Fix various less obvious bugs in PKCS#7 handling: such as not zeroing

the secret key before we've encrypted it and using the right NID for RC2-64. Add various arguments to the experimental programs 'dec' and 'enc' to make testing less painful. This stuff has now been tested against Netscape Messenger and it can encrypt and decrypt S/MIME messages with RC2 (128, 64 and 40 bit) DES and triple DES. Its still experimental though...
author: Dr. Stephen Henson <steve@openssl.org> 1999-05-16 17:32:32 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 1999-05-16 17:32:32 +0000
commit: 1b266dabf5417e228d9e970d4f2923fec92fea1e (patch)
tree: 5d8452e6c93ec0b81379cf23aa8a74f82c1726f9 /apps/pkcs12.c
parent: f43c814917fea994234376b7c7538ad26b9c46bf (diff)
1 files changed, 1 insertions, 3 deletions
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 0fe519ff17..8ead8bc4aa 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -371,8 +371,6 @@ if (export_cert) {
 
 	if (canames) sk_free(canames);
 
-	/* if (!pmatch) ...?  What should happen here?  XXX */
-
 	if(!noprompt &&
 		EVP_read_pw_string(pass, 50, "Enter Export Password:", 1)) {
 	    BIO_printf (bio_err, "Can't read Password\n");
@@ -400,7 +398,7 @@ if (export_cert) {
 			cpass, -1, NULL, 0, iter, p8);
 	PKCS8_PRIV_KEY_INFO_free(p8);
         if (name) PKCS12_add_friendlyname (bag, name, -1);
-	PKCS12_add_localkeyid (bag, keyid, keyidlen);
+	if(!pmatch) PKCS12_add_localkeyid (bag, keyid, keyidlen);
 	bags = sk_new(NULL);
 	sk_push (bags, (char *)bag);
 	/* Turn it into unencrypted safe bag */
author	Dr. Stephen Henson <steve@openssl.org>	1999-05-16 17:32:32 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	1999-05-16 17:32:32 +0000
commit	1b266dabf5417e228d9e970d4f2923fec92fea1e (patch)
tree	5d8452e6c93ec0b81379cf23aa8a74f82c1726f9 /apps/pkcs12.c
parent	f43c814917fea994234376b7c7538ad26b9c46bf (diff)