1d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* v3_prn.c */ 2d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * project 1999. 4d9e397b599b13d642138480a28c14db7a136bf0Adam Langley */ 5d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* ==================================================================== 6d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 7d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 8d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Redistribution and use in source and binary forms, with or without 9d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * modification, are permitted provided that the following conditions 10d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * are met: 11d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 12d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 1. Redistributions of source code must retain the above copyright 13d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * notice, this list of conditions and the following disclaimer. 14d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 15d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 2. Redistributions in binary form must reproduce the above copyright 16d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * notice, this list of conditions and the following disclaimer in 17d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * the documentation and/or other materials provided with the 18d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * distribution. 19d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 20d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 3. All advertising materials mentioning features or use of this 21d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * software must display the following acknowledgment: 22d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * "This product includes software developed by the OpenSSL Project 23d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 25d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * endorse or promote products derived from this software without 27d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * prior written permission. For written permission, please contact 28d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * licensing@OpenSSL.org. 29d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 30d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 5. Products derived from this software may not be called "OpenSSL" 31d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * nor may "OpenSSL" appear in their names without prior written 32d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * permission of the OpenSSL Project. 33d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 34d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 6. Redistributions of any form whatsoever must retain the following 35d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * acknowledgment: 36d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * "This product includes software developed by the OpenSSL Project 37d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 39d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * OF THE POSSIBILITY OF SUCH DAMAGE. 51d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ==================================================================== 52d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 53d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * This product includes cryptographic software written by Eric Young 54d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * (eay@cryptsoft.com). This product includes software written by Tim 55d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Hudson (tjh@cryptsoft.com). */ 56d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 57d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* X509 v3 extension utilities */ 58d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 59d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <stdio.h> 60d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 61d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/bio.h> 62d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/conf.h> 63d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/mem.h> 64d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/x509v3.h> 65d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 66d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 67d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Extension printing routines */ 68d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 69d9e397b599b13d642138480a28c14db7a136bf0Adam Langleystatic int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent, int supported); 70d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 71d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Print out a name+value stack */ 72d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 73d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyvoid X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml) 74d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 75d9e397b599b13d642138480a28c14db7a136bf0Adam Langley size_t i; 76d9e397b599b13d642138480a28c14db7a136bf0Adam Langley CONF_VALUE *nval; 77d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(!val) return; 78d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(!ml || !sk_CONF_VALUE_num(val)) { 79d9e397b599b13d642138480a28c14db7a136bf0Adam Langley BIO_printf(out, "%*s", indent, ""); 80d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(!sk_CONF_VALUE_num(val)) BIO_puts(out, "<EMPTY>\n"); 81d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 82d9e397b599b13d642138480a28c14db7a136bf0Adam Langley for(i = 0; i < sk_CONF_VALUE_num(val); i++) { 83d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(ml) BIO_printf(out, "%*s", indent, ""); 84d9e397b599b13d642138480a28c14db7a136bf0Adam Langley else if(i > 0) BIO_printf(out, ", "); 85d9e397b599b13d642138480a28c14db7a136bf0Adam Langley nval = sk_CONF_VALUE_value(val, i); 86d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(!nval->name) BIO_puts(out, nval->value); 87d9e397b599b13d642138480a28c14db7a136bf0Adam Langley else if(!nval->value) BIO_puts(out, nval->name); 88d9e397b599b13d642138480a28c14db7a136bf0Adam Langley else BIO_printf(out, "%s:%s", nval->name, nval->value); 89d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(ml) BIO_puts(out, "\n"); 90d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 91d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 92d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 93d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Main routine: print out a general extension */ 94d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 95d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyint X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent) 96d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 97d9e397b599b13d642138480a28c14db7a136bf0Adam Langley void *ext_str = NULL; 98d9e397b599b13d642138480a28c14db7a136bf0Adam Langley char *value = NULL; 99d9e397b599b13d642138480a28c14db7a136bf0Adam Langley const unsigned char *p; 100d9e397b599b13d642138480a28c14db7a136bf0Adam Langley const X509V3_EXT_METHOD *method; 101d9e397b599b13d642138480a28c14db7a136bf0Adam Langley STACK_OF(CONF_VALUE) *nval = NULL; 102d9e397b599b13d642138480a28c14db7a136bf0Adam Langley int ok = 1; 103d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 104d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(!(method = X509V3_EXT_get(ext))) 105d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return unknown_ext_print(out, ext, flag, indent, 0); 106d9e397b599b13d642138480a28c14db7a136bf0Adam Langley p = ext->value->data; 107d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(method->it) ext_str = ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it)); 108d9e397b599b13d642138480a28c14db7a136bf0Adam Langley else ext_str = method->d2i(NULL, &p, ext->value->length); 109d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 110d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(!ext_str) return unknown_ext_print(out, ext, flag, indent, 1); 111d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 112d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(method->i2s) { 113d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(!(value = method->i2s(method, ext_str))) { 114d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ok = 0; 115d9e397b599b13d642138480a28c14db7a136bf0Adam Langley goto err; 116d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 117d9e397b599b13d642138480a28c14db7a136bf0Adam Langley BIO_printf(out, "%*s%s", indent, "", value); 118d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else if(method->i2v) { 119d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(!(nval = method->i2v(method, ext_str, NULL))) { 120d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ok = 0; 121d9e397b599b13d642138480a28c14db7a136bf0Adam Langley goto err; 122d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 123d9e397b599b13d642138480a28c14db7a136bf0Adam Langley X509V3_EXT_val_prn(out, nval, indent, 124d9e397b599b13d642138480a28c14db7a136bf0Adam Langley method->ext_flags & X509V3_EXT_MULTILINE); 125d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else if(method->i2r) { 126d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(!method->i2r(method, ext_str, out, indent)) ok = 0; 127d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else ok = 0; 128d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 129d9e397b599b13d642138480a28c14db7a136bf0Adam Langley err: 130d9e397b599b13d642138480a28c14db7a136bf0Adam Langley sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); 131d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(value) OPENSSL_free(value); 132d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(method->it) ASN1_item_free(ext_str, ASN1_ITEM_ptr(method->it)); 133d9e397b599b13d642138480a28c14db7a136bf0Adam Langley else method->ext_free(ext_str); 134d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ok; 135d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 136d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 137d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyint X509V3_extensions_print(BIO *bp, const char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent) 138d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 139d9e397b599b13d642138480a28c14db7a136bf0Adam Langley size_t i; 140d9e397b599b13d642138480a28c14db7a136bf0Adam Langley int j; 141d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 142d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(sk_X509_EXTENSION_num(exts) <= 0) return 1; 143d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 144d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(title) 145d9e397b599b13d642138480a28c14db7a136bf0Adam Langley { 146d9e397b599b13d642138480a28c14db7a136bf0Adam Langley BIO_printf(bp,"%*s%s:\n",indent, "", title); 147d9e397b599b13d642138480a28c14db7a136bf0Adam Langley indent += 4; 148d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 149d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 150d9e397b599b13d642138480a28c14db7a136bf0Adam Langley for (i=0; i<sk_X509_EXTENSION_num(exts); i++) 151d9e397b599b13d642138480a28c14db7a136bf0Adam Langley { 152d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ASN1_OBJECT *obj; 153d9e397b599b13d642138480a28c14db7a136bf0Adam Langley X509_EXTENSION *ex; 154d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ex=sk_X509_EXTENSION_value(exts, i); 155d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (indent && BIO_printf(bp,"%*s",indent, "") <= 0) return 0; 156d9e397b599b13d642138480a28c14db7a136bf0Adam Langley obj=X509_EXTENSION_get_object(ex); 157d9e397b599b13d642138480a28c14db7a136bf0Adam Langley i2a_ASN1_OBJECT(bp,obj); 158d9e397b599b13d642138480a28c14db7a136bf0Adam Langley j=X509_EXTENSION_get_critical(ex); 159d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0) 160d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 161d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(!X509V3_EXT_print(bp, ex, flag, indent + 4)) 162d9e397b599b13d642138480a28c14db7a136bf0Adam Langley { 163d9e397b599b13d642138480a28c14db7a136bf0Adam Langley BIO_printf(bp, "%*s", indent + 4, ""); 164d9e397b599b13d642138480a28c14db7a136bf0Adam Langley M_ASN1_OCTET_STRING_print(bp,ex->value); 165d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 166d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (BIO_write(bp,"\n",1) <= 0) return 0; 167d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 168d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 1; 169d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 170d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 171d9e397b599b13d642138480a28c14db7a136bf0Adam Langleystatic int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent, int supported) 172d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 173d9e397b599b13d642138480a28c14db7a136bf0Adam Langley switch(flag & X509V3_EXT_UNKNOWN_MASK) { 174d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 175d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case X509V3_EXT_DEFAULT: 176d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 177d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 178d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case X509V3_EXT_ERROR_UNKNOWN: 179d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(supported) 180d9e397b599b13d642138480a28c14db7a136bf0Adam Langley BIO_printf(out, "%*s<Parse Error>", indent, ""); 181d9e397b599b13d642138480a28c14db7a136bf0Adam Langley else 182d9e397b599b13d642138480a28c14db7a136bf0Adam Langley BIO_printf(out, "%*s<Not Supported>", indent, ""); 183d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 1; 184d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 185d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case X509V3_EXT_PARSE_UNKNOWN: 186d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ASN1_parse_dump(out, 187d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ext->value->data, ext->value->length, indent, -1); 188d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case X509V3_EXT_DUMP_UNKNOWN: 189d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return BIO_hexdump(out, ext->value->data, ext->value->length, indent); 190d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 191d9e397b599b13d642138480a28c14db7a136bf0Adam Langley default: 192d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 1; 193d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 194d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 195d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 196d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 197d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#ifndef OPENSSL_NO_FP_API 198d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyint X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent) 199d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 200d9e397b599b13d642138480a28c14db7a136bf0Adam Langley BIO *bio_tmp; 201d9e397b599b13d642138480a28c14db7a136bf0Adam Langley int ret; 202d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if(!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE))) return 0; 203d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ret = X509V3_EXT_print(bio_tmp, ext, flag, indent); 204d9e397b599b13d642138480a28c14db7a136bf0Adam Langley BIO_free(bio_tmp); 205d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ret; 206d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 207d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#endif 208