📄 req.c
字号:
goto end; } } else { req_conf=config; BIO_printf(bio_err,"Using configuration from %s\n", default_config_file); if (req_conf == NULL) { BIO_printf(bio_err,"Unable to load config info\n"); } } if (req_conf != NULL) { p=CONF_get_string(req_conf,NULL,"oid_file"); if (p != NULL) { BIO *oid_bio; oid_bio=BIO_new_file(p,"r"); if (oid_bio == NULL) { /* BIO_printf(bio_err,"problems opening %s for extra oid's\n",p); ERR_print_errors(bio_err); */ } else { OBJ_create_objects(oid_bio); BIO_free(oid_bio); } } } if(!add_oid_section(bio_err, req_conf)) goto end; if ((md_alg == NULL) && ((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL)) { if ((md_alg=EVP_get_digestbyname(p)) != NULL) digest=md_alg; } if(!extensions) extensions = CONF_get_string(req_conf, SECTION, V3_EXTENSIONS); if(extensions) { /* Check syntax of file */ X509V3_CTX ctx; X509V3_set_ctx_test(&ctx); X509V3_set_conf_lhash(&ctx, req_conf); if(!X509V3_EXT_add_conf(req_conf, &ctx, extensions, NULL)) { BIO_printf(bio_err, "Error Loading extension section %s\n", extensions); goto end; } } if(!passin) passin = CONF_get_string(req_conf, SECTION, "input_password"); if(!passout) passout = CONF_get_string(req_conf, SECTION, "output_password"); p = CONF_get_string(req_conf, SECTION, STRING_MASK); if(p && !ASN1_STRING_set_default_mask_asc(p)) { BIO_printf(bio_err, "Invalid global string mask setting %s\n", p); goto end; } if(!req_exts) req_exts = CONF_get_string(req_conf, SECTION, REQ_EXTENSIONS); if(req_exts) { /* Check syntax of file */ X509V3_CTX ctx; X509V3_set_ctx_test(&ctx); X509V3_set_conf_lhash(&ctx, req_conf); if(!X509V3_EXT_add_conf(req_conf, &ctx, req_exts, NULL)) { BIO_printf(bio_err, "Error Loading request extension section %s\n", req_exts); goto end; } } in=BIO_new(BIO_s_file()); out=BIO_new(BIO_s_file()); if ((in == NULL) || (out == NULL)) goto end; if (keyfile != NULL) { if (BIO_read_filename(in,keyfile) <= 0) { perror(keyfile); goto end; } if (keyform == FORMAT_ASN1) pkey=d2i_PrivateKey_bio(in,NULL); else if (keyform == FORMAT_PEM) { pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,passin); } else { BIO_printf(bio_err,"bad input format specified for X509 request\n"); goto end; } if (pkey == NULL) { BIO_printf(bio_err,"unable to load Private key\n"); goto end; } if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) { char *randfile = CONF_get_string(req_conf,SECTION,"RANDFILE"); app_RAND_load_file(randfile, bio_err, 0); } } if (newreq && (pkey == NULL)) { char *randfile = CONF_get_string(req_conf,SECTION,"RANDFILE"); app_RAND_load_file(randfile, bio_err, 0); if (inrand) app_RAND_load_files(inrand); if (newkey <= 0) { newkey=(int)CONF_get_number(req_conf,SECTION,BITS); if (newkey <= 0) newkey=DEFAULT_KEY_LENGTH; } if (newkey < MIN_KEY_LENGTH) { BIO_printf(bio_err,"private key length is too short,\n"); BIO_printf(bio_err,"it needs to be at least %d bits, not %d\n",MIN_KEY_LENGTH,newkey); goto end; } BIO_printf(bio_err,"Generating a %d bit %s private key\n", newkey,(pkey_type == TYPE_RSA)?"RSA":"DSA"); if ((pkey=EVP_PKEY_new()) == NULL) goto end;#ifndef NO_RSA if (pkey_type == TYPE_RSA) { if (!EVP_PKEY_assign_RSA(pkey, RSA_generate_key(newkey,0x10001, req_cb,bio_err))) goto end; } else#endif#ifndef NO_DSA if (pkey_type == TYPE_DSA) { if (!DSA_generate_key(dsa_params)) goto end; if (!EVP_PKEY_assign_DSA(pkey,dsa_params)) goto end; dsa_params=NULL; }#endif app_RAND_write_file(randfile, bio_err); if (pkey == NULL) goto end; if (keyout == NULL) keyout=CONF_get_string(req_conf,SECTION,KEYFILE); if (keyout == NULL) { BIO_printf(bio_err,"writing new private key to stdout\n"); BIO_set_fp(out,stdout,BIO_NOCLOSE);#ifdef VMS { BIO *tmpbio = BIO_new(BIO_f_linebuffer()); out = BIO_push(tmpbio, out); }#endif } else { BIO_printf(bio_err,"writing new private key to '%s'\n",keyout); if (BIO_write_filename(out,keyout) <= 0) { perror(keyout); goto end; } } p=CONF_get_string(req_conf,SECTION,"encrypt_rsa_key"); if (p == NULL) p=CONF_get_string(req_conf,SECTION,"encrypt_key"); if ((p != NULL) && (strcmp(p,"no") == 0)) cipher=NULL; if (nodes) cipher=NULL; i=0;loop: if (!PEM_write_bio_PrivateKey(out,pkey,cipher, NULL,0,NULL,passout)) { if ((ERR_GET_REASON(ERR_peek_error()) == PEM_R_PROBLEMS_GETTING_PASSWORD) && (i < 3)) { ERR_clear_error(); i++; goto loop; } goto end; } BIO_printf(bio_err,"-----\n"); } if (!newreq) { /* Since we are using a pre-existing certificate * request, the kludge 'format' info should not be * changed. */ kludge= -1; if (infile == NULL) BIO_set_fp(in,stdin,BIO_NOCLOSE); else { if (BIO_read_filename(in,infile) <= 0) { perror(infile); goto end; } } if (informat == FORMAT_ASN1) req=d2i_X509_REQ_bio(in,NULL); else if (informat == FORMAT_PEM) req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL); else { BIO_printf(bio_err,"bad input format specified for X509 request\n"); goto end; } if (req == NULL) { BIO_printf(bio_err,"unable to load X509 request\n"); goto end; } } if (newreq || x509) { if (pkey == NULL) { BIO_printf(bio_err,"you need to specify a private key\n"); goto end; }#ifndef NO_DSA if (pkey->type == EVP_PKEY_DSA) digest=EVP_dss1();#endif if (req == NULL) { req=X509_REQ_new(); if (req == NULL) { goto end; } i=make_REQ(req,pkey,!x509); if (kludge >= 0) req->req_info->req_kludge=kludge; if (!i) { BIO_printf(bio_err,"problems making Certificate Request\n"); goto end; } } if (x509) { EVP_PKEY *tmppkey; X509V3_CTX ext_ctx; if ((x509ss=X509_new()) == NULL) goto end; /* Set version to V3 */ if(!X509_set_version(x509ss, 2)) goto end; if (!ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L)) goto end; if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req))) goto end; if (!X509_gmtime_adj(X509_get_notBefore(x509ss),0)) goto end; if (!X509_gmtime_adj(X509_get_notAfter(x509ss), (long)60*60*24*days)) goto end; if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) goto end; tmppkey = X509_REQ_get_pubkey(req); if (!tmppkey || !X509_set_pubkey(x509ss,tmppkey)) goto end; EVP_PKEY_free(tmppkey); /* Set up V3 context struct */ X509V3_set_ctx(&ext_ctx, x509ss, x509ss, NULL, NULL, 0); X509V3_set_conf_lhash(&ext_ctx, req_conf); /* Add extensions */ if(extensions && !X509V3_EXT_add_conf(req_conf, &ext_ctx, extensions, x509ss)) { BIO_printf(bio_err, "Error Loading extension section %s\n", extensions); goto end; } if (!(i=X509_sign(x509ss,pkey,digest))) goto end; } else { X509V3_CTX ext_ctx; /* Set up V3 context struct */ X509V3_set_ctx(&ext_ctx, NULL, NULL, req, NULL, 0); X509V3_set_conf_lhash(&ext_ctx, req_conf); /* Add extensions */ if(req_exts && !X509V3_EXT_REQ_add_conf(req_conf, &ext_ctx, req_exts, req)) { BIO_printf(bio_err, "Error Loading extension section %s\n", req_exts); goto end; } if (!(i=X509_REQ_sign(req,pkey,digest))) goto end; } } if (verify && !x509) { int tmp=0; if (pkey == NULL) { pkey=X509_REQ_get_pubkey(req); tmp=1; if (pkey == NULL) goto end; } i=X509_REQ_verify(req,pkey); if (tmp) { EVP_PKEY_free(pkey); pkey=NULL; } if (i < 0) { goto end; } else if (i == 0) { BIO_printf(bio_err,"verify failure\n"); } else /* if (i > 0) */ BIO_printf(bio_err,"verify OK\n"); } if (noout && !text && !modulus) { ex=0; goto end; } if (outfile == NULL) { BIO_set_fp(out,stdout,BIO_NOCLOSE);#ifdef VMS { BIO *tmpbio = BIO_new(BIO_f_linebuffer()); out = BIO_push(tmpbio, out); }#endif } else { if ((keyout != NULL) && (strcmp(outfile,keyout) == 0)) i=(int)BIO_append_filename(out,outfile); else i=(int)BIO_write_filename(out,outfile); if (!i) { perror(outfile); goto end; } } if (text) { if (x509) X509_print(out,x509ss); else X509_REQ_print(out,req); } if (modulus) { EVP_PKEY *pubkey; if (x509) pubkey=X509_get_pubkey(x509ss); else pubkey=X509_REQ_get_pubkey(req); if (pubkey == NULL) { fprintf(stdout,"Modulus=unavailable\n"); goto end; } fprintf(stdout,"Modulus=");#ifndef NO_RSA if (pubkey->type == EVP_PKEY_RSA) BN_print(out,pubkey->pkey.rsa->n); else#endif fprintf(stdout,"Wrong Algorithm type"); fprintf(stdout,"\n"); } if (!noout && !x509) {⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -