diff --git a/CHANGES b/CHANGES index b29cb8e09..799ff10b3 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,12 @@ Changes between 0.9.3a and 0.9.4 + *) Fix demos/sign/sign.c: well there wasn't anything strictly speaking + wrong with it but it was very old and did things like calling + PEM_ASN1_read() directly and used MD5 for the hash not to mention some + unusual formatting. + [Steve Henson] + *) Fix demos/selfsign.c: it used obsolete and deleted functions, changed to use the new extension code. [Steve Henson] diff --git a/demos/sign/sign.c b/demos/sign/sign.c index 64e72e719..0fdf0de38 100644 --- a/demos/sign/sign.c +++ b/demos/sign/sign.c @@ -61,6 +61,10 @@ /* converted to C - eay :-) */ +/* reformated a bit and converted to use the more common functions: this was + * initially written at the dawn of time :-) - Steve. + */ + #include #include #include @@ -90,49 +94,60 @@ int main () /* Read private key */ - fp = fopen (keyfile, "r"); if (fp == NULL) exit (1); - pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey, - PEM_STRING_EVP_PKEY, - fp, - NULL, NULL); - if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); } + fp = fopen (keyfile, "r"); + if (fp == NULL) exit (1); + pkey = PEM_read_PrivateKey(fp, NULL, NULL); fclose (fp); + + if (pkey == NULL) { + ERR_print_errors_fp (stderr); + exit (1); + } /* Do the signature */ - EVP_SignInit (&md_ctx, EVP_md5()); + EVP_SignInit (&md_ctx, EVP_sha1()); EVP_SignUpdate (&md_ctx, data, strlen(data)); sig_len = sizeof(sig_buf); - err = EVP_SignFinal (&md_ctx, - sig_buf, - &sig_len, - pkey); - if (err != 1) { ERR_print_errors_fp (stderr); exit (1); } + err = EVP_SignFinal (&md_ctx, sig_buf, &sig_len, pkey); + + if (err != 1) { + ERR_print_errors_fp(stderr); + exit (1); + } + EVP_PKEY_free (pkey); /* Read public key */ - fp = fopen (certfile, "r"); if (fp == NULL) exit (1); - x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509, - PEM_STRING_X509, - fp, NULL, NULL); - if (x509 == NULL) { ERR_print_errors_fp (stderr); exit (1); } + fp = fopen (certfile, "r"); + if (fp == NULL) exit (1); + x509 = PEM_read_X509(fp, NULL, NULL); fclose (fp); + + if (x509 == NULL) { + ERR_print_errors_fp (stderr); + exit (1); + } /* Get public key - eay */ - pkey=X509_extract_key(x509); - if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); } + pkey=X509_get_pubkey(x509); + if (pkey == NULL) { + ERR_print_errors_fp (stderr); + exit (1); + } /* Verify the signature */ - EVP_VerifyInit (&md_ctx, EVP_md5()); + EVP_VerifyInit (&md_ctx, EVP_sha1()); EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data)); - err = EVP_VerifyFinal (&md_ctx, - sig_buf, - sig_len, - pkey); - if (err != 1) { ERR_print_errors_fp (stderr); exit (1); } + err = EVP_VerifyFinal (&md_ctx, sig_buf, sig_len, pkey); EVP_PKEY_free (pkey); + + if (err != 1) { + ERR_print_errors_fp (stderr); + exit (1); + } printf ("Signature Verified Ok.\n"); return(0); }