diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-08-25 15:40:28 +0200 |
|---|---|---|
| committer | GitLab <gitlab@gitlab.com> | 2016-08-26 08:53:35 +0000 |
| commit | b643e4fafa694695c67dacdda8cad5b7e588d5a7 (patch) | |
| tree | f111077b967d71a3bb9730a58df7c5537c5605a0 /lib/includes | |
| parent | 58f8b90025424bc899c5dc390afbdbe8306fe899 (diff) | |
| download | gnutls-b643e4fafa694695c67dacdda8cad5b7e588d5a7.tar.gz | |
pkcs8: added support for decryption with PBES1-DES-CBC-MD5
While this is a legacy (and insecure) cipher combination it is the
default output of openssl up until the 1.0.2 version. We introduce
this option to allow decrypting private keys from these versions of
openssl.
Diffstat (limited to 'lib/includes')
| -rw-r--r-- | lib/includes/gnutls/x509.h | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index ac2c2bb241..08f41890d2 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -1004,6 +1004,7 @@ int gnutls_x509_crt_set_key_purpose_oid(gnutls_x509_crt_t cert, * @GNUTLS_PKCS_PBES2_AES_192: PBES2 AES-192. * @GNUTLS_PKCS_PBES2_AES_256: PBES2 AES-256. * @GNUTLS_PKCS_PBES2_DES: PBES2 single DES. + * @GNUTLS_PKCS_PBES2_DES_MD5: PBES1 with single DES; for compatibility with openssl only. * * Enumeration of different PKCS encryption flags. */ @@ -1017,9 +1018,12 @@ typedef enum gnutls_pkcs_encrypt_flags_t { GNUTLS_PKCS_PBES2_AES_192 = 1<<6, GNUTLS_PKCS_PBES2_AES_256 = 1<<7, GNUTLS_PKCS_NULL_PASSWORD = 1<<8, - GNUTLS_PKCS_PBES2_DES = 1<<9 + GNUTLS_PKCS_PBES2_DES = 1<<9, + GNUTLS_PKCS_PBES1_DES_MD5 = 1<<10 } gnutls_pkcs_encrypt_flags_t; +#define GNUTLS_PKCS_CIPHER_MASK(x) ((x)&(~(GNUTLS_PKCS_NULL_PASSWORD))) + #define GNUTLS_PKCS_USE_PKCS12_3DES GNUTLS_PKCS_PKCS12_3DES #define GNUTLS_PKCS_USE_PKCS12_ARCFOUR GNUTLS_PKCS_PKCS12_ARCFOUR #define GNUTLS_PKCS_USE_PKCS12_RC2_40 GNUTLS_PKCS_PKCS12_RC2_40 |