summaryrefslogtreecommitdiffstats
path: root/apps/ca.c
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2006-05-07 17:09:39 +0000
committerDr. Stephen Henson <steve@openssl.org>2006-05-07 17:09:39 +0000
commit03919683f9bade36ef1b58e64638ac3ccbbf371a (patch)
tree27f5210878e9047e884930fdf7b5860e59048a8d /apps/ca.c
parent5cda6c458211c2b5803f9616b192fd2e8c1c47f3 (diff)
Add support for default public key digest type ctrl.
Diffstat (limited to 'apps/ca.c')
-rw-r--r--apps/ca.c36
1 files changed, 11 insertions, 25 deletions
diff --git a/apps/ca.c b/apps/ca.c
index f7532d21b5..9fde400f69 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1016,6 +1016,17 @@ bad:
goto err;
}
+ if (!strcmp(md, "default"))
+ {
+ int def_nid;
+ if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0)
+ {
+ BIO_puts(bio_err,"no default digest\n");
+ goto err;
+ }
+ md = (char *)OBJ_nid2sn(def_nid);
+ }
+
if ((dgst=EVP_get_digestbyname(md)) == NULL)
{
BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
@@ -1412,17 +1423,6 @@ bad:
/* we now have a CRL */
if (verbose) BIO_printf(bio_err,"signing CRL\n");
-#if 0
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- dgst=EVP_dss1();
- else
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
- dgst=EVP_ecdsa();
-#endif
-#endif
/* Add any extensions asked for */
@@ -2101,25 +2101,11 @@ again2:
}
}
-
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();
pktmp=X509_get_pubkey(ret);
if (EVP_PKEY_missing_parameters(pktmp) &&
!EVP_PKEY_missing_parameters(pkey))
EVP_PKEY_copy_parameters(pktmp,pkey);
EVP_PKEY_free(pktmp);
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
- dgst = EVP_ecdsa();
- pktmp = X509_get_pubkey(ret);
- if (EVP_PKEY_missing_parameters(pktmp) &&
- !EVP_PKEY_missing_parameters(pkey))
- EVP_PKEY_copy_parameters(pktmp, pkey);
- EVP_PKEY_free(pktmp);
-#endif
-
if (!X509_sign(ret,pkey,dgst))
goto err;
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-27 09:50:05 +0000