← Back to branch summary

~ubuntu-branches/ubuntu/maverick/openssl/maverick

« back to all changes in this revision

Viewing changes to apps/x509.c

  • Committer: Bazaar Package Importer
  • Author(s): Kurt Roeckx
  • Date: 2005-12-13 21:37:42 UTC
  • mto: (11.1.1 lenny)
  • mto: This revision was merged to the branch mainline in revision 4.
  • Revision ID: james.westby@ubuntu.com-20051213213742-d0ydaylf80l16bj1
Tags: upstream-0.9.8a
ImportĀ upstreamĀ versionĀ 0.9.8a

Show diffs side-by-side

added added

removed removed

Lines of Context:
apps/x509.c
73
73
#include <openssl/x509v3.h>
74
74
#include <openssl/objects.h>
75
75
#include <openssl/pem.h>
 
76
#ifndef OPENSSL_NO_RSA
 
77
#include <openssl/rsa.h>
 
78
#endif
 
79
#ifndef OPENSSL_NO_DSA
 
80
#include <openssl/dsa.h>
 
81
#endif
76
82
 
77
83
#undef PROG
78
84
#define PROG x509_main
81
87
#define POSTFIX ".srl"
82
88
#define DEF_DAYS        30
83
89
 
84
 
static char *x509_usage[]={
 
90
static const char *x509_usage[]={
85
91
"usage: x509 args\n",
86
92
" -inform arg     - input format - default PEM (one of DER, NET or PEM)\n",
87
93
" -outform arg    - output format - default PEM (one of DER, NET or PEM)\n",
92
98
" -out arg        - output file - default stdout\n",
93
99
" -passin arg     - private key password source\n",
94
100
" -serial         - print serial number value\n",
95
 
" -hash           - print hash value\n",
 
101
" -subject_hash   - print subject hash value\n",
 
102
" -issuer_hash    - print issuer hash value\n",
 
103
" -hash           - synonym for -subject_hash\n",
96
104
" -subject        - print subject DN\n",
97
105
" -issuer         - print issuer DN\n",
98
106
" -email          - print email address(es)\n",
167
175
        char *infile=NULL,*outfile=NULL,*keyfile=NULL,*CAfile=NULL;
168
176
        char *CAkeyfile=NULL,*CAserial=NULL;
169
177
        char *alias=NULL;
170
 
        int text=0,serial=0,hash=0,subject=0,issuer=0,startdate=0,enddate=0;
171
 
        int next_serial=0,ocspid=0;
 
178
        int text=0,serial=0,subject=0,issuer=0,startdate=0,enddate=0;
 
179
        int next_serial=0;
 
180
        int subject_hash=0,issuer_hash=0,ocspid=0;
172
181
        int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0;
173
182
        int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0;
174
183
        int C=0;
175
184
        int x509req=0,days=DEF_DAYS,modulus=0,pubkey=0;
176
185
        int pprint = 0;
177
 
        char **pp;
 
186
        const char **pp;
178
187
        X509_STORE *ctx=NULL;
179
188
        X509_REQ *rq=NULL;
180
189
        int fingerprint=0;
181
190
        char buf[256];
182
 
        const EVP_MD *md_alg,*digest=EVP_md5();
 
191
        const EVP_MD *md_alg,*digest=EVP_sha1();
183
192
        CONF *extconf = NULL;
184
193
        char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
185
194
        int need_rand = 0;
381
390
                        x509req= ++num;
382
391
                else if (strcmp(*argv,"-text") == 0)
383
392
                        text= ++num;
384
 
                else if (strcmp(*argv,"-hash") == 0)
385
 
                        hash= ++num;
 
393
                else if (strcmp(*argv,"-hash") == 0
 
394
                        || strcmp(*argv,"-subject_hash") == 0)
 
395
                        subject_hash= ++num;
 
396
                else if (strcmp(*argv,"-issuer_hash") == 0)
 
397
                        issuer_hash= ++num;
386
398
                else if (strcmp(*argv,"-subject") == 0)
387
399
                        subject= ++num;
388
400
                else if (strcmp(*argv,"-issuer") == 0)
598
610
                        sno = ASN1_INTEGER_new();
599
611
                        if (!sno || !rand_serial(NULL, sno))
600
612
                                goto end;
 
613
                        if (!X509_set_serialNumber(x, sno)) 
 
614
                                goto end;
 
615
                        ASN1_INTEGER_free(sno);
 
616
                        sno = NULL;
601
617
                        }
602
 
 
603
 
                if (!X509_set_serialNumber(x, sno)) 
 
618
                else if (!X509_set_serialNumber(x, sno)) 
604
619
                        goto end;
605
620
 
606
621
                if (!X509_set_issuer_name(x,req->req_info->subject)) goto end;
694
709
                        else if (serial == i)
695
710
                                {
696
711
                                BIO_printf(STDout,"serial=");
697
 
                                i2a_ASN1_INTEGER(STDout,x->cert_info->serialNumber);
 
712
                                i2a_ASN1_INTEGER(STDout,
 
713
                                        X509_get_serialNumber(x));
698
714
                                BIO_printf(STDout,"\n");
699
715
                                }
700
716
                        else if (next_serial == i)
731
747
                                if (alstr) BIO_printf(STDout,"%s\n", alstr);
732
748
                                else BIO_puts(STDout,"<No Alias>\n");
733
749
                                }
734
 
                        else if (hash == i)
 
750
                        else if (subject_hash == i)
735
751
                                {
736
752
                                BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x));
737
753
                                }
 
754
                        else if (issuer_hash == i)
 
755
                                {
 
756
                                BIO_printf(STDout,"%08lx\n",X509_issuer_name_hash(x));
 
757
                                }
738
758
                        else if (pprint == i)
739
759
                                {
740
760
                                X509_PURPOSE *ptmp;
896
916
                                if (Upkey->type == EVP_PKEY_DSA)
897
917
                                        digest=EVP_dss1();
898
918
#endif
 
919
#ifndef OPENSSL_NO_ECDSA
 
920
                                if (Upkey->type == EVP_PKEY_EC)
 
921
                                        digest=EVP_ecdsa();
 
922
#endif
899
923
 
900
924
                                assert(need_rand);
901
925
                                if (!sign(x,Upkey,days,clrext,digest,
916
940
                                if (CApkey->type == EVP_PKEY_DSA)
917
941
                                        digest=EVP_dss1();
918
942
#endif
 
943
#ifndef OPENSSL_NO_ECDSA
 
944
                                if (CApkey->type == EVP_PKEY_EC)
 
945
                                        digest = EVP_ecdsa();
 
946
#endif
919
947
                                
920
948
                                assert(need_rand);
921
949
                                if (!x509_certify(ctx,CAfile,digest,x,xca,
947
975
                                if (pk->type == EVP_PKEY_DSA)
948
976
                                        digest=EVP_dss1();
949
977
#endif
 
978
#ifndef OPENSSL_NO_ECDSA
 
979
                                if (pk->type == EVP_PKEY_EC)
 
980
                                        digest=EVP_ecdsa();
 
981
#endif
950
982
 
951
983
                                rq=X509_to_X509_REQ(x,pk,digest);
952
984
                                EVP_PKEY_free(pk);
971
1003
 
972
1004
        if (checkend)
973
1005
                {
974
 
                time_t tnow=time(NULL);
 
1006
                time_t tcheck=time(NULL) + checkoffset;
975
1007
 
976
 
                if (ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(x), tnow+checkoffset) == -1)
 
1008
                if (X509_cmp_time(X509_get_notAfter(x), &tcheck) < 0)
977
1009
                        {
978
1010
                        BIO_printf(out,"Certificate will expire\n");
979
1011
                        ret=1;
1010
1042
                ah.data=(char *)x;
1011
1043
                ah.meth=X509_asn1_meth();
1012
1044
 
1013
 
                /* no macro for this one yet */
1014
 
                i=ASN1_i2d_bio(i2d_ASN1_HEADER,out,(unsigned char *)&ah);
 
1045
                i=ASN1_i2d_bio_of(ASN1_HEADER,i2d_ASN1_HEADER,out,&ah);
1015
1046
                }
1016
1047
        else    {
1017
1048
                BIO_printf(bio_err,"bad output format specified for outfile\n");