-/* $OpenBSD: pkcs12.c,v 1.27 2024/02/28 17:04:38 tb Exp $ */
+/* $OpenBSD: pkcs12.c,v 1.28 2024/08/22 12:14:33 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
static int set_pbe(BIO *err, int *ppbe, const char *str);
static struct {
- int add_lmk;
char *CAfile;
STACK_OF(OPENSSL_STRING) *canames;
char *CApath;
int cert_pbe;
char *certfile;
int chain;
- char *csp_name;
const EVP_CIPHER *enc;
int export_cert;
int key_pbe;
.opt.value = &cfg.options,
.value = CLCERTS,
},
- {
- .name = "CSP",
- .argname = "name",
- .desc = "Microsoft CSP name",
- .type = OPTION_ARG,
- .opt.arg = &cfg.csp_name,
- },
{
.name = "descert",
.desc = "Encrypt PKCS#12 certificates with triple DES (default RC2-40)",
.opt.value = &cfg.keytype,
.value = KEY_SIG,
},
- {
- .name = "LMK",
- .desc = "Add local machine keyset attribute to private key",
- .type = OPTION_FLAG,
- .opt.flag = &cfg.add_lmk,
- },
{
.name = "macalg",
.argname = "alg",
X509_alias_set1(sk_X509_value(certs, i), catmp, -1);
}
- if (cfg.csp_name != NULL && key != NULL)
- EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name,
- MBSTRING_ASC,
- (unsigned char *) cfg.csp_name, -1);
-
- if (cfg.add_lmk && key != NULL)
- EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL,
- -1);
-
if (!cfg.noprompt &&
EVP_read_pw_string(pass, sizeof pass,
"Enter Export Password:", 1)) {