| version 1.20, 2021/03/26 13:46:25 |
version 1.21, 2021/04/01 10:47:38 |
|
|
| "need to specify a CAkey if using the CA command\n"); |
"need to specify a CAkey if using the CA command\n"); |
| goto end; |
goto end; |
| } |
} |
| if (x509_config.extfile) { |
if (x509_config.extfile != NULL) { |
| long errorline = -1; |
long errorline = -1; |
| X509V3_CTX ctx2; |
X509V3_CTX ctx2; |
| extconf = NCONF_new(NULL); |
extconf = NCONF_new(NULL); |
|
|
| errorline, x509_config.extfile); |
errorline, x509_config.extfile); |
| goto end; |
goto end; |
| } |
} |
| if (!x509_config.extsect) { |
if (x509_config.extsect == NULL) { |
| x509_config.extsect = NCONF_get_string(extconf, |
x509_config.extsect = NCONF_get_string(extconf, |
| "default", "extensions"); |
"default", "extensions"); |
| if (!x509_config.extsect) { |
if (x509_config.extsect == NULL) { |
| ERR_clear_error(); |
ERR_clear_error(); |
| x509_config.extsect = "default"; |
x509_config.extsect = "default"; |
| } |
} |
|
|
| |
|
| if (x509_config.sno == NULL) { |
if (x509_config.sno == NULL) { |
| x509_config.sno = ASN1_INTEGER_new(); |
x509_config.sno = ASN1_INTEGER_new(); |
| if (!x509_config.sno || |
if (x509_config.sno == NULL || |
| !rand_serial(NULL, x509_config.sno)) |
!rand_serial(NULL, x509_config.sno)) |
| goto end; |
goto end; |
| if (!X509_set_serialNumber(x, x509_config.sno)) |
if (!X509_set_serialNumber(x, x509_config.sno)) |
|
|
| } |
} |
| } |
} |
| } |
} |
| if (x509_config.alias) |
if (x509_config.alias != NULL) |
| X509_alias_set1(x, (unsigned char *) x509_config.alias, -1); |
X509_alias_set1(x, (unsigned char *) x509_config.alias, -1); |
| |
|
| if (x509_config.clrtrust) |
if (x509_config.clrtrust) |
|
|
| if (x509_config.clrreject) |
if (x509_config.clrreject) |
| X509_reject_clear(x); |
X509_reject_clear(x); |
| |
|
| if (x509_config.trust) { |
if (x509_config.trust != NULL) { |
| for (i = 0; i < sk_ASN1_OBJECT_num(x509_config.trust); i++) { |
for (i = 0; i < sk_ASN1_OBJECT_num(x509_config.trust); i++) { |
| x509_config.objtmp = sk_ASN1_OBJECT_value( |
x509_config.objtmp = sk_ASN1_OBJECT_value( |
| x509_config.trust, i); |
x509_config.trust, i); |
| X509_add1_trust_object(x, x509_config.objtmp); |
X509_add1_trust_object(x, x509_config.objtmp); |
| } |
} |
| } |
} |
| if (x509_config.reject) { |
if (x509_config.reject != NULL) { |
| for (i = 0; i < sk_ASN1_OBJECT_num(x509_config.reject); i++) { |
for (i = 0; i < sk_ASN1_OBJECT_num(x509_config.reject); i++) { |
| x509_config.objtmp = sk_ASN1_OBJECT_value( |
x509_config.objtmp = sk_ASN1_OBJECT_value( |
| x509_config.reject, i); |
x509_config.reject, i); |
|
|
| ASN1_INTEGER *ser; |
ASN1_INTEGER *ser; |
| ser = X509_get_serialNumber(x); |
ser = X509_get_serialNumber(x); |
| bnser = ASN1_INTEGER_to_BN(ser, NULL); |
bnser = ASN1_INTEGER_to_BN(ser, NULL); |
| if (!bnser) |
if (bnser == NULL) |
| goto end; |
goto end; |
| if (!BN_add_word(bnser, 1)) |
if (!BN_add_word(bnser, 1)) |
| goto end; |
goto end; |
| ser = BN_to_ASN1_INTEGER(bnser, NULL); |
ser = BN_to_ASN1_INTEGER(bnser, NULL); |
| if (!ser) |
if (ser == NULL) |
| goto end; |
goto end; |
| BN_free(bnser); |
BN_free(bnser); |
| i2a_ASN1_INTEGER(out, ser); |
i2a_ASN1_INTEGER(out, ser); |
|
|
| } else if (x509_config.aliasout == i) { |
} else if (x509_config.aliasout == i) { |
| unsigned char *alstr; |
unsigned char *alstr; |
| alstr = X509_alias_get0(x, NULL); |
alstr = X509_alias_get0(x, NULL); |
| if (alstr) |
if (alstr != NULL) |
| BIO_printf(STDout, "%s\n", alstr); |
BIO_printf(STDout, "%s\n", alstr); |
| else |
else |
| BIO_puts(STDout, "<No Alias>\n"); |
BIO_puts(STDout, "<No Alias>\n"); |
|
|
| unsigned char md[EVP_MAX_MD_SIZE]; |
unsigned char md[EVP_MAX_MD_SIZE]; |
| const EVP_MD *fdig = x509_config.digest; |
const EVP_MD *fdig = x509_config.digest; |
| |
|
| if (!fdig) |
if (fdig == NULL) |
| fdig = EVP_sha256(); |
fdig = EVP_sha256(); |
| |
|
| if (!X509_digest(x, fdig, md, &n)) { |
if (!X509_digest(x, fdig, md, &n)) { |
|
|
| BIO_printf(bio_err, "Error initialising X509 store\n"); |
BIO_printf(bio_err, "Error initialising X509 store\n"); |
| goto end; |
goto end; |
| } |
} |
| if (sno) |
if (sno != NULL) |
| bs = sno; |
bs = sno; |
| else if (!(bs = x509_load_serial(CAfile, serialfile, create))) |
else if ((bs = x509_load_serial(CAfile, serialfile, create)) == NULL) |
| goto end; |
goto end; |
| |
|
| /* if (!X509_STORE_add_cert(ctx,x)) goto end;*/ |
/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/ |
|
|
| while (X509_get_ext_count(x) > 0) |
while (X509_get_ext_count(x) > 0) |
| X509_delete_ext(x, 0); |
X509_delete_ext(x, 0); |
| } |
} |
| if (conf) { |
if (conf != NULL) { |
| X509V3_CTX ctx2; |
X509V3_CTX ctx2; |
| X509_set_version(x, 2); /* version 3 certificate */ |
X509_set_version(x, 2); /* version 3 certificate */ |
| X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0); |
X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0); |
|
|
| X509_STORE_CTX_cleanup(&xsc); |
X509_STORE_CTX_cleanup(&xsc); |
| if (!ret) |
if (!ret) |
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| if (!sno) |
if (sno == NULL) |
| ASN1_INTEGER_free(bs); |
ASN1_INTEGER_free(bs); |
| return ret; |
return ret; |
| } |
} |
|
|
| sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, const EVP_MD *digest, |
sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, const EVP_MD *digest, |
| CONF *conf, char *section) |
CONF *conf, char *section) |
| { |
{ |
| |
|
| EVP_PKEY *pktmp; |
EVP_PKEY *pktmp; |
| |
|
| pktmp = X509_get_pubkey(x); |
pktmp = X509_get_pubkey(x); |
|
|
| while (X509_get_ext_count(x) > 0) |
while (X509_get_ext_count(x) > 0) |
| X509_delete_ext(x, 0); |
X509_delete_ext(x, 0); |
| } |
} |
| if (conf) { |
if (conf != NULL) { |
| X509V3_CTX ctx; |
X509V3_CTX ctx; |
| X509_set_version(x, 2); /* version 3 certificate */ |
X509_set_version(x, 2); /* version 3 certificate */ |
| X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0); |
X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0); |
![[BACK]](/icons/back.gif){kind=icon}
Return to x509.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl