summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/src/apps/pkcs12.c88
1 files changed, 1 insertions, 87 deletions
diff --git a/src/lib/libssl/src/apps/pkcs12.c b/src/lib/libssl/src/apps/pkcs12.c
index cbe25edb20..0e4bfbd895 100644
--- a/src/lib/libssl/src/apps/pkcs12.c
+++ b/src/lib/libssl/src/apps/pkcs12.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pkcs12.c,v 1.35 2014/06/12 15:49:27 deraadt Exp $ */ 1/* $OpenBSD: pkcs12.c,v 1.36 2014/07/09 21:10:06 tedu Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -391,9 +391,6 @@ pkcs12_main(int argc, char **argv)
391 391
392 ERR_load_crypto_strings(); 392 ERR_load_crypto_strings();
393 393
394#ifdef CRYPTO_MDEBUG
395 CRYPTO_push_info("read files");
396#endif
397 394
398 if (!infile) 395 if (!infile)
399 in = BIO_new_fp(stdin, BIO_NOCLOSE); 396 in = BIO_new_fp(stdin, BIO_NOCLOSE);
@@ -405,10 +402,6 @@ pkcs12_main(int argc, char **argv)
405 perror(infile); 402 perror(infile);
406 goto end; 403 goto end;
407 } 404 }
408#ifdef CRYPTO_MDEBUG
409 CRYPTO_pop_info();
410 CRYPTO_push_info("write files");
411#endif
412 405
413 if (!outfile) { 406 if (!outfile) {
414 out = BIO_new_fp(stdout, BIO_NOCLOSE); 407 out = BIO_new_fp(stdout, BIO_NOCLOSE);
@@ -421,16 +414,10 @@ pkcs12_main(int argc, char **argv)
421 goto end; 414 goto end;
422 } 415 }
423 if (twopass) { 416 if (twopass) {
424#ifdef CRYPTO_MDEBUG
425 CRYPTO_push_info("read MAC password");
426#endif
427 if (EVP_read_pw_string(macpass, sizeof macpass, "Enter MAC Password:", export_cert)) { 417 if (EVP_read_pw_string(macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
428 BIO_printf(bio_err, "Can't read Password\n"); 418 BIO_printf(bio_err, "Can't read Password\n");
429 goto end; 419 goto end;
430 } 420 }
431#ifdef CRYPTO_MDEBUG
432 CRYPTO_pop_info();
433#endif
434 } 421 }
435 if (export_cert) { 422 if (export_cert) {
436 EVP_PKEY *key = NULL; 423 EVP_PKEY *key = NULL;
@@ -447,20 +434,12 @@ pkcs12_main(int argc, char **argv)
447 if (options & NOCERTS) 434 if (options & NOCERTS)
448 chain = 0; 435 chain = 0;
449 436
450#ifdef CRYPTO_MDEBUG
451 CRYPTO_push_info("process -export_cert");
452 CRYPTO_push_info("reading private key");
453#endif
454 if (!(options & NOKEYS)) { 437 if (!(options & NOKEYS)) {
455 key = load_key(bio_err, keyname ? keyname : infile, 438 key = load_key(bio_err, keyname ? keyname : infile,
456 FORMAT_PEM, 1, passin, e, "private key"); 439 FORMAT_PEM, 1, passin, e, "private key");
457 if (!key) 440 if (!key)
458 goto export_end; 441 goto export_end;
459 } 442 }
460#ifdef CRYPTO_MDEBUG
461 CRYPTO_pop_info();
462 CRYPTO_push_info("reading certs from input");
463#endif
464 443
465 /* Load in all certs in input file */ 444 /* Load in all certs in input file */
466 if (!(options & NOCERTS)) { 445 if (!(options & NOCERTS)) {
@@ -489,10 +468,6 @@ pkcs12_main(int argc, char **argv)
489 } 468 }
490 } 469 }
491 } 470 }
492#ifdef CRYPTO_MDEBUG
493 CRYPTO_pop_info();
494 CRYPTO_push_info("reading certs from input 2");
495#endif
496 471
497 /* Add any more certificates asked for */ 472 /* Add any more certificates asked for */
498 if (certfile) { 473 if (certfile) {
@@ -505,15 +480,7 @@ pkcs12_main(int argc, char **argv)
505 sk_X509_push(certs, sk_X509_shift(morecerts)); 480 sk_X509_push(certs, sk_X509_shift(morecerts));
506 sk_X509_free(morecerts); 481 sk_X509_free(morecerts);
507 } 482 }
508#ifdef CRYPTO_MDEBUG
509 CRYPTO_pop_info();
510 CRYPTO_push_info("reading certs from certfile");
511#endif
512 483
513#ifdef CRYPTO_MDEBUG
514 CRYPTO_pop_info();
515 CRYPTO_push_info("building chain");
516#endif
517 484
518 /* If chaining get chain from user cert */ 485 /* If chaining get chain from user cert */
519 if (chain) { 486 if (chain) {
@@ -560,10 +527,6 @@ pkcs12_main(int argc, char **argv)
560 if (add_lmk && key) 527 if (add_lmk && key)
561 EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1); 528 EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1);
562 529
563#ifdef CRYPTO_MDEBUG
564 CRYPTO_pop_info();
565 CRYPTO_push_info("reading password");
566#endif
567 530
568 if (!noprompt && 531 if (!noprompt &&
569 EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) { 532 EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) {
@@ -573,10 +536,6 @@ pkcs12_main(int argc, char **argv)
573 if (!twopass) 536 if (!twopass)
574 strlcpy(macpass, pass, sizeof macpass); 537 strlcpy(macpass, pass, sizeof macpass);
575 538
576#ifdef CRYPTO_MDEBUG
577 CRYPTO_pop_info();
578 CRYPTO_push_info("creating PKCS#12 structure");
579#endif
580 539
581 p12 = PKCS12_create(cpass, name, key, ucert, certs, 540 p12 = PKCS12_create(cpass, name, key, ucert, certs,
582 key_pbe, cert_pbe, iter, -1, keytype); 541 key_pbe, cert_pbe, iter, -1, keytype);
@@ -595,21 +554,12 @@ pkcs12_main(int argc, char **argv)
595 if (maciter != -1) 554 if (maciter != -1)
596 PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd); 555 PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd);
597 556
598#ifdef CRYPTO_MDEBUG
599 CRYPTO_pop_info();
600 CRYPTO_push_info("writing pkcs12");
601#endif
602 557
603 i2d_PKCS12_bio(out, p12); 558 i2d_PKCS12_bio(out, p12);
604 559
605 ret = 0; 560 ret = 0;
606 561
607export_end: 562export_end:
608#ifdef CRYPTO_MDEBUG
609 CRYPTO_pop_info();
610 CRYPTO_pop_info();
611 CRYPTO_push_info("process -export_cert: freeing");
612#endif
613 563
614 if (key) 564 if (key)
615 EVP_PKEY_free(key); 565 EVP_PKEY_free(key);
@@ -618,9 +568,6 @@ export_end:
618 if (ucert) 568 if (ucert)
619 X509_free(ucert); 569 X509_free(ucert);
620 570
621#ifdef CRYPTO_MDEBUG
622 CRYPTO_pop_info();
623#endif
624 goto end; 571 goto end;
625 572
626 } 573 }
@@ -628,16 +575,10 @@ export_end:
628 ERR_print_errors(bio_err); 575 ERR_print_errors(bio_err);
629 goto end; 576 goto end;
630 } 577 }
631#ifdef CRYPTO_MDEBUG
632 CRYPTO_push_info("read import password");
633#endif
634 if (!noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", 0)) { 578 if (!noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", 0)) {
635 BIO_printf(bio_err, "Can't read Password\n"); 579 BIO_printf(bio_err, "Can't read Password\n");
636 goto end; 580 goto end;
637 } 581 }
638#ifdef CRYPTO_MDEBUG
639 CRYPTO_pop_info();
640#endif
641 582
642 if (!twopass) 583 if (!twopass)
643 strlcpy(macpass, pass, sizeof macpass); 584 strlcpy(macpass, pass, sizeof macpass);
@@ -645,9 +586,6 @@ export_end:
645 if ((options & INFO) && p12->mac) 586 if ((options & INFO) && p12->mac)
646 BIO_printf(bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get(p12->mac->iter) : 1); 587 BIO_printf(bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get(p12->mac->iter) : 1);
647 if (macver) { 588 if (macver) {
648#ifdef CRYPTO_MDEBUG
649 CRYPTO_push_info("verify MAC");
650#endif
651 /* If we enter empty password try no password first */ 589 /* If we enter empty password try no password first */
652 if (!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) { 590 if (!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
653 /* If mac and crypto pass the same set it to NULL too */ 591 /* If mac and crypto pass the same set it to NULL too */
@@ -659,28 +597,16 @@ export_end:
659 goto end; 597 goto end;
660 } 598 }
661 BIO_printf(bio_err, "MAC verified OK\n"); 599 BIO_printf(bio_err, "MAC verified OK\n");
662#ifdef CRYPTO_MDEBUG
663 CRYPTO_pop_info();
664#endif
665 } 600 }
666#ifdef CRYPTO_MDEBUG
667 CRYPTO_push_info("output keys and certificates");
668#endif
669 if (!dump_certs_keys_p12(out, p12, cpass, -1, options, passout)) { 601 if (!dump_certs_keys_p12(out, p12, cpass, -1, options, passout)) {
670 BIO_printf(bio_err, "Error outputting keys and certificates\n"); 602 BIO_printf(bio_err, "Error outputting keys and certificates\n");
671 ERR_print_errors(bio_err); 603 ERR_print_errors(bio_err);
672 goto end; 604 goto end;
673 } 605 }
674#ifdef CRYPTO_MDEBUG
675 CRYPTO_pop_info();
676#endif
677 ret = 0; 606 ret = 0;
678end: 607end:
679 if (p12) 608 if (p12)
680 PKCS12_free(p12); 609 PKCS12_free(p12);
681#ifdef CRYPTO_MDEBUG
682 CRYPTO_remove_all_info();
683#endif
684 BIO_free(in); 610 BIO_free(in);
685 BIO_free_all(out); 611 BIO_free_all(out);
686 if (canames) 612 if (canames)
@@ -893,22 +819,10 @@ cert_load(BIO * in, STACK_OF(X509) * sk)
893 int ret; 819 int ret;
894 X509 *cert; 820 X509 *cert;
895 ret = 0; 821 ret = 0;
896#ifdef CRYPTO_MDEBUG
897 CRYPTO_push_info("cert_load(): reading one cert");
898#endif
899 while ((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) { 822 while ((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
900#ifdef CRYPTO_MDEBUG
901 CRYPTO_pop_info();
902#endif
903 ret = 1; 823 ret = 1;
904 sk_X509_push(sk, cert); 824 sk_X509_push(sk, cert);
905#ifdef CRYPTO_MDEBUG
906 CRYPTO_push_info("cert_load(): reading one cert");
907#endif
908 } 825 }
909#ifdef CRYPTO_MDEBUG
910 CRYPTO_pop_info();
911#endif
912 if (ret) 826 if (ret)
913 ERR_clear_error(); 827 ERR_clear_error();
914 return ret; 828 return ret;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-27 09:50:19 +0000