Add -pubkey option to req command.

author Dr. Stephen Henson <steve@openssl.org>

Sat, 1 Dec 2001 23:03:30 +0000 (23:03 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 1 Dec 2001 23:03:30 +0000 (23:03 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Sat, 1 Dec 2001 23:03:30 +0000 (23:03 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 1 Dec 2001 23:03:30 +0000 (23:03 +0000)
diff --git a/CHANGES b/CHANGES

index 9ed1297ccbb50f9c8556e31e4597f72cd67805e6..0b58507f6dae95fa2f63edad40341bbac669b58e 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -12,6 +12,9 @@
           *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
           +) applies to 0.9.7 only
  
           *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
           +) applies to 0.9.7 only
  
+  +) Add option to output public keys in req command.
+     [Massimiliano Pala madwolf@openca.org]
+
    *) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid()
       returns early because it has nothing to do.
       [Andy Schneider <andy.schneider@bjss.co.uk>]
    *) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid()
       returns early because it has nothing to do.
       [Andy Schneider <andy.schneider@bjss.co.uk>]
diff --git a/apps/req.c b/apps/req.c

index dc08d6d7a559c0237e7f1cc58cae8d862b79fb7c..c406b6444c0f64e4e64db12f3ca19bc1d5b58b7c 100644 (file)
--- a/apps/req.c
+++ b/apps/req.c
@@ -106,6 +106,7 @@
   * -rand file(s) - load the file(s) into the PRNG.
   * -newkey     - make a key and a request.
   * -modulus    - print RSA modulus.
   * -rand file(s) - load the file(s) into the PRNG.
   * -newkey     - make a key and a request.
   * -modulus    - print RSA modulus.
+ * -pubkey     - output Public Key.
   * -x509       - output a self signed X509 structure instead.
   * -asn1-kludge        - output new certificate request in a format that some CA's
   *               require.  This format is wrong
   * -x509       - output a self signed X509 structure instead.
   * -asn1-kludge        - output new certificate request in a format that some CA's
   *               require.  This format is wrong
@@ -159,7 +160,7 @@ int MAIN(int argc, char **argv)
         long newkey = -1;
         BIO *in=NULL,*out=NULL;
         int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
         long newkey = -1;
         BIO *in=NULL,*out=NULL;
         int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
-       int nodes=0,kludge=0,newhdr=0,subject=0;
+       int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0;
         char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
         char *engine=NULL;
         char *extensions = NULL;
         char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
         char *engine=NULL;
         char *extensions = NULL;
@@ -218,6 +219,10 @@ int MAIN(int argc, char **argv)
                         if (--argc < 1) goto bad;
                         keyfile= *(++argv);
                         }
                         if (--argc < 1) goto bad;
                         keyfile= *(++argv);
                         }
+               else if (strcmp(*argv,"-pubkey") == 0)
+                       {
+                       pubkey=1;
+                       }
                 else if (strcmp(*argv,"-new") == 0)
                         {
                         newreq=1;
                 else if (strcmp(*argv,"-new") == 0)
                         {
                         newreq=1;
@@ -412,6 +417,7 @@ bad:
                 BIO_printf(bio_err," -in arg        input file\n");
                 BIO_printf(bio_err," -out arg       output file\n");
                 BIO_printf(bio_err," -text          text form of request\n");
                 BIO_printf(bio_err," -in arg        input file\n");
                 BIO_printf(bio_err," -out arg       output file\n");
                 BIO_printf(bio_err," -text          text form of request\n");
+               BIO_printf(bio_err," -pubkey        output public key\n");
                 BIO_printf(bio_err," -noout         do not output REQ\n");
                 BIO_printf(bio_err," -verify        verify signature on REQ\n");
                 BIO_printf(bio_err," -modulus       RSA modulus\n");
                 BIO_printf(bio_err," -noout         do not output REQ\n");
                 BIO_printf(bio_err," -verify        verify signature on REQ\n");
                 BIO_printf(bio_err," -modulus       RSA modulus\n");
@@ -473,7 +479,8 @@ bad:
                 {
                 long errline;
  
                 {
                 long errline;
  
-               BIO_printf(bio_err,"Using configuration from %s\n",template);
+               if( verbose )
+                       BIO_printf(bio_err,"Using configuration from %s\n",template);
                 req_conf=NCONF_new(NULL);
                 i=NCONF_load(req_conf,template,&errline);
                 if (i == 0)
                 req_conf=NCONF_new(NULL);
                 i=NCONF_load(req_conf,template,&errline);
                 if (i == 0)
@@ -485,7 +492,8 @@ bad:
         else
                 {
                 req_conf=config;
         else
                 {
                 req_conf=config;
-               BIO_printf(bio_err,"Using configuration from %s\n",
+               if( verbose )
+                       BIO_printf(bio_err,"Using configuration from %s\n",
                         default_config_file);
                 if (req_conf == NULL)
                         {
                         default_config_file);
                 if (req_conf == NULL)
                         {
@@ -922,7 +930,7 @@ loop:
                         BIO_printf(bio_err,"verify OK\n");
                 }
  
                         BIO_printf(bio_err,"verify OK\n");
                 }
  
-       if (noout && !text && !modulus && !subject)
+       if (noout && !text && !modulus && !subject && !pubkey)
                 {
                 ex=0;
                 goto end;
                 {
                 ex=0;
                 goto end;
@@ -951,6 +959,20 @@ loop:
                         }
                 }
  
                         }
                 }
  
+       if (pubkey)
+               {
+               EVP_PKEY *tpubkey; 
+               tpubkey=X509_REQ_get_pubkey(req);
+               if (tpubkey == NULL)
+                       {
+                       BIO_printf(bio_err,"Error getting public key\n");
+                       ERR_print_errors(bio_err);
+                       goto end;
+                       }
+               PEM_write_bio_PUBKEY(out, tpubkey);
+               EVP_PKEY_free(tpubkey);
+               }
+
         if (text)
                 {
                 if (x509)
         if (text)
                 {
                 if (x509)
@@ -969,24 +991,25 @@ loop:
  
         if (modulus)
                 {
  
         if (modulus)
                 {
-               EVP_PKEY *pubkey;
+               EVP_PKEY *tpubkey;
  
                 if (x509)
  
                 if (x509)
-                       pubkey=X509_get_pubkey(x509ss);
+                       tpubkey=X509_get_pubkey(x509ss);
                 else
                 else
-                       pubkey=X509_REQ_get_pubkey(req);
-               if (pubkey == NULL)
+                       tpubkey=X509_REQ_get_pubkey(req);
+               if (tpubkey == NULL)
                         {
                         fprintf(stdout,"Modulus=unavailable\n");
                         goto end; 
                         }
                 fprintf(stdout,"Modulus=");
  #ifndef OPENSSL_NO_RSA
                         {
                         fprintf(stdout,"Modulus=unavailable\n");
                         goto end; 
                         }
                 fprintf(stdout,"Modulus=");
  #ifndef OPENSSL_NO_RSA
-               if (pubkey->type == EVP_PKEY_RSA)
-                       BN_print(out,pubkey->pkey.rsa->n);
+               if (tpubkey->type == EVP_PKEY_RSA)
+                       BN_print(out,tpubkey->pkey.rsa->n);
                 else
  #endif
                         fprintf(stdout,"Wrong Algorithm type");
                 else
  #endif
                         fprintf(stdout,"Wrong Algorithm type");
+               EVP_PKEY_free(tpubkey);
                 fprintf(stdout,"\n");
                 }
  
                 fprintf(stdout,"\n");
                 }
  
diff --git a/doc/apps/req.pod b/doc/apps/req.pod

index 0ba9a0074fe5d984f2117052ed4a45ceb6371e32..b627fd9bb81917fe5a6e881c3b798c47c265cd0e 100644 (file)
--- a/doc/apps/req.pod
+++ b/doc/apps/req.pod
@@ -15,6 +15,7 @@ B<openssl> B<req>
  [B<-out filename>]
  [B<-passout arg>]
  [B<-text>]
  [B<-out filename>]
  [B<-passout arg>]
  [B<-text>]
+[B<-pubkey>]
  [B<-noout>]
  [B<-verify>]
  [B<-modulus>]
  [B<-noout>]
  [B<-verify>]
  [B<-modulus>]
@@ -87,6 +88,10 @@ see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
  
  prints out the certificate request in text form.
  
  
  prints out the certificate request in text form.
  
+=item B<-pubkey>
+
+outputs the public key.
+
  =item B<-noout>
  
  this option prevents output of the encoded version of the request.
  =item B<-noout>
  
  this option prevents output of the encoded version of the request.
author	Dr. Stephen Henson <steve@openssl.org>
	Sat, 1 Dec 2001 23:03:30 +0000 (23:03 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 1 Dec 2001 23:03:30 +0000 (23:03 +0000)
CHANGES		patch \| blob \| history
apps/req.c		patch \| blob \| history
doc/apps/req.pod		patch \| blob \| history