1 files changed, 193 insertions, 102 deletions
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
index 89ae73a6de..5de4833ed0 100644
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -60,18 +60,23 @@
 #include "cryptlib.h"
 #include <openssl/buffer.h>
 #include <openssl/bn.h>
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
 #endif
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
-#ifndef NO_FP_API
+#ifndef OPENSSL_NO_FP_API
 int X509_print_fp(FILE *fp, X509 *x)
+        {
+        return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
+        }
+int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag)
        {
        BIO *b;
        int ret;
@@ -82,144 +87,165 @@ int X509_print_fp(FILE *fp, X509 *x)
                return(0);
                }
        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=X509_print(b, x);
+        ret=X509_print_ex(b, x, nmflag, cflag);
        BIO_free(b);
        return(ret);
        }
 #endif
 int X509_print(BIO *bp, X509 *x)
+{
+        return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
+}
+int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
        {
        long l;
-        int ret=0,i,j,n;
+        int ret=0,i;
-        char *m=NULL,*s;
+        char *m=NULL,mlch = ' ';
+        int nmindent = 0;
        X509_CINF *ci;
        ASN1_INTEGER *bs;
        EVP_PKEY *pkey=NULL;
        const char *neg;
-        X509_EXTENSION *ex;
        ASN1_STRING *str=NULL;
+        if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
+                        mlch = '\n';
+                        nmindent = 12;
+        }
+        if(nmflags == X509_FLAG_COMPAT)
+                nmindent = 16;
        ci=x->cert_info;
-        if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
+        if(!(cflag & X509_FLAG_NO_HEADER))
-        if (BIO_write(bp,"    Data:\n",10) <= 0) goto err;
-        l=X509_get_version(x);
-        if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
-        if (BIO_write(bp,"        Serial Number:",22) <= 0) goto err;
-        bs=X509_get_serialNumber(x);
-        if (bs->length <= 4)
                {
-                l=ASN1_INTEGER_get(bs);
+                if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
-                if (l < 0)
+                if (BIO_write(bp,"    Data:\n",10) <= 0) goto err;
-                        {
-                        l= -l;
-                        neg="-";
-                        }
-                else
-                        neg="";
-                if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
-                        goto err;
                }
-        else
+        if(!(cflag & X509_FLAG_NO_VERSION))
+                {
+                l=X509_get_version(x);
+                if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
+                }
+        if(!(cflag & X509_FLAG_NO_SERIAL))
                {
-                neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
-                if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
-                for (i=0; i<bs->length; i++)
+                if (BIO_write(bp,"        Serial Number:",22) <= 0) goto err;
+                bs=X509_get_serialNumber(x);
+                if (bs->length <= 4)
                        {
-                        if (BIO_printf(bp,"%02x%c",bs->data[i],
+                        l=ASN1_INTEGER_get(bs);
-                                ((i+1 == bs->length)?'\n':':')) <= 0)
+                        if (l < 0)
+                                {
+                                l= -l;
+                                neg="-";
+                                }
+                        else
+                                neg="";
+                        if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
                                goto err;
                        }
-                }
+                else
+                        {
+                        neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
+                        if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
-        i=OBJ_obj2nid(ci->signature->algorithm);
+                        for (i=0; i<bs->length; i++)
-        if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
+                                {
-                (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
+                                if (BIO_printf(bp,"%02x%c",bs->data[i],
-                goto err;
+                                        ((i+1 == bs->length)?'\n':':')) <= 0)
+                                        goto err;
+                                }
+                        }
-        if (BIO_write(bp,"        Issuer: ",16) <= 0) goto err;
+                }
-        if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err;
-        if (BIO_write(bp,"\n        Validity\n",18) <= 0) goto err;
-        if (BIO_write(bp,"            Not Before: ",24) <= 0) goto err;
-        if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
-        if (BIO_write(bp,"\n            Not After : ",25) <= 0) goto err;
-        if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
-        if (BIO_write(bp,"\n        Subject: ",18) <= 0) goto err;
-        if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
-        if (BIO_write(bp,"\n        Subject Public Key Info:\n",34) <= 0)
-                goto err;
-        i=OBJ_obj2nid(ci->key->algor->algorithm);
-        if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
-                (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
-        pkey=X509_get_pubkey(x);
+        if(!(cflag & X509_FLAG_NO_SIGNAME))
-        if (pkey == NULL)
                {
-                BIO_printf(bp,"%12sUnable to load Public Key\n","");
+                if (BIO_printf(bp,"%8sSignature Algorithm: ","") <= 0) 
-                ERR_print_errors(bp);
+                        goto err;
+                if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
+                        goto err;
+                if (BIO_puts(bp, "\n") <= 0)
+                        goto err;
                }
-        else
-#ifndef NO_RSA
+        if(!(cflag & X509_FLAG_NO_ISSUER))
-        if (pkey->type == EVP_PKEY_RSA)
                {
-                BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
+                if (BIO_printf(bp,"        Issuer:%c",mlch) <= 0) goto err;
-                BN_num_bits(pkey->pkey.rsa->n));
+                if (X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags) < 0) goto err;
-                RSA_print(bp,pkey->pkey.rsa,16);
+                if (BIO_write(bp,"\n",1) <= 0) goto err;
                }
-        else
+        if(!(cflag & X509_FLAG_NO_VALIDITY))
-#endif
-#ifndef NO_DSA
-        if (pkey->type == EVP_PKEY_DSA)
                {
-                BIO_printf(bp,"%12sDSA Public Key:\n","");
+                if (BIO_write(bp,"        Validity\n",17) <= 0) goto err;
-                DSA_print(bp,pkey->pkey.dsa,16);
+                if (BIO_write(bp,"            Not Before: ",24) <= 0) goto err;
+                if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
+                if (BIO_write(bp,"\n            Not After : ",25) <= 0) goto err;
+                if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
+                if (BIO_write(bp,"\n",1) <= 0) goto err;
                }
-        else
+        if(!(cflag & X509_FLAG_NO_SUBJECT))
-#endif
-                BIO_printf(bp,"%12sUnknown Public Key:\n","");
-        EVP_PKEY_free(pkey);
-        n=X509_get_ext_count(x);
-        if (n > 0)
                {
-                BIO_printf(bp,"%8sX509v3 extensions:\n","");
+                if (BIO_printf(bp,"        Subject:%c",mlch) <= 0) goto err;
-                for (i=0; i<n; i++)
+                if (X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags) < 0) goto err;
+                if (BIO_write(bp,"\n",1) <= 0) goto err;
+                }
+        if(!(cflag & X509_FLAG_NO_PUBKEY))
+                {
+                if (BIO_write(bp,"        Subject Public Key Info:\n",33) <= 0)
+                        goto err;
+                if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
+                        goto err;
+                if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
+                        goto err;
+                if (BIO_puts(bp, "\n") <= 0)
+                        goto err;
+                pkey=X509_get_pubkey(x);
+                if (pkey == NULL)
                        {
-                        ASN1_OBJECT *obj;
+                        BIO_printf(bp,"%12sUnable to load Public Key\n","");
-                        ex=X509_get_ext(x,i);
+                        ERR_print_errors(bp);
-                        if (BIO_printf(bp,"%12s","") <= 0) goto err;
+                        }
-                        obj=X509_EXTENSION_get_object(ex);
+                else
-                        i2a_ASN1_OBJECT(bp,obj);
+#ifndef OPENSSL_NO_RSA
-                        j=X509_EXTENSION_get_critical(ex);
+                if (pkey->type == EVP_PKEY_RSA)
-                        if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
+                        {
-                                goto err;
+                        BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
-                        if(!X509V3_EXT_print(bp, ex, 0, 16))
+                        BN_num_bits(pkey->pkey.rsa->n));
-                                {
+                        RSA_print(bp,pkey->pkey.rsa,16);
-                                BIO_printf(bp, "%16s", "");
+                        }
-                                M_ASN1_OCTET_STRING_print(bp,ex->value);
+                else
-                                }
+#endif
-                        if (BIO_write(bp,"\n",1) <= 0) goto err;
+#ifndef OPENSSL_NO_DSA
+                if (pkey->type == EVP_PKEY_DSA)
+                        {
+                        BIO_printf(bp,"%12sDSA Public Key:\n","");
+                        DSA_print(bp,pkey->pkey.dsa,16);
                        }
+                else
+#endif
+                        BIO_printf(bp,"%12sUnknown Public Key:\n","");
+                EVP_PKEY_free(pkey);
                }
-        i=OBJ_obj2nid(x->sig_alg->algorithm);
+        if (!(cflag & X509_FLAG_NO_EXTENSIONS))
-        if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
+                X509V3_extensions_print(bp, "X509v3 extensions",
-                (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
+                                        ci->extensions, cflag, 8);
-        n=x->signature->length;
+        if(!(cflag & X509_FLAG_NO_SIGDUMP))
-        s=(char *)x->signature->data;
-        for (i=0; i<n; i++)
                {
-                if ((i%18) == 0)
+                if(X509_signature_print(bp, x->sig_alg, x->signature) <= 0) goto err;
-                        if (BIO_write(bp,"\n        ",9) <= 0) goto err;
+                }
-                if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
+        if(!(cflag & X509_FLAG_NO_AUX))
-                        ((i+1) == n)?"":":") <= 0) goto err;
+                {
+                if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
                }
-        if (BIO_write(bp,"\n",1) != 1) goto err;
-        if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
        ret=1;
 err:
        if (str != NULL) ASN1_STRING_free(str);
@@ -227,6 +253,71 @@ err:
        return(ret);
        }
+int X509_ocspid_print (BIO *bp, X509 *x)
+        {
+        unsigned char *der=NULL ;
+        unsigned char *dertmp;
+        int derlen;
+        int i;
+        unsigned char SHA1md[SHA_DIGEST_LENGTH];
+        /* display the hash of the subject as it would appear
+           in OCSP requests */
+        if (BIO_printf(bp,"        Subject OCSP hash: ") <= 0)
+                goto err;
+        derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
+        if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL)
+                goto err;
+        i2d_X509_NAME(x->cert_info->subject, &dertmp);
+        EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL);
+        for (i=0; i < SHA_DIGEST_LENGTH; i++)
+                {
+                if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
+                }
+        OPENSSL_free (der);
+        der=NULL;
+        /* display the hash of the public key as it would appear
+           in OCSP requests */
+        if (BIO_printf(bp,"\n        Public key OCSP hash: ") <= 0)
+                goto err;
+        EVP_Digest(x->cert_info->key->public_key->data,
+                x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL);
+        for (i=0; i < SHA_DIGEST_LENGTH; i++)
+                {
+                if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
+                        goto err;
+                }
+        BIO_printf(bp,"\n");
+        return (1);
+err:
+        if (der != NULL) OPENSSL_free(der);
+        return(0);
+        }
+int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
+{
+        unsigned char *s;
+        int i, n;
+        if (BIO_puts(bp,"    Signature Algorithm: ") <= 0) return 0;
+        if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0;
+        n=sig->length;
+        s=sig->data;
+        for (i=0; i<n; i++)
+                {
+                if ((i%18) == 0)
+                        if (BIO_write(bp,"\n        ",9) <= 0) return 0;
+                        if (BIO_printf(bp,"%02x%s",s[i],
+                                ((i+1) == n)?"":":") <= 0) return 0;
+                }
+        if (BIO_write(bp,"\n",1) != 1) return 0;
+        return 1;
+}
 int ASN1_STRING_print(BIO *bp, ASN1_STRING *v)
        {
        int i,n;

diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c index 89ae73a6de..5de4833ed0 100644 --- a/src/lib/libcrypto/asn1/t_x509.c +++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -60,18 +60,23 @@
60	#include "cryptlib.h"	60	#include "cryptlib.h"
61	#include <openssl/buffer.h>	61	#include <openssl/buffer.h>
62	#include <openssl/bn.h>	62	#include <openssl/bn.h>
63	#ifndef NO_RSA	63	#ifndef OPENSSL_NO_RSA
64	#include <openssl/rsa.h>	64	#include <openssl/rsa.h>
65	#endif	65	#endif
66	#ifndef NO_DSA	66	#ifndef OPENSSL_NO_DSA
67	#include <openssl/dsa.h>	67	#include <openssl/dsa.h>
68	#endif	68	#endif
69	#include <openssl/objects.h>	69	#include <openssl/objects.h>
70	#include <openssl/x509.h>	70	#include <openssl/x509.h>
71	#include <openssl/x509v3.h>	71	#include <openssl/x509v3.h>
72		72
73	#ifndef NO_FP_API	73	#ifndef OPENSSL_NO_FP_API
74	int X509_print_fp(FILE fp, X509 x)	74	int X509_print_fp(FILE fp, X509 x)
		75	{
		76	return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
		77	}
		78
		79	int X509_print_ex_fp(FILE fp, X509 x, unsigned long nmflag, unsigned long cflag)
75	{	80	{
76	BIO *b;	81	BIO *b;
77	int ret;	82	int ret;
@@ -82,144 +87,165 @@ int X509_print_fp(FILE fp, X509 x)
82	return(0);	87	return(0);
83	}	88	}
84	BIO_set_fp(b,fp,BIO_NOCLOSE);	89	BIO_set_fp(b,fp,BIO_NOCLOSE);
85	ret=X509_print(b, x);	90	ret=X509_print_ex(b, x, nmflag, cflag);
86	BIO_free(b);	91	BIO_free(b);
87	return(ret);	92	return(ret);
88	}	93	}
89	#endif	94	#endif
90		95
91	int X509_print(BIO bp, X509 x)	96	int X509_print(BIO bp, X509 x)
		97	{
		98	return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
		99	}
		100
		101	int X509_print_ex(BIO bp, X509 x, unsigned long nmflags, unsigned long cflag)
92	{	102	{
93	long l;	103	long l;
94	int ret=0,i,j,n;	104	int ret=0,i;
95	char m=NULL,s;	105	char *m=NULL,mlch = ' ';
		106	int nmindent = 0;
96	X509_CINF *ci;	107	X509_CINF *ci;
97	ASN1_INTEGER *bs;	108	ASN1_INTEGER *bs;
98	EVP_PKEY *pkey=NULL;	109	EVP_PKEY *pkey=NULL;
99	const char *neg;	110	const char *neg;
100	X509_EXTENSION *ex;
101	ASN1_STRING *str=NULL;	111	ASN1_STRING *str=NULL;
102		112
		113	if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
		114	mlch = '\n';
		115	nmindent = 12;
		116	}
		117
		118	if(nmflags == X509_FLAG_COMPAT)
		119	nmindent = 16;
		120
103	ci=x->cert_info;	121	ci=x->cert_info;
104	if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;	122	if(!(cflag & X509_FLAG_NO_HEADER))
105	if (BIO_write(bp," Data:\n",10) <= 0) goto err;
106	l=X509_get_version(x);
107	if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
108	if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
109
110	bs=X509_get_serialNumber(x);
111	if (bs->length <= 4)
112	{	123	{
113	l=ASN1_INTEGER_get(bs);	124	if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
114	if (l < 0)	125	if (BIO_write(bp," Data:\n",10) <= 0) goto err;
115	{
116	l= -l;
117	neg="-";
118	}
119	else
120	neg="";
121	if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
122	goto err;
123	}	126	}
124	else	127	if(!(cflag & X509_FLAG_NO_VERSION))
		128	{
		129	l=X509_get_version(x);
		130	if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
		131	}
		132	if(!(cflag & X509_FLAG_NO_SERIAL))
125	{	133	{
126	neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
127	if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
128		134
129	for (i=0; i<bs->length; i++)	135	if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
		136
		137	bs=X509_get_serialNumber(x);
		138	if (bs->length <= 4)
130	{	139	{
131	if (BIO_printf(bp,"%02x%c",bs->data[i],	140	l=ASN1_INTEGER_get(bs);
132	((i+1 == bs->length)?'\n':':')) <= 0)	141	if (l < 0)
		142	{
		143	l= -l;
		144	neg="-";
		145	}
		146	else
		147	neg="";
		148	if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
133	goto err;	149	goto err;
134	}	150	}
135	}	151	else
		152	{
		153	neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
		154	if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
136		155
137	i=OBJ_obj2nid(ci->signature->algorithm);	156	for (i=0; i<bs->length; i++)
138	if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",	157	{
139	(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)	158	if (BIO_printf(bp,"%02x%c",bs->data[i],
140	goto err;	159	((i+1 == bs->length)?'\n':':')) <= 0)
		160	goto err;
		161	}
		162	}
141		163
142	if (BIO_write(bp," Issuer: ",16) <= 0) goto err;	164	}
143	if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err;
144	if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err;
145	if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
146	if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
147	if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
148	if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
149	if (BIO_write(bp,"\n Subject: ",18) <= 0) goto err;
150	if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
151	if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0)
152	goto err;
153	i=OBJ_obj2nid(ci->key->algor->algorithm);
154	if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
155	(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
156		165
157	pkey=X509_get_pubkey(x);	166	if(!(cflag & X509_FLAG_NO_SIGNAME))
158	if (pkey == NULL)
159	{	167	{
160	BIO_printf(bp,"%12sUnable to load Public Key\n","");	168	if (BIO_printf(bp,"%8sSignature Algorithm: ","") <= 0)
161	ERR_print_errors(bp);	169	goto err;
		170	if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
		171	goto err;
		172	if (BIO_puts(bp, "\n") <= 0)
		173	goto err;
162	}	174	}
163	else	175
164	#ifndef NO_RSA	176	if(!(cflag & X509_FLAG_NO_ISSUER))
165	if (pkey->type == EVP_PKEY_RSA)
166	{	177	{
167	BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",	178	if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err;
168	BN_num_bits(pkey->pkey.rsa->n));	179	if (X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags) < 0) goto err;
169	RSA_print(bp,pkey->pkey.rsa,16);	180	if (BIO_write(bp,"\n",1) <= 0) goto err;
170	}	181	}
171	else	182	if(!(cflag & X509_FLAG_NO_VALIDITY))
172	#endif
173	#ifndef NO_DSA
174	if (pkey->type == EVP_PKEY_DSA)
175	{	183	{
176	BIO_printf(bp,"%12sDSA Public Key:\n","");	184	if (BIO_write(bp," Validity\n",17) <= 0) goto err;
177	DSA_print(bp,pkey->pkey.dsa,16);	185	if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
		186	if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
		187	if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
		188	if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
		189	if (BIO_write(bp,"\n",1) <= 0) goto err;
178	}	190	}
179	else	191	if(!(cflag & X509_FLAG_NO_SUBJECT))
180	#endif
181	BIO_printf(bp,"%12sUnknown Public Key:\n","");
182
183	EVP_PKEY_free(pkey);
184
185	n=X509_get_ext_count(x);
186	if (n > 0)
187	{	192	{
188	BIO_printf(bp,"%8sX509v3 extensions:\n","");	193	if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err;
189	for (i=0; i<n; i++)	194	if (X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags) < 0) goto err;
		195	if (BIO_write(bp,"\n",1) <= 0) goto err;
		196	}
		197	if(!(cflag & X509_FLAG_NO_PUBKEY))
		198	{
		199	if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0)
		200	goto err;
		201	if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
		202	goto err;
		203	if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
		204	goto err;
		205	if (BIO_puts(bp, "\n") <= 0)
		206	goto err;
		207
		208	pkey=X509_get_pubkey(x);
		209	if (pkey == NULL)
190	{	210	{
191	ASN1_OBJECT *obj;	211	BIO_printf(bp,"%12sUnable to load Public Key\n","");
192	ex=X509_get_ext(x,i);	212	ERR_print_errors(bp);
193	if (BIO_printf(bp,"%12s","") <= 0) goto err;	213	}
194	obj=X509_EXTENSION_get_object(ex);	214	else
195	i2a_ASN1_OBJECT(bp,obj);	215	#ifndef OPENSSL_NO_RSA
196	j=X509_EXTENSION_get_critical(ex);	216	if (pkey->type == EVP_PKEY_RSA)
197	if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)	217	{
198	goto err;	218	BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
199	if(!X509V3_EXT_print(bp, ex, 0, 16))	219	BN_num_bits(pkey->pkey.rsa->n));
200	{	220	RSA_print(bp,pkey->pkey.rsa,16);
201	BIO_printf(bp, "%16s", "");	221	}
202	M_ASN1_OCTET_STRING_print(bp,ex->value);	222	else
203	}	223	#endif
204	if (BIO_write(bp,"\n",1) <= 0) goto err;	224	#ifndef OPENSSL_NO_DSA
		225	if (pkey->type == EVP_PKEY_DSA)
		226	{
		227	BIO_printf(bp,"%12sDSA Public Key:\n","");
		228	DSA_print(bp,pkey->pkey.dsa,16);
205	}	229	}
		230	else
		231	#endif
		232	BIO_printf(bp,"%12sUnknown Public Key:\n","");
		233
		234	EVP_PKEY_free(pkey);
206	}	235	}
207		236
208	i=OBJ_obj2nid(x->sig_alg->algorithm);	237	if (!(cflag & X509_FLAG_NO_EXTENSIONS))
209	if (BIO_printf(bp,"%4sSignature Algorithm: %s","",	238	X509V3_extensions_print(bp, "X509v3 extensions",
210	(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;	239	ci->extensions, cflag, 8);
211		240
212	n=x->signature->length;	241	if(!(cflag & X509_FLAG_NO_SIGDUMP))
213	s=(char *)x->signature->data;
214	for (i=0; i<n; i++)
215	{	242	{
216	if ((i%18) == 0)	243	if(X509_signature_print(bp, x->sig_alg, x->signature) <= 0) goto err;
217	if (BIO_write(bp,"\n ",9) <= 0) goto err;	244	}
218	if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],	245	if(!(cflag & X509_FLAG_NO_AUX))
219	((i+1) == n)?"":":") <= 0) goto err;	246	{
		247	if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
220	}	248	}
221	if (BIO_write(bp,"\n",1) != 1) goto err;
222	if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
223	ret=1;	249	ret=1;
224	err:	250	err:
225	if (str != NULL) ASN1_STRING_free(str);	251	if (str != NULL) ASN1_STRING_free(str);
@@ -227,6 +253,71 @@ err:
227	return(ret);	253	return(ret);
228	}	254	}
229		255
		256	int X509_ocspid_print (BIO bp, X509 x)
		257	{
		258	unsigned char *der=NULL ;
		259	unsigned char *dertmp;
		260	int derlen;
		261	int i;
		262	unsigned char SHA1md[SHA_DIGEST_LENGTH];
		263
		264	/* display the hash of the subject as it would appear
		265	in OCSP requests */
		266	if (BIO_printf(bp," Subject OCSP hash: ") <= 0)
		267	goto err;
		268	derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
		269	if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL)
		270	goto err;
		271	i2d_X509_NAME(x->cert_info->subject, &dertmp);
		272
		273	EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL);
		274	for (i=0; i < SHA_DIGEST_LENGTH; i++)
		275	{
		276	if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
		277	}
		278	OPENSSL_free (der);
		279	der=NULL;
		280
		281	/* display the hash of the public key as it would appear
		282	in OCSP requests */
		283	if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0)
		284	goto err;
		285
		286	EVP_Digest(x->cert_info->key->public_key->data,
		287	x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL);
		288	for (i=0; i < SHA_DIGEST_LENGTH; i++)
		289	{
		290	if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
		291	goto err;
		292	}
		293	BIO_printf(bp,"\n");
		294
		295	return (1);
		296	err:
		297	if (der != NULL) OPENSSL_free(der);
		298	return(0);
		299	}
		300
		301	int X509_signature_print(BIO bp, X509_ALGOR sigalg, ASN1_STRING *sig)
		302	{
		303	unsigned char *s;
		304	int i, n;
		305	if (BIO_puts(bp," Signature Algorithm: ") <= 0) return 0;
		306	if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0;
		307
		308	n=sig->length;
		309	s=sig->data;
		310	for (i=0; i<n; i++)
		311	{
		312	if ((i%18) == 0)
		313	if (BIO_write(bp,"\n ",9) <= 0) return 0;
		314	if (BIO_printf(bp,"%02x%s",s[i],
		315	((i+1) == n)?"":":") <= 0) return 0;
		316	}
		317	if (BIO_write(bp,"\n",1) != 1) return 0;
		318	return 1;
		319	}
		320
230	int ASN1_STRING_print(BIO bp, ASN1_STRING v)	321	int ASN1_STRING_print(BIO bp, ASN1_STRING v)
231	{	322	{
232	int i,n;	323	int i,n;