Fix some of the command line password stuff. New function

 Changes between 0.9.4 and 0.9.5  [xx XXX 1999]

  *) Add a function 'd2i_AutoPrivateKey()' this will automatically decide

     if a DER encoded private key is RSA or DSA traditional format. Changed

     d2i_PrivateKey_bio() to use it. This is only needed for the "traditional"

     format DER encoded private key. Newer code should use PKCS#8 format which

     has the key type encoded in the ASN1 structure. Added DER private key

     support to pkcs8 application.

     [Steve Henson]

  *) SSL 3/TLS 1 servers now don't request certificates when an anonymous

     ciphersuites has been selected (as required by the SSL 3/TLS 1

     specifications).  Exception: When SSL_VERIFY_FAIL_IF_NO_PEER_CERT

     check for an object with the same NID as the passed id. Functions can

     be provided to override either the default behaviour or the behaviour

     for a given id. SSL client, server and email already have functions

     in place for compatability: they check the NID and also return "trusted"

     in place for compatibility: they check the NID and also return "trusted"

     if the certificate is self signed.

     [Steve Henson]

								*argv);

				badops = 1;

				}

			argv++;

			}

		else if (strcmp(*argv,"-passout") == 0)

			{

# defined.

HOME			= .

RANDFILE		= $ENV::HOME/.rnd

oid_file		= $ENV::HOME/.oid

# Extra OBJECT IDENTIFIER info:

#oid_file		= $ENV::HOME/.oid

oid_section		= new_oids

# To use this configuration file with the "-extfile" option of the

 */

#include <stdio.h>

#include <string.h>

#include "apps.h"

#include <openssl/pem.h>

#include <openssl/err.h>

#include <openssl/evp.h>

	X509_SIG *p8;

	PKCS8_PRIV_KEY_INFO *p8inf;

	EVP_PKEY *pkey;

	char pass[50];

	char pass[50], *passin = NULL, *passout = NULL;

	int badarg = 0;

	if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);

	informat=FORMAT_PEM;

		else if (!strcmp (*args, "-noiter")) iter = 1;

		else if (!strcmp (*args, "-nocrypt")) nocrypt = 1;

		else if (!strcmp (*args, "-nooct")) p8_broken = PKCS8_NO_OCTET;

		else if (!strcmp(*args,"-passin"))

			{

			if (!args[1]) goto bad;

			passin= *(++args);

			}

		else if (!strcmp(*args,"-envpassin"))

			{

			if (!args[1]) goto bad;

			if(!(passin= getenv(*(++args))))

				{

				BIO_printf(bio_err,

				 "Can't read environment variable %s\n",

								*args);

				badarg = 1;

				}

			}

		else if (strcmp(*args,"-envpassout") == 0)

			{

			if (!args[1]) goto bad;

			if(!(passout= getenv(*(++args))))

				{

				BIO_printf(bio_err,

				 "Can't read environment variable %s\n",

								*args);

				badarg = 1;

				}

			}

		else if (!strcmp(*args,"-passout"))

			{

			if (!args[1]) goto bad;

			passout= *(++args);

			}

		else if (!strcmp (*args, "-in")) {

			if (args[1]) {

				args++;

	}

	if (badarg) {

		bad:

		BIO_printf(bio_err, "Usage pkcs8 [options]\n");

		BIO_printf(bio_err, "where options are\n");

		BIO_printf(bio_err, "-in file   input file\n");

		BIO_printf(bio_err, "-inform X  input format (DER or PEM)\n");

		BIO_printf(bio_err, "-passin arg     input file pass phrase\n");

		BIO_printf(bio_err, "-envpassin arg  environment variable containing input file pass phrase\n");

		BIO_printf(bio_err, "-outform X output format (DER or PEM)\n");

		BIO_printf(bio_err, "-out file  output file\n");

		BIO_printf(bio_err, "-passout arg    input file pass phrase\n");

		BIO_printf(bio_err, "-envpassout arg environment variable containing input file pass phrase\n");

		BIO_printf(bio_err, "-topk8     output PKCS8 file\n");

		BIO_printf(bio_err, "-nooct     use (broken) no octet form\n");

		BIO_printf(bio_err, "-noiter    use 1 as iteration count\n");

	} else out = BIO_new_fp (stdout, BIO_NOCLOSE);

	if (topk8) {

		if (!(pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL))) {

		if(informat == FORMAT_PEM)

			pkey = PEM_read_bio_PrivateKey(in, NULL, PEM_cb, passin);

		else if(informat == FORMAT_ASN1)

			pkey = d2i_PrivateKey_bio(in, NULL);

		else {

			BIO_printf(bio_err, "Bad format specified for key\n");

			return (1);

		}

		if (!pkey) {

			BIO_printf(bio_err, "Error reading key\n", outfile);

			ERR_print_errors(bio_err);

			return (1);

				return (1);

			}

		} else {

			if(!passout) {

				passout = pass;

				EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1);

			}

			if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,

					pass, strlen(pass),

					passout, strlen(passout),

					NULL, 0, iter, p8inf))) {

				BIO_printf(bio_err, "Error encrypting key\n",

								 outfile);

			ERR_print_errors(bio_err);

			return (1);

		}

		if(!passin) {

			passin = pass;

			EVP_read_pw_string(pass, 50, "Enter Password:", 0);

		p8inf = M_PKCS8_decrypt(p8, pass, strlen(pass));

		}

		p8inf = M_PKCS8_decrypt(p8, passin, strlen(passin));

		X509_SIG_free(p8);

	}

	}

	PKCS8_PRIV_KEY_INFO_free(p8inf);

	PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, NULL);

	if(outformat == FORMAT_PEM) 

		PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, PEM_cb, passout);

	else if(outformat == FORMAT_ASN1)

		i2d_PrivateKey_bio(out, pkey);

	else {

		BIO_printf(bio_err, "Bad format specified for key\n");

			return (1);

	}

	EVP_PKEY_free(pkey);

	BIO_free(out);

								*argv);

				badops = 1;

				}

			argv++;

			}

		else if (strcmp(*argv,"-passout") == 0)

			{

			goto end;

			}

/*		if (keyform == FORMAT_ASN1)

			rsa=d2i_RSAPrivateKey_bio(in,NULL);

		else */

		if (keyform == FORMAT_PEM)

		if (keyform == FORMAT_ASN1)

			pkey=d2i_PrivateKey_bio(in,NULL);

		else if (keyform == FORMAT_PEM)

			{

			pkey=PEM_read_bio_PrivateKey(in,NULL,PEM_cb,passin);

			}