]>
Commit | Line | Data |
---|---|---|
5ad29c54 | 1 | /* |
454afd98 | 2 | * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. |
5ad29c54 | 3 | * |
5477e842 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
d2e9e320 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
5ad29c54 AE |
8 | */ |
9 | ||
0cea8832 RP |
10 | #ifdef OPENSSL_NO_CT |
11 | # error "CT is disabled" | |
12 | #endif | |
13 | ||
14 | #include <openssl/asn1.h> | |
15 | #include <openssl/bio.h> | |
5ad29c54 | 16 | |
706457b7 | 17 | #include "ct_local.h" |
5ad29c54 | 18 | |
0cea8832 | 19 | static void SCT_signature_algorithms_print(const SCT *sct, BIO *out) |
5ad29c54 AE |
20 | { |
21 | int nid = SCT_get_signature_nid(sct); | |
22 | ||
70073f3e | 23 | if (nid == NID_undef) |
5ad29c54 AE |
24 | BIO_printf(out, "%02X%02X", sct->hash_alg, sct->sig_alg); |
25 | else | |
26 | BIO_printf(out, "%s", OBJ_nid2ln(nid)); | |
27 | } | |
28 | ||
0cea8832 | 29 | static void timestamp_print(uint64_t timestamp, BIO *out) |
5ad29c54 AE |
30 | { |
31 | ASN1_GENERALIZEDTIME *gen = ASN1_GENERALIZEDTIME_new(); | |
32 | char genstr[20]; | |
33 | ||
80e8fdbe BK |
34 | if (gen == NULL) |
35 | return; | |
5ad29c54 AE |
36 | ASN1_GENERALIZEDTIME_adj(gen, (time_t)0, |
37 | (int)(timestamp / 86400000), | |
38 | (timestamp % 86400000) / 1000); | |
39 | /* | |
40 | * Note GeneralizedTime from ASN1_GENERALIZETIME_adj is always 15 | |
41 | * characters long with a final Z. Update it with fractional seconds. | |
42 | */ | |
43 | BIO_snprintf(genstr, sizeof(genstr), "%.14s.%03dZ", | |
17ebf85a | 44 | ASN1_STRING_get0_data(gen), (unsigned int)(timestamp % 1000)); |
80e8fdbe BK |
45 | if (ASN1_GENERALIZEDTIME_set_string(gen, genstr)) |
46 | ASN1_GENERALIZEDTIME_print(out, gen); | |
5ad29c54 AE |
47 | ASN1_GENERALIZEDTIME_free(gen); |
48 | } | |
49 | ||
43341433 VD |
50 | const char *SCT_validation_status_string(const SCT *sct) |
51 | { | |
52 | ||
53 | switch (SCT_get_validation_status(sct)) { | |
54 | case SCT_VALIDATION_STATUS_NOT_SET: | |
55 | return "not set"; | |
56 | case SCT_VALIDATION_STATUS_UNKNOWN_VERSION: | |
57 | return "unknown version"; | |
58 | case SCT_VALIDATION_STATUS_UNKNOWN_LOG: | |
59 | return "unknown log"; | |
60 | case SCT_VALIDATION_STATUS_UNVERIFIED: | |
61 | return "unverified"; | |
62 | case SCT_VALIDATION_STATUS_INVALID: | |
63 | return "invalid"; | |
64 | case SCT_VALIDATION_STATUS_VALID: | |
65 | return "valid"; | |
66 | } | |
67 | return "unknown status"; | |
68 | } | |
69 | ||
49e5db0b RP |
70 | void SCT_print(const SCT *sct, BIO *out, int indent, |
71 | const CTLOG_STORE *log_store) | |
5ad29c54 | 72 | { |
49e5db0b RP |
73 | const CTLOG *log = NULL; |
74 | ||
75 | if (log_store != NULL) { | |
76 | log = CTLOG_STORE_get0_log_by_id(log_store, sct->log_id, | |
77 | sct->log_id_len); | |
78 | } | |
79 | ||
5ad29c54 AE |
80 | BIO_printf(out, "%*sSigned Certificate Timestamp:", indent, ""); |
81 | BIO_printf(out, "\n%*sVersion : ", indent + 4, ""); | |
82 | ||
0cea8832 | 83 | if (sct->version != SCT_VERSION_V1) { |
5ad29c54 AE |
84 | BIO_printf(out, "unknown\n%*s", indent + 16, ""); |
85 | BIO_hex_string(out, indent + 16, 16, sct->sct, sct->sct_len); | |
86 | return; | |
87 | } | |
88 | ||
89 | BIO_printf(out, "v1 (0x0)"); | |
90 | ||
8359b57f | 91 | if (log != NULL) { |
8c6afbc5 | 92 | BIO_printf(out, "\n%*sLog : %s", indent + 4, "", |
8359b57f | 93 | CTLOG_get0_name(log)); |
8c6afbc5 RP |
94 | } |
95 | ||
5ad29c54 AE |
96 | BIO_printf(out, "\n%*sLog ID : ", indent + 4, ""); |
97 | BIO_hex_string(out, indent + 16, 16, sct->log_id, sct->log_id_len); | |
98 | ||
99 | BIO_printf(out, "\n%*sTimestamp : ", indent + 4, ""); | |
0cea8832 | 100 | timestamp_print(sct->timestamp, out); |
5ad29c54 AE |
101 | |
102 | BIO_printf(out, "\n%*sExtensions: ", indent + 4, ""); | |
103 | if (sct->ext_len == 0) | |
104 | BIO_printf(out, "none"); | |
105 | else | |
106 | BIO_hex_string(out, indent + 16, 16, sct->ext, sct->ext_len); | |
107 | ||
108 | BIO_printf(out, "\n%*sSignature : ", indent + 4, ""); | |
0cea8832 | 109 | SCT_signature_algorithms_print(sct, out); |
5ad29c54 AE |
110 | BIO_printf(out, "\n%*s ", indent + 4, ""); |
111 | BIO_hex_string(out, indent + 16, 16, sct->sig, sct->sig_len); | |
112 | } | |
113 | ||
0cea8832 | 114 | void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent, |
8359b57f | 115 | const char *separator, const CTLOG_STORE *log_store) |
0cea8832 | 116 | { |
43341433 | 117 | int sct_count = sk_SCT_num(sct_list); |
0cea8832 RP |
118 | int i; |
119 | ||
43341433 | 120 | for (i = 0; i < sct_count; ++i) { |
0cea8832 | 121 | SCT *sct = sk_SCT_value(sct_list, i); |
8359b57f | 122 | |
49e5db0b | 123 | SCT_print(sct, out, indent, log_store); |
0cea8832 RP |
124 | if (i < sk_SCT_num(sct_list) - 1) |
125 | BIO_printf(out, "%s", separator); | |
126 | } | |
127 | } |