from the print routines.
Reorganisation of OCSP code: initial print routines in ocsp_prn.c. Doesn't
work fully because OCSP extensions aren't reimplemented yet.
Implement some ASN1 functions needed to compile OCSP code.
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
+ *) Move common extension printing code to new function
+ X509V3_print_extensions(). Reorganise OCSP print routines and
+ implement some needed OCSP ASN1 functions.
+ [Steve Henson]
+
*) New function X509_signature_print() to remove duplication in some
print routines.
[Steve Henson]
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-static void ext_print(BIO *out, X509_EXTENSION *ex);
#ifndef NO_FP_API
int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
{
STACK_OF(X509_REVOKED) *rev;
X509_REVOKED *r;
long l;
- int i, j, n;
+ int i, n;
BIO_printf(out, "Certificate Revocation List (CRL):\n");
l = X509_CRL_get_version(x);
BIO_printf(out,"\n");
n=X509_CRL_get_ext_count(x);
- if (n > 0) {
- BIO_printf(out,"%8sCRL extensions:\n","");
- for (i=0; i<n; i++) ext_print(out, X509_CRL_get_ext(x, i));
- }
-
+ X509V3_extensions_print(out, "CRL extensions",
+ x->crl->extensions, 0, 8);
rev = X509_CRL_get_REVOKED(x);
BIO_printf(out,"\n Revocation Date: ","");
ASN1_TIME_print(out,r->revocationDate);
BIO_printf(out,"\n");
- for(j = 0; j < X509_REVOKED_get_ext_count(r); j++)
- ext_print(out, X509_REVOKED_get_ext(r, j));
+ X509V3_extensions_print(out, "CRL entry extensions",
+ r->extensions, 0, 8);
}
X509_signature_print(out, x->sig_alg, x->signature);
return 1;
}
-
-static void ext_print(BIO *out, X509_EXTENSION *ex)
-{
- ASN1_OBJECT *obj;
- int j;
- BIO_printf(out,"%12s","");
- obj=X509_EXTENSION_get_object(ex);
- i2a_ASN1_OBJECT(out,obj);
- j=X509_EXTENSION_get_critical(ex);
- BIO_printf(out, ": %s\n", j ? "critical":"","");
- if(!X509V3_EXT_print(out, ex, 0, 16)) {
- BIO_printf(out, "%16s", "");
- M_ASN1_OCTET_STRING_print(out,ex->value);
- }
- BIO_write(out,"\n",1);
-}
int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
{
long l;
- int ret=0,i,j,n;
+ int ret=0,i;
char *m=NULL,mlch = ' ';
int nmindent = 0;
X509_CINF *ci;
ASN1_INTEGER *bs;
EVP_PKEY *pkey=NULL;
const char *neg;
- X509_EXTENSION *ex;
ASN1_STRING *str=NULL;
if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
EVP_PKEY_free(pkey);
}
- if (cflag & X509_FLAG_NO_EXTENSIONS)
- n = 0;
- else
- n=X509_get_ext_count(x);
- if (n > 0)
- {
- BIO_printf(bp,"%8sX509v3 extensions:\n","");
- for (i=0; i<n; i++)
- {
- ASN1_OBJECT *obj;
- ex=X509_get_ext(x,i);
- if (BIO_printf(bp,"%12s","") <= 0) goto err;
- obj=X509_EXTENSION_get_object(ex);
- i2a_ASN1_OBJECT(bp,obj);
- j=X509_EXTENSION_get_critical(ex);
- if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
- goto err;
- if(!X509V3_EXT_print(bp, ex, cflag, 16))
- {
- BIO_printf(bp, "%16s", "");
- M_ASN1_OCTET_STRING_print(bp,ex->value);
- }
- if (BIO_write(bp,"\n",1) <= 0) goto err;
- }
- }
+ if (!(cflag & X509_FLAG_NO_EXTENSIONS))
+ X509V3_extensions_print(bp, "X509v3 extensions",
+ ci->extensions, cflag, 8);
if(!(cflag & X509_FLAG_NO_SIGDUMP))
{
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= ocsp_asn.c ocsp_req.c ocsp_res.c ocsp_sig.c ocsp_cid.c ocsp_ext.c \
- ocsp_lib.c ocsp_err.c
+LIBSRC= ocsp_asn.c ocsp_ext.c ocsp_res.c ocsp_sig.c ocsp_cid.c \
+ ocsp_lib.c ocsp_prn.c ocsp_err.c
#ocsp_v3.c
-LIBOBJ= ocsp_asn.o ocsp_req.o ocsp_res.o ocsp_sig.o ocsp_cid.o ocsp_ext.o \
- ocsp_lib.o ocsp_err.o
+LIBOBJ= ocsp_asn.o ocsp_ext.o ocsp_res.o ocsp_sig.o ocsp_cid.o \
+ ocsp_lib.o ocsp_prn.o ocsp_err.o
#ocsp_v3.o
SRC= $(LIBSRC)
int i2d_OCSP_REQUEST(OCSP_REQUEST *a, unsigned char **pp);
OCSP_REQUEST *d2i_OCSP_REQUEST(OCSP_REQUEST **a, unsigned char **pp, long length);
int i2a_OCSP_REQUEST(BIO *bp, OCSP_REQUEST* a);
-int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a);
+int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags);
OCSP_SIGNATURE *OCSP_SIGNATURE_new(void);
void OCSP_SIGNATURE_free(OCSP_SIGNATURE *a);
ASN1_SEQUENCE_OF(OCSP_SIGNATURE, certs, X509)
} ASN1_SEQUENCE_END(OCSP_SIGNATURE);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE)
+
ASN1_SEQUENCE(OCSP_CERTID) = {
ASN1_SIMPLE(OCSP_CERTID, hashAlgorithm, X509_ALGOR),
ASN1_SIMPLE(OCSP_CERTID, issuerNameHash, ASN1_OCTET_STRING),
ASN1_SIMPLE(OCSP_CERTID, serialNumber, ASN1_INTEGER)
} ASN1_SEQUENCE_END(OCSP_CERTID);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTID)
+
ASN1_SEQUENCE(OCSP_ONEREQ) = {
ASN1_SIMPLE(OCSP_ONEREQ, reqCert, OCSP_CERTID),
ASN1_EXP_SEQUENCE_OF_OPT(OCSP_ONEREQ, singleRequestExtensions, X509_EXTENSION, 0)
} ASN1_SEQUENCE_END(OCSP_ONEREQ);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_ONEREQ)
+
ASN1_SEQUENCE(OCSP_REQINFO) = {
ASN1_EXP_OPT(OCSP_REQINFO, version, ASN1_INTEGER, 0),
ASN1_EXP_OPT(OCSP_REQINFO, requestorName, GENERAL_NAME, 1),
ASN1_EXP_SEQUENCE_OF_OPT(OCSP_REQINFO, requestExtensions, X509_EXTENSION, 2)
} ASN1_SEQUENCE_END(OCSP_REQINFO);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQINFO)
+
ASN1_SEQUENCE(OCSP_REQUEST) = {
ASN1_SIMPLE(OCSP_REQUEST, tbsRequest, OCSP_REQINFO),
ASN1_EXP_OPT(OCSP_REQUEST, optionalSignature, OCSP_SIGNATURE, 0)
} ASN1_SEQUENCE_END(OCSP_REQUEST);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQUEST)
/* OCSP_RESPONSE templates */
ASN1_SIMPLE(OCSP_RESPBYTES, response, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(OCSP_RESPBYTES);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPBYTES)
+
ASN1_SEQUENCE(OCSP_RESPONSE) = {
ASN1_SIMPLE(OCSP_RESPONSE, responseStatus, ASN1_ENUMERATED),
ASN1_EXP_OPT(OCSP_RESPONSE, responseBytes, OCSP_RESPBYTES, 0)
} ASN1_SEQUENCE_END(OCSP_RESPONSE);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPONSE)
+
ASN1_CHOICE(OCSP_RESPID) = {
ASN1_EXP(OCSP_RESPID, value.byName, X509_NAME, 1),
ASN1_IMP(OCSP_RESPID, value.byKey, ASN1_OCTET_STRING, 2)
ASN1_EXP_OPT(OCSP_REVOKEDINFO, revocationReason, ASN1_ENUMERATED, 0)
} ASN1_SEQUENCE_END(OCSP_REVOKEDINFO);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
+
ASN1_CHOICE(OCSP_CERTSTATUS) = {
ASN1_IMP(OCSP_CERTSTATUS, value.good, ASN1_NULL, 0),
ASN1_IMP(OCSP_CERTSTATUS, value.revoked, OCSP_REVOKEDINFO, 1),
ASN1_IMP(OCSP_CERTSTATUS, value.unknown, ASN1_NULL, 2)
} ASN1_CHOICE_END(OCSP_CERTSTATUS);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
+
ASN1_SEQUENCE(OCSP_SINGLERESP) = {
ASN1_SIMPLE(OCSP_SINGLERESP, certId, OCSP_CERTID),
ASN1_SIMPLE(OCSP_SINGLERESP, certStatus, OCSP_CERTSTATUS),
ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SINGLERESP, singleExtensions, X509_EXTENSION, 1)
} ASN1_SEQUENCE_END(OCSP_SINGLERESP);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_SINGLERESP)
+
ASN1_SEQUENCE(OCSP_RESPDATA) = {
ASN1_EXP_OPT(OCSP_RESPDATA, version, ASN1_INTEGER, 0),
ASN1_SIMPLE(OCSP_RESPDATA, responderId, OCSP_RESPID),
ASN1_EXP_SEQUENCE_OF_OPT(OCSP_RESPDATA, responseExtensions, X509_EXTENSION, 1)
} ASN1_SEQUENCE_END(OCSP_RESPDATA);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPDATA)
+
ASN1_SEQUENCE(OCSP_BASICRESP) = {
ASN1_SIMPLE(OCSP_BASICRESP, tbsResponseData, OCSP_RESPDATA),
ASN1_SIMPLE(OCSP_BASICRESP, signatureAlgorithm, X509_ALGOR),
ASN1_EXP_SEQUENCE_OF_OPT(OCSP_BASICRESP, certs, X509, 0)
} ASN1_SEQUENCE_END(OCSP_BASICRESP);
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_BASICRESP)
+
+ASN1_SEQUENCE(OCSP_CRLID) = {
+ ASN1_EXP_OPT(OCSP_CRLID, crlUrl, ASN1_IA5STRING, 0),
+ ASN1_EXP_OPT(OCSP_CRLID, crlNum, ASN1_INTEGER, 1),
+ ASN1_EXP_OPT(OCSP_CRLID, crlTime, ASN1_GENERALIZEDTIME, 2)
+} ASN1_SEQUENCE_END(OCSP_CRLID);
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_CRLID)
+
+ASN1_SEQUENCE(OCSP_SERVICELOC) = {
+ ASN1_SIMPLE(OCSP_SERVICELOC, issuer, X509_NAME),
+ ASN1_SEQUENCE_OF(OCSP_SERVICELOC, locator, ACCESS_DESCRIPTION)
+} ASN1_SEQUENCE_END(OCSP_SERVICELOC);
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_SERVICELOC)
return 1;
}
-
-int OCSP_REQUEST_print(bp, o)
-BIO *bp;
-OCSP_REQUEST* o;
- {
- int i,j,n;
- long l;
- char *s;
- OCSP_CERTID* cid = NULL;
- OCSP_ONEREQ *one = NULL;
- OCSP_REQINFO *inf = o->tbsRequest;
- OCSP_SIGNATURE *sig = o->optionalSignature;
-
- if (BIO_write(bp,"OCSP Request Data:\n",19) <= 0) goto err;
- l=ASN1_INTEGER_get(inf->version);
- if (BIO_printf(bp,"%4sVersion: %lu (0x%lx)","",l+1,l) <= 0) goto err;
- if (inf->requestorName != NULL)
- {
- if (BIO_write(bp,"\n Requestor Name: ",21) <= 0)
- goto err;
- i2a_GENERAL_NAME(bp, inf->requestorName);
- }
- if (BIO_write(bp,"\n Requestor List:\n",21) <= 0) goto err;
- for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++)
- {
- if (! sk_OCSP_ONEREQ_value(inf->requestList, i)) continue;
- one = sk_OCSP_ONEREQ_value(inf->requestList, i);
- cid = one->reqCert;
- j=OBJ_obj2nid(cid->hashAlgorithm->algorithm);
- if (BIO_printf(bp,"%8sHash Algorithm: %s","",
- (j == NID_undef)?"UNKNOWN":OBJ_nid2ln(j)) <= 0)
- goto err;
- if (BIO_write(bp,"\n Issuer Name Hash: ",27) <= 0)
- goto err;
- i2a_ASN1_STRING(bp, cid->issuerNameHash, V_ASN1_OCTET_STRING);
- if (BIO_write(bp,"\n Issuer Key Hash: ",26) <= 0)
- goto err;
- i2a_ASN1_STRING(bp, cid->issuerKeyHash, V_ASN1_OCTET_STRING);
- if (BIO_write(bp,"\n Serial Number: ",24) <= 0)
- goto err;
- if (!i2a_ASN1_INTEGER(bp, cid->serialNumber))
- goto err;
- if (!BIO_write(bp,"\n",1)) goto err;
- if (!OCSP_extensions_print(bp, one->singleRequestExtensions,
- "Request Single Extensions"))
- goto err;
- }
- if (!OCSP_extensions_print(bp, inf->requestExtensions,
- "Request Extensions"))
- goto err;
- if (sig)
- {
- i=OBJ_obj2nid(sig->signatureAlgorithm->algorithm);
- if (BIO_printf(bp,"OCSP Request Signature Algorithm: %s",
- (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
- goto err;
- n=sig->signature->length;
- s=(char *)sig->signature->data;
- for (i=0; i<n; i++)
- {
- if ((i%18) == 0)
- if (BIO_write(bp,"\n ",9) <= 0) goto err;
- if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
- ((i+1) == n)?"":":") <= 0) goto err;
- }
- if (BIO_write(bp,"\n",1) != 1) goto err;
- if (sig->certs)
- {
- for (i=0; i<sk_X509_num(sig->certs); i++)
- if (sk_X509_value(sig->certs,i) != NULL)
- X509_print(bp,
- sk_X509_value(sig->certs,i));
- }
- }
- return 1;
-err:
- return 0;
- }
-
int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o)
{
int i, j, n;
--- /dev/null
+/* ocsp_cid.c */
+/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
+ * project. */
+
+/* History:
+ This file was originally part of ocsp.c and was transfered to Richard
+ Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be included
+ in OpenSSL or released as a patch kit. */
+
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/ocsp.h>
+#include <openssl/x509.h>
+
+int OCSP_CERTID_print(BIO *bp, OCSP_CERTID* a, int indent)
+ {
+ BIO_printf(bp, "%*sCertificate ID:\n", indent, "");
+ indent += 2;
+ BIO_printf(bp, "%*sHash Algorithm: ", indent, "");
+ i2a_ASN1_OBJECT(bp, a->hashAlgorithm->algorithm);
+ BIO_printf(bp, "\n%*sIssuer Name Hash: ", indent, "");
+ i2a_ASN1_STRING(bp, a->issuerNameHash, V_ASN1_OCTET_STRING);
+ BIO_printf(bp, "\n%*sIssuer Key Hash: ", indent, "");
+ i2a_ASN1_STRING(bp, a->issuerKeyHash, V_ASN1_OCTET_STRING);
+ BIO_printf(bp, "\n%*sSerial Number: ", indent, "");
+ i2a_ASN1_INTEGER(bp, a->serialNumber);
+ BIO_printf(bp, "\n");
+ return 1;
+ }
+
+int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* o, unsigned long flags)
+ {
+ int i;
+ long l;
+ OCSP_CERTID* cid = NULL;
+ OCSP_ONEREQ *one = NULL;
+ OCSP_REQINFO *inf = o->tbsRequest;
+ OCSP_SIGNATURE *sig = o->optionalSignature;
+
+ if (BIO_write(bp,"OCSP Request Data:\n",19) <= 0) goto err;
+ l=ASN1_INTEGER_get(inf->version);
+ if (BIO_printf(bp,"%4sVersion: %lu (0x%lx)","",l+1,l) <= 0) goto err;
+ if (inf->requestorName != NULL)
+ {
+ if (BIO_write(bp,"\n Requestor Name: ",21) <= 0)
+ goto err;
+ GENERAL_NAME_print(bp, inf->requestorName);
+ }
+ if (BIO_write(bp,"\n Requestor List:\n",21) <= 0) goto err;
+ for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++)
+ {
+ if (!sk_OCSP_ONEREQ_value(inf->requestList, i)) continue;
+ one = sk_OCSP_ONEREQ_value(inf->requestList, i);
+ cid = one->reqCert;
+ OCSP_CERTID_print(bp, cid, 8);
+ if (!X509V3_extensions_print(bp,
+ "OCSP Request Single Extensions",
+ one->singleRequestExtensions, flags, 4))
+ goto err;
+ }
+ if (!X509V3_extensions_print(bp, "OCSP Request Extensions",
+ inf->requestExtensions, flags, 4))
+ goto err;
+ if (sig)
+ {
+ X509_signature_print(bp, sig->signatureAlgorithm, sig->signature);
+ }
+ return 1;
+err:
+ return 0;
+ }
return ret;
}
+int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
+{
+ char oline[256];
+ unsigned char *p;
+ switch (gen->type)
+ {
+ case GEN_OTHERNAME:
+ BIO_printf(out, "othername:<unsupported>");
+ break;
+
+ case GEN_X400:
+ BIO_printf(out, "X400Name:<unsupported>");
+ break;
+
+ case GEN_EDIPARTY:
+ /* Maybe fix this: it is supported now */
+ BIO_printf(out, "EdiPartyName:<unsupported>");
+ break;
+
+ case GEN_EMAIL:
+ BIO_printf(out, "email:%s",gen->d.ia5->data);
+ break;
+
+ case GEN_DNS:
+ BIO_printf(out, "DNS:%s",gen->d.ia5->data);
+ break;
+
+ case GEN_URI:
+ BIO_printf(out, "URI:%s",gen->d.ia5->data);
+ break;
+
+ case GEN_DIRNAME:
+ X509_NAME_oneline(gen->d.dirn, oline, 256);
+ BIO_printf(out, "DirName:%s",oline);
+ break;
+
+ case GEN_IPADD:
+ p = gen->d.ip->data;
+ /* BUG: doesn't support IPV6 */
+ if(gen->d.ip->length != 4) {
+ BIO_printf(out,"IP Address:<invalid>");
+ break;
+ }
+ BIO_printf(out, "IP Address:%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
+ break;
+
+ case GEN_RID:
+ BIO_printf(out, "Registered ID");
+ i2a_ASN1_OBJECT(out, gen->d.rid);
+ break;
+ }
+ return 1;
+}
+
static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
return ok;
}
+int X509V3_extensions_print(BIO *bp, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent)
+{
+ int i, j;
+
+ if(sk_X509_EXTENSION_num(exts) <= 0) return 1;
+
+ if(title)
+ {
+ BIO_printf(bp,"%*s%s:\n",indent, "", title);
+ indent += 4;
+ }
+
+ for (i=0; i<sk_X509_EXTENSION_num(exts); i++)
+ {
+ ASN1_OBJECT *obj;
+ X509_EXTENSION *ex;
+ ex=sk_X509_EXTENSION_value(exts, i);
+ if (BIO_printf(bp,"%*s",indent, "") <= 0) return 0;
+ obj=X509_EXTENSION_get_object(ex);
+ i2a_ASN1_OBJECT(bp,obj);
+ j=X509_EXTENSION_get_critical(ex);
+ if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
+ return 0;
+ if(!X509V3_EXT_print(bp, ex, flag, 12))
+ {
+ BIO_printf(bp, "%*s", indent + 4, "");
+ M_ASN1_OCTET_STRING_print(bp,ex->value);
+ }
+ if (BIO_write(bp,"\n",1) <= 0) return 0;
+ }
+ return 1;
+}
+
static int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent, int supported)
{
switch(flag & X509V3_EXT_UNKNOWN_MASK) {
DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
+int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent);
int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
+int X509V3_extensions_print(BIO *out, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent);
+
int X509_check_purpose(X509 *x, int id, int ca);
int X509_check_issued(X509 *issuer, X509 *subject);
int X509_PURPOSE_get_count(void);
projects / openssl.git / commitdiff