From 23e306f90cbe262d3bc4e485479a50873b3983b8 Mon Sep 17 00:00:00 2001
From: Eric Frohnhoefer <efrohnho@gmail.com>
Date: Tue, 4 Dec 2012 10:11:28 -0500
Subject: [PATCH] Added options for additional hashing algorithms

---
 mkrequest | 8 +++++++-
 sscep.c   | 8 ++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)
 mode change 100644 => 100755 mkrequest

diff --git a/mkrequest b/mkrequest
old mode 100644
new mode 100755
index ce3cb85..9841a36
--- a/mkrequest
+++ b/mkrequest
@@ -157,8 +157,14 @@ subjectAltName=critical,DNS:$PARAMETER
 subjectAltName=critical,email:$PARAMETER
 _EOF_
 
+if [ "$4" ]; then
+	DIGEST=-$4
+else
+	DIGEST=""
+fi
+
 # Make request
-openssl req -new -key $PREFIX.key -out $PREFIX.csr -config $CONFIG \
+openssl req -new -key $PREFIX.key $DIGEST -out $PREFIX.csr -config $CONFIG \
 	-reqexts $EXT
 
 # Make a self-signed certificate from request subject
diff --git a/sscep.c b/sscep.c
index 2119d7b..0d87c27 100644
--- a/sscep.c
+++ b/sscep.c
@@ -500,6 +500,10 @@ main(int argc, char **argv) {
 		sig_alg = (EVP_MD *)EVP_md5();
 	} else if (!strncmp(S_char, "sha1", 4)) {
 		sig_alg = (EVP_MD *)EVP_sha1();
+	} else if (!strncmp(S_char, "sha256", 6)) {
+		sig_alg = (EVP_MD *)EVP_sha256();
+	} else if (!strncmp(S_char, "sha512", 6)) {
+		sig_alg = (EVP_MD *)EVP_sha512();
 	} else {
 		fprintf(stderr, "%s: unsupported algorithm: %s\n",
 			pname, S_char);
@@ -512,6 +516,10 @@ main(int argc, char **argv) {
 		fp_alg = (EVP_MD *)EVP_md5();
 	} else if (!strncmp(F_char, "sha1", 4)) {
 		fp_alg = (EVP_MD *)EVP_sha1();
+	} else if (!strncmp(F_char, "sha256", 6)) {
+		fp_alg = (EVP_MD *)EVP_sha256();
+	} else if (!strncmp(F_char, "sha512", 6)) {
+		fp_alg = (EVP_MD *)EVP_sha512();
 	} else {
 		fprintf(stderr, "%s: unsupported algorithm: %s\n",
 			pname, F_char);