version 1.5, 2015/08/22 16:36:05 |
version 1.6, 2015/09/11 14:30:23 |
|
|
static ASN1_INTEGER *create_nonce(int bits); |
static ASN1_INTEGER *create_nonce(int bits); |
|
|
/* Reply related functions. */ |
/* Reply related functions. */ |
static int reply_command(CONF * conf, char *section, char *engine, |
static int reply_command(CONF * conf, char *section, |
char *queryfile, char *passin, char *inkey, |
char *queryfile, char *passin, char *inkey, |
char *signer, char *chain, const char *policy, |
char *signer, char *chain, const char *policy, |
char *in, int token_in, char *out, int token_out, |
char *in, int token_in, char *out, int token_out, |
int text); |
int text); |
static TS_RESP *read_PKCS7(BIO * in_bio); |
static TS_RESP *read_PKCS7(BIO * in_bio); |
static TS_RESP *create_response(CONF * conf, const char *section, char *engine, |
static TS_RESP *create_response(CONF * conf, const char *section, |
char *queryfile, char *passin, char *inkey, |
char *queryfile, char *passin, char *inkey, |
char *signer, char *chain, const char *policy); |
char *signer, char *chain, const char *policy); |
static ASN1_INTEGER *serial_cb(TS_RESP_CTX * ctx, void *data); |
static ASN1_INTEGER *serial_cb(TS_RESP_CTX * ctx, void *data); |
|
|
char *ca_path = NULL; |
char *ca_path = NULL; |
char *ca_file = NULL; |
char *ca_file = NULL; |
char *untrusted = NULL; |
char *untrusted = NULL; |
char *engine = NULL; |
|
/* Input is ContentInfo instead of TimeStampResp. */ |
/* Input is ContentInfo instead of TimeStampResp. */ |
int token_in = 0; |
int token_in = 0; |
/* Output is ContentInfo instead of TimeStampResp. */ |
/* Output is ContentInfo instead of TimeStampResp. */ |
|
|
if (argc-- < 1) |
if (argc-- < 1) |
goto usage; |
goto usage; |
untrusted = *++argv; |
untrusted = *++argv; |
} else if (strcmp(*argv, "-engine") == 0) { |
|
if (argc-- < 1) |
|
goto usage; |
|
engine = *++argv; |
|
} else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL) { |
} else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL) { |
/* empty. */ |
/* empty. */ |
} else |
} else |
|
|
goto usage; |
goto usage; |
} |
} |
|
|
ret = !reply_command(conf, section, engine, queryfile, |
ret = !reply_command(conf, section, queryfile, |
password, inkey, signer, chain, policy, |
password, inkey, signer, chain, policy, |
in, token_in, out, token_out, text); |
in, token_in, out, token_out, text); |
break; |
break; |
|
|
"[-signer tsa_cert.pem] [-inkey private_key.pem] " |
"[-signer tsa_cert.pem] [-inkey private_key.pem] " |
"[-chain certs_file.pem] [-policy object_id] " |
"[-chain certs_file.pem] [-policy object_id] " |
"[-in response.tsr] [-token_in] " |
"[-in response.tsr] [-token_in] " |
"[-out response.tsr] [-token_out] [-text] [-engine id]\n"); |
"[-out response.tsr] [-token_out] [-text]\n"); |
BIO_printf(bio_err, "or\n" |
BIO_printf(bio_err, "or\n" |
"ts -verify [-data file_to_hash] [-digest digest_bytes] " |
"ts -verify [-data file_to_hash] [-digest digest_bytes] " |
"[-queryfile request.tsq] " |
"[-queryfile request.tsq] " |
|
|
*/ |
*/ |
|
|
static int |
static int |
reply_command(CONF * conf, char *section, char *engine, char *queryfile, |
reply_command(CONF * conf, char *section, char *queryfile, |
char *passin, char *inkey, char *signer, char *chain, const char *policy, |
char *passin, char *inkey, char *signer, char *chain, const char *policy, |
char *in, int token_in, char *out, int token_out, int text) |
char *in, int token_in, char *out, int token_out, int text) |
{ |
{ |
|
|
response = d2i_TS_RESP_bio(in_bio, NULL); |
response = d2i_TS_RESP_bio(in_bio, NULL); |
} |
} |
} else { |
} else { |
response = create_response(conf, section, engine, queryfile, |
response = create_response(conf, section, queryfile, |
passin, inkey, signer, chain, |
passin, inkey, signer, chain, |
policy); |
policy); |
if (response) |
if (response) |
|
|
} |
} |
|
|
static TS_RESP * |
static TS_RESP * |
create_response(CONF * conf, const char *section, char *engine, |
create_response(CONF * conf, const char *section, |
char *queryfile, char *passin, char *inkey, |
char *queryfile, char *passin, char *inkey, |
char *signer, char *chain, const char *policy) |
char *signer, char *chain, const char *policy) |
{ |
{ |
|
|
/* Setting serial number provider callback. */ |
/* Setting serial number provider callback. */ |
if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) |
if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) |
goto end; |
goto end; |
#ifndef OPENSSL_NO_ENGINE |
|
/* Setting default OpenSSL engine. */ |
|
if (!TS_CONF_set_crypto_device(conf, section, engine)) |
|
goto end; |
|
#endif |
|
|
|
/* Setting TSA signer certificate. */ |
/* Setting TSA signer certificate. */ |
if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) |
if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) |