X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;ds=sidebyside;f=apps%2Fx509.c;h=aa06462b9f41b3c506ccab6a4fd1f6afeaa2b35e;hb=b7910992d83bffebbc68ac7c1406e2fbf91e2304;hp=f18aaf5d9f9bf72ada804da7a2e0d0d5f5f279e6;hpb=b7a26e6dafdbf97513e968a45757a4d4e9843ba2;p=oweals%2Fopenssl.git

diff --git a/apps/x509.c b/apps/x509.c
index f18aaf5d9f..aa06462b9f 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -73,7 +73,6 @@
 #include <openssl/x509v3.h>
 #include <openssl/objects.h>
 #include <openssl/pem.h>
-#include <openssl/engine.h>
 
 #undef PROG
 #define PROG x509_main
@@ -192,6 +191,9 @@ int MAIN(int argc, char **argv)
 
 	if (bio_err == NULL)
 		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+	if (!load_config(bio_err, NULL))
+		goto end;
 	STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
 	{
@@ -243,7 +245,7 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-CAkeyform") == 0)
 			{
 			if (--argc < 1) goto bad;
-			CAformat=str2fmt(*(++argv));
+			CAkeyformat=str2fmt(*(++argv));
 			}
 		else if (strcmp(*argv,"-days") == 0)
 			{
@@ -859,14 +861,18 @@ bad:
 				if (Upkey == NULL)
 					{
 					Upkey=load_key(bio_err,
-						keyfile,keyformat, passin, e,
-						"Private key");
+						keyfile, keyformat, 0,
+						passin, e, "Private key");
 					if (Upkey == NULL) goto end;
 					}
 #ifndef OPENSSL_NO_DSA
 		                if (Upkey->type == EVP_PKEY_DSA)
 		                        digest=EVP_dss1();
 #endif
+#ifndef OPENSSL_NO_ECDSA
+				if (Upkey->type == EVP_PKEY_EC)
+					digest=EVP_ecdsa();
+#endif
 
 				assert(need_rand);
 				if (!sign(x,Upkey,days,clrext,digest,
@@ -878,14 +884,19 @@ bad:
 				if (CAkeyfile != NULL)
 					{
 					CApkey=load_key(bio_err,
-						CAkeyfile,CAkeyformat, passin,
-						e, "CA Private Key");
+						CAkeyfile, CAkeyformat,
+						0, passin, e,
+						"CA Private Key");
 					if (CApkey == NULL) goto end;
 					}
 #ifndef OPENSSL_NO_DSA
 		                if (CApkey->type == EVP_PKEY_DSA)
 		                        digest=EVP_dss1();
 #endif
+#ifndef OPENSSL_NO_ECDSA
+				if (CApkey->type == EVP_PKEY_EC)
+					digest = EVP_ecdsa();
+#endif
 				
 				assert(need_rand);
 				if (!x509_certify(ctx,CAfile,digest,x,xca,
@@ -906,15 +917,21 @@ bad:
 				else
 					{
 					pk=load_key(bio_err,
-						keyfile,FORMAT_PEM, passin, e,
-						"request key");
+						keyfile, FORMAT_PEM, 0,
+						passin, e, "request key");
 					if (pk == NULL) goto end;
 					}
 
 				BIO_printf(bio_err,"Generating certificate request\n");
 
+#ifndef OPENSSL_NO_DSA
 		                if (pk->type == EVP_PKEY_DSA)
 		                        digest=EVP_dss1();
+#endif
+#ifndef OPENSSL_NO_ECDSA
+				if (pk->type == EVP_PKEY_EC)
+					digest=EVP_ecdsa();
+#endif
 
 				rq=X509_to_X509_REQ(x,pk,digest);
 				EVP_PKEY_free(pk);
@@ -1128,7 +1145,11 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
 	EVP_PKEY_copy_parameters(upkey,pkey);
 	EVP_PKEY_free(upkey);
 
-	X509_STORE_CTX_init(&xsc,ctx,x,NULL);
+	if(!X509_STORE_CTX_init(&xsc,ctx,x,NULL))
+		{
+		BIO_printf(bio_err,"Error initialising X509 store\n");
+		goto end;
+		}
 	if (sno) bs = sno;
 	else if (!(bs = load_serial(CAfile, serialfile, create)))
 		goto end;