openssl/crypto/pkcs12/p12_key.c

/*
 * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/pkcs12.h>
#include <openssl/bn.h>
#include <openssl/trace.h>
#include <openssl/kdf.h>
#include <openssl/core_names.h>
#include "internal/provider.h"

int PKCS12_key_gen_asc_ex(const char *pass, int passlen, unsigned char *salt,
                          int saltlen, int id, int iter, int n,
                          unsigned char *out, const EVP_MD *md_type,
                          OSSL_LIB_CTX *ctx, const char *propq)
{
    int ret;
    unsigned char *unipass;
    int uniplen;

    if (pass == NULL) {
        unipass = NULL;
        uniplen = 0;
    } else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {
        ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE);
        return 0;
    }
    ret = PKCS12_key_gen_uni_ex(unipass, uniplen, salt, saltlen, id, iter,
                                n, out, md_type, ctx, propq);
    OPENSSL_clear_free(unipass, uniplen);
    return ret > 0;
}

int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
                       int saltlen, int id, int iter, int n,
                       unsigned char *out, const EVP_MD *md_type)
{
    return PKCS12_key_gen_asc_ex(pass, passlen, salt, saltlen, id, iter, n,
                                  out, md_type, NULL, NULL);    
}

int PKCS12_key_gen_utf8_ex(const char *pass, int passlen, unsigned char *salt,
                           int saltlen, int id, int iter, int n,
                           unsigned char *out, const EVP_MD *md_type,
                           OSSL_LIB_CTX *ctx, const char *propq)
{
    int ret;
    unsigned char *unipass;
    int uniplen;

    if (pass == NULL) {
        unipass = NULL;
        uniplen = 0;
    } else if (!OPENSSL_utf82uni(pass, passlen, &unipass, &uniplen)) {
        ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE);
        return 0;
    }
    ret = PKCS12_key_gen_uni_ex(unipass, uniplen, salt, saltlen, id, iter,
                                n, out, md_type, ctx, propq);
    OPENSSL_clear_free(unipass, uniplen);
    return ret > 0;
}

int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt,
                        int saltlen, int id, int iter, int n,
                        unsigned char *out, const EVP_MD *md_type)
{
    return PKCS12_key_gen_utf8_ex(pass, passlen, salt, saltlen, id, iter, n,
                                  out, md_type, NULL, NULL);
}

int PKCS12_key_gen_uni_ex(unsigned char *pass, int passlen, unsigned char *salt,
                          int saltlen, int id, int iter, int n,
                          unsigned char *out, const EVP_MD *md_type,
                          OSSL_LIB_CTX *libctx, const char *propq)
{
    int res = 0;
    EVP_KDF *kdf;
    EVP_KDF_CTX *ctx;
    OSSL_PARAM params[6], *p = params;

    if (n <= 0)
        return 0;

    kdf = EVP_KDF_fetch(libctx, "PKCS12KDF", propq);
    if (kdf == NULL)
        return 0;
    ctx = EVP_KDF_CTX_new(kdf);
    EVP_KDF_free(kdf);
    if (ctx == NULL)
        return 0;

    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
                                            (char *)EVP_MD_get0_name(md_type),
                                            0);
    *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD,
                                             pass, passlen);
    *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
                                             salt, saltlen);
    *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_PKCS12_ID, &id);
    *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_ITER, &iter);
    *p = OSSL_PARAM_construct_end();

    OSSL_TRACE_BEGIN(PKCS12_KEYGEN) {
        BIO_printf(trc_out, "PKCS12_key_gen_uni_ex(): ID %d, ITER %d\n", id, iter);
        BIO_printf(trc_out, "Password (length %d):\n", passlen);
        BIO_hex_string(trc_out, 0, passlen, pass, passlen);
        BIO_printf(trc_out, "\n");
        BIO_printf(trc_out, "Salt (length %d):\n", saltlen);
        BIO_hex_string(trc_out, 0, saltlen, salt, saltlen);
        BIO_printf(trc_out, "\n");
    } OSSL_TRACE_END(PKCS12_KEYGEN);

    if (EVP_KDF_derive(ctx, out, (size_t)n, params)) {
        res = 1;
        OSSL_TRACE_BEGIN(PKCS12_KEYGEN) {
            BIO_printf(trc_out, "Output KEY (length %d)\n", n);
            BIO_hex_string(trc_out, 0, n, out, n);
            BIO_printf(trc_out, "\n");
        } OSSL_TRACE_END(PKCS12_KEYGEN);
    }
    EVP_KDF_CTX_free(ctx);
    return res;
}

int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
                       int saltlen, int id, int iter, int n,
                       unsigned char *out, const EVP_MD *md_type)
{
    return PKCS12_key_gen_uni_ex(pass, passlen, salt, saltlen, id, iter, n, out, md_type, NULL, NULL);
}
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`/*`
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512) 2021-03-11 21:27:36 +08:00			`* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.`
Yet more PKCS#12 integration: add lots of files under crypto/pkcs12 and add them to the build environment. 1999-03-29 07:17:34 +08:00			`*`
Following the license change, modify the boilerplates in crypto/pkcs12/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7808) 2018-12-06 20:49:51 +08:00			`* Licensed under the Apache License 2.0 (the "License"). You may not use`
Copyright consolidation 09/10 Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 02:52:22 +08:00			`* this file except in compliance with the License. You can obtain a copy`
			`* in the file LICENSE in the source distribution or at`
			`* https://www.openssl.org/source/license.html`
Yet more PKCS#12 integration: add lots of files under crypto/pkcs12 and add them to the build environment. 1999-03-29 07:17:34 +08:00			`*/`

			`#include <stdio.h>`
Identify and move common internal libcrypto header files There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and adapt the affected source code and Makefiles. The header files that got moved are: crypto/cryptolib.h crypto/md32_common.h Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-05-14 22:56:48 +08:00			`#include "internal/cryptlib.h"`
Change #include filenames from <foo.h> to <openssl.h>. Submitted by: Reviewed by: PR: 1999-04-24 06:13:45 +08:00			`#include <openssl/pkcs12.h>`
Deprecate the recursive includes of bn.h from various API headers (asn1.h, dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are already declared in ossl_typ.h. Add explicit includes for bn.h in those C files that need access to structure internals or API functions+macros. 2004-05-18 03:14:22 +08:00			`#include <openssl/bn.h>`
Adapt OPENSSL_DEBUG_KEYGEN to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8198) 2018-12-13 15:07:25 +08:00			`#include <openssl/trace.h>`
Move PKCS#12 KDF to provider. This KDF is defined in RFC7292 in appendix B. It is widely used in PKCS#12 and should be provided. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12624) 2020-08-11 08:29:02 +08:00			`#include <openssl/kdf.h>`
			`#include <openssl/core_names.h>`
			`#include "internal/provider.h"`
Yet more PKCS#12 integration: add lots of files under crypto/pkcs12 and add them to the build environment. 1999-03-29 07:17:34 +08:00
Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434) 2021-02-17 15:56:36 +08:00			`int PKCS12_key_gen_asc_ex(const char pass, int passlen, unsigned char salt,`
			`int saltlen, int id, int iter, int n,`
			`unsigned char out, const EVP_MD md_type,`
			`OSSL_LIB_CTX ctx, const char propq)`
Yet more PKCS#12 integration: add lots of files under crypto/pkcs12 and add them to the build environment. 1999-03-29 07:17:34 +08:00			`{`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`int ret;`
			`unsigned char *unipass;`
			`int uniplen;`
If we're going to return errors (no matter how stupid), then we should test for them! 2008-12-30 00:11:58 +08:00
Explicitly test against NULL; do not use !p or similar Also added blanks lines after declarations in a couple of places. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9916) 2019-09-17 03:28:57 +08:00			`if (pass == NULL) {`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`unipass = NULL;`
			`uniplen = 0;`
			`} else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {`
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318) 2020-11-04 19:23:19 +08:00			`ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE);`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`return 0;`
			`}`
Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434) 2021-02-17 15:56:36 +08:00			`ret = PKCS12_key_gen_uni_ex(unipass, uniplen, salt, saltlen, id, iter,`
			`n, out, md_type, ctx, propq);`
free cleanup almost the finale Add OPENSSL_clear_free which merges cleanse and free. (Names was picked to be similar to BN_clear_free, etc.) Removed OPENSSL_freeFunc macro. Fixed the small simple ones that are left: CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-05-01 05:57:32 +08:00			`OPENSSL_clear_free(unipass, uniplen);`
Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8} Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12639) 2020-08-12 23:37:50 +08:00			`return ret > 0;`
Yet more PKCS#12 integration: add lots of files under crypto/pkcs12 and add them to the build environment. 1999-03-29 07:17:34 +08:00			`}`

Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434) 2021-02-17 15:56:36 +08:00			`int PKCS12_key_gen_asc(const char pass, int passlen, unsigned char salt,`
			`int saltlen, int id, int iter, int n,`
			`unsigned char out, const EVP_MD md_type)`
			`{`
			`return PKCS12_key_gen_asc_ex(pass, passlen, salt, saltlen, id, iter, n,`
			`out, md_type, NULL, NULL);`
			`}`

			`int PKCS12_key_gen_utf8_ex(const char pass, int passlen, unsigned char salt,`
			`int saltlen, int id, int iter, int n,`
			`unsigned char out, const EVP_MD md_type,`
			`OSSL_LIB_CTX ctx, const char propq)`
crypto/pkcs12: add UTF8 support. Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-11-25 06:34:51 +08:00			`{`
			`int ret;`
			`unsigned char *unipass;`
			`int uniplen;`

Explicitly test against NULL; do not use !p or similar Also added blanks lines after declarations in a couple of places. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9916) 2019-09-17 03:28:57 +08:00			`if (pass == NULL) {`
crypto/pkcs12: add UTF8 support. Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-11-25 06:34:51 +08:00			`unipass = NULL;`
			`uniplen = 0;`
			`} else if (!OPENSSL_utf82uni(pass, passlen, &unipass, &uniplen)) {`
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318) 2020-11-04 19:23:19 +08:00			`ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE);`
crypto/pkcs12: add UTF8 support. Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-11-25 06:34:51 +08:00			`return 0;`
			`}`
Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434) 2021-02-17 15:56:36 +08:00			`ret = PKCS12_key_gen_uni_ex(unipass, uniplen, salt, saltlen, id, iter,`
			`n, out, md_type, ctx, propq);`
crypto/pkcs12: add UTF8 support. Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-11-25 06:34:51 +08:00			`OPENSSL_clear_free(unipass, uniplen);`
Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8} Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12639) 2020-08-12 23:37:50 +08:00			`return ret > 0;`
crypto/pkcs12: add UTF8 support. Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-11-25 06:34:51 +08:00			`}`

Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434) 2021-02-17 15:56:36 +08:00			`int PKCS12_key_gen_utf8(const char pass, int passlen, unsigned char salt,`
			`int saltlen, int id, int iter, int n,`
			`unsigned char out, const EVP_MD md_type)`
			`{`
			`return PKCS12_key_gen_utf8_ex(pass, passlen, salt, saltlen, id, iter, n,`
			`out, md_type, NULL, NULL);`
			`}`

			`int PKCS12_key_gen_uni_ex(unsigned char pass, int passlen, unsigned char salt,`
			`int saltlen, int id, int iter, int n,`
			`unsigned char out, const EVP_MD md_type,`
			`OSSL_LIB_CTX libctx, const char propq)`
Yet more PKCS#12 integration: add lots of files under crypto/pkcs12 and add them to the build environment. 1999-03-29 07:17:34 +08:00			`{`
Move PKCS#12 KDF to provider. This KDF is defined in RFC7292 in appendix B. It is widely used in PKCS#12 and should be provided. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12624) 2020-08-11 08:29:02 +08:00			`int res = 0;`
			`EVP_KDF *kdf;`
			`EVP_KDF_CTX *ctx;`
			`OSSL_PARAM params[6], *p = params;`

			`if (n <= 0)`
			`return 0;`
Check that a password was actually passed, or the user will just get mysterious crashes. 2000-03-08 06:35:27 +08:00
Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434) 2021-02-17 15:56:36 +08:00			`kdf = EVP_KDF_fetch(libctx, "PKCS12KDF", propq);`
Move PKCS#12 KDF to provider. This KDF is defined in RFC7292 in appendix B. It is widely used in PKCS#12 and should be provided. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12624) 2020-08-11 08:29:02 +08:00			`if (kdf == NULL)`
			`return 0;`
			`ctx = EVP_KDF_CTX_new(kdf);`
			`EVP_KDF_free(kdf);`
Adjust all accesses to EVP_MD_CTX to use accessor functions. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-11-27 21:02:12 +08:00			`if (ctx == NULL)`
Move PKCS#12 KDF to provider. This KDF is defined in RFC7292 in appendix B. It is widely used in PKCS#12 and should be provided. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12624) 2020-08-11 08:29:02 +08:00			`return 0;`

			`*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,`
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405) 2021-05-21 22:58:08 +08:00			`(char *)EVP_MD_get0_name(md_type),`
			`0);`
Move PKCS#12 KDF to provider. This KDF is defined in RFC7292 in appendix B. It is widely used in PKCS#12 and should be provided. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12624) 2020-08-11 08:29:02 +08:00			`*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD,`
			`pass, passlen);`
			`*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,`
			`salt, saltlen);`
			`*p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_PKCS12_ID, &id);`
			`*p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_ITER, &iter);`
			`*p = OSSL_PARAM_construct_end();`
Adjust all accesses to EVP_MD_CTX to use accessor functions. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-11-27 21:02:12 +08:00
Adapt OPENSSL_DEBUG_KEYGEN to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8198) 2018-12-13 15:07:25 +08:00			`OSSL_TRACE_BEGIN(PKCS12_KEYGEN) {`
Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434) 2021-02-17 15:56:36 +08:00			`BIO_printf(trc_out, "PKCS12_key_gen_uni_ex(): ID %d, ITER %d\n", id, iter);`
Adapt OPENSSL_DEBUG_KEYGEN to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8198) 2018-12-13 15:07:25 +08:00			`BIO_printf(trc_out, "Password (length %d):\n", passlen);`
			`BIO_hex_string(trc_out, 0, passlen, pass, passlen);`
			`BIO_printf(trc_out, "\n");`
			`BIO_printf(trc_out, "Salt (length %d):\n", saltlen);`
			`BIO_hex_string(trc_out, 0, saltlen, salt, saltlen);`
			`BIO_printf(trc_out, "\n");`
			`} OSSL_TRACE_END(PKCS12_KEYGEN);`
Simplify PKCS#12 PBE algorithm. Simplify PKCS#12 PBE algorithm by working out Ij + B + 1 directly instead of using BIGNUMs. Reviewed-by: Rich Salz <rsalz@openssl.org> 2016-10-02 04:19:41 +08:00
Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434) 2021-02-17 15:56:36 +08:00			`if (EVP_KDF_derive(ctx, out, (size_t)n, params)) {`
Move PKCS#12 KDF to provider. This KDF is defined in RFC7292 in appendix B. It is widely used in PKCS#12 and should be provided. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12624) 2020-08-11 08:29:02 +08:00			`res = 1;`
			`OSSL_TRACE_BEGIN(PKCS12_KEYGEN) {`
			`BIO_printf(trc_out, "Output KEY (length %d)\n", n);`
			`BIO_hex_string(trc_out, 0, n, out, n);`
			`BIO_printf(trc_out, "\n");`
			`} OSSL_TRACE_END(PKCS12_KEYGEN);`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`}`
Move PKCS#12 KDF to provider. This KDF is defined in RFC7292 in appendix B. It is widely used in PKCS#12 and should be provided. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12624) 2020-08-11 08:29:02 +08:00			`EVP_KDF_CTX_free(ctx);`
			`return res;`
Yet more PKCS#12 integration: add lots of files under crypto/pkcs12 and add them to the build environment. 1999-03-29 07:17:34 +08:00			`}`
Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434) 2021-02-17 15:56:36 +08:00
			`int PKCS12_key_gen_uni(unsigned char pass, int passlen, unsigned char salt,`
			`int saltlen, int id, int iter, int n,`
			`unsigned char out, const EVP_MD md_type)`
			`{`
			`return PKCS12_key_gen_uni_ex(pass, passlen, salt, saltlen, id, iter, n, out, md_type, NULL, NULL);`
			`}`