X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=apps%2Fpkcs12.c;h=c8fc452ec6d2e7baa5ac595e62d63c7902971e48;hb=32097b33bdff520d149ad6c8a11bd344e4ef764b;hp=c35f164041238431b7fc77708bfbf2863b8960b5;hpb=11a25d34549461ad6ddd61322ed3b54dd4c69686;p=openssl.git diff --git a/apps/pkcs12.c b/apps/pkcs12.c index c35f164041..c8fc452ec6 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -16,6 +16,7 @@ NON_EMPTY_TRANSLATION_UNIT # include # include # include "apps.h" +# include "progs.h" # include # include # include @@ -319,8 +320,8 @@ int pkcs12_main(int argc, char **argv) /* To avoid bit rot */ if (1) { #ifndef OPENSSL_NO_UI_CONSOLE - if (EVP_read_pw_string - (macpass, sizeof macpass, "Enter MAC Password:", export_cert)) { + if (EVP_read_pw_string( + macpass, sizeof(macpass), "Enter MAC Password:", export_cert)) { BIO_printf(bio_err, "Can't read Password\n"); goto end; } @@ -438,8 +439,8 @@ int pkcs12_main(int argc, char **argv) /* To avoid bit rot */ if (1) { #ifndef OPENSSL_NO_UI_CONSOLE - if (EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", - 1)) { + if (EVP_read_pw_string(pass, sizeof(pass), + "Enter Export Password:", 1)) { BIO_printf(bio_err, "Can't read Password\n"); goto export_end; } @@ -504,7 +505,7 @@ int pkcs12_main(int argc, char **argv) if (!noprompt) { if (1) { #ifndef OPENSSL_NO_UI_CONSOLE - if (EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", + if (EVP_read_pw_string(pass, sizeof(pass), "Enter Import Password:", 0)) { BIO_printf(bio_err, "Can't read Password\n"); goto end; @@ -517,7 +518,7 @@ int pkcs12_main(int argc, char **argv) } if (!twopass) - OPENSSL_strlcpy(macpass, pass, sizeof macpass); + OPENSSL_strlcpy(macpass, pass, sizeof(macpass)); if ((options & INFO) && PKCS12_mac_present(p12)) { const ASN1_INTEGER *tmaciter; @@ -530,9 +531,9 @@ int pkcs12_main(int argc, char **argv) /* current hash algorithms do not use parameters so extract just name, in future alg_print() may be needed */ X509_ALGOR_get0(&macobj, NULL, NULL, macalgid); - BIO_puts(bio_err, "MAC:"); + BIO_puts(bio_err, "MAC: "); i2a_ASN1_OBJECT(bio_err, macobj); - BIO_printf(bio_err, " Iteration %ld\n", + BIO_printf(bio_err, ", Iteration %ld\n", tmaciter != NULL ? ASN1_INTEGER_get(tmaciter) : 1L); BIO_printf(bio_err, "MAC length: %ld, salt length: %ld\n", tmac != NULL ? ASN1_STRING_length(tmac) : 0L, @@ -819,6 +820,24 @@ static int alg_print(const X509_ALGOR *alg) BIO_printf(bio_err, ", Iteration %ld, PRF %s", ASN1_INTEGER_get(kdf->iter), OBJ_nid2sn(prfnid)); PBKDF2PARAM_free(kdf); +#ifndef OPENSSL_NO_SCRYPT + } else if (pbenid == NID_id_scrypt) { + SCRYPT_PARAMS *kdf = NULL; + + if (aparamtype == V_ASN1_SEQUENCE) + kdf = ASN1_item_unpack(aparam, ASN1_ITEM_rptr(SCRYPT_PARAMS)); + if (kdf == NULL) { + BIO_puts(bio_err, ", "); + goto done; + } + BIO_printf(bio_err, ", Salt length: %d, Cost(N): %ld, " + "Block size(r): %ld, Paralelizm(p): %ld", + ASN1_STRING_length(kdf->salt), + ASN1_INTEGER_get(kdf->costParameter), + ASN1_INTEGER_get(kdf->blockSize), + ASN1_INTEGER_get(kdf->parallelizationParameter)); + SCRYPT_PARAMS_free(kdf); +#endif } PBE2PARAM_free(pbe2); } else {