Re: [xmlsec] using xmlSecDSigCtxDebugXmlDump

Mon, 24 Aug 2009 15:46:57 -0700 

Lenoir,

Thanks for the test case again! I've fixed this and several
other places. I believe the XML output should be good all
the time.

Please note that I've changed slightly the certificates output
format and now it looks more "xmlish":

<X509Data>
<KeyCertificate>
<SubjectName>...</SubjectName>
<IssuerName>...</IssuerName>
<SerialNumber>2</SerialNumber>
</KeyCertificate>
<Certificate>
<SubjectName>...</SubjectName>
<IssuerName>...</IssuerName>
<SerialNumber>2</SerialNumber>
</Certificate>
</X509Data>

You can find the updated version in GIT trunk.

Thanks again,

Aleksey

Lenoir Herve wrote:

Hi,
If You are using the *xmlSecDSigCtxDebugXmlDump() *function, the *"=== IssuerName*" or *"==== SubjectName*" into the *<KeyCertificate>* and *<Certificate>* XML nodes could contain text with an "&" and the XML result dump file is incorrectly set !
A Bypass is to use the new function *xmlSecNodeEncodeAndSetContent()* into the file *openssl/x509.c* like this : static void 
*xmlSecOpenSSLX509CertDebugXmlDump*(X509* cert, FILE* output) {
    char buf[1024];
    BIGNUM *bn = NULL;
  + char *tmp;
  + xmlDocPtr doc;
xmlSecAssert(cert != NULL); 
    xmlSecAssert(output != NULL);
fprintf(output, "=== X509 Certificate\n"); 
   + doc = xmlNewDoc(BAD_CAST "1.0.");
   + X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf));
   + tmp = xmlEncodeSpecialChars(doc, BAD_CAST buf);
   + fprintf(output, "==== Subject Name: %s\n", tmp);
   + xmlFree(tmp);
   + X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf));
   + tmp = xmlEncodeSpecialChars(doc, BAD_CAST buf);
   + fprintf(output, "==== Issuer Name: %s\n", tmp);
   + xmlFree(tmp);
   + xmlFreeDoc(doc);
+ /* 
    fprintf(output, "==== Subject Name: %s\n",
         X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf)));
    fprintf(output, "==== Issuer Name: %s\n",
         X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf)));
+ */
I think it's not a "splendid Patch" :-) 
But the XML result dump file is correct now !
Best regards Hervé 
*LENOIR HERVE*
26 rue des Pavillons
FR92807 Puteaux Cedex
Tél.: +33(0)1 47 17 24 60
[email protected] <mailto:[email protected]> - www.axway.com


------------------------------------------------------------------------

_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec

_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec

Reply via email to