openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

PKCS12 - Add additional libctx and propq support. 

Fixes #19718
Fixes #19716

Added PKCS12_SAFEBAG_get1_cert_ex(), PKCS12_SAFEBAG_get1_crl_ex() and
ASN1_item_unpack_ex().

parse_bag and parse_bags now use the libctx/propq stored in the P7_CTX.
PKCS12_free() needed to be manually constructed in order to free the propq.

pkcs12_api_test.c changed so that it actually tests the libctx, propq.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19942)
This commit is contained in:
slontis 2022-12-21 14:39:07 +10:00 committed by Tomas Mraz
parent 76aa4f3ac0
commit fe2a7341b5
15 changed files with 194 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
crypto/asn1/asn_pack.c
View File

@ -59,3 +59,16 @@ void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it)
ERR_raise(ERR_LIB_ASN1, ASN1_R_DECODE_ERROR);
return ret;
}
void *ASN1_item_unpack_ex(const ASN1_STRING *oct, const ASN1_ITEM *it,
OSSL_LIB_CTX *libctx, const char *propq)
{
const unsigned char *p;
void *ret;
p = oct->data;
if ((ret = ASN1_item_d2i_ex(NULL, &p, oct->length, it,\
libctx, propq)) == NULL)
ERR_raise(ERR_LIB_ASN1, ASN1_R_DECODE_ERROR);
return ret;
}

12
crypto/pkcs12/p12_add.c
View File

@ -78,7 +78,9 @@ STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7)
ERR_raise(ERR_LIB_PKCS12, PKCS12_R_CONTENT_TYPE_NOT_DATA);
return NULL;
}
return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
return ASN1_item_unpack_ex(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS),
ossl_pkcs7_ctx_get0_libctx(&p7->ctx),
ossl_pkcs7_ctx_get0_propq(&p7->ctx));
}
/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
@ -181,6 +183,7 @@ int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes)
STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12)
{
STACK_OF(PKCS7) *p7s;
PKCS7_CTX *p7ctx;
PKCS7 *p7;
int i;
@ -188,8 +191,11 @@ STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12)
ERR_raise(ERR_LIB_PKCS12, PKCS12_R_CONTENT_TYPE_NOT_DATA);
return NULL;
}
p7s = ASN1_item_unpack(p12->authsafes->d.data,
ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
p7ctx = &p12->authsafes->ctx;
p7s = ASN1_item_unpack_ex(p12->authsafes->d.data,
ASN1_ITEM_rptr(PKCS12_AUTHSAFES),
ossl_pkcs7_ctx_get0_libctx(p7ctx),
ossl_pkcs7_ctx_get0_propq(p7ctx));
if (p7s != NULL) {
for (i = 0; i < sk_PKCS7_num(p7s); i++) {
p7 = sk_PKCS7_value(p7s, i);

17
crypto/pkcs12/p12_asn.c
View File

@ -12,6 +12,7 @@
#include <openssl/asn1t.h>
#include <openssl/pkcs12.h>
#include "p12_local.h"
#include "crypto/pkcs7.h"
/* PKCS#12 ASN1 module */
@ -21,7 +22,21 @@ ASN1_SEQUENCE(PKCS12) = {
ASN1_OPT(PKCS12, mac, PKCS12_MAC_DATA)
} ASN1_SEQUENCE_END(PKCS12)
IMPLEMENT_ASN1_FUNCTIONS(PKCS12)
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(PKCS12, PKCS12, PKCS12)
PKCS12 *PKCS12_new(void)
{
return (PKCS12 *)ASN1_item_new(ASN1_ITEM_rptr(PKCS12));
}
void PKCS12_free(PKCS12 *p12)
{
if (p12 != NULL && p12->authsafes != NULL) {
OPENSSL_free(p12->authsafes->ctx.propq);
p12->authsafes->ctx.propq = NULL;
}
ASN1_item_free((ASN1_VALUE *)p12, ASN1_ITEM_rptr(PKCS12));
}
ASN1_SEQUENCE(PKCS12_MAC_DATA) = {
ASN1_SIMPLE(PKCS12_MAC_DATA, dinfo, X509_SIG),

6
crypto/pkcs12/p12_init.c
View File

@ -56,3 +56,9 @@ PKCS12 *PKCS12_init(int mode)
return PKCS12_init_ex(mode, NULL, NULL);
}
const PKCS7_CTX *ossl_pkcs12_get0_pkcs7ctx(const PKCS12 *p12)
{
if (p12 == NULL || p12->authsafes == NULL)
return NULL;
return &p12->authsafes->ctx;
}

30
crypto/pkcs12/p12_kiss.c
View File

@ -18,10 +18,12 @@ static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
static int parse_bags(const STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts,
OSSL_LIB_CTX *libctx, const char *propq);
static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
EVP_PKEY **pkey, STACK_OF(X509) *ocerts,
OSSL_LIB_CTX *libctx, const char *propq);
/*
* Parse and decrypt a PKCS#12 structure returning user key, user cert and
@ -157,7 +159,8 @@ static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
sk_PKCS7_pop_free(asafes, PKCS7_free);
return 0;
}
if (!parse_bags(bags, pass, passlen, pkey, ocerts)) {
if (!parse_bags(bags, pass, passlen, pkey, ocerts,
p7->ctx.libctx, p7->ctx.propq)) {
sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
sk_PKCS7_pop_free(asafes, PKCS7_free);
return 0;
@ -170,12 +173,14 @@ static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
/* pkey and/or ocerts may be NULL */
static int parse_bags(const STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts,
OSSL_LIB_CTX *libctx, const char *propq)
{
int i;
for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
if (!parse_bag(sk_PKCS12_SAFEBAG_value(bags, i),
pass, passlen, pkey, ocerts))
pass, passlen, pkey, ocerts,
libctx, propq))
return 0;
}
return 1;
@ -183,7 +188,8 @@ static int parse_bags(const STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
/* pkey and/or ocerts may be NULL */
static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
EVP_PKEY **pkey, STACK_OF(X509) *ocerts,
OSSL_LIB_CTX *libctx, const char *propq)
{
PKCS8_PRIV_KEY_INFO *p8;
X509 *x509;
@ -201,7 +207,8 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
case NID_keyBag:
if (pkey == NULL || *pkey != NULL)
return 1;
*pkey = EVP_PKCS82PKEY(PKCS12_SAFEBAG_get0_p8inf(bag));
*pkey = EVP_PKCS82PKEY_ex(PKCS12_SAFEBAG_get0_p8inf(bag),
libctx, propq);
if (*pkey == NULL)
return 0;
break;
@ -209,9 +216,10 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
case NID_pkcs8ShroudedKeyBag:
if (pkey == NULL || *pkey != NULL)
return 1;
if ((p8 = PKCS12_decrypt_skey(bag, pass, passlen)) == NULL)
if ((p8 = PKCS12_decrypt_skey_ex(bag, pass, passlen,
libctx, propq)) == NULL)
return 0;
*pkey = EVP_PKCS82PKEY(p8);
*pkey = EVP_PKCS82PKEY_ex(p8, libctx, propq);
PKCS8_PRIV_KEY_INFO_free(p8);
if (!(*pkey))
return 0;
@ -221,7 +229,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
if (ocerts == NULL
|| PKCS12_SAFEBAG_get_bag_nid(bag) != NID_x509Certificate)
return 1;
if ((x509 = PKCS12_SAFEBAG_get1_cert(bag)) == NULL)
if ((x509 = PKCS12_SAFEBAG_get1_cert_ex(bag, libctx, propq)) == NULL)
return 0;
if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) {
X509_free(x509);
@ -251,7 +259,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
case NID_safeContentsBag:
return parse_bags(PKCS12_SAFEBAG_get0_safes(bag), pass, passlen, pkey,
ocerts);
ocerts, libctx, propq);
default:
return 1;

2
crypto/pkcs12/p12_local.h
View File

@ -41,3 +41,5 @@ struct pkcs12_bag_st {
ASN1_TYPE *other; /* Secret or other bag */
} value;
};
const PKCS7_CTX *ossl_pkcs12_get0_pkcs7ctx(const PKCS12 *p12);

37
crypto/pkcs12/p12_sbag.c
View File

@ -11,6 +11,7 @@
#include "internal/cryptlib.h"
#include <openssl/pkcs12.h>
#include "p12_local.h"
#include "crypto/x509.h"
#ifndef OPENSSL_NO_DEPRECATED_1_1_0
ASN1_TYPE *PKCS12_get_attr(const PKCS12_SAFEBAG *bag, int attr_nid)
@ -101,6 +102,42 @@ X509_CRL *PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag)
ASN1_ITEM_rptr(X509_CRL));
}
X509 *PKCS12_SAFEBAG_get1_cert_ex(const PKCS12_SAFEBAG *bag,
OSSL_LIB_CTX *libctx, const char *propq)
{
X509 *ret = NULL;
if (PKCS12_SAFEBAG_get_nid(bag) != NID_certBag)
return NULL;
if (OBJ_obj2nid(bag->value.bag->type) != NID_x509Certificate)
return NULL;
ret = ASN1_item_unpack_ex(bag->value.bag->value.octet,
ASN1_ITEM_rptr(X509), libctx, propq);
if (!ossl_x509_set0_libctx(ret, libctx, propq)) {
X509_free(ret);
return NULL;
}
return ret;
}
X509_CRL *PKCS12_SAFEBAG_get1_crl_ex(const PKCS12_SAFEBAG *bag,
OSSL_LIB_CTX *libctx, const char *propq)
{
X509_CRL *ret = NULL;
if (PKCS12_SAFEBAG_get_nid(bag) != NID_crlBag)
return NULL;
if (OBJ_obj2nid(bag->value.bag->type) != NID_x509Crl)
return NULL;
ret = ASN1_item_unpack_ex(bag->value.bag->value.octet,
ASN1_ITEM_rptr(X509_CRL), libctx, propq);
if (!ossl_x509_crl_set0_libctx(ret, libctx, propq)) {
X509_CRL_free(ret);
return NULL;
}
return ret;
}
PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509)
{
return PKCS12_item_pack_safebag(x509, ASN1_ITEM_rptr(X509),

28
crypto/pkcs12/p12_utl.c
View File

@ -10,6 +10,8 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/pkcs12.h>
#include "p12_local.h"
#include "crypto/pkcs7/pk7_local.h"
/* Cheap and nasty Unicode stuff */
@ -230,12 +232,34 @@ int i2d_PKCS12_fp(FILE *fp, const PKCS12 *p12)
PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
{
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
const PKCS7_CTX *p7ctx = NULL;
if (p12 != NULL) {
p7ctx = ossl_pkcs12_get0_pkcs7ctx(*p12);
if (p7ctx != NULL) {
libctx = ossl_pkcs7_ctx_get0_libctx(p7ctx);
propq = ossl_pkcs7_ctx_get0_propq(p7ctx);
}
}
return ASN1_item_d2i_bio_ex(ASN1_ITEM_rptr(PKCS12), bp, p12, libctx, propq);
}
#ifndef OPENSSL_NO_STDIO
PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)
{
return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
const PKCS7_CTX *p7ctx = NULL;
if (p12 != NULL) {
p7ctx = ossl_pkcs12_get0_pkcs7ctx(*p12);
if (p7ctx != NULL) {
libctx = ossl_pkcs7_ctx_get0_libctx(p7ctx);
propq = ossl_pkcs7_ctx_get0_propq(p7ctx);
}
}
return ASN1_item_d2i_fp_ex(ASN1_ITEM_rptr(PKCS12), fp, p12, libctx, propq);
}
#endif

33
doc/man3/ASN1_item_d2i_bio.pod
View File

@ -3,7 +3,8 @@
=head1 NAME
ASN1_item_d2i_ex, ASN1_item_d2i, ASN1_item_d2i_bio_ex, ASN1_item_d2i_bio,
ASN1_item_d2i_fp_ex, ASN1_item_d2i_fp, ASN1_item_i2d_mem_bio
ASN1_item_d2i_fp_ex, ASN1_item_d2i_fp, ASN1_item_i2d_mem_bio,
ASN1_item_pack, ASN1_item_unpack_ex, ASN1_item_unpack
- decode and encode DER-encoded ASN.1 structures
=head1 SYNOPSIS
@ -26,6 +27,13 @@ ASN1_item_d2i_fp_ex, ASN1_item_d2i_fp, ASN1_item_i2d_mem_bio
BIO *ASN1_item_i2d_mem_bio(const ASN1_ITEM *it, const ASN1_VALUE *val);
ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct);
void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it);
void *ASN1_item_unpack_ex(const ASN1_STRING *oct, const ASN1_ITEM *it,
OSSL_LIB_CTX *libctx, const char *propq);
=head1 DESCRIPTION
ASN1_item_d2i_ex() decodes the contents of the data stored in I<*in> of length
@ -65,20 +73,39 @@ string.
ASN1_item_i2d_mem_bio() encodes the given ASN.1 value I<val>
using the ASN.1 template I<it> and returns the result in a memory BIO.
ASN1_item_pack() encodes the given ASN.1 value in I<obj> using the
ASN.1 template I<it> and returns an B<ASN1_STRING> object. If the passed in
I<*oct> is not NULL then this is used to store the returned result, otherwise
a new B<ASN1_STRING> object is created. If I<oct> is not NULL and I<*oct> is NULL
then the returned return is also set into I<*oct>. If there is an error the optional
passed in B<ASN1_STRING> will not be freed, but the previous value may be cleared when
ASN1_STRING_set0(*oct, NULL, 0) is called internally.
ASN1_item_unpack() uses ASN1_item_d2i() to decode the DER-encoded B<ASN1_STRING>
I<oct> using the ASN.1 template I<it>.
ASN1_item_unpack_ex() is similar to ASN1_item_unpack(), but uses ASN1_item_d2i_ex() so
that the I<libctx> and I<propq> can be used when doing algorithm fetching.
=head1 RETURN VALUES
ASN1_item_d2i_bio() returns a pointer to an B<ASN1_VALUE> or NULL.
ASN1_item_d2i_bio(), ASN1_item_unpack_ex() and ASN1_item_unpack() return a pointer to
an B<ASN1_VALUE> or NULL on error.
ASN1_item_i2d_mem_bio() returns a pointer to a memory BIO or NULL on error.
ASN1_item_pack() returns a pointer to an B<ASN1_STRING> or NULL on error.
=head1 HISTORY
The functions ASN1_item_d2i_ex(), ASN1_item_d2i_bio_ex(), ASN1_item_d2i_fp_ex()
and ASN1_item_i2d_mem_bio() were added in OpenSSL 3.0.
The function ASN1_item_unpack_ex() was added in OpenSSL 3.2.
=head1 COPYRIGHT
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy

23
doc/man3/PKCS12_SAFEBAG_get1_cert.pod
View File

@ -5,7 +5,8 @@
PKCS12_SAFEBAG_get0_attr, PKCS12_SAFEBAG_get0_type,
PKCS12_SAFEBAG_get_nid, PKCS12_SAFEBAG_get_bag_nid,
PKCS12_SAFEBAG_get0_bag_obj, PKCS12_SAFEBAG_get0_bag_type,
PKCS12_SAFEBAG_get1_cert, PKCS12_SAFEBAG_get1_crl,
PKCS12_SAFEBAG_get1_cert_ex, PKCS12_SAFEBAG_get1_cert,
PKCS12_SAFEBAG_get1_crl_ex, PKCS12_SAFEBAG_get1_crl,
PKCS12_SAFEBAG_get0_safes, PKCS12_SAFEBAG_get0_p8inf,
PKCS12_SAFEBAG_get0_pkcs8 - Get objects from a PKCS#12 safeBag
@ -20,7 +21,11 @@ PKCS12_SAFEBAG_get0_pkcs8 - Get objects from a PKCS#12 safeBag
int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag);
const ASN1_TYPE *PKCS12_SAFEBAG_get0_bag_obj(const PKCS12_SAFEBAG *bag);
const ASN1_OBJECT *PKCS12_SAFEBAG_get0_bag_type(const PKCS12_SAFEBAG *bag);
X509_CRL *PKCS12_SAFEBAG_get1_cert_ex(const PKCS12_SAFEBAG *bag,
OSSL_LIB_CTX *libctx, const char *propq);
X509 *PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag);
X509_CRL *PKCS12_SAFEBAG_get1_crl_ex(const PKCS12_SAFEBAG *bag,
OSSL_LIB_CTX *libctx, const char *propq);
X509_CRL *PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag);
const STACK_OF(PKCS12_SAFEBAG) *PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag);
const PKCS8_PRIV_KEY_INFO *PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG *bag);
@ -41,8 +46,13 @@ arbitrary for B<secretBag>s. PKCS12_SAFEBAG_get0_bag_type() gets this type as an
PKCS12_SAFEBAG_get0_bag_obj() retrieves the object contained within the safeBag.
PKCS12_SAFEBAG_get1_cert() and PKCS12_SAFEBAG_get1_crl() return new B<X509> or
B<X509_CRL> objects from the item in the safeBag.
PKCS12_SAFEBAG_get1_cert_ex() and PKCS12_SAFEBAG_get1_crl_ex() return new B<X509> or
B<X509_CRL> objects from the item in the safeBag. I<libctx> and I<propq> are used when
fetching algorithms, and may optionally be set to NULL.
PKCS12_SAFEBAG_get1_cert() and PKCS12_SAFEBAG_get1_crl() are the same as
PKCS12_SAFEBAG_get1_cert_ex() and PKCS12_SAFEBAG_get1_crl_ex() and set the I<libctx> and
I<prop> to NULL. This will use the default library context.
PKCS12_SAFEBAG_get0_p8inf() and PKCS12_SAFEBAG_get0_pkcs8() return the PKCS8 object
from a PKCS8shroudedKeyBag or a keyBag.
@ -62,9 +72,14 @@ L<PKCS12_create(3)>,
L<PKCS12_add_safe(3)>,
L<PKCS12_add_safes(3)>
=head1 HISTORY
The functions PKCS12_SAFEBAG_get1_cert_ex() and PKCS12_SAFEBAG_get1_crl_ex() were
added in OpenSSL 3.2.
=head1 COPYRIGHT
Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy

2
include/openssl/asn1.h.in
View File

@ -832,6 +832,8 @@ int ASN1_TYPE_get_int_octetstring(const ASN1_TYPE *a, long *num,
unsigned char *data, int max_len);
void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it);
void *ASN1_item_unpack_ex(const ASN1_STRING *oct, const ASN1_ITEM *it,
OSSL_LIB_CTX *libctx, const char *propq);
ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
ASN1_OCTET_STRING **oct);

2
include/openssl/pkcs12.h.in
View File

@ -111,7 +111,9 @@ int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag);
const ASN1_TYPE *PKCS12_SAFEBAG_get0_bag_obj(const PKCS12_SAFEBAG *bag);
const ASN1_OBJECT *PKCS12_SAFEBAG_get0_bag_type(const PKCS12_SAFEBAG *bag);
X509 *PKCS12_SAFEBAG_get1_cert_ex(const PKCS12_SAFEBAG *bag, OSSL_LIB_CTX *libctx, const char *propq);
X509 *PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag);
X509_CRL *PKCS12_SAFEBAG_get1_crl_ex(const PKCS12_SAFEBAG *bag, OSSL_LIB_CTX *libctx, const char *propq);
X509_CRL *PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag);
const STACK_OF(PKCS12_SAFEBAG) *
PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag);

20
test/pkcs12_api_test.c
View File

@ -23,7 +23,6 @@
static OSSL_LIB_CTX *testctx = NULL;
static OSSL_PROVIDER *nullprov = NULL;
static OSSL_PROVIDER *deflprov = NULL;
static int test_null_args(void)
{
@ -39,7 +38,7 @@ static PKCS12 *PKCS12_load(const char *fpath)
if (!TEST_ptr(bio))
goto err;
p12 = PKCS12_init(NID_pkcs7_data);
p12 = PKCS12_init_ex(NID_pkcs7_data, testctx, "provider=default");
if (!TEST_ptr(p12))
goto err;
@ -133,7 +132,7 @@ static int pkcs12_create_ex2_test(int test)
ptr = PKCS12_create_ex2(NULL, NULL, NULL,
NULL, NULL, NID_undef, NID_undef,
0, 0, 0,
NULL, NULL,
testctx, NULL,
NULL, NULL);
if (TEST_ptr(ptr))
goto err;
@ -147,7 +146,7 @@ static int pkcs12_create_ex2_test(int test)
ptr = PKCS12_create_ex2(NULL, NULL, NULL,
cert, NULL, NID_undef, NID_undef,
0, 0, 0,
NULL, NULL,
testctx, NULL,
pkcs12_create_cb, (void*)&cb_ret);
/* PKCS12 successfully created */
if (!TEST_ptr(ptr))
@ -158,7 +157,7 @@ static int pkcs12_create_ex2_test(int test)
ptr = PKCS12_create_ex2(NULL, NULL, NULL,
cert, NULL, NID_undef, NID_undef,
0, 0, 0,
NULL, NULL,
testctx, NULL,
pkcs12_create_cb, (void*)&cb_ret);
/* PKCS12 not created */
if (TEST_ptr(ptr))
@ -169,7 +168,7 @@ static int pkcs12_create_ex2_test(int test)
ptr = PKCS12_create_ex2(NULL, NULL, NULL,
cert, NULL, NID_undef, NID_undef,
0, 0, 0,
NULL, NULL,
testctx, NULL,
pkcs12_create_cb, (void*)&cb_ret);
/* PKCS12 successfully created */
if (!TEST_ptr(ptr))
@ -243,9 +242,11 @@ int setup_tests(void)
}
}
deflprov = OSSL_PROVIDER_load(testctx, "default");
if (!TEST_ptr(deflprov))
if (!test_get_libctx(&testctx, &nullprov, NULL, NULL, NULL)) {
OSSL_LIB_CTX_free(testctx);
testctx = NULL;
return 0;
}
ADD_TEST(test_null_args);
ADD_TEST(pkcs12_parse_test);
@ -255,7 +256,6 @@ int setup_tests(void)
void cleanup_tests(void)
{
OSSL_PROVIDER_unload(nullprov);
OSSL_PROVIDER_unload(deflprov);
OSSL_LIB_CTX_free(testctx);
OSSL_PROVIDER_unload(nullprov);
}

3
util/libcrypto.num
View File

@ -5508,3 +5508,6 @@ OSSL_HPKE_get_recommended_ikmelen ? 3_2_0 EXIST::FUNCTION:
OSSL_PROVIDER_get0_default_search_path ? 3_2_0 EXIST::FUNCTION:
BIO_get_rpoll_descriptor ? 3_2_0 EXIST::FUNCTION:
BIO_get_wpoll_descriptor ? 3_2_0 EXIST::FUNCTION:
ASN1_item_unpack_ex ? 3_2_0 EXIST::FUNCTION:
PKCS12_SAFEBAG_get1_cert_ex ? 3_2_0 EXIST::FUNCTION:
PKCS12_SAFEBAG_get1_crl_ex ? 3_2_0 EXIST::FUNCTION:

2
util/missingcrypto.txt
View File

@ -148,9 +148,7 @@ ASN1_item_i2d(3)
ASN1_item_i2d_bio(3)
ASN1_item_i2d_fp(3)
ASN1_item_ndef_i2d(3)
ASN1_item_pack(3)
ASN1_item_print(3)
ASN1_item_unpack(3)
ASN1_mbstring_copy(3)
ASN1_mbstring_ncopy(3)
ASN1_object_size(3)