]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/pkcs12/p12_add.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Remove deleted PKCS#12 functions from pkcs12.h, get rid of object creation
[thirdparty/openssl.git] / crypto / pkcs12 / p12_add.c
1 /* p12_add.c */
2 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5 /* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59 #include <stdio.h>
60 #include "cryptlib.h"
61 #include "pkcs12.h"
62
63 /* Pack an object into an OCTET STRING and turn into a safebag */
64
65 PKCS12_SAFEBAG *PKCS12_pack_safebag (obj, i2d, nid1, nid2)
66 char *obj;
67 int (*i2d)();
68 int nid1;
69 int nid2;
70
71 {
72 PKCS12_BAGS *bag;
73 PKCS12_SAFEBAG *safebag;
74 if (!(bag = PKCS12_BAGS_new ())) {
75 PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
76 return NULL;
77 }
78 bag->type = OBJ_nid2obj(nid1);
79 if (!ASN1_pack_string(obj, i2d, &bag->value.octet)) {
80 PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
81 return NULL;
82 }
83 if (!(safebag = PKCS12_SAFEBAG_new ())) {
84 PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
85 return NULL;
86 }
87 safebag->value.bag = bag;
88 safebag->type = OBJ_nid2obj(nid2);
89 return safebag;
90 }
91
92 /* Turn PKCS8 object into a keybag */
93
94 PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG (p8)
95 PKCS8_PRIV_KEY_INFO *p8;
96 {
97 PKCS12_SAFEBAG *bag;
98 if (!(bag = PKCS12_SAFEBAG_new())) {
99 PKCS12err(PKCS12_F_PKCS12_MAKE_SAFEBAG, ERR_R_MALLOC_FAILURE);
100 return NULL;
101 }
102 bag->type = OBJ_nid2obj(NID_keyBag);
103 bag->value.keybag = p8;
104 return bag;
105 }
106
107 /* Turn PKCS8 object into a shrouded keybag */
108
109 PKCS12_SAFEBAG
110 *PKCS12_MAKE_SHKEYBAG (pbe_nid, pass, passlen, salt, saltlen, iter, p8)int pbe_nid;
111 unsigned char *pass;
112 int passlen;
113 unsigned char *salt;
114 int saltlen;
115 int iter;
116 PKCS8_PRIV_KEY_INFO *p8;
117 {
118 PKCS12_SAFEBAG *bag;
119
120 /* Set up the safe bag */
121 if (!(bag = PKCS12_SAFEBAG_new ())) {
122 PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
123 return NULL;
124 }
125
126 bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
127 if (!(bag->value.shkeybag =
128 PKCS8_encrypt(pbe_nid, pass, passlen, salt, saltlen, iter, p8))) {
129 PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
130 return NULL;
131 }
132
133 return bag;
134 }
135
136 /* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
137 PKCS7 *PKCS12_pack_p7data (sk)
138 STACK *sk;
139 {
140 PKCS7 *p7;
141 if (!(p7 = PKCS7_new())) {
142 PKCS12err(PKCS12_F_PKCS12_PACK_P7_DATA, ERR_R_MALLOC_FAILURE);
143 return NULL;
144 }
145 p7->type = OBJ_nid2obj(NID_pkcs7_data);
146 if (!(p7->d.data = ASN1_OCTET_STRING_new())) {
147 PKCS12err(PKCS12_F_PKCS12_PACK_P7_DATA, ERR_R_MALLOC_FAILURE);
148 return NULL;
149 }
150
151 if (!ASN1_seq_pack(sk, i2d_PKCS12_SAFEBAG, &p7->d.data->data,
152 &p7->d.data->length)) {
153 PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE);
154 return NULL;
155 }
156 return p7;
157 }
158
159 /* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
160
161 PKCS7 *PKCS12_pack_p7encdata (pbe_nid, pass, passlen, salt, saltlen, iter,
162 bags)
163 int pbe_nid;
164 unsigned char *pass;
165 int passlen;
166 unsigned char *salt;
167 int saltlen;
168 int iter;
169 STACK *bags;
170 {
171 PKCS7 *p7;
172 X509_ALGOR *pbe;
173 if (!(p7 = PKCS7_new())) {
174 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
175 return NULL;
176 }
177 p7->type = OBJ_nid2obj(NID_pkcs7_encrypted);
178 if (!(p7->d.encrypted = PKCS7_ENCRYPT_new ())) {
179 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
180 return NULL;
181 }
182 ASN1_INTEGER_set (p7->d.encrypted->version, 0);
183 p7->d.encrypted->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data);
184 if (!(pbe = PKCS5_pbe_set (pbe_nid, iter, salt, saltlen))) {
185 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
186 return NULL;
187 }
188 X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
189 p7->d.encrypted->enc_data->algorithm = pbe;
190 ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
191 if (!(p7->d.encrypted->enc_data->enc_data =
192 PKCS12_i2d_encrypt (pbe, i2d_PKCS12_SAFEBAG, pass, passlen,
193 (char *)bags, 1))) {
194 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR);
195 return NULL;
196 }
197
198 return p7;
199 }
200
201 X509_SIG *PKCS8_encrypt (pbe_nid, pass, passlen, salt, saltlen, iter, p8inf)
202 int pbe_nid;
203 unsigned char *pass;
204 int passlen;
205 unsigned char *salt;
206 int saltlen;
207 int iter;
208 PKCS8_PRIV_KEY_INFO *p8inf;
209 {
210 X509_SIG *p8;
211 X509_ALGOR *pbe;
212
213 if (!(p8 = X509_SIG_new())) {
214 PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
215 return NULL;
216 }
217
218 if (!(pbe = PKCS5_pbe_set (pbe_nid, iter, salt, saltlen))) {
219 PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
220 return NULL;
221 }
222 X509_ALGOR_free(p8->algor);
223 p8->algor = pbe;
224 ASN1_OCTET_STRING_free(p8->digest);
225 if (!(p8->digest =
226 PKCS12_i2d_encrypt (pbe, i2d_PKCS8_PRIV_KEY_INFO, pass, passlen,
227 (char *)p8inf, 0))) {
228 PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
229 return NULL;
230 }
231
232 return p8;
233 }
A mirror of the official openssl repository