Added changes for engine support. Working version, not intended for use!

Makefile

@@ -7,14 +7,18 @@ MANDIR = /usr/local/man/man8
 
 CC	= gcc
 #WITH_DEBUG   = -g
-CFLAGS	= -Wall -O $(WITH_DEBUG)
+OPENSSL = /c/Users/tob130/Downloads/openssl-mingw
+CFLAGS	= -Wall -O $(WITH_DEBUG) -I $(OPENSSL)/include
+
+LDFLAGS = -L$(OPENSSL)/lib
+LDLIBS = -lcrypto -lws2_32 -lgdi32
 
 MAN	= sscep.8
 PROG	= sscep
 OBJS    = sscep.o init.o net.o sceputils.o pkcs7.o ias.o fileutils.o
 
 $(PROG): $(OBJS)
-	$(CC) $(CFLAGS) -lcrypto -o $(PROG) $(OBJS) 
+	$(CC) $(CFLAGS) -o $(PROG) $(OBJS) $(LDLIBS) $(LDFLAGS)
 
 clean:
 	rm -f $(PROG) $(OBJS) $(MAN) core

Makefile.w32

@@ -0,0 +1,47 @@
+#
+# $Id: Makefile,v 1.0 2003/01/12 13:17:37 jt Exp $
+#
+
+CC = cl
+
+#for dynamically linking against binary OpenSSL distribution
+#http://www.slproweb.com/download/Win32OpenSSL-v0.9.7i.exe
+#works with VC 6.0 but not with VC 7.0
+#OPENSSL_PATH=C:\program files\OpenSSL
+#OPENSSL_LIB=$(OPENSSL_PATH)\lib\VC
+#OPENSSL_INC=$(OPENSSL_PATH)\include
+
+
+#if you compile OpenSSL from source use the following definitions
+OPENSSL_PATH=C:\Users\tob130\Programme\OpenSSL-Win32
+OPENSSL_LIB=$(OPENSSL_PATH)\lib
+OPENSSL_INC=$(OPENSSL_PATH)\include
+
+#change to your scep URL
+TEST_URL=http://scepserver.example.com/cgi-bin/scep/scep
+
+LINK=link
+LFLAGS=/nologo /subsystem:console /opt:ref /debug
+EX_LIBS=/libpath:"$(OPENSSL_LIB)" libeay32.lib wsock32.lib user32.lib gdi32.lib 
+
+#DEBUG_OPT   =  /MDd /Od /GS /RTCcsu -D_DEBUG -DDEBUG
+DEBUG_OPT   =  /MD /O2
+
+CFLAGS	= /W3 /Zi /Yd /nologo -DWIN32 $(DEBUG_OPT) -I. -I"$(OPENSSL_INC)"
+
+PROG	= sscep.exe
+OBJS    = sscep.obj init.obj net.obj sceputils.obj pkcs7.obj ias.obj fileutils.obj getopt.obj
+PDB = *.pdb
+
+all: $(PROG)
+
+$(PROG): $(OBJS)
+	$(LINK) $(LFLAGS) /out:$(PROG) $(OBJS) $(EX_LIBS)
+
+clean:
+	del $(PROG) $(OBJS) $(PDB)
+
+test: all
+	sscep.exe getca -v -u $(TEST_URL) -c cacert
+
+

README

@@ -62,13 +62,46 @@ o OpenCA (getca, enroll, getcrl and automatic approval works)****
 HOW TO COMPILE
 ==============
 
-The program should compile on OpenBSD system without problems. Uncompress
-the package and run command
+The program should compile on the following systems:
 
+OpenBSD
+AIX
+Darwin (PowerPC, no universal binaries yet)
+Tandem NonStop (Guardian), OSS environment, MIPS processor
+Linux x86
+z/OS (USS environment)
+Solaris
+Windows, compiled with VC6, statically linked with OpenSSL 0.9.7i
+
+Unix:
+
+To compile run: 
 $ make
 
-Copy binary file sscep and configuration file sscep.conf to somewhere.
+Windows:
+
+The Win32 version of sscep has been tested with OpenSSL-v0.9.7i.
+For Win32 environment you can choose two ways to compile the sscep program.
+
+1. Dynamically linked against the binary OpenSSL distribution: 
+	http://www.slproweb.com/download/Win32OpenSSL-v0.9.7i.exe
+For this you need the binaries from OpenSSL-v0.9.7i and change the paths
+in the makefile Makefile.w32.
+This works with VC6.0 but not with VC7.0.
 
+2. Statically linked against OpenSSL-v0.9.7i.
+You can download the source from the OpenSSL Homepage and you have to change the 
+paths in the makefile Makefile.w32. This OpenSSL Version needs to be compiled with the same
+compiler as sscep, because otherwise you can get some trouble with diffrent LIBs.
+
+If you want to use a debug version of sscep, then you need to compile a debug version
+of OpenSSL.
+
+To compile run:
+C:\...> vcvars32.bat
+C:\...> nmake -f Makefile.w32 
+
+Copy binary file sscep and configuration file sscep.conf to somewhere.
 
 HOW TO USE
 ==========

cmd.h

@@ -1,105 +1,128 @@
-
-/*
- * sscep -- Simple SCEP client implementation
- * Copyright (c) Jarkko Turkulainen 2003. All rights reserved.
- * See the file COPYRIGHT for licensing information.
- */
-
-/*
- * Command line options
- * These are defined globally for easy access from all functions.
- * For each command line option 'x', there is int x_flag and
- * char *x_char or int x_num if the option requires parameter.
- */
-
-/* CA certificate */
-int c_flag;
-char *c_char;
-
-/* Debug? */
-int d_flag;
-
-/* CA encryption certificate */
-int e_flag;
-char *e_char;
-
-/* Encryption algorithm */
-char *E_char; 
-int E_flag;
-
-/* Configuration file */
-int f_flag;
-char *f_char;
-
-/* Fingerprint algorithm */
-char *F_char; 
-int F_flag;
-
-/* Local certificate  */
-char *l_char;
-int l_flag;
-
-/* Local selfsigned certificate  (generated automaticatally) */
-char *L_char;
-int L_flag;
-
-/* CA identifier */
-char *i_char;
-int i_flag;
-
-/* Private key */
-char *k_char;
-int k_flag;
-
-/* Private key of already existing certificate */
-char *K_char;
-int K_flag;
-
-/* Request count */
-int n_flag;
-int n_num;
-
-/* Already existing certificate (to be renewed) */
-char *O_char; 
-int O_flag;
-
-/* Proxy */
-char *p_char; 
-int p_flag;
-
-/* GetCrl CRL file */
-char *r_char; 
-int r_flag;
-
-/* Resume */
-int R_flag;
-
-/* Certificate serial number */
-char *s_char; 
-int s_flag;
-
-/* Signature algorithm */
-char *S_char; 
-int S_flag;
-
-/* Polling interval */
-int t_num; 
-int t_flag;
-
-/* Max polling time */
-int T_num; 
-int T_flag;
-
-/* URL */
-int u_flag;
-char *url_char;
-
-/* Verbose? boolean */
-int v_flag;
-
-/* GetCert certificate */
-int w_flag;
-char *w_char;
-
-/* End of command line options */
-
+
+/*
+ * sscep -- Simple SCEP client implementation
+ * Copyright (c) Jarkko Turkulainen 2003. All rights reserved.
+ * See the file COPYRIGHT for licensing information.
+ */
+
+/*
+ * Command line options
+ * These are defined globally for easy access from all functions.
+ * For each command line option 'x', there is int x_flag and
+ * char *x_char or int x_num if the option requires parameter.
+ */
+
+/* CA certificate */
+int c_flag;
+char *c_char;
+
+/* Debug? */
+int d_flag;
+
+/* CA encryption certificate */
+int e_flag;
+char *e_char;
+
+/* Encryption algorithm */
+char *E_char; 
+int E_flag;
+
+/* Configuration file */
+int f_flag;
+char *f_char;
+
+/* Fingerprint algorithm */
+char *F_char; 
+int F_flag;
+
+/* enable EnGine support */
+char *g_char;
+int g_flag;
+
+/* enable hwcrhk keys
+ * To set this means that the new key (for which you have the
+ * CSR and Private Key) should be taken from the engine
+ * while the old key (possibly, see captial letter options)
+ * is selected by the -H option
+*/
+int h_flag;
+
+/* sets if engine should be used if the old key usage is set
+ * i.e., setting this uses the old key für signing and does
+ * not set anything for the lowercase options that correspond
+ * to the new keys
+*/
+int H_flag;
+
+/* Local certificate  */
+char *l_char;
+int l_flag;
+
+/* Local selfsigned certificate  (generated automaticatally) */
+char *L_char;
+int L_flag;
+
+/* CA identifier */
+char *i_char;
+int i_flag;
+
+/* Private key */
+char *k_char;
+int k_flag;
+
+/* Private key of already existing certificate */
+char *K_char;
+int K_flag;
+
+/* Test mode */
+int m_flag;
+char *m_char;
+
+/* Request count */
+int n_flag;
+int n_num;
+
+/* Already existing certificate (to be renewed) */
+char *O_char; 
+int O_flag;
+
+/* Proxy */
+char *p_char; 
+int p_flag;
+
+/* GetCrl CRL file */
+char *r_char; 
+int r_flag;
+
+/* Resume */
+int R_flag;
+
+/* Certificate serial number */
+char *s_char; 
+int s_flag;
+
+/* Signature algorithm */
+char *S_char; 
+int S_flag;
+
+/* Polling interval */
+int t_num; 
+int t_flag;
+
+/* Max polling time */
+int T_num; 
+int T_flag;
+
+/* URL */
+int u_flag;
+char *url_char;
+
+/* Verbose? boolean */
+int v_flag;
+
+/* GetCert certificate */
+int w_flag;
+char *w_char;
+
+/* End of command line options */
+