diff --git a/NEWS b/NEWS index b2ccf3c6d..a61f1234f 100644 --- a/NEWS +++ b/NEWS @@ -20,6 +20,9 @@ Noteworthy changes in version 2.2.21 (unreleased) * gpgsm: Unless CRL checking is disabled lookup a missing issuer certificate using the certificate's authorityInfoAccess. [#4898] + * gpgsm: Print the certificate's serial number also in decimal + notation. + * gpgsm: Fix possible NULL-deref in messages of --gen-key. [#4895] * scd: Support the CardOS 5 based D-Trust Card 3.1. diff --git a/sm/certdump.c b/sm/certdump.c index 7d09cdabd..c177cabcf 100644 --- a/sm/certdump.c +++ b/sm/certdump.c @@ -38,7 +38,7 @@ #include "keydb.h" #include "../common/i18n.h" - +#include "../common/membuf.h" struct dn_array_s { char *key; @@ -73,6 +73,85 @@ gpgsm_print_serial (estream_t fp, ksba_const_sexp_t sn) } +/* Print the first element of an S-Expression in decimal notation + * assuming it is a non-negative integer. */ +void +gpgsm_print_serial_decimal (estream_t fp, ksba_const_sexp_t sn) +{ + const char *p = (const char *)sn; + unsigned long n, i; + char *endp; + gcry_mpi_t a, r, ten; +#if GCRYPT_VERSION_NUMBER >= 0x010900 /* >= 1.9.0 */ + unsigned int dd; +#else + unsigned char numbuf[10]; +#endif + + if (!p) + es_fputs (_("none"), fp); + else if (*p != '(') + es_fputs ("[Internal error - not an S-expression]", fp); + else + { + p++; + n = strtoul (p, &endp, 10); + p = endp; + if (*p++ != ':') + es_fputs ("[Internal Error - invalid S-expression]", fp); + else if (gcry_mpi_scan (&a, GCRYMPI_FMT_USG, p, n, NULL)) + es_fputs ("[Internal Error - can't convert to decimal]", fp); + else + { + membuf_t mb = MEMBUF_ZERO; + char *buf; + int c; + + ten = gcry_mpi_set_ui (NULL, 10); + r = gcry_mpi_new (0); + + do + { + gcry_mpi_div (a, r, a, ten, 0); +#if GCRYPT_VERSION_NUMBER >= 0x010900 /* >= 1.9.0 */ + gcry_mpi_get_ui (&dd, r); + put_membuf_printf (&mb, "%u", dd); +#else + *numbuf = 0; /* Need to clear because USB format prints + * an empty string for a value of 0. */ + gcry_mpi_print (GCRYMPI_FMT_USG, numbuf, 10, NULL, r); + put_membuf_printf (&mb, "%u", (unsigned int)*numbuf); +#endif + } + while (gcry_mpi_cmp_ui (a, 0)); + + /* Make sure we have at least an empty string, get it, + * reverse it, and print it. */ + put_membuf (&mb, "", 1); + buf = get_membuf (&mb, NULL); + if (!buf) + es_fputs ("[Internal Error - out of core]", fp); + else + { + n = strlen (buf); + for (i=0; i < n/2; i++) + { + c = buf[i]; + buf[i] = buf[n-1-i]; + buf[n-1-i] = c; + } + es_fputs (buf, fp); + xfree (buf); + } + + gcry_mpi_release (r); + gcry_mpi_release (ten); + gcry_mpi_release (a); + } + } +} + + /* Dump the serial number or any other simple S-expression. */ void gpgsm_dump_serial (ksba_const_sexp_t sn) diff --git a/sm/gpgsm.h b/sm/gpgsm.h index 7738af57a..268c2d054 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -269,6 +269,7 @@ char *gpgsm_get_certid (ksba_cert_t cert); /*-- certdump.c --*/ void gpgsm_print_serial (estream_t fp, ksba_const_sexp_t p); +void gpgsm_print_serial_decimal (estream_t fp, ksba_const_sexp_t sn); void gpgsm_print_time (estream_t fp, ksba_isotime_t t); void gpgsm_print_name2 (FILE *fp, const char *string, int translate); void gpgsm_print_name (FILE *fp, const char *string); diff --git a/sm/keylist.c b/sm/keylist.c index 6b103e4b1..7961b66fd 100644 --- a/sm/keylist.c +++ b/sm/keylist.c @@ -738,8 +738,11 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd, sexp = ksba_cert_get_serial (cert); es_fputs (" S/N: ", fp); gpgsm_print_serial (fp, sexp); - ksba_free (sexp); es_putc ('\n', fp); + es_fputs (" (dec): ", fp); + gpgsm_print_serial_decimal (fp, sexp); + es_putc ('\n', fp); + ksba_free (sexp); dn = ksba_cert_get_issuer (cert, 0); es_fputs (" Issuer: ", fp); @@ -1118,8 +1121,11 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, estream_t fp, int have_secret, sexp = ksba_cert_get_serial (cert); es_fputs (" S/N: ", fp); gpgsm_print_serial (fp, sexp); - ksba_free (sexp); es_putc ('\n', fp); + es_fputs (" (dec): ", fp); + gpgsm_print_serial_decimal (fp, sexp); + es_putc ('\n', fp); + ksba_free (sexp); dn = ksba_cert_get_issuer (cert, 0); es_fputs (" Issuer: ", fp);