2 * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/cryptlib.h"
12 #include <openssl/buffer.h>
13 #include <openssl/bn.h>
14 #include <openssl/objects.h>
15 #include <openssl/x509_acert.h>
17 static int print_attribute(BIO
*bp
, X509_ATTRIBUTE
*a
)
23 aobj
= X509_ATTRIBUTE_get0_object(a
);
24 if (BIO_printf(bp
, "%12s", "") <= 0)
27 if ((j
= i2a_ASN1_OBJECT(bp
, aobj
)) <= 0)
30 count
= X509_ATTRIBUTE_count(a
);
32 ERR_raise(ERR_LIB_X509
, X509_R_INVALID_ATTRIBUTES
);
36 if (j
< 25 && (BIO_printf(bp
, "%*s", 25 - j
, " ") <= 0))
39 if (BIO_puts(bp
, ":") <= 0)
42 for (i
= 0; i
< count
; i
++) {
47 at
= X509_ATTRIBUTE_get0_type(a
, i
);
51 case V_ASN1_PRINTABLESTRING
:
52 case V_ASN1_T61STRING
:
53 case V_ASN1_NUMERICSTRING
:
54 case V_ASN1_UTF8STRING
:
55 case V_ASN1_IA5STRING
:
56 bs
= at
->value
.asn1_string
;
57 if (BIO_write(bp
, (char *)bs
->data
, bs
->length
) != bs
->length
)
59 if (BIO_puts(bp
, "\n") <= 0)
63 if (BIO_puts(bp
, "\n") <= 0)
65 ASN1_parse_dump(bp
, at
->value
.sequence
->data
,
66 at
->value
.sequence
->length
, i
, 1);
69 if (BIO_printf(bp
, "unable to print attribute of type 0x%X\n",
80 int X509_ACERT_print_ex(BIO
*bp
, X509_ACERT
*x
, unsigned long nmflags
,
86 if ((nmflags
& XN_FLAG_SEP_MASK
) == XN_FLAG_SEP_MULTILINE
) {
90 if ((cflag
& X509_FLAG_NO_HEADER
) == 0) {
91 if (BIO_printf(bp
, "Attribute Certificate:\n") <= 0)
93 if (BIO_printf(bp
, "%4sData:\n", "") <= 0)
97 if ((cflag
& X509_FLAG_NO_VERSION
) == 0) {
100 l
= X509_ACERT_get_version(x
);
101 if (l
== X509_ACERT_VERSION_2
) {
102 if (BIO_printf(bp
, "%8sVersion: %ld (0x%lx)\n", "", l
+ 1,
103 (unsigned long)l
) <= 0)
106 if (BIO_printf(bp
, "%8sVersion: Unknown (%ld)\n", "", l
) <= 0)
111 if ((cflag
& X509_FLAG_NO_SERIAL
) == 0) {
112 const ASN1_INTEGER
*serial
;
114 serial
= X509_ACERT_get0_serialNumber(x
);
116 if (BIO_printf(bp
, "%8sSerial Number: ", "") <= 0)
119 if (i2a_ASN1_INTEGER(bp
, serial
) <= 0)
122 if (BIO_write(bp
, "\n", 1) <= 0)
126 if ((cflag
& X509_FLAG_NO_SUBJECT
) == 0) {
127 const GENERAL_NAMES
*holderEntities
;
128 const OSSL_ISSUER_SERIAL
*holder_bcid
;
129 const X509_NAME
*holderIssuer
= NULL
;
131 if (BIO_printf(bp
, "%8sHolder:\n", "") <= 0)
134 holderEntities
= X509_ACERT_get0_holder_entityName(x
);
135 if (holderEntities
!= NULL
) {
136 for (i
= 0; i
< sk_GENERAL_NAME_num(holderEntities
); i
++) {
137 GENERAL_NAME
*entity
;
139 entity
= sk_GENERAL_NAME_value(holderEntities
, i
);
141 if (BIO_printf(bp
, "%12sName:%c", "", mlch
) <= 0)
143 if (GENERAL_NAME_print(bp
, entity
) <= 0)
145 if (BIO_write(bp
, "\n", 1) <= 0)
150 if ((holder_bcid
= X509_ACERT_get0_holder_baseCertId(x
)) != NULL
)
151 holderIssuer
= OSSL_ISSUER_SERIAL_get0_issuer(holder_bcid
);
153 if (holderIssuer
!= NULL
) {
154 const ASN1_INTEGER
*holder_serial
;
155 const ASN1_BIT_STRING
*iuid
;
157 if (BIO_printf(bp
, "%12sIssuer:%c", "", mlch
) <= 0)
160 if (X509_NAME_print_ex(bp
, holderIssuer
, 0, nmflags
) <= 0)
163 if (BIO_write(bp
, "\n", 1) <= 0)
166 if (BIO_printf(bp
, "%12sSerial: ", "") <= 0)
169 holder_serial
= OSSL_ISSUER_SERIAL_get0_serial(holder_bcid
);
171 if (i2a_ASN1_INTEGER(bp
, holder_serial
) <= 0)
174 iuid
= OSSL_ISSUER_SERIAL_get0_issuerUID(holder_bcid
);
176 if (BIO_printf(bp
, "%12sIssuer UID: ", "") <= 0)
178 if (X509_signature_dump(bp
, iuid
, 24) <= 0)
181 if (BIO_write(bp
, "\n", 1) <= 0)
186 if ((cflag
& X509_FLAG_NO_ISSUER
) == 0) {
187 const X509_NAME
*issuer
;
189 if (BIO_printf(bp
, "%8sIssuer:%c", "", mlch
) <= 0)
191 issuer
= X509_ACERT_get0_issuerName(x
);
193 if (X509_NAME_print_ex(bp
, issuer
, 0, nmflags
) < 0)
196 if (BIO_printf(bp
, "Unsupported Issuer Type") <= 0)
199 if (BIO_write(bp
, "\n", 1) <= 0)
203 if ((cflag
& X509_FLAG_NO_VALIDITY
) == 0) {
204 if (BIO_printf(bp
, "%8sValidity\n", "") <= 0)
206 if (BIO_printf(bp
, "%12sNot Before: ", "") <= 0)
208 if (ASN1_GENERALIZEDTIME_print(bp
, X509_ACERT_get0_notBefore(x
)) == 0)
210 if (BIO_printf(bp
, "\n%12sNot After : ", "") <= 0)
212 if (ASN1_GENERALIZEDTIME_print(bp
, X509_ACERT_get0_notAfter(x
)) == 0)
214 if (BIO_write(bp
, "\n", 1) <= 0)
218 if ((cflag
& X509_FLAG_NO_ATTRIBUTES
) == 0) {
219 if (BIO_printf(bp
, "%8sAttributes:\n", "") <= 0)
222 if (X509_ACERT_get_attr_count(x
) == 0) {
223 if (BIO_printf(bp
, "%12s(none)\n", "") <= 0)
226 for (i
= 0; i
< X509_ACERT_get_attr_count(x
); i
++) {
227 if (print_attribute(bp
, X509_ACERT_get_attr(x
, i
)) == 0)
233 if ((cflag
& X509_FLAG_NO_EXTENSIONS
) == 0) {
234 const STACK_OF(X509_EXTENSION
) *exts
;
236 exts
= X509_ACERT_get0_extensions(x
);
238 if (BIO_printf(bp
, "%8sExtensions:\n", "") <= 0)
240 for (i
= 0; i
< sk_X509_EXTENSION_num(exts
); i
++) {
245 ex
= sk_X509_EXTENSION_value(exts
, i
);
246 if (BIO_printf(bp
, "%12s", "") <= 0)
248 obj
= X509_EXTENSION_get_object(ex
);
249 if (i2a_ASN1_OBJECT(bp
, obj
) <= 0)
251 critical
= X509_EXTENSION_get_critical(ex
);
252 if (BIO_printf(bp
, ": %s\n", critical
? "critical" : "") <= 0)
254 if (X509V3_EXT_print(bp
, ex
, cflag
, 20) <= 0) {
255 if (BIO_printf(bp
, "%16s", "") <= 0)
257 if (ASN1_STRING_print(bp
, X509_EXTENSION_get_data(ex
)) <= 0)
260 if (BIO_write(bp
, "\n", 1) <= 0)
266 if ((cflag
& X509_FLAG_NO_SIGDUMP
) == 0) {
267 const X509_ALGOR
*sig_alg
;
268 const ASN1_BIT_STRING
*sig
;
270 X509_ACERT_get0_signature(x
, &sig
, &sig_alg
);
271 if (X509_signature_print(bp
, sig_alg
, sig
) <= 0)
278 ERR_raise(ERR_LIB_X509
, ERR_R_BUF_LIB
);
282 int X509_ACERT_print(BIO
*bp
, X509_ACERT
*x
)
284 return X509_ACERT_print_ex(bp
, x
, XN_FLAG_COMPAT
, X509_FLAG_COMPAT
);