aboutsummaryrefslogtreecommitdiffstats
path: root/sm/keylist.c
diff options
context:
space:
mode:
Diffstat (limited to 'sm/keylist.c')
-rw-r--r--sm/keylist.c438
1 files changed, 222 insertions, 216 deletions
diff --git a/sm/keylist.c b/sm/keylist.c
index 1c9323ca3..1b7969543 100644
--- a/sm/keylist.c
+++ b/sm/keylist.c
@@ -38,9 +38,10 @@
#include "../kbx/keybox.h" /* for KEYBOX_FLAG_* */
#include "i18n.h"
-struct list_external_parm_s {
+struct list_external_parm_s
+{
ctrl_t ctrl;
- FILE *fp;
+ estream_t fp;
int print_header;
int with_colons;
int with_chain;
@@ -50,7 +51,8 @@ struct list_external_parm_s {
/* This table is to map Extended Key Usage OIDs to human readable
names. */
-struct {
+struct
+{
const char *oid;
const char *name;
} key_purpose_map[] = {
@@ -78,7 +80,8 @@ struct {
/* A table mapping OIDs to a descriptive string. */
-static struct {
+static struct
+{
char *oid;
char *name;
unsigned int flag;
@@ -201,7 +204,7 @@ get_oid_desc (const char *oid, unsigned int *flag)
static void
-print_key_data (ksba_cert_t cert, FILE *fp)
+print_key_data (ksba_cert_t cert, estream_t fp)
{
#if 0
int n = pk ? pubkey_get_npkey( pk->pubkey_algo ) : 0;
@@ -209,7 +212,7 @@ print_key_data (ksba_cert_t cert, FILE *fp)
for(i=0; i < n; i++ )
{
- fprintf (fp, "pkd:%d:%u:", i, mpi_get_nbits( pk->pkey[i] ) );
+ es_fprintf (fp, "pkd:%d:%u:", i, mpi_get_nbits( pk->pkey[i] ) );
mpi_print(stdout, pk->pkey[i], 1 );
putchar(':');
putchar('\n');
@@ -218,7 +221,7 @@ print_key_data (ksba_cert_t cert, FILE *fp)
}
static void
-print_capabilities (ksba_cert_t cert, FILE *fp)
+print_capabilities (ksba_cert_t cert, estream_t fp)
{
gpg_error_t err;
unsigned int use;
@@ -230,7 +233,7 @@ print_capabilities (ksba_cert_t cert, FILE *fp)
if (!err && buflen)
{
if (*buffer)
- putc ('q', fp);
+ es_putc ('q', fp);
}
else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
; /* Don't know - will not get marked as 'q' */
@@ -242,12 +245,12 @@ print_capabilities (ksba_cert_t cert, FILE *fp)
if (gpg_err_code (err) == GPG_ERR_NO_DATA
|| gpg_err_code (err) == GPG_ERR_NO_VALUE)
{
- putc ('e', fp);
- putc ('s', fp);
- putc ('c', fp);
- putc ('E', fp);
- putc ('S', fp);
- putc ('C', fp);
+ es_putc ('e', fp);
+ es_putc ('s', fp);
+ es_putc ('c', fp);
+ es_putc ('E', fp);
+ es_putc ('S', fp);
+ es_putc ('C', fp);
return;
}
if (err)
@@ -258,27 +261,27 @@ print_capabilities (ksba_cert_t cert, FILE *fp)
}
if ((use & (KSBA_KEYUSAGE_KEY_ENCIPHERMENT|KSBA_KEYUSAGE_DATA_ENCIPHERMENT)))
- putc ('e', fp);
+ es_putc ('e', fp);
if ((use & (KSBA_KEYUSAGE_DIGITAL_SIGNATURE|KSBA_KEYUSAGE_NON_REPUDIATION)))
- putc ('s', fp);
+ es_putc ('s', fp);
if ((use & KSBA_KEYUSAGE_KEY_CERT_SIGN))
- putc ('c', fp);
+ es_putc ('c', fp);
if ((use & (KSBA_KEYUSAGE_KEY_ENCIPHERMENT|KSBA_KEYUSAGE_DATA_ENCIPHERMENT)))
- putc ('E', fp);
+ es_putc ('E', fp);
if ((use & (KSBA_KEYUSAGE_DIGITAL_SIGNATURE|KSBA_KEYUSAGE_NON_REPUDIATION)))
- putc ('S', fp);
+ es_putc ('S', fp);
if ((use & KSBA_KEYUSAGE_KEY_CERT_SIGN))
- putc ('C', fp);
+ es_putc ('C', fp);
}
static void
-print_time (gnupg_isotime_t t, FILE *fp)
+print_time (gnupg_isotime_t t, estream_t fp)
{
if (!t || !*t)
;
else
- fputs (t, fp);
+ es_fputs (t, fp);
}
@@ -330,7 +333,7 @@ email_kludge (const char *name)
/* List one certificate in colon mode */
static void
list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
- FILE *fp, int have_secret)
+ estream_t fp, int have_secret)
{
int rc;
int idx;
@@ -375,7 +378,7 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
}
- fputs (have_secret? "crs:":"crt:", fp);
+ es_fputs (have_secret? "crs:":"crt:", fp);
/* Note: We can't use multiple flags, like "ei", because the
validation check does only return one error. */
@@ -418,18 +421,18 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
}
if (*truststring)
- fputs (truststring, fp);
+ es_fputs (truststring, fp);
algo = gpgsm_get_key_algo_info (cert, &nbits);
- fprintf (fp, ":%u:%d:%s:", nbits, algo, fpr+24);
+ es_fprintf (fp, ":%u:%d:%s:", nbits, algo, fpr+24);
/* We assume --fixed-list-mode for gpgsm */
ksba_cert_get_validity (cert, 0, t);
print_time (t, fp);
- putc (':', fp);
+ es_putc (':', fp);
ksba_cert_get_validity (cert, 1, t);
print_time ( t, fp);
- putc (':', fp);
+ es_putc (':', fp);
/* Field 8, serial number: */
if ((sexp = ksba_cert_get_serial (cert)))
{
@@ -443,34 +446,34 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
len = len*10 + atoi_1 (s);
if (*s == ':')
for (s++; len; len--, s++)
- fprintf (fp,"%02X", *s);
+ es_fprintf (fp,"%02X", *s);
}
xfree (sexp);
}
- putc (':', fp);
+ es_putc (':', fp);
/* Field 9, ownertrust - not used here */
- putc (':', fp);
+ es_putc (':', fp);
/* field 10, old user ID - we use it here for the issuer DN */
if ((p = ksba_cert_get_issuer (cert,0)))
{
- print_sanitized_string (fp, p, ':');
+ es_write_sanitized (fp, p, strlen (p), ":", NULL);
xfree (p);
}
- putc (':', fp);
+ es_putc (':', fp);
/* Field 11, signature class - not used */
- putc (':', fp);
+ es_putc (':', fp);
/* Field 12, capabilities: */
print_capabilities (cert, fp);
- putc (':', fp);
- putc ('\n', fp);
+ es_putc (':', fp);
+ es_putc ('\n', fp);
/* FPR record */
- fprintf (fp, "fpr:::::::::%s:::", fpr);
+ es_fprintf (fp, "fpr:::::::::%s:::", fpr);
/* Print chaining ID (field 13)*/
if (chain_id)
- fputs (chain_id, fp);
- putc (':', fp);
- putc ('\n', fp);
+ es_fputs (chain_id, fp);
+ es_putc (':', fp);
+ es_putc ('\n', fp);
xfree (fpr); fpr = NULL; chain_id = NULL;
xfree (chain_id_buffer); chain_id_buffer = NULL;
@@ -478,7 +481,7 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
{
if ( (p = gpgsm_get_keygrip_hexstring (cert)))
{
- fprintf (fp, "grp:::::::::%s:\n", p);
+ es_fprintf (fp, "grp:::::::::%s:\n", p);
xfree (p);
}
print_key_data (cert, fp);
@@ -486,11 +489,11 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
for (idx=0; (p = ksba_cert_get_subject (cert,idx)); idx++)
{
- fprintf (fp, "uid:%s::::::::", truststring);
- print_sanitized_string (fp, p, ':');
- putc (':', fp);
- putc (':', fp);
- putc ('\n', fp);
+ es_fprintf (fp, "uid:%s::::::::", truststring);
+ es_write_sanitized (fp, p, strlen (p), ":", NULL);
+ es_putc (':', fp);
+ es_putc (':', fp);
+ es_putc ('\n', fp);
if (!idx)
{
/* It would be better to get the faked email address from
@@ -500,11 +503,11 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
char *pp = email_kludge (p);
if (pp)
{
- fprintf (fp, "uid:%s::::::::", truststring);
- print_sanitized_string (fp, pp, ':');
- putc (':', fp);
- putc (':', fp);
- putc ('\n', fp);
+ es_fprintf (fp, "uid:%s::::::::", truststring);
+ es_write_sanitized (fp, pp, strlen (pp), ":", NULL);
+ es_putc (':', fp);
+ es_putc (':', fp);
+ es_putc ('\n', fp);
xfree (pp);
}
}
@@ -514,16 +517,16 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
static void
-print_name_raw (FILE *fp, const char *string)
+print_name_raw (estream_t fp, const char *string)
{
if (!string)
- fputs ("[error]", fp);
+ es_fputs ("[error]", fp);
else
- print_sanitized_string (fp, string, 0);
+ es_write_sanitized (fp, string, strlen (string), NULL, NULL);
}
static void
-print_names_raw (FILE *fp, int indent, ksba_name_t name)
+print_names_raw (estream_t fp, int indent, ksba_name_t name)
{
int idx;
const char *s;
@@ -534,16 +537,16 @@ print_names_raw (FILE *fp, int indent, ksba_name_t name)
if (!name)
{
- fputs ("none\n", fp);
+ es_fputs ("none\n", fp);
return;
}
for (idx=0; (s = ksba_name_enum (name, idx)); idx++)
{
char *p = ksba_name_get_uri (name, idx);
- printf ("%*s", idx||indent_all?indent:0, "");
- print_sanitized_string (fp, p?p:s, 0);
- putc ('\n', fp);
+ es_fprintf (fp, "%*s", idx||indent_all?indent:0, "");
+ es_write_sanitized (fp, p?p:s, strlen (p?p:s), NULL, NULL);
+ es_putc ('\n', fp);
xfree (p);
}
}
@@ -554,7 +557,7 @@ print_names_raw (FILE *fp, int indent, ksba_name_t name)
output sanitation. It is mainly useful for debugging. */
static void
list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
- ksba_cert_t cert, FILE *fp, int have_secret,
+ ksba_cert_t cert, estream_t fp, int have_secret,
int with_validation)
{
gpg_error_t err;
@@ -571,162 +574,163 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
unsigned int reason;
sexp = ksba_cert_get_serial (cert);
- fputs ("Serial number: ", fp);
+ es_fputs ("Serial number: ", fp);
gpgsm_print_serial (fp, sexp);
ksba_free (sexp);
- putc ('\n', fp);
+ es_putc ('\n', fp);
dn = ksba_cert_get_issuer (cert, 0);
- fputs (" Issuer: ", fp);
+ es_fputs (" Issuer: ", fp);
print_name_raw (fp, dn);
ksba_free (dn);
- putc ('\n', fp);
+ es_putc ('\n', fp);
for (idx=1; (dn = ksba_cert_get_issuer (cert, idx)); idx++)
{
- fputs (" aka: ", fp);
+ es_fputs (" aka: ", fp);
print_name_raw (fp, dn);
ksba_free (dn);
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
dn = ksba_cert_get_subject (cert, 0);
- fputs (" Subject: ", fp);
+ es_fputs (" Subject: ", fp);
print_name_raw (fp, dn);
ksba_free (dn);
- putc ('\n', fp);
+ es_putc ('\n', fp);
for (idx=1; (dn = ksba_cert_get_subject (cert, idx)); idx++)
{
- fputs (" aka: ", fp);
+ es_fputs (" aka: ", fp);
print_name_raw (fp, dn);
ksba_free (dn);
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
dn = gpgsm_get_fingerprint_string (cert, 0);
- fprintf (fp, " sha1_fpr: %s\n", dn?dn:"error");
+ es_fprintf (fp, " sha1_fpr: %s\n", dn?dn:"error");
xfree (dn);
dn = gpgsm_get_fingerprint_string (cert, GCRY_MD_MD5);
- fprintf (fp, " md5_fpr: %s\n", dn?dn:"error");
+ es_fprintf (fp, " md5_fpr: %s\n", dn?dn:"error");
xfree (dn);
dn = gpgsm_get_certid (cert);
- fprintf (fp, " certid: %s\n", dn?dn:"error");
+ es_fprintf (fp, " certid: %s\n", dn?dn:"error");
xfree (dn);
dn = gpgsm_get_keygrip_hexstring (cert);
- fprintf (fp, " keygrip: %s\n", dn?dn:"error");
+ es_fprintf (fp, " keygrip: %s\n", dn?dn:"error");
xfree (dn);
ksba_cert_get_validity (cert, 0, t);
- fputs (" notBefore: ", fp);
+ es_fputs (" notBefore: ", fp);
gpgsm_print_time (fp, t);
- putc ('\n', fp);
- fputs (" notAfter: ", fp);
+ es_putc ('\n', fp);
+ es_fputs (" notAfter: ", fp);
ksba_cert_get_validity (cert, 1, t);
gpgsm_print_time (fp, t);
- putc ('\n', fp);
+ es_putc ('\n', fp);
oid = ksba_cert_get_digest_algo (cert);
s = get_oid_desc (oid, NULL);
- fprintf (fp, " hashAlgo: %s%s%s%s\n", oid, s?" (":"",s?s:"",s?")":"");
+ es_fprintf (fp, " hashAlgo: %s%s%s%s\n", oid, s?" (":"",s?s:"",s?")":"");
{
const char *algoname;
unsigned int nbits;
algoname = gcry_pk_algo_name (gpgsm_get_key_algo_info (cert, &nbits));
- fprintf (fp, " keyType: %u bit %s\n", nbits, algoname? algoname:"?");
+ es_fprintf (fp, " keyType: %u bit %s\n",
+ nbits, algoname? algoname:"?");
}
/* subjectKeyIdentifier */
- fputs (" subjKeyId: ", fp);
+ es_fputs (" subjKeyId: ", fp);
err = ksba_cert_get_subj_key_id (cert, NULL, &keyid);
if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA
|| gpg_err_code (err) == GPG_ERR_NO_VALUE)
{
if (gpg_err_code (err) == GPG_ERR_NO_DATA
|| gpg_err_code (err) == GPG_ERR_NO_VALUE)
- fputs ("[none]\n", fp);
+ es_fputs ("[none]\n", fp);
else
{
gpgsm_print_serial (fp, keyid);
ksba_free (keyid);
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
}
else
- fputs ("[?]\n", fp);
+ es_fputs ("[?]\n", fp);
/* authorityKeyIdentifier */
- fputs (" authKeyId: ", fp);
+ es_fputs (" authKeyId: ", fp);
err = ksba_cert_get_auth_key_id (cert, &keyid, &name, &sexp);
if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA
|| gpg_err_code (err) == GPG_ERR_NO_VALUE)
{
if (gpg_err_code (err) == GPG_ERR_NO_DATA || !name
|| gpg_err_code (err) == GPG_ERR_NO_VALUE)
- fputs ("[none]\n", fp);
+ es_fputs ("[none]\n", fp);
else
{
gpgsm_print_serial (fp, sexp);
ksba_free (sexp);
- putc ('\n', fp);
+ es_putc ('\n', fp);
print_names_raw (fp, -15, name);
ksba_name_release (name);
}
if (keyid)
{
- fputs (" authKeyId.ki: ", fp);
+ es_fputs (" authKeyId.ki: ", fp);
gpgsm_print_serial (fp, keyid);
ksba_free (keyid);
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
}
else
- fputs ("[?]\n", fp);
+ es_fputs ("[?]\n", fp);
- fputs (" keyUsage:", fp);
+ es_fputs (" keyUsage:", fp);
err = ksba_cert_get_key_usage (cert, &kusage);
if (gpg_err_code (err) != GPG_ERR_NO_DATA
&& gpg_err_code (err) != GPG_ERR_NO_VALUE)
{
if (err)
- fprintf (fp, " [error: %s]", gpg_strerror (err));
+ es_fprintf (fp, " [error: %s]", gpg_strerror (err));
else
{
if ( (kusage & KSBA_KEYUSAGE_DIGITAL_SIGNATURE))
- fputs (" digitalSignature", fp);
+ es_fputs (" digitalSignature", fp);
if ( (kusage & KSBA_KEYUSAGE_NON_REPUDIATION))
- fputs (" nonRepudiation", fp);
+ es_fputs (" nonRepudiation", fp);
if ( (kusage & KSBA_KEYUSAGE_KEY_ENCIPHERMENT))
- fputs (" keyEncipherment", fp);
+ es_fputs (" keyEncipherment", fp);
if ( (kusage & KSBA_KEYUSAGE_DATA_ENCIPHERMENT))
- fputs (" dataEncipherment", fp);
+ es_fputs (" dataEncipherment", fp);
if ( (kusage & KSBA_KEYUSAGE_KEY_AGREEMENT))
- fputs (" keyAgreement", fp);
+ es_fputs (" keyAgreement", fp);
if ( (kusage & KSBA_KEYUSAGE_KEY_CERT_SIGN))
- fputs (" certSign", fp);
+ es_fputs (" certSign", fp);
if ( (kusage & KSBA_KEYUSAGE_CRL_SIGN))
- fputs (" crlSign", fp);
+ es_fputs (" crlSign", fp);
if ( (kusage & KSBA_KEYUSAGE_ENCIPHER_ONLY))
- fputs (" encipherOnly", fp);
+ es_fputs (" encipherOnly", fp);
if ( (kusage & KSBA_KEYUSAGE_DECIPHER_ONLY))
- fputs (" decipherOnly", fp);
+ es_fputs (" decipherOnly", fp);
}
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
else
- fputs (" [none]\n", fp);
+ es_fputs (" [none]\n", fp);
- fputs (" extKeyUsage: ", fp);
+ es_fputs (" extKeyUsage: ", fp);
err = ksba_cert_get_ext_key_usages (cert, &string);
if (gpg_err_code (err) != GPG_ERR_NO_DATA
&& gpg_err_code (err) != GPG_ERR_NO_VALUE)
{
if (err)
- fprintf (fp, "[error: %s]", gpg_strerror (err));
+ es_fprintf (fp, "[error: %s]", gpg_strerror (err));
else
{
p = string;
@@ -736,31 +740,31 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
for (i=0; key_purpose_map[i].oid; i++)
if ( !strcmp (key_purpose_map[i].oid, p) )
break;
- fputs (key_purpose_map[i].oid?key_purpose_map[i].name:p, fp);
+ es_fputs (key_purpose_map[i].oid?key_purpose_map[i].name:p, fp);
p = pend;
if (*p != 'C')
- fputs (" (suggested)", fp);
+ es_fputs (" (suggested)", fp);
if ((p = strchr (p, '\n')))
{
p++;
- fputs ("\n ", fp);
+ es_fputs ("\n ", fp);
}
}
xfree (string);
}
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
else
- fputs ("[none]\n", fp);
+ es_fputs ("[none]\n", fp);
- fputs (" policies: ", fp);
+ es_fputs (" policies: ", fp);
err = ksba_cert_get_cert_policies (cert, &string);
if (gpg_err_code (err) != GPG_ERR_NO_DATA
&& gpg_err_code (err) != GPG_ERR_NO_VALUE)
{
if (err)
- fprintf (fp, "[error: %s]", gpg_strerror (err));
+ es_fprintf (fp, "[error: %s]", gpg_strerror (err));
else
{
p = string;
@@ -770,111 +774,111 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
for (i=0; key_purpose_map[i].oid; i++)
if ( !strcmp (key_purpose_map[i].oid, p) )
break;
- fputs (p, fp);
+ es_fputs (p, fp);
p = pend;
if (*p == 'C')
- fputs (" (critical)", fp);
+ es_fputs (" (critical)", fp);
if ((p = strchr (p, '\n')))
{
p++;
- fputs ("\n ", fp);
+ es_fputs ("\n ", fp);
}
}
xfree (string);
}
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
else
- fputs ("[none]\n", fp);
+ es_fputs ("[none]\n", fp);
- fputs (" chainLength: ", fp);
+ es_fputs (" chainLength: ", fp);
err = ksba_cert_is_ca (cert, &is_ca, &chainlen);
if (err || is_ca)
{
if (gpg_err_code (err) == GPG_ERR_NO_VALUE )
- fprintf (fp, "[none]");
+ es_fprintf (fp, "[none]");
else if (err)
- fprintf (fp, "[error: %s]", gpg_strerror (err));
+ es_fprintf (fp, "[error: %s]", gpg_strerror (err));
else if (chainlen == -1)
- fputs ("unlimited", fp);
+ es_fputs ("unlimited", fp);
else
- fprintf (fp, "%d", chainlen);
- putc ('\n', fp);
+ es_fprintf (fp, "%d", chainlen);
+ es_putc ('\n', fp);
}
else
- fputs ("not a CA\n", fp);
+ es_fputs ("not a CA\n", fp);
/* CRL distribution point */
for (idx=0; !(err=ksba_cert_get_crl_dist_point (cert, idx, &name, &name2,
&reason)) ;idx++)
{
- fputs (" crlDP: ", fp);
+ es_fputs (" crlDP: ", fp);
print_names_raw (fp, 15, name);
if (reason)
{
- fputs (" reason: ", fp);
+ es_fputs (" reason: ", fp);
if ( (reason & KSBA_CRLREASON_UNSPECIFIED))
- fputs (" unused", stdout);
+ es_fputs (" unused", fp);
if ( (reason & KSBA_CRLREASON_KEY_COMPROMISE))
- fputs (" keyCompromise", stdout);
+ es_fputs (" keyCompromise", fp);
if ( (reason & KSBA_CRLREASON_CA_COMPROMISE))
- fputs (" caCompromise", stdout);
+ es_fputs (" caCompromise", fp);
if ( (reason & KSBA_CRLREASON_AFFILIATION_CHANGED))
- fputs (" affiliationChanged", stdout);
+ es_fputs (" affiliationChanged", fp);
if ( (reason & KSBA_CRLREASON_SUPERSEDED))
- fputs (" superseded", stdout);
+ es_fputs (" superseded", fp);
if ( (reason & KSBA_CRLREASON_CESSATION_OF_OPERATION))
- fputs (" cessationOfOperation", stdout);
+ es_fputs (" cessationOfOperation", fp);
if ( (reason & KSBA_CRLREASON_CERTIFICATE_HOLD))
- fputs (" certificateHold", stdout);
- putchar ('\n');
+ es_fputs (" certificateHold", fp);
+ es_putc ('\n', fp);
}
- fputs (" issuer: ", fp);
+ es_fputs (" issuer: ", fp);
print_names_raw (fp, 23, name2);
ksba_name_release (name);
ksba_name_release (name2);
}
if (err && gpg_err_code (err) != GPG_ERR_EOF
&& gpg_err_code (err) != GPG_ERR_NO_VALUE)
- fputs (" crlDP: [error]\n", fp);
+ es_fputs (" crlDP: [error]\n", fp);
else if (!idx)
- fputs (" crlDP: [none]\n", fp);
+ es_fputs (" crlDP: [none]\n", fp);
/* authorityInfoAccess. */
for (idx=0; !(err=ksba_cert_get_authority_info_access (cert, idx, &string,
&name)); idx++)
{
- fputs (" authInfo: ", fp);
+ es_fputs (" authInfo: ", fp);
s = get_oid_desc (string, NULL);
- fprintf (fp, "%s%s%s%s\n", string, s?" (":"", s?s:"", s?")":"");
+ es_fprintf (fp, "%s%s%s%s\n", string, s?" (":"", s?s:"", s?")":"");
print_names_raw (fp, -15, name);
ksba_name_release (name);
ksba_free (string);
}
if (err && gpg_err_code (err) != GPG_ERR_EOF
&& gpg_err_code (err) != GPG_ERR_NO_VALUE)
- fputs (" authInfo: [error]\n", fp);
+ es_fputs (" authInfo: [error]\n", fp);
else if (!idx)
- fputs (" authInfo: [none]\n", fp);
+ es_fputs (" authInfo: [none]\n", fp);
/* subjectInfoAccess. */
for (idx=0; !(err=ksba_cert_get_subject_info_access (cert, idx, &string,
&name)); idx++)
{
- fputs (" subjectInfo: ", fp);
+ es_fputs (" subjectInfo: ", fp);
s = get_oid_desc (string, NULL);
- fprintf (fp, "%s%s%s%s\n", string, s?" (":"", s?s:"", s?")":"");
+ es_fprintf (fp, "%s%s%s%s\n", string, s?" (":"", s?s:"", s?")":"");
print_names_raw (fp, -15, name);
ksba_name_release (name);
ksba_free (string);
}
if (err && gpg_err_code (err) != GPG_ERR_EOF
&& gpg_err_code (err) != GPG_ERR_NO_VALUE)
- fputs (" subjInfo: [error]\n", fp);
+ es_fputs (" subjInfo: [error]\n", fp);
else if (!idx)
- fputs (" subjInfo: [none]\n", fp);
+ es_fputs (" subjInfo: [none]\n", fp);
for (idx=0; !(err=ksba_cert_get_extension (cert, idx,
@@ -885,7 +889,7 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
s = get_oid_desc (oid, &flag);
if (!(flag & 1))
- fprintf (fp, " %s: %s%s%s%s [%d octets]\n",
+ es_fprintf (fp, " %s: %s%s%s%s [%d octets]\n",
i? "critExtn":" extn",
oid, s?" (":"", s?s:"", s?")":"", (int)len);
}
@@ -895,9 +899,9 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
{
err = gpgsm_validate_chain (ctrl, cert, NULL, 1, fp, 0);
if (!err)
- fprintf (fp, " [certificate is good]\n");
+ es_fprintf (fp, " [certificate is good]\n");
else
- fprintf (fp, " [certificate is bad: %s]\n", gpg_strerror (err));
+ es_fprintf (fp, " [certificate is bad: %s]\n", gpg_strerror (err));
}
if (opt.with_ephemeral_keys && hd)
@@ -906,9 +910,9 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
err = keydb_get_flags (hd, KEYBOX_FLAG_BLOB, 0, &blobflags);
if (err)
- fprintf (fp, " [error getting keyflags: %s]\n", gpg_strerror (err));
+ es_fprintf (fp, " [error getting keyflags: %s]\n",gpg_strerror (err));
else if ((blobflags & 2))
- fprintf (fp, " [stored as ephemeral]\n");
+ es_fprintf (fp, " [stored as ephemeral]\n");
}
}
@@ -918,7 +922,7 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
/* List one certificate in standard mode */
static void
-list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
+list_cert_std (ctrl_t ctrl, ksba_cert_t cert, estream_t fp, int have_secret,
int with_validation)
{
gpg_error_t err;
@@ -931,44 +935,44 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
char *string, *p, *pend;
sexp = ksba_cert_get_serial (cert);
- fputs ("Serial number: ", fp);
+ es_fputs ("Serial number: ", fp);
gpgsm_print_serial (fp, sexp);
ksba_free (sexp);
- putc ('\n', fp);
+ es_putc ('\n', fp);
dn = ksba_cert_get_issuer (cert, 0);
- fputs (" Issuer: ", fp);
- gpgsm_print_name (fp, dn);
+ es_fputs (" Issuer: ", fp);
+ gpgsm_es_print_name (fp, dn);
ksba_free (dn);
- putc ('\n', fp);
+ es_putc ('\n', fp);
for (idx=1; (dn = ksba_cert_get_issuer (cert, idx)); idx++)
{
- fputs (" aka: ", fp);
- gpgsm_print_name (fp, dn);
+ es_fputs (" aka: ", fp);
+ gpgsm_es_print_name (fp, dn);
ksba_free (dn);
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
dn = ksba_cert_get_subject (cert, 0);
- fputs (" Subject: ", fp);
- gpgsm_print_name (fp, dn);
+ es_fputs (" Subject: ", fp);
+ gpgsm_es_print_name (fp, dn);
ksba_free (dn);
- putc ('\n', fp);
+ es_putc ('\n', fp);
for (idx=1; (dn = ksba_cert_get_subject (cert, idx)); idx++)
{
- fputs (" aka: ", fp);
- gpgsm_print_name (fp, dn);
+ es_fputs (" aka: ", fp);
+ gpgsm_es_print_name (fp, dn);
ksba_free (dn);
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
ksba_cert_get_validity (cert, 0, t);
- fputs (" validity: ", fp);
+ es_fputs (" validity: ", fp);
gpgsm_print_time (fp, t);
- fputs (" through ", fp);
+ es_fputs (" through ", fp);
ksba_cert_get_validity (cert, 1, t);
gpgsm_print_time (fp, t);
- putc ('\n', fp);
+ es_putc ('\n', fp);
{
@@ -976,7 +980,8 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
unsigned int nbits;
algoname = gcry_pk_algo_name (gpgsm_get_key_algo_info (cert, &nbits));
- fprintf (fp, " key type: %u bit %s\n", nbits, algoname? algoname:"?");
+ es_fprintf (fp, " key type: %u bit %s\n",
+ nbits, algoname? algoname:"?");
}
@@ -984,40 +989,40 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
if (gpg_err_code (err) != GPG_ERR_NO_DATA
&& gpg_err_code (err) != GPG_ERR_NO_VALUE)
{
- fputs (" key usage:", fp);
+ es_fputs (" key usage:", fp);
if (err)
- fprintf (fp, " [error: %s]", gpg_strerror (err));
+ es_fprintf (fp, " [error: %s]", gpg_strerror (err));
else
{
if ( (kusage & KSBA_KEYUSAGE_DIGITAL_SIGNATURE))
- fputs (" digitalSignature", fp);
+ es_fputs (" digitalSignature", fp);
if ( (kusage & KSBA_KEYUSAGE_NON_REPUDIATION))
- fputs (" nonRepudiation", fp);
+ es_fputs (" nonRepudiation", fp);
if ( (kusage & KSBA_KEYUSAGE_KEY_ENCIPHERMENT))
- fputs (" keyEncipherment", fp);
+ es_fputs (" keyEncipherment", fp);
if ( (kusage & KSBA_KEYUSAGE_DATA_ENCIPHERMENT))
- fputs (" dataEncipherment", fp);
+ es_fputs (" dataEncipherment", fp);
if ( (kusage & KSBA_KEYUSAGE_KEY_AGREEMENT))
- fputs (" keyAgreement", fp);
+ es_fputs (" keyAgreement", fp);
if ( (kusage & KSBA_KEYUSAGE_KEY_CERT_SIGN))
- fputs (" certSign", fp);
+ es_fputs (" certSign", fp);
if ( (kusage & KSBA_KEYUSAGE_CRL_SIGN))
- fputs (" crlSign", fp);
+ es_fputs (" crlSign", fp);
if ( (kusage & KSBA_KEYUSAGE_ENCIPHER_ONLY))
- fputs (" encipherOnly", fp);
+ es_fputs (" encipherOnly", fp);
if ( (kusage & KSBA_KEYUSAGE_DECIPHER_ONLY))
- fputs (" decipherOnly", fp);
+ es_fputs (" decipherOnly", fp);
}
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
err = ksba_cert_get_ext_key_usages (cert, &string);
if (gpg_err_code (err) != GPG_ERR_NO_DATA
&& gpg_err_code (err) != GPG_ERR_NO_VALUE)
{
- fputs ("ext key usage: ", fp);
+ es_fputs ("ext key usage: ", fp);
if (err)
- fprintf (fp, "[error: %s]", gpg_strerror (err));
+ es_fprintf (fp, "[error: %s]", gpg_strerror (err));
else
{
p = string;
@@ -1027,28 +1032,28 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
for (i=0; key_purpose_map[i].oid; i++)
if ( !strcmp (key_purpose_map[i].oid, p) )
break;
- fputs (key_purpose_map[i].oid?key_purpose_map[i].name:p, fp);
+ es_fputs (key_purpose_map[i].oid?key_purpose_map[i].name:p, fp);
p = pend;
if (*p != 'C')
- fputs (" (suggested)", fp);
+ es_fputs (" (suggested)", fp);
if ((p = strchr (p, '\n')))
{
p++;
- fputs (", ", fp);
+ es_fputs (", ", fp);
}
}
xfree (string);
}
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
err = ksba_cert_get_cert_policies (cert, &string);
if (gpg_err_code (err) != GPG_ERR_NO_DATA
&& gpg_err_code (err) != GPG_ERR_NO_VALUE)
{
- fputs (" policies: ", fp);
+ es_fputs (" policies: ", fp);
if (err)
- fprintf (fp, "[error: %s]", gpg_strerror (err));
+ es_fprintf (fp, "[error: %s]", gpg_strerror (err));
else
{
for (p=string; *p; p++)
@@ -1056,36 +1061,36 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
if (*p == '\n')
*p = ',';
}
- print_sanitized_string (fp, string, 0);
+ es_write_sanitized (fp, string, strlen (string), NULL, NULL);
xfree (string);
}
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
err = ksba_cert_is_ca (cert, &is_ca, &chainlen);
if (err || is_ca)
{
- fputs (" chain length: ", fp);
+ es_fputs (" chain length: ", fp);
if (gpg_err_code (err) == GPG_ERR_NO_VALUE )
- fprintf (fp, "none");
+ es_fprintf (fp, "none");
else if (err)
- fprintf (fp, "[error: %s]", gpg_strerror (err));
+ es_fprintf (fp, "[error: %s]", gpg_strerror (err));
else if (chainlen == -1)
- fputs ("unlimited", fp);
+ es_fputs ("unlimited", fp);
else
- fprintf (fp, "%d", chainlen);
- putc ('\n', fp);
+ es_fprintf (fp, "%d", chainlen);
+ es_putc ('\n', fp);
}
if (opt.with_md5_fingerprint)
{
dn = gpgsm_get_fingerprint_string (cert, GCRY_MD_MD5);
- fprintf (fp, " md5 fpr: %s\n", dn?dn:"error");
+ es_fprintf (fp, " md5 fpr: %s\n", dn?dn:"error");
xfree (dn);
}
dn = gpgsm_get_fingerprint_string (cert, 0);
- fprintf (fp, " fingerprint: %s\n", dn?dn:"error");
+ es_fprintf (fp, " fingerprint: %s\n", dn?dn:"error");
xfree (dn);
@@ -1102,7 +1107,7 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
if (!tmperr && buflen)
{
if (*buffer)
- fputs (" [qualified]\n", fp);
+ es_fputs (" [qualified]\n", fp);
}
else if (gpg_err_code (tmperr) == GPG_ERR_NOT_FOUND)
; /* Don't know - will not get marked as 'q' */
@@ -1111,9 +1116,9 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
gpg_strerror (tmperr));
if (!err)
- fprintf (fp, " [certificate is good]\n");
+ es_fprintf (fp, " [certificate is good]\n");
else
- fprintf (fp, " [certificate is bad: %s]\n", gpg_strerror (err));
+ es_fprintf (fp, " [certificate is bad: %s]\n", gpg_strerror (err));
}
}
@@ -1122,7 +1127,7 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
static void
list_cert_chain (ctrl_t ctrl, KEYDB_HANDLE hd,
ksba_cert_t cert, int raw_mode,
- FILE *fp, int with_validation)
+ estream_t fp, int with_validation)
{
ksba_cert_t next = NULL;
@@ -1134,7 +1139,7 @@ list_cert_chain (ctrl_t ctrl, KEYDB_HANDLE hd,
while (!gpgsm_walk_cert_chain (cert, &next))
{
ksba_cert_release (cert);
- fputs ("Certified by\n", fp);
+ es_fputs ("Certified by\n", fp);
if (raw_mode)
list_cert_raw (ctrl, hd, next, fp, 0, with_validation);
else
@@ -1142,7 +1147,7 @@ list_cert_chain (ctrl_t ctrl, KEYDB_HANDLE hd,
cert = next;
}
ksba_cert_release (cert);
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
@@ -1153,7 +1158,7 @@ list_cert_chain (ctrl_t ctrl, KEYDB_HANDLE hd,
output mode will be used instead of the standard beautified one.
*/
static gpg_error_t
-list_internal_keys (ctrl_t ctrl, strlist_t names, FILE *fp,
+list_internal_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
unsigned int mode, int raw_mode)
{
KEYDB_HANDLE hd;
@@ -1247,10 +1252,10 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, FILE *fp,
if (ctrl->no_server)
{
- fprintf (fp, "%s\n", resname );
+ es_fprintf (fp, "%s\n", resname );
for (i=strlen(resname); i; i-- )
- putc ('-', fp);
- putc ('\n', fp);
+ es_putc ('-', fp);
+ es_putc ('\n', fp);
lastresname = resname;
}
}
@@ -1288,7 +1293,7 @@ list_internal_keys (ctrl_t ctrl, strlist_t names, FILE *fp,
else
list_cert_std (ctrl, cert, fp, have_secret,
ctrl->with_validation);
- putc ('\n', fp);
+ es_putc ('\n', fp);
}
}
ksba_cert_release (cert);
@@ -1321,10 +1326,10 @@ list_external_cb (void *cb_value, ksba_cert_t cert)
const char *resname = "[external keys]";
int i;
- fprintf (parm->fp, "%s\n", resname );
+ es_fprintf (parm->fp, "%s\n", resname );
for (i=strlen(resname); i; i-- )
- putchar('-');
- putc ('\n', parm->fp);
+ es_putc('-', parm->fp);
+ es_putc ('\n', parm->fp);
parm->print_header = 0;
}
@@ -1338,7 +1343,7 @@ list_external_cb (void *cb_value, ksba_cert_t cert)
list_cert_raw (parm->ctrl, NULL, cert, parm->fp, 0, 0);
else
list_cert_std (parm->ctrl, cert, parm->fp, 0, 0);
- putc ('\n', parm->fp);
+ es_putc ('\n', parm->fp);
}
}
@@ -1347,7 +1352,7 @@ list_external_cb (void *cb_value, ksba_cert_t cert)
make sense here because it would be unwise to list external secret
keys */
static gpg_error_t
-list_external_keys (ctrl_t ctrl, strlist_t names, FILE *fp, int raw_mode)
+list_external_keys (ctrl_t ctrl, strlist_t names, estream_t fp, int raw_mode)
{
int rc;
struct list_external_parm_s parm;
@@ -1377,7 +1382,8 @@ list_external_keys (ctrl_t ctrl, strlist_t names, FILE *fp, int raw_mode)
Bit 8: Do a raw format dump.
*/
gpg_error_t
-gpgsm_list_keys (ctrl_t ctrl, strlist_t names, FILE *fp, unsigned int mode)
+gpgsm_list_keys (ctrl_t ctrl, strlist_t names, estream_t fp,
+ unsigned int mode)
{
gpg_error_t err = 0;
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-03 15:21:38 +0000