{"multivalue-rdn", OPT_MULTIVALUE_RDN, '-',
"Enable support for multivalued RDNs"},
{"days", OPT_DAYS, 'p', "Number of days cert is valid for"},
- {"set-serial", OPT_SET_SERIAL, 'p', "Serial number to use"},
+ {"set_serial", OPT_SET_SERIAL, 'p', "Serial number to use"},
{"extensions", OPT_EXTENSIONS, 's',
"Cert extension section (override value in config file)"},
{"reqexts", OPT_REQEXTS, 's',
BIO_printf(bio_err, "writing new private key to stdout\n");
else
BIO_printf(bio_err, "writing new private key to '%s'\n", keyout);
- out = bio_open_owner(keyout, "w", private);
+ out = bio_open_owner(keyout, outformat, private);
if (out == NULL)
goto end;
}
if (!newreq) {
- in = bio_open_default(infile, RB(informat));
+ in = bio_open_default(infile, 'r', informat);
if (in == NULL)
goto end;
out = bio_open_default(outfile,
keyout != NULL && outfile != NULL &&
- strcmp(keyout, outfile) == 0
- ? AB(outformat) : WB(outformat));
+ strcmp(keyout, outfile) == 0 ? 'a' : 'w',
+ outformat);
if (out == NULL)
goto end;
fprintf(stdout, "Modulus=");
#ifndef OPENSSL_NO_RSA
if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA)
- BN_print(out, tpubkey->pkey.rsa->n);
+ BN_print(out, EVP_PKEY_get0_RSA(tpubkey)->n);
else
#endif
fprintf(stdout, "Wrong Algorithm type");
BIO_printf(bio_err, "%s [%s]:", text, def);
(void)BIO_flush(bio_err);
if (value != NULL) {
- BUF_strlcpy(buf, value, sizeof buf);
- BUF_strlcat(buf, "\n", sizeof buf);
+ OPENSSL_strlcpy(buf, value, sizeof buf);
+ OPENSSL_strlcat(buf, "\n", sizeof buf);
BIO_printf(bio_err, "%s\n", value);
} else {
buf[0] = '\0';
else if (buf[0] == '\n') {
if ((def == NULL) || (def[0] == '\0'))
return (1);
- BUF_strlcpy(buf, def, sizeof buf);
- BUF_strlcat(buf, "\n", sizeof buf);
+ OPENSSL_strlcpy(buf, def, sizeof buf);
+ OPENSSL_strlcat(buf, "\n", sizeof buf);
} else if ((buf[0] == '.') && (buf[1] == '\n'))
return (1);
BIO_printf(bio_err, "%s [%s]:", text, def);
(void)BIO_flush(bio_err);
if (value != NULL) {
- BUF_strlcpy(buf, value, sizeof buf);
- BUF_strlcat(buf, "\n", sizeof buf);
+ OPENSSL_strlcpy(buf, value, sizeof buf);
+ OPENSSL_strlcat(buf, "\n", sizeof buf);
BIO_printf(bio_err, "%s\n", value);
} else {
buf[0] = '\0';
else if (buf[0] == '\n') {
if ((def == NULL) || (def[0] == '\0'))
return (1);
- BUF_strlcpy(buf, def, sizeof buf);
- BUF_strlcat(buf, "\n", sizeof buf);
+ OPENSSL_strlcpy(buf, def, sizeof buf);
+ OPENSSL_strlcat(buf, "\n", sizeof buf);
} else if ((buf[0] == '.') && (buf[1] == '\n'))
return (1);
return NULL;
}
EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &anam, ameth);
- *palgnam = BUF_strdup(anam);
+ *palgnam = OPENSSL_strdup(anam);
#ifndef OPENSSL_NO_ENGINE
if (tmpeng)
ENGINE_finish(tmpeng);
} else
gctx = EVP_PKEY_CTX_new_id(*pkey_type, keygen_engine);
- if (!gctx) {
+ if (gctx == NULL) {
BIO_puts(bio_err, "Error allocating keygen context\n");
ERR_print_errors(bio_err);
return NULL;
EVP_PKEY_CTX *pkctx = NULL;
int i;
- EVP_MD_CTX_init(ctx);
+ if (ctx == NULL)
+ return 0;
if (!EVP_DigestSignInit(ctx, &pkctx, md, NULL, pkey))
return 0;
for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) {
STACK_OF(OPENSSL_STRING) *sigopts)
{
int rv;
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = EVP_MD_CTX_new();
- EVP_MD_CTX_init(&mctx);
- rv = do_sign_init(&mctx, pkey, md, sigopts);
+ rv = do_sign_init(mctx, pkey, md, sigopts);
+ /* Note: X509_sign_ctx() calls ASN1_item_sign_ctx(), which destroys
+ * the EVP_MD_CTX we send it, so only destroy it here if the former
+ * isn't called */
if (rv > 0)
- rv = X509_sign_ctx(x, &mctx);
- EVP_MD_CTX_cleanup(&mctx);
+ rv = X509_sign_ctx(x, mctx);
+ else
+ EVP_MD_CTX_free(mctx);
return rv > 0 ? 1 : 0;
}
STACK_OF(OPENSSL_STRING) *sigopts)
{
int rv;
- EVP_MD_CTX mctx;
-
- EVP_MD_CTX_init(&mctx);
- rv = do_sign_init(&mctx, pkey, md, sigopts);
+ EVP_MD_CTX *mctx = EVP_MD_CTX_new();
+ rv = do_sign_init(mctx, pkey, md, sigopts);
+ /* Note: X509_REQ_sign_ctx() calls ASN1_item_sign_ctx(), which destroys
+ * the EVP_MD_CTX we send it, so only destroy it here if the former
+ * isn't called */
if (rv > 0)
- rv = X509_REQ_sign_ctx(x, &mctx);
- EVP_MD_CTX_cleanup(&mctx);
+ rv = X509_REQ_sign_ctx(x, mctx);
+ else
+ EVP_MD_CTX_free(mctx);
return rv > 0 ? 1 : 0;
}
STACK_OF(OPENSSL_STRING) *sigopts)
{
int rv;
- EVP_MD_CTX mctx;
-
- EVP_MD_CTX_init(&mctx);
- rv = do_sign_init(&mctx, pkey, md, sigopts);
+ EVP_MD_CTX *mctx = EVP_MD_CTX_new();
+ rv = do_sign_init(mctx, pkey, md, sigopts);
+ /* Note: X509_CRL_sign_ctx() calls ASN1_item_sign_ctx(), which destroys
+ * the EVP_MD_CTX we send it, so only destroy it here if the former
+ * isn't called */
if (rv > 0)
- rv = X509_CRL_sign_ctx(x, &mctx);
- EVP_MD_CTX_cleanup(&mctx);
+ rv = X509_CRL_sign_ctx(x, mctx);
+ else
+ EVP_MD_CTX_free(mctx);
return rv > 0 ? 1 : 0;
}