certtool: don't output textual information if --no-text was given

Change privkey/certificate/CRL/CSR handling to disable text output if --no-text option was given. Closes #487 Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 2018-11-16 03:46:52 +0300
committer: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 2018-11-26 16:56:33 +0300
commit: a0754ce52e28851fe6cef367ef0fbf45914ada49 (patch)
tree: 19bf216137ccc879056d0baf363e115d7a6f50c0 /src/certtool.c
parent: d80b16f6a1da09b9c96ef5efc9ff890d1578d63a (diff)
download: gnutls-a0754ce52e28851fe6cef367ef0fbf45914ada49.tar.gz
1 files changed, 21 insertions, 42 deletions
diff --git a/src/certtool.c b/src/certtool.c
index a755e1bca3..a45efdf7b7 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -57,14 +57,14 @@
 
 static FILE *stdlog = NULL;
 
-static void print_crl_info(gnutls_x509_crl_t crl, FILE * out);
+static void print_crl_info(gnutls_x509_crl_t crl, FILE * out, common_info_st *cinfo);
 void pkcs7_info(common_info_st *cinfo, unsigned display_data);
 void pkcs7_sign(common_info_st *, unsigned embed);
 void pkcs7_generate(common_info_st *);
 void pkcs8_info(void);
 void pkcs8_info_int(gnutls_datum_t *data, unsigned format,
 			unsigned ignore_err, FILE *out, const char *tab);
-void crq_info(void);
+void crq_info(common_info_st *cinfo);
 void smime_to_pkcs7(void);
 void pkcs12_info(common_info_st *);
 void generate_pkcs12(common_info_st *);
@@ -74,7 +74,7 @@ void verify_crl(common_info_st * cinfo);
 void verify_pkcs7(common_info_st * cinfo, const char *purpose, unsigned display_data);
 void pubkey_info(gnutls_x509_crt_t crt, common_info_st *);
 void certificate_info(int, common_info_st *);
-void crl_info(void);
+void crl_info(common_info_st *cinfo);
 void privkey_info(common_info_st *);
 static void cmd_parser(int argc, char **argv);
 void generate_self_signed(common_info_st *);
@@ -1073,7 +1073,7 @@ static void generate_signed_crl(common_info_st * cinfo)
 		app_exit(1);
 	}
 
-	print_crl_info(crl, stdlog);
+	print_crl_info(crl, stdlog, cinfo);
 
 	gnutls_privkey_deinit(ca_key);
 	gnutls_x509_crl_deinit(crl);
@@ -1334,6 +1334,7 @@ static void cmd_parser(int argc, char **argv)
 	cinfo.pkcs8 = HAVE_OPT(PKCS8);
 	cinfo.incert_format = incert_format;
 	cinfo.outcert_format = outcert_format;
+	cinfo.outtext = ENABLED_OPT(TEXT) && outcert_format == GNUTLS_X509_FMT_PEM;
 
 	if (HAVE_OPT(LOAD_CERTIFICATE))
 		cinfo.cert = OPT_ARG(LOAD_CERTIFICATE);
@@ -1432,7 +1433,7 @@ static void cmd_parser(int argc, char **argv)
 	else if (HAVE_OPT(GET_DH_PARAMS))
 		generate_prime(outfile, 0, &cinfo);
 	else if (HAVE_OPT(CRL_INFO))
-		crl_info();
+		crl_info(&cinfo);
 	else if (HAVE_OPT(P7_INFO))
 		pkcs7_info(&cinfo, ENABLED_OPT(P7_SHOW_DATA));
 	else if (HAVE_OPT(P7_GENERATE))
@@ -1450,7 +1451,7 @@ static void cmd_parser(int argc, char **argv)
 	else if (HAVE_OPT(TO_P8))
 		generate_pkcs8(&cinfo);
 	else if (HAVE_OPT(CRQ_INFO))
-		crq_info();
+		crq_info(&cinfo);
 	else
 		USAGE(1);
 
@@ -1504,7 +1505,7 @@ void certificate_info(int pubkey, common_info_st * cinfo)
 		if (i > 0)
 			fprintf(outfile, "\n");
 
-		if (outcert_format == GNUTLS_X509_FMT_PEM)
+		if (cinfo->outtext)
 			print_certificate_info(crts[i], outfile, 1);
 
 		if (pubkey) {
@@ -1554,13 +1555,13 @@ print_certificate_info(gnutls_x509_crt_t crt, FILE * out, unsigned int all)
 		}
 }
 
-static void print_crl_info(gnutls_x509_crl_t crl, FILE * out)
+static void print_crl_info(gnutls_x509_crl_t crl, FILE * out, common_info_st *cinfo)
 {
 	gnutls_datum_t data;
 	gnutls_datum_t cout;
 	int ret;
 
-	if (outcert_format == GNUTLS_X509_FMT_PEM) {
+	if (cinfo->outtext) {
 		ret = gnutls_x509_crl_print(crl, full_format, &data);
 		if (ret < 0) {
 			fprintf(stderr, "crl_print: %s\n", gnutls_strerror(ret));
@@ -1582,7 +1583,7 @@ static void print_crl_info(gnutls_x509_crl_t crl, FILE * out)
 	gnutls_free(cout.data);
 }
 
-void crl_info(void)
+void crl_info(common_info_st *cinfo)
 {
 	gnutls_x509_crl_t crl;
 	int ret;
@@ -1611,18 +1612,18 @@ void crl_info(void)
 		app_exit(1);
 	}
 
-	print_crl_info(crl, outfile);
+	print_crl_info(crl, outfile, cinfo);
 
 	gnutls_x509_crl_deinit(crl);
 }
 
-static void print_crq_info(gnutls_x509_crq_t crq, FILE * out)
+static void print_crq_info(gnutls_x509_crq_t crq, FILE * out, common_info_st *cinfo)
 {
 	gnutls_datum_t data;
 	int ret;
 	size_t size;
 
-	if (outcert_format == GNUTLS_X509_FMT_PEM) {
+	if (cinfo->outtext) {
 		ret = gnutls_x509_crq_print(crq, full_format, &data);
 		if (ret < 0) {
 			fprintf(stderr, "crq_print: %s\n",
@@ -1637,10 +1638,10 @@ static void print_crq_info(gnutls_x509_crq_t crq, FILE * out)
 
 	ret = gnutls_x509_crq_verify(crq, 0);
 	if (ret < 0) {
-		fprintf(outcert_format == GNUTLS_X509_FMT_PEM ? out : stderr,
+		fprintf(cinfo->outtext ? out : stderr,
 			"Self signature: FAILED\n\n");
 	} else {
-		fprintf(outcert_format == GNUTLS_X509_FMT_PEM ? out : stderr,
+		fprintf(cinfo->outtext ? out : stderr,
 			"Self signature: verified\n\n");
 	}
 
@@ -1654,7 +1655,7 @@ static void print_crq_info(gnutls_x509_crq_t crq, FILE * out)
 	fwrite(lbuffer, 1, size, outfile);
 }
 
-void crq_info(void)
+void crq_info(common_info_st *cinfo)
 {
 	gnutls_x509_crq_t crq;
 	int ret;
@@ -1683,7 +1684,7 @@ void crq_info(void)
 		app_exit(1);
 	}
 
-	print_crq_info(crq, outfile);
+	print_crq_info(crq, outfile, cinfo);
 
 	gnutls_x509_crq_deinit(crq);
 }
@@ -2052,7 +2053,7 @@ void generate_request(common_info_st * cinfo)
 		app_exit(1);
 	}
 
-	print_crq_info(crq, outfile);
+	print_crq_info(crq, outfile, cinfo);
 
 	gnutls_x509_crq_deinit(crq);
 	gnutls_privkey_deinit(pkey);
@@ -2531,7 +2532,7 @@ void verify_crl(common_info_st * cinfo)
 		app_exit(1);
 	}
 
-	print_crl_info(crl, outfile);
+	print_crl_info(crl, outfile, cinfo);
 
 	ret = gnutls_x509_crl_verify(crl, &issuer, 1, 0, &output);
 	if (ret < 0) {
@@ -3864,8 +3865,6 @@ gnutls_pubkey_t find_pubkey(gnutls_x509_crt_t crt, common_info_st * cinfo)
 void pubkey_info(gnutls_x509_crt_t crt, common_info_st * cinfo)
 {
 	gnutls_pubkey_t pubkey;
-	int ret;
-	size_t size;
 
 	pubkey = find_pubkey(crt, cinfo);
 	if (pubkey == 0) {
@@ -3873,27 +3872,7 @@ void pubkey_info(gnutls_x509_crt_t crt, common_info_st * cinfo)
 		app_exit(1);
 	}
 
-	if (outcert_format == GNUTLS_X509_FMT_DER) {
-		size = lbuffer_size;
-		ret =
-		    gnutls_pubkey_export(pubkey, outcert_format, lbuffer,
-					 &size);
-		if (ret < 0) {
-			fprintf(stderr, "export error: %s\n",
-				gnutls_strerror(ret));
-			app_exit(1);
-		}
-
-		fwrite(lbuffer, 1, size, outfile);
-
-		gnutls_pubkey_deinit(pubkey);
-
-		return;
-	}
-
-	/* PEM */
-
-	_pubkey_info(outfile, full_format, pubkey);
+	print_pubkey_info(pubkey, outfile, full_format, outcert_format, cinfo->outtext);
 	gnutls_pubkey_deinit(pubkey);
 }
author	Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>	2018-11-16 03:46:52 +0300
committer	Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>	2018-11-26 16:56:33 +0300
commit	a0754ce52e28851fe6cef367ef0fbf45914ada49 (patch)
tree	19bf216137ccc879056d0baf363e115d7a6f50c0 /src/certtool.c
parent	d80b16f6a1da09b9c96ef5efc9ff890d1578d63a (diff)
download	gnutls-a0754ce52e28851fe6cef367ef0fbf45914ada49.tar.gz