Commit 5b40d7dd authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Add -passin argument to dgst command.

parent 8f284faa
Loading
Loading
Loading
Loading
+3 −0
Original line number Diff line number Diff line
@@ -745,6 +745,9 @@

 Changes between 0.9.7e and 0.9.7f  [XX xxx XXXX]

  *) Add new -passin argument to dgst.
     [Steve Henson]

  *) Perform some character comparisons of different types in X509_NAME_cmp:
     this is needed for some certificates that reencode DNs into UTF8Strings
     (in violation of RFC3280) and can't or wont issue name rollover
+16 −1
Original line number Diff line number Diff line
@@ -100,6 +100,7 @@ int MAIN(int argc, char **argv)
	EVP_PKEY *sigkey = NULL;
	unsigned char *sigbuf = NULL;
	int siglen = 0;
	char *passargin = NULL, *passin = NULL;
#ifndef OPENSSL_NO_ENGINE
	char *engine=NULL;
#endif
@@ -145,6 +146,12 @@ int MAIN(int argc, char **argv)
			if (--argc < 1) break;
			keyfile=*(++argv);
			}
		else if (!strcmp(*argv,"-passin"))
			{
			if (--argc < 1)
				break;
			passargin=*++argv;
			}
		else if (strcmp(*argv,"-verify") == 0)
			{
			if (--argc < 1) break;
@@ -257,6 +264,12 @@ int MAIN(int argc, char **argv)
		BIO_set_callback_arg(in,bio_err);
		}

	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
		{
		BIO_printf(bio_err, "Error getting password\n");
		goto end;
		}

	if ((in == NULL) || (bmd == NULL))
		{
		ERR_print_errors(bio_err);
@@ -298,7 +311,7 @@ int MAIN(int argc, char **argv)
			sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
				e, "key file");
		else
			sigkey = load_key(bio_err, keyfile, keyform, 0, NULL,
			sigkey = load_key(bio_err, keyfile, keyform, 0, passin,
				e, "key file");
		if (!sigkey)
			{
@@ -385,6 +398,8 @@ end:
		OPENSSL_free(buf);
		}
	if (in != NULL) BIO_free(in);
	if (passin)
		OPENSSL_free(passin);
	BIO_free_all(out);
	EVP_PKEY_free(sigkey);
	if(sigbuf) OPENSSL_free(sigbuf);
+6 −0
Original line number Diff line number Diff line
@@ -14,6 +14,7 @@ B<openssl> B<dgst>
[B<-binary>]
[B<-out filename>]
[B<-sign filename>]
[B<-passin arg>]
[B<-verify filename>]
[B<-prverify filename>]
[B<-signature filename>]
@@ -59,6 +60,11 @@ filename to output to, or standard output by default.

digitally sign the digest using the private key in "filename".

=item B<-passin arg>

the private key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.

=item B<-verify filename>

verify the signature using the the public key in "filename".