X509V3_EXT_print() was being summoned to print extensions unrelated to
RPKI. The TODO wanted me to pick a suitable flag for extensions unknown
even to libcrypto.
For reference, this is how X509V3_EXT_print() prints an AIA, as a known
extension:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
This is how X509V3_EXT_print() prints the same AIA, as an unknown
extension, X509V3_EXT_PARSE_UNKNOWN enabled:
0:d=0 hl=2 l= 82 cons: SEQUENCE
2:d=1 hl=2 l= 80 cons: SEQUENCE
4:d=2 hl=2 l= 8 prim: OBJECT :CA Issuers
14:d=2 hl=2 l= 68 prim: cont [ 6 ]
This is how X509V3_EXT_print() prints the same AIA, as an unknown
extension, X509V3_EXT_DUMP_UNKNOWN enabled:
0000 - 30 52 30 50 06 08 2b 06-01 05 05 07 30 02 86 44 0R0P..+.....0..D
0010 - 72 73 79 6e 63 3a 2f 2f-72 70 6b 69 2e 72 69 70 rsync://rpki.rip
0020 - 65 2e 6e 65 74 2f 72 65-70 6f 73 69 74 6f 72 79 e.net/repository
0030 - 2f 61 63 61 2f 4b 70 53-6f 33 56 56 4b 35 77 45 /aca/KpSo3VVK5wE
0040 - 48 49 4a 6e 48 43 32 51-48 56 56 33 64 35 6d 6b HIJnHC2QHVV3d5mk
0050 - 2e 63 65 72 .cer
Eh. These are good and all, but they mess up the JSON, so I decided to
dump these as octet strings instead:
3052305006082b0601050507300286447273796e633a2f2f72706b692e726970
652e6e65742f7265706f7369746f72792f6163612f4b70536f3356564b357745
48494a6e484332514856563364356d6b2e636572
static json_t *
ext2json_unknown(X509_EXTENSION *ext)
{
- BIO *bio = BIO_new(BIO_s_mem());
- if (bio == NULL)
- return NULL;
-
- /* TODO Those flags are kinda interesting */
- if (!X509V3_EXT_print(bio, ext, 0, 0)) {
- BIO_free_all(bio);
- return NULL;
- }
-
- return bio2json(bio);
+ return asn1str2json(X509_EXTENSION_get_data(ext));
}
static json_t *
struct ContentInfo *ci = NULL;
unsigned char buffer[BUFFER_SIZE];
size_t consumed;
-// bool eof;
asn_dec_rval_t res;
-// eof = false;
do {
if (!BIO_read_ex(bio, buffer, BUFFER_SIZE, &consumed)) {
op_crypto_err("IO error.");
switch (res.code) {
case RC_OK:
-// if (!buf->eof)
-// pr_op_warn("File has trailing bytes.");
return ci;
case RC_WMORE:
-// if (buf->eof) {
-// pr_op_err("File ended prematurely.");
-// return NULL;
-// }
break;
case RC_FAIL: