diff --git a/src/x509.c b/src/x509.c index 52e735b95..dca91118e 100644 --- a/src/x509.c +++ b/src/x509.c @@ -837,7 +837,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) #endif return NULL; } - ext->crit = x509->keyUsageCrit; + ext->crit = x509->extKeyUsageCrit; break; case CRL_DIST_OID: @@ -5338,7 +5338,7 @@ static int X509PrintSubjAltName(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, } #endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */ else if (entry->type == ASN_RFC822_TYPE) { - len = XSNPRINTF(scratch, MAX_WIDTH, "Email Address:%s", + len = XSNPRINTF(scratch, MAX_WIDTH, "email:%s", entry->name); if (len >= MAX_WIDTH) { ret = WOLFSSL_FAILURE; @@ -5526,7 +5526,7 @@ static int X509PrintSerial_ex(WOLFSSL_BIO* bio, byte* serial, int sz, /* serial is larger than int size so print off hex values */ if ((scratchLen = XSNPRINTF( - scratch, MAX_WIDTH, "%*s", indent, "")) + scratch, MAX_WIDTH, "\n%*s", indent + 4, "")) >= MAX_WIDTH) { WOLFSSL_MSG("buffer overrun"); return WOLFSSL_FAILURE; @@ -5644,8 +5644,8 @@ static int X509PrintExtensions(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent) scratch, MAX_WIDTH, "%*s%s%s\n", indent + 4, "", buf, (wolfSSL_X509_EXTENSION_get_critical(ext) - ? ": Critical" - : ":"))) + ? ": critical" + : ": "))) >= MAX_WIDTH) { ret = WOLFSSL_FAILURE; @@ -5725,7 +5725,7 @@ static int X509PrintExtensions(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent) if ((valLen = XSNPRINTF( val, sizeof(val), "%02X%s", x509->authKeyId[j], - (j < x509->authKeyIdSz - 1) ? ":" : "\n")) + (j < x509->authKeyIdSz - 1) ? ":" : "\n\n")) >= (int)sizeof(val)) { ret = WOLFSSL_FAILURE; @@ -6001,17 +6001,46 @@ static int X509PrintPubKey(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent) int len; int ret = WOLFSSL_SUCCESS; - len = XSNPRINTF(scratch, MAX_WIDTH, "%*sPublic Key:\n", indent, ""); + if (bio == NULL || x509 == NULL) + return BAD_FUNC_ARG; + + len = XSNPRINTF(scratch, MAX_WIDTH, "%*sSubject Public Key Info:\n", indent, ""); if (len >= MAX_WIDTH) return WOLFSSL_FAILURE; if (wolfSSL_BIO_write(bio, scratch, len) <= 0) return WOLFSSL_FAILURE; + switch (x509->pubKeyOID) { + #ifndef NO_RSA + case RSAk: + len = XSNPRINTF(scratch, MAX_WIDTH, + "%*sPublic Key Algorithm: rsaEncryption\n", indent + 4, ""); + if (len >= MAX_WIDTH) + return WOLFSSL_FAILURE; + if (wolfSSL_BIO_write(bio, scratch, len) <= 0) + return WOLFSSL_FAILURE; + break; + #endif + #ifdef HAVE_ECC + case ECDSAk: + len = XSNPRINTF(scratch, MAX_WIDTH, + "%*sPublic Key Algorithm: EC\n", indent + 4, ""); + if (len >= MAX_WIDTH) + return WOLFSSL_FAILURE; + if (wolfSSL_BIO_write(bio, scratch, len) <= 0) + return WOLFSSL_FAILURE; + break; + #endif + default: + WOLFSSL_MSG("Unknown key type"); + return WOLFSSL_FAILURE; + } + pubKey = wolfSSL_X509_get_pubkey(x509); if (pubKey == NULL) return WOLFSSL_FAILURE; - ret = wolfSSL_EVP_PKEY_print_public(bio, pubKey, indent + 4, NULL); + ret = wolfSSL_EVP_PKEY_print_public(bio, pubKey, indent + 8, NULL); wolfSSL_EVP_PKEY_free(pubKey); @@ -6215,8 +6244,8 @@ int wolfSSL_X509_REQ_print(WOLFSSL_BIO* bio, WOLFSSL_X509* x509) int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, unsigned long nmflags, unsigned long cflag) { - char issuType[] = "Issuer: "; - char subjType[] = "Subject: "; + char issuType[] = "Issuer:"; + char subjType[] = "Subject:"; WOLFSSL_ENTER("wolfSSL_X509_print_ex"); @@ -6337,7 +6366,7 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, } /* print out signature */ - if (X509PrintSignature(bio, x509, 0, 8) != WOLFSSL_SUCCESS) { + if (X509PrintSignature(bio, x509, 0, 4) != WOLFSSL_SUCCESS) { return WOLFSSL_FAILURE; } @@ -12077,20 +12106,21 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, if (len == 0 || buf == NULL) return WOLFSSL_FAILURE; - tmpSz = nameStrSz + len + 3; /* + 3 for '=', comma, and '\0' */ + tmpSz = nameStrSz + len + 4; /* + 4 for '=', comma space and '\0'*/ tmp = (char*)XMALLOC(tmpSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (tmp == NULL) { return WOLFSSL_FAILURE; } if (i < count - 1) { - if (XSNPRINTF(tmp, tmpSz, "%s=%s,", buf, nameStr) + if (XSNPRINTF(tmp, tmpSz, "%s=%s, ", buf, nameStr) >= tmpSz) { WOLFSSL_MSG("buffer overrun"); return WOLFSSL_FAILURE; } - tmpSz = len + nameStrSz + 2; /* 2 for '=', comma */ + + tmpSz = len + nameStrSz + 3; /* 3 for '=', comma space */ } else { if (XSNPRINTF(tmp, tmpSz, "%s=%s", buf, nameStr) @@ -12100,7 +12130,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, return WOLFSSL_FAILURE; } tmpSz = len + nameStrSz + 1; /* 1 for '=' */ - if (bio->type != WOLFSSL_BIO_FILE) + if (bio->type != WOLFSSL_BIO_FILE && bio->type != WOLFSSL_BIO_MEMORY) ++tmpSz; /* include the terminating null when not writing to a * file. */ diff --git a/tests/api.c b/tests/api.c index 2d3979269..53d42de5a 100644 --- a/tests/api.c +++ b/tests/api.c @@ -3959,7 +3959,7 @@ static int test_wolfSSL_EVP_PKEY_print_public(void) AssertIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); BIO_gets(wbio, line, sizeof(line)); - strcpy(line1, " 00:BC:73:0E:A8:49:F3:74:A2:A9:EF:18:A5:DA:55:\n"); + strcpy(line1, " 00:bc:73:0e:a8:49:f3:74:a2:a9:ef:18:a5:da:55:\n"); AssertIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); @@ -30803,13 +30803,13 @@ static int test_wolfSSL_X509_NAME_print_ex(void) X509* x509 = NULL; X509_NAME* name = NULL; - const char* expNormal = "C=US,CN=wolfssl.com"; - const char* expReverse = "CN=wolfssl.com,C=US"; + const char* expNormal = "C=US, CN=wolfssl.com"; + const char* expReverse = "CN=wolfssl.com, C=US"; - const char* expNotEscaped = "C= US,+\"\\ ,CN=#wolfssl.com<>;"; - const char* expNotEscapedRev = "CN=#wolfssl.com<>;,C= US,+\"\\ "; + const char* expNotEscaped = "C= US,+\"\\ , CN=#wolfssl.com<>;"; + const char* expNotEscapedRev = "CN=#wolfssl.com<>;, C= US,+\"\\ "; const char* expRFC5523 = - "CN=\\#wolfssl.com\\<\\>\\;,C=\\ US\\,\\+\\\"\\\\\\ "; + "CN=\\#wolfssl.com\\<\\>\\;, C=\\ US\\,\\+\\\"\\\\\\ "; printf(testingFmt, "wolfSSL_X509_NAME_print_ex"); @@ -30854,7 +30854,7 @@ static int test_wolfSSL_X509_NAME_print_ex(void) AssertNotNull(membio = BIO_new(BIO_s_mem())); AssertIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS); AssertIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); - AssertIntEQ(memSz, XSTRLEN(expNormal)+1); + AssertIntEQ(memSz, XSTRLEN(expNormal)); AssertIntEQ(XSTRNCMP((char*)mem, expNormal, XSTRLEN(expNormal)), 0); BIO_free(membio); @@ -30863,7 +30863,7 @@ static int test_wolfSSL_X509_NAME_print_ex(void) AssertIntEQ(X509_NAME_print_ex(membio, name, 0, XN_FLAG_RFC2253), WOLFSSL_SUCCESS); AssertIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); - AssertIntEQ(memSz, XSTRLEN(expReverse)+1); + AssertIntEQ(memSz, XSTRLEN(expReverse)); BIO_free(membio); /* Test flags: XN_FLAG_DN_REV - reversed */ @@ -30871,7 +30871,7 @@ static int test_wolfSSL_X509_NAME_print_ex(void) AssertIntEQ(X509_NAME_print_ex(membio, name, 0, XN_FLAG_DN_REV), WOLFSSL_SUCCESS); AssertIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); - AssertIntEQ(memSz, XSTRLEN(expReverse)+1); + AssertIntEQ(memSz, XSTRLEN(expReverse)); AssertIntEQ(XSTRNCMP((char*)mem, expReverse, XSTRLEN(expReverse)), 0); BIO_free(membio); @@ -30894,7 +30894,7 @@ static int test_wolfSSL_X509_NAME_print_ex(void) AssertNotNull(membio = BIO_new(BIO_s_mem())); AssertIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS); AssertIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); - AssertIntEQ(memSz, XSTRLEN(expNotEscaped)+1); + AssertIntEQ(memSz, XSTRLEN(expNotEscaped)); AssertIntEQ(XSTRNCMP((char*)mem, expNotEscaped, XSTRLEN(expNotEscaped)), 0); BIO_free(membio); @@ -30904,7 +30904,7 @@ static int test_wolfSSL_X509_NAME_print_ex(void) AssertIntEQ(X509_NAME_print_ex(membio, name, 0, XN_FLAG_RFC2253), WOLFSSL_SUCCESS); AssertIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); - AssertIntEQ(memSz, XSTRLEN(expRFC5523)+1); + AssertIntEQ(memSz, XSTRLEN(expRFC5523)); AssertIntEQ(XSTRNCMP((char*)mem, expRFC5523, XSTRLEN(expRFC5523)), 0); BIO_free(membio); @@ -30913,7 +30913,7 @@ static int test_wolfSSL_X509_NAME_print_ex(void) AssertIntEQ(X509_NAME_print_ex(membio, name, 0, XN_FLAG_DN_REV), WOLFSSL_SUCCESS); AssertIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); - AssertIntEQ(memSz, XSTRLEN(expNotEscapedRev)+1); + AssertIntEQ(memSz, XSTRLEN(expNotEscapedRev)); AssertIntEQ(XSTRNCMP((char*)mem, expNotEscapedRev, XSTRLEN(expNotEscapedRev)), 0); BIO_free(membio); @@ -53454,10 +53454,15 @@ static int test_wolfSSL_X509_print(void) AssertIntEQ(X509_print(bio, x509), SSL_SUCCESS); #if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME) - /* Will print IP address subject alt name. */ - AssertIntEQ(BIO_get_mem_data(bio, NULL), 3255); + #if defined(WC_DISABLE_RADIX_ZERO_PAD) + /* Will print IP address subject alt name. */ + AssertIntEQ(BIO_get_mem_data(bio, NULL), 3349); + #else + /* Will print IP address subject alt name. */ + AssertIntEQ(BIO_get_mem_data(bio, NULL), 3350); + #endif #else - AssertIntEQ(BIO_get_mem_data(bio, NULL), 3233); + AssertIntEQ(BIO_get_mem_data(bio, NULL), 3328); #endif BIO_free(bio); diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index f1231fb81..99d16e295 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -9063,10 +9063,11 @@ static int Indent(WOLFSSL_BIO* out, int indents) * input buffer holding data to dump * inlen input data size * indent the number of spaces for indent + * blower true if lower case uses * Returns 1 on success, 0 on failure. */ static int PrintHexWithColon(WOLFSSL_BIO* out, const byte* input, - int inlen, int indent) + int inlen, int indent, byte blower) { #ifdef WOLFSSL_SMALL_STACK byte* buff = NULL; @@ -9117,6 +9118,10 @@ static int PrintHexWithColon(WOLFSSL_BIO* out, const byte* input, outHex, &outSz) == 0; } if (ret == WOLFSSL_SUCCESS) { + if (blower) { + outHex[0] = (byte)XTOLOWER(outHex[0]); + outHex[1] = (byte)XTOLOWER(outHex[1]); + } XMEMCPY(buff + idx, outHex, 2); idx += 2; @@ -9239,7 +9244,9 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, n--; nSz++; } - if (PrintHexWithColon(out, n, nSz, indent + 4) != WOLFSSL_SUCCESS) { + + if (PrintHexWithColon(out, n, nSz, + indent + 4, 1/* lower case */) != WOLFSSL_SUCCESS) { break; } /* print public Exponent */ @@ -9442,7 +9449,7 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, res = wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) > 0; } if (res == WOLFSSL_SUCCESS) { - res = PrintHexWithColon(out, pub, pubSz, indent + 4); + res = PrintHexWithColon(out, pub, pubSz, indent + 4, 0/* upper case */); } if (res == WOLFSSL_SUCCESS) { res = Indent(out, indent) >= 0; @@ -9662,7 +9669,8 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) { break; } - if (PrintHexWithColon(out, y, ySz, indent + 4) != WOLFSSL_SUCCESS) { + if (PrintHexWithColon(out, y, ySz, indent + 4, 0/* upper case */) + != WOLFSSL_SUCCESS) { break; } /* print P element */ @@ -9671,7 +9679,8 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) { break; } - if (PrintHexWithColon(out, p, pSz, indent + 4) != WOLFSSL_SUCCESS) { + if (PrintHexWithColon(out, p, pSz, indent + 4, 0/* upper case */) + != WOLFSSL_SUCCESS) { break; } /* print Q element */ @@ -9680,7 +9689,8 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) { break; } - if (PrintHexWithColon(out, q, qSz, indent + 4) != WOLFSSL_SUCCESS) { + if (PrintHexWithColon(out, q, qSz, indent + 4, 0/* upper case */) + != WOLFSSL_SUCCESS) { break; } /* print G element */ @@ -9689,7 +9699,8 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) { break; } - if (PrintHexWithColon(out, g, gSz, indent + 4) != WOLFSSL_SUCCESS) { + if (PrintHexWithColon(out, g, gSz, indent + 4, 0/* upper case */) + != WOLFSSL_SUCCESS) { break; } @@ -9867,7 +9878,8 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) { break; } - if (PrintHexWithColon(out, publicKey, publicKeySz, indent + 4) + if (PrintHexWithColon(out, publicKey, + publicKeySz, indent + 4, 0/* upper case */) != WOLFSSL_SUCCESS) { break; } @@ -9876,7 +9888,8 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) { break; } - if (PrintHexWithColon(out, prime, primeSz, indent + 4) + if (PrintHexWithColon(out, prime, primeSz, + indent + 4, 0/* upper case */) != WOLFSSL_SUCCESS) { break; }