From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 27 Jul 2017 05:10:22 +0000 (+0200)
Subject: certtool: print signature algorithm in cert verification output
X-Git-Tag: gnutls_3_6_0~175
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=41ef006dddad5c09a8a645ae8713631f02b799e5;p=thirdparty%2Fgnutls.git

certtool: print signature algorithm in cert verification output

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---

diff --git a/src/certtool.c b/src/certtool.c
index 4e4f3277f3..3cddc3dd6f 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -1988,6 +1988,23 @@ void generate_request(common_info_st * cinfo)
 
 static void print_verification_res(FILE * outfile, unsigned int output);
 
+static const char *get_signature_algo(gnutls_x509_crt_t crt)
+{
+	int ret;
+	static char oid[128];
+
+	ret = gnutls_x509_crt_get_signature_algorithm(crt);
+	if (ret < 0 || ret == GNUTLS_SIGN_UNKNOWN) {
+		size_t oid_size = sizeof(oid);
+		ret = gnutls_x509_crt_get_signature_oid(crt, oid, &oid_size);
+		if (ret < 0)
+			return NULL;
+		return oid;
+	}
+
+	return gnutls_sign_get_name(ret);
+}
+
 static int detailed_verification(gnutls_x509_crt_t cert,
 				 gnutls_x509_crt_t issuer,
 				 gnutls_x509_crl_t crl,
@@ -2036,6 +2053,8 @@ static int detailed_verification(gnutls_x509_crt_t cert,
 		fprintf(outfile, "\tChecked against: %s\n", issuer_name.data);
 	}
 
+	fprintf(outfile, "\tSignature algorithm: %s\n", get_signature_algo(cert));
+
 	if (crl != NULL) {
 		gnutls_datum_t data;
 		gnutls_free(issuer_name.data);