diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-12-28 11:27:31 +0100 |
|---|---|---|
| committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-01-13 09:09:36 +0100 |
| commit | bf973d0697e61a44dc46d08b0421a08a8cb61887 (patch) | |
| tree | 023ed993172263fa1c261e8321d77b325380d95f /apps/crl.c | |
| parent | 5a2d0ef36f4c130758a9d5e84f93004458e3ce60 (diff) | |
| download | openssl-bf973d0697e61a44dc46d08b0421a08a8cb61887.tar.gz | |
Add X509_NAME_hash_ex() to be able to check if it failed due to unsupported SHA1
Deprecate X509_NAME_hash()
Document X509_NAME_hash_ex(), X509_NAME_hash(), X509_{subject,issuer}_name_hash()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13762)
Diffstat (limited to 'apps/crl.c')
| -rw-r--r-- | apps/crl.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/apps/crl.c b/apps/crl.c index 0daded01e3..58d63e71d5 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -287,22 +287,33 @@ int crl_main(int argc, char **argv) } if (crlnumber == i) { ASN1_INTEGER *crlnum; + crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number, NULL, NULL); BIO_printf(bio_out, "crlNumber="); if (crlnum) { BIO_puts(bio_out, "0x"); i2a_ASN1_INTEGER(bio_out, crlnum); ASN1_INTEGER_free(crlnum); - } else + } else { BIO_puts(bio_out, "<NONE>"); + } BIO_printf(bio_out, "\n"); } if (hash == i) { - BIO_printf(bio_out, "%08lx\n", - X509_NAME_hash(X509_CRL_get_issuer(x))); + int ok; + unsigned long hash_value = + X509_NAME_hash_ex(X509_CRL_get_issuer(x), app_get0_libctx(), + app_get0_propq(), &ok); + + BIO_printf(bio_out, "issuer name hash="); + if (ok) + BIO_printf(bio_out, "%08lx\n", hash_value); + else + BIO_puts(bio_out, "<ERROR>"); } #ifndef OPENSSL_NO_MD5 if (hash_old == i) { + BIO_printf(bio_out, "issuer name old hash="); BIO_printf(bio_out, "%08lx\n", X509_NAME_hash_old(X509_CRL_get_issuer(x))); } |