diff options
| author | Petr Gotthard <petr.gotthard@centrum.cz> | 2021-04-24 12:40:36 +0200 |
|---|---|---|
| committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2021-04-30 21:02:59 +0200 |
| commit | 91034b68b39e3525f09fb263b9272de410a3ba4c (patch) | |
| tree | 1594bb987f08265e80328f491f11fc4f1c5551ca /apps/req.c | |
| parent | 4489655c23f1f7f412309e25a5b9fd7acf7db3f2 (diff) | |
apps/ca,req,x509: Switch to EVP_DigestSignInit_ex
Switch lib/apps.c do_sign_init() to use EVP_DigestSignInit_ex, so it
works with external providers.
Since EVP_DigestSignInit_ex requires a digest name instead of
an EVP_MD pointer, the apps using do_sign_init() had to be modified
to pass char* instead of EVP_MD*.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/15014)
Diffstat (limited to 'apps/req.c')
| -rw-r--r-- | apps/req.c | 19 |
1 files changed, 5 insertions, 14 deletions
diff --git a/apps/req.c b/apps/req.c index 0a524118f0..5408dc7505 100644 --- a/apps/req.c +++ b/apps/req.c @@ -240,12 +240,11 @@ int req_main(int argc, char **argv) X509 *new_x509 = NULL, *CAcert = NULL; X509_REQ *req = NULL; EVP_CIPHER *cipher = NULL; - EVP_MD *digest = NULL; int ext_copy = EXT_COPY_UNSET; BIO *addext_bio = NULL; char *extensions = NULL; const char *infile = NULL, *CAfile = NULL, *CAkeyfile = NULL; - char *outfile = NULL, *keyfile = NULL, *digestname = NULL; + char *outfile = NULL, *keyfile = NULL, *digest = NULL; char *keyalgstr = NULL, *p, *prog, *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; char *nofree_passin = NULL, *nofree_passout = NULL; @@ -468,7 +467,7 @@ int req_main(int argc, char **argv) newreq = precert = 1; break; case OPT_MD: - digestname = opt_unknown(); + digest = opt_unknown(); break; } } @@ -481,11 +480,6 @@ int req_main(int argc, char **argv) if (!app_RAND_load()) goto end; - if (digestname != NULL) { - if (!opt_md(digestname, &digest)) - goto opthelp; - } - if (!gen_x509) { if (days != UNSET_DAYS) BIO_printf(bio_err, "Ignoring -days without -x509; not generating a certificate\n"); @@ -537,12 +531,10 @@ int req_main(int argc, char **argv) if (digest == NULL) { p = NCONF_get_string(req_conf, section, "default_md"); - if (p == NULL) { + if (p == NULL) ERR_clear_error(); - } else { - if (!opt_md(p, &digest)) - goto opthelp; - } + else + digest = p; } if (extensions == NULL) { @@ -1056,7 +1048,6 @@ int req_main(int argc, char **argv) BIO_free(addext_bio); BIO_free_all(out); EVP_PKEY_free(pkey); - EVP_MD_free(digest); EVP_PKEY_CTX_free(genctx); sk_OPENSSL_STRING_free(pkeyopts); sk_OPENSSL_STRING_free(sigopts); |