summaryrefslogtreecommitdiffstats
path: root/apps/include
diff options
context:
space:
mode:
authorDr. David von Oheimb <David.von.Oheimb@siemens.com>2022-08-26 20:40:48 +0200
committerDr. David von Oheimb <dev@ddvo.net>2023-03-14 17:26:49 +0100
commit0e89b396197f75993c8d64c07b4af6aa2d97e2af (patch)
treea79eb907eefb1c1cd5a84891564511e8e5f6879b /apps/include
parentb7cc2d2f295efc342cd46e7e59f93e0ac0472dc0 (diff)
apps/x509 etc.: allow private key input when public key is expected
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19076)
Diffstat (limited to 'apps/include')
-rw-r--r--apps/include/apps.h35
1 files changed, 15 insertions, 20 deletions
diff --git a/apps/include/apps.h b/apps/include/apps.h
index a8b63fea8d..e603d07868 100644
--- a/apps/include/apps.h
+++ b/apps/include/apps.h
@@ -66,8 +66,8 @@ BIO *bio_open_owner(const char *filename, int format, int private);
BIO *bio_open_default(const char *filename, char mode, int format);
BIO *bio_open_default_quiet(const char *filename, char mode, int format);
CONF *app_load_config_bio(BIO *in, const char *filename);
-#define app_load_config(filename) app_load_config_internal(filename, 0)
-#define app_load_config_quiet(filename) app_load_config_internal(filename, 1)
+# define app_load_config(filename) app_load_config_internal(filename, 0)
+# define app_load_config_quiet(filename) app_load_config_internal(filename, 1)
CONF *app_load_config_internal(const char *filename, int quiet);
CONF *app_load_config_verbose(const char *filename, int verbose);
int app_load_modules(const CONF *config);
@@ -100,7 +100,7 @@ int progress_cb(EVP_PKEY_CTX *ctx);
int chopup_args(ARGS *arg, char *buf);
void dump_cert_text(BIO *out, X509 *x);
void print_name(BIO *out, const char *title, const X509_NAME *nm);
-void print_bignum_var(BIO *, const BIGNUM *, const char*,
+void print_bignum_var(BIO *, const BIGNUM *, const char *,
int, unsigned char *);
void print_array(BIO *, const char *, int, const unsigned char *);
int set_nameopt(const char *arg);
@@ -117,13 +117,14 @@ X509_REQ *load_csr(const char *file, int format, const char *desc);
X509_REQ *load_csr_autofmt(const char *infile, int format, const char *desc);
X509 *load_cert_pass(const char *uri, int format, int maybe_stdin,
const char *pass, const char *desc);
-#define load_cert(uri, format, desc) load_cert_pass(uri, format, 1, NULL, desc)
+# define load_cert(uri, format, desc) load_cert_pass(uri, format, 1, NULL, desc)
X509_CRL *load_crl(const char *uri, int format, int maybe_stdin,
const char *desc);
void cleanse(char *str);
void clear_free(char *str);
EVP_PKEY *load_key(const char *uri, int format, int maybe_stdin,
const char *pass, ENGINE *e, const char *desc);
+/* first try reading public key, on failure resort to loading private key */
EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin,
const char *pass, ENGINE *e, const char *desc);
EVP_PKEY *load_keyparams(const char *uri, int format, int maybe_stdin,
@@ -145,15 +146,11 @@ int load_certs(const char *uri, int maybe_stdin, STACK_OF(X509) **certs,
int load_crls(const char *uri, STACK_OF(X509_CRL) **crls,
const char *pass, const char *desc);
int load_key_certs_crls(const char *uri, int format, int maybe_stdin,
- const char *pass, const char *desc,
+ const char *pass, const char *desc, int quiet,
EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
EVP_PKEY **pparams,
X509 **pcert, STACK_OF(X509) **pcerts,
X509_CRL **pcrl, STACK_OF(X509_CRL) **pcrls);
-int load_key_cert_crl(const char *uri, int format, int maybe_stdin,
- const char *pass, const char *desc,
- EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
- X509 **pcert, X509_CRL **pcrl);
X509_STORE *setup_verify(const char *CAfile, int noCAfile,
const char *CApath, int noCApath,
const char *CAstore, int noCAstore);
@@ -199,10 +196,9 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
# define DB_type 0
# define DB_exp_date 1
# define DB_rev_date 2
-# define DB_serial 3 /* index - unique */
+# define DB_serial 3 /* index - unique */
# define DB_file 4
-# define DB_name 5 /* index - unique when active and not
- * disabled */
+# define DB_name 5 /* index - unique when active and not disabled */
# define DB_NUMBER 6
# define DB_TYPE_REV 'R' /* Revoked */
@@ -243,8 +239,8 @@ int rotate_index(const char *dbfile, const char *new_suffix,
const char *old_suffix);
void free_index(CA_DB *db);
# define index_name_cmp_noconst(a, b) \
- index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \
- (const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, b))
+ index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \
+ (const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, b))
int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b);
int parse_yesno(const char *str, int def);
@@ -271,12 +267,11 @@ int do_X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const char *md,
extern char *psk_key;
-
unsigned char *next_protos_parse(size_t *outlen, const char *in);
int check_cert_attributes(BIO *bio, X509 *x,
- const char *checkhost,
- const char *checkemail, const char *checkip, int print);
+ const char *checkhost, const char *checkemail,
+ const char *checkip, int print);
void store_setup_crl_download(X509_STORE *st);
@@ -310,16 +305,16 @@ ASN1_VALUE *app_http_post_asn1(const char *host, const char *port,
# define EXT_COPY_ADD 1
# define EXT_COPY_ALL 2
-# define NETSCAPE_CERT_HDR "certificate"
+# define NETSCAPE_CERT_HDR "certificate"
-# define APP_PASS_LEN 1024
+# define APP_PASS_LEN 1024
/*
* IETF RFC 5280 says serial number must be <= 20 bytes. Use 159 bits
* so that the first bit will never be one, so that the DER encoding
* rules won't force a leading octet.
*/
-# define SERIAL_RAND_BITS 159
+# define SERIAL_RAND_BITS 159
int app_isdir(const char *);
int app_access(const char *, int flag);