aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRenĂ© Korthaus <[email protected]>2017-07-11 14:23:57 +0200
committerRenĂ© Korthaus <[email protected]>2017-07-11 14:33:42 +0200
commit5010f82fc3b2003160bba640173632986f1c5f55 (patch)
treef463f075874785db6f42bd35a0cbef0f9032b371
parent38fe6d3ab3e8a4be2becd5fd0b8c7bb4a8f1e192 (diff)
Fix loading of unencrypted PKCS#8 key via CLI
CLI passed an emtpy password to PKCS8::load_key(), even if --pass-in was not given, which caused loading of unencrypted private keys to fail. Fixed by calling the corresponding flavour of load_key().
-rw-r--r--src/cli/pubkey.cpp26
1 files changed, 16 insertions, 10 deletions
diff --git a/src/cli/pubkey.cpp b/src/cli/pubkey.cpp
index 25f3e2ed5..5112fedb5 100644
--- a/src/cli/pubkey.cpp
+++ b/src/cli/pubkey.cpp
@@ -262,11 +262,17 @@ class PKCS8_Tool final : public Command
void go() override
{
- std::unique_ptr<Botan::Private_Key> key(
- Botan::PKCS8::load_key(
- get_arg("key"),
- rng(),
- get_arg("pass-in")));
+ std::unique_ptr<Botan::Private_Key> key;
+ std::string pass_in = get_arg("pass-in");
+
+ if (pass_in.empty())
+ {
+ key.reset(Botan::PKCS8::load_key(get_arg("key"), rng()));
+ }
+ else
+ {
+ key.reset(Botan::PKCS8::load_key(get_arg("key"), rng(), pass_in));
+ }
const std::chrono::milliseconds pbe_millis(get_arg_sz("pbe-millis"));
const std::string pbe = get_arg("pbe");
@@ -285,28 +291,28 @@ class PKCS8_Tool final : public Command
}
else
{
- const std::string pass = get_arg("pass-out");
+ const std::string pass_out = get_arg("pass-out");
if(der_out)
{
- if(pass.empty())
+ if(pass_out.empty())
{
write_output(Botan::PKCS8::BER_encode(*key));
}
else
{
- write_output(Botan::PKCS8::BER_encode(*key, rng(), pass, pbe_millis, pbe));
+ write_output(Botan::PKCS8::BER_encode(*key, rng(), pass_out, pbe_millis, pbe));
}
}
else
{
- if(pass.empty())
+ if(pass_out.empty())
{
output() << Botan::PKCS8::PEM_encode(*key);
}
else
{
- output() << Botan::PKCS8::PEM_encode(*key, rng(), pass, pbe_millis, pbe);
+ output() << Botan::PKCS8::PEM_encode(*key, rng(), pass_out, pbe_millis, pbe);
}
}
}