1 files changed, 270 insertions, 154 deletions
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
index b10fbbb992..5de4833ed0 100644
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -58,21 +58,25 @@
 #include <stdio.h>
 #include "cryptlib.h"
-#include "buffer.h"
+#include <openssl/buffer.h>
-#include "bn.h"
+#include <openssl/bn.h>
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
-#include "rsa.h"
+#include <openssl/rsa.h>
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
-#include "dsa.h"
+#include <openssl/dsa.h>
 #endif
-#include "objects.h"
+#include <openssl/objects.h>
-#include "x509.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
-#ifndef NO_FP_API
+#ifndef OPENSSL_NO_FP_API
-int X509_print_fp(fp,x)
+int X509_print_fp(FILE *fp, X509 *x)
-FILE *fp;
+        {
-X509 *x;
+        return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
+        }
+int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag)
        {
        BIO *b;
        int ret;
@@ -83,179 +87,238 @@ X509 *x;
                return(0);
                }
        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=X509_print(b, x);
+        ret=X509_print_ex(b, x, nmflag, cflag);
        BIO_free(b);
        return(ret);
        }
 #endif
-int X509_print(bp,x)
+int X509_print(BIO *bp, X509 *x)
-BIO *bp;
+{
-X509 *x;
+        return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
+}
+int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
        {
        long l;
-        int ret=0,i,j,n;
+        int ret=0,i;
-        char *m=NULL,*s;
+        char *m=NULL,mlch = ' ';
+        int nmindent = 0;
        X509_CINF *ci;
        ASN1_INTEGER *bs;
        EVP_PKEY *pkey=NULL;
-        char *neg;
+        const char *neg;
-        X509_EXTENSION *ex;
        ASN1_STRING *str=NULL;
+        if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
+                        mlch = '\n';
+                        nmindent = 12;
+        }
+        if(nmflags == X509_FLAG_COMPAT)
+                nmindent = 16;
        ci=x->cert_info;
-        if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
+        if(!(cflag & X509_FLAG_NO_HEADER))
-        if (BIO_write(bp,"    Data:\n",10) <= 0) goto err;
-        l=X509_get_version(x);
-        if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
-        if (BIO_write(bp,"        Serial Number:",22) <= 0) goto err;
-        bs=X509_get_serialNumber(x);
-        if (bs->length <= 4)
                {
-                l=ASN1_INTEGER_get(bs);
+                if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
-                if (l < 0)
+                if (BIO_write(bp,"    Data:\n",10) <= 0) goto err;
-                        {
-                        l= -l;
-                        neg="-";
-                        }
-                else
-                        neg="";
-                if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
-                        goto err;
                }
-        else
+        if(!(cflag & X509_FLAG_NO_VERSION))
+                {
+                l=X509_get_version(x);
+                if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
+                }
+        if(!(cflag & X509_FLAG_NO_SERIAL))
                {
-                neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
-                if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
-                for (i=0; i<bs->length; i++)
+                if (BIO_write(bp,"        Serial Number:",22) <= 0) goto err;
+                bs=X509_get_serialNumber(x);
+                if (bs->length <= 4)
                        {
-                        if (BIO_printf(bp,"%02x%c",bs->data[i],
+                        l=ASN1_INTEGER_get(bs);
-                                ((i+1 == bs->length)?'\n':':')) <= 0)
+                        if (l < 0)
+                                {
+                                l= -l;
+                                neg="-";
+                                }
+                        else
+                                neg="";
+                        if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
                                goto err;
                        }
-                }
+                else
+                        {
+                        neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
+                        if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
-        i=OBJ_obj2nid(ci->signature->algorithm);
+                        for (i=0; i<bs->length; i++)
-        if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
+                                {
-                (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
+                                if (BIO_printf(bp,"%02x%c",bs->data[i],
-                goto err;
+                                        ((i+1 == bs->length)?'\n':':')) <= 0)
+                                        goto err;
+                                }
+                        }
-        if (BIO_write(bp,"        Issuer: ",16) <= 0) goto err;
+                }
-        if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err;
-        if (BIO_write(bp,"\n        Validity\n",18) <= 0) goto err;
-        if (BIO_write(bp,"            Not Before: ",24) <= 0) goto err;
-        if (!ASN1_UTCTIME_print(bp,X509_get_notBefore(x))) goto err;
-        if (BIO_write(bp,"\n            Not After : ",25) <= 0) goto err;
-        if (!ASN1_UTCTIME_print(bp,X509_get_notAfter(x))) goto err;
-        if (BIO_write(bp,"\n        Subject: ",18) <= 0) goto err;
-        if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
-        if (BIO_write(bp,"\n        Subject Public Key Info:\n",34) <= 0)
-                goto err;
-        i=OBJ_obj2nid(ci->key->algor->algorithm);
-        if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
-                (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
-        pkey=X509_get_pubkey(x);
+        if(!(cflag & X509_FLAG_NO_SIGNAME))
-#ifndef NO_RSA
-        if (pkey->type == EVP_PKEY_RSA)
                {
-                BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
+                if (BIO_printf(bp,"%8sSignature Algorithm: ","") <= 0) 
-                BN_num_bits(pkey->pkey.rsa->n));
+                        goto err;
-                RSA_print(bp,pkey->pkey.rsa,16);
+                if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
+                        goto err;
+                if (BIO_puts(bp, "\n") <= 0)
+                        goto err;
                }
-        else
-#endif
+        if(!(cflag & X509_FLAG_NO_ISSUER))
-#ifndef NO_DSA
-        if (pkey->type == EVP_PKEY_DSA)
                {
-                BIO_printf(bp,"%12sDSA Public Key:\n","");
+                if (BIO_printf(bp,"        Issuer:%c",mlch) <= 0) goto err;
-                DSA_print(bp,pkey->pkey.dsa,16);
+                if (X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags) < 0) goto err;
+                if (BIO_write(bp,"\n",1) <= 0) goto err;
                }
-        else
+        if(!(cflag & X509_FLAG_NO_VALIDITY))
-#endif
-                BIO_printf(bp,"%12sDSA Public Key:\n","");
-        n=X509_get_ext_count(x);
-        if (n > 0)
                {
-                BIO_printf(bp,"%8sX509v3 extensions:\n","");
+                if (BIO_write(bp,"        Validity\n",17) <= 0) goto err;
-                for (i=0; i<n; i++)
+                if (BIO_write(bp,"            Not Before: ",24) <= 0) goto err;
-                        {
+                if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
-                        int data_type,pack_type;
+                if (BIO_write(bp,"\n            Not After : ",25) <= 0) goto err;
-                        ASN1_OBJECT *obj;
+                if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
+                if (BIO_write(bp,"\n",1) <= 0) goto err;
-                        ex=X509_get_ext(x,i);
+                }
-                        if (BIO_printf(bp,"%12s","") <= 0) goto err;
+        if(!(cflag & X509_FLAG_NO_SUBJECT))
-                        obj=X509_EXTENSION_get_object(ex);
+                {
-                        i2a_ASN1_OBJECT(bp,obj);
+                if (BIO_printf(bp,"        Subject:%c",mlch) <= 0) goto err;
-                        j=X509_EXTENSION_get_critical(ex);
+                if (X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags) < 0) goto err;
-                        if (BIO_printf(bp,": %s\n%16s",j?"critical":"","") <= 0)
+                if (BIO_write(bp,"\n",1) <= 0) goto err;
-                                goto err;
+                }
+        if(!(cflag & X509_FLAG_NO_PUBKEY))
+                {
+                if (BIO_write(bp,"        Subject Public Key Info:\n",33) <= 0)
+                        goto err;
+                if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
+                        goto err;
+                if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
+                        goto err;
+                if (BIO_puts(bp, "\n") <= 0)
+                        goto err;
-                        pack_type=X509v3_pack_type_by_OBJ(obj);
+                pkey=X509_get_pubkey(x);
-                        data_type=X509v3_data_type_by_OBJ(obj);
+                if (pkey == NULL)
-                        
+                        {
-                        if (pack_type == X509_EXT_PACK_STRING)
+                        BIO_printf(bp,"%12sUnable to load Public Key\n","");
-                                {
+                        ERR_print_errors(bp);
-                                if (X509v3_unpack_string(
+                        }
-                                        &str,data_type,
+                else
-                                        X509_EXTENSION_get_data(ex)) == NULL)
+#ifndef OPENSSL_NO_RSA
-                                        {
+                if (pkey->type == EVP_PKEY_RSA)
-                                        /* hmm... */
+                        {
-                                        goto err;
+                        BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
-                                        }
+                        BN_num_bits(pkey->pkey.rsa->n));
-                                if (    (data_type == V_ASN1_IA5STRING) ||
+                        RSA_print(bp,pkey->pkey.rsa,16);
-                                        (data_type == V_ASN1_PRINTABLESTRING) ||
+                        }
-                                        (data_type == V_ASN1_T61STRING))
+                else
-                                        {
+#endif
-                                        if (BIO_write(bp,(char *)str->data,
+#ifndef OPENSSL_NO_DSA
-                                                        str->length) <= 0)
+                if (pkey->type == EVP_PKEY_DSA)
-                                                goto err;
+                        {
-                                        }
+                        BIO_printf(bp,"%12sDSA Public Key:\n","");
-                                else if (data_type == V_ASN1_BIT_STRING)
+                        DSA_print(bp,pkey->pkey.dsa,16);
-                                        {
-                                        BIO_printf(bp,"0x");
-                                        for (j=0; j<str->length; j++)
-                                                {
-                                                BIO_printf(bp,"%02X",
-                                                        str->data[j]);
-                                                }
-                                        }
-                                }
-                        else
-                                {
-                                ASN1_OCTET_STRING_print(bp,ex->value);
-                                }
-                        if (BIO_write(bp,"\n",1) <= 0) goto err;
                        }
+                else
+#endif
+                        BIO_printf(bp,"%12sUnknown Public Key:\n","");
+                EVP_PKEY_free(pkey);
                }
-        i=OBJ_obj2nid(x->sig_alg->algorithm);
+        if (!(cflag & X509_FLAG_NO_EXTENSIONS))
-        if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
+                X509V3_extensions_print(bp, "X509v3 extensions",
-                (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
+                                        ci->extensions, cflag, 8);
-        n=x->signature->length;
+        if(!(cflag & X509_FLAG_NO_SIGDUMP))
-        s=(char *)x->signature->data;
-        for (i=0; i<n; i++)
                {
-                if ((i%18) == 0)
+                if(X509_signature_print(bp, x->sig_alg, x->signature) <= 0) goto err;
-                        if (BIO_write(bp,"\n        ",9) <= 0) goto err;
+                }
-                if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
+        if(!(cflag & X509_FLAG_NO_AUX))
-                        ((i+1) == n)?"":":") <= 0) goto err;
+                {
+                if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
                }
-        if (BIO_write(bp,"\n",1) != 1) goto err;
        ret=1;
 err:
        if (str != NULL) ASN1_STRING_free(str);
-        if (m != NULL) Free((char *)m);
+        if (m != NULL) OPENSSL_free(m);
        return(ret);
        }
-int ASN1_STRING_print(bp,v)
+int X509_ocspid_print (BIO *bp, X509 *x)
-BIO *bp;
+        {
-ASN1_STRING *v;
+        unsigned char *der=NULL ;
+        unsigned char *dertmp;
+        int derlen;
+        int i;
+        unsigned char SHA1md[SHA_DIGEST_LENGTH];
+        /* display the hash of the subject as it would appear
+           in OCSP requests */
+        if (BIO_printf(bp,"        Subject OCSP hash: ") <= 0)
+                goto err;
+        derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
+        if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL)
+                goto err;
+        i2d_X509_NAME(x->cert_info->subject, &dertmp);
+        EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL);
+        for (i=0; i < SHA_DIGEST_LENGTH; i++)
+                {
+                if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
+                }
+        OPENSSL_free (der);
+        der=NULL;
+        /* display the hash of the public key as it would appear
+           in OCSP requests */
+        if (BIO_printf(bp,"\n        Public key OCSP hash: ") <= 0)
+                goto err;
+        EVP_Digest(x->cert_info->key->public_key->data,
+                x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL);
+        for (i=0; i < SHA_DIGEST_LENGTH; i++)
+                {
+                if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
+                        goto err;
+                }
+        BIO_printf(bp,"\n");
+        return (1);
+err:
+        if (der != NULL) OPENSSL_free(der);
+        return(0);
+        }
+int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
+{
+        unsigned char *s;
+        int i, n;
+        if (BIO_puts(bp,"    Signature Algorithm: ") <= 0) return 0;
+        if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0;
+        n=sig->length;
+        s=sig->data;
+        for (i=0; i<n; i++)
+                {
+                if ((i%18) == 0)
+                        if (BIO_write(bp,"\n        ",9) <= 0) return 0;
+                        if (BIO_printf(bp,"%02x%s",s[i],
+                                ((i+1) == n)?"":":") <= 0) return 0;
+                }
+        if (BIO_write(bp,"\n",1) != 1) return 0;
+        return 1;
+}
+int ASN1_STRING_print(BIO *bp, ASN1_STRING *v)
        {
        int i,n;
        char buf[80],*p;;
@@ -284,15 +347,59 @@ ASN1_STRING *v;
        return(1);
        }
-int ASN1_UTCTIME_print(bp,tm)
+int ASN1_TIME_print(BIO *bp, ASN1_TIME *tm)
-BIO *bp;
+{
-ASN1_UTCTIME *tm;
+        if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm);
+        if(tm->type == V_ASN1_GENERALIZEDTIME)
+                                return ASN1_GENERALIZEDTIME_print(bp, tm);
+        BIO_write(bp,"Bad time value",14);
+        return(0);
+}
+static const char *mon[12]=
+    {
+    "Jan","Feb","Mar","Apr","May","Jun",
+    "Jul","Aug","Sep","Oct","Nov","Dec"
+    };
+int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm)
+        {
+        char *v;
+        int gmt=0;
+        int i;
+        int y=0,M=0,d=0,h=0,m=0,s=0;
+        i=tm->length;
+        v=(char *)tm->data;
+        if (i < 12) goto err;
+        if (v[i-1] == 'Z') gmt=1;
+        for (i=0; i<12; i++)
+                if ((v[i] > '9') || (v[i] < '0')) goto err;
+        y= (v[0]-'0')*1000+(v[1]-'0')*100 + (v[2]-'0')*10+(v[3]-'0');
+        M= (v[4]-'0')*10+(v[5]-'0');
+        if ((M > 12) || (M < 1)) goto err;
+        d= (v[6]-'0')*10+(v[7]-'0');
+        h= (v[8]-'0')*10+(v[9]-'0');
+        m=  (v[10]-'0')*10+(v[11]-'0');
+        if (    (v[12] >= '0') && (v[12] <= '9') &&
+                (v[13] >= '0') && (v[13] <= '9'))
+                s=  (v[12]-'0')*10+(v[13]-'0');
+        if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
+                mon[M-1],d,h,m,s,y,(gmt)?" GMT":"") <= 0)
+                return(0);
+        else
+                return(1);
+err:
+        BIO_write(bp,"Bad time value",14);
+        return(0);
+        }
+int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm)
        {
        char *v;
        int gmt=0;
-        static char *mon[12]={
-                "Jan","Feb","Mar","Apr","May","Jun",
-                "Jul","Aug","Sep","Oct","Nov","Dec"};
        int i;
        int y=0,M=0,d=0,h=0,m=0,s=0;
@@ -324,10 +431,7 @@ err:
        return(0);
        }
-int X509_NAME_print(bp,name,obase)
+int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
-BIO *bp;
-X509_NAME *name;
-int obase;
        {
        char *s,*c;
        int ret=0,l,ll,i,first=1;
@@ -336,12 +440,15 @@ int obase;
        ll=80-2-obase;
        s=X509_NAME_oneline(name,buf,256);
+        if (!*s)
+                return 1;
        s++; /* skip the first slash */
        l=ll;
        c=s;
        for (;;)
                {
+#ifndef CHARSET_EBCDIC
                if (    ((*s == '/') &&
                                ((s[1] >= 'A') && (s[1] <= 'Z') && (
                                        (s[2] == '=') ||
@@ -349,6 +456,15 @@ int obase;
                                        (s[3] == '='))
                                 ))) ||
                        (*s == '\0'))
+#else
+                if (    ((*s == '/') &&
+                                (isupper(s[1]) && (
+                                        (s[2] == '=') ||
+                                        (isupper(s[2]) &&
+                                        (s[3] == '='))
+                                 ))) ||
+                        (*s == '\0'))
+#endif
                        {
                        if ((l <= 0) && !first)
                                {

diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c index b10fbbb992..5de4833ed0 100644 --- a/src/lib/libcrypto/asn1/t_x509.c +++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -58,21 +58,25 @@
58		58
59	#include <stdio.h>	59	#include <stdio.h>
60	#include "cryptlib.h"	60	#include "cryptlib.h"
61	#include "buffer.h"	61	#include <openssl/buffer.h>
62	#include "bn.h"	62	#include <openssl/bn.h>
63	#ifndef NO_RSA	63	#ifndef OPENSSL_NO_RSA
64	#include "rsa.h"	64	#include <openssl/rsa.h>
65	#endif	65	#endif
66	#ifndef NO_DSA	66	#ifndef OPENSSL_NO_DSA
67	#include "dsa.h"	67	#include <openssl/dsa.h>
68	#endif	68	#endif
69	#include "objects.h"	69	#include <openssl/objects.h>
70	#include "x509.h"	70	#include <openssl/x509.h>
		71	#include <openssl/x509v3.h>
71		72
72	#ifndef NO_FP_API	73	#ifndef OPENSSL_NO_FP_API
73	int X509_print_fp(fp,x)	74	int X509_print_fp(FILE fp, X509 x)
74	FILE *fp;	75	{
75	X509 *x;	76	return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
		77	}
		78
		79	int X509_print_ex_fp(FILE fp, X509 x, unsigned long nmflag, unsigned long cflag)
76	{	80	{
77	BIO *b;	81	BIO *b;
78	int ret;	82	int ret;
@@ -83,179 +87,238 @@ X509 *x;
83	return(0);	87	return(0);
84	}	88	}
85	BIO_set_fp(b,fp,BIO_NOCLOSE);	89	BIO_set_fp(b,fp,BIO_NOCLOSE);
86	ret=X509_print(b, x);	90	ret=X509_print_ex(b, x, nmflag, cflag);
87	BIO_free(b);	91	BIO_free(b);
88	return(ret);	92	return(ret);
89	}	93	}
90	#endif	94	#endif
91		95
92	int X509_print(bp,x)	96	int X509_print(BIO bp, X509 x)
93	BIO *bp;	97	{
94	X509 *x;	98	return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
		99	}
		100
		101	int X509_print_ex(BIO bp, X509 x, unsigned long nmflags, unsigned long cflag)
95	{	102	{
96	long l;	103	long l;
97	int ret=0,i,j,n;	104	int ret=0,i;
98	char m=NULL,s;	105	char *m=NULL,mlch = ' ';
		106	int nmindent = 0;
99	X509_CINF *ci;	107	X509_CINF *ci;
100	ASN1_INTEGER *bs;	108	ASN1_INTEGER *bs;
101	EVP_PKEY *pkey=NULL;	109	EVP_PKEY *pkey=NULL;
102	char *neg;	110	const char *neg;
103	X509_EXTENSION *ex;
104	ASN1_STRING *str=NULL;	111	ASN1_STRING *str=NULL;
105		112
		113	if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
		114	mlch = '\n';
		115	nmindent = 12;
		116	}
		117
		118	if(nmflags == X509_FLAG_COMPAT)
		119	nmindent = 16;
		120
106	ci=x->cert_info;	121	ci=x->cert_info;
107	if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;	122	if(!(cflag & X509_FLAG_NO_HEADER))
108	if (BIO_write(bp," Data:\n",10) <= 0) goto err;
109	l=X509_get_version(x);
110	if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
111	if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
112
113	bs=X509_get_serialNumber(x);
114	if (bs->length <= 4)
115	{	123	{
116	l=ASN1_INTEGER_get(bs);	124	if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
117	if (l < 0)	125	if (BIO_write(bp," Data:\n",10) <= 0) goto err;
118	{
119	l= -l;
120	neg="-";
121	}
122	else
123	neg="";
124	if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
125	goto err;
126	}	126	}
127	else	127	if(!(cflag & X509_FLAG_NO_VERSION))
		128	{
		129	l=X509_get_version(x);
		130	if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
		131	}
		132	if(!(cflag & X509_FLAG_NO_SERIAL))
128	{	133	{
129	neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
130	if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
131		134
132	for (i=0; i<bs->length; i++)	135	if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
		136
		137	bs=X509_get_serialNumber(x);
		138	if (bs->length <= 4)
133	{	139	{
134	if (BIO_printf(bp,"%02x%c",bs->data[i],	140	l=ASN1_INTEGER_get(bs);
135	((i+1 == bs->length)?'\n':':')) <= 0)	141	if (l < 0)
		142	{
		143	l= -l;
		144	neg="-";
		145	}
		146	else
		147	neg="";
		148	if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
136	goto err;	149	goto err;
137	}	150	}
138	}	151	else
		152	{
		153	neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
		154	if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
139		155
140	i=OBJ_obj2nid(ci->signature->algorithm);	156	for (i=0; i<bs->length; i++)
141	if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",	157	{
142	(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)	158	if (BIO_printf(bp,"%02x%c",bs->data[i],
143	goto err;	159	((i+1 == bs->length)?'\n':':')) <= 0)
		160	goto err;
		161	}
		162	}
144		163
145	if (BIO_write(bp," Issuer: ",16) <= 0) goto err;	164	}
146	if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err;
147	if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err;
148	if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
149	if (!ASN1_UTCTIME_print(bp,X509_get_notBefore(x))) goto err;
150	if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
151	if (!ASN1_UTCTIME_print(bp,X509_get_notAfter(x))) goto err;
152	if (BIO_write(bp,"\n Subject: ",18) <= 0) goto err;
153	if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
154	if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0)
155	goto err;
156	i=OBJ_obj2nid(ci->key->algor->algorithm);
157	if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
158	(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
159		165
160	pkey=X509_get_pubkey(x);	166	if(!(cflag & X509_FLAG_NO_SIGNAME))
161	#ifndef NO_RSA
162	if (pkey->type == EVP_PKEY_RSA)
163	{	167	{
164	BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",	168	if (BIO_printf(bp,"%8sSignature Algorithm: ","") <= 0)
165	BN_num_bits(pkey->pkey.rsa->n));	169	goto err;
166	RSA_print(bp,pkey->pkey.rsa,16);	170	if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
		171	goto err;
		172	if (BIO_puts(bp, "\n") <= 0)
		173	goto err;
167	}	174	}
168	else	175
169	#endif	176	if(!(cflag & X509_FLAG_NO_ISSUER))
170	#ifndef NO_DSA
171	if (pkey->type == EVP_PKEY_DSA)
172	{	177	{
173	BIO_printf(bp,"%12sDSA Public Key:\n","");	178	if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err;
174	DSA_print(bp,pkey->pkey.dsa,16);	179	if (X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags) < 0) goto err;
		180	if (BIO_write(bp,"\n",1) <= 0) goto err;
175	}	181	}
176	else	182	if(!(cflag & X509_FLAG_NO_VALIDITY))
177	#endif
178	BIO_printf(bp,"%12sDSA Public Key:\n","");
179
180	n=X509_get_ext_count(x);
181	if (n > 0)
182	{	183	{
183	BIO_printf(bp,"%8sX509v3 extensions:\n","");	184	if (BIO_write(bp," Validity\n",17) <= 0) goto err;
184	for (i=0; i<n; i++)	185	if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
185	{	186	if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
186	int data_type,pack_type;	187	if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
187	ASN1_OBJECT *obj;	188	if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
188		189	if (BIO_write(bp,"\n",1) <= 0) goto err;
189	ex=X509_get_ext(x,i);	190	}
190	if (BIO_printf(bp,"%12s","") <= 0) goto err;	191	if(!(cflag & X509_FLAG_NO_SUBJECT))
191	obj=X509_EXTENSION_get_object(ex);	192	{
192	i2a_ASN1_OBJECT(bp,obj);	193	if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err;
193	j=X509_EXTENSION_get_critical(ex);	194	if (X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags) < 0) goto err;
194	if (BIO_printf(bp,": %s\n%16s",j?"critical":"","") <= 0)	195	if (BIO_write(bp,"\n",1) <= 0) goto err;
195	goto err;	196	}
		197	if(!(cflag & X509_FLAG_NO_PUBKEY))
		198	{
		199	if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0)
		200	goto err;
		201	if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
		202	goto err;
		203	if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
		204	goto err;
		205	if (BIO_puts(bp, "\n") <= 0)
		206	goto err;
196		207
197	pack_type=X509v3_pack_type_by_OBJ(obj);	208	pkey=X509_get_pubkey(x);
198	data_type=X509v3_data_type_by_OBJ(obj);	209	if (pkey == NULL)
199		210	{
200	if (pack_type == X509_EXT_PACK_STRING)	211	BIO_printf(bp,"%12sUnable to load Public Key\n","");
201	{	212	ERR_print_errors(bp);
202	if (X509v3_unpack_string(	213	}
203	&str,data_type,	214	else
204	X509_EXTENSION_get_data(ex)) == NULL)	215	#ifndef OPENSSL_NO_RSA
205	{	216	if (pkey->type == EVP_PKEY_RSA)
206	/* hmm... */	217	{
207	goto err;	218	BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
208	}	219	BN_num_bits(pkey->pkey.rsa->n));
209	if ( (data_type == V_ASN1_IA5STRING) \|\|	220	RSA_print(bp,pkey->pkey.rsa,16);
210	(data_type == V_ASN1_PRINTABLESTRING) \|\|	221	}
211	(data_type == V_ASN1_T61STRING))	222	else
212	{	223	#endif
213	if (BIO_write(bp,(char *)str->data,	224	#ifndef OPENSSL_NO_DSA
214	str->length) <= 0)	225	if (pkey->type == EVP_PKEY_DSA)
215	goto err;	226	{
216	}	227	BIO_printf(bp,"%12sDSA Public Key:\n","");
217	else if (data_type == V_ASN1_BIT_STRING)	228	DSA_print(bp,pkey->pkey.dsa,16);
218	{
219	BIO_printf(bp,"0x");
220	for (j=0; j<str->length; j++)
221	{
222	BIO_printf(bp,"%02X",
223	str->data[j]);
224	}
225	}
226	}
227	else
228	{
229	ASN1_OCTET_STRING_print(bp,ex->value);
230	}
231	if (BIO_write(bp,"\n",1) <= 0) goto err;
232	}	229	}
		230	else
		231	#endif
		232	BIO_printf(bp,"%12sUnknown Public Key:\n","");
		233
		234	EVP_PKEY_free(pkey);
233	}	235	}
234		236
235	i=OBJ_obj2nid(x->sig_alg->algorithm);	237	if (!(cflag & X509_FLAG_NO_EXTENSIONS))
236	if (BIO_printf(bp,"%4sSignature Algorithm: %s","",	238	X509V3_extensions_print(bp, "X509v3 extensions",
237	(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;	239	ci->extensions, cflag, 8);
238		240
239	n=x->signature->length;	241	if(!(cflag & X509_FLAG_NO_SIGDUMP))
240	s=(char *)x->signature->data;
241	for (i=0; i<n; i++)
242	{	242	{
243	if ((i%18) == 0)	243	if(X509_signature_print(bp, x->sig_alg, x->signature) <= 0) goto err;
244	if (BIO_write(bp,"\n ",9) <= 0) goto err;	244	}
245	if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],	245	if(!(cflag & X509_FLAG_NO_AUX))
246	((i+1) == n)?"":":") <= 0) goto err;	246	{
		247	if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
247	}	248	}
248	if (BIO_write(bp,"\n",1) != 1) goto err;
249	ret=1;	249	ret=1;
250	err:	250	err:
251	if (str != NULL) ASN1_STRING_free(str);	251	if (str != NULL) ASN1_STRING_free(str);
252	if (m != NULL) Free((char *)m);	252	if (m != NULL) OPENSSL_free(m);
253	return(ret);	253	return(ret);
254	}	254	}
255		255
256	int ASN1_STRING_print(bp,v)	256	int X509_ocspid_print (BIO bp, X509 x)
257	BIO *bp;	257	{
258	ASN1_STRING *v;	258	unsigned char *der=NULL ;
		259	unsigned char *dertmp;
		260	int derlen;
		261	int i;
		262	unsigned char SHA1md[SHA_DIGEST_LENGTH];
		263
		264	/* display the hash of the subject as it would appear
		265	in OCSP requests */
		266	if (BIO_printf(bp," Subject OCSP hash: ") <= 0)
		267	goto err;
		268	derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
		269	if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL)
		270	goto err;
		271	i2d_X509_NAME(x->cert_info->subject, &dertmp);
		272
		273	EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL);
		274	for (i=0; i < SHA_DIGEST_LENGTH; i++)
		275	{
		276	if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
		277	}
		278	OPENSSL_free (der);
		279	der=NULL;
		280
		281	/* display the hash of the public key as it would appear
		282	in OCSP requests */
		283	if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0)
		284	goto err;
		285
		286	EVP_Digest(x->cert_info->key->public_key->data,
		287	x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL);
		288	for (i=0; i < SHA_DIGEST_LENGTH; i++)
		289	{
		290	if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
		291	goto err;
		292	}
		293	BIO_printf(bp,"\n");
		294
		295	return (1);
		296	err:
		297	if (der != NULL) OPENSSL_free(der);
		298	return(0);
		299	}
		300
		301	int X509_signature_print(BIO bp, X509_ALGOR sigalg, ASN1_STRING *sig)
		302	{
		303	unsigned char *s;
		304	int i, n;
		305	if (BIO_puts(bp," Signature Algorithm: ") <= 0) return 0;
		306	if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0;
		307
		308	n=sig->length;
		309	s=sig->data;
		310	for (i=0; i<n; i++)
		311	{
		312	if ((i%18) == 0)
		313	if (BIO_write(bp,"\n ",9) <= 0) return 0;
		314	if (BIO_printf(bp,"%02x%s",s[i],
		315	((i+1) == n)?"":":") <= 0) return 0;
		316	}
		317	if (BIO_write(bp,"\n",1) != 1) return 0;
		318	return 1;
		319	}
		320
		321	int ASN1_STRING_print(BIO bp, ASN1_STRING v)
259	{	322	{
260	int i,n;	323	int i,n;
261	char buf[80],*p;;	324	char buf[80],*p;;
@@ -284,15 +347,59 @@ ASN1_STRING *v;
284	return(1);	347	return(1);
285	}	348	}
286		349
287	int ASN1_UTCTIME_print(bp,tm)	350	int ASN1_TIME_print(BIO bp, ASN1_TIME tm)
288	BIO *bp;	351	{
289	ASN1_UTCTIME *tm;	352	if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm);
		353	if(tm->type == V_ASN1_GENERALIZEDTIME)
		354	return ASN1_GENERALIZEDTIME_print(bp, tm);
		355	BIO_write(bp,"Bad time value",14);
		356	return(0);
		357	}
		358
		359	static const char *mon[12]=
		360	{
		361	"Jan","Feb","Mar","Apr","May","Jun",
		362	"Jul","Aug","Sep","Oct","Nov","Dec"
		363	};
		364
		365	int ASN1_GENERALIZEDTIME_print(BIO bp, ASN1_GENERALIZEDTIME tm)
		366	{
		367	char *v;
		368	int gmt=0;
		369	int i;
		370	int y=0,M=0,d=0,h=0,m=0,s=0;
		371
		372	i=tm->length;
		373	v=(char *)tm->data;
		374
		375	if (i < 12) goto err;
		376	if (v[i-1] == 'Z') gmt=1;
		377	for (i=0; i<12; i++)
		378	if ((v[i] > '9') \|\| (v[i] < '0')) goto err;
		379	y= (v[0]-'0')1000+(v[1]-'0')100 + (v[2]-'0')*10+(v[3]-'0');
		380	M= (v[4]-'0')*10+(v[5]-'0');
		381	if ((M > 12) \|\| (M < 1)) goto err;
		382	d= (v[6]-'0')*10+(v[7]-'0');
		383	h= (v[8]-'0')*10+(v[9]-'0');
		384	m= (v[10]-'0')*10+(v[11]-'0');
		385	if ( (v[12] >= '0') && (v[12] <= '9') &&
		386	(v[13] >= '0') && (v[13] <= '9'))
		387	s= (v[12]-'0')*10+(v[13]-'0');
		388
		389	if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
		390	mon[M-1],d,h,m,s,y,(gmt)?" GMT":"") <= 0)
		391	return(0);
		392	else
		393	return(1);
		394	err:
		395	BIO_write(bp,"Bad time value",14);
		396	return(0);
		397	}
		398
		399	int ASN1_UTCTIME_print(BIO bp, ASN1_UTCTIME tm)
290	{	400	{
291	char *v;	401	char *v;
292	int gmt=0;	402	int gmt=0;
293	static char *mon[12]={
294	"Jan","Feb","Mar","Apr","May","Jun",
295	"Jul","Aug","Sep","Oct","Nov","Dec"};
296	int i;	403	int i;
297	int y=0,M=0,d=0,h=0,m=0,s=0;	404	int y=0,M=0,d=0,h=0,m=0,s=0;
298		405
@@ -324,10 +431,7 @@ err:
324	return(0);	431	return(0);
325	}	432	}
326		433
327	int X509_NAME_print(bp,name,obase)	434	int X509_NAME_print(BIO bp, X509_NAME name, int obase)
328	BIO *bp;
329	X509_NAME *name;
330	int obase;
331	{	435	{
332	char s,c;	436	char s,c;
333	int ret=0,l,ll,i,first=1;	437	int ret=0,l,ll,i,first=1;
@@ -336,12 +440,15 @@ int obase;
336	ll=80-2-obase;	440	ll=80-2-obase;
337		441
338	s=X509_NAME_oneline(name,buf,256);	442	s=X509_NAME_oneline(name,buf,256);
		443	if (!*s)
		444	return 1;
339	s++; /* skip the first slash */	445	s++; /* skip the first slash */
340		446
341	l=ll;	447	l=ll;
342	c=s;	448	c=s;
343	for (;;)	449	for (;;)
344	{	450	{
		451	#ifndef CHARSET_EBCDIC
345	if ( ((*s == '/') &&	452	if ( ((*s == '/') &&
346	((s[1] >= 'A') && (s[1] <= 'Z') && (	453	((s[1] >= 'A') && (s[1] <= 'Z') && (
347	(s[2] == '=') \|\|	454	(s[2] == '=') \|\|
@@ -349,6 +456,15 @@ int obase;
349	(s[3] == '='))	456	(s[3] == '='))
350	))) \|\|	457	))) \|\|
351	(*s == '\0'))	458	(*s == '\0'))
		459	#else
		460	if ( ((*s == '/') &&
		461	(isupper(s[1]) && (
		462	(s[2] == '=') \|\|
		463	(isupper(s[2]) &&
		464	(s[3] == '='))
		465	))) \|\|
		466	(*s == '\0'))
		467	#endif
352	{	468	{
353	if ((l <= 0) && !first)	469	if ((l <= 0) && !first)
354	{	470	{