/src/openssl35/crypto/x509/t_acert.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 2021-2026 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include "internal/cryptlib.h" |
12 | | #include <openssl/buffer.h> |
13 | | #include <openssl/bn.h> |
14 | | #include <openssl/objects.h> |
15 | | #include <openssl/x509_acert.h> |
16 | | |
17 | | static int print_attribute(BIO *bp, X509_ATTRIBUTE *a) |
18 | 76.5k | { |
19 | 76.5k | ASN1_OBJECT *aobj; |
20 | 76.5k | int i, j, count; |
21 | 76.5k | int ret = 0; |
22 | | |
23 | 76.5k | aobj = X509_ATTRIBUTE_get0_object(a); |
24 | 76.5k | if (BIO_printf(bp, "%12s", "") <= 0) |
25 | 0 | goto err; |
26 | | |
27 | 76.5k | if ((j = i2a_ASN1_OBJECT(bp, aobj)) <= 0) |
28 | 0 | goto err; |
29 | | |
30 | 76.5k | count = X509_ATTRIBUTE_count(a); |
31 | 76.5k | if (count == 0) { |
32 | 87 | ERR_raise(ERR_LIB_X509, X509_R_INVALID_ATTRIBUTES); |
33 | 87 | goto err; |
34 | 87 | } |
35 | | |
36 | 76.4k | if (j < 25 && (BIO_printf(bp, "%*s", 25 - j, " ") <= 0)) |
37 | 0 | goto err; |
38 | | |
39 | 76.4k | if (BIO_puts(bp, ":") <= 0) |
40 | 0 | goto err; |
41 | | |
42 | 3.01M | for (i = 0; i < count; i++) { |
43 | 2.94M | ASN1_TYPE *at; |
44 | 2.94M | int type; |
45 | 2.94M | ASN1_BIT_STRING *bs; |
46 | | |
47 | 2.94M | at = X509_ATTRIBUTE_get0_type(a, i); |
48 | 2.94M | type = at->type; |
49 | | |
50 | 2.94M | switch (type) { |
51 | 1.16k | case V_ASN1_PRINTABLESTRING: |
52 | 180k | case V_ASN1_T61STRING: |
53 | 640k | case V_ASN1_NUMERICSTRING: |
54 | 641k | case V_ASN1_UTF8STRING: |
55 | 653k | case V_ASN1_IA5STRING: |
56 | 653k | bs = at->value.asn1_string; |
57 | 653k | if (BIO_write(bp, (char *)bs->data, bs->length) != bs->length) |
58 | 0 | goto err; |
59 | 653k | if (BIO_puts(bp, "\n") <= 0) |
60 | 0 | goto err; |
61 | 653k | break; |
62 | 653k | case V_ASN1_SEQUENCE: |
63 | 38.5k | if (BIO_puts(bp, "\n") <= 0) |
64 | 0 | goto err; |
65 | 38.5k | if (ASN1_parse_dump(bp, at->value.sequence->data, |
66 | 38.5k | at->value.sequence->length, i, 1) |
67 | 38.5k | <= 0) |
68 | 834 | goto err; |
69 | 37.6k | break; |
70 | 2.25M | default: |
71 | 2.25M | if (BIO_printf(bp, "unable to print attribute of type 0x%X\n", |
72 | 2.25M | type) |
73 | 2.25M | < 0) |
74 | 0 | goto err; |
75 | 2.25M | break; |
76 | 2.94M | } |
77 | 2.94M | } |
78 | 75.6k | ret = 1; |
79 | 76.5k | err: |
80 | 76.5k | return ret; |
81 | 75.6k | } |
82 | | |
83 | | int X509_ACERT_print_ex(BIO *bp, X509_ACERT *x, unsigned long nmflags, |
84 | | unsigned long cflag) |
85 | 15.9k | { |
86 | 15.9k | int i; |
87 | 15.9k | char mlch = ' '; |
88 | | |
89 | 15.9k | if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { |
90 | 0 | mlch = '\n'; |
91 | 0 | } |
92 | | |
93 | 15.9k | if ((cflag & X509_FLAG_NO_HEADER) == 0) { |
94 | 15.9k | if (BIO_printf(bp, "Attribute Certificate:\n") <= 0) |
95 | 0 | goto err; |
96 | 15.9k | if (BIO_printf(bp, "%4sData:\n", "") <= 0) |
97 | 0 | goto err; |
98 | 15.9k | } |
99 | | |
100 | 15.9k | if ((cflag & X509_FLAG_NO_VERSION) == 0) { |
101 | 15.9k | long l; |
102 | | |
103 | 15.9k | l = X509_ACERT_get_version(x); |
104 | 15.9k | if (l == X509_ACERT_VERSION_2) { |
105 | 852 | if (BIO_printf(bp, "%8sVersion: %ld (0x%lx)\n", "", l + 1, |
106 | 852 | (unsigned long)l) |
107 | 852 | <= 0) |
108 | 0 | goto err; |
109 | 15.0k | } else { |
110 | 15.0k | if (BIO_printf(bp, "%8sVersion: Unknown (%ld)\n", "", l) <= 0) |
111 | 0 | goto err; |
112 | 15.0k | } |
113 | 15.9k | } |
114 | | |
115 | 15.9k | if ((cflag & X509_FLAG_NO_SERIAL) == 0) { |
116 | 15.9k | const ASN1_INTEGER *serial; |
117 | | |
118 | 15.9k | serial = X509_ACERT_get0_serialNumber(x); |
119 | | |
120 | 15.9k | if (BIO_printf(bp, "%8sSerial Number: ", "") <= 0) |
121 | 0 | goto err; |
122 | | |
123 | 15.9k | if (i2a_ASN1_INTEGER(bp, serial) <= 0) |
124 | 0 | goto err; |
125 | | |
126 | 15.9k | if (BIO_write(bp, "\n", 1) <= 0) |
127 | 0 | goto err; |
128 | 15.9k | } |
129 | | |
130 | 15.9k | if ((cflag & X509_FLAG_NO_SUBJECT) == 0) { |
131 | 15.9k | const GENERAL_NAMES *holderEntities; |
132 | 15.9k | const OSSL_ISSUER_SERIAL *holder_bcid; |
133 | 15.9k | const X509_NAME *holderIssuer = NULL; |
134 | | |
135 | 15.9k | if (BIO_printf(bp, "%8sHolder:\n", "") <= 0) |
136 | 0 | goto err; |
137 | | |
138 | 15.9k | holderEntities = X509_ACERT_get0_holder_entityName(x); |
139 | 15.9k | if (holderEntities != NULL) { |
140 | 6.80k | for (i = 0; i < sk_GENERAL_NAME_num(holderEntities); i++) { |
141 | 4.02k | GENERAL_NAME *entity; |
142 | | |
143 | 4.02k | entity = sk_GENERAL_NAME_value(holderEntities, i); |
144 | | |
145 | 4.02k | if (BIO_printf(bp, "%12sName:%c", "", mlch) <= 0) |
146 | 0 | goto err; |
147 | 4.02k | if (GENERAL_NAME_print(bp, entity) <= 0) |
148 | 0 | goto err; |
149 | 4.02k | if (BIO_write(bp, "\n", 1) <= 0) |
150 | 0 | goto err; |
151 | 4.02k | } |
152 | 2.77k | } |
153 | | |
154 | 15.9k | if ((holder_bcid = X509_ACERT_get0_holder_baseCertId(x)) != NULL) |
155 | 3.11k | holderIssuer = OSSL_ISSUER_SERIAL_get0_issuer(holder_bcid); |
156 | | |
157 | 15.9k | if (holderIssuer != NULL) { |
158 | 1.09k | const ASN1_INTEGER *holder_serial; |
159 | 1.09k | const ASN1_BIT_STRING *iuid; |
160 | | |
161 | 1.09k | if (BIO_printf(bp, "%12sIssuer:%c", "", mlch) <= 0) |
162 | 0 | goto err; |
163 | | |
164 | 1.09k | if (X509_NAME_print_ex(bp, holderIssuer, 0, nmflags) <= 0) |
165 | 0 | goto err; |
166 | | |
167 | 1.09k | if (BIO_write(bp, "\n", 1) <= 0) |
168 | 0 | goto err; |
169 | | |
170 | 1.09k | if (BIO_printf(bp, "%12sSerial: ", "") <= 0) |
171 | 0 | goto err; |
172 | | |
173 | 1.09k | holder_serial = OSSL_ISSUER_SERIAL_get0_serial(holder_bcid); |
174 | | |
175 | 1.09k | if (i2a_ASN1_INTEGER(bp, holder_serial) <= 0) |
176 | 0 | goto err; |
177 | | |
178 | 1.09k | iuid = OSSL_ISSUER_SERIAL_get0_issuerUID(holder_bcid); |
179 | 1.09k | if (iuid != NULL) { |
180 | 0 | if (BIO_printf(bp, "%12sIssuer UID: ", "") <= 0) |
181 | 0 | goto err; |
182 | 0 | if (X509_signature_dump(bp, iuid, 24) <= 0) |
183 | 0 | goto err; |
184 | 0 | } |
185 | 1.09k | if (BIO_write(bp, "\n", 1) <= 0) |
186 | 0 | goto err; |
187 | 1.09k | } |
188 | 15.9k | } |
189 | | |
190 | 15.9k | if ((cflag & X509_FLAG_NO_ISSUER) == 0) { |
191 | 15.9k | const X509_NAME *issuer; |
192 | | |
193 | 15.9k | if (BIO_printf(bp, "%8sIssuer:%c", "", mlch) <= 0) |
194 | 0 | goto err; |
195 | 15.9k | issuer = X509_ACERT_get0_issuerName(x); |
196 | 15.9k | if (issuer) { |
197 | 2.02k | if (X509_NAME_print_ex(bp, issuer, 0, nmflags) < 0) |
198 | 0 | goto err; |
199 | 13.9k | } else { |
200 | 13.9k | if (BIO_printf(bp, "Unsupported Issuer Type") <= 0) |
201 | 0 | goto err; |
202 | 13.9k | } |
203 | 15.9k | if (BIO_write(bp, "\n", 1) <= 0) |
204 | 0 | goto err; |
205 | 15.9k | } |
206 | | |
207 | 15.9k | if ((cflag & X509_FLAG_NO_VALIDITY) == 0) { |
208 | 15.9k | if (BIO_printf(bp, "%8sValidity\n", "") <= 0) |
209 | 0 | goto err; |
210 | 15.9k | if (BIO_printf(bp, "%12sNot Before: ", "") <= 0) |
211 | 0 | goto err; |
212 | 15.9k | if (ASN1_GENERALIZEDTIME_print(bp, X509_ACERT_get0_notBefore(x)) == 0) |
213 | 3.76k | goto err; |
214 | 12.1k | if (BIO_printf(bp, "\n%12sNot After : ", "") <= 0) |
215 | 0 | goto err; |
216 | 12.1k | if (ASN1_GENERALIZEDTIME_print(bp, X509_ACERT_get0_notAfter(x)) == 0) |
217 | 415 | goto err; |
218 | 11.7k | if (BIO_write(bp, "\n", 1) <= 0) |
219 | 0 | goto err; |
220 | 11.7k | } |
221 | | |
222 | 11.7k | if ((cflag & X509_FLAG_NO_ATTRIBUTES) == 0) { |
223 | 11.7k | if (BIO_printf(bp, "%8sAttributes:\n", "") <= 0) |
224 | 0 | goto err; |
225 | | |
226 | 11.7k | if (X509_ACERT_get_attr_count(x) == 0) { |
227 | 2.77k | if (BIO_printf(bp, "%12s(none)\n", "") <= 0) |
228 | 0 | goto err; |
229 | 8.98k | } else { |
230 | 84.6k | for (i = 0; i < X509_ACERT_get_attr_count(x); i++) { |
231 | 76.5k | if (print_attribute(bp, X509_ACERT_get_attr(x, i)) == 0) |
232 | 921 | goto err; |
233 | 76.5k | } |
234 | 8.98k | } |
235 | 11.7k | } |
236 | | |
237 | 10.8k | if ((cflag & X509_FLAG_NO_EXTENSIONS) == 0) { |
238 | 10.8k | const STACK_OF(X509_EXTENSION) *exts; |
239 | | |
240 | 10.8k | exts = X509_ACERT_get0_extensions(x); |
241 | 10.8k | if (exts != NULL) { |
242 | 4.07k | if (BIO_printf(bp, "%8sExtensions:\n", "") <= 0) |
243 | 0 | goto err; |
244 | 86.3k | for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) { |
245 | 82.2k | ASN1_OBJECT *obj; |
246 | 82.2k | X509_EXTENSION *ex; |
247 | 82.2k | int critical; |
248 | | |
249 | 82.2k | ex = sk_X509_EXTENSION_value(exts, i); |
250 | 82.2k | if (BIO_printf(bp, "%12s", "") <= 0) |
251 | 0 | goto err; |
252 | 82.2k | obj = X509_EXTENSION_get_object(ex); |
253 | 82.2k | if (i2a_ASN1_OBJECT(bp, obj) <= 0) |
254 | 0 | goto err; |
255 | 82.2k | critical = X509_EXTENSION_get_critical(ex); |
256 | 82.2k | if (BIO_printf(bp, ": %s\n", critical ? "critical" : "") <= 0) |
257 | 0 | goto err; |
258 | 82.2k | if (X509V3_EXT_print(bp, ex, cflag, 20) <= 0) { |
259 | 54.2k | if (BIO_printf(bp, "%16s", "") <= 0) |
260 | 0 | goto err; |
261 | 54.2k | if (ASN1_STRING_print(bp, X509_EXTENSION_get_data(ex)) <= 0) |
262 | 0 | goto err; |
263 | 54.2k | } |
264 | 82.2k | if (BIO_write(bp, "\n", 1) <= 0) |
265 | 0 | goto err; |
266 | 82.2k | } |
267 | 4.07k | } |
268 | 10.8k | } |
269 | | |
270 | 10.8k | if ((cflag & X509_FLAG_NO_SIGDUMP) == 0) { |
271 | 10.8k | const X509_ALGOR *sig_alg; |
272 | 10.8k | const ASN1_BIT_STRING *sig; |
273 | | |
274 | 10.8k | X509_ACERT_get0_signature(x, &sig, &sig_alg); |
275 | 10.8k | if (X509_signature_print(bp, sig_alg, sig) <= 0) |
276 | 0 | return 0; |
277 | 10.8k | } |
278 | | |
279 | 10.8k | return 1; |
280 | | |
281 | 5.10k | err: |
282 | 5.10k | ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB); |
283 | 5.10k | return 0; |
284 | 10.8k | } |
285 | | |
286 | | int X509_ACERT_print(BIO *bp, X509_ACERT *x) |
287 | 15.9k | { |
288 | 15.9k | return X509_ACERT_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT); |
289 | 15.9k | } |