}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
goto end;
- if (ciphername != NULL) {
- if (!opt_cipher(ciphername, &enc))
- goto opthelp;
- }
+ if (!opt_cipher_any(ciphername, &enc))
+ goto opthelp;
if (export_pkcs12) {
if ((options & INFO) != 0)
WARN_EXPORT("info");
/* Look for matching private key */
for (i = 0; i < sk_X509_num(certs); i++) {
x = sk_X509_value(certs, i);
- if (X509_check_private_key(x, key)) {
+ if (cert_matches_key(x, key)) {
ee_cert = x;
/* Zero keyid and alias */
X509_keyid_set1(ee_cert, NULL, 0);
infile);
goto export_end;
}
- } else {
- ee_cert = X509_dup(sk_X509_value(certs, 0)); /* take 1st cert */
}
}
int vret;
STACK_OF(X509) *chain2;
X509_STORE *store;
+ X509 *ee_cert_tmp = ee_cert;
+
+ /* Assume the first cert if we haven't got anything else */
+ if (ee_cert_tmp == NULL && certs != NULL)
+ ee_cert_tmp = sk_X509_value(certs, 0);
- if (ee_cert == NULL) {
+ if (ee_cert_tmp == NULL) {
BIO_printf(bio_err,
"No end entity certificate to check with -chain\n");
goto export_end;
== NULL)
goto export_end;
- vret = get_cert_chain(ee_cert, store, untrusted_certs, &chain2);
+ vret = get_cert_chain(ee_cert_tmp, store, untrusted_certs, &chain2);
X509_STORE_free(store);
if (vret == X509_V_OK) {
break;
case V_ASN1_UTF8STRING:
- BIO_printf(out, "%s\n", av->value.utf8string->data);
+ BIO_printf(out, "%.*s\n", av->value.utf8string->length,
+ av->value.utf8string->data);
break;
case V_ASN1_OCTET_STRING: