X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fcrl.c;h=888cf7ff8d35bf59fdfe648f0903da1eaa59f133;hp=00946b4d20fc2370cb9636ac9e41594a45e6af2f;hb=95ea53186413c293d981ec1b042954a5fa47d8b7;hpb=c0455cbb180e4662a734f11dbcb1f94beb2376a9;ds=sidebyside diff --git a/apps/crl.c b/apps/crl.c index 00946b4d20..888cf7ff8d 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -72,7 +72,7 @@ #undef POSTFIX #define POSTFIX ".rvk" -static char *crl_usage[]={ +static const char *crl_usage[]={ "usage: crl args\n", "\n", " -inform arg - input format - default PEM (DER or PEM)\n", @@ -81,9 +81,11 @@ static char *crl_usage[]={ " -in arg - input file - default stdin\n", " -out arg - output file - default stdout\n", " -hash - print hash value\n", +" -fingerprint - print the crl fingerprint\n", " -issuer - print issuer DN\n", " -lastupdate - lastUpdate field\n", " -nextupdate - nextUpdate field\n", +" -crlnumber - print CRL number\n", " -noout - no CRL output\n", " -CAfile name - verify CRL using certificates in file \"name\"\n", " -CApath dir - verify CRL using certificates in \"dir\"\n", @@ -106,15 +108,15 @@ int MAIN(int argc, char **argv) int informat,outformat; char *infile=NULL,*outfile=NULL; int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0; - int fingerprint = 0; - char **pp; + int fingerprint = 0, crlnumber = 0; + const char **pp; X509_STORE *store = NULL; X509_STORE_CTX ctx; X509_LOOKUP *lookup = NULL; X509_OBJECT xobj; EVP_PKEY *pkey; int do_ver = 0; - const EVP_MD *md_alg,*digest=EVP_md5(); + const EVP_MD *md_alg,*digest=EVP_sha1(); apps_startup(); @@ -205,6 +207,8 @@ int MAIN(int argc, char **argv) noout= ++num; else if (strcmp(*argv,"-fingerprint") == 0) fingerprint= ++num; + else if (strcmp(*argv,"-crlnumber") == 0) + crlnumber= ++num; else if ((md_alg=EVP_get_digestbyname(*argv + 1))) { /* ok */ @@ -280,7 +284,21 @@ bad: { print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag); } - + if (crlnumber == i) + { + ASN1_INTEGER *crlnum; + crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number, + NULL, NULL); + BIO_printf(bio_out,"crlNumber="); + if (crlnum) + { + i2a_ASN1_INTEGER(bio_out, crlnum); + ASN1_INTEGER_free(crlnum); + } + else + BIO_puts(bio_out, ""); + BIO_printf(bio_out,"\n"); + } if (hash == i) { BIO_printf(bio_out,"%08lx\n", @@ -354,7 +372,11 @@ bad: if (text) X509_CRL_print(out, x); - if (noout) goto end; + if (noout) + { + ret = 0; + goto end; + } if (outformat == FORMAT_ASN1) i=(int)i2d_X509_CRL_bio(out,x); @@ -377,7 +399,7 @@ end: X509_STORE_free(store); } apps_shutdown(); - EXIT(ret); + OPENSSL_EXIT(ret); } static X509_CRL *load_crl(char *infile, int format) @@ -385,6 +407,12 @@ static X509_CRL *load_crl(char *infile, int format) X509_CRL *x=NULL; BIO *in=NULL; + if (format == FORMAT_HTTP) + { + load_cert_crl_http(infile, bio_err, NULL, &x); + return x; + } + in=BIO_new(BIO_s_file()); if (in == NULL) {