aboutsummaryrefslogtreecommitdiff
path: root/apps/req.c
AgeCommit message (Collapse)AuthorFilesLines
2006-06-14Fix a bug recently introduced when updating this file to use the newBodo Möller1-16/+15
keygen API: make sure that 'pkey_type' is actually visible to MAIN().
2006-06-05Complete EVP_PKEY_ASN1_METHOD ENGINE support.Dr. Stephen Henson1-27/+46
2006-05-16Gather keygen options in req and only use them after all other options haveDr. Stephen Henson1-19/+33
been processed. This allows any ENGINE changing operations to be processed first (for example a config file).
2006-05-12Typo.Dr. Stephen Henson1-1/+1
2006-05-11Update 'req' command to use new keygen API.Dr. Stephen Henson1-179/+220
2006-05-07Add support for default public key digest type ctrl.Dr. Stephen Henson1-11/+2
2006-04-19Remove link between digests and signature algorithms.Dr. Stephen Henson1-0/+2
Use cross reference table in ASN1_item_sign(), ASN1_item_verify() to eliminate the need for algorithm specific code.
2006-03-15fix problems found by coverity: remove useless codeNils Larsch1-2/+0
2005-07-16makeNils Larsch1-0/+9
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa] make depend all test work again PR: 1159
2005-05-17OPENSSL_Applink update.Andy Polyakov1-1/+0
2005-05-16ecc api cleanup; summary:Nils Larsch1-7/+12
- hide the EC_KEY structure definition in ec_lcl.c + add some functions to use/access the EC_KEY fields - change the way how method specific data (ecdsa/ecdh) is attached to a EC_KEY - add ECDSA_sign_ex and ECDSA_do_sign_ex functions with additional parameters for pre-computed values - rebuild libeay.num from 0.9.7
2005-04-05some const fixesNils Larsch1-10/+11
2005-04-02use SHA-1 as the default digest for the apps/openssl commandsNils Larsch1-1/+1
2004-11-17In "req" exit immediately if configuration file is needed and it can'tDr. Stephen Henson1-4/+7
be loaded instead of giving the misleading: "unable to find 'distinguised_name' in config" error message.
2004-04-26Allow RSA key-generation to specify an arbitrary public exponent. JelteGeoff Thorpe1-1/+5
proposed the change and submitted the patch, I jiggled it slightly and adjusted the other parts of openssl that were affected. PR: 867 Submitted by: Jelte Jansen Reviewed by: Geoff Thorpe
2004-04-20Reduce chances of issuer and serial number duplication by use of randomDr. Stephen Henson1-1/+3
initial serial numbers. PR: 842
2004-02-10minor signed/unsigned warning fixesGeoff Thorpe1-2/+2
2003-12-27Use BUF_strlcpy() instead of strcpy().Richard Levitte1-21/+19
Use BUF_strlcat() instead of strcat(). Use BIO_snprintf() instead of sprintf(). In some cases, keep better track of buffer lengths. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-11-28Move do_subject() to apps.c and rename it to parse_name(). TheRichard Levitte1-1/+1
rationale behind the move is that it's use by several applications. The rationale behind the name change is that it describes what the function does a bit better.
2003-11-28Allow multi-valued rdns in subjects. This adds the -multivalue-rdn optionRichard Levitte1-10/+15
to 'openssl req' and 'openssl ca'. PR: 779 Submitted by: Michael Bell <michael.bell@cms.hu-berlin.de> Reviewed by: Richard Levitte (there will be some follow-up changes)
2003-11-20Give CRLDP its standard name.Dr. Stephen Henson1-1/+1
Max req -x509 use V1 if extensions section absent.
2003-10-29Copy-n-paste bug (don't mix variable declarations and code). This sets theGeoff Thorpe1-1/+1
callback structure just before it is needed.
2003-10-29Update any code that was using deprecated functions so that everything buildsGeoff Thorpe1-7/+13
and links with OPENSSL_NO_DEPRECATED defined.
2003-04-03Correct a lot of printing calls. Remove extra arguments...Richard Levitte1-2/+2
2003-03-30Multi valued AVA support.Dr. Stephen Henson1-6/+25
2003-01-30Add the possibility to build without the ENGINE framework.Richard Levitte1-1/+9
PR: 287
2003-01-24Check return value of gmtime() and add error codesDr. Stephen Henson1-0/+6
where it fails in ASN1_TIME_set(). Edit asn1.h so the new error code is the same in 0.9.7 and 0.9.8, rebuild new error codes. Clear error queue in req.c if *_min or *_max is absent.
2002-12-24Avoid double definition of config.Richard Levitte1-1/+0
PR: 420
2002-12-08Undefine OPENSSL_NO_DEPRECATED inside openssl application code if we areGeoff Thorpe1-0/+6
being built with it defined - it is not a symbol to affect how openssl itself builds, but to alter the way openssl headers can be used from an API point of view. The "deprecated" function wrappers will always remain inside OpenSSL at least as long as they're still being used internally. :-) The exception is dsaparam which has been updated to the BN_GENCB-based functions to test the new functionality. If GENCB_TEST is defined, dsaparam will support a "-timebomb <n>" switch to cancel parameter-generation if it gets as far as 'n' seconds without completion.
2002-12-03EXIT() may mean return(). That's confusing, so let's have it really meanRichard Levitte1-1/+1
exit() in whatever way works for the intended platform, and define OPENSSL_EXIT() to have the old meaning (the name is of course because it's only used in the openssl program)
2002-11-13Security fixes brought forward from 0.9.7.Ben Laurie1-12/+24
2002-11-11Variables on the stack must be initialized or we can't depend on anyRichard Levitte1-1/+1
initial value. For errline/errorline, we did depend on that, erroneously
2002-09-10Let 'openssl req' fail if an argument to '-newkey' is notBodo Möller1-1/+3
recognized instead of using RSA as a default.
2002-08-26fix offsetsBodo Möller1-2/+2
Submitted by: Nils Larsch
2002-08-22Make -nameopt work in req and add support for -reqoptDr. Stephen Henson1-4/+10
2002-08-16'EC' vs. 'ECDSA'Bodo Möller1-9/+12
Submitted by: Nils Larsch
2002-08-12get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)Bodo Möller1-2/+3
Submitted by: Nils Larsch
2002-08-09Add ECDH support.Bodo Möller1-10/+1
Additional changes: - use EC_GROUP_get_degree() in apps/req.c - add ECDSA and ECDH to apps/speed.c - adds support for EC curves over binary fields to ECDSA - new function EC_KEY_up_ref() in crypto/ec/ec_key.c - reorganize crypto/ecdsa/ecdsatest.c - add engine support for ECDH - fix a few bugs in ECDSA engine support Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-07use a generic EC_KEY structure (EC keys are not ECDSA specific)Bodo Möller1-22/+23
Submitted by: Nils Larsch
2002-08-01Make it possible to load keys from stdin, and restore thatRichard Levitte1-1/+1
functionality in the programs that had that before. Part fo PR 164
2002-07-14Replace 'ecdsaparam' commandline utility by 'ecparam'Bodo Möller1-1/+5
(the same keys can be used for ECC schemes other than ECDSA) and add some new options. Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS" in 'PEM' format. Fix ec_asn1.c (take into account the desired conversion form). 'make update'. Submitted by: Nils Larsch
2002-05-19Reorganise -subj option code, fix buffer overrun.Dr. Stephen Henson1-108/+6
2002-04-30Fix escaping when using the -subj option of "openssl req", documentLutz Jänicke1-35/+96
'hidden' -nameopt support. (Robert Joop <joop@fokus.gmd.de>)
2002-04-17check return valuesBodo Möller1-14/+15
Submitted by: Nils Larsch
2002-02-22non-Monolith fixes.Dr. Stephen Henson1-1/+2
Submitted by Andrew W. Gray <agray@iconsinc.com>
2002-02-22Config code updates.Dr. Stephen Henson1-0/+2
CONF_modules_unload() now calls CONF_modules_finish() automatically. Default use of section openssl_conf moved to CONF_modules_load() Load config file in several openssl utilities. Most utilities now load modules from the config file, though in a few (such as version) this isn't done because it couldn't be used for anything. In the case of ca and req the config file used is the same as the utility itself: that is the -config command line option can be used to specify an alternative file.
2002-02-13ECDSA supportBodo Möller1-4/+77
Submitted by: Nils Larsch <nla@trustcenter.de>
2001-12-01Add -pubkey option to req command.Dr. Stephen Henson1-10/+33
2001-11-02If verify fails, say why.Ben Laurie1-0/+1
2001-10-26New options to allow req to accept UTF8 strings as input.Dr. Stephen Henson1-24/+44