t_req.c revision 280297
1227064Sbz/* crypto/asn1/t_req.c */ 2227064Sbz/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3227064Sbz * All rights reserved. 4227064Sbz * 5227064Sbz * This package is an SSL implementation written 6227064Sbz * by Eric Young (eay@cryptsoft.com). 7227064Sbz * The implementation was written so as to conform with Netscapes SSL. 8227064Sbz * 9227064Sbz * This library is free for commercial and non-commercial use as long as 10227064Sbz * the following conditions are aheared to. The following conditions 11227064Sbz * apply to all code found in this distribution, be it the RC4, RSA, 12227064Sbz * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13227064Sbz * included with this distribution is covered by the same copyright terms 14227064Sbz * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15227064Sbz * 16227064Sbz * Copyright remains Eric Young's, and as such any Copyright notices in 17227064Sbz * the code are not to be removed. 18227064Sbz * If this package is used in a product, Eric Young should be given attribution 19227064Sbz * as the author of the parts of the library used. 20227064Sbz * This can be in the form of a textual message at program startup or 21227064Sbz * in documentation (online or textual) provided with the package. 22227064Sbz * 23227064Sbz * Redistribution and use in source and binary forms, with or without 24227064Sbz * modification, are permitted provided that the following conditions 25227064Sbz * are met: 26227064Sbz * 1. Redistributions of source code must retain the copyright 27227064Sbz * notice, this list of conditions and the following disclaimer. 28227064Sbz * 2. Redistributions in binary form must reproduce the above copyright 29227064Sbz * notice, this list of conditions and the following disclaimer in the 30227064Sbz * documentation and/or other materials provided with the distribution. 31227064Sbz * 3. All advertising materials mentioning features or use of this software 32227064Sbz * must display the following acknowledgement: 33227064Sbz * "This product includes cryptographic software written by 34227064Sbz * Eric Young (eay@cryptsoft.com)" 35227064Sbz * The word 'cryptographic' can be left out if the rouines from the library 36227064Sbz * being used are not cryptographic related :-). 37227064Sbz * 4. If you include any Windows specific code (or a derivative thereof) from 38227064Sbz * the apps directory (application code) you must include an acknowledgement: 39227064Sbz * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40227064Sbz * 41227064Sbz * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42227064Sbz * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43227064Sbz * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44227064Sbz * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45227064Sbz * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46227064Sbz * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47227064Sbz * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48227064Sbz * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49227064Sbz * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50227064Sbz * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51227064Sbz * SUCH DAMAGE. 52227064Sbz * 53227064Sbz * The licence and distribution terms for any publically available version or 54227064Sbz * derivative of this code cannot be changed. i.e. this code cannot simply be 55227064Sbz * copied and put under another distribution licence 56227064Sbz * [including the GNU Public Licence.] 57227064Sbz */ 58227064Sbz 59227064Sbz#include <stdio.h> 60227064Sbz#include "cryptlib.h" 61227064Sbz#include <openssl/buffer.h> 62227064Sbz#include <openssl/bn.h> 63227064Sbz#include <openssl/objects.h> 64227064Sbz#include <openssl/x509.h> 65227064Sbz#include <openssl/x509v3.h> 66227064Sbz#ifndef OPENSSL_NO_RSA 67227064Sbz# include <openssl/rsa.h> 68227064Sbz#endif 69227064Sbz#ifndef OPENSSL_NO_DSA 70227064Sbz# include <openssl/dsa.h> 71227064Sbz#endif 72227064Sbz 73227064Sbz#ifndef OPENSSL_NO_FP_API 74227064Sbzint X509_REQ_print_fp(FILE *fp, X509_REQ *x) 75227064Sbz{ 76227064Sbz BIO *b; 77227064Sbz int ret; 78227064Sbz 79227064Sbz if ((b = BIO_new(BIO_s_file())) == NULL) { 80227064Sbz X509err(X509_F_X509_REQ_PRINT_FP, ERR_R_BUF_LIB); 81227064Sbz return (0); 82227064Sbz } 83227064Sbz BIO_set_fp(b, fp, BIO_NOCLOSE); 84227064Sbz ret = X509_REQ_print(b, x); 85227064Sbz BIO_free(b); 86227064Sbz return (ret); 87227064Sbz} 88227064Sbz#endif 89227064Sbz 90227064Sbzint X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, 91227064Sbz unsigned long cflag) 92227064Sbz{ 93227064Sbz unsigned long l; 94227064Sbz int i; 95227064Sbz const char *neg; 96227064Sbz X509_REQ_INFO *ri; 97227064Sbz EVP_PKEY *pkey; 98227064Sbz STACK_OF(X509_ATTRIBUTE) *sk; 99227064Sbz STACK_OF(X509_EXTENSION) *exts; 100227064Sbz char mlch = ' '; 101227064Sbz int nmindent = 0; 102227064Sbz 103227064Sbz if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { 104227064Sbz mlch = '\n'; 105227064Sbz nmindent = 12; 106227064Sbz } 107227064Sbz 108227064Sbz if (nmflags == X509_FLAG_COMPAT) 109227064Sbz nmindent = 16; 110227064Sbz 111227064Sbz ri = x->req_info; 112227064Sbz if (!(cflag & X509_FLAG_NO_HEADER)) { 113227064Sbz if (BIO_write(bp, "Certificate Request:\n", 21) <= 0) 114227064Sbz goto err; 115227064Sbz if (BIO_write(bp, " Data:\n", 10) <= 0) 116227064Sbz goto err; 117227064Sbz } 118227064Sbz if (!(cflag & X509_FLAG_NO_VERSION)) { 119227064Sbz neg = (ri->version->type == V_ASN1_NEG_INTEGER) ? "-" : ""; 120227064Sbz l = 0; 121227064Sbz for (i = 0; i < ri->version->length; i++) { 122227064Sbz l <<= 8; 123227064Sbz l += ri->version->data[i]; 124227064Sbz } 125227064Sbz if (BIO_printf(bp, "%8sVersion: %s%lu (%s0x%lx)\n", "", neg, l, neg, 126227064Sbz l) <= 0) 127227064Sbz goto err; 128227064Sbz } 129227064Sbz if (!(cflag & X509_FLAG_NO_SUBJECT)) { 130227064Sbz if (BIO_printf(bp, " Subject:%c", mlch) <= 0) 131227064Sbz goto err; 132227064Sbz if (X509_NAME_print_ex(bp, ri->subject, nmindent, nmflags) < 0) 133227064Sbz goto err; 134227064Sbz if (BIO_write(bp, "\n", 1) <= 0) 135227064Sbz goto err; 136227064Sbz } 137227064Sbz if (!(cflag & X509_FLAG_NO_PUBKEY)) { 138227064Sbz if (BIO_write(bp, " Subject Public Key Info:\n", 33) <= 0) 139227064Sbz goto err; 140227064Sbz if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0) 141227064Sbz goto err; 142227064Sbz if (i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) <= 0) 143227064Sbz goto err; 144227064Sbz if (BIO_puts(bp, "\n") <= 0) 145227064Sbz goto err; 146227064Sbz 147227064Sbz pkey = X509_REQ_get_pubkey(x); 148227064Sbz if (pkey == NULL) { 149227064Sbz BIO_printf(bp, "%12sUnable to load Public Key\n", ""); 150227064Sbz ERR_print_errors(bp); 151227064Sbz } else { 152227064Sbz EVP_PKEY_print_public(bp, pkey, 16, NULL); 153227064Sbz EVP_PKEY_free(pkey); 154227064Sbz } 155227064Sbz } 156227064Sbz 157227064Sbz if (!(cflag & X509_FLAG_NO_ATTRIBUTES)) { 158227064Sbz /* may not be */ 159227064Sbz if (BIO_printf(bp, "%8sAttributes:\n", "") <= 0) 160227064Sbz goto err; 161227064Sbz 162227064Sbz sk = x->req_info->attributes; 163227064Sbz if (sk_X509_ATTRIBUTE_num(sk) == 0) { 164227064Sbz if (BIO_printf(bp, "%12sa0:00\n", "") <= 0) 165227064Sbz goto err; 166227064Sbz } else { 167227064Sbz for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) { 168227064Sbz ASN1_TYPE *at; 169227064Sbz X509_ATTRIBUTE *a; 170227064Sbz ASN1_BIT_STRING *bs = NULL; 171227064Sbz ASN1_TYPE *t; 172227064Sbz int j, type = 0, count = 1, ii = 0; 173227064Sbz 174227064Sbz a = sk_X509_ATTRIBUTE_value(sk, i); 175227064Sbz if (X509_REQ_extension_nid(OBJ_obj2nid(a->object))) 176227064Sbz continue; 177227064Sbz if (BIO_printf(bp, "%12s", "") <= 0) 178227064Sbz goto err; 179227064Sbz if ((j = i2a_ASN1_OBJECT(bp, a->object)) > 0) { 180227064Sbz if (a->single) { 181227064Sbz t = a->value.single; 182227064Sbz type = t->type; 183227064Sbz bs = t->value.bit_string; 184227064Sbz } else { 185227064Sbz ii = 0; 186227064Sbz count = sk_ASN1_TYPE_num(a->value.set); 187227064Sbz get_next: 188227064Sbz at = sk_ASN1_TYPE_value(a->value.set, ii); 189227064Sbz type = at->type; 190227064Sbz bs = at->value.asn1_string; 191227064Sbz } 192227064Sbz } 193227064Sbz for (j = 25 - j; j > 0; j--) 194227064Sbz if (BIO_write(bp, " ", 1) != 1) 195227064Sbz goto err; 196227064Sbz if (BIO_puts(bp, ":") <= 0) 197227064Sbz goto err; 198227064Sbz if ((type == V_ASN1_PRINTABLESTRING) || 199227064Sbz (type == V_ASN1_T61STRING) || 200227064Sbz (type == V_ASN1_IA5STRING)) { 201227064Sbz if (BIO_write(bp, (char *)bs->data, bs->length) 202227064Sbz != bs->length) 203227064Sbz goto err; 204227064Sbz BIO_puts(bp, "\n"); 205227064Sbz } else { 206227064Sbz BIO_puts(bp, "unable to print attribute\n"); 207227064Sbz } 208227064Sbz if (++ii < count) 209227064Sbz goto get_next; 210227064Sbz } 211227064Sbz } 212227064Sbz } 213227064Sbz if (!(cflag & X509_FLAG_NO_EXTENSIONS)) { 214227064Sbz exts = X509_REQ_get_extensions(x); 215227064Sbz if (exts) { 216227064Sbz BIO_printf(bp, "%8sRequested Extensions:\n", ""); 217227064Sbz for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) { 218227064Sbz ASN1_OBJECT *obj; 219227064Sbz X509_EXTENSION *ex; 220227064Sbz int j; 221227064Sbz ex = sk_X509_EXTENSION_value(exts, i); 222227064Sbz if (BIO_printf(bp, "%12s", "") <= 0) 223227064Sbz goto err; 224227064Sbz obj = X509_EXTENSION_get_object(ex); 225227064Sbz i2a_ASN1_OBJECT(bp, obj); 226227064Sbz j = X509_EXTENSION_get_critical(ex); 227227064Sbz if (BIO_printf(bp, ": %s\n", j ? "critical" : "") <= 0) 228227064Sbz goto err; 229227064Sbz if (!X509V3_EXT_print(bp, ex, cflag, 16)) { 230227064Sbz BIO_printf(bp, "%16s", ""); 231227064Sbz M_ASN1_OCTET_STRING_print(bp, ex->value); 232227064Sbz } 233227064Sbz if (BIO_write(bp, "\n", 1) <= 0) 234227064Sbz goto err; 235227064Sbz } 236227064Sbz sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); 237227064Sbz } 238227064Sbz } 239227064Sbz 240227064Sbz if (!(cflag & X509_FLAG_NO_SIGDUMP)) { 241227064Sbz if (!X509_signature_print(bp, x->sig_alg, x->signature)) 242227064Sbz goto err; 243227064Sbz } 244227064Sbz 245227064Sbz return (1); 246227064Sbz err: 247227064Sbz X509err(X509_F_X509_REQ_PRINT_EX, ERR_R_BUF_LIB); 248227064Sbz return (0); 249227064Sbz} 250227064Sbz 251227064Sbzint X509_REQ_print(BIO *bp, X509_REQ *x) 252227064Sbz{ 253227064Sbz return X509_REQ_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT); 254227064Sbz} 255227064Sbz