| version 1.15, 2022/11/11 17:07:39 |
version 1.16, 2023/03/06 14:32:06 |
|
|
| char *passargout; |
char *passargout; |
| int pbe_nid; |
int pbe_nid; |
| int topk8; |
int topk8; |
| } pkcs8_config; |
} cfg; |
| |
|
| static int |
static int |
| pkcs8_opt_v1(char *arg) |
pkcs8_opt_v1(char *arg) |
| { |
{ |
| if ((pkcs8_config.pbe_nid = OBJ_txt2nid(arg)) == NID_undef) { |
if ((cfg.pbe_nid = OBJ_txt2nid(arg)) == NID_undef) { |
| fprintf(stderr, "Unknown PBE algorithm '%s'\n", arg); |
fprintf(stderr, "Unknown PBE algorithm '%s'\n", arg); |
| return (1); |
return (1); |
| } |
} |
|
|
| static int |
static int |
| pkcs8_opt_v2(char *arg) |
pkcs8_opt_v2(char *arg) |
| { |
{ |
| if ((pkcs8_config.cipher = EVP_get_cipherbyname(arg)) == NULL) { |
if ((cfg.cipher = EVP_get_cipherbyname(arg)) == NULL) { |
| fprintf(stderr, "Unknown cipher '%s'\n", arg); |
fprintf(stderr, "Unknown cipher '%s'\n", arg); |
| return (1); |
return (1); |
| } |
} |
|
|
| .argname = "file", |
.argname = "file", |
| .desc = "Input file (default stdin)", |
.desc = "Input file (default stdin)", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &pkcs8_config.infile, |
.opt.arg = &cfg.infile, |
| }, |
}, |
| { |
{ |
| .name = "inform", |
.name = "inform", |
| .argname = "der | pem", |
.argname = "der | pem", |
| .desc = "Input format (default PEM)", |
.desc = "Input format (default PEM)", |
| .type = OPTION_ARG_FORMAT, |
.type = OPTION_ARG_FORMAT, |
| .opt.value = &pkcs8_config.informat, |
.opt.value = &cfg.informat, |
| }, |
}, |
| { |
{ |
| .name = "nocrypt", |
.name = "nocrypt", |
| .desc = "Use or expect unencrypted private key", |
.desc = "Use or expect unencrypted private key", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &pkcs8_config.nocrypt, |
.opt.flag = &cfg.nocrypt, |
| }, |
}, |
| { |
{ |
| .name = "noiter", |
.name = "noiter", |
| .desc = "Use 1 as iteration count", |
.desc = "Use 1 as iteration count", |
| .type = OPTION_VALUE, |
.type = OPTION_VALUE, |
| .value = 1, |
.value = 1, |
| .opt.value = &pkcs8_config.iter, |
.opt.value = &cfg.iter, |
| }, |
}, |
| { |
{ |
| .name = "out", |
.name = "out", |
| .argname = "file", |
.argname = "file", |
| .desc = "Output file (default stdout)", |
.desc = "Output file (default stdout)", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &pkcs8_config.outfile, |
.opt.arg = &cfg.outfile, |
| }, |
}, |
| { |
{ |
| .name = "outform", |
.name = "outform", |
| .argname = "der | pem", |
.argname = "der | pem", |
| .desc = "Output format (default PEM)", |
.desc = "Output format (default PEM)", |
| .type = OPTION_ARG_FORMAT, |
.type = OPTION_ARG_FORMAT, |
| .opt.value = &pkcs8_config.outformat, |
.opt.value = &cfg.outformat, |
| }, |
}, |
| { |
{ |
| .name = "passin", |
.name = "passin", |
| .argname = "source", |
.argname = "source", |
| .desc = "Input file passphrase source", |
.desc = "Input file passphrase source", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &pkcs8_config.passargin, |
.opt.arg = &cfg.passargin, |
| }, |
}, |
| { |
{ |
| .name = "passout", |
.name = "passout", |
| .argname = "source", |
.argname = "source", |
| .desc = "Output file passphrase source", |
.desc = "Output file passphrase source", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &pkcs8_config.passargout, |
.opt.arg = &cfg.passargout, |
| }, |
}, |
| { |
{ |
| .name = "topk8", |
.name = "topk8", |
| .desc = "Read traditional format key and write PKCS#8 format" |
.desc = "Read traditional format key and write PKCS#8 format" |
| " key", |
" key", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &pkcs8_config.topk8, |
.opt.flag = &cfg.topk8, |
| }, |
}, |
| { |
{ |
| .name = "v1", |
.name = "v1", |
|
|
| exit(1); |
exit(1); |
| } |
} |
| |
|
| memset(&pkcs8_config, 0, sizeof(pkcs8_config)); |
memset(&cfg, 0, sizeof(cfg)); |
| |
|
| pkcs8_config.iter = PKCS12_DEFAULT_ITER; |
cfg.iter = PKCS12_DEFAULT_ITER; |
| pkcs8_config.informat = FORMAT_PEM; |
cfg.informat = FORMAT_PEM; |
| pkcs8_config.outformat = FORMAT_PEM; |
cfg.outformat = FORMAT_PEM; |
| pkcs8_config.pbe_nid = -1; |
cfg.pbe_nid = -1; |
| |
|
| if (options_parse(argc, argv, pkcs8_options, NULL, NULL) != 0) { |
if (options_parse(argc, argv, pkcs8_options, NULL, NULL) != 0) { |
| pkcs8_usage(); |
pkcs8_usage(); |
| return (1); |
return (1); |
| } |
} |
| |
|
| if (!app_passwd(bio_err, pkcs8_config.passargin, |
if (!app_passwd(bio_err, cfg.passargin, |
| pkcs8_config.passargout, &passin, &passout)) { |
cfg.passargout, &passin, &passout)) { |
| BIO_printf(bio_err, "Error getting passwords\n"); |
BIO_printf(bio_err, "Error getting passwords\n"); |
| goto end; |
goto end; |
| } |
} |
| if ((pkcs8_config.pbe_nid == -1) && !pkcs8_config.cipher) |
if ((cfg.pbe_nid == -1) && !cfg.cipher) |
| pkcs8_config.pbe_nid = NID_pbeWithMD5AndDES_CBC; |
cfg.pbe_nid = NID_pbeWithMD5AndDES_CBC; |
| |
|
| if (pkcs8_config.infile) { |
if (cfg.infile) { |
| if (!(in = BIO_new_file(pkcs8_config.infile, "rb"))) { |
if (!(in = BIO_new_file(cfg.infile, "rb"))) { |
| BIO_printf(bio_err, |
BIO_printf(bio_err, |
| "Can't open input file '%s'\n", |
"Can't open input file '%s'\n", |
| pkcs8_config.infile); |
cfg.infile); |
| goto end; |
goto end; |
| } |
} |
| } else |
} else |
| in = BIO_new_fp(stdin, BIO_NOCLOSE); |
in = BIO_new_fp(stdin, BIO_NOCLOSE); |
| |
|
| if (pkcs8_config.outfile) { |
if (cfg.outfile) { |
| if (!(out = BIO_new_file(pkcs8_config.outfile, "wb"))) { |
if (!(out = BIO_new_file(cfg.outfile, "wb"))) { |
| BIO_printf(bio_err, "Can't open output file '%s'\n", |
BIO_printf(bio_err, "Can't open output file '%s'\n", |
| pkcs8_config.outfile); |
cfg.outfile); |
| goto end; |
goto end; |
| } |
} |
| } else { |
} else { |
| out = BIO_new_fp(stdout, BIO_NOCLOSE); |
out = BIO_new_fp(stdout, BIO_NOCLOSE); |
| } |
} |
| if (pkcs8_config.topk8) { |
if (cfg.topk8) { |
| pkey = load_key(bio_err, pkcs8_config.infile, |
pkey = load_key(bio_err, cfg.infile, |
| pkcs8_config.informat, 1, passin, "key"); |
cfg.informat, 1, passin, "key"); |
| if (!pkey) |
if (!pkey) |
| goto end; |
goto end; |
| if (!(p8inf = EVP_PKEY2PKCS8(pkey))) { |
if (!(p8inf = EVP_PKEY2PKCS8(pkey))) { |
|
|
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| if (pkcs8_config.nocrypt) { |
if (cfg.nocrypt) { |
| if (pkcs8_config.outformat == FORMAT_PEM) |
if (cfg.outformat == FORMAT_PEM) |
| PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf); |
PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf); |
| else if (pkcs8_config.outformat == FORMAT_ASN1) |
else if (cfg.outformat == FORMAT_ASN1) |
| i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf); |
i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf); |
| else { |
else { |
| BIO_printf(bio_err, |
BIO_printf(bio_err, |
|
|
| "Enter Encryption Password:", 1)) |
"Enter Encryption Password:", 1)) |
| goto end; |
goto end; |
| } |
} |
| if (!(p8 = PKCS8_encrypt(pkcs8_config.pbe_nid, |
if (!(p8 = PKCS8_encrypt(cfg.pbe_nid, |
| pkcs8_config.cipher, p8pass, strlen(p8pass), |
cfg.cipher, p8pass, strlen(p8pass), |
| NULL, 0, pkcs8_config.iter, p8inf))) { |
NULL, 0, cfg.iter, p8inf))) { |
| BIO_printf(bio_err, "Error encrypting key\n"); |
BIO_printf(bio_err, "Error encrypting key\n"); |
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| if (pkcs8_config.outformat == FORMAT_PEM) |
if (cfg.outformat == FORMAT_PEM) |
| PEM_write_bio_PKCS8(out, p8); |
PEM_write_bio_PKCS8(out, p8); |
| else if (pkcs8_config.outformat == FORMAT_ASN1) |
else if (cfg.outformat == FORMAT_ASN1) |
| i2d_PKCS8_bio(out, p8); |
i2d_PKCS8_bio(out, p8); |
| else { |
else { |
| BIO_printf(bio_err, |
BIO_printf(bio_err, |
|
|
| ret = 0; |
ret = 0; |
| goto end; |
goto end; |
| } |
} |
| if (pkcs8_config.nocrypt) { |
if (cfg.nocrypt) { |
| if (pkcs8_config.informat == FORMAT_PEM) |
if (cfg.informat == FORMAT_PEM) |
| p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in, NULL, |
p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in, NULL, |
| NULL, NULL); |
NULL, NULL); |
| else if (pkcs8_config.informat == FORMAT_ASN1) |
else if (cfg.informat == FORMAT_ASN1) |
| p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL); |
p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL); |
| else { |
else { |
| BIO_printf(bio_err, "Bad format specified for key\n"); |
BIO_printf(bio_err, "Bad format specified for key\n"); |
| goto end; |
goto end; |
| } |
} |
| } else { |
} else { |
| if (pkcs8_config.informat == FORMAT_PEM) |
if (cfg.informat == FORMAT_PEM) |
| p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL); |
p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL); |
| else if (pkcs8_config.informat == FORMAT_ASN1) |
else if (cfg.informat == FORMAT_ASN1) |
| p8 = d2i_PKCS8_bio(in, NULL); |
p8 = d2i_PKCS8_bio(in, NULL); |
| else { |
else { |
| BIO_printf(bio_err, "Bad format specified for key\n"); |
BIO_printf(bio_err, "Bad format specified for key\n"); |
|
|
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| if (pkcs8_config.outformat == FORMAT_PEM) |
if (cfg.outformat == FORMAT_PEM) |
| PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, |
PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, |
| passout); |
passout); |
| else if (pkcs8_config.outformat == FORMAT_ASN1) |
else if (cfg.outformat == FORMAT_ASN1) |
| i2d_PrivateKey_bio(out, pkey); |
i2d_PrivateKey_bio(out, pkey); |
| else { |
else { |
| BIO_printf(bio_err, "Bad format specified for key\n"); |
BIO_printf(bio_err, "Bad format specified for key\n"); |
![[BACK]](/icons/back.gif){kind=icon}
Return to pkcs8.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl