OpenSSL-patch
diff -Naurp openssl-0.9.8e.orig/apps/pkcs12.c openssl-0.9.8e/apps/pkcs12.c
--- openssl-0.9.8e.orig/apps/pkcs12.c 2006-12-27 09:39:51.000000000 +0000
+++ openssl-0.9.8e/apps/pkcs12.c 2008-01-23 11:50:58.411520000 +0000
@@ -100,6 +100,7 @@ int MAIN(int argc, char **argv)
char **args;
char *name = NULL;
char *csp_name = NULL;
+ int LMK = 0;
PKCS12 *p12 = NULL;
char pass[50], macpass[50];
int export_cert = 0;
@@ -221,6 +222,8 @@ int MAIN(int argc, char **argv)
args++;
name = *args;
} else badarg = 1;
+ } else if (!strcmp (*args, "-LMK")) {
+ LMK = 1;
} else if (!strcmp (*args, "-CSP")) {
if (args[1]) {
args++;
@@ -326,6 +329,7 @@ int MAIN(int argc, char **argv)
BIO_printf (bio_err, "-password p set import/export password source\n");
BIO_printf (bio_err, "-passin p input file pass phrase source\n");
BIO_printf (bio_err, "-passout p output file pass phrase source\n");
+ BIO_printf (bio_err, "-LMK Add a Microsoft Local Machine Key Set attribute to the pkcs7 bag\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
#endif
@@ -556,7 +560,9 @@ int MAIN(int argc, char **argv)
if (csp_name && key)
EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name,
MBSTRING_ASC, (unsigned char *)csp_name, -1);
-
+ if (LMK)
+ EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet,
+ MBSTRING_ASC, (unsigned char *) "", 0);
#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
diff -Naurp openssl-0.9.8e.orig/crypto/objects/objects.txt openssl-0.9.8e/crypto/objects/objects.txt
--- openssl-0.9.8e.orig/crypto/objects/objects.txt 2006-12-04 18:48:16.000000000 +0000
+++ openssl-0.9.8e/crypto/objects/objects.txt 2008-01-23 11:50:58.418512000 +0000
@@ -303,6 +303,7 @@ pkcs9 20 : : friendlyName
pkcs9 21 : : localKeyID
!Cname ms-csp-name
1 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name
+1 3 6 1 4 1 311 17 2 : LocalKeySet : Microsoft Local Key set
!Alias certTypes pkcs9 22
certTypes 1 : : x509Certificate
certTypes 2 : : sdsiCertificate
