]>
git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/x509/t_x509.c
b4d7a3e0dc668848383f3268f3b8cfc3328b227c
1 /* crypto/x509/t_x509.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
60 #include "internal/cryptlib.h"
61 #include <openssl/buffer.h>
62 #include <openssl/bn.h>
63 #ifndef OPENSSL_NO_RSA
64 # include <openssl/rsa.h>
66 #ifndef OPENSSL_NO_DSA
67 # include <openssl/dsa.h>
70 # include <openssl/ec.h>
72 #include <openssl/objects.h>
73 #include <openssl/x509.h>
74 #include <openssl/x509v3.h>
75 #include "internal/asn1_int.h"
77 #ifndef OPENSSL_NO_STDIO
78 int X509_print_fp(FILE *fp
, X509
*x
)
80 return X509_print_ex_fp(fp
, x
, XN_FLAG_COMPAT
, X509_FLAG_COMPAT
);
83 int X509_print_ex_fp(FILE *fp
, X509
*x
, unsigned long nmflag
,
89 if ((b
= BIO_new(BIO_s_file())) == NULL
) {
90 X509err(X509_F_X509_PRINT_EX_FP
, ERR_R_BUF_LIB
);
93 BIO_set_fp(b
, fp
, BIO_NOCLOSE
);
94 ret
= X509_print_ex(b
, x
, nmflag
, cflag
);
100 int X509_print(BIO
*bp
, X509
*x
)
102 return X509_print_ex(bp
, x
, XN_FLAG_COMPAT
, X509_FLAG_COMPAT
);
105 int X509_print_ex(BIO
*bp
, X509
*x
, unsigned long nmflags
,
110 char *m
= NULL
, mlch
= ' ';
114 EVP_PKEY
*pkey
= NULL
;
117 if ((nmflags
& XN_FLAG_SEP_MASK
) == XN_FLAG_SEP_MULTILINE
) {
122 if (nmflags
== X509_FLAG_COMPAT
)
126 if (!(cflag
& X509_FLAG_NO_HEADER
)) {
127 if (BIO_write(bp
, "Certificate:\n", 13) <= 0)
129 if (BIO_write(bp
, " Data:\n", 10) <= 0)
132 if (!(cflag
& X509_FLAG_NO_VERSION
)) {
133 l
= X509_get_version(x
);
134 if (BIO_printf(bp
, "%8sVersion: %lu (0x%lx)\n", "", l
+ 1, l
) <= 0)
137 if (!(cflag
& X509_FLAG_NO_SERIAL
)) {
139 if (BIO_write(bp
, " Serial Number:", 22) <= 0)
142 bs
= X509_get_serialNumber(x
);
143 if (bs
->length
<= (int)sizeof(long)) {
145 l
= ASN1_INTEGER_get(bs
);
151 if (bs
->type
== V_ASN1_NEG_INTEGER
) {
156 if (BIO_printf(bp
, " %s%lu (%s0x%lx)\n", neg
, l
, neg
, l
) <= 0)
159 neg
= (bs
->type
== V_ASN1_NEG_INTEGER
) ? " (Negative)" : "";
160 if (BIO_printf(bp
, "\n%12s%s", "", neg
) <= 0)
163 for (i
= 0; i
< bs
->length
; i
++) {
164 if (BIO_printf(bp
, "%02x%c", bs
->data
[i
],
165 ((i
+ 1 == bs
->length
) ? '\n' : ':')) <= 0)
172 if (!(cflag
& X509_FLAG_NO_SIGNAME
)) {
173 if (X509_signature_print(bp
, &ci
->signature
, NULL
) <= 0)
177 if (!(cflag
& X509_FLAG_NO_ISSUER
)) {
178 if (BIO_printf(bp
, " Issuer:%c", mlch
) <= 0)
180 if (X509_NAME_print_ex(bp
, X509_get_issuer_name(x
), nmindent
, nmflags
)
183 if (BIO_write(bp
, "\n", 1) <= 0)
186 if (!(cflag
& X509_FLAG_NO_VALIDITY
)) {
187 if (BIO_write(bp
, " Validity\n", 17) <= 0)
189 if (BIO_write(bp
, " Not Before: ", 24) <= 0)
191 if (!ASN1_TIME_print(bp
, X509_get_notBefore(x
)))
193 if (BIO_write(bp
, "\n Not After : ", 25) <= 0)
195 if (!ASN1_TIME_print(bp
, X509_get_notAfter(x
)))
197 if (BIO_write(bp
, "\n", 1) <= 0)
200 if (!(cflag
& X509_FLAG_NO_SUBJECT
)) {
201 if (BIO_printf(bp
, " Subject:%c", mlch
) <= 0)
203 if (X509_NAME_print_ex
204 (bp
, X509_get_subject_name(x
), nmindent
, nmflags
) < 0)
206 if (BIO_write(bp
, "\n", 1) <= 0)
209 if (!(cflag
& X509_FLAG_NO_PUBKEY
)) {
210 if (BIO_write(bp
, " Subject Public Key Info:\n", 33) <= 0)
212 if (BIO_printf(bp
, "%12sPublic Key Algorithm: ", "") <= 0)
214 if (i2a_ASN1_OBJECT(bp
, ci
->key
->algor
->algorithm
) <= 0)
216 if (BIO_puts(bp
, "\n") <= 0)
219 pkey
= X509_get_pubkey(x
);
221 BIO_printf(bp
, "%12sUnable to load Public Key\n", "");
222 ERR_print_errors(bp
);
224 EVP_PKEY_print_public(bp
, pkey
, 16, NULL
);
229 if (!(cflag
& X509_FLAG_NO_IDS
)) {
231 if (BIO_printf(bp
, "%8sIssuer Unique ID: ", "") <= 0)
233 if (!X509_signature_dump(bp
, ci
->issuerUID
, 12))
236 if (ci
->subjectUID
) {
237 if (BIO_printf(bp
, "%8sSubject Unique ID: ", "") <= 0)
239 if (!X509_signature_dump(bp
, ci
->subjectUID
, 12))
244 if (!(cflag
& X509_FLAG_NO_EXTENSIONS
))
245 X509V3_extensions_print(bp
, "X509v3 extensions",
246 ci
->extensions
, cflag
, 8);
248 if (!(cflag
& X509_FLAG_NO_SIGDUMP
)) {
249 if (X509_signature_print(bp
, &x
->sig_alg
, x
->signature
) <= 0)
252 if (!(cflag
& X509_FLAG_NO_AUX
)) {
253 if (!X509_CERT_AUX_print(bp
, x
->aux
, 0))
262 int X509_ocspid_print(BIO
*bp
, X509
*x
)
264 unsigned char *der
= NULL
;
265 unsigned char *dertmp
;
268 unsigned char SHA1md
[SHA_DIGEST_LENGTH
];
271 * display the hash of the subject as it would appear in OCSP requests
273 if (BIO_printf(bp
, " Subject OCSP hash: ") <= 0)
275 derlen
= i2d_X509_NAME(x
->cert_info
.subject
, NULL
);
276 if ((der
= dertmp
= OPENSSL_malloc(derlen
)) == NULL
)
278 i2d_X509_NAME(x
->cert_info
.subject
, &dertmp
);
280 if (!EVP_Digest(der
, derlen
, SHA1md
, NULL
, EVP_sha1(), NULL
))
282 for (i
= 0; i
< SHA_DIGEST_LENGTH
; i
++) {
283 if (BIO_printf(bp
, "%02X", SHA1md
[i
]) <= 0)
290 * display the hash of the public key as it would appear in OCSP requests
292 if (BIO_printf(bp
, "\n Public key OCSP hash: ") <= 0)
295 if (!EVP_Digest(x
->cert_info
.key
->public_key
->data
,
296 x
->cert_info
.key
->public_key
->length
,
297 SHA1md
, NULL
, EVP_sha1(), NULL
))
299 for (i
= 0; i
< SHA_DIGEST_LENGTH
; i
++) {
300 if (BIO_printf(bp
, "%02X", SHA1md
[i
]) <= 0)
303 BIO_printf(bp
, "\n");
311 int X509_signature_dump(BIO
*bp
, const ASN1_STRING
*sig
, int indent
)
313 const unsigned char *s
;
318 for (i
= 0; i
< n
; i
++) {
320 if (BIO_write(bp
, "\n", 1) <= 0)
322 if (BIO_indent(bp
, indent
, indent
) <= 0)
325 if (BIO_printf(bp
, "%02x%s", s
[i
], ((i
+ 1) == n
) ? "" : ":") <= 0)
328 if (BIO_write(bp
, "\n", 1) != 1)
334 int X509_signature_print(BIO
*bp
, X509_ALGOR
*sigalg
, ASN1_STRING
*sig
)
337 if (BIO_puts(bp
, " Signature Algorithm: ") <= 0)
339 if (i2a_ASN1_OBJECT(bp
, sigalg
->algorithm
) <= 0)
342 sig_nid
= OBJ_obj2nid(sigalg
->algorithm
);
343 if (sig_nid
!= NID_undef
) {
344 int pkey_nid
, dig_nid
;
345 const EVP_PKEY_ASN1_METHOD
*ameth
;
346 if (OBJ_find_sigid_algs(sig_nid
, &dig_nid
, &pkey_nid
)) {
347 ameth
= EVP_PKEY_asn1_find(NULL
, pkey_nid
);
348 if (ameth
&& ameth
->sig_print
)
349 return ameth
->sig_print(bp
, sigalg
, sig
, 9, 0);
353 return X509_signature_dump(bp
, sig
, 9);
354 else if (BIO_puts(bp
, "\n") <= 0)