Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Bug 1399867, pk12util: Make -C try different password encoding if fai…
…led, r=rrelyea
  • Loading branch information
ueno committed Sep 14, 2017
1 parent 06861cf commit be8e99c
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions cmd/pk12util/pk12util.c
Expand Up @@ -358,6 +358,7 @@ p12U_ReadPKCS12File(SECItem *uniPwp, char *in_file, PK11SlotInfo *slot,
SECItem p12file = { 0 };
SECStatus rv = SECFailure;
PRBool swapUnicode = PR_FALSE;
PRBool forceUnicode = pk12uForceUnicode;
PRBool trypw;
int error;

Expand Down Expand Up @@ -425,13 +426,34 @@ p12U_ReadPKCS12File(SECItem *uniPwp, char *in_file, PK11SlotInfo *slot,
SEC_PKCS12DecoderFinish(p12dcx);
uniPwp->len = 0;
trypw = PR_TRUE;
} else if (forceUnicode == pk12uForceUnicode) {
/* try again with a different password encoding */
forceUnicode = !pk12uForceUnicode;
rv = NSS_OptionSet(__NSS_PKCS12_DECODE_FORCE_UNICODE,
forceUnicode);
if (rv != SECSuccess) {
SECU_PrintError(progName, "PKCS12 decoding failed to set option");
pk12uErrno = PK12UERR_DECODEVERIFY;
break;
}
SEC_PKCS12DecoderFinish(p12dcx);
trypw = PR_TRUE;
} else {
SECU_PrintError(progName, "PKCS12 decode not verified");
pk12uErrno = PK12UERR_DECODEVERIFY;
break;
}
}
} while (trypw == PR_TRUE);

/* revert the option setting */
if (forceUnicode != pk12uForceUnicode) {
rv = NSS_OptionSet(__NSS_PKCS12_DECODE_FORCE_UNICODE, pk12uForceUnicode);
if (rv != SECSuccess) {
SECU_PrintError(progName, "PKCS12 decoding failed to set option");
pk12uErrno = PK12UERR_DECODEVERIFY;
}
}
/* rv has been set at this point */

done:
Expand Down

0 comments on commit be8e99c

Please sign in to comment.