[gnutls-dev]xml gurus needed

Nikos Mavroyanopoulos nmav@gnutls.org
Fri Jun 21 14:59:01 2002


--82I3+IH0IqGh5yIs
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Hello,
 We have been working on extending gnutls' capabilities to return
more of X.509 certificate stuff, and OpenPGP key stuff. It seems
that the less bloatware way to do this is to export both of them
in an XML format, and let the application deal with it.

Attached is an example of an X.509 certificate converted to an XML
format (preserving some of the X.509 tags). What do you think of
it? Is it useful to applications with xml capability? Any suggestions
for improvement?


-- 
Nikos Mavroyanopoulos
mailto:nmav@gnutls.org

--82I3+IH0IqGh5yIs
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="sample.xml"

<?xml version="1.0" encoding="UTF-8"?>
<certificate type="SEQUENCE">
  <tbsCertificate type="SEQUENCE">
    <version type="INTEGER" encoding="HEX">02</version>
    <serialNumber type="INTEGER" encoding="HEX">01</serialNumber>
    <signature type="SEQUENCE">
      <algorithm type="OBJECT ID">1 2 840 113549 1 1 4</algorithm>
      <parameters type="ANY">
        <md5WithRSAEncryption encoding="HEX">0500</md5WithRSAEncryption>
      </parameters>
    </signature>
    <issuer type="CHOICE">
      <rdnSequence type="SEQUENCE OF">
        <unnamed1 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 6</type>
            <value type="ANY">
              <X520countryName>GR</X520countryName>
            </value>
          </unnamed1>
        </unnamed1>
        <unnamed2 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 8</type>
            <value type="ANY">
              <X520StateOrProvinceName>Attiki</X520StateOrProvinceName>
            </value>
          </unnamed1>
        </unnamed2>
        <unnamed3 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 7</type>
            <value type="ANY">
              <X520LocalityName>Athina</X520LocalityName>
            </value>
          </unnamed1>
        </unnamed3>
        <unnamed4 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 10</type>
            <value type="ANY">
              <X520OrganizationName>GNUTLS</X520OrganizationName>
            </value>
          </unnamed1>
        </unnamed4>
        <unnamed5 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 11</type>
            <value type="ANY">
              <X520OrganizationalUnitName>GNUTLS dev.</X520OrganizationalUnitName>
            </value>
          </unnamed1>
        </unnamed5>
        <unnamed6 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 3</type>
            <value type="ANY">
              <X520CommonName>GNUTLS TEST CA</X520CommonName>
            </value>
          </unnamed1>
        </unnamed6>
        <unnamed7 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">1 2 840 113549 1 9 1</type>
            <value type="ANY">
              <Pkcs9email>gnutls-dev@gnupg.org</Pkcs9email>
            </value>
          </unnamed1>
        </unnamed7>
      </rdnSequence>
    </issuer>
    <validity type="SEQUENCE">
      <notBefore type="CHOICE">
        <utcTime type="TIME">010707101845Z</utcTime>
      </notBefore>
      <notAfter type="CHOICE">
        <utcTime type="TIME">020707101845Z</utcTime>
      </notAfter>
    </validity>
    <subject type="CHOICE">
      <rdnSequence type="SEQUENCE OF">
        <unnamed1 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 6</type>
            <value type="ANY">
              <X520countryName>GR</X520countryName>
            </value>
          </unnamed1>
        </unnamed1>
        <unnamed2 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 8</type>
            <value type="ANY">
              <X520StateOrProvinceName>Attiki</X520StateOrProvinceName>
            </value>
          </unnamed1>
        </unnamed2>
        <unnamed3 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 7</type>
            <value type="ANY">
              <X520LocalityName>Athina</X520LocalityName>
            </value>
          </unnamed1>
        </unnamed3>
        <unnamed4 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 10</type>
            <value type="ANY">
              <X520OrganizationName>GNUTLS</X520OrganizationName>
            </value>
          </unnamed1>
        </unnamed4>
        <unnamed5 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 11</type>
            <value type="ANY">
              <X520OrganizationalUnitName>GNUTLS dev.</X520OrganizationalUnitName>
            </value>
          </unnamed1>
        </unnamed5>
        <unnamed6 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">2 5 4 3</type>
            <value type="ANY">
              <X520CommonName>localhost</X520CommonName>
            </value>
          </unnamed1>
        </unnamed6>
        <unnamed7 type="SET OF">
          <unnamed1 type="SEQUENCE">
            <type type="OBJECT ID">1 2 840 113549 1 9 1</type>
            <value type="ANY">
              <Pkcs9email>root@localhost</Pkcs9email>
            </value>
          </unnamed1>
        </unnamed7>
      </rdnSequence>
    </subject>
    <subjectPublicKeyInfo type="SEQUENCE">
      <algorithm type="SEQUENCE">
        <algorithm type="OBJECT ID">1 2 840 113549 1 1 1</algorithm>
        <parameters type="ANY">
          <rsaEncryption encoding="HEX">0500</rsaEncryption>
        </parameters>
      </algorithm>
      <subjectPublicKey type="BIT STRING" encoding="HEX" length="1120">30818902818100D00B49EBB226D951F5CC57072199DDF287683D2DA1A0EFCC96BFF73164777C78C3991E92EDA66584E7B97BAB4BE68D595D225557E01E7E57B5C35C04B491948C5C427AD588D8C6989764996D6D44E17B65CCFC86F3B4842DE559B730C1DE3AEF1CE1A328AFF8A357EBA911E1F7E8FC1598E21E4BF721748C587F50CF46157D950203010001</subjectPublicKey>
    </subjectPublicKeyInfo>
    <extensions type="SEQUENCE OF">
      <unnamed1 type="SEQUENCE">
        <extnID type="OBJECT ID">2 5 29 35</extnID>
        <critical type="BOOLEAN">FALSE</critical>
        <extnValue type="OCTET STRING" encoding="HEX">30168014EFEE94ABC8CA577F5313DB76DC1A950093BAF3C9</extnValue>
      </unnamed1>
      <unnamed2 type="SEQUENCE">
        <extnID type="OBJECT ID">2 5 29 37</extnID>
        <critical type="BOOLEAN">FALSE</critical>
        <extnValue type="OCTET STRING" encoding="HEX">302B06082B0601050507030106082B06010505070302060A2B0601040182370A030306096086480186F8420401</extnValue>
      </unnamed2>
      <unnamed3 type="SEQUENCE">
        <extnID type="OBJECT ID">2 5 29 19</extnID>
        <critical type="BOOLEAN">TRUE</critical>
        <extnValue type="OCTET STRING" encoding="HEX">3000</extnValue>
      </unnamed3>
    </extensions>
  </tbsCertificate>
  <signatureAlgorithm type="SEQUENCE">
    <algorithm type="OBJECT ID">1 2 840 113549 1 1 4</algorithm>
    <parameters type="ANY">
      <md5WithRSAEncryption encoding="HEX">0500</md5WithRSAEncryption>
    </parameters>
  </signatureAlgorithm>
  <signature type="BIT STRING" encoding="HEX" length="1024">B73945273AF2A395EC54BF5DC669D953885A9D811A3B92909D24792D36A44EC27E1C463AF8738BEFD29B311CCE8C6D9661BEC30911DAABB39B8813382B32D2E259581EBCD26C495C083984763966FF35D1DEFE432891E610C85072578DA7423244A8F5997B41A1F44E61F4F22C94375775055A5E72F25D5E4557467A91BD4251</signature>
</certificate>



--82I3+IH0IqGh5yIs--