Hi, If You are using the xmlSecDSigCtxDebugXmlDump() function, the "=== IssuerName" or "==== SubjectName" into the <KeyCertificate> and <Certificate> XML nodes could contain text with an "&" and the XML result dump file is incorrectly set !
A Bypass is to use the new function xmlSecNodeEncodeAndSetContent() into the
file openssl/x509.c like this :
static void
xmlSecOpenSSLX509CertDebugXmlDump(X509* cert, FILE* output) {
char buf[1024];
BIGNUM *bn = NULL;
+ char *tmp;
+ xmlDocPtr doc;
xmlSecAssert(cert != NULL);
xmlSecAssert(output != NULL);
fprintf(output, "=== X509 Certificate\n");
+ doc = xmlNewDoc(BAD_CAST "1.0.");
+ X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf));
+ tmp = xmlEncodeSpecialChars(doc, BAD_CAST buf);
+ fprintf(output, "==== Subject Name: %s\n", tmp);
+ xmlFree(tmp);
+ X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf));
+ tmp = xmlEncodeSpecialChars(doc, BAD_CAST buf);
+ fprintf(output, "==== Issuer Name: %s\n", tmp);
+ xmlFree(tmp);
+ xmlFreeDoc(doc);
+ /*
fprintf(output, "==== Subject Name: %s\n",
X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf)));
fprintf(output, "==== Issuer Name: %s\n",
X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf)));
+ */
I think it's not a "splendid Patch" :-)
But the XML result dump file is correct now !
Best regards
Hervé
LENOIR HERVE
26 rue des Pavillons
FR92807 Puteaux Cedex
Tél.: +33(0)1 47 17 24 60
[email protected] - www.axway.com
<<att6d0cd.gif>>
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
