1/*
2 * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include "internal/cryptlib.h"
12#include <openssl/buffer.h>
13#include <openssl/bn.h>
14#include <openssl/objects.h>
15#include <openssl/x509.h>
16#include <openssl/x509v3.h>
17
18#ifndef OPENSSL_NO_STDIO
19int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
20{
21 BIO *b;
22 int ret;
23
24 if ((b = BIO_new(BIO_s_file())) == NULL) {
25 X509err(X509_F_X509_CRL_PRINT_FP, ERR_R_BUF_LIB);
26 return 0;
27 }
28 BIO_set_fp(b, fp, BIO_NOCLOSE);
29 ret = X509_CRL_print(b, x);
30 BIO_free(b);
31 return ret;
32}
33#endif
34
35int X509_CRL_print(BIO *out, X509_CRL *x)
36{
37 return X509_CRL_print_ex(out, x, XN_FLAG_COMPAT);
38}
39
40int X509_CRL_print_ex(BIO *out, X509_CRL *x, unsigned long nmflag)
41{
42 STACK_OF(X509_REVOKED) *rev;
43 X509_REVOKED *r;
44 const X509_ALGOR *sig_alg;
45 const ASN1_BIT_STRING *sig;
46 long l;
47 int i;
48
49 BIO_printf(out, "Certificate Revocation List (CRL):\n");
50 l = X509_CRL_get_version(x);
51 if (l >= 0 && l <= 1)
52 BIO_printf(out, "%8sVersion %ld (0x%lx)\n", "", l + 1, (unsigned long)l);
53 else
54 BIO_printf(out, "%8sVersion unknown (%ld)\n", "", l);
55 X509_CRL_get0_signature(x, &sig, &sig_alg);
56 BIO_puts(out, " ");
57 X509_signature_print(out, sig_alg, NULL);
58 BIO_printf(out, "%8sIssuer: ", "");
59 X509_NAME_print_ex(out, X509_CRL_get_issuer(x), 0, nmflag);
60 BIO_puts(out, "\n");
61 BIO_printf(out, "%8sLast Update: ", "");
62 ASN1_TIME_print(out, X509_CRL_get0_lastUpdate(x));
63 BIO_printf(out, "\n%8sNext Update: ", "");
64 if (X509_CRL_get0_nextUpdate(x))
65 ASN1_TIME_print(out, X509_CRL_get0_nextUpdate(x));
66 else
67 BIO_printf(out, "NONE");
68 BIO_printf(out, "\n");
69
70 X509V3_extensions_print(out, "CRL extensions",
71 X509_CRL_get0_extensions(x), 0, 8);
72
73 rev = X509_CRL_get_REVOKED(x);
74
75 if (sk_X509_REVOKED_num(rev) > 0)
76 BIO_printf(out, "Revoked Certificates:\n");
77 else
78 BIO_printf(out, "No Revoked Certificates.\n");
79
80 for (i = 0; i < sk_X509_REVOKED_num(rev); i++) {
81 r = sk_X509_REVOKED_value(rev, i);
82 BIO_printf(out, " Serial Number: ");
83 i2a_ASN1_INTEGER(out, X509_REVOKED_get0_serialNumber(r));
84 BIO_printf(out, "\n Revocation Date: ");
85 ASN1_TIME_print(out, X509_REVOKED_get0_revocationDate(r));
86 BIO_printf(out, "\n");
87 X509V3_extensions_print(out, "CRL entry extensions",
88 X509_REVOKED_get0_extensions(r), 0, 8);
89 }
90 X509_signature_print(out, sig_alg, sig);
91
92 return 1;
93
94}
95