From: Dr. Stephen Henson Date: Wed, 21 Apr 2004 12:46:20 +0000 (+0000) Subject: New option to 'x509' -next_serial. This outputs the certificate X-Git-Tag: BEN_FIPS_TEST_6~14^2~286 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=77475142ec8eb3be8eb0c543b7a49d21b29b12f8;ds=sidebyside New option to 'x509' -next_serial. This outputs the certificate serial number plus 1 to the output file. Its purpose is to allow serial number files to be initialized when random serial numbers are used. --- diff --git a/apps/x509.c b/apps/x509.c index 4869b14025..6e652177d8 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -172,6 +172,7 @@ int MAIN(int argc, char **argv) char *CAkeyfile=NULL,*CAserial=NULL; char *alias=NULL; int text=0,serial=0,subject=0,issuer=0,startdate=0,enddate=0; + int next_serial=0; int subject_hash=0,issuer_hash=0,ocspid=0; int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0; int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0; @@ -375,6 +376,8 @@ int MAIN(int argc, char **argv) email= ++num; else if (strcmp(*argv,"-serial") == 0) serial= ++num; + else if (strcmp(*argv,"-next_serial") == 0) + next_serial= ++num; else if (strcmp(*argv,"-modulus") == 0) modulus= ++num; else if (strcmp(*argv,"-pubkey") == 0) @@ -624,7 +627,7 @@ bad: if (xca == NULL) goto end; } - if (!noout || text) + if (!noout || text || next_serial) { OBJ_create("2.99999.3", "SET.ex3","SET x509v3 extension 3"); @@ -699,6 +702,24 @@ bad: X509_get_serialNumber(x)); BIO_printf(STDout,"\n"); } + else if (next_serial == i) + { + BIGNUM *bnser; + ASN1_INTEGER *ser; + ser = X509_get_serialNumber(x); + bnser = ASN1_INTEGER_to_BN(ser, NULL); + if (!bnser) + goto end; + if (!BN_add_word(bnser, 1)) + goto end; + ser = BN_to_ASN1_INTEGER(bnser, NULL); + if (!ser) + goto end; + BN_free(bnser); + i2a_ASN1_INTEGER(out, ser); + ASN1_INTEGER_free(ser); + BIO_puts(out, "\n"); + } else if (email == i) { int j;