Loading CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ Changes between 0.9.7 and 0.9.8 [xx XXX 2002] *) Make -nameopt work fully for req and add -reqopt switch. [Michael Bell <michael.bell@rz.hu-berlin.de>, Steve Henson] *) Add support for ECC-based ciphersuites from draft-ietf-tls-ecc-01.txt. As these are not official, they are not included in "ALL"; the "ECCdraft" ciphersuite group alias can be used to select them. Loading apps/apps.c +1 −0 Original line number Diff line number Diff line Loading @@ -1088,6 +1088,7 @@ int set_cert_ex(unsigned long *flags, const char *arg) { "no_extensions", X509_FLAG_NO_EXTENSIONS, 0}, { "no_sigdump", X509_FLAG_NO_SIGDUMP, 0}, { "no_aux", X509_FLAG_NO_AUX, 0}, { "no_attributes", X509_FLAG_NO_ATTRIBUTES, 0}, { "ext_default", X509V3_EXT_DEFAULT, X509V3_EXT_UNKNOWN_MASK}, { "ext_error", X509V3_EXT_ERROR_UNKNOWN, X509V3_EXT_UNKNOWN_MASK}, { "ext_parse", X509V3_EXT_PARSE_UNKNOWN, X509V3_EXT_UNKNOWN_MASK}, Loading apps/req.c +10 −4 Original line number Diff line number Diff line Loading @@ -155,7 +155,7 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_ECDSA EC_KEY *ec_params = NULL; #endif unsigned long nmflag = 0; unsigned long nmflag = 0, reqflag = 0; int ex=1,x509=0,days=30; X509 *x509ss=NULL; X509_REQ *req=NULL; Loading Loading @@ -408,6 +408,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; if (!set_name_ex(&nmflag, *(++argv))) goto bad; } else if (strcmp(*argv,"-reqopt") == 0) { if (--argc < 1) goto bad; if (!set_cert_ex(&reqflag, *(++argv))) goto bad; } else if (strcmp(*argv,"-subject") == 0) subject=1; else if (strcmp(*argv,"-text") == 0) Loading Loading @@ -504,6 +509,7 @@ bad: BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n"); BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n"); BIO_printf(bio_err," -nameopt arg - various certificate name options\n"); BIO_printf(bio_err," -reqopt arg - various request text options\n\n"); goto end; } Loading Loading @@ -1051,9 +1057,9 @@ loop: if (text) { if (x509) X509_print(out,x509ss); X509_print_ex(out, x509ss, nmflag, reqflag); else X509_REQ_print(out,req); X509_REQ_print_ex(out, req, nmflag, reqflag); } if(subject) Loading crypto/asn1/t_req.c +152 −111 Original line number Diff line number Diff line Loading @@ -82,7 +82,7 @@ int X509_REQ_print_fp(FILE *fp, X509_REQ *x) } #endif int X509_REQ_print(BIO *bp, X509_REQ *x) int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long cflag) { unsigned long l; int i; Loading @@ -92,33 +92,59 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) STACK_OF(X509_ATTRIBUTE) *sk; STACK_OF(X509_EXTENSION) *exts; char str[128]; char mlch = ' '; int nmindent = 0; ri=x->req_info; sprintf(str,"Certificate Request:\n"); if (BIO_puts(bp,str) <= 0) goto err; sprintf(str,"%4sData:\n",""); if (BIO_puts(bp,str) <= 0) goto err; if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { mlch = '\n'; nmindent = 12; } if(nmflags == X509_FLAG_COMPAT) nmindent = 16; ri=x->req_info; if(!(cflag & X509_FLAG_NO_HEADER)) { if (BIO_write(bp,"Certificate Request:\n",21) <= 0) goto err; if (BIO_write(bp," Data:\n",10) <= 0) goto err; } if(!(cflag & X509_FLAG_NO_VERSION)) { neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":""; l=0; for (i=0; i<ri->version->length; i++) { l<<=8; l+=ri->version->data[i]; } sprintf(str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,l); if (BIO_puts(bp,str) <= 0) goto err; sprintf(str,"%8sSubject: ",""); if (BIO_puts(bp,str) <= 0) goto err; X509_NAME_print(bp,ri->subject,16); sprintf(str,"\n%8sSubject Public Key Info:\n",""); if (BIO_puts(bp,str) <= 0) goto err; i=OBJ_obj2nid(ri->pubkey->algor->algorithm); sprintf(str,"%12sPublic Key Algorithm: %s\n","", (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); if (BIO_puts(bp,str) <= 0) goto err; } if(!(cflag & X509_FLAG_NO_SUBJECT)) { if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err; if (X509_NAME_print_ex(bp,ri->subject,nmindent, nmflags) < 0) goto err; if (BIO_write(bp,"\n",1) <= 0) goto err; } if(!(cflag & X509_FLAG_NO_PUBKEY)) { if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0) goto err; if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0) goto err; if (i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) <= 0) goto err; if (BIO_puts(bp, "\n") <= 0) goto err; pkey=X509_REQ_get_pubkey(x); if (pkey == NULL) { BIO_printf(bp,"%12sUnable to load Public Key\n",""); ERR_print_errors(bp); } else #ifndef OPENSSL_NO_RSA if (pkey != NULL && pkey->type == EVP_PKEY_RSA) if (pkey->type == EVP_PKEY_RSA) { BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", BN_num_bits(pkey->pkey.rsa->n)); Loading @@ -127,7 +153,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) else #endif #ifndef OPENSSL_NO_DSA if (pkey != NULL && pkey->type == EVP_PKEY_DSA) if (pkey->type == EVP_PKEY_DSA) { BIO_printf(bp,"%12sDSA Public Key:\n",""); DSA_print(bp,pkey->pkey.dsa,16); Loading @@ -135,19 +161,20 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) else #endif #ifndef OPENSSL_NO_EC if (pkey != NULL && pkey->type == EVP_PKEY_EC) if (pkey->type == EVP_PKEY_EC) { BIO_printf(bp, "%12sEC Public Key: \n",""); EC_KEY_print(bp, pkey->pkey.eckey, 16); } else #endif BIO_printf(bp,"%12sUnknown Public Key:\n",""); if (pkey != NULL) EVP_PKEY_free(pkey); } if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) { /* may not be */ sprintf(str,"%8sAttributes:\n",""); if (BIO_puts(bp,str) <= 0) goto err; Loading Loading @@ -210,11 +237,15 @@ get_next: if (++ii < count) goto get_next; } } } if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) { exts = X509_REQ_get_extensions(x); if(exts) { if(exts) { BIO_printf(bp,"%8sRequested Extensions:\n",""); for (i=0; i<sk_X509_EXTENSION_num(exts); i++) { for (i=0; i<sk_X509_EXTENSION_num(exts); i++) { ASN1_OBJECT *obj; X509_EXTENSION *ex; int j; Loading @@ -225,7 +256,8 @@ get_next: j=X509_EXTENSION_get_critical(ex); if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0) goto err; if(!X509V3_EXT_print(bp, ex, 0, 16)) { if(!X509V3_EXT_print(bp, ex, 0, 16)) { BIO_printf(bp, "%16s", ""); M_ASN1_OCTET_STRING_print(bp,ex->value); } Loading @@ -233,11 +265,20 @@ get_next: } sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); } } if(!(cflag & X509_FLAG_NO_SIGDUMP)) { if(!X509_signature_print(bp, x->sig_alg, x->signature)) goto err; } return(1); err: X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB); return(0); } int X509_REQ_print(BIO *bp, X509_REQ *x) { return X509_REQ_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT); } crypto/x509/x509.h +2 −0 Original line number Diff line number Diff line Loading @@ -348,6 +348,7 @@ DECLARE_STACK_OF(X509_TRUST) #define X509_FLAG_NO_EXTENSIONS (1L << 8) #define X509_FLAG_NO_SIGDUMP (1L << 9) #define X509_FLAG_NO_AUX (1L << 10) #define X509_FLAG_NO_ATTRIBUTES (1L << 11) /* Flags specific to X509_NAME_print_ex() */ Loading Loading @@ -1060,6 +1061,7 @@ int X509_print(BIO *bp,X509 *x); int X509_ocspid_print(BIO *bp,X509 *x); int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); int X509_CRL_print(BIO *bp,X509_CRL *x); int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag); int X509_REQ_print(BIO *bp,X509_REQ *req); #endif Loading Loading
CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ Changes between 0.9.7 and 0.9.8 [xx XXX 2002] *) Make -nameopt work fully for req and add -reqopt switch. [Michael Bell <michael.bell@rz.hu-berlin.de>, Steve Henson] *) Add support for ECC-based ciphersuites from draft-ietf-tls-ecc-01.txt. As these are not official, they are not included in "ALL"; the "ECCdraft" ciphersuite group alias can be used to select them. Loading
apps/apps.c +1 −0 Original line number Diff line number Diff line Loading @@ -1088,6 +1088,7 @@ int set_cert_ex(unsigned long *flags, const char *arg) { "no_extensions", X509_FLAG_NO_EXTENSIONS, 0}, { "no_sigdump", X509_FLAG_NO_SIGDUMP, 0}, { "no_aux", X509_FLAG_NO_AUX, 0}, { "no_attributes", X509_FLAG_NO_ATTRIBUTES, 0}, { "ext_default", X509V3_EXT_DEFAULT, X509V3_EXT_UNKNOWN_MASK}, { "ext_error", X509V3_EXT_ERROR_UNKNOWN, X509V3_EXT_UNKNOWN_MASK}, { "ext_parse", X509V3_EXT_PARSE_UNKNOWN, X509V3_EXT_UNKNOWN_MASK}, Loading
apps/req.c +10 −4 Original line number Diff line number Diff line Loading @@ -155,7 +155,7 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_ECDSA EC_KEY *ec_params = NULL; #endif unsigned long nmflag = 0; unsigned long nmflag = 0, reqflag = 0; int ex=1,x509=0,days=30; X509 *x509ss=NULL; X509_REQ *req=NULL; Loading Loading @@ -408,6 +408,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; if (!set_name_ex(&nmflag, *(++argv))) goto bad; } else if (strcmp(*argv,"-reqopt") == 0) { if (--argc < 1) goto bad; if (!set_cert_ex(&reqflag, *(++argv))) goto bad; } else if (strcmp(*argv,"-subject") == 0) subject=1; else if (strcmp(*argv,"-text") == 0) Loading Loading @@ -504,6 +509,7 @@ bad: BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n"); BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n"); BIO_printf(bio_err," -nameopt arg - various certificate name options\n"); BIO_printf(bio_err," -reqopt arg - various request text options\n\n"); goto end; } Loading Loading @@ -1051,9 +1057,9 @@ loop: if (text) { if (x509) X509_print(out,x509ss); X509_print_ex(out, x509ss, nmflag, reqflag); else X509_REQ_print(out,req); X509_REQ_print_ex(out, req, nmflag, reqflag); } if(subject) Loading
crypto/asn1/t_req.c +152 −111 Original line number Diff line number Diff line Loading @@ -82,7 +82,7 @@ int X509_REQ_print_fp(FILE *fp, X509_REQ *x) } #endif int X509_REQ_print(BIO *bp, X509_REQ *x) int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long cflag) { unsigned long l; int i; Loading @@ -92,33 +92,59 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) STACK_OF(X509_ATTRIBUTE) *sk; STACK_OF(X509_EXTENSION) *exts; char str[128]; char mlch = ' '; int nmindent = 0; ri=x->req_info; sprintf(str,"Certificate Request:\n"); if (BIO_puts(bp,str) <= 0) goto err; sprintf(str,"%4sData:\n",""); if (BIO_puts(bp,str) <= 0) goto err; if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { mlch = '\n'; nmindent = 12; } if(nmflags == X509_FLAG_COMPAT) nmindent = 16; ri=x->req_info; if(!(cflag & X509_FLAG_NO_HEADER)) { if (BIO_write(bp,"Certificate Request:\n",21) <= 0) goto err; if (BIO_write(bp," Data:\n",10) <= 0) goto err; } if(!(cflag & X509_FLAG_NO_VERSION)) { neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":""; l=0; for (i=0; i<ri->version->length; i++) { l<<=8; l+=ri->version->data[i]; } sprintf(str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,l); if (BIO_puts(bp,str) <= 0) goto err; sprintf(str,"%8sSubject: ",""); if (BIO_puts(bp,str) <= 0) goto err; X509_NAME_print(bp,ri->subject,16); sprintf(str,"\n%8sSubject Public Key Info:\n",""); if (BIO_puts(bp,str) <= 0) goto err; i=OBJ_obj2nid(ri->pubkey->algor->algorithm); sprintf(str,"%12sPublic Key Algorithm: %s\n","", (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); if (BIO_puts(bp,str) <= 0) goto err; } if(!(cflag & X509_FLAG_NO_SUBJECT)) { if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err; if (X509_NAME_print_ex(bp,ri->subject,nmindent, nmflags) < 0) goto err; if (BIO_write(bp,"\n",1) <= 0) goto err; } if(!(cflag & X509_FLAG_NO_PUBKEY)) { if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0) goto err; if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0) goto err; if (i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) <= 0) goto err; if (BIO_puts(bp, "\n") <= 0) goto err; pkey=X509_REQ_get_pubkey(x); if (pkey == NULL) { BIO_printf(bp,"%12sUnable to load Public Key\n",""); ERR_print_errors(bp); } else #ifndef OPENSSL_NO_RSA if (pkey != NULL && pkey->type == EVP_PKEY_RSA) if (pkey->type == EVP_PKEY_RSA) { BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", BN_num_bits(pkey->pkey.rsa->n)); Loading @@ -127,7 +153,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) else #endif #ifndef OPENSSL_NO_DSA if (pkey != NULL && pkey->type == EVP_PKEY_DSA) if (pkey->type == EVP_PKEY_DSA) { BIO_printf(bp,"%12sDSA Public Key:\n",""); DSA_print(bp,pkey->pkey.dsa,16); Loading @@ -135,19 +161,20 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) else #endif #ifndef OPENSSL_NO_EC if (pkey != NULL && pkey->type == EVP_PKEY_EC) if (pkey->type == EVP_PKEY_EC) { BIO_printf(bp, "%12sEC Public Key: \n",""); EC_KEY_print(bp, pkey->pkey.eckey, 16); } else #endif BIO_printf(bp,"%12sUnknown Public Key:\n",""); if (pkey != NULL) EVP_PKEY_free(pkey); } if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) { /* may not be */ sprintf(str,"%8sAttributes:\n",""); if (BIO_puts(bp,str) <= 0) goto err; Loading Loading @@ -210,11 +237,15 @@ get_next: if (++ii < count) goto get_next; } } } if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) { exts = X509_REQ_get_extensions(x); if(exts) { if(exts) { BIO_printf(bp,"%8sRequested Extensions:\n",""); for (i=0; i<sk_X509_EXTENSION_num(exts); i++) { for (i=0; i<sk_X509_EXTENSION_num(exts); i++) { ASN1_OBJECT *obj; X509_EXTENSION *ex; int j; Loading @@ -225,7 +256,8 @@ get_next: j=X509_EXTENSION_get_critical(ex); if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0) goto err; if(!X509V3_EXT_print(bp, ex, 0, 16)) { if(!X509V3_EXT_print(bp, ex, 0, 16)) { BIO_printf(bp, "%16s", ""); M_ASN1_OCTET_STRING_print(bp,ex->value); } Loading @@ -233,11 +265,20 @@ get_next: } sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); } } if(!(cflag & X509_FLAG_NO_SIGDUMP)) { if(!X509_signature_print(bp, x->sig_alg, x->signature)) goto err; } return(1); err: X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB); return(0); } int X509_REQ_print(BIO *bp, X509_REQ *x) { return X509_REQ_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT); }
crypto/x509/x509.h +2 −0 Original line number Diff line number Diff line Loading @@ -348,6 +348,7 @@ DECLARE_STACK_OF(X509_TRUST) #define X509_FLAG_NO_EXTENSIONS (1L << 8) #define X509_FLAG_NO_SIGDUMP (1L << 9) #define X509_FLAG_NO_AUX (1L << 10) #define X509_FLAG_NO_ATTRIBUTES (1L << 11) /* Flags specific to X509_NAME_print_ex() */ Loading Loading @@ -1060,6 +1061,7 @@ int X509_print(BIO *bp,X509 *x); int X509_ocspid_print(BIO *bp,X509 *x); int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); int X509_CRL_print(BIO *bp,X509_CRL *x); int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag); int X509_REQ_print(BIO *bp,X509_REQ *req); #endif Loading
