version 1.18, 2022/03/28 11:02:49 |
version 1.19, 2022/04/28 15:29:10 |
|
|
goto end; |
goto end; |
} |
} |
|
|
if (pkcs12_config.passarg) { |
if (pkcs12_config.passarg != NULL) { |
if (pkcs12_config.export_cert) |
if (pkcs12_config.export_cert) |
pkcs12_config.passargout = pkcs12_config.passarg; |
pkcs12_config.passargout = pkcs12_config.passarg; |
else |
else |
|
|
BIO_printf(bio_err, "Error getting passwords\n"); |
BIO_printf(bio_err, "Error getting passwords\n"); |
goto end; |
goto end; |
} |
} |
if (!cpass) { |
if (cpass == NULL) { |
if (pkcs12_config.export_cert) |
if (pkcs12_config.export_cert) |
cpass = passout; |
cpass = passout; |
else |
else |
cpass = passin; |
cpass = passin; |
} |
} |
if (cpass) { |
if (cpass != NULL) { |
mpass = cpass; |
mpass = cpass; |
pkcs12_config.noprompt = 1; |
pkcs12_config.noprompt = 1; |
} else { |
} else { |
|
|
mpass = macpass; |
mpass = macpass; |
} |
} |
|
|
if (!pkcs12_config.infile) |
if (pkcs12_config.infile == NULL) |
in = BIO_new_fp(stdin, BIO_NOCLOSE); |
in = BIO_new_fp(stdin, BIO_NOCLOSE); |
else |
else |
in = BIO_new_file(pkcs12_config.infile, "rb"); |
in = BIO_new_file(pkcs12_config.infile, "rb"); |
if (!in) { |
if (in == NULL) { |
BIO_printf(bio_err, "Error opening input file %s\n", |
BIO_printf(bio_err, "Error opening input file %s\n", |
pkcs12_config.infile ? pkcs12_config.infile : "<stdin>"); |
pkcs12_config.infile ? pkcs12_config.infile : "<stdin>"); |
perror(pkcs12_config.infile); |
perror(pkcs12_config.infile); |
goto end; |
goto end; |
} |
} |
|
|
if (!pkcs12_config.outfile) { |
if (pkcs12_config.outfile == NULL) { |
out = BIO_new_fp(stdout, BIO_NOCLOSE); |
out = BIO_new_fp(stdout, BIO_NOCLOSE); |
} else |
} else |
out = BIO_new_file(pkcs12_config.outfile, "wb"); |
out = BIO_new_file(pkcs12_config.outfile, "wb"); |
if (!out) { |
if (out == NULL) { |
BIO_printf(bio_err, "Error opening output file %s\n", |
BIO_printf(bio_err, "Error opening output file %s\n", |
pkcs12_config.outfile ? pkcs12_config.outfile : "<stdout>"); |
pkcs12_config.outfile ? pkcs12_config.outfile : "<stdout>"); |
perror(pkcs12_config.outfile); |
perror(pkcs12_config.outfile); |
|
|
if (!(pkcs12_config.options & NOCERTS)) { |
if (!(pkcs12_config.options & NOCERTS)) { |
certs = load_certs(bio_err, pkcs12_config.infile, |
certs = load_certs(bio_err, pkcs12_config.infile, |
FORMAT_PEM, NULL, "certificates"); |
FORMAT_PEM, NULL, "certificates"); |
if (!certs) |
if (certs == NULL) |
goto export_end; |
goto export_end; |
|
|
if (key) { |
if (key != NULL) { |
/* Look for matching private key */ |
/* Look for matching private key */ |
for (i = 0; i < sk_X509_num(certs); i++) { |
for (i = 0; i < sk_X509_num(certs); i++) { |
x = sk_X509_value(certs, i); |
x = sk_X509_value(certs, i); |
|
|
break; |
break; |
} |
} |
} |
} |
if (!ucert) { |
if (ucert == NULL) { |
BIO_printf(bio_err, |
BIO_printf(bio_err, |
"No certificate matches private key\n"); |
"No certificate matches private key\n"); |
goto export_end; |
goto export_end; |
|
|
} |
} |
|
|
/* Add any more certificates asked for */ |
/* Add any more certificates asked for */ |
if (pkcs12_config.certfile) { |
if (pkcs12_config.certfile != NULL) { |
STACK_OF(X509) *morecerts = NULL; |
STACK_OF(X509) *morecerts = NULL; |
if (!(morecerts = load_certs(bio_err, |
if ((morecerts = load_certs(bio_err, |
pkcs12_config.certfile, FORMAT_PEM, NULL, |
pkcs12_config.certfile, FORMAT_PEM, NULL, |
"certificates from certfile"))) |
"certificates from certfile")) == NULL) |
goto export_end; |
goto export_end; |
while (sk_X509_num(morecerts) > 0) |
while (sk_X509_num(morecerts) > 0) |
sk_X509_push(certs, sk_X509_shift(morecerts)); |
sk_X509_push(certs, sk_X509_shift(morecerts)); |
|
|
int vret; |
int vret; |
STACK_OF(X509) *chain2; |
STACK_OF(X509) *chain2; |
X509_STORE *store = X509_STORE_new(); |
X509_STORE *store = X509_STORE_new(); |
if (!store) { |
if (store == NULL) { |
BIO_printf(bio_err, |
BIO_printf(bio_err, |
"Memory allocation error\n"); |
"Memory allocation error\n"); |
goto export_end; |
goto export_end; |
|
|
X509_alias_set1(sk_X509_value(certs, i), catmp, -1); |
X509_alias_set1(sk_X509_value(certs, i), catmp, -1); |
} |
} |
|
|
if (pkcs12_config.csp_name && key) |
if (pkcs12_config.csp_name != NULL && key != NULL) |
EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name, |
EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name, |
MBSTRING_ASC, |
MBSTRING_ASC, |
(unsigned char *) pkcs12_config.csp_name, -1); |
(unsigned char *) pkcs12_config.csp_name, -1); |
|
|
if (pkcs12_config.add_lmk && key) |
if (pkcs12_config.add_lmk && key != NULL) |
EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, |
EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, |
-1); |
-1); |
|
|
|
|
certs, pkcs12_config.key_pbe, pkcs12_config.cert_pbe, |
certs, pkcs12_config.key_pbe, pkcs12_config.cert_pbe, |
pkcs12_config.iter, -1, pkcs12_config.keytype); |
pkcs12_config.iter, -1, pkcs12_config.keytype); |
|
|
if (!p12) { |
if (p12 == NULL) { |
ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
goto export_end; |
goto export_end; |
} |
} |
if (pkcs12_config.macalg) { |
if (pkcs12_config.macalg != NULL) { |
macmd = EVP_get_digestbyname(pkcs12_config.macalg); |
macmd = EVP_get_digestbyname(pkcs12_config.macalg); |
if (!macmd) { |
if (macmd == NULL) { |
BIO_printf(bio_err, |
BIO_printf(bio_err, |
"Unknown digest algorithm %s\n", |
"Unknown digest algorithm %s\n", |
pkcs12_config.macalg); |
pkcs12_config.macalg); |
|
|
goto end; |
goto end; |
|
|
} |
} |
if (!(p12 = d2i_PKCS12_bio(in, NULL))) { |
if ((p12 = d2i_PKCS12_bio(in, NULL)) == NULL) { |
ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
goto end; |
goto end; |
} |
} |
|
|
if (!pkcs12_config.twopass) |
if (!pkcs12_config.twopass) |
strlcpy(macpass, pass, sizeof macpass); |
strlcpy(macpass, pass, sizeof macpass); |
|
|
if ((pkcs12_config.options & INFO) && p12->mac) |
if ((pkcs12_config.options & INFO) && p12->mac != NULL) |
BIO_printf(bio_err, "MAC Iteration %ld\n", |
BIO_printf(bio_err, "MAC Iteration %ld\n", |
p12->mac->iter ? ASN1_INTEGER_get(p12->mac->iter) : 1); |
p12->mac->iter ? ASN1_INTEGER_get(p12->mac->iter) : 1); |
if (pkcs12_config.macver) { |
if (pkcs12_config.macver) { |
|
|
int ret = 0; |
int ret = 0; |
PKCS7 *p7; |
PKCS7 *p7; |
|
|
if (!(asafes = PKCS12_unpack_authsafes(p12))) |
if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL) |
return 0; |
return 0; |
for (i = 0; i < sk_PKCS7_num(asafes); i++) { |
for (i = 0; i < sk_PKCS7_num(asafes); i++) { |
p7 = sk_PKCS7_value(asafes, i); |
p7 = sk_PKCS7_value(asafes, i); |
|
|
bags = PKCS12_unpack_p7encdata(p7, pass, passlen); |
bags = PKCS12_unpack_p7encdata(p7, pass, passlen); |
} else |
} else |
continue; |
continue; |
if (!bags) |
if (bags == NULL) |
goto err; |
goto err; |
if (!dump_certs_pkeys_bags(out, bags, pass, passlen, |
if (!dump_certs_pkeys_bags(out, bags, pass, passlen, |
options, pempass)) { |
options, pempass)) { |
|
|
if (options & NOKEYS) |
if (options & NOKEYS) |
return 1; |
return 1; |
print_attribs(out, bag->attrib, "Bag Attributes"); |
print_attribs(out, bag->attrib, "Bag Attributes"); |
if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen))) |
if ((p8 = PKCS12_decrypt_skey(bag, pass, passlen)) == NULL) |
return 0; |
return 0; |
if (!(pkey = EVP_PKCS82PKEY(p8))) { |
if ((pkey = EVP_PKCS82PKEY(p8)) == NULL) { |
PKCS8_PRIV_KEY_INFO_free(p8); |
PKCS8_PRIV_KEY_INFO_free(p8); |
return 0; |
return 0; |
} |
} |
|
|
BIO_printf(bio_err, "Certificate bag\n"); |
BIO_printf(bio_err, "Certificate bag\n"); |
if (options & NOCERTS) |
if (options & NOCERTS) |
return 1; |
return 1; |
if (PKCS12_get_attr(bag, NID_localKeyID)) { |
if (PKCS12_get_attr(bag, NID_localKeyID) != NULL) { |
if (options & CACERTS) |
if (options & CACERTS) |
return 1; |
return 1; |
} else if (options & CLCERTS) |
} else if (options & CLCERTS) |
|
|
print_attribs(out, bag->attrib, "Bag Attributes"); |
print_attribs(out, bag->attrib, "Bag Attributes"); |
if (OBJ_obj2nid(bag->value.bag->type) != NID_x509Certificate) |
if (OBJ_obj2nid(bag->value.bag->type) != NID_x509Certificate) |
return 1; |
return 1; |
if (!(x509 = PKCS12_certbag2x509(bag))) |
if ((x509 = PKCS12_certbag2x509(bag)) == NULL) |
return 0; |
return 0; |
dump_cert_text(out, x509); |
dump_cert_text(out, x509); |
PEM_write_bio_X509(out, x509); |
PEM_write_bio_X509(out, x509); |
|
|
|
|
p = alg->parameter->value.sequence->data; |
p = alg->parameter->value.sequence->data; |
pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); |
pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); |
if (!pbe) |
if (pbe == NULL) |
return 1; |
return 1; |
BIO_printf(bio_err, "%s, Iteration %ld\n", |
BIO_printf(bio_err, "%s, Iteration %ld\n", |
OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)), |
OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)), |
|
|
ASN1_TYPE *av; |
ASN1_TYPE *av; |
int i, j, attr_nid; |
int i, j, attr_nid; |
|
|
if (!attrlst) { |
if (attrlst == NULL) { |
BIO_printf(out, "%s: <No Attributes>\n", name); |
BIO_printf(out, "%s: <No Attributes>\n", name); |
return 1; |
return 1; |
} |
} |
|
|
static int |
static int |
set_pbe(BIO *err, int *ppbe, const char *str) |
set_pbe(BIO *err, int *ppbe, const char *str) |
{ |
{ |
if (!str) |
if (str == NULL) |
return 0; |
return 0; |
if (!strcmp(str, "NONE")) { |
if (!strcmp(str, "NONE")) { |
*ppbe = -1; |
*ppbe = -1; |