Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
ed7f60fb
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
8 个月 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
ed7f60fb
编写于
8月 06, 1999
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fix -startdate and -enddate arguments to 'ca' program. Also update NEWS file
with some 0.9.4 changes.
上级
a12258fc
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
69 addition
and
43 deletion
+69
-43
CHANGES
CHANGES
+4
-0
NEWS
NEWS
+6
-0
apps/ca.c
apps/ca.c
+59
-43
未找到文件。
CHANGES
浏览文件 @
ed7f60fb
...
...
@@ -4,6 +4,10 @@
Changes between 0.9.3a and 0.9.4 [xx Aug 1999]
*) Fix -startdate and -enddate (which was missing) arguments to 'ca'
program.
[Steve Henson]
*) New function DSA_dup_DH, which duplicates DSA parameters/keys as
DH parameters/keys (q is lost during that conversion, but the resulting
DH parameters contain its length).
...
...
NEWS
浏览文件 @
ed7f60fb
...
...
@@ -5,6 +5,12 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4:
o Transparent support for PKCS#8 format private keys: these are used
by several software packages and are more secure than the standard form.
o PKCS#5 v2.0 implementation.
Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3:
o Lots of enhancements and cleanups to the Configuration mechanism
o RSA OEAP related fixes
...
...
apps/ca.c
浏览文件 @
ed7f60fb
...
...
@@ -114,6 +114,7 @@
#define ENV_RANDFILE "RANDFILE"
#define ENV_DEFAULT_DAYS "default_days"
#define ENV_DEFAULT_STARTDATE "default_startdate"
#define ENV_DEFAULT_ENDDATE "default_enddate"
#define ENV_DEFAULT_CRL_DAYS "default_crl_days"
#define ENV_DEFAULT_CRL_HOURS "default_crl_hours"
#define ENV_DEFAULT_MD "default_md"
...
...
@@ -183,22 +184,24 @@ static BIGNUM *load_serial(char *serialfile);
static
int
save_serial
(
char
*
serialfile
,
BIGNUM
*
serial
);
static
int
certify
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
TXT_DB
*
db
,
BIGNUM
*
serial
,
char
*
startdate
,
int
days
,
int
batch
,
char
*
ext_sect
,
LHASH
*
conf
,
int
verbose
);
BIGNUM
*
serial
,
char
*
startdate
,
char
*
enddate
,
int
days
,
int
batch
,
char
*
ext_sect
,
LHASH
*
conf
,
int
verbose
);
static
int
certify_cert
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
TXT_DB
*
db
,
BIGNUM
*
serial
,
char
*
startdate
,
int
days
,
int
batch
,
char
*
ext_sect
,
LHASH
*
conf
,
int
verbose
);
TXT_DB
*
db
,
BIGNUM
*
serial
,
char
*
startdate
,
char
*
enddate
,
int
days
,
int
batch
,
char
*
ext_sect
,
LHASH
*
conf
,
int
verbose
);
static
int
certify_spkac
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
TXT_DB
*
db
,
BIGNUM
*
serial
,
char
*
startdate
,
int
days
,
char
*
ext_sect
,
LHASH
*
conf
,
int
verbose
);
TXT_DB
*
db
,
BIGNUM
*
serial
,
char
*
startdate
,
char
*
enddate
,
int
days
,
char
*
ext_sect
,
LHASH
*
conf
,
int
verbose
);
static
int
fix_data
(
int
nid
,
int
*
type
);
static
void
write_new_certificate
(
BIO
*
bp
,
X509
*
x
,
int
output_der
);
static
int
do_body
(
X509
**
xret
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
TXT_DB
*
db
,
BIGNUM
*
serial
,
char
*
startdate
,
int
days
,
int
batch
,
int
verbose
,
X509_REQ
*
req
,
char
*
ext_sect
,
LHASH
*
conf
);
char
*
startdate
,
char
*
enddate
,
int
days
,
int
batch
,
int
verbose
,
X509_REQ
*
req
,
char
*
ext_sect
,
LHASH
*
conf
);
static
int
do_revoke
(
X509
*
x509
,
TXT_DB
*
db
);
static
int
check_time_format
(
char
*
str
);
static
LHASH
*
conf
;
...
...
@@ -238,6 +241,7 @@ int MAIN(int argc, char **argv)
char
*
crl_ext
=
NULL
;
BIGNUM
*
serial
=
NULL
;
char
*
startdate
=
NULL
;
char
*
enddate
=
NULL
;
int
days
=
0
;
int
batch
=
0
;
X509
*
x509
=
NULL
;
...
...
@@ -295,6 +299,11 @@ EF_ALIGNMENT=0;
if
(
--
argc
<
1
)
goto
bad
;
startdate
=
*
(
++
argv
);
}
else
if
(
strcmp
(
*
argv
,
"-enddate"
)
==
0
)
{
if
(
--
argc
<
1
)
goto
bad
;
enddate
=
*
(
++
argv
);
}
else
if
(
strcmp
(
*
argv
,
"-days"
)
==
0
)
{
if
(
--
argc
<
1
)
goto
bad
;
...
...
@@ -729,18 +738,25 @@ bad:
if
(
startdate
==
NULL
)
{
startdate
=
(
char
*
)
CONF_get_string
(
conf
,
section
,
startdate
=
CONF_get_string
(
conf
,
section
,
ENV_DEFAULT_STARTDATE
);
if
(
startdate
==
NULL
)
startdate
=
"today"
;
else
{
if
(
!
ASN1_UTCTIME_set_string
(
NULL
,
startdate
))
{
BIO_printf
(
bio_err
,
"start date is invalid, it should be YYMMDDHHMMSS
\n
"
);
goto
err
;
}
}
}
if
(
startdate
&&
!
ASN1_UTCTIME_set_string
(
NULL
,
startdate
))
{
BIO_printf
(
bio_err
,
"start date is invalid, it should be YYMMDDHHMMSSZ
\n
"
);
goto
err
;
}
if
(
startdate
==
NULL
)
startdate
=
"today"
;
if
(
enddate
==
NULL
)
{
enddate
=
CONF_get_string
(
conf
,
section
,
ENV_DEFAULT_ENDDATE
);
}
if
(
enddate
&&
!
ASN1_UTCTIME_set_string
(
NULL
,
enddate
))
{
BIO_printf
(
bio_err
,
"end date is invalid, it should be YYMMDDHHMMSSZ
\n
"
);
goto
err
;
}
if
(
days
==
0
)
...
...
@@ -748,7 +764,7 @@ bad:
days
=
(
int
)
CONF_get_number
(
conf
,
section
,
ENV_DEFAULT_DAYS
);
}
if
(
days
==
0
)
if
(
!
enddate
&&
(
days
==
0
)
)
{
BIO_printf
(
bio_err
,
"cannot lookup how many days to certify for
\n
"
);
goto
err
;
...
...
@@ -781,7 +797,8 @@ bad:
{
total
++
;
j
=
certify_spkac
(
&
x
,
spkac_file
,
pkey
,
x509
,
dgst
,
attribs
,
db
,
serial
,
startdate
,
days
,
extensions
,
conf
,
verbose
);
serial
,
startdate
,
enddate
,
days
,
extensions
,
conf
,
verbose
);
if
(
j
<
0
)
goto
err
;
if
(
j
>
0
)
{
...
...
@@ -804,7 +821,7 @@ bad:
{
total
++
;
j
=
certify_cert
(
&
x
,
ss_cert_file
,
pkey
,
x509
,
dgst
,
attribs
,
db
,
serial
,
startdate
,
days
,
batch
,
db
,
serial
,
startdate
,
enddate
,
days
,
batch
,
extensions
,
conf
,
verbose
);
if
(
j
<
0
)
goto
err
;
if
(
j
>
0
)
...
...
@@ -823,7 +840,7 @@ bad:
{
total
++
;
j
=
certify
(
&
x
,
infile
,
pkey
,
x509
,
dgst
,
attribs
,
db
,
serial
,
startdate
,
days
,
batch
,
serial
,
startdate
,
enddate
,
days
,
batch
,
extensions
,
conf
,
verbose
);
if
(
j
<
0
)
goto
err
;
if
(
j
>
0
)
...
...
@@ -842,7 +859,7 @@ bad:
{
total
++
;
j
=
certify
(
&
x
,
argv
[
i
],
pkey
,
x509
,
dgst
,
attribs
,
db
,
serial
,
startdate
,
days
,
batch
,
serial
,
startdate
,
enddate
,
days
,
batch
,
extensions
,
conf
,
verbose
);
if
(
j
<
0
)
goto
err
;
if
(
j
>
0
)
...
...
@@ -1325,8 +1342,8 @@ err:
static
int
certify
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
TXT_DB
*
db
,
BIGNUM
*
serial
,
char
*
startdate
,
int
days
,
int
batch
,
char
*
ext_sect
,
LHASH
*
lconf
,
int
verbose
)
BIGNUM
*
serial
,
char
*
startdate
,
char
*
enddate
,
int
days
,
int
batch
,
char
*
ext_sect
,
LHASH
*
lconf
,
int
verbose
)
{
X509_REQ
*
req
=
NULL
;
BIO
*
in
=
NULL
;
...
...
@@ -1373,7 +1390,7 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
else
BIO_printf
(
bio_err
,
"Signature ok
\n
"
);
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
startdate
,
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
startdate
,
enddate
,
days
,
batch
,
verbose
,
req
,
ext_sect
,
lconf
);
err:
...
...
@@ -1384,8 +1401,8 @@ err:
static
int
certify_cert
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
TXT_DB
*
db
,
BIGNUM
*
serial
,
char
*
startdate
,
int
days
,
int
batch
,
char
*
ext_sect
,
LHASH
*
lconf
,
int
verbose
)
BIGNUM
*
serial
,
char
*
startdate
,
char
*
enddate
,
int
days
,
int
batch
,
char
*
ext_sect
,
LHASH
*
lconf
,
int
verbose
)
{
X509
*
req
=
NULL
;
X509_REQ
*
rreq
=
NULL
;
...
...
@@ -1435,7 +1452,7 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
if
((
rreq
=
X509_to_X509_REQ
(
req
,
NULL
,
EVP_md5
()))
==
NULL
)
goto
err
;
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
startdate
,
days
,
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
startdate
,
enddate
,
days
,
batch
,
verbose
,
rreq
,
ext_sect
,
lconf
);
err:
...
...
@@ -1447,8 +1464,8 @@ err:
static
int
do_body
(
X509
**
xret
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
TXT_DB
*
db
,
BIGNUM
*
serial
,
char
*
startdate
,
int
days
,
int
batch
,
int
verbose
,
X509_REQ
*
req
,
char
*
ext_sect
,
LHASH
*
lconf
)
char
*
startdate
,
char
*
enddate
,
int
days
,
int
batch
,
int
verbose
,
X509_REQ
*
req
,
char
*
ext_sect
,
LHASH
*
lconf
)
{
X509_NAME
*
name
=
NULL
,
*
CAname
=
NULL
,
*
subject
=
NULL
;
ASN1_UTCTIME
*
tm
,
*
tmptm
;
...
...
@@ -1744,17 +1761,16 @@ again2:
BIO_printf
(
bio_err
,
"Certificate is to be certified until "
);
if
(
strcmp
(
startdate
,
"today"
)
==
0
)
{
X509_gmtime_adj
(
X509_get_notBefore
(
ret
),
0
);
else
ASN1_UTCTIME_set_string
(
X509_get_notBefore
(
ret
),
startdate
);
if
(
enddate
==
NULL
)
X509_gmtime_adj
(
X509_get_notAfter
(
ret
),(
long
)
60
*
60
*
24
*
days
);
}
else
{
/*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX*/
ASN1_UTCTIME_set_string
(
X509_get_notBefore
(
ret
),
startdate
);
}
else
ASN1_UTCTIME_set_string
(
X509_get_notAfter
(
ret
),
enddate
);
ASN1_UTCTIME_print
(
bio_err
,
X509_get_notAfter
(
ret
));
BIO_printf
(
bio_err
,
" (%d days)
\n
"
,
days
);
if
(
days
)
BIO_printf
(
bio_err
,
" (%d days)"
,
days
);
BIO_printf
(
bio_err
,
"
\n
"
);
if
(
!
X509_set_subject_name
(
ret
,
subject
))
goto
err
;
...
...
@@ -1905,8 +1921,8 @@ static void write_new_certificate(BIO *bp, X509 *x, int output_der)
static
int
certify_spkac
(
X509
**
xret
,
char
*
infile
,
EVP_PKEY
*
pkey
,
X509
*
x509
,
const
EVP_MD
*
dgst
,
STACK_OF
(
CONF_VALUE
)
*
policy
,
TXT_DB
*
db
,
BIGNUM
*
serial
,
char
*
startdate
,
int
days
,
char
*
ext_sect
,
LHASH
*
lconf
,
int
verbose
)
BIGNUM
*
serial
,
char
*
startdate
,
char
*
enddate
,
int
days
,
char
*
ext_sect
,
LHASH
*
lconf
,
int
verbose
)
{
STACK_OF
(
CONF_VALUE
)
*
sk
=
NULL
;
LHASH
*
parms
=
NULL
;
...
...
@@ -2050,7 +2066,7 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
X509_REQ_set_pubkey
(
req
,
pktmp
);
EVP_PKEY_free
(
pktmp
);
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
startdate
,
ok
=
do_body
(
xret
,
pkey
,
x509
,
dgst
,
policy
,
db
,
serial
,
startdate
,
enddate
,
days
,
1
,
verbose
,
req
,
ext_sect
,
lconf
);
err:
if
(
req
!=
NULL
)
X509_REQ_free
(
req
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录