diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2004-12-03 12:26:56 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2004-12-03 12:26:56 +0000 |
| commit | 5b40d7dd9784fe2914095717a591fd59a3f9d7e5 (patch) | |
| tree | d812a9c19c5d002b9b43168718027387c8b44d5f | |
| parent | 8f284faaec659cdac2cd09d1471d34e3fa5889df (diff) | |
| download | openssl-5b40d7dd9784fe2914095717a591fd59a3f9d7e5.tar.gz | |
Add -passin argument to dgst command.
| -rw-r--r-- | CHANGES | 3 | ||||
| -rw-r--r-- | apps/dgst.c | 17 | ||||
| -rw-r--r-- | doc/apps/dgst.pod | 6 |
3 files changed, 25 insertions, 1 deletions
@@ -745,6 +745,9 @@ Changes between 0.9.7e and 0.9.7f [XX xxx XXXX] + *) Add new -passin argument to dgst. + [Steve Henson] + *) Perform some character comparisons of different types in X509_NAME_cmp: this is needed for some certificates that reencode DNs into UTF8Strings (in violation of RFC3280) and can't or wont issue name rollover diff --git a/apps/dgst.c b/apps/dgst.c index 3025314911..c13535f3b2 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -100,6 +100,7 @@ int MAIN(int argc, char **argv) EVP_PKEY *sigkey = NULL; unsigned char *sigbuf = NULL; int siglen = 0; + char *passargin = NULL, *passin = NULL; #ifndef OPENSSL_NO_ENGINE char *engine=NULL; #endif @@ -145,6 +146,12 @@ int MAIN(int argc, char **argv) if (--argc < 1) break; keyfile=*(++argv); } + else if (!strcmp(*argv,"-passin")) + { + if (--argc < 1) + break; + passargin=*++argv; + } else if (strcmp(*argv,"-verify") == 0) { if (--argc < 1) break; @@ -257,6 +264,12 @@ int MAIN(int argc, char **argv) BIO_set_callback_arg(in,bio_err); } + if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) + { + BIO_printf(bio_err, "Error getting password\n"); + goto end; + } + if ((in == NULL) || (bmd == NULL)) { ERR_print_errors(bio_err); @@ -298,7 +311,7 @@ int MAIN(int argc, char **argv) sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL, e, "key file"); else - sigkey = load_key(bio_err, keyfile, keyform, 0, NULL, + sigkey = load_key(bio_err, keyfile, keyform, 0, passin, e, "key file"); if (!sigkey) { @@ -385,6 +398,8 @@ end: OPENSSL_free(buf); } if (in != NULL) BIO_free(in); + if (passin) + OPENSSL_free(passin); BIO_free_all(out); EVP_PKEY_free(sigkey); if(sigbuf) OPENSSL_free(sigbuf); diff --git a/doc/apps/dgst.pod b/doc/apps/dgst.pod index 1648742bcf..b0d198724c 100644 --- a/doc/apps/dgst.pod +++ b/doc/apps/dgst.pod @@ -14,6 +14,7 @@ B<openssl> B<dgst> [B<-binary>] [B<-out filename>] [B<-sign filename>] +[B<-passin arg>] [B<-verify filename>] [B<-prverify filename>] [B<-signature filename>] @@ -59,6 +60,11 @@ filename to output to, or standard output by default. digitally sign the digest using the private key in "filename". +=item B<-passin arg> + +the private key password source. For more information about the format of B<arg> +see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. + =item B<-verify filename> verify the signature using the the public key in "filename". |