static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
PKEY_USAGE_PERIOD *usage, BIO *out, int indent)
{
BIO_printf(out, "%*s", indent, "");
if(usage->notBefore) {
BIO_write(out, "Not Before: ", 12);
ASN1_GENERALIZEDTIME_print(out, usage->notBefore);
if(usage->notAfter) BIO_write(out, ", ", 2);
}
if(usage->notAfter) {
BIO_write(out, "Not After: ", 11);
ASN1_GENERALIZEDTIME_print(out, usage->notAfter);
}
return 1;
}
static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
{
OCSP_CRLID *a = in;
if (a->crlUrl)
{
if (!BIO_printf(bp, "%*scrlUrl: ", ind, "")) goto err;
if (!ASN1_STRING_print(bp, (ASN1_STRING*)a->crlUrl)) goto err;
if (!BIO_write(bp, "\n", 1)) goto err;
}
if (a->crlNum)
{
if (!BIO_printf(bp, "%*scrlNum: ", ind, "")) goto err;
if (!i2a_ASN1_INTEGER(bp, a->crlNum)) goto err;
if (!BIO_write(bp, "\n", 1)) goto err;
}
if (a->crlTime)
{
if (!BIO_printf(bp, "%*scrlTime: ", ind, "")) goto err;
if (!ASN1_GENERALIZEDTIME_print(bp, a->crlTime)) goto err;
if (!BIO_write(bp, "\n", 1)) goto err;
}
return 1;
err:
return 0;
}
static time_t
ngx_ssl_stapling_time(ASN1_GENERALIZEDTIME *asn1time)
{
u_char *value;
size_t len;
time_t time;
BIO *bio;
/*
* OpenSSL doesn't provide a way to convert ASN1_GENERALIZEDTIME
* into time_t. To do this, we use ASN1_GENERALIZEDTIME_print(),
* which uses the "MMM DD HH:MM:SS YYYY [GMT]" format (e.g.,
* "Feb 3 00:55:52 2015 GMT"), and parse the result.
*/
bio = BIO_new(BIO_s_mem());
if (bio == NULL) {
return NGX_ERROR;
}
/* fake weekday prepended to match C asctime() format */
BIO_write(bio, "Tue ", sizeof("Tue ") - 1);
ASN1_GENERALIZEDTIME_print(bio, asn1time);
len = BIO_get_mem_data(bio, &value);
time = ngx_parse_http_time(value, len);
BIO_free(bio);
return time;
}
static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *cutoff,
BIO *bp, int ind)
{
if (BIO_printf(bp, "%*s", ind, "") <= 0) return 0;
if(!ASN1_GENERALIZEDTIME_print(bp, cutoff)) return 0;
return 1;
}
int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
{
if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm);
if(tm->type == V_ASN1_GENERALIZEDTIME)
return ASN1_GENERALIZEDTIME_print(bp, tm);
BIO_write(bp,"Bad time value",14);
return(0);
}
Handle<std::string> ASN1_TIME_toString(ASN1_TIME* time){
if (time == NULL)
THROW_EXCEPTION(0, Common, NULL, ERROR_PARAMETER_NULL, 1);
LOGGER_OPENSSL(ASN1_TIME_to_generalizedtime);
ASN1_GENERALIZEDTIME *gtime = ASN1_TIME_to_generalizedtime(time, NULL);
Handle<Bio> out = new Bio(BIO_TYPE_MEM, "");
LOGGER_OPENSSL(ASN1_GENERALIZEDTIME_print);
ASN1_GENERALIZEDTIME_print(out->internal(), gtime);
LOGGER_OPENSSL(ASN1_GENERALIZEDTIME_free);
ASN1_GENERALIZEDTIME_free(gtime);
return out->read();
}
static void timestamp_print(BIO *out, uint64_t timestamp)
{
ASN1_GENERALIZEDTIME *gen;
char genstr[20];
gen = ASN1_GENERALIZEDTIME_new();
ASN1_GENERALIZEDTIME_adj(gen, (time_t)0,
(int)(timestamp / 86400000),
(timestamp % 86400000) / 1000);
/*
* Note GeneralizedTime from ASN1_GENERALIZETIME_adj is always 15
* characters long with a final Z. Update it with fractional seconds.
*/
BIO_snprintf(genstr, sizeof(genstr), "%.14s.%03dZ",
ASN1_STRING_data(gen), (unsigned int)(timestamp % 1000));
ASN1_GENERALIZEDTIME_set_string(gen, genstr);
ASN1_GENERALIZEDTIME_print(out, gen);
ASN1_GENERALIZEDTIME_free(gen);
}
int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a)
{
int v;
ASN1_OBJECT *policy_id;
const ASN1_INTEGER *serial;
const ASN1_GENERALIZEDTIME *gtime;
TS_ACCURACY *accuracy;
const ASN1_INTEGER *nonce;
GENERAL_NAME *tsa_name;
if (a == NULL)
return 0;
/* Print version. */
v = TS_TST_INFO_get_version(a);
BIO_printf(bio, "Version: %d\n", v);
/* Print policy id. */
BIO_printf(bio, "Policy OID: ");
policy_id = TS_TST_INFO_get_policy_id(a);
TS_OBJ_print_bio(bio, policy_id);
/* Print message imprint. */
TS_MSG_IMPRINT_print_bio(bio, TS_TST_INFO_get_msg_imprint(a));
/* Print serial number. */
BIO_printf(bio, "Serial number: ");
serial = TS_TST_INFO_get_serial(a);
if (serial == NULL)
BIO_printf(bio, "unspecified");
else
TS_ASN1_INTEGER_print_bio(bio, serial);
BIO_write(bio, "\n", 1);
/* Print time stamp. */
BIO_printf(bio, "Time stamp: ");
gtime = TS_TST_INFO_get_time(a);
ASN1_GENERALIZEDTIME_print(bio, gtime);
BIO_write(bio, "\n", 1);
/* Print accuracy. */
BIO_printf(bio, "Accuracy: ");
accuracy = TS_TST_INFO_get_accuracy(a);
if (accuracy == NULL)
BIO_printf(bio, "unspecified");
else
TS_ACCURACY_print_bio(bio, accuracy);
BIO_write(bio, "\n", 1);
/* Print ordering. */
BIO_printf(bio, "Ordering: %s\n",
TS_TST_INFO_get_ordering(a) ? "yes" : "no");
/* Print nonce. */
BIO_printf(bio, "Nonce: ");
nonce = TS_TST_INFO_get_nonce(a);
if (nonce == NULL)
BIO_printf(bio, "unspecified");
else
TS_ASN1_INTEGER_print_bio(bio, nonce);
BIO_write(bio, "\n", 1);
/* Print TSA name. */
BIO_printf(bio, "TSA: ");
tsa_name = TS_TST_INFO_get_tsa(a);
if (tsa_name == NULL)
BIO_printf(bio, "unspecified");
else {
STACK_OF(CONF_VALUE) *nval;
if ((nval = i2v_GENERAL_NAME(NULL, tsa_name, NULL)))
X509V3_EXT_val_prn(bio, nval, 0, 0);
sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
}
BIO_write(bio, "\n", 1);
/* Print extensions. */
TS_ext_print_bio(bio, TS_TST_INFO_get_exts(a));
return 1;
}
int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
{
int i, ret = 0;
long l;
OCSP_CERTID *cid = NULL;
OCSP_BASICRESP *br = NULL;
OCSP_RESPID *rid = NULL;
OCSP_RESPDATA *rd = NULL;
OCSP_CERTSTATUS *cst = NULL;
OCSP_REVOKEDINFO *rev = NULL;
OCSP_SINGLERESP *single = NULL;
OCSP_RESPBYTES *rb = o->responseBytes;
if (BIO_puts(bp,"OCSP Response Data:\n") <= 0) goto err;
l=ASN1_ENUMERATED_get(o->responseStatus);
if (BIO_printf(bp," OCSP Response Status: %s (0x%lx)\n",
OCSP_response_status_str(l), l) <= 0) goto err;
if (rb == NULL) return 1;
if (BIO_puts(bp," Response Type: ") <= 0)
goto err;
if(i2a_ASN1_OBJECT(bp, rb->responseType) <= 0)
goto err;
if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic)
{
BIO_puts(bp," (unknown response type)\n");
return 1;
}
i = ASN1_STRING_length(rb->response);
if (!(br = OCSP_response_get1_basic(o))) goto err;
rd = br->tbsResponseData;
l=ASN1_INTEGER_get(rd->version);
if (BIO_printf(bp,"\n Version: %lu (0x%lx)\n",
l+1,l) <= 0) goto err;
if (BIO_puts(bp," Responder Id: ") <= 0) goto err;
rid = rd->responderId;
switch (rid->type)
{
case V_OCSP_RESPID_NAME:
X509_NAME_print_ex(bp, rid->value.byName, 0, XN_FLAG_ONELINE);
break;
case V_OCSP_RESPID_KEY:
i2a_ASN1_STRING(bp, rid->value.byKey, V_ASN1_OCTET_STRING);
break;
}
if (BIO_printf(bp,"\n Produced At: ")<=0) goto err;
if (!ASN1_GENERALIZEDTIME_print(bp, rd->producedAt)) goto err;
if (BIO_printf(bp,"\n Responses:\n") <= 0) goto err;
for (i = 0; i < sk_OCSP_SINGLERESP_num(rd->responses); i++)
{
if (! sk_OCSP_SINGLERESP_value(rd->responses, i)) continue;
single = sk_OCSP_SINGLERESP_value(rd->responses, i);
cid = single->certId;
if(ocsp_certid_print(bp, cid, 4) <= 0) goto err;
cst = single->certStatus;
if (BIO_printf(bp," Cert Status: %s",
OCSP_cert_status_str(cst->type)) <= 0)
goto err;
if (cst->type == V_OCSP_CERTSTATUS_REVOKED)
{
rev = cst->value.revoked;
if (BIO_printf(bp, "\n Revocation Time: ") <= 0)
goto err;
if (!ASN1_GENERALIZEDTIME_print(bp,
rev->revocationTime))
goto err;
if (rev->revocationReason)
{
l=ASN1_ENUMERATED_get(rev->revocationReason);
if (BIO_printf(bp,
"\n Revocation Reason: %s (0x%lx)",
OCSP_crl_reason_str(l), l) <= 0)
goto err;
}
}
if (BIO_printf(bp,"\n This Update: ") <= 0) goto err;
if (!ASN1_GENERALIZEDTIME_print(bp, single->thisUpdate))
goto err;
if (single->nextUpdate)
{
if (BIO_printf(bp,"\n Next Update: ") <= 0)goto err;
if (!ASN1_GENERALIZEDTIME_print(bp,single->nextUpdate))
goto err;
}
if (BIO_write(bp,"\n",1) <= 0) goto err;
if (!X509V3_extensions_print(bp,
"Response Single Extensions",
single->singleExtensions, flags, 8))
goto err;
if (BIO_write(bp,"\n",1) <= 0) goto err;
}
if (!X509V3_extensions_print(bp, "Response Extensions",
rd->responseExtensions, flags, 4))
goto err;
if(X509_signature_print(bp, br->signatureAlgorithm, br->signature) <= 0)
goto err;
for (i=0; i<sk_X509_num(br->certs); i++)
{
X509_print(bp, sk_X509_value(br->certs,i));
PEM_write_bio_X509(bp,sk_X509_value(br->certs,i));
}
ret = 1;
err:
OCSP_BASICRESP_free(br);
return ret;
}
int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a)
{
int v;
if (a == NULL)
return 0;
/* Print version. */
v = ASN1_INTEGER_get(a->version);
BIO_printf(bio, "Version: %d\n", v);
/* Print policy id. */
BIO_printf(bio, "Policy OID: ");
TS_OBJ_print_bio(bio, a->policy_id);
/* Print message imprint. */
TS_MSG_IMPRINT_print_bio(bio, a->msg_imprint);
/* Print serial number. */
BIO_printf(bio, "Serial number: ");
if (a->serial == NULL)
BIO_printf(bio, "unspecified");
else
TS_ASN1_INTEGER_print_bio(bio, a->serial);
BIO_write(bio, "\n", 1);
/* Print time stamp. */
BIO_printf(bio, "Time stamp: ");
ASN1_GENERALIZEDTIME_print(bio, a->time);
BIO_write(bio, "\n", 1);
/* Print accuracy. */
BIO_printf(bio, "Accuracy: ");
if (a->accuracy == NULL)
BIO_printf(bio, "unspecified");
else
ts_ACCURACY_print_bio(bio, a->accuracy);
BIO_write(bio, "\n", 1);
/* Print ordering. */
BIO_printf(bio, "Ordering: %s\n", a->ordering ? "yes" : "no");
/* Print nonce. */
BIO_printf(bio, "Nonce: ");
if (a->nonce == NULL)
BIO_printf(bio, "unspecified");
else
TS_ASN1_INTEGER_print_bio(bio, a->nonce);
BIO_write(bio, "\n", 1);
/* Print TSA name. */
BIO_printf(bio, "TSA: ");
if (a->tsa == NULL)
BIO_printf(bio, "unspecified");
else {
STACK_OF(CONF_VALUE) *nval;
if ((nval = i2v_GENERAL_NAME(NULL, a->tsa, NULL)))
X509V3_EXT_val_prn(bio, nval, 0, 0);
sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
}
BIO_write(bio, "\n", 1);
/* Print extensions. */
TS_ext_print_bio(bio, a->extensions);
return 1;
}