SM4 optimization for ARM by HW instruction

[openssl.git] / apps / verify.c

diff --git a/apps/verify.c b/apps/verify.c
index bf200b0fb65f6d153d76f9bc095b4cb67cd523bb..d504acd5b81ac04f4662594175ec76b8162ed6b6 100644 (file)
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -26,7 +26,7 @@ static int check(X509_STORE *ctx, const char *file,
 static int v_verbose = 0, vflags = 0;
 
 typedef enum OPTION_choice {
-    OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
+    OPT_COMMON,
     OPT_ENGINE, OPT_CAPATH, OPT_CAFILE, OPT_CASTORE,
     OPT_NOCAPATH, OPT_NOCAFILE, OPT_NOCASTORE,
     OPT_UNTRUSTED, OPT_TRUSTED, OPT_CRLFILE, OPT_CRL_DOWNLOAD, OPT_SHOW_CHAIN,
@@ -145,7 +145,7 @@ int verify_main(int argc, char **argv)
             break;
         case OPT_UNTRUSTED:
             /* Zero or more times */
-            if (!load_certs(opt_arg(), &untrusted, NULL,
+            if (!load_certs(opt_arg(), 0, &untrusted, NULL,
                             "untrusted certificates"))
                 goto end;
             break;
@@ -154,7 +154,7 @@ int verify_main(int argc, char **argv)
             noCAfile = 1;
             noCApath = 1;
             noCAstore = 1;
-            if (!load_certs(opt_arg(), &trusted, NULL, "trusted certificates"))
+            if (!load_certs(opt_arg(), 0, &trusted, NULL, "trusted certificates"))
                 goto end;
             break;
         case OPT_CRLFILE:
@@ -234,8 +234,8 @@ int verify_main(int argc, char **argv)
  end:
     X509_VERIFY_PARAM_free(vpm);
     X509_STORE_free(store);
-    sk_X509_pop_free(untrusted, X509_free);
-    sk_X509_pop_free(trusted, X509_free);
+    OSSL_STACK_OF_X509_free(untrusted);
+    OSSL_STACK_OF_X509_free(trusted);
     sk_X509_CRL_pop_free(crls, X509_CRL_free);
     sk_OPENSSL_STRING_free(vfyopts);
     release_engine(e);
@@ -253,7 +253,7 @@ static int check(X509_STORE *ctx, const char *file,
     STACK_OF(X509) *chain = NULL;
     int num_untrusted;
 
-    x = load_cert(file, "certificate file");
+    x = load_cert(file, FORMAT_UNDEF, "certificate file");
     if (x == NULL)
         goto end;
 
@@ -263,6 +263,7 @@ static int check(X509_STORE *ctx, const char *file,
             if (x509_ctrl_string(x, opt) <= 0) {
                 BIO_printf(bio_err, "parameter error \"%s\"\n", opt);
                 ERR_print_errors(bio_err);
+                X509_free(x);
                 return 0;
             }
         }
@@ -307,7 +308,7 @@ static int check(X509_STORE *ctx, const char *file,
                     BIO_printf(bio_out, " (untrusted)");
                 BIO_printf(bio_out, "\n");
             }
-            sk_X509_pop_free(chain, X509_free);
+            OSSL_STACK_OF_X509_free(chain);
         }
     } else {
         BIO_printf(bio_err,