PKCS12 command ignore -cipher option silently

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi, 

 

Testing the PKCS12 command I notice the -cipher option (in this case
-aes128) was silently ignore :

 

c:\OpenSSL_11_dbg\bin\openssl pkcs12 -export -out Certificate.p12 -inkey
RSAKey.pem -in Certificate.cer -aes128 -passin pass:test -passout pass:test

 

looks Ok but verifying, it is still 3des :

 

c:\openssl_11_dbg\bin\openssl pkcs12 -in Certificate.p12 -info -noout
-passin pass:test

MAC Iteration 2048

PKCS7 Encrypted data: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048

Certificate bag

PKCS7 Data

Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048

 

Surprisingly, with 1.0.2 it fails loudly :

 

openssl pkcs12 -export -out Certificate.p12 -inkey RSAKey.pem -in
Certificate.cer -aes128 -passin pass:test -passout pass:test

8632:error:060740A0:digital envelope routines:EVP_PBE_CipherInit:unknown
cipher:.\crypto\evp\evp_pbe.c:181:

8632:error:23077073:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit
error:.\crypto\pkcs12\p12_decr.c:87:

8632:error:2306C067:PKCS12 routines:PKCS12_item_i2d_encrypt:encrypt
error:.\crypto\pkcs12\p12_decr.c:188:

8632:error:23073067:PKCS12 routines:PKCS12_pack_p7encdata:encrypt
error:.\crypto\pkcs12\p12_add.c:213:

 

Am I missing something ?

 

Regards,

 

Michel

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160211/47fd154a/attachment.html>


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux