security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00
Code Activity

(parse_dn_part): Map common OIDs to human readable

Browse Source 
labels.  Make sure that a value won't get truncated if it includes
a Nul.
This commit is contained in:
Werner Koch 2004-01-29 07:41:55 +00:00
parent 42ab09e821
commit b001af10ac
3 changed files with 56 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README
View File

@ -339,17 +339,21 @@ modes for gpgsm, here is the entire list of ways to specify a key:
* [NEW] Exact match by subject's DN
This is indicated by a leading slash, directly followed by the
rfc2253 encoded DN of the subject.
rfc2253 encoded DN of the subject. Note that you can't use the
string printed by "gpgsm --list-keys" because that one as been
reordered and modified for better readability; use --with-colons to
print the raw (but standard escaped) rfc2253 string
Example:
/CN=Henrich Heine,O=Poets,L=Paris,C=FR
/CN=Heinrich Heine,O=Poets,L=Paris,C=FR
* [NEW] Excact match by issuer's DN
This is indicated by a leading hash mark, directly followed by a
slash and then directly followed by the rfc2253 encoded DN of the
issuer. This should return the Root cert of the issuer
issuer. This should return the Root cert of the issuer. See note
above.
Example:
@ -359,7 +363,7 @@ modes for gpgsm, here is the entire list of ways to specify a key:
This is indicated by a hash mark, followed by the hexadecmal
representation of the serial number, the followed by a slahs and
the RFC2253 encoded DN of the issuer.
the RFC2253 encoded DN of the issuer. See note above.
Example:

6
sm/ChangeLog
View File

@ -1,3 +1,9 @@
2004-01-29 Werner Koch <wk@gnupg.org>
* certdump.c (parse_dn_part): Map common OIDs to human readable
labels. Make sure that a value won't get truncated if it includes
a Nul.
2004-01-28 Werner Koch <wk@gnupg.org>
* certchain.c (gpgsm_validate_chain): Changed the message printed

51
sm/certdump.c
View File

@ -196,11 +196,31 @@ gpgsm_dump_cert (const char *text, ksba_cert_t cert)
static const unsigned char *
parse_dn_part (struct dn_array_s *array, const unsigned char *string)
{
static struct {
const char *label;
const char *oid;
} label_map[] = {
/* Warning: When adding new labels, make sure that the buffer
below we be allocated large enough. */
{"EMail", "1.2.840.113549.1.9.1" },
{"T", "2.5.4.12" },
{"GN", "2.5.4.42" },
{"SN", "2.5.4.4" },
{"NameDistinguisher", "0.2.262.1.10.7.20"},
{"ADDR", "2.5.4.16" },
{"BC", "2.5.4.15" },
{"D", "2.5.4.13" },
{"PostalCode", "2.5.4.17" },
{"Pseudo", "2.5.4.65" },
{"SerialNumber", "2.5.4.5" },
{NULL, NULL}
};
const unsigned char *s, *s1;
size_t n;
unsigned char *p;
int i;
/* parse attributeType */
/* Parse attributeType */
for (s = string+1; *s && *s != '='; s++)
;
if (!*s)
@ -208,17 +228,25 @@ parse_dn_part (struct dn_array_s *array, const unsigned char *string)
n = s - string;
if (!n)
return NULL; /* empty key */
array->key = p = xtrymalloc (n+1);
/* We need to allocate a few bytes more due to the possible mapping
from the shorter OID to the longer label. */
array->key = p = xtrymalloc (n+10);
if (!array->key)
return NULL;
memcpy (p, string, n);
p[n] = 0;
trim_trailing_spaces (p);
if ( !strcmp (p, "1.2.840.113549.1.9.1") )
strcpy (p, "EMail");
else if ( !strcmp (p, "0.2.262.1.10.7.20") )
strcpy (p, "NameDistinguisher");
if (digitp (p))
{
for (i=0; label_map[i].label; i++ )
if ( !strcmp (p, label_map[i].oid) )
{
strcpy (p, label_map[i].label);
break;
}
}
string = s + 1;
if (*string == '#')
@ -228,13 +256,18 @@ parse_dn_part (struct dn_array_s *array, const unsigned char *string)
s++;
n = s - string;
if (!n || (n & 1))
return NULL; /* empty or odd number of digits */
return NULL; /* Empty or odd number of digits. */
n /= 2;
array->value = p = xtrymalloc (n+1);
if (!p)
return NULL;
for (s1=string; n; s1 += 2, n--)
*p++ = xtoi_2 (s1);
for (s1=string; n; s1 += 2, n--, p++)
{
*p = xtoi_2 (s1);
if (!*p)
*p = 0x01; /* Better print a wrong value than truncating
the string. */
}
*p = 0;
}
else