generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make PKCS#12 code handle missing passwords.

Browse Source 
Add a couple of FAQs.
This commit is contained in:
Dr. Stephen Henson
2000-05-04 00:08:35 +00:00
parent 316e6a66f2
commit a331a305e9
9 changed files with 81 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
apps/pkcs12.c
View File

@@ -528,11 +528,16 @@ int MAIN(int argc, char **argv)
#ifdef CRYPTO_MDEBUG
CRYPTO_push_info("verify MAC");
#endif
if (!PKCS12_verify_mac (p12, mpass, -1)) {
/* If we enter empty password try no password first */
if(!macpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
/* If mac and crypto pass the same set it to NULL too */
if(!twopass) cpass = NULL;
} else if (!PKCS12_verify_mac(p12, mpass, -1)) {
BIO_printf (bio_err, "Mac verify error: invalid password?\n");
ERR_print_errors (bio_err);
goto end;
} else BIO_printf (bio_err, "MAC verified OK\n");
}
BIO_printf (bio_err, "MAC verified OK\n");
#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
#endif
@@ -549,9 +554,9 @@ int MAIN(int argc, char **argv)
#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
#endif
PKCS12_free(p12);
ret = 0;
end:
PKCS12_free(p12);
if(export_cert || inrand) app_RAND_write_file(NULL, bio_err);
#ifdef CRYPTO_MDEBUG
CRYPTO_remove_all_info();