Clarify where the engines are by default.

[openssl.git] / apps / x509.c

diff --git a/apps/x509.c b/apps/x509.c
index f18aaf5d9f9bf72ada804da7a2e0d0d5f5f279e6..aa06462b9f41b3c506ccab6a4fd1f6afeaa2b35e 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -73,7 +73,6 @@
 #include <openssl/x509v3.h>
 #include <openssl/objects.h>
 #include <openssl/pem.h>
-#include <openssl/engine.h>
 
 #undef PROG
 #define PROG x509_main
@@ -192,6 +191,9 @@ int MAIN(int argc, char **argv)
 
        if (bio_err == NULL)
                bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+       if (!load_config(bio_err, NULL))
+               goto end;
        STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
@@ -243,7 +245,7 @@ int MAIN(int argc, char **argv)
                else if (strcmp(*argv,"-CAkeyform") == 0)
                        {
                        if (--argc < 1) goto bad;
-                       CAformat=str2fmt(*(++argv));
+                       CAkeyformat=str2fmt(*(++argv));
                        }
                else if (strcmp(*argv,"-days") == 0)
                        {
@@ -859,14 +861,18 @@ bad:
                                if (Upkey == NULL)
                                        {
                                        Upkey=load_key(bio_err,
-                                               keyfile,keyformat, passin, e,
-                                               "Private key");
+                                               keyfile, keyformat, 0,
+                                               passin, e, "Private key");
                                        if (Upkey == NULL) goto end;
                                        }
 #ifndef OPENSSL_NO_DSA
                                if (Upkey->type == EVP_PKEY_DSA)
                                        digest=EVP_dss1();
 #endif
+#ifndef OPENSSL_NO_ECDSA
+                               if (Upkey->type == EVP_PKEY_EC)
+                                       digest=EVP_ecdsa();
+#endif
 
                                assert(need_rand);
                                if (!sign(x,Upkey,days,clrext,digest,
@@ -878,14 +884,19 @@ bad:
                                if (CAkeyfile != NULL)
                                        {
                                        CApkey=load_key(bio_err,
-                                               CAkeyfile,CAkeyformat, passin,
-                                               e, "CA Private Key");
+                                               CAkeyfile, CAkeyformat,
+                                               0, passin, e,
+                                               "CA Private Key");
                                        if (CApkey == NULL) goto end;
                                        }
 #ifndef OPENSSL_NO_DSA
                                if (CApkey->type == EVP_PKEY_DSA)
                                        digest=EVP_dss1();
 #endif
+#ifndef OPENSSL_NO_ECDSA
+                               if (CApkey->type == EVP_PKEY_EC)
+                                       digest = EVP_ecdsa();
+#endif
                                
                                assert(need_rand);
                                if (!x509_certify(ctx,CAfile,digest,x,xca,
@@ -906,15 +917,21 @@ bad:
                                else
                                        {
                                        pk=load_key(bio_err,
-                                               keyfile,FORMAT_PEM, passin, e,
-                                               "request key");
+                                               keyfile, FORMAT_PEM, 0,
+                                               passin, e, "request key");
                                        if (pk == NULL) goto end;
                                        }
 
                                BIO_printf(bio_err,"Generating certificate request\n");
 
+#ifndef OPENSSL_NO_DSA
                                if (pk->type == EVP_PKEY_DSA)
                                        digest=EVP_dss1();
+#endif
+#ifndef OPENSSL_NO_ECDSA
+                               if (pk->type == EVP_PKEY_EC)
+                                       digest=EVP_ecdsa();
+#endif
 
                                rq=X509_to_X509_REQ(x,pk,digest);
                                EVP_PKEY_free(pk);
@@ -1128,7 +1145,11 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
        EVP_PKEY_copy_parameters(upkey,pkey);
        EVP_PKEY_free(upkey);
 
-       X509_STORE_CTX_init(&xsc,ctx,x,NULL);
+       if(!X509_STORE_CTX_init(&xsc,ctx,x,NULL))
+               {
+               BIO_printf(bio_err,"Error initialising X509 store\n");
+               goto end;
+               }
        if (sno) bs = sno;
        else if (!(bs = load_serial(CAfile, serialfile, create)))
                goto end;