#undef PROG
#define PROG dgst_main
-void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout,
- EVP_PKEY *key, unsigned char *sigin, unsigned int siglen);
+void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
+ EVP_PKEY *key, unsigned char *sigin, int siglen);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
+ ENGINE *e = NULL;
unsigned char *buf=NULL;
int i,err=0;
const EVP_MD *md=NULL,*m;
char pname[PROG_NAME_SIZE];
int separator=0;
int debug=0;
+ int keyform=FORMAT_PEM;
const char *outfile = NULL, *keyfile = NULL;
const char *sigfile = NULL, *randfile = NULL;
- char out_bin = -1, want_pub = 0, do_verify = 0;
+ int out_bin = -1, want_pub = 0, do_verify = 0;
EVP_PKEY *sigkey = NULL;
unsigned char *sigbuf = NULL;
- unsigned int siglen = 0;
+ int siglen = 0;
+ char *engine=NULL;
apps_startup();
if (--argc < 1) break;
sigfile=*(++argv);
}
+ else if (strcmp(*argv,"-keyform") == 0)
+ {
+ if (--argc < 1) break;
+ keyform=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-engine") == 0)
+ {
+ if (--argc < 1) break;
+ engine= *(++argv);
+ }
else if (strcmp(*argv,"-hex") == 0)
out_bin = 0;
else if (strcmp(*argv,"-binary") == 0)
BIO_printf(bio_err,"-sign file sign digest using private key in file\n");
BIO_printf(bio_err,"-verify file verify a signature using public key in file\n");
BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n");
+ BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n");
BIO_printf(bio_err,"-signature file signature to verify\n");
BIO_printf(bio_err,"-binary output in binary form\n");
+ BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
LN_md5,LN_md5);
goto end;
}
+ e = setup_engine(bio_err, engine, 0);
+
in=BIO_new(BIO_s_file());
bmd=BIO_new(BIO_f_md());
if (debug)
if(out_bin)
out = BIO_new_file(outfile, "wb");
else out = BIO_new_file(outfile, "w");
- } else out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ } else {
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+#endif
+ }
if(!out) {
BIO_printf(bio_err, "Error opening output file %s\n",
goto end;
}
- if(keyfile) {
- BIO *keybio;
- keybio = BIO_new_file(keyfile, "r");
- if(!keybio) {
- BIO_printf(bio_err, "Error opening key file %s\n",
- keyfile);
- ERR_print_errors(bio_err);
- goto end;
- }
-
- if(want_pub)
- sigkey = PEM_read_bio_PUBKEY(keybio, NULL, NULL, NULL);
- else sigkey = PEM_read_bio_PrivateKey(keybio, NULL, NULL, NULL);
- BIO_free(keybio);
- if(!sigkey) {
- BIO_printf(bio_err, "Error reading key file %s\n",
- keyfile);
- ERR_print_errors(bio_err);
+ if(keyfile)
+ {
+ if (want_pub)
+ sigkey = load_pubkey(bio_err, keyfile, keyform, NULL,
+ e, "key file");
+ else
+ sigkey = load_key(bio_err, keyfile, keyform, NULL,
+ e, "key file");
+ if (!sigkey)
+ {
+ /* load_[pub]key() has already printed an appropriate
+ message */
goto end;
+ }
}
- }
if(sigfile && sigkey) {
BIO *sigbio;
}
siglen = BIO_read(sigbio, sigbuf, siglen);
BIO_free(sigbio);
- if(siglen == 0) {
+ if(siglen <= 0) {
BIO_printf(bio_err, "Error reading signature file %s\n",
sigfile);
ERR_print_errors(bio_err);
OPENSSL_free(buf);
}
if (in != NULL) BIO_free(in);
- BIO_free(out);
+ BIO_free_all(out);
EVP_PKEY_free(sigkey);
if(sigbuf) OPENSSL_free(sigbuf);
if (bmd != NULL) BIO_free(bmd);
+ apps_shutdown();
EXIT(err);
}
-void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout,
- EVP_PKEY *key, unsigned char *sigin, unsigned int siglen)
+void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
+ EVP_PKEY *key, unsigned char *sigin, int siglen)
{
int len;
int i;
{
EVP_MD_CTX *ctx;
BIO_get_md_ctx(bp, &ctx);
- i = EVP_VerifyFinal(ctx, sigin, siglen, key);
+ i = EVP_VerifyFinal(ctx, sigin, (unsigned int)siglen, key);
if(i > 0) BIO_printf(out, "Verified OK\n");
else if(i == 0) BIO_printf(out, "Verification Failure\n");
else