diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-05-21 10:50:19 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-05-21 11:30:34 +0100 |
commit | 8323996d99fabfdf274ee5d1f03dae102d179460 (patch) | |
tree | 138b8caac9116d4019ddfa4862bfce42166df208 /crypto | |
parent | ee14e33c3523e74089e524e0c0caf0d0242c6fa0 (diff) |
Fix for PKCS12_create if no-rc2 specified.
Use triple DES for certificate encryption if no-rc2 is
specified.
PR#3357
(cherry picked from commit 03b5b78c09fb10839a565f341cdc527c675e89ce)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/pkcs12/p12_crt.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c index 9522342fa5..3ef3be1c1e 100644 --- a/crypto/pkcs12/p12_crt.c +++ b/crypto/pkcs12/p12_crt.c @@ -100,7 +100,11 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; else #endif +#ifdef OPENSSL_NO_RC2 + nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; +#else nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; +#endif } if (!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; @@ -290,7 +294,11 @@ int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, free_safes = 0; if (nid_safe == 0) +#ifdef OPENSSL_NO_RC2 + nid_safe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; +#else nid_safe = NID_pbe_WithSHA1And40BitRC2_CBC; +#endif if (nid_safe == -1) p7 = PKCS12_pack_p7data(bags); |