#undef POSTFIX
#define POSTFIX ".rvk"
-static char *crl_usage[]={
+static const char *crl_usage[]={
"usage: crl args\n",
"\n",
" -inform arg - input format - default PEM (DER or PEM)\n",
" -in arg - input file - default stdin\n",
" -out arg - output file - default stdout\n",
" -hash - print hash value\n",
+" -fingerprint - print the crl fingerprint\n",
" -issuer - print issuer DN\n",
" -lastupdate - lastUpdate field\n",
" -nextupdate - nextUpdate field\n",
+" -crlnumber - print CRL number\n",
" -noout - no CRL output\n",
" -CAfile name - verify CRL using certificates in file \"name\"\n",
" -CApath dir - verify CRL using certificates in \"dir\"\n",
int informat,outformat;
char *infile=NULL,*outfile=NULL;
int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
- int fingerprint = 0;
- char **pp;
+ int fingerprint = 0, crlnumber = 0;
+ const char **pp;
X509_STORE *store = NULL;
X509_STORE_CTX ctx;
X509_LOOKUP *lookup = NULL;
X509_OBJECT xobj;
EVP_PKEY *pkey;
int do_ver = 0;
- const EVP_MD *md_alg,*digest=EVP_md5();
+ const EVP_MD *md_alg,*digest=EVP_sha1();
apps_startup();
noout= ++num;
else if (strcmp(*argv,"-fingerprint") == 0)
fingerprint= ++num;
+ else if (strcmp(*argv,"-crlnumber") == 0)
+ crlnumber= ++num;
else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
{
/* ok */
{
print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag);
}
-
+ if (crlnumber == i)
+ {
+ ASN1_INTEGER *crlnum;
+ crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number,
+ NULL, NULL);
+ BIO_printf(bio_out,"crlNumber=");
+ if (crlnum)
+ {
+ i2a_ASN1_INTEGER(bio_out, crlnum);
+ ASN1_INTEGER_free(crlnum);
+ }
+ else
+ BIO_puts(bio_out, "<NONE>");
+ BIO_printf(bio_out,"\n");
+ }
if (hash == i)
{
BIO_printf(bio_out,"%08lx\n",
if (text) X509_CRL_print(out, x);
- if (noout) goto end;
+ if (noout)
+ {
+ ret = 0;
+ goto end;
+ }
if (outformat == FORMAT_ASN1)
i=(int)i2d_X509_CRL_bio(out,x);