diff options
| author | inoguchi <> | 2019-07-26 12:35:59 +0000 |
|---|---|---|
| committer | inoguchi <> | 2019-07-26 12:35:59 +0000 |
| commit | 4defd45879158050c06cedd85d4d31f3ce967b45 (patch) | |
| tree | ef5d9b856503452c73c5fdeca37f0d591bd636d0 /src | |
| parent | 55948284d7f5c955c58cfce1e8ee302c8b8a764a (diff) | |
| download | openbsd-4defd45879158050c06cedd85d4d31f3ce967b45.tar.gz openbsd-4defd45879158050c06cedd85d4d31f3ce967b45.tar.bz2 openbsd-4defd45879158050c06cedd85d4d31f3ce967b45.zip | |
Code clean up openssl(1) pkcs12
- Add a space before 'export_end:'
- Remove space after '*'
- Wrap lines by 80 columns
Diffstat (limited to 'src')
| -rw-r--r-- | src/usr.bin/openssl/pkcs12.c | 147 |
1 files changed, 86 insertions, 61 deletions
diff --git a/src/usr.bin/openssl/pkcs12.c b/src/usr.bin/openssl/pkcs12.c index 5a2637b1ae..d2e677ad84 100644 --- a/src/usr.bin/openssl/pkcs12.c +++ b/src/usr.bin/openssl/pkcs12.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pkcs12.c,v 1.13 2019/07/26 11:52:51 inoguchi Exp $ */ | 1 | /* $OpenBSD: pkcs12.c,v 1.14 2019/07/26 12:35:59 inoguchi Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -77,18 +77,19 @@ | |||
| 77 | #define CLCERTS 0x8 | 77 | #define CLCERTS 0x8 |
| 78 | #define CACERTS 0x10 | 78 | #define CACERTS 0x10 |
| 79 | 79 | ||
| 80 | int get_cert_chain(X509 * cert, X509_STORE * store, STACK_OF(X509) ** chain); | 80 | int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain); |
| 81 | int dump_certs_keys_p12(BIO * out, PKCS12 * p12, char *pass, int passlen, | 81 | int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, |
| 82 | int options, char *pempass); | 82 | int options, char *pempass); |
| 83 | int dump_certs_pkeys_bags(BIO * out, STACK_OF(PKCS12_SAFEBAG) * bags, char *pass, | 83 | int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, char *pass, |
| 84 | int passlen, int options, char *pempass); | 84 | int passlen, int options, char *pempass); |
| 85 | int dump_certs_pkeys_bag(BIO * out, PKCS12_SAFEBAG * bags, char *pass, int passlen, | 85 | int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, |
| 86 | int options, char *pempass); | 86 | int passlen, int options, char *pempass); |
| 87 | int print_attribs(BIO * out, STACK_OF(X509_ATTRIBUTE) * attrlst, const char *name); | 87 | int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, |
| 88 | void hex_prin(BIO * out, unsigned char *buf, int len); | 88 | const char *name); |
| 89 | int alg_print(BIO * x, X509_ALGOR * alg); | 89 | void hex_prin(BIO *out, unsigned char *buf, int len); |
| 90 | int cert_load(BIO * in, STACK_OF(X509) * sk); | 90 | int alg_print(BIO *x, X509_ALGOR *alg); |
| 91 | static int set_pbe(BIO * err, int *ppbe, const char *str); | 91 | int cert_load(BIO *in, STACK_OF(X509) *sk); |
| 92 | static int set_pbe(BIO *err, int *ppbe, const char *str); | ||
| 92 | 93 | ||
| 93 | static struct { | 94 | static struct { |
| 94 | int add_lmk; | 95 | int add_lmk; |
| @@ -561,7 +562,8 @@ pkcs12_main(int argc, char **argv) | |||
| 561 | else | 562 | else |
| 562 | pkcs12_config.passargin = pkcs12_config.passarg; | 563 | pkcs12_config.passargin = pkcs12_config.passarg; |
| 563 | } | 564 | } |
| 564 | if (!app_passwd(bio_err, pkcs12_config.passargin, pkcs12_config.passargout, &passin, &passout)) { | 565 | if (!app_passwd(bio_err, pkcs12_config.passargin, |
| 566 | pkcs12_config.passargout, &passin, &passout)) { | ||
| 565 | BIO_printf(bio_err, "Error getting passwords\n"); | 567 | BIO_printf(bio_err, "Error getting passwords\n"); |
| 566 | goto end; | 568 | goto end; |
| 567 | } | 569 | } |
| @@ -601,7 +603,8 @@ pkcs12_main(int argc, char **argv) | |||
| 601 | goto end; | 603 | goto end; |
| 602 | } | 604 | } |
| 603 | if (pkcs12_config.twopass) { | 605 | if (pkcs12_config.twopass) { |
| 604 | if (EVP_read_pw_string(macpass, sizeof macpass, "Enter MAC Password:", pkcs12_config.export_cert)) { | 606 | if (EVP_read_pw_string(macpass, sizeof macpass, |
| 607 | "Enter MAC Password:", pkcs12_config.export_cert)) { | ||
| 605 | BIO_printf(bio_err, "Can't read Password\n"); | 608 | BIO_printf(bio_err, "Can't read Password\n"); |
| 606 | goto end; | 609 | goto end; |
| 607 | } | 610 | } |
| @@ -609,12 +612,13 @@ pkcs12_main(int argc, char **argv) | |||
| 609 | if (pkcs12_config.export_cert) { | 612 | if (pkcs12_config.export_cert) { |
| 610 | EVP_PKEY *key = NULL; | 613 | EVP_PKEY *key = NULL; |
| 611 | X509 *ucert = NULL, *x = NULL; | 614 | X509 *ucert = NULL, *x = NULL; |
| 612 | STACK_OF(X509) * certs = NULL; | 615 | STACK_OF(X509) *certs = NULL; |
| 613 | const EVP_MD *macmd = NULL; | 616 | const EVP_MD *macmd = NULL; |
| 614 | unsigned char *catmp = NULL; | 617 | unsigned char *catmp = NULL; |
| 615 | int i; | 618 | int i; |
| 616 | 619 | ||
| 617 | if ((pkcs12_config.options & (NOCERTS | NOKEYS)) == (NOCERTS | NOKEYS)) { | 620 | if ((pkcs12_config.options & (NOCERTS | NOKEYS)) == |
| 621 | (NOCERTS | NOKEYS)) { | ||
| 618 | BIO_printf(bio_err, "Nothing to do!\n"); | 622 | BIO_printf(bio_err, "Nothing to do!\n"); |
| 619 | goto export_end; | 623 | goto export_end; |
| 620 | } | 624 | } |
| @@ -622,7 +626,8 @@ pkcs12_main(int argc, char **argv) | |||
| 622 | pkcs12_config.chain = 0; | 626 | pkcs12_config.chain = 0; |
| 623 | 627 | ||
| 624 | if (!(pkcs12_config.options & NOKEYS)) { | 628 | if (!(pkcs12_config.options & NOKEYS)) { |
| 625 | key = load_key(bio_err, pkcs12_config.keyname ? pkcs12_config.keyname : pkcs12_config.infile, | 629 | key = load_key(bio_err, pkcs12_config.keyname ? |
| 630 | pkcs12_config.keyname : pkcs12_config.infile, | ||
| 626 | FORMAT_PEM, 1, passin, "private key"); | 631 | FORMAT_PEM, 1, passin, "private key"); |
| 627 | if (!key) | 632 | if (!key) |
| 628 | goto export_end; | 633 | goto export_end; |
| @@ -630,8 +635,8 @@ pkcs12_main(int argc, char **argv) | |||
| 630 | 635 | ||
| 631 | /* Load in all certs in input file */ | 636 | /* Load in all certs in input file */ |
| 632 | if (!(pkcs12_config.options & NOCERTS)) { | 637 | if (!(pkcs12_config.options & NOCERTS)) { |
| 633 | certs = load_certs(bio_err, pkcs12_config.infile, FORMAT_PEM, NULL, | 638 | certs = load_certs(bio_err, pkcs12_config.infile, |
| 634 | "certificates"); | 639 | FORMAT_PEM, NULL, "certificates"); |
| 635 | if (!certs) | 640 | if (!certs) |
| 636 | goto export_end; | 641 | goto export_end; |
| 637 | 642 | ||
| @@ -650,7 +655,8 @@ pkcs12_main(int argc, char **argv) | |||
| 650 | } | 655 | } |
| 651 | } | 656 | } |
| 652 | if (!ucert) { | 657 | if (!ucert) { |
| 653 | BIO_printf(bio_err, "No certificate matches private key\n"); | 658 | BIO_printf(bio_err, |
| 659 | "No certificate matches private key\n"); | ||
| 654 | goto export_end; | 660 | goto export_end; |
| 655 | } | 661 | } |
| 656 | } | 662 | } |
| @@ -658,9 +664,10 @@ pkcs12_main(int argc, char **argv) | |||
| 658 | 664 | ||
| 659 | /* Add any more certificates asked for */ | 665 | /* Add any more certificates asked for */ |
| 660 | if (pkcs12_config.certfile) { | 666 | if (pkcs12_config.certfile) { |
| 661 | STACK_OF(X509) * morecerts = NULL; | 667 | STACK_OF(X509) *morecerts = NULL; |
| 662 | if (!(morecerts = load_certs(bio_err, pkcs12_config.certfile, FORMAT_PEM, | 668 | if (!(morecerts = load_certs(bio_err, |
| 663 | NULL, "certificates from certfile"))) | 669 | pkcs12_config.certfile, FORMAT_PEM, NULL, |
| 670 | "certificates from certfile"))) | ||
| 664 | goto export_end; | 671 | goto export_end; |
| 665 | while (sk_X509_num(morecerts) > 0) | 672 | while (sk_X509_num(morecerts) > 0) |
| 666 | sk_X509_push(certs, sk_X509_shift(morecerts)); | 673 | sk_X509_push(certs, sk_X509_shift(morecerts)); |
| @@ -671,13 +678,15 @@ pkcs12_main(int argc, char **argv) | |||
| 671 | /* If chaining get chain from user cert */ | 678 | /* If chaining get chain from user cert */ |
| 672 | if (pkcs12_config.chain) { | 679 | if (pkcs12_config.chain) { |
| 673 | int vret; | 680 | int vret; |
| 674 | STACK_OF(X509) * chain2; | 681 | STACK_OF(X509) *chain2; |
| 675 | X509_STORE *store = X509_STORE_new(); | 682 | X509_STORE *store = X509_STORE_new(); |
| 676 | if (!store) { | 683 | if (!store) { |
| 677 | BIO_printf(bio_err, "Memory allocation error\n"); | 684 | BIO_printf(bio_err, |
| 685 | "Memory allocation error\n"); | ||
| 678 | goto export_end; | 686 | goto export_end; |
| 679 | } | 687 | } |
| 680 | if (!X509_STORE_load_locations(store, pkcs12_config.CAfile, pkcs12_config.CApath)) | 688 | if (!X509_STORE_load_locations(store, |
| 689 | pkcs12_config.CAfile, pkcs12_config.CApath)) | ||
| 681 | X509_STORE_set_default_paths(store); | 690 | X509_STORE_set_default_paths(store); |
| 682 | 691 | ||
| 683 | vret = get_cert_chain(ucert, store, &chain2); | 692 | vret = get_cert_chain(ucert, store, &chain2); |
| @@ -686,14 +695,17 @@ pkcs12_main(int argc, char **argv) | |||
| 686 | if (!vret) { | 695 | if (!vret) { |
| 687 | /* Exclude verified certificate */ | 696 | /* Exclude verified certificate */ |
| 688 | for (i = 1; i < sk_X509_num(chain2); i++) | 697 | for (i = 1; i < sk_X509_num(chain2); i++) |
| 689 | sk_X509_push(certs, sk_X509_value(chain2, i)); | 698 | sk_X509_push(certs, sk_X509_value( |
| 699 | chain2, i)); | ||
| 690 | /* Free first certificate */ | 700 | /* Free first certificate */ |
| 691 | X509_free(sk_X509_value(chain2, 0)); | 701 | X509_free(sk_X509_value(chain2, 0)); |
| 692 | sk_X509_free(chain2); | 702 | sk_X509_free(chain2); |
| 693 | } else { | 703 | } else { |
| 694 | if (vret >= 0) | 704 | if (vret >= 0) |
| 695 | BIO_printf(bio_err, "Error %s getting chain.\n", | 705 | BIO_printf(bio_err, |
| 696 | X509_verify_cert_error_string(vret)); | 706 | "Error %s getting chain.\n", |
| 707 | X509_verify_cert_error_string( | ||
| 708 | vret)); | ||
| 697 | else | 709 | else |
| 698 | ERR_print_errors(bio_err); | 710 | ERR_print_errors(bio_err); |
| 699 | goto export_end; | 711 | goto export_end; |
| @@ -701,21 +713,25 @@ pkcs12_main(int argc, char **argv) | |||
| 701 | } | 713 | } |
| 702 | /* Add any CA names */ | 714 | /* Add any CA names */ |
| 703 | 715 | ||
| 704 | for (i = 0; i < sk_OPENSSL_STRING_num(pkcs12_config.canames); i++) { | 716 | for (i = 0; i < sk_OPENSSL_STRING_num(pkcs12_config.canames); |
| 705 | catmp = (unsigned char *) sk_OPENSSL_STRING_value(pkcs12_config.canames, i); | 717 | i++) { |
| 718 | catmp = (unsigned char *) sk_OPENSSL_STRING_value( | ||
| 719 | pkcs12_config.canames, i); | ||
| 706 | X509_alias_set1(sk_X509_value(certs, i), catmp, -1); | 720 | X509_alias_set1(sk_X509_value(certs, i), catmp, -1); |
| 707 | } | 721 | } |
| 708 | 722 | ||
| 709 | if (pkcs12_config.csp_name && key) | 723 | if (pkcs12_config.csp_name && key) |
| 710 | EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name, | 724 | EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name, |
| 711 | MBSTRING_ASC, (unsigned char *) pkcs12_config.csp_name, -1); | 725 | MBSTRING_ASC, |
| 726 | (unsigned char *) pkcs12_config.csp_name, -1); | ||
| 712 | 727 | ||
| 713 | if (pkcs12_config.add_lmk && key) | 728 | if (pkcs12_config.add_lmk && key) |
| 714 | EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1); | 729 | EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, |
| 715 | 730 | -1); | |
| 716 | 731 | ||
| 717 | if (!pkcs12_config.noprompt && | 732 | if (!pkcs12_config.noprompt && |
| 718 | EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) { | 733 | EVP_read_pw_string(pass, sizeof pass, |
| 734 | "Enter Export Password:", 1)) { | ||
| 719 | BIO_printf(bio_err, "Can't read Password\n"); | 735 | BIO_printf(bio_err, "Can't read Password\n"); |
| 720 | goto export_end; | 736 | goto export_end; |
| 721 | } | 737 | } |
| @@ -723,8 +739,9 @@ pkcs12_main(int argc, char **argv) | |||
| 723 | strlcpy(macpass, pass, sizeof macpass); | 739 | strlcpy(macpass, pass, sizeof macpass); |
| 724 | 740 | ||
| 725 | 741 | ||
| 726 | p12 = PKCS12_create(cpass, pkcs12_config.name, key, ucert, certs, | 742 | p12 = PKCS12_create(cpass, pkcs12_config.name, key, ucert, |
| 727 | pkcs12_config.key_pbe, pkcs12_config.cert_pbe, pkcs12_config.iter, -1, pkcs12_config.keytype); | 743 | certs, pkcs12_config.key_pbe, pkcs12_config.cert_pbe, |
| 744 | pkcs12_config.iter, -1, pkcs12_config.keytype); | ||
| 728 | 745 | ||
| 729 | if (!p12) { | 746 | if (!p12) { |
| 730 | ERR_print_errors(bio_err); | 747 | ERR_print_errors(bio_err); |
| @@ -733,20 +750,20 @@ pkcs12_main(int argc, char **argv) | |||
| 733 | if (pkcs12_config.macalg) { | 750 | if (pkcs12_config.macalg) { |
| 734 | macmd = EVP_get_digestbyname(pkcs12_config.macalg); | 751 | macmd = EVP_get_digestbyname(pkcs12_config.macalg); |
| 735 | if (!macmd) { | 752 | if (!macmd) { |
| 736 | BIO_printf(bio_err, "Unknown digest algorithm %s\n", | 753 | BIO_printf(bio_err, |
| 754 | "Unknown digest algorithm %s\n", | ||
| 737 | pkcs12_config.macalg); | 755 | pkcs12_config.macalg); |
| 738 | } | 756 | } |
| 739 | } | 757 | } |
| 740 | if (pkcs12_config.maciter != -1) | 758 | if (pkcs12_config.maciter != -1) |
| 741 | PKCS12_set_mac(p12, mpass, -1, NULL, 0, pkcs12_config.maciter, macmd); | 759 | PKCS12_set_mac(p12, mpass, -1, NULL, 0, |
| 742 | 760 | pkcs12_config.maciter, macmd); | |
| 743 | 761 | ||
| 744 | i2d_PKCS12_bio(out, p12); | 762 | i2d_PKCS12_bio(out, p12); |
| 745 | 763 | ||
| 746 | ret = 0; | 764 | ret = 0; |
| 747 | 765 | ||
| 748 | export_end: | 766 | export_end: |
| 749 | |||
| 750 | EVP_PKEY_free(key); | 767 | EVP_PKEY_free(key); |
| 751 | sk_X509_pop_free(certs, X509_free); | 768 | sk_X509_pop_free(certs, X509_free); |
| 752 | X509_free(ucert); | 769 | X509_free(ucert); |
| @@ -758,7 +775,8 @@ export_end: | |||
| 758 | ERR_print_errors(bio_err); | 775 | ERR_print_errors(bio_err); |
| 759 | goto end; | 776 | goto end; |
| 760 | } | 777 | } |
| 761 | if (!pkcs12_config.noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", 0)) { | 778 | if (!pkcs12_config.noprompt && EVP_read_pw_string(pass, sizeof pass, |
| 779 | "Enter Import Password:", 0)) { | ||
| 762 | BIO_printf(bio_err, "Can't read Password\n"); | 780 | BIO_printf(bio_err, "Can't read Password\n"); |
| 763 | goto end; | 781 | goto end; |
| 764 | } | 782 | } |
| @@ -767,7 +785,8 @@ export_end: | |||
| 767 | strlcpy(macpass, pass, sizeof macpass); | 785 | strlcpy(macpass, pass, sizeof macpass); |
| 768 | 786 | ||
| 769 | if ((pkcs12_config.options & INFO) && p12->mac) | 787 | if ((pkcs12_config.options & INFO) && p12->mac) |
| 770 | BIO_printf(bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get(p12->mac->iter) : 1); | 788 | BIO_printf(bio_err, "MAC Iteration %ld\n", |
| 789 | p12->mac->iter ? ASN1_INTEGER_get(p12->mac->iter) : 1); | ||
| 771 | if (pkcs12_config.macver) { | 790 | if (pkcs12_config.macver) { |
| 772 | /* If we enter empty password try no password first */ | 791 | /* If we enter empty password try no password first */ |
| 773 | if (!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) { | 792 | if (!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) { |
| @@ -775,13 +794,15 @@ export_end: | |||
| 775 | if (!pkcs12_config.twopass) | 794 | if (!pkcs12_config.twopass) |
| 776 | cpass = NULL; | 795 | cpass = NULL; |
| 777 | } else if (!PKCS12_verify_mac(p12, mpass, -1)) { | 796 | } else if (!PKCS12_verify_mac(p12, mpass, -1)) { |
| 778 | BIO_printf(bio_err, "Mac verify error: invalid password?\n"); | 797 | BIO_printf(bio_err, |
| 798 | "Mac verify error: invalid password?\n"); | ||
| 779 | ERR_print_errors(bio_err); | 799 | ERR_print_errors(bio_err); |
| 780 | goto end; | 800 | goto end; |
| 781 | } | 801 | } |
| 782 | BIO_printf(bio_err, "MAC verified OK\n"); | 802 | BIO_printf(bio_err, "MAC verified OK\n"); |
| 783 | } | 803 | } |
| 784 | if (!dump_certs_keys_p12(out, p12, cpass, -1, pkcs12_config.options, passout)) { | 804 | if (!dump_certs_keys_p12(out, p12, cpass, -1, pkcs12_config.options, |
| 805 | passout)) { | ||
| 785 | BIO_printf(bio_err, "Error outputting keys and certificates\n"); | 806 | BIO_printf(bio_err, "Error outputting keys and certificates\n"); |
| 786 | ERR_print_errors(bio_err); | 807 | ERR_print_errors(bio_err); |
| 787 | goto end; | 808 | goto end; |
| @@ -799,11 +820,11 @@ export_end: | |||
| 799 | } | 820 | } |
| 800 | 821 | ||
| 801 | int | 822 | int |
| 802 | dump_certs_keys_p12(BIO * out, PKCS12 * p12, char *pass, | 823 | dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, |
| 803 | int passlen, int options, char *pempass) | 824 | int passlen, int options, char *pempass) |
| 804 | { | 825 | { |
| 805 | STACK_OF(PKCS7) * asafes = NULL; | 826 | STACK_OF(PKCS7) *asafes = NULL; |
| 806 | STACK_OF(PKCS12_SAFEBAG) * bags; | 827 | STACK_OF(PKCS12_SAFEBAG) *bags; |
| 807 | int i, bagnid; | 828 | int i, bagnid; |
| 808 | int ret = 0; | 829 | int ret = 0; |
| 809 | PKCS7 *p7; | 830 | PKCS7 *p7; |
| @@ -844,7 +865,7 @@ dump_certs_keys_p12(BIO * out, PKCS12 * p12, char *pass, | |||
| 844 | } | 865 | } |
| 845 | 866 | ||
| 846 | int | 867 | int |
| 847 | dump_certs_pkeys_bags(BIO * out, STACK_OF(PKCS12_SAFEBAG) * bags, | 868 | dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, |
| 848 | char *pass, int passlen, int options, char *pempass) | 869 | char *pass, int passlen, int options, char *pempass) |
| 849 | { | 870 | { |
| 850 | int i; | 871 | int i; |
| @@ -859,7 +880,7 @@ dump_certs_pkeys_bags(BIO * out, STACK_OF(PKCS12_SAFEBAG) * bags, | |||
| 859 | } | 880 | } |
| 860 | 881 | ||
| 861 | int | 882 | int |
| 862 | dump_certs_pkeys_bag(BIO * out, PKCS12_SAFEBAG * bag, char *pass, | 883 | dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass, |
| 863 | int passlen, int options, char *pempass) | 884 | int passlen, int options, char *pempass) |
| 864 | { | 885 | { |
| 865 | EVP_PKEY *pkey; | 886 | EVP_PKEY *pkey; |
| @@ -877,7 +898,8 @@ dump_certs_pkeys_bag(BIO * out, PKCS12_SAFEBAG * bag, char *pass, | |||
| 877 | if (!(pkey = EVP_PKCS82PKEY(p8))) | 898 | if (!(pkey = EVP_PKCS82PKEY(p8))) |
| 878 | return 0; | 899 | return 0; |
| 879 | print_attribs(out, p8->attributes, "Key Attributes"); | 900 | print_attribs(out, p8->attributes, "Key Attributes"); |
| 880 | PEM_write_bio_PrivateKey(out, pkey, pkcs12_config.enc, NULL, 0, NULL, pempass); | 901 | PEM_write_bio_PrivateKey(out, pkey, pkcs12_config.enc, NULL, 0, |
| 902 | NULL, pempass); | ||
| 881 | EVP_PKEY_free(pkey); | 903 | EVP_PKEY_free(pkey); |
| 882 | break; | 904 | break; |
| 883 | 905 | ||
| @@ -897,7 +919,8 @@ dump_certs_pkeys_bag(BIO * out, PKCS12_SAFEBAG * bag, char *pass, | |||
| 897 | } | 919 | } |
| 898 | print_attribs(out, p8->attributes, "Key Attributes"); | 920 | print_attribs(out, p8->attributes, "Key Attributes"); |
| 899 | PKCS8_PRIV_KEY_INFO_free(p8); | 921 | PKCS8_PRIV_KEY_INFO_free(p8); |
| 900 | PEM_write_bio_PrivateKey(out, pkey, pkcs12_config.enc, NULL, 0, NULL, pempass); | 922 | PEM_write_bio_PrivateKey(out, pkey, pkcs12_config.enc, NULL, 0, |
| 923 | NULL, pempass); | ||
| 901 | EVP_PKEY_free(pkey); | 924 | EVP_PKEY_free(pkey); |
| 902 | break; | 925 | break; |
| 903 | 926 | ||
| @@ -943,10 +966,10 @@ dump_certs_pkeys_bag(BIO * out, PKCS12_SAFEBAG * bag, char *pass, | |||
| 943 | /* Hope this is OK .... */ | 966 | /* Hope this is OK .... */ |
| 944 | 967 | ||
| 945 | int | 968 | int |
| 946 | get_cert_chain(X509 * cert, X509_STORE * store, STACK_OF(X509) ** chain) | 969 | get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain) |
| 947 | { | 970 | { |
| 948 | X509_STORE_CTX store_ctx; | 971 | X509_STORE_CTX store_ctx; |
| 949 | STACK_OF(X509) * chn; | 972 | STACK_OF(X509) *chn; |
| 950 | int i = 0; | 973 | int i = 0; |
| 951 | 974 | ||
| 952 | /* | 975 | /* |
| @@ -975,7 +998,7 @@ get_cert_chain(X509 * cert, X509_STORE * store, STACK_OF(X509) ** chain) | |||
| 975 | } | 998 | } |
| 976 | 999 | ||
| 977 | int | 1000 | int |
| 978 | alg_print(BIO * x, X509_ALGOR * alg) | 1001 | alg_print(BIO *x, X509_ALGOR *alg) |
| 979 | { | 1002 | { |
| 980 | PBEPARAM *pbe; | 1003 | PBEPARAM *pbe; |
| 981 | const unsigned char *p; | 1004 | const unsigned char *p; |
| @@ -993,7 +1016,7 @@ alg_print(BIO * x, X509_ALGOR * alg) | |||
| 993 | /* Load all certificates from a given file */ | 1016 | /* Load all certificates from a given file */ |
| 994 | 1017 | ||
| 995 | int | 1018 | int |
| 996 | cert_load(BIO * in, STACK_OF(X509) * sk) | 1019 | cert_load(BIO *in, STACK_OF(X509) *sk) |
| 997 | { | 1020 | { |
| 998 | int ret; | 1021 | int ret; |
| 999 | X509 *cert; | 1022 | X509 *cert; |
| @@ -1010,7 +1033,7 @@ cert_load(BIO * in, STACK_OF(X509) * sk) | |||
| 1010 | /* Generalised attribute print: handle PKCS#8 and bag attributes */ | 1033 | /* Generalised attribute print: handle PKCS#8 and bag attributes */ |
| 1011 | 1034 | ||
| 1012 | int | 1035 | int |
| 1013 | print_attribs(BIO * out, STACK_OF(X509_ATTRIBUTE) * attrlst, const char *name) | 1036 | print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, const char *name) |
| 1014 | { | 1037 | { |
| 1015 | X509_ATTRIBUTE *attr; | 1038 | X509_ATTRIBUTE *attr; |
| 1016 | ASN1_TYPE *av; | 1039 | ASN1_TYPE *av; |
| @@ -1039,7 +1062,8 @@ print_attribs(BIO * out, STACK_OF(X509_ATTRIBUTE) * attrlst, const char *name) | |||
| 1039 | av = sk_ASN1_TYPE_value(attr->value.set, 0); | 1062 | av = sk_ASN1_TYPE_value(attr->value.set, 0); |
| 1040 | switch (av->type) { | 1063 | switch (av->type) { |
| 1041 | case V_ASN1_BMPSTRING: | 1064 | case V_ASN1_BMPSTRING: |
| 1042 | value = OPENSSL_uni2asc(av->value.bmpstring->data, | 1065 | value = OPENSSL_uni2asc( |
| 1066 | av->value.bmpstring->data, | ||
| 1043 | av->value.bmpstring->length); | 1067 | av->value.bmpstring->length); |
| 1044 | BIO_printf(out, "%s\n", value); | 1068 | BIO_printf(out, "%s\n", value); |
| 1045 | free(value); | 1069 | free(value); |
| @@ -1058,7 +1082,8 @@ print_attribs(BIO * out, STACK_OF(X509_ATTRIBUTE) * attrlst, const char *name) | |||
| 1058 | break; | 1082 | break; |
| 1059 | 1083 | ||
| 1060 | default: | 1084 | default: |
| 1061 | BIO_printf(out, "<Unsupported tag %d>\n", av->type); | 1085 | BIO_printf(out, "<Unsupported tag %d>\n", |
| 1086 | av->type); | ||
| 1062 | break; | 1087 | break; |
| 1063 | } | 1088 | } |
| 1064 | } else | 1089 | } else |
| @@ -1068,7 +1093,7 @@ print_attribs(BIO * out, STACK_OF(X509_ATTRIBUTE) * attrlst, const char *name) | |||
| 1068 | } | 1093 | } |
| 1069 | 1094 | ||
| 1070 | void | 1095 | void |
| 1071 | hex_prin(BIO * out, unsigned char *buf, int len) | 1096 | hex_prin(BIO *out, unsigned char *buf, int len) |
| 1072 | { | 1097 | { |
| 1073 | int i; | 1098 | int i; |
| 1074 | for (i = 0; i < len; i++) | 1099 | for (i = 0; i < len; i++) |
| @@ -1076,7 +1101,7 @@ hex_prin(BIO * out, unsigned char *buf, int len) | |||
| 1076 | } | 1101 | } |
| 1077 | 1102 | ||
| 1078 | static int | 1103 | static int |
| 1079 | set_pbe(BIO * err, int *ppbe, const char *str) | 1104 | set_pbe(BIO *err, int *ppbe, const char *str) |
| 1080 | { | 1105 | { |
| 1081 | if (!str) | 1106 | if (!str) |
| 1082 | return 0; | 1107 | return 0; |