generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Gather keygen options in req and only use them after all other options have

Browse Source 
been processed. This allows any ENGINE changing operations to be processed
first (for example a config file).
This commit is contained in:
Dr. Stephen Henson 2006-05-16 12:11:14 +00:00
parent 6d3a1eac3b
commit 98c82b899e
1 changed files with 33 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
apps/req.c
View File

@ -169,7 +169,8 @@ int MAIN(int argc, char **argv)
X509 *x509ss=NULL; X509 *x509ss=NULL;
X509_REQ *req=NULL; X509_REQ *req=NULL;
EVP_PKEY_CTX *genctx = NULL; EVP_PKEY_CTX *genctx = NULL;
const char *keyalgstr; const char *keyalg = NULL, *keyalgstr;
STACK *pkeyopts = NULL;
EVP_PKEY *pkey=NULL; EVP_PKEY *pkey=NULL;
int i=0,badops=0,newreq=0,verbose=0,pkey_type=EVP_PKEY_RSA; int i=0,badops=0,newreq=0,verbose=0,pkey_type=EVP_PKEY_RSA;
long newkey = -1; long newkey = -1;
@ -290,33 +291,19 @@ int MAIN(int argc, char **argv)
} }
else if (strcmp(*argv,"-newkey") == 0) else if (strcmp(*argv,"-newkey") == 0)
{ {
if (--argc < 1) if (--argc < 1)
goto bad; goto bad;
keyalg = *(++argv);
genctx = set_keygen_ctx(bio_err, *(++argv), &newkey,
&keyalgstr, e);
if (!genctx)
goto bad;
newreq=1; newreq=1;
} }
else if (strcmp(*argv,"-pkeyopt") == 0) else if (strcmp(*argv,"-pkeyopt") == 0)
{ {
if (--argc < 1) if (--argc < 1)
goto bad; goto bad;
if (!genctx) if (!pkeyopts)
{ pkeyopts = sk_new_null();
BIO_puts(bio_err, "No keytype specified\n"); if (!pkeyopts || !sk_push(pkeyopts, *(++argv)))
goto bad; goto bad;
}
else if (pkey_ctrl_string(genctx, *(++argv)) <= 0)
{
BIO_puts(bio_err, "parameter setting error\n");
ERR_print_errors(bio_err);
goto end;
}
} }
else if (strcmp(*argv,"-batch") == 0) else if (strcmp(*argv,"-batch") == 0)
batch=1; batch=1;
@ -643,6 +630,14 @@ bad:
app_RAND_load_file(randfile, bio_err, 0); app_RAND_load_file(randfile, bio_err, 0);
if (inrand) if (inrand)
app_RAND_load_files(inrand); app_RAND_load_files(inrand);
if (keyalg)
{
genctx = set_keygen_ctx(bio_err, keyalg, &newkey,
&keyalgstr, e);
if (!genctx)
goto end;
}
if (newkey <= 0) if (newkey <= 0)
{ {
@ -665,6 +660,23 @@ bad:
goto end; goto end;
} }
if (pkeyopts)
{
char *genopt;
for (i = 0; i < sk_num(pkeyopts); i++)
{
genopt = sk_value(pkeyopts, i);
if (pkey_ctrl_string(genctx, genopt) <= 0)
{
BIO_printf(bio_err,
"parameter error \"%s\"\n",
genopt);
ERR_print_errors(bio_err);
goto end;
}
}
}
BIO_printf(bio_err,"Generating a %ld bit %s private key\n", BIO_printf(bio_err,"Generating a %ld bit %s private key\n",
newkey, keyalgstr); newkey, keyalgstr);
@ -1066,6 +1078,8 @@ end:
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
if (genctx) if (genctx)
EVP_PKEY_CTX_free(genctx); EVP_PKEY_CTX_free(genctx);
if (pkeyopts)
sk_free(pkeyopts);
X509_REQ_free(req); X509_REQ_free(req);
X509_free(x509ss); X509_free(x509ss);
ASN1_INTEGER_free(serial); ASN1_INTEGER_free(serial);