diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 1999-06-08 00:09:51 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 1999-06-08 00:09:51 +0000 |
| commit | 8eb57af5fed7a133cdb2a968081c355249c00b98 (patch) | |
| tree | 90c43c1df2e1c3ef81f4c6f4643ba8b561830aad /apps/pkcs8.c | |
| parent | 1aad3392e531aa9d32583b435ba4f0b296ee4d27 (diff) | |
Complete support for PKCS#5 v2.0. Still needs extensive testing.
Diffstat (limited to 'apps/pkcs8.c')
| -rw-r--r-- | apps/pkcs8.c | 29 |
1 files changed, 25 insertions, 4 deletions
diff --git a/apps/pkcs8.c b/apps/pkcs8.c index 42d6ba437c..9779081734 100644 --- a/apps/pkcs8.c +++ b/apps/pkcs8.c @@ -71,6 +71,7 @@ int MAIN(int argc, char **argv) BIO *in = NULL, *out = NULL; int topk8 = 0; int pbe_nid = -1; + const EVP_CIPHER *cipher = NULL; int iter = PKCS12_DEFAULT_ITER; int informat, outformat; int p8_broken = PKCS8_OK; @@ -87,7 +88,17 @@ int MAIN(int argc, char **argv) SSLeay_add_all_algorithms(); args = argv + 1; while (!badarg && *args && *args[0] == '-') { - if (!strcmp(*args,"-inform")) { + if (!strcmp(*args,"-v2")) { + if (args[1]) { + args++; + cipher=EVP_get_cipherbyname(*args); + if(!cipher) { + BIO_printf(bio_err, + "Unknown cipher %s\n", *args); + badarg = 1; + } + } else badarg = 1; + } else if (!strcmp(*args,"-inform")) { if (args[1]) { args++; informat=str2fmt(*args); @@ -126,10 +137,11 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "-nooct use (broken) no octet form\n"); BIO_printf (bio_err, "-noiter use 1 as iteration count\n"); BIO_printf (bio_err, "-nocrypt use or expect unencrypted private key\n"); + BIO_printf (bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n"); return (1); } - if (pbe_nid == -1) pbe_nid = NID_pbeWithMD5AndDES_CBC; + if ((pbe_nid == -1) && !cipher) pbe_nid = NID_pbeWithMD5AndDES_CBC; if (infile) { if (!(in = BIO_new_file (infile, "rb"))) { @@ -153,6 +165,7 @@ int MAIN(int argc, char **argv) ERR_print_errors(bio_err); return (1); } + BIO_free(in); if (!(p8inf = EVP_PKEY2PKCS8(pkey))) { BIO_printf (bio_err, "Error converting key\n", outfile); ERR_print_errors(bio_err); @@ -170,8 +183,9 @@ int MAIN(int argc, char **argv) } } else { EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1); - if (!(p8 = PKCS8_encrypt(pbe_nid, pass, strlen(pass), - NULL, 0, iter, p8inf))) { + if (!(p8 = PKCS8_encrypt(pbe_nid, cipher, + pass, strlen(pass), + NULL, 0, iter, p8inf))) { BIO_printf (bio_err, "Error encrypting key\n", outfile); ERR_print_errors(bio_err); @@ -188,6 +202,8 @@ int MAIN(int argc, char **argv) X509_SIG_free(p8); } PKCS8_PRIV_KEY_INFO_free (p8inf); + EVP_PKEY_free(pkey); + BIO_free(out); return (0); } @@ -217,6 +233,7 @@ int MAIN(int argc, char **argv) } EVP_read_pw_string(pass, 50, "Enter Password:", 0); p8inf = M_PKCS8_decrypt(p8, pass, strlen(pass)); + X509_SIG_free(p8); } if (!p8inf) { @@ -248,5 +265,9 @@ int MAIN(int argc, char **argv) PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL); + EVP_PKEY_free(pkey); + BIO_free(out); + BIO_free(in); + return (0); } |