summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2013-02-10 21:52:05 +0100
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2013-02-10 21:52:09 +0100
commit63f8e1c8853339cf202ce32ad0e70af9d2ff62b2 (patch)
tree974f4e35ee1c535150cfa9610c7ce8e5de1fafe8
parenteff2ae1606c7fea45dd1178de60b5cbf5c1012f9 (diff)
downloadgnutls-63f8e1c8853339cf202ce32ad0e70af9d2ff62b2.tar.gz
certtool's --to-p12 will now ask for a password to generate PKCS #12 files.
That is when provided an encrypted key file. Reported by Yan Fiz.
Diffstat
-rw-r--r--NEWS9
-rw-r--r--src/certtool-extras.c16
2 files changed, 23 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index 19296ff7d8..a5e8f69fac 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,15 @@ GnuTLS NEWS -- History of user-visible changes. -*- outline -*-
Copyright (C) 2000-2012 Free Software Foundation, Inc.
See the end for copying conditions.
+* Version 3.1.9 (unreleased)
+
+** certtool: option --to-p12 will now ask for a password to generate
+a PKCS #12 file from an encrypted key file. Reported by Yan Fiz.
+
+** API and ABI modifications:
+No changes since last version.
+
+
* Version 3.1.8 (released 2013-02-10)
** libgnutls: Fixed issue in gnutls_x509_privkey_import2() which didn't return
diff --git a/src/certtool-extras.c b/src/certtool-extras.c
index 8ea890e9be..14221885ec 100644
--- a/src/certtool-extras.c
+++ b/src/certtool-extras.c
@@ -55,6 +55,8 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info)
int ret, i;
gnutls_datum_t dat, file_data;
int ptr_size;
+ unsigned int flags = 0;
+ const char* pass;
*privkey_size = 0;
fprintf (stderr, "Loading private key list...\n");
@@ -83,12 +85,23 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info)
dat.data = (void*)ptr;
dat.size = ptr_size;
- ret = gnutls_x509_privkey_import (key[i], &dat, info->incert_format);
+ ret = gnutls_x509_privkey_import2 (key[i], &dat, info->incert_format, NULL, 0);
+ if (ret == GNUTLS_E_DECRYPTION_FAILED)
+ {
+ pass = get_password (info, &flags, 0);
+ ret = gnutls_x509_privkey_import2 (key[i], &dat, info->incert_format, pass, flags);
+ }
+
if (ret < 0 && *privkey_size > 0)
break;
if (ret < 0)
error (EXIT_FAILURE, 0, "privkey_import: %s", gnutls_strerror (ret));
+ (*privkey_size)++;
+
+ if (info->incert_format != GNUTLS_X509_FMT_PEM)
+ break;
+
ptr = strstr (ptr, "---END");
if (ptr == NULL)
break;
@@ -101,7 +114,6 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info)
if (ptr_size < 0)
break;
- (*privkey_size)++;
}
gnutls_free(file_data.data);
View Lorry Controller Status