src/usr.bin/openssl/pkcs12.c - diff

Return to pkcs12.c CVS log

Up to [local] / src / usr.bin / openssl

Diff for /src/usr.bin/openssl/pkcs12.c between version 1.18 and 1.19

version 1.18, 2022/03/28 11:02:49

version 1.19, 2022/04/28 15:29:10

Line 556

goto end;

}

if (pkcs12_config.passarg) {

if (pkcs12_config.passarg != NULL) {

if (pkcs12_config.export_cert)

pkcs12_config.passargout = pkcs12_config.passarg;

else

Line 567

BIO_printf(bio_err, "Error getting passwords\n");

goto end;

}

if (!cpass) {

if (cpass == NULL) {

if (pkcs12_config.export_cert)

cpass = passout;

else

cpass = passin;

}

if (cpass) {

if (cpass != NULL) {

mpass = cpass;

pkcs12_config.noprompt = 1;

} else {

Line 581

mpass = macpass;

}

if (!pkcs12_config.infile)

if (pkcs12_config.infile == NULL)

in = BIO_new_fp(stdin, BIO_NOCLOSE);

else

in = BIO_new_file(pkcs12_config.infile, "rb");

if (!in) {

if (in == NULL) {

BIO_printf(bio_err, "Error opening input file %s\n",

pkcs12_config.infile ? pkcs12_config.infile : "<stdin>");

perror(pkcs12_config.infile);

goto end;

}

if (!pkcs12_config.outfile) {

if (pkcs12_config.outfile == NULL) {

out = BIO_new_fp(stdout, BIO_NOCLOSE);

} else

out = BIO_new_file(pkcs12_config.outfile, "wb");

if (!out) {

if (out == NULL) {

BIO_printf(bio_err, "Error opening output file %s\n",

pkcs12_config.outfile ? pkcs12_config.outfile : "<stdout>");

perror(pkcs12_config.outfile);

Line 637

if (!(pkcs12_config.options & NOCERTS)) {

certs = load_certs(bio_err, pkcs12_config.infile,

FORMAT_PEM, NULL, "certificates");

if (!certs)

if (certs == NULL)

goto export_end;

if (key) {

if (key != NULL) {

/* Look for matching private key */

for (i = 0; i < sk_X509_num(certs); i++) {

x = sk_X509_value(certs, i);

Line 654

break;

}

if (!ucert) {

if (ucert == NULL) {

BIO_printf(bio_err,

"No certificate matches private key\n");

goto export_end;

Line 663

}

/* Add any more certificates asked for */

if (pkcs12_config.certfile) {

if (pkcs12_config.certfile != NULL) {

STACK_OF(X509) *morecerts = NULL;

if (!(morecerts = load_certs(bio_err,

if ((morecerts = load_certs(bio_err,

pkcs12_config.certfile, FORMAT_PEM, NULL,

"certificates from certfile")))

"certificates from certfile")) == NULL)

goto export_end;

while (sk_X509_num(morecerts) > 0)

sk_X509_push(certs, sk_X509_shift(morecerts));

Line 680

int vret;

STACK_OF(X509) *chain2;

X509_STORE *store = X509_STORE_new();

if (!store) {

if (store == NULL) {

BIO_printf(bio_err,

"Memory allocation error\n");

goto export_end;

Line 720

X509_alias_set1(sk_X509_value(certs, i), catmp, -1);

}

if (pkcs12_config.csp_name && key)

if (pkcs12_config.csp_name != NULL && key != NULL)

EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name,

MBSTRING_ASC,

(unsigned char *) pkcs12_config.csp_name, -1);

if (pkcs12_config.add_lmk && key)

if (pkcs12_config.add_lmk && key != NULL)

EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL,

-1);

Line 743

certs, pkcs12_config.key_pbe, pkcs12_config.cert_pbe,

pkcs12_config.iter, -1, pkcs12_config.keytype);

if (!p12) {

if (p12 == NULL) {

ERR_print_errors(bio_err);

goto export_end;

}

if (pkcs12_config.macalg) {

if (pkcs12_config.macalg != NULL) {

macmd = EVP_get_digestbyname(pkcs12_config.macalg);

if (!macmd) {

if (macmd == NULL) {

BIO_printf(bio_err,

"Unknown digest algorithm %s\n",

pkcs12_config.macalg);

Line 771

goto end;

}

if (!(p12 = d2i_PKCS12_bio(in, NULL))) {

if ((p12 = d2i_PKCS12_bio(in, NULL)) == NULL) {

ERR_print_errors(bio_err);

goto end;

}

Line 784

if (!pkcs12_config.twopass)

strlcpy(macpass, pass, sizeof macpass);

if ((pkcs12_config.options & INFO) && p12->mac)

if ((pkcs12_config.options & INFO) && p12->mac != NULL)

BIO_printf(bio_err, "MAC Iteration %ld\n",

p12->mac->iter ? ASN1_INTEGER_get(p12->mac->iter) : 1);

if (pkcs12_config.macver) {

Line 829

int ret = 0;

PKCS7 *p7;

if (!(asafes = PKCS12_unpack_authsafes(p12)))

if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL)

return 0;

for (i = 0; i < sk_PKCS7_num(asafes); i++) {

p7 = sk_PKCS7_value(asafes, i);

Line 847

bags = PKCS12_unpack_p7encdata(p7, pass, passlen);

} else

continue;

if (!bags)

if (bags == NULL)

goto err;

if (!dump_certs_pkeys_bags(out, bags, pass, passlen,

options, pempass)) {

Line 915

if (options & NOKEYS)

return 1;

print_attribs(out, bag->attrib, "Bag Attributes");

if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))

if ((p8 = PKCS12_decrypt_skey(bag, pass, passlen)) == NULL)

return 0;

if (!(pkey = EVP_PKCS82PKEY(p8))) {

if ((pkey = EVP_PKCS82PKEY(p8)) == NULL) {

PKCS8_PRIV_KEY_INFO_free(p8);

return 0;

}

Line 933

BIO_printf(bio_err, "Certificate bag\n");

if (options & NOCERTS)

return 1;

if (PKCS12_get_attr(bag, NID_localKeyID)) {

if (PKCS12_get_attr(bag, NID_localKeyID) != NULL) {

if (options & CACERTS)

return 1;

} else if (options & CLCERTS)

Line 941

print_attribs(out, bag->attrib, "Bag Attributes");

if (OBJ_obj2nid(bag->value.bag->type) != NID_x509Certificate)

return 1;

if (!(x509 = PKCS12_certbag2x509(bag)))

if ((x509 = PKCS12_certbag2x509(bag)) == NULL)

return 0;

dump_cert_text(out, x509);

PEM_write_bio_X509(out, x509);

Line 999

p = alg->parameter->value.sequence->data;

pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);

if (!pbe)

if (pbe == NULL)

return 1;

BIO_printf(bio_err, "%s, Iteration %ld\n",

OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),

Line 1050

ASN1_TYPE *av;

int i, j, attr_nid;

if (!attrlst) {

if (attrlst == NULL) {

BIO_printf(out, "%s: <No Attributes>\n", name);

return 1;

}

Line 1095

static int

set_pbe(BIO *err, int *ppbe, const char *str)

{

if (!str)

if (str == NULL)

return 0;

if (!strcmp(str, "NONE")) {

*ppbe = -1;