From: Dr. Stephen Henson Date: Fri, 3 Dec 2004 12:26:56 +0000 (+0000) Subject: Add -passin argument to dgst command. X-Git-Tag: BEN_FIPS_TEST_6~14^2~8 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=5b40d7dd9784fe2914095717a591fd59a3f9d7e5;p=oweals%2Fopenssl.git Add -passin argument to dgst command. --- diff --git a/CHANGES b/CHANGES index 9617f5212f..18b5c23a33 100644 --- a/CHANGES +++ b/CHANGES @@ -745,6 +745,9 @@ Changes between 0.9.7e and 0.9.7f [XX xxx XXXX] + *) Add new -passin argument to dgst. + [Steve Henson] + *) Perform some character comparisons of different types in X509_NAME_cmp: this is needed for some certificates that reencode DNs into UTF8Strings (in violation of RFC3280) and can't or wont issue name rollover diff --git a/apps/dgst.c b/apps/dgst.c index 3025314911..c13535f3b2 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -100,6 +100,7 @@ int MAIN(int argc, char **argv) EVP_PKEY *sigkey = NULL; unsigned char *sigbuf = NULL; int siglen = 0; + char *passargin = NULL, *passin = NULL; #ifndef OPENSSL_NO_ENGINE char *engine=NULL; #endif @@ -145,6 +146,12 @@ int MAIN(int argc, char **argv) if (--argc < 1) break; keyfile=*(++argv); } + else if (!strcmp(*argv,"-passin")) + { + if (--argc < 1) + break; + passargin=*++argv; + } else if (strcmp(*argv,"-verify") == 0) { if (--argc < 1) break; @@ -257,6 +264,12 @@ int MAIN(int argc, char **argv) BIO_set_callback_arg(in,bio_err); } + if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) + { + BIO_printf(bio_err, "Error getting password\n"); + goto end; + } + if ((in == NULL) || (bmd == NULL)) { ERR_print_errors(bio_err); @@ -298,7 +311,7 @@ int MAIN(int argc, char **argv) sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL, e, "key file"); else - sigkey = load_key(bio_err, keyfile, keyform, 0, NULL, + sigkey = load_key(bio_err, keyfile, keyform, 0, passin, e, "key file"); if (!sigkey) { @@ -385,6 +398,8 @@ end: OPENSSL_free(buf); } if (in != NULL) BIO_free(in); + if (passin) + OPENSSL_free(passin); BIO_free_all(out); EVP_PKEY_free(sigkey); if(sigbuf) OPENSSL_free(sigbuf); diff --git a/doc/apps/dgst.pod b/doc/apps/dgst.pod index 1648742bcf..b0d198724c 100644 --- a/doc/apps/dgst.pod +++ b/doc/apps/dgst.pod @@ -14,6 +14,7 @@ B B [B<-binary>] [B<-out filename>] [B<-sign filename>] +[B<-passin arg>] [B<-verify filename>] [B<-prverify filename>] [B<-signature filename>] @@ -59,6 +60,11 @@ filename to output to, or standard output by default. digitally sign the digest using the private key in "filename". +=item B<-passin arg> + +the private key password source. For more information about the format of B +see the B section in L. + =item B<-verify filename> verify the signature using the the public key in "filename".