diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-05-06 13:51:50 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-05-15 20:20:08 +0200 |
| commit | 6d382c74b375f1f8c44f04ec3de95ff781598a3b (patch) | |
| tree | 4991b57879da3810fbf912c3d169232755380432 /apps/x509.c | |
| parent | 60d5331350a5e557908eed0ba7420dba2ad3b79f (diff) | |
Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c
This also adds the more flexible and general load_key_cert_crl()
as well as helper functions get_passwd(), cleanse(), and clear_free()
to be used also in apps/cmp.c etc.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11755)
Diffstat (limited to 'apps/x509.c')
| -rw-r--r-- | apps/x509.c | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/apps/x509.c b/apps/x509.c index a2a52e41b1..ea083abc64 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -78,13 +78,13 @@ const OPTIONS x509_options[] = { #endif {"inform", OPT_INFORM, 'f', - "Input format - default PEM (one of DER or PEM)"}, + "CSR input format (DER or PEM) - default PEM"}, {"in", OPT_IN, '<', "Input file - default stdin"}, {"passin", OPT_PASSIN, 's', "Private key password/pass-phrase source"}, {"outform", OPT_OUTFORM, 'f', - "Output format - default PEM (one of DER or PEM)"}, + "Output format (DER or PEM) - default PEM"}, {"out", OPT_OUT, '>', "Output file - default stdout"}, - {"keyform", OPT_KEYFORM, 'E', "Private key format - default PEM"}, + {"keyform", OPT_KEYFORM, 'E', "Private key format (ENGINE, other values ignored)"}, {"req", OPT_REQ, '-', "Input is a certificate request, sign and output"}, {"vfyopt", OPT_VFYOPT, 's', "Verification parameter in n:v form"}, @@ -152,8 +152,8 @@ const OPTIONS x509_options[] = { {"extfile", OPT_EXTFILE, '<', "File with X509V3 extensions to add"}, OPT_R_OPTIONS, OPT_PROV_OPTIONS, - {"CAform", OPT_CAFORM, 'F', "CA format - default PEM"}, - {"CAkeyform", OPT_CAKEYFORM, 'E', "CA key format - default PEM"}, + {"CAform", OPT_CAFORM, 'F', "CA cert format (PEM/DER/P12); has no effect"}, + {"CAkeyform", OPT_CAKEYFORM, 'E', "CA key format (ENGINE, other values ignored)"}, {"sigopt", OPT_SIGOPT, 's', "Signature parameter in n:v form"}, {"CAcreateserial", OPT_CACREATESERIAL, '-', "Create serial number file if it does not exist"}, @@ -228,7 +228,7 @@ int x509_main(int argc, char **argv) ret = 0; goto end; case OPT_INFORM: - if (!opt_format(opt_arg(), OPT_FMT_ANY, &informat)) + if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat)) goto opthelp; break; case OPT_IN: @@ -239,15 +239,15 @@ int x509_main(int argc, char **argv) goto opthelp; break; case OPT_KEYFORM: - if (!opt_format(opt_arg(), OPT_FMT_PDE, &keyformat)) + if (!opt_format(opt_arg(), OPT_FMT_ANY, &keyformat)) goto opthelp; break; case OPT_CAFORM: - if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &CAformat)) + if (!opt_format(opt_arg(), OPT_FMT_ANY, &CAformat)) goto opthelp; break; case OPT_CAKEYFORM: - if (!opt_format(opt_arg(), OPT_FMT_PDE, &CAkeyformat)) + if (!opt_format(opt_arg(), OPT_FMT_ANY, &CAkeyformat)) goto opthelp; break; case OPT_OUT: @@ -631,7 +631,7 @@ int x509_main(int argc, char **argv) if (!X509_set_pubkey(x, fkey != NULL ? fkey : X509_REQ_get0_pubkey(req))) goto end; } else { - x = load_cert(infile, informat, "Certificate"); + x = load_cert(infile, FORMAT_UNDEF, "Certificate"); if (x == NULL) goto end; if (fkey != NULL && !X509_set_pubkey(x, fkey)) |