* project.
*/
/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
void hex_prin(BIO *out, unsigned char *buf, int len);
int alg_print(BIO *x, X509_ALGOR *alg);
int cert_load(BIO *in, STACK_OF(X509) *sk);
+static int set_pbe(BIO *err, int *ppbe, const char *str);
int MAIN(int, char **);
char *passargin = NULL, *passargout = NULL, *passarg = NULL;
char *passin = NULL, *passout = NULL;
char *inrand = NULL;
+ char *macalg = NULL;
char *CApath = NULL, *CAfile = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc();
else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc();
else if (!strcmp(*args,"-aes256")) enc=EVP_aes_256_cbc();
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+ else if (!strcmp(*args,"-camellia128")) enc=EVP_camellia_128_cbc();
+ else if (!strcmp(*args,"-camellia192")) enc=EVP_camellia_192_cbc();
+ else if (!strcmp(*args,"-camellia256")) enc=EVP_camellia_256_cbc();
#endif
else if (!strcmp (*args, "-noiter")) iter = 1;
else if (!strcmp (*args, "-maciter"))
maciter = 1;
else if (!strcmp (*args, "-nomac"))
maciter = -1;
+ else if (!strcmp (*args, "-macalg"))
+ if (args[1]) {
+ args++;
+ macalg = *args;
+ } else badarg = 1;
else if (!strcmp (*args, "-nodes")) enc=NULL;
else if (!strcmp (*args, "-certpbe")) {
- if (args[1]) {
- args++;
- if (!strcmp(*args, "NONE"))
- cert_pbe = -1;
- cert_pbe=OBJ_txt2nid(*args);
- if(cert_pbe == NID_undef) {
- BIO_printf(bio_err,
- "Unknown PBE algorithm %s\n", *args);
- badarg = 1;
- }
- } else badarg = 1;
+ if (!set_pbe(bio_err, &cert_pbe, *++args))
+ badarg = 1;
} else if (!strcmp (*args, "-keypbe")) {
- if (args[1]) {
- args++;
- if (!strcmp(*args, "NONE"))
- key_pbe = -1;
- else
- key_pbe=OBJ_txt2nid(*args);
- if(key_pbe == NID_undef) {
- BIO_printf(bio_err,
- "Unknown PBE algorithm %s\n", *args);
- badarg = 1;
- }
- } else badarg = 1;
+ if (!set_pbe(bio_err, &key_pbe, *++args))
+ badarg = 1;
} else if (!strcmp (*args, "-rand")) {
if (args[1]) {
args++;
#ifndef OPENSSL_NO_AES
BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
BIO_printf (bio_err, " encrypt PEM output with cbc aes\n");
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+ BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
+ BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n");
#endif
BIO_printf (bio_err, "-nodes don't encrypt private keys\n");
BIO_printf (bio_err, "-noiter don't use encryption iteration\n");
EVP_PKEY *key = NULL;
X509 *ucert = NULL, *x = NULL;
STACK_OF(X509) *certs=NULL;
+ const EVP_MD *macmd = NULL;
unsigned char *catmp = NULL;
int i;
goto export_end;
}
+ if (macalg)
+ {
+ macmd = EVP_get_digestbyname(macalg);
+ if (!macmd)
+ {
+ BIO_printf(bio_err, "Unknown digest algorithm %s\n",
+ macalg);
+ }
+ }
+
if (maciter != -1)
- PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, NULL);
+ PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd);
#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
*chain = chn;
err:
X509_STORE_CTX_cleanup(&store_ctx);
+ *chain = NULL;
return i;
}
PBEPARAM *pbe;
const unsigned char *p;
p = alg->parameter->value.sequence->data;
- pbe = d2i_PBEPARAM (NULL, &p, alg->parameter->value.sequence->length);
+ pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
+ if (!pbe)
+ return 1;
BIO_printf (bio_err, "%s, Iteration %ld\n",
OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),
ASN1_INTEGER_get(pbe->iter));
PBEPARAM_free (pbe);
- return 0;
+ return 1;
}
/* Load all certificates from a given file */
for (i = 0; i < len; i++) BIO_printf (out, "%02X ", buf[i]);
}
+static int set_pbe(BIO *err, int *ppbe, const char *str)
+ {
+ if (!str)
+ return 0;
+ if (!strcmp(str, "NONE"))
+ {
+ *ppbe = -1;
+ return 1;
+ }
+ *ppbe=OBJ_txt2nid(str);
+ if (*ppbe == NID_undef)
+ {
+ BIO_printf(bio_err, "Unknown PBE algorithm %s\n", str);
+ return 0;
+ }
+ return 1;
+ }
+
#endif