/* * Store the serial in printable form into buf; no more * than size characters will be written */ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ) { int ret; size_t i, n, nr; char *p; p = buf; n = size; nr = ( serial->len <= 32 ) ? serial->len : 28; for( i = 0; i < nr; i++ ) { if( i == 0 && nr > 1 && serial->p[i] == 0x0 ) continue; ret = polarssl_snprintf( p, n, "%02X%s", serial->p[i], ( i < nr - 1 ) ? ":" : "" ); SAFE_SNPRINTF(); } if( nr != serial->len ) { ret = polarssl_snprintf( p, n, "...." ); SAFE_SNPRINTF(); } return( (int) ( size - n ) ); }
/* * Store the name in printable form into buf; no more * than size characters will be written */ int x509_dn_gets( char *buf, size_t size, const x509_name *dn ) { int ret; size_t i, n; unsigned char c, merge = 0; const x509_name *name; const char *short_name = NULL; char s[X509_MAX_DN_NAME_SIZE], *p; memset( s, 0, sizeof( s ) ); name = dn; p = buf; n = size; while( name != NULL ) { if( !name->oid.p ) { name = name->next; continue; } if( name != dn ) { ret = polarssl_snprintf( p, n, merge ? " + " : ", " ); SAFE_SNPRINTF(); } ret = oid_get_attr_short_name( &name->oid, &short_name ); if( ret == 0 ) ret = polarssl_snprintf( p, n, "%s=", short_name ); else ret = polarssl_snprintf( p, n, "\?\?=" ); SAFE_SNPRINTF(); for( i = 0; i < name->val.len; i++ ) { if( i >= sizeof( s ) - 1 ) break; c = name->val.p[i]; if( c < 32 || c == 127 || ( c > 128 && c < 160 ) ) s[i] = '?'; else s[i] = c; } s[i] = '\0'; ret = polarssl_snprintf( p, n, "%s", s ); SAFE_SNPRINTF(); merge = name->next_merged; name = name->next; } return( (int) ( size - n ) ); }
/* * Helper for writing signature algorithms */ int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, pk_type_t pk_alg, md_type_t md_alg, const void *sig_opts ) { int ret; char *p = buf; size_t n = size; const char *desc = NULL; ret = oid_get_sig_alg_desc( sig_oid, &desc ); if( ret != 0 ) ret = polarssl_snprintf( p, n, "???" ); else ret = polarssl_snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); #if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) if( pk_alg == POLARSSL_PK_RSASSA_PSS ) { const pk_rsassa_pss_options *pss_opts; const md_info_t *md_info, *mgf_md_info; pss_opts = (const pk_rsassa_pss_options *) sig_opts; md_info = md_info_from_type( md_alg ); mgf_md_info = md_info_from_type( pss_opts->mgf1_hash_id ); ret = polarssl_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", md_info ? md_info->name : "???", mgf_md_info ? mgf_md_info->name : "???", pss_opts->expected_salt_len ); SAFE_SNPRINTF(); } #else ((void) pk_alg); ((void) md_alg); ((void) sig_opts); #endif /* POLARSSL_X509_RSASSA_PSS_SUPPORT */ return( (int)( size - n ) ); }
/* * Helper for writing "RSA key size", "EC key size", etc */ int x509_key_size_helper( char *buf, size_t size, const char *name ) { char *p = buf; size_t n = size; int ret; if( strlen( name ) + sizeof( " key size" ) > size ) return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); ret = polarssl_snprintf( p, n, "%s key size", name ); SAFE_SNPRINTF(); return( 0 ); }
/* * Return an informational string about the CSR. */ int x509_csr_info( char *buf, size_t size, const char *prefix, const x509_csr *csr ) { int ret; size_t n; char *p; const char *desc; char key_size_str[BEFORE_COLON]; p = buf; n = size; ret = snprintf( p, n, "%sCSR version : %d", prefix, csr->version ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%ssubject name : ", prefix ); SAFE_SNPRINTF(); ret = x509_dn_gets( p, n, &csr->subject ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); ret = oid_get_sig_alg_desc( &csr->sig_oid, &desc ); if( ret != 0 ) ret = snprintf( p, n, "???" ); else ret = snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, pk_get_name( &csr->pk ) ) ) != 0 ) { return( ret ); } ret = snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, (int) pk_get_size( &csr->pk ) ); SAFE_SNPRINTF(); return( (int) ( size - n ) ); }
/* * Return an informational string about the CRL. */ int x509_crl_info( char *buf, size_t size, const char *prefix, const x509_crl *crl ) { int ret; size_t n; char *p; const x509_crl_entry *entry; p = buf; n = size; ret = polarssl_snprintf( p, n, "%sCRL version : %d", prefix, crl->version ); SAFE_SNPRINTF(); ret = polarssl_snprintf( p, n, "\n%sissuer name : ", prefix ); SAFE_SNPRINTF(); ret = x509_dn_gets( p, n, &crl->issuer ); SAFE_SNPRINTF(); ret = polarssl_snprintf( p, n, "\n%sthis update : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crl->this_update.year, crl->this_update.mon, crl->this_update.day, crl->this_update.hour, crl->this_update.min, crl->this_update.sec ); SAFE_SNPRINTF(); ret = polarssl_snprintf( p, n, "\n%snext update : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crl->next_update.year, crl->next_update.mon, crl->next_update.day, crl->next_update.hour, crl->next_update.min, crl->next_update.sec ); SAFE_SNPRINTF(); entry = &crl->entry; ret = polarssl_snprintf( p, n, "\n%sRevoked certificates:", prefix ); SAFE_SNPRINTF(); while( entry != NULL && entry->raw.len != 0 ) { ret = polarssl_snprintf( p, n, "\n%sserial number: ", prefix ); SAFE_SNPRINTF(); ret = x509_serial_gets( p, n, &entry->serial ); SAFE_SNPRINTF(); ret = polarssl_snprintf( p, n, " revocation date: " \ "%04d-%02d-%02d %02d:%02d:%02d", entry->revocation_date.year, entry->revocation_date.mon, entry->revocation_date.day, entry->revocation_date.hour, entry->revocation_date.min, entry->revocation_date.sec ); SAFE_SNPRINTF(); entry = entry->next; } ret = polarssl_snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); ret = x509_sig_alg_gets( p, n, &crl->sig_oid1, crl->sig_pk, crl->sig_md, crl->sig_opts ); SAFE_SNPRINTF(); ret = polarssl_snprintf( p, n, "\n" ); SAFE_SNPRINTF(); return( (int) ( size - n ) ); }
int x509_crt_info( char *buf, size_t size, const char *prefix, const x509_crt *crt ) { int ret; size_t n; char *p; const char *desc = NULL; char key_size_str[BEFORE_COLON]; p = buf; n = size; ret = snprintf( p, n, "%scert. version : %d\n", prefix, crt->version ); SAFE_SNPRINTF(); ret = snprintf( p, n, "%sserial number : ", prefix ); SAFE_SNPRINTF(); ret = x509_serial_gets( p, n, &crt->serial); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%sissuer name : ", prefix ); SAFE_SNPRINTF(); ret = x509_dn_gets( p, n, &crt->issuer ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%ssubject name : ", prefix ); SAFE_SNPRINTF(); ret = x509_dn_gets( p, n, &crt->subject ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%sissued on : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crt->valid_from.year, crt->valid_from.mon, crt->valid_from.day, crt->valid_from.hour, crt->valid_from.min, crt->valid_from.sec ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%sexpires on : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crt->valid_to.year, crt->valid_to.mon, crt->valid_to.day, crt->valid_to.hour, crt->valid_to.min, crt->valid_to.sec ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); ret = oid_get_sig_alg_desc( &crt->sig_oid1, &desc ); if( ret != 0 ) ret = snprintf( p, n, "???" ); else ret = snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, pk_get_name( &crt->pk ) ) ) != 0 ) { return( ret ); } ret = snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, (int) pk_get_size( &crt->pk ) ); SAFE_SNPRINTF(); return( (int) ( size - n ) ); }