/*
- * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
# include <stdlib.h>
# include <string.h>
# include "apps.h"
+# include "progs.h"
# include <openssl/crypto.h>
# include <openssl/err.h>
# include <openssl/pem.h>
if (cpass != NULL) {
mpass = cpass;
noprompt = 1;
+ if (twopass) {
+ if (export_cert)
+ BIO_printf(bio_err, "Option -twopass cannot be used with -passout or -password\n");
+ else
+ BIO_printf(bio_err, "Option -twopass cannot be used with -passin or -password\n");
+ goto end;
+ }
} else {
cpass = pass;
mpass = macpass;
/* To avoid bit rot */
if (1) {
#ifndef OPENSSL_NO_UI_CONSOLE
- if (EVP_read_pw_string
- (macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
+ if (EVP_read_pw_string(
+ macpass, sizeof(macpass), "Enter MAC Password:", export_cert)) {
BIO_printf(bio_err, "Can't read Password\n");
goto end;
}
/* To avoid bit rot */
if (1) {
#ifndef OPENSSL_NO_UI_CONSOLE
- if (EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:",
- 1)) {
+ if (EVP_read_pw_string(pass, sizeof(pass),
+ "Enter Export Password:", 1)) {
BIO_printf(bio_err, "Can't read Password\n");
goto export_end;
}
if (!noprompt) {
if (1) {
#ifndef OPENSSL_NO_UI_CONSOLE
- if (EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:",
+ if (EVP_read_pw_string(pass, sizeof(pass), "Enter Import Password:",
0)) {
BIO_printf(bio_err, "Can't read Password\n");
goto end;
}
if (!twopass)
- OPENSSL_strlcpy(macpass, pass, sizeof macpass);
+ OPENSSL_strlcpy(macpass, pass, sizeof(macpass));
if ((options & INFO) && PKCS12_mac_present(p12)) {
const ASN1_INTEGER *tmaciter;
BIO_printf(bio_err, ", Iteration %ld, PRF %s",
ASN1_INTEGER_get(kdf->iter), OBJ_nid2sn(prfnid));
PBKDF2PARAM_free(kdf);
+#ifndef OPENSSL_NO_SCRYPT
+ } else if (pbenid == NID_id_scrypt) {
+ SCRYPT_PARAMS *kdf = NULL;
+
+ if (aparamtype == V_ASN1_SEQUENCE)
+ kdf = ASN1_item_unpack(aparam, ASN1_ITEM_rptr(SCRYPT_PARAMS));
+ if (kdf == NULL) {
+ BIO_puts(bio_err, ", <unsupported parameters>");
+ goto done;
+ }
+ BIO_printf(bio_err, ", Salt length: %d, Cost(N): %ld, "
+ "Block size(r): %ld, Paralelizm(p): %ld",
+ ASN1_STRING_length(kdf->salt),
+ ASN1_INTEGER_get(kdf->costParameter),
+ ASN1_INTEGER_get(kdf->blockSize),
+ ASN1_INTEGER_get(kdf->parallelizationParameter));
+ SCRYPT_PARAMS_free(kdf);
+#endif
}
PBE2PARAM_free(pbe2);
} else {