===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/openssl/pkcs8.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -c -r1.11 -r1.12
*** src/usr.bin/openssl/pkcs8.c	2018/02/07 05:47:55	1.11
--- src/usr.bin/openssl/pkcs8.c	2018/08/24 20:09:56	1.12
***************
*** 1,4 ****
! /* $OpenBSD: pkcs8.c,v 1.11 2018/02/07 05:47:55 jsing Exp $ */
  /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
   * project 1999-2004.
   */
--- 1,4 ----
! /* $OpenBSD: pkcs8.c,v 1.12 2018/08/24 20:09:56 tb Exp $ */
  /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
   * project 1999-2004.
   */
***************
*** 75,81 ****
  	int nocrypt;
  	char *outfile;
  	int outformat;
- 	int p8_broken;
  	char *passargin;
  	char *passargout;
  	int pbe_nid;
--- 75,80 ----
***************
*** 106,118 ****
  
  static struct option pkcs8_options[] = {
  	{
- 		.name = "embed",
- 		.desc = "Generate DSA keys in a broken format",
- 		.type = OPTION_VALUE,
- 		.value = PKCS8_EMBEDDED_PARAM,
- 		.opt.value = &pkcs8_config.p8_broken,
- 	},
- 	{
  		.name = "in",
  		.argname = "file",
  		.desc = "Input file (default stdin)",
--- 105,110 ----
***************
*** 140,159 ****
  		.opt.value = &pkcs8_config.iter,
  	},
  	{
- 		.name = "nooct",
- 		.desc = "Generate RSA keys in a broken format (no octet)",
- 		.type = OPTION_VALUE,
- 		.value = PKCS8_NO_OCTET,
- 		.opt.value = &pkcs8_config.p8_broken,
- 	},
- 	{
- 		.name = "nsdb",
- 		.desc = "Generate DSA keys in the broken Netscape DB format",
- 		.type = OPTION_VALUE,
- 		.value = PKCS8_NS_DB,
- 		.opt.value = &pkcs8_config.p8_broken,
- 	},
- 	{
  		.name = "out",
  		.argname = "file",
  		.desc = "Output file (default stdout)",
--- 132,137 ----
***************
*** 238,244 ****
  	pkcs8_config.iter = PKCS12_DEFAULT_ITER;
  	pkcs8_config.informat = FORMAT_PEM;
  	pkcs8_config.outformat = FORMAT_PEM;
- 	pkcs8_config.p8_broken = PKCS8_OK;
  	pkcs8_config.pbe_nid = -1;
  
  	if (options_parse(argc, argv, pkcs8_options, NULL, NULL) != 0) {
--- 216,221 ----
***************
*** 278,285 ****
  		    pkcs8_config.informat, 1, passin, "key");
  		if (!pkey)
  			goto end;
! 		if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey,
! 		    pkcs8_config.p8_broken))) {
  			BIO_printf(bio_err, "Error converting key\n");
  			ERR_print_errors(bio_err);
  			goto end;
--- 255,261 ----
  		    pkcs8_config.informat, 1, passin, "key");
  		if (!pkey)
  			goto end;
! 		if (!(p8inf = EVP_PKEY2PKCS8(pkey))) {
  			BIO_printf(bio_err, "Error converting key\n");
  			ERR_print_errors(bio_err);
  			goto end;
***************
*** 368,399 ****
  		BIO_printf(bio_err, "Error converting key\n");
  		ERR_print_errors(bio_err);
  		goto end;
- 	}
- 	if (p8inf->broken) {
- 		BIO_printf(bio_err, "Warning: broken key encoding: ");
- 		switch (p8inf->broken) {
- 		case PKCS8_NO_OCTET:
- 			BIO_printf(bio_err, "No Octet String in PrivateKey\n");
- 			break;
- 
- 		case PKCS8_EMBEDDED_PARAM:
- 			BIO_printf(bio_err,
- 			    "DSA parameters included in PrivateKey\n");
- 			break;
- 
- 		case PKCS8_NS_DB:
- 			BIO_printf(bio_err,
- 			    "DSA public key include in PrivateKey\n");
- 			break;
- 
- 		case PKCS8_NEG_PRIVKEY:
- 			BIO_printf(bio_err, "DSA private key value is negative\n");
- 			break;
- 
- 		default:
- 			BIO_printf(bio_err, "Unknown broken type\n");
- 			break;
- 		}
  	}
  	if (pkcs8_config.outformat == FORMAT_PEM)
  		PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL,
--- 344,349 ----