2
* Copyright (C) 2007, 2008, 2009 Free Software Foundation
2
* Copyright (C) 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
4
4
* Author: Simon Josefsson
6
* This file is part of GNUTLS.
6
* This file is part of GnuTLS.
8
* The GNUTLS library is free software; you can redistribute it and/or
8
* The GnuTLS is free software; you can redistribute it and/or
9
9
* modify it under the terms of the GNU Lesser General Public License
10
10
* as published by the Free Software Foundation; either version 2.1 of
11
11
* the License, or (at your option) any later version.
188
188
buffer = gnutls_malloc (size);
191
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
191
addf (str, "error: malloc: %s\n",
192
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
246
251
buffer = gnutls_malloc (size);
249
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
254
addf (str, "error: malloc: %s\n",
255
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
340
346
buffer = gnutls_malloc (size);
343
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
349
addf (str, "error: malloc: %s\n",
350
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
357
364
if ((err == GNUTLS_SAN_DNSNAME
358
365
|| err == GNUTLS_SAN_RFC822NAME
359
|| err == GNUTLS_SAN_URI) &&
360
strlen (buffer) != size)
366
|| err == GNUTLS_SAN_URI) && strlen (buffer) != size)
362
368
adds (str, _("warning: distributionPoint contains an embedded NUL, "
363
369
"replacing with '!'\n"));
431
437
buffer = gnutls_malloc (size);
434
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
440
addf (str, "error: malloc: %s\n",
441
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
462
469
addf (str, _("%s\t\t\tTime stamping.\n"), prefix);
463
470
else if (strcmp (buffer, GNUTLS_KP_OCSP_SIGNING) == 0)
464
471
addf (str, _("%s\t\t\tOCSP signing.\n"), prefix);
472
else if (strcmp (buffer, GNUTLS_KP_IPSEC_IKE) == 0)
473
addf (str, _("%s\t\t\tIpsec IKE.\n"), prefix);
465
474
else if (strcmp (buffer, GNUTLS_KP_ANY) == 0)
466
475
addf (str, _("%s\t\t\tAny purpose.\n"), prefix);
509
print_san (gnutls_string * str, const char *prefix, int type,
518
print_altname (gnutls_string * str, const char *prefix, int altname_type,
512
unsigned int san_idx;
521
unsigned int altname_idx;
516
for (san_idx = 0;; san_idx++)
525
for (altname_idx = 0;; altname_idx++)
518
527
char *buffer = NULL;
522
if (type == TYPE_CRT)
531
if (altname_type == TYPE_CRT_SAN)
524
gnutls_x509_crt_get_subject_alt_name (cert.crt, san_idx, buffer,
533
gnutls_x509_crt_get_subject_alt_name (cert.crt, altname_idx, buffer,
526
else if (type == TYPE_CRQ)
535
else if (altname_type == TYPE_CRQ_SAN)
528
gnutls_x509_crq_get_subject_alt_name (cert.crq, san_idx, buffer,
537
gnutls_x509_crq_get_subject_alt_name (cert.crq, altname_idx, buffer,
529
538
&size, NULL, NULL);
539
else if (altname_type == TYPE_CRT_IAN)
541
gnutls_x509_crt_get_issuer_alt_name (cert.crt, altname_idx, buffer,
542
555
buffer = gnutls_malloc (size);
545
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
558
addf (str, "error: malloc: %s\n",
559
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
549
if (type == TYPE_CRT)
563
if (altname_type == TYPE_CRT_SAN)
551
gnutls_x509_crt_get_subject_alt_name (cert.crt, san_idx, buffer,
565
gnutls_x509_crt_get_subject_alt_name (cert.crt, altname_idx, buffer,
553
else if (type == TYPE_CRQ)
567
else if (altname_type == TYPE_CRQ_SAN)
555
gnutls_x509_crq_get_subject_alt_name (cert.crq, san_idx, buffer,
569
gnutls_x509_crq_get_subject_alt_name (cert.crq, altname_idx, buffer,
556
570
&size, NULL, NULL);
571
else if (altname_type == TYPE_CRT_IAN)
572
err = gnutls_x509_crt_get_issuer_alt_name (cert.crt, altname_idx,
573
buffer, &size, NULL);
560
577
gnutls_free (buffer);
561
addf (str, "error: get_subject_alt_name2: %s\n",
578
addf (str, "error: get_subject/issuer_alt_name2: %s\n",
562
579
gnutls_strerror (err));
566
583
if ((err == GNUTLS_SAN_DNSNAME
567
584
|| err == GNUTLS_SAN_RFC822NAME
568
|| err == GNUTLS_SAN_URI) &&
569
strlen (buffer) != size)
585
|| err == GNUTLS_SAN_URI) && strlen (buffer) != size)
571
adds (str, _("warning: SAN contains an embedded NUL, "
587
adds (str, _("warning: altname contains an embedded NUL, "
572
588
"replacing with '!'\n"));
573
589
while (strlen (buffer) < size)
574
590
buffer[strlen (buffer)] = '!';
583
599
case GNUTLS_SAN_RFC822NAME:
584
addf (str, "%s\t\t\tRFC822name: %.*s\n", prefix, (int) size, buffer);
600
addf (str, "%s\t\t\tRFC822name: %.*s\n", prefix, (int) size,
587
604
case GNUTLS_SAN_URI:
609
if (type == TYPE_CRT)
626
if (altname_type == TYPE_CRT_SAN)
610
627
err = gnutls_x509_crt_get_subject_alt_othername_oid
611
(cert.crt, san_idx, oid, &oidsize);
612
else if (type == TYPE_CRQ)
628
(cert.crt, altname_idx, oid, &oidsize);
629
else if (altname_type == TYPE_CRQ_SAN)
613
630
err = gnutls_x509_crq_get_subject_alt_othername_oid
614
(cert.crq, san_idx, oid, &oidsize);
631
(cert.crq, altname_idx, oid, &oidsize);
632
else if (altname_type == TYPE_CRT_IAN)
633
err = gnutls_x509_crt_get_issuer_alt_othername_oid
634
(cert.crt, altname_idx, oid, &oidsize);
616
636
if (err != GNUTLS_E_SHORT_MEMORY_BUFFER)
618
638
gnutls_free (buffer);
619
addf (str, "error: get_subject_alt_othername_oid: %s\n",
640
"error: get_subject/issuer_alt_othername_oid: %s\n",
620
641
gnutls_strerror (err));
627
648
gnutls_free (buffer);
628
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
649
addf (str, "error: malloc: %s\n",
650
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
632
if (type == TYPE_CRT)
654
if (altname_type == TYPE_CRT_SAN)
633
655
err = gnutls_x509_crt_get_subject_alt_othername_oid
634
(cert.crt, san_idx, oid, &oidsize);
635
else if (type == TYPE_CRQ)
656
(cert.crt, altname_idx, oid, &oidsize);
657
else if (altname_type == TYPE_CRQ_SAN)
636
658
err = gnutls_x509_crq_get_subject_alt_othername_oid
637
(cert.crq, san_idx, oid, &oidsize);
659
(cert.crq, altname_idx, oid, &oidsize);
660
else if (altname_type == TYPE_CRT_IAN)
661
err = gnutls_x509_crt_get_issuer_alt_othername_oid
662
(cert.crt, altname_idx, oid, &oidsize);
640
666
gnutls_free (buffer);
649
675
if (strlen (buffer) != size)
651
adds (str, _("warning: SAN contains an embedded NUL, "
677
adds (str, _("warning: altname contains an embedded NUL, "
652
678
"replacing with '!'\n"));
653
679
while (strlen (buffer) < size)
654
680
buffer[strlen (buffer)] = '!';
818
845
addf (str, _("%s\t\tSubject Alternative Name (%s):\n"), prefix,
819
846
critical ? _("critical") : _("not critical"));
821
print_san (str, prefix, type, cert);
848
print_altname (str, prefix, type, cert);
852
else if (strcmp (oid, "2.5.29.18") == 0)
856
addf (str, "error: more than one Issuer AltName extension\n");
860
addf (str, _("%s\t\tIssuer Alternative Name (%s):\n"), prefix,
861
critical ? _("critical") : _("not critical"));
863
print_altname (str, prefix, TYPE_CRT_IAN, cert);
825
867
else if (strcmp (oid, "2.5.29.31") == 0)
886
928
buffer = gnutls_malloc (extlen);
889
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
931
addf (str, "error: malloc: %s\n",
932
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
956
size_t dn_size = sizeof (dn);
959
err = gnutls_x509_crt_get_issuer_dn (cert, dn, &dn_size);
1002
err = gnutls_x509_crt_get_issuer_dn (cert, NULL, &dn_size);
1003
if (err != GNUTLS_E_SHORT_MEMORY_BUFFER)
961
1004
addf (str, "error: get_issuer_dn: %s\n", gnutls_strerror (err));
963
addf (str, _("\tIssuer: %s\n"), dn);
1007
dn = gnutls_malloc (dn_size);
1009
addf (str, "error: malloc (%d): %s\n", (int) dn_size,
1010
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
1013
err = gnutls_x509_crt_get_issuer_dn (cert, dn, &dn_size);
1015
addf (str, "error: get_issuer_dn: %s\n",
1016
gnutls_strerror (err));
1018
addf (str, _("\tIssuer: %s\n"), dn);
1004
size_t dn_size = sizeof (dn);
1007
err = gnutls_x509_crt_get_dn (cert, dn, &dn_size);
1065
err = gnutls_x509_crt_get_dn (cert, NULL, &dn_size);
1066
if (err != GNUTLS_E_SHORT_MEMORY_BUFFER)
1009
1067
addf (str, "error: get_dn: %s\n", gnutls_strerror (err));
1011
addf (str, _("\tSubject: %s\n"), dn);
1070
dn = gnutls_malloc (dn_size);
1072
addf (str, "error: malloc (%d): %s\n", (int) dn_size,
1073
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
1076
err = gnutls_x509_crt_get_dn (cert, dn, &dn_size);
1078
addf (str, "error: get_dn: %s\n", gnutls_strerror (err));
1080
addf (str, _("\tSubject: %s\n"), dn);
1014
1086
/* SubjectPublicKeyInfo. */
1129
1201
buffer = gnutls_malloc (size);
1132
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
1204
addf (str, "error: malloc: %s\n",
1205
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
1205
1278
print_oneline (gnutls_string * str, gnutls_x509_crt_t cert)
1211
size_t dn_size = sizeof (dn);
1214
err = gnutls_x509_crt_get_dn (cert, dn, &dn_size);
1286
err = gnutls_x509_crt_get_dn (cert, NULL, &dn_size);
1287
if (err != GNUTLS_E_SHORT_MEMORY_BUFFER)
1216
1288
addf (str, "unknown subject (%s), ", gnutls_strerror (err));
1218
addf (str, "subject `%s', ", dn);
1291
dn = gnutls_malloc (dn_size);
1293
addf (str, "unknown subject (%s), ",
1294
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
1297
err = gnutls_x509_crt_get_dn (cert, dn, &dn_size);
1299
addf (str, "unknown subject (%s), ", gnutls_strerror (err));
1301
addf (str, "subject `%s', ", dn);
1224
size_t dn_size = sizeof (dn);
1227
err = gnutls_x509_crt_get_issuer_dn (cert, dn, &dn_size);
1313
err = gnutls_x509_crt_get_issuer_dn (cert, NULL, &dn_size);
1314
if (err != GNUTLS_E_SHORT_MEMORY_BUFFER)
1229
1315
addf (str, "unknown issuer (%s), ", gnutls_strerror (err));
1231
addf (str, "issuer `%s', ", dn);
1318
dn = gnutls_malloc (dn_size);
1320
addf (str, "unknown issuer (%s), ",
1321
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
1324
err = gnutls_x509_crt_get_issuer_dn (cert, dn, &dn_size);
1326
addf (str, "unknown issuer (%s), ", gnutls_strerror (err));
1328
addf (str, "issuer `%s', ", dn);
1234
1334
/* Key algorithm and size. */
1248
1348
err = gnutls_x509_crt_get_signature_algorithm (cert);
1250
addf (str, "unknown signature algorithm (%s), ",
1251
gnutls_strerror (err));
1350
addf (str, "unknown signature algorithm (%s), ", gnutls_strerror (err));
1254
1353
const char *name = gnutls_sign_algorithm_get_name (err);
1421
1520
if (!notsigned)
1424
size_t dn_size = sizeof (dn);
1427
err = gnutls_x509_crl_get_issuer_dn (crl, dn, &dn_size);
1526
err = gnutls_x509_crl_get_issuer_dn (crl, NULL, &dn_size);
1527
if (err != GNUTLS_E_SHORT_MEMORY_BUFFER)
1429
1528
addf (str, "error: get_issuer_dn: %s\n", gnutls_strerror (err));
1431
addf (str, _("\tIssuer: %s\n"), dn);
1531
dn = gnutls_malloc (dn_size);
1533
addf (str, "error: malloc (%d): %s\n", (int) dn_size,
1534
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
1537
err = gnutls_x509_crl_get_issuer_dn (crl, dn, &dn_size);
1539
addf (str, "error: get_issuer_dn: %s\n",
1540
gnutls_strerror (err));
1542
addf (str, _("\tIssuer: %s\n"), dn);
1434
1548
/* Validity. */
1561
1675
buffer = gnutls_malloc (extlen);
1564
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
1678
addf (str, "error: malloc: %s\n",
1679
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
1664
1779
buffer = gnutls_malloc (size);
1667
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
1782
addf (str, "error: malloc: %s\n",
1783
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
1736
size_t dn_size = sizeof (dn);
1739
err = gnutls_x509_crq_get_dn (cert, dn, &dn_size);
1855
err = gnutls_x509_crq_get_dn (cert, NULL, &dn_size);
1856
if (err != GNUTLS_E_SHORT_MEMORY_BUFFER)
1741
1857
addf (str, "error: get_dn: %s\n", gnutls_strerror (err));
1743
addf (str, _("\tSubject: %s\n"), dn);
1860
dn = gnutls_malloc (dn_size);
1862
addf (str, "error: malloc (%d): %s\n", (int) dn_size,
1863
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
1866
err = gnutls_x509_crq_get_dn (cert, dn, &dn_size);
1868
addf (str, "error: get_dn: %s\n", gnutls_strerror (err));
1870
addf (str, _("\tSubject: %s\n"), dn);
1746
1876
/* SubjectPublicKeyInfo. */
1859
1989
else if (strcmp (oid, "1.2.840.113549.1.9.7") == 0)
1862
size_t pass_size = sizeof (pass);
1867
1997
"error: more than one Challenge password attribute\n");
1872
gnutls_x509_crq_get_challenge_password (cert, pass, &pass_size);
2001
err = gnutls_x509_crq_get_challenge_password (cert, NULL, &size);
2004
addf (str, "error: get_challenge_password: %s\n",
2005
gnutls_strerror (err));
2011
pass = gnutls_malloc (size);
2014
addf (str, "error: malloc: %s\n",
2015
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
2019
err = gnutls_x509_crq_get_challenge_password (cert, pass, &size);
1874
2021
addf (str, "error: get_challenge_password: %s\n",
1875
2022
gnutls_strerror (err));
1877
2024
addf (str, _("\t\tChallenge password: %s\n"), pass);
1896
2045
buffer = gnutls_malloc (extlen);
1899
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
2048
addf (str, "error: malloc: %s\n",
2049
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
1941
2091
buffer = gnutls_malloc (size);
1944
addf (str, "error: malloc: %s\n", gnutls_strerror (err));
2094
addf (str, "error: malloc: %s\n",
2095
gnutls_strerror (GNUTLS_E_MEMORY_ERROR));