unsigned long cflag)
{
long l;
- int ret = 0, i;
+ int ret = 0;
char mlch = ' ';
int nmindent = 0, printok = 0;
EVP_PKEY *pkey = NULL;
- const char *neg;
if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
mlch = '\n';
return ok;
}
+
+/*
+ * Prints serial numbers in decimal and hexadecimal. The indent argument is only
+ * used if the serial number is too large to fit in a long int.
+ */
+int ossl_serial_number_print(BIO *out, const ASN1_INTEGER *bs, int indent)
+{
+ int i;
+ long l;
+ unsigned long ul;
+ const char *neg;
+
+ if (bs->length <= (int)sizeof(long)) {
+ ERR_set_mark();
+ l = ASN1_INTEGER_get(bs);
+ ERR_pop_to_mark();
+ } else {
+ l = -1;
+ }
+ if (l != -1) { /* Reading a long int succeeded: print decimal and hex. */
+ if (bs->type == V_ASN1_NEG_INTEGER) {
+ ul = 0 - (unsigned long)l;
+ neg = "-";
+ } else {
+ ul = l;
+ neg = "";
+ }
+ if (BIO_printf(out, " %s%lu (%s0x%lx)", neg, ul, neg, ul) <= 0)
+ return -1;
+ } else { /* Reading a long int failed: just print hex. */
+ neg = (bs->type == V_ASN1_NEG_INTEGER) ? " (Negative)" : "";
+ if (BIO_printf(out, "\n%*s%s", indent, "", neg) <= 0)
+ return -1;
+
+ for (i = 0; i < bs->length - 1; i++) {
+ if (BIO_printf(out, "%02x%c", bs->data[i], ':') <= 0)
+ return -1;
+ }
+ if (BIO_printf(out, "%02x", bs->data[i]) <= 0)
+ return -1;
+ }
+ return 0;
+}
if (rscid->roleCertSerialNumber != NULL) {
if (BIO_puts(out, "\n") <= 0)
return 0;
- if (BIO_printf(out, "%*sRole Certificate Serial Number: ", indent, "") <= 0)
+ if (BIO_printf(out, "%*sRole Certificate Serial Number:", indent, "") <= 0)
return 0;
if (ossl_serial_number_print(out, rscid->roleCertSerialNumber, indent) != 0)
return 0;
--- /dev/null
+=pod
+
+=head1 NAME
+
+ossl_serial_number_print
+- Print a CertificateSerialNumber
+
+=head1 SYNOPSIS
+
+ #include <crypto/x509.h>
+
+ int ossl_serial_number_print(BIO *out, const ASN1_INTEGER *bs, int indent);
+
+=head1 DESCRIPTION
+
+This function writes a certificate serial number I<bs> to BIO I<out> in decimal if the serial
+number can be read into a long int, as well as hexadecimal. It notifies the
+user of negative serial numbers, and handles wrapping of huge serial numbers.
+The output is written to a newline and indented by I<indent> spaces if the
+serial number cannot be read into a long int.
+
+If the serial number fits into a long int, it is printed on the same line as
+whatever precedes it, after a single SPACE character.
+
+=head1 RETURN VALUES
+
+This function returns 0 on success and -1 on failure.
+
+=head1 COPYRIGHT
+
+Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
const ASN1_TYPE *av,
int indent);
+int ossl_serial_number_print(BIO *out, const ASN1_INTEGER *bs, int indent);
+
#endif /* OSSL_CRYPTO_X509_H */
"Role Certificate Issuer: DirName:CN",
1, 'X.509 Role Spec Certificate Identifier');
cert_contains($role_spec_cert,
- "Role Certificate Serial Number: 0x02040608",
+ "Role Certificate Serial Number: 33818120 \\(0x2040608\\)",
1, 'X.509 Role Spec Certificate Identifier');
cert_contains($role_spec_cert,
"DNS:wildboarsoftware.com",
projects / thirdparty / openssl.git / commitdiff
