char *def, char *value, int nid, int n_min,
int n_max, unsigned long chtype);
static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
- int nid,int n_min,int n_max, unsigned long chtype);
+ int nid,int n_min,int n_max, unsigned long chtype, int mval);
#ifndef OPENSSL_NO_RSA
static void MS_CALLBACK req_cb(int p,int n,void *arg);
#endif
int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0;
char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
char *extensions = NULL;
char *req_exts = NULL;
const EVP_CIPHER *cipher=NULL;
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-key") == 0)
{
if (--argc < 1) goto bad;
BIO_printf(bio_err," -verify verify signature on REQ\n");
BIO_printf(bio_err," -modulus RSA modulus\n");
BIO_printf(bio_err," -nodes don't encrypt the output key\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device\n");
+#endif
BIO_printf(bio_err," -subject output the request's subject\n");
BIO_printf(bio_err," -passin private key password source\n");
BIO_printf(bio_err," -key file use the private key contained in file\n");
BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n");
BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n");
BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n");
- BIO_printf(bio_err," -nameopt arg - various certificate name options\n");
+ BIO_printf(bio_err," -nameopt arg - various certificate name options\n");
BIO_printf(bio_err," -reqopt arg - various request text options\n\n");
goto end;
}
if ((in == NULL) || (out == NULL))
goto end;
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if (keyfile != NULL)
{
if (newkey < MIN_KEY_LENGTH && (pkey_type == TYPE_RSA || pkey_type == TYPE_DSA))
{
BIO_printf(bio_err,"private key length is too short,\n");
- BIO_printf(bio_err,"it needs to be at least %d bits, not %d\n",MIN_KEY_LENGTH,newkey);
+ BIO_printf(bio_err,"it needs to be at least %d bits, not %ld\n",MIN_KEY_LENGTH,newkey);
goto end;
}
- BIO_printf(bio_err,"Generating a %d bit %s private key\n",
+ BIO_printf(bio_err,"Generating a %ld bit %s private key\n",
newkey,(pkey_type == TYPE_RSA)?"RSA":
(pkey_type == TYPE_DSA)?"DSA":"EC");
int i;
char *p,*q;
char buf[100];
- int nid;
+ int nid, mval;
long n_min,n_max;
char *type,*def,*value;
CONF_VALUE *v;
if(*p) type = p;
break;
}
+ if (*type == '+')
+ {
+ mval = -1;
+ type++;
+ }
+ else
+ mval = 0;
/* If OBJ not recognised ignore it */
if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start;
}
if (!add_DN_object(subj,v->value,def,value,nid,
- n_min,n_max, chtype))
+ n_min,n_max, chtype, mval))
return 0;
}
if (X509_NAME_entry_count(subj) == 0)
for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++)
{
+ int mval;
v=sk_CONF_VALUE_value(dn_sk,i);
p=q=NULL;
type=v->name;
if(*p) type = p;
break;
}
+#ifndef CHARSET_EBCDIC
+ if (*p == '+')
+#else
+ if (*p == os_toascii['+'])
+#endif
+ {
+ p++;
+ mval = -1;
+ }
+ else
+ mval = 0;
if (!X509_NAME_add_entry_by_txt(subj,type, chtype,
- (unsigned char *) v->value,-1,-1,0)) return 0;
+ (unsigned char *) v->value,-1,-1,mval)) return 0;
}
static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
- int nid, int n_min, int n_max, unsigned long chtype)
+ int nid, int n_min, int n_max, unsigned long chtype, int mval)
{
int i,ret=0;
MS_STATIC char buf[1024];
#endif
if(!req_check_len(i, n_min, n_max)) goto start;
if (!X509_NAME_add_entry_by_NID(n,nid, chtype,
- (unsigned char *) buf, -1,-1,0)) goto err;
+ (unsigned char *) buf, -1,-1,mval)) goto err;
ret=1;
err:
return(ret);