# include <openssl/dsa.h>
#endif
-DEFINE_STACK_OF(ASN1_OBJECT)
-DEFINE_STACK_OF(X509_EXTENSION)
-DEFINE_STACK_OF_STRING()
-
#undef POSTFIX
#define POSTFIX ".srl"
#define DEF_DAYS 30
{"inform", OPT_INFORM, 'f',
"CSR input format (DER or PEM) - default PEM"},
{"in", OPT_IN, '<', "Input file - default stdin"},
- {"passin", OPT_PASSIN, 's', "Private key password/pass-phrase source"},
+ {"passin", OPT_PASSIN, 's', "Private key and cert file pass-phrase source"},
{"outform", OPT_OUTFORM, 'f',
"Output format (DER or PEM) - default PEM"},
{"out", OPT_OUT, '>', "Output file - default stdout"},
char *subj = NULL;
X509_NAME *fsubj = NULL;
const unsigned long chtype = MBSTRING_ASC;
- const int multirdn = 0;
+ const int multirdn = 1;
STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL;
STACK_OF(OPENSSL_STRING) *sigopts = NULL, *vfyopts = NULL;
X509 *x = NULL, *xca = NULL;
goto end;
}
if (fkeyfile != NULL) {
- fkey = load_pubkey(fkeyfile, keyformat, 0, NULL, e, "Forced key");
+ fkey = load_pubkey(fkeyfile, keyformat, 0, NULL, e, "forced key");
if (fkey == NULL)
goto end;
}
"The -new option requires a subject to be set using -subj\n");
goto end;
}
- if (subj != NULL && (fsubj = parse_name(subj, chtype, multirdn)) == NULL)
+ if (subj != NULL
+ && (fsubj = parse_name(subj, chtype, multirdn, "subject")) == NULL)
goto end;
if (CAkeyfile == NULL && CA_flag && CAformat == FORMAT_PEM) {
if (!X509_set_pubkey(x, fkey != NULL ? fkey : X509_REQ_get0_pubkey(req)))
goto end;
} else {
- x = load_cert(infile, FORMAT_UNDEF, "Certificate");
+ x = load_cert_pass(infile, FORMAT_UNDEF, passin, "certificate");
if (x == NULL)
goto end;
if (fkey != NULL && !X509_set_pubkey(x, fkey))
}
if (CA_flag) {
- xca = load_cert(CAfile, CAformat, "CA Certificate");
+ xca = load_cert_pass(CAfile, CAformat, passin, "CA certificate");
if (xca == NULL)
goto end;
}
BIO_printf(bio_err, "Getting Private key\n");
if (Upkey == NULL) {
Upkey = load_key(keyfile, keyformat, 0,
- passin, e, "Private key");
+ passin, e, "private key");
if (Upkey == NULL)
goto end;
}
BIO_printf(bio_err, "Getting CA Private Key\n");
if (CAkeyfile != NULL) {
CApkey = load_key(CAkeyfile, CAkeyformat,
- 0, passin, e, "CA Private Key");
+ 0, passin, e, "CA private key");
if (CApkey == NULL)
goto end;
}
sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free);
ASN1_OBJECT_free(objtmp);
release_engine(e);
- OPENSSL_free(passin);
+ clear_free(passin);
return ret;
}