#include <openssl/x509v3.h>
#include <openssl/objects.h>
#include <openssl/pem.h>
-#include <openssl/engine.h>
#ifndef W_OK
# ifdef VMS
" -days arg - number of days to certify the certificate for\n",
" -md arg - md to use, one of md2, md5, sha or sha1\n",
" -policy arg - The CA 'policy' to support\n",
-" -keyfile arg - private key file\n",
-" -keyform arg - private key file format (PEM or ENGINE)\n",
+" -keyfile arg - PEM private key file\n",
" -key arg - key to decode the private key if it is encrypted\n",
" -cert file - The CA certificate\n",
" -in file - The input PEM encoded certificate request(s)\n",
" -revoke file - Revoke a certificate (given in file)\n",
" -extensions .. - Extension section (override value in config file)\n",
" -crlexts .. - CRL extension section (override value in config file)\n",
-" -engine e - use engine e, possibly a hardware device.\n",
NULL
};
int MAIN(int argc, char **argv)
{
- ENGINE *e = NULL;
char *key=NULL,*passargin=NULL;
int total=0;
int total_done=0;
char *policy=NULL;
char *keyfile=NULL;
char *certfile=NULL;
- int keyform=FORMAT_PEM;
char *infile=NULL;
char *spkac_file=NULL;
char *ss_cert_file=NULL;
#define BSIZE 256
MS_STATIC char buf[3][BSIZE];
char *randfile=NULL;
- char *engine = NULL;
#ifdef EFENCE
EF_PROTECT_FREE=1;
if (--argc < 1) goto bad;
keyfile= *(++argv);
}
- else if (strcmp(*argv,"-keyform") == 0)
- {
- if (--argc < 1) goto bad;
- keyform=str2fmt(*(++argv));
- }
else if (strcmp(*argv,"-passin") == 0)
{
if (--argc < 1) goto bad;
if (--argc < 1) goto bad;
crl_ext= *(++argv);
}
- else if (strcmp(*argv,"-engine") == 0)
- {
- if (--argc < 1) goto bad;
- engine= *(++argv);
- }
else
{
bad:
ERR_load_crypto_strings();
- if (engine != NULL)
- {
- if((e = ENGINE_by_id(engine)) == NULL)
- {
- BIO_printf(bio_err,"invalid engine \"%s\"\n",
- engine);
- goto err;
- }
- if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
- {
- BIO_printf(bio_err,"can't use that engine\n");
- goto err;
- }
- BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
- /* Free our "structural" reference. */
- ENGINE_free(e);
- }
-
/*****************************************************************/
if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
BIO_printf(bio_err,"Error getting password\n");
goto err;
}
- if (keyform == FORMAT_ENGINE)
- {
- if (!e)
- {
- BIO_printf(bio_err,"no engine specified\n");
- goto err;
- }
- pkey = ENGINE_load_private_key(e, keyfile, key);
- }
- else if (keyform == FORMAT_PEM)
- {
- if (BIO_read_filename(in,keyfile) <= 0)
- {
- perror(keyfile);
- BIO_printf(bio_err,"trying to load CA private key\n");
- goto err;
- }
- pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key);
- }
- else
+ if (BIO_read_filename(in,keyfile) <= 0)
{
- BIO_printf(bio_err,"bad input format specified for key file\n");
+ perror(keyfile);
+ BIO_printf(bio_err,"trying to load CA private key\n");
goto err;
}
- if(key) memset(key,0,strlen(key));
+ pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key);
+ if(key) memset(key,0,strlen(key));
if (pkey == NULL)
{
BIO_printf(bio_err,"unable to load CA private key\n");