root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
openssl/apps
History
Neil Horman 21f7a09ca2 Convert jdkTrustedKeyUsage to be a pkcs12 cmd line option 
Creating JDK compatible pkcs12 files requires a bit more than just
adding the Trusted Key Usage OID to a certbag in the pkcs12 file.
Additionally the JDK currently requires that pkcs12 files setting this
oid _not_ contain any additional keys, and in response will produce
unpredictable results.

This could be solved by implying --nokeys when the pkcs12 utility is run
and the config option is set, but thatcould confuse users who didn't
specify nokeys on the command line.  As such, remove the config file
setting for this feature, and replace it with a -jdktrust command line
option, that is documented to assert nokeys when a users specifies the
new command line option.

Fixes #22215

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22422)
 		2023-10-20 16:30:43 +01:00
..
demoSRP apps & al : Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:28 +11:00
include "foo * bar" should be "foo *bar" 2023-09-11 10:15:30 +02:00
lib apps.c: Remove a redundant error print-out 2023-10-19 10:10:00 +02:00
CA.pl.in Abstract out policy and extensions in CA.pl 2021-11-16 15:48:08 +00:00
asn1parse.c Copyright year updates 2023-09-07 09:59:15 +01:00
build.info CMP test server: move apps/{,lib/}cmp_mock_srv.c and apps/{,include/}cmp_mock_srv.h 2021-05-20 16:23:27 +02:00
ca-cert.srl
ca-key.pem
ca-req.pem
ca.c Copyright year updates 2023-09-07 09:59:15 +01:00
cert.pem
ciphers.c Check that sk_SSL_CIPHER_value returns non-NULL value. 2022-09-20 18:27:17 +02:00
client.pem
cmp.c CMP: fix OSSL_CMP_MSG_http_perform() by adding option OSSL_CMP_OPT_USE_TLS 2023-10-10 20:36:06 +02:00
cms.c Copyright year updates 2023-09-07 09:59:15 +01:00
crl.c Update copyright year 2022-05-03 13:34:51 +01:00
crl2pkcs7.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
ct_log_list.cnf Remove unnecessary trailing whitespace 2019-02-05 16:25:11 +01:00
dgst.c Fix some memory leaks in the openssl app 2023-09-21 14:39:36 +02:00
dhparam.c Copyright year updates 2023-09-28 14:23:29 +01:00
dsa-ca.pem
dsa-pca.pem
dsa.c Copyright year updates 2023-09-07 09:59:15 +01:00
dsa512.pem
dsa1024.pem
dsap.pem
dsaparam.c Fix some memory leaks in the openssl app 2023-09-21 14:39:36 +02:00
ec.c Copyright year updates 2023-09-07 09:59:15 +01:00
ecparam.c Support decode SM2 parameters 2022-08-23 11:08:11 +10:00
enc.c enc: "bad decrypt" only in decryption 2023-09-20 08:12:07 +10:00
engine.c apps & al : Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:28 +11:00
errstr.c Check non-option arguments 2020-12-15 11:47:17 +01:00
fipsinstall.c Copyright year updates 2023-09-07 09:59:15 +01:00
gendsa.c Copyright year updates 2023-09-28 14:23:29 +01:00
genpkey.c adding -outpubkey option to genpkey 2023-09-24 20:51:42 +02:00
genrsa.c Copyright year updates 2023-09-28 14:23:29 +01:00
info.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
insta.ca.crt openssl-cmp.pod.in: Update and extend example using Insta Demo CA 2020-08-04 12:11:46 +02:00
kdf.c kdf: use the app's libctx and property query when searching for algorithms 2021-06-15 18:26:47 +10:00
list.c Copyright year updates 2023-09-07 09:59:15 +01:00
mac.c Always use FORMAT_BINARY for infile 2022-09-20 08:18:25 +01:00
nseq.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
ocsp.c Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-vms.cnf Convert jdkTrustedKeyUsage to be a pkcs12 cmd line option 2023-10-20 16:30:43 +01:00
openssl.c APPS: remove duplicate definition of `trace_data_stack` 2023-09-18 09:06:47 +10:00
openssl.cnf Convert jdkTrustedKeyUsage to be a pkcs12 cmd line option 2023-10-20 16:30:43 +01:00
passwd.c Update copyright year 2022-05-03 13:34:51 +01:00
pca-cert.srl
pca-key.pem
pca-req.pem
pkcs7.c Update copyright year 2022-05-03 13:34:51 +01:00
pkcs8.c Added a 'saltlen' option to the openssl pkcs8 command line app. 2023-09-04 14:15:34 +10:00
pkcs12.c Convert jdkTrustedKeyUsage to be a pkcs12 cmd line option 2023-10-20 16:30:43 +01:00
pkey.c Copyright year updates 2023-09-07 09:59:15 +01:00
pkeyparam.c APPS: pkeyparam: Support setting properties 2022-08-17 09:20:41 +02:00
pkeyutl.c Copyright year updates 2023-09-07 09:59:15 +01:00
prime.c Update copyright year 2022-05-03 13:34:51 +01:00
privkey.pem
progs.pl Copyright year updates 2023-09-28 14:23:29 +01:00
rand.c Update copyright year 2022-05-03 13:34:51 +01:00
rehash.c Copyright year updates 2023-09-07 09:59:15 +01:00
req.c Fix some memory leaks in the openssl app 2023-09-21 14:39:36 +02:00
req.pem
rsa.c Copyright year updates 2023-09-07 09:59:15 +01:00
rsa8192.pem Fix rsa8192.pem 2020-05-13 06:28:36 +02:00
rsautl.c Copyright year updates 2023-09-07 09:59:15 +01:00
s512-key.pem
s512-req.pem
s1024key.pem
s1024req.pem
s_client.c QUIC: Rename SSL_set_initial_peer_addr to SSL_set1_initial_peer_addr 2023-08-24 11:47:57 +01:00
s_server.c Bad function definition 2023-09-11 10:15:30 +02:00
s_time.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
server.pem Replace apps/server.pem with certificate with a sha256 signature. 2020-01-25 14:10:40 +01:00
server.srl
server2.pem
sess_id.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
smime.c Copyright year updates 2023-09-07 09:59:15 +01:00
speed.c Added check for the return value of the RAND_bytes() function 2023-10-10 17:15:54 +02:00
spkac.c Copyright year updates 2023-09-07 09:59:15 +01:00
srp.c openssl srp: make index.txt parsing error more verbose 2021-05-24 14:37:00 +02:00
storeutl.c Fix openssl storeutl to allow serial + issuer 2022-12-14 09:33:25 +01:00
testCA.pem
testdsa.h Replace OSSL_PARAM_BLD_free_params() with OSSL_PARAM_free(). 2021-04-12 16:55:30 +10:00
testrsa.h Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
timeouts.h Fix header file include guard names 2019-09-28 20:26:36 +02:00
ts.c Copyright year updates 2023-09-07 09:59:15 +01:00
tsget.in convert tabs to spaces in two distributed Perl scripts 2021-09-14 07:21:22 +10:00
verify.c apps & al : Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:28 +11:00
version.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
vms_decc_init.c VMS: move copy_argc to its own module and make it an aux source 2019-03-05 08:51:09 +01:00
x509.c Copyright year updates 2023-09-07 09:59:15 +01:00