char * PKI_X509_CERT_get_parsed(const PKI_X509_CERT *x,
PKI_X509_DATA type ) {
char *ret = NULL;
PKI_X509_KEYPAIR *k = NULL;
const PKI_X509_KEYPAIR_VALUE *pkey = NULL;
if( !x ) return (NULL);
switch( type ) {
case PKI_X509_DATA_SERIAL:
ret = PKI_INTEGER_get_parsed((PKI_INTEGER *)
PKI_X509_CERT_get_data(x, type));
break;
case PKI_X509_DATA_SUBJECT:
case PKI_X509_DATA_ISSUER:
ret = PKI_X509_NAME_get_parsed((PKI_X509_NAME *)
PKI_X509_CERT_get_data(x, type));
break;
case PKI_X509_DATA_NOTBEFORE:
case PKI_X509_DATA_NOTAFTER:
ret = PKI_TIME_get_parsed((PKI_TIME *)PKI_X509_CERT_get_data(x, type));
break;
case PKI_X509_DATA_ALGORITHM:
ret = (char *) PKI_ALGOR_get_parsed((PKI_ALGOR *)
PKI_X509_CERT_get_data(x,type));
break;
case PKI_X509_DATA_PUBKEY:
case PKI_X509_DATA_KEYPAIR_VALUE:
if ((pkey = PKI_X509_CERT_get_data(x, type)) != NULL) {
k = PKI_X509_new_dup_value(PKI_DATATYPE_X509_KEYPAIR, pkey, NULL);
ret = PKI_X509_KEYPAIR_get_parsed( k );
PKI_X509_KEYPAIR_free(k);
}
break;
case PKI_X509_DATA_KEYSIZE:
PKI_ERROR(PKI_ERR_PARAM_TYPE, "Deprecated Cert Datatype");
break;
case PKI_X509_DATA_CERT_TYPE:
case PKI_X509_DATA_SIGNATURE:
case PKI_X509_DATA_EXTENSIONS:
default:
/* Not Recognized/Supported DATATYPE */
return (NULL);
}
return (ret);
}
char * PKI_X509_CRL_get_parsed(const PKI_X509_CRL *x, PKI_X509_DATA type ) {
char *ret = NULL;
const PKI_ALGOR *al = NULL;
if (!x || !x->value) return NULL;
switch (type)
{
case PKI_X509_DATA_VERSION:
ret = PKI_INTEGER_get_parsed(
PKI_X509_CRL_get_data(x, type));
if (!ret) ret = strdup("NONE");
break;
case PKI_X509_DATA_ISSUER:
ret = PKI_X509_NAME_get_parsed(
PKI_X509_CRL_get_data(x, type));
if (!ret) ret = strdup("NONE");
break;
case PKI_X509_DATA_ALGORITHM:
if ((al = PKI_X509_CRL_get_data(x, type)) != NULL)
ret = strdup(PKI_OID_get_descr(al->algorithm));
else
ret = strdup("NONE");
break;
case PKI_X509_DATA_LASTUPDATE:
case PKI_X509_DATA_NEXTUPDATE:
case PKI_X509_DATA_NOTBEFORE:
case PKI_X509_DATA_NOTAFTER:
ret = PKI_TIME_get_parsed(
PKI_X509_CRL_get_data(x, type));
if (!ret) ret = strdup("NONE");
break;
default:
/* Not Recognized/Supported DATATYPE */
return NULL;
}
return ret;
}
int PKI_X509_PKCS7_VALUE_print_bio ( PKI_IO *bio,
PKI_X509_PKCS7_VALUE *p7val ) {
int type;
int i,j;
int cert_num = -1;
int crl_num = -1;
int signers_num = -1;
char *tmp_str = NULL;
PKI_X509_PKCS7 *msg = NULL;
PKCS7_SIGNER_INFO *si = NULL;
PKI_X509_CERT *cert = NULL;
PKI_DIGEST *digest = NULL;
PKI_MEM *mem = NULL;
if (!bio || !p7val ) return PKI_ERR;
if (( msg = PKI_X509_new_dup_value ( PKI_DATATYPE_X509_PKCS7,
p7val, NULL )) == NULL ) {
return PKI_ERR;
}
type = PKI_X509_PKCS7_get_type ( msg );
BIO_printf( bio, "PKCS#7 Message:\r\n" );
BIO_printf( bio, " Message Type:\r\n " );
switch ( type ) {
case PKI_X509_PKCS7_TYPE_ENCRYPTED:
BIO_printf( bio, "Encrypted\r\n" );
break;
case PKI_X509_PKCS7_TYPE_SIGNED:
BIO_printf( bio, "Signed\r\n" );
break;
case PKI_X509_PKCS7_TYPE_SIGNEDANDENCRYPTED:
BIO_printf( bio, "Signed and Encrypted\r\n" );
break;
default:
BIO_printf( bio, "Unknown (%d)\r\n", type );
break;
}
BIO_printf( bio, " Message Data:\r\n");
if (( mem = PKI_X509_PKCS7_get_raw_data ( msg )) == NULL ) {
BIO_printf( bio, " None.\r\n");
} else {
int msg_type = 0;
BIO_printf( bio, " Size=%u bytes\r\n",
(unsigned int) mem->size );
msg_type = PKI_X509_PKCS7_get_type ( msg );
if ( msg_type == PKI_X509_PKCS7_TYPE_ENCRYPTED ||
msg_type ==
PKI_X509_PKCS7_TYPE_SIGNEDANDENCRYPTED){
BIO_printf( bio, " Encrypted=yes\r\n");
BIO_printf( bio, " Algorithm=%s\r\n",
PKI_ALGOR_get_parsed (
PKI_X509_PKCS7_get_encode_alg ( msg )));
} else {
BIO_printf( bio, " Encrypted=no\r\n");
}
PKI_MEM_free ( mem );
}
i = 0;
if (( si = PKI_X509_PKCS7_get_signer_info ( msg, i )) == NULL ) {
BIO_printf(bio, " Signature Info:\r\n" );
BIO_printf(bio, " No Signature found.\r\n" );
}
// Print the Signer Info
BIO_printf( bio, " Signer Info:\r\n");
signers_num = PKI_X509_PKCS7_get_signers_num ( msg );
for ( i = 0; i < signers_num; i++ ) {
PKCS7_ISSUER_AND_SERIAL *ias = NULL;
BIO_printf ( bio, " [%d of %d] Signer Details:\r\n",
i+1, signers_num );
if (( si = PKI_X509_PKCS7_get_signer_info ( msg, i )) == NULL )
break;
if((ias = si->issuer_and_serial) == NULL ) {
BIO_printf ( bio, " "
"ERROR::Missing Info!\r\n");
} else {
tmp_str = PKI_INTEGER_get_parsed ( ias->serial );
BIO_printf ( bio, " Serial=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_NAME_get_parsed ( ias->issuer );
BIO_printf ( bio, " Issuer=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
}
if ( si->digest_enc_alg ) {
BIO_printf( bio, " "
"Encryption Algoritm=%s\r\n",
PKI_ALGOR_get_parsed ( si->digest_enc_alg ));
}
if ( si->digest_alg ) {
BIO_printf( bio, " Digest Algorithm=%s\r\n",
PKI_ALGOR_get_parsed ( si->digest_alg ));
}
BIO_printf( bio, " Signed Attributes:\r\n");
if ( si->auth_attr ) {
PKI_X509_ATTRIBUTE *a = NULL;
int attr_num = 0;
char * tmp_str = NULL;
for ( attr_num = 0; attr_num <
PKI_STACK_X509_ATTRIBUTE_elements (
si->auth_attr ); attr_num++ ) {
a = PKI_STACK_X509_ATTRIBUTE_get_num (
si->auth_attr, attr_num );
if ( PKI_OID_get_id ( a->object ) ==
NID_pkcs9_messageDigest ) {
tmp_str = PKI_X509_ATTRIBUTE_get_parsed
( a );
BIO_printf( bio, " "
"Message Digest:");
for ( j=0; j < strlen(tmp_str); j++ ) {
if ( ( j % 60 ) == 0 ) {
BIO_printf (bio,
"\r\n ");
}
BIO_printf(bio,"%c",tmp_str[j]);
} BIO_printf( bio, "\r\n");
// PKI_Free ( tmp_str );
} else {
BIO_printf( bio, " %s=",
PKI_X509_ATTRIBUTE_get_descr (
a ) );
tmp_str=
PKI_X509_ATTRIBUTE_get_parsed(a);
BIO_printf( bio, "%s\r\n", tmp_str );
PKI_Free ( tmp_str );
}
}
} else {
BIO_printf( bio, " None.\r\n");
}
BIO_printf( bio," Non Signed Attributes:\r\n");
if ( si->unauth_attr ) {
PKI_X509_ATTRIBUTE *a = NULL;
int attr_num = 0;
char * tmp_str = NULL;
for ( attr_num = 0; attr_num <
PKI_STACK_X509_ATTRIBUTE_elements (
si->auth_attr ); attr_num++ ) {
a = PKI_STACK_X509_ATTRIBUTE_get_num (
si->auth_attr, attr_num );
BIO_printf( bio, " %s=",
PKI_X509_ATTRIBUTE_get_descr ( a ) );
tmp_str = PKI_X509_ATTRIBUTE_get_parsed ( a );
BIO_printf( bio, "%s\r\n", tmp_str );
PKI_Free ( tmp_str );
}
BIO_printf( bio, "\r\n");
} else {
BIO_printf( bio, " None.\r\n");
}
}
BIO_printf( bio, "\r\n Recipients Info:\r\n");
if( PKI_X509_PKCS7_has_recipients ( msg ) == PKI_ERR ) {
BIO_printf( bio, " No Recipients\r\n");
} else {
int rec_num = 0;
PKI_X509_CERT *rec = NULL;
rec_num = PKI_X509_PKCS7_get_recipients_num ( msg );
for ( i=0; i < rec_num; i++ ) {
rec = PKI_X509_PKCS7_get_recipient_cert ( msg, i );
if ( !rec ) {
PKCS7_RECIP_INFO *ri = NULL;
PKCS7_ISSUER_AND_SERIAL *ias = NULL;
BIO_printf( bio, " "
"[%d of %d] Recipient Details:\r\n",
i+1, rec_num );
ri = PKI_X509_PKCS7_get_recipient_info ( msg,i);
if (!ri) {
BIO_printf(bio," <ERROR>");
continue;
}
if((ias = ri->issuer_and_serial) != NULL ) {
tmp_str = PKI_INTEGER_get_parsed (
ias->serial );
BIO_printf( bio, " "
"Serial=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_NAME_get_parsed (
ias->issuer );
BIO_printf( bio, " "
"Issuer=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
BIO_printf( bio, " "
"Key Encoding Algorithm=%s\r\n",
PKI_ALGOR_get_parsed (
ri->key_enc_algor ));
}
} else {
BIO_printf( bio, " "
"[%d] Recipient Certificate:\r\n", i );
tmp_str = PKI_X509_CERT_get_parsed( cert,
PKI_X509_DATA_SUBJECT );
BIO_printf( bio, " "
"Subject=%s\r\n", tmp_str);
PKI_Free ( tmp_str );
}
}
}
/* Now Let's Check the CRLs */
BIO_printf(bio, "\r\n Certificates:\r\n");
if ((cert_num = PKI_X509_PKCS7_get_certs_num ( msg )) > 0 ) {
PKI_X509_CERT * cert = NULL;
for (i = 0; i < cert_num; i++ ) {
BIO_printf( bio, " [%d of %d] Certificate:\r\n",
i+1, cert_num);
if((cert = PKI_X509_PKCS7_get_cert ( msg, i )) == NULL ) {
BIO_printf( bio, " Error.\r\n");
continue;
};
tmp_str = PKI_X509_CERT_get_parsed( cert,
PKI_X509_DATA_SERIAL );
BIO_printf( bio, " Serial=%s\r\n",
tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_CERT_get_parsed( cert,
PKI_X509_DATA_ISSUER );
BIO_printf( bio, " Issuer=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_CERT_get_parsed( cert,
PKI_X509_DATA_SUBJECT );
BIO_printf( bio, " Subject=%s\r\n", tmp_str);
PKI_Free ( tmp_str );
digest = PKI_X509_CERT_fingerprint( cert,
PKI_DIGEST_ALG_DEFAULT );
tmp_str = PKI_DIGEST_get_parsed ( digest );
BIO_printf( bio, " Fingerprint [%s]:",
PKI_DIGEST_ALG_get_parsed (
PKI_DIGEST_ALG_DEFAULT ));
for ( j=0; j < strlen(tmp_str); j++ ) {
if ( ( j % 60 ) == 0 ) {
BIO_printf (bio,"\r\n ");
}
BIO_printf( bio, "%c", tmp_str[j] );
} BIO_printf( bio, "\r\n");
PKI_DIGEST_free ( digest );
PKI_Free ( tmp_str );
PKI_X509_CERT_free ( cert );
// X509_signature_print(bp,
// br->signatureAlgorithm, br->signature);
}
} else {
BIO_printf( bio, " None.\r\n");
}
BIO_printf(bio, "\r\n Certificate Revocation Lists:\r\n");
if((crl_num = PKI_X509_PKCS7_get_crls_num ( msg )) > 0 ) {
PKI_X509_CRL * crl = NULL;
for ( i = 0; i < crl_num; i++ ) {
BIO_printf( bio, " [%d of %d] CRL Details:\r\n",
i+1, crl_num );
if(( crl = PKI_X509_PKCS7_get_crl ( msg, i )) == NULL ) {
BIO_printf(bio," ERROR::Missing Data\r\n");
continue;
}
tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_VERSION);
BIO_printf( bio, " Version=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
// tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_SERIAL);
// BIO_printf( bio, " Serial=%s\r\n", tmp_str );
// PKI_Free ( tmp_str );
tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_ISSUER);
BIO_printf( bio, " Issuer=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_CRL_get_parsed(crl,
PKI_X509_DATA_ALGORITHM);
BIO_printf( bio, " Algorithm=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_CRL_get_parsed(crl,
PKI_X509_DATA_NOTBEFORE);
BIO_printf( bio, " Not Before=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
tmp_str = PKI_X509_CRL_get_parsed(crl,
PKI_X509_DATA_NOTAFTER);
BIO_printf( bio, " Not After=%s\r\n", tmp_str );
PKI_Free ( tmp_str );
PKI_X509_CRL_free ( crl );
}
} else {
BIO_printf( bio, " None.\r\n");
}
BIO_printf(bio, "\r\n");
return PKI_OK;
}
