1c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* apps/req.c */ 2c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * All rights reserved. 4c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 5c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This package is an SSL implementation written 6c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * by Eric Young (eay@cryptsoft.com). 7c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * The implementation was written so as to conform with Netscapes SSL. 8c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 9c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This library is free for commercial and non-commercial use as long as 10c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the following conditions are aheared to. The following conditions 11c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * apply to all code found in this distribution, be it the RC4, RSA, 12c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * included with this distribution is covered by the same copyright terms 14c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 16c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Copyright remains Eric Young's, and as such any Copyright notices in 17c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the code are not to be removed. 18c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * If this package is used in a product, Eric Young should be given attribution 19c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * as the author of the parts of the library used. 20c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This can be in the form of a textual message at program startup or 21c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * in documentation (online or textual) provided with the package. 22c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 23c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Redistribution and use in source and binary forms, with or without 24c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * modification, are permitted provided that the following conditions 25c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * are met: 26c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 1. Redistributions of source code must retain the copyright 27c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer. 28c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 2. Redistributions in binary form must reproduce the above copyright 29c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer in the 30c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * documentation and/or other materials provided with the distribution. 31c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 3. All advertising materials mentioning features or use of this software 32c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * must display the following acknowledgement: 33c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes cryptographic software written by 34c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Eric Young (eay@cryptsoft.com)" 35c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * The word 'cryptographic' can be left out if the rouines from the library 36c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * being used are not cryptographic related :-). 37c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 4. If you include any Windows specific code (or a derivative thereof) from 38c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the apps directory (application code) you must include an acknowledgement: 39c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 41c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * SUCH DAMAGE. 52c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 53c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * The licence and distribution terms for any publically available version or 54c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * derivative of this code cannot be changed. i.e. this code cannot simply be 55c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * copied and put under another distribution licence 56c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * [including the GNU Public Licence.] 57c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 58c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 59c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* Until the key-gen callbacks are modified to use newer prototypes, we allow 60c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * deprecated functions for openssl-internal code */ 61c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef OPENSSL_NO_DEPRECATED 62c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#undef OPENSSL_NO_DEPRECATED 63c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 64c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 65c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <stdio.h> 66c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <stdlib.h> 67c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <time.h> 68c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <string.h> 69c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef OPENSSL_NO_STDIO 70c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define APPS_WIN16 71c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 72c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include "apps.h" 73c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/bio.h> 74c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/evp.h> 75c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/conf.h> 76c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/err.h> 77c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/asn1.h> 78c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/x509.h> 79c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/x509v3.h> 80c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/objects.h> 81c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/pem.h> 82c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/bn.h> 83c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_RSA 84c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/rsa.h> 85c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 86c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_DSA 87c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/dsa.h> 88c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 89c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 90c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define SECTION "req" 91c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 92c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define BITS "default_bits" 93c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define KEYFILE "default_keyfile" 94c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define PROMPT "prompt" 95c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define DISTINGUISHED_NAME "distinguished_name" 96c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define ATTRIBUTES "attributes" 97c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define V3_EXTENSIONS "x509_extensions" 98c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define REQ_EXTENSIONS "req_extensions" 99c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define STRING_MASK "string_mask" 100c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define UTF8_IN "utf8" 101c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 102c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define DEFAULT_KEY_LENGTH 512 103c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define MIN_KEY_LENGTH 384 104c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 105c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#undef PROG 106c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define PROG req_main 107c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 108c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* -inform arg - input format - default PEM (DER or PEM) 109c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -outform arg - output format - default PEM 110c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -in arg - input file - default stdin 111c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -out arg - output file - default stdout 112c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -verify - check request signature 113c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -noout - don't print stuff out. 114c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -text - print out human readable text. 115c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -nodes - no des encryption 116c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -config file - Load configuration file. 117c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -key file - make a request using key in file (or use it for verification). 118c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -keyform arg - key file format. 119c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -rand file(s) - load the file(s) into the PRNG. 120c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -newkey - make a key and a request. 121c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -modulus - print RSA modulus. 122c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -pubkey - output Public Key. 123c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -x509 - output a self signed X509 structure instead. 124c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * -asn1-kludge - output new certificate request in a format that some CA's 125c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * require. This format is wrong 126c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 127c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 128c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int make_REQ(X509_REQ *req,EVP_PKEY *pkey,char *dn,int mutlirdn, 129c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int attribs,unsigned long chtype); 130c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int build_subject(X509_REQ *req, char *subj, unsigned long chtype, 131c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int multirdn); 132c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int prompt_info(X509_REQ *req, 133c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect, 134c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect, int attribs, 135c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org unsigned long chtype); 136c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *sk, 137c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org STACK_OF(CONF_VALUE) *attr, int attribs, 138c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org unsigned long chtype); 139c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int add_attribute_object(X509_REQ *req, char *text, const char *def, 140c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *value, int nid, int n_min, 141c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int n_max, unsigned long chtype); 142c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int add_DN_object(X509_NAME *n, char *text, const char *def, char *value, 143c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int nid,int n_min,int n_max, unsigned long chtype, int mval); 144480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.orgstatic int genpkey_cb(EVP_PKEY_CTX *ctx); 145c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int req_check_len(int len,int n_min,int n_max); 146c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int check_end(const char *str, const char *end); 147480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.orgstatic EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type, 148480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org long *pkeylen, char **palgnam, 149480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ENGINE *keygen_engine); 150c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef MONOLITH 151c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic char *default_config_file=NULL; 152c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 153c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic CONF *req_conf=NULL; 154c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int batch=0; 155c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 156c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgint MAIN(int, char **); 157c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 158c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgint MAIN(int argc, char **argv) 159c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 160480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ENGINE *e = NULL, *gen_eng = NULL; 161c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org unsigned long nmflag = 0, reqflag = 0; 162c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int ex=1,x509=0,days=30; 163c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509 *x509ss=NULL; 164c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_REQ *req=NULL; 165480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_CTX *genctx = NULL; 166480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org const char *keyalg = NULL; 167480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org char *keyalgstr = NULL; 1682c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org STACK_OF(OPENSSL_STRING) *pkeyopts = NULL, *sigopts = NULL; 169c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY *pkey=NULL; 170480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org int i=0,badops=0,newreq=0,verbose=0,pkey_type=-1; 171c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org long newkey = -1; 172c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *in=NULL,*out=NULL; 173c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM; 174c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0; 175c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL; 176c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 177c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *engine=NULL; 178c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 179c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *extensions = NULL; 180c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *req_exts = NULL; 181c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org const EVP_CIPHER *cipher=NULL; 182c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ASN1_INTEGER *serial = NULL; 183c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int modulus=0; 184c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *inrand=NULL; 185c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *passargin = NULL, *passargout = NULL; 186c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *passin = NULL, *passout = NULL; 187c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *p; 188c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *subj = NULL; 189c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int multirdn = 0; 190480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org const EVP_MD *md_alg=NULL,*digest=NULL; 191c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org unsigned long chtype = MBSTRING_ASC; 192c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef MONOLITH 193c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *to_free; 194c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org long errline; 195c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 196c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 197c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req_conf = NULL; 198c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_DES 199c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher=EVP_des_ede3_cbc(); 200c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 201c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org apps_startup(); 202c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 203c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (bio_err == NULL) 204c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((bio_err=BIO_new(BIO_s_file())) != NULL) 205c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); 206c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 207c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org infile=NULL; 208c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org outfile=NULL; 209c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org informat=FORMAT_PEM; 210c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org outformat=FORMAT_PEM; 211c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 212c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org prog=argv[0]; 213c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org argc--; 214c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org argv++; 215c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org while (argc >= 1) 216c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 217c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (strcmp(*argv,"-inform") == 0) 218c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 219c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 220c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org informat=str2fmt(*(++argv)); 221c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 222c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-outform") == 0) 223c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 224c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 225c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org outformat=str2fmt(*(++argv)); 226c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 227c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 228c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-engine") == 0) 229c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 230c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 231c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org engine= *(++argv); 232c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 233480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (strcmp(*argv,"-keygen_engine") == 0) 234480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 235480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (--argc < 1) goto bad; 236480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org gen_eng = ENGINE_by_id(*(++argv)); 237480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (gen_eng == NULL) 238480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 239480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err, "Can't find keygen engine %s\n", *argv); 240480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 241480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 242480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 243c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 244c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-key") == 0) 245c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 246c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 247c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org keyfile= *(++argv); 248c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 249c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-pubkey") == 0) 250c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 251c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org pubkey=1; 252c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 253c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-new") == 0) 254c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 255c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org newreq=1; 256c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 257c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-config") == 0) 258c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 259c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 260c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org template= *(++argv); 261c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 262c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-keyform") == 0) 263c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 264c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 265c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org keyform=str2fmt(*(++argv)); 266c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 267c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-in") == 0) 268c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 269c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 270c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org infile= *(++argv); 271c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 272c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-out") == 0) 273c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 274c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 275c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org outfile= *(++argv); 276c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 277c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-keyout") == 0) 278c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 279c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 280c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org keyout= *(++argv); 281c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 282c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-passin") == 0) 283c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 284c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 285c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org passargin= *(++argv); 286c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 287c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-passout") == 0) 288c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 289c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 290c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org passargout= *(++argv); 291c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 292c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-rand") == 0) 293c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 294c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 295c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org inrand= *(++argv); 296c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 297c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-newkey") == 0) 298c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 299480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (--argc < 1) 300c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto bad; 301480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org keyalg = *(++argv); 302c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org newreq=1; 303c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 304480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (strcmp(*argv,"-pkeyopt") == 0) 305480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 306480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (--argc < 1) 307480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto bad; 308480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!pkeyopts) 309480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org pkeyopts = sk_OPENSSL_STRING_new_null(); 310480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!pkeyopts || !sk_OPENSSL_STRING_push(pkeyopts, *(++argv))) 311480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto bad; 312480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 3132c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-sigopt") == 0) 3142c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 3152c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (--argc < 1) 3162c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org goto bad; 3172c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (!sigopts) 3182c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org sigopts = sk_OPENSSL_STRING_new_null(); 3192c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv))) 3202c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org goto bad; 3212c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 322c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-batch") == 0) 323c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org batch=1; 324c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-newhdr") == 0) 325c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org newhdr=1; 326c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-modulus") == 0) 327c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org modulus=1; 328c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-verify") == 0) 329c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org verify=1; 330c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-nodes") == 0) 331c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org nodes=1; 332c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-noout") == 0) 333c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org noout=1; 334c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-verbose") == 0) 335c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org verbose=1; 336c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-utf8") == 0) 337c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org chtype = MBSTRING_UTF8; 338c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-nameopt") == 0) 339c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 340c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 341c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!set_name_ex(&nmflag, *(++argv))) goto bad; 342c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 343c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-reqopt") == 0) 344c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 345c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 346c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!set_cert_ex(&reqflag, *(++argv))) goto bad; 347c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 348c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-subject") == 0) 349c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org subject=1; 350c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-text") == 0) 351c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org text=1; 352c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-x509") == 0) 353c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org x509=1; 354c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-asn1-kludge") == 0) 355c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org kludge=1; 356c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-no-asn1-kludge") == 0) 357c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org kludge=0; 358c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-subj") == 0) 359c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 360c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 361c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org subj= *(++argv); 362c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 363c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-multivalue-rdn") == 0) 364c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org multirdn=1; 365c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-days") == 0) 366c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 367c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 368c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org days= atoi(*(++argv)); 369c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (days == 0) days=30; 370c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 371c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-set_serial") == 0) 372c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 373c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 374c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org serial = s2i_ASN1_INTEGER(NULL, *(++argv)); 375c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!serial) goto bad; 376c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 377c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-extensions") == 0) 378c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 379c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 380c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org extensions = *(++argv); 381c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 382c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-reqexts") == 0) 383c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 384c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 385c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req_exts = *(++argv); 386c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 387480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL) 388480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 389480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org /* ok */ 390480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org digest=md_alg; 391480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 392c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 393c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 394c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"unknown option %s\n",*argv); 395c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org badops=1; 396c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 397c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 398c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org argc--; 399c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org argv++; 400c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 401c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 402c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (badops) 403c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 404c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgbad: 405c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); 406c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"where options are\n"); 407c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); 408c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); 409c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -in arg input file\n"); 410c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -out arg output file\n"); 411c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -text text form of request\n"); 412c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -pubkey output public key\n"); 413c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -noout do not output REQ\n"); 414c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -verify verify signature on REQ\n"); 415c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -modulus RSA modulus\n"); 416c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -nodes don't encrypt the output key\n"); 417c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 418c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -engine e use engine e, possibly a hardware device\n"); 419c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 420c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -subject output the request's subject\n"); 421c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -passin private key password source\n"); 422c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -key file use the private key contained in file\n"); 423c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -keyform arg key file format\n"); 424c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -keyout arg file to send the key to\n"); 425c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 426c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," load the file (or the files in the directory) into\n"); 427c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," the random number generator\n"); 428c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n"); 429c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n"); 430c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ECDSA 431c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -newkey ec:file generate a new EC key, parameters taken from CA in 'file'\n"); 432c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 433c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)\n"); 434c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -config file request template file.\n"); 435c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -subj arg set or modify request subject\n"); 436c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -multivalue-rdn enable support for multivalued RDNs\n"); 437c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -new new request.\n"); 438c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -batch do not ask anything during request generation\n"); 439c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -x509 output a x509 structure instead of a cert. req.\n"); 440c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -days number of days a certificate generated by -x509 is valid for.\n"); 441c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -set_serial serial number to use for a certificate generated by -x509.\n"); 442c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -newhdr output \"NEW\" in the header lines\n"); 443c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -asn1-kludge Output the 'request' in a format that is wrong but some CA's\n"); 444c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," have been reported as requiring\n"); 445c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n"); 446c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n"); 447c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n"); 448c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -nameopt arg - various certificate name options\n"); 449c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -reqopt arg - various request text options\n\n"); 450c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 451c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 452c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 453c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_load_crypto_strings(); 454c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { 455c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Error getting passwords\n"); 456c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 457c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 458c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 459c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef MONOLITH /* else this has happened in openssl.c (global `config') */ 460c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Lets load up our environment a little */ 461c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p=getenv("OPENSSL_CONF"); 462c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (p == NULL) 463c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p=getenv("SSLEAY_CONF"); 464c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (p == NULL) 465c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p=to_free=make_config_name(); 466c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org default_config_file=p; 467c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org config=NCONF_new(NULL); 468c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=NCONF_load(config, p, &errline); 469c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 470c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 471c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (template != NULL) 472c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 473c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org long errline = -1; 474c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 475c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if( verbose ) 476c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"Using configuration from %s\n",template); 477c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req_conf=NCONF_new(NULL); 478c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=NCONF_load(req_conf,template,&errline); 479c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (i == 0) 480c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 481c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"error on line %ld of %s\n",errline,template); 482c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 483c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 484c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 485c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 486c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 487c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req_conf=config; 488c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 489c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (req_conf == NULL) 490c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 491c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"Unable to load config info from %s\n", default_config_file); 492c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (newreq) 493c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 494c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 495c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if( verbose ) 496c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"Using configuration from %s\n", 497c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org default_config_file); 498c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 499c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 500c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (req_conf != NULL) 501c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 502c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!load_config(bio_err, req_conf)) 503c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 504c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p=NCONF_get_string(req_conf,NULL,"oid_file"); 505c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (p == NULL) 506c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 507c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (p != NULL) 508c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 509c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *oid_bio; 510c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 511c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org oid_bio=BIO_new_file(p,"r"); 512c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (oid_bio == NULL) 513c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 514c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* 515c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"problems opening %s for extra oid's\n",p); 516c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 517c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 518c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 519c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 520c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 521c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org OBJ_create_objects(oid_bio); 522c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free(oid_bio); 523c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 524c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 525c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 526c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!add_oid_section(bio_err, req_conf)) goto end; 527c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 528c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (md_alg == NULL) 529c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 530c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p=NCONF_get_string(req_conf,SECTION,"default_md"); 531c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (p == NULL) 532c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 533c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (p != NULL) 534c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 535c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((md_alg=EVP_get_digestbyname(p)) != NULL) 536c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org digest=md_alg; 537c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 538c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 539c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 540c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!extensions) 541c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 542c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org extensions = NCONF_get_string(req_conf, SECTION, V3_EXTENSIONS); 543c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!extensions) 544c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 545c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 546c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (extensions) { 547c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Check syntax of file */ 548c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_CTX ctx; 549c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_set_ctx_test(&ctx); 550c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_set_nconf(&ctx, req_conf); 551c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!X509V3_EXT_add_nconf(req_conf, &ctx, extensions, NULL)) { 552c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, 553c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "Error Loading extension section %s\n", extensions); 554c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 555c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 556c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 557c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 558c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!passin) 559c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 560c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org passin = NCONF_get_string(req_conf, SECTION, "input_password"); 561c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!passin) 562c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 563c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 564c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 565c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!passout) 566c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 567c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org passout = NCONF_get_string(req_conf, SECTION, "output_password"); 568c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!passout) 569c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 570c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 571c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 572c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p = NCONF_get_string(req_conf, SECTION, STRING_MASK); 573c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!p) 574c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 575c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 576c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(p && !ASN1_STRING_set_default_mask_asc(p)) { 577c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Invalid global string mask setting %s\n", p); 578c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 579c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 580c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 581c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (chtype != MBSTRING_UTF8) 582c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 583c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p = NCONF_get_string(req_conf, SECTION, UTF8_IN); 584c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!p) 585c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 586c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!strcmp(p, "yes")) 587c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org chtype = MBSTRING_UTF8; 588c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 589c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 590c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 591c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!req_exts) 592c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 593c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req_exts = NCONF_get_string(req_conf, SECTION, REQ_EXTENSIONS); 594c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!req_exts) 595c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 596c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 597c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(req_exts) { 598c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Check syntax of file */ 599c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_CTX ctx; 600c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_set_ctx_test(&ctx); 601c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_set_nconf(&ctx, req_conf); 602c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!X509V3_EXT_add_nconf(req_conf, &ctx, req_exts, NULL)) { 603c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, 604c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "Error Loading request extension section %s\n", 605c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req_exts); 606c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 607c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 608c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 609c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 610c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org in=BIO_new(BIO_s_file()); 611c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org out=BIO_new(BIO_s_file()); 612c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((in == NULL) || (out == NULL)) 613c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 614c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 615c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 616c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org e = setup_engine(bio_err, engine, 0); 617c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 618c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 619c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (keyfile != NULL) 620c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 621c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org pkey = load_key(bio_err, keyfile, keyform, 0, passin, e, 622c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "Private Key"); 623c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!pkey) 624c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 625c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* load_key() has already printed an appropriate 626c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org message */ 627c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 628c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 629c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 630c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 631c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE"); 632c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (randfile == NULL) 633c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 634c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org app_RAND_load_file(randfile, bio_err, 0); 635c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 636c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 637c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 638c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (newreq && (pkey == NULL)) 639c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 640c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE"); 641c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (randfile == NULL) 642c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 643c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org app_RAND_load_file(randfile, bio_err, 0); 644c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (inrand) 645c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org app_RAND_load_files(inrand); 646480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 647480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (keyalg) 648480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 649480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org genctx = set_keygen_ctx(bio_err, keyalg, &pkey_type, &newkey, 650480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org &keyalgstr, gen_eng); 651480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!genctx) 652480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 653480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 654c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 655c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (newkey <= 0) 656c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 657c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!NCONF_get_number(req_conf,SECTION,BITS, &newkey)) 658c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org newkey=DEFAULT_KEY_LENGTH; 659c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 660c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 661480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (newkey < MIN_KEY_LENGTH && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA)) 662c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 663c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"private key length is too short,\n"); 664c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"it needs to be at least %d bits, not %ld\n",MIN_KEY_LENGTH,newkey); 665c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 666c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 667c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 668480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!genctx) 669480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 670480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org genctx = set_keygen_ctx(bio_err, NULL, &pkey_type, &newkey, 671480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org &keyalgstr, gen_eng); 672480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!genctx) 673c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 674c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 675480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 676480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (pkeyopts) 677c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 678480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org char *genopt; 679480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org for (i = 0; i < sk_OPENSSL_STRING_num(pkeyopts); i++) 680480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 681480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org genopt = sk_OPENSSL_STRING_value(pkeyopts, i); 682480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (pkey_ctrl_string(genctx, genopt) <= 0) 683480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 684480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err, 685480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org "parameter error \"%s\"\n", 686480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org genopt); 687480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ERR_print_errors(bio_err); 688480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 689480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 690480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 691c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 692480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 693480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err,"Generating a %ld bit %s private key\n", 694480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org newkey, keyalgstr); 695480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 696480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_CTX_set_cb(genctx, genpkey_cb); 697480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_CTX_set_app_data(genctx, bio_err); 698480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 699480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (EVP_PKEY_keygen(genctx, &pkey) <= 0) 700c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 701480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_puts(bio_err, "Error Generating Key\n"); 702480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 703c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 704c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 705480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_CTX_free(genctx); 706480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org genctx = NULL; 707c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 708480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org app_RAND_write_file(randfile, bio_err); 709c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 710c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (keyout == NULL) 711c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 712c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org keyout=NCONF_get_string(req_conf,SECTION,KEYFILE); 713c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (keyout == NULL) 714c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 715c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 716c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 717c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (keyout == NULL) 718c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 719c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"writing new private key to stdout\n"); 720c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_set_fp(out,stdout,BIO_NOCLOSE); 721c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef OPENSSL_SYS_VMS 722c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 723c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *tmpbio = BIO_new(BIO_f_linebuffer()); 724c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org out = BIO_push(tmpbio, out); 725c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 726c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 727c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 728c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 729c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 730c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"writing new private key to '%s'\n",keyout); 731c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (BIO_write_filename(out,keyout) <= 0) 732c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 733c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org perror(keyout); 734c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 735c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 736c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 737c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 738c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p=NCONF_get_string(req_conf,SECTION,"encrypt_rsa_key"); 739c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (p == NULL) 740c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 741c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 742c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p=NCONF_get_string(req_conf,SECTION,"encrypt_key"); 743c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (p == NULL) 744c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 745c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 746c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((p != NULL) && (strcmp(p,"no") == 0)) 747c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher=NULL; 748c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (nodes) cipher=NULL; 749c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 750c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=0; 751c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgloop: 752c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!PEM_write_bio_PrivateKey(out,pkey,cipher, 753c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org NULL,0,NULL,passout)) 754c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 755c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((ERR_GET_REASON(ERR_peek_error()) == 756c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org PEM_R_PROBLEMS_GETTING_PASSWORD) && (i < 3)) 757c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 758c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 759c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i++; 760c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto loop; 761c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 762c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 763c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 764c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"-----\n"); 765c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 766c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 767c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!newreq) 768c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 769c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Since we are using a pre-existing certificate 770c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * request, the kludge 'format' info should not be 771c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * changed. */ 772c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org kludge= -1; 773c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (infile == NULL) 774c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_set_fp(in,stdin,BIO_NOCLOSE); 775c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 776c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 777c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (BIO_read_filename(in,infile) <= 0) 778c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 779c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org perror(infile); 780c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 781c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 782c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 783c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 784c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (informat == FORMAT_ASN1) 785c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req=d2i_X509_REQ_bio(in,NULL); 786c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (informat == FORMAT_PEM) 787c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL); 788c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 789c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 790c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"bad input format specified for X509 request\n"); 791c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 792c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 793c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (req == NULL) 794c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 795c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"unable to load X509 request\n"); 796c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 797c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 798c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 799c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 800c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (newreq || x509) 801c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 802c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (pkey == NULL) 803c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 804c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"you need to specify a private key\n"); 805c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 806c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 807480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 808c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (req == NULL) 809c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 810c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req=X509_REQ_new(); 811c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (req == NULL) 812c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 813c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 814c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 815c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 816c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=make_REQ(req,pkey,subj,multirdn,!x509, chtype); 817c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org subj=NULL; /* done processing '-subj' option */ 818c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((kludge > 0) && !sk_X509_ATTRIBUTE_num(req->req_info->attributes)) 819c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 820c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sk_X509_ATTRIBUTE_free(req->req_info->attributes); 821c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req->req_info->attributes = NULL; 822c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 823c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!i) 824c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 825c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"problems making Certificate Request\n"); 826c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 827c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 828c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 829c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (x509) 830c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 831c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY *tmppkey; 832c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_CTX ext_ctx; 833c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((x509ss=X509_new()) == NULL) goto end; 834c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 835c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Set version to V3 */ 836c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(extensions && !X509_set_version(x509ss, 2)) goto end; 837c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (serial) 838c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 839c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!X509_set_serialNumber(x509ss, serial)) goto end; 840c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 841c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 842c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 843c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!rand_serial(NULL, 844c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_get_serialNumber(x509ss))) 845c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 846c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 847c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 848c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req))) goto end; 849c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!X509_gmtime_adj(X509_get_notBefore(x509ss),0)) goto end; 850480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!X509_time_adj_ex(X509_get_notAfter(x509ss), days, 0, NULL)) goto end; 851c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) goto end; 852c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tmppkey = X509_REQ_get_pubkey(req); 853c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!tmppkey || !X509_set_pubkey(x509ss,tmppkey)) goto end; 854c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY_free(tmppkey); 855c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 856c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Set up V3 context struct */ 857c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 858c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_set_ctx(&ext_ctx, x509ss, x509ss, NULL, NULL, 0); 859c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_set_nconf(&ext_ctx, req_conf); 860c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 861c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Add extensions */ 862c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(extensions && !X509V3_EXT_add_nconf(req_conf, 863c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org &ext_ctx, extensions, x509ss)) 864c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 865c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, 866c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "Error Loading extension section %s\n", 867c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org extensions); 868c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 869c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 8702c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 8712c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org i=do_X509_sign(bio_err, x509ss, pkey, digest, sigopts); 8722c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (!i) 873480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 874480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ERR_print_errors(bio_err); 875c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 876480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 877c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 878c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 879c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 880c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_CTX ext_ctx; 881c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 882c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Set up V3 context struct */ 883c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 884c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_set_ctx(&ext_ctx, NULL, NULL, req, NULL, 0); 885c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509V3_set_nconf(&ext_ctx, req_conf); 886c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 887c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Add extensions */ 888c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(req_exts && !X509V3_EXT_REQ_add_nconf(req_conf, 889c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org &ext_ctx, req_exts, req)) 890c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 891c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, 892c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "Error Loading extension section %s\n", 893c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req_exts); 894c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 895c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 8962c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org i=do_X509_REQ_sign(bio_err, req, pkey, digest, sigopts); 8972c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (!i) 898480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 899480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ERR_print_errors(bio_err); 900c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 901480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 902c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 903c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 904c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 905c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (subj && x509) 906c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 907c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Cannot modifiy certificate subject\n"); 908c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 909c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 910c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 911c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (subj && !x509) 912c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 913c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (verbose) 914c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 915c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Modifying Request's Subject\n"); 916c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org print_name(bio_err, "old subject=", X509_REQ_get_subject_name(req), nmflag); 917c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 918c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 919c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (build_subject(req, subj, chtype, multirdn) == 0) 920c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 921c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "ERROR: cannot modify subject\n"); 922c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ex=1; 923c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 924c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 925c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 926c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org req->req_info->enc.modified = 1; 927c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 928c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (verbose) 929c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 930c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org print_name(bio_err, "new subject=", X509_REQ_get_subject_name(req), nmflag); 931c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 932c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 933c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 934c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (verify && !x509) 935c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 936c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int tmp=0; 937c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 938c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (pkey == NULL) 939c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 940c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org pkey=X509_REQ_get_pubkey(req); 941c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tmp=1; 942c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (pkey == NULL) goto end; 943c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 944c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 945c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=X509_REQ_verify(req,pkey); 946c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (tmp) { 947c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY_free(pkey); 948c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org pkey=NULL; 949c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 950c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 951c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (i < 0) 952c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 953c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 954c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 955c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (i == 0) 956c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 957c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"verify failure\n"); 958c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 959c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 960c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else /* if (i > 0) */ 961c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"verify OK\n"); 962c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 963c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 964c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (noout && !text && !modulus && !subject && !pubkey) 965c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 966c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ex=0; 967c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 968c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 969c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 970c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (outfile == NULL) 971c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 972c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_set_fp(out,stdout,BIO_NOCLOSE); 973c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef OPENSSL_SYS_VMS 974c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 975c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *tmpbio = BIO_new(BIO_f_linebuffer()); 976c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org out = BIO_push(tmpbio, out); 977c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 978c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 979c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 980c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 981c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 982c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((keyout != NULL) && (strcmp(outfile,keyout) == 0)) 983c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=(int)BIO_append_filename(out,outfile); 984c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 985c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=(int)BIO_write_filename(out,outfile); 986c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!i) 987c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 988c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org perror(outfile); 989c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 990c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 991c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 992c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 993c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (pubkey) 994c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 995c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY *tpubkey; 996c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tpubkey=X509_REQ_get_pubkey(req); 997c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (tpubkey == NULL) 998c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 999c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"Error getting public key\n"); 1000c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1001c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1002c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1003c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org PEM_write_bio_PUBKEY(out, tpubkey); 1004c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY_free(tpubkey); 1005c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1006c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1007c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (text) 1008c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1009c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (x509) 1010c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_print_ex(out, x509ss, nmflag, reqflag); 1011c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1012c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_REQ_print_ex(out, req, nmflag, reqflag); 1013c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1014c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1015c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(subject) 1016c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1017c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(x509) 1018c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org print_name(out, "subject=", X509_get_subject_name(x509ss), nmflag); 1019c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1020c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org print_name(out, "subject=", X509_REQ_get_subject_name(req), nmflag); 1021c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1022c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1023c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (modulus) 1024c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1025c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY *tpubkey; 1026c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1027c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (x509) 1028c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tpubkey=X509_get_pubkey(x509ss); 1029c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1030c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tpubkey=X509_REQ_get_pubkey(req); 1031c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (tpubkey == NULL) 1032c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1033c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org fprintf(stdout,"Modulus=unavailable\n"); 1034c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1035c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1036c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org fprintf(stdout,"Modulus="); 1037c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_RSA 1038480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA) 1039c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BN_print(out,tpubkey->pkey.rsa->n); 1040c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1041c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1042c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org fprintf(stdout,"Wrong Algorithm type"); 1043c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY_free(tpubkey); 1044c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org fprintf(stdout,"\n"); 1045c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1046c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1047c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!noout && !x509) 1048c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1049c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (outformat == FORMAT_ASN1) 1050c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=i2d_X509_REQ_bio(out,req); 1051c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (outformat == FORMAT_PEM) { 1052c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(newhdr) i=PEM_write_bio_X509_REQ_NEW(out,req); 1053c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else i=PEM_write_bio_X509_REQ(out,req); 1054c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } else { 1055c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"bad output format specified for outfile\n"); 1056c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1057c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1058c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!i) 1059c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1060c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"unable to write X509 request\n"); 1061c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1062c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1063c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1064c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!noout && x509 && (x509ss != NULL)) 1065c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1066c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (outformat == FORMAT_ASN1) 1067c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=i2d_X509_bio(out,x509ss); 1068c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (outformat == FORMAT_PEM) 1069c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=PEM_write_bio_X509(out,x509ss); 1070c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else { 1071c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"bad output format specified for outfile\n"); 1072c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1073c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1074c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!i) 1075c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1076c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"unable to write X509 certificate\n"); 1077c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1078c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1079c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1080c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ex=0; 1081c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgend: 1082c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef MONOLITH 1083c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(to_free) 1084c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org OPENSSL_free(to_free); 1085c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1086c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (ex) 1087c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1088c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1089c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1090c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((req_conf != NULL) && (req_conf != config)) NCONF_free(req_conf); 1091c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free(in); 1092c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free_all(out); 1093c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY_free(pkey); 1094480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (genctx) 1095480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_CTX_free(genctx); 1096480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (pkeyopts) 1097480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org sk_OPENSSL_STRING_free(pkeyopts); 10982c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (sigopts) 10992c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org sk_OPENSSL_STRING_free(sigopts); 1100480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifndef OPENSSL_NO_ENGINE 1101480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (gen_eng) 1102480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ENGINE_free(gen_eng); 1103480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1104480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (keyalgstr) 1105480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org OPENSSL_free(keyalgstr); 1106c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_REQ_free(req); 1107c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_free(x509ss); 1108c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ASN1_INTEGER_free(serial); 1109c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(passargin && passin) OPENSSL_free(passin); 1110c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(passargout && passout) OPENSSL_free(passout); 1111c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org OBJ_cleanup(); 1112c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org apps_shutdown(); 1113c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org OPENSSL_EXIT(ex); 1114c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1115c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1116c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int multirdn, 1117c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int attribs, unsigned long chtype) 1118c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1119c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int ret=0,i; 1120c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char no_prompt = 0; 1121c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org STACK_OF(CONF_VALUE) *dn_sk, *attr_sk = NULL; 1122c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *tmp, *dn_sect,*attr_sect; 1123c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1124c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tmp=NCONF_get_string(req_conf,SECTION,PROMPT); 1125c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (tmp == NULL) 1126c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 1127c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if((tmp != NULL) && !strcmp(tmp, "no")) no_prompt = 1; 1128c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1129c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org dn_sect=NCONF_get_string(req_conf,SECTION,DISTINGUISHED_NAME); 1130c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (dn_sect == NULL) 1131c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1132c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"unable to find '%s' in config\n", 1133c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org DISTINGUISHED_NAME); 1134c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto err; 1135c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1136c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org dn_sk=NCONF_get_section(req_conf,dn_sect); 1137c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (dn_sk == NULL) 1138c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1139c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"unable to get '%s' section\n",dn_sect); 1140c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto err; 1141c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1142c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1143c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org attr_sect=NCONF_get_string(req_conf,SECTION,ATTRIBUTES); 1144c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (attr_sect == NULL) 1145c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1146c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 1147c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org attr_sk=NULL; 1148c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1149c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1150c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1151c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org attr_sk=NCONF_get_section(req_conf,attr_sect); 1152c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (attr_sk == NULL) 1153c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1154c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"unable to get '%s' section\n",attr_sect); 1155c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto err; 1156c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1157c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1158c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1159c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* setup version number */ 1160c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!X509_REQ_set_version(req,0L)) goto err; /* version 1 */ 1161c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1162c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (no_prompt) 1163c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i = auto_info(req, dn_sk, attr_sk, attribs, chtype); 1164c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1165c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1166c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (subj) 1167c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i = build_subject(req, subj, chtype, multirdn); 1168c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1169c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i = prompt_info(req, dn_sk, dn_sect, attr_sk, attr_sect, attribs, chtype); 1170c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1171c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!i) goto err; 1172c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1173c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!X509_REQ_set_pubkey(req,pkey)) goto err; 1174c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1175c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ret=1; 1176c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgerr: 1177c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(ret); 1178c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1179c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1180c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* 1181c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * subject is expected to be in the format /type0=value0/type1=value1/type2=... 1182c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * where characters may be escaped by \ 1183c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 1184c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int build_subject(X509_REQ *req, char *subject, unsigned long chtype, int multirdn) 1185c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1186c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_NAME *n; 1187c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1188c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!(n = parse_name(subject, chtype, multirdn))) 1189c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 1190c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1191c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!X509_REQ_set_subject_name(req, n)) 1192c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1193c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_NAME_free(n); 1194c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 1195c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1196c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_NAME_free(n); 1197c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 1; 1198c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org} 1199c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1200c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1201c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int prompt_info(X509_REQ *req, 1202c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect, 1203c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect, int attribs, 1204c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org unsigned long chtype) 1205c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1206c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int i; 1207c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *p,*q; 1208c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char buf[100]; 1209c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int nid, mval; 1210c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org long n_min,n_max; 1211c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *type, *value; 1212c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org const char *def; 1213c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org CONF_VALUE *v; 1214c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_NAME *subj; 1215c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org subj = X509_REQ_get_subject_name(req); 1216c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1217c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!batch) 1218c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1219c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"You are about to be asked to enter information that will be incorporated\n"); 1220c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"into your certificate request.\n"); 1221c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"What you are about to enter is what is called a Distinguished Name or a DN.\n"); 1222c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"There are quite a few fields but you can leave some blank\n"); 1223c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"For some fields there will be a default value,\n"); 1224c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"If you enter '.', the field will be left blank.\n"); 1225c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"-----\n"); 1226c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1227c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1228c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1229c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (sk_CONF_VALUE_num(dn_sk)) 1230c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1231c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i= -1; 1232c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstart: for (;;) 1233c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1234c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i++; 1235c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (sk_CONF_VALUE_num(dn_sk) <= i) break; 1236c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1237c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org v=sk_CONF_VALUE_value(dn_sk,i); 1238c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p=q=NULL; 1239c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org type=v->name; 1240c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!check_end(type,"_min") || !check_end(type,"_max") || 1241c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org !check_end(type,"_default") || 1242c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org !check_end(type,"_value")) continue; 1243c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Skip past any leading X. X: X, etc to allow for 1244c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * multiple instances 1245c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 1246c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for(p = v->name; *p ; p++) 1247c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((*p == ':') || (*p == ',') || 1248c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (*p == '.')) { 1249c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p++; 1250c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(*p) type = p; 1251c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1252c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1253c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (*type == '+') 1254c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1255c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org mval = -1; 1256c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org type++; 1257c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1258c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1259c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org mval = 0; 1260c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* If OBJ not recognised ignore it */ 1261c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start; 1262c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (BIO_snprintf(buf,sizeof buf,"%s_default",v->name) 1263c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org >= (int)sizeof(buf)) 1264c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1265c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"Name '%s' too long\n",v->name); 1266c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 1267c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1268c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1269c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL) 1270c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1271c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 1272c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org def=""; 1273c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1274c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1275c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_snprintf(buf,sizeof buf,"%s_value",v->name); 1276c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((value=NCONF_get_string(req_conf,dn_sect,buf)) == NULL) 1277c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1278c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 1279c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org value=NULL; 1280c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1281c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1282c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_snprintf(buf,sizeof buf,"%s_min",v->name); 1283c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min)) 1284c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1285c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 1286c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org n_min = -1; 1287c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1288c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1289c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_snprintf(buf,sizeof buf,"%s_max",v->name); 1290c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max)) 1291c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1292c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 1293c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org n_max = -1; 1294c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1295c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1296c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!add_DN_object(subj,v->value,def,value,nid, 1297c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org n_min,n_max, chtype, mval)) 1298c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 1299c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1300c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (X509_NAME_entry_count(subj) == 0) 1301c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1302c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"error, no objects specified in config file\n"); 1303c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 1304c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1305c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1306c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (attribs) 1307c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1308c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((attr_sk != NULL) && (sk_CONF_VALUE_num(attr_sk) > 0) && (!batch)) 1309c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1310c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"\nPlease enter the following 'extra' attributes\n"); 1311c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"to be sent with your certificate request\n"); 1312c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1313c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1314c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i= -1; 1315c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstart2: for (;;) 1316c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1317c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i++; 1318c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((attr_sk == NULL) || 1319c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (sk_CONF_VALUE_num(attr_sk) <= i)) 1320c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1321c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1322c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org v=sk_CONF_VALUE_value(attr_sk,i); 1323c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org type=v->name; 1324c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((nid=OBJ_txt2nid(type)) == NID_undef) 1325c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto start2; 1326c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1327c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (BIO_snprintf(buf,sizeof buf,"%s_default",type) 1328c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org >= (int)sizeof(buf)) 1329c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1330c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"Name '%s' too long\n",v->name); 1331c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 1332c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1333c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1334c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((def=NCONF_get_string(req_conf,attr_sect,buf)) 1335c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org == NULL) 1336c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1337c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 1338c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org def=""; 1339c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1340c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1341c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1342c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_snprintf(buf,sizeof buf,"%s_value",type); 1343c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((value=NCONF_get_string(req_conf,attr_sect,buf)) 1344c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org == NULL) 1345c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1346c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 1347c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org value=NULL; 1348c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1349c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1350c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_snprintf(buf,sizeof buf,"%s_min",type); 1351c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!NCONF_get_number(req_conf,attr_sect,buf, &n_min)) 1352c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1353c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 1354c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org n_min = -1; 1355c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1356c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1357c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_snprintf(buf,sizeof buf,"%s_max",type); 1358c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!NCONF_get_number(req_conf,attr_sect,buf, &n_max)) 1359c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1360c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_clear_error(); 1361c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org n_max = -1; 1362c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1363c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1364c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!add_attribute_object(req, 1365c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org v->value,def,value,nid,n_min,n_max, chtype)) 1366c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 1367c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1368c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1369c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1370c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1371c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1372c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"No template, please set one up.\n"); 1373c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 1374c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1375c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1376c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 1; 1377c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1378c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1379c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1380c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, 1381c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org STACK_OF(CONF_VALUE) *attr_sk, int attribs, unsigned long chtype) 1382c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1383c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int i; 1384c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *p,*q; 1385c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *type; 1386c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org CONF_VALUE *v; 1387c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_NAME *subj; 1388c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1389c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org subj = X509_REQ_get_subject_name(req); 1390c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1391c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) 1392c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1393c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int mval; 1394c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org v=sk_CONF_VALUE_value(dn_sk,i); 1395c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p=q=NULL; 1396c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org type=v->name; 1397c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Skip past any leading X. X: X, etc to allow for 1398c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * multiple instances 1399c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 1400c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for(p = v->name; *p ; p++) 1401c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef CHARSET_EBCDIC 1402c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((*p == ':') || (*p == ',') || (*p == '.')) { 1403c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#else 1404c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((*p == os_toascii[':']) || (*p == os_toascii[',']) || (*p == os_toascii['.'])) { 1405c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1406c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p++; 1407c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(*p) type = p; 1408c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1409c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1410c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef CHARSET_EBCDIC 1411c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (*p == '+') 1412c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#else 1413c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (*p == os_toascii['+']) 1414c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1415c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1416c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p++; 1417c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org mval = -1; 1418c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1419c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1420c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org mval = 0; 1421c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!X509_NAME_add_entry_by_txt(subj,type, chtype, 1422c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (unsigned char *) v->value,-1,-1,mval)) return 0; 1423c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1424c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1425c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1426c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!X509_NAME_entry_count(subj)) 1427c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1428c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"error, no objects specified in config file\n"); 1429c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 1430c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1431c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (attribs) 1432c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1433c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for (i = 0; i < sk_CONF_VALUE_num(attr_sk); i++) 1434c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1435c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org v=sk_CONF_VALUE_value(attr_sk,i); 1436c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!X509_REQ_add1_attr_by_txt(req, v->name, chtype, 1437c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (unsigned char *)v->value, -1)) return 0; 1438c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1439c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1440c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 1; 1441c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1442c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1443c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1444c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int add_DN_object(X509_NAME *n, char *text, const char *def, char *value, 1445c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int nid, int n_min, int n_max, unsigned long chtype, int mval) 1446c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1447c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int i,ret=0; 1448c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org MS_STATIC char buf[1024]; 1449c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstart: 1450c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!batch) BIO_printf(bio_err,"%s [%s]:",text,def); 1451c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (void)BIO_flush(bio_err); 1452c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(value != NULL) 1453c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1454c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BUF_strlcpy(buf,value,sizeof buf); 1455c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BUF_strlcat(buf,"\n",sizeof buf); 1456c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"%s\n",value); 1457c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1458c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1459c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1460c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org buf[0]='\0'; 1461c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!batch) 1462c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1463c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!fgets(buf,sizeof buf,stdin)) 1464c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 1465c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1466c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1467c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1468c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org buf[0] = '\n'; 1469c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org buf[1] = '\0'; 1470c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1471c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1472c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1473c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (buf[0] == '\0') return(0); 1474c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (buf[0] == '\n') 1475c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1476c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((def == NULL) || (def[0] == '\0')) 1477c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(1); 1478c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BUF_strlcpy(buf,def,sizeof buf); 1479c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BUF_strlcat(buf,"\n",sizeof buf); 1480c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1481c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if ((buf[0] == '.') && (buf[1] == '\n')) return(1); 1482c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1483c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=strlen(buf); 1484c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (buf[i-1] != '\n') 1485c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1486c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"weird input :-(\n"); 1487c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(0); 1488c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1489c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org buf[--i]='\0'; 1490c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef CHARSET_EBCDIC 1491c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ebcdic2ascii(buf, buf, i); 1492c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1493c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!req_check_len(i, n_min, n_max)) goto start; 1494c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!X509_NAME_add_entry_by_NID(n,nid, chtype, 1495c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (unsigned char *) buf, -1,-1,mval)) goto err; 1496c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ret=1; 1497c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgerr: 1498c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(ret); 1499c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1500c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1501c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int add_attribute_object(X509_REQ *req, char *text, const char *def, 1502c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *value, int nid, int n_min, 1503c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int n_max, unsigned long chtype) 1504c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1505c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int i; 1506c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org static char buf[1024]; 1507c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1508c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstart: 1509c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!batch) BIO_printf(bio_err,"%s [%s]:",text,def); 1510c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (void)BIO_flush(bio_err); 1511c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (value != NULL) 1512c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1513c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BUF_strlcpy(buf,value,sizeof buf); 1514c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BUF_strlcat(buf,"\n",sizeof buf); 1515c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"%s\n",value); 1516c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1517c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1518c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1519c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org buf[0]='\0'; 1520c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!batch) 1521c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1522c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!fgets(buf,sizeof buf,stdin)) 1523c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 1524c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1525c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1526c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1527c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org buf[0] = '\n'; 1528c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org buf[1] = '\0'; 1529c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1530c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1531c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1532c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (buf[0] == '\0') return(0); 1533c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (buf[0] == '\n') 1534c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1535c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((def == NULL) || (def[0] == '\0')) 1536c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(1); 1537c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BUF_strlcpy(buf,def,sizeof buf); 1538c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BUF_strlcat(buf,"\n",sizeof buf); 1539c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1540c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if ((buf[0] == '.') && (buf[1] == '\n')) return(1); 1541c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1542c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=strlen(buf); 1543c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (buf[i-1] != '\n') 1544c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1545c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"weird input :-(\n"); 1546c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(0); 1547c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1548c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org buf[--i]='\0'; 1549c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef CHARSET_EBCDIC 1550c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ebcdic2ascii(buf, buf, i); 1551c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1552c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!req_check_len(i, n_min, n_max)) goto start; 1553c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1554c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!X509_REQ_add1_attr_by_NID(req, nid, chtype, 1555c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (unsigned char *)buf, -1)) { 1556c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Error adding attribute\n"); 1557c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1558c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto err; 1559c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1560c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1561c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(1); 1562c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgerr: 1563c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(0); 1564c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1565c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1566c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int req_check_len(int len, int n_min, int n_max) 1567c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1568c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((n_min > 0) && (len < n_min)) 1569c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1570c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"string is too short, it needs to be at least %d bytes long\n",n_min); 1571c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(0); 1572c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1573c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((n_max >= 0) && (len > n_max)) 1574c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1575c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"string is too long, it needs to be less than %d bytes long\n",n_max); 1576c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(0); 1577c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1578c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return(1); 1579c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1580c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1581c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* Check if the end of a string matches 'end' */ 1582c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int check_end(const char *str, const char *end) 1583c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org{ 1584c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int elen, slen; 1585c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org const char *tmp; 1586c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org elen = strlen(end); 1587c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org slen = strlen(str); 1588c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(elen > slen) return 1; 1589c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tmp = str + slen - elen; 1590c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return strcmp(tmp, end); 1591c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org} 1592480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1593480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.orgstatic EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type, 1594480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org long *pkeylen, char **palgnam, 1595480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ENGINE *keygen_engine) 1596480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1597480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_CTX *gctx = NULL; 1598480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY *param = NULL; 1599480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org long keylen = -1; 1600480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO *pbio = NULL; 1601480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org const char *paramfile = NULL; 1602480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1603480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (gstr == NULL) 1604480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1605480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org *pkey_type = EVP_PKEY_RSA; 1606480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org keylen = *pkeylen; 1607480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1608480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (gstr[0] >= '0' && gstr[0] <= '9') 1609480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1610480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org *pkey_type = EVP_PKEY_RSA; 1611480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org keylen = atol(gstr); 1612480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org *pkeylen = keylen; 1613480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1614480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (!strncmp(gstr, "param:", 6)) 1615480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org paramfile = gstr + 6; 1616480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else 1617480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1618480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org const char *p = strchr(gstr, ':'); 1619480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org int len; 1620480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ENGINE *tmpeng; 1621480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org const EVP_PKEY_ASN1_METHOD *ameth; 1622480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1623480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (p) 1624480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org len = p - gstr; 1625480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else 1626480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org len = strlen(gstr); 1627480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org /* The lookup of a the string will cover all engines so 1628480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * keep a note of the implementation. 1629480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org */ 1630480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1631480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ameth = EVP_PKEY_asn1_find_str(&tmpeng, gstr, len); 1632480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1633480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!ameth) 1634480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1635480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(err, "Unknown algorithm %.*s\n", len, gstr); 1636480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return NULL; 1637480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1638480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1639480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_asn1_get0_info(NULL, pkey_type, NULL, NULL, NULL, 1640480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ameth); 1641480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifndef OPENSSL_NO_ENGINE 1642480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (tmpeng) 1643480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ENGINE_finish(tmpeng); 1644480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1645480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (*pkey_type == EVP_PKEY_RSA) 1646480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1647480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (p) 1648480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1649480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org keylen = atol(p + 1); 1650480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org *pkeylen = keylen; 1651480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1652480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1653480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (p) 1654480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org paramfile = p + 1; 1655480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1656480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1657480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (paramfile) 1658480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1659480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org pbio = BIO_new_file(paramfile, "r"); 1660480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!pbio) 1661480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1662480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(err, "Can't open parameter file %s\n", 1663480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org paramfile); 1664480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return NULL; 1665480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1666480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org param = PEM_read_bio_Parameters(pbio, NULL); 1667480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1668480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!param) 1669480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1670480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org X509 *x; 1671480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org (void)BIO_reset(pbio); 1672480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org x = PEM_read_bio_X509(pbio, NULL, NULL, NULL); 1673480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (x) 1674480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1675480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org param = X509_get_pubkey(x); 1676480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org X509_free(x); 1677480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1678480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1679480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1680480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_free(pbio); 1681480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1682480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!param) 1683480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1684480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(err, "Error reading parameter file %s\n", 1685480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org paramfile); 1686480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return NULL; 1687480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1688480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (*pkey_type == -1) 1689480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org *pkey_type = EVP_PKEY_id(param); 1690480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (*pkey_type != EVP_PKEY_base_id(param)) 1691480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1692480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(err, "Key Type does not match parameters\n"); 1693480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_free(param); 1694480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return NULL; 1695480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1696480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1697480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1698480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (palgnam) 1699480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1700480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org const EVP_PKEY_ASN1_METHOD *ameth; 1701480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ENGINE *tmpeng; 1702480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org const char *anam; 1703480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ameth = EVP_PKEY_asn1_find(&tmpeng, *pkey_type); 1704480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!ameth) 1705480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1706480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_puts(err, "Internal error: can't find key algorithm\n"); 1707480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return NULL; 1708480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1709480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &anam, ameth); 1710480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org *palgnam = BUF_strdup(anam); 1711480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifndef OPENSSL_NO_ENGINE 1712480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (tmpeng) 1713480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ENGINE_finish(tmpeng); 1714480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1715480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1716480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1717480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (param) 1718480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1719480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org gctx = EVP_PKEY_CTX_new(param, keygen_engine); 1720480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org *pkeylen = EVP_PKEY_bits(param); 1721480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_free(param); 1722480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1723480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else 1724480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org gctx = EVP_PKEY_CTX_new_id(*pkey_type, keygen_engine); 1725480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1726480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!gctx) 1727480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1728480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_puts(err, "Error allocating keygen context\n"); 1729480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ERR_print_errors(err); 1730480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return NULL; 1731480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1732480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1733480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (EVP_PKEY_keygen_init(gctx) <= 0) 1734480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1735480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_puts(err, "Error initializing keygen context\n"); 1736480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ERR_print_errors(err); 1737480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return NULL; 1738480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1739480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifndef OPENSSL_NO_RSA 1740480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if ((*pkey_type == EVP_PKEY_RSA) && (keylen != -1)) 1741480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1742480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (EVP_PKEY_CTX_set_rsa_keygen_bits(gctx, keylen) <= 0) 1743480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1744480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_puts(err, "Error setting RSA keysize\n"); 1745480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ERR_print_errors(err); 1746480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org EVP_PKEY_CTX_free(gctx); 1747480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return NULL; 1748480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1749480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1750480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1751480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1752480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return gctx; 1753480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1754480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1755480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.orgstatic int genpkey_cb(EVP_PKEY_CTX *ctx) 1756480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1757480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org char c='*'; 1758480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO *b = EVP_PKEY_CTX_get_app_data(ctx); 1759480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org int p; 1760480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org p = EVP_PKEY_CTX_get_keygen_info(ctx, 0); 1761480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (p == 0) c='.'; 1762480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (p == 1) c='+'; 1763480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (p == 2) c='*'; 1764480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (p == 3) c='\n'; 1765480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_write(b,&c,1); 1766480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org (void)BIO_flush(b); 1767480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifdef LINT 1768480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org p=n; 1769480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1770480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return 1; 1771480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 17722c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 17732c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.orgstatic int do_sign_init(BIO *err, EVP_MD_CTX *ctx, EVP_PKEY *pkey, 17742c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org const EVP_MD *md, STACK_OF(OPENSSL_STRING) *sigopts) 17752c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 17762c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org EVP_PKEY_CTX *pkctx = NULL; 17772c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int i; 17782c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org EVP_MD_CTX_init(ctx); 17792c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (!EVP_DigestSignInit(ctx, &pkctx, md, NULL, pkey)) 17802c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return 0; 17812c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) 17822c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 17832c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org char *sigopt = sk_OPENSSL_STRING_value(sigopts, i); 17842c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (pkey_ctrl_string(pkctx, sigopt) <= 0) 17852c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 17862c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(err, "parameter error \"%s\"\n", sigopt); 17872c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org ERR_print_errors(bio_err); 17882c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return 0; 17892c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 17902c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 17912c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return 1; 17922c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 17932c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 17942c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.orgint do_X509_sign(BIO *err, X509 *x, EVP_PKEY *pkey, const EVP_MD *md, 17952c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org STACK_OF(OPENSSL_STRING) *sigopts) 17962c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 17972c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int rv; 17982c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org EVP_MD_CTX mctx; 17992c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org EVP_MD_CTX_init(&mctx); 18002c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org rv = do_sign_init(err, &mctx, pkey, md, sigopts); 18012c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (rv > 0) 18022c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org rv = X509_sign_ctx(x, &mctx); 18032c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org EVP_MD_CTX_cleanup(&mctx); 18042c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return rv > 0 ? 1 : 0; 18052c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 18062c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 18072c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 18082c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.orgint do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md, 18092c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org STACK_OF(OPENSSL_STRING) *sigopts) 18102c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 18112c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int rv; 18122c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org EVP_MD_CTX mctx; 18132c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org EVP_MD_CTX_init(&mctx); 18142c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org rv = do_sign_init(err, &mctx, pkey, md, sigopts); 18152c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (rv > 0) 18162c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org rv = X509_REQ_sign_ctx(x, &mctx); 18172c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org EVP_MD_CTX_cleanup(&mctx); 18182c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return rv > 0 ? 1 : 0; 18192c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 18202c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 18212c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 18222c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 18232c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.orgint do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md, 18242c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org STACK_OF(OPENSSL_STRING) *sigopts) 18252c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 18262c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int rv; 18272c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org EVP_MD_CTX mctx; 18282c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org EVP_MD_CTX_init(&mctx); 18292c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org rv = do_sign_init(err, &mctx, pkey, md, sigopts); 18302c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (rv > 0) 18312c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org rv = X509_CRL_sign_ctx(x, &mctx); 18322c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org EVP_MD_CTX_cleanup(&mctx); 18332c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return rv > 0 ? 1 : 0; 18342c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 18352c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 18362c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 1837