Skip to content

Commit

Permalink
APPS/pkcs8: fix case where infile and outfile are the same
Browse files Browse the repository at this point in the history
  • Loading branch information
@DDvO
DDvO committed Sep 28, 2024
1 parent 8254153 commit f8587cb
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 11 deletions.
8 changes: 5 additions & 3 deletions apps/pkcs8.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -227,9 +227,6 @@ int pkcs8_main(int argc, char **argv)
informat == FORMAT_UNDEF ? FORMAT_PEM : informat);
if (in == NULL)
goto end;
out = bio_open_owner(outfile, outformat, private);
if (out == NULL)
goto end;

if (topk8) {
pkey = load_key(infile, informat, 1, passin, e, "key");
Expand All @@ -240,6 +237,8 @@ int pkcs8_main(int argc, char **argv)
ERR_print_errors(bio_err);
goto end;
}
if ((out = bio_open_owner(outfile, outformat, private)) == NULL)
goto end;
if (nocrypt) {
assert(private);
if (outformat == FORMAT_PEM) {
Expand Down Expand Up @@ -361,6 +360,9 @@ int pkcs8_main(int argc, char **argv)
}

assert(private);
out = bio_open_owner(outfile, outformat, private);
if (out == NULL)
goto end;
if (outformat == FORMAT_PEM) {
if (traditional)
PEM_write_bio_PrivateKey_traditional(out, pkey, NULL, NULL, 0,
Expand Down
30 changes: 22 additions & 8 deletions test/recipes/25-test_pkcs8.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,29 @@ use strict;
use warnings;

use OpenSSL::Test::Utils;
use File::Compare qw(compare_text);
use File::Copy;
use File::Compare qw(compare_text compare);
use OpenSSL::Test qw/:DEFAULT srctop_file ok_nofips is_nofips/;

setup("test_pkcs8");

plan tests => 15;
plan tests => 18;

my $pc5_key = srctop_file('test', 'certs', 'pc5-key.pem');

my $inout = 'inout.pem';
copy($pc5_key, $inout);
ok(run(app(['openssl', 'pkcs8', '-topk8', '-in', $inout,
'-out', $inout, '-passout', 'pass:password'])),
"identical infile and outfile, to PKCS#8");
ok(run(app(['openssl', 'pkcs8', '-in', $inout,
'-out', $inout, '-passin', 'pass:password'])),
"identical infile and outfile, from PKCS#8");
is(compare($pc5_key, $inout), 0,
"Same file contents after converting forth and back");

ok(run(app(([ 'openssl', 'pkcs8', '-topk8',
'-in', srctop_file('test', 'certs', 'pc5-key.pem'),
'-in', $pc5_key,
'-out', 'pbkdf2_default_saltlen.pem',
'-passout', 'pass:password']))),
"Convert a private key to PKCS5 v2.0 format using PBKDF2 with the default saltlen");
Expand All @@ -35,7 +49,7 @@ SKIP: {
if disabled("scrypt");

ok(run(app(([ 'openssl', 'pkcs8', '-topk8',
'-in', srctop_file('test', 'certs', 'pc5-key.pem'),
'-in', $pc5_key,
'-scrypt',
'-out', 'scrypt_default_saltlen.pem',
'-passout', 'pass:password']))),
Expand All @@ -49,7 +63,7 @@ SKIP: {
"Check the default size of the SCRYPT PARAM 'salt length' = 16");

ok(run(app(([ 'openssl', 'pkcs8', '-topk8',
'-in', srctop_file('test', 'certs', 'pc5-key.pem'),
'-in', $pc5_key,
'-scrypt',
'-saltlen', '8',
'-out', 'scrypt_64bit_saltlen.pem',
Expand All @@ -69,7 +83,7 @@ SKIP: {
if disabled('legacy') || disabled("des");

ok(run(app(([ 'openssl', 'pkcs8', '-topk8',
'-in', srctop_file('test', 'certs', 'pc5-key.pem'),
'-in', $pc5_key,
'-v1', "PBE-MD5-DES",
'-provider', 'legacy',
'-provider', 'default',
Expand All @@ -83,7 +97,7 @@ SKIP: {
"Check the default size of the PBE PARAM 'salt length' = 8");

ok(run(app(([ 'openssl', 'pkcs8', '-topk8',
'-in', srctop_file('test', 'certs', 'pc5-key.pem'),
'-in', $pc5_key,
'-v1', "PBE-MD5-DES",
'-saltlen', '16',
'-provider', 'legacy',
Expand All @@ -100,7 +114,7 @@ SKIP: {


ok(run(app(([ 'openssl', 'pkcs8', '-topk8',
'-in', srctop_file('test', 'certs', 'pc5-key.pem'),
'-in', $pc5_key,
'-saltlen', '8',
'-out', 'pbkdf2_64bit_saltlen.pem',
'-passout', 'pass:password']))),
Expand Down

0 comments on commit f8587cb

Please sign in to comment.