Loading apps/apps.c +18 −2 Original line number Diff line number Diff line Loading @@ -553,7 +553,7 @@ end: return(x); } EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass, ENGINE *e) { BIO *key=NULL; EVP_PKEY *pkey=NULL; Loading @@ -563,6 +563,14 @@ EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) BIO_printf(err,"no keyfile specified\n"); goto end; } if (format == FORMAT_ENGINE) { if (!e) BIO_printf(bio_err,"no engine specified\n"); else pkey = ENGINE_load_private_key(e, file, pass); goto end; } key=BIO_new(BIO_s_file()); if (key == NULL) { Loading Loading @@ -602,7 +610,7 @@ EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) return(pkey); } EVP_PKEY *load_pubkey(BIO *err, char *file, int format) EVP_PKEY *load_pubkey(BIO *err, char *file, int format, ENGINE *e) { BIO *key=NULL; EVP_PKEY *pkey=NULL; Loading @@ -612,6 +620,14 @@ EVP_PKEY *load_pubkey(BIO *err, char *file, int format) BIO_printf(err,"no keyfile specified\n"); goto end; } if (format == FORMAT_ENGINE) { if (!e) BIO_printf(bio_err,"no engine specified\n"); else pkey = ENGINE_load_public_key(e, file, NULL); goto end; } key=BIO_new(BIO_s_file()); if (key == NULL) { Loading apps/apps.h +3 −2 Original line number Diff line number Diff line Loading @@ -67,6 +67,7 @@ #include <openssl/x509.h> #include <openssl/lhash.h> #include <openssl/conf.h> #include <openssl/engine.h> int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn); int app_RAND_write_file(const char *file, BIO *bio_e); Loading Loading @@ -152,8 +153,8 @@ int set_name_ex(unsigned long *flags, const char *arg); int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2); int add_oid_section(BIO *err, LHASH *conf); X509 *load_cert(BIO *err, char *file, int format); EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass); EVP_PKEY *load_pubkey(BIO *err, char *file, int format); EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass, ENGINE *e); EVP_PKEY *load_pubkey(BIO *err, char *file, int format, ENGINE *e); STACK_OF(X509) *load_certs(BIO *err, char *file, int format); #define FORMAT_UNDEF 0 Loading apps/ca.c +30 −6 Original line number Diff line number Diff line Loading @@ -153,7 +153,8 @@ static char *ca_usage[]={ " -days arg - number of days to certify the certificate for\n", " -md arg - md to use, one of md2, md5, sha or sha1\n", " -policy arg - The CA 'policy' to support\n", " -keyfile arg - PEM private key file\n", " -keyfile arg - private key file\n", " -keyform arg - private key file format (PEM or ENGINE)\n", " -key arg - key to decode the private key if it is encrypted\n", " -cert file - The CA certificate\n", " -in file - The input PEM encoded certificate request(s)\n", Loading Loading @@ -236,6 +237,7 @@ int MAIN(int argc, char **argv) char *policy=NULL; char *keyfile=NULL; char *certfile=NULL; int keyform=FORMAT_PEM; char *infile=NULL; char *spkac_file=NULL; char *ss_cert_file=NULL; Loading Loading @@ -337,6 +339,11 @@ EF_ALIGNMENT=0; if (--argc < 1) goto bad; keyfile= *(++argv); } else if (strcmp(*argv,"-keyform") == 0) { if (--argc < 1) goto bad; keyform=str2fmt(*(++argv)); } else if (strcmp(*argv,"-passin") == 0) { if (--argc < 1) goto bad; Loading Loading @@ -563,6 +570,17 @@ bad: BIO_printf(bio_err,"Error getting password\n"); goto err; } if (keyform == FORMAT_ENGINE) { if (!e) { BIO_printf(bio_err,"no engine specified\n"); goto err; } pkey = ENGINE_load_private_key(e, keyfile, key); } else if (keyform == FORMAT_PEM) { if (BIO_read_filename(in,keyfile) <= 0) { perror(keyfile); Loading @@ -570,6 +588,12 @@ bad: goto err; } pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key); } else { BIO_printf(bio_err,"bad input format specified for key file\n"); goto err; } if(key) memset(key,0,strlen(key)); if (pkey == NULL) { Loading apps/dgst.c +46 −12 Original line number Diff line number Diff line Loading @@ -93,6 +93,7 @@ int MAIN(int argc, char **argv) char pname[PROG_NAME_SIZE]; int separator=0; int debug=0; int keyform=FORMAT_PEM; const char *outfile = NULL, *keyfile = NULL; const char *sigfile = NULL, *randfile = NULL; char out_bin = -1, want_pub = 0, do_verify = 0; Loading Loading @@ -157,6 +158,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) break; sigfile=*(++argv); } else if (strcmp(*argv,"-keyform") == 0) { if (--argc < 1) break; keyform=str2fmt(*(++argv)); } else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) break; Loading Loading @@ -196,6 +202,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"-sign file sign digest using private key in file\n"); BIO_printf(bio_err,"-verify file verify a signature using public key in file\n"); BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n"); BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n"); BIO_printf(bio_err,"-signature file signature to verify\n"); BIO_printf(bio_err,"-binary output in binary form\n"); BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); Loading Loading @@ -280,20 +287,47 @@ int MAIN(int argc, char **argv) goto end; } if(keyfile) { if(keyfile) { if (keyform == FORMAT_PEM) { BIO *keybio; keybio = BIO_new_file(keyfile, "r"); if(!keybio) { BIO_printf(bio_err, "Error opening key file %s\n", if(!keybio) { BIO_printf(bio_err, "Error opening key file %s\n", keyfile); ERR_print_errors(bio_err); goto end; } if(want_pub) sigkey = PEM_read_bio_PUBKEY(keybio, NULL, NULL, NULL); else sigkey = PEM_read_bio_PrivateKey(keybio, NULL, NULL, NULL); sigkey = PEM_read_bio_PUBKEY(keybio, NULL, NULL, NULL); else sigkey = PEM_read_bio_PrivateKey(keybio, NULL, NULL, NULL); BIO_free(keybio); } else if (keyform == FORMAT_ENGINE) { if (!e) { BIO_printf(bio_err,"no engine specified\n"); goto end; } if (want_pub) sigkey = ENGINE_load_public_key(e, keyfile, NULL); else sigkey = ENGINE_load_private_key(e, keyfile, NULL); } else { BIO_printf(bio_err, "bad input format specified for key file\n"); goto end; } if(!sigkey) { BIO_printf(bio_err, "Error reading key file %s\n", keyfile); Loading apps/rsautl.c +26 −2 Original line number Diff line number Diff line Loading @@ -62,6 +62,7 @@ #include <string.h> #include <openssl/err.h> #include <openssl/pem.h> #include <openssl/engine.h> #define RSA_SIGN 1 #define RSA_VERIFY 2 Loading @@ -82,8 +83,10 @@ int MAIN(int argc, char **); int MAIN(int argc, char **argv) { ENGINE *e = NULL; BIO *in = NULL, *out = NULL; char *infile = NULL, *outfile = NULL; char *engine = NULL; char *keyfile = NULL; char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY; int keyform = FORMAT_PEM; Loading Loading @@ -117,6 +120,9 @@ int MAIN(int argc, char **argv) } else if(!strcmp(*argv, "-inkey")) { if (--argc < 1) badarg = 1; keyfile = *(++argv); } else if(!strcmp(*argv, "-engine")) { if (--argc < 1) badarg = 1; engine = *(++argv); } else if(!strcmp(*argv, "-pubin")) { key_type = KEY_PUBKEY; } else if(!strcmp(*argv, "-certin")) { Loading Loading @@ -151,16 +157,34 @@ int MAIN(int argc, char **argv) goto end; } if (engine != NULL) { if((e = ENGINE_by_id(engine)) == NULL) { BIO_printf(bio_err,"invalid engine \"%s\"\n", engine); goto end; } if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) { BIO_printf(bio_err,"can't use that engine\n"); goto end; } BIO_printf(bio_err,"engine \"%s\" set.\n", engine); /* Free our "structural" reference. */ ENGINE_free(e); } /* FIXME: seed PRNG only if needed */ app_RAND_load_file(NULL, bio_err, 0); switch(key_type) { case KEY_PRIVKEY: pkey = load_key(bio_err, keyfile, keyform, NULL); pkey = load_key(bio_err, keyfile, keyform, NULL, e); break; case KEY_PUBKEY: pkey = load_pubkey(bio_err, keyfile, keyform); pkey = load_pubkey(bio_err, keyfile, keyform, e); break; case KEY_CERT: Loading Loading
apps/apps.c +18 −2 Original line number Diff line number Diff line Loading @@ -553,7 +553,7 @@ end: return(x); } EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass, ENGINE *e) { BIO *key=NULL; EVP_PKEY *pkey=NULL; Loading @@ -563,6 +563,14 @@ EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) BIO_printf(err,"no keyfile specified\n"); goto end; } if (format == FORMAT_ENGINE) { if (!e) BIO_printf(bio_err,"no engine specified\n"); else pkey = ENGINE_load_private_key(e, file, pass); goto end; } key=BIO_new(BIO_s_file()); if (key == NULL) { Loading Loading @@ -602,7 +610,7 @@ EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass) return(pkey); } EVP_PKEY *load_pubkey(BIO *err, char *file, int format) EVP_PKEY *load_pubkey(BIO *err, char *file, int format, ENGINE *e) { BIO *key=NULL; EVP_PKEY *pkey=NULL; Loading @@ -612,6 +620,14 @@ EVP_PKEY *load_pubkey(BIO *err, char *file, int format) BIO_printf(err,"no keyfile specified\n"); goto end; } if (format == FORMAT_ENGINE) { if (!e) BIO_printf(bio_err,"no engine specified\n"); else pkey = ENGINE_load_public_key(e, file, NULL); goto end; } key=BIO_new(BIO_s_file()); if (key == NULL) { Loading
apps/apps.h +3 −2 Original line number Diff line number Diff line Loading @@ -67,6 +67,7 @@ #include <openssl/x509.h> #include <openssl/lhash.h> #include <openssl/conf.h> #include <openssl/engine.h> int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn); int app_RAND_write_file(const char *file, BIO *bio_e); Loading Loading @@ -152,8 +153,8 @@ int set_name_ex(unsigned long *flags, const char *arg); int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2); int add_oid_section(BIO *err, LHASH *conf); X509 *load_cert(BIO *err, char *file, int format); EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass); EVP_PKEY *load_pubkey(BIO *err, char *file, int format); EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass, ENGINE *e); EVP_PKEY *load_pubkey(BIO *err, char *file, int format, ENGINE *e); STACK_OF(X509) *load_certs(BIO *err, char *file, int format); #define FORMAT_UNDEF 0 Loading
apps/ca.c +30 −6 Original line number Diff line number Diff line Loading @@ -153,7 +153,8 @@ static char *ca_usage[]={ " -days arg - number of days to certify the certificate for\n", " -md arg - md to use, one of md2, md5, sha or sha1\n", " -policy arg - The CA 'policy' to support\n", " -keyfile arg - PEM private key file\n", " -keyfile arg - private key file\n", " -keyform arg - private key file format (PEM or ENGINE)\n", " -key arg - key to decode the private key if it is encrypted\n", " -cert file - The CA certificate\n", " -in file - The input PEM encoded certificate request(s)\n", Loading Loading @@ -236,6 +237,7 @@ int MAIN(int argc, char **argv) char *policy=NULL; char *keyfile=NULL; char *certfile=NULL; int keyform=FORMAT_PEM; char *infile=NULL; char *spkac_file=NULL; char *ss_cert_file=NULL; Loading Loading @@ -337,6 +339,11 @@ EF_ALIGNMENT=0; if (--argc < 1) goto bad; keyfile= *(++argv); } else if (strcmp(*argv,"-keyform") == 0) { if (--argc < 1) goto bad; keyform=str2fmt(*(++argv)); } else if (strcmp(*argv,"-passin") == 0) { if (--argc < 1) goto bad; Loading Loading @@ -563,6 +570,17 @@ bad: BIO_printf(bio_err,"Error getting password\n"); goto err; } if (keyform == FORMAT_ENGINE) { if (!e) { BIO_printf(bio_err,"no engine specified\n"); goto err; } pkey = ENGINE_load_private_key(e, keyfile, key); } else if (keyform == FORMAT_PEM) { if (BIO_read_filename(in,keyfile) <= 0) { perror(keyfile); Loading @@ -570,6 +588,12 @@ bad: goto err; } pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key); } else { BIO_printf(bio_err,"bad input format specified for key file\n"); goto err; } if(key) memset(key,0,strlen(key)); if (pkey == NULL) { Loading
apps/dgst.c +46 −12 Original line number Diff line number Diff line Loading @@ -93,6 +93,7 @@ int MAIN(int argc, char **argv) char pname[PROG_NAME_SIZE]; int separator=0; int debug=0; int keyform=FORMAT_PEM; const char *outfile = NULL, *keyfile = NULL; const char *sigfile = NULL, *randfile = NULL; char out_bin = -1, want_pub = 0, do_verify = 0; Loading Loading @@ -157,6 +158,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) break; sigfile=*(++argv); } else if (strcmp(*argv,"-keyform") == 0) { if (--argc < 1) break; keyform=str2fmt(*(++argv)); } else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) break; Loading Loading @@ -196,6 +202,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"-sign file sign digest using private key in file\n"); BIO_printf(bio_err,"-verify file verify a signature using public key in file\n"); BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n"); BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n"); BIO_printf(bio_err,"-signature file signature to verify\n"); BIO_printf(bio_err,"-binary output in binary form\n"); BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); Loading Loading @@ -280,20 +287,47 @@ int MAIN(int argc, char **argv) goto end; } if(keyfile) { if(keyfile) { if (keyform == FORMAT_PEM) { BIO *keybio; keybio = BIO_new_file(keyfile, "r"); if(!keybio) { BIO_printf(bio_err, "Error opening key file %s\n", if(!keybio) { BIO_printf(bio_err, "Error opening key file %s\n", keyfile); ERR_print_errors(bio_err); goto end; } if(want_pub) sigkey = PEM_read_bio_PUBKEY(keybio, NULL, NULL, NULL); else sigkey = PEM_read_bio_PrivateKey(keybio, NULL, NULL, NULL); sigkey = PEM_read_bio_PUBKEY(keybio, NULL, NULL, NULL); else sigkey = PEM_read_bio_PrivateKey(keybio, NULL, NULL, NULL); BIO_free(keybio); } else if (keyform == FORMAT_ENGINE) { if (!e) { BIO_printf(bio_err,"no engine specified\n"); goto end; } if (want_pub) sigkey = ENGINE_load_public_key(e, keyfile, NULL); else sigkey = ENGINE_load_private_key(e, keyfile, NULL); } else { BIO_printf(bio_err, "bad input format specified for key file\n"); goto end; } if(!sigkey) { BIO_printf(bio_err, "Error reading key file %s\n", keyfile); Loading
apps/rsautl.c +26 −2 Original line number Diff line number Diff line Loading @@ -62,6 +62,7 @@ #include <string.h> #include <openssl/err.h> #include <openssl/pem.h> #include <openssl/engine.h> #define RSA_SIGN 1 #define RSA_VERIFY 2 Loading @@ -82,8 +83,10 @@ int MAIN(int argc, char **); int MAIN(int argc, char **argv) { ENGINE *e = NULL; BIO *in = NULL, *out = NULL; char *infile = NULL, *outfile = NULL; char *engine = NULL; char *keyfile = NULL; char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY; int keyform = FORMAT_PEM; Loading Loading @@ -117,6 +120,9 @@ int MAIN(int argc, char **argv) } else if(!strcmp(*argv, "-inkey")) { if (--argc < 1) badarg = 1; keyfile = *(++argv); } else if(!strcmp(*argv, "-engine")) { if (--argc < 1) badarg = 1; engine = *(++argv); } else if(!strcmp(*argv, "-pubin")) { key_type = KEY_PUBKEY; } else if(!strcmp(*argv, "-certin")) { Loading Loading @@ -151,16 +157,34 @@ int MAIN(int argc, char **argv) goto end; } if (engine != NULL) { if((e = ENGINE_by_id(engine)) == NULL) { BIO_printf(bio_err,"invalid engine \"%s\"\n", engine); goto end; } if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) { BIO_printf(bio_err,"can't use that engine\n"); goto end; } BIO_printf(bio_err,"engine \"%s\" set.\n", engine); /* Free our "structural" reference. */ ENGINE_free(e); } /* FIXME: seed PRNG only if needed */ app_RAND_load_file(NULL, bio_err, 0); switch(key_type) { case KEY_PRIVKEY: pkey = load_key(bio_err, keyfile, keyform, NULL); pkey = load_key(bio_err, keyfile, keyform, NULL, e); break; case KEY_PUBKEY: pkey = load_pubkey(bio_err, keyfile, keyform); pkey = load_pubkey(bio_err, keyfile, keyform, e); break; case KEY_CERT: Loading
