more PKCS12 opacity
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Dr. Stephen Henson
parent
a40d594984
commit
03922a635b
3 changed files with 9 additions and 5 deletions
|
|
@ -233,11 +233,12 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
|
|||
if ((attrib = PKCS12_get_attr(bag, NID_localKeyID)))
|
||||
lkid = attrib->value.octet_string;
|
||||
|
||||
switch (M_PKCS12_bag_type(bag)) {
|
||||
switch (PKCS12_bag_type(bag)) {
|
||||
case NID_keyBag:
|
||||
if (!pkey || *pkey)
|
||||
return 1;
|
||||
if ((*pkey = EVP_PKCS82PKEY(bag->value.keybag)) == NULL)
|
||||
*pkey = EVP_PKCS82PKEY(PKCS12_SAFEBAG_get0_p8inf(bag));
|
||||
if (*pkey == NULL)
|
||||
return 0;
|
||||
break;
|
||||
|
||||
|
|
@ -253,7 +254,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
|
|||
break;
|
||||
|
||||
case NID_certBag:
|
||||
if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
|
||||
if (PKCS12_cert_bag_type(bag) != NID_x509Certificate)
|
||||
return 1;
|
||||
if ((x509 = PKCS12_certbag2x509(bag)) == NULL)
|
||||
return 0;
|
||||
|
|
@ -283,7 +284,8 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
|
|||
break;
|
||||
|
||||
case NID_safeContentsBag:
|
||||
return parse_bags(bag->value.safes, pass, passlen, pkey, ocerts);
|
||||
return parse_bags(PKCS12_SAFEBAG_get0_safes(bag), pass, passlen, pkey,
|
||||
ocerts);
|
||||
|
||||
default:
|
||||
return 1;
|
||||
|
|
|
|||
|
|
@ -62,6 +62,7 @@
|
|||
# include <openssl/hmac.h>
|
||||
# include <openssl/rand.h>
|
||||
# include <openssl/pkcs12.h>
|
||||
# include "p12_lcl.h"
|
||||
|
||||
# define TK26_MAC_KEY_LEN 32
|
||||
|
||||
|
|
|
|||
|
|
@ -62,6 +62,7 @@
|
|||
#include <openssl/pem.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/pkcs12.h>
|
||||
#include "p12_lcl.h"
|
||||
|
||||
/* PKCS#12 password change routine */
|
||||
|
||||
|
|
@ -202,7 +203,7 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass)
|
|||
X509_SIG *p8new;
|
||||
int p8_nid, p8_saltlen, p8_iter;
|
||||
|
||||
if (M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag)
|
||||
if (PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag)
|
||||
return 1;
|
||||
|
||||
if ((p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)) == NULL)
|
||||
|
|
|
|||
Loading…
Reference in a new issue