1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* apps/req.c */ 2656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * All rights reserved. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This package is an SSL implementation written 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * by Eric Young (eay@cryptsoft.com). 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The implementation was written so as to conform with Netscapes SSL. 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This library is free for commercial and non-commercial use as long as 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the following conditions are aheared to. The following conditions 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * apply to all code found in this distribution, be it the RC4, RSA, 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * included with this distribution is covered by the same copyright terms 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright remains Eric Young's, and as such any Copyright notices in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the code are not to be removed. 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If this package is used in a product, Eric Young should be given attribution 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * as the author of the parts of the library used. 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This can be in the form of a textual message at program startup or 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in documentation (online or textual) provided with the package. 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the copyright 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in the 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * documentation and/or other materials provided with the distribution. 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this software 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * must display the following acknowledgement: 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes cryptographic software written by 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Eric Young (eay@cryptsoft.com)" 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The word 'cryptographic' can be left out if the rouines from the library 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * being used are not cryptographic related :-). 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. If you include any Windows specific code (or a derivative thereof) from 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the apps directory (application code) you must include an acknowledgement: 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SUCH DAMAGE. 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The licence and distribution terms for any publically available version or 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * derivative of this code cannot be changed. i.e. this code cannot simply be 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * copied and put under another distribution licence 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * [including the GNU Public Licence.] 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 59656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Until the key-gen callbacks are modified to use newer prototypes, we allow 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * deprecated functions for openssl-internal code */ 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef OPENSSL_NO_DEPRECATED 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef OPENSSL_NO_DEPRECATED 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdlib.h> 67656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <time.h> 68656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <string.h> 69656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef OPENSSL_NO_STDIO 70656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define APPS_WIN16 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "apps.h" 73656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/bio.h> 74656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/evp.h> 75656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/conf.h> 76656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/err.h> 77656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/asn1.h> 78656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/x509.h> 79656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/x509v3.h> 80656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/objects.h> 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/pem.h> 82656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/bn.h> 83656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_RSA 84656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/rsa.h> 85656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 86656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DSA 87656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/dsa.h> 88656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define SECTION "req" 91656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define BITS "default_bits" 93656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define KEYFILE "default_keyfile" 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define PROMPT "prompt" 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define DISTINGUISHED_NAME "distinguished_name" 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define ATTRIBUTES "attributes" 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define V3_EXTENSIONS "x509_extensions" 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define REQ_EXTENSIONS "req_extensions" 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define STRING_MASK "string_mask" 100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define UTF8_IN "utf8" 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define DEFAULT_KEY_LENGTH 512 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define MIN_KEY_LENGTH 384 104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef PROG 106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define PROG req_main 107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* -inform arg - input format - default PEM (DER or PEM) 109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -outform arg - output format - default PEM 110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -in arg - input file - default stdin 111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -out arg - output file - default stdout 112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -verify - check request signature 113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -noout - don't print stuff out. 114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -text - print out human readable text. 115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -nodes - no des encryption 116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -config file - Load configuration file. 117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -key file - make a request using key in file (or use it for verification). 118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -keyform arg - key file format. 119656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -rand file(s) - load the file(s) into the PRNG. 120656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -newkey - make a key and a request. 121656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -modulus - print RSA modulus. 122656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -pubkey - output Public Key. 123656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -x509 - output a self signed X509 structure instead. 124656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * -asn1-kludge - output new certificate request in a format that some CA's 125656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * require. This format is wrong 126656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int make_REQ(X509_REQ *req,EVP_PKEY *pkey,char *dn,int mutlirdn, 129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int attribs,unsigned long chtype); 130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int build_subject(X509_REQ *req, char *subj, unsigned long chtype, 131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int multirdn); 132656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int prompt_info(X509_REQ *req, 133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect, 134656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect, int attribs, 135656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long chtype); 136656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *sk, 137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *attr, int attribs, 138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long chtype); 139656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int add_attribute_object(X509_REQ *req, char *text, const char *def, 140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *value, int nid, int n_min, 141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int n_max, unsigned long chtype); 142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int add_DN_object(X509_NAME *n, char *text, const char *def, char *value, 143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int nid,int n_min,int n_max, unsigned long chtype, int mval); 144221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int genpkey_cb(EVP_PKEY_CTX *ctx); 145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int req_check_len(int len,int n_min,int n_max); 146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int check_end(const char *str, const char *end); 147221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type, 148221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom long *pkeylen, char **palgnam, 149221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ENGINE *keygen_engine); 150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef MONOLITH 151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic char *default_config_file=NULL; 152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic CONF *req_conf=NULL; 154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int batch=0; 155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint MAIN(int, char **); 157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint MAIN(int argc, char **argv) 159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 160221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ENGINE *e = NULL, *gen_eng = NULL; 161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long nmflag = 0, reqflag = 0; 162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ex=1,x509=0,days=30; 163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *x509ss=NULL; 164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_REQ *req=NULL; 165221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY_CTX *genctx = NULL; 166221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const char *keyalg = NULL; 167221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom char *keyalgstr = NULL; 168392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom STACK_OF(OPENSSL_STRING) *pkeyopts = NULL, *sigopts = NULL; 169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *pkey=NULL; 170221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int i=0,badops=0,newreq=0,verbose=0,pkey_type=-1; 171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long newkey = -1; 172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *in=NULL,*out=NULL; 173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM; 174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0; 175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL; 176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *engine=NULL; 178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 179656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *extensions = NULL; 180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *req_exts = NULL; 181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const EVP_CIPHER *cipher=NULL; 182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_INTEGER *serial = NULL; 183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int modulus=0; 184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *inrand=NULL; 185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *passargin = NULL, *passargout = NULL; 186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *passin = NULL, *passout = NULL; 187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *p; 188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *subj = NULL; 189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int multirdn = 0; 190221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const EVP_MD *md_alg=NULL,*digest=NULL; 191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long chtype = MBSTRING_ASC; 192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef MONOLITH 193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *to_free; 194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long errline; 195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req_conf = NULL; 198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DES 199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cipher=EVP_des_ede3_cbc(); 200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project apps_startup(); 202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_err == NULL) 204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((bio_err=BIO_new(BIO_s_file())) != NULL) 205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); 206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project infile=NULL; 208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project outfile=NULL; 209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project informat=FORMAT_PEM; 210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project outformat=FORMAT_PEM; 211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project prog=argv[0]; 213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argc--; 214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argv++; 215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (argc >= 1) 216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (strcmp(*argv,"-inform") == 0) 218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project informat=str2fmt(*(++argv)); 221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-outform") == 0) 223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project outformat=str2fmt(*(++argv)); 226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-engine") == 0) 229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project engine= *(++argv); 232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 233221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (strcmp(*argv,"-keygen_engine") == 0) 234221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 235221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (--argc < 1) goto bad; 236221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom gen_eng = ENGINE_by_id(*(++argv)); 237221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (gen_eng == NULL) 238221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 239221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err, "Can't find keygen engine %s\n", *argv); 240221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto end; 241221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 242221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-key") == 0) 245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project keyfile= *(++argv); 248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-pubkey") == 0) 250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pubkey=1; 252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 253656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-new") == 0) 254656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 255656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project newreq=1; 256656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 257656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-config") == 0) 258656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project template= *(++argv); 261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-keyform") == 0) 263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project keyform=str2fmt(*(++argv)); 266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-in") == 0) 268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project infile= *(++argv); 271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-out") == 0) 273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project outfile= *(++argv); 276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-keyout") == 0) 278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project keyout= *(++argv); 281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-passin") == 0) 283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project passargin= *(++argv); 286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-passout") == 0) 288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project passargout= *(++argv); 291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-rand") == 0) 293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project inrand= *(++argv); 296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-newkey") == 0) 298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 299221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (--argc < 1) 300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto bad; 301221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom keyalg = *(++argv); 302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project newreq=1; 303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 304221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (strcmp(*argv,"-pkeyopt") == 0) 305221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 306221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (--argc < 1) 307221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto bad; 308221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!pkeyopts) 309221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom pkeyopts = sk_OPENSSL_STRING_new_null(); 310221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!pkeyopts || !sk_OPENSSL_STRING_push(pkeyopts, *(++argv))) 311221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto bad; 312221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 313392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-sigopt") == 0) 314392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 315392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) 316392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto bad; 317392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!sigopts) 318392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sigopts = sk_OPENSSL_STRING_new_null(); 319392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv))) 320392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto bad; 321392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 322656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-batch") == 0) 323656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project batch=1; 324656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-newhdr") == 0) 325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project newhdr=1; 326656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-modulus") == 0) 327656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project modulus=1; 328656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-verify") == 0) 329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify=1; 330656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nodes") == 0) 331656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project nodes=1; 332656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-noout") == 0) 333656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project noout=1; 334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-verbose") == 0) 335656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verbose=1; 336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-utf8") == 0) 337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project chtype = MBSTRING_UTF8; 338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nameopt") == 0) 339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 340656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!set_name_ex(&nmflag, *(++argv))) goto bad; 342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-reqopt") == 0) 344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!set_cert_ex(&reqflag, *(++argv))) goto bad; 347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-subject") == 0) 349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project subject=1; 350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-text") == 0) 351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project text=1; 352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-x509") == 0) 353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project x509=1; 354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-asn1-kludge") == 0) 355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project kludge=1; 356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no-asn1-kludge") == 0) 357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project kludge=0; 358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-subj") == 0) 359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project subj= *(++argv); 362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-multivalue-rdn") == 0) 364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project multirdn=1; 365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-days") == 0) 366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project days= atoi(*(++argv)); 369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (days == 0) days=30; 370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-set_serial") == 0) 372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project serial = s2i_ASN1_INTEGER(NULL, *(++argv)); 375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!serial) goto bad; 376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-extensions") == 0) 378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project extensions = *(++argv); 381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-reqexts") == 0) 383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req_exts = *(++argv); 386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 387221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL) 388221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 389221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* ok */ 390221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom digest=md_alg; 391221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"unknown option %s\n",*argv); 395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project badops=1; 396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argc--; 399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argv++; 400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (badops) 403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectbad: 405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); 406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"where options are\n"); 407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); 408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); 409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -in arg input file\n"); 410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -out arg output file\n"); 411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -text text form of request\n"); 412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -pubkey output public key\n"); 413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -noout do not output REQ\n"); 414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -verify verify signature on REQ\n"); 415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -modulus RSA modulus\n"); 416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nodes don't encrypt the output key\n"); 417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -engine e use engine e, possibly a hardware device\n"); 419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -subject output the request's subject\n"); 421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -passin private key password source\n"); 422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -key file use the private key contained in file\n"); 423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -keyform arg key file format\n"); 424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -keyout arg file to send the key to\n"); 425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," load the file (or the files in the directory) into\n"); 427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," the random number generator\n"); 428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n"); 429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n"); 430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ECDSA 431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -newkey ec:file generate a new EC key, parameters taken from CA in 'file'\n"); 432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)\n"); 434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -config file request template file.\n"); 435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -subj arg set or modify request subject\n"); 436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -multivalue-rdn enable support for multivalued RDNs\n"); 437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -new new request.\n"); 438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -batch do not ask anything during request generation\n"); 439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -x509 output a x509 structure instead of a cert. req.\n"); 440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -days number of days a certificate generated by -x509 is valid for.\n"); 441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -set_serial serial number to use for a certificate generated by -x509.\n"); 442656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -newhdr output \"NEW\" in the header lines\n"); 443656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -asn1-kludge Output the 'request' in a format that is wrong but some CA's\n"); 444656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," have been reported as requiring\n"); 445656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n"); 446656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n"); 447656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n"); 448656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nameopt arg - various certificate name options\n"); 449656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -reqopt arg - various request text options\n\n"); 450656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 451656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 452656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 453656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_load_crypto_strings(); 454656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { 455656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Error getting passwords\n"); 456656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 457656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 458656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 459656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef MONOLITH /* else this has happened in openssl.c (global `config') */ 460656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Lets load up our environment a little */ 461656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=getenv("OPENSSL_CONF"); 462656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p == NULL) 463656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=getenv("SSLEAY_CONF"); 464656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p == NULL) 465656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=to_free=make_config_name(); 466656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project default_config_file=p; 467656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project config=NCONF_new(NULL); 468656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=NCONF_load(config, p, &errline); 469656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 470656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (template != NULL) 472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long errline = -1; 474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if( verbose ) 476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Using configuration from %s\n",template); 477656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req_conf=NCONF_new(NULL); 478656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=NCONF_load(req_conf,template,&errline); 479656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i == 0) 480656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 481656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"error on line %ld of %s\n",errline,template); 482656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 483656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 484656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 485656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 486656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 487656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req_conf=config; 488656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (req_conf == NULL) 490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Unable to load config info from %s\n", default_config_file); 492656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (newreq) 493656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 494656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 495656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if( verbose ) 496656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Using configuration from %s\n", 497656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project default_config_file); 498656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 499656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 500656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (req_conf != NULL) 501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 502656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!load_config(bio_err, req_conf)) 503656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 504656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=NCONF_get_string(req_conf,NULL,"oid_file"); 505656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p == NULL) 506656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 507656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p != NULL) 508656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 509656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *oid_bio; 510656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 511656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project oid_bio=BIO_new_file(p,"r"); 512656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (oid_bio == NULL) 513656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 514656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* 515656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"problems opening %s for extra oid's\n",p); 516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 518656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 519656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OBJ_create_objects(oid_bio); 522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(oid_bio); 523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!add_oid_section(bio_err, req_conf)) goto end; 527656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 528656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (md_alg == NULL) 529656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 530656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=NCONF_get_string(req_conf,SECTION,"default_md"); 531656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p == NULL) 532656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 533656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p != NULL) 534656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 535656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((md_alg=EVP_get_digestbyname(p)) != NULL) 536656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project digest=md_alg; 537656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 538656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 539656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 540656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!extensions) 541656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 542656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project extensions = NCONF_get_string(req_conf, SECTION, V3_EXTENSIONS); 543656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!extensions) 544656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 545656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 546656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (extensions) { 547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Check syntax of file */ 548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_CTX ctx; 549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_set_ctx_test(&ctx); 550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_set_nconf(&ctx, req_conf); 551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!X509V3_EXT_add_nconf(req_conf, &ctx, extensions, NULL)) { 552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "Error Loading extension section %s\n", extensions); 554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 555656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 556656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 557656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 558656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!passin) 559656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 560656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project passin = NCONF_get_string(req_conf, SECTION, "input_password"); 561656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!passin) 562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!passout) 566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project passout = NCONF_get_string(req_conf, SECTION, "output_password"); 568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!passout) 569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p = NCONF_get_string(req_conf, SECTION, STRING_MASK); 573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!p) 574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 576656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(p && !ASN1_STRING_set_default_mask_asc(p)) { 577656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Invalid global string mask setting %s\n", p); 578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (chtype != MBSTRING_UTF8) 582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p = NCONF_get_string(req_conf, SECTION, UTF8_IN); 584656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!p) 585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (!strcmp(p, "yes")) 587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project chtype = MBSTRING_UTF8; 588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 591656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!req_exts) 592656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 593656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req_exts = NCONF_get_string(req_conf, SECTION, REQ_EXTENSIONS); 594656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!req_exts) 595656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 596656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(req_exts) { 598656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Check syntax of file */ 599656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_CTX ctx; 600656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_set_ctx_test(&ctx); 601656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_set_nconf(&ctx, req_conf); 602656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!X509V3_EXT_add_nconf(req_conf, &ctx, req_exts, NULL)) { 603656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 604656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "Error Loading request extension section %s\n", 605656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req_exts); 606656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 608656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 609656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 610656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project in=BIO_new(BIO_s_file()); 611656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project out=BIO_new(BIO_s_file()); 612656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((in == NULL) || (out == NULL)) 613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 615656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 616656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project e = setup_engine(bio_err, engine, 0); 617656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 618656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 619656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (keyfile != NULL) 620656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 621656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pkey = load_key(bio_err, keyfile, keyform, 0, passin, e, 622656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "Private Key"); 623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!pkey) 624656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 625656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* load_key() has already printed an appropriate 626656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project message */ 627656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 628656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 629656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 630656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 631656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE"); 632656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (randfile == NULL) 633656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 634656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project app_RAND_load_file(randfile, bio_err, 0); 635656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 636656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 637656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 638656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (newreq && (pkey == NULL)) 639656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 640656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE"); 641656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (randfile == NULL) 642656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 643656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project app_RAND_load_file(randfile, bio_err, 0); 644656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inrand) 645656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project app_RAND_load_files(inrand); 646221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 6477f7ea2d72f2e316ba518e82f06513e3477840c15Kenny Root if (!NCONF_get_number(req_conf,SECTION,BITS, &newkey)) 6487f7ea2d72f2e316ba518e82f06513e3477840c15Kenny Root { 6497f7ea2d72f2e316ba518e82f06513e3477840c15Kenny Root newkey=DEFAULT_KEY_LENGTH; 6507f7ea2d72f2e316ba518e82f06513e3477840c15Kenny Root } 6517f7ea2d72f2e316ba518e82f06513e3477840c15Kenny Root 652221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (keyalg) 653221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 654221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom genctx = set_keygen_ctx(bio_err, keyalg, &pkey_type, &newkey, 655221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom &keyalgstr, gen_eng); 656221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!genctx) 657221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto end; 658221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 659656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 660221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (newkey < MIN_KEY_LENGTH && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA)) 661656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 662656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"private key length is too short,\n"); 663656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"it needs to be at least %d bits, not %ld\n",MIN_KEY_LENGTH,newkey); 664656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 665656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 666656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 667221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!genctx) 668221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 669221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom genctx = set_keygen_ctx(bio_err, NULL, &pkey_type, &newkey, 670221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom &keyalgstr, gen_eng); 671221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!genctx) 672656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 673656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 674221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 675221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (pkeyopts) 676656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 677221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom char *genopt; 678221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom for (i = 0; i < sk_OPENSSL_STRING_num(pkeyopts); i++) 679221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 680221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom genopt = sk_OPENSSL_STRING_value(pkeyopts, i); 681221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (pkey_ctrl_string(genctx, genopt) <= 0) 682221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 683221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err, 684221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom "parameter error \"%s\"\n", 685221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom genopt); 686221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ERR_print_errors(bio_err); 687221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto end; 688221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 689221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 690656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 691221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 692221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"Generating a %ld bit %s private key\n", 693221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom newkey, keyalgstr); 694221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 695221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY_CTX_set_cb(genctx, genpkey_cb); 696221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY_CTX_set_app_data(genctx, bio_err); 697221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 698221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (EVP_PKEY_keygen(genctx, &pkey) <= 0) 699656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 700221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(bio_err, "Error Generating Key\n"); 701221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto end; 702656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 703656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 704221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY_CTX_free(genctx); 705221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom genctx = NULL; 706656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 707221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom app_RAND_write_file(randfile, bio_err); 708656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 709656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (keyout == NULL) 710656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 711656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project keyout=NCONF_get_string(req_conf,SECTION,KEYFILE); 712656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (keyout == NULL) 713656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 714656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 715656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 716656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (keyout == NULL) 717656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 718656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"writing new private key to stdout\n"); 719656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_fp(out,stdout,BIO_NOCLOSE); 720656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef OPENSSL_SYS_VMS 721656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 722656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *tmpbio = BIO_new(BIO_f_linebuffer()); 723656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project out = BIO_push(tmpbio, out); 724656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 725656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 726656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 727656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 728656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 729656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"writing new private key to '%s'\n",keyout); 730656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_write_filename(out,keyout) <= 0) 731656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 732656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project perror(keyout); 733656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 734656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 735656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 736656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 737656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=NCONF_get_string(req_conf,SECTION,"encrypt_rsa_key"); 738656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p == NULL) 739656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 740656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 741656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=NCONF_get_string(req_conf,SECTION,"encrypt_key"); 742656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p == NULL) 743656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 744656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 745656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((p != NULL) && (strcmp(p,"no") == 0)) 746656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cipher=NULL; 747656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (nodes) cipher=NULL; 748656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 749656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=0; 750656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectloop: 751656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!PEM_write_bio_PrivateKey(out,pkey,cipher, 752656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL,0,NULL,passout)) 753656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 754656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((ERR_GET_REASON(ERR_peek_error()) == 755656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_R_PROBLEMS_GETTING_PASSWORD) && (i < 3)) 756656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 757656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 758656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i++; 759656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto loop; 760656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 761656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 762656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 763656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"-----\n"); 764656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 765656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 766656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!newreq) 767656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 768656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Since we are using a pre-existing certificate 769656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * request, the kludge 'format' info should not be 770656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * changed. */ 771656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project kludge= -1; 772656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (infile == NULL) 773656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_fp(in,stdin,BIO_NOCLOSE); 774656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 775656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 776656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_read_filename(in,infile) <= 0) 777656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 778656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project perror(infile); 779656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 780656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 781656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 782656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 783656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (informat == FORMAT_ASN1) 784656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req=d2i_X509_REQ_bio(in,NULL); 785656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (informat == FORMAT_PEM) 786656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL); 787656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 788656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 789656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"bad input format specified for X509 request\n"); 790656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 791656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 792656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (req == NULL) 793656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 794656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"unable to load X509 request\n"); 795656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 796656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 797656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 798656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 799656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (newreq || x509) 800656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 801656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (pkey == NULL) 802656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 803656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"you need to specify a private key\n"); 804656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 805656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 806221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 807656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (req == NULL) 808656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 809656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req=X509_REQ_new(); 810656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (req == NULL) 811656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 812656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 813656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 814656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 815656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=make_REQ(req,pkey,subj,multirdn,!x509, chtype); 816656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project subj=NULL; /* done processing '-subj' option */ 817656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((kludge > 0) && !sk_X509_ATTRIBUTE_num(req->req_info->attributes)) 818656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 819656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_X509_ATTRIBUTE_free(req->req_info->attributes); 820656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req->req_info->attributes = NULL; 821656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 822656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!i) 823656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 824656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"problems making Certificate Request\n"); 825656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 826656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 827656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 828656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (x509) 829656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 830656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *tmppkey; 831656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_CTX ext_ctx; 832656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((x509ss=X509_new()) == NULL) goto end; 833656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 834656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Set version to V3 */ 835656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(extensions && !X509_set_version(x509ss, 2)) goto end; 836656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (serial) 837656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 838656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_set_serialNumber(x509ss, serial)) goto end; 839656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 840656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 841656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 842656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!rand_serial(NULL, 843656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_get_serialNumber(x509ss))) 844656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 845656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 846656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 847656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req))) goto end; 848656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_gmtime_adj(X509_get_notBefore(x509ss),0)) goto end; 849221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!X509_time_adj_ex(X509_get_notAfter(x509ss), days, 0, NULL)) goto end; 850656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) goto end; 851656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tmppkey = X509_REQ_get_pubkey(req); 852656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!tmppkey || !X509_set_pubkey(x509ss,tmppkey)) goto end; 853656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(tmppkey); 854656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 855656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Set up V3 context struct */ 856656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 857656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_set_ctx(&ext_ctx, x509ss, x509ss, NULL, NULL, 0); 858656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_set_nconf(&ext_ctx, req_conf); 859656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 860656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Add extensions */ 861656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(extensions && !X509V3_EXT_add_nconf(req_conf, 862656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &ext_ctx, extensions, x509ss)) 863656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 864656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 865656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "Error Loading extension section %s\n", 866656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project extensions); 867656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 868656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 869392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 870392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom i=do_X509_sign(bio_err, x509ss, pkey, digest, sigopts); 871392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!i) 872221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 873221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ERR_print_errors(bio_err); 874656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 875221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 876656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 877656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 878656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 879656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_CTX ext_ctx; 880656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 881656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Set up V3 context struct */ 882656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 883656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_set_ctx(&ext_ctx, NULL, NULL, req, NULL, 0); 884656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_set_nconf(&ext_ctx, req_conf); 885656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 886656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Add extensions */ 887656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(req_exts && !X509V3_EXT_REQ_add_nconf(req_conf, 888656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &ext_ctx, req_exts, req)) 889656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 890656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 891656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "Error Loading extension section %s\n", 892656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req_exts); 893656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 894656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 895392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom i=do_X509_REQ_sign(bio_err, req, pkey, digest, sigopts); 896392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!i) 897221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 898221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ERR_print_errors(bio_err); 899656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 900221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 901656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 902656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 903656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 904656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (subj && x509) 905656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 906656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Cannot modifiy certificate subject\n"); 907656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 908656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 909656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 910656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (subj && !x509) 911656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 912656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (verbose) 913656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 914656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Modifying Request's Subject\n"); 915656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_name(bio_err, "old subject=", X509_REQ_get_subject_name(req), nmflag); 916656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 917656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 918656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (build_subject(req, subj, chtype, multirdn) == 0) 919656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 920656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "ERROR: cannot modify subject\n"); 921656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ex=1; 922656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 923656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 924656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 925656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req->req_info->enc.modified = 1; 926656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 927656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (verbose) 928656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 929656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_name(bio_err, "new subject=", X509_REQ_get_subject_name(req), nmflag); 930656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 931656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 932656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 933656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (verify && !x509) 934656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 935656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int tmp=0; 936656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 937656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (pkey == NULL) 938656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 939656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pkey=X509_REQ_get_pubkey(req); 940656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tmp=1; 941656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (pkey == NULL) goto end; 942656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 943656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 944656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=X509_REQ_verify(req,pkey); 945656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (tmp) { 946656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(pkey); 947656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pkey=NULL; 948656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 949656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 950656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i < 0) 951656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 952656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 953656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 954656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (i == 0) 955656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 956656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"verify failure\n"); 957656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 958656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 959656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else /* if (i > 0) */ 960656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"verify OK\n"); 961656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 962656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 963656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (noout && !text && !modulus && !subject && !pubkey) 964656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 965656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ex=0; 966656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 967656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 968656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 969656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (outfile == NULL) 970656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 971656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_fp(out,stdout,BIO_NOCLOSE); 972656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef OPENSSL_SYS_VMS 973656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 974656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *tmpbio = BIO_new(BIO_f_linebuffer()); 975656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project out = BIO_push(tmpbio, out); 976656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 977656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 978656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 979656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 980656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 981656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((keyout != NULL) && (strcmp(outfile,keyout) == 0)) 982656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=(int)BIO_append_filename(out,outfile); 983656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 984656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=(int)BIO_write_filename(out,outfile); 985656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!i) 986656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 987656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project perror(outfile); 988656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 989656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 990656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 991656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 992656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (pubkey) 993656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 994656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *tpubkey; 995656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tpubkey=X509_REQ_get_pubkey(req); 996656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (tpubkey == NULL) 997656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 998656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Error getting public key\n"); 999656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1000656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1001656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1002656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_PUBKEY(out, tpubkey); 1003656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(tpubkey); 1004656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1005656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1006656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (text) 1007656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1008656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (x509) 1009656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_print_ex(out, x509ss, nmflag, reqflag); 1010656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1011656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_REQ_print_ex(out, req, nmflag, reqflag); 1012656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1013656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1014656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(subject) 1015656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1016656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(x509) 1017656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_name(out, "subject=", X509_get_subject_name(x509ss), nmflag); 1018656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1019656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_name(out, "subject=", X509_REQ_get_subject_name(req), nmflag); 1020656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1021656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1022656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (modulus) 1023656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1024656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *tpubkey; 1025656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1026656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (x509) 1027656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tpubkey=X509_get_pubkey(x509ss); 1028656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1029656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tpubkey=X509_REQ_get_pubkey(req); 1030656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (tpubkey == NULL) 1031656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1032656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fprintf(stdout,"Modulus=unavailable\n"); 1033656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1034656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1035656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fprintf(stdout,"Modulus="); 1036656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_RSA 1037221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA) 1038656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BN_print(out,tpubkey->pkey.rsa->n); 1039656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1040656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1041656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fprintf(stdout,"Wrong Algorithm type"); 1042656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(tpubkey); 1043656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fprintf(stdout,"\n"); 1044656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1045656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1046656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!noout && !x509) 1047656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1048656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (outformat == FORMAT_ASN1) 1049656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=i2d_X509_REQ_bio(out,req); 1050656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (outformat == FORMAT_PEM) { 1051656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(newhdr) i=PEM_write_bio_X509_REQ_NEW(out,req); 1052656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else i=PEM_write_bio_X509_REQ(out,req); 1053656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else { 1054656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"bad output format specified for outfile\n"); 1055656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1056656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1057656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!i) 1058656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1059656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"unable to write X509 request\n"); 1060656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1061656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1062656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1063656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!noout && x509 && (x509ss != NULL)) 1064656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1065656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (outformat == FORMAT_ASN1) 1066656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=i2d_X509_bio(out,x509ss); 1067656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (outformat == FORMAT_PEM) 1068656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=PEM_write_bio_X509(out,x509ss); 1069656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else { 1070656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"bad output format specified for outfile\n"); 1071656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1072656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1073656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!i) 1074656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1075656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"unable to write X509 certificate\n"); 1076656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1077656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1078656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1079656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ex=0; 1080656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectend: 1081656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef MONOLITH 1082656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(to_free) 1083656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(to_free); 1084656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1085656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ex) 1086656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1087656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1088656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1089656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((req_conf != NULL) && (req_conf != config)) NCONF_free(req_conf); 1090656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(in); 1091656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free_all(out); 1092656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(pkey); 1093221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (genctx) 1094221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY_CTX_free(genctx); 1095221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (pkeyopts) 1096221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom sk_OPENSSL_STRING_free(pkeyopts); 1097392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (sigopts) 1098392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sk_OPENSSL_STRING_free(sigopts); 1099221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 1100221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (gen_eng) 1101221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ENGINE_free(gen_eng); 1102221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1103221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (keyalgstr) 1104221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom OPENSSL_free(keyalgstr); 1105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_REQ_free(req); 1106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(x509ss); 1107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_INTEGER_free(serial); 1108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(passargin && passin) OPENSSL_free(passin); 1109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(passargout && passout) OPENSSL_free(passout); 1110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OBJ_cleanup(); 1111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project apps_shutdown(); 1112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_EXIT(ex); 1113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int multirdn, 1116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int attribs, unsigned long chtype) 1117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=0,i; 1119656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char no_prompt = 0; 1120656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *dn_sk, *attr_sk = NULL; 1121656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *tmp, *dn_sect,*attr_sect; 1122656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1123656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tmp=NCONF_get_string(req_conf,SECTION,PROMPT); 1124656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (tmp == NULL) 1125656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 1126656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if((tmp != NULL) && !strcmp(tmp, "no")) no_prompt = 1; 1127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dn_sect=NCONF_get_string(req_conf,SECTION,DISTINGUISHED_NAME); 1129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dn_sect == NULL) 1130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"unable to find '%s' in config\n", 1132656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DISTINGUISHED_NAME); 1133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 1134656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1135656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dn_sk=NCONF_get_section(req_conf,dn_sect); 1136656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dn_sk == NULL) 1137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"unable to get '%s' section\n",dn_sect); 1139656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 1140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project attr_sect=NCONF_get_string(req_conf,SECTION,ATTRIBUTES); 1143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (attr_sect == NULL) 1144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 1146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project attr_sk=NULL; 1147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project attr_sk=NCONF_get_section(req_conf,attr_sect); 1151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (attr_sk == NULL) 1152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"unable to get '%s' section\n",attr_sect); 1154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 1155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* setup version number */ 1159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_REQ_set_version(req,0L)) goto err; /* version 1 */ 1160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (no_prompt) 1162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i = auto_info(req, dn_sk, attr_sk, attribs, chtype); 1163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (subj) 1166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i = build_subject(req, subj, chtype, multirdn); 1167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i = prompt_info(req, dn_sk, dn_sect, attr_sk, attr_sect, attribs, chtype); 1169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!i) goto err; 1171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_REQ_set_pubkey(req,pkey)) goto err; 1173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 1175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 1176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 1177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1179656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* 1180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * subject is expected to be in the format /type0=value0/type1=value1/type2=... 1181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * where characters may be escaped by \ 1182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int build_subject(X509_REQ *req, char *subject, unsigned long chtype, int multirdn) 1184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME *n; 1186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!(n = parse_name(subject, chtype, multirdn))) 1188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 1189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_REQ_set_subject_name(req, n)) 1191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_free(n); 1193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 1194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_free(n); 1196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 1197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 1198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int prompt_info(X509_REQ *req, 1201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect, 1202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect, int attribs, 1203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long chtype) 1204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 1206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *p,*q; 1207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char buf[100]; 1208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int nid, mval; 1209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long n_min,n_max; 1210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *type, *value; 1211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const char *def; 1212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CONF_VALUE *v; 1213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME *subj; 1214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project subj = X509_REQ_get_subject_name(req); 1215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!batch) 1217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"You are about to be asked to enter information that will be incorporated\n"); 1219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"into your certificate request.\n"); 1220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"What you are about to enter is what is called a Distinguished Name or a DN.\n"); 1221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"There are quite a few fields but you can leave some blank\n"); 1222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"For some fields there will be a default value,\n"); 1223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"If you enter '.', the field will be left blank.\n"); 1224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"-----\n"); 1225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sk_CONF_VALUE_num(dn_sk)) 1229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i= -1; 1231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstart: for (;;) 1232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i++; 1234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sk_CONF_VALUE_num(dn_sk) <= i) break; 1235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project v=sk_CONF_VALUE_value(dn_sk,i); 1237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=q=NULL; 1238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project type=v->name; 1239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!check_end(type,"_min") || !check_end(type,"_max") || 1240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project !check_end(type,"_default") || 1241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project !check_end(type,"_value")) continue; 1242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Skip past any leading X. X: X, etc to allow for 1243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * multiple instances 1244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for(p = v->name; *p ; p++) 1246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((*p == ':') || (*p == ',') || 1247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (*p == '.')) { 1248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p++; 1249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(*p) type = p; 1250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (*type == '+') 1253656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1254656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mval = -1; 1255656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project type++; 1256656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1257656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1258656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mval = 0; 1259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* If OBJ not recognised ignore it */ 1260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start; 1261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_snprintf(buf,sizeof buf,"%s_default",v->name) 1262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project >= (int)sizeof(buf)) 1263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Name '%s' too long\n",v->name); 1265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 1266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL) 1269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 1271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project def=""; 1272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_snprintf(buf,sizeof buf,"%s_value",v->name); 1275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((value=NCONF_get_string(req_conf,dn_sect,buf)) == NULL) 1276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 1278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project value=NULL; 1279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_snprintf(buf,sizeof buf,"%s_min",v->name); 1282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min)) 1283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 1285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project n_min = -1; 1286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_snprintf(buf,sizeof buf,"%s_max",v->name); 1289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max)) 1290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 1292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project n_max = -1; 1293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!add_DN_object(subj,v->value,def,value,nid, 1296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project n_min,n_max, chtype, mval)) 1297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 1298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (X509_NAME_entry_count(subj) == 0) 1300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"error, no objects specified in config file\n"); 1302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 1303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (attribs) 1306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((attr_sk != NULL) && (sk_CONF_VALUE_num(attr_sk) > 0) && (!batch)) 1308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"\nPlease enter the following 'extra' attributes\n"); 1310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"to be sent with your certificate request\n"); 1311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1313656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i= -1; 1314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstart2: for (;;) 1315656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i++; 1317656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((attr_sk == NULL) || 1318656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (sk_CONF_VALUE_num(attr_sk) <= i)) 1319656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1320656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1321656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project v=sk_CONF_VALUE_value(attr_sk,i); 1322656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project type=v->name; 1323656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((nid=OBJ_txt2nid(type)) == NID_undef) 1324656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto start2; 1325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1326656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_snprintf(buf,sizeof buf,"%s_default",type) 1327656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project >= (int)sizeof(buf)) 1328656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Name '%s' too long\n",v->name); 1330656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 1331656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1332656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1333656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((def=NCONF_get_string(req_conf,attr_sect,buf)) 1334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project == NULL) 1335656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 1337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project def=""; 1338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1340656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_snprintf(buf,sizeof buf,"%s_value",type); 1342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((value=NCONF_get_string(req_conf,attr_sect,buf)) 1343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project == NULL) 1344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 1346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project value=NULL; 1347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_snprintf(buf,sizeof buf,"%s_min",type); 1350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!NCONF_get_number(req_conf,attr_sect,buf, &n_min)) 1351221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1352221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ERR_clear_error(); 1353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project n_min = -1; 1354221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_snprintf(buf,sizeof buf,"%s_max",type); 1357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!NCONF_get_number(req_conf,attr_sect,buf, &n_max)) 1358221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1359221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ERR_clear_error(); 1360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project n_max = -1; 1361221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!add_attribute_object(req, 1364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project v->value,def,value,nid,n_min,n_max, chtype)) 1365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 1366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"No template, please set one up.\n"); 1372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 1373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 1376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, 1380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *attr_sk, int attribs, unsigned long chtype) 1381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 1383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *p,*q; 1384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *type; 1385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CONF_VALUE *v; 1386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME *subj; 1387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project subj = X509_REQ_get_subject_name(req); 1389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) 1391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int mval; 1393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project v=sk_CONF_VALUE_value(dn_sk,i); 1394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=q=NULL; 1395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project type=v->name; 1396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Skip past any leading X. X: X, etc to allow for 1397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * multiple instances 1398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for(p = v->name; *p ; p++) 1400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef CHARSET_EBCDIC 1401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((*p == ':') || (*p == ',') || (*p == '.')) { 1402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((*p == os_toascii[':']) || (*p == os_toascii[',']) || (*p == os_toascii['.'])) { 1404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p++; 1406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(*p) type = p; 1407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef CHARSET_EBCDIC 1410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (*p == '+') 1411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (*p == os_toascii['+']) 1413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p++; 1416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mval = -1; 1417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mval = 0; 1420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_NAME_add_entry_by_txt(subj,type, chtype, 1421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (unsigned char *) v->value,-1,-1,mval)) return 0; 1422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_NAME_entry_count(subj)) 1426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"error, no objects specified in config file\n"); 1428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 1429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (attribs) 1431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i = 0; i < sk_CONF_VALUE_num(attr_sk); i++) 1433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project v=sk_CONF_VALUE_value(attr_sk,i); 1435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!X509_REQ_add1_attr_by_txt(req, v->name, chtype, 1436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (unsigned char *)v->value, -1)) return 0; 1437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 1440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1442656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1443656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int add_DN_object(X509_NAME *n, char *text, const char *def, char *value, 1444656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int nid, int n_min, int n_max, unsigned long chtype, int mval) 1445656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1446656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i,ret=0; 1447656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MS_STATIC char buf[1024]; 1448656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstart: 1449656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!batch) BIO_printf(bio_err,"%s [%s]:",text,def); 1450656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_err); 1451656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(value != NULL) 1452656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1453656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BUF_strlcpy(buf,value,sizeof buf); 1454656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BUF_strlcat(buf,"\n",sizeof buf); 1455656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"%s\n",value); 1456656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1457656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1458656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1459656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[0]='\0'; 1460656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!batch) 1461656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 146298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (!fgets(buf,sizeof buf,stdin)) 146398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom return 0; 1464656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1465656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1466656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1467656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[0] = '\n'; 1468656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[1] = '\0'; 1469656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1470656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[0] == '\0') return(0); 1473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (buf[0] == '\n') 1474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((def == NULL) || (def[0] == '\0')) 1476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 1477656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BUF_strlcpy(buf,def,sizeof buf); 1478656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BUF_strlcat(buf,"\n",sizeof buf); 1479656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1480656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if ((buf[0] == '.') && (buf[1] == '\n')) return(1); 1481656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1482656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=strlen(buf); 1483656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[i-1] != '\n') 1484656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1485656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"weird input :-(\n"); 1486656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(0); 1487656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1488656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[--i]='\0'; 1489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 1490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic2ascii(buf, buf, i); 1491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 149277c6be7176c48d2ce4d5979a84876d34204eedafKenny Root if(!req_check_len(i, n_min, n_max)) 149377c6be7176c48d2ce4d5979a84876d34204eedafKenny Root { 149477c6be7176c48d2ce4d5979a84876d34204eedafKenny Root if (batch || value) 149577c6be7176c48d2ce4d5979a84876d34204eedafKenny Root return 0; 149677c6be7176c48d2ce4d5979a84876d34204eedafKenny Root goto start; 149777c6be7176c48d2ce4d5979a84876d34204eedafKenny Root } 149877c6be7176c48d2ce4d5979a84876d34204eedafKenny Root 1499656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_NAME_add_entry_by_NID(n,nid, chtype, 1500656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (unsigned char *) buf, -1,-1,mval)) goto err; 1501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 1502656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 1503656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 1504656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1505656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1506656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int add_attribute_object(X509_REQ *req, char *text, const char *def, 1507656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *value, int nid, int n_min, 1508656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int n_max, unsigned long chtype) 1509656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1510656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 1511656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static char buf[1024]; 1512656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1513656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstart: 1514656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!batch) BIO_printf(bio_err,"%s [%s]:",text,def); 1515656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_err); 1516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (value != NULL) 1517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1518656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BUF_strlcpy(buf,value,sizeof buf); 1519656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BUF_strlcat(buf,"\n",sizeof buf); 1520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"%s\n",value); 1521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[0]='\0'; 1525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!batch) 1526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 152798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (!fgets(buf,sizeof buf,stdin)) 152898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom return 0; 1529656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1530656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1531656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1532656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[0] = '\n'; 1533656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[1] = '\0'; 1534656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1535656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1536656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1537656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[0] == '\0') return(0); 1538656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (buf[0] == '\n') 1539656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1540656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((def == NULL) || (def[0] == '\0')) 1541656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 1542656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BUF_strlcpy(buf,def,sizeof buf); 1543656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BUF_strlcat(buf,"\n",sizeof buf); 1544656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1545656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if ((buf[0] == '.') && (buf[1] == '\n')) return(1); 1546656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=strlen(buf); 1548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[i-1] != '\n') 1549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"weird input :-(\n"); 1551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(0); 1552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[--i]='\0'; 1554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 1555656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic2ascii(buf, buf, i); 1556656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 155777c6be7176c48d2ce4d5979a84876d34204eedafKenny Root if(!req_check_len(i, n_min, n_max)) 155877c6be7176c48d2ce4d5979a84876d34204eedafKenny Root { 155977c6be7176c48d2ce4d5979a84876d34204eedafKenny Root if (batch || value) 156077c6be7176c48d2ce4d5979a84876d34204eedafKenny Root return 0; 156177c6be7176c48d2ce4d5979a84876d34204eedafKenny Root goto start; 156277c6be7176c48d2ce4d5979a84876d34204eedafKenny Root } 1563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!X509_REQ_add1_attr_by_NID(req, nid, chtype, 1565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (unsigned char *)buf, -1)) { 1566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Error adding attribute\n"); 1567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 1569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 1572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 1573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(0); 1574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1576656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int req_check_len(int len, int n_min, int n_max) 1577656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((n_min > 0) && (len < n_min)) 1579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"string is too short, it needs to be at least %d bytes long\n",n_min); 1581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(0); 1582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((n_max >= 0) && (len > n_max)) 1584656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"string is too long, it needs to be less than %d bytes long\n",n_max); 1586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(0); 1587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 1589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1591656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Check if the end of a string matches 'end' */ 1592656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int check_end(const char *str, const char *end) 1593656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 1594656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int elen, slen; 1595656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const char *tmp; 1596656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project elen = strlen(end); 1597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project slen = strlen(str); 1598656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(elen > slen) return 1; 1599656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tmp = str + slen - elen; 1600656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return strcmp(tmp, end); 1601656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 1602221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1603221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type, 1604221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom long *pkeylen, char **palgnam, 1605221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ENGINE *keygen_engine) 1606221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1607221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY_CTX *gctx = NULL; 1608221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY *param = NULL; 1609221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom long keylen = -1; 1610221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO *pbio = NULL; 1611221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const char *paramfile = NULL; 1612221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1613221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (gstr == NULL) 1614221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1615221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom *pkey_type = EVP_PKEY_RSA; 1616221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom keylen = *pkeylen; 1617221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1618221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (gstr[0] >= '0' && gstr[0] <= '9') 1619221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1620221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom *pkey_type = EVP_PKEY_RSA; 1621221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom keylen = atol(gstr); 1622221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom *pkeylen = keylen; 1623221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1624221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (!strncmp(gstr, "param:", 6)) 1625221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom paramfile = gstr + 6; 1626221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 1627221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1628221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const char *p = strchr(gstr, ':'); 1629221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int len; 1630221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ENGINE *tmpeng; 1631221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const EVP_PKEY_ASN1_METHOD *ameth; 1632221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1633221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (p) 1634221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom len = p - gstr; 1635221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 1636221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom len = strlen(gstr); 1637221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* The lookup of a the string will cover all engines so 1638221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * keep a note of the implementation. 1639221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom */ 1640221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1641221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ameth = EVP_PKEY_asn1_find_str(&tmpeng, gstr, len); 1642221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1643221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!ameth) 1644221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1645221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(err, "Unknown algorithm %.*s\n", len, gstr); 1646221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return NULL; 1647221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1648221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1649221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY_asn1_get0_info(NULL, pkey_type, NULL, NULL, NULL, 1650221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ameth); 1651221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 1652221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (tmpeng) 1653221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ENGINE_finish(tmpeng); 1654221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1655221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (*pkey_type == EVP_PKEY_RSA) 1656221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1657221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (p) 1658221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1659221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom keylen = atol(p + 1); 1660221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom *pkeylen = keylen; 1661221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 16627f7ea2d72f2e316ba518e82f06513e3477840c15Kenny Root else 16637f7ea2d72f2e316ba518e82f06513e3477840c15Kenny Root keylen = *pkeylen; 1664221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1665221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (p) 1666221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom paramfile = p + 1; 1667221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1668221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1669221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (paramfile) 1670221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1671221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom pbio = BIO_new_file(paramfile, "r"); 1672221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!pbio) 1673221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1674221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(err, "Can't open parameter file %s\n", 1675221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom paramfile); 1676221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return NULL; 1677221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1678221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom param = PEM_read_bio_Parameters(pbio, NULL); 1679221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1680221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!param) 1681221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1682221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509 *x; 1683221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (void)BIO_reset(pbio); 1684221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom x = PEM_read_bio_X509(pbio, NULL, NULL, NULL); 1685221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (x) 1686221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1687221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom param = X509_get_pubkey(x); 1688221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509_free(x); 1689221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1690221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1691221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1692221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_free(pbio); 1693221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1694221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!param) 1695221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1696221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(err, "Error reading parameter file %s\n", 1697221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom paramfile); 1698221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return NULL; 1699221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1700221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (*pkey_type == -1) 1701221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom *pkey_type = EVP_PKEY_id(param); 1702221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (*pkey_type != EVP_PKEY_base_id(param)) 1703221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1704221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(err, "Key Type does not match parameters\n"); 1705221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY_free(param); 1706221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return NULL; 1707221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1708221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1709221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1710221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (palgnam) 1711221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1712221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const EVP_PKEY_ASN1_METHOD *ameth; 1713221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ENGINE *tmpeng; 1714221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const char *anam; 1715221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ameth = EVP_PKEY_asn1_find(&tmpeng, *pkey_type); 1716221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!ameth) 1717221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1718221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(err, "Internal error: can't find key algorithm\n"); 1719221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return NULL; 1720221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1721221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &anam, ameth); 1722221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom *palgnam = BUF_strdup(anam); 1723221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 1724221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (tmpeng) 1725221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ENGINE_finish(tmpeng); 1726221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1727221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1728221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1729221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (param) 1730221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1731221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom gctx = EVP_PKEY_CTX_new(param, keygen_engine); 1732221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom *pkeylen = EVP_PKEY_bits(param); 1733221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY_free(param); 1734221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1735221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 1736221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom gctx = EVP_PKEY_CTX_new_id(*pkey_type, keygen_engine); 1737221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1738221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!gctx) 1739221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1740221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(err, "Error allocating keygen context\n"); 1741221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ERR_print_errors(err); 1742221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return NULL; 1743221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1744221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1745221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (EVP_PKEY_keygen_init(gctx) <= 0) 1746221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1747221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(err, "Error initializing keygen context\n"); 1748221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ERR_print_errors(err); 1749221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return NULL; 1750221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1751221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_RSA 1752221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if ((*pkey_type == EVP_PKEY_RSA) && (keylen != -1)) 1753221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1754221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (EVP_PKEY_CTX_set_rsa_keygen_bits(gctx, keylen) <= 0) 1755221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1756221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(err, "Error setting RSA keysize\n"); 1757221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ERR_print_errors(err); 1758221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom EVP_PKEY_CTX_free(gctx); 1759221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return NULL; 1760221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1761221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1762221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1763221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1764221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return gctx; 1765221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1766221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1767221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int genpkey_cb(EVP_PKEY_CTX *ctx) 1768221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1769221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom char c='*'; 1770221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO *b = EVP_PKEY_CTX_get_app_data(ctx); 1771221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int p; 1772221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom p = EVP_PKEY_CTX_get_keygen_info(ctx, 0); 1773221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (p == 0) c='.'; 1774221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (p == 1) c='+'; 1775221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (p == 2) c='*'; 1776221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (p == 3) c='\n'; 1777221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_write(b,&c,1); 1778221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (void)BIO_flush(b); 1779221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifdef LINT 1780221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom p=n; 1781221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1782221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 1783221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1784392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1785392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int do_sign_init(BIO *err, EVP_MD_CTX *ctx, EVP_PKEY *pkey, 1786392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom const EVP_MD *md, STACK_OF(OPENSSL_STRING) *sigopts) 1787392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1788392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_PKEY_CTX *pkctx = NULL; 1789392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int i; 1790392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_MD_CTX_init(ctx); 1791392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!EVP_DigestSignInit(ctx, &pkctx, md, NULL, pkey)) 1792392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 1793392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) 1794392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1795392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *sigopt = sk_OPENSSL_STRING_value(sigopts, i); 1796392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (pkey_ctrl_string(pkctx, sigopt) <= 0) 1797392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1798392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(err, "parameter error \"%s\"\n", sigopt); 1799392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ERR_print_errors(bio_err); 1800392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 1801392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1802392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1803392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 1804392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1805392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1806392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromint do_X509_sign(BIO *err, X509 *x, EVP_PKEY *pkey, const EVP_MD *md, 1807392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom STACK_OF(OPENSSL_STRING) *sigopts) 1808392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1809392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int rv; 1810392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_MD_CTX mctx; 1811392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_MD_CTX_init(&mctx); 1812392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom rv = do_sign_init(err, &mctx, pkey, md, sigopts); 1813392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (rv > 0) 1814392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom rv = X509_sign_ctx(x, &mctx); 1815392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_MD_CTX_cleanup(&mctx); 1816392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return rv > 0 ? 1 : 0; 1817392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1818392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1819392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1820392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromint do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md, 1821392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom STACK_OF(OPENSSL_STRING) *sigopts) 1822392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1823392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int rv; 1824392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_MD_CTX mctx; 1825392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_MD_CTX_init(&mctx); 1826392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom rv = do_sign_init(err, &mctx, pkey, md, sigopts); 1827392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (rv > 0) 1828392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom rv = X509_REQ_sign_ctx(x, &mctx); 1829392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_MD_CTX_cleanup(&mctx); 1830392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return rv > 0 ? 1 : 0; 1831392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1832392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1833392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1834392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1835392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromint do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md, 1836392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom STACK_OF(OPENSSL_STRING) *sigopts) 1837392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1838392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int rv; 1839392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_MD_CTX mctx; 1840392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_MD_CTX_init(&mctx); 1841392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom rv = do_sign_init(err, &mctx, pkey, md, sigopts); 1842392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (rv > 0) 1843392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom rv = X509_CRL_sign_ctx(x, &mctx); 1844392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_MD_CTX_cleanup(&mctx); 1845392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return rv > 0 ? 1 : 0; 1846392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1847392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1848392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1849