PR#100: Allow leading/trailing data when looking for certificates -

certmonger

#100 Allow leading/trailing data when looking for certificates

Merged Mar 14, 2018 by rcritten. Opened Mar 13, 2018 by rcritten.

rcritten/certmonger parse_pem into master

Allow leading/trailing data when looking for certificates

Rob Crittenden • Mar 12, 2018

8e4765893758dd69302f0b85d70e5516edd05722

rcritten commented Mar 13, 2018

When parsing the list of certificates provided for signing
verification the parser did not allow leading or trailing
data, like headers you might find in openSSL exported PKCS#12
values:

Bag Attributes
2.16.840.1.113730.5.1.1.1: CT,C,C
localKeyID: 00 9B 92 61 B3 05 7F EE 42 9B 6A AF DE 5B 08 ...
friendlyName: CA Signing Certificate
subject=/O=ACME/CN=CA Signing Certificate
issuer=/O=ACME/CN=CA Signing Certificate

https://pagure.io/certmonger/issue/93

rcritten commented Mar 13, 2018

@nalin does this look reasonable to you?

nalin commented Mar 13, 2018

@rcritten Yeah, that looks reasonable - it should still be able to parse multiple certificates that have been strung together. Bonus points for catching my incorrect number of '-' characters when looking for the end of the certificate!

rcritten commented Mar 14, 2018

great, thanks for the review.

Pull-Request has been merged by rcritten

Mar 14, 2018