<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html lang="en">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<title>
GitLab
</title>



<style>img {
max-width: 100%; height: auto;
}
</style>
</head>
<body>
<div class="content">
<p class="details" style="font-style: italic; color: #777;">
<a href="https://gitlab.com/Vrancken">Tom</a>
commented on a discussion
on <a href="https://gitlab.com/gnutls/gnutls/merge_requests/650#note_101688278">lib/pcert.c</a>:
</p>
<table>
<tr class="line_holder" id="">
<td class="diff-line-num old_line" data-linenumber="413" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
413
</td>
<td class="diff-line-num new_line" data-linenumber="552" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
552
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC552" class="line" lang="c"></span>
</pre>
</td>
</tr>
<tr class="line_holder" id="">
<td class="diff-line-num old_line" data-linenumber="414" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
414
</td>
<td class="diff-line-num new_line" data-linenumber="553" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
553
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC553" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;">/* Converts the first certificate for the cert_auth_info structure</span></span>
</pre>
</td>
</tr>
<tr class="line_holder" id="">
<td class="diff-line-num old_line" data-linenumber="415" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
415
</td>
<td class="diff-line-num new_line" data-linenumber="554" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
554
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC554" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> * to a pcert.</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="555" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
555
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC555" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> *</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="556" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
556
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC556" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> * REMARK 1: why limit ourselves to only be able to convert the first cert in the chain?</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="557" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
557
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC557" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> * REMARK 2: there is a lot of conversion between a raw cert / cert chain (gnutls_datum_t)</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="558" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
558
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC558" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> *   and gnutls_pcert_st going on (e.g. cert_auth_info to pcert). There is also quite some</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="559" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
559
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC559" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> *   overlap in data between these two types. The difference is that pcert holds only 1 cert</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="560" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
560
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC560" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> *   and cert_auth_info has the entire chain. During cert reception (in e.g. _gnutls_proc_x509_server_crt)</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="561" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
561
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC561" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> *   we also convert from raw to pcert. First we call gnutls_pcert_import_x509_raw to get a list with pcerts.</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="562" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
562
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC562" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> *   Then we call check_pk_compat to do some checks. Finally we call _gnutls_pcert_to_auth_info to save all</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="563" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
563
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC563" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> *   certs as raw again (we retrieve only the raw data from the pcert). Later on e.g. in</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="564" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
564
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC564" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> *   _gnutls_proc_dhe_signature() we need a pcert again and convert back via our function below.</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="565" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
565
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC565" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> *   Why not internally store all certs / cert chains as pcerts? That migth save some conversion</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="diff-line-num new old_line" data-linenumber="416" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="566" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
566
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC566" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> *   work and simplifies things.</span></span>
</pre>
</td>
</tr>

</table>
<div>
<p dir="auto">I will look into it and, if possible, propose a solution via a different patch.</p>
</div>


</div>
<div class="footer" style="margin-top: 10px;">
<p style="font-size: small; color: #777;">
—
<br>
Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/merge_requests/650#note_101688278">view it on GitLab</a>.
<br>
You're receiving this email because of your account on gitlab.com.
If you'd like to receive fewer emails, you can
<a href="https://gitlab.com/sent_notifications/50af99dc61c1f9e30f7978d3256feaca/unsubscribe">unsubscribe</a>
from this thread or
adjust your notification settings.
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Merge request","url":"https://gitlab.com/gnutls/gnutls/merge_requests/650#note_101688278"}}</script>
</p>
</div>
</body>
</html>