Lines 43-52
Link Here
|
43 |
#endif |
43 |
#endif |
44 |
|
44 |
|
45 |
#include "openssl-compat.h" |
45 |
#include "openssl-compat.h" |
|
|
46 |
#include <openssl/bn.h> |
46 |
#include <openssl/des.h> |
47 |
#include <openssl/des.h> |
47 |
#include <openssl/pem.h> |
48 |
#include <openssl/pem.h> |
48 |
#include <openssl/pkcs12.h> |
49 |
#include <openssl/pkcs12.h> |
49 |
#include <openssl/rand.h> |
50 |
#include <openssl/rand.h> |
|
|
51 |
#include <openssl/rsa.h> |
50 |
|
52 |
|
51 |
#include "cmdline.h" |
53 |
#include "cmdline.h" |
52 |
#include "util.h" |
54 |
#include "util.h" |
Lines 859-869
static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_fo
Link Here
|
859 |
fprintf(stderr, "Failed to set certificate serial.\n"); |
861 |
fprintf(stderr, "Failed to set certificate serial.\n"); |
860 |
goto selfsign_out; |
862 |
goto selfsign_out; |
861 |
} |
863 |
} |
|
|
864 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
862 |
if(!X509_gmtime_adj(X509_get_notBefore(x509), 0)) { |
865 |
if(!X509_gmtime_adj(X509_get_notBefore(x509), 0)) { |
|
|
866 |
#else |
867 |
if(!X509_gmtime_adj(X509_getm_notBefore(x509), 0)) { |
868 |
#endif |
863 |
fprintf(stderr, "Failed to set certificate notBefore.\n"); |
869 |
fprintf(stderr, "Failed to set certificate notBefore.\n"); |
864 |
goto selfsign_out; |
870 |
goto selfsign_out; |
865 |
} |
871 |
} |
|
|
872 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
866 |
if(!X509_gmtime_adj(X509_get_notAfter(x509), 60L * 60L * 24L * validDays)) { |
873 |
if(!X509_gmtime_adj(X509_get_notAfter(x509), 60L * 60L * 24L * validDays)) { |
|
|
874 |
#else |
875 |
if(!X509_gmtime_adj(X509_getm_notAfter(x509), 60L * 60L * 24L * validDays)) { |
876 |
#endif |
867 |
fprintf(stderr, "Failed to set certificate notAfter.\n"); |
877 |
fprintf(stderr, "Failed to set certificate notAfter.\n"); |
868 |
goto selfsign_out; |
878 |
goto selfsign_out; |
869 |
} |
879 |
} |
Lines 1232-1238
static void print_cert_info(ykpiv_state *state, enum enum_slot slot, const EVP_M
Link Here
|
1232 |
|
1242 |
|
1233 |
if(*ptr++ == 0x70) { |
1243 |
if(*ptr++ == 0x70) { |
1234 |
unsigned int md_len = sizeof(data); |
1244 |
unsigned int md_len = sizeof(data); |
1235 |
ASN1_TIME *not_before, *not_after; |
1245 |
const ASN1_TIME *not_before, *not_after; |
1236 |
|
1246 |
|
1237 |
ptr += get_length(ptr, &cert_len); |
1247 |
ptr += get_length(ptr, &cert_len); |
1238 |
x509 = X509_new(); |
1248 |
x509 = X509_new(); |
Lines 1290-1302
static void print_cert_info(ykpiv_state *state, enum enum_slot slot, const EVP_M
Link Here
|
1290 |
dump_data(data, md_len, output, false, format_arg_hex); |
1300 |
dump_data(data, md_len, output, false, format_arg_hex); |
1291 |
|
1301 |
|
1292 |
bio = BIO_new_fp(output, BIO_NOCLOSE | BIO_FP_TEXT); |
1302 |
bio = BIO_new_fp(output, BIO_NOCLOSE | BIO_FP_TEXT); |
|
|
1303 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
1293 |
not_before = X509_get_notBefore(x509); |
1304 |
not_before = X509_get_notBefore(x509); |
|
|
1305 |
#else |
1306 |
not_before = X509_get0_notBefore(x509); |
1307 |
#endif |
1294 |
if(not_before) { |
1308 |
if(not_before) { |
1295 |
fprintf(output, "\tNot Before:\t"); |
1309 |
fprintf(output, "\tNot Before:\t"); |
1296 |
ASN1_TIME_print(bio, not_before); |
1310 |
ASN1_TIME_print(bio, not_before); |
1297 |
fprintf(output, "\n"); |
1311 |
fprintf(output, "\n"); |
1298 |
} |
1312 |
} |
|
|
1313 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
1299 |
not_after = X509_get_notAfter(x509); |
1314 |
not_after = X509_get_notAfter(x509); |
|
|
1315 |
#else |
1316 |
not_after = X509_get0_notAfter(x509); |
1317 |
#endif |
1300 |
if(not_after) { |
1318 |
if(not_after) { |
1301 |
fprintf(output, "\tNot After:\t"); |
1319 |
fprintf(output, "\tNot After:\t"); |
1302 |
ASN1_TIME_print(bio, not_after); |
1320 |
ASN1_TIME_print(bio, not_after); |
Lines 1941-1947
int main(int argc, char *argv[]) {
Link Here
|
1941 |
|
1959 |
|
1942 |
|
1960 |
|
1943 |
/* openssl setup.. */ |
1961 |
/* openssl setup.. */ |
|
|
1962 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
1944 |
OpenSSL_add_all_algorithms(); |
1963 |
OpenSSL_add_all_algorithms(); |
|
|
1964 |
#endif |
1945 |
|
1965 |
|
1946 |
|
1966 |
|
1947 |
for(i = 0; i < args_info.action_given; i++) { |
1967 |
for(i = 0; i < args_info.action_given; i++) { |
Lines 2182-2187
int main(int argc, char *argv[]) {
Link Here
|
2182 |
} |
2202 |
} |
2183 |
|
2203 |
|
2184 |
ykpiv_done(state); |
2204 |
ykpiv_done(state); |
|
|
2205 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L |
2185 |
EVP_cleanup(); |
2206 |
EVP_cleanup(); |
|
|
2207 |
#endif |
2186 |
return ret; |
2208 |
return ret; |
2187 |
} |
2209 |
} |