ViewVC Help
View File | Revision Log | Show Annotations | Download File | View Changeset | Root Listing
root/src/vendor-crypto/openssl/dist/apps/crl.c
(Generate patch)

Comparing vendor-crypto/openssl/dist/apps/crl.c (file contents):
Revision 12144 by laffer1, Fri Jul 17 14:04:28 2015 UTC vs.
Revision 12145 by laffer1, Sat Jan 19 19:57:38 2019 UTC

# Line 96 | Line 96 | static const char *crl_usage[] = {
96      NULL
97   };
98  
99 static X509_CRL *load_crl(char *file, int format);
99   static BIO *bio_out = NULL;
100  
101   int MAIN(int, char **);
# Line 106 | Line 105 | int MAIN(int argc, char **argv)
105      unsigned long nmflag = 0;
106      X509_CRL *x = NULL;
107      char *CAfile = NULL, *CApath = NULL;
108 <    int ret = 1, i, num, badops = 0;
108 >    int ret = 1, i, num, badops = 0, badsig = 0;
109      BIO *out = NULL;
110 <    int informat, outformat;
111 <    char *infile = NULL, *outfile = NULL;
110 >    int informat, outformat, keyformat;
111 >    char *infile = NULL, *outfile = NULL, *crldiff = NULL, *keyfile = NULL;
112      int hash = 0, issuer = 0, lastupdate = 0, nextupdate = 0, noout =
113          0, text = 0;
114   #ifndef OPENSSL_NO_MD5
# Line 147 | Line 146 | int MAIN(int argc, char **argv)
146  
147      informat = FORMAT_PEM;
148      outformat = FORMAT_PEM;
149 +    keyformat = FORMAT_PEM;
150  
151      argc--;
152      argv++;
# Line 173 | Line 173 | int MAIN(int argc, char **argv)
173              if (--argc < 1)
174                  goto bad;
175              infile = *(++argv);
176 +        } else if (strcmp(*argv, "-gendelta") == 0) {
177 +            if (--argc < 1)
178 +                goto bad;
179 +            crldiff = *(++argv);
180 +        } else if (strcmp(*argv, "-key") == 0) {
181 +            if (--argc < 1)
182 +                goto bad;
183 +            keyfile = *(++argv);
184 +        } else if (strcmp(*argv, "-keyform") == 0) {
185 +            if (--argc < 1)
186 +                goto bad;
187 +            keyformat = str2fmt(*(++argv));
188          } else if (strcmp(*argv, "-out") == 0) {
189              if (--argc < 1)
190                  goto bad;
# Line 214 | Line 226 | int MAIN(int argc, char **argv)
226              fingerprint = ++num;
227          else if (strcmp(*argv, "-crlnumber") == 0)
228              crlnumber = ++num;
229 +        else if (strcmp(*argv, "-badsig") == 0)
230 +            badsig = 1;
231          else if ((md_alg = EVP_get_digestbyname(*argv + 1))) {
232              /* ok */
233              digest = md_alg;
# Line 281 | Line 295 | int MAIN(int argc, char **argv)
295              BIO_printf(bio_err, "verify OK\n");
296      }
297  
298 +    if (crldiff) {
299 +        X509_CRL *newcrl, *delta;
300 +        if (!keyfile) {
301 +            BIO_puts(bio_err, "Missing CRL signing key\n");
302 +            goto end;
303 +        }
304 +        newcrl = load_crl(crldiff, informat);
305 +        if (!newcrl)
306 +            goto end;
307 +        pkey = load_key(bio_err, keyfile, keyformat, 0, NULL, NULL,
308 +                        "CRL signing key");
309 +        if (!pkey) {
310 +            X509_CRL_free(newcrl);
311 +            goto end;
312 +        }
313 +        delta = X509_CRL_diff(x, newcrl, pkey, digest, 0);
314 +        X509_CRL_free(newcrl);
315 +        EVP_PKEY_free(pkey);
316 +        if (delta) {
317 +            X509_CRL_free(x);
318 +            x = delta;
319 +        } else {
320 +            BIO_puts(bio_err, "Error creating delta CRL\n");
321 +            goto end;
322 +        }
323 +    }
324 +
325      if (num) {
326          for (i = 1; i <= num; i++) {
327              if (issuer == i) {
# Line 369 | Line 410 | int MAIN(int argc, char **argv)
410          goto end;
411      }
412  
413 +    if (badsig)
414 +        x->signature->data[x->signature->length - 1] ^= 0x1;
415 +
416      if (outformat == FORMAT_ASN1)
417          i = (int)i2d_X509_CRL_bio(out, x);
418      else if (outformat == FORMAT_PEM)
# Line 383 | Line 427 | int MAIN(int argc, char **argv)
427      }
428      ret = 0;
429   end:
430 +    if (ret != 0)
431 +        ERR_print_errors(bio_err);
432      BIO_free_all(out);
433      BIO_free_all(bio_out);
434      bio_out = NULL;
# Line 393 | Line 439 | int MAIN(int argc, char **argv)
439      }
440      apps_shutdown();
441      OPENSSL_EXIT(ret);
396 }
397
398 static X509_CRL *load_crl(char *infile, int format)
399 {
400    X509_CRL *x = NULL;
401    BIO *in = NULL;
402
403    in = BIO_new(BIO_s_file());
404    if (in == NULL) {
405        ERR_print_errors(bio_err);
406        goto end;
407    }
408
409    if (infile == NULL)
410        BIO_set_fp(in, stdin, BIO_NOCLOSE);
411    else {
412        if (BIO_read_filename(in, infile) <= 0) {
413            perror(infile);
414            goto end;
415        }
416    }
417    if (format == FORMAT_ASN1)
418        x = d2i_X509_CRL_bio(in, NULL);
419    else if (format == FORMAT_PEM)
420        x = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
421    else {
422        BIO_printf(bio_err, "bad input format specified for input crl\n");
423        goto end;
424    }
425    if (x == NULL) {
426        BIO_printf(bio_err, "unable to load CRL\n");
427        ERR_print_errors(bio_err);
428        goto end;
429    }
430
431 end:
432    BIO_free(in);
433    return (x);
442   }

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines