diff options
Diffstat (limited to '')
| -rw-r--r-- | src/usr.bin/openssl/ts.c | 26 |
1 files changed, 8 insertions, 18 deletions
diff --git a/src/usr.bin/openssl/ts.c b/src/usr.bin/openssl/ts.c index ae7dfff615..e958d0aaff 100644 --- a/src/usr.bin/openssl/ts.c +++ b/src/usr.bin/openssl/ts.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ts.c,v 1.5 2015/08/22 16:36:05 jsing Exp $ */ | 1 | /* $OpenBSD: ts.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */ |
| 2 | /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL | 2 | /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL |
| 3 | * project 2002. | 3 | * project 2002. |
| 4 | */ | 4 | */ |
| @@ -92,13 +92,13 @@ static int create_digest(BIO * input, char *digest, | |||
| 92 | static ASN1_INTEGER *create_nonce(int bits); | 92 | static ASN1_INTEGER *create_nonce(int bits); |
| 93 | 93 | ||
| 94 | /* Reply related functions. */ | 94 | /* Reply related functions. */ |
| 95 | static int reply_command(CONF * conf, char *section, char *engine, | 95 | static int reply_command(CONF * conf, char *section, |
| 96 | char *queryfile, char *passin, char *inkey, | 96 | char *queryfile, char *passin, char *inkey, |
| 97 | char *signer, char *chain, const char *policy, | 97 | char *signer, char *chain, const char *policy, |
| 98 | char *in, int token_in, char *out, int token_out, | 98 | char *in, int token_in, char *out, int token_out, |
| 99 | int text); | 99 | int text); |
| 100 | static TS_RESP *read_PKCS7(BIO * in_bio); | 100 | static TS_RESP *read_PKCS7(BIO * in_bio); |
| 101 | static TS_RESP *create_response(CONF * conf, const char *section, char *engine, | 101 | static TS_RESP *create_response(CONF * conf, const char *section, |
| 102 | char *queryfile, char *passin, char *inkey, | 102 | char *queryfile, char *passin, char *inkey, |
| 103 | char *signer, char *chain, const char *policy); | 103 | char *signer, char *chain, const char *policy); |
| 104 | static ASN1_INTEGER *serial_cb(TS_RESP_CTX * ctx, void *data); | 104 | static ASN1_INTEGER *serial_cb(TS_RESP_CTX * ctx, void *data); |
| @@ -144,7 +144,6 @@ ts_main(int argc, char **argv) | |||
| 144 | char *ca_path = NULL; | 144 | char *ca_path = NULL; |
| 145 | char *ca_file = NULL; | 145 | char *ca_file = NULL; |
| 146 | char *untrusted = NULL; | 146 | char *untrusted = NULL; |
| 147 | char *engine = NULL; | ||
| 148 | /* Input is ContentInfo instead of TimeStampResp. */ | 147 | /* Input is ContentInfo instead of TimeStampResp. */ |
| 149 | int token_in = 0; | 148 | int token_in = 0; |
| 150 | /* Output is ContentInfo instead of TimeStampResp. */ | 149 | /* Output is ContentInfo instead of TimeStampResp. */ |
| @@ -233,10 +232,6 @@ ts_main(int argc, char **argv) | |||
| 233 | if (argc-- < 1) | 232 | if (argc-- < 1) |
| 234 | goto usage; | 233 | goto usage; |
| 235 | untrusted = *++argv; | 234 | untrusted = *++argv; |
| 236 | } else if (strcmp(*argv, "-engine") == 0) { | ||
| 237 | if (argc-- < 1) | ||
| 238 | goto usage; | ||
| 239 | engine = *++argv; | ||
| 240 | } else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL) { | 235 | } else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL) { |
| 241 | /* empty. */ | 236 | /* empty. */ |
| 242 | } else | 237 | } else |
| @@ -282,7 +277,7 @@ ts_main(int argc, char **argv) | |||
| 282 | goto usage; | 277 | goto usage; |
| 283 | } | 278 | } |
| 284 | 279 | ||
| 285 | ret = !reply_command(conf, section, engine, queryfile, | 280 | ret = !reply_command(conf, section, queryfile, |
| 286 | password, inkey, signer, chain, policy, | 281 | password, inkey, signer, chain, policy, |
| 287 | in, token_in, out, token_out, text); | 282 | in, token_in, out, token_out, text); |
| 288 | break; | 283 | break; |
| @@ -312,7 +307,7 @@ usage: | |||
| 312 | "[-signer tsa_cert.pem] [-inkey private_key.pem] " | 307 | "[-signer tsa_cert.pem] [-inkey private_key.pem] " |
| 313 | "[-chain certs_file.pem] [-policy object_id] " | 308 | "[-chain certs_file.pem] [-policy object_id] " |
| 314 | "[-in response.tsr] [-token_in] " | 309 | "[-in response.tsr] [-token_in] " |
| 315 | "[-out response.tsr] [-token_out] [-text] [-engine id]\n"); | 310 | "[-out response.tsr] [-token_out] [-text]\n"); |
| 316 | BIO_printf(bio_err, "or\n" | 311 | BIO_printf(bio_err, "or\n" |
| 317 | "ts -verify [-data file_to_hash] [-digest digest_bytes] " | 312 | "ts -verify [-data file_to_hash] [-digest digest_bytes] " |
| 318 | "[-queryfile request.tsq] " | 313 | "[-queryfile request.tsq] " |
| @@ -615,7 +610,7 @@ err: | |||
| 615 | */ | 610 | */ |
| 616 | 611 | ||
| 617 | static int | 612 | static int |
| 618 | reply_command(CONF * conf, char *section, char *engine, char *queryfile, | 613 | reply_command(CONF * conf, char *section, char *queryfile, |
| 619 | char *passin, char *inkey, char *signer, char *chain, const char *policy, | 614 | char *passin, char *inkey, char *signer, char *chain, const char *policy, |
| 620 | char *in, int token_in, char *out, int token_out, int text) | 615 | char *in, int token_in, char *out, int token_out, int text) |
| 621 | { | 616 | { |
| @@ -642,7 +637,7 @@ reply_command(CONF * conf, char *section, char *engine, char *queryfile, | |||
| 642 | response = d2i_TS_RESP_bio(in_bio, NULL); | 637 | response = d2i_TS_RESP_bio(in_bio, NULL); |
| 643 | } | 638 | } |
| 644 | } else { | 639 | } else { |
| 645 | response = create_response(conf, section, engine, queryfile, | 640 | response = create_response(conf, section, queryfile, |
| 646 | passin, inkey, signer, chain, | 641 | passin, inkey, signer, chain, |
| 647 | policy); | 642 | policy); |
| 648 | if (response) | 643 | if (response) |
| @@ -740,7 +735,7 @@ end: | |||
| 740 | } | 735 | } |
| 741 | 736 | ||
| 742 | static TS_RESP * | 737 | static TS_RESP * |
| 743 | create_response(CONF * conf, const char *section, char *engine, | 738 | create_response(CONF * conf, const char *section, |
| 744 | char *queryfile, char *passin, char *inkey, | 739 | char *queryfile, char *passin, char *inkey, |
| 745 | char *signer, char *chain, const char *policy) | 740 | char *signer, char *chain, const char *policy) |
| 746 | { | 741 | { |
| @@ -763,11 +758,6 @@ create_response(CONF * conf, const char *section, char *engine, | |||
| 763 | /* Setting serial number provider callback. */ | 758 | /* Setting serial number provider callback. */ |
| 764 | if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) | 759 | if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) |
| 765 | goto end; | 760 | goto end; |
| 766 | #ifndef OPENSSL_NO_ENGINE | ||
| 767 | /* Setting default OpenSSL engine. */ | ||
| 768 | if (!TS_CONF_set_crypto_device(conf, section, engine)) | ||
| 769 | goto end; | ||
| 770 | #endif | ||
| 771 | 761 | ||
| 772 | /* Setting TSA signer certificate. */ | 762 | /* Setting TSA signer certificate. */ |
| 773 | if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) | 763 | if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) |