/*
- * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
# include <stdlib.h>
# include <string.h>
# include "apps.h"
+# include "progs.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/pem.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
OPT_ENGINE, OPT_CONFIG, OPT_SECTION, OPT_QUERY, OPT_DATA,
- OPT_DIGEST, OPT_RAND, OPT_TSPOLICY, OPT_NO_NONCE, OPT_CERT,
+ OPT_DIGEST, OPT_TSPOLICY, OPT_NO_NONCE, OPT_CERT,
OPT_IN, OPT_TOKEN_IN, OPT_OUT, OPT_TOKEN_OUT, OPT_TEXT,
OPT_REPLY, OPT_QUERYFILE, OPT_PASSIN, OPT_INKEY, OPT_SIGNER,
OPT_CHAIN, OPT_VERIFY, OPT_CAPATH, OPT_CAFILE, OPT_UNTRUSTED,
- OPT_MD, OPT_V_ENUM
+ OPT_MD, OPT_V_ENUM, OPT_R_ENUM
} OPTION_CHOICE;
const OPTIONS ts_options[] = {
{"query", OPT_QUERY, '-', "Generate a TS query"},
{"data", OPT_DATA, '<', "File to hash"},
{"digest", OPT_DIGEST, 's', "Digest (as a hex string)"},
- {"rand", OPT_RAND, 's',
- "Load the file(s) into the random number generator"},
+ OPT_R_OPTIONS,
{"tspolicy", OPT_TSPOLICY, 's', "Policy OID to use"},
{"no_nonce", OPT_NO_NONCE, '-', "Do not include a nonce"},
{"cert", OPT_CERT, '-', "Put cert request into query"},
const char *section = NULL;
char **helpp;
char *password = NULL;
- char *data = NULL, *digest = NULL, *rnd = NULL, *policy = NULL;
+ char *data = NULL, *digest = NULL, *policy = NULL;
char *in = NULL, *out = NULL, *queryfile = NULL, *passin = NULL;
char *inkey = NULL, *signer = NULL, *chain = NULL, *CApath = NULL;
const EVP_MD *md = NULL;
case OPT_DIGEST:
digest = opt_arg();
break;
- case OPT_RAND:
- rnd = opt_arg();
+ case OPT_R_CASES:
+ if (!opt_rand(o))
+ goto end;
break;
case OPT_TSPOLICY:
policy = opt_arg();
if (mode == OPT_ERR || opt_num_rest() != 0)
goto opthelp;
- /* Seed the random number generator if it is going to be used. */
- if (mode == OPT_QUERY && !no_nonce) {
- if (!app_RAND_load_file(NULL, 1) && rnd == NULL)
- BIO_printf(bio_err, "warning, not much extra random "
- "data, consider using the -rand option\n");
- if (rnd != NULL)
- BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
- app_RAND_load_files(rnd));
- }
-
if (mode == OPT_REPLY && passin &&
!app_passwd(passin, NULL, &password, NULL)) {
BIO_printf(bio_err, "Error getting password.\n");
end:
X509_VERIFY_PARAM_free(vpm);
- app_RAND_write_file(NULL);
NCONF_free(conf);
OPENSSL_free(password);
- return (ret);
+ return ret;
}
/*
if (md_value_len < 0)
return 0;
- if (input) {
+ if (input != NULL) {
unsigned char buffer[4096];
int length;
} else {
response = create_response(conf, section, engine, queryfile,
passin, inkey, md, signer, chain, policy);
- if (response)
+ if (response != NULL)
BIO_printf(bio_err, "Response has been generated.\n");
else
BIO_printf(bio_err, "Response is not generated.\n");
const char *serial_file = (const char *)data;
ASN1_INTEGER *serial = next_serial(serial_file);
- if (!serial) {
+ if (serial == NULL) {
TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
"Error during serial number "
"generation.");
TS_RESP_CTX_add_failure_info(ctx, TS_INFO_ADD_INFO_NOT_AVAILABLE);
- } else
+ } else {
save_ts_serial(serial_file, serial);
+ }
return serial;
}
goto err;
if ((ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL)) == NULL)
goto err;
- } else
+ } else {
return NULL;
+ }
/* Add the signature verification flag and arguments. */
TS_VERIFY_CTX_add_flags(ctx, f | TS_VFY_SIGNATURE);
projects / openssl.git / blobdiff