[xmlsec] ignore spaces for ski
- From: Aleksey Sanin <aleksey src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [xmlsec] ignore spaces for ski
- Date: Mon, 24 May 2010 22:36:28 +0000 (UTC)
commit 8932e699764e1a23a6ea4f5504624e54e7a33bd0
Author: Aleksey Sanin <aleksey aleksey com>
Date: Mon May 24 14:57:36 2010 -0700
ignore spaces for ski
TODO | 49 ++++++-------------------------------------------
src/gnutls/x509.c | 30 ++++++++++++++++++++++++++++++
2 files changed, 36 insertions(+), 43 deletions(-)
---
diff --git a/TODO b/TODO
index 98d7f4e..c5d0bd5 100644
--- a/TODO
+++ b/TODO
@@ -65,57 +65,17 @@ merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes
aleksey-xmldsig-01/enveloped-gost
-------------------------------------------------
-* xmlsec-gnutls (May 09, 2010 using GnuTLS)
+* xmlsec-gnutls (May 24, 2010 using GnuTLS)
-------------------------------------------------
-** Skipped tests due to missing transforms: RSA, DSA, RSA PKCS/OAEP, X509, GOST
+** Skipped tests due to missing transforms: RSA, DSA, RSA PKCS/OAEP, GOST
-aleksey-xmldsig-01/enveloping-dsa-x509chain
-aleksey-xmldsig-01/enveloping-rsa-x509chain
aleksey-xmldsig-01/enveloping-sha224-hmac-sha224
aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64
-aleksey-xmldsig-01/enveloping-md5-rsa-md5
-aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160
-aleksey-xmldsig-01/enveloping-sha1-rsa-sha1
aleksey-xmldsig-01/enveloping-sha224-rsa-sha224
-aleksey-xmldsig-01/enveloping-sha256-rsa-sha256
-aleksey-xmldsig-01/enveloping-sha384-rsa-sha384
-aleksey-xmldsig-01/enveloping-sha512-rsa-sha512
-aleksey-xmldsig-01/enveloping-expired-cert
-aleksey-xmldsig-01/x509data-test
-aleksey-xmldsig-01/x509data-sn-test
-merlin-xmldsig-twenty-three/signature-keyname
-merlin-xmldsig-twenty-three/signature-x509-crt
-merlin-xmldsig-twenty-three/signature-x509-sn
-merlin-xmldsig-twenty-three/signature-x509-is
-merlin-xmldsig-twenty-three/signature-x509-ski
-merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt
-merlin-xmldsig-twenty-three/signature
-phaos-xmldsig-three/signature-big
-phaos-xmldsig-three/signature-dsa-detached
-phaos-xmldsig-three/signature-dsa-enveloped
-phaos-xmldsig-three/signature-dsa-enveloping
-phaos-xmldsig-three/signature-dsa-manifest
-phaos-xmldsig-three/signature-rsa-detached-b64-transform
-phaos-xmldsig-three/signature-rsa-detached
-phaos-xmldsig-three/signature-rsa-detached-xpath-transform
-phaos-xmldsig-three/signature-rsa-detached-xslt-transform-retrieval-method
-phaos-xmldsig-three/signature-rsa-detached-xslt-transform
-phaos-xmldsig-three/signature-rsa-enveloped
-phaos-xmldsig-three/signature-rsa-enveloping
-phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert-chain
-phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert
-phaos-xmldsig-three/signature-rsa-manifest-x509-data-issuer-serial
-phaos-xmldsig-three/signature-rsa-manifest-x509-data-ski
-phaos-xmldsig-three/signature-rsa-manifest-x509-data-subject-name
-phaos-xmldsig-three/signature-rsa-manifest
-phaos-xmldsig-three/signature-rsa-xpath-transform-enveloped
aleksey-xmldsig-01/enveloped-gost
-merlin-xmldsig-twenty-three/signature-x509-crt-crl
+
aleksey-xmldsig-01/enveloping-expired-cert
-phaos-xmldsig-three/signature-rsa-detached-xslt-transform-bad-retrieval-method
-phaos-xmldsig-three/signature-rsa-enveloped-bad-digest-val
-phaos-xmldsig-three/signature-rsa-enveloped-bad-sig
phaos-xmldsig-three/signature-rsa-manifest-x509-data-crl
merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5
@@ -129,6 +89,9 @@ merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p
01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5
01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1
+** Failed tests due to no support for CRLs in XML document
+merlin-xmldsig-twenty-three/signature-x509-crt-crl
+
-------------------------------------------------
* xmlsec-gcrypt (May 09, 2010 using GCrypt)
-------------------------------------------------
diff --git a/src/gnutls/x509.c b/src/gnutls/x509.c
index 3326dd7..71e4a50 100644
--- a/src/gnutls/x509.c
+++ b/src/gnutls/x509.c
@@ -828,6 +828,32 @@ xmlSecGnuTLSX509CertificateNodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xm
return(0);
}
+#define XMLSEC_GNUTLS_IS_SPACE(ch) \
+ (((ch) == ' ') || ((ch) == '\r') || ((ch) == '\n'))
+
+static void
+xmlSecGnuTLSX509Trim(xmlChar * str) {
+ xmlChar * p, * q;
+
+ xmlSecAssert(str != NULL);
+
+ /* skip spaces from the beggining */
+ p = str;
+ while(XMLSEC_GNUTLS_IS_SPACE(*p) && ((*p) != '\0')) ++p;
+ if(p != str) {
+ for(q = str; ; ++q, ++p) {
+ (*q) = (*p);
+ if((*p) == '\0') {
+ break;
+ }
+ }
+ }
+
+ /* skip spaces from the end */
+ for(p = str; (*p) != '\0'; ++p);
+ while((p > str) && (XMLSEC_GNUTLS_IS_SPACE(*(p - 1)))) *(--p) = '\0';
+}
+
static int
xmlSecGnuTLSX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
xmlSecKeyDataStorePtr x509Store;
@@ -867,6 +893,7 @@ xmlSecGnuTLSX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlS
return(0);
}
+ xmlSecGnuTLSX509Trim(subject);
cert = xmlSecGnuTLSX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
if(cert == NULL){
@@ -1048,6 +1075,8 @@ xmlSecGnuTLSX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xml
return(-1);
}
+ xmlSecGnuTLSX509Trim(issuerName);
+ xmlSecGnuTLSX509Trim(issuerSerial);
cert = xmlSecGnuTLSX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
if(cert == NULL){
@@ -1211,6 +1240,7 @@ xmlSecGnuTLSX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInf
return(0);
}
+ xmlSecGnuTLSX509Trim(ski);
cert = xmlSecGnuTLSX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
if(cert == NULL){
xmlFree(ski);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]