Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
cbdac46d
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
cbdac46d
编写于
19年前
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Update from stable branch.
上级
d2e0c817
无相关合并请求
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
43 addition
and
16 deletion
+43
-16
CHANGES
CHANGES
+3
-0
apps/ca.c
apps/ca.c
+40
-16
未找到文件。
CHANGES
浏览文件 @
cbdac46d
...
...
@@ -8,6 +8,9 @@
Changes between 0.9.7h and 0.9.8 [xx XXX xxxx]
*) Add -utf8 command line and config file option to 'ca'.
[Stefan <stf@udoma.org]
*) Correct naming of the 'chil' and '4758cca' ENGINEs. This
involves renaming the source and generated shared-libs for
both. The engines will accept the corrected or legacy ids
...
...
This diff is collapsed.
Click to expand it.
apps/ca.c
浏览文件 @
cbdac46d
...
...
@@ -105,6 +105,9 @@
#define ENV_DEFAULT_CA "default_ca"
#define STRING_MASK "string_mask"
#define UTF8_IN "utf8"
#define ENV_DIR "dir"
#define ENV_CERTS "certs"
#define ENV_CRL_DIR "crl_dir"
...
...
@@ -174,6 +177,7 @@ static const char *ca_usage[]={
" -msie_hack - msie modifications to handle all those universal strings
\n
"
,
" -revoke file - Revoke a certificate (given in file)
\n
"
,
" -subj arg - Use arg instead of request's subject
\n
"
,
" -utf8 - input characters are UTF8 (default ASCII)
\n
"
,
" -multivalue-rdn - enable support for multivalued RDNs
\n
"
,
" -extensions .. - Extension section (override value in config file)
\n
"
,
" -extfile file - Configuration file with X509v3 extentions to add
\n
"
,
...
...
@@ -195,27 +199,27 @@ extern int EF_ALIGNMENT;
static
void
lookup_fail
(
const
char
*
name
,
const
char
*
tag
);
static
int
certify
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
CA_DB
*
db
,
BIGNUM
*
serial
,
char
*
subj
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
BIGNUM
*
serial
,
char
*
subj
,
unsigned
long
chtype
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
char
*
enddate
,
long
days
,
int
batch
,
char
*
ext_sect
,
CONF
*
conf
,
int
verbose
,
unsigned
long
certopt
,
unsigned
long
nameopt
,
int
default_op
,
int
ext_copy
,
int
selfsign
);
static
int
certify_cert
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
CA_DB
*
db
,
BIGNUM
*
serial
,
char
*
subj
,
int
multirdn
,
int
email_dn
,
CA_DB
*
db
,
BIGNUM
*
serial
,
char
*
subj
,
unsigned
long
chtype
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
char
*
enddate
,
long
days
,
int
batch
,
char
*
ext_sect
,
CONF
*
conf
,
int
verbose
,
unsigned
long
certopt
,
unsigned
long
nameopt
,
int
default_op
,
int
ext_copy
,
ENGINE
*
e
);
static
int
certify_spkac
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
CA_DB
*
db
,
BIGNUM
*
serial
,
char
*
subj
,
int
multirdn
,
int
email_dn
,
CA_DB
*
db
,
BIGNUM
*
serial
,
char
*
subj
,
unsigned
long
chtype
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
char
*
enddate
,
long
days
,
char
*
ext_sect
,
CONF
*
conf
,
int
verbose
,
unsigned
long
certopt
,
unsigned
long
nameopt
,
int
default_op
,
int
ext_copy
);
static
int
fix_data
(
int
nid
,
int
*
type
);
static
void
write_new_certificate
(
BIO
*
bp
,
X509
*
x
,
int
output_der
,
int
notext
);
static
int
do_body
(
X509
**
xret
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
CA_DB
*
db
,
BIGNUM
*
serial
,
char
*
subj
,
int
multirdn
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
CA_DB
*
db
,
BIGNUM
*
serial
,
char
*
subj
,
unsigned
long
chtype
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
char
*
enddate
,
long
days
,
int
batch
,
int
verbose
,
X509_REQ
*
req
,
char
*
ext_sect
,
CONF
*
conf
,
unsigned
long
certopt
,
unsigned
long
nameopt
,
int
default_op
,
...
...
@@ -275,6 +279,7 @@ int MAIN(int argc, char **argv)
char
*
extensions
=
NULL
;
char
*
extfile
=
NULL
;
char
*
subj
=
NULL
;
unsigned
long
chtype
=
MBSTRING_ASC
;
int
multirdn
=
0
;
char
*
tmp_email_dn
=
NULL
;
char
*
crl_ext
=
NULL
;
...
...
@@ -356,6 +361,8 @@ EF_ALIGNMENT=0;
subj
=
*
(
++
argv
);
/* preserve=1; */
}
else
if
(
strcmp
(
*
argv
,
"-utf8"
)
==
0
)
chtype
=
MBSTRING_UTF8
;
else
if
(
strcmp
(
*
argv
,
"-create_serial"
)
==
0
)
create_ser
=
1
;
else
if
(
strcmp
(
*
argv
,
"-multivalue-rdn"
)
==
0
)
...
...
@@ -645,6 +652,23 @@ bad:
ERR_clear_error
();
app_RAND_load_file
(
randfile
,
bio_err
,
0
);
f
=
NCONF_get_string
(
conf
,
section
,
STRING_MASK
);
if
(
!
f
)
ERR_clear_error
();
if
(
f
&&
!
ASN1_STRING_set_default_mask_asc
(
f
))
{
BIO_printf
(
bio_err
,
"Invalid global string mask setting %s
\n
"
,
f
);
goto
err
;
}
if
(
chtype
!=
MBSTRING_UTF8
){
f
=
NCONF_get_string
(
conf
,
section
,
UTF8_IN
);
if
(
!
f
)
ERR_clear_error
();
else
if
(
!
strcmp
(
f
,
"yes"
))
chtype
=
MBSTRING_UTF8
;
}
db_attr
.
unique_subject
=
1
;
p
=
NCONF_get_string
(
conf
,
section
,
ENV_UNIQUE_SUBJECT
);
if
(
p
)
...
...
@@ -1135,7 +1159,7 @@ bad:
{
total
++
;
j
=
certify_spkac
(
&
x
,
spkac_file
,
pkey
,
x509
,
dgst
,
attribs
,
db
,
serial
,
subj
,
multirdn
,
email_dn
,
startdate
,
enddate
,
days
,
extensions
,
serial
,
subj
,
chtype
,
multirdn
,
email_dn
,
startdate
,
enddate
,
days
,
extensions
,
conf
,
verbose
,
certopt
,
nameopt
,
default_op
,
ext_copy
);
if
(
j
<
0
)
goto
err
;
if
(
j
>
0
)
...
...
@@ -1159,7 +1183,7 @@ bad:
{
total
++
;
j
=
certify_cert
(
&
x
,
ss_cert_file
,
pkey
,
x509
,
dgst
,
attribs
,
db
,
serial
,
subj
,
multirdn
,
email_dn
,
startdate
,
enddate
,
days
,
batch
,
db
,
serial
,
subj
,
chtype
,
multirdn
,
email_dn
,
startdate
,
enddate
,
days
,
batch
,
extensions
,
conf
,
verbose
,
certopt
,
nameopt
,
default_op
,
ext_copy
,
e
);
if
(
j
<
0
)
goto
err
;
...
...
@@ -1179,7 +1203,7 @@ bad:
{
total
++
;
j
=
certify
(
&
x
,
infile
,
pkey
,
x509p
,
dgst
,
attribs
,
db
,
serial
,
subj
,
multirdn
,
email_dn
,
startdate
,
enddate
,
days
,
batch
,
serial
,
subj
,
chtype
,
multirdn
,
email_dn
,
startdate
,
enddate
,
days
,
batch
,
extensions
,
conf
,
verbose
,
certopt
,
nameopt
,
default_op
,
ext_copy
,
selfsign
);
if
(
j
<
0
)
goto
err
;
...
...
@@ -1199,7 +1223,7 @@ bad:
{
total
++
;
j
=
certify
(
&
x
,
argv
[
i
],
pkey
,
x509p
,
dgst
,
attribs
,
db
,
serial
,
subj
,
multirdn
,
email_dn
,
startdate
,
enddate
,
days
,
batch
,
serial
,
subj
,
chtype
,
multirdn
,
email_dn
,
startdate
,
enddate
,
days
,
batch
,
extensions
,
conf
,
verbose
,
certopt
,
nameopt
,
default_op
,
ext_copy
,
selfsign
);
if
(
j
<
0
)
goto
err
;
...
...
@@ -1509,7 +1533,7 @@ static void lookup_fail(const char *name, const char *tag)
static
int
certify
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
CA_DB
*
db
,
BIGNUM
*
serial
,
char
*
subj
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
char
*
enddate
,
BIGNUM
*
serial
,
char
*
subj
,
unsigned
long
chtype
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
char
*
enddate
,
long
days
,
int
batch
,
char
*
ext_sect
,
CONF
*
lconf
,
int
verbose
,
unsigned
long
certopt
,
unsigned
long
nameopt
,
int
default_op
,
int
ext_copy
,
int
selfsign
)
...
...
@@ -1565,7 +1589,7 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
else
BIO_printf
(
bio_err
,
"Signature ok
\n
"
);
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
subj
,
multirdn
,
email_dn
,
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
subj
,
chtype
,
multirdn
,
email_dn
,
startdate
,
enddate
,
days
,
batch
,
verbose
,
req
,
ext_sect
,
lconf
,
certopt
,
nameopt
,
default_op
,
ext_copy
,
selfsign
);
...
...
@@ -1577,7 +1601,7 @@ err:
static
int
certify_cert
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
CA_DB
*
db
,
BIGNUM
*
serial
,
char
*
subj
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
char
*
enddate
,
BIGNUM
*
serial
,
char
*
subj
,
unsigned
long
chtype
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
char
*
enddate
,
long
days
,
int
batch
,
char
*
ext_sect
,
CONF
*
lconf
,
int
verbose
,
unsigned
long
certopt
,
unsigned
long
nameopt
,
int
default_op
,
int
ext_copy
,
ENGINE
*
e
)
...
...
@@ -1619,7 +1643,7 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
if
((
rreq
=
X509_to_X509_REQ
(
req
,
NULL
,
EVP_md5
()))
==
NULL
)
goto
err
;
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
subj
,
multirdn
,
email_dn
,
startdate
,
enddate
,
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
subj
,
chtype
,
multirdn
,
email_dn
,
startdate
,
enddate
,
days
,
batch
,
verbose
,
rreq
,
ext_sect
,
lconf
,
certopt
,
nameopt
,
default_op
,
ext_copy
,
0
);
...
...
@@ -1631,7 +1655,7 @@ err:
static
int
do_body
(
X509
**
xret
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
CA_DB
*
db
,
BIGNUM
*
serial
,
char
*
subj
,
int
multirdn
,
unsigned
long
chtype
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
char
*
enddate
,
long
days
,
int
batch
,
int
verbose
,
X509_REQ
*
req
,
char
*
ext_sect
,
CONF
*
lconf
,
unsigned
long
certopt
,
unsigned
long
nameopt
,
int
default_op
,
...
...
@@ -1664,7 +1688,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
if
(
subj
)
{
X509_NAME
*
n
=
parse_name
(
subj
,
MBSTRING_ASC
,
multirdn
);
X509_NAME
*
n
=
parse_name
(
subj
,
chtype
,
multirdn
);
if
(
!
n
)
{
...
...
@@ -2201,7 +2225,7 @@ static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext)
static
int
certify_spkac
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
CA_DB
*
db
,
BIGNUM
*
serial
,
char
*
subj
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
char
*
enddate
,
BIGNUM
*
serial
,
char
*
subj
,
unsigned
long
chtype
,
int
multirdn
,
int
email_dn
,
char
*
startdate
,
char
*
enddate
,
long
days
,
char
*
ext_sect
,
CONF
*
lconf
,
int
verbose
,
unsigned
long
certopt
,
unsigned
long
nameopt
,
int
default_op
,
int
ext_copy
)
{
...
...
@@ -2342,7 +2366,7 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
X509_REQ_set_pubkey
(
req
,
pktmp
);
EVP_PKEY_free
(
pktmp
);
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
subj
,
multirdn
,
email_dn
,
startdate
,
enddate
,
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
subj
,
chtype
,
multirdn
,
email_dn
,
startdate
,
enddate
,
days
,
1
,
verbose
,
req
,
ext_sect
,
lconf
,
certopt
,
nameopt
,
default_op
,
ext_copy
,
0
);
err:
...
...
This diff is collapsed.
Click to expand it.
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
反馈
建议
客服
返回
顶部