Created
December 25, 2013 11:06
-
-
Save Lekensteyn/8122263 to your computer and use it in GitHub Desktop.
Patch by Tom Leek for custom PKCS8 iteration count http://security.stackexchange.com/a/39901/2630
(Similar work: https://rt.openssl.org/Ticket/Display.html?id=2995&user=guest&pass=guest http://marc.info/?l=openssl-dev&m=136987222018023&w=3)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- a/apps/pkcs8.c | |
| +++ b/apps/pkcs8.c | |
| @@ -157,6 +157,12 @@ int MAIN(int argc, char **argv) | |
| topk8 = 1; | |
| else if (!strcmp (*args, "-noiter")) | |
| iter = 1; | |
| + else if (!strcmp (*args, "-iter")) | |
| + { | |
| + if (!args[1]) goto bad; | |
| + iter = atoi(*(++args)); | |
| + if (iter <= 0) goto bad; | |
| + } | |
| else if (!strcmp (*args, "-nocrypt")) | |
| nocrypt = 1; | |
| else if (!strcmp (*args, "-nooct")) | |
| @@ -220,6 +226,7 @@ int MAIN(int argc, char **argv) | |
| BIO_printf(bio_err, "-embed use (nonstandard) embedded DSA parameters format\n"); | |
| BIO_printf(bio_err, "-nsdb use (nonstandard) DSA Netscape DB format\n"); | |
| BIO_printf(bio_err, "-noiter use 1 as iteration count\n"); | |
| + BIO_printf(bio_err, "-iter count use count as iteration count\n"); | |
| BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n"); | |
| BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n"); | |
| BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n"); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment