[rs-commit] r79 - /redwax-tool/trunk/redwax_openssl.c
rs-commit at redwax.eu
rs-commit at redwax.eu
Thu Nov 25 12:40:47 CET 2021
Author: minfrin at redwax.eu
Date: Thu Nov 25 12:40:47 2021
New Revision: 79
Log:
Collapse decrypt_secret and encrypt_secret into a single
read_secret.
Modified:
redwax-tool/trunk/redwax_openssl.c
Modified: redwax-tool/trunk/redwax_openssl.c
==============================================================================
--- redwax-tool/trunk/redwax_openssl.c (original)
+++ redwax-tool/trunk/redwax_openssl.c Thu Nov 25 12:40:47 2021
@@ -1737,8 +1737,8 @@
return APR_SUCCESS;
}
-static const char *encrypt_secret(redwax_tool_t *r, const char *what, const char *file,
- const char *secret, int min, int max, apr_pool_t *pool)
+static const char *read_secret(redwax_tool_t *r, const char *what, const char *file,
+ const char *secret, int min, int max, int verify, apr_pool_t *pool)
{
@@ -1826,11 +1826,18 @@
apr_pool_cleanup_register(pool, prompt, cleanup_alloc,
apr_pool_cleanup_null);
- if (UI_add_input_string(ui, prompt, 0, buf, min, max) < 0
- || (UI_add_verify_string(ui, prompt, 0, buff, min,
- max, buf) < 0)) {
-
- return NULL;
+ if (verify) {
+ if (UI_add_input_string(ui, prompt, 0, buf, min, max) < 0
+ || (UI_add_verify_string(ui, prompt, 0, buff, min, max, buf)
+ < 0)) {
+
+ return NULL;
+ }
+ } else {
+ if (UI_add_input_string(ui, prompt, 0, buf, min, max) < 0) {
+
+ return NULL;
+ }
}
if (!UI_process(ui)) {
@@ -1844,28 +1851,6 @@
}
return NULL;
-}
-
-apr_status_t decrypt_secret(redwax_tool_t *r, const char *file,
- const char *secret)
-{
-
- /*
- * Obtain a secret to decrypt a key.
- *
- * Secret file specified and secret file exists, use that secret.
- *
- * Secret file specified and secret file does not exist, bail out
- * with an error.
- *
- * No secret file specified, and we are on the console, ask for
- * the secret from the console once.
- *
- * No secret file specified, and we are not on the console. Bail
- * out with an error.
- */
-
- return APR_SUCCESS;
}
static apr_status_t import_bags(redwax_tool_t *r, const char *file, const char *secret,
@@ -1954,9 +1939,9 @@
const ASN1_TYPE *label;
if (!(*pass)) {
- *pass = encrypt_secret(r, "PKCS12 import passphrase", file,
+ *pass = read_secret(r, "PKCS12 import passphrase", file,
secret,
- REDWAX_PKCS12_MIN, REDWAX_PKCS12_MAX, r->pool);
+ 0, REDWAX_PKCS12_MAX, 0, r->pool);
if (!(*pass)) {
return APR_ENOENT;
}
@@ -2204,9 +2189,9 @@
else if (bagnid == NID_pkcs7_encrypted) {
if (!pass) {
- pass = encrypt_secret(r, "PKCS12 import passphrase", file,
+ pass = read_secret(r, "PKCS12 import passphrase", file,
secret,
- REDWAX_PKCS12_MIN, REDWAX_PKCS12_MAX, r->pool);
+ 0, REDWAX_PKCS12_MAX, 0, r->pool);
if (!pass) {
return APR_ENOENT;
}
@@ -2401,8 +2386,8 @@
}
}
- pass = encrypt_secret(r, "PKCS12 export passphrase", file, secret,
- REDWAX_PKCS12_MIN, REDWAX_PKCS12_MAX, r->pool);
+ pass = read_secret(r, "PKCS12 export passphrase", file, secret,
+ REDWAX_PKCS12_MIN, REDWAX_PKCS12_MAX, 1, r->pool);
if (!pass) {
return APR_ENOENT;
}
More information about the rs-commit
mailing list