Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Tree: eec0ad10b9
Branches Tags
openssl
/
crypto
/
pkcs12
/
p12_p8e.c

p12_p8e.c 2.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. /*
    2. 

  2.  * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5.  * this file except in compliance with the License.  You can obtain a copy
    6. 

  6.  * in the file LICENSE in the source distribution or at
    7. 

  7.  * https://www.openssl.org/source/license.html
    8. 

  8.  */
    9. 

  9. 

  10. #include <stdio.h>
    11. 

  11. #include "internal/cryptlib.h"
    12. 

  12. #include <openssl/pkcs12.h>
    13. 

  13. #include "crypto/x509.h"
    14. 

  14. 

  15. X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
    16. 

  16.                         const char *pass, int passlen,
    17. 

  17.                         unsigned char *salt, int saltlen, int iter,
    18. 

  18.                         PKCS8_PRIV_KEY_INFO *p8inf)
    19. 

  19. {
    20. 

  20.     X509_SIG *p8 = NULL;
    21. 

  21.     X509_ALGOR *pbe;
    22. 

  22. 

  23.     if (pbe_nid == -1)
    24. 

  24.         pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
    25. 

  25.     else if (EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0))
    26. 

  26.         pbe = PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, pbe_nid);
    27. 

  27.     else {
    28. 

  28.         ERR_clear_error();
    29. 

  29.         pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
    30. 

  30.     }
    31. 

  31.     if (pbe == NULL) {
    32. 

  32.         PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB);
    33. 

  33.         return NULL;
    34. 

  34.     }
    35. 

  35.     p8 = PKCS8_set0_pbe(pass, passlen, p8inf, pbe);
    36. 

  36.     if (p8 == NULL) {
    37. 

  37.         X509_ALGOR_free(pbe);
    38. 

  38.         return NULL;
    39. 

  39.     }
    40. 

  40. 

  41.     return p8;
    42. 

  42. }
    43. 

  43. 

  44. X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen,
    45. 

  45.                          PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe)
    46. 

  46. {
    47. 

  47.     X509_SIG *p8;
    48. 

  48.     ASN1_OCTET_STRING *enckey;
    49. 

  49. 

  50.     enckey =
    51. 

  51.         PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO),
    52. 

  52.                                 pass, passlen, p8inf, 1);
    53. 

  53.     if (!enckey) {
    54. 

  54.         PKCS12err(PKCS12_F_PKCS8_SET0_PBE, PKCS12_R_ENCRYPT_ERROR);
    55. 

  55.         return NULL;
    56. 

  56.     }
    57. 

  57. 

  58.     p8 = OPENSSL_zalloc(sizeof(*p8));
    59. 

  59. 

  60.     if (p8 == NULL) {
    61. 

  61.         PKCS12err(PKCS12_F_PKCS8_SET0_PBE, ERR_R_MALLOC_FAILURE);
    62. 

  62.         ASN1_OCTET_STRING_free(enckey);
    63. 

  63.         return NULL;
    64. 

  64.     }
    65. 

  65.     p8->algor = pbe;
    66. 

  66.     p8->digest = enckey;
    67. 

  67. 

  68.     return p8;
    69. 

  69. }
    70.