cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [PATCH] ask user for password for PKCS12 files

From: Dmitry Bakshaev <dab1818_at_gmail.com>
Date: Mon, 4 Jul 2016 14:24:57 +0400

my mistake (typo): only option to specify pkcs12 password is
CURLOPT_SSLCERTPASSWD.
or from command-line: ... --cert-type P12 --cert my.p12:secret.
if "secret" is not specified, curl not asks password and throws error
"could not parse PKCS12 file, check password, OpenSSL error
error:23076071:PKCS12 routines:PKCS12_parse:mac verify failure".

patch tested on curl-7.49.1

github pull request - best way to commit patch?

2016-06-15 15:20 GMT+04:00 Dmitry Bakshaev <dab1818_at_gmail.com>:

> only way to use PKCS12 files with password is specify it on command-line
> "--cert my.p12:secret" or set via CURLOPT_SSLCERTTYPE option.
>
> this patch adds invocation of PEM_def_callback() to grab password
> interactively if password not specified,
> like SSL_CTX_use_certificate_chain_file() does for PEM files.
>
> also patch allow to use empty passwords on PKCS12 files.
>
> code based on load_pkcs12() function from openssl/apps/apps.c
>

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html

text/x-diff attachment: curl-pkcs12-passphrase.patch

Received on 2016-07-04

This message: [ Message body ]
Next message: Patrick Monnerat: "Re: CURL 7.46 version: support TLS1.2 only for outbound connections"
Previous message: Gaurav Rastogi -X (garastog - ARICENT TECHNOLOGIES MAURIITIUS LIMITED at Cisco): "CURL 7.46 version: support TLS1.2 only for outbound connections"
Next in thread: Ray Satiro via curl-library: "Re: [PATCH] ask user for password for PKCS12 files"
Reply: Ray Satiro via curl-library: "Re: [PATCH] ask user for password for PKCS12 files"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]