#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/ts.h>
+#include <openssl/bn.h>
#undef PROG
#define PROG ts_main
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
}
+ if (!load_config(bio_err, NULL))
+ goto cleanup;
+
for (argc--, argv++; argc > 0; argc--, argv++)
{
if (strcmp(*argv, "-config") == 0)
if (argc-- < 1) goto usage;
digest = *++argv;
}
- else if (strcmp(*argv, "-md2") == 0
- || strcmp(*argv, "-md4") == 0
- || strcmp(*argv, "-md5") == 0
- || strcmp(*argv, "-sha") == 0
- || strcmp(*argv, "-sha1") == 0
- || strcmp(*argv, "-mdc2") == 0
- || strcmp(*argv, "-ripemd160") == 0)
- {
- md = EVP_get_digestbyname(*argv + 1);
- }
else if (strcmp(*argv, "-rand") == 0)
{
if (argc-- < 1) goto usage;
if (argc-- < 1) goto usage;
engine = *++argv;
}
+ else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL)
+ {
+ /* empty. */
+ }
else
goto usage;
}
int md_value_len;
md_value_len = EVP_MD_size(md);
+ if (md_value_len < 0)
+ goto err;
if (input)
{
/* Digest must be computed from an input file. */
/* Generating random byte sequence. */
if (len > (int)sizeof(buf)) goto err;
- if (!RAND_bytes(buf, len)) goto err;
+ if (RAND_bytes(buf, len) <= 0) goto err;
/* Find the first non-zero byte and creating ASN1_INTEGER object. */
for (i = 0; i < len && !buf[i]; ++i);
/* Setting serial number provider callback. */
if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) goto end;
-
+#ifndef OPENSSL_NO_ENGINE
/* Setting default OpenSSL engine. */
if (!TS_CONF_set_crypto_device(conf, section, engine)) goto end;
+#endif
/* Setting TSA signer certificate. */
if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) goto end;
if (!(request = d2i_TS_REQ_bio(input, NULL))) goto err;
if (!(ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL))) goto err;
}
+ else
+ return NULL;
/* Add the signature verification flag and arguments. */
ctx->flags |= TS_VFY_SIGNATURE;
cert_ctx = X509_STORE_new();
/* Setting the callback for certificate chain verification. */
- X509_STORE_set_verify_cb_func(cert_ctx, verify_cb);
+ X509_STORE_set_verify_cb(cert_ctx, verify_cb);
/* Adding a trusted certificate directory source. */
if (ca_path)