提交 0a3ea5d3 编写于 作者: D Dr. Stephen Henson

Document the -certopt option to the x509 utility.

Add no_issuer option.

Fix X509_print_ex() so it prints out newlines when
certain fields are omitted.
上级 a5e4c0bb
......@@ -754,6 +754,7 @@ int set_cert_ex(unsigned long *flags, const char *arg)
{ "no_signame", X509_FLAG_NO_SIGNAME, 0},
{ "no_validity", X509_FLAG_NO_VALIDITY, 0},
{ "no_subject", X509_FLAG_NO_SUBJECT, 0},
{ "no_issuer", X509_FLAG_NO_ISSUER, 0},
{ "no_pubkey", X509_FLAG_NO_PUBKEY, 0},
{ "no_extensions", X509_FLAG_NO_EXTENSIONS, 0},
{ "no_sigdump", X509_FLAG_NO_SIGDUMP, 0},
......
......@@ -177,10 +177,11 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
{
if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err;
if (!X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags)) goto err;
if (BIO_write(bp,"\n",1) <= 0) goto err;
}
if(!(cflag & X509_FLAG_NO_VALIDITY))
{
if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err;
if (BIO_write(bp," Validity\n",17) <= 0) goto err;
if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
......@@ -191,10 +192,11 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
{
if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err;
if (!X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags)) goto err;
if (BIO_write(bp,"\n",1) <= 0) goto err;
}
if(!(cflag & X509_FLAG_NO_PUBKEY))
{
if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0)
if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0)
goto err;
if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
goto err;
......
......@@ -113,6 +113,12 @@ prints out the certificate in text form. Full details are output including the
public key, signature algorithms, issuer and subject names, serial number
any extensions present and any trust settings.
=item B<-certopt option>
customise the output format used with B<-text>. This option may be used more
than once to set multiple options. See the B<OUTPUT OPTIONS> section for
more information.
=item B<-noout>
this option prevents output of the encoded version of the request.
......@@ -142,7 +148,7 @@ outputs the issuer name.
=item B<-nameopt option>
option which determine how the subject or issuer names are displayed. This
option which determines how the subject or issuer names are displayed. This
option may be used more than once to set multiple options. See the B<NAME
OPTIONS> section for more information.
......@@ -486,6 +492,80 @@ name.
=back
=head1 OUTPUT OPTIONS
As well as customising the name output format, it is also possible to
customise the actual fields printed using the B<certopt> options when
the B<text> option is present. The default behaviour is to print all fields.
=item B<compatible>
use the old format. This is equivalent to specifying no output options at all.
=item B<no_header>
don't print header information: that is the lines saying "Certificate" and "Data".
=item B<no_version>
don't print out the version number.
=item B<no_serial>
don't print out the serial number.
=item B<no_signame>
don't print out the signature algorithm used.
=item B<no_validity>
don't print the validity, that is the B<notBefore> and B<notAfter> fields.
=item B<no_subject>
don't print out the subject name.
=item B<no_issuer>
don't print out the issuer name.
=item B<no_pubkey>
don't print out the public key.
=item B<no_sigdump>
don't give a hexadecimal dump of the certificate signature.
=item B<no_aux>
don't print out certificate trust information.
=item B<no_extensions>
don't print out any X509V3 extensions.
=item B<ext_default>
retain default extension behaviour: attempt to print out unsupported certificate extensions.
=item B<ext_error>
print an error message for unsupported certificate extensions.
=item B<ext_parse>
ASN1 parse unsupported extensions.
=item B<ext_dump>
hex dump unsupported extensions.
=over 4
=back
=head1 EXAMPLES
Note: in these examples the '\' means the example should be all on one
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册