/* apps/spkac.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999. Based on an original idea by Massimiliano Pala
* (madwolf@openca.org).
*/
#include <openssl/lhash.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
-#include <openssl/engine.h>
#undef PROG
#define PROG spkac_main
int verify=0,noout=0,pubkey=0;
char *infile = NULL,*outfile = NULL,*prog;
char *passargin = NULL, *passin = NULL;
- char *spkac = "SPKAC", *spksect = "default", *spkstr = NULL;
+ const char *spkac = "SPKAC", *spksect = "default";
+ char *spkstr = NULL;
char *challenge = NULL, *keyfile = NULL;
- LHASH *conf = NULL;
+ CONF *conf = NULL;
NETSCAPE_SPKI *spki = NULL;
EVP_PKEY *pkey = NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
apps_startup();
if (!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+ if (!load_config(bio_err, NULL))
+ goto end;
+
prog=argv[0];
argc--;
argv++;
if (--argc < 1) goto bad;
spksect= *(++argv);
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-pubkey") == 0)
BIO_printf(bio_err," -noout don't print SPKAC\n");
BIO_printf(bio_err," -pubkey output public key\n");
BIO_printf(bio_err," -verify verify SPKAC signature\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
+#endif
goto end;
}
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if(keyfile) {
pkey = load_key(bio_err,
strcmp(keyfile, "-") ? keyfile : NULL,
- FORMAT_PEM, passin, e, "private key");
+ FORMAT_PEM, 1, passin, e, "private key");
if(!pkey) {
goto end;
}
spki = NETSCAPE_SPKI_new();
if(challenge) ASN1_STRING_set(spki->spkac->challenge,
- challenge, strlen(challenge));
+ challenge, (int)strlen(challenge));
NETSCAPE_SPKI_set_pubkey(spki, pkey);
NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
spkstr = NETSCAPE_SPKI_b64_encode(spki);
goto end;
}
- conf = CONF_load_bio(NULL, in, NULL);
+ conf = NCONF_new(NULL);
+ i = NCONF_load_bio(conf, in, NULL);
- if(!conf) {
+ if(!i) {
BIO_printf(bio_err, "Error parsing config file\n");
ERR_print_errors(bio_err);
goto end;
}
- spkstr = CONF_get_string(conf, spksect, spkac);
+ spkstr = NCONF_get_string(conf, spksect, spkac);
if(!spkstr) {
BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", spkac);
pkey = NETSCAPE_SPKI_get_pubkey(spki);
if(verify) {
i = NETSCAPE_SPKI_verify(spki, pkey);
- if(i) BIO_printf(bio_err, "Signature OK\n");
+ if (i > 0) BIO_printf(bio_err, "Signature OK\n");
else {
BIO_printf(bio_err, "Signature Failure\n");
ERR_print_errors(bio_err);
ret = 0;
end:
- CONF_free(conf);
+ NCONF_free(conf);
NETSCAPE_SPKI_free(spki);
BIO_free(in);
BIO_free_all(out);
EVP_PKEY_free(pkey);
if(passin) OPENSSL_free(passin);
apps_shutdown();
- EXIT(ret);
+ OPENSSL_EXIT(ret);
}