generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Document the -certopt option to the x509 utility.

Browse Source 
Add no_issuer option.

Fix X509_print_ex() so it prints out newlines when
certain fields are omitted.
This commit is contained in:
Dr. Stephen Henson 2001-03-15 01:15:54 +00:00
parent a5e4c0bb9e
commit 0a3ea5d34a
3 changed files with 86 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/apps.c
View File

@ -754,6 +754,7 @@ int set_cert_ex(unsigned long *flags, const char *arg)
{ "no_signame", X509_FLAG_NO_SIGNAME, 0}, { "no_signame", X509_FLAG_NO_SIGNAME, 0},
{ "no_validity", X509_FLAG_NO_VALIDITY, 0}, { "no_validity", X509_FLAG_NO_VALIDITY, 0},
{ "no_subject", X509_FLAG_NO_SUBJECT, 0}, { "no_subject", X509_FLAG_NO_SUBJECT, 0},
{ "no_issuer", X509_FLAG_NO_ISSUER, 0},
{ "no_pubkey", X509_FLAG_NO_PUBKEY, 0}, { "no_pubkey", X509_FLAG_NO_PUBKEY, 0},
{ "no_extensions", X509_FLAG_NO_EXTENSIONS, 0}, { "no_extensions", X509_FLAG_NO_EXTENSIONS, 0},
{ "no_sigdump", X509_FLAG_NO_SIGDUMP, 0}, { "no_sigdump", X509_FLAG_NO_SIGDUMP, 0},

6
crypto/asn1/t_x509.c
View File

@ -177,10 +177,11 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
{ {
if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err; if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err;
if (!X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags)) goto err; if (!X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags)) goto err;
if (BIO_write(bp,"\n",1) <= 0) goto err;
} }
if(!(cflag & X509_FLAG_NO_VALIDITY)) if(!(cflag & X509_FLAG_NO_VALIDITY))
{ {
if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err; if (BIO_write(bp," Validity\n",17) <= 0) goto err;
if (BIO_write(bp," Not Before: ",24) <= 0) goto err; if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err; if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err; if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
@ -191,10 +192,11 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
{ {
if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err; if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err;
if (!X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags)) goto err; if (!X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags)) goto err;
if (BIO_write(bp,"\n",1) <= 0) goto err;
} }
if(!(cflag & X509_FLAG_NO_PUBKEY)) if(!(cflag & X509_FLAG_NO_PUBKEY))
{ {
if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0) if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0)
goto err; goto err;
if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0) if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
goto err; goto err;

82
doc/apps/x509.pod
View File

@ -113,6 +113,12 @@ prints out the certificate in text form. Full details are output including the
public key, signature algorithms, issuer and subject names, serial number public key, signature algorithms, issuer and subject names, serial number
any extensions present and any trust settings. any extensions present and any trust settings.
=item B<-certopt option>
customise the output format used with B<-text>. This option may be used more
than once to set multiple options. See the B<OUTPUT OPTIONS> section for
more information.
=item B<-noout> =item B<-noout>
this option prevents output of the encoded version of the request. this option prevents output of the encoded version of the request.
@ -142,7 +148,7 @@ outputs the issuer name.
=item B<-nameopt option> =item B<-nameopt option>
option which determine how the subject or issuer names are displayed. This option which determines how the subject or issuer names are displayed. This
option may be used more than once to set multiple options. See the B<NAME option may be used more than once to set multiple options. See the B<NAME
OPTIONS> section for more information. OPTIONS> section for more information.
@ -486,6 +492,80 @@ name.
=back =back
=head1 OUTPUT OPTIONS
As well as customising the name output format, it is also possible to
customise the actual fields printed using the B<certopt> options when
the B<text> option is present. The default behaviour is to print all fields.
=item B<compatible>
use the old format. This is equivalent to specifying no output options at all.
=item B<no_header>
don't print header information: that is the lines saying "Certificate" and "Data".
=item B<no_version>
don't print out the version number.
=item B<no_serial>
don't print out the serial number.
=item B<no_signame>
don't print out the signature algorithm used.
=item B<no_validity>
don't print the validity, that is the B<notBefore> and B<notAfter> fields.
=item B<no_subject>
don't print out the subject name.
=item B<no_issuer>
don't print out the issuer name.
=item B<no_pubkey>
don't print out the public key.
=item B<no_sigdump>
don't give a hexadecimal dump of the certificate signature.
=item B<no_aux>
don't print out certificate trust information.
=item B<no_extensions>
don't print out any X509V3 extensions.
=item B<ext_default>
retain default extension behaviour: attempt to print out unsupported certificate extensions.
=item B<ext_error>
print an error message for unsupported certificate extensions.
=item B<ext_parse>
ASN1 parse unsupported extensions.
=item B<ext_dump>
hex dump unsupported extensions.
=over 4
=back
=head1 EXAMPLES =head1 EXAMPLES
Note: in these examples the '\' means the example should be all on one Note: in these examples the '\' means the example should be all on one