diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libcrypto/asn1/t_x509.c | 62 |
1 files changed, 44 insertions, 18 deletions
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c index 7cf4557314..71f97a8214 100644 --- a/src/lib/libcrypto/asn1/t_x509.c +++ b/src/lib/libcrypto/asn1/t_x509.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t_x509.c,v 1.51 2025/02/08 03:41:36 tb Exp $ */ | 1 | /* $OpenBSD: t_x509.c,v 1.54 2025/07/01 06:46:39 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -65,13 +65,13 @@ | |||
| 65 | 65 | ||
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | #include <openssl/bio.h> | 67 | #include <openssl/bio.h> |
| 68 | #include <openssl/err.h> | ||
| 69 | #include <openssl/evp.h> | 68 | #include <openssl/evp.h> |
| 70 | #include <openssl/objects.h> | 69 | #include <openssl/objects.h> |
| 71 | #include <openssl/sha.h> | 70 | #include <openssl/sha.h> |
| 72 | #include <openssl/x509.h> | 71 | #include <openssl/x509.h> |
| 73 | #include <openssl/x509v3.h> | 72 | #include <openssl/x509v3.h> |
| 74 | 73 | ||
| 74 | #include "err_local.h" | ||
| 75 | #include "evp_local.h" | 75 | #include "evp_local.h" |
| 76 | #include "x509_local.h" | 76 | #include "x509_local.h" |
| 77 | 77 | ||
| @@ -106,6 +106,28 @@ X509_print(BIO *bp, X509 *x) | |||
| 106 | } | 106 | } |
| 107 | LCRYPTO_ALIAS(X509_print); | 107 | LCRYPTO_ALIAS(X509_print); |
| 108 | 108 | ||
| 109 | static int | ||
| 110 | x509_print_uids(BIO *bp, const X509 *x, int indent) | ||
| 111 | { | ||
| 112 | const ASN1_BIT_STRING *issuerUID = NULL, *subjectUID = NULL; | ||
| 113 | |||
| 114 | X509_get0_uids(x, &issuerUID, &subjectUID); | ||
| 115 | if (issuerUID != NULL) { | ||
| 116 | if (BIO_printf(bp, "%*sIssuer Unique ID: ", indent, "") <= 0) | ||
| 117 | return 0; | ||
| 118 | if (!X509_signature_dump(bp, issuerUID, indent + 4)) | ||
| 119 | return 0; | ||
| 120 | } | ||
| 121 | if (subjectUID != NULL) { | ||
| 122 | if (BIO_printf(bp, "%*sSubject Unique ID: ", indent, "") <= 0) | ||
| 123 | return 0; | ||
| 124 | if (!X509_signature_dump(bp, subjectUID, indent + 4)) | ||
| 125 | return 0; | ||
| 126 | } | ||
| 127 | |||
| 128 | return 1; | ||
| 129 | } | ||
| 130 | |||
| 109 | int | 131 | int |
| 110 | X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) | 132 | X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) |
| 111 | { | 133 | { |
| @@ -127,9 +149,9 @@ X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) | |||
| 127 | 149 | ||
| 128 | ci = x->cert_info; | 150 | ci = x->cert_info; |
| 129 | if (!(cflag & X509_FLAG_NO_HEADER)) { | 151 | if (!(cflag & X509_FLAG_NO_HEADER)) { |
| 130 | if (BIO_write(bp, "Certificate:\n", 13) <= 0) | 152 | if (BIO_printf(bp, "Certificate:\n") <= 0) |
| 131 | goto err; | 153 | goto err; |
| 132 | if (BIO_write(bp, " Data:\n", 10) <= 0) | 154 | if (BIO_printf(bp, " Data:\n") <= 0) |
| 133 | goto err; | 155 | goto err; |
| 134 | } | 156 | } |
| 135 | if (!(cflag & X509_FLAG_NO_VERSION)) { | 157 | if (!(cflag & X509_FLAG_NO_VERSION)) { |
| @@ -145,7 +167,7 @@ X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) | |||
| 145 | } | 167 | } |
| 146 | } | 168 | } |
| 147 | if (!(cflag & X509_FLAG_NO_SERIAL)) { | 169 | if (!(cflag & X509_FLAG_NO_SERIAL)) { |
| 148 | if (BIO_write(bp, " Serial Number:", 22) <= 0) | 170 | if (BIO_printf(bp, " Serial Number:") <= 0) |
| 149 | goto err; | 171 | goto err; |
| 150 | 172 | ||
| 151 | bs = X509_get_serialNumber(x); | 173 | bs = X509_get_serialNumber(x); |
| @@ -196,21 +218,21 @@ X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) | |||
| 196 | if (X509_NAME_print_ex(bp, X509_get_issuer_name(x), | 218 | if (X509_NAME_print_ex(bp, X509_get_issuer_name(x), |
| 197 | nmindent, nmflags) < (nmflags == X509_FLAG_COMPAT ? 1 : 0)) | 219 | nmindent, nmflags) < (nmflags == X509_FLAG_COMPAT ? 1 : 0)) |
| 198 | goto err; | 220 | goto err; |
| 199 | if (BIO_write(bp, "\n", 1) <= 0) | 221 | if (BIO_printf(bp, "\n") <= 0) |
| 200 | goto err; | 222 | goto err; |
| 201 | } | 223 | } |
| 202 | if (!(cflag & X509_FLAG_NO_VALIDITY)) { | 224 | if (!(cflag & X509_FLAG_NO_VALIDITY)) { |
| 203 | if (BIO_write(bp, " Validity\n", 17) <= 0) | 225 | if (BIO_printf(bp, " Validity\n") <= 0) |
| 204 | goto err; | 226 | goto err; |
| 205 | if (BIO_write(bp, " Not Before: ", 24) <= 0) | 227 | if (BIO_printf(bp, " Not Before: ") <= 0) |
| 206 | goto err; | 228 | goto err; |
| 207 | if (!ASN1_TIME_print(bp, X509_get_notBefore(x))) | 229 | if (!ASN1_TIME_print(bp, X509_get_notBefore(x))) |
| 208 | goto err; | 230 | goto err; |
| 209 | if (BIO_write(bp, "\n Not After : ", 25) <= 0) | 231 | if (BIO_printf(bp, "\n Not After : ") <= 0) |
| 210 | goto err; | 232 | goto err; |
| 211 | if (!ASN1_TIME_print(bp, X509_get_notAfter(x))) | 233 | if (!ASN1_TIME_print(bp, X509_get_notAfter(x))) |
| 212 | goto err; | 234 | goto err; |
| 213 | if (BIO_write(bp, "\n", 1) <= 0) | 235 | if (BIO_printf(bp, "\n") <= 0) |
| 214 | goto err; | 236 | goto err; |
| 215 | } | 237 | } |
| 216 | if (!(cflag & X509_FLAG_NO_SUBJECT)) { | 238 | if (!(cflag & X509_FLAG_NO_SUBJECT)) { |
| @@ -219,12 +241,11 @@ X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) | |||
| 219 | if (X509_NAME_print_ex(bp, X509_get_subject_name(x), | 241 | if (X509_NAME_print_ex(bp, X509_get_subject_name(x), |
| 220 | nmindent, nmflags) < (nmflags == X509_FLAG_COMPAT ? 1 : 0)) | 242 | nmindent, nmflags) < (nmflags == X509_FLAG_COMPAT ? 1 : 0)) |
| 221 | goto err; | 243 | goto err; |
| 222 | if (BIO_write(bp, "\n", 1) <= 0) | 244 | if (BIO_printf(bp, "\n") <= 0) |
| 223 | goto err; | 245 | goto err; |
| 224 | } | 246 | } |
| 225 | if (!(cflag & X509_FLAG_NO_PUBKEY)) { | 247 | if (!(cflag & X509_FLAG_NO_PUBKEY)) { |
| 226 | if (BIO_write(bp, " Subject Public Key Info:\n", | 248 | if (BIO_printf(bp, " Subject Public Key Info:\n") <= 0) |
| 227 | 33) <= 0) | ||
| 228 | goto err; | 249 | goto err; |
| 229 | if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0) | 250 | if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0) |
| 230 | goto err; | 251 | goto err; |
| @@ -243,6 +264,11 @@ X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) | |||
| 243 | } | 264 | } |
| 244 | } | 265 | } |
| 245 | 266 | ||
| 267 | if (!(cflag & X509_FLAG_NO_IDS)) { | ||
| 268 | if (!x509_print_uids(bp, x, 8)) | ||
| 269 | goto err; | ||
| 270 | } | ||
| 271 | |||
| 246 | if (!(cflag & X509_FLAG_NO_EXTENSIONS)) | 272 | if (!(cflag & X509_FLAG_NO_EXTENSIONS)) |
| 247 | X509V3_extensions_print(bp, "X509v3 extensions", | 273 | X509V3_extensions_print(bp, "X509v3 extensions", |
| 248 | ci->extensions, cflag, 8); | 274 | ci->extensions, cflag, 8); |
| @@ -325,7 +351,7 @@ X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent) | |||
| 325 | s = sig->data; | 351 | s = sig->data; |
| 326 | for (i = 0; i < n; i++) { | 352 | for (i = 0; i < n; i++) { |
| 327 | if ((i % 18) == 0) { | 353 | if ((i % 18) == 0) { |
| 328 | if (BIO_write(bp, "\n", 1) <= 0) | 354 | if (BIO_printf(bp, "\n") <= 0) |
| 329 | return 0; | 355 | return 0; |
| 330 | if (BIO_indent(bp, indent, indent) <= 0) | 356 | if (BIO_indent(bp, indent, indent) <= 0) |
| 331 | return 0; | 357 | return 0; |
| @@ -334,7 +360,7 @@ X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent) | |||
| 334 | ((i + 1) == n) ? "" : ":") <= 0) | 360 | ((i + 1) == n) ? "" : ":") <= 0) |
| 335 | return 0; | 361 | return 0; |
| 336 | } | 362 | } |
| 337 | if (BIO_write(bp, "\n", 1) != 1) | 363 | if (BIO_printf(bp, "\n") != 1) |
| 338 | return 0; | 364 | return 0; |
| 339 | 365 | ||
| 340 | return 1; | 366 | return 1; |
| @@ -375,7 +401,7 @@ ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm) | |||
| 375 | return ASN1_UTCTIME_print(bp, tm); | 401 | return ASN1_UTCTIME_print(bp, tm); |
| 376 | if (tm->type == V_ASN1_GENERALIZEDTIME) | 402 | if (tm->type == V_ASN1_GENERALIZEDTIME) |
| 377 | return ASN1_GENERALIZEDTIME_print(bp, tm); | 403 | return ASN1_GENERALIZEDTIME_print(bp, tm); |
| 378 | BIO_write(bp, "Bad time value", 14); | 404 | BIO_printf(bp, "Bad time value"); |
| 379 | return (0); | 405 | return (0); |
| 380 | } | 406 | } |
| 381 | LCRYPTO_ALIAS(ASN1_TIME_print); | 407 | LCRYPTO_ALIAS(ASN1_TIME_print); |
| @@ -435,7 +461,7 @@ ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm) | |||
| 435 | return (1); | 461 | return (1); |
| 436 | 462 | ||
| 437 | err: | 463 | err: |
| 438 | BIO_write(bp, "Bad time value", 14); | 464 | BIO_printf(bp, "Bad time value"); |
| 439 | return (0); | 465 | return (0); |
| 440 | } | 466 | } |
| 441 | LCRYPTO_ALIAS(ASN1_GENERALIZEDTIME_print); | 467 | LCRYPTO_ALIAS(ASN1_GENERALIZEDTIME_print); |
| @@ -479,7 +505,7 @@ ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm) | |||
| 479 | return (1); | 505 | return (1); |
| 480 | 506 | ||
| 481 | err: | 507 | err: |
| 482 | BIO_write(bp, "Bad time value", 14); | 508 | BIO_printf(bp, "Bad time value"); |
| 483 | return (0); | 509 | return (0); |
| 484 | } | 510 | } |
| 485 | LCRYPTO_ALIAS(ASN1_UTCTIME_print); | 511 | LCRYPTO_ALIAS(ASN1_UTCTIME_print); |