diff options
author | Ibrahim M. Ghazal <imgx64@gmail.com> | 2019-12-24 21:39:55 +0300 |
---|---|---|
committer | Ibrahim M. Ghazal <imgx64@gmail.com> | 2020-01-02 18:28:22 +0300 |
commit | 1fdde9170cbe36c9cd7bf9dc712836f591f7d511 (patch) | |
tree | abbfa239f9d2f092597f078440729952f0037a65 /apps | |
parent | e7b834b6bb0a32be694ebc8e614247c9af735c0f (diff) |
Add -iter option to pkcs12 command
Fixes #8194
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10130)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/pkcs12.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 96e142ff81..5eff88b644 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -53,7 +53,7 @@ typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_CIPHER, OPT_NOKEYS, OPT_KEYEX, OPT_KEYSIG, OPT_NOCERTS, OPT_CLCERTS, OPT_CACERTS, OPT_NOOUT, OPT_INFO, OPT_CHAIN, OPT_TWOPASS, OPT_NOMACVER, - OPT_DESCERT, OPT_EXPORT, OPT_NOITER, OPT_MACITER, OPT_NOMACITER, + OPT_DESCERT, OPT_EXPORT, OPT_ITER, OPT_NOITER, OPT_MACITER, OPT_NOMACITER, OPT_NOMAC, OPT_LMK, OPT_NODES, OPT_MACALG, OPT_CERTPBE, OPT_KEYPBE, OPT_INKEY, OPT_CERTFILE, OPT_NAME, OPT_CSP, OPT_CANAME, OPT_IN, OPT_OUT, OPT_PASSIN, OPT_PASSOUT, OPT_PASSWORD, OPT_CAPATH, @@ -121,8 +121,9 @@ const OPTIONS pkcs12_options[] = { {"descert", OPT_DESCERT, '-', "Encrypt output with 3DES (the default)"}, {"certpbe", OPT_CERTPBE, 's', "Certificate PBE algorithm (default 3DES)"}, # endif - {"noiter", OPT_NOITER, '-', "Don't use encryption iteration"}, - {"maciter", OPT_MACITER, '-', "Use MAC iteration"}, + {"iter", OPT_ITER, 'p', "Specify the iteration count for encryption key and MAC"}, + {"noiter", OPT_NOITER, '-', "Don't use encryption key iteration"}, + {"maciter", OPT_MACITER, '-', "Unused, kept for backwards compatibility"}, {"nomaciter", OPT_NOMACITER, '-', "Don't use MAC iteration"}, {"nomac", OPT_NOMAC, '-', "Don't generate MAC"}, {"nodes", OPT_NODES, '-', "Don't encrypt private keys"}, @@ -214,11 +215,16 @@ int pkcs12_main(int argc, char **argv) if (!opt_cipher(opt_unknown(), &enc)) goto opthelp; break; + case OPT_ITER: + if (!opt_int(opt_arg(), &iter)) + goto opthelp; + maciter = iter; + break; case OPT_NOITER: iter = 1; break; case OPT_MACITER: - maciter = PKCS12_DEFAULT_ITER; + /* no-op */ break; case OPT_NOMACITER: maciter = 1; |