X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=apps%2Fdgst.c;h=c3e37be41fa159d4a28d388ffdb606a3495cde9a;hb=a08ee55e2d265f3c73964baef8cefc5ecbe79a02;hp=5d5ab94aea01ee5a1b7005d7be28ba0976ba27cb;hpb=623eea376a7bff6d50c88407c10f279e6f838de4;p=openssl.git diff --git a/apps/dgst.c b/apps/dgst.c index 5d5ab94aea..c3e37be41f 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -73,13 +73,14 @@ #undef PROG #define PROG dgst_main -void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout, - EVP_PKEY *key, unsigned char *sigin, unsigned int siglen); +void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, + EVP_PKEY *key, unsigned char *sigin, int siglen); int MAIN(int, char **); int MAIN(int argc, char **argv) { + ENGINE *e = NULL; unsigned char *buf=NULL; int i,err=0; const EVP_MD *md=NULL,*m; @@ -91,12 +92,14 @@ int MAIN(int argc, char **argv) char pname[PROG_NAME_SIZE]; int separator=0; int debug=0; + int keyform=FORMAT_PEM; const char *outfile = NULL, *keyfile = NULL; const char *sigfile = NULL, *randfile = NULL; - char out_bin = -1, want_pub = 0, do_verify = 0; + int out_bin = -1, want_pub = 0, do_verify = 0; EVP_PKEY *sigkey = NULL; unsigned char *sigbuf = NULL; - unsigned int siglen = 0; + int siglen = 0; + char *engine=NULL; apps_startup(); @@ -109,6 +112,9 @@ int MAIN(int argc, char **argv) if ((bio_err=BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); + if (!load_config(bio_err, NULL)) + goto end; + /* first check the program name */ program_name(argv[0],pname,PROG_NAME_SIZE); @@ -154,6 +160,16 @@ int MAIN(int argc, char **argv) if (--argc < 1) break; sigfile=*(++argv); } + else if (strcmp(*argv,"-keyform") == 0) + { + if (--argc < 1) break; + keyform=str2fmt(*(++argv)); + } + else if (strcmp(*argv,"-engine") == 0) + { + if (--argc < 1) break; + engine= *(++argv); + } else if (strcmp(*argv,"-hex") == 0) out_bin = 0; else if (strcmp(*argv,"-binary") == 0) @@ -188,8 +204,10 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"-sign file sign digest using private key in file\n"); BIO_printf(bio_err,"-verify file verify a signature using public key in file\n"); BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n"); + BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n"); BIO_printf(bio_err,"-signature file signature to verify\n"); BIO_printf(bio_err,"-binary output in binary form\n"); + BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n", LN_md5,LN_md5); @@ -209,6 +227,8 @@ int MAIN(int argc, char **argv) goto end; } + e = setup_engine(bio_err, engine, 0); + in=BIO_new(BIO_s_file()); bmd=BIO_new(BIO_f_md()); if (debug) @@ -236,7 +256,15 @@ int MAIN(int argc, char **argv) if(out_bin) out = BIO_new_file(outfile, "wb"); else out = BIO_new_file(outfile, "w"); - } else out = BIO_new_fp(stdout, BIO_NOCLOSE); + } else { + out = BIO_new_fp(stdout, BIO_NOCLOSE); +#ifdef OPENSSL_SYS_VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } if(!out) { BIO_printf(bio_err, "Error opening output file %s\n", @@ -245,27 +273,21 @@ int MAIN(int argc, char **argv) goto end; } - if(keyfile) { - BIO *keybio; - keybio = BIO_new_file(keyfile, "r"); - if(!keybio) { - BIO_printf(bio_err, "Error opening key file %s\n", - keyfile); - ERR_print_errors(bio_err); - goto end; - } - - if(want_pub) - sigkey = PEM_read_bio_PUBKEY(keybio, NULL, NULL, NULL); - else sigkey = PEM_read_bio_PrivateKey(keybio, NULL, NULL, NULL); - BIO_free(keybio); - if(!sigkey) { - BIO_printf(bio_err, "Error reading key file %s\n", - keyfile); - ERR_print_errors(bio_err); + if(keyfile) + { + if (want_pub) + sigkey = load_pubkey(bio_err, keyfile, keyform, NULL, + e, "key file"); + else + sigkey = load_key(bio_err, keyfile, keyform, NULL, + e, "key file"); + if (!sigkey) + { + /* load_[pub]key() has already printed an appropriate + message */ goto end; + } } - } if(sigfile && sigkey) { BIO *sigbio; @@ -280,7 +302,7 @@ int MAIN(int argc, char **argv) } siglen = BIO_read(sigbio, sigbuf, siglen); BIO_free(sigbio); - if(siglen == 0) { + if(siglen <= 0) { BIO_printf(bio_err, "Error reading signature file %s\n", sigfile); ERR_print_errors(bio_err); @@ -323,15 +345,16 @@ end: OPENSSL_free(buf); } if (in != NULL) BIO_free(in); - BIO_free(out); + BIO_free_all(out); EVP_PKEY_free(sigkey); if(sigbuf) OPENSSL_free(sigbuf); if (bmd != NULL) BIO_free(bmd); + apps_shutdown(); EXIT(err); } -void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout, - EVP_PKEY *key, unsigned char *sigin, unsigned int siglen) +void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, + EVP_PKEY *key, unsigned char *sigin, int siglen) { int len; int i; @@ -345,7 +368,7 @@ void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout, { EVP_MD_CTX *ctx; BIO_get_md_ctx(bp, &ctx); - i = EVP_VerifyFinal(ctx, sigin, siglen, key); + i = EVP_VerifyFinal(ctx, sigin, (unsigned int)siglen, key); if(i > 0) BIO_printf(out, "Verified OK\n"); else if(i == 0) BIO_printf(out, "Verification Failure\n"); else