print out issuer and subject unique identifier fields in certificates

CHANGES

@@ -4,6 +4,10 @@
 
  Changes between 1.0.1 and 1.0.2 [xx XXX xxxx]
 
+  *) Print out deprecated issuer and subject unique ID fields in
+     certificates.
+     [Steve Henson]
+
   *) Extend OCSP I/O functions so they can be used for simple general purpose
      HTTP as well as OCSP. New wrapper function which can be used to download
      CRLs using the OCSP API.

crypto/asn1/t_x509.c

@@ -225,6 +225,24 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
 			}
 		}
 
+	if(!(cflag & X509_FLAG_NO_IDS))
+		{
+		if (ci->issuerUID)
+			{
+			if (BIO_printf(bp,"%8sIssuer Unique ID: ","") <= 0) 
+				goto err;
+			if (!X509_signature_dump(bp, ci->issuerUID, 12))
+				goto err;
+			}
+		if (ci->subjectUID)
+			{
+			if (BIO_printf(bp,"%8sSubject Unique ID: ","") <= 0) 
+				goto err;
+			if (!X509_signature_dump(bp, ci->subjectUID, 12))
+				goto err;
+			}
+		}
+
 	if (!(cflag & X509_FLAG_NO_EXTENSIONS))
 		X509V3_extensions_print(bp, "X509v3 extensions",
 					ci->extensions, cflag, 8);

crypto/x509/x509.h

@@ -372,6 +372,7 @@ typedef struct x509_cert_pair_st {
 #define	X509_FLAG_NO_SIGDUMP		(1L << 9)
 #define	X509_FLAG_NO_AUX		(1L << 10)
 #define	X509_FLAG_NO_ATTRIBUTES		(1L << 11)
+#define	X509_FLAG_NO_IDS		(1L << 12)
 
 /* Flags specific to X509_NAME_print_ex() */