* -config file - Load configuration file.
* -key file - make a request using key in file (or use it for verification).
* -keyform - key file format.
+ * -rand file(s) - load the file(s) into the PRNG.
* -newkey - make a key and a request.
* -modulus - print RSA modulus.
* -x509 - output a self signed X509 structure instead.
int i,badops=0,newreq=0,newkey= -1,pkey_type=0;
BIO *in=NULL,*out=NULL;
int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
- int nodes=0,kludge=0;
+ int nodes=0,kludge=0,newhdr=0;
char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
char *extensions = NULL;
char *req_exts = NULL;
EVP_CIPHER *cipher=NULL;
int modulus=0;
+ char *inrand=NULL;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
char *p;
if (--argc < 1) goto bad;
passargout= *(++argv);
}
+ else if (strcmp(*argv,"-rand") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inrand= *(++argv);
+ }
else if (strcmp(*argv,"-newkey") == 0)
{
int is_numeric;
newreq=1;
}
+ else if (strcmp(*argv,"-newhdr") == 0)
+ newhdr=1;
else if (strcmp(*argv,"-modulus") == 0)
modulus=1;
else if (strcmp(*argv,"-verify") == 0)
BIO_printf(bio_err," -key file use the private key contained in file\n");
BIO_printf(bio_err," -keyform arg key file format\n");
BIO_printf(bio_err," -keyout arg file to send the key to\n");
+ BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+ BIO_printf(bio_err," load the file (or the files in the directory) into\n");
+ BIO_printf(bio_err," the random number generator\n");
BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
BIO_printf(bio_err," -new new request.\n");
BIO_printf(bio_err," -x509 output a x509 structure instead of a cert. req.\n");
BIO_printf(bio_err," -days number of days a x509 generated by -x509 is valid for.\n");
+ BIO_printf(bio_err," -newhdr output \"NEW\" in the header lines\n");
BIO_printf(bio_err," -asn1-kludge Output the 'request' in a format that is wrong but some CA's\n");
BIO_printf(bio_err," have been reported as requiring\n");
BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n");
if (newreq && (pkey == NULL))
{
- char *randfile = CONF_get_string(req_conf,SECTION,"RANDFILE");
+ char *randfile;
+
+ if (inrand)
+ randfile = inrand;
+ else
+ randfile = CONF_get_string(req_conf,SECTION,"RANDFILE");
app_RAND_load_file(randfile, bio_err, 0);
if (newkey <= 0)
{
if (outformat == FORMAT_ASN1)
i=i2d_X509_REQ_bio(out,req);
- else if (outformat == FORMAT_PEM)
- i=PEM_write_bio_X509_REQ(out,req);
- else {
+ else if (outformat == FORMAT_PEM) {
+ if(newhdr) i=PEM_write_bio_X509_REQ_NEW(out,req);
+ else i=PEM_write_bio_X509_REQ(out,req);
+ } else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
goto end;
}
EVP_PKEY_free(pkey);
X509_REQ_free(req);
X509_free(x509ss);
- if(passin) Free(passin);
- if(passout) Free(passout);
+ if(passargin && passin) OPENSSL_free(passin);
+ if(passargout && passout) OPENSSL_free(passout);
OBJ_cleanup();
#ifndef NO_DSA
if (dsa_params != NULL) DSA_free(dsa_params);
for (i = 0; i < sk_CONF_VALUE_num(attr_sk); i++)
{
v=sk_CONF_VALUE_value(attr_sk,i);
- if(!X509_REQ_radd_attr_by_txt(req, v->name, MBSTRING_ASC,
+ if(!X509_REQ_add1_attr_by_txt(req, v->name, MBSTRING_ASC,
(unsigned char *)v->value, -1)) return 0;
}
}
buf[--i]='\0';
if(!req_check_len(i, min, max)) goto start;
- if(!X509_REQ_radd_attr_by_NID(req, nid, MBSTRING_ASC,
+ if(!X509_REQ_add1_attr_by_NID(req, nid, MBSTRING_ASC,
(unsigned char *)buf, -1)) {
BIO_printf(bio_err, "Error adding attribute\n");
ERR_print_errors(bio_err);
projects / openssl.git / blobdiff