keyboxd: Allow import of v0 certificates.

* kbx/backend-support.c (be_is_x509_blob): Loose detection. -- Here is a sample v0 cert: -----BEGIN CERTIFICATE----- MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQsw CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0Ns YXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH MjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y aXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazAe Fw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJVUzEX MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGlj IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMx KGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s eTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjxnNuX6Zr8wgQGE75fUsjM HiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRCwiNPStjw DqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cC AwEAATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9ji nb3/7aHmZuovCfTK1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAX rXfMSTWqz9iP0b63GJZHc2pUIjRkLbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnIn jBJ7xUS0rg== -----END CERTIFICATE-----
author: Werner Koch <wk@gnupg.org> 2023-03-08 16:09:56 +0100
committer: Werner Koch <wk@gnupg.org> 2023-03-08 16:09:56 +0100
commit: 65288fc52f0c60e99f32d6d1981ade08a9ec860b (patch)
tree: 520e8efcbf39dd072636594a9668636e43f1ba53 /kbx/backend-support.c
parent: gpg,gpgsm: New option --log-time (diff)
download: gnupg2-65288fc52f0c60e99f32d6d1981ade08a9ec860b.tar.xz
gnupg2-65288fc52f0c60e99f32d6d1981ade08a9ec860b.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/kbx/backend-support.c b/kbx/backend-support.c
index 7ab63985c..4d3738064 100644
--- a/kbx/backend-support.c
+++ b/kbx/backend-support.c
@@ -207,6 +207,7 @@ be_is_x509_blob (const unsigned char *blob, size_t bloblen)
    *  SEQUENCE    SEQUENCE    [0]   INTEGER  INTEGER
    *              (tbs)            (version) (s/n)
    *
+   *  Note that v0 certificates don't have an explict version number.
    */
 
   p = blob;
@@ -226,7 +227,11 @@ be_is_x509_blob (const unsigned char *blob, size_t bloblen)
   if (parse_ber_header (&p, &n, &class, &tag, &cons, &ndef, &objlen, &hdrlen))
     return 0; /* Not a proper BER object.  */
   if (!(class == CLASS_CONTEXT && tag == 0 && cons))
-    return 0; /* No context tag.  */
+    {
+      if (class == CLASS_UNIVERSAL && tag == TAG_INTEGER && !cons)
+        return 1; /* Might be a X.509 v0 cert with implict version.  */
+      return 0; /* No context tag.  */
+    }
 
   if (parse_ber_header (&p, &n, &class, &tag, &cons, &ndef, &objlen, &hdrlen))
     return 0; /* Not a proper BER object.  */
author	Werner Koch <wk@gnupg.org>	2023-03-08 16:09:56 +0100
committer	Werner Koch <wk@gnupg.org>	2023-03-08 16:09:56 +0100
commit	65288fc52f0c60e99f32d6d1981ade08a9ec860b (patch)
tree	520e8efcbf39dd072636594a9668636e43f1ba53 /kbx/backend-support.c
parent	gpg,gpgsm: New option --log-time (diff)
download	gnupg2-65288fc52f0c60e99f32d6d1981ade08a9ec860b.tar.xz gnupg2-65288fc52f0c60e99f32d6d1981ade08a9ec860b.zip