1d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* v3_prn.c */
2d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * project 1999.
4d9e397b599b13d642138480a28c14db7a136bf0Adam Langley */
5d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* ====================================================================
6d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
7d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *
8d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Redistribution and use in source and binary forms, with or without
9d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * modification, are permitted provided that the following conditions
10d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * are met:
11d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *
12d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 1. Redistributions of source code must retain the above copyright
13d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    notice, this list of conditions and the following disclaimer.
14d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *
15d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 2. Redistributions in binary form must reproduce the above copyright
16d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    notice, this list of conditions and the following disclaimer in
17d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    the documentation and/or other materials provided with the
18d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    distribution.
19d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *
20d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 3. All advertising materials mentioning features or use of this
21d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    software must display the following acknowledgment:
22d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    "This product includes software developed by the OpenSSL Project
23d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *
25d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    endorse or promote products derived from this software without
27d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    prior written permission. For written permission, please contact
28d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    licensing@OpenSSL.org.
29d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *
30d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 5. Products derived from this software may not be called "OpenSSL"
31d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    nor may "OpenSSL" appear in their names without prior written
32d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    permission of the OpenSSL Project.
33d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *
34d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 6. Redistributions of any form whatsoever must retain the following
35d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    acknowledgment:
36d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    "This product includes software developed by the OpenSSL Project
37d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *
39d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * OF THE POSSIBILITY OF SUCH DAMAGE.
51d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ====================================================================
52d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *
53d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * This product includes cryptographic software written by Eric Young
54d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * (eay@cryptsoft.com).  This product includes software written by Tim
55d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Hudson (tjh@cryptsoft.com). */
56d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
57d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* X509 v3 extension utilities */
58d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
59d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <stdio.h>
60d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
61d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/bio.h>
62d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/conf.h>
63d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/mem.h>
64d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/x509v3.h>
65d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
66d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
67d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Extension printing routines */
68d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
69d9e397b599b13d642138480a28c14db7a136bf0Adam Langleystatic int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent, int supported);
70d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
71d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Print out a name+value stack */
72d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
73d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyvoid X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml)
74d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{
75d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	size_t i;
76d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	CONF_VALUE *nval;
77d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	if(!val) return;
78d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	if(!ml || !sk_CONF_VALUE_num(val)) {
79d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		BIO_printf(out, "%*s", indent, "");
80d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if(!sk_CONF_VALUE_num(val)) BIO_puts(out, "<EMPTY>\n");
81d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	}
82d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	for(i = 0; i < sk_CONF_VALUE_num(val); i++) {
83d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if(ml) BIO_printf(out, "%*s", indent, "");
84d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		else if(i > 0) BIO_printf(out, ", ");
85d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		nval = sk_CONF_VALUE_value(val, i);
86d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if(!nval->name) BIO_puts(out, nval->value);
87d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		else if(!nval->value) BIO_puts(out, nval->name);
88d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		else BIO_printf(out, "%s:%s", nval->name, nval->value);
89d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if(ml) BIO_puts(out, "\n");
90d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	}
91d9e397b599b13d642138480a28c14db7a136bf0Adam Langley}
92d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
93d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Main routine: print out a general extension */
94d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
95d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyint X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent)
96d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{
97d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	void *ext_str = NULL;
98d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	char *value = NULL;
99d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	const unsigned char *p;
100d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	const X509V3_EXT_METHOD *method;
101d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	STACK_OF(CONF_VALUE) *nval = NULL;
102d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	int ok = 1;
103d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
104d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	if(!(method = X509V3_EXT_get(ext)))
105d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		return unknown_ext_print(out, ext, flag, indent, 0);
106d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	p = ext->value->data;
107d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	if(method->it) ext_str = ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it));
108d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	else ext_str = method->d2i(NULL, &p, ext->value->length);
109d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
110d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	if(!ext_str) return unknown_ext_print(out, ext, flag, indent, 1);
111d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
112d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	if(method->i2s) {
113d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if(!(value = method->i2s(method, ext_str))) {
114d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			ok = 0;
115d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			goto err;
116d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		}
117d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		BIO_printf(out, "%*s%s", indent, "", value);
118d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	} else if(method->i2v) {
119d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if(!(nval = method->i2v(method, ext_str, NULL))) {
120d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			ok = 0;
121d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			goto err;
122d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		}
123d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		X509V3_EXT_val_prn(out, nval, indent,
124d9e397b599b13d642138480a28c14db7a136bf0Adam Langley				 method->ext_flags & X509V3_EXT_MULTILINE);
125d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	} else if(method->i2r) {
126d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if(!method->i2r(method, ext_str, out, indent)) ok = 0;
127d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	} else ok = 0;
128d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
129d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	err:
130d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
131d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if(value) OPENSSL_free(value);
132d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if(method->it) ASN1_item_free(ext_str, ASN1_ITEM_ptr(method->it));
133d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		else method->ext_free(ext_str);
134d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		return ok;
135d9e397b599b13d642138480a28c14db7a136bf0Adam Langley}
136d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
137d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyint X509V3_extensions_print(BIO *bp, const char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent)
138d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{
139d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	size_t i;
140d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	int j;
141d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
142d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	if(sk_X509_EXTENSION_num(exts) <= 0) return 1;
143d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
144d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	if(title)
145d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		{
146d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		BIO_printf(bp,"%*s%s:\n",indent, "", title);
147d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		indent += 4;
148d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		}
149d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
150d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	for (i=0; i<sk_X509_EXTENSION_num(exts); i++)
151d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		{
152d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		ASN1_OBJECT *obj;
153d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		X509_EXTENSION *ex;
154d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		ex=sk_X509_EXTENSION_value(exts, i);
155d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if (indent && BIO_printf(bp,"%*s",indent, "") <= 0) return 0;
156d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		obj=X509_EXTENSION_get_object(ex);
157d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		i2a_ASN1_OBJECT(bp,obj);
158d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		j=X509_EXTENSION_get_critical(ex);
159d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0)
160d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			return 0;
161d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if(!X509V3_EXT_print(bp, ex, flag, indent + 4))
162d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			{
163d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			BIO_printf(bp, "%*s", indent + 4, "");
164d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			M_ASN1_OCTET_STRING_print(bp,ex->value);
165d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			}
166d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if (BIO_write(bp,"\n",1) <= 0) return 0;
167d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		}
168d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	return 1;
169d9e397b599b13d642138480a28c14db7a136bf0Adam Langley}
170d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
171d9e397b599b13d642138480a28c14db7a136bf0Adam Langleystatic int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent, int supported)
172d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{
173d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	switch(flag & X509V3_EXT_UNKNOWN_MASK) {
174d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
175d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		case X509V3_EXT_DEFAULT:
176d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		return 0;
177d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
178d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		case X509V3_EXT_ERROR_UNKNOWN:
179d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		if(supported)
180d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			BIO_printf(out, "%*s<Parse Error>", indent, "");
181d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		else
182d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			BIO_printf(out, "%*s<Not Supported>", indent, "");
183d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		return 1;
184d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
185d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		case X509V3_EXT_PARSE_UNKNOWN:
186d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			return ASN1_parse_dump(out,
187d9e397b599b13d642138480a28c14db7a136bf0Adam Langley				ext->value->data, ext->value->length, indent, -1);
188d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		case X509V3_EXT_DUMP_UNKNOWN:
189d9e397b599b13d642138480a28c14db7a136bf0Adam Langley			return BIO_hexdump(out, ext->value->data, ext->value->length, indent);
190d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
191d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		default:
192d9e397b599b13d642138480a28c14db7a136bf0Adam Langley		return 1;
193d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	}
194d9e397b599b13d642138480a28c14db7a136bf0Adam Langley}
195d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
196d9e397b599b13d642138480a28c14db7a136bf0Adam Langley
197d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#ifndef OPENSSL_NO_FP_API
198d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyint X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent)
199d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{
200d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	BIO *bio_tmp;
201d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	int ret;
202d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	if(!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE))) return 0;
203d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	ret = X509V3_EXT_print(bio_tmp, ext, flag, indent);
204d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	BIO_free(bio_tmp);
205d9e397b599b13d642138480a28c14db7a136bf0Adam Langley	return ret;
206d9e397b599b13d642138480a28c14db7a136bf0Adam Langley}
207d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#endif
208