Add support for MS CSP Name PKCS#12 attribute.

2 files changed, 33 insertions, 124 deletions

diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c
index 2d4d04292a..026cf3826a 100644
--- a/crypto/pkcs12/p12_attr.c
+++ b/crypto/pkcs12/p12_attr.c
@@ -62,156 +62,63 @@
 
 /* Add a local keyid to a safebag */
 
-int PKCS12_add_localkeyid (PKCS12_SAFEBAG *bag, unsigned char *name,
+int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
 	     int namelen)
 {
-	X509_ATTRIBUTE *attrib;
-	ASN1_BMPSTRING *oct;
-	ASN1_TYPE *keyid;
-	if (!(keyid = ASN1_TYPE_new ())) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	keyid->type = V_ASN1_OCTET_STRING;
-	if (!(oct = M_ASN1_OCTET_STRING_new())) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if (!M_ASN1_OCTET_STRING_set(oct, name, namelen)) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	keyid->value.octet_string = oct;
-	if (!(attrib = X509_ATTRIBUTE_new ())) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	attrib->object = OBJ_nid2obj(NID_localKeyID);
-	if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	sk_ASN1_TYPE_push (attrib->value.set,keyid);
-	attrib->single = 0;
-	if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
+	if (X509at_add1_attr_by_NID(&bag->attrib, NID_localKeyID,
+				V_ASN1_OCTET_STRING, name, namelen))
+		return 1;
+	else 
 		return 0;
-	}
-	sk_X509_ATTRIBUTE_push (bag->attrib, attrib);
-	return 1;
 }
 
 /* Add key usage to PKCS#8 structure */
 
-int PKCS8_add_keyusage (PKCS8_PRIV_KEY_INFO *p8, int usage)
+int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
 {
-	X509_ATTRIBUTE *attrib;
-	ASN1_BIT_STRING *bstr;
-	ASN1_TYPE *keyid;
 	unsigned char us_val;
 	us_val = (unsigned char) usage;
-	if (!(keyid = ASN1_TYPE_new ())) {
-		PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	keyid->type = V_ASN1_BIT_STRING;
-	if (!(bstr = M_ASN1_BIT_STRING_new())) {
-		PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if (!M_ASN1_BIT_STRING_set(bstr, &us_val, 1)) {
-		PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	keyid->value.bit_string = bstr;
-	if (!(attrib = X509_ATTRIBUTE_new ())) {
-		PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	attrib->object = OBJ_nid2obj(NID_key_usage);
-	if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
-		PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
+	if (X509at_add1_attr_by_NID(&p8->attributes, NID_key_usage,
+				V_ASN1_BIT_STRING, &us_val, 1))
+		return 1;
+	else
 		return 0;
-	}
-	sk_ASN1_TYPE_push (attrib->value.set,keyid);
-	attrib->single = 0;
-	if (!p8->attributes
-	    && !(p8->attributes = sk_X509_ATTRIBUTE_new_null ())) {
-		PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	sk_X509_ATTRIBUTE_push (p8->attributes, attrib);
-	return 1;
 }
 
 /* Add a friendlyname to a safebag */
 
-int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name,
+int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
 				 int namelen)
 {
-	unsigned char *uniname;
-	int ret, unilen;
-	if (!asc2uni(name, namelen, &uniname, &unilen)) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,
-							ERR_R_MALLOC_FAILURE);
+	if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
+				MBSTRING_ASC, (unsigned char *)name, namelen))
+		return 1;
+	else
 		return 0;
-	}
-	ret = PKCS12_add_friendlyname_uni (bag, uniname, unilen);
-	OPENSSL_free(uniname);
-	return ret;
 }
-	
 
-int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag,
+
+int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
 				 const unsigned char *name, int namelen)
 {
-	X509_ATTRIBUTE *attrib;
-	ASN1_BMPSTRING *bmp;
-	ASN1_TYPE *fname;
-	/* Zap ending double null if included */
-	if(!name[namelen - 1] && !name[namelen - 2]) namelen -= 2;
-	if (!(fname = ASN1_TYPE_new ())) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
-							ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	fname->type = V_ASN1_BMPSTRING;
-	if (!(bmp = M_ASN1_BMPSTRING_new())) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
-							ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if (!(bmp->data = OPENSSL_malloc (namelen))) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
-							ERR_R_MALLOC_FAILURE);
+	if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
+				MBSTRING_BMP, name, namelen))
+		return 1;
+	else
 		return 0;
-	}
-	memcpy (bmp->data, name, namelen);
-	bmp->length = namelen;
-	fname->value.bmpstring = bmp;
-	if (!(attrib = X509_ATTRIBUTE_new ())) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
-							ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	attrib->object = OBJ_nid2obj(NID_friendlyName);
-	if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME,
-							ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	sk_ASN1_TYPE_push (attrib->value.set,fname);
-	attrib->single = 0;
-	if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
-		PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
-							ERR_R_MALLOC_FAILURE);
+}
+
+int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
+				 int namelen)
+{
+	if (X509at_add1_attr_by_NID(&bag->attrib, NID_ms_csp_name,
+				MBSTRING_ASC, (unsigned char *)name, namelen))
+		return 1;
+	else
 		return 0;
-	}
-	sk_X509_ATTRIBUTE_push (bag->attrib, attrib);
-	return PKCS12_OK;
 }
 
-ASN1_TYPE *PKCS12_get_attr_gen (STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
+ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
 {
 	X509_ATTRIBUTE *attrib;
 	int i;
diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h
index 01c20ddc6e..611762777d 100644
--- a/crypto/pkcs12/pkcs12.h
+++ b/crypto/pkcs12/pkcs12.h
@@ -201,6 +201,8 @@ STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
 int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen);
 int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
 				int namelen);
+int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
+				int namelen);
 int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name,
 				int namelen);
 int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);