Make pkcs8 work again.

author Dr. Stephen Henson <steve@openssl.org>

Tue, 22 Feb 2000 18:45:11 +0000 (18:45 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Tue, 22 Feb 2000 18:45:11 +0000 (18:45 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Tue, 22 Feb 2000 18:45:11 +0000 (18:45 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Tue, 22 Feb 2000 18:45:11 +0000 (18:45 +0000)
diff --git a/apps/pkcs8.c b/apps/pkcs8.c

index 9c031956c5f18dd05335911d49980e04bdb1510c..3e59b74124a2a9f615a6c3d93ef489a069945fa1 100644 (file)
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -83,7 +83,7 @@ int MAIN(int argc, char **argv)
         X509_SIG *p8;
         PKCS8_PRIV_KEY_INFO *p8inf;
         EVP_PKEY *pkey;
-       char pass[50], *passin = NULL, *passout = NULL;
+       char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
         int badarg = 0;
         if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
         informat=FORMAT_PEM;
@@ -226,18 +226,21 @@ int MAIN(int argc, char **argv)
                                 return (1);
                         }
                 } else {
-                       if(!passout) {
-                               passout = pass;
+                       if(passout) p8pass = passout;
+                       else {
+                               p8pass = pass;
                                 EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1);
                         }
+                       app_RAND_load_file(NULL, bio_err, 0);
                         if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
-                                       passout, strlen(passout),
+                                       p8pass, strlen(p8pass),
                                         NULL, 0, iter, p8inf))) {
                                 BIO_printf(bio_err, "Error encrypting key\n",
                                                                  outfile);
                                 ERR_print_errors(bio_err);
                                 return (1);
                         }
+                       app_RAND_write_file(NULL, bio_err);
                         if(outformat == FORMAT_PEM) 
                                 PEM_write_bio_PKCS8(out, p8);
                         else if(outformat == FORMAT_ASN1)
@@ -251,6 +254,8 @@ int MAIN(int argc, char **argv)
                 PKCS8_PRIV_KEY_INFO_free (p8inf);
                 EVP_PKEY_free(pkey);
                 BIO_free(out);
+               if(passin) Free(passin);
+               if(passout) Free(passout);
                 return (0);
         }
  
@@ -278,11 +283,12 @@ int MAIN(int argc, char **argv)
                         ERR_print_errors(bio_err);
                         return (1);
                 }
-               if(!passin) {
-                       passin = pass;
+               if(passin) p8pass = passin;
+               else {
+                       p8pass = pass;
                         EVP_read_pw_string(pass, 50, "Enter Password:", 0);
                 }
-               p8inf = M_PKCS8_decrypt(p8, passin, strlen(passin));
+               p8inf = M_PKCS8_decrypt(p8, p8pass, strlen(p8pass));
                 X509_SIG_free(p8);
         }
  
diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c

index 2f6a4c4518ed75068a3c3c3698f2b4a9ddb5ee6d..4ce06a94ab9d72dcc551f08a0c20de2c5857c849 100644 (file)
--- a/crypto/asn1/p5_pbev2.c
+++ b/crypto/asn1/p5_pbev2.c
@@ -178,12 +178,12 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
         ASN1_OBJECT *obj;
  
         alg_nid = EVP_CIPHER_type(cipher);
-       obj = OBJ_nid2obj(alg_nid);
-       if(!obj || !obj->data) {
+       if(alg_nid == NID_undef) {
                 ASN1err(ASN1_F_PKCS5_PBE2_SET,
                                 ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
                 goto err;
         }
+       obj = OBJ_nid2obj(alg_nid);
  
         if(!(pbe2 = PBE2PARAM_new())) goto merr;
  
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c

index 3f9bf55828aaa8000cb6534e0579cc4988bf4a7d..a431945ef5c4e7df70b9b0db1720d369d7661e8d 100644 (file)
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -115,6 +115,7 @@ int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
  int EVP_CIPHER_type(const EVP_CIPHER *ctx)
  {
         int nid;
+       ASN1_OBJECT *otmp;
         nid = EVP_CIPHER_nid(ctx);
  
         switch(nid) {
@@ -131,7 +132,10 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx)
                 return NID_rc4;
  
                 default:
-
+               /* Check it has an OID and it is valid */
+               otmp = OBJ_nid2obj(nid);
+               if(!otmp || !otmp->data) nid = NID_undef;
+               ASN1_OBJECT_free(otmp);
                 return nid;
         }
  }
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c

index 2012d7c87aa3bd9a1a0242808882f04d0279f8c3..45973fe8507cc3d08be0efeebea9446697873ac3 100644 (file)
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -456,11 +456,12 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
                 }
  
         /* Check cipher OID exists and has data in it*/
-       objtmp = OBJ_nid2obj(EVP_CIPHER_type(cipher));
-       if(!objtmp || !objtmp->data) {
+       i = EVP_CIPHER_type(cipher);
+       if(i == NID_undef) {
                 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
                 return(0);
         }
+       objtmp = OBJ_nid2obj(i);
  
         ec->cipher = cipher;
         return 1;
author	Dr. Stephen Henson <steve@openssl.org>
	Tue, 22 Feb 2000 18:45:11 +0000 (18:45 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Tue, 22 Feb 2000 18:45:11 +0000 (18:45 +0000)
apps/pkcs8.c		patch \| blob \| history
crypto/asn1/p5_pbev2.c		patch \| blob \| history
crypto/evp/evp_lib.c		patch \| blob \| history
crypto/pkcs7/pk7_lib.c		patch \| blob \| history