Thanks Aleksey, it works ! And thank you for the more "xmlish" output format: I hesitated to ask you :-)
Best regards, Hervé -----Original Message----- From: Aleksey Sanin [mailto:[email protected]] Sent: mardi 25 août 2009 00:46 To: Lenoir Herve Cc: [email protected] Subject: Re: [xmlsec] using xmlSecDSigCtxDebugXmlDump Lenoir, Thanks for the test case again! I've fixed this and several other places. I believe the XML output should be good all the time. Please note that I've changed slightly the certificates output format and now it looks more "xmlish": <X509Data> <KeyCertificate> <SubjectName>...</SubjectName> <IssuerName>...</IssuerName> <SerialNumber>2</SerialNumber> </KeyCertificate> <Certificate> <SubjectName>...</SubjectName> <IssuerName>...</IssuerName> <SerialNumber>2</SerialNumber> </Certificate> </X509Data> You can find the updated version in GIT trunk. Thanks again, Aleksey Lenoir Herve wrote: > Hi, > > If You are using the *xmlSecDSigCtxDebugXmlDump() *function, the *"=== > IssuerName*" or *"==== SubjectName*" into the > *<KeyCertificate>* and *<Certificate>* XML nodes could contain text > with an "&" and the XML result dump file is incorrectly set ! > > A Bypass is to use the new function *xmlSecNodeEncodeAndSetContent()* > into the file *openssl/x509.c* like this : > > static void > *xmlSecOpenSSLX509CertDebugXmlDump*(X509* cert, FILE* output) { > char buf[1024]; > BIGNUM *bn = NULL; > + char *tmp; > + xmlDocPtr doc; > > xmlSecAssert(cert != NULL); > xmlSecAssert(output != NULL); > > fprintf(output, "=== X509 Certificate\n"); > + doc = xmlNewDoc(BAD_CAST "1.0."); > + X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf)); > + tmp = xmlEncodeSpecialChars(doc, BAD_CAST buf); > + fprintf(output, "==== Subject Name: %s\n", tmp); > + xmlFree(tmp); > + X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf)); > + tmp = xmlEncodeSpecialChars(doc, BAD_CAST buf); > + fprintf(output, "==== Issuer Name: %s\n", tmp); > + xmlFree(tmp); > + xmlFreeDoc(doc); > > + /* > fprintf(output, "==== Subject Name: %s\n", > X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf))); > fprintf(output, "==== Issuer Name: %s\n", > X509_NAME_oneline(X509_get_issuer_name(cert), buf, > sizeof(buf))); > + */ > > > I think it's not a "splendid Patch" :-) But the XML result dump file > is correct now ! > > Best regards > Hervé > > > > *LENOIR HERVE* > 26 rue des Pavillons > FR92807 Puteaux Cedex > Tél.: +33(0)1 47 17 24 60 > [email protected] <mailto:[email protected]> - www.axway.com > > > > > > > > ---------------------------------------------------------------------- > -- > > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
