remove leading zero in ASN.1 encoded serial numbers
authorAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 5 Apr 2012 07:04:11 +0000 (09:04 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 5 Apr 2012 07:04:11 +0000 (09:04 +0200)
src/libcharon/plugins/stroke/stroke_list.c
src/pluto/ac.c
src/pluto/crl.c
src/pluto/keys.c
src/pluto/ocsp.c
src/pluto/x509.c

index 1eaa0b8..7ba967a 100644 (file)
@@ -946,7 +946,7 @@ static void stroke_list_acerts(linked_list_t *list, bool utc, FILE *out)
                {
                        fprintf(out, "  hissuer:  \"%Y\"\n", id);
                }
-               chunk = ac->get_holderSerial(ac);
+               chunk = chunk_skip_zero(ac->get_holderSerial(ac));
                if (chunk.ptr)
                {
                        fprintf(out, "  hserial:   %#B\n", &chunk);
@@ -958,7 +958,7 @@ static void stroke_list_acerts(linked_list_t *list, bool utc, FILE *out)
                        groups->destroy(groups);
                }
                fprintf(out, "  issuer:   \"%Y\"\n", cert->get_issuer(cert));
-               chunk  = ac->get_serial(ac);
+               chunk  = chunk_skip_zero(ac->get_serial(ac));
                fprintf(out, "  serial:    %#B\n", &chunk);
 
                /* list validity */
index 3339d91..cd8007a 100644 (file)
@@ -261,7 +261,7 @@ void ac_list_certs(bool utc)
                        whack_log(RC_COMMENT, "  hissuer:  \"%Y\"", holderIssuer);
                }
 
-               holderSerial = ac->get_holderSerial(ac);
+               holderSerial = chunk_skip_zero(ac->get_holderSerial(ac));
                if (holderSerial.ptr)
                {
                        whack_log(RC_COMMENT, "  hserial:   %#B", &holderSerial);
@@ -277,7 +277,7 @@ void ac_list_certs(bool utc)
                issuer = cert->get_issuer(cert);
                whack_log(RC_COMMENT, "  issuer:   \"%Y\"", issuer);
 
-               serial = ac->get_serial(ac);
+               serial = chunk_skip_zero(ac->get_serial(ac));
                whack_log(RC_COMMENT, "  serial:    %#B", &serial);
 
                cert->get_validity(cert, &now, &notBefore, &notAfter);
index 38db0f2..c49b09e 100644 (file)
@@ -507,7 +507,7 @@ void list_crls(bool utc, bool strict)
                whack_log(RC_COMMENT, " ");
                whack_log(RC_COMMENT, "  issuer:   \"%Y\"",
                                cert_crl->get_issuer(cert_crl));
-               serial = crl->get_serial(crl);
+               serial = chunk_skip_zero(crl->get_serial(crl));
                if (serial.ptr)
                {
                        whack_log(RC_COMMENT, "  serial:    %#B", &serial);
index 0097688..c5adbfd 100644 (file)
@@ -1435,6 +1435,7 @@ void remove_x509_public_key(const cert_t *cert)
 void list_public_keys(bool utc)
 {
        pubkey_list_t *p = pubkeys;
+       chunk_t serial;
 
        if (p != NULL)
        {
@@ -1465,7 +1466,8 @@ void list_public_keys(bool utc)
                }
                if (key->serial.len)
                {
-                       whack_log(RC_COMMENT,"  serial:    %#B", &key->serial);
+                       serial = chunk_skip_zero(key->serial);
+                       whack_log(RC_COMMENT,"  serial:    %#B", &serial);
                }
                p = p->next;
        }
index d89bfdf..c299e3d 100644 (file)
@@ -607,23 +607,23 @@ void list_ocsp_locations(ocsp_location_t *location, bool requests,
                        }
                        while (certinfo)
                        {
+                               chunk_t serial = chunk_skip_zero(certinfo->serialNumber);
+
                                if (requests)
                                {
                                        whack_log(RC_COMMENT, "  serial:    %#B, %d trials",
-                                                &certinfo->serialNumber, certinfo->trials);
+                                                &serial, certinfo->trials);
                                }
                                else if (certinfo->once)
                                {
                                        whack_log(RC_COMMENT, "  serial:    %#B, %s, once%s",
-                                               &certinfo->serialNumber,
-                                               cert_status_names[certinfo->status],
+                                               &serial, cert_status_names[certinfo->status],
                                                (certinfo->nextUpdate < time(NULL))? " (expired)": "");
                                }
                                else
                                {
                                        whack_log(RC_COMMENT, "  serial:    %#B, %s, until %T %s",
-                                               &certinfo->serialNumber,
-                                               cert_status_names[certinfo->status],
+                                               &serial, cert_status_names[certinfo->status],
                                                &certinfo->nextUpdate, utc,
                                                check_expiry(certinfo->nextUpdate, OCSP_WARNING_INTERVAL, strict));
                                }
index 7e2aca8..f017e57 100644 (file)
@@ -410,7 +410,7 @@ void list_x509cert_chain(const char *caption, cert_t* cert,
                                certificate->get_subject(certificate));
                        whack_log(RC_COMMENT, "  issuer:   \"%Y\"",
                                certificate->get_issuer(certificate));
-                               serial = x509->get_serial(x509);
+                               serial = chunk_skip_zero(x509->get_serial(x509));
                        whack_log(RC_COMMENT, "  serial:    %#B", &serial);
 
                        /* list validity */