X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fts.c;h=ac91323ac64bbd1cc266c4c7f3bb1ad037c923b6;hp=b58703a77bf6ecc024d5c07a4266d226edf57460;hb=e20b47275109aafc559446d731e6baad4a1f55d1;hpb=fa49924659f21454fba3d70b4f60ce76ee6059f8 diff --git a/apps/ts.c b/apps/ts.c index b58703a77b..ac91323ac6 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -95,14 +95,14 @@ static ASN1_INTEGER *create_nonce(int bits); /* Reply related functions. */ static int reply_command(CONF *conf, char *section, char *engine, char *queryfile, char *passin, char *inkey, - char *signer, char *chain, const char *policy, - char *in, int token_in, char *out, int token_out, - int text); + const EVP_MD *md, char *signer, char *chain, + const char *policy, char *in, int token_in, + char *out, int token_out, int text); static TS_RESP *read_PKCS7(BIO *in_bio); static TS_RESP *create_response(CONF *conf, const char *section, char *engine, char *queryfile, char *passin, - char *inkey, char *signer, char *chain, - const char *policy); + char *inkey, const EVP_MD *md, char *signer, + char *chain, const char *policy); static ASN1_INTEGER *serial_cb(TS_RESP_CTX *ctx, void *data); static ASN1_INTEGER *next_serial(const char *serialfile); static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial); @@ -342,7 +342,7 @@ int ts_main(int argc, char **argv) goto opthelp; } ret = !reply_command(conf, section, engine, queryfile, - password, inkey, signer, chain, policy, + password, inkey, md, signer, chain, policy, in, token_in, out, token_out, text); break; case OPT_VERIFY: @@ -583,8 +583,8 @@ static ASN1_INTEGER *create_nonce(int bits) static int reply_command(CONF *conf, char *section, char *engine, char *queryfile, char *passin, char *inkey, - char *signer, char *chain, const char *policy, - char *in, int token_in, + const EVP_MD *md, char *signer, char *chain, + const char *policy, char *in, int token_in, char *out, int token_out, int text) { int ret = 0; @@ -605,7 +605,7 @@ static int reply_command(CONF *conf, char *section, char *engine, } } else { response = create_response(conf, section, engine, queryfile, - passin, inkey, signer, chain, policy); + passin, inkey, md, signer, chain, policy); if (response) BIO_printf(bio_err, "Response has been generated.\n"); else @@ -691,8 +691,8 @@ static TS_RESP *read_PKCS7(BIO *in_bio) static TS_RESP *create_response(CONF *conf, const char *section, char *engine, char *queryfile, char *passin, - char *inkey, char *signer, char *chain, - const char *policy) + char *inkey, const EVP_MD *md, char *signer, + char *chain, const char *policy) { int ret = 0; TS_RESP *response = NULL; @@ -717,6 +717,14 @@ static TS_RESP *create_response(CONF *conf, const char *section, char *engine, goto end; if (!TS_CONF_set_signer_key(conf, section, inkey, passin, resp_ctx)) goto end; + + if (md) { + if (!TS_RESP_CTX_set_signer_digest(resp_ctx, md)) + goto end; + } else if (!TS_CONF_set_signer_digest(conf, section, NULL, resp_ctx)) { + goto end; + } + if (!TS_CONF_set_def_policy(conf, section, policy, resp_ctx)) goto end; if (!TS_CONF_set_policies(conf, section, resp_ctx))