Support broken PKCS#12 key generation. (647ac8d3) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Commit 647ac8d3 authored Aug 24, 2016 by

Dr. Stephen Henson Committed by Matt Caswell Aug 25, 2016

Support broken PKCS#12 key generation.



OpenSSL versions before 1.1.0 didn't convert non-ASCII
UTF8 PKCS#12 passwords to Unicode correctly.

To correctly decrypt older files, if MAC verification fails
with the supplied password attempt to use the broken format
which is compatible with earlier versions of OpenSSL.

Reviewed-by: Richard Levitte <levitte@openssl.org>

parent 0fe17491

Hide whitespace changes

Inline Side-by-side

Please register or to comment