAG_create_cert
-# define PKCS12_crl2certbag PKCS12_SAFEBAG_create_crl
-# define PKCS12_MAKE_KEYBAG PKCS12_SAFEBAG_create_p8inf
-# define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8
+# define PKCS12_x509crl2certbag PKCS12_SAFEBAG_create_crl
+# define PKCS12_MAKE_KEYBAG PKCS12_SAFEBAG_create0_p8inf
+# define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8_encrypt
ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, int attr_nid);
int PKCS12_mac_present(PKCS12 *p12);
PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509);
PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl);
-PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_p8inf(PKCS8_PRIV_KEY_INFO *p8);
-PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8(int pbe_nid, const char *pass,
- int passlen, unsigned char *salt,
- int saltlen, int iter,
- PKCS8_PRIV_KEY_INFO *p8);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid,
+ const char *pass,
+ int passlen,
+ unsigned char *salt,
+ int saltlen, int iter,
+ PKCS8_PRIV_KEY_INFO *p8inf);
PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
int nid1, int nid2);
# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117
# define PKCS12_F_PKCS12_KEY_GEN_ASC 110
# define PKCS12_F_PKCS12_KEY_GEN_UNI 111
-# define PKCS12_F_PKCS12_MAKE_KEYBAG 112
-# define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113
# define PKCS12_F_PKCS12_NEWPASS 128
# define PKCS12_F_PKCS12_PACK_P7DATA 114
# define PKCS12_F_PKCS12_PACK_P7ENCDATA 115
# define PKCS12_F_PKCS12_PARSE 118
# define PKCS12_F_PKCS12_PBE_CRYPT 119
# define PKCS12_F_PKCS12_PBE_KEYIVGEN 120
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF 112
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8 113
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT 133
# define PKCS12_F_PKCS12_SETUP_MAC 122
# define PKCS12_F_PKCS12_SET_MAC 123
# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130