char * PKI_X509_CERT_get_parsed(const PKI_X509_CERT *x, PKI_X509_DATA type ) { char *ret = NULL; PKI_X509_KEYPAIR *k = NULL; const PKI_X509_KEYPAIR_VALUE *pkey = NULL; if( !x ) return (NULL); switch( type ) { case PKI_X509_DATA_SERIAL: ret = PKI_INTEGER_get_parsed((PKI_INTEGER *) PKI_X509_CERT_get_data(x, type)); break; case PKI_X509_DATA_SUBJECT: case PKI_X509_DATA_ISSUER: ret = PKI_X509_NAME_get_parsed((PKI_X509_NAME *) PKI_X509_CERT_get_data(x, type)); break; case PKI_X509_DATA_NOTBEFORE: case PKI_X509_DATA_NOTAFTER: ret = PKI_TIME_get_parsed((PKI_TIME *)PKI_X509_CERT_get_data(x, type)); break; case PKI_X509_DATA_ALGORITHM: ret = (char *) PKI_ALGOR_get_parsed((PKI_ALGOR *) PKI_X509_CERT_get_data(x,type)); break; case PKI_X509_DATA_PUBKEY: case PKI_X509_DATA_KEYPAIR_VALUE: if ((pkey = PKI_X509_CERT_get_data(x, type)) != NULL) { k = PKI_X509_new_dup_value(PKI_DATATYPE_X509_KEYPAIR, pkey, NULL); ret = PKI_X509_KEYPAIR_get_parsed( k ); PKI_X509_KEYPAIR_free(k); } break; case PKI_X509_DATA_KEYSIZE: PKI_ERROR(PKI_ERR_PARAM_TYPE, "Deprecated Cert Datatype"); break; case PKI_X509_DATA_CERT_TYPE: case PKI_X509_DATA_SIGNATURE: case PKI_X509_DATA_EXTENSIONS: default: /* Not Recognized/Supported DATATYPE */ return (NULL); } return (ret); }
char * PKI_X509_CRL_get_parsed(const PKI_X509_CRL *x, PKI_X509_DATA type ) { char *ret = NULL; const PKI_ALGOR *al = NULL; if (!x || !x->value) return NULL; switch (type) { case PKI_X509_DATA_VERSION: ret = PKI_INTEGER_get_parsed( PKI_X509_CRL_get_data(x, type)); if (!ret) ret = strdup("NONE"); break; case PKI_X509_DATA_ISSUER: ret = PKI_X509_NAME_get_parsed( PKI_X509_CRL_get_data(x, type)); if (!ret) ret = strdup("NONE"); break; case PKI_X509_DATA_ALGORITHM: if ((al = PKI_X509_CRL_get_data(x, type)) != NULL) ret = strdup(PKI_OID_get_descr(al->algorithm)); else ret = strdup("NONE"); break; case PKI_X509_DATA_LASTUPDATE: case PKI_X509_DATA_NEXTUPDATE: case PKI_X509_DATA_NOTBEFORE: case PKI_X509_DATA_NOTAFTER: ret = PKI_TIME_get_parsed( PKI_X509_CRL_get_data(x, type)); if (!ret) ret = strdup("NONE"); break; default: /* Not Recognized/Supported DATATYPE */ return NULL; } return ret; }
int PKI_X509_PKCS7_VALUE_print_bio ( PKI_IO *bio, PKI_X509_PKCS7_VALUE *p7val ) { int type; int i,j; int cert_num = -1; int crl_num = -1; int signers_num = -1; char *tmp_str = NULL; PKI_X509_PKCS7 *msg = NULL; PKCS7_SIGNER_INFO *si = NULL; PKI_X509_CERT *cert = NULL; PKI_DIGEST *digest = NULL; PKI_MEM *mem = NULL; if (!bio || !p7val ) return PKI_ERR; if (( msg = PKI_X509_new_dup_value ( PKI_DATATYPE_X509_PKCS7, p7val, NULL )) == NULL ) { return PKI_ERR; } type = PKI_X509_PKCS7_get_type ( msg ); BIO_printf( bio, "PKCS#7 Message:\r\n" ); BIO_printf( bio, " Message Type:\r\n " ); switch ( type ) { case PKI_X509_PKCS7_TYPE_ENCRYPTED: BIO_printf( bio, "Encrypted\r\n" ); break; case PKI_X509_PKCS7_TYPE_SIGNED: BIO_printf( bio, "Signed\r\n" ); break; case PKI_X509_PKCS7_TYPE_SIGNEDANDENCRYPTED: BIO_printf( bio, "Signed and Encrypted\r\n" ); break; default: BIO_printf( bio, "Unknown (%d)\r\n", type ); break; } BIO_printf( bio, " Message Data:\r\n"); if (( mem = PKI_X509_PKCS7_get_raw_data ( msg )) == NULL ) { BIO_printf( bio, " None.\r\n"); } else { int msg_type = 0; BIO_printf( bio, " Size=%u bytes\r\n", (unsigned int) mem->size ); msg_type = PKI_X509_PKCS7_get_type ( msg ); if ( msg_type == PKI_X509_PKCS7_TYPE_ENCRYPTED || msg_type == PKI_X509_PKCS7_TYPE_SIGNEDANDENCRYPTED){ BIO_printf( bio, " Encrypted=yes\r\n"); BIO_printf( bio, " Algorithm=%s\r\n", PKI_ALGOR_get_parsed ( PKI_X509_PKCS7_get_encode_alg ( msg ))); } else { BIO_printf( bio, " Encrypted=no\r\n"); } PKI_MEM_free ( mem ); } i = 0; if (( si = PKI_X509_PKCS7_get_signer_info ( msg, i )) == NULL ) { BIO_printf(bio, " Signature Info:\r\n" ); BIO_printf(bio, " No Signature found.\r\n" ); } // Print the Signer Info BIO_printf( bio, " Signer Info:\r\n"); signers_num = PKI_X509_PKCS7_get_signers_num ( msg ); for ( i = 0; i < signers_num; i++ ) { PKCS7_ISSUER_AND_SERIAL *ias = NULL; BIO_printf ( bio, " [%d of %d] Signer Details:\r\n", i+1, signers_num ); if (( si = PKI_X509_PKCS7_get_signer_info ( msg, i )) == NULL ) break; if((ias = si->issuer_and_serial) == NULL ) { BIO_printf ( bio, " " "ERROR::Missing Info!\r\n"); } else { tmp_str = PKI_INTEGER_get_parsed ( ias->serial ); BIO_printf ( bio, " Serial=%s\r\n", tmp_str ); PKI_Free ( tmp_str ); tmp_str = PKI_X509_NAME_get_parsed ( ias->issuer ); BIO_printf ( bio, " Issuer=%s\r\n", tmp_str ); PKI_Free ( tmp_str ); } if ( si->digest_enc_alg ) { BIO_printf( bio, " " "Encryption Algoritm=%s\r\n", PKI_ALGOR_get_parsed ( si->digest_enc_alg )); } if ( si->digest_alg ) { BIO_printf( bio, " Digest Algorithm=%s\r\n", PKI_ALGOR_get_parsed ( si->digest_alg )); } BIO_printf( bio, " Signed Attributes:\r\n"); if ( si->auth_attr ) { PKI_X509_ATTRIBUTE *a = NULL; int attr_num = 0; char * tmp_str = NULL; for ( attr_num = 0; attr_num < PKI_STACK_X509_ATTRIBUTE_elements ( si->auth_attr ); attr_num++ ) { a = PKI_STACK_X509_ATTRIBUTE_get_num ( si->auth_attr, attr_num ); if ( PKI_OID_get_id ( a->object ) == NID_pkcs9_messageDigest ) { tmp_str = PKI_X509_ATTRIBUTE_get_parsed ( a ); BIO_printf( bio, " " "Message Digest:"); for ( j=0; j < strlen(tmp_str); j++ ) { if ( ( j % 60 ) == 0 ) { BIO_printf (bio, "\r\n "); } BIO_printf(bio,"%c",tmp_str[j]); } BIO_printf( bio, "\r\n"); // PKI_Free ( tmp_str ); } else { BIO_printf( bio, " %s=", PKI_X509_ATTRIBUTE_get_descr ( a ) ); tmp_str= PKI_X509_ATTRIBUTE_get_parsed(a); BIO_printf( bio, "%s\r\n", tmp_str ); PKI_Free ( tmp_str ); } } } else { BIO_printf( bio, " None.\r\n"); } BIO_printf( bio," Non Signed Attributes:\r\n"); if ( si->unauth_attr ) { PKI_X509_ATTRIBUTE *a = NULL; int attr_num = 0; char * tmp_str = NULL; for ( attr_num = 0; attr_num < PKI_STACK_X509_ATTRIBUTE_elements ( si->auth_attr ); attr_num++ ) { a = PKI_STACK_X509_ATTRIBUTE_get_num ( si->auth_attr, attr_num ); BIO_printf( bio, " %s=", PKI_X509_ATTRIBUTE_get_descr ( a ) ); tmp_str = PKI_X509_ATTRIBUTE_get_parsed ( a ); BIO_printf( bio, "%s\r\n", tmp_str ); PKI_Free ( tmp_str ); } BIO_printf( bio, "\r\n"); } else { BIO_printf( bio, " None.\r\n"); } } BIO_printf( bio, "\r\n Recipients Info:\r\n"); if( PKI_X509_PKCS7_has_recipients ( msg ) == PKI_ERR ) { BIO_printf( bio, " No Recipients\r\n"); } else { int rec_num = 0; PKI_X509_CERT *rec = NULL; rec_num = PKI_X509_PKCS7_get_recipients_num ( msg ); for ( i=0; i < rec_num; i++ ) { rec = PKI_X509_PKCS7_get_recipient_cert ( msg, i ); if ( !rec ) { PKCS7_RECIP_INFO *ri = NULL; PKCS7_ISSUER_AND_SERIAL *ias = NULL; BIO_printf( bio, " " "[%d of %d] Recipient Details:\r\n", i+1, rec_num ); ri = PKI_X509_PKCS7_get_recipient_info ( msg,i); if (!ri) { BIO_printf(bio," <ERROR>"); continue; } if((ias = ri->issuer_and_serial) != NULL ) { tmp_str = PKI_INTEGER_get_parsed ( ias->serial ); BIO_printf( bio, " " "Serial=%s\r\n", tmp_str ); PKI_Free ( tmp_str ); tmp_str = PKI_X509_NAME_get_parsed ( ias->issuer ); BIO_printf( bio, " " "Issuer=%s\r\n", tmp_str ); PKI_Free ( tmp_str ); BIO_printf( bio, " " "Key Encoding Algorithm=%s\r\n", PKI_ALGOR_get_parsed ( ri->key_enc_algor )); } } else { BIO_printf( bio, " " "[%d] Recipient Certificate:\r\n", i ); tmp_str = PKI_X509_CERT_get_parsed( cert, PKI_X509_DATA_SUBJECT ); BIO_printf( bio, " " "Subject=%s\r\n", tmp_str); PKI_Free ( tmp_str ); } } } /* Now Let's Check the CRLs */ BIO_printf(bio, "\r\n Certificates:\r\n"); if ((cert_num = PKI_X509_PKCS7_get_certs_num ( msg )) > 0 ) { PKI_X509_CERT * cert = NULL; for (i = 0; i < cert_num; i++ ) { BIO_printf( bio, " [%d of %d] Certificate:\r\n", i+1, cert_num); if((cert = PKI_X509_PKCS7_get_cert ( msg, i )) == NULL ) { BIO_printf( bio, " Error.\r\n"); continue; }; tmp_str = PKI_X509_CERT_get_parsed( cert, PKI_X509_DATA_SERIAL ); BIO_printf( bio, " Serial=%s\r\n", tmp_str ); PKI_Free ( tmp_str ); tmp_str = PKI_X509_CERT_get_parsed( cert, PKI_X509_DATA_ISSUER ); BIO_printf( bio, " Issuer=%s\r\n", tmp_str ); PKI_Free ( tmp_str ); tmp_str = PKI_X509_CERT_get_parsed( cert, PKI_X509_DATA_SUBJECT ); BIO_printf( bio, " Subject=%s\r\n", tmp_str); PKI_Free ( tmp_str ); digest = PKI_X509_CERT_fingerprint( cert, PKI_DIGEST_ALG_DEFAULT ); tmp_str = PKI_DIGEST_get_parsed ( digest ); BIO_printf( bio, " Fingerprint [%s]:", PKI_DIGEST_ALG_get_parsed ( PKI_DIGEST_ALG_DEFAULT )); for ( j=0; j < strlen(tmp_str); j++ ) { if ( ( j % 60 ) == 0 ) { BIO_printf (bio,"\r\n "); } BIO_printf( bio, "%c", tmp_str[j] ); } BIO_printf( bio, "\r\n"); PKI_DIGEST_free ( digest ); PKI_Free ( tmp_str ); PKI_X509_CERT_free ( cert ); // X509_signature_print(bp, // br->signatureAlgorithm, br->signature); } } else { BIO_printf( bio, " None.\r\n"); } BIO_printf(bio, "\r\n Certificate Revocation Lists:\r\n"); if((crl_num = PKI_X509_PKCS7_get_crls_num ( msg )) > 0 ) { PKI_X509_CRL * crl = NULL; for ( i = 0; i < crl_num; i++ ) { BIO_printf( bio, " [%d of %d] CRL Details:\r\n", i+1, crl_num ); if(( crl = PKI_X509_PKCS7_get_crl ( msg, i )) == NULL ) { BIO_printf(bio," ERROR::Missing Data\r\n"); continue; } tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_VERSION); BIO_printf( bio, " Version=%s\r\n", tmp_str ); PKI_Free ( tmp_str ); // tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_SERIAL); // BIO_printf( bio, " Serial=%s\r\n", tmp_str ); // PKI_Free ( tmp_str ); tmp_str = PKI_X509_CRL_get_parsed(crl,PKI_X509_DATA_ISSUER); BIO_printf( bio, " Issuer=%s\r\n", tmp_str ); PKI_Free ( tmp_str ); tmp_str = PKI_X509_CRL_get_parsed(crl, PKI_X509_DATA_ALGORITHM); BIO_printf( bio, " Algorithm=%s\r\n", tmp_str ); PKI_Free ( tmp_str ); tmp_str = PKI_X509_CRL_get_parsed(crl, PKI_X509_DATA_NOTBEFORE); BIO_printf( bio, " Not Before=%s\r\n", tmp_str ); PKI_Free ( tmp_str ); tmp_str = PKI_X509_CRL_get_parsed(crl, PKI_X509_DATA_NOTAFTER); BIO_printf( bio, " Not After=%s\r\n", tmp_str ); PKI_Free ( tmp_str ); PKI_X509_CRL_free ( crl ); } } else { BIO_printf( bio, " None.\r\n"); } BIO_printf(bio, "\r\n"); return PKI_OK; }