1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ocsp_prn.c */ 2656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * project. */ 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* History: 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project This file was originally part of ocsp.c and was transfered to Richard 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be included 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project in OpenSSL or released as a patch kit. */ 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the above copyright 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the documentation and/or other materials provided with the 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * distribution. 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * software must display the following acknowledgment: 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * endorse or promote products derived from this software without 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prior written permission. For written permission, please contact 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * openssl-core@openssl.org. 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5. Products derived from this software may not be called "OpenSSL" 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * nor may "OpenSSL" appear in their names without prior written 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * permission of the OpenSSL Project. 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 6. Redistributions of any form whatsoever must retain the following 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * acknowledgment: 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OF THE POSSIBILITY OF SUCH DAMAGE. 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ==================================================================== 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This product includes cryptographic software written by Eric Young 59656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (eay@cryptsoft.com). This product includes software written by Tim 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Hudson (tjh@cryptsoft.com). 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/bio.h> 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/err.h> 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/ocsp.h> 67656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/pem.h> 68656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 69656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ocsp_certid_print(BIO *bp, OCSP_CERTID* a, int indent) 70656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bp, "%*sCertificate ID:\n", indent, ""); 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project indent += 2; 73656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bp, "%*sHash Algorithm: ", indent, ""); 74656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i2a_ASN1_OBJECT(bp, a->hashAlgorithm->algorithm); 75656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bp, "\n%*sIssuer Name Hash: ", indent, ""); 76656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i2a_ASN1_STRING(bp, a->issuerNameHash, V_ASN1_OCTET_STRING); 77656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bp, "\n%*sIssuer Key Hash: ", indent, ""); 78656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i2a_ASN1_STRING(bp, a->issuerKeyHash, V_ASN1_OCTET_STRING); 79656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bp, "\n%*sSerial Number: ", indent, ""); 80656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i2a_ASN1_INTEGER(bp, a->serialNumber); 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bp, "\n"); 82656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 83656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 84656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 85656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef struct 86656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 87656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long t; 88221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const char *m; 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } OCSP_TBLSTR; 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 91221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic const char *table2string(long s, const OCSP_TBLSTR *ts, int len) 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 93221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const OCSP_TBLSTR *p; 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (p=ts; p < ts + len; p++) 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p->t == s) 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return p->m; 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return "(UNKNOWN)"; 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 100221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromconst char *OCSP_response_status_str(long s) 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 102221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom static const OCSP_TBLSTR rstat_tbl[] = { 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_RESPONSE_STATUS_SUCCESSFUL, "successful" }, 104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, "malformedrequest" }, 105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_RESPONSE_STATUS_INTERNALERROR, "internalerror" }, 106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_RESPONSE_STATUS_TRYLATER, "trylater" }, 107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_RESPONSE_STATUS_SIGREQUIRED, "sigrequired" }, 108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_RESPONSE_STATUS_UNAUTHORIZED, "unauthorized" } }; 109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return table2string(s, rstat_tbl, 6); 110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 112221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromconst char *OCSP_cert_status_str(long s) 113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 114221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom static const OCSP_TBLSTR cstat_tbl[] = { 115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { V_OCSP_CERTSTATUS_GOOD, "good" }, 116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { V_OCSP_CERTSTATUS_REVOKED, "revoked" }, 117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { V_OCSP_CERTSTATUS_UNKNOWN, "unknown" } }; 118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return table2string(s, cstat_tbl, 3); 119656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 120656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 121221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromconst char *OCSP_crl_reason_str(long s) 122656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 123221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom static const OCSP_TBLSTR reason_tbl[] = { 124656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_REVOKED_STATUS_UNSPECIFIED, "unspecified" }, 125656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_REVOKED_STATUS_KEYCOMPROMISE, "keyCompromise" }, 126656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_REVOKED_STATUS_CACOMPROMISE, "cACompromise" }, 127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_REVOKED_STATUS_AFFILIATIONCHANGED, "affiliationChanged" }, 128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_REVOKED_STATUS_SUPERSEDED, "superseded" }, 129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_REVOKED_STATUS_CESSATIONOFOPERATION, "cessationOfOperation" }, 130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_REVOKED_STATUS_CERTIFICATEHOLD, "certificateHold" }, 131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { OCSP_REVOKED_STATUS_REMOVEFROMCRL, "removeFromCRL" } }; 132656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return table2string(s, reason_tbl, 8); 133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 134656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 135656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* o, unsigned long flags) 136656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long l; 139656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_CERTID* cid = NULL; 140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_ONEREQ *one = NULL; 141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_REQINFO *inf = o->tbsRequest; 142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_SIGNATURE *sig = o->optionalSignature; 143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_write(bp,"OCSP Request Data:\n",19) <= 0) goto err; 145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project l=ASN1_INTEGER_get(inf->version); 146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_printf(bp," Version: %lu (0x%lx)",l+1,l) <= 0) goto err; 147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inf->requestorName != NULL) 148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_write(bp,"\n Requestor Name: ",21) <= 0) 150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project GENERAL_NAME_print(bp, inf->requestorName); 152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_write(bp,"\n Requestor List:\n",21) <= 0) goto err; 154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++) 155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project one = sk_OCSP_ONEREQ_value(inf->requestList, i); 157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cid = one->reqCert; 158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ocsp_certid_print(bp, cid, 8); 159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509V3_extensions_print(bp, 160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "Request Single Extensions", 161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project one->singleRequestExtensions, flags, 8)) 162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509V3_extensions_print(bp, "Request Extensions", 165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project inf->requestExtensions, flags, 4)) 166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sig) 168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_signature_print(bp, sig->signatureAlgorithm, sig->signature); 170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<sk_X509_num(sig->certs); i++) 171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_print(bp, sk_X509_value(sig->certs,i)); 173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_X509(bp,sk_X509_value(sig->certs,i)); 174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 179656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags) 182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i, ret = 0; 184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long l; 185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_CERTID *cid = NULL; 186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_BASICRESP *br = NULL; 187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPID *rid = NULL; 188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPDATA *rd = NULL; 189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_CERTSTATUS *cst = NULL; 190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_REVOKEDINFO *rev = NULL; 191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_SINGLERESP *single = NULL; 192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPBYTES *rb = o->responseBytes; 193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_puts(bp,"OCSP Response Data:\n") <= 0) goto err; 195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project l=ASN1_ENUMERATED_get(o->responseStatus); 196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_printf(bp," OCSP Response Status: %s (0x%lx)\n", 197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_response_status_str(l), l) <= 0) goto err; 198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (rb == NULL) return 1; 199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_puts(bp," Response Type: ") <= 0) 200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(i2a_ASN1_OBJECT(bp, rb->responseType) <= 0) 202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic) 204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(bp," (unknown response type)\n"); 206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i = ASN1_STRING_length(rb->response); 210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!(br = OCSP_response_get1_basic(o))) goto err; 211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rd = br->tbsResponseData; 212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project l=ASN1_INTEGER_get(rd->version); 213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_printf(bp,"\n Version: %lu (0x%lx)\n", 214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project l+1,l) <= 0) goto err; 215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_puts(bp," Responder Id: ") <= 0) goto err; 216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rid = rd->responderId; 218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (rid->type) 219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case V_OCSP_RESPID_NAME: 221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_print_ex(bp, rid->value.byName, 0, XN_FLAG_ONELINE); 222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case V_OCSP_RESPID_KEY: 224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i2a_ASN1_STRING(bp, rid->value.byKey, V_ASN1_OCTET_STRING); 225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_printf(bp,"\n Produced At: ")<=0) goto err; 229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ASN1_GENERALIZEDTIME_print(bp, rd->producedAt)) goto err; 230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_printf(bp,"\n Responses:\n") <= 0) goto err; 231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i = 0; i < sk_OCSP_SINGLERESP_num(rd->responses); i++) 232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (! sk_OCSP_SINGLERESP_value(rd->responses, i)) continue; 234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project single = sk_OCSP_SINGLERESP_value(rd->responses, i); 235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cid = single->certId; 236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(ocsp_certid_print(bp, cid, 4) <= 0) goto err; 237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cst = single->certStatus; 238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_printf(bp," Cert Status: %s", 239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_cert_status_str(cst->type)) <= 0) 240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cst->type == V_OCSP_CERTSTATUS_REVOKED) 242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rev = cst->value.revoked; 244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_printf(bp, "\n Revocation Time: ") <= 0) 245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ASN1_GENERALIZEDTIME_print(bp, 247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rev->revocationTime)) 248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (rev->revocationReason) 250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project l=ASN1_ENUMERATED_get(rev->revocationReason); 252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_printf(bp, 253656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "\n Revocation Reason: %s (0x%lx)", 254656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_crl_reason_str(l), l) <= 0) 255656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 256656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 257656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 258656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_printf(bp,"\n This Update: ") <= 0) goto err; 259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ASN1_GENERALIZEDTIME_print(bp, single->thisUpdate)) 260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (single->nextUpdate) 262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_printf(bp,"\n Next Update: ") <= 0)goto err; 264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ASN1_GENERALIZEDTIME_print(bp,single->nextUpdate)) 265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 26798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (BIO_write(bp,"\n",1) <= 0) goto err; 268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509V3_extensions_print(bp, 269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "Response Single Extensions", 270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project single->singleExtensions, flags, 8)) 271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 27298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (BIO_write(bp,"\n",1) <= 0) goto err; 273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509V3_extensions_print(bp, "Response Extensions", 275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rd->responseExtensions, flags, 4)) 276221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(X509_signature_print(bp, br->signatureAlgorithm, br->signature) <= 0) 278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<sk_X509_num(br->certs); i++) 281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_print(bp, sk_X509_value(br->certs,i)); 283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_X509(bp,sk_X509_value(br->certs,i)); 284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = 1; 287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_BASICRESP_free(br); 289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 291