From 393be5b03a21be4eb518dfb907e18192d0177d3d Mon Sep 17 00:00:00 2001
From: Herman Slatman <hermanslatman@hotmail.com>
Date: Fri, 19 Feb 2021 12:06:24 +0100
Subject: [PATCH] Add number of certs to return and fix CR LF in CACaps

---
 scep/api/api.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/scep/api/api.go b/scep/api/api.go
index 7ac80cdb..5a4cb5b2 100644
--- a/scep/api/api.go
+++ b/scep/api/api.go
@@ -222,6 +222,7 @@ func (h *Handler) GetCACert(w http.ResponseWriter, r *http.Request, scepResponse
 		scepResponse.CACertNum = 1
 	} else {
 		data, err := microscep.DegenerateCertificates(certs)
+		scepResponse.CACertNum = len(certs)
 		scepResponse.Data = data
 		scepResponse.Err = err
 	}
@@ -335,7 +336,7 @@ func createKeyIdentifier(pub crypto.PublicKey) ([]byte, error) {
 }
 
 func formatCapabilities(caps []string) []byte {
-	return []byte(strings.Join(caps, "\n"))
+	return []byte(strings.Join(caps, "\r\n"))
 }
 
 // writeSCEPResponse writes a SCEP response back to the SCEP client.
@@ -350,7 +351,7 @@ func writeSCEPResponse(w http.ResponseWriter, response SCEPResponse) error {
 }
 
 var (
-	// TODO: check the default capabilities
+	// TODO: check the default capabilities; https://tools.ietf.org/html/rfc8894#section-3.5.2
 	defaultCapabilities = []string{
 		"Renewal",
 		"SHA-1",