diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index dcfc14108..951844783 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -56,6 +56,7 @@ int main( void ) #include #define DFL_FILENAME "keyfile.key" +#define DFL_PASSWORD NULL #define DFL_DEBUG_LEVEL 0 #define DFL_OUTPUT_FILENAME "cert.req" #define DFL_SUBJECT_NAME "CN=Cert,O=mbed TLS,C=UK" @@ -67,6 +68,7 @@ int main( void ) "\n usage: cert_req param=<>...\n" \ "\n acceptable parameters:\n" \ " filename=%%s default: keyfile.key\n" \ + " password=%%s default: NULL\n" \ " debug_level=%%d default: 0 (disabled)\n" \ " output_file=%%s default: cert.req\n" \ " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \ @@ -101,6 +103,7 @@ int main( void ) struct options { const char *filename; /* filename of the key file */ + const char *password; /* password for the key file */ int debug_level; /* level of debugging */ const char *output_file; /* where to store the constructed key file */ const char *subject_name; /* subject name for certificate request */ @@ -167,6 +170,7 @@ int main( int argc, char *argv[] ) } opt.filename = DFL_FILENAME; + opt.password = DFL_PASSWORD; opt.debug_level = DFL_DEBUG_LEVEL; opt.output_file = DFL_OUTPUT_FILENAME; opt.subject_name = DFL_SUBJECT_NAME; @@ -184,6 +188,8 @@ int main( int argc, char *argv[] ) if( strcmp( p, "filename" ) == 0 ) opt.filename = q; + else if( strcmp( p, "password" ) == 0 ) + opt.password = q; else if( strcmp( p, "output_file" ) == 0 ) opt.output_file = q; else if( strcmp( p, "debug_level" ) == 0 ) @@ -347,7 +353,7 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Loading the private key ..." ); fflush( stdout ); - ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL ); + ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password ); if( ret != 0 ) {