generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Global DirectoryString mask fix.

Browse Source 
Add support for X509_NAME_print_ex() in req.

Initial code for cutomizable X509 print routines.
This commit is contained in:
Dr. Stephen Henson 2000-10-04 01:16:32 +00:00
parent 356c06c776
commit d0c9858914
6 changed files with 182 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@ -4,6 +4,11 @@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000] Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
*) Fix for bug in DirectoryString mask setting. Add support for
X509_NAME_print_ex() in 'req' and initial X509_print_ex() function
to allow certificate printing to more controllable.
[Steve Henson]
*) Clean old EAY MD5 hack from e_os.h. *) Clean old EAY MD5 hack from e_os.h.
[Richard Levitte] [Richard Levitte]

20
apps/req.c
View File

@ -143,6 +143,7 @@ int MAIN(int argc, char **argv)
#ifndef NO_DSA #ifndef NO_DSA
DSA *dsa_params=NULL; DSA *dsa_params=NULL;
#endif #endif
unsigned long nmflag = 0;
int ex=1,x509=0,days=30; int ex=1,x509=0,days=30;
X509 *x509ss=NULL; X509 *x509ss=NULL;
X509_REQ *req=NULL; X509_REQ *req=NULL;
@ -150,7 +151,7 @@ int MAIN(int argc, char **argv)
int i,badops=0,newreq=0,newkey= -1,pkey_type=0; int i,badops=0,newreq=0,newkey= -1,pkey_type=0;
BIO *in=NULL,*out=NULL; BIO *in=NULL,*out=NULL;
int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM; int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
int nodes=0,kludge=0,newhdr=0; int nodes=0,kludge=0,newhdr=0,subject=0;
char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL; char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
char *extensions = NULL; char *extensions = NULL;
char *req_exts = NULL; char *req_exts = NULL;
@ -322,6 +323,13 @@ int MAIN(int argc, char **argv)
nodes=1; nodes=1;
else if (strcmp(*argv,"-noout") == 0) else if (strcmp(*argv,"-noout") == 0)
noout=1; noout=1;
else if (strcmp(*argv,"-nameopt") == 0)
{
if (--argc < 1) goto bad;
if (!set_name_ex(&nmflag, *(++argv))) goto bad;
}
else if (strcmp(*argv,"-subject") == 0)
subject=1;
else if (strcmp(*argv,"-text") == 0) else if (strcmp(*argv,"-text") == 0)
text=1; text=1;
else if (strcmp(*argv,"-x509") == 0) else if (strcmp(*argv,"-x509") == 0)
@ -803,7 +811,7 @@ loop:
BIO_printf(bio_err,"verify OK\n"); BIO_printf(bio_err,"verify OK\n");
} }
if (noout && !text && !modulus) if (noout && !text && !modulus && !subject)
{ {
ex=0; ex=0;
goto end; goto end;
@ -840,6 +848,14 @@ loop:
X509_REQ_print(out,req); X509_REQ_print(out,req);
} }
if(subject)
{
if(x509)
print_name(out, "subject=", X509_get_subject_name(x509ss), nmflag);
else
print_name(out, "subject=", X509_REQ_get_subject_name(req), nmflag);
}
if (modulus) if (modulus)
{ {
EVP_PKEY *pubkey; EVP_PKEY *pubkey;

12
crypto/asn1/a_strex.c
View File

@ -491,12 +491,24 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags) int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
{ {
if(flags == XN_FLAG_COMPAT)
return X509_NAME_print(out, nm, indent);
return do_name_ex(send_bio_chars, out, nm, indent, flags); return do_name_ex(send_bio_chars, out, nm, indent, flags);
} }
int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags) int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
{ {
if(flags == XN_FLAG_COMPAT)
{
BIO *btmp;
int ret;
btmp = BIO_new_fp(fp, BIO_NOCLOSE);
if(!btmp) return -1;
ret = X509_NAME_print(btmp, nm, indent);
BIO_free(btmp);
return ret;
}
return do_name_ex(send_fp_chars, fp, nm, indent, flags); return do_name_ex(send_fp_chars, fp, nm, indent, flags);
} }

2
crypto/asn1/a_strnid.c
View File

@ -133,7 +133,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in,
if(tbl) { if(tbl) {
mask = tbl->mask; mask = tbl->mask;
if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask; if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask;
ret = ASN1_mbstring_ncopy(out, in, inlen, inform, tbl->mask, ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
tbl->minsize, tbl->maxsize); tbl->minsize, tbl->maxsize);
} else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask); } else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask);
if(ret <= 0) return NULL; if(ret <= 0) return NULL;

59
crypto/asn1/t_x509.c
View File

@ -72,6 +72,11 @@
#ifndef NO_FP_API #ifndef NO_FP_API
int X509_print_fp(FILE *fp, X509 *x) int X509_print_fp(FILE *fp, X509 *x)
{
return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
}
int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag)
{ {
BIO *b; BIO *b;
int ret; int ret;
@ -82,17 +87,22 @@ int X509_print_fp(FILE *fp, X509 *x)
return(0); return(0);
} }
BIO_set_fp(b,fp,BIO_NOCLOSE); BIO_set_fp(b,fp,BIO_NOCLOSE);
ret=X509_print(b, x); ret=X509_print_ex(b, x, nmflag, cflag);
BIO_free(b); BIO_free(b);
return(ret); return(ret);
} }
#endif #endif
int X509_print(BIO *bp, X509 *x) int X509_print(BIO *bp, X509 *x)
{
return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
}
int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
{ {
long l; long l;
int ret=0,i,j,n; int ret=0,i,j,n;
char *m=NULL,*s; char *m=NULL,*s, mlch = ' ';
X509_CINF *ci; X509_CINF *ci;
ASN1_INTEGER *bs; ASN1_INTEGER *bs;
EVP_PKEY *pkey=NULL; EVP_PKEY *pkey=NULL;
@ -100,11 +110,23 @@ int X509_print(BIO *bp, X509 *x)
X509_EXTENSION *ex; X509_EXTENSION *ex;
ASN1_STRING *str=NULL; ASN1_STRING *str=NULL;
if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE)
mlch = '\n';
ci=x->cert_info; ci=x->cert_info;
if(!(cflag & X509_FLAG_NO_HEADER))
{
if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err; if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
if (BIO_write(bp," Data:\n",10) <= 0) goto err; if (BIO_write(bp," Data:\n",10) <= 0) goto err;
}
if(!(cflag & X509_FLAG_NO_VERSION))
{
l=X509_get_version(x); l=X509_get_version(x);
if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err; if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
}
if(!(cflag & X509_FLAG_NO_SERIAL))
{
if (BIO_write(bp," Serial Number:",22) <= 0) goto err; if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
bs=X509_get_serialNumber(x); bs=X509_get_serialNumber(x);
@ -134,20 +156,37 @@ int X509_print(BIO *bp, X509 *x)
} }
} }
}
if(!(cflag & X509_FLAG_NO_SIGNAME))
{
i=OBJ_obj2nid(ci->signature->algorithm); i=OBJ_obj2nid(ci->signature->algorithm);
if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","", if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
goto err; goto err;
}
if (BIO_write(bp," Issuer: ",16) <= 0) goto err; if(!(cflag & X509_FLAG_NO_ISSUER))
if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err; {
if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err;
if (!X509_NAME_print_ex(bp,X509_get_issuer_name(x),16, nmflags)) goto err;
}
if(!(cflag & X509_FLAG_NO_VALIDITY))
{
if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err; if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err;
if (BIO_write(bp," Not Before: ",24) <= 0) goto err; if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err; if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err; if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err; if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
if (BIO_write(bp,"\n Subject: ",18) <= 0) goto err; if (BIO_write(bp,"\n",1) <= 0) goto err;
}
if(!(cflag & X509_FLAG_NO_SUBJECT))
{
if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err;
if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err; if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
}
if(!(cflag & X509_FLAG_NO_PUBKEY))
{
if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0) if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0)
goto err; goto err;
i=OBJ_obj2nid(ci->key->algor->algorithm); i=OBJ_obj2nid(ci->key->algor->algorithm);
@ -181,7 +220,11 @@ int X509_print(BIO *bp, X509 *x)
BIO_printf(bp,"%12sUnknown Public Key:\n",""); BIO_printf(bp,"%12sUnknown Public Key:\n","");
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
}
if (cflag & X509_FLAG_NO_EXTENSIONS)
n = 0;
else
n=X509_get_ext_count(x); n=X509_get_ext_count(x);
if (n > 0) if (n > 0)
{ {
@ -205,6 +248,8 @@ int X509_print(BIO *bp, X509 *x)
} }
} }
if(!(cflag & X509_FLAG_NO_SIGDUMP))
{
i=OBJ_obj2nid(x->sig_alg->algorithm); i=OBJ_obj2nid(x->sig_alg->algorithm);
if (BIO_printf(bp,"%4sSignature Algorithm: %s","", if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err; (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
@ -219,7 +264,11 @@ int X509_print(BIO *bp, X509 *x)
((i+1) == n)?"":":") <= 0) goto err; ((i+1) == n)?"":":") <= 0) goto err;
} }
if (BIO_write(bp,"\n",1) != 1) goto err; if (BIO_write(bp,"\n",1) != 1) goto err;
}
if(!(cflag & X509_FLAG_NO_AUX))
{
if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err; if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
}
ret=1; ret=1;
err: err:
if (str != NULL) ASN1_STRING_free(str); if (str != NULL) ASN1_STRING_free(str);

17
crypto/x509/x509.h
View File

@ -320,6 +320,21 @@ DECLARE_STACK_OF(X509_TRUST)
#define X509_TRUST_REJECTED 2 #define X509_TRUST_REJECTED 2
#define X509_TRUST_UNTRUSTED 3 #define X509_TRUST_UNTRUSTED 3
/* Flags for X509_print_ex() */
#define X509_FLAG_COMPAT 0
#define X509_FLAG_NO_HEADER 1L
#define X509_FLAG_NO_VERSION (1L << 1)
#define X509_FLAG_NO_SERIAL (1L << 2)
#define X509_FLAG_NO_SIGNAME (1L << 3)
#define X509_FLAG_NO_ISSUER (1L << 4)
#define X509_FLAG_NO_VALIDITY (1L << 5)
#define X509_FLAG_NO_SUBJECT (1L << 6)
#define X509_FLAG_NO_PUBKEY (1L << 7)
#define X509_FLAG_NO_EXTENSIONS (1L << 8)
#define X509_FLAG_NO_SIGDUMP (1L << 9)
#define X509_FLAG_NO_AUX (1L << 10)
/* Flags specific to X509_NAME_print_ex() */ /* Flags specific to X509_NAME_print_ex() */
/* The field separator information */ /* The field separator information */
@ -1034,6 +1049,7 @@ unsigned long X509_NAME_hash(X509_NAME *x);
int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
#ifndef NO_FP_API #ifndef NO_FP_API
int X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
int X509_print_fp(FILE *bp,X509 *x); int X509_print_fp(FILE *bp,X509 *x);
int X509_CRL_print_fp(FILE *bp,X509_CRL *x); int X509_CRL_print_fp(FILE *bp,X509_CRL *x);
int X509_REQ_print_fp(FILE *bp,X509_REQ *req); int X509_REQ_print_fp(FILE *bp,X509_REQ *req);
@ -1043,6 +1059,7 @@ int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long fla
#ifndef NO_BIO #ifndef NO_BIO
int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags); int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
int X509_print(BIO *bp,X509 *x); int X509_print(BIO *bp,X509 *x);
int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent);
int X509_CRL_print(BIO *bp,X509_CRL *x); int X509_CRL_print(BIO *bp,X509_CRL *x);