| version 1.45, 2021/09/02 11:37:44 |
version 1.46, 2021/09/05 01:33:18 |
|
|
| if (ca_config.verbose) |
if (ca_config.verbose) |
| BIO_printf(bio_err, "writing new certificates\n"); |
BIO_printf(bio_err, "writing new certificates\n"); |
| for (i = 0; i < sk_X509_num(cert_sk); i++) { |
for (i = 0; i < sk_X509_num(cert_sk); i++) { |
| |
ASN1_INTEGER *serialNumber; |
| int k; |
int k; |
| char *serialstr; |
char *serialstr; |
| unsigned char *data; |
unsigned char *data; |
|
|
| |
|
| x = sk_X509_value(cert_sk, i); |
x = sk_X509_value(cert_sk, i); |
| |
|
| j = x->cert_info->serialNumber->length; |
serialNumber = X509_get_serialNumber(x); |
| data = (unsigned char *)x->cert_info->serialNumber->data; |
j = ASN1_STRING_length(serialNumber); |
| |
data = ASN1_STRING_data(serialNumber); |
| |
|
| if (j > 0) |
if (j > 0) |
| serialstr = bin2hex(data, j); |
serialstr = bin2hex(data, j); |
| else |
else |
|
|
| ASN1_STRING *str, *str2; |
ASN1_STRING *str, *str2; |
| ASN1_OBJECT *obj; |
ASN1_OBJECT *obj; |
| X509 *ret = NULL; |
X509 *ret = NULL; |
| X509_CINF *ci; |
|
| X509_NAME_ENTRY *ne; |
X509_NAME_ENTRY *ne; |
| X509_NAME_ENTRY *tne, *push; |
X509_NAME_ENTRY *tne, *push; |
| EVP_PKEY *pktmp; |
EVP_PKEY *pktmp; |
|
|
| if (selfsign) |
if (selfsign) |
| CAname = X509_NAME_dup(name); |
CAname = X509_NAME_dup(name); |
| else |
else |
| CAname = X509_NAME_dup(x509->cert_info->subject); |
CAname = X509_NAME_dup(X509_get_subject_name(x509)); |
| if (CAname == NULL) |
if (CAname == NULL) |
| goto err; |
goto err; |
| str = str2 = NULL; |
str = str2 = NULL; |
|
|
| |
|
| if ((ret = X509_new()) == NULL) |
if ((ret = X509_new()) == NULL) |
| goto err; |
goto err; |
| ci = ret->cert_info; |
|
| |
|
| #ifdef X509_V3 |
#ifdef X509_V3 |
| /* Make it an X509 v3 certificate. */ |
/* Make it an X509 v3 certificate. */ |
| if (!X509_set_version(ret, 2)) |
if (!X509_set_version(ret, 2)) |
| goto err; |
goto err; |
| #endif |
#endif |
| if (ci->serialNumber == NULL) |
if (X509_get_serialNumber(ret) == NULL) |
| goto err; |
goto err; |
| if (BN_to_ASN1_INTEGER(serial, ci->serialNumber) == NULL) |
if (BN_to_ASN1_INTEGER(serial, X509_get_serialNumber(ret)) == NULL) |
| goto err; |
goto err; |
| if (selfsign) { |
if (selfsign) { |
| if (!X509_set_issuer_name(ret, subject)) |
if (!X509_set_issuer_name(ret, subject)) |
|
|
| /* Lets add the extensions, if there are any */ |
/* Lets add the extensions, if there are any */ |
| if (ext_sect != NULL) { |
if (ext_sect != NULL) { |
| X509V3_CTX ctx; |
X509V3_CTX ctx; |
| if (ci->version == NULL) |
|
| if ((ci->version = ASN1_INTEGER_new()) == NULL) |
|
| goto err; |
|
| |
|
| /* version 3 certificate */ |
if (!X509_set_version(ret, 2)) |
| if (!ASN1_INTEGER_set(ci->version, 2)) |
|
| goto err; |
goto err; |
| |
|
| /* |
|
| * Free the current entries if any, there should not be any I |
|
| * believe |
|
| */ |
|
| sk_X509_EXTENSION_pop_free(ci->extensions, X509_EXTENSION_free); |
|
| ci->extensions = NULL; |
|
| |
|
| /* Initialize the context structure */ |
/* Initialize the context structure */ |
| if (selfsign) |
if (selfsign) |
![[BACK]](/icons/back.gif){kind=icon}
Return to ca.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl