X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag) { if(M_PKCS12_bag_type(bag) != NID_crlBag) return NULL; if(M_PKCS12_cert_bag_type(bag) != NID_x509Crl) return NULL; return (X509_CRL *)ASN1_item_unpack(bag->value.bag->value.octet, ASN1_ITEM_rptr(X509_CRL)); }
X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag) { if (M_PKCS12_bag_type(bag) != NID_certBag) return NULL; if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate) return NULL; return ASN1_item_unpack(bag->value.bag->value.octet, ASN1_ITEM_rptr(X509)); }
static void add_from_bag(X509 **pX509, EVP_PKEY **pPkey, PKCS12_SAFEBAG *bag, const char *pw) { EVP_PKEY *pkey = NULL; X509 *x509 = NULL; PKCS8_PRIV_KEY_INFO *p8 = NULL; switch (M_PKCS12_bag_type(bag)) { case NID_keyBag: p8 = bag->value.keybag; pkey = EVP_PKCS82PKEY(p8); break; case NID_pkcs8ShroudedKeyBag: p8 = PKCS12_decrypt_skey(bag, pw, (int)strlen(pw)); if (p8) { pkey = EVP_PKCS82PKEY(p8); PKCS8_PRIV_KEY_INFO_free(p8); } break; case NID_certBag: if (M_PKCS12_cert_bag_type(bag) == NID_x509Certificate) x509 = PKCS12_certbag2x509(bag); break; case NID_safeContentsBag: add_from_bags(pX509, pPkey, bag->value.safes, pw); break; } if (pkey) { if (!*pPkey) *pPkey = pkey; else EVP_PKEY_free(pkey); } if (x509) { if (!*pX509) *pX509 = x509; else X509_free(x509); } }