[xmlsec] using xmlSecDSigCtxDebugXmlDump

Lenoir Herve hlenoir at axway.com
Tue Aug 25 02:28:40 PDT 2009


Thanks Aleksey, it works !

And thank you for the more "xmlish" output format: I hesitated to ask you :-)

Best regards,
Hervé

-----Original Message-----
From: Aleksey Sanin [mailto:aleksey at aleksey.com] 
Sent: mardi 25 août 2009 00:46
To: Lenoir Herve
Cc: xmlsec at aleksey.com
Subject: Re: [xmlsec] using xmlSecDSigCtxDebugXmlDump

Lenoir,

Thanks for the test case again! I've fixed this and several other places. I believe the XML output should be good all the time.

Please note that I've changed slightly the certificates output format and now it looks more "xmlish":

<X509Data>
<KeyCertificate>
<SubjectName>...</SubjectName>
<IssuerName>...</IssuerName>
<SerialNumber>2</SerialNumber>
</KeyCertificate>
<Certificate>
<SubjectName>...</SubjectName>
<IssuerName>...</IssuerName>
<SerialNumber>2</SerialNumber>
</Certificate>
</X509Data>

You can find the updated version in GIT trunk.

Thanks again,

Aleksey

Lenoir Herve wrote:
> Hi,
>  
> If You are using the *xmlSecDSigCtxDebugXmlDump() *function, the *"=== 
> IssuerName*" or *"==== SubjectName*" into the
> *<KeyCertificate>* and *<Certificate>* XML nodes could contain text 
> with an "&" and the XML result dump file is incorrectly set !
> 
> A Bypass is to use the new function *xmlSecNodeEncodeAndSetContent()* 
> into the file *openssl/x509.c* like this :
>  
> static void
> *xmlSecOpenSSLX509CertDebugXmlDump*(X509* cert, FILE* output) {
>     char buf[1024];
>     BIGNUM *bn = NULL;
>   + char *tmp;
>   + xmlDocPtr doc;
>  
>     xmlSecAssert(cert != NULL);
>     xmlSecAssert(output != NULL);
>  
>     fprintf(output, "=== X509 Certificate\n");
>    + doc = xmlNewDoc(BAD_CAST "1.0.");
>    + X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf));
>    + tmp = xmlEncodeSpecialChars(doc, BAD_CAST buf);
>    + fprintf(output, "==== Subject Name: %s\n", tmp);
>    + xmlFree(tmp);
>    + X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf));
>    + tmp = xmlEncodeSpecialChars(doc, BAD_CAST buf);
>    + fprintf(output, "==== Issuer Name: %s\n", tmp);
>    + xmlFree(tmp);
>    + xmlFreeDoc(doc);
>  
> + /*
>     fprintf(output, "==== Subject Name: %s\n",
>          X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf)));
>     fprintf(output, "==== Issuer Name: %s\n",
>          X509_NAME_oneline(X509_get_issuer_name(cert), buf, 
> sizeof(buf)));
> + */
>  
>  
> I think it's not a "splendid Patch" :-) But the XML result dump file 
> is correct now !
>  
> Best regards
> Hervé
>  
>  
> 	
> *LENOIR HERVE*
> 26 rue des Pavillons
> FR92807 Puteaux Cedex
> Tél.: +33(0)1 47 17 24 60
> hlenoir at axway.com <mailto:hlenoir at axway.com> - www.axway.com
>   	 
> 
>  
> 
>  
> 
> 
> ----------------------------------------------------------------------
> --
> 
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec


More information about the xmlsec mailing list