version 1.45, 2021/09/02 11:37:44 |
version 1.46, 2021/09/05 01:33:18 |
|
|
if (ca_config.verbose) |
if (ca_config.verbose) |
BIO_printf(bio_err, "writing new certificates\n"); |
BIO_printf(bio_err, "writing new certificates\n"); |
for (i = 0; i < sk_X509_num(cert_sk); i++) { |
for (i = 0; i < sk_X509_num(cert_sk); i++) { |
|
ASN1_INTEGER *serialNumber; |
int k; |
int k; |
char *serialstr; |
char *serialstr; |
unsigned char *data; |
unsigned char *data; |
|
|
|
|
x = sk_X509_value(cert_sk, i); |
x = sk_X509_value(cert_sk, i); |
|
|
j = x->cert_info->serialNumber->length; |
serialNumber = X509_get_serialNumber(x); |
data = (unsigned char *)x->cert_info->serialNumber->data; |
j = ASN1_STRING_length(serialNumber); |
|
data = ASN1_STRING_data(serialNumber); |
|
|
if (j > 0) |
if (j > 0) |
serialstr = bin2hex(data, j); |
serialstr = bin2hex(data, j); |
else |
else |
|
|
ASN1_STRING *str, *str2; |
ASN1_STRING *str, *str2; |
ASN1_OBJECT *obj; |
ASN1_OBJECT *obj; |
X509 *ret = NULL; |
X509 *ret = NULL; |
X509_CINF *ci; |
|
X509_NAME_ENTRY *ne; |
X509_NAME_ENTRY *ne; |
X509_NAME_ENTRY *tne, *push; |
X509_NAME_ENTRY *tne, *push; |
EVP_PKEY *pktmp; |
EVP_PKEY *pktmp; |
|
|
if (selfsign) |
if (selfsign) |
CAname = X509_NAME_dup(name); |
CAname = X509_NAME_dup(name); |
else |
else |
CAname = X509_NAME_dup(x509->cert_info->subject); |
CAname = X509_NAME_dup(X509_get_subject_name(x509)); |
if (CAname == NULL) |
if (CAname == NULL) |
goto err; |
goto err; |
str = str2 = NULL; |
str = str2 = NULL; |
|
|
|
|
if ((ret = X509_new()) == NULL) |
if ((ret = X509_new()) == NULL) |
goto err; |
goto err; |
ci = ret->cert_info; |
|
|
|
#ifdef X509_V3 |
#ifdef X509_V3 |
/* Make it an X509 v3 certificate. */ |
/* Make it an X509 v3 certificate. */ |
if (!X509_set_version(ret, 2)) |
if (!X509_set_version(ret, 2)) |
goto err; |
goto err; |
#endif |
#endif |
if (ci->serialNumber == NULL) |
if (X509_get_serialNumber(ret) == NULL) |
goto err; |
goto err; |
if (BN_to_ASN1_INTEGER(serial, ci->serialNumber) == NULL) |
if (BN_to_ASN1_INTEGER(serial, X509_get_serialNumber(ret)) == NULL) |
goto err; |
goto err; |
if (selfsign) { |
if (selfsign) { |
if (!X509_set_issuer_name(ret, subject)) |
if (!X509_set_issuer_name(ret, subject)) |
|
|
/* Lets add the extensions, if there are any */ |
/* Lets add the extensions, if there are any */ |
if (ext_sect != NULL) { |
if (ext_sect != NULL) { |
X509V3_CTX ctx; |
X509V3_CTX ctx; |
if (ci->version == NULL) |
|
if ((ci->version = ASN1_INTEGER_new()) == NULL) |
|
goto err; |
|
|
|
/* version 3 certificate */ |
if (!X509_set_version(ret, 2)) |
if (!ASN1_INTEGER_set(ci->version, 2)) |
|
goto err; |
goto err; |
|
|
/* |
|
* Free the current entries if any, there should not be any I |
|
* believe |
|
*/ |
|
sk_X509_EXTENSION_pop_free(ci->extensions, X509_EXTENSION_free); |
|
ci->extensions = NULL; |
|
|
|
/* Initialize the context structure */ |
/* Initialize the context structure */ |
if (selfsign) |
if (selfsign) |