Tree - source-git/gnutls - CentOS Git server

source-git / gnutls

Blame lib/x509/output.c

Blob History Raw

Packit Service	4684c1	`/*`
Packit Service	4684c1	`* Copyright (C) 2007-2016 Free Software Foundation, Inc.`
Packit Service	4684c1	`* Copyright (C) 2015-2017 Red Hat, Inc.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* Author: Simon Josefsson, Nikos Mavrogiannopoulos`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* This file is part of GnuTLS.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* The GnuTLS is free software; you can redistribute it and/or`
Packit Service	4684c1	`* modify it under the terms of the GNU Lesser General Public License`
Packit Service	4684c1	`* as published by the Free Software Foundation; either version 2.1 of`
Packit Service	4684c1	`* the License, or (at your option) any later version.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* This library is distributed in the hope that it will be useful, but`
Packit Service	4684c1	`* WITHOUT ANY WARRANTY; without even the implied warranty of`
Packit Service	4684c1	`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU`
Packit Service	4684c1	`* Lesser General Public License for more details.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* You should have received a copy of the GNU Lesser General Public License`
Packit Service	4684c1	`* along with this program. If not, see <https://www.gnu.org/licenses/>`
Packit Service	4684c1	`*`
Packit Service	4684c1	`*/`
Packit Service	4684c1
Packit Service	4684c1	`/* Functions for printing X.509 Certificate structures`
Packit Service	4684c1	`*/`
Packit Service	4684c1
Packit Service	4684c1	`#include "gnutls_int.h"`
Packit Service	4684c1	`#include <common.h>`
Packit Service	4684c1	`#include <x509.h>`
Packit Service	4684c1	`#include <x509_int.h>`
Packit Service	4684c1	`#include <num.h>`
Packit Service	4684c1	`#include "errors.h"`
Packit Service	4684c1	`#include "hello_ext.h"`
Packit Service	4684c1	`#include "ip.h"`
Packit Service	4684c1
Packit Service	4684c1	`#define addf _gnutls_buffer_append_printf`
Packit Service	4684c1	`#define adds _gnutls_buffer_append_str`
Packit Service	4684c1
Packit Service	4684c1	`#define NON_NULL(x) (((x)!=NULL)?((char*)(x)):"")`
Packit Service	4684c1	`#define ERROR_STR (char*) "(error)"`
Packit Service	4684c1
Packit Service	4684c1	`static void print_idn_name(gnutls_buffer_st str, const char prefix, const char type, gnutls_datum_t name)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`unsigned printable = 1;`
Packit Service	4684c1	`unsigned is_printed = 0;`
Packit Service	4684c1	`gnutls_datum_t out = {NULL, 0};`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1
Packit Service	4684c1	`if (!_gnutls_str_is_print((char*)name->data, name->size))`
Packit Service	4684c1	`printable = 0;`
Packit Service	4684c1
Packit Service	4684c1	`is_printed = 0;`
Packit Service	4684c1	`if (!printable) {`
Packit Service	4684c1	`addf(str, _("%s%s: %.*s (contains illegal chars)\n"), prefix, type, name->size, NON_NULL(name->data));`
Packit Service	4684c1	`is_printed = 1;`
Packit Service	4684c1	`} else if (name->data != NULL) {`
Packit Service	4684c1	`if (strstr((char*)name->data, "xn--") != NULL) {`
Packit Service	4684c1	`ret = gnutls_idna_reverse_map((char*)name->data, name->size, &out, 0);`
Packit Service	4684c1	`if (ret >= 0) {`
Packit Service	4684c1	`addf(str, _("%s%s: %.*s (%s)\n"), prefix, type, name->size, NON_NULL(name->data), out.data);`
Packit Service	4684c1	`is_printed = 1;`
Packit Service	4684c1	`gnutls_free(out.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (is_printed == 0) {`
Packit Service	4684c1	`addf(str, _("%s%s: %.*s\n"), prefix, type, name->size, NON_NULL(name->data));`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_idn_email(gnutls_buffer_st str, const char prefix, const char type, gnutls_datum_t name)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`unsigned printable = 1;`
Packit Service	4684c1	`unsigned is_printed = 0;`
Packit Service	4684c1	`gnutls_datum_t out = {NULL, 0};`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1
Packit Service	4684c1	`if (!_gnutls_str_is_print((char*)name->data, name->size))`
Packit Service	4684c1	`printable = 0;`
Packit Service	4684c1
Packit Service	4684c1	`is_printed = 0;`
Packit Service	4684c1	`if (!printable) {`
Packit Service	4684c1	`addf(str, _("%s%s: %.*s (contains illegal chars)\n"), prefix, type, name->size, NON_NULL(name->data));`
Packit Service	4684c1	`is_printed = 1;`
Packit Service	4684c1	`} else if (name->data != NULL) {`
Packit Service	4684c1	`if (strstr((char*)name->data, "xn--") != NULL) {`
Packit Service	4684c1	`ret = _gnutls_idna_email_reverse_map((char*)name->data, name->size, &out;;`
Packit Service	4684c1	`if (ret >= 0) {`
Packit Service	4684c1	`addf(str, _("%s%s: %.*s (%s)\n"), prefix, type, name->size, NON_NULL(name->data), out.data);`
Packit Service	4684c1	`is_printed = 1;`
Packit Service	4684c1	`gnutls_free(out.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (is_printed == 0) {`
Packit Service	4684c1	`addf(str, _("%s%s: %.*s\n"), prefix, type, name->size, NON_NULL(name->data));`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_name(gnutls_buffer_st str, const char prefix, unsigned type, gnutls_datum_t *name, unsigned ip_is_cidr)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char sname = (char)name->data;`
Packit Service	4684c1	`char str_ip[64];`
Packit Service	4684c1	`const char *p;`
Packit Service	4684c1
Packit Service	4684c1	`if ((type == GNUTLS_SAN_DNSNAME \|\| type == GNUTLS_SAN_OTHERNAME_XMPP`
Packit Service	4684c1	`\|\| type == GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL`
Packit Service	4684c1	`\|\| type == GNUTLS_SAN_RFC822NAME`
Packit Service	4684c1	`\|\| type == GNUTLS_SAN_URI) && sname != NULL && strlen(sname) != name->size) {`
Packit Service	4684c1	`adds(str,`
Packit Service	4684c1	`_("warning: SAN contains an embedded NUL, "`
Packit Service	4684c1	`"replacing with '!'\n"));`
Packit Service	4684c1	`while (strlen(sname) < name->size)`
Packit Service	4684c1	`name->data[strlen(sname)] = '!';`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`switch (type) {`
Packit Service	4684c1	`case GNUTLS_SAN_DNSNAME:`
Packit Service	4684c1	`print_idn_name(str, prefix, "DNSname", name);`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`case GNUTLS_SAN_RFC822NAME:`
Packit Service	4684c1	`print_idn_email(str, prefix, "RFC822Name", name);`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`case GNUTLS_SAN_URI:`
Packit Service	4684c1	`addf(str, _("%sURI: %.*s\n"), prefix, name->size, NON_NULL(name->data));`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`case GNUTLS_SAN_IPADDRESS:`
Packit Service	4684c1	`if (!ip_is_cidr)`
Packit Service	4684c1	`p = _gnutls_ip_to_string(name->data, name->size, str_ip, sizeof(str_ip));`
Packit Service	4684c1	`else`
Packit Service	4684c1	`p = _gnutls_cidr_to_string(name->data, name->size, str_ip, sizeof(str_ip));`
Packit Service	4684c1	`if (p == NULL)`
Packit Service	4684c1	`p = ERROR_STR;`
Packit Service	4684c1	`addf(str, "%sIPAddress: %s\n", prefix, p);`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`case GNUTLS_SAN_DN:`
Packit Service	4684c1	`addf(str, _("%sdirectoryName: %.*s\n"), prefix, name->size, NON_NULL(name->data));`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`case GNUTLS_SAN_REGISTERED_ID:`
Packit Service	4684c1	`addf(str, _("%sRegistered ID: %.*s\n"), prefix, name->size, NON_NULL(name->data));`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`case GNUTLS_SAN_OTHERNAME_XMPP:`
Packit Service	4684c1	`addf(str, _("%sXMPP Address: %.*s\n"), prefix, name->size, NON_NULL(name->data));`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`case GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL:`
Packit Service	4684c1	`addf(str, _("%sKRB5Principal: %.*s\n"), prefix, name->size, NON_NULL(name->data));`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`default:`
Packit Service	4684c1	`addf(str, _("%sUnknown name: "), prefix);`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, name->data, name->size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static char get_pk_name(gnutls_x509_crt_t cert, unsigned bits)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char oid[MAX_OID_SIZE];`
Packit Service	4684c1	`size_t oid_size;`
Packit Service	4684c1	`oid_size = sizeof(oid);`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_crt_get_pk_algorithm(cert, bits);`
Packit Service	4684c1	`if (ret > 0) {`
Packit Service	4684c1	`const char *name = gnutls_pk_algorithm_get_name(ret);`
Packit Service	4684c1
Packit Service	4684c1	`if (name != NULL)`
Packit Service	4684c1	`return gnutls_strdup(name);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_crt_get_pk_oid(cert, oid, &oid_size);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return NULL;`
Packit Service	4684c1
Packit Service	4684c1	`return gnutls_strdup(oid);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static char *crq_get_pk_name(gnutls_x509_crq_t crq)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char oid[MAX_OID_SIZE];`
Packit Service	4684c1	`size_t oid_size;`
Packit Service	4684c1	`oid_size = sizeof(oid);`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_crq_get_pk_algorithm(crq, NULL);`
Packit Service	4684c1	`if (ret > 0) {`
Packit Service	4684c1	`const char *name = gnutls_pk_algorithm_get_name(ret);`
Packit Service	4684c1
Packit Service	4684c1	`if (name != NULL)`
Packit Service	4684c1	`return gnutls_strdup(name);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_crq_get_pk_oid(crq, oid, &oid_size);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return NULL;`
Packit Service	4684c1
Packit Service	4684c1	`return gnutls_strdup(oid);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static char get_sign_name(gnutls_x509_crt_t cert, int algo)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char oid[MAX_OID_SIZE];`
Packit Service	4684c1	`size_t oid_size;`
Packit Service	4684c1	`oid_size = sizeof(oid);`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1
Packit Service	4684c1	`*algo = 0;`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_crt_get_signature_algorithm(cert);`
Packit Service	4684c1	`if (ret > 0) {`
Packit Service	4684c1	`const char *name = gnutls_sign_get_name(ret);`
Packit Service	4684c1
Packit Service	4684c1	`*algo = ret;`
Packit Service	4684c1
Packit Service	4684c1	`if (name != NULL)`
Packit Service	4684c1	`return gnutls_strdup(name);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_crt_get_signature_oid(cert, oid, &oid_size);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return NULL;`
Packit Service	4684c1
Packit Service	4684c1	`return gnutls_strdup(oid);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static char *crq_get_sign_name(gnutls_x509_crq_t crq)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char oid[MAX_OID_SIZE];`
Packit Service	4684c1	`size_t oid_size;`
Packit Service	4684c1	`oid_size = sizeof(oid);`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_crq_get_signature_algorithm(crq);`
Packit Service	4684c1	`if (ret > 0) {`
Packit Service	4684c1	`const char *name = gnutls_sign_get_name(ret);`
Packit Service	4684c1
Packit Service	4684c1	`if (name != NULL)`
Packit Service	4684c1	`return gnutls_strdup(name);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_crq_get_signature_oid(crq, oid, &oid_size);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return NULL;`
Packit Service	4684c1
Packit Service	4684c1	`return gnutls_strdup(oid);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static char crl_get_sign_name(gnutls_x509_crl_t crl, int algo)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char oid[MAX_OID_SIZE];`
Packit Service	4684c1	`size_t oid_size;`
Packit Service	4684c1	`oid_size = sizeof(oid);`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1
Packit Service	4684c1	`*algo = 0;`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_crl_get_signature_algorithm(crl);`
Packit Service	4684c1	`if (ret > 0) {`
Packit Service	4684c1	`const char *name = gnutls_sign_get_name(ret);`
Packit Service	4684c1
Packit Service	4684c1	`*algo = ret;`
Packit Service	4684c1
Packit Service	4684c1	`if (name != NULL)`
Packit Service	4684c1	`return gnutls_strdup(name);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_crl_get_signature_oid(crl, oid, &oid_size);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return NULL;`
Packit Service	4684c1
Packit Service	4684c1	`return gnutls_strdup(oid);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1
Packit Service	4684c1	`static void print_proxy(gnutls_buffer_st * str, gnutls_datum_t *der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int pathlen;`
Packit Service	4684c1	`char *policyLanguage;`
Packit Service	4684c1	`char *policy;`
Packit Service	4684c1	`size_t npolicy;`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_proxy(der, &pathlen, &policyLanguage,`
Packit Service	4684c1	`&policy, &npolicy);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_proxy: %s\n", gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (pathlen >= 0)`
Packit Service	4684c1	`addf(str, _("\t\t\tPath Length Constraint: %d\n"),`
Packit Service	4684c1	`pathlen);`
Packit Service	4684c1	`addf(str, _("\t\t\tPolicy Language: %s"), policyLanguage);`
Packit Service	4684c1	`if (strcmp(policyLanguage, "1.3.6.1.5.5.7.21.1") == 0)`
Packit Service	4684c1	`adds(str, " (id-ppl-inheritALL)\n");`
Packit Service	4684c1	`else if (strcmp(policyLanguage, "1.3.6.1.5.5.7.21.2") == 0)`
Packit Service	4684c1	`adds(str, " (id-ppl-independent)\n");`
Packit Service	4684c1	`else`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`if (npolicy) {`
Packit Service	4684c1	`adds(str, _("\t\t\tPolicy:\n\t\t\t\tASCII: "));`
Packit Service	4684c1	`_gnutls_buffer_asciiprint(str, policy, npolicy);`
Packit Service	4684c1	`adds(str, _("\n\t\t\t\tHexdump: "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, policy, npolicy);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1	`gnutls_free(policy);`
Packit Service	4684c1	`gnutls_free(policyLanguage);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1
Packit Service	4684c1	`static void print_nc(gnutls_buffer_st * str, const char* prefix, gnutls_datum_t *der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_x509_name_constraints_t nc;`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1	`unsigned idx = 0;`
Packit Service	4684c1	`gnutls_datum_t name;`
Packit Service	4684c1	`unsigned type;`
Packit Service	4684c1	`char new_prefix[16];`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_name_constraints_init(&nc);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_x509_ext_import_name_constraints(der, nc, 0);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1
Packit Service	4684c1	`snprintf(new_prefix, sizeof(new_prefix), "%s\t\t\t\t", prefix);`
Packit Service	4684c1
Packit Service	4684c1	`do {`
Packit Service	4684c1	`ret = gnutls_x509_name_constraints_get_permitted(nc, idx++, &type, &name);`
Packit Service	4684c1
Packit Service	4684c1	`if (ret >= 0) {`
Packit Service	4684c1	`if (idx == 1)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tPermitted:\n"), prefix);`
Packit Service	4684c1
Packit Service	4684c1	`print_name(str, new_prefix, type, &name, 1);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`} while (ret == 0);`
Packit Service	4684c1
Packit Service	4684c1	`idx = 0;`
Packit Service	4684c1	`do {`
Packit Service	4684c1	`ret = gnutls_x509_name_constraints_get_excluded(nc, idx++, &type, &name);`
Packit Service	4684c1
Packit Service	4684c1	`if (ret >= 0) {`
Packit Service	4684c1	`if (idx == 1)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tExcluded:\n"), prefix);`
Packit Service	4684c1
Packit Service	4684c1	`print_name(str, new_prefix, type, &name, 1);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`} while (ret == 0);`
Packit Service	4684c1
Packit Service	4684c1	`cleanup:`
Packit Service	4684c1	`gnutls_x509_name_constraints_deinit(nc);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_aia(gnutls_buffer_st * str, const gnutls_datum_t *der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`int seq;`
Packit Service	4684c1	`gnutls_datum_t san = { NULL, 0 }, oid = {NULL, 0};`
Packit Service	4684c1	`gnutls_x509_aia_t aia;`
Packit Service	4684c1	`unsigned int san_type;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_aia_init(&aia);`
Packit Service	4684c1	`if (err < 0)`
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_aia(der, aia, 0);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_aia: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`for (seq=0;;seq++) {`
Packit Service	4684c1	`err = gnutls_x509_aia_get(aia, seq, &oid, &san_type, &san;;`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: aia_get: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (strcmp((char*)oid.data, GNUTLS_OID_AD_OCSP) == 0)`
Packit Service	4684c1	`addf(str, _("\t\t\tAccess Method: %s (%s)\n"), GNUTLS_OID_AD_OCSP, "id-ad-ocsp");`
Packit Service	4684c1	`else if (strcmp((char*)oid.data, GNUTLS_OID_AD_CAISSUERS) == 0)`
Packit Service	4684c1	`addf(str, _("\t\t\tAccess Method: %s (%s)\n"), GNUTLS_OID_AD_CAISSUERS, "id-ad-caIssuers");`
Packit Service	4684c1	`else {`
Packit Service	4684c1	`addf(str, _("\t\t\tAccess Method: %s (%s)\n"), (char*)oid.data, "UNKNOWN");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, "\t\t\tAccess Location ");`
Packit Service	4684c1	`print_name(str, "", san_type, &san, 0);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`cleanup:`
Packit Service	4684c1	`gnutls_x509_aia_deinit(aia);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_ski(gnutls_buffer_st * str, gnutls_datum_t *der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_datum_t id = {NULL, 0};`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_subject_key_id(der, &id;;`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_subject_key_id: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, "\t\t\t");`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, id.data, id.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1
Packit Service	4684c1	`gnutls_free(id.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`#define TYPE_CRT 2`
Packit Service	4684c1	`#define TYPE_CRQ 3`
Packit Service	4684c1
Packit Service	4684c1	`typedef union {`
Packit Service	4684c1	`gnutls_x509_crt_t crt;`
Packit Service	4684c1	`gnutls_x509_crq_t crq;`
Packit Service	4684c1	`} cert_type_t;`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_aki_gn_serial(gnutls_buffer_st * str, gnutls_x509_aki_t aki)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_datum_t san, other_oid, serial;`
Packit Service	4684c1	`unsigned int alt_type;`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_aki_get_cert_issuer(aki,`
Packit Service	4684c1	`0, &alt_type, &san, &other_oid, &serial);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`} else if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: gnutls_x509_aki_get_cert_issuer: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`print_name(str, "\t\t\t", alt_type, &san, 0);`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, "\t\t\tserial: ");`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, serial.data, serial.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_aki(gnutls_buffer_st * str, gnutls_datum_t *der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`gnutls_x509_aki_t aki;`
Packit Service	4684c1	`gnutls_datum_t id;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_aki_init(&aki);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: gnutls_x509_aki_init: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_authority_key_id(der, aki, 0);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: gnutls_x509_ext_import_authority_key_id: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Check if an alternative name is there */`
Packit Service	4684c1	`print_aki_gn_serial(str, aki);`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_aki_get_id(aki, &id;;`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`} else if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: gnutls_x509_aki_get_id: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, "\t\t\t");`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, id.data, id.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1
Packit Service	4684c1	`cleanup:`
Packit Service	4684c1	`gnutls_x509_aki_deinit(aki);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_key_usage2(gnutls_buffer_st * str, const char *prefix, unsigned int key_usage)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`if (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE)`
Packit Service	4684c1	`addf(str, _("%sDigital signature.\n"), prefix);`
Packit Service	4684c1	`if (key_usage & GNUTLS_KEY_NON_REPUDIATION)`
Packit Service	4684c1	`addf(str, _("%sNon repudiation.\n"), prefix);`
Packit Service	4684c1	`if (key_usage & GNUTLS_KEY_KEY_ENCIPHERMENT)`
Packit Service	4684c1	`addf(str, _("%sKey encipherment.\n"), prefix);`
Packit Service	4684c1	`if (key_usage & GNUTLS_KEY_DATA_ENCIPHERMENT)`
Packit Service	4684c1	`addf(str, _("%sData encipherment.\n"), prefix);`
Packit Service	4684c1	`if (key_usage & GNUTLS_KEY_KEY_AGREEMENT)`
Packit Service	4684c1	`addf(str, _("%sKey agreement.\n"), prefix);`
Packit Service	4684c1	`if (key_usage & GNUTLS_KEY_KEY_CERT_SIGN)`
Packit Service	4684c1	`addf(str, _("%sCertificate signing.\n"), prefix);`
Packit Service	4684c1	`if (key_usage & GNUTLS_KEY_CRL_SIGN)`
Packit Service	4684c1	`addf(str, _("%sCRL signing.\n"), prefix);`
Packit Service	4684c1	`if (key_usage & GNUTLS_KEY_ENCIPHER_ONLY)`
Packit Service	4684c1	`addf(str, _("%sKey encipher only.\n"), prefix);`
Packit Service	4684c1	`if (key_usage & GNUTLS_KEY_DECIPHER_ONLY)`
Packit Service	4684c1	`addf(str, _("%sKey decipher only.\n"), prefix);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_key_usage(gnutls_buffer_st * str, const char prefix, gnutls_datum_t der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`unsigned int key_usage;`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_key_usage(der, &key_usage);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_key_usage: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`print_key_usage2(str, prefix, key_usage);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_private_key_usage_period(gnutls_buffer_st * str, const char prefix, gnutls_datum_t der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`time_t activation, expiration;`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`char s[42];`
Packit Service	4684c1	`struct tm t;`
Packit Service	4684c1	`size_t max;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_private_key_usage_period(der, &activation, &expiration);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_private_key_usage_period: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`max = sizeof(s);`
Packit Service	4684c1
Packit Service	4684c1	`if (gmtime_r(&activation, &t) == NULL)`
Packit Service	4684c1	`addf(str, "error: gmtime_r (%ld)\n",`
Packit Service	4684c1	`(unsigned long) activation);`
Packit Service	4684c1	`else if (strftime(s, max, "%a %b %d %H:%M:%S UTC %Y", &t) == 0)`
Packit Service	4684c1	`addf(str, "error: strftime (%ld)\n",`
Packit Service	4684c1	`(unsigned long) activation);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, _("\t\t\tNot Before: %s\n"), s);`
Packit Service	4684c1
Packit Service	4684c1	`if (gmtime_r(&expiration, &t) == NULL)`
Packit Service	4684c1	`addf(str, "error: gmtime_r (%ld)\n",`
Packit Service	4684c1	`(unsigned long) expiration);`
Packit Service	4684c1	`else if (strftime(s, max, "%a %b %d %H:%M:%S UTC %Y", &t) == 0)`
Packit Service	4684c1	`addf(str, "error: strftime (%ld)\n",`
Packit Service	4684c1	`(unsigned long) expiration);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, _("\t\t\tNot After: %s\n"), s);`
Packit Service	4684c1
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_crldist(gnutls_buffer_st * str, gnutls_datum_t *der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`int indx;`
Packit Service	4684c1	`gnutls_x509_crl_dist_points_t dp;`
Packit Service	4684c1	`unsigned int flags, type;`
Packit Service	4684c1	`gnutls_datum_t dist;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crl_dist_points_init(&dp;;`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: gnutls_x509_crl_dist_points_init: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_crl_dist_points(der, dp, 0);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: gnutls_x509_ext_import_crl_dist_points: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`for (indx = 0;; indx++) {`
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crl_dist_points_get(dp, indx, &type, &dist, &flags);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`else if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_crl_dist_points: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`print_name(str, "\t\t\t", type, &dist, 0);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`cleanup:`
Packit Service	4684c1	`gnutls_x509_crl_dist_points_deinit(dp);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_key_purpose(gnutls_buffer_st * str, const char prefix, gnutls_datum_t der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int indx;`
Packit Service	4684c1	`gnutls_datum_t oid;`
Packit Service	4684c1	`char *p;`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`gnutls_x509_key_purposes_t purposes;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_key_purpose_init(&purposes);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: gnutls_x509_key_purpose_init: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_key_purposes(der, purposes, 0);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: gnutls_x509_ext_import_key_purposes: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`for (indx = 0;; indx++) {`
Packit Service	4684c1	`err = gnutls_x509_key_purpose_get(purposes, indx, &oid;;`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`else if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: gnutls_x509_key_purpose_get: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`p = (void*)oid.data;`
Packit Service	4684c1	`if (strcmp(p, GNUTLS_KP_TLS_WWW_SERVER) == 0)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tTLS WWW Server.\n"), prefix);`
Packit Service	4684c1	`else if (strcmp(p, GNUTLS_KP_TLS_WWW_CLIENT) == 0)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tTLS WWW Client.\n"), prefix);`
Packit Service	4684c1	`else if (strcmp(p, GNUTLS_KP_CODE_SIGNING) == 0)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tCode signing.\n"), prefix);`
Packit Service	4684c1	`else if (strcmp(p, GNUTLS_KP_EMAIL_PROTECTION) == 0)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tEmail protection.\n"),`
Packit Service	4684c1	`prefix);`
Packit Service	4684c1	`else if (strcmp(p, GNUTLS_KP_TIME_STAMPING) == 0)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tTime stamping.\n"), prefix);`
Packit Service	4684c1	`else if (strcmp(p, GNUTLS_KP_OCSP_SIGNING) == 0)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tOCSP signing.\n"), prefix);`
Packit Service	4684c1	`else if (strcmp(p, GNUTLS_KP_IPSEC_IKE) == 0)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tIpsec IKE.\n"), prefix);`
Packit Service	4684c1	`else if (strcmp(p, GNUTLS_KP_ANY) == 0)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tAny purpose.\n"), prefix);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, "%s\t\t\t%s\n", prefix, p);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`cleanup:`
Packit Service	4684c1	`gnutls_x509_key_purpose_deinit(purposes);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_basic(gnutls_buffer_st * str, const char prefix, gnutls_datum_t der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int pathlen;`
Packit Service	4684c1	`unsigned ca;`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_basic_constraints(der, &ca, &pathlen);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_basic_constraints: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (ca == 0)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tCertificate Authority (CA): FALSE\n"),`
Packit Service	4684c1	`prefix);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, _("%s\t\t\tCertificate Authority (CA): TRUE\n"),`
Packit Service	4684c1	`prefix);`
Packit Service	4684c1
Packit Service	4684c1	`if (pathlen >= 0)`
Packit Service	4684c1	`addf(str, _("%s\t\t\tPath Length Constraint: %d\n"),`
Packit Service	4684c1	`prefix, pathlen);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_altname(gnutls_buffer_st * str, const char prefix, gnutls_datum_t der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`unsigned int altname_idx;`
Packit Service	4684c1	`gnutls_subject_alt_names_t names;`
Packit Service	4684c1	`unsigned int type;`
Packit Service	4684c1	`gnutls_datum_t san;`
Packit Service	4684c1	`gnutls_datum_t othername;`
Packit Service	4684c1	`char pfx[16];`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_subject_alt_names_init(&names);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: gnutls_subject_alt_names_init: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_subject_alt_names(der, names, 0);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: gnutls_x509_ext_import_subject_alt_names: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`for (altname_idx = 0;; altname_idx++) {`
Packit Service	4684c1	`err = gnutls_subject_alt_names_get(names, altname_idx,`
Packit Service	4684c1	`&type, &san, &othername);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`else if (err < 0) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: gnutls_subject_alt_names_get: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1
Packit Service	4684c1	`if (type == GNUTLS_SAN_OTHERNAME) {`
Packit Service	4684c1	`unsigned vtype;`
Packit Service	4684c1	`gnutls_datum_t virt;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_othername_to_virtual((char*)othername.data, &san, &vtype, &virt);`
Packit Service	4684c1	`if (err >= 0) {`
Packit Service	4684c1	`snprintf(pfx, sizeof(pfx), "%s\t\t\t", prefix);`
Packit Service	4684c1	`print_name(str, pfx, vtype, &virt, 0);`
Packit Service	4684c1	`gnutls_free(virt.data);`
Packit Service	4684c1	`continue;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("%s\t\t\totherName OID: %.*s\n"),`
Packit Service	4684c1	`prefix, (int)othername.size, (char*)othername.data);`
Packit Service	4684c1	`addf(str, _("%s\t\t\totherName DER: "),`
Packit Service	4684c1	`prefix);`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, san.data, san.size);`
Packit Service	4684c1	`addf(str, _("\n%s\t\t\totherName ASCII: "),`
Packit Service	4684c1	`prefix);`
Packit Service	4684c1	`_gnutls_buffer_asciiprint(str, (char*)san.data, san.size);`
Packit Service	4684c1	`addf(str, "\n");`
Packit Service	4684c1	`} else {`
Packit Service	4684c1
Packit Service	4684c1	`snprintf(pfx, sizeof(pfx), "%s\t\t\t", prefix);`
Packit Service	4684c1	`print_name(str, pfx, type, &san, 0);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`cleanup:`
Packit Service	4684c1	`gnutls_subject_alt_names_deinit(names);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`guiddump(gnutls_buffer_st * str, const char *data, size_t len,`
Packit Service	4684c1	`const char *spc)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`size_t j;`
Packit Service	4684c1
Packit Service	4684c1	`if (spc)`
Packit Service	4684c1	`adds(str, spc);`
Packit Service	4684c1	`addf(str, "{");`
Packit Service	4684c1	`addf(str, "%.2X", (unsigned char) data[3]);`
Packit Service	4684c1	`addf(str, "%.2X", (unsigned char) data[2]);`
Packit Service	4684c1	`addf(str, "%.2X", (unsigned char) data[1]);`
Packit Service	4684c1	`addf(str, "%.2X", (unsigned char) data[0]);`
Packit Service	4684c1	`addf(str, "-");`
Packit Service	4684c1	`addf(str, "%.2X", (unsigned char) data[5]);`
Packit Service	4684c1	`addf(str, "%.2X", (unsigned char) data[4]);`
Packit Service	4684c1	`addf(str, "-");`
Packit Service	4684c1	`addf(str, "%.2X", (unsigned char) data[7]);`
Packit Service	4684c1	`addf(str, "%.2X", (unsigned char) data[6]);`
Packit Service	4684c1	`addf(str, "-");`
Packit Service	4684c1	`addf(str, "%.2X", (unsigned char) data[8]);`
Packit Service	4684c1	`addf(str, "%.2X", (unsigned char) data[9]);`
Packit Service	4684c1	`addf(str, "-");`
Packit Service	4684c1	`for (j = 10; j < 16; j++) {`
Packit Service	4684c1	`addf(str, "%.2X", (unsigned char) data[j]);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`addf(str, "}\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_unique_ids(gnutls_buffer_st * str, const gnutls_x509_crt_t cert)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int result;`
Packit Service	4684c1	`char buf[256]; /* if its longer, we won't bother to print it */`
Packit Service	4684c1	`size_t buf_size = 256;`
Packit Service	4684c1
Packit Service	4684c1	`result =`
Packit Service	4684c1	`gnutls_x509_crt_get_issuer_unique_id(cert, buf, &buf_size);`
Packit Service	4684c1	`if (result >= 0) {`
Packit Service	4684c1	`addf(str, ("\tIssuer Unique ID:\n"));`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, buf, buf_size, "\t\t\t");`
Packit Service	4684c1	`if (buf_size == 16) { /* this could be a GUID */`
Packit Service	4684c1	`guiddump(str, buf, buf_size, "\t\t\t");`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`buf_size = 256;`
Packit Service	4684c1	`result =`
Packit Service	4684c1	`gnutls_x509_crt_get_subject_unique_id(cert, buf, &buf_size);`
Packit Service	4684c1	`if (result >= 0) {`
Packit Service	4684c1	`addf(str, ("\tSubject Unique ID:\n"));`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, buf, buf_size, "\t\t\t");`
Packit Service	4684c1	`if (buf_size == 16) { /* this could be a GUID */`
Packit Service	4684c1	`guiddump(str, buf, buf_size, "\t\t\t");`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_tlsfeatures(gnutls_buffer_st * str, const char prefix, const gnutls_datum_t der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`int seq;`
Packit Service	4684c1	`gnutls_x509_tlsfeatures_t features;`
Packit Service	4684c1	`const char *name;`
Packit Service	4684c1	`unsigned int feature;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_tlsfeatures_init(&features);`
Packit Service	4684c1	`if (err < 0)`
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_tlsfeatures(der, features, 0);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_tlsfeatures: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`for (seq=0;;seq++) {`
Packit Service	4684c1	`err = gnutls_x509_tlsfeatures_get(features, seq, &feature);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_tlsfeatures: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`name = gnutls_ext_get_name(feature);`
Packit Service	4684c1	`if (name == NULL)`
Packit Service	4684c1	`addf(str, "%s\t\t\t%u\n", prefix, feature);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, "%s\t\t\t%s(%u)\n", prefix, name, feature);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`cleanup:`
Packit Service	4684c1	`gnutls_x509_tlsfeatures_deinit(features);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_subject_sign_tool(gnutls_buffer_st * str, const char prefix, const gnutls_datum_t der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1	`gnutls_datum_t tmp = {NULL, 0};`
Packit Service	4684c1
Packit Service	4684c1	`ret = _gnutls_x509_decode_string(ASN1_ETYPE_UTF8_STRING, der->data, der->size, &tmp, 0);`
Packit Service	4684c1	`if (ret < 0) {`
Packit Service	4684c1	`addf(str, _("%s\t\t\tASCII: "), prefix);`
Packit Service	4684c1	`_gnutls_buffer_asciiprint(str, (char*)der->data, der->size);`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, "\n");`
Packit Service	4684c1	`addf(str, _("%s\t\t\tHexdump: "), prefix);`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, (char*)der->data, der->size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("%s\t\t\t%.*s\n"), prefix, tmp.size, NON_NULL(tmp.data));`
Packit Service	4684c1	`_gnutls_free_datum(&tmp);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_issuer_sign_tool(gnutls_buffer_st * str, const char prefix, const gnutls_datum_t der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int ret, result;`
Packit Service	4684c1	`ASN1_TYPE tmpasn = ASN1_TYPE_EMPTY;`
Packit Service	4684c1	`char asn1_err[ASN1_MAX_ERROR_DESCRIPTION_SIZE] = "";`
Packit Service	4684c1	`gnutls_datum_t tmp;`
Packit Service	4684c1
Packit Service	4684c1	`if ((result = asn1_create_element(_gnutls_get_gnutls_asn(), "GNUTLS.IssuerSignTool",`
Packit Service	4684c1	`&tmpasn)) != ASN1_SUCCESS) {`
Packit Service	4684c1	`gnutls_assert();`
Packit Service	4684c1	`goto hexdump;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if ((result = _asn1_strict_der_decode(&tmpasn, der->data, der->size, asn1_err)) != ASN1_SUCCESS) {`
Packit Service	4684c1	`gnutls_assert();`
Packit Service	4684c1	`_gnutls_debug_log("_asn1_strict_der_decode: %s\n", asn1_err);`
Packit Service	4684c1	`goto hexdump;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`ret = _gnutls_x509_read_value(tmpasn, "signTool", &tmp);`
Packit Service	4684c1	`if (ret < 0) {`
Packit Service	4684c1	`gnutls_assert();`
Packit Service	4684c1	`goto hexdump;`
Packit Service	4684c1	`}`
Packit Service	4684c1	`addf(str, _("%s\t\t\tSignTool: %.*s\n"), prefix, tmp.size, NON_NULL(tmp.data));`
Packit Service	4684c1	`_gnutls_free_datum(&tmp);`
Packit Service	4684c1
Packit Service	4684c1	`ret = _gnutls_x509_read_value(tmpasn, "cATool", &tmp);`
Packit Service	4684c1	`if (ret < 0) {`
Packit Service	4684c1	`gnutls_assert();`
Packit Service	4684c1	`goto hexdump;`
Packit Service	4684c1	`}`
Packit Service	4684c1	`addf(str, _("%s\t\t\tCATool: %.*s\n"), prefix, tmp.size, NON_NULL(tmp.data));`
Packit Service	4684c1	`_gnutls_free_datum(&tmp);`
Packit Service	4684c1
Packit Service	4684c1	`ret = _gnutls_x509_read_value(tmpasn, "signToolCert", &tmp);`
Packit Service	4684c1	`if (ret < 0) {`
Packit Service	4684c1	`gnutls_assert();`
Packit Service	4684c1	`goto hexdump;`
Packit Service	4684c1	`}`
Packit Service	4684c1	`addf(str, _("%s\t\t\tSignToolCert: %.*s\n"), prefix, tmp.size, NON_NULL(tmp.data));`
Packit Service	4684c1	`_gnutls_free_datum(&tmp);`
Packit Service	4684c1
Packit Service	4684c1	`ret = _gnutls_x509_read_value(tmpasn, "cAToolCert", &tmp);`
Packit Service	4684c1	`if (ret < 0) {`
Packit Service	4684c1	`gnutls_assert();`
Packit Service	4684c1	`goto hexdump;`
Packit Service	4684c1	`}`
Packit Service	4684c1	`addf(str, _("%s\t\t\tCAToolCert: %.*s\n"), prefix, tmp.size, NON_NULL(tmp.data));`
Packit Service	4684c1	`_gnutls_free_datum(&tmp);`
Packit Service	4684c1
Packit Service	4684c1	`asn1_delete_structure(&tmpasn);`
Packit Service	4684c1
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`hexdump:`
Packit Service	4684c1	`asn1_delete_structure(&tmpasn);`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("%s\t\t\tASCII: "), prefix);`
Packit Service	4684c1	`_gnutls_buffer_asciiprint(str, (char*)der->data, der->size);`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, "\n");`
Packit Service	4684c1	`addf(str, _("%s\t\t\tHexdump: "), prefix);`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, (char*)der->data, der->size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`#define ENTRY(oid, name) {oid, sizeof(oid)-1, name, sizeof(name)-1, NULL, 0}`
Packit Service	4684c1
Packit Service	4684c1	`static const struct oid_to_string cp_oid2str[] = {`
Packit Service	4684c1	`ENTRY("2.5.29.32.0", "anyPolicy"),`
Packit Service	4684c1
Packit Service	4684c1	`ENTRY("2.23.140.1.2.1", "CA/B Domain Validated"),`
Packit Service	4684c1	`ENTRY("2.23.140.1.2.2", "CA/B Organization Validated"),`
Packit Service	4684c1	`ENTRY("2.23.140.1.2.3", "CA/B Individual Validated"),`
Packit Service	4684c1	`ENTRY("2.23.140.1.1", "CA/B Extended Validation"),`
Packit Service	4684c1
Packit Service	4684c1	`/* draft-deremin-rfc4491-bis */`
Packit Service	4684c1	`ENTRY("1.2.643.100.113.1", "Russian security class KC1"),`
Packit Service	4684c1	`ENTRY("1.2.643.100.113.2", "Russian security class KC2"),`
Packit Service	4684c1	`ENTRY("1.2.643.100.113.3", "Russian security class KC3"),`
Packit Service	4684c1	`ENTRY("1.2.643.100.113.4", "Russian security class KB1"),`
Packit Service	4684c1	`ENTRY("1.2.643.100.113.5", "Russian security class KB2"),`
Packit Service	4684c1	`ENTRY("1.2.643.100.113.6", "Russian security class KA1"),`
Packit Service	4684c1
Packit Service	4684c1	`{NULL, 0, NULL, 0},`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`struct ext_indexes_st {`
Packit Service	4684c1	`int san;`
Packit Service	4684c1	`int ian;`
Packit Service	4684c1	`int proxy;`
Packit Service	4684c1	`int basic;`
Packit Service	4684c1	`int keyusage;`
Packit Service	4684c1	`int keypurpose;`
Packit Service	4684c1	`int ski;`
Packit Service	4684c1	`int aki, nc;`
Packit Service	4684c1	`int crldist, pkey_usage_period;`
Packit Service	4684c1	`int tlsfeatures;`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`static void print_extension(gnutls_buffer_st * str, const char *prefix,`
Packit Service	4684c1	`struct ext_indexes_st idx, const char oid,`
Packit Service	4684c1	`unsigned critical, gnutls_datum_t *der)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`unsigned j;`
Packit Service	4684c1	`char pfx[16];`
Packit Service	4684c1
Packit Service	4684c1	`if (strcmp(oid, "2.5.29.19") == 0) {`
Packit Service	4684c1	`if (idx->basic) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one basic constraint\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("%s\t\tBasic Constraints (%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_basic(str, prefix, der);`
Packit Service	4684c1	`idx->basic++;`
Packit Service	4684c1
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.14") == 0) {`
Packit Service	4684c1	`if (idx->ski) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one SKI extension\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("%s\t\tSubject Key Identifier (%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_ski(str, der);`
Packit Service	4684c1
Packit Service	4684c1	`idx->ski++;`
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.32") == 0) {`
Packit Service	4684c1	`struct gnutls_x509_policy_st policy;`
Packit Service	4684c1	`gnutls_x509_policies_t policies;`
Packit Service	4684c1	`const char *name;`
Packit Service	4684c1	`const struct oid_to_string *entry;`
Packit Service	4684c1	`int x;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_policies_init(&policies);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: certificate policies: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_policies(der, policies, 0);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: certificate policies import: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`gnutls_x509_policies_deinit(policies);`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`for (x = 0;; x++) {`
Packit Service	4684c1	`err = gnutls_x509_policies_get(policies, x, &policy);`
Packit Service	4684c1	`if (err ==`
Packit Service	4684c1	`GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: certificate policy: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (x == 0)`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"%s\t\tCertificate Policies (%s):\n",`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") :`
Packit Service	4684c1	`_("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`entry = _gnutls_oid_get_entry(cp_oid2str, policy.oid);`
Packit Service	4684c1	`if (entry != NULL && entry->name_desc != NULL)`
Packit Service	4684c1	`addf(str, "%s\t\t\t%s (%s)\n", prefix, policy.oid, entry->name_desc);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, "%s\t\t\t%s\n", prefix, policy.oid);`
Packit Service	4684c1	`for (j = 0; j < policy.qualifiers; j++) {`
Packit Service	4684c1	`if (policy.qualifier[j].type ==`
Packit Service	4684c1	`GNUTLS_X509_QUALIFIER_URI)`
Packit Service	4684c1	`name = "URI";`
Packit Service	4684c1	`else if (policy.qualifier[j].`
Packit Service	4684c1	`type ==`
Packit Service	4684c1	`GNUTLS_X509_QUALIFIER_NOTICE)`
Packit Service	4684c1	`name = "Note";`
Packit Service	4684c1	`else`
Packit Service	4684c1	`name = "Unknown qualifier";`
Packit Service	4684c1	`addf(str, "%s\t\t\t\t%s: %s\n",`
Packit Service	4684c1	`prefix, name,`
Packit Service	4684c1	`policy.qualifier[j].data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1	`gnutls_x509_policies_deinit(policies);`
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.54") == 0) {`
Packit Service	4684c1	`unsigned int skipcerts;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_ext_import_inhibit_anypolicy(der, &skipcerts);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: certificate inhibit any policy import: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"%s\t\tInhibit anyPolicy skip certs: %u (%s)\n",`
Packit Service	4684c1	`prefix, skipcerts,`
Packit Service	4684c1	`critical ? _("critical") :`
Packit Service	4684c1	`_("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.35") == 0) {`
Packit Service	4684c1
Packit Service	4684c1	`if (idx->aki) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one AKI extension\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("%s\t\tAuthority Key Identifier (%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_aki(str, der);`
Packit Service	4684c1
Packit Service	4684c1	`idx->aki++;`
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.15") == 0) {`
Packit Service	4684c1	`if (idx->keyusage) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one key usage extension\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("%s\t\tKey Usage (%s):\n"), prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`snprintf(pfx, sizeof(pfx), "%s\t\t\t", prefix);`
Packit Service	4684c1	`print_key_usage(str, pfx, der);`
Packit Service	4684c1
Packit Service	4684c1	`idx->keyusage++;`
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.16") == 0) {`
Packit Service	4684c1	`if (idx->pkey_usage_period) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one private key usage period extension\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("%s\t\tPrivate Key Usage Period (%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_private_key_usage_period(str, prefix, der);`
Packit Service	4684c1
Packit Service	4684c1	`idx->pkey_usage_period++;`
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.37") == 0) {`
Packit Service	4684c1	`if (idx->keypurpose) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one key purpose extension\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("%s\t\tKey Purpose (%s):\n"), prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_key_purpose(str, prefix, der);`
Packit Service	4684c1	`idx->keypurpose++;`
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.17") == 0) {`
Packit Service	4684c1	`if (idx->san) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one SKI extension\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("%s\t\tSubject Alternative Name (%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1	`print_altname(str, prefix, der);`
Packit Service	4684c1	`idx->san++;`
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.18") == 0) {`
Packit Service	4684c1	`if (idx->ian) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one Issuer AltName extension\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("%s\t\tIssuer Alternative Name (%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_altname(str, prefix, der);`
Packit Service	4684c1
Packit Service	4684c1	`idx->ian++;`
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.31") == 0) {`
Packit Service	4684c1	`if (idx->crldist) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one CRL distribution point\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("%s\t\tCRL Distribution points (%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_crldist(str, der);`
Packit Service	4684c1	`idx->crldist++;`
Packit Service	4684c1	`} else if (strcmp(oid, "1.3.6.1.5.5.7.1.14") == 0) {`
Packit Service	4684c1	`if (idx->proxy) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one proxy extension\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_`
Packit Service	4684c1	`("%s\t\tProxy Certificate Information (%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_proxy(str, der);`
Packit Service	4684c1
Packit Service	4684c1	`idx->proxy++;`
Packit Service	4684c1	`} else if (strcmp(oid, "1.3.6.1.5.5.7.1.1") == 0) {`
Packit Service	4684c1	`addf(str, _("%s\t\tAuthority Information "`
Packit Service	4684c1	`"Access (%s):\n"), prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_aia(str, der);`
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.30") == 0) {`
Packit Service	4684c1	`if (idx->nc) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one name constraints extension\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1	`idx->nc++;`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("%s\t\tName Constraints (%s):\n"), prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_nc(str, prefix, der);`
Packit Service	4684c1	`} else if (strcmp(oid, GNUTLS_X509EXT_OID_TLSFEATURES) == 0) {`
Packit Service	4684c1	`if (idx->tlsfeatures) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one tlsfeatures extension\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("%s\t\tTLS Features (%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_tlsfeatures(str, prefix, der);`
Packit Service	4684c1
Packit Service	4684c1	`idx->tlsfeatures++;`
Packit Service	4684c1	`} else if (strcmp(oid, "1.2.643.100.111") == 0) {`
Packit Service	4684c1	`addf(str, _("%s\t\tSubject Signing Tool(%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_subject_sign_tool(str, prefix, der);`
Packit Service	4684c1	`} else if (strcmp(oid, "1.2.643.100.112") == 0) {`
Packit Service	4684c1	`addf(str, _("%s\t\tIssuer Signing Tool(%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`print_issuer_sign_tool(str, prefix, der);`
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.4.3") == 0) {`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1	`gnutls_datum_t tmp = {NULL, 0};`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("%s\t\tCommon Name (%s):\n"),`
Packit Service	4684c1	`prefix,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`ret = _gnutls_x509_decode_string(ASN1_ETYPE_PRINTABLE_STRING, der->data, der->size, &tmp, 0);`
Packit Service	4684c1	`if (ret < 0) {`
Packit Service	4684c1	`addf(str, "error: x509_decode_string: %s\n",`
Packit Service	4684c1	`gnutls_strerror(ret));`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`addf(str, "%s\t\t\t%s\n", prefix, tmp.data);`
Packit Service	4684c1	`gnutls_free(tmp.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`addf(str, _("%s\t\tUnknown extension %s (%s):\n"),`
Packit Service	4684c1	`prefix, oid,`
Packit Service	4684c1	`critical ? _("critical") : _("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("%s\t\t\tASCII: "), prefix);`
Packit Service	4684c1	`_gnutls_buffer_asciiprint(str, (char*)der->data, der->size);`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, "\n");`
Packit Service	4684c1	`addf(str, _("%s\t\t\tHexdump: "), prefix);`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, (char*)der->data, der->size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_extensions(gnutls_buffer_st * str, const char *prefix, int type,`
Packit Service	4684c1	`cert_type_t cert)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`unsigned i;`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`gnutls_datum_t der = {NULL, 0};`
Packit Service	4684c1	`struct ext_indexes_st idx;`
Packit Service	4684c1
Packit Service	4684c1	`memset(&idx, 0, sizeof(idx));`
Packit Service	4684c1
Packit Service	4684c1	`for (i = 0;; i++) {`
Packit Service	4684c1	`char oid[MAX_OID_SIZE] = "";`
Packit Service	4684c1	`size_t sizeof_oid = sizeof(oid);`
Packit Service	4684c1	`unsigned int critical;`
Packit Service	4684c1
Packit Service	4684c1	`if (type == TYPE_CRT)`
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crt_get_extension_info(cert.crt, i,`
Packit Service	4684c1	`oid,`
Packit Service	4684c1	`&sizeof_oid,`
Packit Service	4684c1	`&critical);`
Packit Service	4684c1
Packit Service	4684c1	`else if (type == TYPE_CRQ)`
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crq_get_extension_info(cert.crq, i,`
Packit Service	4684c1	`oid,`
Packit Service	4684c1	`&sizeof_oid,`
Packit Service	4684c1	`&critical);`
Packit Service	4684c1	`else {`
Packit Service	4684c1	`gnutls_assert();`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_extension_info: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (i == 0)`
Packit Service	4684c1	`addf(str, _("%s\tExtensions:\n"), prefix);`
Packit Service	4684c1
Packit Service	4684c1	`if (type == TYPE_CRT)`
Packit Service	4684c1	`err = gnutls_x509_crt_get_extension_data2(cert.crt, i, &der;;`
Packit Service	4684c1	`else`
Packit Service	4684c1	`err = gnutls_x509_crq_get_extension_data2(cert.crq, i, &der;;`
Packit Service	4684c1
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`der.data = NULL;`
Packit Service	4684c1	`der.size = 0;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`print_extension(str, prefix, &idx, oid, critical, &der;;`
Packit Service	4684c1	`gnutls_free(der.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void reverse_datum(gnutls_datum_t *d)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`unsigned int i;`
Packit Service	4684c1	`unsigned char c;`
Packit Service	4684c1
Packit Service	4684c1	`for (i = 0; i < d->size / 2; i++) {`
Packit Service	4684c1	`c = d->data[i];`
Packit Service	4684c1	`d->data[i] = d->data[d->size - i - 1];`
Packit Service	4684c1	`d->data[d->size - i - 1] = c;`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_pubkey(gnutls_buffer_st * str, const char *key_name,`
Packit Service	4684c1	`gnutls_pubkey_t pubkey, gnutls_x509_spki_st *spki,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`const char *name;`
Packit Service	4684c1	`unsigned bits;`
Packit Service	4684c1	`unsigned pk;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_pubkey_get_pk_algorithm(pubkey, &bits);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_pk_algorithm: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`pk = err;`
Packit Service	4684c1
Packit Service	4684c1	`name = gnutls_pk_algorithm_get_name(pk);`
Packit Service	4684c1	`if (name == NULL)`
Packit Service	4684c1	`name = _("unknown");`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("\t%sPublic Key Algorithm: %s\n"), key_name, name);`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("\tAlgorithm Security Level: %s (%d bits)\n"),`
Packit Service	4684c1	`gnutls_sec_param_get_name(gnutls_pk_bits_to_sec_param`
Packit Service	4684c1	`(err, bits)), bits);`
Packit Service	4684c1
Packit Service	4684c1	`if (spki && pk == GNUTLS_PK_RSA_PSS && spki->pk == pk) {`
Packit Service	4684c1	`addf(str, _("\t\tParameters:\n"));`
Packit Service	4684c1	`addf(str, "\t\t\tHash Algorithm: %s\n",`
Packit Service	4684c1	`gnutls_digest_get_name(spki->rsa_pss_dig));`
Packit Service	4684c1	`addf(str, "\t\t\tSalt Length: %d\n", spki->salt_size);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`switch (pk) {`
Packit Service	4684c1	`case GNUTLS_PK_RSA:`
Packit Service	4684c1	`case GNUTLS_PK_RSA_PSS:`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_datum_t m, e;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_pubkey_get_pk_rsa_raw(pubkey, &m, &e);`
Packit Service	4684c1	`if (err < 0)`
Packit Service	4684c1	`addf(str, "error: get_pk_rsa_raw: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`else {`
Packit Service	4684c1	`if (format ==`
Packit Service	4684c1	`GNUTLS_CRT_PRINT_FULL_NUMBERS) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("\t\tModulus (bits %d): "),`
Packit Service	4684c1	`bits);`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str,`
Packit Service	4684c1	`m.data,`
Packit Service	4684c1	`m.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("\t\tExponent (bits %d): "),`
Packit Service	4684c1	`e.size * 8);`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str,`
Packit Service	4684c1	`e.data,`
Packit Service	4684c1	`e.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("\t\tModulus (bits %d):\n"),`
Packit Service	4684c1	`bits);`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, m.data,`
Packit Service	4684c1	`m.size,`
Packit Service	4684c1	`"\t\t\t");`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_`
Packit Service	4684c1	`("\t\tExponent (bits %d):\n"),`
Packit Service	4684c1	`e.size * 8);`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, e.data,`
Packit Service	4684c1	`e.size,`
Packit Service	4684c1	`"\t\t\t");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`gnutls_free(m.data);`
Packit Service	4684c1	`gnutls_free(e.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`}`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`case GNUTLS_PK_EDDSA_ED25519:`
Packit Service	4684c1	`case GNUTLS_PK_EDDSA_ED448:`
Packit Service	4684c1	`case GNUTLS_PK_ECDSA:`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_datum_t x, y;`
Packit Service	4684c1	`gnutls_ecc_curve_t curve;`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_pubkey_get_pk_ecc_raw(pubkey, &curve,`
Packit Service	4684c1	`&x, &y);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_pk_ecc_raw: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`addf(str, _("\t\tCurve:\t%s\n"),`
Packit Service	4684c1	`gnutls_ecc_curve_get_name(curve));`
Packit Service	4684c1	`if (format ==`
Packit Service	4684c1	`GNUTLS_CRT_PRINT_FULL_NUMBERS) {`
Packit Service	4684c1	`adds(str, _("\t\tX: "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str,`
Packit Service	4684c1	`x.data,`
Packit Service	4684c1	`x.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`if (y.size > 0) {`
Packit Service	4684c1	`adds(str, _("\t\tY: "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str,`
Packit Service	4684c1	`y.data,`
Packit Service	4684c1	`y.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`adds(str, _("\t\tX:\n"));`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, x.data,`
Packit Service	4684c1	`x.size,`
Packit Service	4684c1	`"\t\t\t");`
Packit Service	4684c1	`if (y.size > 0) {`
Packit Service	4684c1	`adds(str, _("\t\tY:\n"));`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, y.data,`
Packit Service	4684c1	`y.size,`
Packit Service	4684c1	`"\t\t\t");`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`gnutls_free(x.data);`
Packit Service	4684c1	`gnutls_free(y.data);`
Packit Service	4684c1
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`case GNUTLS_PK_DSA:`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_datum_t p, q, g, y;`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_pubkey_get_pk_dsa_raw(pubkey, &p, &q,`
Packit Service	4684c1	`&g, &y);`
Packit Service	4684c1	`if (err < 0)`
Packit Service	4684c1	`addf(str, "error: get_pk_dsa_raw: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`else {`
Packit Service	4684c1	`if (format ==`
Packit Service	4684c1	`GNUTLS_CRT_PRINT_FULL_NUMBERS) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_`
Packit Service	4684c1	`("\t\tPublic key (bits %d): "),`
Packit Service	4684c1	`bits);`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str,`
Packit Service	4684c1	`y.data,`
Packit Service	4684c1	`y.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`adds(str, _("\t\tP: "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str,`
Packit Service	4684c1	`p.data,`
Packit Service	4684c1	`p.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`adds(str, _("\t\tQ: "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str,`
Packit Service	4684c1	`q.data,`
Packit Service	4684c1	`q.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`adds(str, _("\t\tG: "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str,`
Packit Service	4684c1	`g.data,`
Packit Service	4684c1	`g.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_`
Packit Service	4684c1	`("\t\tPublic key (bits %d):\n"),`
Packit Service	4684c1	`bits);`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, y.data,`
Packit Service	4684c1	`y.size,`
Packit Service	4684c1	`"\t\t\t");`
Packit Service	4684c1	`adds(str, _("\t\tP:\n"));`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, p.data,`
Packit Service	4684c1	`p.size,`
Packit Service	4684c1	`"\t\t\t");`
Packit Service	4684c1	`adds(str, _("\t\tQ:\n"));`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, q.data,`
Packit Service	4684c1	`q.size,`
Packit Service	4684c1	`"\t\t\t");`
Packit Service	4684c1	`adds(str, _("\t\tG:\n"));`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, g.data,`
Packit Service	4684c1	`g.size,`
Packit Service	4684c1	`"\t\t\t");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`gnutls_free(p.data);`
Packit Service	4684c1	`gnutls_free(q.data);`
Packit Service	4684c1	`gnutls_free(g.data);`
Packit Service	4684c1	`gnutls_free(y.data);`
Packit Service	4684c1
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`case GNUTLS_PK_GOST_01:`
Packit Service	4684c1	`case GNUTLS_PK_GOST_12_256:`
Packit Service	4684c1	`case GNUTLS_PK_GOST_12_512:`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_datum_t x, y;`
Packit Service	4684c1	`gnutls_ecc_curve_t curve;`
Packit Service	4684c1	`gnutls_digest_algorithm_t digest;`
Packit Service	4684c1	`gnutls_gost_paramset_t param;`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_pubkey_export_gost_raw2(pubkey, &curve,`
Packit Service	4684c1	`&digest,`
Packit Service	4684c1	`&param,`
Packit Service	4684c1	`&x, &y, 0);`
Packit Service	4684c1	`if (err < 0)`
Packit Service	4684c1	`addf(str, "error: get_pk_gost_raw: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`else {`
Packit Service	4684c1	`addf(str, _("\t\tCurve:\t%s\n"),`
Packit Service	4684c1	`gnutls_ecc_curve_get_name(curve));`
Packit Service	4684c1	`addf(str, _("\t\tDigest:\t%s\n"),`
Packit Service	4684c1	`gnutls_digest_get_name(digest));`
Packit Service	4684c1	`addf(str, _("\t\tParamSet: %s\n"),`
Packit Service	4684c1	`gnutls_gost_paramset_get_name(param));`
Packit Service	4684c1	`reverse_datum(&x);`
Packit Service	4684c1	`reverse_datum(&y);`
Packit Service	4684c1	`if (format ==`
Packit Service	4684c1	`GNUTLS_CRT_PRINT_FULL_NUMBERS) {`
Packit Service	4684c1	`adds(str, _("\t\tX: "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str,`
Packit Service	4684c1	`x.data,`
Packit Service	4684c1	`x.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`adds(str, _("\t\tY: "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str,`
Packit Service	4684c1	`y.data,`
Packit Service	4684c1	`y.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`adds(str, _("\t\tX:\n"));`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, x.data,`
Packit Service	4684c1	`x.size,`
Packit Service	4684c1	`"\t\t\t");`
Packit Service	4684c1	`adds(str, _("\t\tY:\n"));`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, y.data,`
Packit Service	4684c1	`y.size,`
Packit Service	4684c1	`"\t\t\t");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`gnutls_free(x.data);`
Packit Service	4684c1	`gnutls_free(y.data);`
Packit Service	4684c1
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1	`break;`
Packit Service	4684c1
Packit Service	4684c1	`default:`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static int`
Packit Service	4684c1	`print_crt_sig_params(gnutls_buffer_st * str, gnutls_x509_crt_t crt,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1	`gnutls_pk_algorithm_t pk;`
Packit Service	4684c1	`gnutls_x509_spki_st params;`
Packit Service	4684c1	`gnutls_sign_algorithm_t sign;`
Packit Service	4684c1
Packit Service	4684c1	`sign = gnutls_x509_crt_get_signature_algorithm(crt);`
Packit Service	4684c1	`pk = gnutls_sign_get_pk_algorithm(sign);`
Packit Service	4684c1	`if (pk == GNUTLS_PK_RSA_PSS) {`
Packit Service	4684c1	`ret = _gnutls_x509_read_sign_params(crt->cert,`
Packit Service	4684c1	`"signatureAlgorithm",`
Packit Service	4684c1	`&params);`
Packit Service	4684c1	`if (ret < 0) {`
Packit Service	4684c1	`addf(str, "error: read_pss_params: %s\n",`
Packit Service	4684c1	`gnutls_strerror(ret));`
Packit Service	4684c1	`} else`
Packit Service	4684c1	`addf(str, "\t\tSalt Length: %d\n", params.salt_size);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`return 0;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_pk_name(gnutls_buffer_st * str, gnutls_x509_crt_t crt)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`const char *p;`
Packit Service	4684c1	`char *name = get_pk_name(crt, NULL);`
Packit Service	4684c1	`if (name == NULL)`
Packit Service	4684c1	`p = _("unknown");`
Packit Service	4684c1	`else`
Packit Service	4684c1	`p = name;`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, "\tSubject Public Key Algorithm: %s\n", p);`
Packit Service	4684c1	`gnutls_free(name);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static int`
Packit Service	4684c1	`print_crt_pubkey(gnutls_buffer_st * str, gnutls_x509_crt_t crt,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_pubkey_t pubkey = NULL;`
Packit Service	4684c1	`gnutls_x509_spki_st params;`
Packit Service	4684c1	`int ret, pk;`
Packit Service	4684c1
Packit Service	4684c1	`ret = _gnutls_x509_crt_read_spki_params(crt, &params);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return ret;`
Packit Service	4684c1
Packit Service	4684c1	`pk = gnutls_x509_crt_get_pk_algorithm(crt, NULL);`
Packit Service	4684c1	`if (pk < 0) {`
Packit Service	4684c1	`gnutls_assert();`
Packit Service	4684c1	`pk = GNUTLS_PK_UNKNOWN;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (pk == GNUTLS_PK_UNKNOWN) {`
Packit Service	4684c1	`print_pk_name(str, crt); /* print basic info only */`
Packit Service	4684c1	`return 0;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_pubkey_init(&pubkey);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return ret;`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_pubkey_import_x509(pubkey, crt, 0);`
Packit Service	4684c1	`if (ret < 0) {`
Packit Service	4684c1	`if (ret != GNUTLS_E_UNIMPLEMENTED_FEATURE)`
Packit Service	4684c1	`addf(str, "error importing public key: %s\n", gnutls_strerror(ret));`
Packit Service	4684c1	`print_pk_name(str, crt); /* print basic info only */`
Packit Service	4684c1	`ret = 0;`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`print_pubkey(str, _("Subject "), pubkey, &params, format);`
Packit Service	4684c1	`ret = 0;`
Packit Service	4684c1
Packit Service	4684c1	`cleanup:`
Packit Service	4684c1	`gnutls_pubkey_deinit(pubkey);`
Packit Service	4684c1
Packit Service	4684c1	`return ret;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_cert(gnutls_buffer_st * str, gnutls_x509_crt_t cert,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`/* Version. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int version = gnutls_x509_crt_get_version(cert);`
Packit Service	4684c1	`if (version < 0)`
Packit Service	4684c1	`addf(str, "error: get_version: %s\n",`
Packit Service	4684c1	`gnutls_strerror(version));`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, _("\tVersion: %d\n"), version);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Serial. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char serial[128];`
Packit Service	4684c1	`size_t serial_size = sizeof(serial);`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crt_get_serial(cert, serial, &serial_size);`
Packit Service	4684c1	`if (err < 0)`
Packit Service	4684c1	`addf(str, "error: get_serial: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`else {`
Packit Service	4684c1	`adds(str, _("\tSerial Number (hex): "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, serial, serial_size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Issuer. */`
Packit Service	4684c1	`if (format != GNUTLS_CRT_PRINT_UNSIGNED_FULL) {`
Packit Service	4684c1	`gnutls_datum_t dn;`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_issuer_dn3(cert, &dn, 0);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {`
Packit Service	4684c1	`addf(str, _("\tIssuer:\n"));`
Packit Service	4684c1	`} else if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_issuer_dn: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`addf(str, _("\tIssuer: %s\n"), dn.data);`
Packit Service	4684c1	`gnutls_free(dn.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Validity. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`time_t tim;`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, _("\tValidity:\n"));`
Packit Service	4684c1
Packit Service	4684c1	`tim = gnutls_x509_crt_get_activation_time(cert);`
Packit Service	4684c1	`if (tim != -1) {`
Packit Service	4684c1	`char s[42];`
Packit Service	4684c1	`size_t max = sizeof(s);`
Packit Service	4684c1	`struct tm t;`
Packit Service	4684c1
Packit Service	4684c1	`if (gmtime_r(&tim, &t) == NULL)`
Packit Service	4684c1	`addf(str, "error: gmtime_r (%ld)\n",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else if (strftime`
Packit Service	4684c1	`(s, max, "%a %b %d %H:%M:%S UTC %Y",`
Packit Service	4684c1	`&t) == 0)`
Packit Service	4684c1	`addf(str, "error: strftime (%ld)\n",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, _("\t\tNot Before: %s\n"), s);`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`addf(str, _("\t\tNot Before: %s\n"), _("unknown"));`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`tim = gnutls_x509_crt_get_expiration_time(cert);`
Packit Service	4684c1	`if (tim != -1) {`
Packit Service	4684c1	`char s[42];`
Packit Service	4684c1	`size_t max = sizeof(s);`
Packit Service	4684c1	`struct tm t;`
Packit Service	4684c1
Packit Service	4684c1	`if (gmtime_r(&tim, &t) == NULL)`
Packit Service	4684c1	`addf(str, "error: gmtime_r (%ld)\n",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else if (strftime`
Packit Service	4684c1	`(s, max, "%a %b %d %H:%M:%S UTC %Y",`
Packit Service	4684c1	`&t) == 0)`
Packit Service	4684c1	`addf(str, "error: strftime (%ld)\n",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, _("\t\tNot After: %s\n"), s);`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`addf(str, _("\t\tNot After: %s\n"), _("unknown"));`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Subject. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_datum_t dn;`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_dn3(cert, &dn, 0);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {`
Packit Service	4684c1	`addf(str, _("\tSubject:\n"));`
Packit Service	4684c1	`} else if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_dn: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`addf(str, _("\tSubject: %s\n"), dn.data);`
Packit Service	4684c1	`gnutls_free(dn.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* SubjectPublicKeyInfo. */`
Packit Service	4684c1	`print_crt_pubkey(str, cert, format);`
Packit Service	4684c1
Packit Service	4684c1	`print_unique_ids(str, cert);`
Packit Service	4684c1
Packit Service	4684c1	`/* Extensions. */`
Packit Service	4684c1	`if (gnutls_x509_crt_get_version(cert) >= 3) {`
Packit Service	4684c1	`cert_type_t ccert;`
Packit Service	4684c1
Packit Service	4684c1	`ccert.crt = cert;`
Packit Service	4684c1	`print_extensions(str, "", TYPE_CRT, ccert);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Signature. */`
Packit Service	4684c1	`if (format != GNUTLS_CRT_PRINT_UNSIGNED_FULL) {`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`size_t size = 0;`
Packit Service	4684c1	`char *buffer = NULL;`
Packit Service	4684c1	`char *name;`
Packit Service	4684c1	`const char *p;`
Packit Service	4684c1
Packit Service	4684c1	`name = get_sign_name(cert, &err;;`
Packit Service	4684c1	`if (name == NULL)`
Packit Service	4684c1	`p = _("unknown");`
Packit Service	4684c1	`else`
Packit Service	4684c1	`p = name;`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("\tSignature Algorithm: %s\n"), p);`
Packit Service	4684c1	`gnutls_free(name);`
Packit Service	4684c1
Packit Service	4684c1	`print_crt_sig_params(str, cert, format);`
Packit Service	4684c1
Packit Service	4684c1	`if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0) {`
Packit Service	4684c1	`adds(str,`
Packit Service	4684c1	`_("warning: signed using a broken signature "`
Packit Service	4684c1	`"algorithm that can be forged.\n"));`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_signature(cert, buffer, &size);`
Packit Service	4684c1	`if (err != GNUTLS_E_SHORT_MEMORY_BUFFER) {`
Packit Service	4684c1	`addf(str, "error: get_signature: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`buffer = gnutls_malloc(size);`
Packit Service	4684c1	`if (!buffer) {`
Packit Service	4684c1	`addf(str, "error: malloc: %s\n",`
Packit Service	4684c1	`gnutls_strerror(GNUTLS_E_MEMORY_ERROR));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_signature(cert, buffer, &size);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`gnutls_free(buffer);`
Packit Service	4684c1	`addf(str, "error: get_signature2: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, _("\tSignature:\n"));`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, buffer, size, "\t\t");`
Packit Service	4684c1
Packit Service	4684c1	`gnutls_free(buffer);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_fingerprint(gnutls_buffer_st * str, gnutls_x509_crt_t cert)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`char buffer[MAX_HASH_SIZE];`
Packit Service	4684c1	`size_t size = sizeof(buffer);`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, _("\tFingerprint:\n"));`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_fingerprint(cert, GNUTLS_DIG_SHA1, buffer, &size);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_fingerprint: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, _("\t\tsha1:"));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, buffer, size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1
Packit Service	4684c1	`size = sizeof(buffer);`
Packit Service	4684c1	`err = gnutls_x509_crt_get_fingerprint(cert, GNUTLS_DIG_SHA256, buffer, &size);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_fingerprint: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1	`adds(str, _("\t\tsha256:"));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, buffer, size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`typedef int get_id_func(void obj, unsigned, unsigned char, size_t*);`
Packit Service	4684c1
Packit Service	4684c1	`static void print_obj_id(gnutls_buffer_st str, const char prefix, void obj, get_id_func get_id)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`unsigned char sha1_buffer[MAX_HASH_SIZE];`
Packit Service	4684c1	`unsigned char sha2_buffer[MAX_HASH_SIZE];`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`size_t sha1_size, sha2_size;`
Packit Service	4684c1
Packit Service	4684c1	`sha1_size = sizeof(sha1_buffer);`
Packit Service	4684c1	`err = get_id(obj, GNUTLS_KEYID_USE_SHA1, sha1_buffer, &sha1_size);`
Packit Service	4684c1	`if (err == GNUTLS_E_UNIMPLEMENTED_FEATURE) /* unsupported algo */`
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_key_id(sha1): %s\n", gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`sha2_size = sizeof(sha2_buffer);`
Packit Service	4684c1	`err = get_id(obj, GNUTLS_KEYID_USE_SHA256, sha2_buffer, &sha2_size);`
Packit Service	4684c1	`if (err == GNUTLS_E_UNIMPLEMENTED_FEATURE) /* unsupported algo */`
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_key_id(sha256): %s\n", gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("%sPublic Key ID:\n%s\tsha1:"), prefix, prefix);`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, sha1_buffer, sha1_size);`
Packit Service	4684c1	`addf(str, "\n%s\tsha256:", prefix);`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, sha2_buffer, sha2_size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("%sPublic Key PIN:\n%s\tpin-sha256:"), prefix, prefix);`
Packit Service	4684c1	`_gnutls_buffer_base64print(str, sha2_buffer, sha2_size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_keyid(gnutls_buffer_st * str, gnutls_x509_crt_t cert)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`const char *name;`
Packit Service	4684c1	`unsigned int bits;`
Packit Service	4684c1	`unsigned char sha1_buffer[MAX_HASH_SIZE];`
Packit Service	4684c1	`size_t sha1_size;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_pk_algorithm(cert, &bits);`
Packit Service	4684c1	`if (err < 0)`
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`print_obj_id(str, "\t", cert, (get_id_func*)gnutls_x509_crt_get_key_id);`
Packit Service	4684c1
Packit Service	4684c1	`if (IS_EC(err)) {`
Packit Service	4684c1	`gnutls_ecc_curve_t curve;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_pk_ecc_raw(cert, &curve, NULL, NULL);`
Packit Service	4684c1	`if (err < 0)`
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`name = gnutls_ecc_curve_get_name(curve);`
Packit Service	4684c1	`bits = 0;`
Packit Service	4684c1	`} else if (IS_GOSTEC(err)) {`
Packit Service	4684c1	`gnutls_ecc_curve_t curve;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_pk_gost_raw(cert, &curve, NULL, NULL, NULL, NULL);`
Packit Service	4684c1	`if (err < 0)`
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`name = gnutls_ecc_curve_get_name(curve);`
Packit Service	4684c1	`bits = 0;`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`name = gnutls_pk_get_name(err);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (name == NULL)`
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`sha1_size = sizeof(sha1_buffer);`
Packit Service	4684c1	`err = gnutls_x509_crt_get_key_id(cert, GNUTLS_KEYID_USE_SHA1, sha1_buffer, &sha1_size);`
Packit Service	4684c1	`if (err == GNUTLS_E_UNIMPLEMENTED_FEATURE) /* unsupported algo */`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_other(gnutls_buffer_st * str, gnutls_x509_crt_t cert,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`if (format != GNUTLS_CRT_PRINT_UNSIGNED_FULL) {`
Packit Service	4684c1	`print_fingerprint(str, cert);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`print_keyid(str, cert);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_oneline(gnutls_buffer_st * str, gnutls_x509_crt_t cert)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`/* Subject. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_datum_t dn;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_dn3(cert, &dn, 0);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {`
Packit Service	4684c1	`addf(str, _("no subject,"));`
Packit Service	4684c1	`} else if (err < 0) {`
Packit Service	4684c1	`addf(str, "unknown subject (%s), ",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	addf(str, "subject `%s', ", dn.data);
Packit Service	4684c1	`gnutls_free(dn.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Issuer. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_datum_t dn;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_issuer_dn3(cert, &dn, 0);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {`
Packit Service	4684c1	`addf(str, _("no issuer,"));`
Packit Service	4684c1	`} else if (err < 0) {`
Packit Service	4684c1	`addf(str, "unknown issuer (%s), ",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	addf(str, "issuer `%s', ", dn.data);
Packit Service	4684c1	`gnutls_free(dn.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`{`
Packit Service	4684c1	`char serial[128];`
Packit Service	4684c1	`size_t serial_size = sizeof(serial);`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crt_get_serial(cert, serial, &serial_size);`
Packit Service	4684c1	`if (err >= 0) {`
Packit Service	4684c1	`adds(str, "serial 0x");`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, serial, serial_size);`
Packit Service	4684c1	`adds(str, ", ");`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Key algorithm and size. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`unsigned int bits;`
Packit Service	4684c1	`const char *p;`
Packit Service	4684c1	`char *name = get_pk_name(cert, &bits);`
Packit Service	4684c1	`if (name == NULL)`
Packit Service	4684c1	`p = _("unknown");`
Packit Service	4684c1	`else`
Packit Service	4684c1	`p = name;`
Packit Service	4684c1	`addf(str, "%s key %d bits, ", p, bits);`
Packit Service	4684c1	`gnutls_free(name);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Signature Algorithm. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char *name = get_sign_name(cert, &err;;`
Packit Service	4684c1	`const char *p;`
Packit Service	4684c1
Packit Service	4684c1	`if (name == NULL)`
Packit Service	4684c1	`p = _("unknown");`
Packit Service	4684c1	`else`
Packit Service	4684c1	`p = name;`
Packit Service	4684c1
Packit Service	4684c1	`if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0)`
Packit Service	4684c1	`addf(str, _("signed using %s (broken!), "), p);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, _("signed using %s, "), p);`
Packit Service	4684c1	`gnutls_free(name);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Validity. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`time_t tim;`
Packit Service	4684c1
Packit Service	4684c1	`tim = gnutls_x509_crt_get_activation_time(cert);`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char s[42];`
Packit Service	4684c1	`size_t max = sizeof(s);`
Packit Service	4684c1	`struct tm t;`
Packit Service	4684c1
Packit Service	4684c1	`if (gmtime_r(&tim, &t) == NULL)`
Packit Service	4684c1	`addf(str, "unknown activation (%ld), ",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else if (strftime`
Packit Service	4684c1	`(s, max, "%Y-%m-%d %H:%M:%S UTC",`
Packit Service	4684c1	`&t) == 0)`
Packit Service	4684c1	`addf(str, "failed activation (%ld), ",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else`
Packit Service	4684c1	addf(str, "activated `%s', ", s);
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`tim = gnutls_x509_crt_get_expiration_time(cert);`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char s[42];`
Packit Service	4684c1	`size_t max = sizeof(s);`
Packit Service	4684c1	`struct tm t;`
Packit Service	4684c1
Packit Service	4684c1	`if (gmtime_r(&tim, &t) == NULL)`
Packit Service	4684c1	`addf(str, "unknown expiry (%ld), ",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else if (strftime`
Packit Service	4684c1	`(s, max, "%Y-%m-%d %H:%M:%S UTC",`
Packit Service	4684c1	`&t) == 0)`
Packit Service	4684c1	`addf(str, "failed expiry (%ld), ",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else`
Packit Service	4684c1	addf(str, "expires `%s', ", s);
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`{`
Packit Service	4684c1	`int pathlen;`
Packit Service	4684c1	`char *policyLanguage;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_proxy(cert, NULL,`
Packit Service	4684c1	`&pathlen, &policyLanguage,`
Packit Service	4684c1	`NULL, NULL);`
Packit Service	4684c1	`if (err == 0) {`
Packit Service	4684c1	`addf(str, "proxy certificate (policy=");`
Packit Service	4684c1	`if (strcmp(policyLanguage, "1.3.6.1.5.5.7.21.1") ==`
Packit Service	4684c1	`0)`
Packit Service	4684c1	`addf(str, "id-ppl-inheritALL");`
Packit Service	4684c1	`else if (strcmp`
Packit Service	4684c1	`(policyLanguage,`
Packit Service	4684c1	`"1.3.6.1.5.5.7.21.2") == 0)`
Packit Service	4684c1	`addf(str, "id-ppl-independent");`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, "%s", policyLanguage);`
Packit Service	4684c1	`if (pathlen >= 0)`
Packit Service	4684c1	`addf(str, ", pathlen=%d), ", pathlen);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, "), ");`
Packit Service	4684c1	`gnutls_free(policyLanguage);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`{`
Packit Service	4684c1	`unsigned char buffer[MAX_HASH_SIZE];`
Packit Service	4684c1	`size_t size = sizeof(buffer);`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crt_get_key_id(cert, GNUTLS_KEYID_USE_SHA256,`
Packit Service	4684c1	`buffer, &size);`
Packit Service	4684c1	`if (err >= 0) {`
Packit Service	4684c1	`addf(str, "pin-sha256=\"");`
Packit Service	4684c1	`_gnutls_buffer_base64print(str, buffer, size);`
Packit Service	4684c1	`adds(str, "\"");`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/**`
Packit Service	4684c1	`* gnutls_x509_crt_print:`
Packit Service	4684c1	`* @cert: The data to be printed`
Packit Service	4684c1	`* @format: Indicate the format to use`
Packit Service	4684c1	`* @out: Newly allocated datum with null terminated string.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* This function will pretty print a X.509 certificate, suitable for`
Packit Service	4684c1	`* display to a human.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* If the format is %GNUTLS_CRT_PRINT_FULL then all fields of the`
Packit Service	4684c1	`* certificate will be output, on multiple lines. The`
Packit Service	4684c1	`* %GNUTLS_CRT_PRINT_ONELINE format will generate one line with some`
Packit Service	4684c1	`* selected fields, which is useful for logging purposes.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* The output @out needs to be deallocated using gnutls_free().`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a`
Packit Service	4684c1	`* negative error value.`
Packit Service	4684c1	`**/`
Packit Service	4684c1	`int`
Packit Service	4684c1	`gnutls_x509_crt_print(gnutls_x509_crt_t cert,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format,`
Packit Service	4684c1	`gnutls_datum_t * out)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_buffer_st str;`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1
Packit Service	4684c1	`if (format == GNUTLS_CRT_PRINT_COMPACT) {`
Packit Service	4684c1	`_gnutls_buffer_init(&str);`
Packit Service	4684c1
Packit Service	4684c1	`print_oneline(&str, cert);`
Packit Service	4684c1
Packit Service	4684c1	`ret = _gnutls_buffer_append_data(&str, "\n", 1);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return gnutls_assert_val(ret);`
Packit Service	4684c1
Packit Service	4684c1	`print_keyid(&str, cert);`
Packit Service	4684c1
Packit Service	4684c1	`return _gnutls_buffer_to_datum(&str, out, 1);`
Packit Service	4684c1	`} else if (format == GNUTLS_CRT_PRINT_ONELINE) {`
Packit Service	4684c1	`_gnutls_buffer_init(&str);`
Packit Service	4684c1
Packit Service	4684c1	`print_oneline(&str, cert);`
Packit Service	4684c1
Packit Service	4684c1	`return _gnutls_buffer_to_datum(&str, out, 1);`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`_gnutls_buffer_init(&str);`
Packit Service	4684c1
Packit Service	4684c1	`_gnutls_buffer_append_str(&str,`
Packit Service	4684c1	`_`
Packit Service	4684c1	`("X.509 Certificate Information:\n"));`
Packit Service	4684c1
Packit Service	4684c1	`print_cert(&str, cert, format);`
Packit Service	4684c1
Packit Service	4684c1	`_gnutls_buffer_append_str(&str, _("Other Information:\n"));`
Packit Service	4684c1
Packit Service	4684c1	`print_other(&str, cert, format);`
Packit Service	4684c1
Packit Service	4684c1	`return _gnutls_buffer_to_datum(&str, out, 1);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_crl(gnutls_buffer_st * str, gnutls_x509_crl_t crl, int notsigned)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`/* Version. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int version = gnutls_x509_crl_get_version(crl);`
Packit Service	4684c1	`if (version < 0)`
Packit Service	4684c1	`addf(str, "error: get_version: %s\n",`
Packit Service	4684c1	`gnutls_strerror(version));`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, _("\tVersion: %d\n"), version);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Issuer. */`
Packit Service	4684c1	`if (!notsigned) {`
Packit Service	4684c1	`gnutls_datum_t dn;`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crl_get_issuer_dn3(crl, &dn, 0);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {`
Packit Service	4684c1	`addf(str, _("\tIssuer:\n"));`
Packit Service	4684c1	`} else if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_issuer_dn: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`addf(str, _("\tIssuer: %s\n"), dn.data);`
Packit Service	4684c1	`gnutls_free(dn.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Validity. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`time_t tim;`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, _("\tUpdate dates:\n"));`
Packit Service	4684c1
Packit Service	4684c1	`tim = gnutls_x509_crl_get_this_update(crl);`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char s[42];`
Packit Service	4684c1	`size_t max = sizeof(s);`
Packit Service	4684c1	`struct tm t;`
Packit Service	4684c1
Packit Service	4684c1	`if (gmtime_r(&tim, &t) == NULL)`
Packit Service	4684c1	`addf(str, "error: gmtime_r (%ld)\n",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else if (strftime`
Packit Service	4684c1	`(s, max, "%a %b %d %H:%M:%S UTC %Y",`
Packit Service	4684c1	`&t) == 0)`
Packit Service	4684c1	`addf(str, "error: strftime (%ld)\n",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, _("\t\tIssued: %s\n"), s);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`tim = gnutls_x509_crl_get_next_update(crl);`
Packit Service	4684c1	`{`
Packit Service	4684c1	`char s[42];`
Packit Service	4684c1	`size_t max = sizeof(s);`
Packit Service	4684c1	`struct tm t;`
Packit Service	4684c1
Packit Service	4684c1	`if (tim == -1)`
Packit Service	4684c1	`addf(str, "\t\tNo next update time.\n");`
Packit Service	4684c1	`else if (gmtime_r(&tim, &t) == NULL)`
Packit Service	4684c1	`addf(str, "error: gmtime_r (%ld)\n",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else if (strftime`
Packit Service	4684c1	`(s, max, "%a %b %d %H:%M:%S UTC %Y",`
Packit Service	4684c1	`&t) == 0)`
Packit Service	4684c1	`addf(str, "error: strftime (%ld)\n",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, _("\t\tNext at: %s\n"), s);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Extensions. */`
Packit Service	4684c1	`if (gnutls_x509_crl_get_version(crl) >= 2) {`
Packit Service	4684c1	`size_t i;`
Packit Service	4684c1	`int err = 0;`
Packit Service	4684c1	`int aki_idx = 0;`
Packit Service	4684c1	`int crl_nr = 0;`
Packit Service	4684c1
Packit Service	4684c1	`for (i = 0;; i++) {`
Packit Service	4684c1	`char oid[MAX_OID_SIZE] = "";`
Packit Service	4684c1	`size_t sizeof_oid = sizeof(oid);`
Packit Service	4684c1	`unsigned int critical;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crl_get_extension_info(crl, i,`
Packit Service	4684c1	`oid,`
Packit Service	4684c1	`&sizeof_oid,`
Packit Service	4684c1	`&critical);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: get_extension_info: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (i == 0)`
Packit Service	4684c1	`adds(str, _("\tExtensions:\n"));`
Packit Service	4684c1
Packit Service	4684c1	`if (strcmp(oid, "2.5.29.20") == 0) {`
Packit Service	4684c1	`char nr[128];`
Packit Service	4684c1	`size_t nr_size = sizeof(nr);`
Packit Service	4684c1
Packit Service	4684c1	`if (crl_nr) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one CRL number\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crl_get_number(crl, nr,`
Packit Service	4684c1	`&nr_size,`
Packit Service	4684c1	`&critical);`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("\t\tCRL Number (%s): "),`
Packit Service	4684c1	`critical ? _("critical") :`
Packit Service	4684c1	`_("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`if (err < 0)`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: get_number: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`else {`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, nr,`
Packit Service	4684c1	`nr_size);`
Packit Service	4684c1	`addf(str, "\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`crl_nr++;`
Packit Service	4684c1	`} else if (strcmp(oid, "2.5.29.35") == 0) {`
Packit Service	4684c1	`gnutls_datum_t der;`
Packit Service	4684c1
Packit Service	4684c1	`if (aki_idx) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one AKI extension\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_`
Packit Service	4684c1	`("\t\tAuthority Key Identifier (%s):\n"),`
Packit Service	4684c1	`critical ? _("critical") :`
Packit Service	4684c1	`_("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crl_get_extension_data2(crl, i, &der;;`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: get_extension_data2: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`continue;`
Packit Service	4684c1	`}`
Packit Service	4684c1	`print_aki(str, &der;;`
Packit Service	4684c1	`gnutls_free(der.data);`
Packit Service	4684c1
Packit Service	4684c1	`aki_idx++;`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`gnutls_datum_t der;`
Packit Service	4684c1
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("\t\tUnknown extension %s (%s):\n"),`
Packit Service	4684c1	`oid,`
Packit Service	4684c1	`critical ? _("critical") :`
Packit Service	4684c1	`_("not critical"));`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crl_get_extension_data2(crl,`
Packit Service	4684c1	`i,`
Packit Service	4684c1	`&der;;`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: get_extension_data2: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`continue;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, _("\t\t\tASCII: "));`
Packit Service	4684c1	`_gnutls_buffer_asciiprint(str, (char*)der.data, der.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, _("\t\t\tHexdump: "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, der.data, der.size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1
Packit Service	4684c1	`gnutls_free(der.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1
Packit Service	4684c1	`/* Revoked certificates. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int num = gnutls_x509_crl_get_crt_count(crl);`
Packit Service	4684c1	`gnutls_x509_crl_iter_t iter = NULL;`
Packit Service	4684c1	`int j;`
Packit Service	4684c1
Packit Service	4684c1	`if (num)`
Packit Service	4684c1	`addf(str, _("\tRevoked certificates (%d):\n"),`
Packit Service	4684c1	`num);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`adds(str, _("\tNo revoked certificates.\n"));`
Packit Service	4684c1
Packit Service	4684c1	`for (j = 0; j < num; j++) {`
Packit Service	4684c1	`unsigned char serial[128];`
Packit Service	4684c1	`size_t serial_size = sizeof(serial);`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`time_t tim;`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crl_iter_crt_serial(crl, &iter, serial,`
Packit Service	4684c1	`&serial_size,`
Packit Service	4684c1	`&tim);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: iter_crt_serial: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`char s[42];`
Packit Service	4684c1	`size_t max = sizeof(s);`
Packit Service	4684c1	`struct tm t;`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, _("\t\tSerial Number (hex): "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, serial,`
Packit Service	4684c1	`serial_size);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1
Packit Service	4684c1	`if (gmtime_r(&tim, &t) == NULL)`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: gmtime_r (%ld)\n",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else if (strftime`
Packit Service	4684c1	`(s, max,`
Packit Service	4684c1	`"%a %b %d %H:%M:%S UTC %Y",`
Packit Service	4684c1	`&t) == 0)`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: strftime (%ld)\n",`
Packit Service	4684c1	`(unsigned long) tim);`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_("\t\tRevoked at: %s\n"), s);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1	`gnutls_x509_crl_iter_deinit(iter);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Signature. */`
Packit Service	4684c1	`if (!notsigned) {`
Packit Service	4684c1	`int err;`
Packit Service	4684c1	`size_t size = 0;`
Packit Service	4684c1	`char *buffer = NULL;`
Packit Service	4684c1	`char *name;`
Packit Service	4684c1	`const char *p;`
Packit Service	4684c1
Packit Service	4684c1	`name = crl_get_sign_name(crl, &err;;`
Packit Service	4684c1	`if (name == NULL)`
Packit Service	4684c1	`p = _("unknown");`
Packit Service	4684c1	`else`
Packit Service	4684c1	`p = name;`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("\tSignature Algorithm: %s\n"), p);`
Packit Service	4684c1	`gnutls_free(name);`
Packit Service	4684c1
Packit Service	4684c1	`if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0) {`
Packit Service	4684c1	`adds(str,`
Packit Service	4684c1	`_("warning: signed using a broken signature "`
Packit Service	4684c1	`"algorithm that can be forged.\n"));`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crl_get_signature(crl, buffer, &size);`
Packit Service	4684c1	`if (err != GNUTLS_E_SHORT_MEMORY_BUFFER) {`
Packit Service	4684c1	`addf(str, "error: get_signature: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`buffer = gnutls_malloc(size);`
Packit Service	4684c1	`if (!buffer) {`
Packit Service	4684c1	`addf(str, "error: malloc: %s\n",`
Packit Service	4684c1	`gnutls_strerror(GNUTLS_E_MEMORY_ERROR));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crl_get_signature(crl, buffer, &size);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`gnutls_free(buffer);`
Packit Service	4684c1	`addf(str, "error: get_signature2: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, _("\tSignature:\n"));`
Packit Service	4684c1	`_gnutls_buffer_hexdump(str, buffer, size, "\t\t");`
Packit Service	4684c1
Packit Service	4684c1	`gnutls_free(buffer);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/**`
Packit Service	4684c1	`* gnutls_x509_crl_print:`
Packit Service	4684c1	`* @crl: The data to be printed`
Packit Service	4684c1	`* @format: Indicate the format to use`
Packit Service	4684c1	`* @out: Newly allocated datum with null terminated string.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* This function will pretty print a X.509 certificate revocation`
Packit Service	4684c1	`* list, suitable for display to a human.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* The output @out needs to be deallocated using gnutls_free().`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a`
Packit Service	4684c1	`* negative error value.`
Packit Service	4684c1	`**/`
Packit Service	4684c1	`int`
Packit Service	4684c1	`gnutls_x509_crl_print(gnutls_x509_crl_t crl,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format,`
Packit Service	4684c1	`gnutls_datum_t * out)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_buffer_st str;`
Packit Service	4684c1
Packit Service	4684c1	`_gnutls_buffer_init(&str);`
Packit Service	4684c1
Packit Service	4684c1	`_gnutls_buffer_append_str`
Packit Service	4684c1	`(&str, _("X.509 Certificate Revocation List Information:\n"));`
Packit Service	4684c1
Packit Service	4684c1	`print_crl(&str, crl, format == GNUTLS_CRT_PRINT_UNSIGNED_FULL);`
Packit Service	4684c1
Packit Service	4684c1	`return _gnutls_buffer_to_datum(&str, out, 1);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static int`
Packit Service	4684c1	`print_crq_sig_params(gnutls_buffer_st * str, gnutls_x509_crq_t crt,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1	`gnutls_pk_algorithm_t pk;`
Packit Service	4684c1	`gnutls_x509_spki_st params;`
Packit Service	4684c1	`gnutls_sign_algorithm_t sign;`
Packit Service	4684c1
Packit Service	4684c1	`sign = gnutls_x509_crq_get_signature_algorithm(crt);`
Packit Service	4684c1	`pk = gnutls_sign_get_pk_algorithm(sign);`
Packit Service	4684c1	`if (pk == GNUTLS_PK_RSA_PSS) {`
Packit Service	4684c1	`ret = _gnutls_x509_read_sign_params(crt->crq,`
Packit Service	4684c1	`"signatureAlgorithm",`
Packit Service	4684c1	`&params);`
Packit Service	4684c1	`if (ret < 0) {`
Packit Service	4684c1	`addf(str, "error: read_pss_params: %s\n",`
Packit Service	4684c1	`gnutls_strerror(ret));`
Packit Service	4684c1	`} else`
Packit Service	4684c1	`addf(str, "\t\tSalt Length: %d\n", params.salt_size);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`return 0;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static int`
Packit Service	4684c1	`print_crq_pubkey(gnutls_buffer_st * str, gnutls_x509_crq_t crq,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_pubkey_t pubkey;`
Packit Service	4684c1	`gnutls_x509_spki_st params;`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1
Packit Service	4684c1	`ret = _gnutls_x509_crq_read_spki_params(crq, &params);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return ret;`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_pubkey_init(&pubkey);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return ret;`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_pubkey_import_x509_crq(pubkey, crq, 0);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`goto cleanup;`
Packit Service	4684c1
Packit Service	4684c1	`print_pubkey(str, _("Subject "), pubkey, &params, format);`
Packit Service	4684c1	`ret = 0;`
Packit Service	4684c1
Packit Service	4684c1	`cleanup:`
Packit Service	4684c1	`gnutls_pubkey_deinit(pubkey);`
Packit Service	4684c1
Packit Service	4684c1	`if (ret < 0) { /* print only name */`
Packit Service	4684c1	`const char *p;`
Packit Service	4684c1	`char *name = crq_get_pk_name(crq);`
Packit Service	4684c1	`if (name == NULL)`
Packit Service	4684c1	`p = _("unknown");`
Packit Service	4684c1	`else`
Packit Service	4684c1	`p = name;`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, "\tSubject Public Key Algorithm: %s\n", p);`
Packit Service	4684c1	`gnutls_free(name);`
Packit Service	4684c1	`ret = 0;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`return ret;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_crq(gnutls_buffer_st * str, gnutls_x509_crq_t cert,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`/* Version. */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int version = gnutls_x509_crq_get_version(cert);`
Packit Service	4684c1	`if (version < 0)`
Packit Service	4684c1	`addf(str, "error: get_version: %s\n",`
Packit Service	4684c1	`gnutls_strerror(version));`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str, _("\tVersion: %d\n"), version);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* Subject */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_datum_t dn;`
Packit Service	4684c1	`int err;`
Packit Service	4684c1
Packit Service	4684c1	`err = gnutls_x509_crq_get_dn3(cert, &dn, 0);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {`
Packit Service	4684c1	`addf(str, _("\tSubject:\n"));`
Packit Service	4684c1	`} else if (err < 0) {`
Packit Service	4684c1	`addf(str, "error: get_dn: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`addf(str, _("\tSubject: %s\n"), dn.data);`
Packit Service	4684c1	`gnutls_free(dn.data);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`{`
Packit Service	4684c1	`char *name;`
Packit Service	4684c1	`const char *p;`
Packit Service	4684c1
Packit Service	4684c1	`print_crq_pubkey(str, cert, format);`
Packit Service	4684c1
Packit Service	4684c1	`name = crq_get_sign_name(cert);`
Packit Service	4684c1	`if (name == NULL)`
Packit Service	4684c1	`p = _("unknown");`
Packit Service	4684c1	`else`
Packit Service	4684c1	`p = name;`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("\tSignature Algorithm: %s\n"), p);`
Packit Service	4684c1
Packit Service	4684c1	`gnutls_free(name);`
Packit Service	4684c1
Packit Service	4684c1	`print_crq_sig_params(str, cert, format);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* parse attributes */`
Packit Service	4684c1	`{`
Packit Service	4684c1	`size_t i;`
Packit Service	4684c1	`int err = 0;`
Packit Service	4684c1	`int extensions = 0;`
Packit Service	4684c1	`int challenge = 0;`
Packit Service	4684c1
Packit Service	4684c1	`for (i = 0;; i++) {`
Packit Service	4684c1	`char oid[MAX_OID_SIZE] = "";`
Packit Service	4684c1	`size_t sizeof_oid = sizeof(oid);`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crq_get_attribute_info(cert, i,`
Packit Service	4684c1	`oid,`
Packit Service	4684c1	`&sizeof_oid);`
Packit Service	4684c1	`if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: get_extension_info: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`break;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`if (i == 0)`
Packit Service	4684c1	`adds(str, _("\tAttributes:\n"));`
Packit Service	4684c1
Packit Service	4684c1	`if (strcmp(oid, "1.2.840.113549.1.9.14") == 0) {`
Packit Service	4684c1	`cert_type_t ccert;`
Packit Service	4684c1
Packit Service	4684c1	`if (extensions) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"warning: more than one extensionsRequest\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`ccert.crq = cert;`
Packit Service	4684c1	`print_extensions(str, "\t", TYPE_CRQ,`
Packit Service	4684c1	`ccert);`
Packit Service	4684c1
Packit Service	4684c1	`extensions++;`
Packit Service	4684c1	`} else if (strcmp(oid, "1.2.840.113549.1.9.7") ==`
Packit Service	4684c1	`0) {`
Packit Service	4684c1	`char *pass;`
Packit Service	4684c1	`size_t size;`
Packit Service	4684c1
Packit Service	4684c1	`if (challenge) {`
Packit Service	4684c1	`adds(str,`
Packit Service	4684c1	`"warning: more than one Challenge password attribute\n");`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crq_get_challenge_password`
Packit Service	4684c1	`(cert, NULL, &size);`
Packit Service	4684c1	`if (err < 0`
Packit Service	4684c1	`&& err !=`
Packit Service	4684c1	`GNUTLS_E_SHORT_MEMORY_BUFFER) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: get_challenge_password: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`continue;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`size++;`
Packit Service	4684c1
Packit Service	4684c1	`pass = gnutls_malloc(size);`
Packit Service	4684c1	`if (!pass) {`
Packit Service	4684c1	`addf(str, "error: malloc: %s\n",`
Packit Service	4684c1	`gnutls_strerror`
Packit Service	4684c1	`(GNUTLS_E_MEMORY_ERROR));`
Packit Service	4684c1	`continue;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crq_get_challenge_password`
Packit Service	4684c1	`(cert, pass, &size);`
Packit Service	4684c1	`if (err < 0)`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: get_challenge_password: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`else`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`_`
Packit Service	4684c1	`("\t\tChallenge password: %s\n"),`
Packit Service	4684c1	`pass);`
Packit Service	4684c1
Packit Service	4684c1	`gnutls_free(pass);`
Packit Service	4684c1
Packit Service	4684c1	`challenge++;`
Packit Service	4684c1	`} else {`
Packit Service	4684c1	`char *buffer;`
Packit Service	4684c1	`size_t extlen = 0;`
Packit Service	4684c1
Packit Service	4684c1	`addf(str, _("\t\tUnknown attribute %s:\n"),`
Packit Service	4684c1	`oid);`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crq_get_attribute_data`
Packit Service	4684c1	`(cert, i, NULL, &extlen);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: get_attribute_data: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`continue;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`buffer = gnutls_malloc(extlen);`
Packit Service	4684c1	`if (!buffer) {`
Packit Service	4684c1	`addf(str, "error: malloc: %s\n",`
Packit Service	4684c1	`gnutls_strerror`
Packit Service	4684c1	`(GNUTLS_E_MEMORY_ERROR));`
Packit Service	4684c1	`continue;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`err =`
Packit Service	4684c1	`gnutls_x509_crq_get_attribute_data`
Packit Service	4684c1	`(cert, i, buffer, &extlen);`
Packit Service	4684c1	`if (err < 0) {`
Packit Service	4684c1	`gnutls_free(buffer);`
Packit Service	4684c1	`addf(str,`
Packit Service	4684c1	`"error: get_attribute_data2: %s\n",`
Packit Service	4684c1	`gnutls_strerror(err));`
Packit Service	4684c1	`continue;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, _("\t\t\tASCII: "));`
Packit Service	4684c1	`_gnutls_buffer_asciiprint(str, buffer,`
Packit Service	4684c1	`extlen);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, _("\t\t\tHexdump: "));`
Packit Service	4684c1	`_gnutls_buffer_hexprint(str, buffer,`
Packit Service	4684c1	`extlen);`
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1
Packit Service	4684c1	`gnutls_free(buffer);`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void print_crq_other(gnutls_buffer_st * str, gnutls_x509_crq_t crq)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1
Packit Service	4684c1	`/* on unknown public key algorithms don't print the key ID */`
Packit Service	4684c1	`ret = gnutls_x509_crq_get_pk_algorithm(crq, NULL);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`print_obj_id(str, "\t", crq, (get_id_func*)gnutls_x509_crq_get_key_id);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/**`
Packit Service	4684c1	`* gnutls_x509_crq_print:`
Packit Service	4684c1	`* @crq: The data to be printed`
Packit Service	4684c1	`* @format: Indicate the format to use`
Packit Service	4684c1	`* @out: Newly allocated datum with null terminated string.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* This function will pretty print a certificate request, suitable for`
Packit Service	4684c1	`* display to a human.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* The output @out needs to be deallocated using gnutls_free().`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a`
Packit Service	4684c1	`* negative error value.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* Since: 2.8.0`
Packit Service	4684c1	`**/`
Packit Service	4684c1	`int`
Packit Service	4684c1	`gnutls_x509_crq_print(gnutls_x509_crq_t crq,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format,`
Packit Service	4684c1	`gnutls_datum_t * out)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_buffer_st str;`
Packit Service	4684c1
Packit Service	4684c1	`_gnutls_buffer_init(&str);`
Packit Service	4684c1
Packit Service	4684c1	`_gnutls_buffer_append_str`
Packit Service	4684c1	`(&str, _("PKCS #10 Certificate Request Information:\n"));`
Packit Service	4684c1
Packit Service	4684c1	`print_crq(&str, crq, format);`
Packit Service	4684c1
Packit Service	4684c1	`_gnutls_buffer_append_str(&str, _("Other Information:\n"));`
Packit Service	4684c1
Packit Service	4684c1	`print_crq_other(&str, crq);`
Packit Service	4684c1
Packit Service	4684c1	`return _gnutls_buffer_to_datum(&str, out, 1);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`static void`
Packit Service	4684c1	`print_pubkey_other(gnutls_buffer_st * str, gnutls_pubkey_t pubkey,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`int ret;`
Packit Service	4684c1	`unsigned int usage;`
Packit Service	4684c1
Packit Service	4684c1	`ret = gnutls_pubkey_get_key_usage(pubkey, &usage);`
Packit Service	4684c1	`if (ret < 0) {`
Packit Service	4684c1	`addf(str, "error: get_key_usage: %s\n",`
Packit Service	4684c1	`gnutls_strerror(ret));`
Packit Service	4684c1	`return;`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`adds(str, "\n");`
Packit Service	4684c1	`if (pubkey->key_usage) {`
Packit Service	4684c1	`adds(str, _("Public Key Usage:\n"));`
Packit Service	4684c1	`print_key_usage2(str, "\t", pubkey->key_usage);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/* on unknown public key algorithms don't print the key ID */`
Packit Service	4684c1	`ret = gnutls_pubkey_get_pk_algorithm(pubkey, NULL);`
Packit Service	4684c1	`if (ret < 0)`
Packit Service	4684c1	`return;`
Packit Service	4684c1
Packit Service	4684c1	`print_obj_id(str, "", pubkey, (get_id_func*)gnutls_pubkey_get_key_id);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/**`
Packit Service	4684c1	`* gnutls_pubkey_print:`
Packit Service	4684c1	`* @pubkey: The data to be printed`
Packit Service	4684c1	`* @format: Indicate the format to use`
Packit Service	4684c1	`* @out: Newly allocated datum with null terminated string.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* This function will pretty print public key information, suitable for`
Packit Service	4684c1	`* display to a human.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* Only %GNUTLS_CRT_PRINT_FULL and %GNUTLS_CRT_PRINT_FULL_NUMBERS`
Packit Service	4684c1	`* are implemented.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* The output @out needs to be deallocated using gnutls_free().`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a`
Packit Service	4684c1	`* negative error value.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* Since: 3.1.5`
Packit Service	4684c1	`**/`
Packit Service	4684c1	`int`
Packit Service	4684c1	`gnutls_pubkey_print(gnutls_pubkey_t pubkey,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format,`
Packit Service	4684c1	`gnutls_datum_t * out)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_buffer_st str;`
Packit Service	4684c1
Packit Service	4684c1	`_gnutls_buffer_init(&str);`
Packit Service	4684c1
Packit Service	4684c1	`_gnutls_buffer_append_str(&str, _("Public Key Information:\n"));`
Packit Service	4684c1
Packit Service	4684c1	`print_pubkey(&str, "", pubkey, NULL, format);`
Packit Service	4684c1	`print_pubkey_other(&str, pubkey, format);`
Packit Service	4684c1
Packit Service	4684c1	`return _gnutls_buffer_to_datum(&str, out, 1);`
Packit Service	4684c1	`}`
Packit Service	4684c1
Packit Service	4684c1	`/**`
Packit Service	4684c1	`* gnutls_x509_ext_print:`
Packit Service	4684c1	`* @exts: The data to be printed`
Packit Service	4684c1	`* @exts_size: the number of available structures`
Packit Service	4684c1	`* @format: Indicate the format to use`
Packit Service	4684c1	`* @out: Newly allocated datum with null terminated string.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* This function will pretty print X.509 certificate extensions,`
Packit Service	4684c1	`* suitable for display to a human.`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* The output @out needs to be deallocated using gnutls_free().`
Packit Service	4684c1	`*`
Packit Service	4684c1	`* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a`
Packit Service	4684c1	`* negative error value.`
Packit Service	4684c1	`**/`
Packit Service	4684c1	`int`
Packit Service	4684c1	`gnutls_x509_ext_print(gnutls_x509_ext_st *exts, unsigned int exts_size,`
Packit Service	4684c1	`gnutls_certificate_print_formats_t format,`
Packit Service	4684c1	`gnutls_datum_t * out)`
Packit Service	4684c1	`{`
Packit Service	4684c1	`gnutls_buffer_st str;`
Packit Service	4684c1	`struct ext_indexes_st idx;`
Packit Service	4684c1	`unsigned i;`
Packit Service	4684c1
Packit Service	4684c1	`memset(&idx, 0, sizeof(idx));`
Packit Service	4684c1	`_gnutls_buffer_init(&str);`
Packit Service	4684c1
Packit Service	4684c1	`for (i=0;i`
Packit Service	4684c1	`print_extension(&str, "", &idx, (char*)exts[i].oid, exts[i].critical, &exts[i].data);`
Packit Service	4684c1
Packit Service	4684c1	`return _gnutls_buffer_to_datum(&str, out, 1);`
Packit Service	4684c1	`}`

source-git / gnutls

Source Code

Blame lib/x509/output.c