X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Freq.c;h=af2db1628ba082c5df9360737bbb92ffa4e773fe;hp=db3dcb80e62b15daa07a8a02bf02c36b6451a3cb;hb=14a7cfb32a0347a4bc620ae1b552b21c4c1e270b;hpb=c0455cbb180e4662a734f11dbcb1f94beb2376a9 diff --git a/apps/req.c b/apps/req.c index db3dcb80e6..af2db1628b 100644 --- a/apps/req.c +++ b/apps/req.c @@ -142,7 +142,7 @@ static int batch=0; #define TYPE_RSA 1 #define TYPE_DSA 2 #define TYPE_DH 3 -#define TYPE_ECDSA 4 +#define TYPE_EC 4 int MAIN(int, char **); @@ -152,8 +152,8 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_DSA DSA *dsa_params=NULL; #endif -#ifndef OPENSSL_NO_ECDSA - ECDSA *ecdsa_params = NULL; +#ifndef OPENSSL_NO_EC + EC_KEY *ec_params = NULL; #endif unsigned long nmflag = 0; int ex=1,x509=0,days=30; @@ -327,37 +327,41 @@ int MAIN(int argc, char **argv) } else #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC if (strncmp("ecdsa:",p,4) == 0) { X509 *xtmp=NULL; EVP_PKEY *dtmp; - pkey_type=TYPE_ECDSA; + pkey_type=TYPE_EC; p+=6; if ((in=BIO_new_file(p,"r")) == NULL) { perror(p); goto end; } - if ((ecdsa_params = PEM_read_bio_ECDSAParameters(in, NULL, NULL, NULL)) == NULL) + if ((ec_params = EC_KEY_new()) == NULL) + goto end; + if ((ec_params->group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL)) == NULL) { + if (ec_params) + EC_KEY_free(ec_params); ERR_clear_error(); (void)BIO_reset(in); if ((xtmp=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) { - BIO_printf(bio_err,"unable to load ECDSA parameters from file\n"); + BIO_printf(bio_err,"unable to load EC parameters from file\n"); goto end; } if ((dtmp=X509_get_pubkey(xtmp)) == NULL) goto end; - if (dtmp->type == EVP_PKEY_ECDSA) - ecdsa_params = ECDSAParameters_dup(dtmp->pkey.ecdsa); + if (dtmp->type == EVP_PKEY_EC) + ec_params = ECParameters_dup(dtmp->pkey.eckey); EVP_PKEY_free(dtmp); X509_free(xtmp); - if (ecdsa_params == NULL) + if (ec_params == NULL) { - BIO_printf(bio_err,"Certificate does not contain ECDSA parameters\n"); + BIO_printf(bio_err,"Certificate does not contain EC parameters\n"); goto end; } } @@ -370,7 +374,7 @@ int MAIN(int argc, char **argv) if (!order) goto end; - if (!EC_GROUP_get_order(ecdsa_params->group, order, NULL)) + if (!EC_GROUP_get_order(ec_params->group, order, NULL)) goto end; newkey = BN_num_bits(order); BN_free(order); @@ -679,7 +683,7 @@ bad: if (keyfile != NULL) { - pkey = load_key(bio_err, keyfile, keyform, passin, e, + pkey = load_key(bio_err, keyfile, keyform, 0, passin, e, "Private Key"); if (!pkey) { @@ -741,12 +745,13 @@ bad: dsa_params=NULL; } #endif -#ifndef OPENSSL_NO_ECDSA - if (pkey_type == TYPE_ECDSA) +#ifndef OPENSSL_NO_EC + if (pkey_type == TYPE_EC) { - if (!ECDSA_generate_key(ecdsa_params)) goto end; - if (!EVP_PKEY_assign_ECDSA(pkey, ecdsa_params)) goto end; - ecdsa_params = NULL; + if (!EC_KEY_generate_key(ec_params)) goto end; + if (!EVP_PKEY_assign_EC_KEY(pkey, ec_params)) + goto end; + ec_params = NULL; } #endif @@ -1140,8 +1145,8 @@ end: #ifndef OPENSSL_NO_DSA if (dsa_params != NULL) DSA_free(dsa_params); #endif -#ifndef OPENSSL_NO_ECDSA - if (ecdsa_params != NULL) ECDSA_free(ecdsa_params); +#ifndef OPENSSL_NO_EC + if (ec_params != NULL) EC_KEY_free(ec_params); #endif apps_shutdown(); EXIT(ex); @@ -1217,120 +1222,18 @@ err: */ static int build_subject(X509_REQ *req, char *subject, unsigned long chtype) { - size_t buflen = strlen (subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */ - char *buf = malloc (buflen); - size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */ - char **ne_types = malloc (max_ne * sizeof (char *)); - char **ne_values = malloc (max_ne * sizeof (char *)); - - char *sp = subject, *bp = buf; - int i, ne_num = 0; - - X509_NAME *n = NULL; - int nid; - - if (!buf || !ne_types || !ne_values) - { - BIO_printf(bio_err, "malloc error\n"); - goto error0; - } - - if (*subject != '/') - { - BIO_printf(bio_err, "Subject does not start with '/'.\n"); - goto error0; - } - sp++; /* skip leading / */ - - while (*sp) - { - /* collect type */ - ne_types[ne_num] = bp; - while (*sp) - { - if (*sp == '\\') /* is there anything to escape in the type...? */ - if (*++sp) - *bp++ = *sp++; - else - { - BIO_printf(bio_err, "escape character at end of string\n"); - goto error0; - } - else if (*sp == '=') - { - sp++; - *bp++ = '\0'; - break; - } - else - *bp++ = *sp++; - } - if (!*sp) - { - BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num); - goto error0; - } - ne_values[ne_num] = bp; - while (*sp) - { - if (*sp == '\\') - if (*++sp) - *bp++ = *sp++; - else - { - BIO_printf(bio_err, "escape character at end of string\n"); - goto error0; - } - else if (*sp == '/') - { - sp++; - *bp++ = '\0'; - break; - } - else - *bp++ = *sp++; - } - *bp++ = '\0'; - ne_num++; - } + X509_NAME *n; - if (!(n = X509_NAME_new())) - goto error0; + if (!(n = do_subject(subject, chtype))) + return 0; - for(i = 0; i < ne_num; i++) + if (!X509_REQ_set_subject_name(req, n)) { - if ((nid=OBJ_txt2nid(ne_types[i])) == NID_undef) - { - BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_types[i]); - continue; - } - - if (!*ne_values[i]) - { - BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_types[i]); - continue; - } - - if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i], -1,-1,0)) - goto error1; - + X509_NAME_free(n); + return 0; } - - if (!X509_REQ_set_subject_name(req, n)) - goto error1; X509_NAME_free(n); - free (ne_values); - free (ne_types); - free (buf); return 1; - -error1: - X509_NAME_free(n); -error0: - free (ne_values); - free (ne_types); - free (buf); - return 0; }