mirror of
https://github.com/QuasarApp/openssl.git
synced 2025-05-04 13:39:38 +00:00
apps: Stop pretending to care about Netscape keys
The documentation says some commands care, but the code says differently. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7440)
This commit is contained in:
parent
e5a8712d03
commit
d91d443f0d
@ -369,7 +369,7 @@ typedef struct string_int_pair_st {
|
||||
# define OPT_FMT_SMIME (1L << 3)
|
||||
# define OPT_FMT_ENGINE (1L << 4)
|
||||
# define OPT_FMT_MSBLOB (1L << 5)
|
||||
# define OPT_FMT_NETSCAPE (1L << 6)
|
||||
/* (1L << 6) was OPT_FMT_NETSCAPE, but wasn't used */
|
||||
# define OPT_FMT_NSS (1L << 7)
|
||||
# define OPT_FMT_TEXT (1L << 8)
|
||||
# define OPT_FMT_HTTP (1L << 9)
|
||||
@ -378,8 +378,8 @@ typedef struct string_int_pair_st {
|
||||
# define OPT_FMT_PDS (OPT_FMT_PEMDER | OPT_FMT_SMIME)
|
||||
# define OPT_FMT_ANY ( \
|
||||
OPT_FMT_PEMDER | OPT_FMT_PKCS12 | OPT_FMT_SMIME | \
|
||||
OPT_FMT_ENGINE | OPT_FMT_MSBLOB | OPT_FMT_NETSCAPE | \
|
||||
OPT_FMT_NSS | OPT_FMT_TEXT | OPT_FMT_HTTP | OPT_FMT_PVK)
|
||||
OPT_FMT_ENGINE | OPT_FMT_MSBLOB | OPT_FMT_NSS | \
|
||||
OPT_FMT_TEXT | OPT_FMT_HTTP | OPT_FMT_PVK)
|
||||
|
||||
char *opt_progname(const char *argv0);
|
||||
char *opt_getprog(void);
|
||||
|
@ -168,7 +168,6 @@ static OPT_PAIR formats[] = {
|
||||
{"smime", OPT_FMT_SMIME},
|
||||
{"engine", OPT_FMT_ENGINE},
|
||||
{"msblob", OPT_FMT_MSBLOB},
|
||||
{"netscape", OPT_FMT_NETSCAPE},
|
||||
{"nss", OPT_FMT_NSS},
|
||||
{"text", OPT_FMT_TEXT},
|
||||
{"http", OPT_FMT_HTTP},
|
||||
|
@ -38,8 +38,8 @@ typedef enum OPTION_choice {
|
||||
|
||||
const OPTIONS rsa_options[] = {
|
||||
{"help", OPT_HELP, '-', "Display this summary"},
|
||||
{"inform", OPT_INFORM, 'f', "Input format, one of DER NET PEM"},
|
||||
{"outform", OPT_OUTFORM, 'f', "Output format, one of DER NET PEM PVK"},
|
||||
{"inform", OPT_INFORM, 'f', "Input format, one of DER PEM"},
|
||||
{"outform", OPT_OUTFORM, 'f', "Output format, one of DER PEM PVK"},
|
||||
{"in", OPT_IN, 's', "Input file"},
|
||||
{"out", OPT_OUT, '>', "Output file"},
|
||||
{"pubin", OPT_PUBIN, '-', "Expect a public key in input file"},
|
||||
|
@ -67,10 +67,10 @@ typedef enum OPTION_choice {
|
||||
const OPTIONS x509_options[] = {
|
||||
{"help", OPT_HELP, '-', "Display this summary"},
|
||||
{"inform", OPT_INFORM, 'f',
|
||||
"Input format - default PEM (one of DER, NET or PEM)"},
|
||||
"Input format - default PEM (one of DER or PEM)"},
|
||||
{"in", OPT_IN, '<', "Input file - default stdin"},
|
||||
{"outform", OPT_OUTFORM, 'f',
|
||||
"Output format - default PEM (one of DER, NET or PEM)"},
|
||||
"Output format - default PEM (one of DER or PEM)"},
|
||||
{"out", OPT_OUT, '>', "Output file - default stdout"},
|
||||
{"keyform", OPT_KEYFORM, 'F', "Private key format - default PEM"},
|
||||
{"passin", OPT_PASSIN, 's', "Private key password/pass-phrase source"},
|
||||
|
@ -9,8 +9,8 @@ rsa - RSA key processing tool
|
||||
|
||||
B<openssl> B<rsa>
|
||||
[B<-help>]
|
||||
[B<-inform PEM|NET|DER>]
|
||||
[B<-outform PEM|NET|DER>]
|
||||
[B<-inform PEM|DER>]
|
||||
[B<-outform PEM|DER>]
|
||||
[B<-in filename>]
|
||||
[B<-passin arg>]
|
||||
[B<-out filename>]
|
||||
@ -53,16 +53,15 @@ utility.
|
||||
|
||||
Print out a usage message.
|
||||
|
||||
=item B<-inform DER|NET|PEM>
|
||||
=item B<-inform DER|PEM>
|
||||
|
||||
This specifies the input format. The B<DER> option uses an ASN1 DER encoded
|
||||
form compatible with the PKCS#1 RSAPrivateKey or SubjectPublicKeyInfo format.
|
||||
The B<PEM> form is the default format: it consists of the B<DER> format base64
|
||||
encoded with additional header and footer lines. On input PKCS#8 format private
|
||||
keys are also accepted. The B<NET> form is a format is described in the B<NOTES>
|
||||
section.
|
||||
keys are also accepted.
|
||||
|
||||
=item B<-outform DER|NET|PEM>
|
||||
=item B<-outform DER|PEM>
|
||||
|
||||
This specifies the output format, the options have the same meaning and default
|
||||
as the B<-inform> option.
|
||||
@ -158,17 +157,6 @@ The PEM B<RSAPublicKey> format uses the header and footer lines:
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
-----END RSA PUBLIC KEY-----
|
||||
|
||||
The B<NET> form is a format compatible with older Netscape servers
|
||||
and Microsoft IIS .key files, this uses unsalted RC4 for its encryption.
|
||||
It is not very secure and so should only be used when necessary.
|
||||
|
||||
Some newer version of IIS have additional data in the exported .key
|
||||
files. To use these with the utility, view the file with a binary editor
|
||||
and look for the string "private-key", then trace back to the byte
|
||||
sequence 0x30, 0x82 (this is an ASN1 SEQUENCE). Copy all the data
|
||||
from this point onwards to another file and use that as the input
|
||||
to the B<rsa> utility with the B<-inform NET> option.
|
||||
|
||||
=head1 EXAMPLES
|
||||
|
||||
To remove the pass phrase on an RSA private key:
|
||||
@ -197,9 +185,6 @@ Output the public part of a private key in B<RSAPublicKey> format:
|
||||
|
||||
=head1 BUGS
|
||||
|
||||
The command line password arguments don't currently work with
|
||||
B<NET> format.
|
||||
|
||||
There should be an option that automatically handles .key files,
|
||||
without having to manually edit them.
|
||||
|
||||
|
@ -9,8 +9,8 @@ x509 - Certificate display and signing utility
|
||||
|
||||
B<openssl> B<x509>
|
||||
[B<-help>]
|
||||
[B<-inform DER|PEM|NET>]
|
||||
[B<-outform DER|PEM|NET>]
|
||||
[B<-inform DER|PEM>]
|
||||
[B<-outform DER|PEM>]
|
||||
[B<-keyform DER|PEM>]
|
||||
[B<-CAform DER|PEM>]
|
||||
[B<-CAkeyform DER|PEM>]
|
||||
@ -86,16 +86,15 @@ various sections.
|
||||
|
||||
Print out a usage message.
|
||||
|
||||
=item B<-inform DER|PEM|NET>
|
||||
=item B<-inform DER|PEM>
|
||||
|
||||
This specifies the input format normally the command will expect an X509
|
||||
certificate but this can change if other options such as B<-req> are
|
||||
present. The DER format is the DER encoding of the certificate and PEM
|
||||
is the base64 encoding of the DER encoding with header and footer lines
|
||||
added. The NET option is an obscure Netscape server format that is now
|
||||
obsolete. The default format is PEM.
|
||||
added. The default format is PEM.
|
||||
|
||||
=item B<-outform DER|PEM|NET>
|
||||
=item B<-outform DER|PEM>
|
||||
|
||||
This specifies the output format, the options have the same meaning and default
|
||||
as the B<-inform> option.
|
||||
|
Loading…
x
Reference in New Issue
Block a user