The tool now uses libgnutls' functions to print certificate
information. This avoids code duplication.
+** libgnutls: gnutls_x509_crt_print prints signature algorithm in oneline mode.
+
** API and ABI modifications:
No changes since last version.
addf (str, "issuer `%s', ", dn);
}
+ /* Key algorithm and size. */
{
int bits;
const char *name = gnutls_pk_algorithm_get_name
addf (str, "%s key %d bits, ", name, bits);
}
+ /* Signature Algorithm. */
+ {
+ int err;
+
+ err = gnutls_x509_crt_get_signature_algorithm (cert);
+ if (err < 0)
+ addf (str, "unknown signature algorithm (%s), ",
+ gnutls_strerror (err));
+ else
+ {
+ const char *name = gnutls_sign_algorithm_get_name (err);
+ if (name == NULL)
+ name = _("unknown");
+ if (err == GNUTLS_SIGN_RSA_MD5 || err == GNUTLS_SIGN_RSA_MD2)
+ addf (str, _("signed using %s (broken!), "), name);
+ else
+ addf (str, _("signed using %s, "), name);
+ }
+ }
+
/* Validity. */
{
time_t tim;