remove leading zero in ASN.1 encoded serial numbers

author: Andreas Steffen <andreas.steffen@strongswan.org> 2012-04-05 09:04:11 +0200
committer: Andreas Steffen <andreas.steffen@strongswan.org> 2012-04-05 09:04:11 +0200
commit: 4626e49ad9e02d969335ec18e60261126674abba (patch)
tree: 37726a26aa55dc5ef4f4d94520a06eba9e32eca2
parent: 5ff99529e6927b0626874bf019e8fe21a0453078 (diff)
download: strongswan-4626e49ad9e02d969335ec18e60261126674abba.tar.bz2
strongswan-4626e49ad9e02d969335ec18e60261126674abba.tar.xz
6 files changed, 14 insertions, 12 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c
index 1eaa0b8f7..7ba967aba 100644
--- a/src/libcharon/plugins/stroke/stroke_list.c
+++ b/src/libcharon/plugins/stroke/stroke_list.c
@@ -946,7 +946,7 @@ static void stroke_list_acerts(linked_list_t *list, bool utc, FILE *out)
 		{
 			fprintf(out, "  hissuer:  \"%Y\"\n", id);
 		}
-		chunk = ac->get_holderSerial(ac);
+		chunk = chunk_skip_zero(ac->get_holderSerial(ac));
 		if (chunk.ptr)
 		{
 			fprintf(out, "  hserial:   %#B\n", &chunk);
@@ -958,7 +958,7 @@ static void stroke_list_acerts(linked_list_t *list, bool utc, FILE *out)
 			groups->destroy(groups);
 		}
 		fprintf(out, "  issuer:   \"%Y\"\n", cert->get_issuer(cert));
-		chunk  = ac->get_serial(ac);
+		chunk  = chunk_skip_zero(ac->get_serial(ac));
 		fprintf(out, "  serial:    %#B\n", &chunk);
 
 		/* list validity */
diff --git a/src/pluto/ac.c b/src/pluto/ac.c
index 3339d91fb..cd8007aea 100644
--- a/src/pluto/ac.c
+++ b/src/pluto/ac.c
@@ -261,7 +261,7 @@ void ac_list_certs(bool utc)
 			whack_log(RC_COMMENT, "  hissuer:  \"%Y\"", holderIssuer);
 		}
 
-		holderSerial = ac->get_holderSerial(ac);
+		holderSerial = chunk_skip_zero(ac->get_holderSerial(ac));
 		if (holderSerial.ptr)
 		{
 			whack_log(RC_COMMENT, "  hserial:   %#B", &holderSerial);
@@ -277,7 +277,7 @@ void ac_list_certs(bool utc)
 		issuer = cert->get_issuer(cert);
 		whack_log(RC_COMMENT, "  issuer:   \"%Y\"", issuer);
 
-		serial = ac->get_serial(ac);
+		serial = chunk_skip_zero(ac->get_serial(ac));
 		whack_log(RC_COMMENT, "  serial:    %#B", &serial);
 
 		cert->get_validity(cert, &now, &notBefore, &notAfter);
diff --git a/src/pluto/crl.c b/src/pluto/crl.c
index 38db0f2fd..c49b09e19 100644
--- a/src/pluto/crl.c
+++ b/src/pluto/crl.c
@@ -507,7 +507,7 @@ void list_crls(bool utc, bool strict)
 		whack_log(RC_COMMENT, " ");
 		whack_log(RC_COMMENT, "  issuer:   \"%Y\"",
 				cert_crl->get_issuer(cert_crl));
-		serial = crl->get_serial(crl);
+		serial = chunk_skip_zero(crl->get_serial(crl));
 		if (serial.ptr)
 		{
 			whack_log(RC_COMMENT, "  serial:    %#B", &serial);
diff --git a/src/pluto/keys.c b/src/pluto/keys.c
index 00976882d..c5adbfd11 100644
--- a/src/pluto/keys.c
+++ b/src/pluto/keys.c
@@ -1435,6 +1435,7 @@ void remove_x509_public_key(const cert_t *cert)
 void list_public_keys(bool utc)
 {
 	pubkey_list_t *p = pubkeys;
+	chunk_t serial;
 
 	if (p != NULL)
 	{
@@ -1465,7 +1466,8 @@ void list_public_keys(bool utc)
 		}
 		if (key->serial.len)
 		{
-			whack_log(RC_COMMENT,"  serial:    %#B", &key->serial);
+			serial = chunk_skip_zero(key->serial);
+			whack_log(RC_COMMENT,"  serial:    %#B", &serial);
 		}
 		p = p->next;
 	}
diff --git a/src/pluto/ocsp.c b/src/pluto/ocsp.c
index d89bfdf01..c299e3d39 100644
--- a/src/pluto/ocsp.c
+++ b/src/pluto/ocsp.c
@@ -607,23 +607,23 @@ void list_ocsp_locations(ocsp_location_t *location, bool requests,
 			}
 			while (certinfo)
 			{
+				chunk_t serial = chunk_skip_zero(certinfo->serialNumber);
+
 				if (requests)
 				{
 					whack_log(RC_COMMENT, "  serial:    %#B, %d trials",
-						 &certinfo->serialNumber, certinfo->trials);
+						 &serial, certinfo->trials);
 				}
 				else if (certinfo->once)
 				{
 					whack_log(RC_COMMENT, "  serial:    %#B, %s, once%s",
-						&certinfo->serialNumber,
-						cert_status_names[certinfo->status],
+						&serial, cert_status_names[certinfo->status],
 						(certinfo->nextUpdate < time(NULL))? " (expired)": "");
 				}
 				else
 				{
 					whack_log(RC_COMMENT, "  serial:    %#B, %s, until %T %s",
-						&certinfo->serialNumber,
-						cert_status_names[certinfo->status],
+						&serial, cert_status_names[certinfo->status],
 						&certinfo->nextUpdate, utc,
 						check_expiry(certinfo->nextUpdate, OCSP_WARNING_INTERVAL, strict));
 				}
diff --git a/src/pluto/x509.c b/src/pluto/x509.c
index 7e2aca862..f017e5775 100644
--- a/src/pluto/x509.c
+++ b/src/pluto/x509.c
@@ -410,7 +410,7 @@ void list_x509cert_chain(const char *caption, cert_t* cert,
 				certificate->get_subject(certificate));
 			whack_log(RC_COMMENT, "  issuer:   \"%Y\"",
 				certificate->get_issuer(certificate));
-				serial = x509->get_serial(x509);
+				serial = chunk_skip_zero(x509->get_serial(x509));
 			whack_log(RC_COMMENT, "  serial:    %#B", &serial);
 
 			/* list validity */
author	Andreas Steffen <andreas.steffen@strongswan.org>	2012-04-05 09:04:11 +0200
committer	Andreas Steffen <andreas.steffen@strongswan.org>	2012-04-05 09:04:11 +0200
commit	4626e49ad9e02d969335ec18e60261126674abba (patch)
tree	37726a26aa55dc5ef4f4d94520a06eba9e32eca2
parent	5ff99529e6927b0626874bf019e8fe21a0453078 (diff)
download	strongswan-4626e49ad9e02d969335ec18e60261126674abba.tar.bz2 strongswan-4626e49ad9e02d969335ec18e60261126674abba.tar.xz