fingerprint had to handled in certutil for now since SECU_PrintCertificate receives a decoded DER. see #45303

2000-07-12 22:42:57 +00:00 · 2000-07-12 22:42:57 +00:00 · 52cdc08b80
--- a/security/nss/cmd/certutil/certutil.c
+++ b/security/nss/cmd/certutil/certutil.c
@ -537,6 +537,35 @@ ChangeTrustAttributes(CERTCertDBHandle *handle, char *name, char *trusts)
    return SECSuccess;
 }

+static int
+secu_PrintFingerprints(FILE *out, SECItem *derCert, char *m, int level)
+{
+    char fingerprint[20];
+    char *fpStr = NULL;
+    SECItem fpItem;
+    /* print MD5 fingerprint */
+    memset(fingerprint, 0, sizeof fingerprint);
+    MD5_HashBuf(fingerprint, derCert->data, derCert->len);
+    fpItem.data = fingerprint;
+    fpItem.len = MD5_LENGTH;
+    fpStr = CERT_Hexify(&fpItem, 1);
+    SECU_Indent(out, level);  fprintf(out, "%s (MD5):\n", m);
+    SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
+    PORT_Free(fpStr);
+    fpStr = NULL;
+    /* print SHA1 fingerprint */
+    memset(fingerprint, 0, sizeof fingerprint);
+    SHA1_HashBuf(fingerprint, derCert->data, derCert->len);
+    fpItem.data = fingerprint;
+    fpItem.len = SHA1_LENGTH;
+    fpStr = CERT_Hexify(&fpItem, 1);
+    SECU_Indent(out, level);  fprintf(out, "%s (SHA1):\n", m);
+    SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
+    PORT_Free(fpStr);
+	fprintf(out, "\n");
+    return 0;
+}
+
 static SECStatus
 printCertCB(CERTCertificate *cert, void *arg)
 {
@ -554,6 +583,10 @@ printCertCB(CERTCertificate *cert, void *arg)
    }
    SECU_PrintTrustFlags(stdout, &cert->dbEntry->trust,
 			 "Certificate Trust Flags", 1);
+
+    printf("\n");
+    secu_PrintFingerprints(stdout, &data, "Fingerprint", 1);
+
    return(SECSuccess);
 }

--- a/security/nss/cmd/lib/secutil.c
+++ b/security/nss/cmd/lib/secutil.c
@ -2216,34 +2216,6 @@ SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m, int level)
    return 0;
 }

-static int
-secu_PrintFingerprints(FILE *out, SECItem *derCert, char *m, int level)
-{
-    char fingerprint[20];
-    char *fpStr = NULL;
-    SECItem fpItem;
-    /* print MD5 fingerprint */
-    memset(fingerprint, 0, sizeof fingerprint);
-    MD5_HashBuf(fingerprint, derCert->data, derCert->len);
-    fpItem.data = fingerprint;
-    fpItem.len = MD5_LENGTH;
-    fpStr = CERT_Hexify(&fpItem, 1);
-    SECU_Indent(out, level);  fprintf(out, "%s (MD5):\n", m);
-    SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
-    PORT_Free(fpStr);
-    fpStr = NULL;
-    /* print SHA1 fingerprint */
-    memset(fingerprint, 0, sizeof fingerprint);
-    SHA1_HashBuf(fingerprint, derCert->data, derCert->len);
-    fpItem.data = fingerprint;
-    fpItem.len = SHA1_LENGTH;
-    fpStr = CERT_Hexify(&fpItem, 1);
-    SECU_Indent(out, level);  fprintf(out, "%s (SHA1):\n", m);
-    SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
-    PORT_Free(fpStr);
-    return 0;
-}
-
 int
 SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level)
 {
@ -2285,8 +2257,6 @@ SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level)
    }
    SECU_PrintExtensions(out, c->extensions, "Signed Extensions", level+1);
    
-    secu_PrintFingerprints(out, &c->derCert, "Fingerprint", level+1);
-    
    PORT_FreeArena(arena, PR_FALSE);
    return 0;
 }