diff options
author | naaysayer <note11781@gmail.com> | 2024-03-02 13:35:35 +0400 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-05-14 15:36:33 +0200 |
commit | f5462572a1873482ce38646cbf00dfc483f02068 (patch) | |
tree | 8db4b846d9e88625443f5cfd68526f657daf9af4 /apps | |
parent | 125719ba1190d2f3e0587221514ddfb8c5e11ef7 (diff) | |
download | openssl-f5462572a1873482ce38646cbf00dfc483f02068.zip openssl-f5462572a1873482ce38646cbf00dfc483f02068.tar.gz openssl-f5462572a1873482ce38646cbf00dfc483f02068.tar.bz2 |
apps/pkcs12: Not writing the private key file until the import password is verified
Fixes #904
CLA: trivial
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23729)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/pkcs12.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 6d212b3..e6fbc57 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -732,9 +732,6 @@ int pkcs12_main(int argc, char **argv) in = bio_open_default(infile, 'r', FORMAT_PKCS12); if (in == NULL) goto end; - out = bio_open_owner(outfile, FORMAT_PEM, private); - if (out == NULL) - goto end; p12 = PKCS12_init_ex(NID_pkcs7_data, app_get0_libctx(), app_get0_propq()); if (p12 == NULL) { @@ -834,6 +831,11 @@ int pkcs12_main(int argc, char **argv) dump: assert(private); + + out = bio_open_owner(outfile, FORMAT_PEM, private); + if (out == NULL) + goto end; + if (!dump_certs_keys_p12(out, p12, cpass, -1, options, passout, enc)) { BIO_printf(bio_err, "Error outputting keys and certificates\n"); ERR_print_errors(bio_err); |