diff options
author | Werner Koch <wk@gnupg.org> | 2023-03-08 16:09:56 +0100 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2023-03-08 16:09:56 +0100 |
commit | 65288fc52f0c60e99f32d6d1981ade08a9ec860b (patch) | |
tree | 520e8efcbf39dd072636594a9668636e43f1ba53 /kbx | |
parent | gpg,gpgsm: New option --log-time (diff) | |
download | gnupg2-65288fc52f0c60e99f32d6d1981ade08a9ec860b.tar.xz gnupg2-65288fc52f0c60e99f32d6d1981ade08a9ec860b.zip |
keyboxd: Allow import of v0 certificates.
* kbx/backend-support.c (be_is_x509_blob): Loose detection.
--
Here is a sample v0 cert:
-----BEGIN CERTIFICATE-----
MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQsw
CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0Ns
YXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH
MjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y
aXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazAe
Fw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJVUzEX
MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGlj
IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMx
KGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
eTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazCBnzANBgkqhkiG9w0B
AQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjxnNuX6Zr8wgQGE75fUsjM
HiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRCwiNPStjw
DqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cC
AwEAATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9ji
nb3/7aHmZuovCfTK1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAX
rXfMSTWqz9iP0b63GJZHc2pUIjRkLbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnIn
jBJ7xUS0rg==
-----END CERTIFICATE-----
Diffstat (limited to '')
-rw-r--r-- | kbx/backend-support.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/kbx/backend-support.c b/kbx/backend-support.c index 7ab63985c..4d3738064 100644 --- a/kbx/backend-support.c +++ b/kbx/backend-support.c @@ -207,6 +207,7 @@ be_is_x509_blob (const unsigned char *blob, size_t bloblen) * SEQUENCE SEQUENCE [0] INTEGER INTEGER * (tbs) (version) (s/n) * + * Note that v0 certificates don't have an explict version number. */ p = blob; @@ -226,7 +227,11 @@ be_is_x509_blob (const unsigned char *blob, size_t bloblen) if (parse_ber_header (&p, &n, &class, &tag, &cons, &ndef, &objlen, &hdrlen)) return 0; /* Not a proper BER object. */ if (!(class == CLASS_CONTEXT && tag == 0 && cons)) - return 0; /* No context tag. */ + { + if (class == CLASS_UNIVERSAL && tag == TAG_INTEGER && !cons) + return 1; /* Might be a X.509 v0 cert with implict version. */ + return 0; /* No context tag. */ + } if (parse_ber_header (&p, &n, &class, &tag, &cons, &ndef, &objlen, &hdrlen)) return 0; /* Not a proper BER object. */ |