summaryrefslogtreecommitdiff
path: root/src/pki/commands/print.c
diff options
context:
space:
mode:
authorRene Mayrhofer <rene@mayrhofer.eu.org>2010-11-28 11:42:20 +0000
committerRene Mayrhofer <rene@mayrhofer.eu.org>2010-11-28 11:42:20 +0000
commitf73fba54dc8b30c6482e1e8abf15bbf455592fcd (patch)
treea449515607c5e51a5c703d7a9b1149c9e4a11560 /src/pki/commands/print.c
parentb8064f4099997a9e2179f3ad4ace605f5ccac3a1 (diff)
downloadvyos-strongswan-f73fba54dc8b30c6482e1e8abf15bbf455592fcd.tar.gz
vyos-strongswan-f73fba54dc8b30c6482e1e8abf15bbf455592fcd.zip
[svn-upgrade] new version strongswan (4.5.0)
Diffstat (limited to 'src/pki/commands/print.c')
-rw-r--r--src/pki/commands/print.c61
1 files changed, 53 insertions, 8 deletions
diff --git a/src/pki/commands/print.c b/src/pki/commands/print.c
index 6d5462783..870dca920 100644
--- a/src/pki/commands/print.c
+++ b/src/pki/commands/print.c
@@ -17,6 +17,7 @@
#include <credentials/certificates/certificate.h>
#include <credentials/certificates/x509.h>
+#include <credentials/certificates/crl.h>
#include <selectors/traffic_selector.h>
#include <time.h>
@@ -29,7 +30,7 @@ static void print_pubkey(public_key_t *key)
chunk_t chunk;
printf("pubkey: %N %d bits\n", key_type_names, key->get_type(key),
- key->get_keysize(key) * 8);
+ key->get_keysize(key));
if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &chunk))
{
printf("keyid: %#B\n", &chunk);
@@ -202,6 +203,44 @@ static void print_x509(x509_t *x509)
}
/**
+ * Print CRL specific information
+ */
+static void print_crl(crl_t *crl)
+{
+ enumerator_t *enumerator;
+ time_t ts;
+ crl_reason_t reason;
+ chunk_t chunk;
+ int count = 0;
+ char buf[64];
+ struct tm tm;
+
+ chunk = crl->get_serial(crl);
+ printf("serial: %#B\n", &chunk);
+ chunk = crl->get_authKeyIdentifier(crl);
+ printf("authKeyId: %#B\n", &chunk);
+
+ enumerator = crl->create_enumerator(crl);
+ while (enumerator->enumerate(enumerator, &chunk, &ts, &reason))
+ {
+ count++;
+ }
+ enumerator->destroy(enumerator);
+
+ printf("%d revoked certificate%s%s\n", count,
+ count == 1 ? "" : "s", count ? ":" : "");
+ enumerator = crl->create_enumerator(crl);
+ while (enumerator->enumerate(enumerator, &chunk, &ts, &reason))
+ {
+ localtime_r(&ts, &tm);
+ strftime(buf, sizeof(buf), "%F %T", &tm);
+ printf(" %#B %N %s\n", &chunk, crl_reason_names, reason, buf);
+ count++;
+ }
+ enumerator->destroy(enumerator);
+}
+
+/**
* Print certificate information
*/
static void print_cert(certificate_t *cert)
@@ -212,7 +251,10 @@ static void print_cert(certificate_t *cert)
now = time(NULL);
printf("cert: %N\n", certificate_type_names, cert->get_type(cert));
- printf("subject: \"%Y\"\n", cert->get_subject(cert));
+ if (cert->get_type(cert) != CERT_X509_CRL)
+ {
+ printf("subject: \"%Y\"\n", cert->get_subject(cert));
+ }
printf("issuer: \"%Y\"\n", cert->get_issuer(cert));
cert->get_validity(cert, &now, &notBefore, &notAfter);
@@ -240,22 +282,20 @@ static void print_cert(certificate_t *cert)
case CERT_X509:
print_x509((x509_t*)cert);
break;
+ case CERT_X509_CRL:
+ print_crl((crl_t*)cert);
+ break;
default:
printf("parsing certificate subtype %N not implemented\n",
certificate_type_names, cert->get_type(cert));
break;
}
-
key = cert->get_public_key(cert);
if (key)
{
print_pubkey(key);
key->destroy(key);
}
- else
- {
- printf("unable to extract public key\n");
- }
}
/**
@@ -280,6 +320,11 @@ static int print()
type = CRED_CERTIFICATE;
subtype = CERT_X509;
}
+ else if (streq(arg, "crl"))
+ {
+ type = CRED_CERTIFICATE;
+ subtype = CERT_X509_CRL;
+ }
else if (streq(arg, "pub"))
{
type = CRED_PUBLIC_KEY;
@@ -358,7 +403,7 @@ static void __attribute__ ((constructor))reg()
command_register((command_t)
{ print, 'a', "print",
"print a credential in a human readable form",
- {"[--in file] [--type rsa-priv|ecdsa-priv|pub|x509]"},
+ {"[--in file] [--type rsa-priv|ecdsa-priv|pub|x509|crl]"},
{
{"help", 'h', 0, "show usage information"},
{"in", 'i', 1, "input file, default: stdin"},