Closed
Bug 161326
Opened 22 years ago
Closed 17 years ago
need API to convert dotted OID format to/from octet representation
Categories
(NSS :: Libraries, enhancement, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12
People
(Reporter: thayes0993, Assigned: nelson)
References
Details
Attachments
(1 file, 1 obsolete file)
7.72 KB,
patch
|
neil.williams
:
review+
|
Details | Diff | Splinter Review |
OID values are frequently used in two different formats: 1) a "dotted" representation such as 2.16.840.1.113730.1.1; which can also be represented as a sequence of integer values (int[]) 2) a sequence of octets that is the form used in DER/BER/PER encodings of OIDs NSS should provide APIs to convert between these two formats. One set of APIs should convert between an integer array (int[]) and the octet sequence. Another might be provided to convert "dotted" string values to/from the corresponding integer array. These APIs would be useful for developers who have the "dotted" format from standards specifications and need to convert into octet sequences (as SECItems) to call APIs for certificate processing (and other APIs). They would also be useful for converting unknown OID values into displayable strings.
Assignee | ||
Comment 1•21 years ago
|
||
If I'm not mistaken, OIDs are usually displayed as decimal integers separated by spaces, not dots. No? But I agree that this would be useful for applications that want to display OIDs in decimal form.
Priority: -- → P3
Assignee | ||
Comment 2•21 years ago
|
||
NSS now has CERT_GetOidString(), which returns a string containing the OID form that is decimal integers separated by dots. pp and certutil use it. There is not yes a function to go in the other direction. Terry, Does CERT_GetOidString satisfy this RFE ?
Assignee | ||
Updated•19 years ago
|
QA Contact: bishakhabanerjee → jason.m.reid
Assignee | ||
Updated•18 years ago
|
Assignee: wtchang → nobody
QA Contact: jason.m.reid → libraries
Updated•17 years ago
|
OS: Windows NT → All
Assignee | ||
Comment 3•17 years ago
|
||
Taking for NSS 3.12. For a veriety of reasons, including - Need to accept all valid ASCII string DNs (bug 210584), and - need to accept OID strings for certutil to encode poilcy OIDs in certs, NSS needs a new function to take an OID string in the usual ASCII dotted decimal form, and return a binary-encoded OID. I have written a function to do that. It returns a "raw" binary DER, without the DER tag and length octets that would go with it if it was in a cert (or other DER encoded sequence). If we also need a function to return the fully DER-encoded form, that will be easy to do.
Assignee: nobody → nelson
Priority: P3 → P2
Target Milestone: --- → 3.12
Version: unspecified → 3.4
Assignee | ||
Comment 4•17 years ago
|
||
Reviewers should evaluate: - the new function name & arguments - the new source file name - whether the output should be a full DER encoding, with tag and length octets or merely the contents octets (as it does in this patch). - Anything else about this function that seems worthy of review
Attachment #268748 -
Flags: review?(neil.williams)
Assignee | ||
Comment 5•17 years ago
|
||
P1, as this bug blocks another P1 bug
Assignee | ||
Comment 6•17 years ago
|
||
Second patch, this one is better tested.
Attachment #268748 -
Attachment is obsolete: true
Attachment #268819 -
Flags: review?(neil.williams)
Attachment #268748 -
Flags: review?(neil.williams)
Assignee | ||
Updated•17 years ago
|
Attachment #268819 -
Attachment is patch: true
Attachment #268819 -
Attachment mime type: application/octet-stream → text/plain
Assignee | ||
Updated•17 years ago
|
Summary: enh: need API to convert dotted OID format to/from octet representation → need API to convert dotted OID format to/from octet representation
Comment 7•17 years ago
|
||
Nelson, what happens when to->data != NULL && to->len < result_bytes? It looks like whatever was in to->data would get leaked if it's not dup'ed somewhere else. if (to->data && to->len >= result_bytes) { ... } else { ... rv = SECITEM_CopyItem(pool, to, &result_item); }
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•17 years ago
|
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee | ||
Comment 8•17 years ago
|
||
to->data might be allocated from an arenapool, or might be an automatic buffer (automatic array of char), in which cases no leak occurs. The anticipated use is with automatic arrays. This saves the overhead of an allocation in the common case where the automatic array is large enough to receive the OID, but still works without buffer overflow in the case where the automatic array is not big enough.
Comment 9•17 years ago
|
||
Comment on attachment 268819 [details] [diff] [review] patch v2 r+, but I'd like a note along the lines of comment #8 in the function doc.
Attachment #268819 -
Flags: review?(neil.williams) → review+
Assignee | ||
Updated•17 years ago
|
Status: REOPENED → ASSIGNED
Assignee | ||
Comment 10•17 years ago
|
||
Implement SEC_StringToOID(), which converts ASCII dotted decimal OID strings to their DER encoded binary form. Bug 161326. r=Neil Checking in lib/nss/nss.def; new revision: 1.176; previous revision: 1.175 Checking in lib/util/manifest.mn; new revision: 1.13; previous revision: 1.12 Checking in lib/util/secoid.h; new revision: 1.7; previous revision: 1.6 Checking in lib/util/oidstring.c; initial revision: 1.1
Status: ASSIGNED → RESOLVED
Closed: 17 years ago → 17 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•