* [including the GNU Public Licence.]
*/
-#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int text = 0, serial = 0, subject = 0, issuer = 0, startdate = 0;
int checkoffset = 0, enddate = 0;
unsigned long nmflag = 0, certflag = 0;
+ char nmflag_set = 0;
OPTION_CHOICE o;
ENGINE *e = NULL;
#ifndef OPENSSL_NO_MD5
goto opthelp;
break;
case OPT_NAMEOPT:
+ nmflag_set = 1;
if (!set_name_ex(&nmflag, opt_arg()))
goto opthelp;
break;
goto opthelp;
}
- if (!app_load_modules(NULL))
- goto end;
+ if (!nmflag_set)
+ nmflag = XN_FLAG_ONELINE;
- out = bio_open_default(outfile, "w");
+ out = bio_open_default(outfile, 'w', outformat);
if (out == NULL)
goto end;
BIO_printf(bio_err, "We need a private key to sign with\n");
goto end;
}
- in = bio_open_default(infile, "r");
+ in = bio_open_default(infile, 'r', informat);
if (in == NULL)
goto end;
req = PEM_read_bio_X509_REQ(in, NULL, NULL, NULL);
goto end;
}
- if ((req->req_info == NULL) ||
- (req->req_info->pubkey == NULL) ||
- (req->req_info->pubkey->public_key == NULL) ||
- (req->req_info->pubkey->public_key->data == NULL)) {
- BIO_printf(bio_err,
- "The certificate request appears to corrupted\n");
- BIO_printf(bio_err, "It does not contain a public key\n");
- goto end;
- }
if ((pkey = X509_REQ_get_pubkey(req)) == NULL) {
BIO_printf(bio_err, "error unpacking public key\n");
goto end;
if (sno == NULL) {
sno = ASN1_INTEGER_new();
- if (!sno || !rand_serial(NULL, sno))
+ if (sno == NULL || !rand_serial(NULL, sno))
goto end;
if (!X509_set_serialNumber(x, sno))
goto end;
} else if (!X509_set_serialNumber(x, sno))
goto end;
- if (!X509_set_issuer_name(x, req->req_info->subject))
+ if (!X509_set_issuer_name(x, X509_REQ_get_subject_name(req)))
goto end;
- if (!X509_set_subject_name(x, req->req_info->subject))
+ if (!X509_set_subject_name(x, X509_REQ_get_subject_name(req)))
goto end;
X509_gmtime_adj(X509_get_notBefore(x), 0);
} else if (modulus == i) {
EVP_PKEY *pkey;
- pkey = X509_get_pubkey(x);
+ pkey = X509_get0_pubkey(x);
if (pkey == NULL) {
BIO_printf(bio_err, "Modulus=unavailable\n");
ERR_print_errors(bio_err);
}
BIO_printf(out, "Modulus=");
#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- BN_print(out, pkey->pkey.rsa->n);
+ if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA)
+ BN_print(out, EVP_PKEY_get0_RSA(pkey)->n);
else
#endif
#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- BN_print(out, pkey->pkey.dsa->pub_key);
+ if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA)
+ BN_print(out, EVP_PKEY_get0_DSA(pkey)->pub_key);
else
#endif
BIO_printf(out, "Wrong Algorithm type");
BIO_printf(out, "\n");
- EVP_PKEY_free(pkey);
} else if (pubkey == i) {
EVP_PKEY *pkey;
- pkey = X509_get_pubkey(x);
+ pkey = X509_get0_pubkey(x);
if (pkey == NULL) {
BIO_printf(bio_err, "Error getting public key\n");
ERR_print_errors(bio_err);
goto end;
}
PEM_write_bio_PUBKEY(out, pkey);
- EVP_PKEY_free(pkey);
} else if (C == i) {
unsigned char *d;
char *m;
goto end;
}
- if (badsig)
- x->signature->data[x->signature->length - 1] ^= 0x1;
+ if (badsig) {
+ ASN1_BIT_STRING *signature;
+ unsigned char *s;
+ X509_get0_signature(&signature, NULL, x);
+ s = ASN1_STRING_data(signature);
+ s[ASN1_STRING_length(signature) - 1] ^= 0x1;
+ }
if (outformat == FORMAT_ASN1)
i = i2d_X509_bio(out, x);
i = PEM_write_bio_X509_AUX(out, x);
else
i = PEM_write_bio_X509(out, x);
- } else if (outformat == FORMAT_NETSCAPE) {
- NETSCAPE_X509 nx;
- ASN1_OCTET_STRING hdr;
-
- hdr.data = (unsigned char *)NETSCAPE_CERT_HDR;
- hdr.length = strlen(NETSCAPE_CERT_HDR);
- nx.header = &hdr;
- nx.cert = x;
-
- i = ASN1_item_i2d_bio(ASN1_ITEM_rptr(NETSCAPE_X509), out, &nx);
} else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
: (strlen(serialfile))) + 1;
buf = app_malloc(len, "serial# buffer");
if (serialfile == NULL) {
- BUF_strlcpy(buf, CAfile, len);
+ OPENSSL_strlcpy(buf, CAfile, len);
for (p = buf; *p; p++)
if (*p == '.') {
*p = '\0';
break;
}
- BUF_strlcat(buf, POSTFIX, len);
+ OPENSSL_strlcat(buf, POSTFIX, len);
} else
- BUF_strlcpy(buf, serialfile, len);
+ OPENSSL_strlcpy(buf, serialfile, len);
serial = load_serial(buf, create, NULL);
if (serial == NULL)
X509_STORE_CTX xsc;
EVP_PKEY *upkey;
- upkey = X509_get_pubkey(xca);
+ upkey = X509_get0_pubkey(xca);
EVP_PKEY_copy_parameters(upkey, pkey);
- EVP_PKEY_free(upkey);
if (!X509_STORE_CTX_init(&xsc, ctx, x, NULL)) {
BIO_printf(bio_err, "Error initialising X509 store\n");
if (X509_gmtime_adj(X509_get_notBefore(x), 0) == NULL)
goto err;
- if (X509_gmtime_adj(X509_get_notAfter(x), (long)60 * 60 * 24 * days) ==
- NULL)
+ if (X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL) == NULL)
goto err;
if (!X509_set_pubkey(x, pkey))