From 554fa5724d58481f6d98cf1f31538602c83777e3 Mon Sep 17 00:00:00 2001 From: tb <> Date: Sun, 19 Jan 2025 10:24:17 +0000 Subject: Remove -C option from "apps" As far as I can tell, this way of generating "C code" was only used to add stuff to pretty regress and even prettier speed "app" and otherwise it just served to make the library maintainer's lives even more miserable. ok jsing --- src/usr.bin/openssl/dh.c | 54 +-------------- src/usr.bin/openssl/dhparam.c | 60 +--------------- src/usr.bin/openssl/dsaparam.c | 65 +----------------- src/usr.bin/openssl/ecparam.c | 152 +---------------------------------------- src/usr.bin/openssl/openssl.1 | 25 +------ src/usr.bin/openssl/x509.c | 92 +------------------------ 6 files changed, 12 insertions(+), 436 deletions(-) (limited to 'src') diff --git a/src/usr.bin/openssl/dh.c b/src/usr.bin/openssl/dh.c index a4c02235f2..d7c7d2db91 100644 --- a/src/usr.bin/openssl/dh.c +++ b/src/usr.bin/openssl/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.15 2023/03/06 14:32:05 tb Exp $ */ +/* $OpenBSD: dh.c,v 1.16 2025/01/19 10:24:17 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -75,7 +75,6 @@ #include static struct { - int C; int check; char *infile; int informat; @@ -86,12 +85,6 @@ static struct { } cfg; static const struct option dh_options[] = { - { - .name = "C", - .desc = "Convert DH parameters into C code", - .type = OPTION_FLAG, - .opt.flag = &cfg.C, - }, { .name = "check", .desc = "Check the DH parameters", @@ -145,7 +138,7 @@ static void dh_usage(void) { fprintf(stderr, - "usage: dh [-C] [-check] [-in file] [-inform format]\n" + "usage: dh [-check] [-in file] [-inform format]\n" " [-noout] [-out file] [-outform format] [-text]\n\n"); options_usage(dh_options); } @@ -228,49 +221,6 @@ dh_main(int argc, char **argv) if (i == 0) printf("DH parameters appear to be ok.\n"); } - if (cfg.C) { - unsigned char *data; - int len, l, bits; - - len = BN_num_bytes(DH_get0_p(dh)); - bits = BN_num_bits(DH_get0_p(dh)); - data = malloc(len); - if (data == NULL) { - perror("malloc"); - goto end; - } - l = BN_bn2bin(DH_get0_p(dh), data); - printf("static unsigned char dh%d_p[] = {", bits); - for (i = 0; i < l; i++) { - if ((i % 12) == 0) - printf("\n\t"); - printf("0x%02X, ", data[i]); - } - printf("\n\t};\n"); - - l = BN_bn2bin(DH_get0_g(dh), data); - printf("static unsigned char dh%d_g[] = {", bits); - for (i = 0; i < l; i++) { - if ((i % 12) == 0) - printf("\n\t"); - printf("0x%02X, ", data[i]); - } - printf("\n\t};\n\n"); - - printf("DH *get_dh%d()\n\t{\n", bits); - printf("\tDH *dh;\n"); - printf("\tBIGNUM *p = NULL, *g = NULL;\n\n"); - printf("\tif ((dh = DH_new()) == NULL) return(NULL);\n"); - printf("\tp = BN_bin2bn(dh%d_p, sizeof(dh%d_p), NULL);\n", - bits, bits); - printf("\tg = BN_bin2bn(dh%d_g, sizeof(dh%d_g), NULL);\n", - bits, bits); - printf("\tif (p == NULL || g == NULL)\n"); - printf("\t\t{ BN_free(p); BN_free(q); DH_free(dh); return(NULL); }\n"); - printf("\tDH_set0_pqg(dh, p, NULL, g);\n"); - printf("\treturn(dh);\n\t}\n"); - free(data); - } if (!cfg.noout) { if (cfg.outformat == FORMAT_ASN1) i = i2d_DHparams_bio(out, dh); diff --git a/src/usr.bin/openssl/dhparam.c b/src/usr.bin/openssl/dhparam.c index 00bf697264..752f9ee01a 100644 --- a/src/usr.bin/openssl/dhparam.c +++ b/src/usr.bin/openssl/dhparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dhparam.c,v 1.18 2023/07/23 11:39:29 tb Exp $ */ +/* $OpenBSD: dhparam.c,v 1.19 2025/01/19 10:24:17 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -132,7 +132,6 @@ #define DEFBITS 2048 static struct { - int C; int check; int dsaparam; int g; @@ -160,12 +159,6 @@ static const struct option dhparam_options[] = { .opt.value = &cfg.g, .value = 5, }, - { - .name = "C", - .desc = "Convert DH parameters into C code", - .type = OPTION_FLAG, - .opt.flag = &cfg.C, - }, { .name = "check", .desc = "Check the DH parameters", @@ -225,7 +218,7 @@ static void dhparam_usage(void) { fprintf(stderr, - "usage: dhparam [-2 | -5] [-C] [-check] [-dsaparam]\n" + "usage: dhparam [-2 | -5] [-check] [-dsaparam]\n" " [-in file] [-inform DER | PEM] [-noout] [-out file]\n" " [-outform DER | PEM] [-text] [numbits]\n\n"); options_usage(dhparam_options); @@ -405,55 +398,6 @@ dhparam_main(int argc, char **argv) if (i == 0) printf("DH parameters appear to be ok.\n"); } - if (cfg.C) { - unsigned char *data; - int len, l, bits; - - len = BN_num_bytes(DH_get0_p(dh)); - bits = BN_num_bits(DH_get0_p(dh)); - data = malloc(len); - if (data == NULL) { - perror("malloc"); - goto end; - } - printf("#ifndef HEADER_DH_H\n" - "#include \n" - "#endif\n"); - printf("DH *get_dh%d()\n\t{\n", bits); - - l = BN_bn2bin(DH_get0_p(dh), data); - printf("\tstatic unsigned char dh%d_p[] = {", bits); - for (i = 0; i < l; i++) { - if ((i % 12) == 0) - printf("\n\t\t"); - printf("0x%02X, ", data[i]); - } - printf("\n\t\t};\n"); - - l = BN_bn2bin(DH_get0_g(dh), data); - printf("\tstatic unsigned char dh%d_g[] = {", bits); - for (i = 0; i < l; i++) { - if ((i % 12) == 0) - printf("\n\t\t"); - printf("0x%02X, ", data[i]); - } - printf("\n\t\t};\n"); - - printf("\tDH *dh;\n"); - printf("\tBIGNUM *p = NULL, *g = NULL;\n\n"); - printf("\tif ((dh = DH_new()) == NULL) return(NULL);\n"); - printf("\tp = BN_bin2bn(dh%d_p, sizeof(dh%d_p), NULL);\n", - bits, bits); - printf("\tg = BN_bin2bn(dh%d_g, sizeof(dh%d_g), NULL);\n", - bits, bits); - printf("\tif (p == NULL || g == NULL)\n"); - printf("\t\t{ BN_free(p); BN_free(g); DH_free(dh); return(NULL); }\n"); - printf("\tDH_set0_pqg(dh, p, NULL, g);\n"); - if (DH_get_length(dh) > 0) - printf("\tDH_set_length(dh, %ld);\n", DH_get_length(dh)); - printf("\treturn(dh);\n\t}\n"); - free(data); - } if (!cfg.noout) { if (cfg.outformat == FORMAT_ASN1) i = i2d_DHparams_bio(out, dh); diff --git a/src/usr.bin/openssl/dsaparam.c b/src/usr.bin/openssl/dsaparam.c index bc9ccd14d8..962f261210 100644 --- a/src/usr.bin/openssl/dsaparam.c +++ b/src/usr.bin/openssl/dsaparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsaparam.c,v 1.15 2023/03/06 14:32:06 tb Exp $ */ +/* $OpenBSD: dsaparam.c,v 1.16 2025/01/19 10:24:17 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -80,7 +80,6 @@ #include static struct { - int C; int genkey; char *infile; int informat; @@ -91,12 +90,6 @@ static struct { } cfg; static const struct option dsaparam_options[] = { - { - .name = "C", - .desc = "Convert DSA parameters into C code", - .type = OPTION_FLAG, - .opt.flag = &cfg.C, - }, { .name = "genkey", .desc = "Generate a DSA key", @@ -150,7 +143,7 @@ static void dsaparam_usage(void) { fprintf(stderr, - "usage: dsaparam [-C] [-genkey] [-in file]\n" + "usage: dsaparam [-genkey] [-in file]\n" " [-inform format] [-noout] [-out file] [-outform format]\n" " [-text] [numbits]\n\n"); options_usage(dsaparam_options); @@ -253,60 +246,6 @@ dsaparam_main(int argc, char **argv) if (cfg.text) { DSAparams_print(out, dsa); } - if (cfg.C) { - unsigned char *data; - int l, len, bits_p; - - len = BN_num_bytes(DSA_get0_p(dsa)); - bits_p = BN_num_bits(DSA_get0_p(dsa)); - data = malloc(len + 20); - if (data == NULL) { - perror("malloc"); - goto end; - } - l = BN_bn2bin(DSA_get0_p(dsa), data); - printf("static unsigned char dsa%d_p[] = {", bits_p); - for (i = 0; i < l; i++) { - if ((i % 12) == 0) - printf("\n\t"); - printf("0x%02X, ", data[i]); - } - printf("\n\t};\n"); - - l = BN_bn2bin(DSA_get0_q(dsa), data); - printf("static unsigned char dsa%d_q[] = {", bits_p); - for (i = 0; i < l; i++) { - if ((i % 12) == 0) - printf("\n\t"); - printf("0x%02X, ", data[i]); - } - printf("\n\t};\n"); - - l = BN_bn2bin(DSA_get0_g(dsa), data); - printf("static unsigned char dsa%d_g[] = {", bits_p); - for (i = 0; i < l; i++) { - if ((i % 12) == 0) - printf("\n\t"); - printf("0x%02X, ", data[i]); - } - free(data); - printf("\n\t};\n\n"); - - printf("DSA *get_dsa%d()\n\t{\n", bits_p); - printf("\tBIGNUM *p = NULL, *q = NULL, *g = NULL;\n"); - printf("\tDSA *dsa;\n\n"); - printf("\tif ((dsa = DSA_new()) == NULL) return(NULL);\n"); - printf("\tp = BN_bin2bn(dsa%d_p, sizeof(dsa%d_p), NULL);\n", - bits_p, bits_p); - printf("\tq = BN_bin2bn(dsa%d_q, sizeof(dsa%d_q), NULL);\n", - bits_p, bits_p); - printf("\tg = BN_bin2bn(dsa%d_g, sizeof(dsa%d_g), NULL);\n", - bits_p, bits_p); - printf("\tif (p == NULL || q == NULL || g == NULL)\n"); - printf("\t\t{ BN_free(p); BN_free(q); BN_free(g); DSA_free(dsa); return(NULL); }\n"); - printf("\tDSA_set0_pqg(dsa, p, q, g);\n"); - printf("\treturn(dsa);\n\t}\n"); - } if (!cfg.noout) { if (cfg.outformat == FORMAT_ASN1) i = i2d_DSAparams_bio(out, dsa); diff --git a/src/usr.bin/openssl/ecparam.c b/src/usr.bin/openssl/ecparam.c index 2d2755acfc..285f5d563e 100644 --- a/src/usr.bin/openssl/ecparam.c +++ b/src/usr.bin/openssl/ecparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecparam.c,v 1.24 2025/01/19 07:41:52 tb Exp $ */ +/* $OpenBSD: ecparam.c,v 1.25 2025/01/19 10:24:17 tb Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -87,11 +87,7 @@ #include #include -static int ecparam_print_var(BIO *, BIGNUM *, const char *, int, - unsigned char *); - static struct { - int C; int asn1_flag; int check; char *curve_name; @@ -140,12 +136,6 @@ ecparam_opt_enctype(char *arg) } static const struct option ecparam_options[] = { - { - .name = "C", - .desc = "Convert the EC parameters into C code", - .type = OPTION_FLAG, - .opt.flag = &cfg.C, - }, { .name = "check", .desc = "Validate the elliptic curve parameters", @@ -241,7 +231,7 @@ static const struct option ecparam_options[] = { static void ecparam_usage(void) { - fprintf(stderr, "usage: ecparam [-C] [-check] [-conv_form arg] " + fprintf(stderr, "usage: ecparam [-check] [-conv_form arg] " " [-genkey]\n" " [-in file] [-inform DER | PEM] [-list_curves] [-name arg]\n" " [-no_seed] [-noout] [-out file] [-outform DER | PEM]\n" @@ -252,10 +242,7 @@ ecparam_usage(void) int ecparam_main(int argc, char **argv) { - BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL, *ec_gen = NULL; - BIGNUM *ec_order = NULL, *ec_cofactor = NULL; EC_GROUP *group = NULL; - unsigned char *buffer = NULL; BIO *in = NULL, *out = NULL; int i, ret = 1; @@ -403,109 +390,6 @@ ecparam_main(int argc, char **argv) BIO_printf(bio_err, "ok\n"); } - if (cfg.C) { - size_t buf_len = 0, tmp_len = 0; - const EC_POINT *point; - int len = 0; - - if ((ec_p = BN_new()) == NULL || (ec_a = BN_new()) == NULL || - (ec_b = BN_new()) == NULL || (ec_gen = BN_new()) == NULL || - (ec_order = BN_new()) == NULL || - (ec_cofactor = BN_new()) == NULL) { - perror("malloc"); - goto end; - } - - if (!EC_GROUP_get_curve(group, ec_p, ec_a, ec_b, NULL)) - goto end; - - if ((point = EC_GROUP_get0_generator(group)) == NULL) - goto end; - if (!EC_POINT_point2bn(group, point, - EC_GROUP_get_point_conversion_form(group), ec_gen, - NULL)) - goto end; - if (!EC_GROUP_get_order(group, ec_order, NULL)) - goto end; - if (!EC_GROUP_get_cofactor(group, ec_cofactor, NULL)) - goto end; - - len = BN_num_bits(ec_order); - - if ((tmp_len = (size_t) BN_num_bytes(ec_p)) > buf_len) - buf_len = tmp_len; - if ((tmp_len = (size_t) BN_num_bytes(ec_a)) > buf_len) - buf_len = tmp_len; - if ((tmp_len = (size_t) BN_num_bytes(ec_b)) > buf_len) - buf_len = tmp_len; - if ((tmp_len = (size_t) BN_num_bytes(ec_gen)) > buf_len) - buf_len = tmp_len; - if ((tmp_len = (size_t) BN_num_bytes(ec_order)) > buf_len) - buf_len = tmp_len; - if ((tmp_len = (size_t) BN_num_bytes(ec_cofactor)) > buf_len) - buf_len = tmp_len; - - buffer = malloc(buf_len); - - if (buffer == NULL) { - perror("malloc"); - goto end; - } - ecparam_print_var(out, ec_p, "ec_p", len, buffer); - ecparam_print_var(out, ec_a, "ec_a", len, buffer); - ecparam_print_var(out, ec_b, "ec_b", len, buffer); - ecparam_print_var(out, ec_gen, "ec_gen", len, buffer); - ecparam_print_var(out, ec_order, "ec_order", len, buffer); - ecparam_print_var(out, ec_cofactor, "ec_cofactor", len, - buffer); - - BIO_printf(out, "\n\n"); - - BIO_printf(out, "EC_GROUP *get_ec_group_%d(void)\n\t{\n", len); - BIO_printf(out, "\tint ok=0;\n"); - BIO_printf(out, "\tEC_GROUP *group = NULL;\n"); - BIO_printf(out, "\tEC_POINT *point = NULL;\n"); - BIO_printf(out, "\tBIGNUM *tmp_1 = NULL, *tmp_2 = NULL, " - "*tmp_3 = NULL;\n\n"); - BIO_printf(out, "\tif ((tmp_1 = BN_bin2bn(ec_p_%d, " - "sizeof(ec_p_%d), NULL)) == NULL)\n\t\t" - "goto err;\n", len, len); - BIO_printf(out, "\tif ((tmp_2 = BN_bin2bn(ec_a_%d, " - "sizeof(ec_a_%d), NULL)) == NULL)\n\t\t" - "goto err;\n", len, len); - BIO_printf(out, "\tif ((tmp_3 = BN_bin2bn(ec_b_%d, " - "sizeof(ec_b_%d), NULL)) == NULL)\n\t\t" - "goto err;\n", len, len); - BIO_printf(out, "\tif ((group = EC_GROUP_new_curve_GFp" - "(tmp_1, tmp_2, tmp_3, NULL)) == NULL)\n\t\tgoto err;\n\n"); - BIO_printf(out, "\t/* build generator */\n"); - BIO_printf(out, "\tif ((tmp_1 = BN_bin2bn(ec_gen_%d, " - "sizeof(ec_gen_%d), tmp_1)) == NULL)" - "\n\t\tgoto err;\n", len, len); - BIO_printf(out, "\tpoint = EC_POINT_bn2point(group, tmp_1, " - "NULL, NULL);\n"); - BIO_printf(out, "\tif (point == NULL)\n\t\tgoto err;\n"); - BIO_printf(out, "\tif ((tmp_2 = BN_bin2bn(ec_order_%d, " - "sizeof(ec_order_%d), tmp_2)) == NULL)" - "\n\t\tgoto err;\n", len, len); - BIO_printf(out, "\tif ((tmp_3 = BN_bin2bn(ec_cofactor_%d, " - "sizeof(ec_cofactor_%d), tmp_3)) == NULL)" - "\n\t\tgoto err;\n", len, len); - BIO_printf(out, "\tif (!EC_GROUP_set_generator(group, point," - " tmp_2, tmp_3))\n\t\tgoto err;\n"); - BIO_printf(out, "\n\tok=1;\n"); - BIO_printf(out, "err:\n"); - BIO_printf(out, "\tif (tmp_1)\n\t\tBN_free(tmp_1);\n"); - BIO_printf(out, "\tif (tmp_2)\n\t\tBN_free(tmp_2);\n"); - BIO_printf(out, "\tif (tmp_3)\n\t\tBN_free(tmp_3);\n"); - BIO_printf(out, "\tif (point)\n\t\tEC_POINT_free(point);\n"); - BIO_printf(out, "\tif (!ok)\n"); - BIO_printf(out, "\t\t{\n"); - BIO_printf(out, "\t\tEC_GROUP_free(group);\n"); - BIO_printf(out, "\t\tgroup = NULL;\n"); - BIO_printf(out, "\t\t}\n"); - BIO_printf(out, "\treturn(group);\n\t}\n"); - } if (!cfg.noout) { if (cfg.outformat == FORMAT_ASN1) i = i2d_ECPKParameters_bio(out, group); @@ -554,15 +438,6 @@ ecparam_main(int argc, char **argv) ret = 0; end: - BN_free(ec_p); - BN_free(ec_a); - BN_free(ec_b); - BN_free(ec_gen); - BN_free(ec_order); - BN_free(ec_cofactor); - - free(buffer); - BIO_free(in); BIO_free_all(out); EC_GROUP_free(group); @@ -570,27 +445,4 @@ ecparam_main(int argc, char **argv) return (ret); } -static int -ecparam_print_var(BIO * out, BIGNUM * in, const char *var, - int len, unsigned char *buffer) -{ - BIO_printf(out, "static unsigned char %s_%d[] = {", var, len); - if (BN_is_zero(in)) - BIO_printf(out, "\n\t0x00"); - else { - int i, l; - - l = BN_bn2bin(in, buffer); - for (i = 0; i < l - 1; i++) { - if ((i % 12) == 0) - BIO_printf(out, "\n\t"); - BIO_printf(out, "0x%02X,", buffer[i]); - } - if ((i % 12) == 0) - BIO_printf(out, "\n\t"); - BIO_printf(out, "0x%02X", buffer[i]); - } - BIO_printf(out, "\n\t};\n\n"); - return 1; -} #endif diff --git a/src/usr.bin/openssl/openssl.1 b/src/usr.bin/openssl/openssl.1 index ea20639c47..6ceb53ef5c 100644 --- a/src/usr.bin/openssl/openssl.1 +++ b/src/usr.bin/openssl/openssl.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: openssl.1,v 1.161 2024/08/30 06:05:10 jmc Exp $ +.\" $OpenBSD: openssl.1,v 1.162 2025/01/19 10:24:17 tb Exp $ .\" ==================================================================== .\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. .\" @@ -110,7 +110,7 @@ .\" copied and put under another distribution licence .\" [including the GNU Public Licence.] .\" -.Dd $Mdocdate: August 30 2024 $ +.Dd $Mdocdate: January 19 2025 $ .Dt OPENSSL 1 .Os .Sh NAME @@ -1697,7 +1697,6 @@ If no files are specified then standard input is used. .It Nm openssl dhparam .Bk -words .Op Fl 2 | 5 -.Op Fl C .Op Fl check .Op Fl dsaparam .Op Fl in Ar file @@ -1722,11 +1721,6 @@ The options are as follows: The generator to use; 2 is the default. If present, the input file is ignored and parameters are generated instead. -.It Fl C -Convert the parameters into C code. -The parameters can then be loaded by calling the -.No get_dh Ns Ar numbits -function. .It Fl check Check the DH parameters. .It Fl dsaparam @@ -1862,7 +1856,6 @@ Print the public/private key in plain text. .Bl -hang -width "openssl dsaparam" .It Nm openssl dsaparam .Bk -words -.Op Fl C .Op Fl genkey .Op Fl in Ar file .Op Fl inform Cm der | pem @@ -1880,11 +1873,6 @@ command is used to manipulate or generate DSA parameter files. .Pp The options are as follows: .Bl -tag -width Ds -.It Fl C -Convert the parameters into C code. -The parameters can then be loaded by calling the -.No get_dsa Ns Ar XXX -function. .It Fl genkey Generate a DSA key either using the specified or generated parameters. @@ -2028,7 +2016,6 @@ Print the public/private key in plain text. .Bl -hang -width "openssl ecparam" .It Nm openssl ecparam .Bk -words -.Op Fl C .Op Fl check .Op Fl conv_form Ar arg .Op Fl genkey @@ -2055,11 +2042,6 @@ can only create EC parameters from known (named) curves. .Pp The options are as follows: .Bl -tag -width Ds -.It Fl C -Convert the EC parameters into C code. -The parameters can then be loaded by calling the -.No get_ec_group_ Ns Ar XXX -function. .It Fl check Validate the elliptic curve parameters. .It Fl conv_form Ar arg @@ -5984,7 +5966,6 @@ version. .Bl -hang -width "openssl x509" .It Nm openssl x509 .Bk -words -.Op Fl C .Op Fl addreject Ar arg .Op Fl addtrust Ar arg .Op Fl alias @@ -6091,8 +6072,6 @@ The key password source. .Pp The following are x509 display options: .Bl -tag -width "XXXX" -.It Fl C -Output the certificate in the form of a C source file. .It Fl certopt Ar option Customise the output format used with .Fl text , diff --git a/src/usr.bin/openssl/x509.c b/src/usr.bin/openssl/x509.c index fc8a0daeb3..e67e6fa54d 100644 --- a/src/usr.bin/openssl/x509.c +++ b/src/usr.bin/openssl/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.40 2024/12/04 08:14:34 tb Exp $ */ +/* $OpenBSD: x509.c,v 1.41 2025/01/19 10:24:17 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -93,7 +93,6 @@ static struct { char *alias; int aliasout; int badops; - int C; int CA_createserial; int CA_flag; char *CAfile; @@ -327,13 +326,6 @@ x509_opt_utf8(void) } static const struct option x509_options[] = { - { - .name = "C", - .desc = "Convert the certificate into C code", - .type = OPTION_ORDER, - .opt.order = &cfg.C, - .order = &cfg.num, - }, { .name = "addreject", .argname = "arg", @@ -763,7 +755,7 @@ static void x509_usage(void) { fprintf(stderr, "usage: x509 " - "[-C] [-addreject arg] [-addtrust arg] [-alias] [-CA file]\n" + " [-addreject arg] [-addtrust arg] [-alias] [-CA file]\n" " [-CAcreateserial] [-CAform der | pem] [-CAkey file]\n" " [-CAkeyform der | pem] [-CAserial file] [-certopt option]\n" " [-checkend arg] [-clrext] [-clrreject] [-clrtrust] [-dates]\n" @@ -798,7 +790,6 @@ x509_main(int argc, char **argv) BIO *STDout = NULL; X509_STORE *ctx = NULL; X509_REQ *rq = NULL; - char buf[256]; CONF *extconf = NULL; char *passin = NULL; @@ -1178,85 +1169,6 @@ x509_main(int argc, char **argv) goto end; } PEM_write_bio_PUBKEY(STDout, pubkey); - } else if (cfg.C == i) { - unsigned char *d; - char *m; - int y, z; - - m = X509_NAME_oneline(X509_get_subject_name(x), - buf, sizeof buf); - if (m == NULL) - goto end; - BIO_printf(STDout, "/* subject:%s */\n", buf); - m = X509_NAME_oneline(X509_get_issuer_name(x), - buf, sizeof buf); - if (m == NULL) - goto end; - BIO_printf(STDout, "/* issuer :%s */\n", buf); - - z = i2d_X509(x, NULL); - if (z < 0) - goto end; - - m = malloc(z); - if (m == NULL) { - BIO_printf(bio_err, "out of mem\n"); - goto end; - } - - d = (unsigned char *) m; - z = i2d_X509_NAME(X509_get_subject_name(x), &d); - if (z < 0) { - free(m); - goto end; - } - BIO_printf(STDout, - "unsigned char XXX_subject_name[%d]={\n", z); - d = (unsigned char *) m; - for (y = 0; y < z; y++) { - BIO_printf(STDout, "0x%02X,", d[y]); - if ((y & 0x0f) == 0x0f) - BIO_printf(STDout, "\n"); - } - if (y % 16 != 0) - BIO_printf(STDout, "\n"); - BIO_printf(STDout, "};\n"); - - z = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &d); - if (z < 0) { - free(m); - goto end; - } - BIO_printf(STDout, - "unsigned char XXX_public_key[%d]={\n", z); - d = (unsigned char *) m; - for (y = 0; y < z; y++) { - BIO_printf(STDout, "0x%02X,", d[y]); - if ((y & 0x0f) == 0x0f) - BIO_printf(STDout, "\n"); - } - if (y % 16 != 0) - BIO_printf(STDout, "\n"); - BIO_printf(STDout, "};\n"); - - z = i2d_X509(x, &d); - if (z < 0) { - free(m); - goto end; - } - BIO_printf(STDout, - "unsigned char XXX_certificate[%d]={\n", z); - d = (unsigned char *) m; - for (y = 0; y < z; y++) { - BIO_printf(STDout, "0x%02X,", d[y]); - if ((y & 0x0f) == 0x0f) - BIO_printf(STDout, "\n"); - } - if (y % 16 != 0) - BIO_printf(STDout, "\n"); - BIO_printf(STDout, "};\n"); - - free(m); } else if (cfg.text == i) { if(!X509_print_ex(STDout, x, cfg.nmflag, cfg.certflag)) -- cgit v1.2.3-55-g6feb