243 (void) printf(gettext(" Subject: %s\n"),
244 bufp);
245 OPENSSL_free(bufp);
246 }
247
248 bufp = sunw_issuer_attrs(xcert_in, NULL, 0);
249 if (bufp != NULL) {
250 (void) printf(gettext(" Issuer: %s\n"), bufp);
251 OPENSSL_free(bufp);
252 }
253
254 (void) sunw_print_times(stdout, PRNT_BOTH, NULL,
255 xcert_in);
256 }
257
258 if (ta_in != NULL) {
259 X509 *x;
260 int i;
261
262 for (i = 0; i < sk_X509_num(ta_in); i++) {
263 x = sk_X509_value(ta_in, i);
264 (void) printf(
265 gettext("\nTrust Anchor cert %d:\n"), i);
266
267 /*
268 * sunw_subject_attrs() returns a pointer to
269 * memory allocated on our behalf. We get the
270 * same behavior from sunw_issuer_attrs().
271 */
272 bufp = sunw_subject_attrs(x, NULL, 0);
273 if (bufp != NULL) {
274 (void) printf(
275 gettext(" Subject: %s\n"), bufp);
276 OPENSSL_free(bufp);
277 }
278
279 bufp = sunw_issuer_attrs(x, NULL, 0);
280 if (bufp != NULL) {
281 (void) printf(
282 gettext(" Issuer: %s\n"), bufp);
356 {
357 X509 *curr;
358 time_errs_t ret;
359 int i;
360 int del_expired = (outfiles != 0);
361
362 if (c_in != NULL && *c_in != NULL) {
363 ret = time_check_print(*c_in);
364 if ((ret != CHK_TIME_OK && ret != CHK_TIME_IS_BEFORE) &&
365 del_expired) {
366 (void) fprintf(stderr, gettext(" Removing cert\n"));
367 X509_free(*c_in);
368 *c_in = NULL;
369 }
370 }
371
372 if (ta_in == NULL)
373 return;
374
375 for (i = 0; i < sk_X509_num(ta_in); ) {
376 curr = sk_X509_value(ta_in, i);
377 ret = time_check_print(curr);
378 if ((ret != CHK_TIME_OK && ret != CHK_TIME_IS_BEFORE) &&
379 del_expired) {
380 (void) fprintf(stderr, gettext(" Removing cert\n"));
381 curr = sk_X509_delete(ta_in, i);
382 X509_free(curr);
383 continue;
384 }
385 i++;
386 }
387 }
388
389 static time_errs_t
390 time_check_print(X509 *cert)
391 {
392 char buf[256];
393 int ret;
394
395 ret = time_check(cert);
396 if (ret == CHK_TIME_OK)
397 return (CHK_TIME_OK);
398
399 (void) fprintf(stderr, gettext(" Subject: %s"),
400 sunw_subject_attrs(cert, buf, sizeof (buf)));
564 goto cleanup;
565 }
566
567 if (i2d_PKCS12_fp(fp, p12) == 0) {
568 wbku_printerr("cannot write %s: %s\n", name, cryptoerr());
569 ret = -1;
570 goto cleanup;
571 }
572
573 cleanup:
574 (void) fclose(fp);
575 if (p12 != NULL)
576 PKCS12_free(p12);
577 /*
578 * Put the cert and pkey off of the stack so that they won't
579 * be freed two times. (If they get left in the stack then
580 * they will be freed with the stack.)
581 */
582 if (clist != NULL) {
583 if (cert != NULL && sk_X509_num(clist) == 1) {
584 (void) sk_X509_delete(clist, 0);
585 }
586 sk_X509_pop_free(clist, X509_free);
587 }
588 if (klist != NULL) {
589 if (pkey != NULL && sk_EVP_PKEY_num(klist) == 1) {
590 (void) sk_EVP_PKEY_delete(klist, 0);
591 }
592 sk_EVP_PKEY_pop_free(klist, sunw_evp_pkey_free);
593 }
594
595 return (ret);
596 }
597
598 static void
599 usage(void)
600 {
601 (void) fprintf(stderr,
602 gettext("usage:\n"
603 " %s -i <file> -c <file> -k <file> -t <file> [-l <keyid> -v]\n"
604 "\n"),
605 progname);
606 (void) fprintf(stderr,
607 gettext(" where:\n"
608 " -i - input file to be split into component parts and put in\n"
609 " files given by -c, -k and -t\n"
|
243 (void) printf(gettext(" Subject: %s\n"),
244 bufp);
245 OPENSSL_free(bufp);
246 }
247
248 bufp = sunw_issuer_attrs(xcert_in, NULL, 0);
249 if (bufp != NULL) {
250 (void) printf(gettext(" Issuer: %s\n"), bufp);
251 OPENSSL_free(bufp);
252 }
253
254 (void) sunw_print_times(stdout, PRNT_BOTH, NULL,
255 xcert_in);
256 }
257
258 if (ta_in != NULL) {
259 X509 *x;
260 int i;
261
262 for (i = 0; i < sk_X509_num(ta_in); i++) {
263 /* LINTED */
264 x = sk_X509_value(ta_in, i);
265 (void) printf(
266 gettext("\nTrust Anchor cert %d:\n"), i);
267
268 /*
269 * sunw_subject_attrs() returns a pointer to
270 * memory allocated on our behalf. We get the
271 * same behavior from sunw_issuer_attrs().
272 */
273 bufp = sunw_subject_attrs(x, NULL, 0);
274 if (bufp != NULL) {
275 (void) printf(
276 gettext(" Subject: %s\n"), bufp);
277 OPENSSL_free(bufp);
278 }
279
280 bufp = sunw_issuer_attrs(x, NULL, 0);
281 if (bufp != NULL) {
282 (void) printf(
283 gettext(" Issuer: %s\n"), bufp);
357 {
358 X509 *curr;
359 time_errs_t ret;
360 int i;
361 int del_expired = (outfiles != 0);
362
363 if (c_in != NULL && *c_in != NULL) {
364 ret = time_check_print(*c_in);
365 if ((ret != CHK_TIME_OK && ret != CHK_TIME_IS_BEFORE) &&
366 del_expired) {
367 (void) fprintf(stderr, gettext(" Removing cert\n"));
368 X509_free(*c_in);
369 *c_in = NULL;
370 }
371 }
372
373 if (ta_in == NULL)
374 return;
375
376 for (i = 0; i < sk_X509_num(ta_in); ) {
377 /* LINTED */
378 curr = sk_X509_value(ta_in, i);
379 ret = time_check_print(curr);
380 if ((ret != CHK_TIME_OK && ret != CHK_TIME_IS_BEFORE) &&
381 del_expired) {
382 (void) fprintf(stderr, gettext(" Removing cert\n"));
383 /* LINTED */
384 curr = sk_X509_delete(ta_in, i);
385 X509_free(curr);
386 continue;
387 }
388 i++;
389 }
390 }
391
392 static time_errs_t
393 time_check_print(X509 *cert)
394 {
395 char buf[256];
396 int ret;
397
398 ret = time_check(cert);
399 if (ret == CHK_TIME_OK)
400 return (CHK_TIME_OK);
401
402 (void) fprintf(stderr, gettext(" Subject: %s"),
403 sunw_subject_attrs(cert, buf, sizeof (buf)));
567 goto cleanup;
568 }
569
570 if (i2d_PKCS12_fp(fp, p12) == 0) {
571 wbku_printerr("cannot write %s: %s\n", name, cryptoerr());
572 ret = -1;
573 goto cleanup;
574 }
575
576 cleanup:
577 (void) fclose(fp);
578 if (p12 != NULL)
579 PKCS12_free(p12);
580 /*
581 * Put the cert and pkey off of the stack so that they won't
582 * be freed two times. (If they get left in the stack then
583 * they will be freed with the stack.)
584 */
585 if (clist != NULL) {
586 if (cert != NULL && sk_X509_num(clist) == 1) {
587 /* LINTED */
588 (void) sk_X509_delete(clist, 0);
589 }
590 sk_X509_pop_free(clist, X509_free);
591 }
592 if (klist != NULL) {
593 if (pkey != NULL && sk_EVP_PKEY_num(klist) == 1) {
594 /* LINTED */
595 (void) sk_EVP_PKEY_delete(klist, 0);
596 }
597 sk_EVP_PKEY_pop_free(klist, sunw_evp_pkey_free);
598 }
599
600 return (ret);
601 }
602
603 static void
604 usage(void)
605 {
606 (void) fprintf(stderr,
607 gettext("usage:\n"
608 " %s -i <file> -c <file> -k <file> -t <file> [-l <keyid> -v]\n"
609 "\n"),
610 progname);
611 (void) fprintf(stderr,
612 gettext(" where:\n"
613 " -i - input file to be split into component parts and put in\n"
614 " files given by -c, -k and -t\n"
|