crypto/x509/t_acert.c

   1 /*
   2  * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <stdio.h>
  11 #include "internal/cryptlib.h"
  12 #include <openssl/buffer.h>
  13 #include <openssl/bn.h>
  14 #include <openssl/objects.h>
  15 #include <openssl/x509_acert.h>
  16
  17 static int print_attribute(BIO *bp, X509_ATTRIBUTE *a)
  18 {
  19     ASN1_OBJECT *aobj;
  20     int i, j, count;
  21     int ret = 0;
  22
  23     aobj = X509_ATTRIBUTE_get0_object(a);
  24     if (BIO_printf(bp, "%12s", "") <= 0)
  25         goto err;
  26
  27     if ((j = i2a_ASN1_OBJECT(bp, aobj)) <= 0)
  28         goto err;
  29
  30     count = X509_ATTRIBUTE_count(a);
  31     if (count == 0) {
  32         ERR_raise(ERR_LIB_X509, X509_R_INVALID_ATTRIBUTES);
  33         goto err;
  34     }
  35
  36     if (j < 25 && (BIO_printf(bp, "%*s", 25 - j, " ") <= 0))
  37         goto err;
  38
  39     if (BIO_puts(bp, ":") <= 0)
  40         goto err;
  41
  42     for (i = 0; i < count; i++) {
  43         ASN1_TYPE *at;
  44         int type;
  45         ASN1_BIT_STRING *bs;
  46
  47         at = X509_ATTRIBUTE_get0_type(a, i);
  48         type = at->type;
  49
  50         switch (type) {
  51         case V_ASN1_PRINTABLESTRING:
  52         case V_ASN1_T61STRING:
  53         case V_ASN1_NUMERICSTRING:
  54         case V_ASN1_UTF8STRING:
  55         case V_ASN1_IA5STRING:
  56             bs = at->value.asn1_string;
  57             if (BIO_write(bp, (char *)bs->data, bs->length) != bs->length)
  58                 goto err;
  59             if (BIO_puts(bp, "\n") <= 0)
  60                 goto err;
  61             break;
  62         case V_ASN1_SEQUENCE:
  63             if (BIO_puts(bp, "\n") <= 0)
  64                 goto err;
  65             ASN1_parse_dump(bp, at->value.sequence->data,
  66                             at->value.sequence->length, i, 1);
  67             break;
  68         default:
  69             if (BIO_printf(bp, "unable to print attribute of type 0x%X\n",
  70                            type) < 0)
  71                 goto err;
  72             break;
  73         }
  74     }
  75     ret = 1;
  76 err:
  77     return ret;
  78 }
  79
  80 int X509_ACERT_print_ex(BIO *bp, X509_ACERT *x, unsigned long nmflags,
  81                         unsigned long cflag)
  82 {
  83     int i;
  84     char mlch = ' ';
  85
  86     if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
  87         mlch = '\n';
  88     }
  89
  90     if ((cflag & X509_FLAG_NO_HEADER) == 0) {
  91         if (BIO_printf(bp, "Attribute Certificate:\n") <= 0)
  92             goto err;
  93         if (BIO_printf(bp, "%4sData:\n", "") <= 0)
  94             goto err;
  95     }
  96
  97     if ((cflag & X509_FLAG_NO_VERSION) == 0) {
  98         long l;
  99
 100         l = X509_ACERT_get_version(x);
 101         if (l == X509_ACERT_VERSION_2) {
 102             if (BIO_printf(bp, "%8sVersion: %ld (0x%lx)\n", "", l + 1,
 103                            (unsigned long)l) <= 0)
 104                 goto err;
 105         } else {
 106             if (BIO_printf(bp, "%8sVersion: Unknown (%ld)\n", "", l) <= 0)
 107                 goto err;
 108         }
 109     }
 110
 111     if ((cflag & X509_FLAG_NO_SERIAL) == 0) {
 112         const ASN1_INTEGER *serial;
 113
 114         serial = X509_ACERT_get0_serialNumber(x);
 115
 116         if (BIO_printf(bp, "%8sSerial Number: ", "") <= 0)
 117             goto err;
 118
 119         if (i2a_ASN1_INTEGER(bp, serial) <= 0)
 120             goto err;
 121
 122         if (BIO_write(bp, "\n", 1) <= 0)
 123             goto err;
 124     }
 125
 126     if ((cflag & X509_FLAG_NO_SUBJECT) == 0) {
 127         const GENERAL_NAMES *holderEntities;
 128         const OSSL_ISSUER_SERIAL *holder_bcid;
 129         const X509_NAME *holderIssuer = NULL;
 130
 131         if (BIO_printf(bp, "%8sHolder:\n", "") <= 0)
 132             goto err;
 133
 134         holderEntities = X509_ACERT_get0_holder_entityName(x);
 135         if (holderEntities != NULL) {
 136             for (i = 0; i < sk_GENERAL_NAME_num(holderEntities); i++) {
 137                 GENERAL_NAME *entity;
 138
 139                 entity = sk_GENERAL_NAME_value(holderEntities, i);
 140
 141                 if (BIO_printf(bp, "%12sName:%c", "", mlch) <= 0)
 142                     goto err;
 143                 if (GENERAL_NAME_print(bp, entity) <= 0)
 144                     goto err;
 145                 if (BIO_write(bp, "\n", 1) <= 0)
 146                     goto err;
 147             }
 148         }
 149
 150         if ((holder_bcid = X509_ACERT_get0_holder_baseCertId(x)) != NULL)
 151             holderIssuer = OSSL_ISSUER_SERIAL_get0_issuer(holder_bcid);
 152
 153         if (holderIssuer != NULL) {
 154             const ASN1_INTEGER *holder_serial;
 155             const ASN1_BIT_STRING *iuid;
 156
 157             if (BIO_printf(bp, "%12sIssuer:%c", "", mlch) <= 0)
 158                 goto err;
 159
 160             if (X509_NAME_print_ex(bp, holderIssuer, 0, nmflags) <= 0)
 161                 goto err;
 162
 163             if (BIO_write(bp, "\n", 1) <= 0)
 164                 goto err;
 165
 166             if (BIO_printf(bp, "%12sSerial: ", "") <= 0)
 167                 goto err;
 168
 169             holder_serial = OSSL_ISSUER_SERIAL_get0_serial(holder_bcid);
 170
 171             if (i2a_ASN1_INTEGER(bp, holder_serial) <= 0)
 172                 goto err;
 173
 174             iuid = OSSL_ISSUER_SERIAL_get0_issuerUID(holder_bcid);
 175             if (iuid != NULL) {
 176                 if (BIO_printf(bp, "%12sIssuer UID: ", "") <= 0)
 177                     goto err;
 178                 if (X509_signature_dump(bp, iuid, 24) <= 0)
 179                     goto err;
 180             }
 181             if (BIO_write(bp, "\n", 1) <= 0)
 182                 goto err;
 183         }
 184     }
 185
 186     if ((cflag & X509_FLAG_NO_ISSUER) == 0) {
 187         const X509_NAME *issuer;
 188
 189         if (BIO_printf(bp, "%8sIssuer:%c", "", mlch) <= 0)
 190             goto err;
 191         issuer = X509_ACERT_get0_issuerName(x);
 192         if (issuer) {
 193             if (X509_NAME_print_ex(bp, issuer, 0, nmflags) < 0)
 194                 goto err;
 195         } else {
 196             if (BIO_printf(bp, "Unsupported Issuer Type") <= 0)
 197                 goto err;
 198         }
 199         if (BIO_write(bp, "\n", 1) <= 0)
 200             goto err;
 201     }
 202
 203     if ((cflag & X509_FLAG_NO_VALIDITY) == 0) {
 204         if (BIO_printf(bp, "%8sValidity\n", "") <= 0)
 205             goto err;
 206         if (BIO_printf(bp, "%12sNot Before: ", "") <= 0)
 207             goto err;
 208         if (ASN1_GENERALIZEDTIME_print(bp, X509_ACERT_get0_notBefore(x)) == 0)
 209             goto err;
 210         if (BIO_printf(bp, "\n%12sNot After : ", "") <= 0)
 211             goto err;
 212         if (ASN1_GENERALIZEDTIME_print(bp, X509_ACERT_get0_notAfter(x)) == 0)
 213             goto err;
 214         if (BIO_write(bp, "\n", 1) <= 0)
 215             goto err;
 216     }
 217
 218     if ((cflag & X509_FLAG_NO_ATTRIBUTES) == 0) {
 219         if (BIO_printf(bp, "%8sAttributes:\n", "") <= 0)
 220             goto err;
 221
 222         if (X509_ACERT_get_attr_count(x) == 0) {
 223             if (BIO_printf(bp, "%12s(none)\n", "") <= 0)
 224                 goto err;
 225         } else {
 226             for (i = 0; i < X509_ACERT_get_attr_count(x); i++) {
 227                 if (print_attribute(bp, X509_ACERT_get_attr(x, i)) == 0)
 228                     goto err;
 229             }
 230         }
 231     }
 232
 233     if ((cflag & X509_FLAG_NO_EXTENSIONS) == 0) {
 234         const STACK_OF(X509_EXTENSION) *exts;
 235
 236         exts = X509_ACERT_get0_extensions(x);
 237         if (exts != NULL) {
 238             if (BIO_printf(bp, "%8sExtensions:\n", "") <= 0)
 239                 goto err;
 240             for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
 241                 ASN1_OBJECT *obj;
 242                 X509_EXTENSION *ex;
 243                 int critical;
 244
 245                 ex = sk_X509_EXTENSION_value(exts, i);
 246                 if (BIO_printf(bp, "%12s", "") <= 0)
 247                     goto err;
 248                 obj = X509_EXTENSION_get_object(ex);
 249                 if (i2a_ASN1_OBJECT(bp, obj) <= 0)
 250                     goto err;
 251                 critical = X509_EXTENSION_get_critical(ex);
 252                 if (BIO_printf(bp, ": %s\n", critical ? "critical" : "") <= 0)
 253                     goto err;
 254                 if (X509V3_EXT_print(bp, ex, cflag, 20) <= 0) {
 255                     if (BIO_printf(bp, "%16s", "") <= 0)
 256                         goto err;
 257                     if (ASN1_STRING_print(bp, X509_EXTENSION_get_data(ex)) <= 0)
 258                         goto err;
 259                 }
 260                 if (BIO_write(bp, "\n", 1) <= 0)
 261                     goto err;
 262             }
 263         }
 264     }
 265
 266     if ((cflag & X509_FLAG_NO_SIGDUMP) == 0) {
 267         const X509_ALGOR *sig_alg;
 268         const ASN1_BIT_STRING *sig;
 269
 270         X509_ACERT_get0_signature(x, &sig, &sig_alg);
 271         if (X509_signature_print(bp, sig_alg, sig) <= 0)
 272             return 0;
 273     }
 274
 275     return 1;
 276
 277 err:
 278     ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB);
 279     return 0;
 280 }
 281
 282 int X509_ACERT_print(BIO *bp, X509_ACERT *x)
 283 {
 284     return X509_ACERT_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
 285 }