1 files changed, 32 insertions, 12 deletions

diff --git a/crypto/pkcs12/p12_p8e.c b/crypto/pkcs12/p12_p8e.c
index d98a1d66c2..ac2c7ef537 100644
--- a/crypto/pkcs12/p12_p8e.c
+++ b/crypto/pkcs12/p12_p8e.c
@@ -9,30 +9,34 @@
 
 #include <stdio.h>
 #include "internal/cryptlib.h"
+#include <openssl/core.h>
 #include <openssl/pkcs12.h>
 #include "crypto/x509.h"
 
-X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
-                        const char *pass, int passlen,
-                        unsigned char *salt, int saltlen, int iter,
-                        PKCS8_PRIV_KEY_INFO *p8inf)
+X509_SIG *PKCS8_encrypt_ex(int pbe_nid, const EVP_CIPHER *cipher,
+                           const char *pass, int passlen,
+                           unsigned char *salt, int saltlen, int iter,
+                           PKCS8_PRIV_KEY_INFO *p8inf,
+                           OSSL_LIB_CTX *libctx, const char *propq)
 {
     X509_SIG *p8 = NULL;
     X509_ALGOR *pbe;
 
     if (pbe_nid == -1)
-        pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
+        pbe = PKCS5_pbe2_set_iv_ex(cipher, iter, salt, saltlen, NULL, -1,
+                                   libctx);
     else if (EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0))
-        pbe = PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, pbe_nid);
+        pbe = PKCS5_pbe2_set_iv_ex(cipher, iter, salt, saltlen, NULL, pbe_nid,
+                                   libctx);
     else {
         ERR_clear_error();
-        pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
+        pbe = PKCS5_pbe_set_ex(pbe_nid, iter, salt, saltlen, libctx);
     }
     if (pbe == NULL) {
         ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB);
         return NULL;
     }
-    p8 = PKCS8_set0_pbe(pass, passlen, p8inf, pbe);
+    p8 = PKCS8_set0_pbe_ex(pass, passlen, p8inf, pbe, libctx, propq);
     if (p8 == NULL) {
         X509_ALGOR_free(pbe);
         return NULL;
@@ -41,15 +45,25 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
     return p8;
 }
 
-X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen,
-                         PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe)
+X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
+                        const char *pass, int passlen,
+                        unsigned char *salt, int saltlen, int iter,
+                        PKCS8_PRIV_KEY_INFO *p8inf)
+{
+    return PKCS8_encrypt_ex(pbe_nid, cipher, pass, passlen, salt, saltlen, iter,
+                            p8inf, NULL, NULL);
+}
+
+X509_SIG *PKCS8_set0_pbe_ex(const char *pass, int passlen,
+                            PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe,
+                            OSSL_LIB_CTX *ctx, const char *propq)
 {
     X509_SIG *p8;
     ASN1_OCTET_STRING *enckey;
 
     enckey =
-        PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO),
-                                pass, passlen, p8inf, 1);
+        PKCS12_item_i2d_encrypt_ex(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO),
+                                   pass, passlen, p8inf, 1, ctx, propq);
     if (!enckey) {
         ERR_raise(ERR_LIB_PKCS12, PKCS12_R_ENCRYPT_ERROR);
         return NULL;
@@ -67,3 +81,9 @@ X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen,
 
     return p8;
 }
+
+X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen,
+                         PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe)
+{
+    return PKCS8_set0_pbe_ex(pass, passlen, p8inf, pbe, NULL, NULL);
+}