Add option to use semicolon for subject and issuer

[hrbrmstr]

it's somewhat problematic to split issuer and subject as <comma><space> seems to be "a thing" now in the values for the individual fields. XN_FLAG_SEP_SPLUS_SPC & ~ASN1_STRFLGS_ESC_MSB would help compensate for that since semicolons are far less frequent as are <semicolon><space> instances.

Proposal (I can PR this) is to add a SEXP semicolon (or whatever you'd like the flag to be) toggle in R_cert_info that would note to use XN_FLAG_SEP_SPLUS_SPC & ~ASN1_STRFLGS_ESC_MSB vs XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB. Multiline wld be even better but I saw the comment abt it being problematic.

That would then require something like adding semicolon = getOption("OPENSSL_SEP_SEMICOLON", default = FALSE) to the unexported cert_info() function since it's not exported and only called internally.

Cld use an env var vs option. Cld also expose the function and formalize the param.

I've got ^^ ready in a PR but can change it to support whatever the desired approach is.

[jeroen]

Can we just make the default XN_FLAG_SEP_SPLUS_SPC? Or does that also have downsides? I'm not a fan of introducing global options if we can find a better default, or at most make it an argument of as.list().

Do you have an example of a cert that has this problem so that I can test it?

[jeroen]

I vaguely remember that the multiline format was messing up non ascii certs. The manual page says this:

Although there are a large number of possible flags for most purposes XN_FLAG_ONELINE, XN_FLAG_MULTILINE or XN_FLAG_RFC2253 will suffice. As noted on the ASN1_STRING_print_ex(3) manual page for UTF8 terminals the ASN1_STRFLGS_ESC_MSB should be unset:

[hrbrmstr]

I'll run some tests on the "ugh" certs with that change this week (I can upload those as well). I def grok/sympathize with not wanting to use options. I more suggested it to avoid breaking anyone's existing code if they're doing something similar.

(Re: the second comment) Aye. Def know that reference. And, it's unfortunate that causes issues b/c it's a handy quick fix to avoid pulling out those fields manually in C code (which is the super ugly option).

On Jul 15, 2019, at 6:24 PM, Jeroen Ooms notifications@github.com wrote:

Can we just make the default XN_FLAG_SEP_SPLUS_SPC? Or does that also have downsides? I'm not a fan of introducing global options if we can find a better default.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.

[jeroen]

There are too many formatting flags to expose them one by one. Given that you are the only person that will use this, I exposed this in the simplest possible way to just pass the integer with the format flag.

So you'll probably want some combination of these values:

# define XN_FLAG_SEP_COMMA_PLUS  (1 << 16)/* RFC2253 ,+ */
# define XN_FLAG_SEP_CPLUS_SPC   (2 << 16)/* ,+ spaced: more readable */
# define XN_FLAG_SEP_SPLUS_SPC   (3 << 16)/* ;+ spaced */
# define XN_FLAG_SEP_MULTILINE   (4 << 16)/* One line per field */

# define XN_FLAG_DN_REV          (1 << 20)/* Reverse DN order */

/* How the field name is shown */

# define XN_FLAG_FN_MASK         (0x3 << 21)

# define XN_FLAG_FN_SN           0/* Object short name */
# define XN_FLAG_FN_LN           (1 << 21)/* Object long name */
# define XN_FLAG_FN_OID          (2 << 21)/* Always use OIDs */
# define XN_FLAG_FN_NONE         (3 << 21)/* No field names */

# define XN_FLAG_SPC_EQ          (1 << 23)/* Put spaces round '=' */

/*
 * This determines if we dump fields we don't recognise: RFC2253 requires
 * this.
 */

# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)

# define XN_FLAG_FN_ALIGN        (1 << 25)/* Align field names to 20
                                           * characters */

/* Complete set of RFC2253 flags */

# define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
                        XN_FLAG_SEP_COMMA_PLUS | \
                        XN_FLAG_DN_REV | \
                        XN_FLAG_FN_SN | \
                        XN_FLAG_DUMP_UNKNOWN_FIELDS)

/* readable oneline form */

# define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
                        ASN1_STRFLGS_ESC_QUOTE | \
                        XN_FLAG_SEP_CPLUS_SPC | \
                        XN_FLAG_SPC_EQ | \
                        XN_FLAG_FN_SN)

# define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
                        ASN1_STRFLGS_ESC_MSB | \
                        XN_FLAG_SEP_MULTILINE | \
                        XN_FLAG_SPC_EQ | \
                        XN_FLAG_FN_LN | \
                        XN_FLAG_FN_ALIGN)

[jeroen]

This is on CRAN now.