#include <openssl/x509v3.h>
#include <openssl/objects.h>
#include <openssl/pem.h>
-#include <openssl/engine.h>
#ifndef W_OK
# ifdef VMS
" -days arg - number of days to certify the certificate for\n",
" -md arg - md to use, one of md2, md5, sha or sha1\n",
" -policy arg - The CA 'policy' to support\n",
-" -keyfile arg - private key file\n",
-" -keyform arg - private key file format (PEM or ENGINE)\n",
+" -keyfile arg - PEM private key file\n",
" -key arg - key to decode the private key if it is encrypted\n",
" -cert file - The CA certificate\n",
" -in file - The input PEM encoded certificate request(s)\n",
" -revoke file - Revoke a certificate (given in file)\n",
" -extensions .. - Extension section (override value in config file)\n",
" -crlexts .. - CRL extension section (override value in config file)\n",
-" -engine e - use engine e, possibly a hardware device.\n",
NULL
};
#endif
static void lookup_fail(char *name,char *tag);
-static unsigned long index_serial_hash(const char **a);
-static int index_serial_cmp(const char **a, const char **b);
-static unsigned long index_name_hash(const char **a);
+static unsigned long index_serial_hash(char **a);
+static int index_serial_cmp(char **a, char **b);
+static unsigned long index_name_hash(char **a);
static int index_name_qual(char **a);
-static int index_name_cmp(const char **a,const char **b);
+static int index_name_cmp(char **a,char **b);
static BIGNUM *load_serial(char *serialfile);
static int save_serial(char *serialfile, BIGNUM *serial);
static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
static int preserve=0;
static int msie_hack=0;
-static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **);
-static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **);
-static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **);
-static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **);
-
-
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
- ENGINE *e = NULL;
char *key=NULL,*passargin=NULL;
int total=0;
int total_done=0;
char *policy=NULL;
char *keyfile=NULL;
char *certfile=NULL;
- int keyform=FORMAT_PEM;
char *infile=NULL;
char *spkac_file=NULL;
char *ss_cert_file=NULL;
#define BSIZE 256
MS_STATIC char buf[3][BSIZE];
char *randfile=NULL;
- char *engine = NULL;
#ifdef EFENCE
EF_PROTECT_FREE=1;
if (--argc < 1) goto bad;
keyfile= *(++argv);
}
- else if (strcmp(*argv,"-keyform") == 0)
- {
- if (--argc < 1) goto bad;
- keyform=str2fmt(*(++argv));
- }
else if (strcmp(*argv,"-passin") == 0)
{
if (--argc < 1) goto bad;
if (--argc < 1) goto bad;
crl_ext= *(++argv);
}
- else if (strcmp(*argv,"-engine") == 0)
- {
- if (--argc < 1) goto bad;
- engine= *(++argv);
- }
else
{
bad:
ERR_load_crypto_strings();
- if (engine != NULL)
- {
- if((e = ENGINE_by_id(engine)) == NULL)
- {
- BIO_printf(bio_err,"invalid engine \"%s\"\n",
- engine);
- goto err;
- }
- if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
- {
- BIO_printf(bio_err,"can't use that engine\n");
- goto err;
- }
- BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
- /* Free our "structural" reference. */
- ENGINE_free(e);
- }
-
/*****************************************************************/
if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
BIO_printf(bio_err,"Error getting password\n");
goto err;
}
- if (keyform == FORMAT_ENGINE)
- {
- if (!e)
- {
- BIO_printf(bio_err,"no engine specified\n");
- goto err;
- }
- pkey = ENGINE_load_private_key(e, keyfile, key);
- }
- else if (keyform == FORMAT_PEM)
+ if (BIO_read_filename(in,keyfile) <= 0)
{
- if (BIO_read_filename(in,keyfile) <= 0)
- {
- perror(keyfile);
- BIO_printf(bio_err,"trying to load CA private key\n");
- goto err;
- }
- pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key);
- }
- else
- {
- BIO_printf(bio_err,"bad input format specified for key file\n");
+ perror(keyfile);
+ BIO_printf(bio_err,"trying to load CA private key\n");
goto err;
}
- if(key) memset(key,0,strlen(key));
+ pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key);
+ if(key) memset(key,0,strlen(key));
if (pkey == NULL)
{
BIO_printf(bio_err,"unable to load CA private key\n");
BIO_printf(bio_err,"generating index\n");
}
- if (!TXT_DB_create_index(db, DB_serial, NULL,
- LHASH_HASH_FN(index_serial_hash),
- LHASH_COMP_FN(index_serial_cmp)))
+ if (!TXT_DB_create_index(db,DB_serial,NULL,index_serial_hash,
+ index_serial_cmp))
{
BIO_printf(bio_err,"error creating serial number index:(%ld,%ld,%ld)\n",db->error,db->arg1,db->arg2);
goto err;
}
- if (!TXT_DB_create_index(db, DB_name, index_name_qual,
- LHASH_HASH_FN(index_name_hash),
- LHASH_COMP_FN(index_name_cmp)))
+ if (!TXT_DB_create_index(db,DB_name,index_name_qual,index_name_hash,
+ index_name_cmp))
{
BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n",
db->error,db->arg1,db->arg2);
BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag);
}
-static unsigned long index_serial_hash(const char **a)
+static unsigned long index_serial_hash(char **a)
{
- const char *n;
+ char *n;
n=a[DB_serial];
while (*n == '0') n++;
return(lh_strhash(n));
}
-static int index_serial_cmp(const char **a, const char **b)
+static int index_serial_cmp(char **a, char **b)
{
- const char *aa,*bb;
+ char *aa,*bb;
for (aa=a[DB_serial]; *aa == '0'; aa++);
for (bb=b[DB_serial]; *bb == '0'; bb++);
return(strcmp(aa,bb));
}
-static unsigned long index_name_hash(const char **a)
+static unsigned long index_name_hash(char **a)
{ return(lh_strhash(a[DB_name])); }
static int index_name_qual(char **a)
{ return(a[0][0] == 'V'); }
-static int index_name_cmp(const char **a, const char **b)
+static int index_name_cmp(char **a, char **b)
{ return(strcmp(a[DB_name],
b[DB_name])); }
goto err;
}
- else if (index_name_cmp((const char **)row,(const char **)rrow))
+ else if (index_name_cmp(row,rrow))
{
BIO_printf(bio_err,"ERROR:name does not match %s\n",
row[DB_name]);
projects / oweals / openssl.git / blobdiff