Various PKCS#12 related tidies and fixes: it might even compile now :-)
diff --git a/STATUS b/STATUS
index 1bdac42..b22ecd1 100644
--- a/STATUS
+++ b/STATUS
@@ -1,6 +1,6 @@
OpenSSL STATUS Last modified at
- ______________ $Date: 1999/03/23 14:48:59 $
+ ______________ $Date: 1999/03/29 00:19:51 $
DEVELOPMENT STATE
@@ -12,8 +12,6 @@
o Compilation warnings: ctype-related int vs. char
o Compilation error: "unsigned long*" and "int*" under AIX
- o Why are NULL ciphers in front of the cipher spec?
- (see my posting "Bug?!: Cipher Suite and NULL Ciphers" in openssl-dev)
o A Linux alpha user reported: "alpha.s does not have bn_div_word()"
(see posting "ALPHA error" in openssl-dev)
o Undefined BN symbols in assembler stuff on Solaris
@@ -30,13 +28,10 @@
IN PROGRESS
- o Steve is currently working on:
- X509 V3 extension code including:
- 1. Support for the more common PKIX extensions.
- 2. Proper (or at least usable) certificate chain verification.
- 3. Support in standard applications (req, x509, ca).
- 4. Documentation on how all the above works.
- Next on the list is probably PKCS#12 integration.
+ o Steve is currently working on (in no particular order):
+ PKCS#12 code integration.
+ Proper (or at least usable) certificate chain verification.
+ Documentation on X509 V3 extension code.
o Mark is currently working on:
Folding in any changes that are in the C2Net code base that were
diff --git a/crypto/asn1/asn1.err b/crypto/asn1/asn1.err
index 065448c..2f366bf 100644
--- a/crypto/asn1/asn1.err
+++ b/crypto/asn1/asn1.err
@@ -20,6 +20,7 @@
#define ASN1_F_ASN1_INTEGER_TO_BN 112
#define ASN1_F_ASN1_OBJECT_NEW 113
#define ASN1_F_ASN1_PACK_STRING 245
+#define ASN1_F_ASN1_PBE_SET 253
#define ASN1_F_ASN1_SEQ_PACK 246
#define ASN1_F_ASN1_SEQ_UNPACK 247
#define ASN1_F_ASN1_SIGN 114
@@ -65,6 +66,10 @@
#define ASN1_F_D2I_NETSCAPE_SPKAC 143
#define ASN1_F_D2I_NETSCAPE_SPKI 144
#define ASN1_F_D2I_PBEPARAM 249
+#define ASN1_F_D2I_PKCS12 254
+#define ASN1_F_D2I_PKCS12_BAGS 255
+#define ASN1_F_D2I_PKCS12_MAC_DATA 256
+#define ASN1_F_D2I_PKCS12_SAFEBAG 257
#define ASN1_F_D2I_PKCS7 145
#define ASN1_F_D2I_PKCS7_DIGEST 146
#define ASN1_F_D2I_PKCS7_ENCRYPT 147
@@ -120,6 +125,10 @@
#define ASN1_F_NETSCAPE_SPKAC_NEW 190
#define ASN1_F_NETSCAPE_SPKI_NEW 191
#define ASN1_F_PBEPARAM_NEW 251
+#define ASN1_F_PKCS12_BAGS_NEW 258
+#define ASN1_F_PKCS12_MAC_DATA_NEW 259
+#define ASN1_F_PKCS12_NEW 260
+#define ASN1_F_PKCS12_SAFEBAG_NEW 261
#define ASN1_F_PKCS7_DIGEST_NEW 192
#define ASN1_F_PKCS7_ENCRYPT_NEW 193
#define ASN1_F_PKCS7_ENC_CONTENT_NEW 194
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 36ffa37..a46841e 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -725,6 +725,7 @@
#define ASN1_F_ASN1_INTEGER_TO_BN 112
#define ASN1_F_ASN1_OBJECT_NEW 113
#define ASN1_F_ASN1_PACK_STRING 245
+#define ASN1_F_ASN1_PBE_SET 253
#define ASN1_F_ASN1_SEQ_PACK 246
#define ASN1_F_ASN1_SEQ_UNPACK 247
#define ASN1_F_ASN1_SIGN 114
@@ -770,6 +771,10 @@
#define ASN1_F_D2I_NETSCAPE_SPKAC 143
#define ASN1_F_D2I_NETSCAPE_SPKI 144
#define ASN1_F_D2I_PBEPARAM 249
+#define ASN1_F_D2I_PKCS12 254
+#define ASN1_F_D2I_PKCS12_BAGS 255
+#define ASN1_F_D2I_PKCS12_MAC_DATA 256
+#define ASN1_F_D2I_PKCS12_SAFEBAG 257
#define ASN1_F_D2I_PKCS7 145
#define ASN1_F_D2I_PKCS7_DIGEST 146
#define ASN1_F_D2I_PKCS7_ENCRYPT 147
@@ -825,6 +830,10 @@
#define ASN1_F_NETSCAPE_SPKAC_NEW 190
#define ASN1_F_NETSCAPE_SPKI_NEW 191
#define ASN1_F_PBEPARAM_NEW 251
+#define ASN1_F_PKCS12_BAGS_NEW 258
+#define ASN1_F_PKCS12_MAC_DATA_NEW 259
+#define ASN1_F_PKCS12_NEW 260
+#define ASN1_F_PKCS12_SAFEBAG_NEW 261
#define ASN1_F_PKCS7_DIGEST_NEW 192
#define ASN1_F_PKCS7_ENCRYPT_NEW 193
#define ASN1_F_PKCS7_ENC_CONTENT_NEW 194
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index a150e3f..54f052a 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -82,6 +82,7 @@
{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"},
{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"},
{ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0), "ASN1_pack_string"},
+{ERR_PACK(0,ASN1_F_ASN1_PBE_SET,0), "ASN1_PBE_SET"},
{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0), "ASN1_seq_pack"},
{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"},
{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_SIGN"},
@@ -127,6 +128,10 @@
{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "D2I_NETSCAPE_SPKAC"},
{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "D2I_NETSCAPE_SPKI"},
{ERR_PACK(0,ASN1_F_D2I_PBEPARAM,0), "D2I_PBEPARAM"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12,0), "D2I_PKCS12"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "D2I_PKCS12_BAGS"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0), "D2I_PKCS12_MAC_DATA"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0), "D2I_PKCS12_SAFEBAG"},
{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "D2I_PKCS7"},
{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "D2I_PKCS7_DIGEST"},
{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "D2I_PKCS7_ENCRYPT"},
@@ -182,6 +187,10 @@
{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_NEW"},
{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_NEW"},
{ERR_PACK(0,ASN1_F_PBEPARAM_NEW,0), "PBEPARAM_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0), "PKCS12_MAC_DATA_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS12_NEW,0), "PKCS12_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0), "PKCS12_SAFEBAG_NEW"},
{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_NEW"},
{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_NEW"},
{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_NEW"},
diff --git a/crypto/err/err.c b/crypto/err/err.c
index fcd9228..ef47252 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -109,6 +109,7 @@
{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"},
{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"},
{ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"},
+{ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"},
{0,NULL},
};
@@ -148,6 +149,7 @@
{ERR_R_PROXY_LIB ,"PROXY lib"},
{ERR_R_BIO_LIB ,"BIO lib"},
{ERR_R_PKCS7_LIB ,"PKCS7 lib"},
+{ERR_R_PKCS12_LIB ,"PKCS12 lib"},
{ERR_R_MALLOC_FAILURE ,"Malloc failure"},
{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a fuction you should not call"},
{ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"},
diff --git a/crypto/err/err.h b/crypto/err/err.h
index c10868a..f06ed38 100644
--- a/crypto/err/err.h
+++ b/crypto/err/err.h
@@ -191,6 +191,7 @@
#define ERR_R_PROXY_LIB ERR_LIB_PROXY
#define ERR_R_BIO_LIB ERR_LIB_BIO
#define ERR_R_PKCS7_LIB ERR_LIB_PKCS7
+#define ERR_R_PKCS12_LIB ERR_LIB_PKCS12
/* fatal error */
#define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL)
diff --git a/crypto/pkcs12/p12_sbag.c b/crypto/pkcs12/p12_sbag.c
index 11049bb..7888fda 100644
--- a/crypto/pkcs12/p12_sbag.c
+++ b/crypto/pkcs12/p12_sbag.c
@@ -157,7 +157,7 @@
M_ASN1_New(ret->attrib, sk_new_null);
ret->rest=NULL;
return (ret);
- M_ASN1_New_Error(PKCS12_F_PKCS12_SAFEBAG_NEW);
+ M_ASN1_New_Error(ASN1_F_PKCS12_SAFEBAG_NEW);
}
PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(a,pp,length)
diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h
index c626ad1..1f03e2b 100644
--- a/crypto/pkcs12/pkcs12.h
+++ b/crypto/pkcs12/pkcs12.h
@@ -66,8 +66,6 @@
#include "bio.h"
#include "x509.h"
-#define PKCS12_LIB_NAME "PKCS12 library"
-
#define PKCS12_KEY_ID 1
#define PKCS12_IV_ID 2
#define PKCS12_MAC_ID 3
@@ -93,26 +91,6 @@
#define KEY_EX 0x10
#define KEY_SIG 0x80
-/* Various ASN1 macros */
-
-#ifndef M_ASN1_D2I_get_set_opt
-#define M_ASN1_D2I_get_set_opt(r,func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
- { M_ASN1_D2I_get_set(r,func); }
-#endif
-
-#ifndef M_ASN1_I2D_len_SET_opt
-#define M_ASN1_I2D_len_SET_opt(a,f) \
- if (a != NULL) M_ASN1_I2D_len_SET(a,f);
-#endif
-
-#ifndef M_ASN1_I2D_put_SET_opt
-#define M_ASN1_I2D_put_SET_opt(a,f) \
- if (a != NULL) M_ASN1_I2D_put_SET(a,f);
-
-#endif
-
typedef struct {
X509_SIG *dinfo;
ASN1_OCTET_STRING *salt;
@@ -125,9 +103,6 @@
PKCS7 *authsafes;
} PKCS12;
-#define PKCS8_OK 0
-#define PKCS8_NO_OCTET 1
-
typedef struct {
ASN1_OBJECT *type;
union {
@@ -220,13 +195,7 @@
}
#ifndef NOPROTO
-int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **pp);
-PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, unsigned char **pp, long length);
-void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a);
PKCS12_SAFEBAG *PKCS12_pack_safebag(char *obj, int (*i2d)(), int nid1, int nid2);
-PKCS8_PRIV_KEY_INFO *PKEY2PKCS8(EVP_PKEY *pkey);
-EVP_PKEY *PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
X509_SIG *PKCS8_encrypt(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
@@ -242,7 +211,6 @@
char *PKCS12_decrypt_d2i(X509_ALGOR *algor, char *(*d2i)(), void (*free_func)(), unsigned char *pass, int passlen, ASN1_STRING *oct, int seq);
ASN1_STRING *PKCS12_i2d_encrypt(X509_ALGOR *algor, int (*i2d)(), unsigned char *pass, int passlen, char *obj, int seq);
PKCS12 *PKCS12_init(int mode);
-X509_ALGOR *PKCS12_pbe_set(int alg, int iter, unsigned char *salt, int saltlen);
int PKCS12_key_gen_asc(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, EVP_MD *md_type);
int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, EVP_MD *md_type);
int PKCS12_PBE_keyivgen(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_CIPHER *cipher, EVP_MD *md_type, unsigned char *key, unsigned char *iv);
@@ -273,7 +241,6 @@
void ERR_load_PKCS12_strings(void);
void ERR_PKCS12_error(int function, int reason, char *file, int line);
void PKCS12_add_obj(void);
-void PKCS12_lib_init(void);
void PKCS12_PBE_add(void);
int PKCS12_parse(PKCS12 *p12, char *pass, EVP_PKEY **pkey, X509 **cert, STACK **ca);
PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK *ca, int nid_key, int nid_cert, int iter, int mac_iter, int keytype);
@@ -284,13 +251,7 @@
#else
-int i2d_PKCS8_PRIV_KEY_INFO();
-PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new();
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO();
-void PKCS8_PRIV_KEY_INFO_free();
PKCS12_SAFEBAG *PKCS12_pack_safebag();
-PKCS8_PRIV_KEY_INFO *PKEY2PKCS8();
-EVP_PKEY *PKCS82PKEY();
PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG();
X509_SIG *PKCS8_encrypt();
PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG();
@@ -304,7 +265,6 @@
char *PKCS12_decrypt_d2i();
ASN1_STRING *PKCS12_i2d_encrypt();
PKCS12 *PKCS12_init();
-X509_ALGOR *PKCS12_pbe_set();
int PKCS12_key_gen_asc();
int PKCS12_key_gen_uni();
int PKCS12_gen_mac();
@@ -333,7 +293,6 @@
void ERR_load_PKCS12_strings();
void ERR_PKCS12_error ();
void PKCS12_add_obj();
-void PKCS12_lib_init();
void PKCS12_PBE_add();
int PKCS8_add_keyusage();
ASN1_TYPE *PKCS12_get_attr_gen();
