From 11503177d1842dcb070fb93bac3d96d0f59f78e0 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Ulf=20M=C3=B6ller?= Date: Sun, 26 Feb 2006 23:34:53 +0000 Subject: [PATCH] TS bugfixes: Do not hardcode message digest algorithms; fix ASN1 decoding. Submitted by: Zoltan Glozik --- apps/ts.c | 14 ++++---------- crypto/ts/ts_asn1.c | 4 ++-- doc/apps/ts.pod | 8 +++++--- 3 files changed, 11 insertions(+), 15 deletions(-) diff --git a/apps/ts.c b/apps/ts.c index b8fb50b3b5..0083f9a1e1 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -191,16 +191,6 @@ int MAIN(int argc, char **argv) if (argc-- < 1) goto usage; digest = *++argv; } - else if (strcmp(*argv, "-md2") == 0 - || strcmp(*argv, "-md4") == 0 - || strcmp(*argv, "-md5") == 0 - || strcmp(*argv, "-sha") == 0 - || strcmp(*argv, "-sha1") == 0 - || strcmp(*argv, "-mdc2") == 0 - || strcmp(*argv, "-ripemd160") == 0) - { - md = EVP_get_digestbyname(*argv + 1); - } else if (strcmp(*argv, "-rand") == 0) { if (argc-- < 1) goto usage; @@ -296,6 +286,10 @@ int MAIN(int argc, char **argv) if (argc-- < 1) goto usage; engine = *++argv; } + else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL) + { + /* empty. */ + } else goto usage; } diff --git a/crypto/ts/ts_asn1.c b/crypto/ts/ts_asn1.c index 808d419c4b..f68650595b 100644 --- a/crypto/ts/ts_asn1.c +++ b/crypto/ts/ts_asn1.c @@ -89,7 +89,7 @@ ASN1_SEQUENCE(TS_REQ) = { ASN1_SIMPLE(TS_REQ, msg_imprint, TS_MSG_IMPRINT), ASN1_OPT(TS_REQ, policy_id, ASN1_OBJECT), ASN1_OPT(TS_REQ, nonce, ASN1_INTEGER), - ASN1_OPT(TS_REQ, cert_req, ASN1_BOOLEAN), + ASN1_OPT(TS_REQ, cert_req, ASN1_FBOOLEAN), ASN1_IMP_SEQUENCE_OF_OPT(TS_REQ, extensions, X509_EXTENSION, 0) } ASN1_SEQUENCE_END(TS_REQ) @@ -134,7 +134,7 @@ ASN1_SEQUENCE(TS_TST_INFO) = { ASN1_SIMPLE(TS_TST_INFO, serial, ASN1_INTEGER), ASN1_SIMPLE(TS_TST_INFO, time, ASN1_GENERALIZEDTIME), ASN1_OPT(TS_TST_INFO, accuracy, TS_ACCURACY), - ASN1_OPT(TS_TST_INFO, ordering, ASN1_BOOLEAN), + ASN1_OPT(TS_TST_INFO, ordering, ASN1_FBOOLEAN), ASN1_OPT(TS_TST_INFO, nonce, ASN1_INTEGER), ASN1_EXP_OPT(TS_TST_INFO, tsa, GENERAL_NAME, 0), ASN1_IMP_SEQUENCE_OF_OPT(TS_TST_INFO, extensions, X509_EXTENSION, 1) diff --git a/doc/apps/ts.pod b/doc/apps/ts.pod index 95da5b7b5c..a630762f19 100644 --- a/doc/apps/ts.pod +++ b/doc/apps/ts.pod @@ -12,7 +12,7 @@ B<-query> [B<-config> configfile] [B<-data> file_to_hash] [B<-digest> digest_bytes] -[B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>] +[B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...>] [B<-policy> object_id] [B<-no_nonce>] [B<-cert>] @@ -124,9 +124,11 @@ per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or 1AF601...). The number of bytes must match the message digest algorithm in use. (Optional) -=item B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160> +=item B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...> -The message digest to apply to the data file. The default is SHA-1. (Optional) +The message digest to apply to the data file, it supports all the message +digest algorithms that are supported by the openssl B command. +The default is SHA-1. (Optional) =item B<-policy> object_id -- 2.34.1