Skip to content

Commit

Permalink
Revert "Trim some unused XN_FLAG_* values" (aws#1582)
Browse files Browse the repository at this point in the history
  • Loading branch information
@samuel40791765
samuel40791765 authored May 17, 2024
1 parent b434043 commit a83bcb5
Show file tree
Hide file tree
Showing 3 changed files with 96 additions and 45 deletions.
60 changes: 39 additions & 21 deletions crypto/x509/name_print.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,6 @@

#include <openssl/x509.h>

#include <assert.h>
#include <inttypes.h>
#include <string.h>

Expand Down Expand Up @@ -85,7 +84,8 @@ static int do_indent(BIO *out, int indent) {

static int do_name_ex(BIO *out, const X509_NAME *n, int indent,
unsigned long flags) {
int prev = -1, orflags;
int i, prev = -1, orflags, cnt;
int fn_opt, fn_nid;
char objtmp[80];
const char *objbuf;
int outlen, len;
Expand Down Expand Up @@ -142,8 +142,10 @@ static int do_name_ex(BIO *out, const X509_NAME *n, int indent,
sep_eq_len = 1;
}

int cnt = X509_NAME_entry_count(n);
for (int i = 0; i < cnt; i++) {
fn_opt = flags & XN_FLAG_FN_MASK;

cnt = X509_NAME_entry_count(n);
for (i = 0; i < cnt; i++) {
const X509_NAME_ENTRY *ent;
if (flags & XN_FLAG_DN_REV) {
ent = X509_NAME_get_entry(n, cnt - i - 1);
Expand All @@ -170,24 +172,40 @@ static int do_name_ex(BIO *out, const X509_NAME *n, int indent,
prev = X509_NAME_ENTRY_set(ent);
const ASN1_OBJECT *fn = X509_NAME_ENTRY_get_object(ent);
const ASN1_STRING *val = X509_NAME_ENTRY_get_data(ent);
assert((flags & XN_FLAG_FN_MASK) == XN_FLAG_FN_SN);
int fn_nid = OBJ_obj2nid(fn);
if (fn_nid == NID_undef) {
OBJ_obj2txt(objtmp, sizeof(objtmp), fn, 1);
objbuf = objtmp;
} else {
objbuf = OBJ_nid2sn(fn_nid);
}
if (objbuf == NULL) {
return -1;
}

int objlen = strlen(objbuf);
if (!maybe_write(out, objbuf, objlen) ||
!maybe_write(out, sep_eq, sep_eq_len)) {
return -1;
fn_nid = OBJ_obj2nid(fn);
if (fn_opt != XN_FLAG_FN_NONE) {
int objlen, fld_len;
if ((fn_opt == XN_FLAG_FN_OID) || (fn_nid == NID_undef)) {
OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
fld_len = 0; // XXX: what should this be?
objbuf = objtmp;
} else {
if (fn_opt == XN_FLAG_FN_SN) {
fld_len = FN_WIDTH_SN;
objbuf = OBJ_nid2sn(fn_nid);
} else if (fn_opt == XN_FLAG_FN_LN) {
fld_len = FN_WIDTH_LN;
objbuf = OBJ_nid2ln(fn_nid);
} else {
fld_len = 0; // XXX: what should this be?
objbuf = "";
}
}
objlen = strlen(objbuf);
if (!maybe_write(out, objbuf, objlen)) {
return -1;
}
if ((objlen < fld_len) && (flags & XN_FLAG_FN_ALIGN)) {
if (!do_indent(out, fld_len - objlen)) {
return -1;
}
outlen += fld_len - objlen;
}
if (!maybe_write(out, sep_eq, sep_eq_len)) {
return -1;
}
outlen += objlen + sep_eq_len;
}
outlen += objlen + sep_eq_len;
// If the field name is unknown then fix up the DER dump flag. We
// might want to limit this further so it will DER dump on anything
// other than a few 'standard' fields.
Expand Down
63 changes: 39 additions & 24 deletions crypto/x509/x509_test.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5262,35 +5262,50 @@ TEST(X509Test, NamePrint) {
"CN = \"Common "
"Name/CN=A/CN=B,CN=A,CN=B+CN=A+CN=B;CN=A;CN=B\\0ACN=A\\0A\", "
"CN = \" spaces \""},
// Callers can also customize the output, with both |XN_FLAG_*| and
// |ASN1_STRFLGS_*|. |XN_FLAG_SEP_SPLUS_SPC| uses semicolon separators.
// |XN_FLAG_MULTILINE| is an OpenSSL-specific multi-line format that tries
// to vertically align the equal sizes. The vertical alignment doesn't
// quite handle multi-valued RDNs right and uses a non-RFC-2253 escaping.
{/*indent=*/0,
/*flags=*/XN_FLAG_SEP_SPLUS_SPC | ASN1_STRFLGS_RFC2253 |
/*flags=*/XN_FLAG_MULTILINE,
"countryName = US\n"
"stateOrProvinceName = Some State + "
"stateOrProvinceName = Some Other State \\U2603 + "
"stateOrProvinceName = Another State \\U2603 + "
"1.2.840.113554.4.1.72585.2 = \\U2603\n"
"1.2.840.113554.4.1.72585.3 = 0\\06\\02\\01\\01\\02\\01\\02\n"
"organizationName = Org Name\n"
"commonName = Common "
"Name/CN=A/CN=B,CN=A,CN=B+CN=A+CN=B;CN=A;CN=B\\0ACN=A\\0A\n"
"commonName = spaces "},
// The multiline format indents every line.
{/*indent=*/2,
/*flags=*/XN_FLAG_MULTILINE,
" countryName = US\n"
" stateOrProvinceName = Some State + "
"stateOrProvinceName = Some Other State \\U2603 + "
"stateOrProvinceName = Another State \\U2603 + "
"1.2.840.113554.4.1.72585.2 = \\U2603\n"
" 1.2.840.113554.4.1.72585.3 = 0\\06\\02\\01\\01\\02\\01\\02\n"
" organizationName = Org Name\n"
" commonName = Common "
"Name/CN=A/CN=B,CN=A,CN=B+CN=A+CN=B;CN=A;CN=B\\0ACN=A\\0A\n"
" commonName = spaces "},
// Callers can also customize the output, wuith both |XN_FLAG_*| and
// |ASN1_STRFLGS_*|. |XN_FLAG_SEP_SPLUS_SPC| uses semicolon separators and
// |XN_FLAG_FN_OID| forces OIDs.
{/*indent=*/0,
/*flags=*/XN_FLAG_SEP_SPLUS_SPC | XN_FLAG_FN_OID | ASN1_STRFLGS_RFC2253 |
ASN1_STRFLGS_ESC_QUOTE,
"C=US; "
"ST=Some State + "
"ST=Some Other State \\E2\\98\\83 + "
"ST=Another State \\E2\\98\\83 + "
"2.5.4.6=US; "
"2.5.4.8=Some State + "
"2.5.4.8=Some Other State \\E2\\98\\83 + "
"2.5.4.8=Another State \\E2\\98\\83 + "
"1.2.840.113554.4.1.72585.2=\\E2\\98\\83; "
"1.2.840.113554.4.1.72585.3=#3006020101020102; "
"O=Org Name; "
"CN=\"Common "
"2.5.4.10=Org Name; "
"2.5.4.3=\"Common "
"Name/CN=A/CN=B,CN=A,CN=B+CN=A+CN=B;CN=A;CN=B\\0ACN=A\\0A\"; "
"CN=\" spaces \""},
// Node uses these parameters.
{/*indent=*/0,
/*flags=*/ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL |
ASN1_STRFLGS_UTF8_CONVERT | XN_FLAG_SEP_MULTILINE | XN_FLAG_FN_SN,
"C=US\n"
"ST=Some State + "
"ST=Some Other State \xE2\x98\x83 + "
"ST=Another State \xE2\x98\x83 + "
"1.2.840.113554.4.1.72585.2=\xE2\x98\x83\n"
"1.2.840.113554.4.1.72585.3=0\\06\\02\\01\\01\\02\\01\\02\n"
"O=Org Name\n"
"CN=Common "
"Name/CN=A/CN=B\\,CN=A\\,CN=B\\+CN=A\\+CN=B\\;CN=A\\;CN=B\\0ACN=A\\0A\n"
"CN=\\ spaces\\ "},
"2.5.4.3=\" spaces \""},
// |XN_FLAG_COMPAT| matches |X509_NAME_print|, rather than
// |X509_NAME_print_ex|.
//
Expand Down
18 changes: 18 additions & 0 deletions include/openssl/x509.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2281,13 +2281,26 @@ OPENSSL_EXPORT int X509_REQ_print_fp(FILE *fp, X509_REQ *req);
// XN_FLAG_FN_SN uses the attribute type's short name, when available.
#define XN_FLAG_FN_SN 0

// XN_FLAG_FN_LN uses the attribute type's long name, when available.
#define XN_FLAG_FN_LN (1 << 21)

// XN_FLAG_FN_OID always prints attribute types as OIDs.
#define XN_FLAG_FN_OID (2 << 21)

// XN_FLAG_FN_NONE skips printing field names.
#define XN_FLAG_FN_NONE (3 << 21)

// XN_FLAG_SPC_EQ wraps the "=" operator with spaces when printing attributes.
#define XN_FLAG_SPC_EQ (1 << 23)

// XN_FLAG_DUMP_UNKNOWN_FIELDS causes unknown attribute types to be printed in
// hex, as in RFC 2253.
#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)

// XN_FLAG_FN_ALIGN aligns attribute names to 10 characters if using short
// names, and 25 characters if using long names.
#define XN_FLAG_FN_ALIGN (1 << 25)

// XN_FLAG_RFC2253 prints like RFC 2253.
#define XN_FLAG_RFC2253 \
(ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | \
Expand All @@ -2298,6 +2311,11 @@ OPENSSL_EXPORT int X509_REQ_print_fp(FILE *fp, X509_REQ *req);
(ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | \
XN_FLAG_SPC_EQ | XN_FLAG_FN_SN)

// XN_FLAG_MULTILINE prints a multi-line representation of the name.
#define XN_FLAG_MULTILINE \
(ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | \
XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN)

// X509_NAME_print_ex writes a human-readable representation of |nm| to |out|.
// Each line of output is indented by |indent| spaces. It returns the number of
// bytes written on success, and -1 on error. If |out| is NULL, it returns the
Expand Down

0 comments on commit a83bcb5

Please sign in to comment.