diff --git a/library/x509_crt.c b/library/x509_crt.c index 7886b3709..025f3e0e1 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1099,6 +1099,60 @@ static int compat_snprintf(char *str, size_t size, const char *format, ...) p += (unsigned int) ret; \ } +static int x509_info_cert_type( char **buf, size_t *size, + unsigned char ns_cert_type ) +{ + int ret; + size_t n = *size; + char *p = *buf; + + if( ns_cert_type & NS_CERT_TYPE_SSL_CLIENT ) + { + ret = snprintf( p, n, " SSL Client" ); + SAFE_SNPRINTF(); + } + if( ns_cert_type & NS_CERT_TYPE_SSL_SERVER ) + { + ret = snprintf( p, n, " SSL Server" ); + SAFE_SNPRINTF(); + } + if( ns_cert_type & NS_CERT_TYPE_EMAIL ) + { + ret = snprintf( p, n, " Email" ); + SAFE_SNPRINTF(); + } + if( ns_cert_type & NS_CERT_TYPE_OBJECT_SIGNING ) + { + ret = snprintf( p, n, " Object Signing" ); + SAFE_SNPRINTF(); + } + if( ns_cert_type & NS_CERT_TYPE_RESERVED ) + { + ret = snprintf( p, n, " Reserved" ); + SAFE_SNPRINTF(); + } + if( ns_cert_type & NS_CERT_TYPE_SSL_CA ) + { + ret = snprintf( p, n, " SSL CA" ); + SAFE_SNPRINTF(); + } + if( ns_cert_type & NS_CERT_TYPE_EMAIL_CA ) + { + ret = snprintf( p, n, " Email CA" ); + SAFE_SNPRINTF(); + } + if( ns_cert_type & NS_CERT_TYPE_OBJECT_SIGNING_CA ) + { + ret = snprintf( p, n, " Object Signing CA" ); + SAFE_SNPRINTF(); + } + + *size = n; + *buf = p; + + return( 0 ); +} + /* * Return an informational string about the certificate. */ @@ -1197,9 +1251,11 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, if( crt->ext_types & EXT_NS_CERT_TYPE ) { - ret = snprintf( p, n, "\n%scert. type : ", prefix ); + ret = snprintf( p, n, "\n%scert. type :", prefix ); SAFE_SNPRINTF(); - /* TODO */ + + if( ( ret = x509_info_cert_type( &p, &n, crt->ns_cert_type ) ) != 0 ) + return( ret ); } if( crt->ext_types & EXT_KEY_USAGE ) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 1d8497b49..083e8d1b0 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -62,6 +62,10 @@ X509 Certificate information EC, SHA512 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED x509_cert_info:"data_files/server5-sha512.crt":"cert. version \: 3\nserial number \: 15\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" +X509 Certificate information, NS Cert Type +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C +x509_cert_info:"data_files/server1.cert_type.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\ncert. type \: SSL Server\n" + X509 Certificate information RSA signed by EC depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C x509_cert_info:"data_files/server4.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"