Commit 77475142 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

New option to 'x509' -next_serial. This outputs the certificate 

serial number plus 1 to the output file. Its purpose is to allow
serial number files to be initialized when random serial numbers
are used.
parent 90fac840

apps/x509.c

+22 −1
Original line number Diff line number Diff line
@@ -172,6 +172,7 @@ int MAIN(int argc, char **argv) 
	char *CAkeyfile=NULL,*CAserial=NULL;

	char *alias=NULL;

	int text=0,serial=0,subject=0,issuer=0,startdate=0,enddate=0;

	int next_serial=0;

	int subject_hash=0,issuer_hash=0,ocspid=0;

	int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0;

	int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0;
@@ -375,6 +376,8 @@ int MAIN(int argc, char **argv) 
			email= ++num;

		else if (strcmp(*argv,"-serial") == 0)

			serial= ++num;

		else if (strcmp(*argv,"-next_serial") == 0)

			next_serial= ++num;

		else if (strcmp(*argv,"-modulus") == 0)

			modulus= ++num;

		else if (strcmp(*argv,"-pubkey") == 0)
@@ -624,7 +627,7 @@ bad: 
		if (xca == NULL) goto end;

		}



	if (!noout || text)

	if (!noout || text || next_serial)

		{

		OBJ_create("2.99999.3",

			"SET.ex3","SET x509v3 extension 3");
@@ -699,6 +702,24 @@ bad: 
					X509_get_serialNumber(x));

				BIO_printf(STDout,"\n");

				}

			else if (next_serial == i)

				{

				BIGNUM *bnser;

				ASN1_INTEGER *ser;

				ser = X509_get_serialNumber(x);

				bnser = ASN1_INTEGER_to_BN(ser, NULL);

				if (!bnser)

					goto end;

				if (!BN_add_word(bnser, 1))

					goto end;

				ser = BN_to_ASN1_INTEGER(bnser, NULL);

				if (!ser)

					goto end;

				BN_free(bnser);

				i2a_ASN1_INTEGER(out, ser);

				ASN1_INTEGER_free(ser);

				BIO_puts(out, "\n");

				}

			else if (email == i) 

				{

				int j;