Make sure applications free up pkey structures and add netscape extension
[openssl.git] / apps / req.c
index 9b6041e..525995d 100644 (file)
@@ -1,5 +1,5 @@
 /* apps/req.c */
 /* apps/req.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,7 +60,7 @@
 #include <stdlib.h>
 #include <time.h>
 #include <string.h>
 #include <stdlib.h>
 #include <time.h>
 #include <string.h>
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "apps.h"
 #define APPS_WIN16
 #endif
 #include "apps.h"
@@ -111,7 +111,7 @@ static int add_attribute_object(STACK *n, char *text, char *def,
        char *value, int nid,int min,int max);
 static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
        int nid,int min,int max);
        char *value, int nid,int min,int max);
 static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
        int nid,int min,int max);
-static void MS_CALLBACK req_cb(int p,int n);
+static void MS_CALLBACK req_cb(int p,int n,char *arg);
 static int req_fix_data(int nid,int *type,int len,int min,int max);
 #else
 static int make_REQ();
 static int req_fix_data(int nid,int *type,int len,int min,int max);
 #else
 static int make_REQ();
@@ -135,7 +135,9 @@ int MAIN(argc, argv)
 int argc;
 char **argv;
        {
 int argc;
 char **argv;
        {
+#ifndef NO_DSA
        DSA *dsa_params=NULL;
        DSA *dsa_params=NULL;
+#endif
        int ex=1,x509=0,days=30;
        X509 *x509ss=NULL;
        X509_REQ *req=NULL;
        int ex=1,x509=0,days=30;
        X509 *x509ss=NULL;
        X509_REQ *req=NULL;
@@ -160,7 +162,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        infile=NULL;
        outfile=NULL;
 
        infile=NULL;
        outfile=NULL;
@@ -228,7 +230,9 @@ char **argv;
                                p+=4;
                                newkey= atoi(p);
                                }
                                p+=4;
                                newkey= atoi(p);
                                }
-                       else if (strncmp("dsa:",p,4) == 0)
+                       else
+#ifndef NO_DSA
+                               if (strncmp("dsa:",p,4) == 0)
                                {
                                X509 *xtmp=NULL;
                                EVP_PKEY *dtmp;
                                {
                                X509 *xtmp=NULL;
                                EVP_PKEY *dtmp;
@@ -249,6 +253,9 @@ char **argv;
                                                BIO_printf(bio_err,"unable to load DSA parameters from file\n");
                                                goto end;
                                                }
                                                BIO_printf(bio_err,"unable to load DSA parameters from file\n");
                                                goto end;
                                                }
+
+                                       /* This will 'disapear'
+                                        * when we free xtmp */
                                        dtmp=X509_get_pubkey(xtmp);
                                        if (dtmp->type == EVP_PKEY_DSA)
                                                dsa_params=DSAparams_dup(dtmp->pkey.dsa);
                                        dtmp=X509_get_pubkey(xtmp);
                                        if (dtmp->type == EVP_PKEY_DSA)
                                                dsa_params=DSAparams_dup(dtmp->pkey.dsa);
@@ -258,18 +265,21 @@ char **argv;
                                                BIO_printf(bio_err,"Certificate does not contain DSA parameters\n");
                                                goto end;
                                                }
                                                BIO_printf(bio_err,"Certificate does not contain DSA parameters\n");
                                                goto end;
                                                }
-                                       
                                        }
                                BIO_free(in);
                                newkey=BN_num_bits(dsa_params->p);
                                in=NULL;
                                }
                                        }
                                BIO_free(in);
                                newkey=BN_num_bits(dsa_params->p);
                                in=NULL;
                                }
-                       else if (strncmp("dh:",p,4) == 0)
+                       else 
+#endif
+#ifndef NO_DH
+                               if (strncmp("dh:",p,4) == 0)
                                {
                                pkey_type=TYPE_DH;
                                p+=3;
                                }
                        else
                                {
                                pkey_type=TYPE_DH;
                                p+=3;
                                }
                        else
+#endif
                                pkey_type=TYPE_RSA;
 
                        newreq=1;
                                pkey_type=TYPE_RSA;
 
                        newreq=1;
@@ -347,12 +357,14 @@ bad:
 
 #ifndef MONOLITH
        /* Lets load up our environment a little */
 
 #ifndef MONOLITH
        /* Lets load up our environment a little */
-       p=getenv("SSLEAY_CONF");
+       p=getenv("OPENSSL_CONF");
+       if (p == NULL)
+               p=getenv("SSLEAY_CONF");
        if (p == NULL)
                {
                strcpy(config_name,X509_get_default_cert_area());
                strcat(config_name,"/lib/");
        if (p == NULL)
                {
                strcpy(config_name,X509_get_default_cert_area());
                strcat(config_name,"/lib/");
-               strcat(config_name,SSLEAY_CONF);
+               strcat(config_name,OPENSSL_CONF);
                p=config_name;
                }
         default_config_file=p;
                p=config_name;
                }
         default_config_file=p;
@@ -382,6 +394,29 @@ bad:
                        }
                }
 
                        }
                }
 
+       if (req_conf != NULL)
+               {
+               p=CONF_get_string(req_conf,NULL,"oid_file");
+               if (p != NULL)
+                       {
+                       BIO *oid_bio;
+
+                       oid_bio=BIO_new_file(p,"r");
+                       if (oid_bio == NULL) 
+                               {
+                               /*
+                               BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
+                               ERR_print_errors(bio_err);
+                               */
+                               }
+                       else
+                               {
+                               OBJ_create_objects(oid_bio);
+                               BIO_free(oid_bio);
+                               }
+                       }
+               }
+
        if ((md_alg == NULL) &&
                ((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL))
                {
        if ((md_alg == NULL) &&
                ((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL))
                {
@@ -463,7 +498,8 @@ bad:
                if (pkey_type == TYPE_RSA)
                        {
                        if (!EVP_PKEY_assign_RSA(pkey,
                if (pkey_type == TYPE_RSA)
                        {
                        if (!EVP_PKEY_assign_RSA(pkey,
-                               RSA_generate_key(newkey,0x10001,req_cb)))
+                               RSA_generate_key(newkey,0x10001,
+                                       req_cb,(char *)bio_err)))
                                goto end;
                        }
                else
                                goto end;
                        }
                else
@@ -559,8 +595,10 @@ loop:
 
        if (newreq || x509)
                {
 
        if (newreq || x509)
                {
+#ifndef NO_DSA
                if (pkey->type == EVP_PKEY_DSA)
                        digest=EVP_dss1();
                if (pkey->type == EVP_PKEY_DSA)
                        digest=EVP_dss1();
+#endif
 
                if (pkey == NULL)
                        {
 
                if (pkey == NULL)
                        {
@@ -625,7 +663,10 @@ loop:
                        }
 
                i=X509_REQ_verify(req,pkey);
                        }
 
                i=X509_REQ_verify(req,pkey);
-               if (tmp) pkey=NULL;
+               if (tmp) {
+                       EVP_PKEY_free(pkey);
+                       pkey=NULL;
+               }
 
                if (i < 0)
                        {
 
                if (i < 0)
                        {
@@ -682,9 +723,11 @@ loop:
                        goto end; 
                        }
                fprintf(stdout,"Modulus=");
                        goto end; 
                        }
                fprintf(stdout,"Modulus=");
+#ifndef NO_RSA
                if (pubkey->type == EVP_PKEY_RSA)
                        BN_print(out,pubkey->pkey.rsa->n);
                else
                if (pubkey->type == EVP_PKEY_RSA)
                        BN_print(out,pubkey->pkey.rsa->n);
                else
+#endif
                        fprintf(stdout,"Wrong Algorithm type");
                fprintf(stdout,"\n");
                }
                        fprintf(stdout,"Wrong Algorithm type");
                fprintf(stdout,"\n");
                }
@@ -733,7 +776,9 @@ end:
        if (pkey != NULL) EVP_PKEY_free(pkey);
        if (req != NULL) X509_REQ_free(req);
        if (x509ss != NULL) X509_free(x509ss);
        if (pkey != NULL) EVP_PKEY_free(pkey);
        if (req != NULL) X509_REQ_free(req);
        if (x509ss != NULL) X509_free(x509ss);
+#ifndef NO_DSA
        if (dsa_params != NULL) DSA_free(dsa_params);
        if (dsa_params != NULL) DSA_free(dsa_params);
+#endif
        EXIT(ex);
        }
 
        EXIT(ex);
        }
 
@@ -743,7 +788,7 @@ EVP_PKEY *pkey;
 int attribs;
        {
        int ret=0,i,j;
 int attribs;
        {
        int ret=0,i,j;
-       unsigned char *p;
+       unsigned char *p,*q;
        X509_REQ_INFO *ri;
        char buf[100];
        int nid,min,max;
        X509_REQ_INFO *ri;
        char buf[100];
        int nid,min,max;
@@ -800,19 +845,43 @@ start:            for (;;)
                        if ((int)sk_num(sk) <= i) break;
 
                        v=(CONF_VALUE *)sk_value(sk,i);
                        if ((int)sk_num(sk) <= i) break;
 
                        v=(CONF_VALUE *)sk_value(sk,i);
-                       p=NULL;
+                       p=q=NULL;
                        type=v->name;
                        type=v->name;
+                       /* Allow for raw OIDs */
+                       /* [n.mm.ooo.ppp] */
                        for (j=0; type[j] != '\0'; j++)
                                {
                                if (    (type[j] == ':') ||
                                        (type[j] == ',') ||
                                        (type[j] == '.'))
                        for (j=0; type[j] != '\0'; j++)
                                {
                                if (    (type[j] == ':') ||
                                        (type[j] == ',') ||
                                        (type[j] == '.'))
-                                       p= (unsigned char *)&(type[j+1]);
+                                       p=(unsigned char *)&(type[j+1]);
+                               if (type[j] == '[')
+                                       {
+                                       p=(unsigned char *)&(type[j+1]);
+                                       for (j++; type[j] != '\0'; j++)
+                                               if (type[j] == ']')
+                                                       {
+                                                       q=(unsigned char *)&(type[j]);
+                                                       break;
+                                                       }
+                                       break;
+                                       }
                                }
                        if (p != NULL)
                                type=(char *)p;
                        if ((nid=OBJ_txt2nid(type)) == NID_undef)
                                }
                        if (p != NULL)
                                type=(char *)p;
                        if ((nid=OBJ_txt2nid(type)) == NID_undef)
-                               goto start;
+                               {
+                               /* Add a new one if possible */
+                               if ((p != NULL) && (q != NULL) && (*q == ']'))
+                                       {
+                                       *q='\0';
+                                       nid=OBJ_create((char *)p,NULL,NULL);
+                                       *q=']';
+                                       if (nid == NID_undef) goto start;
+                                       }
+                               else
+                                       goto start;
+                               }
 
                        sprintf(buf,"%s_default",v->name);
                        if ((def=CONF_get_string(req_conf,tmp,buf)) == NULL)
 
                        sprintf(buf,"%s_default",v->name);
                        if ((def=CONF_get_string(req_conf,tmp,buf)) == NULL)
@@ -1044,9 +1113,10 @@ err:
        return(0);
        }
 
        return(0);
        }
 
-static void MS_CALLBACK req_cb(p, n)
+static void MS_CALLBACK req_cb(p,n,arg)
 int p;
 int n;
 int p;
 int n;
+char *arg;
        {
        char c='*';
 
        {
        char c='*';
 
@@ -1054,8 +1124,8 @@ int n;
        if (p == 1) c='+';
        if (p == 2) c='*';
        if (p == 3) c='\n';
        if (p == 1) c='+';
        if (p == 2) c='*';
        if (p == 3) c='\n';
-       BIO_write(bio_err,&c,1);
-       BIO_flush(bio_err);
+       BIO_write((BIO *)arg,&c,1);
+       BIO_flush((BIO *)arg);
 #ifdef LINT
        p=n;
 #endif
 #ifdef LINT
        p=n;
 #endif