Make pkcs12 and smime applications seed random number

[openssl.git] / apps / CA.pl.in

diff --git a/apps/CA.pl.in b/apps/CA.pl.in
index 7c023ae71f66c5b3ccc91afb1f40341511cb9e1c..4eef57e6e3919aac3a1b13976d1d9d261d5f9cc9 100644 (file)
--- a/apps/CA.pl.in
+++ b/apps/CA.pl.in
@@ -41,6 +41,7 @@ $REQ="openssl req $SSLEAY_CONFIG";
 $CA="openssl ca $SSLEAY_CONFIG";
 $VERIFY="openssl verify";
 $X509="openssl x509";
+$PKCS12="openssl pkcs12";
 
 $CATOP="./demoCA";
 $CAKEY="cakey.pem";
@@ -65,7 +66,7 @@ foreach (@ARGV) {
            $RET=$?;
            print "Request (and private key) is in newreq.pem\n";
        } elsif (/^-newca$/) {
-               # if explictly asked for or it doesn't exist then setup the
+               # if explicitly asked for or it doesn't exist then setup the
                # directory structure that Eric likes to manage things 
            $NEW="1";
            if ( "$NEW" || ! -f "${CATOP}/serial" ) {
@@ -99,6 +100,14 @@ foreach (@ARGV) {
                    $RET=$?;
                }
            }
+       } elsif (/^-pkcs12$/) {
+           my $cname = $ARGV[1];
+           $cname = "My Certificate" unless defined $cname;
+           system ("$PKCS12 -in newcert.pem -inkey newreq.pem " .
+                       "-certfile ${CATOP}/$CACERT -out newcert.p12 " .
+                       "-export -name \"$cname\"");
+           $RET=$?;
+           exit $RET;
        } elsif (/^-xsign$/) {
            system ("$CA -policy policy_anything -infiles newreq.pem");
            $RET=$?;