diff options
author | steve <steve> | 1999-01-29 01:53:54 +0000 |
---|---|---|
committer | steve <steve> | 1999-01-29 01:53:54 +0000 |
commit | 288a0ec785d54ce92e1f93a896d2c6876ed6110b (patch) | |
tree | 6cc5b0caef296574e67a549a7130dfbdf4407983 | |
parent | 797377d83be400242a5430d4063d295026c71b6e (diff) | |
download | openssl-288a0ec785d54ce92e1f93a896d2c6876ed6110b.tar.gz |
Allow the -certfile argument to be used multiple times in crl2pkcs7.
Also fix typos in the usage messages: "inout" instead of "input".
-rw-r--r-- | CHANGES | 4 | ||||
-rw-r--r-- | apps/asn1pars.c | 2 | ||||
-rw-r--r-- | apps/crl2p7.c | 30 | ||||
-rw-r--r-- | apps/dh.c | 6 | ||||
-rw-r--r-- | apps/dsa.c | 6 | ||||
-rw-r--r-- | apps/dsaparam.c | 39 | ||||
-rw-r--r-- | apps/pkcs7.c | 2 | ||||
-rw-r--r-- | apps/req.c | 2 | ||||
-rw-r--r-- | apps/rsa.c | 6 |
9 files changed, 65 insertions, 32 deletions
@@ -5,6 +5,10 @@ Changes between 0.9.1c and 0.9.2 + *) Modify crl2pkcs7 so it supports multiple -certfile arguments. Fix a + few typos. + [Steve Henson] + *) Fixes to BN code. Previously the default was to define BN_RECURSION but the BN code had some problems that would cause failures when doing certificate verification and some other functions. diff --git a/apps/asn1pars.c b/apps/asn1pars.c index 8c9837ef8..cf9a3bf2b 100644 --- a/apps/asn1pars.c +++ b/apps/asn1pars.c @@ -164,7 +164,7 @@ bad: BIO_printf(bio_err,"%s [options] <infile\n",prog); BIO_printf(bio_err,"where options are\n"); BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n"); - BIO_printf(bio_err," -in arg inout file\n"); + BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -offset arg offset into file\n"); BIO_printf(bio_err," -length arg lenth of section in file\n"); BIO_printf(bio_err," -i indent entries\n"); diff --git a/apps/crl2p7.c b/apps/crl2p7.c index 04bb1a1c8..befae045c 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -1,5 +1,5 @@ /* apps/crl2p7.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -98,6 +98,7 @@ char **argv; PKCS7 *p7 = NULL; PKCS7_SIGNED *p7s = NULL; X509_CRL *crl=NULL; + STACK *certflst=NULL; STACK *crl_stack=NULL; STACK *cert_stack=NULL; int ret=1,nocrl=0; @@ -106,13 +107,12 @@ char **argv; if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE); + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); infile=NULL; outfile=NULL; informat=FORMAT_PEM; outformat=FORMAT_PEM; - certfile=NULL; prog=argv[0]; argc--; @@ -146,7 +146,8 @@ char **argv; else if (strcmp(*argv,"-certfile") == 0) { if (--argc < 1) goto bad; - certfile= *(++argv); + if(!certflst) certflst = sk_new(NULL); + sk_push(certflst,*(++argv)); } else { @@ -165,9 +166,10 @@ bad: BIO_printf(bio_err,"where options are\n"); BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n"); BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n"); - BIO_printf(bio_err," -in arg inout file\n"); + BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -certfile arg certificates file of chain to a trusted CA\n"); + BIO_printf(bio_err," (can be used more than once)\n"); BIO_printf(bio_err," -nocrl no crl to load, just certs from '-certfile'\n"); EXIT(1); } @@ -229,15 +231,17 @@ bad: if ((cert_stack=sk_new(NULL)) == NULL) goto end; p7s->cert=cert_stack; - if (certfile != NULL) - { + if(certflst) for(i = 0; i < sk_num(certflst); i++) { + certfile = sk_value(certflst, i); if (add_certs_from_file(cert_stack,certfile) < 0) { - BIO_printf(bio_err,"error loading certificates\n"); + BIO_printf(bio_err, "error loading certificates\n"); ERR_print_errors(bio_err); goto end; } - } + } + + sk_free(certflst); if (outfile == NULL) BIO_set_fp(out,stdout,BIO_NOCLOSE); @@ -297,19 +301,23 @@ char *certfile; if ((stat(certfile,&st) != 0)) { - BIO_printf(bio_err,"unable to file the file, %s\n",certfile); + BIO_printf(bio_err,"unable to load the file, %s\n",certfile); goto end; } in=BIO_new(BIO_s_file()); if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0)) { + BIO_printf(bio_err,"error opening the file, %s\n",certfile); goto end; } /* This loads from a file, a stack of x509/crl/pkey sets */ sk=PEM_X509_INFO_read_bio(in,NULL,NULL); - if (sk == NULL) goto end; + if (sk == NULL) { + BIO_printf(bio_err,"error reading the file, %s\n",certfile); + goto end; + } /* scan over it and pull out the CRL's */ while (sk_num(sk)) @@ -1,5 +1,5 @@ /* apps/dh.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -95,7 +95,7 @@ char **argv; if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE); + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); infile=NULL; outfile=NULL; @@ -152,7 +152,7 @@ bad: BIO_printf(bio_err,"where options are\n"); BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n"); BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n"); - BIO_printf(bio_err," -in arg inout file\n"); + BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -check check the DH parameters\n"); BIO_printf(bio_err," -text check the DH parameters\n"); diff --git a/apps/dsa.c b/apps/dsa.c index 585116a67..f58ff35c7 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -1,5 +1,5 @@ /* apps/dsa.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -99,7 +99,7 @@ char **argv; if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE); + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); infile=NULL; outfile=NULL; @@ -154,7 +154,7 @@ bad: BIO_printf(bio_err,"where options are\n"); BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n"); BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n"); - BIO_printf(bio_err," -in arg inout file\n"); + BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); diff --git a/apps/dsaparam.c b/apps/dsaparam.c index e9485c003..e01f93974 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -1,5 +1,5 @@ /* apps/dsaparam.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -80,10 +80,11 @@ * -text * -C * -noout + * -genkey */ #ifndef NOPROTO -static void MS_CALLBACK dsa_cb(int p, int n); +static void MS_CALLBACK dsa_cb(int p, int n, char *arg); #else static void MS_CALLBACK dsa_cb(); #endif @@ -97,14 +98,14 @@ char **argv; BIO *in=NULL,*out=NULL; int informat,outformat,noout=0,C=0,ret=1; char *infile,*outfile,*prog,*inrand=NULL; - int numbits= -1,num; + int numbits= -1,num,genkey=0; char buffer[200],*randfile=NULL; apps_startup(); if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE); + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); infile=NULL; outfile=NULL; @@ -140,6 +141,8 @@ char **argv; text=1; else if (strcmp(*argv,"-C") == 0) C=1; + else if (strcmp(*argv,"-genkey") == 0) + genkey=1; else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; @@ -169,7 +172,7 @@ bad: BIO_printf(bio_err,"where options are\n"); BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n"); BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n"); - BIO_printf(bio_err," -in arg inout file\n"); + BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -text check the DSA parameters\n"); BIO_printf(bio_err," -C Output C code\n"); @@ -217,7 +220,8 @@ bad: BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num); BIO_printf(bio_err,"This could take some time\n"); - dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,dsa_cb); + dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL, + dsa_cb,(char *)bio_err); } else if (informat == FORMAT_ASN1) dsa=d2i_DSAparams_bio(in,NULL); @@ -314,6 +318,22 @@ bad: goto end; } } + if (genkey) + { + DSA *dsakey; + + if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end; + if (!DSA_generate_key(dsakey)) goto end; + if (outformat == FORMAT_ASN1) + i=i2d_DSAPrivateKey_bio(out,dsakey); + else if (outformat == FORMAT_PEM) + i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL); + else { + BIO_printf(bio_err,"bad output format specified for outfile\n"); + goto end; + } + DSA_free(dsakey); + } ret=0; end: if (in != NULL) BIO_free(in); @@ -322,9 +342,10 @@ end: EXIT(ret); } -static void MS_CALLBACK dsa_cb(p, n) +static void MS_CALLBACK dsa_cb(p, n, arg) int p; int n; +char *arg; { char c='*'; @@ -332,8 +353,8 @@ int n; if (p == 1) c='+'; if (p == 2) c='*'; if (p == 3) c='\n'; - BIO_write(bio_err,&c,1); - BIO_flush(bio_err); + BIO_write((BIO *)arg,&c,1); + BIO_flush((BIO *)arg); #ifdef LINT p=n; #endif diff --git a/apps/pkcs7.c b/apps/pkcs7.c index 06640bf0f..9f96edc56 100644 --- a/apps/pkcs7.c +++ b/apps/pkcs7.c @@ -161,7 +161,7 @@ bad: BIO_printf(bio_err,"where options are\n"); BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n"); BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n"); - BIO_printf(bio_err," -in arg inout file\n"); + BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -print_certs print any certs or crl in the input\n"); BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); diff --git a/apps/req.c b/apps/req.c index 523139ecd..6ff9bb2c0 100644 --- a/apps/req.c +++ b/apps/req.c @@ -335,7 +335,7 @@ bad: BIO_printf(bio_err,"where options are\n"); BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n"); BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n"); - BIO_printf(bio_err," -in arg inout file\n"); + BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -text text form of request\n"); BIO_printf(bio_err," -noout do not output REQ\n"); diff --git a/apps/rsa.c b/apps/rsa.c index 9f2df771b..056936da7 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -1,5 +1,5 @@ /* apps/rsa.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -99,7 +99,7 @@ char **argv; if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE); + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); infile=NULL; outfile=NULL; @@ -154,7 +154,7 @@ bad: BIO_printf(bio_err,"where options are\n"); BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n"); BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n"); - BIO_printf(bio_err," -in arg inout file\n"); + BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); |