Lines Matching +full:row +full:- +full:hold
2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
81 REV_VALID = -1, /* Valid (not-revoked) status */
84 REV_HOLD = 2, /* Value is hold instruction */
164 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [certreq...]\n"},
167 {"help", OPT_HELP, '-', "Display this summary"},
168 {"verbose", OPT_VERBOSE, '-', "Verbose output during processing"},
172 {"infiles", OPT_INFILES, '-', "The last argument, requests to process"},
175 {"notext", OPT_NOTEXT, '-', "Do not print the generated certificate"},
176 {"batch", OPT_BATCH, '-', "Don't ask questions"},
177 {"msie_hack", OPT_MSIE_HACK, '-',
189 {"section", OPT_NAME, 's', "An alias for -name"},
194 {"utf8", OPT_UTF8, '-', "Input characters are UTF8; default ASCII"},
195 {"create_serial", OPT_CREATE_SERIAL, '-',
197 {"rand_serial", OPT_RAND_SERIAL, '-',
199 {"multivalue-rdn", OPT_MULTIVALUE_RDN, '-',
200 "Deprecated; multi-valued RDNs support is always on."},
203 "YYMMDDHHMMSSZ cert notAfter (overrides -days)"},
209 {"preserveDN", OPT_PRESERVEDN, '-', "Don't re-order the DN"},
210 {"noemailDN", OPT_NOEMAILDN, '-', "Don't add the EMAIL field to the DN"},
219 "Key to decrypt the private key or cert files if encrypted. Better use -passin"},
223 {"selfsign", OPT_SELFSIGN, '-',
229 {"gencrl", OPT_GENCRL, '-', "Generate a new CRL"},
231 "Add a Valid(not-revoked) DB entry about a cert (given in file)"},
233 {"updatedb", OPT_UPDATEDB, '-', "Updates db for expired cert"},
238 "the hold instruction, an OID. Sets revocation reason to certificateHold"},
311 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); in ca_main()
490 rev_type = (o - OPT_CRL_REASON) + REV_CRL_REASON; in ca_main()
703 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { in ca_main()
704 pp = sk_OPENSSL_PSTRING_value(db->db->data, i); in ca_main()
722 if (*p == '-') { in ca_main()
724 j--; in ca_main()
741 TXT_DB_write(bio_out, db->db); in ca_main()
743 sk_OPENSSL_PSTRING_num(db->db->data)); in ca_main()
757 if (i == -1) { in ca_main()
874 * no '-extfile' option, so we look for extensions in the main in ca_main()
1228 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { in ca_main()
1229 pp = sk_OPENSSL_PSTRING_value(db->db->data, i); in ca_main()
1392 int ok = -1, i; in certify()
1450 int ok = -1, i; in certify_cert()
1509 int ok = -1, i, j, last, nid; in do_body()
1512 OPENSSL_STRING row[DB_NUMBER]; in do_body() local
1519 row[i] = NULL; in do_body()
1543 if (str->type == V_ASN1_UNIVERSALSTRING) in do_body()
1546 if (str->type == V_ASN1_IA5STRING && nid != NID_pkcs9_emailAddress) in do_body()
1547 str->type = V_ASN1_T61STRING; in do_body()
1550 && str->type == V_ASN1_PRINTABLESTRING) in do_body()
1551 str->type = V_ASN1_IA5STRING; in do_body()
1559 if (nid == NID_pkcs9_emailAddress && str->type != V_ASN1_IA5STRING) { in do_body()
1564 if (str->type != V_ASN1_BMPSTRING && str->type != V_ASN1_UTF8STRING) { in do_body()
1565 j = ASN1_PRINTABLE_type(str->data, str->length); in do_body()
1566 if ((j == V_ASN1_T61STRING && str->type != V_ASN1_T61STRING) || in do_body()
1567 (j == V_ASN1_IA5STRING && str->type == V_ASN1_PRINTABLESTRING)) in do_body()
1596 if ((j = OBJ_txt2nid(cv->name)) == NID_undef) { in do_body()
1599 cv->name); in do_body()
1604 last = -1; in do_body()
1611 if (last != -1) in do_body()
1620 if (strcmp(cv->value, "optional") == 0) { in do_body()
1623 } else if (strcmp(cv->value, "supplied") == 0) { in do_body()
1627 cv->name); in do_body()
1632 } else if (strcmp(cv->value, "match") == 0) { in do_body()
1638 cv->name); in do_body()
1642 last2 = -1; in do_body()
1646 if ((j < 0) && (last2 == -1)) { in do_body()
1649 "the 'policy' is misconfigured\n", cv->name); in do_body()
1664 cv->name, in do_body()
1665 ((str2 == NULL) ? "NULL" : (char *)str2->data), in do_body()
1666 ((str == NULL) ? "NULL" : (char *)str->data)); in do_body()
1672 cv->value); in do_body()
1677 if (!X509_NAME_add_entry(subject, push, -1, 0)) { in do_body()
1783 /* Build the correct Subject if no e-mail is wanted in the subject. */ in do_body()
1796 i = -1; in do_body()
1800 tmpne = X509_NAME_delete_entry(dn_subject, i--); in do_body()
1811 row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0); in do_body()
1812 if (row[DB_name] == NULL) { in do_body()
1818 row[DB_serial] = OPENSSL_strdup("00"); in do_body()
1820 row[DB_serial] = BN_bn2hex(serial); in do_body()
1821 if (row[DB_serial] == NULL) { in do_body()
1826 if (row[DB_name][0] == '\0') { in do_body()
1832 OPENSSL_free(row[DB_name]); in do_body()
1833 row[DB_name] = OPENSSL_strdup(row[DB_serial]); in do_body()
1834 if (row[DB_name] == NULL) { in do_body()
1840 if (db->attributes.unique_subject) { in do_body()
1841 OPENSSL_STRING *crow = row; in do_body()
1843 rrow = TXT_DB_get_by_index(db->db, DB_name, crow); in do_body()
1847 row[DB_name]); in do_body()
1851 rrow = TXT_DB_get_by_index(db->db, DB_serial, row); in do_body()
1855 row[DB_serial]); in do_body()
1894 ok = -1; /* This is now a 'bad' error. */ in do_body()
1940 row[DB_type] = OPENSSL_strdup("V"); in do_body()
1942 row[DB_exp_date] = app_malloc(tm->length + 1, "row expdate"); in do_body()
1943 memcpy(row[DB_exp_date], tm->data, tm->length); in do_body()
1944 row[DB_exp_date][tm->length] = '\0'; in do_body()
1945 row[DB_rev_date] = NULL; in do_body()
1946 row[DB_file] = OPENSSL_strdup("unknown"); in do_body()
1947 if ((row[DB_type] == NULL) || (row[DB_file] == NULL) in do_body()
1948 || (row[DB_name] == NULL)) { in do_body()
1953 irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row space"); in do_body()
1955 irow[i] = row[i]; in do_body()
1958 if (!TXT_DB_insert(db->db, irow)) { in do_body()
1960 BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error); in do_body()
1968 OPENSSL_free(row[i]); in do_body()
2012 int ok = -1, i, j; in certify_spkac()
2054 type = cv->name; in certify_spkac()
2058 for (buf = cv->name; *buf; buf++) in certify_spkac()
2066 buf = cv->value; in certify_spkac()
2069 spki = NETSCAPE_SPKI_b64_decode(cv->value, -1); in certify_spkac()
2080 (unsigned char *)buf, -1, -1, 0)) in certify_spkac()
2133 char *row[DB_NUMBER], **rrow, **irow; in do_revoke() local
2136 int ok = -1, i; in do_revoke()
2139 row[i] = NULL; in do_revoke()
2140 row[DB_name] = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0); in do_revoke()
2145 row[DB_serial] = OPENSSL_strdup("00"); in do_revoke()
2147 row[DB_serial] = BN_bn2hex(bn); in do_revoke()
2149 if (row[DB_name] != NULL && row[DB_name][0] == '\0') { in do_revoke()
2151 OPENSSL_free(row[DB_name]); in do_revoke()
2152 row[DB_name] = OPENSSL_strdup(row[DB_serial]); in do_revoke()
2154 if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) { in do_revoke()
2162 rrow = TXT_DB_get_by_index(db->db, DB_serial, row); in do_revoke()
2166 row[DB_serial], row[DB_name]); in do_revoke()
2169 row[DB_type] = OPENSSL_strdup("V"); in do_revoke()
2171 row[DB_exp_date] = app_malloc(tm->length + 1, "row exp_data"); in do_revoke()
2172 memcpy(row[DB_exp_date], tm->data, tm->length); in do_revoke()
2173 row[DB_exp_date][tm->length] = '\0'; in do_revoke()
2174 row[DB_rev_date] = NULL; in do_revoke()
2175 row[DB_file] = OPENSSL_strdup("unknown"); in do_revoke()
2177 if (row[DB_type] == NULL || row[DB_file] == NULL) { in do_revoke()
2182 irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row ptr"); in do_revoke()
2184 irow[i] = row[i]; in do_revoke()
2187 if (!TXT_DB_insert(db->db, irow)) { in do_revoke()
2189 BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error); in do_revoke()
2195 row[i] = NULL; in do_revoke()
2206 } else if (index_name_cmp_noconst(row, rrow)) { in do_revoke()
2207 BIO_printf(bio_err, "ERROR:name does not match %s\n", row[DB_name]); in do_revoke()
2211 row[DB_serial]); in do_revoke()
2215 row[DB_serial]); in do_revoke()
2231 OPENSSL_free(row[i]); in do_revoke()
2237 char *row[DB_NUMBER], **rrow; in get_certificate_status() local
2238 int ok = -1, i; in get_certificate_status()
2243 row[i] = NULL; in get_certificate_status()
2246 row[DB_serial] = app_malloc(serial_len + 2, "row serial#"); in get_certificate_status()
2252 row[DB_serial][0] = '0'; in get_certificate_status()
2254 /* Copy String from serial to row[DB_serial] */ in get_certificate_status()
2255 memcpy(row[DB_serial] + 1, serial, serial_len); in get_certificate_status()
2256 row[DB_serial][serial_len + 1] = '\0'; in get_certificate_status()
2258 /* Copy String from serial to row[DB_serial] */ in get_certificate_status()
2259 memcpy(row[DB_serial], serial, serial_len); in get_certificate_status()
2260 row[DB_serial][serial_len] = '\0'; in get_certificate_status()
2264 make_uppercase(row[DB_serial]); in get_certificate_status()
2269 rrow = TXT_DB_get_by_index(db->db, DB_serial, row); in get_certificate_status()
2271 BIO_printf(bio_err, "Serial %s not present in db.\n", row[DB_serial]); in get_certificate_status()
2272 ok = -1; in get_certificate_status()
2276 row[DB_serial], rrow[DB_type][0]); in get_certificate_status()
2280 row[DB_serial], rrow[DB_type][0]); in get_certificate_status()
2284 row[DB_serial], rrow[DB_type][0]); in get_certificate_status()
2288 row[DB_serial], rrow[DB_type][0]); in get_certificate_status()
2292 row[DB_serial], rrow[DB_type][0]); in get_certificate_status()
2293 ok = -1; in get_certificate_status()
2297 OPENSSL_free(row[i]); in get_certificate_status()
2310 return -1; in do_updatedb()
2315 return -1; in do_updatedb()
2318 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { in do_updatedb()
2319 rrow = sk_OPENSSL_PSTRING_value(db->db->data, i); in do_updatedb()
2328 return -1; in do_updatedb()
2334 return -1; in do_updatedb()
2440 i = revtm->length + 1; in make_revocation_str()
2448 OPENSSL_strlcpy(str, (char *)revtm->data, i); in make_revocation_str()
2461 /*-
2472 int reason_code = -1; in make_revoked()
2474 ASN1_OBJECT *hold = NULL; in make_revoked() local
2480 i = unpack_revinfo(&revDate, &reason_code, &hold, &comp_time, str); in make_revoked()
2501 if (rev && hold) { in make_revoked()
2503 (rev, NID_hold_instruction_code, hold, 0, 0) <= 0) in make_revoked()
2515 ASN1_OBJECT_free(hold); in make_revoked()
2531 for (j = 22 - j; j > 0; j--) in old_entry_print()
2537 if (str->type == V_ASN1_PRINTABLESTRING) in old_entry_print()
2539 else if (str->type == V_ASN1_T61STRING) in old_entry_print()
2541 else if (str->type == V_ASN1_IA5STRING) in old_entry_print()
2543 else if (str->type == V_ASN1_UNIVERSALSTRING) in old_entry_print()
2546 BIO_printf(bio_err, "ASN.1 %2d:'", str->type); in old_entry_print()
2548 p = (const char *)str->data; in old_entry_print()
2549 for (j = str->length; j > 0; j--) { in old_entry_print()
2569 int reason_code = -1; in unpack_revinfo()
2572 ASN1_OBJECT *hold = NULL; in unpack_revinfo() local
2621 } else if (reason_code == 8) { /* Hold instruction */ in unpack_revinfo()
2623 BIO_printf(bio_err, "missing hold instruction\n"); in unpack_revinfo()
2627 hold = OBJ_txt2obj(arg_str, 0); in unpack_revinfo()
2629 if (!hold) { in unpack_revinfo()
2634 *phold = hold; in unpack_revinfo()
2636 ASN1_OBJECT_free(hold); in unpack_revinfo()