New function X509V3_extensions_print() this removes extension duplication
authorDr. Stephen Henson <steve@openssl.org>
Thu, 14 Dec 2000 18:42:28 +0000 (18:42 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 14 Dec 2000 18:42:28 +0000 (18:42 +0000)
from the print routines.

Reorganisation of OCSP code: initial print routines in ocsp_prn.c. Doesn't
work fully because OCSP extensions aren't reimplemented yet.

Implement some ASN1 functions needed to compile OCSP code.

CHANGES
crypto/asn1/t_crl.c
crypto/asn1/t_x509.c
crypto/ocsp/Makefile.ssl
crypto/ocsp/ocsp.h
crypto/ocsp/ocsp_asn.c
crypto/ocsp/ocsp_lib.c
crypto/ocsp/ocsp_prn.c [new file with mode: 0644]
crypto/x509v3/v3_alt.c
crypto/x509v3/v3_prn.c
crypto/x509v3/x509v3.h

diff --git a/CHANGES b/CHANGES
index 533acfe..a4de57a 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,11 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Move common extension printing code to new function
+     X509V3_print_extensions(). Reorganise OCSP print routines and
+     implement some needed OCSP ASN1 functions.
+     [Steve Henson]
+
   *) New function X509_signature_print() to remove duplication in some
      print routines.
      [Steve Henson]
index 3a14433..f7b938b 100644 (file)
@@ -64,7 +64,6 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 
-static void ext_print(BIO *out, X509_EXTENSION *ex);
 #ifndef NO_FP_API
 int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
         {
@@ -89,7 +88,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
        STACK_OF(X509_REVOKED) *rev;
        X509_REVOKED *r;
        long l;
-       int i, j, n;
+       int i, n;
 
        BIO_printf(out, "Certificate Revocation List (CRL):\n");
        l = X509_CRL_get_version(x);
@@ -108,11 +107,8 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
        BIO_printf(out,"\n");
 
        n=X509_CRL_get_ext_count(x);
-       if (n > 0) {
-               BIO_printf(out,"%8sCRL extensions:\n","");
-               for (i=0; i<n; i++) ext_print(out, X509_CRL_get_ext(x, i));
-       }
-
+       X509V3_extensions_print(out, "CRL extensions",
+                                               x->crl->extensions, 0, 8);
 
        rev = X509_CRL_get_REVOKED(x);
 
@@ -127,27 +123,11 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
                BIO_printf(out,"\n        Revocation Date: ","");
                ASN1_TIME_print(out,r->revocationDate);
                BIO_printf(out,"\n");
-               for(j = 0; j < X509_REVOKED_get_ext_count(r); j++)
-                               ext_print(out, X509_REVOKED_get_ext(r, j));
+               X509V3_extensions_print(out, "CRL entry extensions",
+                                               r->extensions, 0, 8);
        }
        X509_signature_print(out, x->sig_alg, x->signature);
 
        return 1;
 
 }
-
-static void ext_print(BIO *out, X509_EXTENSION *ex)
-{
-       ASN1_OBJECT *obj;
-       int j;
-       BIO_printf(out,"%12s","");
-       obj=X509_EXTENSION_get_object(ex);
-       i2a_ASN1_OBJECT(out,obj);
-       j=X509_EXTENSION_get_critical(ex);
-       BIO_printf(out, ": %s\n", j ? "critical":"","");
-       if(!X509V3_EXT_print(out, ex, 0, 16)) {
-               BIO_printf(out, "%16s", "");
-               M_ASN1_OCTET_STRING_print(out,ex->value);
-       }
-       BIO_write(out,"\n",1);
-}
index beba47c..358829b 100644 (file)
@@ -101,14 +101,13 @@ int X509_print(BIO *bp, X509 *x)
 int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
        {
        long l;
-       int ret=0,i,j,n;
+       int ret=0,i;
        char *m=NULL,mlch = ' ';
        int nmindent = 0;
        X509_CINF *ci;
        ASN1_INTEGER *bs;
        EVP_PKEY *pkey=NULL;
        const char *neg;
-       X509_EXTENSION *ex;
        ASN1_STRING *str=NULL;
 
        if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
@@ -228,31 +227,9 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
                EVP_PKEY_free(pkey);
                }
 
-       if (cflag & X509_FLAG_NO_EXTENSIONS)
-               n = 0;
-       else
-               n=X509_get_ext_count(x);
-       if (n > 0)
-               {
-               BIO_printf(bp,"%8sX509v3 extensions:\n","");
-               for (i=0; i<n; i++)
-                       {
-                       ASN1_OBJECT *obj;
-                       ex=X509_get_ext(x,i);
-                       if (BIO_printf(bp,"%12s","") <= 0) goto err;
-                       obj=X509_EXTENSION_get_object(ex);
-                       i2a_ASN1_OBJECT(bp,obj);
-                       j=X509_EXTENSION_get_critical(ex);
-                       if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
-                               goto err;
-                       if(!X509V3_EXT_print(bp, ex, cflag, 16))
-                               {
-                               BIO_printf(bp, "%16s", "");
-                               M_ASN1_OCTET_STRING_print(bp,ex->value);
-                               }
-                       if (BIO_write(bp,"\n",1) <= 0) goto err;
-                       }
-               }
+       if (!(cflag & X509_FLAG_NO_EXTENSIONS))
+               X509V3_extensions_print(bp, "X509v3 extensions",
+                                       ci->extensions, cflag, 8);
 
        if(!(cflag & X509_FLAG_NO_SIGDUMP))
                {
index cadaeba..9387f34 100644 (file)
@@ -22,11 +22,11 @@ TEST=
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC= ocsp_asn.c ocsp_req.c ocsp_res.c ocsp_sig.c ocsp_cid.c ocsp_ext.c \
-       ocsp_lib.c ocsp_err.c 
+LIBSRC= ocsp_asn.c ocsp_ext.c ocsp_res.c ocsp_sig.c ocsp_cid.c \
+       ocsp_lib.c ocsp_prn.c ocsp_err.c 
 #ocsp_v3.c
-LIBOBJ= ocsp_asn.o ocsp_req.o ocsp_res.o ocsp_sig.o ocsp_cid.o ocsp_ext.o \
-       ocsp_lib.o ocsp_err.o 
+LIBOBJ= ocsp_asn.o ocsp_ext.o ocsp_res.o ocsp_sig.o ocsp_cid.o \
+       ocsp_lib.o ocsp_prn.o ocsp_err.o 
 #ocsp_v3.o
 
 SRC= $(LIBSRC)
index 4807205..0ee8fdc 100644 (file)
@@ -510,7 +510,7 @@ void OCSP_REQUEST_free(OCSP_REQUEST *a);
 int i2d_OCSP_REQUEST(OCSP_REQUEST *a, unsigned char **pp);
 OCSP_REQUEST *d2i_OCSP_REQUEST(OCSP_REQUEST **a, unsigned char **pp, long length);
 int i2a_OCSP_REQUEST(BIO *bp, OCSP_REQUEST* a);
-int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a);
+int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags);
 
 OCSP_SIGNATURE *OCSP_SIGNATURE_new(void);
 void OCSP_SIGNATURE_free(OCSP_SIGNATURE *a);
index a61b0ae..a84db66 100644 (file)
@@ -65,6 +65,8 @@ ASN1_SEQUENCE(OCSP_SIGNATURE) = {
        ASN1_SEQUENCE_OF(OCSP_SIGNATURE, certs, X509)
 } ASN1_SEQUENCE_END(OCSP_SIGNATURE);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE)
+
 ASN1_SEQUENCE(OCSP_CERTID) = {
        ASN1_SIMPLE(OCSP_CERTID, hashAlgorithm, X509_ALGOR),
        ASN1_SIMPLE(OCSP_CERTID, issuerNameHash, ASN1_OCTET_STRING),
@@ -72,11 +74,15 @@ ASN1_SEQUENCE(OCSP_CERTID) = {
        ASN1_SIMPLE(OCSP_CERTID, serialNumber, ASN1_INTEGER)
 } ASN1_SEQUENCE_END(OCSP_CERTID);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTID)
+
 ASN1_SEQUENCE(OCSP_ONEREQ) = {
        ASN1_SIMPLE(OCSP_ONEREQ, reqCert, OCSP_CERTID),
        ASN1_EXP_SEQUENCE_OF_OPT(OCSP_ONEREQ, singleRequestExtensions, X509_EXTENSION, 0)
 } ASN1_SEQUENCE_END(OCSP_ONEREQ);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_ONEREQ)
+
 ASN1_SEQUENCE(OCSP_REQINFO) = {
        ASN1_EXP_OPT(OCSP_REQINFO, version, ASN1_INTEGER, 0),
        ASN1_EXP_OPT(OCSP_REQINFO, requestorName, GENERAL_NAME, 1),
@@ -84,11 +90,14 @@ ASN1_SEQUENCE(OCSP_REQINFO) = {
        ASN1_EXP_SEQUENCE_OF_OPT(OCSP_REQINFO, requestExtensions, X509_EXTENSION, 2)
 } ASN1_SEQUENCE_END(OCSP_REQINFO);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQINFO)
+
 ASN1_SEQUENCE(OCSP_REQUEST) = {
        ASN1_SIMPLE(OCSP_REQUEST, tbsRequest, OCSP_REQINFO),
        ASN1_EXP_OPT(OCSP_REQUEST, optionalSignature, OCSP_SIGNATURE, 0)
 } ASN1_SEQUENCE_END(OCSP_REQUEST);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQUEST)
 
 /* OCSP_RESPONSE templates */
 
@@ -97,11 +106,15 @@ ASN1_SEQUENCE(OCSP_RESPBYTES) = {
            ASN1_SIMPLE(OCSP_RESPBYTES, response, ASN1_OCTET_STRING)
 } ASN1_SEQUENCE_END(OCSP_RESPBYTES);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPBYTES)
+
 ASN1_SEQUENCE(OCSP_RESPONSE) = {
        ASN1_SIMPLE(OCSP_RESPONSE, responseStatus, ASN1_ENUMERATED),
        ASN1_EXP_OPT(OCSP_RESPONSE, responseBytes, OCSP_RESPBYTES, 0)
 } ASN1_SEQUENCE_END(OCSP_RESPONSE);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPONSE)
+
 ASN1_CHOICE(OCSP_RESPID) = {
           ASN1_EXP(OCSP_RESPID, value.byName, X509_NAME, 1),
           ASN1_IMP(OCSP_RESPID, value.byKey, ASN1_OCTET_STRING, 2)
@@ -112,12 +125,16 @@ ASN1_SEQUENCE(OCSP_REVOKEDINFO) = {
        ASN1_EXP_OPT(OCSP_REVOKEDINFO, revocationReason, ASN1_ENUMERATED, 0)
 } ASN1_SEQUENCE_END(OCSP_REVOKEDINFO);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
+
 ASN1_CHOICE(OCSP_CERTSTATUS) = {
        ASN1_IMP(OCSP_CERTSTATUS, value.good, ASN1_NULL, 0),
        ASN1_IMP(OCSP_CERTSTATUS, value.revoked, OCSP_REVOKEDINFO, 1),
        ASN1_IMP(OCSP_CERTSTATUS, value.unknown, ASN1_NULL, 2)
 } ASN1_CHOICE_END(OCSP_CERTSTATUS);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
+
 ASN1_SEQUENCE(OCSP_SINGLERESP) = {
           ASN1_SIMPLE(OCSP_SINGLERESP, certId, OCSP_CERTID),
           ASN1_SIMPLE(OCSP_SINGLERESP, certStatus, OCSP_CERTSTATUS),
@@ -126,6 +143,8 @@ ASN1_SEQUENCE(OCSP_SINGLERESP) = {
           ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SINGLERESP, singleExtensions, X509_EXTENSION, 1)
 } ASN1_SEQUENCE_END(OCSP_SINGLERESP);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_SINGLERESP)
+
 ASN1_SEQUENCE(OCSP_RESPDATA) = {
           ASN1_EXP_OPT(OCSP_RESPDATA, version, ASN1_INTEGER, 0),
           ASN1_SIMPLE(OCSP_RESPDATA, responderId, OCSP_RESPID),
@@ -134,6 +153,8 @@ ASN1_SEQUENCE(OCSP_RESPDATA) = {
           ASN1_EXP_SEQUENCE_OF_OPT(OCSP_RESPDATA, responseExtensions, X509_EXTENSION, 1)
 } ASN1_SEQUENCE_END(OCSP_RESPDATA);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPDATA)
+
 ASN1_SEQUENCE(OCSP_BASICRESP) = {
           ASN1_SIMPLE(OCSP_BASICRESP, tbsResponseData, OCSP_RESPDATA),
           ASN1_SIMPLE(OCSP_BASICRESP, signatureAlgorithm, X509_ALGOR),
@@ -141,3 +162,19 @@ ASN1_SEQUENCE(OCSP_BASICRESP) = {
           ASN1_EXP_SEQUENCE_OF_OPT(OCSP_BASICRESP, certs, X509, 0)
 } ASN1_SEQUENCE_END(OCSP_BASICRESP);
 
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_BASICRESP)
+
+ASN1_SEQUENCE(OCSP_CRLID) = {
+          ASN1_EXP_OPT(OCSP_CRLID, crlUrl, ASN1_IA5STRING, 0),
+          ASN1_EXP_OPT(OCSP_CRLID, crlNum, ASN1_INTEGER, 1),
+          ASN1_EXP_OPT(OCSP_CRLID, crlTime, ASN1_GENERALIZEDTIME, 2)
+} ASN1_SEQUENCE_END(OCSP_CRLID);
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_CRLID)
+
+ASN1_SEQUENCE(OCSP_SERVICELOC) = {
+       ASN1_SIMPLE(OCSP_SERVICELOC, issuer, X509_NAME),
+       ASN1_SEQUENCE_OF(OCSP_SERVICELOC, locator, ACCESS_DESCRIPTION)
+} ASN1_SEQUENCE_END(OCSP_SERVICELOC);
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_SERVICELOC)
index f633ca7..6f810d5 100644 (file)
@@ -460,85 +460,6 @@ GENERAL_NAME *n;
        return 1;
        }
 
-
-int OCSP_REQUEST_print(bp, o)
-BIO *bp; 
-OCSP_REQUEST* o;
-        {
-       int i,j,n;
-       long l;
-       char *s;
-       OCSP_CERTID* cid = NULL;
-       OCSP_ONEREQ *one = NULL;
-       OCSP_REQINFO *inf = o->tbsRequest;
-       OCSP_SIGNATURE *sig = o->optionalSignature;
-
-       if (BIO_write(bp,"OCSP Request Data:\n",19) <= 0) goto err;
-       l=ASN1_INTEGER_get(inf->version);
-       if (BIO_printf(bp,"%4sVersion: %lu (0x%lx)","",l+1,l) <= 0) goto err;
-       if (inf->requestorName != NULL)
-               {
-               if (BIO_write(bp,"\n    Requestor Name: ",21) <= 0) 
-                       goto err;
-               i2a_GENERAL_NAME(bp, inf->requestorName);
-               }
-       if (BIO_write(bp,"\n    Requestor List:\n",21) <= 0) goto err;
-       for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++)
-               {
-               if (! sk_OCSP_ONEREQ_value(inf->requestList, i)) continue;
-               one = sk_OCSP_ONEREQ_value(inf->requestList, i);
-               cid = one->reqCert;
-               j=OBJ_obj2nid(cid->hashAlgorithm->algorithm);
-               if (BIO_printf(bp,"%8sHash Algorithm: %s","",
-                              (j == NID_undef)?"UNKNOWN":OBJ_nid2ln(j)) <= 0)
-                       goto err;
-               if (BIO_write(bp,"\n        Issuer Name Hash: ",27) <= 0)
-                       goto err;
-               i2a_ASN1_STRING(bp, cid->issuerNameHash, V_ASN1_OCTET_STRING);
-               if (BIO_write(bp,"\n        Issuer Key Hash: ",26) <= 0) 
-                       goto err;
-               i2a_ASN1_STRING(bp, cid->issuerKeyHash, V_ASN1_OCTET_STRING);
-               if (BIO_write(bp,"\n        Serial Number: ",24) <= 0) 
-                       goto err;
-               if (!i2a_ASN1_INTEGER(bp, cid->serialNumber)) 
-                       goto err;
-               if (!BIO_write(bp,"\n",1)) goto err;
-               if (!OCSP_extensions_print(bp, one->singleRequestExtensions,
-                                          "Request Single Extensions"))
-                       goto err;
-               }
-       if (!OCSP_extensions_print(bp, inf->requestExtensions, 
-                                  "Request Extensions"))
-               goto err;
-       if (sig)
-               {
-               i=OBJ_obj2nid(sig->signatureAlgorithm->algorithm);
-               if (BIO_printf(bp,"OCSP Request Signature Algorithm: %s",
-                              (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
-                       goto err;
-               n=sig->signature->length;
-               s=(char *)sig->signature->data;
-               for (i=0; i<n; i++)
-                       {
-                       if ((i%18) == 0)
-                       if (BIO_write(bp,"\n        ",9) <= 0) goto err;
-                       if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
-                               ((i+1) == n)?"":":") <= 0) goto err;
-                       }
-               if (BIO_write(bp,"\n",1) != 1) goto err;
-               if (sig->certs)
-                       {
-                       for (i=0; i<sk_X509_num(sig->certs); i++)
-                               if (sk_X509_value(sig->certs,i) != NULL)
-                                       X509_print(bp,
-                                           sk_X509_value(sig->certs,i));
-                       }
-               }
-       return 1;
-err:
-       return 0;
-       }
-
 int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o)
         {
        int i, j, n;
diff --git a/crypto/ocsp/ocsp_prn.c b/crypto/ocsp/ocsp_prn.c
new file mode 100644 (file)
index 0000000..436f23e
--- /dev/null
@@ -0,0 +1,125 @@
+/* ocsp_cid.c */
+/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
+ * project. */
+
+/* History:
+   This file was originally part of ocsp.c and was transfered to Richard
+   Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be included
+   in OpenSSL or released as a patch kit. */
+
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/ocsp.h>
+#include <openssl/x509.h>
+
+int OCSP_CERTID_print(BIO *bp, OCSP_CERTID* a, int indent)
+        {
+       BIO_printf(bp, "%*sCertificate ID:\n", indent, "");
+       indent += 2;
+       BIO_printf(bp, "%*sHash Algorithm: ", indent, "");
+       i2a_ASN1_OBJECT(bp, a->hashAlgorithm->algorithm);
+       BIO_printf(bp, "\n%*sIssuer Name Hash: ", indent, "");
+       i2a_ASN1_STRING(bp, a->issuerNameHash, V_ASN1_OCTET_STRING);
+       BIO_printf(bp, "\n%*sIssuer Key Hash: ", indent, "");
+       i2a_ASN1_STRING(bp, a->issuerKeyHash, V_ASN1_OCTET_STRING);
+       BIO_printf(bp, "\n%*sSerial Number: ", indent, "");
+       i2a_ASN1_INTEGER(bp, a->serialNumber);
+       BIO_printf(bp, "\n");
+       return 1;
+       }
+
+int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* o, unsigned long flags)
+        {
+       int i;
+       long l;
+       OCSP_CERTID* cid = NULL;
+       OCSP_ONEREQ *one = NULL;
+       OCSP_REQINFO *inf = o->tbsRequest;
+       OCSP_SIGNATURE *sig = o->optionalSignature;
+
+       if (BIO_write(bp,"OCSP Request Data:\n",19) <= 0) goto err;
+       l=ASN1_INTEGER_get(inf->version);
+       if (BIO_printf(bp,"%4sVersion: %lu (0x%lx)","",l+1,l) <= 0) goto err;
+       if (inf->requestorName != NULL)
+               {
+               if (BIO_write(bp,"\n    Requestor Name: ",21) <= 0) 
+                       goto err;
+               GENERAL_NAME_print(bp, inf->requestorName);
+               }
+       if (BIO_write(bp,"\n    Requestor List:\n",21) <= 0) goto err;
+       for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++)
+               {
+               if (!sk_OCSP_ONEREQ_value(inf->requestList, i)) continue;
+               one = sk_OCSP_ONEREQ_value(inf->requestList, i);
+               cid = one->reqCert;
+               OCSP_CERTID_print(bp, cid, 8);
+               if (!X509V3_extensions_print(bp,
+                                       "OCSP Request Single Extensions",
+                                       one->singleRequestExtensions, flags, 4))
+                                                       goto err;
+               }
+       if (!X509V3_extensions_print(bp, "OCSP Request Extensions",
+                       inf->requestExtensions, flags, 4))
+                                                       goto err;
+       if (sig)
+               {
+               X509_signature_print(bp, sig->signatureAlgorithm, sig->signature);
+               }
+       return 1;
+err:
+       return 0;
+       }
index c370f8c..bdd9927 100644 (file)
@@ -149,6 +149,60 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
        return ret;
 }
 
+int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
+{
+       char oline[256];
+       unsigned char *p;
+       switch (gen->type)
+       {
+               case GEN_OTHERNAME:
+               BIO_printf(out, "othername:<unsupported>");
+               break;
+
+               case GEN_X400:
+               BIO_printf(out, "X400Name:<unsupported>");
+               break;
+
+               case GEN_EDIPARTY:
+               /* Maybe fix this: it is supported now */
+               BIO_printf(out, "EdiPartyName:<unsupported>");
+               break;
+
+               case GEN_EMAIL:
+               BIO_printf(out, "email:%s",gen->d.ia5->data);
+               break;
+
+               case GEN_DNS:
+               BIO_printf(out, "DNS:%s",gen->d.ia5->data);
+               break;
+
+               case GEN_URI:
+               BIO_printf(out, "URI:%s",gen->d.ia5->data);
+               break;
+
+               case GEN_DIRNAME:
+               X509_NAME_oneline(gen->d.dirn, oline, 256);
+               BIO_printf(out, "DirName:%s",oline);
+               break;
+
+               case GEN_IPADD:
+               p = gen->d.ip->data;
+               /* BUG: doesn't support IPV6 */
+               if(gen->d.ip->length != 4) {
+                       BIO_printf(out,"IP Address:<invalid>");
+                       break;
+               }
+               BIO_printf(out, "IP Address:%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
+               break;
+
+               case GEN_RID:
+               BIO_printf(out, "Registered ID");
+               i2a_ASN1_OBJECT(out, gen->d.rid);
+               break;
+       }
+       return 1;
+}
+
 static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
index ae1b7c8..475c480 100644 (file)
@@ -147,6 +147,39 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde
                return ok;
 }
 
+int X509V3_extensions_print(BIO *bp, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent)
+{
+       int i, j;
+
+       if(sk_X509_EXTENSION_num(exts) <= 0) return 1;
+
+       if(title) 
+               {
+               BIO_printf(bp,"%*s%s:\n",indent, "", title);
+               indent += 4;
+               }
+
+       for (i=0; i<sk_X509_EXTENSION_num(exts); i++)
+               {
+               ASN1_OBJECT *obj;
+               X509_EXTENSION *ex;
+               ex=sk_X509_EXTENSION_value(exts, i);
+               if (BIO_printf(bp,"%*s",indent, "") <= 0) return 0;
+               obj=X509_EXTENSION_get_object(ex);
+               i2a_ASN1_OBJECT(bp,obj);
+               j=X509_EXTENSION_get_critical(ex);
+               if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
+                       return 0;
+               if(!X509V3_EXT_print(bp, ex, flag, 12))
+                       {
+                       BIO_printf(bp, "%*s", indent + 4, "");
+                       M_ASN1_OCTET_STRING_print(bp,ex->value);
+                       }
+               if (BIO_write(bp,"\n",1) <= 0) return 0;
+               }
+       return 1;
+}
+
 static int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent, int supported)
 {
        switch(flag & X509V3_EXT_UNKNOWN_MASK) {
index 8243e38..487d156 100644 (file)
@@ -410,6 +410,7 @@ DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
 DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
 
 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
+int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
 
 DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
 
@@ -497,6 +498,8 @@ void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
 int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent);
 int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 
+int X509V3_extensions_print(BIO *out, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent);
+
 int X509_check_purpose(X509 *x, int id, int ca);
 int X509_check_issued(X509 *issuer, X509 *subject);
 int X509_PURPOSE_get_count(void);