From 03922a635b363643cfaa28e282a090e593530d2a Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 26 Sep 2015 13:24:24 +0100 Subject: [PATCH] more PKCS12 opacity Reviewed-by: Rich Salz --- crypto/pkcs12/p12_kiss.c | 10 ++++++---- crypto/pkcs12/p12_mutl.c | 1 + crypto/pkcs12/p12_npas.c | 3 ++- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c index 59c84a0493..9a71581513 100644 --- a/crypto/pkcs12/p12_kiss.c +++ b/crypto/pkcs12/p12_kiss.c @@ -233,11 +233,12 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, if ((attrib = PKCS12_get_attr(bag, NID_localKeyID))) lkid = attrib->value.octet_string; - switch (M_PKCS12_bag_type(bag)) { + switch (PKCS12_bag_type(bag)) { case NID_keyBag: if (!pkey || *pkey) return 1; - if ((*pkey = EVP_PKCS82PKEY(bag->value.keybag)) == NULL) + *pkey = EVP_PKCS82PKEY(PKCS12_SAFEBAG_get0_p8inf(bag)); + if (*pkey == NULL) return 0; break; @@ -253,7 +254,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, break; case NID_certBag: - if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate) + if (PKCS12_cert_bag_type(bag) != NID_x509Certificate) return 1; if ((x509 = PKCS12_certbag2x509(bag)) == NULL) return 0; @@ -283,7 +284,8 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, break; case NID_safeContentsBag: - return parse_bags(bag->value.safes, pass, passlen, pkey, ocerts); + return parse_bags(PKCS12_SAFEBAG_get0_safes(bag), pass, passlen, pkey, + ocerts); default: return 1; diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index 8ed9ac520b..726e7f1360 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -62,6 +62,7 @@ # include # include # include +# include "p12_lcl.h" # define TK26_MAC_KEY_LEN 32 diff --git a/crypto/pkcs12/p12_npas.c b/crypto/pkcs12/p12_npas.c index d670624b4e..2bd25e47ef 100644 --- a/crypto/pkcs12/p12_npas.c +++ b/crypto/pkcs12/p12_npas.c @@ -62,6 +62,7 @@ #include #include #include +#include "p12_lcl.h" /* PKCS#12 password change routine */ @@ -202,7 +203,7 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass) X509_SIG *p8new; int p8_nid, p8_saltlen, p8_iter; - if (M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag) + if (PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag) return 1; if ((p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)) == NULL) -- 2.25.1