certtool: print signature algorithm in cert verification output

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/src/certtool.c b/src/certtool.c
index 4e4f3277f3da3f72b5f9d3cf020f6a6f76f9ac15..3cddc3dd6ff2859de7320cb8559b99020e368a54 100644 (file)
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -1988,6 +1988,23 @@ void generate_request(common_info_st * cinfo)
 
 static void print_verification_res(FILE * outfile, unsigned int output);
 
+static const char *get_signature_algo(gnutls_x509_crt_t crt)
+{
+       int ret;
+       static char oid[128];
+
+       ret = gnutls_x509_crt_get_signature_algorithm(crt);
+       if (ret < 0 || ret == GNUTLS_SIGN_UNKNOWN) {
+               size_t oid_size = sizeof(oid);
+               ret = gnutls_x509_crt_get_signature_oid(crt, oid, &oid_size);
+               if (ret < 0)
+                       return NULL;
+               return oid;
+       }
+
+       return gnutls_sign_get_name(ret);
+}
+
 static int detailed_verification(gnutls_x509_crt_t cert,
                                 gnutls_x509_crt_t issuer,
                                 gnutls_x509_crl_t crl,
@@ -2036,6 +2053,8 @@ static int detailed_verification(gnutls_x509_crt_t cert,
                fprintf(outfile, "\tChecked against: %s\n", issuer_name.data);
        }
 
+       fprintf(outfile, "\tSignature algorithm: %s\n", get_signature_algo(cert));
+
        if (crl != NULL) {
                gnutls_datum_t data;
                gnutls_free(issuer_name.data);