/*-
* gnutls_x509_pkcs7_extract_certificate_count - This function returns the number of certificates in a PKCS7 certificate set
* @pkcs7_struct: should contain a PKCS7 DER formatted structure
*
* This function will return the number of certifcates in the PKCS7 or
* RFC2630 certificate set.
*
* Returns a negative value on failure.
*
-*/
int
gnutls_x509_pkcs7_extract_certificate_count (const gnutls_datum_t *
pkcs7_struct)
{
gnutls_pkcs7_t pkcs7;
int result;
result = gnutls_pkcs7_init (&pkcs7);
if (result < 0)
return result;
result = gnutls_pkcs7_import (pkcs7, pkcs7_struct, GNUTLS_X509_FMT_DER);
if (result < 0)
{
gnutls_pkcs7_deinit (pkcs7);
return result;
}
result = gnutls_pkcs7_get_crt_count (pkcs7);
gnutls_pkcs7_deinit (pkcs7);
return result;
}
/**
* gnutls_pkcs7_crt_print:
* @pkcs7: The PKCS7 struct to be printed
* @format: Indicate the format to use
* @out: Newly allocated datum with null terminated string.
*
* This function will pretty print a signed PKCS #7 structure, suitable for
* display to a human.
*
* Currently the supported formats are %GNUTLS_CRT_PRINT_FULL and
* %GNUTLS_CRT_PRINT_COMPACT.
*
* The output @out needs to be deallocated using gnutls_free().
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
**/
int gnutls_pkcs7_print(gnutls_pkcs7_t pkcs7,
gnutls_certificate_print_formats_t format,
gnutls_datum_t * out)
{
int count, ret, i;
gnutls_pkcs7_signature_info_st info;
gnutls_buffer_st str;
const char *oid;
_gnutls_buffer_init(&str);
/* For backwards compatibility with structures using the default OID,
* we don't print the eContent Type explicitly */
oid = gnutls_pkcs7_get_embedded_data_oid(pkcs7);
if (oid) {
if (strcmp(oid, DATA_OID) != 0
&& strcmp(oid, DIGESTED_DATA_OID) != 0) {
addf(&str, "eContent Type: %s\n", oid);
}
}
for (i = 0;; i++) {
if (i == 0)
addf(&str, "Signers:\n");
ret = gnutls_pkcs7_get_signature_info(pkcs7, i, &info);
if (ret < 0)
break;
print_pkcs7_info(&info, &str, format);
gnutls_pkcs7_signature_info_deinit(&info);
}
if (format == GNUTLS_CRT_PRINT_FULL) {
gnutls_datum_t data, b64;
count = gnutls_pkcs7_get_crt_count(pkcs7);
if (count > 0) {
addf(&str, "Number of certificates: %u\n\n",
count);
for (i = 0; i < count; i++) {
ret =
gnutls_pkcs7_get_crt_raw2(pkcs7, i, &data);
if (ret < 0) {
addf(&str,
"Error: cannot print certificate %d\n",
i);
continue;
}
ret =
gnutls_pem_base64_encode_alloc
("CERTIFICATE", &data, &b64);
if (ret < 0) {
gnutls_free(data.data);
continue;
}
adds(&str, (char*)b64.data);
adds(&str, "\n");
gnutls_free(b64.data);
gnutls_free(data.data);
}
}
count = gnutls_pkcs7_get_crl_count(pkcs7);
if (count > 0) {
addf(&str, "Number of CRLs: %u\n\n", count);
for (i = 0; i < count; i++) {
ret =
gnutls_pkcs7_get_crl_raw2(pkcs7, i, &data);
if (ret < 0) {
addf(&str,
"Error: cannot print certificate %d\n",
i);
continue;
}
ret =
gnutls_pem_base64_encode_alloc("X509 CRL",
&data, &b64);
if (ret < 0) {
gnutls_free(data.data);
continue;
}
adds(&str, (char*)b64.data);
adds(&str, "\n");
gnutls_free(b64.data);
gnutls_free(data.data);
}
}
}
return _gnutls_buffer_to_datum(&str, out, 1);
}
