Lines Matching +full:serial +full:- +full:number
2 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
58 #define ENV_SERIAL "serial"
83 REV_VALID = -1, /* Valid (not-revoked) status */
99 BIGNUM *serial, const char *subj, unsigned long chtype,
111 BIGNUM *serial, const char *subj, unsigned long chtype,
120 BIGNUM *serial, const char *subj, unsigned long chtype,
127 STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,
165 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [certreq...]\n"},
168 {"help", OPT_HELP, '-', "Display this summary"},
169 {"verbose", OPT_VERBOSE, '-', "Verbose output during processing"},
170 {"quiet", OPT_QUIET, '-', "Terse output during processing"},
175 {"infiles", OPT_INFILES, '-', "The last argument, requests to process"},
178 {"notext", OPT_NOTEXT, '-', "Do not print the generated certificate"},
179 {"batch", OPT_BATCH, '-', "Don't ask questions"},
180 {"msie_hack", OPT_MSIE_HACK, '-',
192 {"section", OPT_NAME, 's', "An alias for -name"},
197 {"utf8", OPT_UTF8, '-', "Input characters are UTF8; default ASCII"},
198 {"create_serial", OPT_CREATE_SERIAL, '-',
199 "If reading serial fails, create a new random serial"},
200 {"rand_serial", OPT_RAND_SERIAL, '-',
201 "Always create a random serial; do not store it"},
202 {"multivalue-rdn", OPT_MULTIVALUE_RDN, '-',
203 "Deprecated; multi-valued RDNs support is always on."},
206 {"not_before", OPT_NOT_BEFORE, 's', "An alias for -startdate"},
208 "[CC]YYMMDDHHMMSSZ value for notAfter certificate field, overrides -days"},
209 {"not_after", OPT_NOT_AFTER, 's', "An alias for -enddate"},
210 {"days", OPT_DAYS, 'p', "Number of days from today to certify the cert for"},
215 {"preserveDN", OPT_PRESERVEDN, '-', "Don't re-order the DN"},
216 {"noemailDN", OPT_NOEMAILDN, '-', "Don't add the EMAIL field to the DN"},
225 "Key to decrypt the private key or cert files if encrypted. Better use -passin"},
229 {"selfsign", OPT_SELFSIGN, '-',
235 {"gencrl", OPT_GENCRL, '-', "Generate a new CRL"},
237 "Add a Valid(not-revoked) DB entry about a cert (given in file)"},
238 {"status", OPT_STATUS, 's', "Shows cert status given the serial number"},
239 {"updatedb", OPT_UPDATEDB, '-', "Updates db for expired cert"},
270 BIGNUM *crlnumber = NULL, *serial = NULL; in ca_main() local
317 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); in ca_main()
501 rev_type = (o - OPT_CRL_REASON) + REV_CRL_REASON; in ca_main()
560 /* report status of cert with serial number given on command line */ in ca_main()
576 BIO_printf(bio_err, "Error verifying serial %s!\n", ser_status); in ca_main()
692 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { in ca_main()
693 pp = sk_OPENSSL_PSTRING_value(db->db->data, i); in ca_main()
711 if (*p == '-') { in ca_main()
713 j--; in ca_main()
716 BIO_printf(bio_err, "entry %d: bad serial number length (%d)\n", in ca_main()
723 "entry %d: bad char 0%o '%c' in serial number\n", in ca_main()
730 TXT_DB_write(bio_out, db->db); in ca_main()
732 sk_OPENSSL_PSTRING_num(db->db->data)); in ca_main()
746 if (i == -1) { in ca_main()
860 * no '-extfile' option, so we look for extensions in the main in ca_main()
896 "Warning: -enddate or -not_after option overriding -days option\n"); in ca_main()
899 if ((serial = BN_new()) == NULL || !rand_serial(serial, NULL)) { in ca_main()
900 BIO_printf(bio_err, "error generating serial number\n"); in ca_main()
904 serial = load_serial(serialfile, NULL, create_ser, NULL); in ca_main()
905 if (serial == NULL) { in ca_main()
906 BIO_printf(bio_err, "error while loading serial number\n"); in ca_main()
910 if (BN_is_zero(serial)) { in ca_main()
911 BIO_printf(bio_err, "next serial number is 00\n"); in ca_main()
913 if ((f = BN_bn2hex(serial)) == NULL) in ca_main()
915 BIO_printf(bio_err, "next serial number is %s\n", f); in ca_main()
933 attribs, db, serial, subj, chtype, multirdn, in ca_main()
942 if (!BN_add_word(serial, 1)) in ca_main()
954 db, serial, subj, chtype, multirdn, email_dn, in ca_main()
963 if (!BN_add_word(serial, 1)) in ca_main()
975 serial, subj, chtype, multirdn, email_dn, startdate, in ca_main()
983 if (!BN_add_word(serial, 1)) in ca_main()
996 serial, subj, chtype, multirdn, email_dn, startdate, in ca_main()
1004 if (!BN_add_word(serial, 1)) { in ca_main()
1017 * and serial number that need updating in ca_main()
1043 && !save_serial(serialfile, "new", serial, NULL)) in ca_main()
1109 /* Rename the database and the serial file */ in ca_main()
1145 BIO_printf(bio_err, "error while loading CRL number\n"); in ca_main()
1185 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { in ca_main()
1186 pp = sk_OPENSSL_PSTRING_value(db->db->data, i); in ca_main()
1195 if (!BN_hex2bn(&serial, pp[DB_serial])) in ca_main()
1197 tmpser = BN_to_ASN1_INTEGER(serial, NULL); in ca_main()
1198 BN_free(serial); in ca_main()
1199 serial = NULL; in ca_main()
1209 * sort the data so it will be written in serial number order in ca_main()
1247 /* we have a CRL number that need updating */ in ca_main()
1312 BN_free(serial); in ca_main()
1340 BIGNUM *serial, const char *subj, unsigned long chtype, in certify() argument
1349 int ok = -1, i; in certify()
1381 ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj, in certify()
1398 BIGNUM *serial, const char *subj, unsigned long chtype, in certify_cert() argument
1407 int ok = -1, i; in certify_cert()
1438 ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj, in certify_cert()
1451 STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial, in do_body() argument
1466 int ok = -1, i, j, last, nid; in do_body()
1500 if (str->type == V_ASN1_UNIVERSALSTRING) in do_body()
1503 if (str->type == V_ASN1_IA5STRING && nid != NID_pkcs9_emailAddress) in do_body()
1504 str->type = V_ASN1_T61STRING; in do_body()
1507 && str->type == V_ASN1_PRINTABLESTRING) in do_body()
1508 str->type = V_ASN1_IA5STRING; in do_body()
1516 if (nid == NID_pkcs9_emailAddress && str->type != V_ASN1_IA5STRING) { in do_body()
1521 if (str->type != V_ASN1_BMPSTRING && str->type != V_ASN1_UTF8STRING) { in do_body()
1522 j = ASN1_PRINTABLE_type(str->data, str->length); in do_body()
1523 if ((j == V_ASN1_T61STRING && str->type != V_ASN1_T61STRING) || in do_body()
1524 (j == V_ASN1_IA5STRING && str->type == V_ASN1_PRINTABLESTRING)) in do_body()
1553 if ((j = OBJ_txt2nid(cv->name)) == NID_undef) { in do_body()
1556 cv->name); in do_body()
1561 last = -1; in do_body()
1568 if (last != -1) in do_body()
1577 if (strcmp(cv->value, "optional") == 0) { in do_body()
1580 } else if (strcmp(cv->value, "supplied") == 0) { in do_body()
1584 cv->name); in do_body()
1589 } else if (strcmp(cv->value, "match") == 0) { in do_body()
1595 cv->name); in do_body()
1599 last2 = -1; in do_body()
1603 if ((j < 0) && (last2 == -1)) { in do_body()
1606 "the 'policy' is misconfigured\n", cv->name); in do_body()
1621 cv->name, in do_body()
1622 ((str2 == NULL) ? "NULL" : (char *)str2->data), in do_body()
1623 ((str == NULL) ? "NULL" : (char *)str->data)); in do_body()
1629 cv->value); in do_body()
1634 if (!X509_NAME_add_entry(subject, push, -1, 0)) { in do_body()
1660 if (BN_to_ASN1_INTEGER(serial, X509_get_serialNumber(ret)) == NULL) in do_body()
1749 /* Build the correct Subject if no e-mail is wanted in the subject. */ in do_body()
1762 i = -1; in do_body()
1766 tmpne = X509_NAME_delete_entry(dn_subject, i--); in do_body()
1783 if (BN_is_zero(serial)) in do_body()
1786 row[DB_serial] = BN_bn2hex(serial); in do_body()
1794 * An empty subject! We'll use the serial number instead. If in do_body()
1806 if (db->attributes.unique_subject) { in do_body()
1809 rrow = TXT_DB_get_by_index(db->db, DB_name, crow); in do_body()
1817 rrow = TXT_DB_get_by_index(db->db, DB_serial, row); in do_body()
1820 "ERROR:Serial number %s has already been issued,\n", in do_body()
1851 BIO_printf(bio_err, "Serial Number :%s\n", p); in do_body()
1860 ok = -1; /* This is now a 'bad' error. */ in do_body()
1908 row[DB_exp_date] = app_malloc(tm->length + 1, "row expdate"); in do_body()
1909 memcpy(row[DB_exp_date], tm->data, tm->length); in do_body()
1910 row[DB_exp_date][tm->length] = '\0'; in do_body()
1924 if (!TXT_DB_insert(db->db, irow)) { in do_body()
1926 BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error); in do_body()
1963 BIGNUM *serial, const char *subj, unsigned long chtype, in certify_spkac() argument
1978 int ok = -1, i, j; in certify_spkac()
2020 type = cv->name; in certify_spkac()
2024 for (buf = cv->name; *buf; buf++) in certify_spkac()
2032 buf = cv->value; in certify_spkac()
2035 spki = NETSCAPE_SPKI_b64_decode(cv->value, -1); in certify_spkac()
2046 (unsigned char *)buf, -1, -1, 0)) in certify_spkac()
2077 ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj, in certify_spkac()
2102 int ok = -1, i; in do_revoke()
2116 /* Entries with empty Subjects actually use the serial number instead */ in do_revoke()
2125 * We have to lookup by serial number because name lookup skips revoked in do_revoke()
2128 rrow = TXT_DB_get_by_index(db->db, DB_serial, row); in do_revoke()
2131 "Adding Entry with serial number %s to DB for %s\n", in do_revoke()
2137 row[DB_exp_date] = app_malloc(tm->length + 1, "row exp_data"); in do_revoke()
2138 memcpy(row[DB_exp_date], tm->data, tm->length); in do_revoke()
2139 row[DB_exp_date][tm->length] = '\0'; in do_revoke()
2153 if (!TXT_DB_insert(db->db, irow)) { in do_revoke()
2155 BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error); in do_revoke()
2176 BIO_printf(bio_err, "ERROR:Already present, serial number %s\n", in do_revoke()
2180 BIO_printf(bio_err, "ERROR:Already revoked, serial number %s\n", in do_revoke()
2201 static int get_certificate_status(const char *serial, CA_DB *db) in get_certificate_status() argument
2204 int ok = -1, i; in get_certificate_status()
2205 size_t serial_len = strlen(serial); in get_certificate_status()
2212 row[DB_serial] = app_malloc(serial_len + 2, "row serial#"); in get_certificate_status()
2220 /* Copy String from serial to row[DB_serial] */ in get_certificate_status()
2221 memcpy(row[DB_serial] + 1, serial, serial_len); in get_certificate_status()
2224 /* Copy String from serial to row[DB_serial] */ in get_certificate_status()
2225 memcpy(row[DB_serial], serial, serial_len); in get_certificate_status()
2235 rrow = TXT_DB_get_by_index(db->db, DB_serial, row); in get_certificate_status()
2237 BIO_printf(bio_err, "Serial %s not present in db.\n", row[DB_serial]); in get_certificate_status()
2238 ok = -1; in get_certificate_status()
2259 ok = -1; in get_certificate_status()
2276 return -1; in do_updatedb()
2281 return -1; in do_updatedb()
2284 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { in do_updatedb()
2285 rrow = sk_OPENSSL_PSTRING_value(db->db->data, i); in do_updatedb()
2294 return -1; in do_updatedb()
2300 return -1; in do_updatedb()
2406 i = revtm->length + 1; in make_revocation_str()
2414 OPENSSL_strlcpy(str, (char *)revtm->data, i); in make_revocation_str()
2427 /*-
2438 int reason_code = -1; in make_revoked()
2497 for (j = 22 - j; j > 0; j--) in old_entry_print()
2503 if (str->type == V_ASN1_PRINTABLESTRING) in old_entry_print()
2505 else if (str->type == V_ASN1_T61STRING) in old_entry_print()
2507 else if (str->type == V_ASN1_IA5STRING) in old_entry_print()
2509 else if (str->type == V_ASN1_UNIVERSALSTRING) in old_entry_print()
2512 BIO_printf(bio_err, "ASN.1 %2d:'", str->type); in old_entry_print()
2514 p = (const char *)str->data; in old_entry_print()
2515 for (j = str->length; j > 0; j--) { in old_entry_print()
2535 int reason_code = -1; in unpack_revinfo()