diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2018-08-24 20:09:57 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2018-08-24 20:09:57 +0000 |
| commit | 07893d2c77ffcf3f2d747fbf490a758144a32860 (patch) | |
| tree | f1a3142baa1ffe650b8dce66ace9a11a521083ff | |
| parent | 8c98714ec23e1e2dcf8489b2422309fa8c463627 (diff) | |
Stop handling broken PKCS#8 formats in openssl(1).
ok jsing
| -rw-r--r-- | usr.bin/openssl/pkcs8.c | 54 |
1 files changed, 2 insertions, 52 deletions
diff --git a/usr.bin/openssl/pkcs8.c b/usr.bin/openssl/pkcs8.c index a0dac887729..03278989034 100644 --- a/usr.bin/openssl/pkcs8.c +++ b/usr.bin/openssl/pkcs8.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs8.c,v 1.11 2018/02/07 05:47:55 jsing Exp $ */ +/* $OpenBSD: pkcs8.c,v 1.12 2018/08/24 20:09:56 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999-2004. */ @@ -75,7 +75,6 @@ static struct { int nocrypt; char *outfile; int outformat; - int p8_broken; char *passargin; char *passargout; int pbe_nid; @@ -106,13 +105,6 @@ pkcs8_opt_v2(char *arg) static struct option pkcs8_options[] = { { - .name = "embed", - .desc = "Generate DSA keys in a broken format", - .type = OPTION_VALUE, - .value = PKCS8_EMBEDDED_PARAM, - .opt.value = &pkcs8_config.p8_broken, - }, - { .name = "in", .argname = "file", .desc = "Input file (default stdin)", @@ -140,20 +132,6 @@ static struct option pkcs8_options[] = { .opt.value = &pkcs8_config.iter, }, { - .name = "nooct", - .desc = "Generate RSA keys in a broken format (no octet)", - .type = OPTION_VALUE, - .value = PKCS8_NO_OCTET, - .opt.value = &pkcs8_config.p8_broken, - }, - { - .name = "nsdb", - .desc = "Generate DSA keys in the broken Netscape DB format", - .type = OPTION_VALUE, - .value = PKCS8_NS_DB, - .opt.value = &pkcs8_config.p8_broken, - }, - { .name = "out", .argname = "file", .desc = "Output file (default stdout)", @@ -238,7 +216,6 @@ pkcs8_main(int argc, char **argv) pkcs8_config.iter = PKCS12_DEFAULT_ITER; pkcs8_config.informat = FORMAT_PEM; pkcs8_config.outformat = FORMAT_PEM; - pkcs8_config.p8_broken = PKCS8_OK; pkcs8_config.pbe_nid = -1; if (options_parse(argc, argv, pkcs8_options, NULL, NULL) != 0) { @@ -278,8 +255,7 @@ pkcs8_main(int argc, char **argv) pkcs8_config.informat, 1, passin, "key"); if (!pkey) goto end; - if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, - pkcs8_config.p8_broken))) { + if (!(p8inf = EVP_PKEY2PKCS8(pkey))) { BIO_printf(bio_err, "Error converting key\n"); ERR_print_errors(bio_err); goto end; @@ -369,32 +345,6 @@ pkcs8_main(int argc, char **argv) ERR_print_errors(bio_err); goto end; } - if (p8inf->broken) { - BIO_printf(bio_err, "Warning: broken key encoding: "); - switch (p8inf->broken) { - case PKCS8_NO_OCTET: - BIO_printf(bio_err, "No Octet String in PrivateKey\n"); - break; - - case PKCS8_EMBEDDED_PARAM: - BIO_printf(bio_err, - "DSA parameters included in PrivateKey\n"); - break; - - case PKCS8_NS_DB: - BIO_printf(bio_err, - "DSA public key include in PrivateKey\n"); - break; - - case PKCS8_NEG_PRIVKEY: - BIO_printf(bio_err, "DSA private key value is negative\n"); - break; - - default: - BIO_printf(bio_err, "Unknown broken type\n"); - break; - } - } if (pkcs8_config.outformat == FORMAT_PEM) PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout); |