PKI_X509_CRL_ENTRY * PKI_X509_CRL_ENTRY_new(const PKI_X509_CERT *cert,
PKI_X509_CRL_REASON reason,
const PKI_TIME * revDate,
const PKI_X509_PROFILE *profile ) {
PKI_X509_CRL_ENTRY *entry = NULL;
char *ser_s = NULL;
if((ser_s = PKI_X509_CERT_get_parsed(cert, PKI_X509_DATA_SERIAL))
== NULL ) {
return ( NULL );
}
entry = PKI_X509_CRL_ENTRY_new_serial ( ser_s, reason,
revDate, profile );
if( ser_s ) PKI_Free ( ser_s );
return ( entry );
}
int PKI_X509_CERT_print_parsed( PKI_X509_CERT *x,
PKI_X509_DATA type, int fd ) {
char * data = NULL;
int ret = PKI_OK;
if((data = PKI_X509_CERT_get_parsed( x, type )) == NULL ) {
return (PKI_ERR);
} else {
if( fd == 0 ) fd = 2;
if(write(fd, data, strlen( data )) == -1 ) {
ret = PKI_ERR;
} else {
ret = PKI_OK;
}
PKI_Free( data );
}
return (ret);
}
int PKI_X509_PKCS7_VALUE_print_bio ( PKI_IO *bio,
PKI_X509_PKCS7_VALUE *p7val ) {
int type;
int i,j;
int cert_num = -1;
int crl_num = -1;
int signers_num = -1;
char *tmp_str = NULL;
PKI_X509_PKCS7 *msg = NULL;
PKCS7_SIGNER_INFO *si = NULL;
PKI_X509_CERT *cert = NULL;
PKI_DIGEST *digest = NULL;
PKI_MEM *mem = NULL;
if (!bio || !p7val ) return PKI_ERR;
if (( msg = PKI_X509_new_dup_value ( PKI_DATATYPE_X509_PKCS7,
p7val, NULL )) == NULL ) {
return PKI_ERR;
}
type = PKI_X509_PKCS7_get_type ( msg );
BIO_printf( bio, "PKCS#7 Message:\r\n" );
BIO_printf( bio, " Message Type:\r\n " );
switch ( type ) {
case PKI_X509_PKCS7_TYPE_ENCRYPTED:
BIO_printf( bio, "Encrypted\r\n" );
break;
case PKI_X509_PKCS7_TYPE_SIGNED:
BIO_printf( bio, "Signed\r\n" );
break;
case PKI_X509_PKCS7_TYPE_SIGNEDANDENCRYPTED:
BIO_printf( bio, "Signed and Encrypted\r\n" );
break;
default:
BIO_printf( bio, "Unknown (%d)\r\n", type );
break;
}
BIO_printf( bio, " Message Data:\r\n");
if (( mem = PKI_X509_PKCS7_get_raw_data ( msg )) == NULL ) {
BIO_printf( bio, " None.\r\n");
} else {
int msg_type = 0;
BIO_printf( bio, " Size=%u bytes\r\n",
(unsigned int) mem->size );
msg_type = PKI_X509_PKCS7_get_type ( msg );
if ( msg_type == PKI_X509_PKCS7_TYPE_ENCRYPTED ||
msg_type ==
PKI_X509_PKCS7_TYPE_SIGNEDANDENCRYPTED){
BIO_printf( bio, " Encrypted=yes\r\n");
BIO_printf( bio, " Algorithm=%s\r\n",
PKI_ALGOR_get_parsed (
PKI_X509_PKCS7_get_encode_alg ( msg )));
} else {
BIO_printf( bio, " Encrypted=no\r\n");
}
PKI_MEM_free ( mem );
}
i = 0;
if (( si = PKI_X509_PKCS7_get_signer_info ( msg, i )) == NULL ) {
BIO_printf(bio, " Signature Info:\r\n" );
BIO_printf(bio, " No Signature found.\r\n" );
}
// Print the Signer Info
BIO_printf( bio, " Signer Info:\r\n");
signers_num = PKI_X509_PKCS7_get_signers_num ( msg );
for ( i = 0; i < signers_num; i++ ) {
PKCS7_ISSUER_AND_SERIAL *ias = NULL;
BIO_printf ( bio, " [%d of %d] Signer Details:\r\n",
i+1, signers_num );
if (( si = PKI_X509_PKCS7_get_signer_info ( msg, i )) == NULL )
break;
if((ias = si->issuer_and_serial) == NULL ) {
BIO_printf ( bio, " "
"ERROR::Missing Info!\r\n");
} else {
tmp_str = PKI_INTEGER_get_parsed ( ias->serial );
BIO_printf ( bio, " Serial=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_NAME_get_parsed ( ias->issuer );
BIO_printf ( bio, " Issuer=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
}
if ( si->digest_enc_alg ) {
BIO_printf( bio, " "
"Encryption Algoritm=%s\r\n",
PKI_ALGOR_get_parsed ( si->digest_enc_alg ));
}
if ( si->digest_alg ) {
BIO_printf( bio, " Digest Algorithm=%s\r\n",
PKI_ALGOR_get_parsed ( si->digest_alg ));
}
BIO_printf( bio, " Signed Attributes:\r\n");
if ( si->auth_attr ) {
PKI_X509_ATTRIBUTE *a = NULL;
int attr_num = 0;
char * tmp_str = NULL;
for ( attr_num = 0; attr_num <
PKI_STACK_X509_ATTRIBUTE_elements (
si->auth_attr ); attr_num++ ) {
a = PKI_STACK_X509_ATTRIBUTE_get_num (
si->auth_attr, attr_num );
if ( PKI_OID_get_id ( a->object ) ==
NID_pkcs9_messageDigest ) {
tmp_str = PKI_X509_ATTRIBUTE_get_parsed
( a );
BIO_printf( bio, " "
"Message Digest:");
for ( j=0; j < strlen(tmp_str); j++ ) {
if ( ( j % 60 ) == 0 ) {
BIO_printf (bio,
"\r\n ");
}
BIO_printf(bio,"%c",tmp_str[j]);
} BIO_printf( bio, "\r\n");
// PKI_Free ( tmp_str );
} else {
BIO_printf( bio, " %s=",
PKI_X509_ATTRIBUTE_get_descr (
a ) );
tmp_str=
PKI_X509_ATTRIBUTE_get_parsed(a);
BIO_printf( bio, "%s\r\n", tmp_str );
PKI_Free ( tmp_str );
}
}
} else {
BIO_printf( bio, " None.\r\n");
}
BIO_printf( bio," Non Signed Attributes:\r\n");
if ( si->unauth_attr ) {
PKI_X509_ATTRIBUTE *a = NULL;
int attr_num = 0;
char * tmp_str = NULL;
for ( attr_num = 0; attr_num <
PKI_STACK_X509_ATTRIBUTE_elements (
si->auth_attr ); attr_num++ ) {
a = PKI_STACK_X509_ATTRIBUTE_get_num (
si->auth_attr, attr_num );
BIO_printf( bio, " %s=",
PKI_X509_ATTRIBUTE_get_descr ( a ) );
tmp_str = PKI_X509_ATTRIBUTE_get_parsed ( a );
BIO_printf( bio, "%s\r\n", tmp_str );
PKI_Free ( tmp_str );
}
BIO_printf( bio, "\r\n");
} else {
BIO_printf( bio, " None.\r\n");
}
}
BIO_printf( bio, "\r\n Recipients Info:\r\n");
if( PKI_X509_PKCS7_has_recipients ( msg ) == PKI_ERR ) {
BIO_printf( bio, " No Recipients\r\n");
} else {
int rec_num = 0;
PKI_X509_CERT *rec = NULL;
rec_num = PKI_X509_PKCS7_get_recipients_num ( msg );
for ( i=0; i < rec_num; i++ ) {
rec = PKI_X509_PKCS7_get_recipient_cert ( msg, i );
if ( !rec ) {
PKCS7_RECIP_INFO *ri = NULL;
PKCS7_ISSUER_AND_SERIAL *ias = NULL;
BIO_printf( bio, " "
"[%d of %d] Recipient Details:\r\n",
i+1, rec_num );
ri = PKI_X509_PKCS7_get_recipient_info ( msg,i);
if (!ri) {
BIO_printf(bio," <ERROR>");
continue;
}
if((ias = ri->issuer_and_serial) != NULL ) {
tmp_str = PKI_INTEGER_get_parsed (
ias->serial );
BIO_printf( bio, " "
"Serial=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_NAME_get_parsed (
ias->issuer );
BIO_printf( bio, " "
"Issuer=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
BIO_printf( bio, " "
"Key Encoding Algorithm=%s\r\n",
PKI_ALGOR_get_parsed (
ri->key_enc_algor ));
}
} else {
BIO_printf( bio, " "
"[%d] Recipient Certificate:\r\n", i );
tmp_str = PKI_X509_CERT_get_parsed( cert,
PKI_X509_DATA_SUBJECT );
BIO_printf( bio, " "
"Subject=%s\r\n", tmp_str);
PKI_Free ( tmp_str );
}
}
}
/* Now Let's Check the CRLs */
BIO_printf(bio, "\r\n Certificates:\r\n");
if ((cert_num = PKI_X509_PKCS7_get_certs_num ( msg )) > 0 ) {
PKI_X509_CERT * cert = NULL;
for (i = 0; i < cert_num; i++ ) {
BIO_printf( bio, " [%d of %d] Certificate:\r\n",
i+1, cert_num);
if((cert = PKI_X509_PKCS7_get_cert ( msg, i )) == NULL ) {
BIO_printf( bio, " Error.\r\n");
continue;
};
tmp_str = PKI_X509_CERT_get_parsed( cert,
PKI_X509_DATA_SERIAL );
BIO_printf( bio, " Serial=%s\r\n",
tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_CERT_get_parsed( cert,
PKI_X509_DATA_ISSUER );
BIO_printf( bio, " Issuer=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_CERT_get_parsed( cert,
PKI_X509_DATA_SUBJECT );
BIO_printf( bio, " Subject=%s\r\n", tmp_str);
PKI_Free ( tmp_str );
digest = PKI_X509_CERT_fingerprint( cert,
PKI_DIGEST_ALG_DEFAULT );
tmp_str = PKI_DIGEST_get_parsed ( digest );
BIO_printf( bio, " Fingerprint [%s]:",
PKI_DIGEST_ALG_get_parsed (
PKI_DIGEST_ALG_DEFAULT ));
for ( j=0; j < strlen(tmp_str); j++ ) {
if ( ( j % 60 ) == 0 ) {
BIO_printf (bio,"\r\n ");
}
BIO_printf( bio, "%c", tmp_str[j] );
} BIO_printf( bio, "\r\n");
PKI_DIGEST_free ( digest );
PKI_Free ( tmp_str );
PKI_X509_CERT_free ( cert );
// X509_signature_print(bp,
// br->signatureAlgorithm, br->signature);
}
} else {
BIO_printf( bio, " None.\r\n");
}
BIO_printf(bio, "\r\n Certificate Revocation Lists:\r\n");
if((crl_num = PKI_X509_PKCS7_get_crls_num ( msg )) > 0 ) {
PKI_X509_CRL * crl = NULL;
for ( i = 0; i < crl_num; i++ ) {
BIO_printf( bio, " [%d of %d] CRL Details:\r\n",
i+1, crl_num );
if(( crl = PKI_X509_PKCS7_get_crl ( msg, i )) == NULL ) {
BIO_printf(bio," ERROR::Missing Data\r\n");
continue;
}
tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_VERSION);
BIO_printf( bio, " Version=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
// tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_SERIAL);
// BIO_printf( bio, " Serial=%s\r\n", tmp_str );
// PKI_Free ( tmp_str );
tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_ISSUER);
BIO_printf( bio, " Issuer=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_CRL_get_parsed(crl,
PKI_X509_DATA_ALGORITHM);
BIO_printf( bio, " Algorithm=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_CRL_get_parsed(crl,
PKI_X509_DATA_NOTBEFORE);
BIO_printf( bio, " Not Before=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_CRL_get_parsed(crl,
PKI_X509_DATA_NOTAFTER);
BIO_printf( bio, " Not After=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
PKI_X509_CRL_free ( crl );
}
} else {
BIO_printf( bio, " None.\r\n");
}
BIO_printf(bio, "\r\n");
return PKI_OK;
}