if (!set_random(&ctx->transactionID, ctx,
OSSL_CMP_TRANSACTIONID_LENGTH))
return 0;
- tid = OPENSSL_buf2hexstr(ctx->transactionID->data,
- ctx->transactionID->length);
+ tid = i2s_ASN1_OCTET_STRING(NULL, ctx->transactionID);
if (tid != NULL)
ossl_cmp_log1(DEBUG, ctx,
"Starting new transaction with ID=%s", tid);
case OSSL_CMP_PKIBODY_GENM:
case OSSL_CMP_PKIBODY_ERROR:
if (ctx->transactionID != NULL) {
- char *tid;
+ char *tid = i2s_ASN1_OCTET_STRING(NULL, ctx->transactionID);
- tid = OPENSSL_buf2hexstr(ctx->transactionID->data,
- ctx->transactionID->length);
if (tid != NULL)
ossl_cmp_log1(WARN, ctx,
"Assuming that last transaction with ID=%s got aborted",
ossl_cmp_warn(ctx, "missing Subject Key Identifier in certificate");
return 0;
}
- str = OPENSSL_buf2hexstr(ckid->data, ckid->length);
+ str = i2s_ASN1_OCTET_STRING(NULL, ckid);
if (ASN1_OCTET_STRING_cmp(ckid, skid) == 0) {
if (str != NULL)
ossl_cmp_log1(INFO, ctx, " subjectKID matches senderKID: %s", str);
if (str != NULL)
ossl_cmp_log1(INFO, ctx, " cert Subject Key Identifier = %s", str);
OPENSSL_free(str);
- if ((str = OPENSSL_buf2hexstr(skid->data, skid->length)) != NULL)
+ if ((str = i2s_ASN1_OCTET_STRING(NULL, skid)) != NULL)
ossl_cmp_log1(INFO, ctx, " does not match senderKID = %s", str);
OPENSSL_free(str);
return 0;
(void)ERR_clear_last_mark();
sname = X509_NAME_oneline(sender->d.directoryName, NULL, 0);
- skid_str = skid == NULL ? NULL
- : OPENSSL_buf2hexstr(skid->data, skid->length);
+ skid_str = skid == NULL ? NULL : i2s_ASN1_OCTET_STRING(NULL, skid);
if (ctx->log_cb != NULL) {
ossl_cmp_info(ctx, "trying to verify msg signature with a valid cert that..");
if (sname != NULL)
|| ASN1_OCTET_STRING_cmp(ctx->transactionID,
hdr->transactionID) != 0)) {
#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
- ERR_raise(ERR_LIB_CMP, CMP_R_TRANSACTIONID_UNMATCHED);
+ char *ctx_str, *hdr_str;
+
+ ctx_str = i2s_ASN1_OCTET_STRING(NULL, ctx->transactionID);
+ hdr_str = hdr->transactionID == NULL ? "(none)"
+ : i2s_ASN1_OCTET_STRING(NULL, hdr->transactionID);
+ ERR_raise_data(ERR_LIB_CMP, CMP_R_TRANSACTIONID_UNMATCHED,
+ "expected = %s, actual = %s",
+ ctx_str == NULL ? "?" : ctx_str,
+ hdr_str == NULL ? "?" : hdr_str);
+ OPENSSL_free(ctx_str);
+ OPENSSL_free(hdr_str);
return 0;
#endif
}
STACK_OF(CONF_VALUE) *origextlist = extlist, *tmpextlist;
if (akeyid->keyid) {
- tmp = OPENSSL_buf2hexstr(akeyid->keyid->data, akeyid->keyid->length);
+ tmp = i2s_ASN1_OCTET_STRING(NULL, akeyid->keyid);
if (tmp == NULL) {
ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
return NULL;
extlist = tmpextlist;
}
if (akeyid->serial) {
- tmp = OPENSSL_buf2hexstr(akeyid->serial->data, akeyid->serial->length);
+ tmp = i2s_ASN1_OCTET_STRING(NULL, akeyid->serial);
if (tmp == NULL) {
ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
goto err;