-int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
- {
- long l;
- int ret=0,i;
- char *m=NULL,mlch = ' ';
- int nmindent = 0;
- X509_CINF *ci;
- ASN1_INTEGER *bs;
- EVP_PKEY *pkey=NULL;
- const char *neg;
-
- if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
- mlch = '\n';
- nmindent = 12;
- }
-
- if(nmflags == X509_FLAG_COMPAT)
- nmindent = 16;
-
- ci=x->cert_info;
- if(!(cflag & X509_FLAG_NO_HEADER))
- {
- if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
- if (BIO_write(bp," Data:\n",10) <= 0) goto err;
- }
- if(!(cflag & X509_FLAG_NO_VERSION))
- {
- l=X509_get_version(x);
- if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
- }
- if(!(cflag & X509_FLAG_NO_SERIAL))
- {
-
- if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
-
- bs=X509_get_serialNumber(x);
- if (bs->length <= 4)
- {
- l=ASN1_INTEGER_get(bs);
- if (l < 0)
- {
- l= -l;
- neg="-";
- }
- else
- neg="";
- if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
- goto err;
- }
- else
- {
- neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
- if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
-
- for (i=0; i<bs->length; i++)
- {
- if (BIO_printf(bp,"%02x%c",bs->data[i],
- ((i+1 == bs->length)?'\n':':')) <= 0)
- goto err;
- }
- }
-
- }
-
- if(!(cflag & X509_FLAG_NO_SIGNAME))
- {
- if (BIO_printf(bp,"%8sSignature Algorithm: ","") <= 0)
- goto err;
- if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
- goto err;
- if (BIO_puts(bp, "\n") <= 0)
- goto err;
- }
-
- if(!(cflag & X509_FLAG_NO_ISSUER))
- {
- if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err;
- if (X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags) < 0) goto err;
- if (BIO_write(bp,"\n",1) <= 0) goto err;
- }
- if(!(cflag & X509_FLAG_NO_VALIDITY))
- {
- if (BIO_write(bp," Validity\n",17) <= 0) goto err;
- if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
- if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
- if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
- if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
- if (BIO_write(bp,"\n",1) <= 0) goto err;
- }
- if(!(cflag & X509_FLAG_NO_SUBJECT))
- {
- if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err;
- if (X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags) < 0) goto err;
- if (BIO_write(bp,"\n",1) <= 0) goto err;
- }
- if(!(cflag & X509_FLAG_NO_PUBKEY))
- {
- if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0)
- goto err;
- if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
- goto err;
- if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
- goto err;
- if (BIO_puts(bp, "\n") <= 0)
- goto err;
-
- pkey=X509_get_pubkey(x);
- if (pkey == NULL)
- {
- BIO_printf(bp,"%12sUnable to load Public Key\n","");
- ERR_print_errors(bp);
- }
- else
- {
- EVP_PKEY_print_public(bp, pkey, 16, NULL);
- EVP_PKEY_free(pkey);
- }
- }
-
- if (!(cflag & X509_FLAG_NO_EXTENSIONS))
- X509V3_extensions_print(bp, "X509v3 extensions",
- ci->extensions, cflag, 8);
-
- if(!(cflag & X509_FLAG_NO_SIGDUMP))
- {
- if(X509_signature_print(bp, x->sig_alg, x->signature) <= 0) goto err;
- }
- if(!(cflag & X509_FLAG_NO_AUX))
- {
- if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
- }
- ret=1;
-err:
- if (m != NULL) OPENSSL_free(m);
- return(ret);
- }
-
-int X509_ocspid_print (BIO *bp, X509 *x)
- {
- unsigned char *der=NULL ;
- unsigned char *dertmp;
- int derlen;
- int i;
- unsigned char SHA1md[SHA_DIGEST_LENGTH];
-
- /* display the hash of the subject as it would appear
- in OCSP requests */
- if (BIO_printf(bp," Subject OCSP hash: ") <= 0)
- goto err;
- derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
- if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL)
- goto err;
- i2d_X509_NAME(x->cert_info->subject, &dertmp);
-
- EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL);
- for (i=0; i < SHA_DIGEST_LENGTH; i++)
- {
- if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
- }
- OPENSSL_free (der);
- der=NULL;
-
- /* display the hash of the public key as it would appear
- in OCSP requests */
- if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0)
- goto err;
-
- EVP_Digest(x->cert_info->key->public_key->data,
- x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL);
- for (i=0; i < SHA_DIGEST_LENGTH; i++)
- {
- if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
- goto err;
- }
- BIO_printf(bp,"\n");
-
- return (1);
-err:
- if (der != NULL) OPENSSL_free(der);
- return(0);
- }
+int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
+ unsigned long cflag)
+{
+ long l;
+ int ret = 0, i;
+ char *m = NULL, mlch = ' ';
+ int nmindent = 0;
+ X509_CINF *ci;
+ ASN1_INTEGER *bs;
+ EVP_PKEY *pkey = NULL;
+ const char *neg;
+
+ if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
+ mlch = '\n';
+ nmindent = 12;
+ }
+
+ if (nmflags == X509_FLAG_COMPAT)
+ nmindent = 16;
+
+ ci = x->cert_info;
+ if (!(cflag & X509_FLAG_NO_HEADER)) {
+ if (BIO_write(bp, "Certificate:\n", 13) <= 0)
+ goto err;
+ if (BIO_write(bp, " Data:\n", 10) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_VERSION)) {
+ l = X509_get_version(x);
+ if (BIO_printf(bp, "%8sVersion: %lu (0x%lx)\n", "", l + 1, l) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_SERIAL)) {
+
+ if (BIO_write(bp, " Serial Number:", 22) <= 0)
+ goto err;
+
+ bs = X509_get_serialNumber(x);
+ if (bs->length <= (int)sizeof(long)) {
+ l = ASN1_INTEGER_get(bs);
+ if (bs->type == V_ASN1_NEG_INTEGER) {
+ l = -l;
+ neg = "-";
+ } else
+ neg = "";
+ if (BIO_printf(bp, " %s%lu (%s0x%lx)\n", neg, l, neg, l) <= 0)
+ goto err;
+ } else {
+ neg = (bs->type == V_ASN1_NEG_INTEGER) ? " (Negative)" : "";
+ if (BIO_printf(bp, "\n%12s%s", "", neg) <= 0)
+ goto err;
+
+ for (i = 0; i < bs->length; i++) {
+ if (BIO_printf(bp, "%02x%c", bs->data[i],
+ ((i + 1 == bs->length) ? '\n' : ':')) <= 0)
+ goto err;
+ }
+ }
+
+ }
+
+ if (!(cflag & X509_FLAG_NO_SIGNAME)) {
+ if (X509_signature_print(bp, ci->signature, NULL) <= 0)
+ goto err;
+#if 0
+ if (BIO_printf(bp, "%8sSignature Algorithm: ", "") <= 0)
+ goto err;
+ if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
+ goto err;
+ if (BIO_puts(bp, "\n") <= 0)
+ goto err;
+#endif
+ }
+
+ if (!(cflag & X509_FLAG_NO_ISSUER)) {
+ if (BIO_printf(bp, " Issuer:%c", mlch) <= 0)
+ goto err;
+ if (X509_NAME_print_ex(bp, X509_get_issuer_name(x), nmindent, nmflags)
+ < 0)
+ goto err;
+ if (BIO_write(bp, "\n", 1) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_VALIDITY)) {
+ if (BIO_write(bp, " Validity\n", 17) <= 0)
+ goto err;
+ if (BIO_write(bp, " Not Before: ", 24) <= 0)
+ goto err;
+ if (!ASN1_TIME_print(bp, X509_get_notBefore(x)))
+ goto err;
+ if (BIO_write(bp, "\n Not After : ", 25) <= 0)
+ goto err;
+ if (!ASN1_TIME_print(bp, X509_get_notAfter(x)))
+ goto err;
+ if (BIO_write(bp, "\n", 1) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_SUBJECT)) {
+ if (BIO_printf(bp, " Subject:%c", mlch) <= 0)
+ goto err;
+ if (X509_NAME_print_ex
+ (bp, X509_get_subject_name(x), nmindent, nmflags) < 0)
+ goto err;
+ if (BIO_write(bp, "\n", 1) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_PUBKEY)) {
+ if (BIO_write(bp, " Subject Public Key Info:\n", 33) <= 0)
+ goto err;
+ if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
+ goto err;
+ if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
+ goto err;
+ if (BIO_puts(bp, "\n") <= 0)
+ goto err;
+
+ pkey = X509_get_pubkey(x);
+ if (pkey == NULL) {
+ BIO_printf(bp, "%12sUnable to load Public Key\n", "");
+ ERR_print_errors(bp);
+ } else {
+ EVP_PKEY_print_public(bp, pkey, 16, NULL);
+ EVP_PKEY_free(pkey);
+ }
+ }
+
+ if (!(cflag & X509_FLAG_NO_IDS)) {
+ if (ci->issuerUID) {
+ if (BIO_printf(bp, "%8sIssuer Unique ID: ", "") <= 0)
+ goto err;
+ if (!X509_signature_dump(bp, ci->issuerUID, 12))
+ goto err;
+ }
+ if (ci->subjectUID) {
+ if (BIO_printf(bp, "%8sSubject Unique ID: ", "") <= 0)
+ goto err;
+ if (!X509_signature_dump(bp, ci->subjectUID, 12))
+ goto err;
+ }
+ }
+
+ if (!(cflag & X509_FLAG_NO_EXTENSIONS))
+ X509V3_extensions_print(bp, "X509v3 extensions",
+ ci->extensions, cflag, 8);
+
+ if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
+ if (X509_signature_print(bp, x->sig_alg, x->signature) <= 0)
+ goto err;
+ }
+ if (!(cflag & X509_FLAG_NO_AUX)) {
+ if (!X509_CERT_AUX_print(bp, x->aux, 0))
+ goto err;
+ }
+ ret = 1;
+ err:
+ if (m != NULL)
+ OPENSSL_free(m);
+ return (ret);
+}
+
+int X509_ocspid_print(BIO *bp, X509 *x)
+{
+ unsigned char *der = NULL;
+ unsigned char *dertmp;
+ int derlen;
+ int i;
+ unsigned char SHA1md[SHA_DIGEST_LENGTH];
+
+ /*
+ * display the hash of the subject as it would appear in OCSP requests
+ */
+ if (BIO_printf(bp, " Subject OCSP hash: ") <= 0)
+ goto err;
+ derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
+ if ((der = dertmp = (unsigned char *)OPENSSL_malloc(derlen)) == NULL)
+ goto err;
+ i2d_X509_NAME(x->cert_info->subject, &dertmp);
+
+ if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
+ goto err;
+ for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
+ if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
+ goto err;
+ }
+ OPENSSL_free(der);
+ der = NULL;
+
+ /*
+ * display the hash of the public key as it would appear in OCSP requests
+ */
+ if (BIO_printf(bp, "\n Public key OCSP hash: ") <= 0)
+ goto err;
+
+ if (!EVP_Digest(x->cert_info->key->public_key->data,
+ x->cert_info->key->public_key->length,
+ SHA1md, NULL, EVP_sha1(), NULL))
+ goto err;
+ for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
+ if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
+ goto err;
+ }
+ BIO_printf(bp, "\n");
+
+ return (1);
+ err:
+ if (der != NULL)
+ OPENSSL_free(der);
+ return (0);
+}
+
+int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
+{
+ const unsigned char *s;
+ int i, n;
+
+ n = sig->length;
+ s = sig->data;
+ for (i = 0; i < n; i++) {
+ if ((i % 18) == 0) {
+ if (BIO_write(bp, "\n", 1) <= 0)
+ return 0;
+ if (BIO_indent(bp, indent, indent) <= 0)
+ return 0;
+ }
+ if (BIO_printf(bp, "%02x%s", s[i], ((i + 1) == n) ? "" : ":") <= 0)
+ return 0;
+ }
+ if (BIO_write(bp, "\n", 1) != 1)
+ return 0;
+
+ return 1;
+}