Add -passin argument to dgst command.
This commit is contained in:
Dr. Stephen Henson
parent
8f284faaec
commit
5b40d7dd97
3
CHANGES
3
CHANGES
@ -745,6 +745,9 @@
|
|||||||
|
|
||||||
Changes between 0.9.7e and 0.9.7f [XX xxx XXXX]
|
Changes between 0.9.7e and 0.9.7f [XX xxx XXXX]
|
||||||
|
|
||||||
|
*) Add new -passin argument to dgst.
|
||||||
|
[Steve Henson]
|
||||||
|
|
||||||
*) Perform some character comparisons of different types in X509_NAME_cmp:
|
*) Perform some character comparisons of different types in X509_NAME_cmp:
|
||||||
this is needed for some certificates that reencode DNs into UTF8Strings
|
this is needed for some certificates that reencode DNs into UTF8Strings
|
||||||
(in violation of RFC3280) and can't or wont issue name rollover
|
(in violation of RFC3280) and can't or wont issue name rollover
|
||||||
|
|||||||
17
apps/dgst.c
17
apps/dgst.c
@ -100,6 +100,7 @@ int MAIN(int argc, char **argv)
|
|||||||
EVP_PKEY *sigkey = NULL;
|
EVP_PKEY *sigkey = NULL;
|
||||||
unsigned char *sigbuf = NULL;
|
unsigned char *sigbuf = NULL;
|
||||||
int siglen = 0;
|
int siglen = 0;
|
||||||
|
char *passargin = NULL, *passin = NULL;
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
char *engine=NULL;
|
char *engine=NULL;
|
||||||
#endif
|
#endif
|
||||||
@ -145,6 +146,12 @@ int MAIN(int argc, char **argv)
|
|||||||
if (--argc < 1) break;
|
if (--argc < 1) break;
|
||||||
keyfile=*(++argv);
|
keyfile=*(++argv);
|
||||||
}
|
}
|
||||||
|
else if (!strcmp(*argv,"-passin"))
|
||||||
|
{
|
||||||
|
if (--argc < 1)
|
||||||
|
break;
|
||||||
|
passargin=*++argv;
|
||||||
|
}
|
||||||
else if (strcmp(*argv,"-verify") == 0)
|
else if (strcmp(*argv,"-verify") == 0)
|
||||||
{
|
{
|
||||||
if (--argc < 1) break;
|
if (--argc < 1) break;
|
||||||
@ -257,6 +264,12 @@ int MAIN(int argc, char **argv)
|
|||||||
BIO_set_callback_arg(in,bio_err);
|
BIO_set_callback_arg(in,bio_err);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "Error getting password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
if ((in == NULL) || (bmd == NULL))
|
if ((in == NULL) || (bmd == NULL))
|
||||||
{
|
{
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
@ -298,7 +311,7 @@ int MAIN(int argc, char **argv)
|
|||||||
sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
|
sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
|
||||||
e, "key file");
|
e, "key file");
|
||||||
else
|
else
|
||||||
sigkey = load_key(bio_err, keyfile, keyform, 0, NULL,
|
sigkey = load_key(bio_err, keyfile, keyform, 0, passin,
|
||||||
e, "key file");
|
e, "key file");
|
||||||
if (!sigkey)
|
if (!sigkey)
|
||||||
{
|
{
|
||||||
@ -385,6 +398,8 @@ end:
|
|||||||
OPENSSL_free(buf);
|
OPENSSL_free(buf);
|
||||||
}
|
}
|
||||||
if (in != NULL) BIO_free(in);
|
if (in != NULL) BIO_free(in);
|
||||||
|
if (passin)
|
||||||
|
OPENSSL_free(passin);
|
||||||
BIO_free_all(out);
|
BIO_free_all(out);
|
||||||
EVP_PKEY_free(sigkey);
|
EVP_PKEY_free(sigkey);
|
||||||
if(sigbuf) OPENSSL_free(sigbuf);
|
if(sigbuf) OPENSSL_free(sigbuf);
|
||||||
|
|||||||
@ -14,6 +14,7 @@ B<openssl> B<dgst>
|
|||||||
[B<-binary>]
|
[B<-binary>]
|
||||||
[B<-out filename>]
|
[B<-out filename>]
|
||||||
[B<-sign filename>]
|
[B<-sign filename>]
|
||||||
|
[B<-passin arg>]
|
||||||
[B<-verify filename>]
|
[B<-verify filename>]
|
||||||
[B<-prverify filename>]
|
[B<-prverify filename>]
|
||||||
[B<-signature filename>]
|
[B<-signature filename>]
|
||||||
@ -59,6 +60,11 @@ filename to output to, or standard output by default.
|
|||||||
|
|
||||||
digitally sign the digest using the private key in "filename".
|
digitally sign the digest using the private key in "filename".
|
||||||
|
|
||||||
|
=item B<-passin arg>
|
||||||
|
|
||||||
|
the private key password source. For more information about the format of B<arg>
|
||||||
|
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
|
||||||
|
|
||||||
=item B<-verify filename>
|
=item B<-verify filename>
|
||||||
|
|
||||||
verify the signature using the the public key in "filename".
|
verify the signature using the the public key in "filename".
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user