Exemple #1
0
const char * PKI_OID_get_descr ( PKI_OID *a ) {

	int nid;

        if( !a ) return ("Unknown");

        nid = PKI_OID_get_id( a );

        if( nid != NID_undef ) {
                return ( OBJ_nid2ln( nid ) );
        }

	return ("Unknown");
}
Exemple #2
0
PKI_X509_EXTENSION *PKI_X509_CERT_get_extension_by_oid(const PKI_X509_CERT  *x, 
                				       const PKI_OID *id ) {
  PKI_ID nid = PKI_ID_UNKNOWN;
  PKI_X509_EXTENSION *ext = NULL;

  if ( !x || !id ) return NULL;

  if((nid = PKI_OID_get_id ( id )) == PKI_ID_UNKNOWN ) {
    return NULL;
  }

  if(( ext = PKI_X509_EXTENSION_new()) == NULL ) {
    return NULL;
  }

  if((ext->value = X509_get_ext_d2i ( x->value, nid, 
            NULL, NULL )) == NULL ) {
    PKI_X509_EXTENSION_free ( ext );
    return ( NULL );
  }
  
  return ext;
}
Exemple #3
0
PKI_X509_PKCS7_TYPE PKI_X509_PKCS7_get_type ( PKI_X509_PKCS7 *p7 ) {

	PKI_ID type = PKI_ID_UNKNOWN;
	PKI_X509_PKCS7_VALUE *value = NULL;

	if(!p7 || !p7->value ) {
		PKI_log_debug ( "PKI_X509_PKCS7_get_type()::No Message!");
		return PKI_X509_PKCS7_TYPE_UNKNOWN;
	}

	value = p7->value;

	if(!value->type ) {
		PKI_log_debug ( "PKI_X509_PKCS7_get_type()::No Message Type!");
		return PKI_X509_PKCS7_TYPE_UNKNOWN;
	}

	type = PKI_OID_get_id( value->type );

	switch ( type ) {
		case NID_pkcs7_enveloped:
			return PKI_X509_PKCS7_TYPE_ENCRYPTED;
			break;
		case NID_pkcs7_signed:
			return PKI_X509_PKCS7_TYPE_SIGNED;
			break;
		case NID_pkcs7_signedAndEnveloped:
			return PKI_X509_PKCS7_TYPE_SIGNEDANDENCRYPTED;
			break;
		case NID_pkcs7_data:
			return PKI_X509_PKCS7_TYPE_DATA;
			break;
		default:
			return PKI_X509_PKCS7_TYPE_UNKNOWN;
	}
}
Exemple #4
0
int PKI_X509_PKCS7_VALUE_print_bio ( PKI_IO *bio, 
				PKI_X509_PKCS7_VALUE *p7val ) {

	int type;
	int i,j;

	int cert_num = -1;
	int crl_num = -1;
	int signers_num = -1;
	char *tmp_str = NULL;

	PKI_X509_PKCS7 *msg = NULL;
	PKCS7_SIGNER_INFO *si = NULL;
	PKI_X509_CERT *cert = NULL;
	PKI_DIGEST *digest = NULL;
	PKI_MEM *mem = NULL;

	if (!bio || !p7val ) return PKI_ERR;

	if (( msg = PKI_X509_new_dup_value ( PKI_DATATYPE_X509_PKCS7,
				p7val, NULL )) == NULL ) {
		return PKI_ERR;
	}

	type = PKI_X509_PKCS7_get_type ( msg );

	BIO_printf( bio, "PKCS#7 Message:\r\n" );
	BIO_printf( bio, "    Message Type:\r\n        " );

	switch ( type ) {
		case PKI_X509_PKCS7_TYPE_ENCRYPTED:
			BIO_printf( bio, "Encrypted\r\n" );
			break;
		case PKI_X509_PKCS7_TYPE_SIGNED:
			BIO_printf( bio, "Signed\r\n" );
			break;
		case PKI_X509_PKCS7_TYPE_SIGNEDANDENCRYPTED:
			BIO_printf( bio, "Signed and Encrypted\r\n" );
			break;
		default:
			BIO_printf( bio, "Unknown (%d)\r\n", type );
			break;
	}

	BIO_printf( bio, "    Message Data:\r\n");
	if (( mem = PKI_X509_PKCS7_get_raw_data ( msg )) == NULL ) {
		BIO_printf( bio, "        None.\r\n");
	} else {
		int msg_type = 0;

		BIO_printf( bio, "        Size=%u bytes\r\n", 
						(unsigned int) mem->size );

		msg_type = PKI_X509_PKCS7_get_type ( msg );
		if ( msg_type == PKI_X509_PKCS7_TYPE_ENCRYPTED ||
				msg_type == 
					PKI_X509_PKCS7_TYPE_SIGNEDANDENCRYPTED){
			BIO_printf( bio, "        Encrypted=yes\r\n");
			BIO_printf( bio, "        Algorithm=%s\r\n",
				PKI_ALGOR_get_parsed (
					PKI_X509_PKCS7_get_encode_alg ( msg )));
		} else {
			BIO_printf( bio, "        Encrypted=no\r\n");
		}
		PKI_MEM_free ( mem );
	}

	i = 0;
	if (( si = PKI_X509_PKCS7_get_signer_info ( msg, i )) == NULL ) {
		BIO_printf(bio, "    Signature Info:\r\n" );
		BIO_printf(bio, "        No Signature found.\r\n" );
	}

	// Print the Signer Info
	BIO_printf( bio, "    Signer Info:\r\n");
	signers_num = PKI_X509_PKCS7_get_signers_num ( msg );
	for ( i = 0; i < signers_num; i++ ) {
		PKCS7_ISSUER_AND_SERIAL *ias = NULL;

		BIO_printf ( bio, "        [%d of %d] Signer Details:\r\n", 
							i+1, signers_num );

		if (( si = PKI_X509_PKCS7_get_signer_info ( msg, i )) == NULL )
			break;

		if((ias = si->issuer_and_serial) == NULL ) {
			BIO_printf ( bio, "            "
						"ERROR::Missing Info!\r\n");
		} else { 
			tmp_str = PKI_INTEGER_get_parsed ( ias->serial );
			BIO_printf ( bio, "            Serial=%s\r\n", tmp_str );
			PKI_Free ( tmp_str );

			tmp_str = PKI_X509_NAME_get_parsed ( ias->issuer );
			BIO_printf ( bio, "            Issuer=%s\r\n", tmp_str );
			PKI_Free ( tmp_str );
		}

		if ( si->digest_enc_alg ) {
			BIO_printf( bio, "            "
					"Encryption Algoritm=%s\r\n",
				PKI_ALGOR_get_parsed ( si->digest_enc_alg ));
		}

		if ( si->digest_alg ) {
			BIO_printf( bio, "            Digest Algorithm=%s\r\n",
				PKI_ALGOR_get_parsed ( si->digest_alg ));
		}

		BIO_printf( bio, "        Signed Attributes:\r\n");
		if ( si->auth_attr ) {
			PKI_X509_ATTRIBUTE *a = NULL;
			int attr_num = 0;
			char * tmp_str = NULL;

			for ( attr_num = 0; attr_num < 
				PKI_STACK_X509_ATTRIBUTE_elements ( 
					si->auth_attr ); attr_num++ ) {

				a = PKI_STACK_X509_ATTRIBUTE_get_num ( 
					si->auth_attr, attr_num );

				if ( PKI_OID_get_id ( a->object ) == 
						 NID_pkcs9_messageDigest ) {
					tmp_str = PKI_X509_ATTRIBUTE_get_parsed 
									( a );
					
					BIO_printf( bio, "            "
							"Message Digest:");
					for ( j=0; j < strlen(tmp_str); j++ ) {
						if ( ( j % 60 ) == 0 ) {
							BIO_printf (bio, 
							    "\r\n                ");
						}
						BIO_printf(bio,"%c",tmp_str[j]);
					} BIO_printf( bio, "\r\n");
					// PKI_Free ( tmp_str );

				} else {
					BIO_printf( bio, "            %s=",
						PKI_X509_ATTRIBUTE_get_descr (
							 a ) );
					tmp_str=
					      PKI_X509_ATTRIBUTE_get_parsed(a);
					BIO_printf( bio, "%s\r\n", tmp_str );
					PKI_Free ( tmp_str );
				}
			
			}
		} else {
			BIO_printf( bio, "            None.\r\n");
		}

		BIO_printf( bio,"        Non Signed Attributes:\r\n");
		if ( si->unauth_attr ) {
			PKI_X509_ATTRIBUTE *a = NULL;
			int attr_num = 0;
			char * tmp_str = NULL;

			for ( attr_num = 0; attr_num < 
				PKI_STACK_X509_ATTRIBUTE_elements ( 
					si->auth_attr ); attr_num++ ) {

				a = PKI_STACK_X509_ATTRIBUTE_get_num ( 
					si->auth_attr, attr_num );

				BIO_printf( bio, "            %s=",
					PKI_X509_ATTRIBUTE_get_descr ( a ) );
			
				tmp_str = PKI_X509_ATTRIBUTE_get_parsed ( a );
				BIO_printf( bio, "%s\r\n", tmp_str );
				PKI_Free ( tmp_str );
			}
			BIO_printf( bio, "\r\n");
		} else {
			BIO_printf( bio, "            None.\r\n");
		}
	}
	
	BIO_printf( bio, "\r\n    Recipients Info:\r\n");
	if( PKI_X509_PKCS7_has_recipients ( msg ) == PKI_ERR ) {
		BIO_printf( bio, "        No Recipients\r\n");
	} else {
		int rec_num = 0;
		PKI_X509_CERT *rec = NULL;

		rec_num = PKI_X509_PKCS7_get_recipients_num ( msg );
		for ( i=0; i < rec_num; i++ ) {
			rec = PKI_X509_PKCS7_get_recipient_cert ( msg, i );
			if ( !rec ) {
				PKCS7_RECIP_INFO *ri = NULL;
				PKCS7_ISSUER_AND_SERIAL *ias = NULL;

				BIO_printf( bio, "        "
					"[%d of %d] Recipient Details:\r\n", 
						i+1, rec_num );

				ri = PKI_X509_PKCS7_get_recipient_info ( msg,i);
				if (!ri) {
					BIO_printf(bio,"            <ERROR>");
					continue;
				}

				if((ias = ri->issuer_and_serial) != NULL ) {

					tmp_str = PKI_INTEGER_get_parsed (
						ias->serial );
					BIO_printf( bio, "            "
						"Serial=%s\r\n", tmp_str );
					PKI_Free ( tmp_str );
			
					tmp_str = PKI_X509_NAME_get_parsed (
						ias->issuer );
					BIO_printf( bio, "            "
						"Issuer=%s\r\n", tmp_str );
					PKI_Free ( tmp_str );

					BIO_printf( bio, "            "
						"Key Encoding Algorithm=%s\r\n",
						PKI_ALGOR_get_parsed (
							ri->key_enc_algor ));
				}

			} else {

				BIO_printf( bio, "        "
					"[%d] Recipient Certificate:\r\n", i );

				tmp_str = PKI_X509_CERT_get_parsed( cert, 
							PKI_X509_DATA_SUBJECT );

				BIO_printf( bio, "            "
						"Subject=%s\r\n", tmp_str);
				PKI_Free ( tmp_str );
			}
		}
	}

	/* Now Let's Check the CRLs */

	BIO_printf(bio, "\r\n    Certificates:\r\n");
	if ((cert_num = PKI_X509_PKCS7_get_certs_num ( msg )) > 0 ) {
		PKI_X509_CERT * cert = NULL;
		for (i = 0; i < cert_num; i++ ) {
			BIO_printf( bio, "        [%d of %d] Certificate:\r\n",
				 i+1, cert_num);
			if((cert = PKI_X509_PKCS7_get_cert ( msg, i )) == NULL ) {
				BIO_printf( bio, "            Error.\r\n");
				continue;
			};
			tmp_str = PKI_X509_CERT_get_parsed( cert, 
							PKI_X509_DATA_SERIAL );
			BIO_printf( bio, "            Serial=%s\r\n", 
								tmp_str );
			PKI_Free ( tmp_str );
			
			tmp_str = PKI_X509_CERT_get_parsed( cert, 
							PKI_X509_DATA_ISSUER );
			BIO_printf( bio, "            Issuer=%s\r\n", tmp_str );
			PKI_Free ( tmp_str );

			tmp_str = PKI_X509_CERT_get_parsed( cert, 
							PKI_X509_DATA_SUBJECT );

			BIO_printf( bio, "            Subject=%s\r\n", tmp_str);
			PKI_Free ( tmp_str );

			digest = PKI_X509_CERT_fingerprint( cert, 
						PKI_DIGEST_ALG_DEFAULT );
			tmp_str =  PKI_DIGEST_get_parsed ( digest );

			BIO_printf( bio, "            Fingerprint [%s]:",
				PKI_DIGEST_ALG_get_parsed ( 
					PKI_DIGEST_ALG_DEFAULT ));

			for ( j=0; j < strlen(tmp_str); j++ ) {
				if ( ( j % 60 ) == 0 ) {
					BIO_printf (bio,"\r\n                ");
				}
				BIO_printf( bio, "%c", tmp_str[j] );
			} BIO_printf( bio, "\r\n");

			PKI_DIGEST_free ( digest );
			PKI_Free ( tmp_str );

			PKI_X509_CERT_free ( cert );

			// X509_signature_print(bp, 
			// 	br->signatureAlgorithm, br->signature);

		}
	} else {
		BIO_printf( bio, "            None.\r\n");
	}

	BIO_printf(bio, "\r\n    Certificate Revocation Lists:\r\n");
	if((crl_num = PKI_X509_PKCS7_get_crls_num ( msg )) > 0 ) {
		PKI_X509_CRL * crl  = NULL;
		for ( i = 0; i < crl_num; i++ ) {
			BIO_printf( bio, "        [%d of %d] CRL Details:\r\n", 
				i+1, crl_num );

			if(( crl = PKI_X509_PKCS7_get_crl ( msg, i )) == NULL ) {
				BIO_printf(bio,"            ERROR::Missing Data\r\n");
				continue;
			}

			tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_VERSION);
			BIO_printf( bio, "            Version=%s\r\n", tmp_str );
			PKI_Free ( tmp_str );
		
			// tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_SERIAL);
			// BIO_printf( bio, "            Serial=%s\r\n", tmp_str );
			// PKI_Free ( tmp_str );
			
			tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_ISSUER);
			BIO_printf( bio, "            Issuer=%s\r\n", tmp_str );
			PKI_Free ( tmp_str );

			tmp_str = PKI_X509_CRL_get_parsed(crl,
							PKI_X509_DATA_ALGORITHM);
			BIO_printf( bio, "            Algorithm=%s\r\n", tmp_str );
			PKI_Free ( tmp_str );
			
			tmp_str = PKI_X509_CRL_get_parsed(crl,
							PKI_X509_DATA_NOTBEFORE);
			BIO_printf( bio, "            Not Before=%s\r\n", tmp_str );
			PKI_Free ( tmp_str );
			
			tmp_str = PKI_X509_CRL_get_parsed(crl,
							PKI_X509_DATA_NOTAFTER);
			BIO_printf( bio, "            Not After=%s\r\n", tmp_str );
			PKI_Free ( tmp_str );
			
			PKI_X509_CRL_free ( crl );
		}
	} else {
		BIO_printf( bio, "            None.\r\n");
	}
	BIO_printf(bio, "\r\n");

	return PKI_OK;
}