mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
08f0b9ea2e
* sm/minip12.c (struct tlv_ctx_s): Add origbuffer and origbufsize. Remove pop_count. Rename offset to length. (dump_tag_info, _dump_tag_info): Rewrite. (dump_tlv_ctx, _dump_tlv_ctx): Rewrite. (tlv_new): Init origbuffer. (_tlv_peek): Add arg ti. (tlv_peek): New. (tlv_peek_null): New. (_tlv_push): Rewrite. (_tlv_pop): Rewrite. (tlv_next): New macro. Move old code to ... (_tlv_next): this. Add arg lno. Pop remaining end tags. (tlv_popped): Remove. (tlv_expect_object): Handle ndef. (tlv_expect_octet_string): Ditto. (parse_bag_encrypted_data): Use nesting level to control the inner loop. (parse_shrouded_key_bag): Likewise. (parse_bag_data): Handle surplus octet strings. (p12_parse): Ditto. * sm/minip12.c (decrypt_block): Strip the padding. (tlv_expect_top_sequence): Remove. Replace callers by tlv_expect_sequence. * tests/samplekeys/t6752-ov-user-ff.p12: New sample key. * tests/samplekeys/Description-p12: Add its description -- This patch improves the BER parser by simplifying it. Now tlv_next pops off and thus closes all containers regardless on whether they are length bounded or ndef. tlv_set_pending is now always used to undo the effect of a tlv_next in a loop condition which was terminated by a nesting level change. Instead of using the length as seen in the decrypted container we now remove the padding and let the BER parser do its work. This might have a negative effect on pkcs#12 objects which are not correctly padded but we don't have any example of such broken objects. GnuPG-bug-id: 6752
This is a collection of keys we use with the regression tests. For the *.p12 files see Description-p12 ossl-rentec-user.pem An OpenSSL generated user certificate using a bunch of attributes and DC RDNs. webderoot.der trust.web.de Root CA certificate [2004-02-17] webdeca.der trust.web.de CA certificate [2004-02-17] gte.pem GTE CyberTrust Global Root cert-with-117-akas.pem A certificate with 117 subjectAltNames. steed-self-signing-nonthority.pem The STEED Self-Signing Nonthority. 68A638998DFABAC510EA645CE34F9686B2EDF7EA.key The private Key of The STEED Self-Signing Nonthority.