src - OpenBSD base system

diff options


context:
space:
mode:

author	Bob Beck <beck@cvs.openbsd.org>	2022-11-12 13:03:29 +0000
committer	Bob Beck <beck@cvs.openbsd.org>	2022-11-12 13:03:29 +0000
commit	9a16a381a8c22fcc71ae4e866d07c48ec8f690a2 (patch)
tree	b4f6d54937cf2b4c964051dd85261f8bffe31e74
parent	345403d27d19b8280d7acccf4c706eaf3c7a40f5 (diff)

Hide symbols in libcrypto/pkcs12

ok jsing@

Diffstat

-rw-r--r--

lib/libcrypto/Symbols.namespace

-rw-r--r--

lib/libcrypto/hidden/openssl/pkcs12.h

102

-rw-r--r--

lib/libcrypto/pkcs12/p12_add.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_asn.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_attr.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_crpt.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_crt.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_decr.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_init.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_key.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_kiss.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_mutl.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_npas.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_p8d.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_p8e.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_sbag.c

-rw-r--r--

lib/libcrypto/pkcs12/p12_utl.c

-rw-r--r--

lib/libcrypto/pkcs12/pk12err.c

18 files changed, 272 insertions, 17 deletions

diff --git a/lib/libcrypto/Symbols.namespace b/lib/libcrypto/Symbols.namespace
index db529f496b2..0d524d4732c 100644
--- a/lib/libcrypto/Symbols.namespace
+++ b/lib/libcrypto/Symbols.namespace

@@ -128,3 +128,80 @@ _libre_SMIME_write_PKCS7

_libre_SMIME_read_PKCS7

_libre_BIO_new_PKCS7

_libre_ERR_load_PKCS7_strings

+_libre_PKCS12_SAFEBAG_get0_attr

+_libre_PKCS12_SAFEBAG_get0_attrs

+_libre_PKCS12_SAFEBAG_get_nid

+_libre_PKCS12_SAFEBAG_get_bag_nid

+_libre_PKCS12_SAFEBAG_get1_cert

+_libre_PKCS12_SAFEBAG_get1_crl

+_libre_PKCS8_get_attr

+_libre_PKCS12_mac_present

+_libre_PKCS12_get0_mac

+_libre_PKCS12_SAFEBAG_create_cert

+_libre_PKCS12_SAFEBAG_create_crl

+_libre_PKCS12_SAFEBAG_create0_p8inf

+_libre_PKCS12_SAFEBAG_create0_pkcs8

+_libre_PKCS12_SAFEBAG_create_pkcs8_encrypt

+_libre_PKCS12_SAFEBAG_get0_p8inf

+_libre_PKCS12_SAFEBAG_get0_pkcs8

+_libre_PKCS12_SAFEBAG_get0_safes

+_libre_PKCS12_SAFEBAG_get0_type

+_libre_PKCS12_item_pack_safebag

+_libre_PKCS8_decrypt

+_libre_PKCS12_decrypt_skey

+_libre_PKCS8_encrypt

+_libre_PKCS12_pack_p7data

+_libre_PKCS12_unpack_p7data

+_libre_PKCS12_pack_p7encdata

+_libre_PKCS12_unpack_p7encdata

+_libre_PKCS12_pack_authsafes

+_libre_PKCS12_unpack_authsafes

+_libre_PKCS12_add_localkeyid

+_libre_PKCS12_add_friendlyname_asc

+_libre_PKCS12_add_CSPName_asc

+_libre_PKCS12_add_friendlyname_uni

+_libre_PKCS8_add_keyusage

+_libre_PKCS12_get_attr_gen

+_libre_PKCS12_get_friendlyname

+_libre_PKCS12_pbe_crypt

+_libre_PKCS12_item_decrypt_d2i

+_libre_PKCS12_item_i2d_encrypt

+_libre_PKCS12_init

+_libre_PKCS12_key_gen_asc

+_libre_PKCS12_key_gen_uni

+_libre_PKCS12_PBE_keyivgen

+_libre_PKCS12_gen_mac

+_libre_PKCS12_verify_mac

+_libre_PKCS12_set_mac

+_libre_PKCS12_setup_mac

+_libre_OPENSSL_asc2uni

+_libre_OPENSSL_uni2asc

+_libre_PKCS12_new

+_libre_PKCS12_free

+_libre_d2i_PKCS12

+_libre_i2d_PKCS12

+_libre_PKCS12_MAC_DATA_new

+_libre_PKCS12_MAC_DATA_free

+_libre_d2i_PKCS12_MAC_DATA

+_libre_i2d_PKCS12_MAC_DATA

+_libre_PKCS12_SAFEBAG_new

+_libre_PKCS12_SAFEBAG_free

+_libre_d2i_PKCS12_SAFEBAG

+_libre_i2d_PKCS12_SAFEBAG

+_libre_PKCS12_BAGS_new

+_libre_PKCS12_BAGS_free

+_libre_d2i_PKCS12_BAGS

+_libre_i2d_PKCS12_BAGS

+_libre_PKCS12_PBE_add

+_libre_PKCS12_parse

+_libre_PKCS12_create

+_libre_PKCS12_add_cert

+_libre_PKCS12_add_key

+_libre_PKCS12_add_safe

+_libre_PKCS12_add_safes

+_libre_i2d_PKCS12_bio

+_libre_i2d_PKCS12_fp

+_libre_d2i_PKCS12_bio

+_libre_d2i_PKCS12_fp

+_libre_PKCS12_newpass

+_libre_ERR_load_PKCS12_strings

diff --git a/lib/libcrypto/hidden/openssl/pkcs12.h b/lib/libcrypto/hidden/openssl/pkcs12.h
new file mode 100644
index 00000000000..c5f1f247227
--- /dev/null
+++ b/lib/libcrypto/hidden/openssl/pkcs12.h

@@ -0,0 +1,102 @@

+/* $OpenBSD: pkcs12.h,v 1.1 2022/11/12 13:03:28 beck Exp $ */

+/*

+ *

+ * Permission to use, copy, modify, and distribute this software for any

+ * purpose with or without fee is hereby granted, provided that the above

+ * copyright notice and this permission notice appear in all copies.

+ *

+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

+ */

+#ifndef _LIBCRYPTO_PKCS12_H

+#define _LIBCRYPTO_PKCS12_H

+#include_next <openssl/pkcs12.h>

+#include "crypto_namespace.h"

+LCRYPTO_USED(PKCS12_SAFEBAG_get0_attr);

+LCRYPTO_USED(PKCS12_SAFEBAG_get0_attrs);

+LCRYPTO_USED(PKCS12_SAFEBAG_get_nid);

+LCRYPTO_USED(PKCS12_SAFEBAG_get_bag_nid);

+LCRYPTO_USED(PKCS12_SAFEBAG_get1_cert);

+LCRYPTO_USED(PKCS12_SAFEBAG_get1_crl);

+LCRYPTO_USED(PKCS8_get_attr);

+LCRYPTO_USED(PKCS12_mac_present);

+LCRYPTO_USED(PKCS12_get0_mac);

+LCRYPTO_USED(PKCS12_SAFEBAG_create_cert);

+LCRYPTO_USED(PKCS12_SAFEBAG_create_crl);

+LCRYPTO_USED(PKCS12_SAFEBAG_create0_p8inf);

+LCRYPTO_USED(PKCS12_SAFEBAG_create0_pkcs8);

+LCRYPTO_USED(PKCS12_SAFEBAG_create_pkcs8_encrypt);

+LCRYPTO_USED(PKCS12_SAFEBAG_get0_p8inf);

+LCRYPTO_USED(PKCS12_SAFEBAG_get0_pkcs8);

+LCRYPTO_USED(PKCS12_SAFEBAG_get0_safes);

+LCRYPTO_USED(PKCS12_SAFEBAG_get0_type);

+LCRYPTO_USED(PKCS12_item_pack_safebag);

+LCRYPTO_USED(PKCS8_decrypt);

+LCRYPTO_USED(PKCS12_decrypt_skey);

+LCRYPTO_USED(PKCS8_encrypt);

+LCRYPTO_USED(PKCS12_pack_p7data);

+LCRYPTO_USED(PKCS12_unpack_p7data);

+LCRYPTO_USED(PKCS12_pack_p7encdata);

+LCRYPTO_USED(PKCS12_unpack_p7encdata);

+LCRYPTO_USED(PKCS12_pack_authsafes);

+LCRYPTO_USED(PKCS12_unpack_authsafes);

+LCRYPTO_USED(PKCS12_add_localkeyid);

+LCRYPTO_USED(PKCS12_add_friendlyname_asc);

+LCRYPTO_USED(PKCS12_add_CSPName_asc);

+LCRYPTO_USED(PKCS12_add_friendlyname_uni);

+LCRYPTO_USED(PKCS8_add_keyusage);

+LCRYPTO_USED(PKCS12_get_attr_gen);

+LCRYPTO_USED(PKCS12_get_friendlyname);

+LCRYPTO_USED(PKCS12_pbe_crypt);

+LCRYPTO_USED(PKCS12_item_decrypt_d2i);

+LCRYPTO_USED(PKCS12_item_i2d_encrypt);

+LCRYPTO_USED(PKCS12_init);

+LCRYPTO_USED(PKCS12_key_gen_asc);

+LCRYPTO_USED(PKCS12_key_gen_uni);

+LCRYPTO_USED(PKCS12_PBE_keyivgen);

+LCRYPTO_USED(PKCS12_gen_mac);

+LCRYPTO_USED(PKCS12_verify_mac);

+LCRYPTO_USED(PKCS12_set_mac);

+LCRYPTO_USED(PKCS12_setup_mac);

+LCRYPTO_USED(OPENSSL_asc2uni);

+LCRYPTO_USED(OPENSSL_uni2asc);

+LCRYPTO_USED(PKCS12_new);

+LCRYPTO_USED(PKCS12_free);

+LCRYPTO_USED(d2i_PKCS12);

+LCRYPTO_USED(i2d_PKCS12);

+LCRYPTO_USED(PKCS12_MAC_DATA_new);

+LCRYPTO_USED(PKCS12_MAC_DATA_free);

+LCRYPTO_USED(d2i_PKCS12_MAC_DATA);

+LCRYPTO_USED(i2d_PKCS12_MAC_DATA);

+LCRYPTO_USED(PKCS12_SAFEBAG_new);

+LCRYPTO_USED(PKCS12_SAFEBAG_free);

+LCRYPTO_USED(d2i_PKCS12_SAFEBAG);

+LCRYPTO_USED(i2d_PKCS12_SAFEBAG);

+LCRYPTO_USED(PKCS12_BAGS_new);

+LCRYPTO_USED(PKCS12_BAGS_free);

+LCRYPTO_USED(d2i_PKCS12_BAGS);

+LCRYPTO_USED(i2d_PKCS12_BAGS);

+LCRYPTO_USED(PKCS12_PBE_add);

+LCRYPTO_USED(PKCS12_parse);

+LCRYPTO_USED(PKCS12_create);

+LCRYPTO_USED(PKCS12_add_cert);

+LCRYPTO_USED(PKCS12_add_key);

+LCRYPTO_USED(PKCS12_add_safe);

+LCRYPTO_USED(PKCS12_add_safes);

+LCRYPTO_USED(i2d_PKCS12_bio);

+LCRYPTO_USED(i2d_PKCS12_fp);

+LCRYPTO_USED(d2i_PKCS12_bio);

+LCRYPTO_USED(d2i_PKCS12_fp);

+LCRYPTO_USED(PKCS12_newpass);

+LCRYPTO_USED(ERR_load_PKCS12_strings);

+#endif /* _LIBCRYPTO_PKCS12_H */

diff --git a/lib/libcrypto/pkcs12/p12_add.c b/lib/libcrypto/pkcs12/p12_add.c
index a7b8c1eaf89..66cb95b1dbf 100644
--- a/lib/libcrypto/pkcs12/p12_add.c
+++ b/lib/libcrypto/pkcs12/p12_add.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_add.c,v 1.20 2022/09/11 17:30:13 tb Exp $ */

+/* $OpenBSD: p12_add.c,v 1.21 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 1999.

@@ -90,6 +90,7 @@ PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid1, int nid2)

safebag->type = OBJ_nid2obj(nid2);

return safebag;

}

+LCRYPTO_ALIAS(PKCS12_item_pack_safebag)

/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */

PKCS7 *

@@ -117,6 +118,7 @@ err:

PKCS7_free(p7);

return NULL;

}

+LCRYPTO_ALIAS(PKCS12_pack_p7data)

/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */

STACK_OF(PKCS12_SAFEBAG) *

@@ -128,6 +130,7 @@ PKCS12_unpack_p7data(PKCS7 *p7)

}

return ASN1_item_unpack(p7->d.data, &PKCS12_SAFEBAGS_it);

}

+LCRYPTO_ALIAS(PKCS12_unpack_p7data)

/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */

@@ -174,6 +177,7 @@ err:

PKCS7_free(p7);

return NULL;

}

+LCRYPTO_ALIAS(PKCS12_pack_p7encdata)

STACK_OF(PKCS12_SAFEBAG) *

PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen)

@@ -184,12 +188,14 @@ PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen)

&PKCS12_SAFEBAGS_it, pass, passlen,

p7->d.encrypted->enc_data->enc_data, 1);

}

+LCRYPTO_ALIAS(PKCS12_unpack_p7encdata)

PKCS8_PRIV_KEY_INFO *

PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag, const char *pass, int passlen)

{

return PKCS8_decrypt(bag->value.shkeybag, pass, passlen);

}

+LCRYPTO_ALIAS(PKCS12_decrypt_skey)

int

PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes)

@@ -199,6 +205,7 @@ PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes)

return 1;

return 0;

}

+LCRYPTO_ALIAS(PKCS12_pack_authsafes)

STACK_OF(PKCS7) *

PKCS12_unpack_authsafes(const PKCS12 *p12)

@@ -210,3 +217,4 @@ PKCS12_unpack_authsafes(const PKCS12 *p12)

return ASN1_item_unpack(p12->authsafes->d.data,

&PKCS12_AUTHSAFES_it);

}

+LCRYPTO_ALIAS(PKCS12_unpack_authsafes)

diff --git a/lib/libcrypto/pkcs12/p12_asn.c b/lib/libcrypto/pkcs12/p12_asn.c
index f8239eac62b..c45482d5f13 100644
--- a/lib/libcrypto/pkcs12/p12_asn.c
+++ b/lib/libcrypto/pkcs12/p12_asn.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_asn.c,v 1.12 2022/08/20 09:16:18 tb Exp $ */

+/* $OpenBSD: p12_asn.c,v 1.13 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 1999.

@@ -106,24 +106,28 @@ d2i_PKCS12(PKCS12 **a, const unsigned char **in, long len)

return (PKCS12 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,

&PKCS12_it);

}

+LCRYPTO_ALIAS(d2i_PKCS12)

int

i2d_PKCS12(PKCS12 *a, unsigned char **out)

{

return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_it);

}

+LCRYPTO_ALIAS(i2d_PKCS12)

PKCS12 *

PKCS12_new(void)

{

return (PKCS12 *)ASN1_item_new(&PKCS12_it);

}

+LCRYPTO_ALIAS(PKCS12_new)

void

PKCS12_free(PKCS12 *a)

{

ASN1_item_free((ASN1_VALUE *)a, &PKCS12_it);

}

+LCRYPTO_ALIAS(PKCS12_free)

static const ASN1_TEMPLATE PKCS12_MAC_DATA_seq_tt[] = {

{

@@ -166,24 +170,28 @@ d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, const unsigned char **in, long len)

return (PKCS12_MAC_DATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,

&PKCS12_MAC_DATA_it);

}

+LCRYPTO_ALIAS(d2i_PKCS12_MAC_DATA)

int

i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **out)

{

return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_MAC_DATA_it);

}

+LCRYPTO_ALIAS(i2d_PKCS12_MAC_DATA)

PKCS12_MAC_DATA *

PKCS12_MAC_DATA_new(void)

{

return (PKCS12_MAC_DATA *)ASN1_item_new(&PKCS12_MAC_DATA_it);

}

+LCRYPTO_ALIAS(PKCS12_MAC_DATA_new)

void

PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a)

{

ASN1_item_free((ASN1_VALUE *)a, &PKCS12_MAC_DATA_it);

}

+LCRYPTO_ALIAS(PKCS12_MAC_DATA_free)

static const ASN1_TEMPLATE bag_default_tt = {

.flags = ASN1_TFLG_EXPLICIT,

@@ -272,24 +280,28 @@ d2i_PKCS12_BAGS(PKCS12_BAGS **a, const unsigned char **in, long len)

return (PKCS12_BAGS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,

&PKCS12_BAGS_it);

}

+LCRYPTO_ALIAS(d2i_PKCS12_BAGS)

int

i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **out)

{

return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_BAGS_it);

}

+LCRYPTO_ALIAS(i2d_PKCS12_BAGS)

PKCS12_BAGS *

PKCS12_BAGS_new(void)

{

return (PKCS12_BAGS *)ASN1_item_new(&PKCS12_BAGS_it);

}

+LCRYPTO_ALIAS(PKCS12_BAGS_new)

void

PKCS12_BAGS_free(PKCS12_BAGS *a)

{

ASN1_item_free((ASN1_VALUE *)a, &PKCS12_BAGS_it);

}

+LCRYPTO_ALIAS(PKCS12_BAGS_free)

static const ASN1_TEMPLATE safebag_default_tt = {

.flags = ASN1_TFLG_EXPLICIT,

@@ -417,24 +429,28 @@ d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, const unsigned char **in, long len)

return (PKCS12_SAFEBAG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,

&PKCS12_SAFEBAG_it);

}

+LCRYPTO_ALIAS(d2i_PKCS12_SAFEBAG)

int

i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **out)

{

return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_SAFEBAG_it);

}

+LCRYPTO_ALIAS(i2d_PKCS12_SAFEBAG)

PKCS12_SAFEBAG *

PKCS12_SAFEBAG_new(void)

{

return (PKCS12_SAFEBAG *)ASN1_item_new(&PKCS12_SAFEBAG_it);

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_new)

void

PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a)

{

ASN1_item_free((ASN1_VALUE *)a, &PKCS12_SAFEBAG_it);

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_free)

/* SEQUENCE OF SafeBag */

static const ASN1_TEMPLATE PKCS12_SAFEBAGS_item_tt = {

@@ -473,4 +489,3 @@ const ASN1_ITEM PKCS12_AUTHSAFES_it = {

.size = 0,

.sname = "PKCS12_AUTHSAFES",

};

diff --git a/lib/libcrypto/pkcs12/p12_attr.c b/lib/libcrypto/pkcs12/p12_attr.c
index 989a1476c2b..f8721272647 100644
--- a/lib/libcrypto/pkcs12/p12_attr.c
+++ b/lib/libcrypto/pkcs12/p12_attr.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_attr.c,v 1.17 2022/08/20 09:16:18 tb Exp $ */

+/* $OpenBSD: p12_attr.c,v 1.18 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 1999.

@@ -74,6 +74,7 @@ PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)

else

return 0;

}

+LCRYPTO_ALIAS(PKCS12_add_localkeyid)

/* Add key usage to PKCS#8 structure */

@@ -85,6 +86,7 @@ PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)

return PKCS8_pkey_add1_attr_by_NID(p8, NID_key_usage, V_ASN1_BIT_STRING,

&us_val, 1);

}

+LCRYPTO_ALIAS(PKCS8_add_keyusage)

/* Add a friendlyname to a safebag */

@@ -97,6 +99,7 @@ PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen)

else

return 0;

}

+LCRYPTO_ALIAS(PKCS12_add_friendlyname_asc)

int

@@ -109,6 +112,7 @@ PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name,

else

return 0;

}

+LCRYPTO_ALIAS(PKCS12_add_friendlyname_uni)

int

PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen)

@@ -119,6 +123,7 @@ PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen)

else

return 0;

}

+LCRYPTO_ALIAS(PKCS12_add_CSPName_asc)

ASN1_TYPE *

PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)

@@ -135,6 +140,7 @@ PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)

}

return NULL;

}

+LCRYPTO_ALIAS(PKCS12_get_attr_gen)

char *

PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag)

@@ -148,9 +154,11 @@ PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag)

return OPENSSL_uni2asc(atype->value.bmpstring->data,

atype->value.bmpstring->length);

}

+LCRYPTO_ALIAS(PKCS12_get_friendlyname)

const STACK_OF(X509_ATTRIBUTE) *

PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG *bag)

{

return bag->attrib;

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_attrs)

diff --git a/lib/libcrypto/pkcs12/p12_crpt.c b/lib/libcrypto/pkcs12/p12_crpt.c
index d21c9c178ab..63474621cb7 100644
--- a/lib/libcrypto/pkcs12/p12_crpt.c
+++ b/lib/libcrypto/pkcs12/p12_crpt.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_crpt.c,v 1.15 2021/07/09 14:07:59 tb Exp $ */

+/* $OpenBSD: p12_crpt.c,v 1.16 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 1999.

@@ -68,6 +68,7 @@ void

PKCS12_PBE_add(void)

{

}

+LCRYPTO_ALIAS(PKCS12_PBE_add)

int

PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,

@@ -119,3 +120,4 @@ PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,

explicit_bzero(iv, EVP_MAX_IV_LENGTH);

return ret;

}

+LCRYPTO_ALIAS(PKCS12_PBE_keyivgen)

diff --git a/lib/libcrypto/pkcs12/p12_crt.c b/lib/libcrypto/pkcs12/p12_crt.c
index 794b749fb8a..79e21d9b921 100644
--- a/lib/libcrypto/pkcs12/p12_crt.c
+++ b/lib/libcrypto/pkcs12/p12_crt.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_crt.c,v 1.20 2022/08/20 09:16:18 tb Exp $ */

+/* $OpenBSD: p12_crt.c,v 1.21 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project.

@@ -183,6 +183,7 @@ err:

sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);

return NULL;

}

+LCRYPTO_ALIAS(PKCS12_create)

PKCS12_SAFEBAG *

PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert)

@@ -220,6 +221,7 @@ err:

return NULL;

}

+LCRYPTO_ALIAS(PKCS12_add_cert)

PKCS12_SAFEBAG *

PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, int key_usage,

@@ -260,6 +262,7 @@ err:

return NULL;

}

+LCRYPTO_ALIAS(PKCS12_add_key)

int

PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,

@@ -303,6 +306,7 @@ err:

return 0;

}

+LCRYPTO_ALIAS(PKCS12_add_safe)

static int

pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag)

@@ -349,3 +353,4 @@ PKCS12_add_safes(STACK_OF(PKCS7) *safes, int nid_p7)

return p12;

}

+LCRYPTO_ALIAS(PKCS12_add_safes)

diff --git a/lib/libcrypto/pkcs12/p12_decr.c b/lib/libcrypto/pkcs12/p12_decr.c
index c352ba565c1..2ce5c23526a 100644
--- a/lib/libcrypto/pkcs12/p12_decr.c
+++ b/lib/libcrypto/pkcs12/p12_decr.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_decr.c,v 1.21 2021/12/12 21:30:14 tb Exp $ */

+/* $OpenBSD: p12_decr.c,v 1.22 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 1999.

@@ -116,6 +116,7 @@ err:

return out;

}

+LCRYPTO_ALIAS(PKCS12_pbe_crypt)

/* Decrypt an OCTET STRING and decode ASN1 structure

* if zbuf set zero buffer after use.

@@ -144,6 +145,7 @@ PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it,

free(out);

return ret;

}

+LCRYPTO_ALIAS(PKCS12_item_decrypt_d2i)

/* Encode ASN1 structure and encrypt, return OCTET STRING

* if zbuf set zero encoding.

@@ -182,5 +184,6 @@ err:

ASN1_OCTET_STRING_free(oct);

return NULL;

}

+LCRYPTO_ALIAS(PKCS12_item_i2d_encrypt)

IMPLEMENT_PKCS12_STACK_OF(PKCS7)

diff --git a/lib/libcrypto/pkcs12/p12_init.c b/lib/libcrypto/pkcs12/p12_init.c
index e305bde13aa..b865017c8d2 100644
--- a/lib/libcrypto/pkcs12/p12_init.c
+++ b/lib/libcrypto/pkcs12/p12_init.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_init.c,v 1.14 2022/08/20 09:16:18 tb Exp $ */

+/* $OpenBSD: p12_init.c,v 1.15 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 1999.

@@ -98,3 +98,4 @@ err:

PKCS12_free(pkcs12);

return NULL;

}

+LCRYPTO_ALIAS(PKCS12_init)

diff --git a/lib/libcrypto/pkcs12/p12_key.c b/lib/libcrypto/pkcs12/p12_key.c
index d226525b0e4..a122e76aab8 100644
--- a/lib/libcrypto/pkcs12/p12_key.c
+++ b/lib/libcrypto/pkcs12/p12_key.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_key.c,v 1.31 2022/07/30 11:27:06 tb Exp $ */

+/* $OpenBSD: p12_key.c,v 1.32 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 1999.

@@ -93,6 +93,7 @@ PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,

freezero(unipass, uniplen);

return ret;

}

+LCRYPTO_ALIAS(PKCS12_key_gen_asc)

int

PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,

@@ -193,3 +194,4 @@ PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,

return ret;

}

+LCRYPTO_ALIAS(PKCS12_key_gen_uni)

diff --git a/lib/libcrypto/pkcs12/p12_kiss.c b/lib/libcrypto/pkcs12/p12_kiss.c
index f7551856444..1cf2fa7d495 100644
--- a/lib/libcrypto/pkcs12/p12_kiss.c
+++ b/lib/libcrypto/pkcs12/p12_kiss.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_kiss.c,v 1.25 2022/08/20 09:16:18 tb Exp $ */

+/* $OpenBSD: p12_kiss.c,v 1.26 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 1999.

@@ -168,6 +168,7 @@ err:

return 0;

}

+LCRYPTO_ALIAS(PKCS12_parse)

/* Parse the outer PKCS#12 structure */

diff --git a/lib/libcrypto/pkcs12/p12_mutl.c b/lib/libcrypto/pkcs12/p12_mutl.c
index b1aafe9b8e2..68fb1b9e5d1 100644
--- a/lib/libcrypto/pkcs12/p12_mutl.c
+++ b/lib/libcrypto/pkcs12/p12_mutl.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_mutl.c,v 1.32 2022/08/20 09:16:18 tb Exp $ */

+/* $OpenBSD: p12_mutl.c,v 1.33 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 1999.

@@ -78,6 +78,7 @@ PKCS12_mac_present(const PKCS12 *p12)

{

return p12->mac != NULL;

}

+LCRYPTO_ALIAS(PKCS12_mac_present)

void

PKCS12_get0_mac(const ASN1_OCTET_STRING **pmac, const X509_ALGOR **pmacalg,

@@ -105,6 +106,7 @@ PKCS12_get0_mac(const ASN1_OCTET_STRING **pmac, const X509_ALGOR **pmacalg,

if (piter != NULL)

*piter = p12->mac->iter;

}

+LCRYPTO_ALIAS(PKCS12_get0_mac)

/* Generate a MAC */

int

@@ -167,6 +169,7 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,

return ret;

}

+LCRYPTO_ALIAS(PKCS12_gen_mac)

/* Verify the mac */

int

@@ -188,6 +191,7 @@ PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)

return 0;

return 1;

}

+LCRYPTO_ALIAS(PKCS12_verify_mac)

/* Set a mac */

@@ -215,6 +219,7 @@ PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char *salt,

}

return 1;

}

+LCRYPTO_ALIAS(PKCS12_set_mac)

/* Set up a mac structure */

int

@@ -254,4 +259,5 @@ PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,

return 1;

}

+LCRYPTO_ALIAS(PKCS12_setup_mac)

#endif

diff --git a/lib/libcrypto/pkcs12/p12_npas.c b/lib/libcrypto/pkcs12/p12_npas.c
index 7141e3ce88c..e920480952b 100644
--- a/lib/libcrypto/pkcs12/p12_npas.c
+++ b/lib/libcrypto/pkcs12/p12_npas.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_npas.c,v 1.15 2022/08/20 09:16:18 tb Exp $ */

+/* $OpenBSD: p12_npas.c,v 1.16 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 1999.

@@ -103,6 +103,7 @@ PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass)

return 1;

}

+LCRYPTO_ALIAS(PKCS12_newpass)

/* Parse the outer PKCS#12 structure */

diff --git a/lib/libcrypto/pkcs12/p12_p8d.c b/lib/libcrypto/pkcs12/p12_p8d.c
index ce1b28bc290..cd08cfa9f63 100644
--- a/lib/libcrypto/pkcs12/p12_p8d.c
+++ b/lib/libcrypto/pkcs12/p12_p8d.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_p8d.c,v 1.8 2021/11/01 20:53:08 tb Exp $ */

+/* $OpenBSD: p12_p8d.c,v 1.9 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 2001.

@@ -68,3 +68,4 @@ PKCS8_decrypt(const X509_SIG *p8, const char *pass, int passlen)

return PKCS12_item_decrypt_d2i(p8->algor,

&PKCS8_PRIV_KEY_INFO_it, pass, passlen, p8->digest, 1);

}

+LCRYPTO_ALIAS(PKCS8_decrypt)

diff --git a/lib/libcrypto/pkcs12/p12_p8e.c b/lib/libcrypto/pkcs12/p12_p8e.c
index 7f5f61d69f1..b823ec330e3 100644
--- a/lib/libcrypto/pkcs12/p12_p8e.c
+++ b/lib/libcrypto/pkcs12/p12_p8e.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_p8e.c,v 1.9 2021/11/01 20:53:08 tb Exp $ */

+/* $OpenBSD: p12_p8e.c,v 1.10 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 2001.

@@ -100,3 +100,4 @@ err:

X509_SIG_free(p8);

return NULL;

}

+LCRYPTO_ALIAS(PKCS8_encrypt)

diff --git a/lib/libcrypto/pkcs12/p12_sbag.c b/lib/libcrypto/pkcs12/p12_sbag.c
index cbcb02d23c4..db6e3c0af87 100644
--- a/lib/libcrypto/pkcs12/p12_sbag.c
+++ b/lib/libcrypto/pkcs12/p12_sbag.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_sbag.c,v 1.5 2022/08/20 09:16:18 tb Exp $ */

+/* $OpenBSD: p12_sbag.c,v 1.6 2022/11/12 13:03:28 beck Exp $ */

* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project

* 1999-2018.

@@ -70,12 +70,14 @@ PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG *bag, int attr_nid)

{

return PKCS12_get_attr_gen(bag->attrib, attr_nid);

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_attr)

ASN1_TYPE *

PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, int attr_nid)

{

return PKCS12_get_attr_gen(p8->attributes, attr_nid);

}

+LCRYPTO_ALIAS(PKCS8_get_attr)

const PKCS8_PRIV_KEY_INFO *

PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG *bag)

@@ -85,6 +87,7 @@ PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG *bag)

return bag->value.keybag;

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_p8inf)

const X509_SIG *

PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG *bag)

@@ -94,6 +97,7 @@ PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG *bag)

return bag->value.shkeybag;

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_pkcs8)

const STACK_OF(PKCS12_SAFEBAG) *

PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag)

@@ -103,18 +107,21 @@ PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag)

return bag->value.safes;

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_safes)

const ASN1_OBJECT *

PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG *bag)

{

return bag->type;

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_type)

int

PKCS12_SAFEBAG_get_nid(const PKCS12_SAFEBAG *bag)

{

return OBJ_obj2nid(bag->type);

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_get_nid)

int

PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag)

@@ -129,6 +136,7 @@ PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag)

return -1;

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_get_bag_nid)

X509 *

PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag)

@@ -139,6 +147,7 @@ PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag)

return NULL;

return ASN1_item_unpack(bag->value.bag->value.octet, &X509_it);

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_get1_cert)

X509_CRL *

PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag)

@@ -149,6 +158,7 @@ PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag)

return NULL;

return ASN1_item_unpack(bag->value.bag->value.octet, &X509_CRL_it);

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_get1_crl)

PKCS12_SAFEBAG *

PKCS12_SAFEBAG_create_cert(X509 *x509)

@@ -156,6 +166,7 @@ PKCS12_SAFEBAG_create_cert(X509 *x509)

return PKCS12_item_pack_safebag(x509, &X509_it,

NID_x509Certificate, NID_certBag);

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_create_cert)

PKCS12_SAFEBAG *

PKCS12_SAFEBAG_create_crl(X509_CRL *crl)

@@ -163,6 +174,7 @@ PKCS12_SAFEBAG_create_crl(X509_CRL *crl)

return PKCS12_item_pack_safebag(crl, &X509_CRL_it,

NID_x509Crl, NID_crlBag);

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_create_crl)

/* Turn PKCS8 object into a keybag */

@@ -181,6 +193,7 @@ PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8)

return bag;

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_create0_p8inf)

/* Turn PKCS8 object into a shrouded keybag */

@@ -200,6 +213,7 @@ PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8)

return bag;

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_create0_pkcs8)

PKCS12_SAFEBAG *

PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid, const char *pass, int passlen,

@@ -223,3 +237,4 @@ PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid, const char *pass, int passlen,

return bag;

}

+LCRYPTO_ALIAS(PKCS12_SAFEBAG_create_pkcs8_encrypt)

diff --git a/lib/libcrypto/pkcs12/p12_utl.c b/lib/libcrypto/pkcs12/p12_utl.c
index 4fe557f626d..0758e875ae7 100644
--- a/lib/libcrypto/pkcs12/p12_utl.c
+++ b/lib/libcrypto/pkcs12/p12_utl.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: p12_utl.c,v 1.19 2022/09/11 17:30:13 tb Exp $ */

+/* $OpenBSD: p12_utl.c,v 1.20 2022/11/12 13:03:28 beck Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

* project 1999.

@@ -100,6 +100,7 @@ OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen)

*uni = unitmp;

return unitmp;

}

+LCRYPTO_ALIAS(OPENSSL_asc2uni)

char *

OPENSSL_uni2asc(const unsigned char *uni, int unilen)

@@ -125,27 +126,32 @@ OPENSSL_uni2asc(const unsigned char *uni, int unilen)

asctmp[asclen - 1] = '\0';

return asctmp;

}

+LCRYPTO_ALIAS(OPENSSL_uni2asc)

int

i2d_PKCS12_bio(BIO *bp, PKCS12 *p12)

{

return ASN1_item_i2d_bio(&PKCS12_it, bp, p12);

}

+LCRYPTO_ALIAS(i2d_PKCS12_bio)

int

i2d_PKCS12_fp(FILE *fp, PKCS12 *p12)

{

return ASN1_item_i2d_fp(&PKCS12_it, fp, p12);

}

+LCRYPTO_ALIAS(i2d_PKCS12_fp)

PKCS12 *

d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)

{

return ASN1_item_d2i_bio(&PKCS12_it, bp, p12);

}

+LCRYPTO_ALIAS(d2i_PKCS12_bio)

PKCS12 *

d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)

{

return ASN1_item_d2i_fp(&PKCS12_it, fp, p12);

}

+LCRYPTO_ALIAS(d2i_PKCS12_fp)

diff --git a/lib/libcrypto/pkcs12/pk12err.c b/lib/libcrypto/pkcs12/pk12err.c
index 23166bfd591..7e9149288d7 100644
--- a/lib/libcrypto/pkcs12/pk12err.c
+++ b/lib/libcrypto/pkcs12/pk12err.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: pk12err.c,v 1.12 2022/07/12 14:42:50 kn Exp $ */

+/* $OpenBSD: pk12err.c,v 1.13 2022/11/12 13:03:28 beck Exp $ */

/* ====================================================================

@@ -108,3 +108,4 @@ ERR_load_PKCS12_strings(void)

}

#endif

}

+LCRYPTO_ALIAS(ERR_load_PKCS12_strings)