From 1194ea8dc3b51a35c9947ed276f38436abee5743 Mon Sep 17 00:00:00 2001
From: Andy Polyakov <appro@openssl.org>
Date: Tue, 26 Jul 2016 16:42:41 +0200
Subject: crypto/pkcs12: facilitate accessing data with non-interoperable
 password.

Originally PKCS#12 subroutines treated password strings as ASCII.
It worked as long as they were pure ASCII, but if there were some
none-ASCII characters result was non-interoperable. But fixing it
poses problem accessing data protected with broken password. In
order to make asscess to old data possible add retry with old-style
password.

Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 include/openssl/pkcs12.h | 16 +++-------------
 1 file changed, 3 insertions(+), 13 deletions(-)

(limited to 'include')

diff --git a/include/openssl/pkcs12.h b/include/openssl/pkcs12.h
index 37e2847b3f..deaded9df9 100644
--- a/include/openssl/pkcs12.h
+++ b/include/openssl/pkcs12.h
@@ -30,19 +30,9 @@ extern "C" {
 
 # define PKCS12_SALT_LEN 8
 
-/* Uncomment out next line for unicode password and names, otherwise ASCII */
-
-/*
- * #define PBE_UNICODE
- */
-
-# ifdef PBE_UNICODE
-#  define PKCS12_key_gen PKCS12_key_gen_uni
-#  define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
-# else
-#  define PKCS12_key_gen PKCS12_key_gen_utf8
-#  define PKCS12_add_friendlyname PKCS12_add_friendlyname_utf8
-# endif
+/* It's not clear if these are actually needed... */
+# define PKCS12_key_gen PKCS12_key_gen_utf8
+# define PKCS12_add_friendlyname PKCS12_add_friendlyname_utf8
 
 /* MS key usage constants */
 
-- 
cgit v1.2.3