2003-08-05 19:11:04 +02:00
|
|
|
|
/* certdump.c - Dump a certificate for debugging
|
2017-02-20 09:33:45 +01:00
|
|
|
|
* Copyright (C) 2001-2010, 2014-2015 g10 Code GmbH
|
2003-08-05 19:11:04 +02:00
|
|
|
|
*
|
|
|
|
|
* This file is part of GnuPG.
|
|
|
|
|
*
|
|
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
2007-07-04 21:49:40 +02:00
|
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
2003-08-05 19:11:04 +02:00
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2016-11-05 12:02:19 +01:00
|
|
|
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
2003-08-05 19:11:04 +02:00
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <errno.h>
|
2011-02-04 12:57:53 +01:00
|
|
|
|
#include <unistd.h>
|
2003-08-05 19:11:04 +02:00
|
|
|
|
#include <time.h>
|
2004-03-06 21:11:19 +01:00
|
|
|
|
#ifdef HAVE_LOCALE_H
|
|
|
|
|
#include <locale.h>
|
|
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_LANGINFO_CODESET
|
|
|
|
|
#include <langinfo.h>
|
|
|
|
|
#endif
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
#include "gpgsm.h"
|
|
|
|
|
#include <gcrypt.h>
|
|
|
|
|
#include <ksba.h>
|
|
|
|
|
|
|
|
|
|
#include "keydb.h"
|
2017-03-07 12:21:23 +01:00
|
|
|
|
#include "../common/i18n.h"
|
2020-06-26 12:59:02 +02:00
|
|
|
|
#include "../common/membuf.h"
|
2006-11-21 12:00:14 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
struct dn_array_s {
|
|
|
|
|
char *key;
|
|
|
|
|
char *value;
|
2004-01-27 20:10:38 +01:00
|
|
|
|
int multivalued;
|
|
|
|
|
int done;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
2020-05-13 21:21:24 +02:00
|
|
|
|
/* Get the first first element from the s-expression SN and return a
|
|
|
|
|
* pointer to it. Stores the length at R_LENGTH. Returns NULL for no
|
|
|
|
|
* value or an invalid expression. */
|
|
|
|
|
const void *
|
|
|
|
|
gpgsm_get_serial (ksba_const_sexp_t sn, size_t *r_length)
|
|
|
|
|
{
|
|
|
|
|
const char *p = (const char *)sn;
|
|
|
|
|
unsigned long n;
|
|
|
|
|
char *endp;
|
|
|
|
|
|
|
|
|
|
if (!p || *p != '(')
|
|
|
|
|
return NULL;
|
|
|
|
|
p++;
|
|
|
|
|
n = strtoul (p, &endp, 10);
|
|
|
|
|
p = endp;
|
|
|
|
|
if (*p++ != ':')
|
|
|
|
|
return NULL;
|
|
|
|
|
*r_length = n;
|
|
|
|
|
return p;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2007-03-19 15:35:04 +01:00
|
|
|
|
/* Print the first element of an S-Expression. */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
void
|
2007-03-19 15:35:04 +01:00
|
|
|
|
gpgsm_print_serial (estream_t fp, ksba_const_sexp_t sn)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2005-06-16 10:12:03 +02:00
|
|
|
|
const char *p = (const char *)sn;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
unsigned long n;
|
2003-12-17 13:28:24 +01:00
|
|
|
|
char *endp;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
if (!p)
|
2007-03-19 15:35:04 +01:00
|
|
|
|
es_fputs (_("none"), fp);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
else if (*p != '(')
|
2007-03-19 15:35:04 +01:00
|
|
|
|
es_fputs ("[Internal error - not an S-expression]", fp);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
p++;
|
2003-12-17 13:28:24 +01:00
|
|
|
|
n = strtoul (p, &endp, 10);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
p = endp;
|
2007-08-10 18:52:05 +02:00
|
|
|
|
if (*p++ != ':')
|
2007-03-19 15:35:04 +01:00
|
|
|
|
es_fputs ("[Internal Error - invalid S-expression]", fp);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
else
|
2007-08-10 18:52:05 +02:00
|
|
|
|
es_write_hexstring (fp, p, n, 0, NULL);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2020-06-26 12:59:02 +02:00
|
|
|
|
/* Print the first element of an S-Expression in decimal notation
|
|
|
|
|
* assuming it is a non-negative integer. */
|
|
|
|
|
void
|
|
|
|
|
gpgsm_print_serial_decimal (estream_t fp, ksba_const_sexp_t sn)
|
|
|
|
|
{
|
|
|
|
|
const char *p = (const char *)sn;
|
|
|
|
|
unsigned long n, i;
|
|
|
|
|
char *endp;
|
|
|
|
|
gcry_mpi_t a, r, ten;
|
|
|
|
|
unsigned int dd;
|
|
|
|
|
|
|
|
|
|
if (!p)
|
|
|
|
|
es_fputs (_("none"), fp);
|
|
|
|
|
else if (*p != '(')
|
|
|
|
|
es_fputs ("[Internal error - not an S-expression]", fp);
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
p++;
|
|
|
|
|
n = strtoul (p, &endp, 10);
|
|
|
|
|
p = endp;
|
|
|
|
|
if (*p++ != ':')
|
|
|
|
|
es_fputs ("[Internal Error - invalid S-expression]", fp);
|
|
|
|
|
else if (gcry_mpi_scan (&a, GCRYMPI_FMT_USG, p, n, NULL))
|
|
|
|
|
es_fputs ("[Internal Error - can't convert to decimal]", fp);
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
membuf_t mb = MEMBUF_ZERO;
|
|
|
|
|
char *buf;
|
|
|
|
|
int c;
|
|
|
|
|
|
|
|
|
|
ten = gcry_mpi_set_ui (NULL, 10);
|
|
|
|
|
r = gcry_mpi_new (0);
|
|
|
|
|
|
|
|
|
|
do
|
|
|
|
|
{
|
|
|
|
|
gcry_mpi_div (a, r, a, ten, 0);
|
|
|
|
|
gcry_mpi_get_ui (&dd, r);
|
|
|
|
|
put_membuf_printf (&mb, "%u", dd);
|
|
|
|
|
}
|
|
|
|
|
while (gcry_mpi_cmp_ui (a, 0));
|
|
|
|
|
|
|
|
|
|
/* Make sure we have at least an empty string, get it,
|
|
|
|
|
* reverse it, and print it. */
|
|
|
|
|
put_membuf (&mb, "", 1);
|
|
|
|
|
buf = get_membuf (&mb, NULL);
|
|
|
|
|
if (!buf)
|
|
|
|
|
es_fputs ("[Internal Error - out of core]", fp);
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
n = strlen (buf);
|
|
|
|
|
for (i=0; i < n/2; i++)
|
|
|
|
|
{
|
|
|
|
|
c = buf[i];
|
|
|
|
|
buf[i] = buf[n-1-i];
|
|
|
|
|
buf[n-1-i] = c;
|
|
|
|
|
}
|
|
|
|
|
es_fputs (buf, fp);
|
|
|
|
|
xfree (buf);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
gcry_mpi_release (r);
|
|
|
|
|
gcry_mpi_release (ten);
|
|
|
|
|
gcry_mpi_release (a);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2005-04-18 12:44:46 +02:00
|
|
|
|
/* Dump the serial number or any other simple S-expression. */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
void
|
2005-06-16 10:12:03 +02:00
|
|
|
|
gpgsm_dump_serial (ksba_const_sexp_t sn)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2005-06-16 10:12:03 +02:00
|
|
|
|
const char *p = (const char *)sn;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
unsigned long n;
|
2003-12-17 13:28:24 +01:00
|
|
|
|
char *endp;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
if (!p)
|
|
|
|
|
log_printf ("none");
|
|
|
|
|
else if (*p != '(')
|
|
|
|
|
log_printf ("ERROR - not an S-expression");
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
p++;
|
2003-12-17 13:28:24 +01:00
|
|
|
|
n = strtoul (p, &endp, 10);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
p = endp;
|
|
|
|
|
if (*p!=':')
|
|
|
|
|
log_printf ("ERROR - invalid S-expression");
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
for (p++; n; n--, p++)
|
2005-07-20 17:05:05 +02:00
|
|
|
|
log_printf ("%02X", *(const unsigned char *)p);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2004-02-13 18:06:50 +01:00
|
|
|
|
|
|
|
|
|
char *
|
2005-06-16 10:12:03 +02:00
|
|
|
|
gpgsm_format_serial (ksba_const_sexp_t sn)
|
2004-02-13 18:06:50 +01:00
|
|
|
|
{
|
2005-06-16 10:12:03 +02:00
|
|
|
|
const char *p = (const char *)sn;
|
2004-02-13 18:06:50 +01:00
|
|
|
|
unsigned long n;
|
|
|
|
|
char *endp;
|
|
|
|
|
char *buffer;
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
if (!p)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
if (*p != '(')
|
|
|
|
|
BUG (); /* Not a valid S-expression. */
|
|
|
|
|
|
|
|
|
|
p++;
|
|
|
|
|
n = strtoul (p, &endp, 10);
|
|
|
|
|
p = endp;
|
|
|
|
|
if (*p!=':')
|
|
|
|
|
BUG (); /* Not a valid S-expression. */
|
|
|
|
|
p++;
|
|
|
|
|
|
|
|
|
|
buffer = xtrymalloc (n*2+1);
|
|
|
|
|
if (buffer)
|
|
|
|
|
{
|
|
|
|
|
for (i=0; n; n--, p++, i+=2)
|
|
|
|
|
sprintf (buffer+i, "%02X", *(unsigned char *)p);
|
|
|
|
|
buffer[i] = 0;
|
|
|
|
|
}
|
|
|
|
|
return buffer;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
void
|
2007-03-19 15:35:04 +01:00
|
|
|
|
gpgsm_print_time (estream_t fp, ksba_isotime_t t)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2003-10-31 13:12:47 +01:00
|
|
|
|
if (!t || !*t)
|
2007-03-19 15:35:04 +01:00
|
|
|
|
es_fputs (_("none"), fp);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
else
|
2007-03-19 15:35:04 +01:00
|
|
|
|
es_fprintf (fp, "%.4s-%.2s-%.2s %.2s:%.2s:%s",
|
|
|
|
|
t, t+4, t+6, t+9, t+11, t+13);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
2007-03-19 15:35:04 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
void
|
|
|
|
|
gpgsm_dump_string (const char *string)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
if (!string)
|
|
|
|
|
log_printf ("[error]");
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
const unsigned char *s;
|
|
|
|
|
|
2005-06-16 10:12:03 +02:00
|
|
|
|
for (s=(const unsigned char*)string; *s; s++)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
if (*s < ' ' || (*s >= 0x7f && *s <= 0xa0))
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (!*s && *string != '[')
|
|
|
|
|
log_printf ("%s", string);
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
log_printf ( "[ ");
|
2017-11-27 15:00:25 +01:00
|
|
|
|
log_printhex (string, strlen (string), NULL);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
log_printf ( " ]");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2004-04-22 15:03:44 +02:00
|
|
|
|
/* This simple dump function is mainly used for debugging purposes. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
void
|
2003-12-17 13:28:24 +01:00
|
|
|
|
gpgsm_dump_cert (const char *text, ksba_cert_t cert)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2003-12-17 13:28:24 +01:00
|
|
|
|
ksba_sexp_t sexp;
|
2005-06-16 10:12:03 +02:00
|
|
|
|
char *p;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
char *dn;
|
2003-10-31 13:12:47 +01:00
|
|
|
|
ksba_isotime_t t;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_debug ("BEGIN Certificate '%s':\n", text? text:"");
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (cert)
|
|
|
|
|
{
|
|
|
|
|
sexp = ksba_cert_get_serial (cert);
|
|
|
|
|
log_debug (" serial: ");
|
|
|
|
|
gpgsm_dump_serial (sexp);
|
|
|
|
|
ksba_free (sexp);
|
|
|
|
|
log_printf ("\n");
|
|
|
|
|
|
2003-10-31 13:12:47 +01:00
|
|
|
|
ksba_cert_get_validity (cert, 0, t);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
log_debug (" notBefore: ");
|
2009-03-16 10:44:44 +01:00
|
|
|
|
dump_isotime (t);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
log_printf ("\n");
|
2003-10-31 13:12:47 +01:00
|
|
|
|
ksba_cert_get_validity (cert, 1, t);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
log_debug (" notAfter: ");
|
2009-03-16 10:44:44 +01:00
|
|
|
|
dump_isotime (t);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
log_printf ("\n");
|
|
|
|
|
|
|
|
|
|
dn = ksba_cert_get_issuer (cert, 0);
|
|
|
|
|
log_debug (" issuer: ");
|
|
|
|
|
gpgsm_dump_string (dn);
|
|
|
|
|
ksba_free (dn);
|
|
|
|
|
log_printf ("\n");
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
dn = ksba_cert_get_subject (cert, 0);
|
|
|
|
|
log_debug (" subject: ");
|
|
|
|
|
gpgsm_dump_string (dn);
|
|
|
|
|
ksba_free (dn);
|
|
|
|
|
log_printf ("\n");
|
|
|
|
|
|
|
|
|
|
log_debug (" hash algo: %s\n", ksba_cert_get_digest_algo (cert));
|
|
|
|
|
|
|
|
|
|
p = gpgsm_get_fingerprint_string (cert, 0);
|
|
|
|
|
log_debug (" SHA1 Fingerprint: %s\n", p);
|
|
|
|
|
xfree (p);
|
|
|
|
|
}
|
|
|
|
|
log_debug ("END Certificate\n");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2007-11-19 17:03:50 +01:00
|
|
|
|
/* Return a new string holding the format serial number and issuer
|
|
|
|
|
("#SN/issuer"). No filtering on invalid characters is done.
|
|
|
|
|
Caller must release the string. On memory failure NULL is
|
|
|
|
|
returned. */
|
|
|
|
|
char *
|
|
|
|
|
gpgsm_format_sn_issuer (ksba_sexp_t sn, const char *issuer)
|
|
|
|
|
{
|
|
|
|
|
char *p, *p1;
|
|
|
|
|
|
|
|
|
|
if (sn && issuer)
|
|
|
|
|
{
|
|
|
|
|
p1 = gpgsm_format_serial (sn);
|
|
|
|
|
if (!p1)
|
|
|
|
|
p = xtrystrdup ("[invalid SN]");
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
p = xtrymalloc (strlen (p1) + strlen (issuer) + 2 + 1);
|
|
|
|
|
if (p)
|
|
|
|
|
{
|
|
|
|
|
*p = '#';
|
|
|
|
|
strcpy (stpcpy (stpcpy (p+1, p1),"/"), issuer);
|
|
|
|
|
}
|
|
|
|
|
xfree (p1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
p = xtrystrdup ("[invalid SN/issuer]");
|
|
|
|
|
return p;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2006-06-27 16:32:34 +02:00
|
|
|
|
/* Log the certificate's name in "#SN/ISSUERDN" format along with
|
|
|
|
|
TEXT. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
void
|
2006-06-27 16:32:34 +02:00
|
|
|
|
gpgsm_cert_log_name (const char *text, ksba_cert_t cert)
|
|
|
|
|
{
|
|
|
|
|
log_info ("%s", text? text:"certificate" );
|
|
|
|
|
if (cert)
|
|
|
|
|
{
|
|
|
|
|
ksba_sexp_t sn;
|
|
|
|
|
char *p;
|
|
|
|
|
|
|
|
|
|
p = ksba_cert_get_issuer (cert, 0);
|
|
|
|
|
sn = ksba_cert_get_serial (cert);
|
|
|
|
|
if (p && sn)
|
|
|
|
|
{
|
|
|
|
|
log_printf (" #");
|
|
|
|
|
gpgsm_dump_serial (sn);
|
|
|
|
|
log_printf ("/");
|
|
|
|
|
gpgsm_dump_string (p);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
log_printf (" [invalid]");
|
|
|
|
|
ksba_free (sn);
|
|
|
|
|
xfree (p);
|
|
|
|
|
}
|
|
|
|
|
log_printf ("\n");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2007-11-19 17:03:50 +01:00
|
|
|
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
/* helper for the rfc2253 string parser */
|
|
|
|
|
static const unsigned char *
|
|
|
|
|
parse_dn_part (struct dn_array_s *array, const unsigned char *string)
|
|
|
|
|
{
|
2004-01-29 08:41:55 +01:00
|
|
|
|
static struct {
|
|
|
|
|
const char *label;
|
|
|
|
|
const char *oid;
|
|
|
|
|
} label_map[] = {
|
|
|
|
|
/* Warning: When adding new labels, make sure that the buffer
|
2021-09-09 13:09:59 +02:00
|
|
|
|
array->key will be allocated large enough. */
|
2004-01-29 08:41:55 +01:00
|
|
|
|
{"EMail", "1.2.840.113549.1.9.1" },
|
|
|
|
|
{"T", "2.5.4.12" },
|
|
|
|
|
{"GN", "2.5.4.42" },
|
|
|
|
|
{"SN", "2.5.4.4" },
|
2011-02-04 12:57:53 +01:00
|
|
|
|
{"NameDistinguisher", "0.2.262.1.10.7.20"},
|
2004-01-29 08:41:55 +01:00
|
|
|
|
{"ADDR", "2.5.4.16" },
|
|
|
|
|
{"BC", "2.5.4.15" },
|
|
|
|
|
{"D", "2.5.4.13" },
|
|
|
|
|
{"PostalCode", "2.5.4.17" },
|
|
|
|
|
{"Pseudo", "2.5.4.65" },
|
|
|
|
|
{"SerialNumber", "2.5.4.5" },
|
2021-09-09 13:09:59 +02:00
|
|
|
|
{"Callsign", "1.3.6.1.4.1.12348.1.1"},
|
2004-01-29 08:41:55 +01:00
|
|
|
|
{NULL, NULL}
|
|
|
|
|
};
|
2003-08-05 19:11:04 +02:00
|
|
|
|
const unsigned char *s, *s1;
|
|
|
|
|
size_t n;
|
2005-06-16 10:12:03 +02:00
|
|
|
|
char *p;
|
2004-01-29 08:41:55 +01:00
|
|
|
|
int i;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2004-01-29 08:41:55 +01:00
|
|
|
|
/* Parse attributeType */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
for (s = string+1; *s && *s != '='; s++)
|
|
|
|
|
;
|
|
|
|
|
if (!*s)
|
|
|
|
|
return NULL; /* error */
|
|
|
|
|
n = s - string;
|
|
|
|
|
if (!n)
|
|
|
|
|
return NULL; /* empty key */
|
2004-01-29 08:41:55 +01:00
|
|
|
|
|
|
|
|
|
/* We need to allocate a few bytes more due to the possible mapping
|
|
|
|
|
from the shorter OID to the longer label. */
|
|
|
|
|
array->key = p = xtrymalloc (n+10);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!array->key)
|
|
|
|
|
return NULL;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
memcpy (p, string, n);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
p[n] = 0;
|
|
|
|
|
trim_trailing_spaces (p);
|
2004-01-27 20:10:38 +01:00
|
|
|
|
|
2004-01-29 08:41:55 +01:00
|
|
|
|
if (digitp (p))
|
|
|
|
|
{
|
|
|
|
|
for (i=0; label_map[i].label; i++ )
|
|
|
|
|
if ( !strcmp (p, label_map[i].oid) )
|
|
|
|
|
{
|
|
|
|
|
strcpy (p, label_map[i].label);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
string = s + 1;
|
|
|
|
|
|
|
|
|
|
if (*string == '#')
|
|
|
|
|
{ /* hexstring */
|
|
|
|
|
string++;
|
|
|
|
|
for (s=string; hexdigitp (s); s++)
|
2020-08-28 09:07:59 +02:00
|
|
|
|
;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
n = s - string;
|
|
|
|
|
if (!n || (n & 1))
|
2004-01-29 08:41:55 +01:00
|
|
|
|
return NULL; /* Empty or odd number of digits. */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
n /= 2;
|
|
|
|
|
array->value = p = xtrymalloc (n+1);
|
|
|
|
|
if (!p)
|
|
|
|
|
return NULL;
|
2004-01-29 08:41:55 +01:00
|
|
|
|
for (s1=string; n; s1 += 2, n--, p++)
|
|
|
|
|
{
|
2005-06-16 10:12:03 +02:00
|
|
|
|
*(unsigned char *)p = xtoi_2 (s1);
|
2004-01-29 08:41:55 +01:00
|
|
|
|
if (!*p)
|
|
|
|
|
*p = 0x01; /* Better print a wrong value than truncating
|
|
|
|
|
the string. */
|
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
*p = 0;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{ /* regular v3 quoted string */
|
|
|
|
|
for (n=0, s=string; *s; s++)
|
|
|
|
|
{
|
|
|
|
|
if (*s == '\\')
|
|
|
|
|
{ /* pair */
|
|
|
|
|
s++;
|
|
|
|
|
if (*s == ',' || *s == '=' || *s == '+'
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|| *s == '<' || *s == '>' || *s == '#' || *s == ';'
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|| *s == '\\' || *s == '\"' || *s == ' ')
|
|
|
|
|
n++;
|
|
|
|
|
else if (hexdigitp (s) && hexdigitp (s+1))
|
|
|
|
|
{
|
|
|
|
|
s++;
|
|
|
|
|
n++;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
return NULL; /* invalid escape sequence */
|
|
|
|
|
}
|
|
|
|
|
else if (*s == '\"')
|
|
|
|
|
return NULL; /* invalid encoding */
|
|
|
|
|
else if (*s == ',' || *s == '=' || *s == '+'
|
2006-11-28 17:36:02 +01:00
|
|
|
|
|| *s == '<' || *s == '>' || *s == ';' )
|
2011-02-04 12:57:53 +01:00
|
|
|
|
break;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
else
|
|
|
|
|
n++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
array->value = p = xtrymalloc (n+1);
|
|
|
|
|
if (!p)
|
|
|
|
|
return NULL;
|
|
|
|
|
for (s=string; n; s++, n--)
|
|
|
|
|
{
|
|
|
|
|
if (*s == '\\')
|
2011-02-04 12:57:53 +01:00
|
|
|
|
{
|
2003-08-05 19:11:04 +02:00
|
|
|
|
s++;
|
|
|
|
|
if (hexdigitp (s))
|
|
|
|
|
{
|
2005-06-16 10:12:03 +02:00
|
|
|
|
*(unsigned char *)p++ = xtoi_2 (s);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
s++;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
*p++ = *s;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
*p++ = *s;
|
|
|
|
|
}
|
|
|
|
|
*p = 0;
|
|
|
|
|
}
|
|
|
|
|
return s;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Parse a DN and return an array-ized one. This is not a validating
|
|
|
|
|
parser and it does not support any old-stylish syntax; KSBA is
|
|
|
|
|
expected to return only rfc2253 compatible strings. */
|
|
|
|
|
static struct dn_array_s *
|
|
|
|
|
parse_dn (const unsigned char *string)
|
|
|
|
|
{
|
|
|
|
|
struct dn_array_s *array;
|
|
|
|
|
size_t arrayidx, arraysize;
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
arraysize = 7; /* C,ST,L,O,OU,CN,email */
|
|
|
|
|
arrayidx = 0;
|
|
|
|
|
array = xtrymalloc ((arraysize+1) * sizeof *array);
|
|
|
|
|
if (!array)
|
|
|
|
|
return NULL;
|
|
|
|
|
while (*string)
|
|
|
|
|
{
|
|
|
|
|
while (*string == ' ')
|
|
|
|
|
string++;
|
|
|
|
|
if (!*string)
|
|
|
|
|
break; /* ready */
|
|
|
|
|
if (arrayidx >= arraysize)
|
2011-02-04 12:57:53 +01:00
|
|
|
|
{
|
2003-08-05 19:11:04 +02:00
|
|
|
|
struct dn_array_s *a2;
|
|
|
|
|
|
|
|
|
|
arraysize += 5;
|
|
|
|
|
a2 = xtryrealloc (array, (arraysize+1) * sizeof *array);
|
|
|
|
|
if (!a2)
|
|
|
|
|
goto failure;
|
|
|
|
|
array = a2;
|
|
|
|
|
}
|
|
|
|
|
array[arrayidx].key = NULL;
|
|
|
|
|
array[arrayidx].value = NULL;
|
|
|
|
|
string = parse_dn_part (array+arrayidx, string);
|
|
|
|
|
if (!string)
|
|
|
|
|
goto failure;
|
|
|
|
|
while (*string == ' ')
|
|
|
|
|
string++;
|
2004-01-27 20:10:38 +01:00
|
|
|
|
array[arrayidx].multivalued = (*string == '+');
|
|
|
|
|
array[arrayidx].done = 0;
|
|
|
|
|
arrayidx++;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (*string && *string != ',' && *string != ';' && *string != '+')
|
|
|
|
|
goto failure; /* invalid delimiter */
|
|
|
|
|
if (*string)
|
|
|
|
|
string++;
|
|
|
|
|
}
|
|
|
|
|
array[arrayidx].key = NULL;
|
|
|
|
|
array[arrayidx].value = NULL;
|
|
|
|
|
return array;
|
|
|
|
|
|
|
|
|
|
failure:
|
|
|
|
|
for (i=0; i < arrayidx; i++)
|
|
|
|
|
{
|
|
|
|
|
xfree (array[i].key);
|
|
|
|
|
xfree (array[i].value);
|
|
|
|
|
}
|
|
|
|
|
xfree (array);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-01-28 20:12:21 +01:00
|
|
|
|
/* Print a DN part to STREAM. */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
static void
|
2015-01-28 20:12:21 +01:00
|
|
|
|
print_dn_part (estream_t stream,
|
2007-03-19 15:35:04 +01:00
|
|
|
|
struct dn_array_s *dn, const char *key, int translate)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2004-01-27 20:10:38 +01:00
|
|
|
|
struct dn_array_s *first_dn = dn;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
for (; dn->key; dn++)
|
|
|
|
|
{
|
2004-01-27 20:10:38 +01:00
|
|
|
|
if (!dn->done && !strcmp (dn->key, key))
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2004-01-27 20:10:38 +01:00
|
|
|
|
/* Forward to the last multi-valued RDN, so that we can
|
|
|
|
|
print them all in reverse in the correct order. Note
|
2017-02-20 22:19:50 +01:00
|
|
|
|
that this overrides the standard sequence but that
|
2004-01-27 20:10:38 +01:00
|
|
|
|
seems to a reasonable thing to do with multi-valued
|
|
|
|
|
RDNs. */
|
|
|
|
|
while (dn->multivalued && dn[1].key)
|
|
|
|
|
dn++;
|
|
|
|
|
next:
|
|
|
|
|
if (!dn->done && dn->value && *dn->value)
|
|
|
|
|
{
|
2015-01-28 20:12:21 +01:00
|
|
|
|
es_fprintf (stream, "/%s=", dn->key);
|
|
|
|
|
if (translate)
|
|
|
|
|
print_utf8_buffer3 (stream, dn->value, strlen (dn->value),
|
|
|
|
|
"/");
|
2004-09-30 23:37:11 +02:00
|
|
|
|
else
|
2015-01-28 20:12:21 +01:00
|
|
|
|
es_write_sanitized (stream, dn->value, strlen (dn->value),
|
|
|
|
|
"/", NULL);
|
2004-01-27 20:10:38 +01:00
|
|
|
|
}
|
|
|
|
|
dn->done = 1;
|
|
|
|
|
if (dn > first_dn && dn[-1].multivalued)
|
|
|
|
|
{
|
|
|
|
|
dn--;
|
|
|
|
|
goto next;
|
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Print all parts of a DN in a "standard" sequence. We first print
|
|
|
|
|
all the known parts, followed by the uncommon ones */
|
|
|
|
|
static void
|
2015-01-28 20:12:21 +01:00
|
|
|
|
print_dn_parts (estream_t stream,
|
2007-03-19 15:35:04 +01:00
|
|
|
|
struct dn_array_s *dn, int translate)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
const char *stdpart[] = {
|
2011-02-04 12:57:53 +01:00
|
|
|
|
"CN", "OU", "O", "STREET", "L", "ST", "C", "EMail", NULL
|
2003-08-05 19:11:04 +02:00
|
|
|
|
};
|
|
|
|
|
int i;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
for (i=0; stdpart[i]; i++)
|
2015-01-28 20:12:21 +01:00
|
|
|
|
print_dn_part (stream, dn, stdpart[i], translate);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2004-01-27 20:10:38 +01:00
|
|
|
|
/* Now print the rest without any specific ordering */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
for (; dn->key; dn++)
|
2015-01-28 20:12:21 +01:00
|
|
|
|
print_dn_part (stream, dn, dn->key, translate);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2007-03-19 15:35:04 +01:00
|
|
|
|
/* Print the S-Expression in BUF to extended STREAM, which has a valid
|
|
|
|
|
length of BUFLEN, as a human readable string in one line to FP. */
|
|
|
|
|
static void
|
|
|
|
|
pretty_es_print_sexp (estream_t fp, const unsigned char *buf, size_t buflen)
|
|
|
|
|
{
|
|
|
|
|
size_t len;
|
|
|
|
|
gcry_sexp_t sexp;
|
|
|
|
|
char *result, *p;
|
|
|
|
|
|
|
|
|
|
if ( gcry_sexp_sscan (&sexp, NULL, (const char*)buf, buflen) )
|
|
|
|
|
{
|
|
|
|
|
es_fputs (_("[Error - invalid encoding]"), fp);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, NULL, 0);
|
2020-07-08 14:40:34 +02:00
|
|
|
|
log_assert (len);
|
2007-03-19 15:35:04 +01:00
|
|
|
|
result = xtrymalloc (len);
|
|
|
|
|
if (!result)
|
|
|
|
|
{
|
|
|
|
|
es_fputs (_("[Error - out of core]"), fp);
|
|
|
|
|
gcry_sexp_release (sexp);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, result, len);
|
2020-07-08 14:40:34 +02:00
|
|
|
|
log_assert (len);
|
2007-03-19 15:35:04 +01:00
|
|
|
|
for (p = result; len; len--, p++)
|
|
|
|
|
{
|
|
|
|
|
if (*p == '\n')
|
|
|
|
|
{
|
|
|
|
|
if (len > 1) /* Avoid printing the trailing LF. */
|
|
|
|
|
es_fputs ("\\n", fp);
|
|
|
|
|
}
|
|
|
|
|
else if (*p == '\r')
|
|
|
|
|
es_fputs ("\\r", fp);
|
|
|
|
|
else if (*p == '\v')
|
|
|
|
|
es_fputs ("\\v", fp);
|
|
|
|
|
else if (*p == '\t')
|
|
|
|
|
es_fputs ("\\t", fp);
|
|
|
|
|
else
|
|
|
|
|
es_putc (*p, fp);
|
|
|
|
|
}
|
|
|
|
|
xfree (result);
|
|
|
|
|
gcry_sexp_release (sexp);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2008-10-28 12:41:52 +01:00
|
|
|
|
/* This is a variant of gpgsm_print_name sending it output to an estream. */
|
2007-03-19 15:35:04 +01:00
|
|
|
|
void
|
2008-10-28 12:41:52 +01:00
|
|
|
|
gpgsm_es_print_name2 (estream_t fp, const char *name, int translate)
|
2007-03-19 15:35:04 +01:00
|
|
|
|
{
|
|
|
|
|
const unsigned char *s = (const unsigned char *)name;
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
if (!s)
|
|
|
|
|
{
|
|
|
|
|
es_fputs (_("[Error - No name]"), fp);
|
|
|
|
|
}
|
|
|
|
|
else if (*s == '<')
|
|
|
|
|
{
|
|
|
|
|
const char *s2 = strchr ( (char*)s+1, '>');
|
|
|
|
|
|
|
|
|
|
if (s2)
|
2008-10-28 12:41:52 +01:00
|
|
|
|
{
|
|
|
|
|
if (translate)
|
2014-08-26 17:47:22 +02:00
|
|
|
|
print_utf8_buffer (fp, s + 1, s2 - (char*)s - 1);
|
2008-10-28 12:41:52 +01:00
|
|
|
|
else
|
|
|
|
|
es_write_sanitized (fp, s + 1, s2 - (char*)s - 1, NULL, NULL);
|
|
|
|
|
}
|
2007-03-19 15:35:04 +01:00
|
|
|
|
}
|
|
|
|
|
else if (*s == '(')
|
|
|
|
|
{
|
|
|
|
|
pretty_es_print_sexp (fp, s, gcry_sexp_canon_len (s, 0, NULL, NULL));
|
|
|
|
|
}
|
|
|
|
|
else if (!((*s >= '0' && *s < '9')
|
|
|
|
|
|| (*s >= 'A' && *s <= 'Z')
|
|
|
|
|
|| (*s >= 'a' && *s <= 'z')))
|
|
|
|
|
es_fputs (_("[Error - invalid encoding]"), fp);
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
struct dn_array_s *dn = parse_dn (s);
|
|
|
|
|
|
|
|
|
|
if (!dn)
|
|
|
|
|
es_fputs (_("[Error - invalid DN]"), fp);
|
2011-02-04 12:57:53 +01:00
|
|
|
|
else
|
2007-03-19 15:35:04 +01:00
|
|
|
|
{
|
2015-01-28 20:12:21 +01:00
|
|
|
|
print_dn_parts (fp, dn, translate);
|
2007-03-19 15:35:04 +01:00
|
|
|
|
for (i=0; dn[i].key; i++)
|
|
|
|
|
{
|
|
|
|
|
xfree (dn[i].key);
|
|
|
|
|
xfree (dn[i].value);
|
|
|
|
|
}
|
|
|
|
|
xfree (dn);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2008-10-28 12:41:52 +01:00
|
|
|
|
void
|
|
|
|
|
gpgsm_es_print_name (estream_t fp, const char *name)
|
|
|
|
|
{
|
|
|
|
|
gpgsm_es_print_name2 (fp, name, 1);
|
|
|
|
|
}
|
2007-03-19 15:35:04 +01:00
|
|
|
|
|
|
|
|
|
|
2004-02-13 18:06:50 +01:00
|
|
|
|
/* A cookie structure used for the memory stream. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
struct format_name_cookie
|
2004-02-13 18:06:50 +01:00
|
|
|
|
{
|
|
|
|
|
char *buffer; /* Malloced buffer with the data to deliver. */
|
|
|
|
|
size_t size; /* Allocated size of this buffer. */
|
|
|
|
|
size_t len; /* strlen (buffer). */
|
|
|
|
|
int error; /* system error code if any. */
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* The writer function for the memory stream. */
|
2015-11-27 18:30:14 +01:00
|
|
|
|
static gpgrt_ssize_t
|
2008-10-28 12:41:52 +01:00
|
|
|
|
format_name_writer (void *cookie, const void *buffer, size_t size)
|
2004-02-13 18:06:50 +01:00
|
|
|
|
{
|
|
|
|
|
struct format_name_cookie *c = cookie;
|
|
|
|
|
char *p;
|
|
|
|
|
|
2019-05-12 20:41:32 +02:00
|
|
|
|
/* FIXME: Replace the whole thing using es_fopenmem based code. */
|
|
|
|
|
if (!buffer) /* Flush. */
|
|
|
|
|
return 0; /* (Actually we could use SIZE because that should be 0 too.) */
|
|
|
|
|
|
2008-10-28 12:41:52 +01:00
|
|
|
|
if (!c->buffer)
|
|
|
|
|
{
|
|
|
|
|
p = xtrymalloc (size + 1 + 1);
|
|
|
|
|
if (p)
|
|
|
|
|
{
|
|
|
|
|
c->size = size + 1;
|
|
|
|
|
c->buffer = p;
|
|
|
|
|
c->len = 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (c->len + size < c->len)
|
|
|
|
|
{
|
|
|
|
|
p = NULL;
|
2010-03-24 13:15:30 +01:00
|
|
|
|
gpg_err_set_errno (ENOMEM);
|
2008-10-28 12:41:52 +01:00
|
|
|
|
}
|
|
|
|
|
else if (c->size < c->len + size)
|
|
|
|
|
{
|
|
|
|
|
p = xtryrealloc (c->buffer, c->len + size + 1);
|
|
|
|
|
if (p)
|
|
|
|
|
{
|
|
|
|
|
c->size = c->len + size;
|
|
|
|
|
c->buffer = p;
|
|
|
|
|
}
|
|
|
|
|
}
|
2004-02-13 18:06:50 +01:00
|
|
|
|
else
|
2008-10-28 12:41:52 +01:00
|
|
|
|
p = c->buffer;
|
2004-02-13 18:06:50 +01:00
|
|
|
|
if (!p)
|
|
|
|
|
{
|
|
|
|
|
c->error = errno;
|
|
|
|
|
xfree (c->buffer);
|
2008-10-28 12:41:52 +01:00
|
|
|
|
c->buffer = NULL;
|
2010-03-24 13:15:30 +01:00
|
|
|
|
gpg_err_set_errno (c->error);
|
2008-10-28 12:41:52 +01:00
|
|
|
|
return -1;
|
2004-02-13 18:06:50 +01:00
|
|
|
|
}
|
|
|
|
|
memcpy (p + c->len, buffer, size);
|
|
|
|
|
c->len += size;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
p[c->len] = 0; /* Terminate string. */
|
2004-02-13 18:06:50 +01:00
|
|
|
|
|
2015-11-27 18:30:14 +01:00
|
|
|
|
return (gpgrt_ssize_t)size;
|
2004-02-13 18:06:50 +01:00
|
|
|
|
}
|
2007-06-06 20:12:30 +02:00
|
|
|
|
|
2004-02-13 18:06:50 +01:00
|
|
|
|
|
|
|
|
|
/* Format NAME which is expected to be in rfc2253 format into a better
|
|
|
|
|
human readable format. Caller must free the returned string. NULL
|
2004-09-30 23:37:11 +02:00
|
|
|
|
is returned in case of an error. With TRANSLATE set to true the
|
2005-11-13 20:07:06 +01:00
|
|
|
|
name will be translated to the native encoding. Note that NAME is
|
2004-09-30 23:37:11 +02:00
|
|
|
|
internally always UTF-8 encoded. */
|
2004-02-13 18:06:50 +01:00
|
|
|
|
char *
|
2004-09-30 23:37:11 +02:00
|
|
|
|
gpgsm_format_name2 (const char *name, int translate)
|
2004-02-13 18:06:50 +01:00
|
|
|
|
{
|
2008-10-28 12:41:52 +01:00
|
|
|
|
estream_t fp;
|
2004-02-13 18:06:50 +01:00
|
|
|
|
struct format_name_cookie cookie;
|
2008-10-28 12:41:52 +01:00
|
|
|
|
es_cookie_io_functions_t io = { NULL };
|
2004-02-13 18:06:50 +01:00
|
|
|
|
|
|
|
|
|
memset (&cookie, 0, sizeof cookie);
|
|
|
|
|
|
2008-10-28 12:41:52 +01:00
|
|
|
|
io.func_write = format_name_writer;
|
|
|
|
|
fp = es_fopencookie (&cookie, "w", io);
|
2004-02-13 18:06:50 +01:00
|
|
|
|
if (!fp)
|
|
|
|
|
{
|
|
|
|
|
int save_errno = errno;
|
2010-03-24 13:15:30 +01:00
|
|
|
|
log_error ("error creating memory stream: %s\n", strerror (save_errno));
|
|
|
|
|
gpg_err_set_errno (save_errno);
|
2004-02-13 18:06:50 +01:00
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2008-10-28 12:41:52 +01:00
|
|
|
|
gpgsm_es_print_name2 (fp, name, translate);
|
|
|
|
|
es_fclose (fp);
|
2004-02-13 18:06:50 +01:00
|
|
|
|
if (cookie.error || !cookie.buffer)
|
|
|
|
|
{
|
|
|
|
|
xfree (cookie.buffer);
|
2010-03-24 13:15:30 +01:00
|
|
|
|
gpg_err_set_errno (cookie.error);
|
2004-02-13 18:06:50 +01:00
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
return cookie.buffer;
|
|
|
|
|
}
|
|
|
|
|
|
2008-10-28 12:41:52 +01:00
|
|
|
|
|
2004-09-30 23:37:11 +02:00
|
|
|
|
char *
|
|
|
|
|
gpgsm_format_name (const char *name)
|
|
|
|
|
{
|
|
|
|
|
return gpgsm_format_name2 (name, 1);
|
|
|
|
|
}
|
|
|
|
|
|
2004-02-13 18:06:50 +01:00
|
|
|
|
|
2006-11-14 11:23:21 +01:00
|
|
|
|
/* Return fingerprint and a percent escaped name in a human readable
|
|
|
|
|
format suitable for status messages like GOODSIG. May return NULL
|
|
|
|
|
on error (out of core). */
|
|
|
|
|
char *
|
|
|
|
|
gpgsm_fpr_and_name_for_status (ksba_cert_t cert)
|
|
|
|
|
{
|
|
|
|
|
char *fpr, *name, *p;
|
|
|
|
|
char *buffer;
|
|
|
|
|
|
|
|
|
|
fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
|
|
|
|
|
if (!fpr)
|
|
|
|
|
return NULL;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2006-11-14 11:23:21 +01:00
|
|
|
|
name = ksba_cert_get_subject (cert, 0);
|
|
|
|
|
if (!name)
|
|
|
|
|
{
|
|
|
|
|
xfree (fpr);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
p = gpgsm_format_name2 (name, 0);
|
|
|
|
|
ksba_free (name);
|
|
|
|
|
name = p;
|
|
|
|
|
if (!name)
|
|
|
|
|
{
|
|
|
|
|
xfree (fpr);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
buffer = xtrymalloc (strlen (fpr) + 1 + 3*strlen (name) + 1);
|
|
|
|
|
if (buffer)
|
|
|
|
|
{
|
2008-03-13 09:46:08 +01:00
|
|
|
|
const char *s;
|
2006-11-14 11:23:21 +01:00
|
|
|
|
|
|
|
|
|
p = stpcpy (stpcpy (buffer, fpr), " ");
|
|
|
|
|
for (s = name; *s; s++)
|
|
|
|
|
{
|
|
|
|
|
if (*s < ' ')
|
|
|
|
|
{
|
2008-03-13 09:46:08 +01:00
|
|
|
|
sprintf (p, "%%%02X", *(const unsigned char*)s);
|
2006-11-14 11:23:21 +01:00
|
|
|
|
p += 3;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
*p++ = *s;
|
|
|
|
|
}
|
|
|
|
|
*p = 0;
|
|
|
|
|
}
|
|
|
|
|
xfree (fpr);
|
|
|
|
|
xfree (name);
|
|
|
|
|
return buffer;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2004-02-13 18:06:50 +01:00
|
|
|
|
/* Create a key description for the CERT, this may be passed to the
|
2008-12-05 17:31:39 +01:00
|
|
|
|
pinentry. The caller must free the returned string. NULL may be
|
2004-02-13 18:06:50 +01:00
|
|
|
|
returned on error. */
|
|
|
|
|
char *
|
|
|
|
|
gpgsm_format_keydesc (ksba_cert_t cert)
|
|
|
|
|
{
|
2008-12-05 17:31:39 +01:00
|
|
|
|
char *name, *subject, *buffer;
|
2004-02-13 18:06:50 +01:00
|
|
|
|
ksba_isotime_t t;
|
|
|
|
|
char created[20];
|
2008-03-13 09:46:08 +01:00
|
|
|
|
char expires[20];
|
2004-02-13 18:06:50 +01:00
|
|
|
|
char *sn;
|
|
|
|
|
ksba_sexp_t sexp;
|
2007-10-19 17:58:38 +02:00
|
|
|
|
char *orig_codeset;
|
2004-02-13 18:06:50 +01:00
|
|
|
|
|
|
|
|
|
name = ksba_cert_get_subject (cert, 0);
|
2004-09-30 23:37:11 +02:00
|
|
|
|
subject = name? gpgsm_format_name2 (name, 0) : NULL;
|
2004-02-13 18:06:50 +01:00
|
|
|
|
ksba_free (name); name = NULL;
|
|
|
|
|
|
|
|
|
|
sexp = ksba_cert_get_serial (cert);
|
|
|
|
|
sn = sexp? gpgsm_format_serial (sexp) : NULL;
|
|
|
|
|
ksba_free (sexp);
|
|
|
|
|
|
|
|
|
|
ksba_cert_get_validity (cert, 0, t);
|
2008-03-13 09:46:08 +01:00
|
|
|
|
if (*t)
|
2004-02-13 18:06:50 +01:00
|
|
|
|
sprintf (created, "%.4s-%.2s-%.2s", t, t+4, t+6);
|
|
|
|
|
else
|
|
|
|
|
*created = 0;
|
2008-03-13 09:46:08 +01:00
|
|
|
|
ksba_cert_get_validity (cert, 1, t);
|
|
|
|
|
if (*t)
|
|
|
|
|
sprintf (expires, "%.4s-%.2s-%.2s", t, t+4, t+6);
|
|
|
|
|
else
|
|
|
|
|
*expires = 0;
|
2004-02-13 18:06:50 +01:00
|
|
|
|
|
2007-10-19 17:58:38 +02:00
|
|
|
|
orig_codeset = i18n_switchto_utf8 ();
|
2004-03-06 21:11:19 +01:00
|
|
|
|
|
2008-10-28 12:41:52 +01:00
|
|
|
|
name = xtryasprintf (_("Please enter the passphrase to unlock the"
|
|
|
|
|
" secret key for the X.509 certificate:\n"
|
|
|
|
|
"\"%s\"\n"
|
|
|
|
|
"S/N %s, ID 0x%08lX,\n"
|
|
|
|
|
"created %s, expires %s.\n" ),
|
|
|
|
|
subject? subject:"?",
|
|
|
|
|
sn? sn: "?",
|
2009-03-25 17:05:16 +01:00
|
|
|
|
gpgsm_get_short_fingerprint (cert, NULL),
|
2008-10-28 12:41:52 +01:00
|
|
|
|
created, expires);
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2007-10-19 17:58:38 +02:00
|
|
|
|
i18n_switchback (orig_codeset);
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2008-10-28 12:41:52 +01:00
|
|
|
|
if (!name)
|
2004-02-13 18:06:50 +01:00
|
|
|
|
{
|
|
|
|
|
xfree (subject);
|
|
|
|
|
xfree (sn);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2004-02-13 18:06:50 +01:00
|
|
|
|
xfree (subject);
|
|
|
|
|
xfree (sn);
|
|
|
|
|
|
2008-12-05 17:31:39 +01:00
|
|
|
|
buffer = percent_plus_escape (name);
|
2011-02-04 12:57:53 +01:00
|
|
|
|
xfree (name);
|
2004-02-13 18:06:50 +01:00
|
|
|
|
return buffer;
|
|
|
|
|
}
|