#include "bn.h"
#include "evp.h"
#include "x509.h"
+#include "x509v3.h"
#include "objects.h"
#include "pem.h"
" missing, it is asssumed to be in the CA file.\n",
" -CAcreateserial - create serial number file if it does not exist\n",
" -CAserial - serial file\n",
-" -text - print the certitificate in text form\n",
+" -text - print the certificate in text form\n",
" -C - print out C code forms\n",
" -md2/-md5/-sha1/-mdc2 - digest to do an RSA sign with\n",
NULL
static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx);
static EVP_PKEY *load_key(char *file, int format);
static X509 *load_cert(char *file, int format);
-static int sign (X509 *x, EVP_PKEY *pkey,int days,EVP_MD *digest);
-static int x509_certify (X509_STORE *ctx,char *CAfile, EVP_MD *digest,X509 *x,
- X509 *xca, EVP_PKEY *pkey,char *serial, int create, int days);
+static int sign (X509 *x, EVP_PKEY *pkey,int days,const EVP_MD *digest);
+static int x509_certify (X509_STORE *ctx,char *CAfile,const EVP_MD *digest,
+ X509 *x,X509 *xca,EVP_PKEY *pkey,char *serial,
+ int create,int days);
#else
static int MS_CALLBACK callb();
static EVP_PKEY *load_key();
X509_REQ *rq=NULL;
int fingerprint=0;
char buf[256];
- EVP_MD *md_alg,*digest=EVP_md5();
+ const EVP_MD *md_alg,*digest=EVP_md5();
reqfile=0;
}
ERR_load_crypto_strings();
+ X509V3_add_standard_extensions();
if (!X509_STORE_set_default_paths(ctx))
{
goto end;
}
i=X509_REQ_verify(req,pkey);
+ EVP_PKEY_free(pkey);
if (i < 0)
{
BIO_printf(bio_err,"Signature verification error\n");
ci->key=req->req_info->pubkey;
req->req_info->pubkey=NULL;
#else
- X509_set_pubkey(x,X509_REQ_get_pubkey(req));
+ pkey = X509_REQ_get_pubkey(req);
+ X509_set_pubkey(x,pkey);
+ EVP_PKEY_free(pkey);
#endif
}
else
BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x));
}
else
-#ifndef NO_RSA
if (modulus == i)
{
EVP_PKEY *pkey;
goto end;
}
BIO_printf(STDout,"Modulus=");
+#ifndef NO_RSA
if (pkey->type == EVP_PKEY_RSA)
BN_print(STDout,pkey->pkey.rsa->n);
else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ BN_print(STDout,pkey->pkey.dsa->pub_key);
+ else
+#endif
BIO_printf(STDout,"Wrong Algorithm type");
BIO_printf(STDout,"\n");
+ EVP_PKEY_free(pkey);
}
else
-#endif
if (C == i)
{
unsigned char *d;
else if (startdate == i)
{
BIO_puts(STDout,"notBefore=");
- ASN1_UTCTIME_print(STDout,X509_get_notBefore(x));
+ ASN1_TIME_print(STDout,X509_get_notBefore(x));
BIO_puts(STDout,"\n");
}
else if (enddate == i)
{
BIO_puts(STDout,"notAfter=");
- ASN1_UTCTIME_print(STDout,X509_get_notAfter(x));
+ ASN1_TIME_print(STDout,X509_get_notAfter(x));
BIO_puts(STDout,"\n");
}
else if (fingerprint == i)
if (Upkey != NULL) EVP_PKEY_free(Upkey);
if (CApkey != NULL) EVP_PKEY_free(CApkey);
if (rq != NULL) X509_REQ_free(rq);
+ X509V3_EXT_cleanup();
EXIT(ret);
}
static int x509_certify(ctx,CAfile,digest,x,xca,pkey,serialfile,create,days)
X509_STORE *ctx;
char *CAfile;
-EVP_MD *digest;
+const EVP_MD *digest;
X509 *x;
X509 *xca;
EVP_PKEY *pkey;
X509_STORE_CTX xsc;
EVP_PKEY *upkey;
- EVP_PKEY_copy_parameters(X509_get_pubkey(xca),pkey);
+ upkey = X509_get_pubkey(xca);
+ EVP_PKEY_copy_parameters(upkey,pkey);
+ EVP_PKEY_free(upkey);
X509_STORE_CTX_init(&xsc,ctx,x,NULL);
buf=(char *)Malloc(EVP_PKEY_size(pkey)*2+
/* Force a re-write */
X509_set_pubkey(x,upkey);
}
+ EVP_PKEY_free(upkey);
if (!X509_sign(x,pkey,digest)) goto end;
ret=1;
X509 *x;
EVP_PKEY *pkey;
int days;
-EVP_MD *digest;
+const EVP_MD *digest;
{
- EVP_PKEY_copy_parameters(X509_get_pubkey(x),pkey);
- EVP_PKEY_save_parameters(X509_get_pubkey(x),1);
+ EVP_PKEY *pktmp;
+
+ pktmp = X509_get_pubkey(x);
+ EVP_PKEY_copy_parameters(pktmp,pkey);
+ EVP_PKEY_save_parameters(pktmp,1);
+ EVP_PKEY_free(pktmp);
if (!X509_set_issuer_name(x,X509_get_subject_name(x))) goto err;
if (X509_gmtime_adj(X509_get_notBefore(x),0) == NULL) goto err;
projects / openssl.git / blobdiff