2
0

ct_prn.c 3.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127
  1. /*
  2. * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #ifdef OPENSSL_NO_CT
  10. # error "CT is disabled"
  11. #endif
  12. #include <openssl/asn1.h>
  13. #include <openssl/bio.h>
  14. #include "ct_local.h"
  15. static void SCT_signature_algorithms_print(const SCT *sct, BIO *out)
  16. {
  17. int nid = SCT_get_signature_nid(sct);
  18. if (nid == NID_undef)
  19. BIO_printf(out, "%02X%02X", sct->hash_alg, sct->sig_alg);
  20. else
  21. BIO_printf(out, "%s", OBJ_nid2ln(nid));
  22. }
  23. static void timestamp_print(uint64_t timestamp, BIO *out)
  24. {
  25. ASN1_GENERALIZEDTIME *gen = ASN1_GENERALIZEDTIME_new();
  26. char genstr[20];
  27. if (gen == NULL)
  28. return;
  29. ASN1_GENERALIZEDTIME_adj(gen, (time_t)0,
  30. (int)(timestamp / 86400000),
  31. (timestamp % 86400000) / 1000);
  32. /*
  33. * Note GeneralizedTime from ASN1_GENERALIZETIME_adj is always 15
  34. * characters long with a final Z. Update it with fractional seconds.
  35. */
  36. BIO_snprintf(genstr, sizeof(genstr), "%.14s.%03dZ",
  37. ASN1_STRING_get0_data(gen), (unsigned int)(timestamp % 1000));
  38. if (ASN1_GENERALIZEDTIME_set_string(gen, genstr))
  39. ASN1_GENERALIZEDTIME_print(out, gen);
  40. ASN1_GENERALIZEDTIME_free(gen);
  41. }
  42. const char *SCT_validation_status_string(const SCT *sct)
  43. {
  44. switch (SCT_get_validation_status(sct)) {
  45. case SCT_VALIDATION_STATUS_NOT_SET:
  46. return "not set";
  47. case SCT_VALIDATION_STATUS_UNKNOWN_VERSION:
  48. return "unknown version";
  49. case SCT_VALIDATION_STATUS_UNKNOWN_LOG:
  50. return "unknown log";
  51. case SCT_VALIDATION_STATUS_UNVERIFIED:
  52. return "unverified";
  53. case SCT_VALIDATION_STATUS_INVALID:
  54. return "invalid";
  55. case SCT_VALIDATION_STATUS_VALID:
  56. return "valid";
  57. }
  58. return "unknown status";
  59. }
  60. void SCT_print(const SCT *sct, BIO *out, int indent,
  61. const CTLOG_STORE *log_store)
  62. {
  63. const CTLOG *log = NULL;
  64. if (log_store != NULL) {
  65. log = CTLOG_STORE_get0_log_by_id(log_store, sct->log_id,
  66. sct->log_id_len);
  67. }
  68. BIO_printf(out, "%*sSigned Certificate Timestamp:", indent, "");
  69. BIO_printf(out, "\n%*sVersion : ", indent + 4, "");
  70. if (sct->version != SCT_VERSION_V1) {
  71. BIO_printf(out, "unknown\n%*s", indent + 16, "");
  72. BIO_hex_string(out, indent + 16, 16, sct->sct, sct->sct_len);
  73. return;
  74. }
  75. BIO_printf(out, "v1 (0x0)");
  76. if (log != NULL) {
  77. BIO_printf(out, "\n%*sLog : %s", indent + 4, "",
  78. CTLOG_get0_name(log));
  79. }
  80. BIO_printf(out, "\n%*sLog ID : ", indent + 4, "");
  81. BIO_hex_string(out, indent + 16, 16, sct->log_id, sct->log_id_len);
  82. BIO_printf(out, "\n%*sTimestamp : ", indent + 4, "");
  83. timestamp_print(sct->timestamp, out);
  84. BIO_printf(out, "\n%*sExtensions: ", indent + 4, "");
  85. if (sct->ext_len == 0)
  86. BIO_printf(out, "none");
  87. else
  88. BIO_hex_string(out, indent + 16, 16, sct->ext, sct->ext_len);
  89. BIO_printf(out, "\n%*sSignature : ", indent + 4, "");
  90. SCT_signature_algorithms_print(sct, out);
  91. BIO_printf(out, "\n%*s ", indent + 4, "");
  92. BIO_hex_string(out, indent + 16, 16, sct->sig, sct->sig_len);
  93. }
  94. void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
  95. const char *separator, const CTLOG_STORE *log_store)
  96. {
  97. int sct_count = sk_SCT_num(sct_list);
  98. int i;
  99. for (i = 0; i < sct_count; ++i) {
  100. SCT *sct = sk_SCT_value(sct_list, i);
  101. SCT_print(sct, out, indent, log_store);
  102. if (i < sk_SCT_num(sct_list) - 1)
  103. BIO_printf(out, "%s", separator);
  104. }
  105. }