remove leading zeros in ASN.1 encoded serial numbers

diff --git a/src/pki/commands/print.c b/src/pki/commands/print.c
index ee6f30c981d3bc08c9ca8fa9714d7c7275378386..02d0cec17f340c074729ec2d5b6dc88b61142bf0 100644 (file)
--- a/src/pki/commands/print.c
+++ b/src/pki/commands/print.c
@@ -23,6 +23,23 @@
 
 #include <time.h>
 
+/**
+ * Print a chunk without leading zero byte
+ */
+static chunk_t chunk_skip_zero(chunk_t chunk)
+{
+       if (chunk.len && *chunk.ptr == 0x00)
+       {
+               if (chunk.len == 1)
+               {
+                       return chunk_empty;
+               }
+               chunk.ptr++;
+               chunk.len--;
+       }
+       return chunk;
+}
+
 /**
  * Print public key information
  */
@@ -79,7 +96,7 @@ static void print_x509(x509_t *x509)
        x509_cert_policy_t *policy;
        x509_policy_mapping_t *mapping;
 
-       chunk = x509->get_serial(x509);
+       chunk = chunk_skip_zero(x509->get_serial(x509));
        printf("serial:    %#B\n", &chunk);
 
        first = TRUE;
@@ -329,10 +346,12 @@ static void print_crl(crl_t *crl)
        struct tm tm;
        x509_cdp_t *cdp;
 
-       chunk = crl->get_serial(crl);
+       chunk = chunk_skip_zero(crl->get_serial(crl));
        printf("serial:    %#B\n", &chunk);
+
        if (crl->is_delta_crl(crl, &chunk))
        {
+               chunk = chunk_skip_zero(chunk);         
                printf("delta CRL: for serial %#B\n", &chunk);
        }
        chunk = crl->get_authKeyIdentifier(crl);
@@ -371,6 +390,7 @@ static void print_crl(crl_t *crl)
        enumerator = crl->create_enumerator(crl);
        while (enumerator->enumerate(enumerator, &chunk, &ts, &reason))
        {
+               chunk = chunk_skip_zero(chunk);
                localtime_r(&ts, &tm);
                strftime(buf, sizeof(buf), "%F %T", &tm);
                printf("    %#B %N %s\n", &chunk, crl_reason_names, reason, buf);