/* Main function definition. */
int ts_main(int, char **);
-int
+int
ts_main(int argc, char **argv)
{
int ret = 1;
in, token_in, out, token_out, text);
break;
case CMD_VERIFY:
- ret = !(((queryfile && !data && !digest)
- || (!queryfile && data && !digest)
- || (!queryfile && !data && digest))
- && in != NULL);
+ ret = !(((queryfile && !data && !digest) ||
+ (!queryfile && data && !digest) ||
+ (!queryfile && !data && digest)) && in != NULL);
if (ret)
goto usage;
if (configfile &&
(!(conf = NCONF_new(NULL)) ||
- NCONF_load(conf, configfile, &errorline) <= 0)) {
+ NCONF_load(conf, configfile, &errorline) <= 0)) {
if (errorline <= 0)
BIO_printf(bio_err, "error loading the config file "
"'%s'\n", configfile);
if (conf != NULL) {
const char *p;
- BIO_printf(bio_err, "Using configuration from %s\n", configfile);
+ BIO_printf(bio_err, "Using configuration from %s\n",
+ configfile);
p = NCONF_get_string(conf, NULL, ENV_OID_FILE);
if (p != NULL) {
BIO *oid_bio = BIO_new_file(p, "r");
* Query-related method definitions.
*/
-static int
+static int
query_command(const char *data, char *digest, const EVP_MD * md,
- const char *policy, int no_nonce,
- int cert, const char *in, const char *out, int text)
+ const char *policy, int no_nonce, int cert, const char *in,
+ const char *out, int text)
{
int ret = 0;
TS_REQ *query = NULL;
query = d2i_TS_REQ_bio(in_bio, NULL);
} else {
/* Open the file if no explicit digest bytes were specified. */
- if (!digest
- && !(data_bio = BIO_open_with_default(data, "rb", stdin)))
+ if (!digest &&
+ !(data_bio = BIO_open_with_default(data, "rb", stdin)))
goto end;
/* Creating the query object. */
query = create_query(data_bio, digest, md,
}
static BIO *
-BIO_open_with_default(const char *file, const char *mode,
- FILE * default_fp)
+BIO_open_with_default(const char *file, const char *mode, FILE * default_fp)
{
- return file == NULL ?
- BIO_new_fp(default_fp, BIO_NOCLOSE)
- : BIO_new_file(file, mode);
+ return file == NULL ? BIO_new_fp(default_fp, BIO_NOCLOSE) :
+ BIO_new_file(file, mode);
}
static TS_REQ *
goto err;
ret = 1;
+
err:
if (!ret) {
TS_REQ_free(ts_req);
return ts_req;
}
-static int
+static int
create_digest(BIO * input, char *digest, const EVP_MD * md,
unsigned char **md_value)
{
goto err;
/* Find the first non-zero byte and creating ASN1_INTEGER object. */
- for (i = 0; i < len && !buf[i]; ++i);
+ for (i = 0; i < len && !buf[i]; ++i)
+ ;
if (!(nonce = ASN1_INTEGER_new()))
goto err;
free(nonce->data);
memcpy(nonce->data, buf + i, nonce->length);
return nonce;
+
err:
BIO_printf(bio_err, "could not create nonce\n");
ASN1_INTEGER_free(nonce);
* Reply-related method definitions.
*/
-static int
-reply_command(CONF * conf, char *section, char *engine,
- char *queryfile, char *passin, char *inkey,
- char *signer, char *chain, const char *policy,
- char *in, int token_in,
- char *out, int token_out, int text)
+static int
+reply_command(CONF * conf, char *section, char *engine, char *queryfile,
+ char *passin, char *inkey, char *signer, char *chain, const char *policy,
+ char *in, int token_in, char *out, int token_out, int text)
{
int ret = 0;
TS_RESP *response = NULL;
return serial;
}
-static int
+static int
save_ts_serial(const char *serialfile, ASN1_INTEGER * serial)
{
int ret = 0;
* Verify-related method definitions.
*/
-static int
-verify_command(char *data, char *digest, char *queryfile,
- char *in, int token_in,
- char *ca_path, char *ca_file, char *untrusted)
+static int
+verify_command(char *data, char *digest, char *queryfile, char *in,
+ int token_in, char *ca_path, char *ca_file, char *untrusted)
{
BIO *in_bio = NULL;
PKCS7 *token = NULL;
}
if (!(verify_ctx = create_verify_ctx(data, digest, queryfile,
- ca_path, ca_file, untrusted)))
+ ca_path, ca_file, untrusted)))
goto end;
/* Checking the token or response against the request. */
}
static TS_VERIFY_CTX *
-create_verify_ctx(char *data, char *digest,
- char *queryfile,
- char *ca_path, char *ca_file,
- char *untrusted)
+create_verify_ctx(char *data, char *digest, char *queryfile, char *ca_path,
+ char *ca_file, char *untrusted)
{
TS_VERIFY_CTX *ctx = NULL;
BIO *input = NULL;
return NULL;
}
-static int
+static int
verify_cb(int ok, X509_STORE_CTX * ctx)
{
/*
static int cb(int ok, X509_STORE_CTX * ctx);
-static int check(X509_STORE * ctx, char *file,
- STACK_OF(X509) * uchain, STACK_OF(X509) * tchain,
- STACK_OF(X509_CRL) * crls, ENGINE * e);
+static int check(X509_STORE * ctx, char *file, STACK_OF(X509) * uchain,
+ STACK_OF(X509) * tchain, STACK_OF(X509_CRL) * crls, ENGINE * e);
static int v_verbose = 0, vflags = 0;
int verify_main(int, char **);
goto end;
CAfile = *(++argv);
} else if (args_verify(&argv, &argc, &badarg, bio_err,
- &vpm)) {
+ &vpm)) {
if (badarg)
goto end;
continue;
ret = -1;
} else {
for (i = 0; i < argc; i++)
- if (1 != check(cert_ctx, argv[i], untrusted, trusted, crls, e))
+ if (1 != check(cert_ctx, argv[i], untrusted, trusted,
+ crls, e))
ret = -1;
}
return (ret < 0 ? 2 : ret);
}
-static int
-check(X509_STORE * ctx, char *file,
- STACK_OF(X509) * uchain, STACK_OF(X509) * tchain,
- STACK_OF(X509_CRL) * crls, ENGINE * e)
+static int
+check(X509_STORE * ctx, char *file, STACK_OF(X509) * uchain,
+ STACK_OF(X509) * tchain, STACK_OF(X509_CRL) * crls, ENGINE * e)
{
X509 *x = NULL;
int i = 0, ret = 0;
X509_STORE_CTX_free(csc);
ret = 0;
+
end:
if (i > 0) {
fprintf(stdout, "OK\n");
return (ret);
}
-static int
+static int
cb(int ok, X509_STORE_CTX * ctx)
{
int cert_error = X509_STORE_CTX_get_error(ctx);
NULL
};
-static int callb(int ok, X509_STORE_CTX * ctx);
-static int sign(X509 * x, EVP_PKEY * pkey, int days, int clrext,
- const EVP_MD * digest, CONF * conf, char *section);
-static int x509_certify(X509_STORE * ctx, char *CAfile, const EVP_MD * digest,
- X509 * x, X509 * xca, EVP_PKEY * pkey,
- STACK_OF(OPENSSL_STRING) * sigopts,
- char *serial, int create, int days, int clrext,
- CONF * conf, char *section, ASN1_INTEGER * sno);
-static int purpose_print(BIO * bio, X509 * cert, X509_PURPOSE * pt);
+static int callb(int ok, X509_STORE_CTX *ctx);
+static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
+ const EVP_MD *digest, CONF *conf, char *section);
+static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
+ X509 *x, X509 *xca, EVP_PKEY *pkey, STACK_OF(OPENSSL_STRING) *sigopts,
+ char *serial, int create, int days, int clrext, CONF *conf, char *section,
+ ASN1_INTEGER *sno);
+static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt);
static int reqfile = 0;
int x509_main(int, char **);
X509_REQ *req = NULL;
X509 *x = NULL, *xca = NULL;
ASN1_OBJECT *objtmp;
- STACK_OF(OPENSSL_STRING) * sigopts = NULL;
+ STACK_OF(OPENSSL_STRING) *sigopts = NULL;
EVP_PKEY *Upkey = NULL, *CApkey = NULL;
ASN1_INTEGER *sno = NULL;
int i, num, badops = 0;
BIO *out = NULL;
BIO *STDout = NULL;
- STACK_OF(ASN1_OBJECT) * trust = NULL, *reject = NULL;
+ STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL;
int informat, outformat, keyformat, CAformat, CAkeyformat;
char *infile = NULL, *outfile = NULL, *keyfile = NULL, *CAfile = NULL;
char *CAkeyfile = NULL, *CAserial = NULL;
char *alias = NULL;
int text = 0, serial = 0, subject = 0, issuer = 0, startdate = 0,
- enddate = 0;
+ enddate = 0;
int next_serial = 0;
int subject_hash = 0, issuer_hash = 0, ocspid = 0;
#ifndef OPENSSL_NO_MD5
int subject_hash_old = 0, issuer_hash_old = 0;
#endif
int noout = 0, sign_flag = 0, CA_flag = 0, CA_createserial = 0,
- email = 0;
+ email = 0;
int ocsp_uri = 0;
int trustout = 0, clrtrust = 0, clrreject = 0, aliasout = 0, clrext = 0;
int C = 0;
x509req = ++num;
else if (strcmp(*argv, "-text") == 0)
text = ++num;
- else if (strcmp(*argv, "-hash") == 0
- || strcmp(*argv, "-subject_hash") == 0)
+ else if (strcmp(*argv, "-hash") == 0 ||
+ strcmp(*argv, "-subject_hash") == 0)
subject_hash = ++num;
#ifndef OPENSSL_NO_MD5
else if (strcmp(*argv, "-subject_hash_old") == 0)
if ((CAkeyfile == NULL) && (CA_flag) && (CAformat == FORMAT_PEM)) {
CAkeyfile = CAfile;
} else if ((CA_flag) && (CAkeyfile == NULL)) {
- BIO_printf(bio_err, "need to specify a CAkey if using the CA command\n");
+ BIO_printf(bio_err,
+ "need to specify a CAkey if using the CA command\n");
goto end;
}
if (extfile) {
extfile);
else
BIO_printf(bio_err,
- "error on line %ld of config file '%s'\n"
- ,errorline, extfile);
+ "error on line %ld of config file '%s'\n",
+ errorline, extfile);
goto end;
}
if (!extsect) {
- extsect = NCONF_get_string(extconf, "default", "extensions");
+ extsect = NCONF_get_string(extconf, "default",
+ "extensions");
if (!extsect) {
ERR_clear_error();
extsect = "default";
BIO_puts(out, "\n");
} else if ((email == i) || (ocsp_uri == i)) {
int j;
- STACK_OF(OPENSSL_STRING) * emlst;
+ STACK_OF(OPENSSL_STRING) *emlst;
if (email == i)
emlst = X509_get1_email(x);
else
else
#endif
#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- BN_print(STDout, pkey->pkey.dsa->pub_key);
+ if (pkey->type == EVP_PKEY_DSA)
+ BN_print(STDout, pkey->pkey.dsa->pub_key);
else
#endif
- BIO_printf(STDout, "Wrong Algorithm type");
+ BIO_printf(STDout, "Wrong Algorithm type");
BIO_printf(STDout, "\n");
EVP_PKEY_free(pkey);
} else if (pubkey == i) {
OBJ_nid2sn(EVP_MD_type(fdig)));
for (j = 0; j < (int) n; j++) {
BIO_printf(STDout, "%02X%c", md[j],
- (j + 1 == (int) n)
- ? '\n' : ':');
+ (j + 1 == (int)n) ? '\n' : ':');
}
}
/* should be in the library */
goto end;
}
if (!sign(x, Upkey, days, clrext, digest,
- extconf, extsect))
+ extconf, extsect))
goto end;
} else if (CA_flag == i) {
BIO_printf(bio_err, "Getting CA Private Key\n");
goto end;
}
if (!x509_certify(ctx, CAfile, digest, x, xca,
- CApkey, sigopts,
- CAserial, CA_createserial, days, clrext,
- extconf, extsect, sno))
+ CApkey, sigopts,
+ CAserial, CA_createserial, days, clrext,
+ extconf, extsect, sno))
goto end;
} else if (x509req == i) {
EVP_PKEY *pk;
goto end;
}
ret = 0;
+
end:
OBJ_cleanup();
NCONF_free(extconf);
BIGNUM *serial = NULL;
size_t len;
- len = ((serialfile == NULL)
- ? (strlen(CAfile) + strlen(POSTFIX) + 1)
- : (strlen(serialfile))) + 1;
+ len = ((serialfile == NULL) ? (strlen(CAfile) + strlen(POSTFIX) + 1) :
+ (strlen(serialfile))) + 1;
buf = malloc(len);
if (buf == NULL) {
BIO_printf(bio_err, "out of mem\n");
return bs;
}
-static int
-x509_certify(X509_STORE * ctx, char *CAfile, const EVP_MD * digest,
- X509 * x, X509 * xca, EVP_PKEY * pkey,
- STACK_OF(OPENSSL_STRING) * sigopts,
- char *serialfile, int create,
- int days, int clrext, CONF * conf, char *section,
- ASN1_INTEGER * sno)
+static int
+x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, X509 *x,
+ X509 *xca, EVP_PKEY *pkey, STACK_OF(OPENSSL_STRING) *sigopts,
+ char *serialfile, int create, int days, int clrext, CONF *conf,
+ char *section, ASN1_INTEGER *sno)
{
int ret = 0;
ASN1_INTEGER *bs = NULL;
return ret;
}
-static int
-callb(int ok, X509_STORE_CTX * ctx)
+static int
+callb(int ok, X509_STORE_CTX *ctx)
{
int err;
X509 *err_cert;
}
/* self sign */
-static int
-sign(X509 * x, EVP_PKEY * pkey, int days, int clrext, const EVP_MD * digest,
- CONF * conf, char *section)
+static int
+sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, const EVP_MD *digest,
+ CONF *conf, char *section)
{
EVP_PKEY *pktmp;
/* memcpy(x->cert_info->validity->notBefore,"700101120000Z",13); */
/* 28 days to be certified */
- if (X509_gmtime_adj(X509_get_notAfter(x), (long) 60 * 60 * 24 * days) == NULL)
+ if (X509_gmtime_adj(X509_get_notAfter(x),
+ (long) 60 * 60 * 24 * days) == NULL)
goto err;
if (!X509_set_pubkey(x, pkey))
if (!X509_sign(x, pkey, digest))
goto err;
return 1;
+
err:
ERR_print_errors(bio_err);
return 0;
}
-static int
-purpose_print(BIO * bio, X509 * cert, X509_PURPOSE * pt)
+static int
+purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt)
{
int id, i, idret;
char *pname;
+
id = X509_PURPOSE_get_id(pt);
pname = X509_PURPOSE_get0_name(pt);
for (i = 0; i < 2; i++) {
projects / openbsd / commitdiff