[thirdparty/openssl.git] / crypto / asn1 / t_x509.c

/* crypto/asn1/t_x509.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdio.h>
#include "cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/bn.h>
#ifndef NO_RSA
#include <openssl/rsa.h>
#endif
#ifndef NO_DSA
#include <openssl/dsa.h>
#endif
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>

#ifndef NO_FP_API
int X509_print_fp(FILE *fp, X509 *x)
	{
	return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
	}

int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag)
        {
        BIO *b;
        int ret;

        if ((b=BIO_new(BIO_s_file())) == NULL)
		{
		X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
                return(0);
		}
        BIO_set_fp(b,fp,BIO_NOCLOSE);
        ret=X509_print_ex(b, x, nmflag, cflag);
        BIO_free(b);
        return(ret);
        }
#endif

int X509_print(BIO *bp, X509 *x)
{
	return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
}

int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
	{
	long l;
	int ret=0,i,j,n;
	char *m=NULL,*s, mlch = ' ';
	int nmindent = 0;
	X509_CINF *ci;
	ASN1_INTEGER *bs;
	EVP_PKEY *pkey=NULL;
	const char *neg;
	X509_EXTENSION *ex;
	ASN1_STRING *str=NULL;

	if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
			mlch = '\n';
			nmindent = 16;
	}

	if(nmflags == X509_FLAG_COMPAT)
		nmindent = 16;

	ci=x->cert_info;
	if(!(cflag & X509_FLAG_NO_HEADER))
		{
		if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
		if (BIO_write(bp,"    Data:\n",10) <= 0) goto err;
		}
	if(!(cflag & X509_FLAG_NO_VERSION))
		{
		l=X509_get_version(x);
		if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
		}
	if(!(cflag & X509_FLAG_NO_SERIAL))
		{

		if (BIO_write(bp,"        Serial Number:",22) <= 0) goto err;

		bs=X509_get_serialNumber(x);
		if (bs->length <= 4)
			{
			l=ASN1_INTEGER_get(bs);
			if (l < 0)
				{
				l= -l;
				neg="-";
				}
			else
				neg="";
			if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
				goto err;
			}
		else
			{
			neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
			if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;

			for (i=0; i<bs->length; i++)
				{
				if (BIO_printf(bp,"%02x%c",bs->data[i],
					((i+1 == bs->length)?'\n':':')) <= 0)
					goto err;
				}
			}

		}

	if(!(cflag & X509_FLAG_NO_SIGNAME))
		{
		i=OBJ_obj2nid(ci->signature->algorithm);
		if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
			(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
			goto err;
		}

	if(!(cflag & X509_FLAG_NO_ISSUER))
		{
		if (BIO_printf(bp,"        Issuer:%c",mlch) <= 0) goto err;
		if (!X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags)) goto err;
		}
	if(!(cflag & X509_FLAG_NO_VALIDITY))
		{
		if (BIO_write(bp,"\n        Validity\n",18) <= 0) goto err;
		if (BIO_write(bp,"            Not Before: ",24) <= 0) goto err;
		if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
		if (BIO_write(bp,"\n            Not After : ",25) <= 0) goto err;
		if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
		if (BIO_write(bp,"\n",1) <= 0) goto err;
		}
	if(!(cflag & X509_FLAG_NO_SUBJECT))
		{
		if (BIO_printf(bp,"        Subject:%c",mlch) <= 0) goto err;
		if (!X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags)) goto err;
		}
	if(!(cflag & X509_FLAG_NO_PUBKEY))
		{
		if (BIO_write(bp,"\n        Subject Public Key Info:\n",34) <= 0)
			goto err;
		i=OBJ_obj2nid(ci->key->algor->algorithm);
		if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
			(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;

		pkey=X509_get_pubkey(x);
		if (pkey == NULL)
			{
			BIO_printf(bp,"%12sUnable to load Public Key\n","");
			ERR_print_errors(bp);
			}
		else
#ifndef NO_RSA
		if (pkey->type == EVP_PKEY_RSA)
			{
			BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
			BN_num_bits(pkey->pkey.rsa->n));
			RSA_print(bp,pkey->pkey.rsa,16);
			}
		else
#endif
#ifndef NO_DSA
		if (pkey->type == EVP_PKEY_DSA)
			{
			BIO_printf(bp,"%12sDSA Public Key:\n","");
			DSA_print(bp,pkey->pkey.dsa,16);
			}
		else
#endif
			BIO_printf(bp,"%12sUnknown Public Key:\n","");

		EVP_PKEY_free(pkey);
		}

	if (cflag & X509_FLAG_NO_EXTENSIONS)
		n = 0;
	else
		n=X509_get_ext_count(x);
	if (n > 0)
		{
		BIO_printf(bp,"%8sX509v3 extensions:\n","");
		for (i=0; i<n; i++)
			{
			ASN1_OBJECT *obj;
			ex=X509_get_ext(x,i);
			if (BIO_printf(bp,"%12s","") <= 0) goto err;
			obj=X509_EXTENSION_get_object(ex);
			i2a_ASN1_OBJECT(bp,obj);
			j=X509_EXTENSION_get_critical(ex);
			if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
				goto err;
			if(!X509V3_EXT_print(bp, ex, cflag, 16))
				{
				BIO_printf(bp, "%16s", "");
				M_ASN1_OCTET_STRING_print(bp,ex->value);
				}
			if (BIO_write(bp,"\n",1) <= 0) goto err;
			}
		}

	if(!(cflag & X509_FLAG_NO_SIGDUMP))
		{
		i=OBJ_obj2nid(x->sig_alg->algorithm);
		if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
			(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;

		n=x->signature->length;
		s=(char *)x->signature->data;
		for (i=0; i<n; i++)
			{
			if ((i%18) == 0)
				if (BIO_write(bp,"\n        ",9) <= 0) goto err;
			if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
				((i+1) == n)?"":":") <= 0) goto err;
			}
		if (BIO_write(bp,"\n",1) != 1) goto err;
		}
	if(!(cflag & X509_FLAG_NO_AUX))
		{
		if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
		}
	ret=1;
err:
	if (str != NULL) ASN1_STRING_free(str);
	if (m != NULL) OPENSSL_free(m);
	return(ret);
	}

int X509_ocspid_print (BIO *bp, X509 *x)
	{
	unsigned char *der=NULL ;
	unsigned char *dertmp;
	int derlen;
	int i;
	SHA_CTX SHA1buf ;
	unsigned char SHA1md[SHA_DIGEST_LENGTH];

	/* display the hash of the subject as it would appear
	   in OCSP requests */
	if (BIO_printf(bp,"        Subject OCSP hash: ") <= 0)
		goto err;
	derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
	if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL)
		goto err;
	i2d_X509_NAME(x->cert_info->subject, &dertmp);

	SHA1_Init(&SHA1buf);
	SHA1_Update(&SHA1buf, der, derlen);
	SHA1_Final(SHA1md,&SHA1buf);
	for (i=0; i < SHA_DIGEST_LENGTH; i++)
		{
		if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
		}
	OPENSSL_free (der);
	der=NULL;

	/* display the hash of the public key as it would appear
	   in OCSP requests */
	if (BIO_printf(bp,"\n        Public key OCSP hash: ") <= 0)
		goto err;

	SHA1_Init(&SHA1buf);
	SHA1_Update(&SHA1buf, x->cert_info->key->public_key->data,
		x->cert_info->key->public_key->length);
	SHA1_Final(SHA1md,&SHA1buf);
	for (i=0; i < SHA_DIGEST_LENGTH; i++)
		{
		if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
			goto err;
		}
	BIO_printf(bp,"\n");

	return (1);
err:
	if (der != NULL) OPENSSL_free(der);
	return(0);
	}

int ASN1_STRING_print(BIO *bp, ASN1_STRING *v)
	{
	int i,n;
	char buf[80],*p;;

	if (v == NULL) return(0);
	n=0;
	p=(char *)v->data;
	for (i=0; i<v->length; i++)
		{
		if ((p[i] > '~') || ((p[i] < ' ') &&
			(p[i] != '\n') && (p[i] != '\r')))
			buf[n]='.';
		else
			buf[n]=p[i];
		n++;
		if (n >= 80)
			{
			if (BIO_write(bp,buf,n) <= 0)
				return(0);
			n=0;
			}
		}
	if (n > 0)
		if (BIO_write(bp,buf,n) <= 0)
			return(0);
	return(1);
	}

int ASN1_TIME_print(BIO *bp, ASN1_TIME *tm)
{
	if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm);
	if(tm->type == V_ASN1_GENERALIZEDTIME)
				return ASN1_GENERALIZEDTIME_print(bp, tm);
	BIO_write(bp,"Bad time value",14);
	return(0);
}

static const char *mon[12]=
    {
    "Jan","Feb","Mar","Apr","May","Jun",
    "Jul","Aug","Sep","Oct","Nov","Dec"
    };

int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm)
	{
	char *v;
	int gmt=0;
	int i;
	int y=0,M=0,d=0,h=0,m=0,s=0;

	i=tm->length;
	v=(char *)tm->data;

	if (i < 12) goto err;
	if (v[i-1] == 'Z') gmt=1;
	for (i=0; i<12; i++)
		if ((v[i] > '9') || (v[i] < '0')) goto err;
	y= (v[0]-'0')*1000+(v[1]-'0')*100 + (v[2]-'0')*10+(v[3]-'0');
	M= (v[4]-'0')*10+(v[5]-'0');
	if ((M > 12) || (M < 1)) goto err;
	d= (v[6]-'0')*10+(v[7]-'0');
	h= (v[8]-'0')*10+(v[9]-'0');
	m=  (v[10]-'0')*10+(v[11]-'0');
	if (	(v[12] >= '0') && (v[12] <= '9') &&
		(v[13] >= '0') && (v[13] <= '9'))
		s=  (v[12]-'0')*10+(v[13]-'0');

	if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
		mon[M-1],d,h,m,s,y,(gmt)?" GMT":"") <= 0)
		return(0);
	else
		return(1);
err:
	BIO_write(bp,"Bad time value",14);
	return(0);
	}

int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm)
	{
	char *v;
	int gmt=0;
	int i;
	int y=0,M=0,d=0,h=0,m=0,s=0;

	i=tm->length;
	v=(char *)tm->data;

	if (i < 10) goto err;
	if (v[i-1] == 'Z') gmt=1;
	for (i=0; i<10; i++)
		if ((v[i] > '9') || (v[i] < '0')) goto err;
	y= (v[0]-'0')*10+(v[1]-'0');
	if (y < 50) y+=100;
	M= (v[2]-'0')*10+(v[3]-'0');
	if ((M > 12) || (M < 1)) goto err;
	d= (v[4]-'0')*10+(v[5]-'0');
	h= (v[6]-'0')*10+(v[7]-'0');
	m=  (v[8]-'0')*10+(v[9]-'0');
	if (	(v[10] >= '0') && (v[10] <= '9') &&
		(v[11] >= '0') && (v[11] <= '9'))
		s=  (v[10]-'0')*10+(v[11]-'0');

	if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
		mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"") <= 0)
		return(0);
	else
		return(1);
err:
	BIO_write(bp,"Bad time value",14);
	return(0);
	}

int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
	{
	char *s,*c;
	int ret=0,l,ll,i,first=1;
	char buf[256];

	ll=80-2-obase;

	s=X509_NAME_oneline(name,buf,256);
	s++; /* skip the first slash */

	l=ll;
	c=s;
	for (;;)
		{
#ifndef CHARSET_EBCDIC
		if (	((*s == '/') &&
				((s[1] >= 'A') && (s[1] <= 'Z') && (
					(s[2] == '=') ||
					((s[2] >= 'A') && (s[2] <= 'Z') &&
					(s[3] == '='))
				 ))) ||
			(*s == '\0'))
#else
		if (	((*s == '/') &&
				(isupper(s[1]) && (
					(s[2] == '=') ||
					(isupper(s[2]) &&
					(s[3] == '='))
				 ))) ||
			(*s == '\0'))
#endif
			{
			if ((l <= 0) && !first)
				{
				first=0;
				if (BIO_write(bp,"\n",1) != 1) goto err;
				for (i=0; i<obase; i++)
					{
					if (BIO_write(bp," ",1) != 1) goto err;
					}
				l=ll;
				}
			i=s-c;
			if (BIO_write(bp,c,i) != i) goto err;
			c+=i;
			c++;
			if (*s != '\0')
				{
				if (BIO_write(bp,", ",2) != 2) goto err;
				}
			l--;
			}
		if (*s == '\0') break;
		s++;
		l--;
		}
	
	ret=1;
	if (0)
		{
err:
		X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
		}
	return(ret);
	}
Commit	Line	Data
d02b48c6	1	/* crypto/asn1/t_x509.c */
58964a49	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6 RE	3	* All rights reserved.
	4	*
	5	* This package is an SSL implementation written
	6	* by Eric Young (eay@cryptsoft.com).
	7	* The implementation was written so as to conform with Netscapes SSL.
	8	*
	9	* This library is free for commercial and non-commercial use as long as
	10	* the following conditions are aheared to. The following conditions
	11	* apply to all code found in this distribution, be it the RC4, RSA,
	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
	13	* included with this distribution is covered by the same copyright terms
	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
	15	*
	16	* Copyright remains Eric Young's, and as such any Copyright notices in
	17	* the code are not to be removed.
	18	* If this package is used in a product, Eric Young should be given attribution
	19	* as the author of the parts of the library used.
	20	* This can be in the form of a textual message at program startup or
	21	* in documentation (online or textual) provided with the package.
	22	*
	23	* Redistribution and use in source and binary forms, with or without
	24	* modification, are permitted provided that the following conditions
	25	* are met:
	26	* 1. Redistributions of source code must retain the copyright
	27	* notice, this list of conditions and the following disclaimer.
	28	* 2. Redistributions in binary form must reproduce the above copyright
	29	* notice, this list of conditions and the following disclaimer in the
	30	* documentation and/or other materials provided with the distribution.
	31	* 3. All advertising materials mentioning features or use of this software
	32	* must display the following acknowledgement:
	33	* "This product includes cryptographic software written by
	34	* Eric Young (eay@cryptsoft.com)"
	35	* The word 'cryptographic' can be left out if the rouines from the library
	36	* being used are not cryptographic related :-).
	37	* 4. If you include any Windows specific code (or a derivative thereof) from
	38	* the apps directory (application code) you must include an acknowledgement:
	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
	40	*
	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	51	* SUCH DAMAGE.
	52	*
	53	* The licence and distribution terms for any publically available version or
	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
	55	* copied and put under another distribution licence
	56	* [including the GNU Public Licence.]
	57	*/
	58
	59	#include <stdio.h>
	60	#include "cryptlib.h"
ec577822 BM	61	#include <openssl/buffer.h>
ec577822 BM	62	#include <openssl/bn.h>
d02b48c6	63	#ifndef NO_RSA
ec577822	64	#include <openssl/rsa.h>
d02b48c6 RE	65	#endif
d02b48c6 RE	66	#ifndef NO_DSA
ec577822	67	#include <openssl/dsa.h>
d02b48c6	68	#endif
ec577822 BM	69	#include <openssl/objects.h>
	70	#include <openssl/x509.h>
	71	#include <openssl/x509v3.h>
d02b48c6	72
58964a49	73	#ifndef NO_FP_API
6b691a5c	74	int X509_print_fp(FILE fp, X509 x)
d0c98589 DSH	75	{
	76	return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
	77	}
	78
	79	int X509_print_ex_fp(FILE fp, X509 x, unsigned long nmflag, unsigned long cflag)
d02b48c6 RE	80	{
	81	BIO *b;
	82	int ret;
	83
	84	if ((b=BIO_new(BIO_s_file())) == NULL)
	85	{
	86	X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
	87	return(0);
	88	}
	89	BIO_set_fp(b,fp,BIO_NOCLOSE);
d0c98589	90	ret=X509_print_ex(b, x, nmflag, cflag);
d02b48c6 RE	91	BIO_free(b);
	92	return(ret);
	93	}
	94	#endif
	95
6b691a5c	96	int X509_print(BIO bp, X509 x)
d0c98589 DSH	97	{
	98	return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
	99	}
	100
	101	int X509_print_ex(BIO bp, X509 x, unsigned long nmflags, unsigned long cflag)
d02b48c6 RE	102	{
	103	long l;
	104	int ret=0,i,j,n;
d0c98589	105	char m=NULL,s, mlch = ' ';
8ca533e3	106	int nmindent = 0;
d02b48c6 RE	107	X509_CINF *ci;
	108	ASN1_INTEGER *bs;
	109	EVP_PKEY *pkey=NULL;
e778802f	110	const char *neg;
d02b48c6 RE	111	X509_EXTENSION *ex;
	112	ASN1_STRING *str=NULL;
	113
8ca533e3	114	if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
d0c98589	115	mlch = '\n';
8ca533e3 DSH	116	nmindent = 16;
	117	}
	118
	119	if(nmflags == X509_FLAG_COMPAT)
	120	nmindent = 16;
d0c98589	121
d02b48c6	122	ci=x->cert_info;
d0c98589	123	if(!(cflag & X509_FLAG_NO_HEADER))
d02b48c6	124	{
d0c98589 DSH	125	if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
d0c98589 DSH	126	if (BIO_write(bp," Data:\n",10) <= 0) goto err;
d02b48c6	127	}
d0c98589	128	if(!(cflag & X509_FLAG_NO_VERSION))
d02b48c6	129	{
d0c98589 DSH	130	l=X509_get_version(x);
	131	if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
	132	}
	133	if(!(cflag & X509_FLAG_NO_SERIAL))
	134	{
	135
	136	if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
d02b48c6	137
d0c98589 DSH	138	bs=X509_get_serialNumber(x);
d0c98589 DSH	139	if (bs->length <= 4)
d02b48c6	140	{
d0c98589 DSH	141	l=ASN1_INTEGER_get(bs);
	142	if (l < 0)
	143	{
	144	l= -l;
	145	neg="-";
	146	}
	147	else
	148	neg="";
	149	if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
d02b48c6 RE	150	goto err;
d02b48c6 RE	151	}
d0c98589 DSH	152	else
	153	{
	154	neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
	155	if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
	156
	157	for (i=0; i<bs->length; i++)
	158	{
	159	if (BIO_printf(bp,"%02x%c",bs->data[i],
	160	((i+1 == bs->length)?'\n':':')) <= 0)
	161	goto err;
	162	}
	163	}
	164
d02b48c6 RE	165	}
d02b48c6 RE	166
d0c98589	167	if(!(cflag & X509_FLAG_NO_SIGNAME))
dfeab068	168	{
d0c98589 DSH	169	i=OBJ_obj2nid(ci->signature->algorithm);
	170	if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
	171	(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
	172	goto err;
dfeab068	173	}
d0c98589 DSH	174
d0c98589 DSH	175	if(!(cflag & X509_FLAG_NO_ISSUER))
d02b48c6	176	{
d0c98589	177	if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err;
8ca533e3	178	if (!X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags)) goto err;
d02b48c6	179	}
d0c98589	180	if(!(cflag & X509_FLAG_NO_VALIDITY))
d02b48c6	181	{
d0c98589 DSH	182	if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err;
	183	if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
	184	if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
	185	if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
	186	if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
	187	if (BIO_write(bp,"\n",1) <= 0) goto err;
d02b48c6	188	}
d0c98589 DSH	189	if(!(cflag & X509_FLAG_NO_SUBJECT))
	190	{
	191	if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err;
8ca533e3	192	if (!X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags)) goto err;
d0c98589 DSH	193	}
	194	if(!(cflag & X509_FLAG_NO_PUBKEY))
	195	{
	196	if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0)
	197	goto err;
	198	i=OBJ_obj2nid(ci->key->algor->algorithm);
	199	if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
	200	(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
	201
	202	pkey=X509_get_pubkey(x);
	203	if (pkey == NULL)
	204	{
	205	BIO_printf(bp,"%12sUnable to load Public Key\n","");
	206	ERR_print_errors(bp);
	207	}
	208	else
	209	#ifndef NO_RSA
	210	if (pkey->type == EVP_PKEY_RSA)
	211	{
	212	BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
	213	BN_num_bits(pkey->pkey.rsa->n));
	214	RSA_print(bp,pkey->pkey.rsa,16);
	215	}
	216	else
d02b48c6	217	#endif
d0c98589 DSH	218	#ifndef NO_DSA
	219	if (pkey->type == EVP_PKEY_DSA)
	220	{
	221	BIO_printf(bp,"%12sDSA Public Key:\n","");
	222	DSA_print(bp,pkey->pkey.dsa,16);
	223	}
	224	else
	225	#endif
	226	BIO_printf(bp,"%12sUnknown Public Key:\n","");
d02b48c6	227
d0c98589 DSH	228	EVP_PKEY_free(pkey);
d0c98589 DSH	229	}
cfcf6453	230
d0c98589 DSH	231	if (cflag & X509_FLAG_NO_EXTENSIONS)
	232	n = 0;
	233	else
	234	n=X509_get_ext_count(x);
d02b48c6 RE	235	if (n > 0)
	236	{
	237	BIO_printf(bp,"%8sX509v3 extensions:\n","");
	238	for (i=0; i<n; i++)
	239	{
d02b48c6	240	ASN1_OBJECT *obj;
d02b48c6 RE	241	ex=X509_get_ext(x,i);
	242	if (BIO_printf(bp,"%12s","") <= 0) goto err;
	243	obj=X509_EXTENSION_get_object(ex);
	244	i2a_ASN1_OBJECT(bp,obj);
	245	j=X509_EXTENSION_get_critical(ex);
785cdf20	246	if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
d02b48c6	247	goto err;
8ca533e3	248	if(!X509V3_EXT_print(bp, ex, cflag, 16))
d02b48c6	249	{
785cdf20	250	BIO_printf(bp, "%16s", "");
08e9c1af	251	M_ASN1_OCTET_STRING_print(bp,ex->value);
d02b48c6 RE	252	}
	253	if (BIO_write(bp,"\n",1) <= 0) goto err;
	254	}
	255	}
	256
d0c98589 DSH	257	if(!(cflag & X509_FLAG_NO_SIGDUMP))
	258	{
	259	i=OBJ_obj2nid(x->sig_alg->algorithm);
	260	if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
	261	(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
d02b48c6	262
d0c98589 DSH	263	n=x->signature->length;
	264	s=(char *)x->signature->data;
	265	for (i=0; i<n; i++)
	266	{
	267	if ((i%18) == 0)
	268	if (BIO_write(bp,"\n ",9) <= 0) goto err;
	269	if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
	270	((i+1) == n)?"":":") <= 0) goto err;
	271	}
	272	if (BIO_write(bp,"\n",1) != 1) goto err;
	273	}
	274	if(!(cflag & X509_FLAG_NO_AUX))
d02b48c6	275	{
d0c98589	276	if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
d02b48c6	277	}
d02b48c6 RE	278	ret=1;
	279	err:
	280	if (str != NULL) ASN1_STRING_free(str);
26a3a48d	281	if (m != NULL) OPENSSL_free(m);
d02b48c6 RE	282	return(ret);
	283	}
	284
eb64730b RL	285	int X509_ocspid_print (BIO bp, X509 x)
	286	{
	287	unsigned char *der=NULL ;
	288	unsigned char *dertmp;
	289	int derlen;
	290	int i;
	291	SHA_CTX SHA1buf ;
	292	unsigned char SHA1md[SHA_DIGEST_LENGTH];
	293
	294	/* display the hash of the subject as it would appear
	295	in OCSP requests */
	296	if (BIO_printf(bp," Subject OCSP hash: ") <= 0)
	297	goto err;
	298	derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
	299	if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL)
	300	goto err;
	301	i2d_X509_NAME(x->cert_info->subject, &dertmp);
	302
	303	SHA1_Init(&SHA1buf);
	304	SHA1_Update(&SHA1buf, der, derlen);
	305	SHA1_Final(SHA1md,&SHA1buf);
	306	for (i=0; i < SHA_DIGEST_LENGTH; i++)
	307	{
	308	if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
	309	}
	310	OPENSSL_free (der);
	311	der=NULL;
	312
	313	/* display the hash of the public key as it would appear
	314	in OCSP requests */
	315	if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0)
	316	goto err;
	317
	318	SHA1_Init(&SHA1buf);
	319	SHA1_Update(&SHA1buf, x->cert_info->key->public_key->data,
	320	x->cert_info->key->public_key->length);
	321	SHA1_Final(SHA1md,&SHA1buf);
	322	for (i=0; i < SHA_DIGEST_LENGTH; i++)
	323	{
	324	if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
	325	goto err;
	326	}
	327	BIO_printf(bp,"\n");
	328
	329	return (1);
	330	err:
	331	if (der != NULL) OPENSSL_free(der);
	332	return(0);
	333	}
	334
6b691a5c	335	int ASN1_STRING_print(BIO bp, ASN1_STRING v)
d02b48c6 RE	336	{
	337	int i,n;
	338	char buf[80],*p;;
	339
	340	if (v == NULL) return(0);
	341	n=0;
	342	p=(char *)v->data;
	343	for (i=0; i<v->length; i++)
	344	{
	345	if ((p[i] > '~') \|\| ((p[i] < ' ') &&
	346	(p[i] != '\n') && (p[i] != '\r')))
	347	buf[n]='.';
	348	else
	349	buf[n]=p[i];
	350	n++;
	351	if (n >= 80)
	352	{
	353	if (BIO_write(bp,buf,n) <= 0)
	354	return(0);
	355	n=0;
	356	}
	357	}
	358	if (n > 0)
	359	if (BIO_write(bp,buf,n) <= 0)
	360	return(0);
	361	return(1);
	362	}
	363
6b691a5c	364	int ASN1_TIME_print(BIO bp, ASN1_TIME tm)
f6aed2cd DSH	365	{
	366	if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm);
	367	if(tm->type == V_ASN1_GENERALIZEDTIME)
	368	return ASN1_GENERALIZEDTIME_print(bp, tm);
	369	BIO_write(bp,"Bad time value",14);
	370	return(0);
	371	}
	372
e778802f BL	373	static const char *mon[12]=
	374	{
	375	"Jan","Feb","Mar","Apr","May","Jun",
	376	"Jul","Aug","Sep","Oct","Nov","Dec"
	377	};
f6aed2cd	378
6b691a5c	379	int ASN1_GENERALIZEDTIME_print(BIO bp, ASN1_GENERALIZEDTIME tm)
f6aed2cd DSH	380	{
	381	char *v;
	382	int gmt=0;
f6aed2cd DSH	383	int i;
	384	int y=0,M=0,d=0,h=0,m=0,s=0;
	385
	386	i=tm->length;
	387	v=(char *)tm->data;
	388
	389	if (i < 12) goto err;
	390	if (v[i-1] == 'Z') gmt=1;
	391	for (i=0; i<12; i++)
	392	if ((v[i] > '9') \|\| (v[i] < '0')) goto err;
	393	y= (v[0]-'0')1000+(v[1]-'0')100 + (v[2]-'0')*10+(v[3]-'0');
	394	M= (v[4]-'0')*10+(v[5]-'0');
	395	if ((M > 12) \|\| (M < 1)) goto err;
	396	d= (v[6]-'0')*10+(v[7]-'0');
	397	h= (v[8]-'0')*10+(v[9]-'0');
	398	m= (v[10]-'0')*10+(v[11]-'0');
	399	if ( (v[12] >= '0') && (v[12] <= '9') &&
	400	(v[13] >= '0') && (v[13] <= '9'))
	401	s= (v[12]-'0')*10+(v[13]-'0');
	402
	403	if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
	404	mon[M-1],d,h,m,s,y,(gmt)?" GMT":"") <= 0)
	405	return(0);
	406	else
	407	return(1);
	408	err:
	409	BIO_write(bp,"Bad time value",14);
	410	return(0);
	411	}
	412
6b691a5c	413	int ASN1_UTCTIME_print(BIO bp, ASN1_UTCTIME tm)
d02b48c6 RE	414	{
	415	char *v;
	416	int gmt=0;
d02b48c6 RE	417	int i;
	418	int y=0,M=0,d=0,h=0,m=0,s=0;
	419
	420	i=tm->length;
	421	v=(char *)tm->data;
	422
	423	if (i < 10) goto err;
	424	if (v[i-1] == 'Z') gmt=1;
	425	for (i=0; i<10; i++)
	426	if ((v[i] > '9') \|\| (v[i] < '0')) goto err;
	427	y= (v[0]-'0')*10+(v[1]-'0');
58964a49	428	if (y < 50) y+=100;
d02b48c6 RE	429	M= (v[2]-'0')*10+(v[3]-'0');
	430	if ((M > 12) \|\| (M < 1)) goto err;
	431	d= (v[4]-'0')*10+(v[5]-'0');
	432	h= (v[6]-'0')*10+(v[7]-'0');
	433	m= (v[8]-'0')*10+(v[9]-'0');
	434	if ( (v[10] >= '0') && (v[10] <= '9') &&
	435	(v[11] >= '0') && (v[11] <= '9'))
	436	s= (v[10]-'0')*10+(v[11]-'0');
	437
	438	if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
	439	mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"") <= 0)
	440	return(0);
	441	else
	442	return(1);
	443	err:
	444	BIO_write(bp,"Bad time value",14);
	445	return(0);
	446	}
	447
6b691a5c	448	int X509_NAME_print(BIO bp, X509_NAME name, int obase)
d02b48c6 RE	449	{
	450	char s,c;
	451	int ret=0,l,ll,i,first=1;
	452	char buf[256];
	453
	454	ll=80-2-obase;
	455
	456	s=X509_NAME_oneline(name,buf,256);
	457	s++; /* skip the first slash */
	458
	459	l=ll;
	460	c=s;
	461	for (;;)
	462	{
a53955d8	463	#ifndef CHARSET_EBCDIC
d02b48c6 RE	464	if ( ((*s == '/') &&
	465	((s[1] >= 'A') && (s[1] <= 'Z') && (
	466	(s[2] == '=') \|\|
	467	((s[2] >= 'A') && (s[2] <= 'Z') &&
	468	(s[3] == '='))
	469	))) \|\|
	470	(*s == '\0'))
a53955d8 UM	471	#else
	472	if ( ((*s == '/') &&
	473	(isupper(s[1]) && (
	474	(s[2] == '=') \|\|
	475	(isupper(s[2]) &&
	476	(s[3] == '='))
	477	))) \|\|
	478	(*s == '\0'))
	479	#endif
d02b48c6 RE	480	{
	481	if ((l <= 0) && !first)
	482	{
	483	first=0;
	484	if (BIO_write(bp,"\n",1) != 1) goto err;
	485	for (i=0; i<obase; i++)
	486	{
	487	if (BIO_write(bp," ",1) != 1) goto err;
	488	}
	489	l=ll;
	490	}
	491	i=s-c;
	492	if (BIO_write(bp,c,i) != i) goto err;
	493	c+=i;
	494	c++;
	495	if (*s != '\0')
	496	{
	497	if (BIO_write(bp,", ",2) != 2) goto err;
	498	}
	499	l--;
	500	}
	501	if (*s == '\0') break;
	502	s++;
	503	l--;
	504	}
	505
	506	ret=1;
	507	if (0)
	508	{
	509	err:
	510	X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
	511	}
	512	return(ret);
	513	}
	514