/* pkcs12.c */
-#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
-
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
* project.
*/
*
*/
+#include <openssl/opensslconf.h>
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, char *pass,
int passlen, int options, char *pempass);
int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options, char *pempass);
-int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name);
+int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,const char *name);
void hex_prin(BIO *out, unsigned char *buf, int len);
int alg_print(BIO *x, X509_ALGOR *alg);
int cert_load(BIO *in, STACK_OF(X509) *sk);
+static int set_pbe(BIO *err, int *ppbe, const char *str);
int MAIN(int, char **);
maciter = -1;
else if (!strcmp (*args, "-nodes")) enc=NULL;
else if (!strcmp (*args, "-certpbe")) {
- if (args[1]) {
- args++;
- if (!strcmp(*args, "NONE"))
- cert_pbe = -1;
- cert_pbe=OBJ_txt2nid(*args);
- if(cert_pbe == NID_undef) {
- BIO_printf(bio_err,
- "Unknown PBE algorithm %s\n", *args);
- badarg = 1;
- }
- } else badarg = 1;
+ if (!set_pbe(bio_err, &cert_pbe, *++args))
+ badarg = 1;
} else if (!strcmp (*args, "-keypbe")) {
- if (args[1]) {
- args++;
- if (!strcmp(*args, "NONE"))
- key_pbe = -1;
- else
- key_pbe=OBJ_txt2nid(*args);
- if(key_pbe == NID_undef) {
- BIO_printf(bio_err,
- "Unknown PBE algorithm %s\n", *args);
- badarg = 1;
- }
- } else badarg = 1;
+ if (!set_pbe(bio_err, &key_pbe, *++args))
+ badarg = 1;
} else if (!strcmp (*args, "-rand")) {
if (args[1]) {
args++;
catmp = (unsigned char *)sk_value(canames, i);
X509_alias_set1(sk_X509_value(certs, i), catmp, -1);
}
+
+ if (csp_name && key)
+ EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name,
+ MBSTRING_ASC, (unsigned char *)csp_name, -1);
#ifdef CRYPTO_MDEBUG
CRYPTO_push_info("verify MAC");
#endif
/* If we enter empty password try no password first */
- if(!macpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
+ if(!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
/* If mac and crypto pass the same set it to NULL too */
if(!twopass) cpass = NULL;
} else if (!PKCS12_verify_mac(p12, mpass, -1)) {
PBEPARAM *pbe;
const unsigned char *p;
p = alg->parameter->value.sequence->data;
- pbe = d2i_PBEPARAM (NULL, &p, alg->parameter->value.sequence->length);
+ pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
+ if (!pbe)
+ return 1;
BIO_printf (bio_err, "%s, Iteration %ld\n",
OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),
ASN1_INTEGER_get(pbe->iter));
PBEPARAM_free (pbe);
- return 0;
+ return 1;
}
/* Load all certificates from a given file */
/* Generalised attribute print: handle PKCS#8 and bag attributes */
-int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name)
+int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,const char *name)
{
X509_ATTRIBUTE *attr;
ASN1_TYPE *av;
for (i = 0; i < len; i++) BIO_printf (out, "%02X ", buf[i]);
}
+static int set_pbe(BIO *err, int *ppbe, const char *str)
+ {
+ if (!str)
+ return 0;
+ if (!strcmp(str, "NONE"))
+ {
+ *ppbe = -1;
+ return 1;
+ }
+ *ppbe=OBJ_txt2nid(str);
+ if (*ppbe == NID_undef)
+ {
+ BIO_printf(bio_err, "Unknown PBE algorithm %s\n", str);
+ return 0;
+ }
+ return 1;
+ }
+
#endif
projects / openssl.git / blobdiff