1238603Sjoerg/* p12_p8e.c */ 2238603Sjoerg/* 3238603Sjoerg * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project 4238603Sjoerg * 2001. 5238603Sjoerg */ 6238603Sjoerg/* ==================================================================== 7238603Sjoerg * Copyright (c) 2001 The OpenSSL Project. All rights reserved. 8238603Sjoerg * 9238603Sjoerg * Redistribution and use in source and binary forms, with or without 10238603Sjoerg * modification, are permitted provided that the following conditions 11238603Sjoerg * are met: 12238603Sjoerg * 13238603Sjoerg * 1. Redistributions of source code must retain the above copyright 14238603Sjoerg * notice, this list of conditions and the following disclaimer. 15238603Sjoerg * 16238603Sjoerg * 2. Redistributions in binary form must reproduce the above copyright 17238603Sjoerg * notice, this list of conditions and the following disclaimer in 18238603Sjoerg * the documentation and/or other materials provided with the 19238603Sjoerg * distribution. 20238603Sjoerg * 21238603Sjoerg * 3. All advertising materials mentioning features or use of this 22238603Sjoerg * software must display the following acknowledgment: 23238603Sjoerg * "This product includes software developed by the OpenSSL Project 24238603Sjoerg * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25238603Sjoerg * 26238603Sjoerg * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27238603Sjoerg * endorse or promote products derived from this software without 28238603Sjoerg * prior written permission. For written permission, please contact 29238603Sjoerg * licensing@OpenSSL.org. 30238603Sjoerg * 31238603Sjoerg * 5. Products derived from this software may not be called "OpenSSL" 32238603Sjoerg * nor may "OpenSSL" appear in their names without prior written 33238603Sjoerg * permission of the OpenSSL Project. 34238603Sjoerg * 35238603Sjoerg * 6. Redistributions of any form whatsoever must retain the following 36238603Sjoerg * acknowledgment: 37238603Sjoerg * "This product includes software developed by the OpenSSL Project 38238603Sjoerg * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39238603Sjoerg * 40238603Sjoerg * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41238603Sjoerg * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42238603Sjoerg * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43238603Sjoerg * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44257779Shselasky * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45238603Sjoerg * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46238603Sjoerg * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47238603Sjoerg * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48238603Sjoerg * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49238603Sjoerg * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50238603Sjoerg * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51238603Sjoerg * OF THE POSSIBILITY OF SUCH DAMAGE. 52238603Sjoerg * ==================================================================== 53238603Sjoerg * 54238603Sjoerg * This product includes cryptographic software written by Eric Young 55238603Sjoerg * (eay@cryptsoft.com). This product includes software written by Tim 56238603Sjoerg * Hudson (tjh@cryptsoft.com). 57238603Sjoerg * 58238603Sjoerg */ 59238603Sjoerg 60238603Sjoerg#include <stdio.h> 61238603Sjoerg#include "cryptlib.h" 62238603Sjoerg#include <openssl/pkcs12.h> 63238603Sjoerg 64238603SjoergX509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, 65238603Sjoerg const char *pass, int passlen, 66238603Sjoerg unsigned char *salt, int saltlen, int iter, 67238603Sjoerg PKCS8_PRIV_KEY_INFO *p8inf) 68238603Sjoerg{ 69238603Sjoerg X509_SIG *p8 = NULL; 70238603Sjoerg X509_ALGOR *pbe; 71238603Sjoerg 72238603Sjoerg if (!(p8 = X509_SIG_new())) { 73238603Sjoerg PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE); 74238603Sjoerg goto err; 75238603Sjoerg } 76238603Sjoerg 77257779Shselasky if (pbe_nid == -1) 78238603Sjoerg pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen); 79238603Sjoerg else if (EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0)) 80238603Sjoerg pbe = PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, pbe_nid); 81238603Sjoerg else { 82238603Sjoerg ERR_clear_error(); 83238603Sjoerg pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen); 84238603Sjoerg } 85238603Sjoerg if (!pbe) { 86238603Sjoerg PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB); 87257779Shselasky goto err; 88238603Sjoerg } 89238603Sjoerg X509_ALGOR_free(p8->algor); 90238603Sjoerg p8->algor = pbe; 91238603Sjoerg M_ASN1_OCTET_STRING_free(p8->digest); 92238603Sjoerg p8->digest = 93238603Sjoerg PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), 94238603Sjoerg pass, passlen, p8inf, 1); 95238603Sjoerg if (!p8->digest) { 96238603Sjoerg PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR); 97238603Sjoerg goto err; 98238603Sjoerg } 99238603Sjoerg 100257779Shselasky return p8; 101238603Sjoerg 102238603Sjoerg err: 103238603Sjoerg X509_SIG_free(p8); 104238603Sjoerg return NULL; 105238603Sjoerg} 106238603Sjoerg