Commit 94805c84 authored by Richard Levitte's avatar Richard Levitte
Browse files

Add -issuer_hash and make -subject_hash the default way to get the 

subject hash, with -hash a synonym kept around for backward
compatibility reasons.
PR: 650
parent 6f2f534b

apps/x509.c

+15 −6
Original line number Diff line number Diff line
@@ -92,7 +92,9 @@ static char *x509_usage[]={ 
" -out arg        - output file - default stdout\n",

" -passin arg     - private key password source\n",

" -serial         - print serial number value\n",

" -hash           - print hash value\n",

" -subject_hash   - print subject hash value\n",

" -issuer_hash    - print issuer hash value\n",

" -hash           - synonym for -subject_hash\n",

" -subject        - print subject DN\n",

" -issuer         - print issuer DN\n",

" -email          - print email address(es)\n",
@@ -167,8 +169,8 @@ int MAIN(int argc, char **argv) 
	char *infile=NULL,*outfile=NULL,*keyfile=NULL,*CAfile=NULL;

	char *CAkeyfile=NULL,*CAserial=NULL;

	char *alias=NULL;

	int text=0,serial=0,hash=0,subject=0,issuer=0,startdate=0,enddate=0;

	int ocspid=0;

	int text=0,serial=0,subject=0,issuer=0,startdate=0,enddate=0;

	int subject_hash=0,issuer_hash=0,ocspid=0;

	int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0;

	int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0;

	int C=0;
@@ -379,8 +381,11 @@ int MAIN(int argc, char **argv) 
			x509req= ++num;

		else if (strcmp(*argv,"-text") == 0)

			text= ++num;

		else if (strcmp(*argv,"-hash") == 0)

			hash= ++num;

		else if (strcmp(*argv,"-hash") == 0

			|| strcmp(*argv,"-subject_hash") == 0)

			subject_hash= ++num;

		else if (strcmp(*argv,"-issuer_hash") == 0)

			issuer_hash= ++num;

		else if (strcmp(*argv,"-subject") == 0)

			subject= ++num;

		else if (strcmp(*argv,"-issuer") == 0)
@@ -707,10 +712,14 @@ bad: 
				if (alstr) BIO_printf(STDout,"%s\n", alstr);

				else BIO_puts(STDout,"<No Alias>\n");

				}

			else if (hash == i)

			else if (subject_hash == i)

				{

				BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x));

				}

			else if (issuer_hash == i)

				{

				BIO_printf(STDout,"%08lx\n",X509_issuer_name_hash(x));

				}

			else if (pprint == i)

				{

				X509_PURPOSE *ptmp;

doc/apps/x509.pod

+11 −1
Original line number Diff line number Diff line
@@ -17,6 +17,8 @@ B<openssl> B<x509> 
[B<-out filename>]

[B<-serial>]

[B<-hash>]

[B<-subject_hash>]

[B<-issuer_hash>]

[B<-subject>]

[B<-issuer>]

[B<-nameopt option>]
@@ -141,12 +143,20 @@ contained in the certificate. 


outputs the certificate serial number.



=item B<-hash>

=item B<-subject_hash>



outputs the "hash" of the certificate subject name. This is used in OpenSSL to

form an index to allow certificates in a directory to be looked up by subject

name.



=item B<-issuer_hash>



outputs the "hash" of the certificate issuer name.



=item B<-hash>



synonym for "-hash" for backward compatibility reasons.



=item B<-subject>



outputs the subject name.