New option to 'x509' -next_serial. This outputs the certificate
authorDr. Stephen Henson <steve@openssl.org>
Wed, 21 Apr 2004 12:46:20 +0000 (12:46 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 21 Apr 2004 12:46:20 +0000 (12:46 +0000)
serial number plus 1 to the output file. Its purpose is to allow
serial number files to be initialized when random serial numbers
are used.

apps/x509.c

index 4869b14..6e65217 100644 (file)
@@ -172,6 +172,7 @@ int MAIN(int argc, char **argv)
        char *CAkeyfile=NULL,*CAserial=NULL;
        char *alias=NULL;
        int text=0,serial=0,subject=0,issuer=0,startdate=0,enddate=0;
+       int next_serial=0;
        int subject_hash=0,issuer_hash=0,ocspid=0;
        int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0;
        int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0;
@@ -375,6 +376,8 @@ int MAIN(int argc, char **argv)
                        email= ++num;
                else if (strcmp(*argv,"-serial") == 0)
                        serial= ++num;
+               else if (strcmp(*argv,"-next_serial") == 0)
+                       next_serial= ++num;
                else if (strcmp(*argv,"-modulus") == 0)
                        modulus= ++num;
                else if (strcmp(*argv,"-pubkey") == 0)
@@ -624,7 +627,7 @@ bad:
                if (xca == NULL) goto end;
                }
 
-       if (!noout || text)
+       if (!noout || text || next_serial)
                {
                OBJ_create("2.99999.3",
                        "SET.ex3","SET x509v3 extension 3");
@@ -699,6 +702,24 @@ bad:
                                        X509_get_serialNumber(x));
                                BIO_printf(STDout,"\n");
                                }
+                       else if (next_serial == i)
+                               {
+                               BIGNUM *bnser;
+                               ASN1_INTEGER *ser;
+                               ser = X509_get_serialNumber(x);
+                               bnser = ASN1_INTEGER_to_BN(ser, NULL);
+                               if (!bnser)
+                                       goto end;
+                               if (!BN_add_word(bnser, 1))
+                                       goto end;
+                               ser = BN_to_ASN1_INTEGER(bnser, NULL);
+                               if (!ser)
+                                       goto end;
+                               BN_free(bnser);
+                               i2a_ASN1_INTEGER(out, ser);
+                               ASN1_INTEGER_free(ser);
+                               BIO_puts(out, "\n");
+                               }
                        else if (email == i) 
                                {
                                int j;