1238603Sjoerg/* p12_p8e.c */
2238603Sjoerg/*
3238603Sjoerg * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
4238603Sjoerg * 2001.
5238603Sjoerg */
6238603Sjoerg/* ====================================================================
7238603Sjoerg * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
8238603Sjoerg *
9238603Sjoerg * Redistribution and use in source and binary forms, with or without
10238603Sjoerg * modification, are permitted provided that the following conditions
11238603Sjoerg * are met:
12238603Sjoerg *
13238603Sjoerg * 1. Redistributions of source code must retain the above copyright
14238603Sjoerg *    notice, this list of conditions and the following disclaimer.
15238603Sjoerg *
16238603Sjoerg * 2. Redistributions in binary form must reproduce the above copyright
17238603Sjoerg *    notice, this list of conditions and the following disclaimer in
18238603Sjoerg *    the documentation and/or other materials provided with the
19238603Sjoerg *    distribution.
20238603Sjoerg *
21238603Sjoerg * 3. All advertising materials mentioning features or use of this
22238603Sjoerg *    software must display the following acknowledgment:
23238603Sjoerg *    "This product includes software developed by the OpenSSL Project
24238603Sjoerg *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25238603Sjoerg *
26238603Sjoerg * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27238603Sjoerg *    endorse or promote products derived from this software without
28238603Sjoerg *    prior written permission. For written permission, please contact
29238603Sjoerg *    licensing@OpenSSL.org.
30238603Sjoerg *
31238603Sjoerg * 5. Products derived from this software may not be called "OpenSSL"
32238603Sjoerg *    nor may "OpenSSL" appear in their names without prior written
33238603Sjoerg *    permission of the OpenSSL Project.
34238603Sjoerg *
35238603Sjoerg * 6. Redistributions of any form whatsoever must retain the following
36238603Sjoerg *    acknowledgment:
37238603Sjoerg *    "This product includes software developed by the OpenSSL Project
38238603Sjoerg *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39238603Sjoerg *
40238603Sjoerg * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41238603Sjoerg * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42238603Sjoerg * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43238603Sjoerg * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
44257779Shselasky * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45238603Sjoerg * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46238603Sjoerg * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47238603Sjoerg * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48238603Sjoerg * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49238603Sjoerg * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50238603Sjoerg * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51238603Sjoerg * OF THE POSSIBILITY OF SUCH DAMAGE.
52238603Sjoerg * ====================================================================
53238603Sjoerg *
54238603Sjoerg * This product includes cryptographic software written by Eric Young
55238603Sjoerg * (eay@cryptsoft.com).  This product includes software written by Tim
56238603Sjoerg * Hudson (tjh@cryptsoft.com).
57238603Sjoerg *
58238603Sjoerg */
59238603Sjoerg
60238603Sjoerg#include <stdio.h>
61238603Sjoerg#include "cryptlib.h"
62238603Sjoerg#include <openssl/pkcs12.h>
63238603Sjoerg
64238603SjoergX509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
65238603Sjoerg                        const char *pass, int passlen,
66238603Sjoerg                        unsigned char *salt, int saltlen, int iter,
67238603Sjoerg                        PKCS8_PRIV_KEY_INFO *p8inf)
68238603Sjoerg{
69238603Sjoerg    X509_SIG *p8 = NULL;
70238603Sjoerg    X509_ALGOR *pbe;
71238603Sjoerg
72238603Sjoerg    if (!(p8 = X509_SIG_new())) {
73238603Sjoerg        PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
74238603Sjoerg        goto err;
75238603Sjoerg    }
76238603Sjoerg
77257779Shselasky    if (pbe_nid == -1)
78238603Sjoerg        pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
79238603Sjoerg    else if (EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0))
80238603Sjoerg        pbe = PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, pbe_nid);
81238603Sjoerg    else {
82238603Sjoerg        ERR_clear_error();
83238603Sjoerg        pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
84238603Sjoerg    }
85238603Sjoerg    if (!pbe) {
86238603Sjoerg        PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB);
87257779Shselasky        goto err;
88238603Sjoerg    }
89238603Sjoerg    X509_ALGOR_free(p8->algor);
90238603Sjoerg    p8->algor = pbe;
91238603Sjoerg    M_ASN1_OCTET_STRING_free(p8->digest);
92238603Sjoerg    p8->digest =
93238603Sjoerg        PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO),
94238603Sjoerg                                pass, passlen, p8inf, 1);
95238603Sjoerg    if (!p8->digest) {
96238603Sjoerg        PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
97238603Sjoerg        goto err;
98238603Sjoerg    }
99238603Sjoerg
100257779Shselasky    return p8;
101238603Sjoerg
102238603Sjoerg err:
103238603Sjoerg    X509_SIG_free(p8);
104238603Sjoerg    return NULL;
105238603Sjoerg}
106238603Sjoerg