Add -issuer_hash and make -subject_hash the default way to get the
authorRichard Levitte <levitte@openssl.org>
Thu, 3 Jul 2003 20:45:09 +0000 (20:45 +0000)
committerRichard Levitte <levitte@openssl.org>
Thu, 3 Jul 2003 20:45:09 +0000 (20:45 +0000)
subject hash, with -hash a synonym kept around for backward
compatibility reasons.
PR: 650

apps/x509.c
doc/apps/x509.pod

index ed9e40574aabbca9ff3d5d07b75fc09ef13566f0..f0ef5596fac9d8c41e68d769ba8c063989f0ba98 100644 (file)
@@ -92,7 +92,9 @@ static char *x509_usage[]={
 " -out arg        - output file - default stdout\n",
 " -passin arg     - private key password source\n",
 " -serial         - print serial number value\n",
-" -hash           - print hash value\n",
+" -subject_hash   - print subject hash value\n",
+" -issuer_hash    - print issuer hash value\n",
+" -hash           - synonym for -subject_hash\n",
 " -subject        - print subject DN\n",
 " -issuer         - print issuer DN\n",
 " -email          - print email address(es)\n",
@@ -167,8 +169,8 @@ int MAIN(int argc, char **argv)
        char *infile=NULL,*outfile=NULL,*keyfile=NULL,*CAfile=NULL;
        char *CAkeyfile=NULL,*CAserial=NULL;
        char *alias=NULL;
-       int text=0,serial=0,hash=0,subject=0,issuer=0,startdate=0,enddate=0;
-       int ocspid=0;
+       int text=0,serial=0,subject=0,issuer=0,startdate=0,enddate=0;
+       int subject_hash=0,issuer_hash=0,ocspid=0;
        int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0;
        int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0;
        int C=0;
@@ -379,8 +381,11 @@ int MAIN(int argc, char **argv)
                        x509req= ++num;
                else if (strcmp(*argv,"-text") == 0)
                        text= ++num;
-               else if (strcmp(*argv,"-hash") == 0)
-                       hash= ++num;
+               else if (strcmp(*argv,"-hash") == 0
+                       || strcmp(*argv,"-subject_hash") == 0)
+                       subject_hash= ++num;
+               else if (strcmp(*argv,"-issuer_hash") == 0)
+                       issuer_hash= ++num;
                else if (strcmp(*argv,"-subject") == 0)
                        subject= ++num;
                else if (strcmp(*argv,"-issuer") == 0)
@@ -707,10 +712,14 @@ bad:
                                if (alstr) BIO_printf(STDout,"%s\n", alstr);
                                else BIO_puts(STDout,"<No Alias>\n");
                                }
-                       else if (hash == i)
+                       else if (subject_hash == i)
                                {
                                BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x));
                                }
+                       else if (issuer_hash == i)
+                               {
+                               BIO_printf(STDout,"%08lx\n",X509_issuer_name_hash(x));
+                               }
                        else if (pprint == i)
                                {
                                X509_PURPOSE *ptmp;
index 50343cd68543b3e941563067942ab55c801df852..21bdfccb9a6919a35fb413ab8e6154991acbc15c 100644 (file)
@@ -17,6 +17,8 @@ B<openssl> B<x509>
 [B<-out filename>]
 [B<-serial>]
 [B<-hash>]
+[B<-subject_hash>]
+[B<-issuer_hash>]
 [B<-subject>]
 [B<-issuer>]
 [B<-nameopt option>]
@@ -141,12 +143,20 @@ contained in the certificate.
 
 outputs the certificate serial number.
 
-=item B<-hash>
+=item B<-subject_hash>
 
 outputs the "hash" of the certificate subject name. This is used in OpenSSL to
 form an index to allow certificates in a directory to be looked up by subject
 name.
 
+=item B<-issuer_hash>
+
+outputs the "hash" of the certificate issuer name.
+
+=item B<-hash>
+
+synonym for "-hash" for backward compatibility reasons.
+
 =item B<-subject>
 
 outputs the subject name.