PKCS12_Parse() no longer extract certificate

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

PKCS12_Parse() no longer extract certificate

Michel

Hi,

 

I have a test program which is failing using version 1.1 because PKCS12_Parse() doesn't return the certificate, just the key. No error is signaled.

 

I supposed it is not intended. Is it work in progress ?

 

I looks the same with the command line :

with 1.0.2 :

openssl pkcs12 -in Certificate.p12 -clcerts

Enter Import Password:

MAC verified OK

Bag Attributes

    localKeyID: 6E D1 …

subject=/CN=PubKeySign Test/C=FR

issuer=/CN=PubKeySign Test/C=FR

-----BEGIN CERTIFICATE-----

...

-----END CERTIFICATE-----

Bag Attributes

    localKeyID: 6E D1 …

Key Attributes: <No Attributes>

Enter PEM pass phrase:

Verifying - Enter PEM pass phrase:

-----BEGIN ENCRYPTED PRIVATE KEY-----

...

-----END ENCRYPTED PRIVATE KEY-----

 

1.1 :

c:\OpenSSL_11_dbg\bin\openssl pkcs12 -in Certificate.p12

Enter Import Password:

Bag Attributes

    localKeyID: 6E D1 …

Bag Attributes

    localKeyID: 6E D1 …

Key Attributes: <No Attributes>

Enter PEM pass phrase:

Verifying - Enter PEM pass phrase:

-----BEGIN ENCRYPTED PRIVATE KEY-----

...

-----END ENCRYPTED PRIVATE KEY-----

 

Regards,

 

Michel


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: PKCS12_Parse() no longer extract certificate

Dr. Stephen Henson
On Thu, Feb 11, 2016, Michel wrote:

> Hi,
>
>  
>
> I have a test program which is failing using version 1.1 because
> PKCS12_Parse() doesn't return the certificate, just the key. No error is
> signaled.
>
> I supposed it is not intended. Is it work in progress ?
>

That's a bug which should be fixed by commit b3ca51559b1a6cd80d

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: PKCS12_Parse() no longer extract certificate

Michel
Thank you Steve.

-----Message d'origine-----
De : openssl-dev [mailto:[hidden email]] De la part de Dr.
Stephen Henson
Envoyé : vendredi 12 février 2016 00:30
À : [hidden email]
Objet : Re: [openssl-dev] PKCS12_Parse() no longer extract certificate

On Thu, Feb 11, 2016, Michel wrote:

> Hi,
>
>  
>
> I have a test program which is failing using version 1.1 because
> PKCS12_Parse() doesn't return the certificate, just the key. No error
> is signaled.
>
> I supposed it is not intended. Is it work in progress ?
>

That's a bug which should be fixed by commit b3ca51559b1a6cd80d

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev