- }
- if (topk8) {
- if(informat == FORMAT_PEM)
- pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, passin);
- else if(informat == FORMAT_ASN1)
- pkey = d2i_PrivateKey_bio(in, NULL);
- else {
- BIO_printf(bio_err, "Bad format specified for key\n");
- return (1);
- }
- if (!pkey) {
- BIO_printf(bio_err, "Error reading key\n", outfile);
- ERR_print_errors(bio_err);
- return (1);
- }
- BIO_free(in);
- if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken))) {
- BIO_printf(bio_err, "Error converting key\n", outfile);
- ERR_print_errors(bio_err);
- return (1);
- }
- if(nocrypt) {
- if(outformat == FORMAT_PEM)
- PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf);
- else if(outformat == FORMAT_ASN1)
- i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf);
- else {
- BIO_printf(bio_err, "Bad format specified for key\n");
- return (1);
- }
- } else {
- if(passout) p8pass = passout;
- else {
- p8pass = pass;
- EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1);
- }
- app_RAND_load_file(NULL, bio_err, 0);
- if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
- p8pass, strlen(p8pass),
- NULL, 0, iter, p8inf))) {
- BIO_printf(bio_err, "Error encrypting key\n",
- outfile);
- ERR_print_errors(bio_err);
- return (1);
- }
- app_RAND_write_file(NULL, bio_err);
- if(outformat == FORMAT_PEM)
- PEM_write_bio_PKCS8(out, p8);
- else if(outformat == FORMAT_ASN1)
- i2d_PKCS8_bio(out, p8);
- else {
- BIO_printf(bio_err, "Bad format specified for key\n");
- return (1);
- }
- X509_SIG_free(p8);
- }
- PKCS8_PRIV_KEY_INFO_free (p8inf);
- EVP_PKEY_free(pkey);
- BIO_free_all(out);
- if(passin) OPENSSL_free(passin);
- if(passout) OPENSSL_free(passout);
- return (0);
- }
-
- if(nocrypt) {
- if(informat == FORMAT_PEM)
- p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in,NULL,NULL, NULL);
- else if(informat == FORMAT_ASN1)
- p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL);
- else {
- BIO_printf(bio_err, "Bad format specified for key\n");
- return (1);
- }
- } else {
- if(informat == FORMAT_PEM)
- p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL);
- else if(informat == FORMAT_ASN1)
- p8 = d2i_PKCS8_bio(in, NULL);
- else {
- BIO_printf(bio_err, "Bad format specified for key\n");
- return (1);
- }
+ pbe = PKCS5_pbe2_set_iv(cipher, iter, NULL, 0, NULL,
+ pbe_nid);
+ } else {
+ pbe = PKCS5_pbe_set(pbe_nid, iter, NULL, 0);
+ }
+ if (pbe == NULL) {
+ BIO_printf(bio_err, "Error setting PBE algorithm\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (passout != NULL) {
+ p8pass = passout;
+ } else if (1) {
+ /* To avoid bit rot */
+#ifndef OPENSSL_NO_UI_CONSOLE
+ p8pass = pass;
+ if (EVP_read_pw_string
+ (pass, sizeof pass, "Enter Encryption Password:", 1)) {
+ X509_ALGOR_free(pbe);
+ goto end;
+ }
+ } else {
+#endif
+ BIO_printf(bio_err, "Password required\n");
+ goto end;
+ }
+ p8 = PKCS8_set0_pbe(p8pass, strlen(p8pass), p8inf, pbe);
+ if (p8 == NULL) {
+ X509_ALGOR_free(pbe);
+ BIO_printf(bio_err, "Error encrypting key\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ assert(private);
+ if (outformat == FORMAT_PEM)
+ PEM_write_bio_PKCS8(out, p8);
+ else if (outformat == FORMAT_ASN1)
+ i2d_PKCS8_bio(out, p8);
+ else {
+ BIO_printf(bio_err, "Bad format specified for key\n");
+ goto end;
+ }
+ }