#define TYPE_RSA 1
#define TYPE_DSA 2
#define TYPE_DH 3
-#define TYPE_ECDSA 4
+#define TYPE_EC 4
int MAIN(int, char **);
#ifndef OPENSSL_NO_DSA
DSA *dsa_params=NULL;
#endif
-#ifndef OPENSSL_NO_ECDSA
- ECDSA *ecdsa_params = NULL;
+#ifndef OPENSSL_NO_EC
+ EC_KEY *ec_params = NULL;
#endif
unsigned long nmflag = 0;
int ex=1,x509=0,days=30;
}
else
#endif
-#ifndef OPENSSL_NO_ECDSA
+#ifndef OPENSSL_NO_EC
if (strncmp("ecdsa:",p,4) == 0)
{
X509 *xtmp=NULL;
EVP_PKEY *dtmp;
- pkey_type=TYPE_ECDSA;
+ pkey_type=TYPE_EC;
p+=6;
if ((in=BIO_new_file(p,"r")) == NULL)
{
perror(p);
goto end;
}
- if ((ecdsa_params = PEM_read_bio_ECDSAParameters(in, NULL, NULL, NULL)) == NULL)
+ if ((ec_params = EC_KEY_new()) == NULL)
+ goto end;
+ if ((ec_params->group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL)) == NULL)
{
+ if (ec_params)
+ EC_KEY_free(ec_params);
ERR_clear_error();
(void)BIO_reset(in);
if ((xtmp=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL)
{
- BIO_printf(bio_err,"unable to load ECDSA parameters from file\n");
+ BIO_printf(bio_err,"unable to load EC parameters from file\n");
goto end;
}
if ((dtmp=X509_get_pubkey(xtmp)) == NULL) goto end;
- if (dtmp->type == EVP_PKEY_ECDSA)
- ecdsa_params = ECDSAParameters_dup(dtmp->pkey.ecdsa);
+ if (dtmp->type == EVP_PKEY_EC)
+ ec_params = ECParameters_dup(dtmp->pkey.eckey);
EVP_PKEY_free(dtmp);
X509_free(xtmp);
- if (ecdsa_params == NULL)
+ if (ec_params == NULL)
{
- BIO_printf(bio_err,"Certificate does not contain ECDSA parameters\n");
+ BIO_printf(bio_err,"Certificate does not contain EC parameters\n");
goto end;
}
}
if (!order)
goto end;
- if (!EC_GROUP_get_order(ecdsa_params->group, order, NULL))
+ if (!EC_GROUP_get_order(ec_params->group, order, NULL))
goto end;
newkey = BN_num_bits(order);
BN_free(order);
if (keyfile != NULL)
{
- pkey = load_key(bio_err, keyfile, keyform, passin, e,
+ pkey = load_key(bio_err, keyfile, keyform, 0, passin, e,
"Private Key");
if (!pkey)
{
dsa_params=NULL;
}
#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey_type == TYPE_ECDSA)
+#ifndef OPENSSL_NO_EC
+ if (pkey_type == TYPE_EC)
{
- if (!ECDSA_generate_key(ecdsa_params)) goto end;
- if (!EVP_PKEY_assign_ECDSA(pkey, ecdsa_params)) goto end;
- ecdsa_params = NULL;
+ if (!EC_KEY_generate_key(ec_params)) goto end;
+ if (!EVP_PKEY_assign_EC_KEY(pkey, ec_params))
+ goto end;
+ ec_params = NULL;
}
#endif
#ifndef OPENSSL_NO_DSA
if (dsa_params != NULL) DSA_free(dsa_params);
#endif
-#ifndef OPENSSL_NO_ECDSA
- if (ecdsa_params != NULL) ECDSA_free(ecdsa_params);
+#ifndef OPENSSL_NO_EC
+ if (ec_params != NULL) EC_KEY_free(ec_params);
#endif
apps_shutdown();
EXIT(ex);
*/
static int build_subject(X509_REQ *req, char *subject, unsigned long chtype)
{
- size_t buflen = strlen (subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */
- char *buf = malloc (buflen);
- size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */
- char **ne_types = malloc (max_ne * sizeof (char *));
- char **ne_values = malloc (max_ne * sizeof (char *));
-
- char *sp = subject, *bp = buf;
- int i, ne_num = 0;
-
- X509_NAME *n = NULL;
- int nid;
-
- if (!buf || !ne_types || !ne_values)
- {
- BIO_printf(bio_err, "malloc error\n");
- goto error0;
- }
-
- if (*subject != '/')
- {
- BIO_printf(bio_err, "Subject does not start with '/'.\n");
- goto error0;
- }
- sp++; /* skip leading / */
-
- while (*sp)
- {
- /* collect type */
- ne_types[ne_num] = bp;
- while (*sp)
- {
- if (*sp == '\\') /* is there anything to escape in the type...? */
- if (*++sp)
- *bp++ = *sp++;
- else
- {
- BIO_printf(bio_err, "escape character at end of string\n");
- goto error0;
- }
- else if (*sp == '=')
- {
- sp++;
- *bp++ = '\0';
- break;
- }
- else
- *bp++ = *sp++;
- }
- if (!*sp)
- {
- BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num);
- goto error0;
- }
- ne_values[ne_num] = bp;
- while (*sp)
- {
- if (*sp == '\\')
- if (*++sp)
- *bp++ = *sp++;
- else
- {
- BIO_printf(bio_err, "escape character at end of string\n");
- goto error0;
- }
- else if (*sp == '/')
- {
- sp++;
- *bp++ = '\0';
- break;
- }
- else
- *bp++ = *sp++;
- }
- *bp++ = '\0';
- ne_num++;
- }
+ X509_NAME *n;
- if (!(n = X509_NAME_new()))
- goto error0;
+ if (!(n = do_subject(subject, chtype)))
+ return 0;
- for(i = 0; i < ne_num; i++)
+ if (!X509_REQ_set_subject_name(req, n))
{
- if ((nid=OBJ_txt2nid(ne_types[i])) == NID_undef)
- {
- BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_types[i]);
- continue;
- }
-
- if (!*ne_values[i])
- {
- BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_types[i]);
- continue;
- }
-
- if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i], -1,-1,0))
- goto error1;
-
+ X509_NAME_free(n);
+ return 0;
}
-
- if (!X509_REQ_set_subject_name(req, n))
- goto error1;
X509_NAME_free(n);
- free (ne_values);
- free (ne_types);
- free (buf);
return 1;
-
-error1:
- X509_NAME_free(n);
-error0:
- free (ne_values);
- free (ne_types);
- free (buf);
- return 0;
}