remove leading zero in ASN.1 encoded serial numbers

author Andreas Steffen <andreas.steffen@strongswan.org>

Thu, 5 Apr 2012 07:04:11 +0000 (09:04 +0200)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Thu, 5 Apr 2012 07:04:11 +0000 (09:04 +0200)
author Andreas Steffen <andreas.steffen@strongswan.org>
Thu, 5 Apr 2012 07:04:11 +0000 (09:04 +0200)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Thu, 5 Apr 2012 07:04:11 +0000 (09:04 +0200)
diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c

index 1eaa0b8f71f7ee10af021a1a819ab2083eb595c7..7ba967aba5fa83d40e054458b892ea23f5e87f5b 100644 (file)
--- a/src/libcharon/plugins/stroke/stroke_list.c
+++ b/src/libcharon/plugins/stroke/stroke_list.c
@@ -946,7 +946,7 @@ static void stroke_list_acerts(linked_list_t *list, bool utc, FILE *out)
                 {
                         fprintf(out, "  hissuer:  \"%Y\"\n", id);
                 }
-               chunk = ac->get_holderSerial(ac);
+               chunk = chunk_skip_zero(ac->get_holderSerial(ac));
                 if (chunk.ptr)
                 {
                         fprintf(out, "  hserial:   %#B\n", &chunk);
@@ -958,7 +958,7 @@ static void stroke_list_acerts(linked_list_t *list, bool utc, FILE *out)
                         groups->destroy(groups);
                 }
                 fprintf(out, "  issuer:   \"%Y\"\n", cert->get_issuer(cert));
-               chunk  = ac->get_serial(ac);
+               chunk  = chunk_skip_zero(ac->get_serial(ac));
                 fprintf(out, "  serial:    %#B\n", &chunk);
  
                 /* list validity */
diff --git a/src/pluto/ac.c b/src/pluto/ac.c

index 3339d91fb10b7da2b43993e2a19e7261ab325433..cd8007aea022a8eb099da1937c0cb10ceb049fe7 100644 (file)
--- a/src/pluto/ac.c
+++ b/src/pluto/ac.c
@@ -261,7 +261,7 @@ void ac_list_certs(bool utc)
                         whack_log(RC_COMMENT, "  hissuer:  \"%Y\"", holderIssuer);
                 }
  
-               holderSerial = ac->get_holderSerial(ac);
+               holderSerial = chunk_skip_zero(ac->get_holderSerial(ac));
                 if (holderSerial.ptr)
                 {
                         whack_log(RC_COMMENT, "  hserial:   %#B", &holderSerial);
@@ -277,7 +277,7 @@ void ac_list_certs(bool utc)
                 issuer = cert->get_issuer(cert);
                 whack_log(RC_COMMENT, "  issuer:   \"%Y\"", issuer);
  
-               serial = ac->get_serial(ac);
+               serial = chunk_skip_zero(ac->get_serial(ac));
                 whack_log(RC_COMMENT, "  serial:    %#B", &serial);
  
                 cert->get_validity(cert, &now, &notBefore, &notAfter);
diff --git a/src/pluto/crl.c b/src/pluto/crl.c

index 38db0f2fd0094810ab6a590406b7ee8b4ee9149c..c49b09e19ead3462031080f6d7f482856bc76947 100644 (file)
--- a/src/pluto/crl.c
+++ b/src/pluto/crl.c
@@ -507,7 +507,7 @@ void list_crls(bool utc, bool strict)
                 whack_log(RC_COMMENT, " ");
                 whack_log(RC_COMMENT, "  issuer:   \"%Y\"",
                                 cert_crl->get_issuer(cert_crl));
-               serial = crl->get_serial(crl);
+               serial = chunk_skip_zero(crl->get_serial(crl));
                 if (serial.ptr)
                 {
                         whack_log(RC_COMMENT, "  serial:    %#B", &serial);
diff --git a/src/pluto/keys.c b/src/pluto/keys.c

index 00976882d50664cf6ff1000edc739a0be2f43383..c5adbfd11b3a1d204840f0646cbf923bd3975927 100644 (file)
--- a/src/pluto/keys.c
+++ b/src/pluto/keys.c
@@ -1435,6 +1435,7 @@ void remove_x509_public_key(const cert_t *cert)
  void list_public_keys(bool utc)
  {
         pubkey_list_t *p = pubkeys;
+       chunk_t serial;
  
         if (p != NULL)
         {
@@ -1465,7 +1466,8 @@ void list_public_keys(bool utc)
                 }
                 if (key->serial.len)
                 {
-                       whack_log(RC_COMMENT,"  serial:    %#B", &key->serial);
+                       serial = chunk_skip_zero(key->serial);
+                       whack_log(RC_COMMENT,"  serial:    %#B", &serial);
                 }
                 p = p->next;
         }
diff --git a/src/pluto/ocsp.c b/src/pluto/ocsp.c

index d89bfdf01b758ed7d99c0926633522c87cfa953c..c299e3d394208d34aaf78e6fd7517ad3af642999 100644 (file)
--- a/src/pluto/ocsp.c
+++ b/src/pluto/ocsp.c
@@ -607,23 +607,23 @@ void list_ocsp_locations(ocsp_location_t *location, bool requests,
                         }
                         while (certinfo)
                         {
+                               chunk_t serial = chunk_skip_zero(certinfo->serialNumber);
+
                                 if (requests)
                                 {
                                         whack_log(RC_COMMENT, "  serial:    %#B, %d trials",
-                                                &certinfo->serialNumber, certinfo->trials);
+                                                &serial, certinfo->trials);
                                 }
                                 else if (certinfo->once)
                                 {
                                         whack_log(RC_COMMENT, "  serial:    %#B, %s, once%s",
-                                               &certinfo->serialNumber,
-                                               cert_status_names[certinfo->status],
+                                               &serial, cert_status_names[certinfo->status],
                                                 (certinfo->nextUpdate < time(NULL))? " (expired)": "");
                                 }
                                 else
                                 {
                                         whack_log(RC_COMMENT, "  serial:    %#B, %s, until %T %s",
-                                               &certinfo->serialNumber,
-                                               cert_status_names[certinfo->status],
+                                               &serial, cert_status_names[certinfo->status],
                                                 &certinfo->nextUpdate, utc,
                                                 check_expiry(certinfo->nextUpdate, OCSP_WARNING_INTERVAL, strict));
                                 }
diff --git a/src/pluto/x509.c b/src/pluto/x509.c

index 7e2aca862fbd22e3a5e853a15dd31c3abf33a0b5..f017e57752fcf5ee5e049f79e09d426253cf7a13 100644 (file)
--- a/src/pluto/x509.c
+++ b/src/pluto/x509.c
@@ -410,7 +410,7 @@ void list_x509cert_chain(const char *caption, cert_t* cert,
                                 certificate->get_subject(certificate));
                         whack_log(RC_COMMENT, "  issuer:   \"%Y\"",
                                 certificate->get_issuer(certificate));
-                               serial = x509->get_serial(x509);
+                               serial = chunk_skip_zero(x509->get_serial(x509));
                         whack_log(RC_COMMENT, "  serial:    %#B", &serial);
  
                         /* list validity */
author	Andreas Steffen <andreas.steffen@strongswan.org>
	Thu, 5 Apr 2012 07:04:11 +0000 (09:04 +0200)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Thu, 5 Apr 2012 07:04:11 +0000 (09:04 +0200)
src/libcharon/plugins/stroke/stroke_list.c		patch \| blob \| blame \| history
src/pluto/ac.c		patch \| blob \| blame \| history
src/pluto/crl.c		patch \| blob \| blame \| history
src/pluto/keys.c		patch \| blob \| blame \| history
src/pluto/ocsp.c		patch \| blob \| blame \| history
src/pluto/x509.c		patch \| blob \| blame \| history