generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add -pubkey option to req command.

Browse Source
This commit is contained in:
Dr. Stephen Henson 2001-12-01 23:03:30 +00:00
parent 322de0c8c1
commit 21a85f1977
3 changed files with 41 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@ -12,6 +12,9 @@
*) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
+) applies to 0.9.7 only +) applies to 0.9.7 only
+) Add option to output public keys in req command.
[Massimiliano Pala madwolf@openca.org]
*) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid() *) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid()
returns early because it has nothing to do. returns early because it has nothing to do.
[Andy Schneider <andy.schneider@bjss.co.uk>] [Andy Schneider <andy.schneider@bjss.co.uk>]

43
apps/req.c
View File

@ -106,6 +106,7 @@
* -rand file(s) - load the file(s) into the PRNG. * -rand file(s) - load the file(s) into the PRNG.
* -newkey - make a key and a request. * -newkey - make a key and a request.
* -modulus - print RSA modulus. * -modulus - print RSA modulus.
* -pubkey - output Public Key.
* -x509 - output a self signed X509 structure instead. * -x509 - output a self signed X509 structure instead.
* -asn1-kludge - output new certificate request in a format that some CA's * -asn1-kludge - output new certificate request in a format that some CA's
* require. This format is wrong * require. This format is wrong
@ -159,7 +160,7 @@ int MAIN(int argc, char **argv)
long newkey = -1; long newkey = -1;
BIO *in=NULL,*out=NULL; BIO *in=NULL,*out=NULL;
int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM; int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
int nodes=0,kludge=0,newhdr=0,subject=0; int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0;
char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL; char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
char *engine=NULL; char *engine=NULL;
char *extensions = NULL; char *extensions = NULL;
@ -218,6 +219,10 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
keyfile= *(++argv); keyfile= *(++argv);
} }
else if (strcmp(*argv,"-pubkey") == 0)
{
pubkey=1;
}
else if (strcmp(*argv,"-new") == 0) else if (strcmp(*argv,"-new") == 0)
{ {
newreq=1; newreq=1;
@ -412,6 +417,7 @@ bad:
BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -text text form of request\n"); BIO_printf(bio_err," -text text form of request\n");
BIO_printf(bio_err," -pubkey output public key\n");
BIO_printf(bio_err," -noout do not output REQ\n"); BIO_printf(bio_err," -noout do not output REQ\n");
BIO_printf(bio_err," -verify verify signature on REQ\n"); BIO_printf(bio_err," -verify verify signature on REQ\n");
BIO_printf(bio_err," -modulus RSA modulus\n"); BIO_printf(bio_err," -modulus RSA modulus\n");
@ -473,7 +479,8 @@ bad:
{ {
long errline; long errline;
BIO_printf(bio_err,"Using configuration from %s\n",template); if( verbose )
BIO_printf(bio_err,"Using configuration from %s\n",template);
req_conf=NCONF_new(NULL); req_conf=NCONF_new(NULL);
i=NCONF_load(req_conf,template,&errline); i=NCONF_load(req_conf,template,&errline);
if (i == 0) if (i == 0)
@ -485,7 +492,8 @@ bad:
else else
{ {
req_conf=config; req_conf=config;
BIO_printf(bio_err,"Using configuration from %s\n", if( verbose )
BIO_printf(bio_err,"Using configuration from %s\n",
default_config_file); default_config_file);
if (req_conf == NULL) if (req_conf == NULL)
{ {
@ -922,7 +930,7 @@ loop:
BIO_printf(bio_err,"verify OK\n"); BIO_printf(bio_err,"verify OK\n");
} }
if (noout && !text && !modulus && !subject) if (noout && !text && !modulus && !subject && !pubkey)
{ {
ex=0; ex=0;
goto end; goto end;
@ -951,6 +959,20 @@ loop:
} }
} }
if (pubkey)
{
EVP_PKEY *tpubkey;
tpubkey=X509_REQ_get_pubkey(req);
if (tpubkey == NULL)
{
BIO_printf(bio_err,"Error getting public key\n");
ERR_print_errors(bio_err);
goto end;
}
PEM_write_bio_PUBKEY(out, tpubkey);
EVP_PKEY_free(tpubkey);
}
if (text) if (text)
{ {
if (x509) if (x509)
@ -969,24 +991,25 @@ loop:
if (modulus) if (modulus)
{ {
EVP_PKEY *pubkey; EVP_PKEY *tpubkey;
if (x509) if (x509)
pubkey=X509_get_pubkey(x509ss); tpubkey=X509_get_pubkey(x509ss);
else else
pubkey=X509_REQ_get_pubkey(req); tpubkey=X509_REQ_get_pubkey(req);
if (pubkey == NULL) if (tpubkey == NULL)
{ {
fprintf(stdout,"Modulus=unavailable\n"); fprintf(stdout,"Modulus=unavailable\n");
goto end; goto end;
} }
fprintf(stdout,"Modulus="); fprintf(stdout,"Modulus=");
#ifndef OPENSSL_NO_RSA #ifndef OPENSSL_NO_RSA
if (pubkey->type == EVP_PKEY_RSA) if (tpubkey->type == EVP_PKEY_RSA)
BN_print(out,pubkey->pkey.rsa->n); BN_print(out,tpubkey->pkey.rsa->n);
else else
#endif #endif
fprintf(stdout,"Wrong Algorithm type"); fprintf(stdout,"Wrong Algorithm type");
EVP_PKEY_free(tpubkey);
fprintf(stdout,"\n"); fprintf(stdout,"\n");
} }

5
doc/apps/req.pod
View File

@ -15,6 +15,7 @@ B<openssl> B<req>
[B<-out filename>] [B<-out filename>]
[B<-passout arg>] [B<-passout arg>]
[B<-text>] [B<-text>]
[B<-pubkey>]
[B<-noout>] [B<-noout>]
[B<-verify>] [B<-verify>]
[B<-modulus>] [B<-modulus>]
@ -87,6 +88,10 @@ see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
prints out the certificate request in text form. prints out the certificate request in text form.
=item B<-pubkey>
outputs the public key.
=item B<-noout> =item B<-noout>
this option prevents output of the encoded version of the request. this option prevents output of the encoded version of the request.