{"fingerprint", OPT_FINGERPRINT, '-', "Print the crl fingerprint"},
{"crlnumber", OPT_CRLNUMBER, '-', "Print CRL number"},
{"badsig", OPT_BADSIG, '-', "Corrupt last byte of loaded CRL signature (for test)" },
- {"gendelta", OPT_GENDELTA, '<'},
+ {"gendelta", OPT_GENDELTA, '<', "Other CRL to compare/diff to the Input one"},
{"CApath", OPT_CAPATH, '/', "Verify CRL using certificates in dir"},
{"CAfile", OPT_CAFILE, '<', "Verify CRL using certificates in file name"},
{"no-CAfile", OPT_NOCAFILE, '-',
unsigned long nmflag = 0;
char nmflag_set = 0;
char *infile = NULL, *outfile = NULL, *crldiff = NULL, *keyfile = NULL;
- char *CAfile = NULL, *CApath = NULL, *prog;
+ const char *CAfile = NULL, *CApath = NULL, *prog;
OPTION_CHOICE o;
int hash = 0, issuer = 0, lastupdate = 0, nextupdate = 0, noout = 0;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, keyformat = FORMAT_PEM;
}
if (badsig) {
- ASN1_BIT_STRING *sig;
+ const ASN1_BIT_STRING *sig;
- X509_CRL_get0_signature(&sig, NULL, x);
- if (!corrupt_signature(sig))
- goto end;
+ X509_CRL_get0_signature(x, &sig, NULL);
+ corrupt_signature(sig);
}
if (num) {
#endif
if (lastupdate == i) {
BIO_printf(bio_out, "lastUpdate=");
- ASN1_TIME_print(bio_out, X509_CRL_get_lastUpdate(x));
+ ASN1_TIME_print(bio_out, X509_CRL_get0_lastUpdate(x));
BIO_printf(bio_out, "\n");
}
if (nextupdate == i) {
BIO_printf(bio_out, "nextUpdate=");
- if (X509_CRL_get_nextUpdate(x))
- ASN1_TIME_print(bio_out, X509_CRL_get_nextUpdate(x));
+ if (X509_CRL_get0_nextUpdate(x))
+ ASN1_TIME_print(bio_out, X509_CRL_get0_nextUpdate(x));
else
BIO_printf(bio_out, "NONE");
BIO_printf(bio_out, "\n");