diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | lib/x509/output.c | 21 |
2 files changed, 23 insertions, 0 deletions
@@ -9,6 +9,8 @@ See the end for copying conditions. The tool now uses libgnutls' functions to print certificate information. This avoids code duplication. +** libgnutls: gnutls_x509_crt_print prints signature algorithm in oneline mode. + ** API and ABI modifications: No changes since last version. diff --git a/lib/x509/output.c b/lib/x509/output.c index ccd7491575..0d20629184 100644 --- a/lib/x509/output.c +++ b/lib/x509/output.c @@ -1195,6 +1195,7 @@ print_oneline (gnutls_string * str, gnutls_x509_crt_t cert) addf (str, "issuer `%s', ", dn); } + /* Key algorithm and size. */ { int bits; const char *name = gnutls_pk_algorithm_get_name @@ -1204,6 +1205,26 @@ print_oneline (gnutls_string * str, gnutls_x509_crt_t cert) addf (str, "%s key %d bits, ", name, bits); } + /* Signature Algorithm. */ + { + int err; + + err = gnutls_x509_crt_get_signature_algorithm (cert); + if (err < 0) + addf (str, "unknown signature algorithm (%s), ", + gnutls_strerror (err)); + else + { + const char *name = gnutls_sign_algorithm_get_name (err); + if (name == NULL) + name = _("unknown"); + if (err == GNUTLS_SIGN_RSA_MD5 || err == GNUTLS_SIGN_RSA_MD2) + addf (str, _("signed using %s (broken!), "), name); + else + addf (str, _("signed using %s, "), name); + } + } + /* Validity. */ { time_t tim; |