summaryrefslogtreecommitdiffstats
path: root/security/nss/cmd/pk12util
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/cmd/pk12util')
-rw-r--r--security/nss/cmd/pk12util/pk12util.c107
1 files changed, 21 insertions, 86 deletions
diff --git a/security/nss/cmd/pk12util/pk12util.c b/security/nss/cmd/pk12util/pk12util.c
index 70454a0d8..0ac1ba00e 100644
--- a/security/nss/cmd/pk12util/pk12util.c
+++ b/security/nss/cmd/pk12util/pk12util.c
@@ -23,7 +23,6 @@
static char *progName;
PRBool pk12_debugging = PR_FALSE;
PRBool dumpRawFile;
-static PRBool pk12uForceUnicode;
PRIntn pk12uErrno = 0;
@@ -358,7 +357,6 @@ p12U_ReadPKCS12File(SECItem *uniPwp, char *in_file, PK11SlotInfo *slot,
SECItem p12file = { 0 };
SECStatus rv = SECFailure;
PRBool swapUnicode = PR_FALSE;
- PRBool forceUnicode = pk12uForceUnicode;
PRBool trypw;
int error;
@@ -426,18 +424,6 @@ p12U_ReadPKCS12File(SECItem *uniPwp, char *in_file, PK11SlotInfo *slot,
SEC_PKCS12DecoderFinish(p12dcx);
uniPwp->len = 0;
trypw = PR_TRUE;
- } else if (forceUnicode == pk12uForceUnicode) {
- /* try again with a different password encoding */
- forceUnicode = !pk12uForceUnicode;
- rv = NSS_OptionSet(__NSS_PKCS12_DECODE_FORCE_UNICODE,
- forceUnicode);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "PKCS12 decoding failed to set option");
- pk12uErrno = PK12UERR_DECODEVERIFY;
- break;
- }
- SEC_PKCS12DecoderFinish(p12dcx);
- trypw = PR_TRUE;
} else {
SECU_PrintError(progName, "PKCS12 decode not verified");
pk12uErrno = PK12UERR_DECODEVERIFY;
@@ -445,15 +431,6 @@ p12U_ReadPKCS12File(SECItem *uniPwp, char *in_file, PK11SlotInfo *slot,
}
}
} while (trypw == PR_TRUE);
-
- /* revert the option setting */
- if (forceUnicode != pk12uForceUnicode) {
- rv = NSS_OptionSet(__NSS_PKCS12_DECODE_FORCE_UNICODE, pk12uForceUnicode);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "PKCS12 decoding failed to set option");
- pk12uErrno = PK12UERR_DECODEVERIFY;
- }
- }
/* rv has been set at this point */
done:
@@ -493,8 +470,6 @@ P12U_ImportPKCS12Object(char *in_file, PK11SlotInfo *slot,
{
SEC_PKCS12DecoderContext *p12dcx = NULL;
SECItem uniPwitem = { 0 };
- PRBool forceUnicode = pk12uForceUnicode;
- PRBool trypw;
SECStatus rv = SECFailure;
rv = P12U_InitSlot(slot, slotPw);
@@ -505,62 +480,31 @@ P12U_ImportPKCS12Object(char *in_file, PK11SlotInfo *slot,
return rv;
}
- do {
- trypw = PR_FALSE; /* normally we do this once */
- rv = SECFailure;
- p12dcx = p12U_ReadPKCS12File(&uniPwitem, in_file, slot, slotPw, p12FilePw);
-
- if (p12dcx == NULL) {
- goto loser;
- }
+ rv = SECFailure;
+ p12dcx = p12U_ReadPKCS12File(&uniPwitem, in_file, slot, slotPw, p12FilePw);
- /* make sure the bags are okey dokey -- nicknames correct, etc. */
- rv = SEC_PKCS12DecoderValidateBags(p12dcx, P12U_NicknameCollisionCallback);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_PKCS12_DUPLICATE_DATA) {
- pk12uErrno = PK12UERR_CERTALREADYEXISTS;
- } else {
- pk12uErrno = PK12UERR_DECODEVALIBAGS;
- }
- SECU_PrintError(progName, "PKCS12 decode validate bags failed");
- goto loser;
- }
+ if (p12dcx == NULL) {
+ goto loser;
+ }
- /* stuff 'em in */
- if (forceUnicode != pk12uForceUnicode) {
- rv = NSS_OptionSet(__NSS_PKCS12_DECODE_FORCE_UNICODE,
- forceUnicode);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "PKCS12 decode set option failed");
- pk12uErrno = PK12UERR_DECODEIMPTBAGS;
- goto loser;
- }
- }
- rv = SEC_PKCS12DecoderImportBags(p12dcx);
- if (rv != SECSuccess) {
- if (PR_GetError() == SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY &&
- forceUnicode == pk12uForceUnicode) {
- /* try again with a different password encoding */
- forceUnicode = !pk12uForceUnicode;
- SEC_PKCS12DecoderFinish(p12dcx);
- SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
- trypw = PR_TRUE;
- } else {
- SECU_PrintError(progName, "PKCS12 decode import bags failed");
- pk12uErrno = PK12UERR_DECODEIMPTBAGS;
- goto loser;
- }
+ /* make sure the bags are okey dokey -- nicknames correct, etc. */
+ rv = SEC_PKCS12DecoderValidateBags(p12dcx, P12U_NicknameCollisionCallback);
+ if (rv != SECSuccess) {
+ if (PORT_GetError() == SEC_ERROR_PKCS12_DUPLICATE_DATA) {
+ pk12uErrno = PK12UERR_CERTALREADYEXISTS;
+ } else {
+ pk12uErrno = PK12UERR_DECODEVALIBAGS;
}
- } while (trypw);
+ SECU_PrintError(progName, "PKCS12 decode validate bags failed");
+ goto loser;
+ }
- /* revert the option setting */
- if (forceUnicode != pk12uForceUnicode) {
- rv = NSS_OptionSet(__NSS_PKCS12_DECODE_FORCE_UNICODE, pk12uForceUnicode);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "PKCS12 decode set option failed");
- pk12uErrno = PK12UERR_DECODEIMPTBAGS;
- goto loser;
- }
+ /* stuff 'em in */
+ rv = SEC_PKCS12DecoderImportBags(p12dcx);
+ if (rv != SECSuccess) {
+ SECU_PrintError(progName, "PKCS12 decode import bags failed");
+ pk12uErrno = PK12UERR_DECODEIMPTBAGS;
+ goto loser;
}
fprintf(stdout, "%s: PKCS12 IMPORT SUCCESSFUL\n", progName);
@@ -1003,7 +947,6 @@ main(int argc, char **argv)
int keyLen = 0;
int certKeyLen = 0;
secuCommand pk12util;
- PRInt32 forceUnicode;
#ifdef _CRTDBG_MAP_ALLOC
_CrtSetDbgFlag(_CRTDBG_ALLOC_MEM_DF | _CRTDBG_LEAK_CHECK_DF);
@@ -1035,14 +978,6 @@ main(int argc, char **argv)
Usage(progName);
}
- rv = NSS_OptionGet(__NSS_PKCS12_DECODE_FORCE_UNICODE, &forceUnicode);
- if (rv != SECSuccess) {
- SECU_PrintError(progName,
- "Failed to get NSS_PKCS12_DECODE_FORCE_UNICODE option");
- Usage(progName);
- }
- pk12uForceUnicode = forceUnicode;
-
slotname = SECU_GetOptionArg(&pk12util, opt_TokenName);
import_file = (pk12util.options[opt_List].activated) ? SECU_GetOptionArg(&pk12util, opt_List)