apps/pkcs12: Not writing the private key file until the import password is verified

author naaysayer <note11781@gmail.com>

Sat, 2 Mar 2024 09:35:35 +0000 (13:35 +0400)

committer Tomas Mraz <tomas@openssl.org>

Tue, 14 May 2024 13:37:44 +0000 (15:37 +0200)
author naaysayer <note11781@gmail.com>
Sat, 2 Mar 2024 09:35:35 +0000 (13:35 +0400)
committer Tomas Mraz <tomas@openssl.org>
Tue, 14 May 2024 13:37:44 +0000 (15:37 +0200)
diff --git a/apps/pkcs12.c b/apps/pkcs12.c

index af4f9fce04b16b4cadc256b99535962d6c0f3f7a..6156be72f7d93480d7d6d356729d0bf260f9bcf7 100644 (file)
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -712,9 +712,6 @@ int pkcs12_main(int argc, char **argv)
      in = bio_open_default(infile, 'r', FORMAT_PKCS12);
      if (in == NULL)
          goto end;
-    out = bio_open_owner(outfile, FORMAT_PEM, private);
-    if (out == NULL)
-        goto end;
  
      p12 = PKCS12_init_ex(NID_pkcs7_data, app_get0_libctx(), app_get0_propq());
      if (p12 == NULL) {
@@ -814,6 +811,11 @@ int pkcs12_main(int argc, char **argv)
  
   dump:
      assert(private);
+
+    out = bio_open_owner(outfile, FORMAT_PEM, private);
+    if (out == NULL)
+        goto end;
+
      if (!dump_certs_keys_p12(out, p12, cpass, -1, options, passout, enc)) {
          BIO_printf(bio_err, "Error outputting keys and certificates\n");
          ERR_print_errors(bio_err);
author	naaysayer <note11781@gmail.com>
	Sat, 2 Mar 2024 09:35:35 +0000 (13:35 +0400)
committer	Tomas Mraz <tomas@openssl.org>
	Tue, 14 May 2024 13:37:44 +0000 (15:37 +0200)