Changes between 0.9.8b and 0.9.9 [xx XXX xxxx]
+ *) New -macalg option to pkcs12 utility to allow setting of an alternative
+ digest MAC.
+ [Steve Henson]
+
*) Initial support for PKCS#5 v2.0 PRFs other than default SHA1 HMAC.
Reorganize PBE internals to lookup from a static table using NIDs,
add support for HMAC PBE OID translation. Add a EVP_CIPHER ctrl:
char *passargin = NULL, *passargout = NULL, *passarg = NULL;
char *passin = NULL, *passout = NULL;
char *inrand = NULL;
+ char *macalg = NULL;
char *CApath = NULL, *CAfile = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
maciter = 1;
else if (!strcmp (*args, "-nomac"))
maciter = -1;
+ else if (!strcmp (*args, "-macalg"))
+ if (args[1]) {
+ args++;
+ macalg = *args;
+ } else badarg = 1;
else if (!strcmp (*args, "-nodes")) enc=NULL;
else if (!strcmp (*args, "-certpbe")) {
if (!set_pbe(bio_err, &cert_pbe, *++args))
EVP_PKEY *key = NULL;
X509 *ucert = NULL, *x = NULL;
STACK_OF(X509) *certs=NULL;
+ const EVP_MD *macmd = NULL;
unsigned char *catmp = NULL;
int i;
goto export_end;
}
+ if (macalg)
+ {
+ macmd = EVP_get_digestbyname(macalg);
+ if (!macmd)
+ {
+ BIO_printf(bio_err, "Unknown digest algorithm %s\n",
+ macalg);
+ }
+ }
+
if (maciter != -1)
- PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, NULL);
+ PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd);
#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
projects / openssl.git / commitdiff