Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
12ea4470
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
9 个月 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
12ea4470
编写于
7月 29, 1999
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Tidy up pkcs12 application.
上级
4320afe3
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
40 addition
and
46 deletion
+40
-46
apps/pkcs12.c
apps/pkcs12.c
+40
-46
未找到文件。
apps/pkcs12.c
浏览文件 @
12ea4470
...
...
@@ -238,42 +238,42 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings
();
in
=
BIO_new
(
BIO_s_file
());
out
=
BIO_new
(
BIO_s_file
());
if
(
!
infile
)
BIO_set_fp
(
in
,
stdin
,
BIO_NOCLOSE
);
else
{
if
(
BIO_read_filename
(
in
,
infile
)
<=
0
)
{
if
(
!
infile
)
in
=
BIO_new_fp
(
stdin
,
BIO_NOCLOSE
);
else
in
=
BIO_new_file
(
infile
,
"rb"
);
if
(
!
in
)
{
BIO_printf
(
bio_err
,
"Error opening input file %s
\n
"
,
infile
?
infile
:
"<stdin>"
);
perror
(
infile
);
goto
end
;
}
}
}
if
(
certfile
)
{
certsin
=
BIO_new
(
BIO_s_file
());
if
(
BIO_read_filename
(
certsin
,
certfile
)
<=
0
)
{
if
(
!
(
certsin
=
BIO_new_file
(
certfile
,
"r"
)))
{
BIO_printf
(
bio_err
,
"Can't open certificate file %s
\n
"
,
certfile
);
perror
(
certfile
);
goto
end
;
}
}
if
(
keyname
)
{
i
nkey
=
BIO_new
(
BIO_s_file
());
if
(
BIO_read_filename
(
inkey
,
keyname
)
<=
0
)
{
i
f
(
!
(
inkey
=
BIO_new_file
(
keyname
,
"r"
)))
{
BIO_printf
(
bio_err
,
"Can't key certificate file %s
\n
"
,
keyname
);
perror
(
keyname
);
goto
end
;
}
}
if
(
!
outfile
)
BIO_set_fp
(
out
,
stdout
,
BIO_NOCLOSE
);
else
{
if
(
BIO_write_filename
(
out
,
outfile
)
<=
0
)
{
perror
(
outfile
);
goto
end
;
}
if
(
!
outfile
)
out
=
BIO_new_fp
(
stdout
,
BIO_NOCLOSE
);
else
out
=
BIO_new_file
(
outfile
,
"wb"
);
if
(
!
out
)
{
BIO_printf
(
bio_err
,
"Error opening output file %s
\n
"
,
outfile
?
outfile
:
"<stdout>"
);
perror
(
outfile
);
goto
end
;
}
if
(
twopass
)
{
if
(
EVP_read_pw_string
(
macpass
,
50
,
"Enter MAC Password:"
,
export_cert
))
{
if
(
EVP_read_pw_string
(
macpass
,
50
,
"Enter MAC Password:"
,
export_cert
))
{
BIO_printf
(
bio_err
,
"Can't read Password
\n
"
);
goto
end
;
}
...
...
@@ -285,15 +285,14 @@ if (export_cert) {
PKCS12_SAFEBAG
*
bag
;
PKCS8_PRIV_KEY_INFO
*
p8
;
PKCS7
*
authsafe
;
X509
*
cert
,
*
ucert
=
NULL
;
X509
*
cert
=
NULL
,
*
ucert
=
NULL
;
STACK_OF
(
X509
)
*
certs
;
char
*
catmp
;
int
i
,
pmatch
=
0
;
int
i
;
unsigned
char
keyid
[
EVP_MAX_MD_SIZE
];
unsigned
int
keyidlen
;
/* Get private key so we can match it to a certificate */
unsigned
int
keyidlen
=
0
;
key
=
PEM_read_bio_PrivateKey
(
inkey
?
inkey
:
in
,
NULL
,
NULL
,
NULL
);
if
(
!
inkey
)
(
void
)
BIO_reset
(
in
);
if
(
!
inkey
)
(
void
)
BIO_reset
(
in
);
if
(
!
key
)
{
BIO_printf
(
bio_err
,
"Error loading private key
\n
"
);
ERR_print_errors
(
bio_err
);
...
...
@@ -308,6 +307,19 @@ if (export_cert) {
ERR_print_errors
(
bio_err
);
goto
end
;
}
for
(
i
=
0
;
i
<
sk_X509_num
(
certs
);
i
++
)
{
ucert
=
sk_X509_value
(
certs
,
i
);
if
(
X509_check_private_key
(
ucert
,
key
))
{
X509_digest
(
cert
,
EVP_sha1
(),
keyid
,
&
keyidlen
);
break
;
}
}
if
(
!
keyidlen
)
{
BIO_printf
(
bio_err
,
"No certificate matches private key
\n
"
);
goto
end
;
}
bags
=
sk_new
(
NULL
);
...
...
@@ -321,26 +333,10 @@ if (export_cert) {
BIO_free
(
certsin
);
}
/* Find certificate (if any) matching private key */
for
(
i
=
0
;
i
<
sk_X509_num
(
certs
);
i
++
)
{
cert
=
sk_X509_value
(
certs
,
i
);
if
(
X509_check_private_key
(
cert
,
key
))
{
ucert
=
cert
;
break
;
}
}
if
(
!
ucert
)
{
BIO_printf
(
bio_err
,
"No certificate matches private key
\n
"
);
goto
end
;
}
/* If chaining get chain from user cert */
if
(
chain
)
{
int
vret
;
STACK_OF
(
X509
)
*
chain2
;
vret
=
get_cert_chain
(
ucert
,
&
chain2
);
if
(
vret
)
{
BIO_printf
(
bio_err
,
"Error %s getting chain.
\n
"
,
...
...
@@ -358,12 +354,10 @@ if (export_cert) {
for
(
i
=
0
;
i
<
sk_X509_num
(
certs
);
i
++
)
{
cert
=
sk_X509_value
(
certs
,
i
);
bag
=
M_PKCS12_x5092certbag
(
cert
);
/* If it matches private key
mark it
*/
/* If it matches private key
set id
*/
if
(
cert
==
ucert
)
{
if
(
name
)
PKCS12_add_friendlyname
(
bag
,
name
,
-
1
);
X509_digest
(
cert
,
EVP_sha1
(),
keyid
,
&
keyidlen
);
PKCS12_add_localkeyid
(
bag
,
keyid
,
keyidlen
);
pmatch
=
1
;
}
else
if
((
catmp
=
sk_shift
(
canames
)))
PKCS12_add_friendlyname
(
bag
,
catmp
,
-
1
);
sk_push
(
bags
,
(
char
*
)
bag
);
...
...
@@ -378,7 +372,7 @@ if (export_cert) {
}
if
(
!
twopass
)
strcpy
(
macpass
,
pass
);
/* Turn certbags into encrypted authsafe */
authsafe
=
PKCS12_pack_p7encdata
(
cert_pbe
,
cpass
,
-
1
,
NULL
,
0
,
authsafe
=
PKCS12_pack_p7encdata
(
cert_pbe
,
cpass
,
-
1
,
NULL
,
0
,
iter
,
bags
);
sk_pop_free
(
bags
,
PKCS12_SAFEBAG_free
);
...
...
@@ -394,11 +388,11 @@ if (export_cert) {
p8
=
EVP_PKEY2PKCS8
(
key
);
EVP_PKEY_free
(
key
);
if
(
keytype
)
PKCS8_add_keyusage
(
p8
,
keytype
);
bag
=
PKCS12_MAKE_SHKEYBAG
(
NID_pbe_WithSHA1And3_Key_TripleDES_CBC
,
bag
=
PKCS12_MAKE_SHKEYBAG
(
NID_pbe_WithSHA1And3_Key_TripleDES_CBC
,
cpass
,
-
1
,
NULL
,
0
,
iter
,
p8
);
PKCS8_PRIV_KEY_INFO_free
(
p8
);
if
(
name
)
PKCS12_add_friendlyname
(
bag
,
name
,
-
1
);
if
(
pmatch
)
PKCS12_add_localkeyid
(
bag
,
keyid
,
keyidlen
);
PKCS12_add_localkeyid
(
bag
,
keyid
,
keyidlen
);
bags
=
sk_new
(
NULL
);
sk_push
(
bags
,
(
char
*
)
bag
);
/* Turn it into unencrypted safe bag */
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录