diff options
Diffstat (limited to 'apps')
-rw-r--r-- | apps/apps.c | 80 | ||||
-rw-r--r-- | apps/apps.h | 2 | ||||
-rw-r--r-- | apps/x509.c | 26 |
3 files changed, 96 insertions, 12 deletions
diff --git a/apps/apps.c b/apps/apps.c index 0781c4bf93..183a2b1d8a 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -653,3 +653,83 @@ end: return(othercerts); } +typedef struct { + char *name; + unsigned long flag; + unsigned long mask; +} NAME_EX_TBL; + +int set_name_ex(unsigned long *flags, const char *arg) +{ + char c; + const NAME_EX_TBL *ptbl, ex_tbl[] = { + { "esc_2253", ASN1_STRFLGS_ESC_2253, 0}, + { "esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0}, + { "esc_msb", ASN1_STRFLGS_ESC_MSB, 0}, + { "use_quote", ASN1_STRFLGS_ESC_QUOTE, 0}, + { "utf8", ASN1_STRFLGS_UTF8_CONVERT, 0}, + { "no_type", ASN1_STRFLGS_IGNORE_TYPE, 0}, + { "show_name", ASN1_STRFLGS_SHOW_NAME, 0}, + { "dump_all", ASN1_STRFLGS_DUMP_ALL, 0}, + { "dump_nostr", ASN1_STRFLGS_DUMP_UNKNOWN, 0}, + { "dump_der", ASN1_STRFLGS_DUMP_DER, 0}, + { "compat", XN_FLAG_COMPAT, 0xffffffffL}, + { "sep_comma_plus", XN_FLAG_SEP_COMMA_PLUS, XN_FLAG_SEP_MASK}, + { "sep_comma_plus_space", XN_FLAG_SEP_CPLUS_SPC, XN_FLAG_SEP_MASK}, + { "sep_semi_plus_space", XN_FLAG_SEP_SPLUS_SPC, XN_FLAG_SEP_MASK}, + { "sep_multiline", XN_FLAG_SEP_MULTILINE, XN_FLAG_SEP_MASK}, + { "dn_rev", XN_FLAG_DN_REV, 0}, + { "nofname", XN_FLAG_FN_NONE, XN_FLAG_FN_MASK}, + { "sname", XN_FLAG_FN_SN, XN_FLAG_FN_MASK}, + { "lname", XN_FLAG_FN_LN, XN_FLAG_FN_MASK}, + { "oid", XN_FLAG_FN_OID, XN_FLAG_FN_MASK}, + { "space_eq", XN_FLAG_SPC_EQ, 0}, + { "dump_unknown", XN_FLAG_DUMP_UNKNOWN_FIELDS, 0}, + { "RFC2253", XN_FLAG_RFC2253, 0xffffffffL}, + { "oneline", XN_FLAG_ONELINE, 0xffffffffL}, + { "multiline", XN_FLAG_MULTILINE, 0xffffffffL}, + { NULL, 0, 0} + }; + + c = arg[0]; + + if(c == '-') { + c = 0; + arg++; + } else if (c == '+') { + c = 1; + arg++; + } else c = 1; + + for(ptbl = ex_tbl; ptbl->name; ptbl++) { + if(!strcmp(arg, ptbl->name)) { + *flags &= ~ptbl->mask; + if(c) *flags |= ptbl->flag; + else *flags &= ~ptbl->flag; + return 1; + } + } + return 0; +} + +void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags) +{ + char buf[256]; + char mline = 0; + int indent = 0; + if(title) BIO_puts(out, title); + if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { + mline = 1; + indent = 4; + } + if(lflags == XN_FLAG_COMPAT) { + X509_NAME_oneline(nm,buf,256); + BIO_puts(out,buf); + BIO_puts(out, "\n"); + } else { + if(mline) BIO_puts(out, "\n"); + X509_NAME_print_ex(out, nm, indent, lflags); + BIO_puts(out, "\n"); + } +} + diff --git a/apps/apps.h b/apps/apps.h index df939e0f40..c44b21457a 100644 --- a/apps/apps.h +++ b/apps/apps.h @@ -145,7 +145,9 @@ void program_name(char *in,char *out,int size); int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]); #ifdef HEADER_X509_H int dump_cert_text(BIO *out, X509 *x); +void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags); #endif +int set_name_ex(unsigned long *flags, const char *arg); int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2); int add_oid_section(BIO *err, LHASH *conf); X509 *load_cert(BIO *err, char *file, int format); diff --git a/apps/x509.c b/apps/x509.c index 39fbb65971..a071b20f40 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -128,6 +128,7 @@ static char *x509_usage[]={ " -extfile - configuration file with X509V3 extensions to add\n", " -extensions - section from config file with X509V3 extensions to add\n", " -clrext - delete extensions before signing and input certificate\n", +" -nameopt arg - various certificate name options\n", NULL }; @@ -173,6 +174,7 @@ int MAIN(int argc, char **argv) char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL; int need_rand = 0; int checkend=0,checkoffset=0; + unsigned long nmflag = 0; reqfile=0; @@ -316,6 +318,11 @@ int MAIN(int argc, char **argv) alias= *(++argv); trustout = 1; } + else if (strcmp(*argv,"-nameopt") == 0) + { + if (--argc < 1) goto bad; + if(!set_name_ex(&nmflag, *(++argv))) goto bad; + } else if (strcmp(*argv,"-setalias") == 0) { if (--argc < 1) goto bad; @@ -524,9 +531,8 @@ bad: } else BIO_printf(bio_err,"Signature ok\n"); - - X509_NAME_oneline(req->req_info->subject,buf,256); - BIO_printf(bio_err,"subject=%s\n",buf); + + print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag); if ((x=X509_new()) == NULL) goto end; ci=x->cert_info; @@ -600,15 +606,13 @@ bad: { if (issuer == i) { - X509_NAME_oneline(X509_get_issuer_name(x), - buf,256); - BIO_printf(STDout,"issuer= %s\n",buf); + print_name(STDout, "issuer= ", + X509_get_issuer_name(x), nmflag); } else if (subject == i) { - X509_NAME_oneline(X509_get_subject_name(x), - buf,256); - BIO_printf(STDout,"subject=%s\n",buf); + print_name(STDout, "issuer= ", + X509_get_subject_name(x), nmflag); } else if (serial == i) { @@ -1082,7 +1086,6 @@ end: static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx) { - char buf[256]; int err; X509 *err_cert; @@ -1104,8 +1107,7 @@ static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx) else { err_cert=X509_STORE_CTX_get_current_cert(ctx); - X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256); - BIO_printf(bio_err,"%s\n",buf); + print_name(bio_err, NULL, X509_get_subject_name(err_cert),0); BIO_printf(bio_err,"error with certificate - error %d at depth %d\n%s\n", err,X509_STORE_CTX_get_error_depth(ctx), X509_verify_cert_error_string(err)); |