diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2000-05-04 00:08:35 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2000-05-04 00:08:35 +0000 |
commit | a331a305e9c9c5353bd42db6dbda78a418285708 (patch) | |
tree | d43a47f9dc244b7e04ea05547286b42053cc587d /apps/pkcs12.c | |
parent | 316e6a66f2c4f28f8705636921825c467a5ceef3 (diff) | |
download | openssl-a331a305e9c9c5353bd42db6dbda78a418285708.tar.gz |
Make PKCS#12 code handle missing passwords.
Add a couple of FAQs.
Diffstat (limited to 'apps/pkcs12.c')
-rw-r--r-- | apps/pkcs12.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/apps/pkcs12.c b/apps/pkcs12.c index bf76864713..baf5505ecb 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -528,11 +528,16 @@ int MAIN(int argc, char **argv) #ifdef CRYPTO_MDEBUG CRYPTO_push_info("verify MAC"); #endif - if (!PKCS12_verify_mac (p12, mpass, -1)) { + /* If we enter empty password try no password first */ + if(!macpass[0] && PKCS12_verify_mac(p12, NULL, 0)) { + /* If mac and crypto pass the same set it to NULL too */ + if(!twopass) cpass = NULL; + } else if (!PKCS12_verify_mac(p12, mpass, -1)) { BIO_printf (bio_err, "Mac verify error: invalid password?\n"); ERR_print_errors (bio_err); goto end; - } else BIO_printf (bio_err, "MAC verified OK\n"); + } + BIO_printf (bio_err, "MAC verified OK\n"); #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); #endif @@ -549,9 +554,9 @@ int MAIN(int argc, char **argv) #ifdef CRYPTO_MDEBUG CRYPTO_pop_info(); #endif - PKCS12_free(p12); ret = 0; end: + PKCS12_free(p12); if(export_cert || inrand) app_RAND_write_file(NULL, bio_err); #ifdef CRYPTO_MDEBUG CRYPTO_remove_all_info(); |