Print subject alt name in x509_crt_info()
This commit is contained in:
parent
919f8f5829
commit
bce2b30855
2 changed files with 50 additions and 10 deletions
|
@ -341,20 +341,15 @@ static int x509_get_subject_alt_name( unsigned char **p,
|
||||||
return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
|
return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
|
||||||
POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
|
POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
|
||||||
|
|
||||||
|
/* Skip everything but DNS name */
|
||||||
if( tag != ( ASN1_CONTEXT_SPECIFIC | 2 ) )
|
if( tag != ( ASN1_CONTEXT_SPECIFIC | 2 ) )
|
||||||
{
|
{
|
||||||
*p += tag_len;
|
*p += tag_len;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
buf = &(cur->buf);
|
|
||||||
buf->tag = tag;
|
|
||||||
buf->p = *p;
|
|
||||||
buf->len = tag_len;
|
|
||||||
*p += buf->len;
|
|
||||||
|
|
||||||
/* Allocate and assign next pointer */
|
/* Allocate and assign next pointer */
|
||||||
if (*p < end)
|
if( cur->buf.p != NULL )
|
||||||
{
|
{
|
||||||
cur->next = (asn1_sequence *) polarssl_malloc(
|
cur->next = (asn1_sequence *) polarssl_malloc(
|
||||||
sizeof( asn1_sequence ) );
|
sizeof( asn1_sequence ) );
|
||||||
|
@ -366,6 +361,12 @@ static int x509_get_subject_alt_name( unsigned char **p,
|
||||||
memset( cur->next, 0, sizeof( asn1_sequence ) );
|
memset( cur->next, 0, sizeof( asn1_sequence ) );
|
||||||
cur = cur->next;
|
cur = cur->next;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
buf = &(cur->buf);
|
||||||
|
buf->tag = tag;
|
||||||
|
buf->p = *p;
|
||||||
|
buf->len = tag_len;
|
||||||
|
*p += buf->len;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Set final sequence entry's next pointer to NULL */
|
/* Set final sequence entry's next pointer to NULL */
|
||||||
|
@ -1099,6 +1100,38 @@ static int compat_snprintf(char *str, size_t size, const char *format, ...)
|
||||||
p += (unsigned int) ret; \
|
p += (unsigned int) ret; \
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int x509_info_subject_alt_name( char **buf, size_t *size,
|
||||||
|
const x509_sequence *subject_alt_name )
|
||||||
|
{
|
||||||
|
size_t i;
|
||||||
|
size_t n = *size;
|
||||||
|
char *p = *buf;
|
||||||
|
const x509_sequence *cur = subject_alt_name;
|
||||||
|
|
||||||
|
while( cur != NULL )
|
||||||
|
{
|
||||||
|
if( cur->buf.len + 1 >= n )
|
||||||
|
{
|
||||||
|
*p = '\0';
|
||||||
|
return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL );
|
||||||
|
}
|
||||||
|
|
||||||
|
n -= cur->buf.len + 1;
|
||||||
|
*p++ = ' ';
|
||||||
|
for( i = 0; i < cur->buf.len; i++ )
|
||||||
|
*p++ = cur->buf.p[i];
|
||||||
|
|
||||||
|
cur = cur->next;
|
||||||
|
}
|
||||||
|
|
||||||
|
*p = '\0';
|
||||||
|
|
||||||
|
*size = n;
|
||||||
|
*buf = p;
|
||||||
|
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
|
||||||
static int x509_info_cert_type( char **buf, size_t *size,
|
static int x509_info_cert_type( char **buf, size_t *size,
|
||||||
unsigned char ns_cert_type )
|
unsigned char ns_cert_type )
|
||||||
{
|
{
|
||||||
|
@ -1244,9 +1277,12 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
|
||||||
|
|
||||||
if( crt->ext_types & EXT_SUBJECT_ALT_NAME )
|
if( crt->ext_types & EXT_SUBJECT_ALT_NAME )
|
||||||
{
|
{
|
||||||
ret = snprintf( p, n, "\n%ssubject alt name : ", prefix );
|
ret = snprintf( p, n, "\n%ssubject alt name :", prefix );
|
||||||
SAFE_SNPRINTF();
|
SAFE_SNPRINTF();
|
||||||
/* TODO */
|
|
||||||
|
if( ( ret = x509_info_subject_alt_name( &p, &n,
|
||||||
|
&crt->subject_alt_names ) ) != 0 )
|
||||||
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( crt->ext_types & EXT_NS_CERT_TYPE )
|
if( crt->ext_types & EXT_NS_CERT_TYPE )
|
||||||
|
|
|
@ -66,6 +66,10 @@ X509 Certificate information, NS Cert Type
|
||||||
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
|
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
|
||||||
x509_cert_info:"data_files/server1.cert_type.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\ncert. type \: SSL Server\n"
|
x509_cert_info:"data_files/server1.cert_type.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\ncert. type \: SSL Server\n"
|
||||||
|
|
||||||
|
X509 Certificate information, NS Cert Type
|
||||||
|
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
|
||||||
|
x509_cert_info:"data_files/cert_example_multi.crt":"cert. version \: 3\nserial number \: 11\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=www.example.com\nissued on \: 2012-05-10 13\:23\:41\nexpires on \: 2022-05-11 13\:23\:41\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \: example.com example.net *.example.org\n"
|
||||||
|
|
||||||
X509 Certificate information RSA signed by EC
|
X509 Certificate information RSA signed by EC
|
||||||
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
|
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
|
||||||
x509_cert_info:"data_files/server4.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
|
x509_cert_info:"data_files/server4.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
|
||||||
|
@ -76,7 +80,7 @@ x509_cert_info:"data_files/server3.crt":"cert. version \: 3\nserial number
|
||||||
|
|
||||||
X509 certificate v1 with extension
|
X509 certificate v1 with extension
|
||||||
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C:POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
|
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C:POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
|
||||||
x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version \: 1\nserial number \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued on \: 2013-07-04 16\:17\:02\nexpires on \: 2014-07-04 16\:17\:02\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
|
x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version \: 1\nserial number \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued on \: 2013-07-04 16\:17\:02\nexpires on \: 2014-07-04 16\:17\:02\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nsubject alt name \: identity-check.org www.identity-check.org\n"
|
||||||
|
|
||||||
X509 CRL information #1
|
X509 CRL information #1
|
||||||
depends_on:POLARSSL_PEM_PARSE_C
|
depends_on:POLARSSL_PEM_PARSE_C
|
||||||
|
|
Loading…
Reference in a new issue