Quoting Werner Koch <[EMAIL PROTECTED]>:
On Thu, 29 Dec 2005 14:52:43 -0600, Aleksandar Milivojevic said:
was able to import PKCS#12 file. Might be good idea if configure script was
checking if pinentry is installed and complaining if it wasn't, like
for other
That creates a dependency which is not needed in all cases. Certain
server applications don't need the pinentry. It is matter of the
packing system to decribe pinentry as a dependecy but not one of
configure.
OK, I see... makes sense. However, maybe a warning message should be
given. Something like that paragraph from README file that references
pinentry (after
all, most folks will simply fire up "./configure" without reading
README file).
$ openssl x509 -noout -text -in test.crt
Subject: C=CA, ST=Quebec, L=Montreal,
O=\x00T\x00e\x00s\x00t\x00_\x00I\x00m\x00p\x00r\x00i\x00m\x00e\x00u\x00r,
That looks much like a double wide character encoding (ucs2 ?) and for
sure is no utf-8. gpgsm is able to convert certain encodings but not
all of them. Check out libksba/src/dn.c:append_atv. It is possible
that there is a bug in the implementation (append_ucs2_value).
BTW, the certificate in this example is almost unselectable using
gpgsm. The CN
is in UTF-8, but when I looked closer into it, it doesn't really contain any
non-US-ASCII characters. It just reads "Test_Imprimeur" (just remove
all those
"\x00"). However if I do 'gpgsm --list-keys CN=Test_Imprimeur', nothing is
displayed.
Same reason as above. Can you please run dumpasn1 on the certificate
as created by OpenSSL and check the encoding of the "O" RDN?
Hmmm... I've installed dumpasn1. Got:
271 37: SET {
273 35: SEQUENCE {
275 3: OBJECT IDENTIFIER organizationName (2 5 4 10)
280 28: BMPString ''
: }
: }
I've attempted playing with the tool, but couldn't get any more usefull output
from it, other than this hex dump output (using -ahht options).
<31 25 30 23 06 03 55 04 0A 1E 1C 00 54 00 65 00 73 00 74 00 5F 00 49 00>
271 37: SET {
<30 23 06 03 55 04 0A 1E 1C 00 54 00 65 00 73 00 74 00 5F 00 49 00 6D 00>
273 35: SEQUENCE {
<06 03 55 04 0A>
275 3: OBJECT IDENTIFIER organizationName (2 5 4 10)
<1E 1C 00 54 00 65 00 73 00 74 00 5F 00 49 00 6D 00 70 00 72 00 69 00 6D>
280 28: BMPString ''
: }
: }
I don't know much about internal format of certificates. Does above
means that
O was simply defined as some kind of binary data and value placed
inside in raw
format, without any encoding information?
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
