static int
_parse_safe_contents (ASN1_TYPE sc, const char *sc_name,
gnutls_pkcs12_bag_t bag)
{
gnutls_datum_t content = { NULL, 0 };
int result;
/* Step 1. Extract the content.
*/
result = _gnutls_x509_read_value (sc, sc_name, &content, 1);
if (result < 0)
{
gnutls_assert ();
goto cleanup;
}
result = _pkcs12_decode_safe_contents (&content, bag);
if (result < 0)
{
gnutls_assert ();
goto cleanup;
}
_gnutls_free_datum (&content);
return 0;
cleanup:
_gnutls_free_datum (&content);
return result;
}
/**
* gnutls_pkcs12_bag_decrypt - This function will decrypt an encrypted bag
* @bag: The bag
* @pass: The password used for encryption. This can only be ASCII.
*
* This function will decrypt the given encrypted bag and return 0 on success.
*
**/
int
gnutls_pkcs12_bag_decrypt (gnutls_pkcs12_bag_t bag, const char *pass)
{
int ret;
gnutls_datum_t dec;
if (bag == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
if (bag->element[0].type != GNUTLS_BAG_ENCRYPTED)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
ret = _gnutls_pkcs7_decrypt_data (&bag->element[0].data, pass, &dec);
if (ret < 0)
{
gnutls_assert ();
return ret;
}
/* decryption succeeded. Now decode the SafeContents
* stuff, and parse it.
*/
_gnutls_free_datum (&bag->element[0].data);
ret = _pkcs12_decode_safe_contents (&dec, bag);
_gnutls_free_datum (&dec);
if (ret < 0)
{
gnutls_assert ();
return ret;
}
return 0;
}
